From patchwork Thu May 7 08:26:47 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Johannes Berg X-Patchwork-Id: 1285035 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=sipsolutions.net Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=tpoW0aL/; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49Hmml5733z9sRY for ; Thu, 7 May 2020 18:27:51 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:To :From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=CerjklFIn/u3KwgUPMWRduciIpq3nppZiqI620dgMLk=; b=tpoW0aL/d5kqPN 9hIcDNSA8dm4CLWIP5b+1HBSqe9LZL7E4Jme3d/C9cZ66SAVNNgF1xlH8t2dj7uLYlnnPK7cC+HAn n/sXMm0ljyu5De5LRWMEJB6E3+ewhgUh7C1u8njqtPI21AEGJ8cqIO11iJs12knm7fm6AxLQvdomA huVSmkBe8xeOzC5aZ+yVQTKL0IoA//J0q+/KyPdYr7Sp/h0N80qaCUoSDo9h60eq+5cWXpQS3GIVa GRP2WRPnyRIe5RAZACFOkvzwHI9IDs3fxBBQgqkxuxV6m1G5TnmPquQrvNGy8sXGZEAFVOSzrj5jD 7568gcScqG+yQVAAfTcw==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1jWbsb-0006Oo-S1; Thu, 07 May 2020 08:27:41 +0000 Received: from s3.sipsolutions.net ([2a01:4f8:191:4433::2] helo=sipsolutions.net) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1jWbs0-0005i1-GG for hostap@lists.infradead.org; Thu, 07 May 2020 08:27:07 +0000 Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.93) (envelope-from ) id 1jWbrw-007NWW-QD; Thu, 07 May 2020 10:27:00 +0200 From: Johannes Berg To: hostap@lists.infradead.org Subject: [PATCH v2 1/5] test_ap_ciphers: replace gtk boolean by keytype Date: Thu, 7 May 2020 10:26:47 +0200 Message-Id: <1588840011-I8f7f07654f74c5ea9f22e934c42096982b555701@changeid> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200507_012704_696406_A0F8D76F X-CRM114-Status: UNSURE ( 8.99 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.3 (/) X-Spam-Report: SpamAssassin version 3.4.4 on bombadil.infradead.org summary: Content analysis details: (0.3 points) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.3 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Johannes Berg Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Johannes Berg Replace the gtk boolean by a keytype value indicating GTK or PTK, to be able to extend to other types later. Signed-off-by: Johannes Berg --- tests/hwsim/test_ap_ciphers.py | 50 ++++++++++++++++++---------------- 1 file changed, 26 insertions(+), 24 deletions(-) diff --git a/tests/hwsim/test_ap_ciphers.py b/tests/hwsim/test_ap_ciphers.py index fb0d9b614928..3d10cb0dce2c 100644 --- a/tests/hwsim/test_ap_ciphers.py +++ b/tests/hwsim/test_ap_ciphers.py @@ -17,6 +17,8 @@ from utils import * from wlantest import Wlantest from wpasupplicant import WpaSupplicant +KT_PTK, KT_GTK = range(2) + def check_cipher(dev, ap, cipher, group_cipher=None): if cipher not in dev.get_capability("pairwise"): raise HwsimSkip("Cipher %s not supported" % cipher) @@ -483,15 +485,15 @@ def test_ap_cipher_bip_req_mismatch(dev, apdev): dev[0].select_network(id) dev[0].wait_connected() -def get_rx_spec(phy, gtk=False): +def get_rx_spec(phy, keytype=KT_PTK): keys = "/sys/kernel/debug/ieee80211/%s/keys" % (phy) try: for key in os.listdir(keys): keydir = keys + "/" + key files = os.listdir(keydir) - if not gtk and "station" not in files: + if keytype == KT_PTK and "station" not in files: continue - if gtk and "station" in files: + if keytype != KT_PTK and "station" in files: continue with open(keydir + "/rx_spec") as f: return f.read() @@ -499,15 +501,15 @@ def get_rx_spec(phy, gtk=False): raise HwsimSkip("debugfs not supported in mac80211") return None -def get_tk_replay_counter(phy, gtk=False): +def get_tk_replay_counter(phy, keytype=KT_PTK): keys = "/sys/kernel/debug/ieee80211/%s/keys" % (phy) try: for key in os.listdir(keys): keydir = keys + "/" + key files = os.listdir(keydir) - if not gtk and "station" not in files: + if keytype == KT_PTK and "station" not in files: continue - if gtk and "station" in files: + if keytype != KT_PTK and "station" in files: continue with open(keydir + "/replays") as f: return int(f.read()) @@ -589,20 +591,20 @@ def test_ap_cipher_replay_protection_sta_gcmp(dev, apdev): def test_ap_cipher_replay_protection_sta_gtk_ccmp(dev, apdev): """CCMP replay protection on STA (GTK)""" - run_ap_cipher_replay_protection_sta(dev, apdev, "CCMP", gtk=True) + run_ap_cipher_replay_protection_sta(dev, apdev, "CCMP", keytype=KT_GTK) def test_ap_cipher_replay_protection_sta_gtk_tkip(dev, apdev): """TKIP replay protection on STA (GTK)""" skip_without_tkip(dev[0]) - run_ap_cipher_replay_protection_sta(dev, apdev, "TKIP", gtk=True) + run_ap_cipher_replay_protection_sta(dev, apdev, "TKIP", keytype=KT_GTK) def test_ap_cipher_replay_protection_sta_gtk_gcmp(dev, apdev): """GCMP replay protection on STA (GTK)""" if "GCMP" not in dev[0].get_capability("pairwise"): raise HwsimSkip("GCMP not supported") - run_ap_cipher_replay_protection_sta(dev, apdev, "GCMP", gtk=True) + run_ap_cipher_replay_protection_sta(dev, apdev, "GCMP", keytype=KT_GTK) -def run_ap_cipher_replay_protection_sta(dev, apdev, cipher, gtk=False): +def run_ap_cipher_replay_protection_sta(dev, apdev, cipher, keytype=KT_PTK): params = {"ssid": "test-wpa2-psk", "wpa_passphrase": "12345678", "wpa": "2", @@ -621,7 +623,7 @@ def run_ap_cipher_replay_protection_sta(dev, apdev, cipher, gtk=False): hapd.wait_sta() if cipher != "TKIP": - replays = get_tk_replay_counter(phy, gtk) + replays = get_tk_replay_counter(phy, keytype) if replays != 0: raise Exception("Unexpected replay reported (1)") @@ -629,11 +631,11 @@ def run_ap_cipher_replay_protection_sta(dev, apdev, cipher, gtk=False): hwsim_utils.test_connectivity(dev[0], hapd) if cipher != "TKIP": - replays = get_tk_replay_counter(phy, gtk) + replays = get_tk_replay_counter(phy, keytype) if replays != 0: raise Exception("Unexpected replay reported (2)") - addr = "ff:ff:ff:ff:ff:ff" if gtk else dev[0].own_addr() + addr = "ff:ff:ff:ff:ff:ff" if keytype != KT_PTK else dev[0].own_addr() if "OK" not in hapd.request("RESET_PN " + addr): raise Exception("RESET_PN failed") time.sleep(0.1) @@ -641,7 +643,7 @@ def run_ap_cipher_replay_protection_sta(dev, apdev, cipher, gtk=False): success_expected=False) if cipher != "TKIP": - replays = get_tk_replay_counter(phy, gtk) + replays = get_tk_replay_counter(phy, keytype) if replays < 1: raise Exception("Replays not reported") @@ -679,14 +681,14 @@ def run_ap_wpa2_delayed_m3_retransmission(dev, apdev): hwsim_utils.test_connectivity(dev[0], hapd) time.sleep(0.1) - before_tk = get_rx_spec(phy, gtk=False).splitlines() - before_gtk = get_rx_spec(phy, gtk=True).splitlines() + before_tk = get_rx_spec(phy, keytype=KT_PTK).splitlines() + before_gtk = get_rx_spec(phy, keytype=KT_GTK).splitlines() addr = dev[0].own_addr() if "OK" not in hapd.request("RESEND_M3 " + addr): raise Exception("RESEND_M3 failed") time.sleep(0.1) - after_tk = get_rx_spec(phy, gtk=False).splitlines() - after_gtk = get_rx_spec(phy, gtk=True).splitlines() + after_tk = get_rx_spec(phy, keytype=KT_PTK).splitlines() + after_gtk = get_rx_spec(phy, keytype=KT_GTK).splitlines() if "OK" not in hapd.request("RESET_PN " + addr): raise Exception("RESET_PN failed") @@ -760,8 +762,8 @@ def run_ap_wpa2_delayed_m1_m3_retransmission(dev, apdev, hwsim_utils.test_connectivity(dev[0], hapd) time.sleep(0.1) - before_tk = get_rx_spec(phy, gtk=False).splitlines() - before_gtk = get_rx_spec(phy, gtk=True).splitlines() + before_tk = get_rx_spec(phy, keytype=KT_PTK).splitlines() + before_gtk = get_rx_spec(phy, keytype=KT_GTK).splitlines() addr = dev[0].own_addr() if change_m1_anonce: if "OK" not in hapd.request("RESEND_M1 " + addr + " change-anonce"): @@ -771,8 +773,8 @@ def run_ap_wpa2_delayed_m1_m3_retransmission(dev, apdev, if "OK" not in hapd.request("RESEND_M3 " + addr): raise Exception("RESEND_M3 failed") time.sleep(0.1) - after_tk = get_rx_spec(phy, gtk=False).splitlines() - after_gtk = get_rx_spec(phy, gtk=True).splitlines() + after_tk = get_rx_spec(phy, keytype=KT_PTK).splitlines() + after_gtk = get_rx_spec(phy, keytype=KT_GTK).splitlines() if "OK" not in hapd.request("RESET_PN " + addr): raise Exception("RESET_PN failed") @@ -828,12 +830,12 @@ def run_ap_wpa2_delayed_group_m1_retransmission(dev, apdev): hwsim_utils.test_connectivity(dev[0], hapd) time.sleep(0.1) - before = get_rx_spec(phy, gtk=True).splitlines() + before = get_rx_spec(phy, keytype=KT_GTK).splitlines() addr = dev[0].own_addr() if "OK" not in hapd.request("RESEND_GROUP_M1 " + addr): raise Exception("RESEND_GROUP_M1 failed") time.sleep(0.1) - after = get_rx_spec(phy, gtk=True).splitlines() + after = get_rx_spec(phy, keytype=KT_GTK).splitlines() if "OK" not in hapd.request("RESET_PN " + addr): raise Exception("RESET_PN failed")