# This software may be distributed under the terms of the BSD license.
# See README for more details.
+from remotehost import remote_compatible
import base64
import binascii
import struct
import time
-import subprocess
import logging
logger = logging.getLogger()
import os
import subprocess
import hostapd
-from utils import HwsimSkip, skip_with_fips
+from utils import HwsimSkip, skip_with_fips, alloc_fail, wait_fail_trigger
import hwsim_utils
from tshark import run_tshark
from wlantest import Wlantest
ev = dev.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
timeout=15)
if ev is None:
- raise Exception("Network selection timed out");
+ raise Exception("Network selection timed out")
if no_match:
if "INTERWORKING-NO-MATCH" not in ev:
raise Exception("Unexpected network match")
ev = dev.wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
timeout=15)
if ev is None:
- raise Exception("Network selection timed out");
+ raise Exception("Network selection timed out")
if "INTERWORKING-NO-MATCH" in ev:
raise Exception("Matching network not found")
if bssid and bssid not in ev:
if res1['anqp_nai_realm'] == res2['anqp_nai_realm']:
raise Exception("ANQP results were not unshared")
+def test_ap_anqp_sharing_oom(dev, apdev):
+ """ANQP sharing within ESS and explicit unshare OOM"""
+ check_eap_capa(dev[0], "MSCHAPV2")
+ dev[0].flush_scan_cache()
+
+ bssid = apdev[0]['bssid']
+ params = hs20_ap_params()
+ params['hessid'] = bssid
+ hostapd.add_ap(apdev[0], params)
+
+ bssid2 = apdev[1]['bssid']
+ params = hs20_ap_params()
+ params['hessid'] = bssid
+ params['nai_realm'] = [ "0,example.com,13[5:6],21[2:4][5:7]" ]
+ hostapd.add_ap(apdev[1], params)
+
+ dev[0].hs20_enable()
+ id = dev[0].add_cred_values({ 'realm': "example.com", 'username': "test",
+ 'password': "secret",
+ 'domain': "example.com" })
+ dev[0].scan_for_bss(bssid, freq="2412")
+ dev[0].scan_for_bss(bssid2, freq="2412")
+ interworking_select(dev[0], None, "home", freq="2412")
+ dev[0].dump_monitor()
+
+ with alloc_fail(dev[0], 1, "wpa_bss_anqp_clone"):
+ dev[0].request("ANQP_GET " + bssid + " 263")
+ ev = dev[0].wait_event(["RX-ANQP"], timeout=5)
+ if ev is None:
+ raise Exception("ANQP operation timed out")
+
def test_ap_nai_home_realm_query(dev, apdev):
"""NAI Home Realm Query"""
check_eap_capa(dev[0], "MSCHAPV2")
if "NAI Realm list" not in ev:
raise Exception("Missing NAI Realm list: " + ev)
+@remote_compatible
def test_ap_interworking_scan_filtering(dev, apdev):
"""Interworking scan filtering with HESSID and access network type"""
try:
ssid = "test-hs20-ap1"
params['ssid'] = ssid
params['hessid'] = bssid
- hostapd.add_ap(apdev[0], params)
+ hapd0 = hostapd.add_ap(apdev[0], params)
bssid2 = apdev[1]['bssid']
params = hs20_ap_params()
dev[0].hs20_enable()
+ Wlantest.setup(hapd0)
wt = Wlantest()
wt.flush()
'domain': "no.match.example.com" })
interworking_select(dev[0], bssid, "roaming", freq="2412")
- dev[0].set_cred_quoted(id, "realm", "no.match.example.com");
+ dev[0].set_cred_quoted(id, "realm", "no.match.example.com")
interworking_select(dev[0], bssid, no_match=True, freq="2412")
res = dev[0].request("SCAN_RESULTS")
dev.hs20_enable()
dev.add_cred_values({ 'imsi': "555444-333222111", 'eap': method,
'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123"})
- interworking_select(dev, "home", freq="2412")
+ interworking_select(dev, bssid, "home", freq="2412")
interworking_connect(dev, bssid, method)
check_sp_type(dev, "home")
if ev is None:
raise Exception("Timeout on already-connected event")
+def test_ap_hs20_sim_invalid(dev, apdev):
+ """Hotspot 2.0 with simulated SIM and EAP-SIM - invalid IMSI"""
+ hlr_auc_gw_available()
+ bssid = apdev[0]['bssid']
+ params = hs20_ap_params()
+ params['hessid'] = bssid
+ params['anqp_3gpp_cell_net'] = "555,444"
+ params['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
+ hostapd.add_ap(apdev[0], params)
+
+ dev[0].hs20_enable()
+ dev[0].add_cred_values({ 'imsi': "555444-3332221110", 'eap': "SIM",
+ 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123"})
+ # This hits "No valid IMSI available" in build_root_nai()
+ interworking_select(dev[0], bssid, freq="2412")
+
+def test_ap_hs20_sim_oom(dev, apdev):
+ """Hotspot 2.0 with simulated SIM and EAP-SIM - OOM"""
+ hlr_auc_gw_available()
+ bssid = apdev[0]['bssid']
+ params = hs20_ap_params()
+ params['hessid'] = bssid
+ params['anqp_3gpp_cell_net'] = "555,444"
+ params['domain_name'] = "wlan.mnc444.mcc555.3gppnetwork.org"
+ hostapd.add_ap(apdev[0], params)
+
+ dev[0].hs20_enable()
+ dev[0].add_cred_values({ 'imsi': "555444-333222111", 'eap': "SIM",
+ 'milenage': "5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123"})
+ dev[0].scan_for_bss(bssid, freq=2412)
+ interworking_select(dev[0], bssid, freq="2412")
+
+ with alloc_fail(dev[0], 1, "wpa_config_add_network;interworking_connect_3gpp"):
+ dev[0].request("INTERWORKING_CONNECT " + bssid)
+ wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
+
+ with alloc_fail(dev[0], 1, "=interworking_connect_3gpp"):
+ dev[0].request("INTERWORKING_CONNECT " + bssid)
+ wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
+
def test_ap_hs20_aka(dev, apdev):
"""Hotspot 2.0 with simulated USIM and EAP-AKA"""
hlr_auc_gw_available()
try:
dev[0].request("SET external_sim 1")
dev[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
- interworking_select(dev[0], "home", freq="2412")
+ interworking_select(dev[0], bssid, "home", freq="2412")
interworking_ext_sim_connect(dev[0], bssid, "SIM")
check_sp_type(dev[0], "home")
finally:
try:
dev[0].request("SET external_sim 1")
dev[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM" })
- interworking_select(dev[0], "roaming", freq="2412")
+ interworking_select(dev[0], bssid, "roaming", freq="2412")
interworking_ext_sim_connect(dev[0], bssid, "SIM")
check_sp_type(dev[0], "roaming")
finally:
if status['hs20'] != "2":
raise Exception("Unexpected HS 2.0 support indication")
+@remote_compatible
def test_ap_hs20_auto_interworking_no_match(dev, apdev):
"""Hotspot 2.0 connection with auto_interworking=1 and no matching network"""
hapd = hostapd.add_ap(apdev[0], { "ssid": "mismatch" })
dev[0].dump_monitor()
dev[0].request("DISCONNECT")
+@remote_compatible
def test_ap_hs20_auto_interworking_no_cred_match(dev, apdev):
"""Hotspot 2.0 connection with auto_interworking=1 but no cred match"""
bssid = apdev[0]['bssid']
interworking_select(dev, bssid, freq="2412")
interworking_connect(dev, bssid, method)
+@remote_compatible
def test_ap_hs20_eap_unknown(dev, apdev):
"""Hotspot 2.0 connection with unknown EAP method"""
bssid = apdev[0]['bssid']
"""Hotspot 2.0 connection with PEAP/GTC"""
eap_test(dev[0], apdev[0], "25[3:6]", "PEAP", "user")
+@remote_compatible
def test_ap_hs20_eap_peap_unknown(dev, apdev):
"""Hotspot 2.0 connection with PEAP/unknown"""
bssid = apdev[0]['bssid']
check_eap_capa(dev[0], "MSCHAPV2")
eap_test(dev[0], apdev[0], "21[3:26][6:7][99:99]", "TTLS", "user")
+@remote_compatible
def test_ap_hs20_eap_ttls_eap_unknown(dev, apdev):
"""Hotspot 2.0 connection with TTLS/EAP-unknown"""
bssid = apdev[0]['bssid']
dev[0].add_cred_values(default_cred())
interworking_select(dev[0], None, no_match=True, freq="2412")
+@remote_compatible
def test_ap_hs20_eap_ttls_eap_unsupported(dev, apdev):
"""Hotspot 2.0 connection with TTLS/EAP-OTP(unsupported)"""
bssid = apdev[0]['bssid']
dev[0].add_cred_values(default_cred())
interworking_select(dev[0], None, no_match=True, freq="2412")
+@remote_compatible
def test_ap_hs20_eap_ttls_unknown(dev, apdev):
"""Hotspot 2.0 connection with TTLS/unknown"""
bssid = apdev[0]['bssid']
interworking_select(dev[0], bssid, freq="2412")
interworking_connect(dev[0], bssid, "TLS")
+@remote_compatible
def test_ap_hs20_eap_cert_unknown(dev, apdev):
"""Hotspot 2.0 connection with certificate, but unknown EAP method"""
bssid = apdev[0]['bssid']
'private_key': "auth_serv/user.key"})
interworking_select(dev[0], None, no_match=True, freq="2412")
+@remote_compatible
def test_ap_hs20_eap_cert_unsupported(dev, apdev):
"""Hotspot 2.0 connection with certificate, but unsupported TTLS"""
bssid = apdev[0]['bssid']
'private_key': "auth_serv/user.key"})
interworking_select(dev[0], None, no_match=True, freq="2412")
+@remote_compatible
def test_ap_hs20_eap_invalid_cred(dev, apdev):
"""Hotspot 2.0 connection with invalid cred configuration"""
bssid = apdev[0]['bssid']
if conn_bssid != bssid2:
raise Exception("Connected to incorrect BSS")
+def test_ap_hs20_multi_cred_sp_prio_same(dev, apdev):
+ """Hotspot 2.0 multi-cred and same sp_priority"""
+ check_eap_capa(dev[0], "MSCHAPV2")
+ hlr_auc_gw_available()
+ bssid = apdev[0]['bssid']
+ params = hs20_ap_params()
+ params['hessid'] = bssid
+ del params['domain_name']
+ params['anqp_3gpp_cell_net'] = "232,01"
+ hostapd.add_ap(apdev[0], params)
+
+ dev[0].hs20_enable()
+ dev[0].scan_for_bss(bssid, freq="2412")
+ id1 = dev[0].add_cred_values({ 'realm': "example.com",
+ 'ca_cert': "auth_serv/ca.pem",
+ 'username': "hs20-test",
+ 'password': "password",
+ 'domain': "domain1.example.com",
+ 'provisioning_sp': "example.com",
+ 'sp_priority': "1" })
+ id2 = dev[0].add_cred_values({ 'realm': "example.com",
+ 'ca_cert': "auth_serv/ca.pem",
+ 'username': "hs20-test",
+ 'password': "password",
+ 'domain': "domain2.example.com",
+ 'provisioning_sp': "example.com",
+ 'sp_priority': "1" })
+ dev[0].dump_monitor()
+ dev[0].scan_for_bss(bssid, freq="2412")
+ check_auto_select(dev[0], bssid)
+
def check_conn_capab_selection(dev, type, missing):
dev.request("INTERWORKING_SELECT freq=2412")
ev = dev.wait_event(["INTERWORKING-AP"])
if ev is None:
- raise Exception("Network selection timed out");
+ raise Exception("Network selection timed out")
if "type=" + type not in ev:
raise Exception("Unexpected network type")
if missing and "conn_capab_missing=1" not in ev:
for i in range(0, 2):
ev = dev[0].wait_event(["INTERWORKING-AP"])
if ev is None:
- raise Exception("Network selection timed out");
+ raise Exception("Network selection timed out")
if bssid in ev and "conn_capab_missing=1" not in ev:
raise Exception("Missing protocol connection capability not reported")
if bssid2 in ev and "conn_capab_missing=1" in ev:
dev.request("INTERWORKING_SELECT freq=2412")
ev = dev.wait_event(["INTERWORKING-AP"])
if ev is None:
- raise Exception("Network selection timed out");
+ raise Exception("Network selection timed out")
logger.debug("BSS entries:\n" + dev.request("BSS RANGE=ALL"))
if "type=" + type not in ev:
raise Exception("Unexpected network type")
ev = dev[0].wait_event(["INTERWORKING-AP", "INTERWORKING-NO-MATCH"],
timeout=15)
if ev is None:
- raise Exception("Network selection timed out");
+ raise Exception("Network selection timed out")
dev[0].dump_monitor()
if "OK" not in dev[0].request("FETCH_OSU"):
if ev is None:
raise Exception("Network selection timed out")
dev[0].dump_monitor()
+
+def test_ap_hs20_cred_with_nai_realm(dev, apdev):
+ """Hotspot 2.0 network selection and cred_with_nai_realm cred->realm"""
+ bssid = apdev[0]['bssid']
+ params = hs20_ap_params()
+ params['hessid'] = bssid
+ hostapd.add_ap(apdev[0], params)
+
+ dev[0].hs20_enable()
+
+ id = dev[0].add_cred_values({ 'realm': "example.com",
+ 'username': "test",
+ 'password': "secret",
+ 'domain': "example.com",
+ 'eap': 'TTLS' })
+ interworking_select(dev[0], bssid, "home", freq=2412)
+ dev[0].remove_cred(id)
+
+ id = dev[0].add_cred_values({ 'realm': "foo.com",
+ 'username': "test",
+ 'password': "secret",
+ 'domain': "example.com",
+ 'roaming_consortium': "112234",
+ 'eap': 'TTLS' })
+ interworking_select(dev[0], bssid, "home", freq=2412, no_match=True)
+ dev[0].remove_cred(id)
+
+def test_ap_hs20_cred_and_no_roaming_consortium(dev, apdev):
+ """Hotspot 2.0 network selection and no roaming consortium"""
+ bssid = apdev[0]['bssid']
+ params = hs20_ap_params()
+ params['hessid'] = bssid
+ del params['roaming_consortium']
+ hostapd.add_ap(apdev[0], params)
+
+ dev[0].hs20_enable()
+
+ id = dev[0].add_cred_values({ 'realm': "example.com",
+ 'username': "test",
+ 'password': "secret",
+ 'domain': "example.com",
+ 'roaming_consortium': "112234",
+ 'eap': 'TTLS' })
+ interworking_select(dev[0], bssid, "home", freq=2412, no_match=True)
+
+def test_ap_hs20_interworking_oom(dev, apdev):
+ """Hotspot 2.0 network selection and OOM"""
+ bssid = apdev[0]['bssid']
+ params = hs20_ap_params()
+ params['hessid'] = bssid
+ params['nai_realm'] = [ "0,no.match.here;example.com;no.match.here.either,21[2:1][5:7]",
+ "0,example.com,13[5:6],21[2:4][5:7]",
+ "0,another.example.com" ]
+ hostapd.add_ap(apdev[0], params)
+
+ dev[0].hs20_enable()
+
+ id = dev[0].add_cred_values({ 'realm': "example.com",
+ 'username': "test",
+ 'password': "secret",
+ 'domain': "example.com",
+ 'eap': 'TTLS' })
+
+ dev[0].scan_for_bss(bssid, freq="2412")
+
+ funcs = [ "wpabuf_alloc;interworking_anqp_send_req",
+ "anqp_build_req;interworking_anqp_send_req",
+ "gas_query_req;interworking_anqp_send_req",
+ "dup_binstr;nai_realm_parse_realm",
+ "=nai_realm_parse_realm",
+ "=nai_realm_parse",
+ "=nai_realm_match" ]
+ for func in funcs:
+ with alloc_fail(dev[0], 1, func):
+ dev[0].request("INTERWORKING_SELECT auto freq=2412")
+ ev = dev[0].wait_event(["Starting ANQP"], timeout=5)
+ if ev is None:
+ raise Exception("ANQP did not start")
+ wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
projects / mech_eap.git / blobdiff