From 981892470a7566ff6116f7f446b25388db4f9080 Mon Sep 17 00:00:00 2001 From: James Prestwood Date: Fri, 1 Mar 2019 10:55:05 -0800 Subject: [PATCH] auto-t: test for temporary blacklist The simplest way to test this was to create a new AP, where max_num_sta=1. This only allows a single STA to connect to this AP. We connect a device to this AP, then try and connect with another. This results in hostapd failing with DENIED_NO_MORE_STAS, which will cause a temporary blacklist. We can then disconnect both devices, and reconnect the device that previously got denied. If it connects then we know the blacklist only persisted for that earlier connection. --- .../testBSSBlacklist/all_blacklisted_test.py | 12 +- autotests/testBSSBlacklist/bad_pass_test.py | 11 +- autotests/testBSSBlacklist/connection_test.py | 11 +- autotests/testBSSBlacklist/hw.conf | 3 +- autotests/testBSSBlacklist/main.conf | 3 + autotests/testBSSBlacklist/ssid3.conf | 12 ++ .../testBSSBlacklist/temp_blacklist_test.py | 151 ++++++++++++++++++ 7 files changed, 196 insertions(+), 7 deletions(-) create mode 100644 autotests/testBSSBlacklist/ssid3.conf create mode 100644 autotests/testBSSBlacklist/temp_blacklist_test.py diff --git a/autotests/testBSSBlacklist/all_blacklisted_test.py b/autotests/testBSSBlacklist/all_blacklisted_test.py index 9b2c5555..1dcdecf1 100644 --- a/autotests/testBSSBlacklist/all_blacklisted_test.py +++ b/autotests/testBSSBlacklist/all_blacklisted_test.py @@ -22,8 +22,8 @@ class Test(unittest.TestCase): def test_connection_success(self): hwsim = Hwsim() - bss_radio = [None, None] - bss_hostapd = [None, None] + bss_radio = [None, None, None] + bss_hostapd = [None, None, None] for wname in wiphy_map: wiphy = wiphy_map[wname] @@ -33,6 +33,8 @@ class Test(unittest.TestCase): bss_idx = 0 elif intf.config and '2' in intf.config: bss_idx = 1 + elif intf.config and '3' in intf.config: + bss_idx = 2 else: continue @@ -54,6 +56,11 @@ class Test(unittest.TestCase): rule1.bidirectional = True rule1.signal = -8000 + rule2 = hwsim.rules.create() + rule2.source = bss_radio[2].addresses[0] + rule2.bidirectional = True + rule2.signal = -10000 + wd = IWD(True) psk_agent = PSKAgent(["secret123", 'secret123']) @@ -80,6 +87,7 @@ class Test(unittest.TestCase): # Have both APs drop all packets, both should get blacklisted rule0.drop = True rule1.drop = True + rule2.drop = True with self.assertRaises(iwd.FailedEx): ordered_network.network_object.connect() diff --git a/autotests/testBSSBlacklist/bad_pass_test.py b/autotests/testBSSBlacklist/bad_pass_test.py index 6194c8c6..fa4399a0 100644 --- a/autotests/testBSSBlacklist/bad_pass_test.py +++ b/autotests/testBSSBlacklist/bad_pass_test.py @@ -22,8 +22,8 @@ class Test(unittest.TestCase): def test_connection_success(self): hwsim = Hwsim() - bss_radio = [None, None] - bss_hostapd = [None, None] + bss_radio = [None, None, None] + bss_hostapd = [None, None, None] for wname in wiphy_map: wiphy = wiphy_map[wname] @@ -33,6 +33,8 @@ class Test(unittest.TestCase): bss_idx = 0 elif intf.config and '2' in intf.config: bss_idx = 1 + elif intf.config and '3' in intf.config: + bss_idx = 2 else: continue @@ -54,6 +56,11 @@ class Test(unittest.TestCase): rule1.bidirectional = True rule1.signal = -8000 + rule2 = hwsim.rules.create() + rule2.source = bss_radio[2].addresses[0] + rule2.bidirectional = True + rule2.signal = -10000 + wd = IWD(True, '/tmp') psk_agent = PSKAgent("wrong_password") diff --git a/autotests/testBSSBlacklist/connection_test.py b/autotests/testBSSBlacklist/connection_test.py index 113faa79..761f057a 100644 --- a/autotests/testBSSBlacklist/connection_test.py +++ b/autotests/testBSSBlacklist/connection_test.py @@ -22,8 +22,8 @@ class Test(unittest.TestCase): def test_connection_success(self): hwsim = Hwsim() - bss_radio = [None, None] - bss_hostapd = [None, None] + bss_radio = [None, None, None] + bss_hostapd = [None, None, None] for wname in wiphy_map: wiphy = wiphy_map[wname] @@ -33,6 +33,8 @@ class Test(unittest.TestCase): bss_idx = 0 elif intf.config and '2' in intf.config: bss_idx = 1 + elif intf.config and '3' in intf.config: + bss_idx = 2 else: continue @@ -54,6 +56,11 @@ class Test(unittest.TestCase): rule1.bidirectional = True rule1.signal = -8000 + rule2 = hwsim.rules.create() + rule2.source = bss_radio[2].addresses[0] + rule2.bidirectional = True + rule2.signal = -10000 + wd = IWD(True, '/tmp') psk_agent = PSKAgent("secret123") diff --git a/autotests/testBSSBlacklist/hw.conf b/autotests/testBSSBlacklist/hw.conf index 61aeb16e..60b147da 100644 --- a/autotests/testBSSBlacklist/hw.conf +++ b/autotests/testBSSBlacklist/hw.conf @@ -1,5 +1,5 @@ [SETUP] -num_radios=3 +num_radios=5 tmpfs_extra_stuff=main.conf max_test_exec_interval_sec=45 start_iwd=0 @@ -7,3 +7,4 @@ start_iwd=0 [HOSTAPD] rad0=ssid1.conf rad1=ssid2.conf +rad2=ssid3.conf diff --git a/autotests/testBSSBlacklist/main.conf b/autotests/testBSSBlacklist/main.conf index 302d9837..48c496ce 100644 --- a/autotests/testBSSBlacklist/main.conf +++ b/autotests/testBSSBlacklist/main.conf @@ -1,2 +1,5 @@ [Blacklist] bss_blacklist_time=10 + +[Scan] +disable_mac_randomization=true diff --git a/autotests/testBSSBlacklist/ssid3.conf b/autotests/testBSSBlacklist/ssid3.conf new file mode 100644 index 00000000..c352d781 --- /dev/null +++ b/autotests/testBSSBlacklist/ssid3.conf @@ -0,0 +1,12 @@ +hw_mode=g +channel=1 +ssid=TestBlacklist + +wpa=2 +wpa_pairwise=CCMP +wpa_passphrase=secret123 + +ctrl_interface=/var/run/hostapd + +rrm_neighbor_report=1 +max_num_sta=1 \ No newline at end of file diff --git a/autotests/testBSSBlacklist/temp_blacklist_test.py b/autotests/testBSSBlacklist/temp_blacklist_test.py new file mode 100644 index 00000000..51e33b77 --- /dev/null +++ b/autotests/testBSSBlacklist/temp_blacklist_test.py @@ -0,0 +1,151 @@ +#!/usr/bin/python3 + +import unittest +import sys + +sys.path.append('../util') +import iwd +from iwd import IWD +from iwd import PSKAgent +from iwd import NetworkType + +from hostapd import HostapdCLI +from hostapd import hostapd_map + +from wiphy import wiphy_map +from hwsim import Hwsim + +import time + +class Test(unittest.TestCase): + + def test_connection_success(self): + hwsim = Hwsim() + + bss_radio = [None, None, None] + bss_hostapd = [None, None, None] + + for wname in wiphy_map: + wiphy = wiphy_map[wname] + intf = list(wiphy.values())[0] + + if intf.config and '1' in intf.config: + bss_idx = 0 + elif intf.config and '2' in intf.config: + bss_idx = 1 + elif intf.config and '3' in intf.config: + bss_idx = 2 + else: + continue + + for path in hwsim.radios: + radio = hwsim.radios[path] + if radio.name == wname: + break + + bss_radio[bss_idx] = radio + bss_hostapd[bss_idx] = HostapdCLI(intf) + + rule0 = hwsim.rules.create() + rule0.source = bss_radio[0].addresses[0] + rule0.bidirectional = True + rule0.signal = -8000 + + rule1 = hwsim.rules.create() + rule1.source = bss_radio[1].addresses[0] + rule1.bidirectional = True + rule1.signal = -2500 + + rule2 = hwsim.rules.create() + rule2.source = bss_radio[2].addresses[0] + rule2.bidirectional = True + rule2.signal = -2000 + + wd = IWD(True, '/tmp') + + psk_agent = PSKAgent("secret123") + wd.register_psk_agent(psk_agent) + + dev1, dev2 = wd.list_devices(2) + + condition = 'not obj.scanning' + wd.wait_for_object_condition(dev1, condition) + + dev1.scan() + + condition = 'not obj.scanning' + wd.wait_for_object_condition(dev1, condition) + + ordered_network = dev1.get_ordered_network("TestBlacklist") + + self.assertEqual(ordered_network.type, NetworkType.psk) + + condition = 'not obj.connected' + wd.wait_for_object_condition(ordered_network.network_object, condition) + + ordered_network.network_object.connect() + + self.assertIn(dev1.address, bss_hostapd[2].list_sta()) + + # dev1 now connected, this should max out the first AP, causing the next + # connection to fail to this AP. + + condition = 'not obj.scanning' + wd.wait_for_object_condition(dev2, condition) + + dev2.scan() + + condition = 'not obj.scanning' + wd.wait_for_object_condition(dev2, condition) + + ordered_network = dev2.get_ordered_network("TestBlacklist") + + self.assertEqual(ordered_network.type, NetworkType.psk) + + condition = 'not obj.connected' + wd.wait_for_object_condition(ordered_network.network_object, condition) + + ordered_network.network_object.connect() + + # We should have temporarily blacklisted the first BSS, and connected + # to this one. + self.assertIn(dev2.address, bss_hostapd[1].list_sta()) + + # Now check that the first BSS is still not blacklisted. We can + # disconnect dev1, opening up the AP for more connections + dev1.disconnect() + dev2.disconnect() + + condition = 'not obj.scanning' + wd.wait_for_object_condition(dev2, condition) + + dev2.scan() + + condition = 'not obj.scanning' + wd.wait_for_object_condition(dev2, condition) + + ordered_network = dev2.get_ordered_network("TestBlacklist") + + self.assertEqual(ordered_network.type, NetworkType.psk) + + condition = 'not obj.connected' + wd.wait_for_object_condition(ordered_network.network_object, condition) + + ordered_network.network_object.connect() + + self.assertIn(dev2.address, bss_hostapd[2].list_sta()) + + wd.unregister_psk_agent(psk_agent) + + del wd + + @classmethod + def setUpClass(cls): + IWD.copy_to_storage('main.conf') + + @classmethod + def tearDownClass(cls): + IWD.clear_storage() + +if __name__ == '__main__': + unittest.main(exit=True)