diff --git a/autotests/testFT-FILS-SHA384/TestFT.8021x b/autotests/testFT-FILS-SHA384/TestFT.8021x deleted file mode 100644 index 6fd3e0e8..00000000 --- a/autotests/testFT-FILS-SHA384/TestFT.8021x +++ /dev/null @@ -1,5 +0,0 @@ -[Security] -EAP-Method=PWD - -[Settings] -AutoConnect=False diff --git a/autotests/testFT-FILS-SHA384/connection_test.py b/autotests/testFT-FILS-SHA384/connection_test.py deleted file mode 100644 index a7752c98..00000000 --- a/autotests/testFT-FILS-SHA384/connection_test.py +++ /dev/null @@ -1,174 +0,0 @@ -#! /usr/bin/python3 - -import unittest -import sys, os - -sys.path.append('../util') -import iwd -from iwd import IWD -from iwd import PSKAgent -from iwd import NetworkType -from hwsim import Hwsim -from hostapd import HostapdCLI -import testutil - -class Test(unittest.TestCase): - def test_roam_success(self): - hwsim = Hwsim() - - rule0 = hwsim.rules.create() - rule0.source = self.bss_radio[0].addresses[0] - rule0.bidirectional = True - - rule1 = hwsim.rules.create() - rule1.source = self.bss_radio[1].addresses[0] - rule1.bidirectional = True - - # Check that iwd selects BSS 0 first - rule0.signal = -2000 - rule1.signal = -6900 - - wd = IWD(True) - - psk_agent = PSKAgent('user@example.com', ('user@example.com', - 'secret123')) - wd.register_psk_agent(psk_agent) - - device = wd.list_devices(1)[0] - - condition = 'not obj.scanning' - wd.wait_for_object_condition(device, condition) - - device.scan() - - condition = 'obj.scanning' - wd.wait_for_object_condition(device, condition) - - condition = 'not obj.scanning' - wd.wait_for_object_condition(device, condition) - - ordered_network = device.get_ordered_network('TestFT') - - self.assertEqual(ordered_network.type, NetworkType.eap) - self.assertEqual(ordered_network.signal_strength, -2000) - - condition = 'not obj.connected' - wd.wait_for_object_condition(ordered_network.network_object, condition) - - self.assertFalse(self.bss_hostapd[0].list_sta()) - self.assertFalse(self.bss_hostapd[1].list_sta()) - - ordered_network.network_object.connect() - - condition = 'obj.state == DeviceState.connected' - wd.wait_for_object_condition(device, condition) - - self.assertTrue(self.bss_hostapd[0].list_sta()) - self.assertFalse(self.bss_hostapd[1].list_sta()) - - testutil.test_iface_operstate(device.name) - testutil.test_ifaces_connected(self.bss_hostapd[0].ifname, device.name) - self.assertRaises(Exception, testutil.test_ifaces_connected, - (self.bss_hostapd[1].ifname, device.name, True, True)) - - device.disconnect() - - condition = 'not obj.connected' - wd.wait_for_object_condition(ordered_network.network_object, condition) - - ordered_network = device.get_ordered_network('TestFT') - - self.assertEqual(ordered_network.type, NetworkType.eap) - - condition = 'not obj.connected' - wd.wait_for_object_condition(ordered_network.network_object, condition) - - ordered_network.network_object.connect() - - condition = 'obj.state == DeviceState.connected' - wd.wait_for_object_condition(device, condition) - - self.assertTrue(self.bss_hostapd[0].list_sta()) - self.assertFalse(self.bss_hostapd[1].list_sta()) - - testutil.test_iface_operstate(device.name) - testutil.test_ifaces_connected(self.bss_hostapd[0].ifname, device.name) - self.assertRaises(Exception, testutil.test_ifaces_connected, - (self.bss_hostapd[1].ifname, device.name, True, True)) - - # Check that iwd starts transition to BSS 1 in less than 10 seconds. - # The 10 seconds is longer than needed to scan on just two channels - # but short enough that a full scan on the 2.4 + 5.8 bands supported - # by mac80211_hwsim will not finish. If this times out then, but - # device_roam_trigger_cb has happened, it probably means that - # Neighbor Reports are broken. - rule0.signal = -8000 - - condition = 'obj.state == DeviceState.roaming' - wd.wait_for_object_condition(device, condition) - - # Check that iwd is on BSS 1 once out of roaming state and doesn't - # go through 'disconnected', 'autoconnect', 'connecting' in between - from_condition = 'obj.state == DeviceState.roaming' - to_condition = 'obj.state == DeviceState.connected' - wd.wait_for_object_change(device, from_condition, to_condition) - - self.assertTrue(self.bss_hostapd[1].list_sta()) - - testutil.test_iface_operstate(device.name) - testutil.test_ifaces_connected(self.bss_hostapd[1].ifname, device.name) - self.assertRaises(Exception, testutil.test_ifaces_connected, - (self.bss_hostapd[0].ifname, device.name, True, True)) - - def tearDown(self): - os.system('ifconfig "' + self.bss_hostapd[0].ifname + '" down') - os.system('ifconfig "' + self.bss_hostapd[1].ifname + '" down') - os.system('ifconfig "' + self.bss_hostapd[0].ifname + '" up') - os.system('ifconfig "' + self.bss_hostapd[1].ifname + '" up') - - hwsim = Hwsim() - for rule in list(hwsim.rules.keys()): - del hwsim.rules[rule] - - @classmethod - def setUpClass(cls): - os.system('ifconfig lo up') - IWD.copy_to_storage('TestFT.8021x') - - hwsim = Hwsim() - - cls.bss_hostapd = [ HostapdCLI(config='ft-eap-ccmp-1.conf'), - HostapdCLI(config='ft-eap-ccmp-2.conf') ] - cls.bss_radio = [ hwsim.get_radio('rad0'), - hwsim.get_radio('rad1') ] - - # Set interface addresses to those expected by hostapd config files - os.system('ifconfig "' + cls.bss_hostapd[0].ifname + - '" down hw ether 12:00:00:00:00:01 up') - os.system('ifconfig "' + cls.bss_hostapd[1].ifname + - '" down hw ether 12:00:00:00:00:02 up') - - cls.bss_hostapd[0].reload() - cls.bss_hostapd[0].wait_for_event("AP-ENABLED") - cls.bss_hostapd[1].reload() - cls.bss_hostapd[1].wait_for_event("AP-ENABLED") - - # Fill in the neighbor AP tables in both BSSes. By default each - # instance knows only about current BSS, even inside one hostapd - # process. - # FT still works without the neighbor AP table but neighbor reports - # have to be disabled in the .conf files - cls.bss_hostapd[0].set_neighbor('12:00:00:00:00:02', 'TestFT', - '1200000000028f0000005102060603000000') - cls.bss_hostapd[1].set_neighbor('12:00:00:00:00:01', 'TestFT', - '1200000000018f0000005101060603000000') - - @classmethod - def tearDownClass(cls): - IWD.clear_storage() - cls.bss_hostapd = None - cls.bss_radio = None - - -if __name__ == '__main__': - unittest.main(exit=True) diff --git a/autotests/testFT-FILS-SHA384/ft-eap-ccmp-1.conf b/autotests/testFT-FILS-SHA384/ft-eap-ccmp-1.conf deleted file mode 100644 index 61262c69..00000000 --- a/autotests/testFT-FILS-SHA384/ft-eap-ccmp-1.conf +++ /dev/null @@ -1,42 +0,0 @@ -hw_mode=g -channel=1 -ssid=TestFT -utf8_ssid=1 -ctrl_interface=/var/run/hostapd -r1_key_holder=000000000001 -nas_identifier=dummy1 - -wpa=2 -# Can support WPA-EAP and FT-EAP (space separated list) at the same -# time but we want to force FT -wpa_key_mgmt=FT-EAP FILS-SHA384 FT-FILS-SHA384 -wpa_pairwise=CCMP -ieee8021x=1 - -fils_realm=example.com - -wpa_ptk_rekey=30 -wpa_group_rekey=80 -ieee80211w=1 -rsn_preauth=1 -disable_pmksa_caching=1 -# Allow PMK cache to be shared opportunistically among configured interfaces -# and BSSes (i.e., all configurations within a single hostapd process). -okc=1 -mobility_domain=1234 -reassociation_deadline=60000 -r0kh=12:00:00:00:00:01 nas1.w1.fi 000102030405060708090a0b0c0d0e0f -r0kh=12:00:00:00:00:02 nas2.w1.fi 000102030405060708090a0b0c0d0e0f -r1kh=12:00:00:00:00:01 00:00:00:00:00:01 000102030405060708090a0b0c0d0e0f -r1kh=12:00:00:00:00:02 00:00:00:00:00:02 000102030405060708090a0b0c0d0e0f -# Push mode only needed for 8021x, not PSK mode since msk already known -pmk_r1_push=1 -ft_over_ds=0 -ap_table_expiration_time=36000 -ap_table_max_size=10 -rrm_neighbor_report=1 - -auth_server_addr=127.0.0.1 -auth_server_port=1812 -auth_server_shared_secret=secret -nas_identifier=nas1.w1.fi diff --git a/autotests/testFT-FILS-SHA384/ft-eap-ccmp-2.conf b/autotests/testFT-FILS-SHA384/ft-eap-ccmp-2.conf deleted file mode 100644 index a6bdf641..00000000 --- a/autotests/testFT-FILS-SHA384/ft-eap-ccmp-2.conf +++ /dev/null @@ -1,42 +0,0 @@ -hw_mode=g -channel=2 -ssid=TestFT -utf8_ssid=1 -ctrl_interface=/var/run/hostapd -r1_key_holder=000000000002 -nas_identifier=dummy2 - -wpa=2 -# Can support WPA-EAP and FT-EAP (space separated list) at the same -# time but we want to force FT -wpa_key_mgmt=WPA-EAP FT-FILS-SHA384 -wpa_pairwise=CCMP -ieee8021x=1 - -fils_realm=example.com - -wpa_ptk_rekey=30 -wpa_group_rekey=80 -ieee80211w=1 -rsn_preauth=1 -disable_pmksa_caching=1 -# Allow PMK cache to be shared opportunistically among configured interfaces -# and BSSes (i.e., all configurations within a single hostapd process). -okc=1 -mobility_domain=1234 -reassociation_deadline=60000 -r0kh=12:00:00:00:00:01 nas1.w1.fi 000102030405060708090a0b0c0d0e0f -r0kh=12:00:00:00:00:02 nas2.w1.fi 000102030405060708090a0b0c0d0e0f -r1kh=12:00:00:00:00:01 00:00:00:00:00:01 000102030405060708090a0b0c0d0e0f -r1kh=12:00:00:00:00:02 00:00:00:00:00:02 000102030405060708090a0b0c0d0e0f -# Push mode only needed for 8021x, not PSK mode since msk already known -pmk_r1_push=1 -ft_over_ds=0 -ap_table_expiration_time=36000 -ap_table_max_size=10 -rrm_neighbor_report=1 - -auth_server_addr=127.0.0.1 -auth_server_port=1812 -auth_server_shared_secret=secret -nas_identifier=nas2.w1.fi diff --git a/autotests/testFT-FILS-SHA384/hw.conf b/autotests/testFT-FILS-SHA384/hw.conf deleted file mode 100644 index 322f0862..00000000 --- a/autotests/testFT-FILS-SHA384/hw.conf +++ /dev/null @@ -1,8 +0,0 @@ -[SETUP] -num_radios=3 -start_iwd=0 - -[HOSTAPD] -rad0=ft-eap-ccmp-1.conf -rad1=ft-eap-ccmp-2.conf -radius_server=radius.conf diff --git a/autotests/testFT-FILS-SHA384/main.conf b/autotests/testFT-FILS-SHA384/main.conf deleted file mode 100644 index 9452fb6b..00000000 --- a/autotests/testFT-FILS-SHA384/main.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Scan] -DisableMacAddressRandomization=true diff --git a/autotests/testFT-FILS-SHA384/pwd.eap_user b/autotests/testFT-FILS-SHA384/pwd.eap_user deleted file mode 100644 index 69079c24..00000000 --- a/autotests/testFT-FILS-SHA384/pwd.eap_user +++ /dev/null @@ -1 +0,0 @@ -"user@example.com" PWD "secret123" diff --git a/autotests/testFT-FILS-SHA384/radius.conf b/autotests/testFT-FILS-SHA384/radius.conf deleted file mode 100644 index 4fcfdfff..00000000 --- a/autotests/testFT-FILS-SHA384/radius.conf +++ /dev/null @@ -1,15 +0,0 @@ -driver=none -radius_server_clients=/tmp/certs/radius-clients.text -radius_server_auth_port=1812 -eap_user_file=/tmp/pwd.eap_user -eap_server=0 -eap_server_erp=1 - -erp_send_reauth_start=1 -erp_domain=example.com -fils_realm=example.com -disable_pmksa_caching=1 - -pwd_group=19 -wpa_group_rekey=30 -wpa_ptk_rekey=30