From 09f96acb9d18c55ea7898d61775636199fe9dd20 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sun, 5 Jan 2020 21:20:00 +0200
Subject: [PATCH] tests: PSK/EAP without nl80211 control port

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 tests/hwsim/test_ap_eap.py | 17 +++++++++++++++++
 tests/hwsim/test_ap_psk.py | 24 ++++++++++++++++++++++++
 2 files changed, 41 insertions(+)

diff --git a/tests/hwsim/test_ap_eap.py b/tests/hwsim/test_ap_eap.py
index 1eef5b7d6..f502bf7a7 100644
--- a/tests/hwsim/test_ap_eap.py
+++ b/tests/hwsim/test_ap_eap.py
@@ -7250,3 +7250,20 @@ def test_ap_wpa2_eap_tls_tod_tofu(dev, apdev):
         raise Exception("TOD-TOFU policy not reported for server certificate")
     if tod1:
         raise Exception("TOD-TOFU policy unexpectedly reported for CA certificate")
+
+def test_ap_wpa2_eap_sake_no_control_port(dev, apdev):
+    """WPA2-Enterprise connection using EAP-SAKE without nl80211 control port"""
+    params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
+    params['driver_params'] = "control_port=0"
+    hapd = hostapd.add_ap(apdev[0], params)
+    wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
+    wpas.interface_add("wlan5", drv_params="control_port=0")
+    eap_connect(wpas, hapd, "SAKE", "sake user",
+                password_hex="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef")
+    eap_reauth(wpas, "SAKE")
+
+    logger.info("Negative test with incorrect password")
+    wpas.request("REMOVE_NETWORK all")
+    eap_connect(wpas, hapd, "SAKE", "sake user",
+                password_hex="ff23456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
+                expect_failure=True)
diff --git a/tests/hwsim/test_ap_psk.py b/tests/hwsim/test_ap_psk.py
index 472264c69..ac0fabc5d 100644
--- a/tests/hwsim/test_ap_psk.py
+++ b/tests/hwsim/test_ap_psk.py
@@ -3282,3 +3282,27 @@ def test_ap_wpa2_psk_inject_assoc(dev, apdev, params):
                      wait=False)
     if len(res) > 0:
         raise Exception("Unexpected frame from unauthorized STA seen")
+
+def test_ap_wpa2_psk_no_control_port(dev, apdev):
+    """WPA2-PSK AP without nl80211 control port"""
+    ssid = "test-wpa2-psk"
+    passphrase = 'qwertyuiop'
+    params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
+    params['driver_params'] = "control_port=0"
+    hapd = hostapd.add_ap(apdev[0], params)
+
+    wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
+    wpas.interface_add("wlan5", drv_params="control_port=0")
+    wpas.connect(ssid, psk=passphrase, scan_freq="2412")
+    hapd.wait_sta()
+    hwsim_utils.test_connectivity(wpas, hapd)
+    if "OK" not in wpas.request("KEY_REQUEST 0 1"):
+        raise Exception("KEY_REQUEST failed")
+    ev = wpas.wait_event(["WPA: Key negotiation completed"])
+    if ev is None:
+        raise Exception("PTK rekey timed out")
+    hapd.wait_ptkinitdone(wpas.own_addr())
+    hwsim_utils.test_connectivity(wpas, hapd)
+    wpas.request("DISCONNECT")
+    wpas.wait_disconnected()
+    wpas.dump_monitor()