From patchwork Wed May 6 13:42:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Johannes Berg X-Patchwork-Id: 1284463 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sipsolutions.net Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=B2kdL7uZ; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49HHqK4vHJz9sRf for ; Wed, 6 May 2020 23:43:25 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:To :From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=CerjklFIn/u3KwgUPMWRduciIpq3nppZiqI620dgMLk=; b=B2kdL7uZK6cE3e NzGBT2mUcmezpfe29ozwOhQGfYfcbVnbuQuYv1VbVyJEDTuoJFfvPXAPbN/mgAU1nUDkOfo+poTCp SydW/mOxgkXtVUVyMrHSrD5Zs1pzye/IvXCcgV09UatE4jDv4FGWTo1ZjqAy2zrNMBrC6ZUqHyb1V vQZRigrW/8BRSas/dHJ3ESaK1rsaMhQPlg0GxDi3jWkG/vCRe4cfEaZ++PK82y2NUmbB90kdzhR1v onHfM2vEtPzm10dBDz8c7o6wvv4Yp7s4OOFmRMWXlYWX8j8nkWERdCE4WbkQEqs27P2iob5KAP29a tIWf80+nlW9I5HJnP78g==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1jWKKU-0001Xp-13; Wed, 06 May 2020 13:43:18 +0000 Received: from s3.sipsolutions.net ([2a01:4f8:191:4433::2] helo=sipsolutions.net) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1jWKJk-0000mO-VJ for hostap@lists.infradead.org; Wed, 06 May 2020 13:42:35 +0000 Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.93) (envelope-from ) id 1jWKJe-006pQI-Sl; Wed, 06 May 2020 15:42:27 +0200 From: Johannes Berg To: hostap@lists.infradead.org Subject: [PATCH 1/5] test_ap_ciphers: replace gtk boolean by keytype Date: Wed, 6 May 2020 15:42:12 +0200 Message-Id: <1588772536-I8f7f07654f74c5ea9f22e934c42096982b555701@changeid> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200506_064233_166178_E5EFE212 X-CRM114-Status: UNSURE ( 9.54 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.3 (/) X-Spam-Report: SpamAssassin version 3.4.4 on bombadil.infradead.org summary: Content analysis details: (0.3 points) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.3 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Johannes Berg Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Johannes Berg Replace the gtk boolean by a keytype value indicating GTK or PTK, to be able to extend to other types later. Signed-off-by: Johannes Berg --- tests/hwsim/test_ap_ciphers.py | 50 ++++++++++++++++++---------------- 1 file changed, 26 insertions(+), 24 deletions(-) diff --git a/tests/hwsim/test_ap_ciphers.py b/tests/hwsim/test_ap_ciphers.py index fb0d9b614928..3d10cb0dce2c 100644 --- a/tests/hwsim/test_ap_ciphers.py +++ b/tests/hwsim/test_ap_ciphers.py @@ -17,6 +17,8 @@ from utils import * from wlantest import Wlantest from wpasupplicant import WpaSupplicant +KT_PTK, KT_GTK = range(2) + def check_cipher(dev, ap, cipher, group_cipher=None): if cipher not in dev.get_capability("pairwise"): raise HwsimSkip("Cipher %s not supported" % cipher) @@ -483,15 +485,15 @@ def test_ap_cipher_bip_req_mismatch(dev, apdev): dev[0].select_network(id) dev[0].wait_connected() -def get_rx_spec(phy, gtk=False): +def get_rx_spec(phy, keytype=KT_PTK): keys = "/sys/kernel/debug/ieee80211/%s/keys" % (phy) try: for key in os.listdir(keys): keydir = keys + "/" + key files = os.listdir(keydir) - if not gtk and "station" not in files: + if keytype == KT_PTK and "station" not in files: continue - if gtk and "station" in files: + if keytype != KT_PTK and "station" in files: continue with open(keydir + "/rx_spec") as f: return f.read() @@ -499,15 +501,15 @@ def get_rx_spec(phy, gtk=False): raise HwsimSkip("debugfs not supported in mac80211") return None -def get_tk_replay_counter(phy, gtk=False): +def get_tk_replay_counter(phy, keytype=KT_PTK): keys = "/sys/kernel/debug/ieee80211/%s/keys" % (phy) try: for key in os.listdir(keys): keydir = keys + "/" + key files = os.listdir(keydir) - if not gtk and "station" not in files: + if keytype == KT_PTK and "station" not in files: continue - if gtk and "station" in files: + if keytype != KT_PTK and "station" in files: continue with open(keydir + "/replays") as f: return int(f.read()) @@ -589,20 +591,20 @@ def test_ap_cipher_replay_protection_sta_gcmp(dev, apdev): def test_ap_cipher_replay_protection_sta_gtk_ccmp(dev, apdev): """CCMP replay protection on STA (GTK)""" - run_ap_cipher_replay_protection_sta(dev, apdev, "CCMP", gtk=True) + run_ap_cipher_replay_protection_sta(dev, apdev, "CCMP", keytype=KT_GTK) def test_ap_cipher_replay_protection_sta_gtk_tkip(dev, apdev): """TKIP replay protection on STA (GTK)""" skip_without_tkip(dev[0]) - run_ap_cipher_replay_protection_sta(dev, apdev, "TKIP", gtk=True) + run_ap_cipher_replay_protection_sta(dev, apdev, "TKIP", keytype=KT_GTK) def test_ap_cipher_replay_protection_sta_gtk_gcmp(dev, apdev): """GCMP replay protection on STA (GTK)""" if "GCMP" not in dev[0].get_capability("pairwise"): raise HwsimSkip("GCMP not supported") - run_ap_cipher_replay_protection_sta(dev, apdev, "GCMP", gtk=True) + run_ap_cipher_replay_protection_sta(dev, apdev, "GCMP", keytype=KT_GTK) -def run_ap_cipher_replay_protection_sta(dev, apdev, cipher, gtk=False): +def run_ap_cipher_replay_protection_sta(dev, apdev, cipher, keytype=KT_PTK): params = {"ssid": "test-wpa2-psk", "wpa_passphrase": "12345678", "wpa": "2", @@ -621,7 +623,7 @@ def run_ap_cipher_replay_protection_sta(dev, apdev, cipher, gtk=False): hapd.wait_sta() if cipher != "TKIP": - replays = get_tk_replay_counter(phy, gtk) + replays = get_tk_replay_counter(phy, keytype) if replays != 0: raise Exception("Unexpected replay reported (1)") @@ -629,11 +631,11 @@ def run_ap_cipher_replay_protection_sta(dev, apdev, cipher, gtk=False): hwsim_utils.test_connectivity(dev[0], hapd) if cipher != "TKIP": - replays = get_tk_replay_counter(phy, gtk) + replays = get_tk_replay_counter(phy, keytype) if replays != 0: raise Exception("Unexpected replay reported (2)") - addr = "ff:ff:ff:ff:ff:ff" if gtk else dev[0].own_addr() + addr = "ff:ff:ff:ff:ff:ff" if keytype != KT_PTK else dev[0].own_addr() if "OK" not in hapd.request("RESET_PN " + addr): raise Exception("RESET_PN failed") time.sleep(0.1) @@ -641,7 +643,7 @@ def run_ap_cipher_replay_protection_sta(dev, apdev, cipher, gtk=False): success_expected=False) if cipher != "TKIP": - replays = get_tk_replay_counter(phy, gtk) + replays = get_tk_replay_counter(phy, keytype) if replays < 1: raise Exception("Replays not reported") @@ -679,14 +681,14 @@ def run_ap_wpa2_delayed_m3_retransmission(dev, apdev): hwsim_utils.test_connectivity(dev[0], hapd) time.sleep(0.1) - before_tk = get_rx_spec(phy, gtk=False).splitlines() - before_gtk = get_rx_spec(phy, gtk=True).splitlines() + before_tk = get_rx_spec(phy, keytype=KT_PTK).splitlines() + before_gtk = get_rx_spec(phy, keytype=KT_GTK).splitlines() addr = dev[0].own_addr() if "OK" not in hapd.request("RESEND_M3 " + addr): raise Exception("RESEND_M3 failed") time.sleep(0.1) - after_tk = get_rx_spec(phy, gtk=False).splitlines() - after_gtk = get_rx_spec(phy, gtk=True).splitlines() + after_tk = get_rx_spec(phy, keytype=KT_PTK).splitlines() + after_gtk = get_rx_spec(phy, keytype=KT_GTK).splitlines() if "OK" not in hapd.request("RESET_PN " + addr): raise Exception("RESET_PN failed") @@ -760,8 +762,8 @@ def run_ap_wpa2_delayed_m1_m3_retransmission(dev, apdev, hwsim_utils.test_connectivity(dev[0], hapd) time.sleep(0.1) - before_tk = get_rx_spec(phy, gtk=False).splitlines() - before_gtk = get_rx_spec(phy, gtk=True).splitlines() + before_tk = get_rx_spec(phy, keytype=KT_PTK).splitlines() + before_gtk = get_rx_spec(phy, keytype=KT_GTK).splitlines() addr = dev[0].own_addr() if change_m1_anonce: if "OK" not in hapd.request("RESEND_M1 " + addr + " change-anonce"): @@ -771,8 +773,8 @@ def run_ap_wpa2_delayed_m1_m3_retransmission(dev, apdev, if "OK" not in hapd.request("RESEND_M3 " + addr): raise Exception("RESEND_M3 failed") time.sleep(0.1) - after_tk = get_rx_spec(phy, gtk=False).splitlines() - after_gtk = get_rx_spec(phy, gtk=True).splitlines() + after_tk = get_rx_spec(phy, keytype=KT_PTK).splitlines() + after_gtk = get_rx_spec(phy, keytype=KT_GTK).splitlines() if "OK" not in hapd.request("RESET_PN " + addr): raise Exception("RESET_PN failed") @@ -828,12 +830,12 @@ def run_ap_wpa2_delayed_group_m1_retransmission(dev, apdev): hwsim_utils.test_connectivity(dev[0], hapd) time.sleep(0.1) - before = get_rx_spec(phy, gtk=True).splitlines() + before = get_rx_spec(phy, keytype=KT_GTK).splitlines() addr = dev[0].own_addr() if "OK" not in hapd.request("RESEND_GROUP_M1 " + addr): raise Exception("RESEND_GROUP_M1 failed") time.sleep(0.1) - after = get_rx_spec(phy, gtk=True).splitlines() + after = get_rx_spec(phy, keytype=KT_GTK).splitlines() if "OK" not in hapd.request("RESET_PN " + addr): raise Exception("RESET_PN failed")