@@ -1452,6 +1452,11 @@ static int hostapd_ctrl_iface_get(struct hostapd_data *hapd, char *cmd,
if (os_snprintf_error(buflen, res))
return -1;
return res;
+ } else if (os_strcmp(cmd, "drv_flags") == 0) {
+ res = os_snprintf(buf, buflen, "%016lx", hapd->iface->drv_flags);
+ if (os_snprintf_error(buflen, res))
+ return -1;
+ return res;
}
return -1;
@@ -527,7 +527,7 @@ def add_ap(apdev, params, wait_enabled=True, no_enable=False, timeout=30,
raise Exception("Could not ping hostapd")
hapd.set_defaults()
fields = ["ssid", "wpa_passphrase", "nas_identifier", "wpa_key_mgmt",
- "wpa",
+ "wpa", "wpa_extended_key_id",
"wpa_pairwise", "rsn_pairwise", "auth_server_addr",
"acct_server_addr", "osu_server_uri"]
for field in fields:
@@ -610,7 +610,7 @@ def terminate(apdev):
hapd_global = HostapdGlobal(apdev)
hapd_global.terminate()
-def wpa2_params(ssid=None, passphrase=None):
+def wpa2_params(ssid=None, passphrase=None, wpa_extended_key_id=None):
params = {"wpa": "2",
"wpa_key_mgmt": "WPA-PSK",
"rsn_pairwise": "CCMP"}
@@ -618,6 +618,8 @@ def wpa2_params(ssid=None, passphrase=None):
params["ssid"] = ssid
if passphrase:
params["wpa_passphrase"] = passphrase
+ if wpa_extended_key_id:
+ params["wpa_extended_key_id"] = wpa_extended_key_id
return params
def wpa_params(ssid=None, passphrase=None):
@@ -203,15 +203,52 @@ def _test_ap_wpa2_psk_mem(dev, apdev):
@remote_compatible
def test_ap_wpa2_ptk_rekey(dev, apdev):
- """WPA2-PSK AP and PTK rekey enforced by station"""
+ """WPA2-PSK AP and PTK rekey enforced by station without Extended Key ID"""
+ ssid = "test-wpa2-psk"
+ passphrase = 'qwertyuiop'
+ params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase,
+ wpa_extended_key_id="0")
+ hapd = hostapd.add_ap(apdev[0], params)
+ dev[0].connect(ssid, psk=passphrase, wpa_ptk_rekey="1", scan_freq="2412",
+ wpa_extended_key_id="0")
+ ev = dev[0].wait_event(["WPA: Key negotiation completed"])
+ if ev is None:
+ raise Exception("PTK rekey timed out")
+ hwsim_utils.test_connectivity(dev[0], hapd)
+
+def test_ap_wpa2_ptk_rekey_extended(dev, apdev):
+ """WPA2-PSK AP and PTK rekey enforced by station with Extended Key ID"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
hapd = hostapd.add_ap(apdev[0], params)
+ if not int(hapd.request("GET drv_flags"), 16) & 0x0400000000000000:
+ raise HwsimSkip("No Extended Key ID support in kernel")
+
+ dev[0].connect(ssid, psk=passphrase, wpa_ptk_rekey="1", scan_freq="2412",
+ wpa_extended_key_id="0")
+ ev = dev[0].wait_event(["WPA: Key negotiation completed"])
+ if ev is None:
+ raise Exception("PTK rekey timed out (STA without Extended Key ID)")
+ hwsim_utils.test_connectivity(dev[0], hapd)
+
dev[0].connect(ssid, psk=passphrase, wpa_ptk_rekey="1", scan_freq="2412")
ev = dev[0].wait_event(["WPA: Key negotiation completed"])
if ev is None:
- raise Exception("PTK rekey timed out")
+ raise Exception("PTK rekey timed out (STA with Extended Key ID)")
+ hwsim_utils.test_connectivity(dev[0], hapd)
+ ev = dev[0].wait_event(["WPA: Key negotiation completed"])
+ if ev is None:
+ raise Exception("PTK rekey timed out 2 (STA with Extended Key ID)")
+ hwsim_utils.test_connectivity(dev[0], hapd)
+
+ params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase,
+ wpa_extended_key_id="0")
+ hapd = hostapd.add_ap(apdev[0], params)
+ dev[0].connect(ssid, psk=passphrase, wpa_ptk_rekey="1", scan_freq="2412")
+ ev = dev[0].wait_event(["WPA: Key negotiation completed"])
+ if ev is None:
+ raise Exception("PTK rekey timed out (AP without Extended Key ID")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_wpa2_ptk_rekey_anonce(dev, apdev):
@@ -1084,7 +1084,8 @@ class WpaSupplicant:
"dpp_netaccesskey", "dpp_netaccesskey_expiry",
"group_mgmt", "owe_group",
"roaming_consortium_selection", "ocv",
- "multi_ap_backhaul_sta", "rx_stbc", "tx_stbc"]
+ "multi_ap_backhaul_sta", "rx_stbc", "tx_stbc",
+ "wpa_extended_key_id"]
for field in not_quoted:
if field in kwargs and kwargs[field]:
self.set_network(id, field, kwargs[field])
To verify interoperability of Extended Key ID test_ap_wpa2_ptk_rekey has been modified and supplemented by test_ap_wpa2_ptk_rekey_extended. Extended Key ID support affects all wpa2 tests. When supported it will be used as default for all tests using wpa2 (RSN). This also adds a new GET call for tests, allowing access to the driver flags and verify driver capabilities. Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de> --- I was unsure if the existing tests should be forced to ignore the Extended Key ID support in hwsim, but decided against. After all Extended Key ID (hopefully) will get standard in some years and new features and when rekey works once with Extended Key ID it will also work for all the other tests. So this patch just makes sure that for one kind of PSK rekeys (using PSK) we test all combinations of STA/AP communicative Extended Key ID adds. hostapd/ctrl_iface.c | 5 +++++ tests/hwsim/hostapd.py | 6 ++++-- tests/hwsim/test_ap_psk.py | 41 ++++++++++++++++++++++++++++++++++-- tests/hwsim/wpasupplicant.py | 3 ++- 4 files changed, 50 insertions(+), 5 deletions(-)