3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-22 13:02:44 +01:00

auto-t: added autotest for FT over SAE

This test was copied from testFT-PSK-roam, but for SAE. The test behaves
as follows:

 - Connect to SAE network (full authentication)
 - Fast transition to another SAE AP
 - Fast transition to a PSK/WPA2 AP
This commit is contained in:
James Prestwood 2018-09-19 11:30:37 -07:00 committed by Denis Kenzior
parent a553771ffe
commit 6f833d6cad
5 changed files with 344 additions and 0 deletions

View File

@ -0,0 +1,43 @@
hw_mode=g
channel=1
ssid=TestFT
utf8_ssid=1
ctrl_interface=/var/run/hostapd
r1_key_holder=120000000003
nas_identifier=dummy3
wpa=2
# Can support WPA-PSK and FT-PSK (space separated list) and/or EAP at the same
# time but we want to force FT
wpa_key_mgmt=FT-PSK
wpa_pairwise=CCMP
wpa_passphrase=EasilyGuessedPassword
wpa_ptk_rekey=30
wpa_group_rekey=80
ieee80211w=1
rsn_preauth=1
rsn_preauth_interfaces=lo
disable_pmksa_caching=0
# Allow PMK cache to be shared opportunistically among configured interfaces
# and BSSes (i.e., all configurations within a single hostapd process).
okc=1
mobility_domain=1234
reassociation_deadline=60000
r0kh=12:00:00:00:00:01 dummy1 000102030405060708090a0b0c0d0e0f
r0kh=12:00:00:00:00:02 dummy2 000102030405060708090a0b0c0d0e0f
r0kh=12:00:00:00:00:03 dummy3 000102030405060708090a0b0c0d0e0f
r1kh=12:00:00:00:00:01 12:00:00:00:00:01 000102030405060708090a0b0c0d0e0f
r1kh=12:00:00:00:00:02 12:00:00:00:00:02 000102030405060708090a0b0c0d0e0f
r1kh=12:00:00:00:00:03 12:00:00:00:00:03 000102030405060708090a0b0c0d0e0f
# Push mode only needed for 8021x, not PSK mode since msk already known
pmk_r1_push=0
# Allow locally generated FT response so we don't have to configure push/pull
# between BSSes running as separate hostapd processes as in the test-runner
# case. Only works with FT-PSK, otherwise brctl needs to be installed and
# CONFIG_BRIDGE enabled in the kernel.
#ft_psk_generate_local=1
ft_over_ds=1
ap_table_expiration_time=36000
ap_table_max_size=10
rrm_neighbor_report=1

View File

@ -0,0 +1,38 @@
hw_mode=g
channel=1
ssid=TestFT
utf8_ssid=1
ctrl_interface=/var/run/hostapd
r1_key_holder=120000000001
nas_identifier=dummy1
wpa=2
# Can support SAE and FT-SAE (space separated list) and/or EAP at the same
# time but we want to force FT
wpa_key_mgmt=FT-SAE
sae_password=EasilyGuessedPassword|mac=ff:ff:ff:ff:ff:ff
wpa_pairwise=CCMP
wpa_ptk_rekey=30
wpa_group_rekey=80
ieee80211w=1
rsn_preauth=1
rsn_preauth_interfaces=lo
disable_pmksa_caching=0
# Allow PMK cache to be shared opportunistically among configured interfaces
# and BSSes (i.e., all configurations within a single hostapd process).
okc=1
mobility_domain=1234
reassociation_deadline=60000
r0kh=12:00:00:00:00:01 dummy1 000102030405060708090a0b0c0d0e0f
r0kh=12:00:00:00:00:02 dummy2 000102030405060708090a0b0c0d0e0f
r0kh=12:00:00:00:00:03 dummy3 000102030405060708090a0b0c0d0e0f
r1kh=12:00:00:00:00:01 12:00:00:00:00:01 000102030405060708090a0b0c0d0e0f
r1kh=12:00:00:00:00:02 12:00:00:00:00:02 000102030405060708090a0b0c0d0e0f
r1kh=12:00:00:00:00:03 12:00:00:00:00:03 000102030405060708090a0b0c0d0e0f
# Push mode only needed for 8021x, not PSK mode since msk already known
pmk_r1_push=0
ft_over_ds=1
ap_table_expiration_time=36000
ap_table_max_size=10
rrm_neighbor_report=1

View File

@ -0,0 +1,38 @@
hw_mode=g
channel=2
ssid=TestFT
utf8_ssid=1
ctrl_interface=/var/run/hostapd
r1_key_holder=120000000002
nas_identifier=dummy2
wpa=2
# Can support SAE and FT-SAE (space separated list) and/or EAP at the same
# time but we want to force FT
wpa_key_mgmt=FT-SAE
sae_password=EasilyGuessedPassword|mac=ff:ff:ff:ff:ff:ff
wpa_pairwise=CCMP
wpa_ptk_rekey=30
wpa_group_rekey=80
ieee80211w=1
rsn_preauth=1
rsn_preauth_interfaces=lo
disable_pmksa_caching=0
# Allow PMK cache to be shared opportunistically among configured interfaces
# and BSSes (i.e., all configurations within a single hostapd process).
okc=1
mobility_domain=1234
reassociation_deadline=60000
r0kh=12:00:00:00:00:01 dummy1 000102030405060708090a0b0c0d0e0f
r0kh=12:00:00:00:00:02 dummy2 000102030405060708090a0b0c0d0e0f
r0kh=12:00:00:00:00:03 dummy3 000102030405060708090a0b0c0d0e0f
r1kh=12:00:00:00:00:01 12:00:00:00:00:01 000102030405060708090a0b0c0d0e0f
r1kh=12:00:00:00:00:02 12:00:00:00:00:02 000102030405060708090a0b0c0d0e0f
r1kh=12:00:00:00:00:03 12:00:00:00:00:03 000102030405060708090a0b0c0d0e0f
# Push mode only needed for 8021x, not PSK mode since msk already known
pmk_r1_push=0
ft_over_ds=1
ap_table_expiration_time=36000
ap_table_max_size=10
rrm_neighbor_report=1

View File

@ -0,0 +1,8 @@
[SETUP]
num_radios=4
max_test_exec_interval_sec=120
[HOSTAPD]
rad0=ft-sae-1.conf
rad1=ft-sae-2.conf
rad2=ft-psk-3.conf

View File

@ -0,0 +1,217 @@
#! /usr/bin/python3
import unittest
import sys, os
sys.path.append('../util')
import iwd
from iwd import IWD
from iwd import PSKAgent
from iwd import NetworkType
from hwsim import Hwsim
from hostapd import HostapdCLI
from wiphy import wiphy_map
import testutil
class Test(unittest.TestCase):
def test_roam_success(self):
hwsim = Hwsim()
rule0 = hwsim.rules.create()
rule0.source = self.bss_radio[0].addresses[0]
rule0.bidirectional = True
rule1 = hwsim.rules.create()
rule1.source = self.bss_radio[1].addresses[0]
rule1.bidirectional = True
rule2 = hwsim.rules.create()
rule2.source = self.bss_radio[2].addresses[0]
rule2.bidirectional = True
wd = IWD()
psk_agent = PSKAgent("EasilyGuessedPassword")
wd.register_psk_agent(psk_agent)
device = wd.list_devices(1)[0]
# Check that iwd selects BSS 0 first
rule0.signal = -2000
rule1.signal = -2500
rule2.signal = -3000
condition = 'not obj.scanning'
wd.wait_for_object_condition(device, condition)
device.scan()
condition = 'obj.scanning'
wd.wait_for_object_condition(device, condition)
condition = 'not obj.scanning'
wd.wait_for_object_condition(device, condition)
ordered_networks = device.get_ordered_networks()
self.assertEqual(len(ordered_networks), 1)
ordered_network = ordered_networks[0]
self.assertEqual(ordered_network.name, "TestFT")
self.assertEqual(ordered_network.type, NetworkType.psk)
self.assertEqual(ordered_network.signal_strength, -2000)
condition = 'not obj.connected'
wd.wait_for_object_condition(ordered_network.network_object, condition)
self.assertFalse(self.bss_hostapd[0].list_sta())
self.assertFalse(self.bss_hostapd[1].list_sta())
ordered_network.network_object.connect()
condition = 'obj.connected'
wd.wait_for_object_condition(ordered_network.network_object, condition)
self.assertTrue(self.bss_hostapd[0].list_sta())
self.assertFalse(self.bss_hostapd[1].list_sta())
wd.unregister_psk_agent(psk_agent)
testutil.test_iface_operstate(device.name)
testutil.test_ifaces_connected(self.bss_hostapd[0].ifname, device.name)
self.assertRaises(Exception, testutil.test_ifaces_connected,
(self.bss_hostapd[1].ifname, device.name))
# Check that iwd starts transition to BSS 1 in less than 10 seconds.
# The 10 seconds is longer than needed to scan on just two channels
# but short enough that a full scan on the 2.4 + 5.8 bands supported
# by mac80211_hwsim will not finish. If this times out then, but
# device_roam_trigger_cb has happened, it probably means that
# Neighbor Reports are broken.
rule0.signal = -8000
condition = 'obj.state == DeviceState.roaming'
wd.wait_for_object_condition(device, condition, 10)
# Check that iwd is on BSS 1 once out of roaming state and doesn't
# go through 'disconnected', 'autoconnect', 'connecting' in between
condition = 'obj.state != DeviceState.roaming'
wd.wait_for_object_condition(device, condition, 5)
rule1.signal = -2000
# wait for IWD's signal levels to recover
wd.wait(5)
self.assertEqual(device.state, iwd.DeviceState.connected)
self.assertTrue(self.bss_hostapd[1].list_sta())
testutil.test_iface_operstate(device.name)
testutil.test_ifaces_connected(self.bss_hostapd[1].ifname, device.name)
self.assertRaises(Exception, testutil.test_ifaces_connected,
(self.bss_hostapd[0].ifname, device.name))
# test FT-PSK after FT-SAE
rule1.signal = -8000
rule0.signal = -8000
rule2.signal = -1000
condition = 'obj.state == DeviceState.roaming'
wd.wait_for_object_condition(device, condition, 15)
condition = 'obj.state != DeviceState.roaming'
wd.wait_for_object_condition(device, condition, 5)
self.assertEqual(device.state, iwd.DeviceState.connected)
self.assertTrue(self.bss_hostapd[2].list_sta())
testutil.test_iface_operstate(device.name)
testutil.test_ifaces_connected(self.bss_hostapd[2].ifname, device.name)
self.assertRaises(Exception, testutil.test_ifaces_connected,
(self.bss_hostapd[1].ifname, device.name))
def tearDown(self):
os.system('ifconfig "' + self.bss_hostapd[0].ifname + '" down')
os.system('ifconfig "' + self.bss_hostapd[1].ifname + '" down')
os.system('ifconfig "' + self.bss_hostapd[2].ifname + '" down')
os.system('ifconfig "' + self.bss_hostapd[0].ifname + '" up')
os.system('ifconfig "' + self.bss_hostapd[1].ifname + '" up')
os.system('ifconfig "' + self.bss_hostapd[2].ifname + '" up')
hwsim = Hwsim()
wd = IWD()
device = wd.list_devices(1)[0]
try:
device.disconnect()
except:
pass
condition = 'obj.state == DeviceState.disconnected'
wd.wait_for_object_condition(device, condition)
for rule in list(hwsim.rules.keys()):
del hwsim.rules[rule]
@classmethod
def setUpClass(cls):
hwsim = Hwsim()
cls.bss_hostapd = [None, None, None]
cls.bss_radio = [None, None, None]
for wname in wiphy_map:
wiphy = wiphy_map[wname]
intf = list(wiphy.values())[0]
if intf.config and '1' in intf.config:
bss_idx = 0
elif intf.config and '2' in intf.config:
bss_idx = 1
elif intf.config and '3' in intf.config:
bss_idx = 2
else:
continue
for path in hwsim.radios:
radio = hwsim.radios[path]
if radio.name == wname:
break
cls.bss_hostapd[bss_idx] = HostapdCLI(intf)
cls.bss_radio[bss_idx] = radio
# Set interface addresses to those expected by hostapd config files
os.system('ifconfig "' + cls.bss_hostapd[0].ifname +
'" down hw ether 12:00:00:00:00:01 up')
os.system('ifconfig "' + cls.bss_hostapd[1].ifname +
'" down hw ether 12:00:00:00:00:02 up')
os.system('ifconfig "' + cls.bss_hostapd[2].ifname +
'" down hw ether 12:00:00:00:00:03 up')
cls.bss_hostapd[0].reload()
cls.bss_hostapd[1].reload()
cls.bss_hostapd[2].reload()
# Fill in the neighbor AP tables in both BSSes. By default each
# instance knows only about current BSS, even inside one hostapd
# process.
# FT still works without the neighbor AP table but neighbor reports
# have to be disabled in the .conf files
cls.bss_hostapd[0].set_neighbor('12:00:00:00:00:02', 'TestFT',
'1200000000028f0000005102060603000000')
cls.bss_hostapd[0].set_neighbor('12:00:00:00:00:03', 'TestFT',
'1200000000038f0000005102060603000000')
cls.bss_hostapd[1].set_neighbor('12:00:00:00:00:01', 'TestFT',
'1200000000018f0000005101060603000000')
cls.bss_hostapd[1].set_neighbor('12:00:00:00:00:03', 'TestFT',
'1200000000038f0000005101060603000000')
cls.bss_hostapd[2].set_neighbor('12:00:00:00:00:01', 'TestFT',
'1200000000018f0000005101060603000000')
cls.bss_hostapd[2].set_neighbor('12:00:00:00:00:02', 'TestFT',
'1200000000028f0000005101060603000000')
@classmethod
def tearDownClass(cls):
IWD.clear_storage()
if __name__ == '__main__':
unittest.main(exit=True)