[PATCH v2 12/33] test: FT-EAP with VLAN
M. Braun
michael-dev at fami-braun.de
Sat Sep 24 14:07:56 PDT 2016
From: Michael Braun <michael-dev at fami-braun.de>
time.sleep in run_roams is required because the target AP
sets the key once the station was associated. There are
races, when the station processes the (re)association
reply AND the test suite starts FT_DS before the AP
processes its local confirmation and thus
wpa_auth_sm_event(ASSOC_FT). Therefore, the ActionFrame
will be lost, as the AP driver is missing the key.
Since this is this speed is highly synthetic, wait a
few milli seconds before roaming back.
Signed-off-by: Michael Braun <michael-dev at fami-braun.de>
---
tests/hwsim/auth_serv/eap_user.conf | 5 +++
tests/hwsim/test_ap_ft.py | 88 ++++++++++++++++++++++++++++++++-----
2 files changed, 83 insertions(+), 10 deletions(-)
diff --git a/tests/hwsim/auth_serv/eap_user.conf b/tests/hwsim/auth_serv/eap_user.conf
index b85b9c5..2b8e935 100644
--- a/tests/hwsim/auth_serv/eap_user.conf
+++ b/tests/hwsim/auth_serv/eap_user.conf
@@ -60,6 +60,11 @@ radius_accept_attr=25:x:00112233445566778899
radius_accept_attr=89:s:gpsk-chargeable-user-identity
radius_accept_attr=25:x:00112233445566778899aa
+"gpsk-vlan1" GPSK "abcdefghijklmnop0123456789abcdef"
+radius_accept_attr=64:d:13
+radius_accept_attr=65:d:6
+radius_accept_attr=81:s:1
+
"gpsk-user-session-timeout" GPSK "abcdefghijklmnop0123456789abcdef"
radius_accept_attr=27:d:3
diff --git a/tests/hwsim/test_ap_ft.py b/tests/hwsim/test_ap_ft.py
index 5070f17..6dfb0e0 100644
--- a/tests/hwsim/test_ap_ft.py
+++ b/tests/hwsim/test_ap_ft.py
@@ -109,11 +109,12 @@ def ft_params2_r0kh_mismatch(rsn=True, ssid=None, passphrase=None):
def run_roams(dev, apdev, hapd0, hapd1, ssid, passphrase, over_ds=False,
sae=False, eap=False, fail_test=False, roams=1,
- pairwise_cipher="CCMP", group_cipher="TKIP CCMP", ptk_rekey="0"):
+ pairwise_cipher="CCMP", group_cipher="TKIP CCMP", ptk_rekey="0",
+ eap_identity="gpsk user", conndev=False):
logger.info("Connect to first AP")
if eap:
dev.connect(ssid, key_mgmt="FT-EAP", proto="WPA2", ieee80211w="1",
- eap="GPSK", identity="gpsk user",
+ eap="GPSK", identity=eap_identity,
password="abcdefghijklmnop0123456789abcdef",
scan_freq="2412",
pairwise=pairwise_cipher, group=group_cipher,
@@ -137,11 +138,16 @@ def run_roams(dev, apdev, hapd0, hapd1, ssid, passphrase, over_ds=False,
ap2 = apdev[0]
hapd1ap = hapd1
hapd2ap = hapd0
- hwsim_utils.test_connectivity(dev, hapd1ap)
+ if conndev:
+ hwsim_utils.test_connectivity_iface(dev, hapd1ap, conndev)
+ else:
+ hwsim_utils.test_connectivity(dev, hapd1ap)
dev.scan_for_bss(ap2['bssid'], freq="2412")
for i in range(0, roams):
+ # roaming artificially fast makes data test fail because key is setup later
+ time.sleep(0.01)
logger.info("Roam to the second AP")
if over_ds:
dev.roam_over_ds(ap2['bssid'], fail_test=fail_test)
@@ -152,8 +158,13 @@ def run_roams(dev, apdev, hapd0, hapd1, ssid, passphrase, over_ds=False,
if dev.get_status_field('bssid') != ap2['bssid']:
raise Exception("Did not connect to correct AP")
if i == 0 or i == roams - 1:
- hwsim_utils.test_connectivity(dev, hapd2ap)
+ if conndev:
+ hwsim_utils.test_connectivity_iface(dev, hapd2ap, conndev)
+ else:
+ hwsim_utils.test_connectivity(dev, hapd2ap)
+ # roaming artificially fast makes data test fail because key is setup later
+ time.sleep(0.01)
logger.info("Roam back to the first AP")
if over_ds:
dev.roam_over_ds(ap1['bssid'])
@@ -162,7 +173,10 @@ def run_roams(dev, apdev, hapd0, hapd1, ssid, passphrase, over_ds=False,
if dev.get_status_field('bssid') != ap1['bssid']:
raise Exception("Did not connect to correct AP")
if i == 0 or i == roams - 1:
- hwsim_utils.test_connectivity(dev, hapd1ap)
+ if conndev:
+ hwsim_utils.test_connectivity_iface(dev, hapd1ap, conndev)
+ else:
+ hwsim_utils.test_connectivity(dev, hapd1ap)
def test_ap_ft(dev, apdev):
"""WPA2-PSK-FT AP"""
@@ -443,14 +457,22 @@ def test_ap_ft_sae_over_ds(dev, apdev):
run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, sae=True,
over_ds=True)
-def generic_ap_ft_eap(dev, apdev, over_ds=False, discovery=False, roams=1):
+def generic_ap_ft_eap(dev, apdev, vlan=False, over_ds=False, discovery=False, roams=1):
ssid = "test-ft"
passphrase="12345678"
+ if vlan:
+ identity="gpsk-vlan1"
+ conndev="brvlan1"
+ else:
+ identity="gpsk user"
+ conndev=False
radius = hostapd.radius_params()
params = ft_params1(ssid=ssid, passphrase=passphrase, discovery=discovery)
params['wpa_key_mgmt'] = "FT-EAP"
params["ieee8021x"] = "1"
+ if vlan:
+ params["dynamic_vlan"] = "1"
params = dict(radius.items() + params.items())
hapd = hostapd.add_ap(apdev[0], params)
key_mgmt = hapd.get_config()['key_mgmt']
@@ -459,10 +481,12 @@ def generic_ap_ft_eap(dev, apdev, over_ds=False, discovery=False, roams=1):
params = ft_params2(ssid=ssid, passphrase=passphrase, discovery=discovery)
params['wpa_key_mgmt'] = "FT-EAP"
params["ieee8021x"] = "1"
+ if vlan:
+ params["dynamic_vlan"] = "1"
params = dict(radius.items() + params.items())
hapd1 = hostapd.add_ap(apdev[1], params)
- run_roams(dev[0], apdev, hapd, hapd1, ssid, passphrase, eap=True, over_ds=over_ds, roams=roams)
+ run_roams(dev[0], apdev, hapd, hapd1, ssid, passphrase, eap=True, eap_identity=identity, conndev=conndev, over_ds=over_ds, roams=roams)
if "[WPA2-FT/EAP-CCMP]" not in dev[0].request("SCAN_RESULTS"):
raise Exception("Scan results missing RSN element info")
check_mib(dev[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-3"),
@@ -481,12 +505,23 @@ def generic_ap_ft_eap(dev, apdev, over_ds=False, discovery=False, roams=1):
if ev is None:
raise Exception("EAP authentication did not succeed")
time.sleep(0.1)
- hwsim_utils.test_connectivity(dev[0], ap)
+ if conndev:
+ hwsim_utils.test_connectivity_iface(dev[0], ap, conndev)
+ else:
+ hwsim_utils.test_connectivity(dev[0], ap)
def test_ap_ft_eap(dev, apdev):
"""WPA2-EAP-FT AP"""
generic_ap_ft_eap(dev, apdev)
+def test_ap_ft_eap_vlan(dev, apdev):
+ """WPA2-EAP-FT AP w VLAN"""
+ generic_ap_ft_eap(dev, apdev, vlan=True)
+
+def test_ap_ft_eap_vlan_multi(dev, apdev):
+ """WPA2-EAP-FT AP w VLAN"""
+ generic_ap_ft_eap(dev, apdev, vlan=True, roams=50)
+
def test_ap_ft_eap_over_ds(dev, apdev):
"""WPA2-EAP-FT AP w over_ds"""
generic_ap_ft_eap(dev, apdev, over_ds=True)
@@ -499,16 +534,40 @@ def test_ap_ft_eap_dis_over_ds(dev, apdev):
"""WPA2-EAP-FT AP w discovery + over_ds"""
generic_ap_ft_eap(dev, apdev, over_ds=True, discovery=True)
-def test_ap_ft_eap_pull(dev, apdev):
+def test_ap_ft_eap_vlan(dev, apdev):
+ """WPA2-EAP-FT AP w VLAN"""
+ generic_ap_ft_eap(dev, apdev, vlan=True)
+
+def test_ap_ft_eap_vlan_multi(dev, apdev):
+ """WPA2-EAP-FT AP w VLAN"""
+ generic_ap_ft_eap(dev, apdev, vlan=True, roams=50)
+
+def test_ap_ft_eap_vlan_over_ds(dev, apdev):
+ """WPA2-EAP-FT AP w VLAN + over_ds"""
+ generic_ap_ft_eap(dev, apdev, vlan=True, over_ds=True)
+
+def test_ap_ft_eap_vlan_over_ds_multi(dev, apdev):
+ """WPA2-EAP-FT AP w VLAN + over_ds"""
+ generic_ap_ft_eap(dev, apdev, vlan=True, over_ds=True, roams=50)
+
+def generic_ap_ft_eap_pull(dev, apdev, vlan=False):
"""WPA2-EAP-FT AP (pull PMK)"""
ssid = "test-ft"
passphrase="12345678"
+ if vlan:
+ identity="gpsk-vlan1"
+ conndev="brvlan1"
+ else:
+ identity="gpsk user"
+ conndev=False
radius = hostapd.radius_params()
params = ft_params1(ssid=ssid, passphrase=passphrase)
params['wpa_key_mgmt'] = "FT-EAP"
params["ieee8021x"] = "1"
params["pmk_r1_push"] = "0"
+ if vlan:
+ params["dynamic_vlan"] = "1"
params = dict(radius.items() + params.items())
hapd = hostapd.add_ap(apdev[0], params)
key_mgmt = hapd.get_config()['key_mgmt']
@@ -518,10 +577,19 @@ def test_ap_ft_eap_pull(dev, apdev):
params['wpa_key_mgmt'] = "FT-EAP"
params["ieee8021x"] = "1"
params["pmk_r1_push"] = "0"
+ if vlan:
+ params["dynamic_vlan"] = "1"
params = dict(radius.items() + params.items())
hapd1 = hostapd.add_ap(apdev[1], params)
- run_roams(dev[0], apdev, hapd, hapd1, ssid, passphrase, eap=True)
+ run_roams(dev[0], apdev, hapd, hapd1, ssid, passphrase, eap=True, eap_identity=identity, conndev=conndev)
+
+def test_ap_ft_eap_pull(dev, apdev):
+ """WPA2-EAP-FT AP (pull PMK)"""
+ generic_ap_ft_eap_pull(dev, apdev)
+
+def test_ap_ft_eap_pull_vlan(dev, apdev):
+ generic_ap_ft_eap_pull(dev, apdev, vlan=True)
@remote_compatible
def test_ap_ft_mismatching_rrb_key_push(dev, apdev):
--
2.1.4
More information about the Hostap
mailing list