@@ -867,6 +867,67 @@ def run_ap_wpa2_delayed_group_m1_retransmission(dev, apdev):
if a < b:
raise Exception("RX counter decreased: idx=%d before=%d after=%d" % (i, b, a))
+def test_ap_wpa2_delayed_group_m1_retransmission_igtk(dev, apdev):
+ """Delayed group M1 retransmission (check IGTK protection)"""
+ require_under_vm()
+ try:
+ subprocess.call(['sysctl', '-w', 'net.ipv6.conf.all.disable_ipv6=1'],
+ stdout=open('/dev/null', 'w'))
+ subprocess.call(['sysctl', '-w',
+ 'net.ipv6.conf.default.disable_ipv6=1'],
+ stdout=open('/dev/null', 'w'))
+ run_ap_wpa2_delayed_group_m1_retransmission_igtk(dev, apdev)
+ finally:
+ subprocess.call(['sysctl', '-w', 'net.ipv6.conf.all.disable_ipv6=0'],
+ stdout=open('/dev/null', 'w'))
+ subprocess.call(['sysctl', '-w',
+ 'net.ipv6.conf.default.disable_ipv6=0'],
+ stdout=open('/dev/null', 'w'))
+
+def run_ap_wpa2_delayed_group_m1_retransmission_igtk(dev, apdev):
+ params = hostapd.wpa2_params(ssid="test-wpa2-psk", passphrase="12345678",
+ ieee80211w="2")
+ hapd = hostapd.add_ap(apdev[0], params)
+
+ # XXX: what's this for?
+ Wlantest.setup(hapd)
+ wt = Wlantest()
+ wt.flush()
+ wt.add_passphrase("12345678")
+
+ phy = dev[0].get_driver_status_field("phyname")
+ dev[0].connect("test-wpa2-psk", psk="12345678", scan_freq="2412",
+ ieee80211w="1")
+ hapd.wait_sta()
+
+ hwsim_utils.test_connectivity(dev[0], hapd, timeout=1)
+
+ # deauth once to see that works OK
+ addr = dev[0].own_addr()
+ hapd.request("DEAUTHENTICATE ff:ff:ff:ff:ff:ff")
+ dev[0].wait_disconnected(timeout=10)
+
+ # now to check the protection
+ dev[0].connect("test-wpa2-psk", psk="12345678", scan_freq="2412",
+ ieee80211w="1")
+ hapd.wait_sta()
+
+ hwsim_utils.test_connectivity(dev[0], hapd, timeout=1)
+
+ if "OK" not in hapd.request("RESEND_GROUP_M1 " + addr):
+ raise Exception("RESEND_GROUP_M1 failed")
+ if "OK" not in hapd.request("RESET_PN ff:ff:ff:ff:ff:ff IGTK"):
+ raise Exception("RESET_PN failed")
+
+ time.sleep(0.1)
+ hapd.request("DEAUTHENTICATE ff:ff:ff:ff:ff:ff test=25")
+
+ time.sleep(0.1)
+ hwsim_utils.test_connectivity(dev[0], hapd, timeout=1)
+
+ dev[0].request("DISCONNECT")
+ dev[0].wait_disconnected()
+
def test_ap_wpa2_delayed_m1_m3_zero_tk(dev, apdev):
"""Delayed M1+M3 retransmission and zero TK"""
params = hostapd.wpa2_params(ssid="test-wpa2-psk", passphrase="12345678")