verify_not_present(buf, gtk, fname, "GTK")
verify_not_present(buf, msk, fname, "MSK")
verify_not_present(buf, emsk, fname, "EMSK")
+
+def test_ap_wpa2_eap_unexpected_wep_eapol_key(dev, apdev):
+ """WPA2-Enterprise connection and unexpected WEP EAPOL-Key"""
+ params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
+ hapd = hostapd.add_ap(apdev[0]['ifname'], params)
+ bssid = apdev[0]['bssid']
+ eap_connect(dev[0], apdev[0], "TTLS", "pap user",
+ anonymous_identity="ttls", password="password",
+ ca_cert="auth_serv/ca.pem", phase2="auth=PAP")
+
+ # Send unexpected WEP EAPOL-Key; this gets dropped
+ res = dev[0].request("EAPOL_RX " + bssid + " 0203002c0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
+ if "OK" not in res:
+ raise Exception("EAPOL_RX to wpa_supplicant failed")
wpas.dump_monitor()
wpas.request("REASSOCIATE")
wpas.wait_connected(timeout=30)
+
+def test_ap_wps_eapol_workaround(dev, apdev):
+ """EAPOL workaround code path for 802.1X header length mismatch"""
+ ssid = "test-wps"
+ hostapd.add_ap(apdev[0]['ifname'],
+ { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
+ hapd = hostapd.Hostapd(apdev[0]['ifname'])
+ bssid = apdev[0]['bssid']
+ hapd.request("SET ext_eapol_frame_io 1")
+ dev[0].request("SET ext_eapol_frame_io 1")
+ hapd.request("WPS_PBC")
+ dev[0].request("WPS_PBC")
+
+ ev = hapd.wait_event(["EAPOL-TX"], timeout=15)
+ if ev is None:
+ raise Exception("Timeout on EAPOL-TX from hostapd")
+
+ res = dev[0].request("EAPOL_RX " + bssid + " 020000040193000501FFFF")
+ if "OK" not in res:
+ raise Exception("EAPOL_RX to wpa_supplicant failed")
dev[0].connect("ieee8021x-wep", key_mgmt="IEEE8021X", eap="PSK",
identity="psk.user@example.com",
- password_hex="0123456789abcdef0123456789abcdef")
+ password_hex="0123456789abcdef0123456789abcdef",
+ scan_freq="2412")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ieee8021x_wep40(dev, apdev):
dev[0].connect("ieee8021x-wep", key_mgmt="IEEE8021X", eap="PSK",
identity="psk.user@example.com",
- password_hex="0123456789abcdef0123456789abcdef")
+ password_hex="0123456789abcdef0123456789abcdef",
+ scan_freq="2412")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ieee8021x_open(dev, apdev):
id = dev[0].connect("ieee8021x-open", key_mgmt="IEEE8021X", eapol_flags="0",
eap="PSK", identity="psk.user@example.com",
- password_hex="0123456789abcdef0123456789abcdef")
+ password_hex="0123456789abcdef0123456789abcdef",
+ scan_freq="2412")
hwsim_utils.test_connectivity(dev[0], hapd)
logger.info("Test EAPOL-Logoff")
dev[0].connect("ieee8021x-wep", key_mgmt="IEEE8021X", eap="PSK",
identity="psk.user@example.com",
password_hex="0123456789abcdef0123456789abcdef",
- wep_key0='"hello"', eapol_flags="0")
+ wep_key0='"hello"', eapol_flags="0",
+ scan_freq="2412")
hwsim_utils.test_connectivity(dev[0], hapd)
+
+def test_ieee8021x_proto(dev, apdev):
+ """IEEE 802.1X and EAPOL supplicant protocol testing"""
+ params = hostapd.radius_params()
+ params["ssid"] = "ieee8021x-open"
+ params["ieee8021x"] = "1"
+ hapd = hostapd.add_ap(apdev[0]['ifname'], params)
+ bssid = apdev[0]['bssid']
+
+ dev[1].request("SET ext_eapol_frame_io 1")
+ dev[1].connect("ieee8021x-open", key_mgmt="IEEE8021X", eapol_flags="0",
+ eap="PSK", identity="psk.user@example.com",
+ password_hex="0123456789abcdef0123456789abcdef",
+ scan_freq="2412", wait_connect=False)
+ id = dev[0].connect("ieee8021x-open", key_mgmt="IEEE8021X", eapol_flags="0",
+ eap="PSK", identity="psk.user@example.com",
+ password_hex="0123456789abcdef0123456789abcdef",
+ scan_freq="2412")
+ ev = dev[1].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout=5)
+
+ start = dev[0].get_mib()
+
+ tests = [ "11",
+ "11223344",
+ "020000050a93000501",
+ "020300050a93000501",
+ "0203002c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
+ "0203002c0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
+ "0203002c0100050000000000000000000000000000000000000000000000000000000000000000000000000000000000",
+ "02aa00050a93000501" ]
+ for frame in tests:
+ res = dev[0].request("EAPOL_RX " + bssid + " " + frame)
+ if "OK" not in res:
+ raise Exception("EAPOL_RX to wpa_supplicant failed")
+ dev[1].request("EAPOL_RX " + bssid + " " + frame)
+
+ stop = dev[0].get_mib()
+
+ logger.info("MIB before test frames: " + str(start))
+ logger.info("MIB after test frames: " + str(stop))
+
+ vals = [ 'dot1xSuppInvalidEapolFramesRx',
+ 'dot1xSuppEapLengthErrorFramesRx' ]
+ for val in vals:
+ if int(stop[val]) <= int(start[val]):
+ raise Exception(val + " did not increase")