@@ -1452,6 +1452,12 @@ static int hostapd_ctrl_iface_get(struct hostapd_data *hapd, char *cmd,
if (os_snprintf_error(buflen, res))
return -1;
return res;
+ } else if (os_strcmp(cmd, "drv_flags") == 0) {
+ res = os_snprintf(buf, buflen, "%016lx",
+ hapd->iface->drv_flags);
+ if (os_snprintf_error(buflen, res))
+ return -1;
+ return res;
}
return -1;
@@ -527,7 +527,7 @@ def add_ap(apdev, params, wait_enabled=True, no_enable=False, timeout=30,
raise Exception("Could not ping hostapd")
hapd.set_defaults()
fields = ["ssid", "wpa_passphrase", "nas_identifier", "wpa_key_mgmt",
- "wpa",
+ "wpa", "wpa_extended_key_id",
"wpa_pairwise", "rsn_pairwise", "auth_server_addr",
"acct_server_addr", "osu_server_uri"]
for field in fields:
@@ -610,7 +610,7 @@ def terminate(apdev):
hapd_global = HostapdGlobal(apdev)
hapd_global.terminate()
-def wpa2_params(ssid=None, passphrase=None):
+def wpa2_params(ssid=None, passphrase=None, wpa_extended_key_id=None):
params = {"wpa": "2",
"wpa_key_mgmt": "WPA-PSK",
"rsn_pairwise": "CCMP"}
@@ -618,6 +618,8 @@ def wpa2_params(ssid=None, passphrase=None):
params["ssid"] = ssid
if passphrase:
params["wpa_passphrase"] = passphrase
+ if wpa_extended_key_id:
+ params["wpa_extended_key_id"] = wpa_extended_key_id
return params
def wpa_params(ssid=None, passphrase=None):
@@ -203,15 +203,52 @@ def _test_ap_wpa2_psk_mem(dev, apdev):
@remote_compatible
def test_ap_wpa2_ptk_rekey(dev, apdev):
- """WPA2-PSK AP and PTK rekey enforced by station"""
+ """WPA2-PSK AP and PTK rekey enforced by station without Extended Key ID"""
+ ssid = "test-wpa2-psk"
+ passphrase = 'qwertyuiop'
+ params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase,
+ wpa_extended_key_id="0")
+ hapd = hostapd.add_ap(apdev[0], params)
+ dev[0].connect(ssid, psk=passphrase, wpa_ptk_rekey="1", scan_freq="2412",
+ wpa_extended_key_id="0")
+ ev = dev[0].wait_event(["WPA: Key negotiation completed"])
+ if ev is None:
+ raise Exception("PTK rekey timed out")
+ hwsim_utils.test_connectivity(dev[0], hapd)
+
+def test_ap_wpa2_ptk_rekey_extended(dev, apdev):
+ """WPA2-PSK AP and PTK rekey enforced by station with Extended Key ID"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
hapd = hostapd.add_ap(apdev[0], params)
+ if not int(hapd.request("GET drv_flags"), 16) & 0x0400000000000000:
+ raise HwsimSkip("No Extended Key ID support in kernel")
+
+ dev[0].connect(ssid, psk=passphrase, wpa_ptk_rekey="1", scan_freq="2412",
+ wpa_extended_key_id="0")
+ ev = dev[0].wait_event(["WPA: Key negotiation completed"])
+ if ev is None:
+ raise Exception("PTK rekey timed out (STA without Extended Key ID)")
+ hwsim_utils.test_connectivity(dev[0], hapd)
+
dev[0].connect(ssid, psk=passphrase, wpa_ptk_rekey="1", scan_freq="2412")
ev = dev[0].wait_event(["WPA: Key negotiation completed"])
if ev is None:
- raise Exception("PTK rekey timed out")
+ raise Exception("PTK rekey timed out (STA with Extended Key ID)")
+ hwsim_utils.test_connectivity(dev[0], hapd)
+ ev = dev[0].wait_event(["WPA: Key negotiation completed"])
+ if ev is None:
+ raise Exception("PTK rekey timed out 2 (STA with Extended Key ID)")
+ hwsim_utils.test_connectivity(dev[0], hapd)
+
+ params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase,
+ wpa_extended_key_id="0")
+ hapd = hostapd.add_ap(apdev[0], params)
+ dev[0].connect(ssid, psk=passphrase, wpa_ptk_rekey="1", scan_freq="2412")
+ ev = dev[0].wait_event(["WPA: Key negotiation completed"])
+ if ev is None:
+ raise Exception("PTK rekey timed out (AP without Extended Key ID")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_wpa2_ptk_rekey_anonce(dev, apdev):
@@ -1084,7 +1084,8 @@ class WpaSupplicant:
"dpp_netaccesskey", "dpp_netaccesskey_expiry",
"group_mgmt", "owe_group",
"roaming_consortium_selection", "ocv",
- "multi_ap_backhaul_sta", "rx_stbc", "tx_stbc"]
+ "multi_ap_backhaul_sta", "rx_stbc", "tx_stbc",
+ "wpa_extended_key_id"]
for field in not_quoted:
if field in kwargs and kwargs[field]:
self.set_network(id, field, kwargs[field])
To verify interoperability of Extended Key ID test_ap_wpa2_ptk_rekey has been modified and supplemented by test_ap_wpa2_ptk_rekey_extended. Extended Key ID support affects all wpa2 tests. When supported it will be used as default for all tests using wpa2 (RSN). This also adds a new GET call for tests, allowing access to the driver flags and verify driver capabilities. Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de> --- Differences compared to v1: - Fixed one too long line. hostapd/ctrl_iface.c | 6 ++++++ tests/hwsim/hostapd.py | 6 ++++-- tests/hwsim/test_ap_psk.py | 41 ++++++++++++++++++++++++++++++++++-- tests/hwsim/wpasupplicant.py | 3 ++- 4 files changed, 51 insertions(+), 5 deletions(-)