From patchwork Thu May 18 13:21:53 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: michael-dev X-Patchwork-Id: 763988 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3wTBjp4SWlz9s2P for ; Thu, 18 May 2017 23:24:30 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="OyiJD/uV"; dkim-atps=neutral DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:References: In-Reply-To:Message-Id:Date:Subject:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=zbYBIlgYmpEkbAabX2qJXaIieKPGi8bErq2O2ij3J7Q=; b=OyiJD/uV4Twuv2Cm9Qv3Iqhhxm /1CzYzIyEx6sThZcM28djEAjMF+R+deWi0epMg7bf6H/lHglSU4ZcswuRabSxEbeG3JCS4Gnq9PaB HMrfqsJLb48kJ2Jo+mukCxRp4crhLoBmNjzEm+hAxa69oMW8QXiRGjyjYuGzMTMZhjjkgCxvGj6xO 9voIgv9CE4NuzwJvIAE69wx0X70t0fAjGi77QmruIUZpecvEeE1B1ygrk5jwP7zt1KYT9RkfIapZZ Pz3Af8Yfk+IvBodxmNkMw5z+ziaOBQ5iU2RPXSSwwN5ZYfAmK/brvz8xtPtfh/VKWpYjFTl72uZj0 fHOcVxiA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1dBLPe-0003dW-Eb; Thu, 18 May 2017 13:24:18 +0000 Received: from mail.fem.tu-ilmenau.de ([141.24.220.54]) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1dBLPS-0003FP-1t for hostap@lists.infradead.org; Thu, 18 May 2017 13:24:10 +0000 Received: from localhost (localhost [127.0.0.1]) by mail.fem.tu-ilmenau.de (Postfix) with ESMTP id ACAE26864; Thu, 18 May 2017 15:23:42 +0200 (CEST) X-Virus-Scanned: amavisd-new at fem.tu-ilmenau.de Received: from mail.fem.tu-ilmenau.de ([127.0.0.1]) by localhost (mail.fem.tu-ilmenau.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8O1-3F4VF7Wt; Thu, 18 May 2017 15:23:40 +0200 (CEST) Received: from a234.fem.tu-ilmenau.de (ray-controller.net.fem.tu-ilmenau.de [10.42.51.234]) by mail.fem.tu-ilmenau.de (Postfix) with ESMTP; Thu, 18 May 2017 15:23:40 +0200 (CEST) Received: by a234.fem.tu-ilmenau.de (Postfix, from userid 1000) id 3C5C6306ACE0; Thu, 18 May 2017 15:22:03 +0200 (CEST) From: Michael Braun To: hostap@lists.infradead.org Subject: [PATCH 4/8] test: FT-PSK with VLAN Date: Thu, 18 May 2017 15:21:53 +0200 Message-Id: <1495113717-26860-5-git-send-email-michael-dev@fami-braun.de> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1495113717-26860-1-git-send-email-michael-dev@fami-braun.de> References: <1495113717-26860-1-git-send-email-michael-dev@fami-braun.de> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20170518_062406_590291_EAECAFCA X-CRM114-Status: UNSURE ( 7.28 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -4.2 (----) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (-4.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/, medium trust [141.24.220.54 listed in list.dnswl.org] -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: projekt-wlan@fem.tu-ilmenau.de, Michael Braun MIME-Version: 1.0 Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Michael Braun --- tests/hwsim/test_ap_ft.py | 163 ++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 150 insertions(+), 13 deletions(-) diff --git a/tests/hwsim/test_ap_ft.py b/tests/hwsim/test_ap_ft.py index 94282bb..783cfd0 100644 --- a/tests/hwsim/test_ap_ft.py +++ b/tests/hwsim/test_ap_ft.py @@ -125,24 +125,32 @@ def ft_params2_r0kh_mismatch(rsn=True, ssid=None, passphrase=None): def run_roams(dev, apdev, hapd0, hapd1, ssid, passphrase, over_ds=False, sae=False, eap=False, fail_test=False, roams=1, pairwise_cipher="CCMP", group_cipher="TKIP CCMP", ptk_rekey="0", - test_connectivity=True, eap_identity="gpsk user", conndev=False): + test_connectivity=True, eap_identity="gpsk user", conndev=False, + forceInitialConnectToFirstAP = False): logger.info("Connect to first AP") + + copts = {} + copts["proto"] = "WPA2" + copts["ieee80211w"] = "1" + copts["scan_freq"] = "2412" + copts["pairwise"] = pairwise_cipher + copts["group"] = group_cipher + copts["wpa_ptk_rekey"] = ptk_rekey if eap: - dev.connect(ssid, key_mgmt="FT-EAP", proto="WPA2", ieee80211w="1", - eap="GPSK", identity=eap_identity, - password="abcdefghijklmnop0123456789abcdef", - scan_freq="2412", - pairwise=pairwise_cipher, group=group_cipher, - wpa_ptk_rekey=ptk_rekey) + copts["key_mgmt"] = "FT-EAP" + copts["eap"] = "GPSK" + copts["identity"] = eap_identity + copts["password"] = "abcdefghijklmnop0123456789abcdef" else: if sae: - key_mgmt="FT-SAE" + copts["key_mgmt"] = "FT-SAE" else: - key_mgmt="FT-PSK" - dev.connect(ssid, psk=passphrase, key_mgmt=key_mgmt, proto="WPA2", - ieee80211w="1", scan_freq="2412", - pairwise=pairwise_cipher, group=group_cipher, - wpa_ptk_rekey=ptk_rekey) + copts["key_mgmt"] = "FT-PSK" + copts["psk"] = passphrase + if forceInitialConnectToFirstAP: + copts["bssid"] = apdev[0]['bssid'] + dev.connect(ssid, **copts) + if dev.get_status_field('bssid') == apdev[0]['bssid']: ap1 = apdev[0] ap2 = apdev[1] @@ -262,6 +270,65 @@ def test_ap_ft_local_key_gen(dev, apdev): if "[WPA2-FT/PSK-CCMP]" not in dev[0].request("SCAN_RESULTS"): raise Exception("Scan results missing RSN element info") +def test_ap_ft_vlan(dev, apdev): + """WPA2-PSK-FT AP w VLAN""" + ssid = "test-ft" + passphrase="12345678" + + params = ft_params1(ssid=ssid, passphrase=passphrase) + params['dynamic_vlan'] = "1"; + params['accept_mac_file'] = "hostapd.accept"; + hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) + + params = ft_params2(ssid=ssid, passphrase=passphrase) + params['dynamic_vlan'] = "1"; + params['accept_mac_file'] = "hostapd.accept"; + hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) + + run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, conndev="brvlan1") + if "[WPA2-FT/PSK-CCMP]" not in dev[0].request("SCAN_RESULTS"): + raise Exception("Scan results missing RSN element info") + +def test_ap_ft_vlan_disconnected(dev, apdev): + """WPA2-PSK-FT AP w VLAN""" + ssid = "test-ft" + passphrase="12345678" + + params = ft_params1a(ssid=ssid, passphrase=passphrase) + params['dynamic_vlan'] = "1"; + params['accept_mac_file'] = "hostapd.accept"; + params['ft_psk_generate_local'] = "1"; + hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) + + params = ft_params2a(ssid=ssid, passphrase=passphrase) + params['dynamic_vlan'] = "1"; + params['accept_mac_file'] = "hostapd.accept"; + params['ft_psk_generate_local'] = "1"; + hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) + + run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, conndev="brvlan1") + if "[WPA2-FT/PSK-CCMP]" not in dev[0].request("SCAN_RESULTS"): + raise Exception("Scan results missing RSN element info") + +def test_ap_ft_vlan_2(dev, apdev): + """WPA2-PSK-FT AP w VLAN and dest-AP does not have VLAN info locally""" + ssid = "test-ft" + passphrase="12345678" + + params = ft_params1(ssid=ssid, passphrase=passphrase) + params['dynamic_vlan'] = "1"; + params['accept_mac_file'] = "hostapd.accept"; + hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) + + params = ft_params2(ssid=ssid, passphrase=passphrase) + params['dynamic_vlan'] = "1"; + hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) + + run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, conndev="brvlan1", + forceInitialConnectToFirstAP = True) + if "[WPA2-FT/PSK-CCMP]" not in dev[0].request("SCAN_RESULTS"): + raise Exception("Scan results missing RSN element info") + def test_ap_ft_many(dev, apdev): """WPA2-PSK-FT AP multiple times""" ssid = "test-ft" @@ -274,6 +341,23 @@ def test_ap_ft_many(dev, apdev): run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, roams=50) +def test_ap_ft_many_vlan(dev, apdev): + """WPA2-PSK-FT AP w VLAN""" + ssid = "test-ft" + passphrase="12345678" + + params = ft_params1(ssid=ssid, passphrase=passphrase) + params['dynamic_vlan'] = "1"; + params['accept_mac_file'] = "hostapd.accept"; + hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) + + params = ft_params2(ssid=ssid, passphrase=passphrase) + params['dynamic_vlan'] = "1"; + params['accept_mac_file'] = "hostapd.accept"; + hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) + + run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, roams=50, conndev="brvlan1") + def test_ap_ft_mixed(dev, apdev): """WPA2-PSK-FT mixed-mode AP""" ssid = "test-ft-mixed" @@ -333,6 +417,24 @@ def test_ap_ft_over_ds_disabled(dev, apdev): run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True, fail_test=True) +def test_ap_ft_vlan_over_ds(dev, apdev): + """WPA2-PSK-FT AP over DS w VLAN""" + ssid = "test-ft" + passphrase="12345678" + + params = ft_params1(ssid=ssid, passphrase=passphrase) + params['dynamic_vlan'] = "1"; + params['accept_mac_file'] = "hostapd.accept"; + hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) + params = ft_params2(ssid=ssid, passphrase=passphrase) + params['dynamic_vlan'] = "1"; + params['accept_mac_file'] = "hostapd.accept"; + hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) + + run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True, conndev="brvlan1") + check_mib(dev[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-4"), + ("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-4") ]) + def test_ap_ft_over_ds_many(dev, apdev): """WPA2-PSK-FT AP over DS multiple times""" ssid = "test-ft" @@ -346,6 +448,23 @@ def test_ap_ft_over_ds_many(dev, apdev): run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True, roams=50) +def test_ap_ft_vlan_over_ds_many(dev, apdev): + """WPA2-PSK-FT AP over DS multiple times""" + ssid = "test-ft" + passphrase="12345678" + + params = ft_params1(ssid=ssid, passphrase=passphrase) + params['dynamic_vlan'] = "1"; + params['accept_mac_file'] = "hostapd.accept"; + hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) + params = ft_params2(ssid=ssid, passphrase=passphrase) + params['dynamic_vlan'] = "1"; + params['accept_mac_file'] = "hostapd.accept"; + hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) + + run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True, + roams=50, conndev="brvlan1") + @remote_compatible def test_ap_ft_over_ds_unknown_target(dev, apdev): """WPA2-PSK-FT AP""" @@ -502,6 +621,24 @@ def test_ap_ft_over_ds_pull_old_key(dev, apdev): run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True) +def test_ap_ft_over_ds_pull_vlan(dev, apdev): + """WPA2-PSK-FT AP over DS (pull PMK) w VLAN""" + ssid = "test-ft" + passphrase="12345678" + + params = ft_params1(ssid=ssid, passphrase=passphrase) + params["pmk_r1_push"] = "0" + params['dynamic_vlan'] = "1"; + params['accept_mac_file'] = "hostapd.accept"; + hapd0 = hostapd.add_ap(apdev[0]['ifname'], params) + params = ft_params2(ssid=ssid, passphrase=passphrase) + params["pmk_r1_push"] = "0" + params['dynamic_vlan'] = "1"; + params['accept_mac_file'] = "hostapd.accept"; + hapd1 = hostapd.add_ap(apdev[1]['ifname'], params) + + run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True, conndev="brvlan1") + def test_ap_ft_sae(dev, apdev): """WPA2-PSK-FT-SAE AP""" if "SAE" not in dev[0].get_capability("auth_alg"):