DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

tests: HS 2.0 deauthentication imminent with and without URL timing

Browse source 
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
Jouni Malinen 2022-11-21 22:57:51 +02:00 committed by Jouni Malinen
parent 34d93b0c9d
commit 22a5d615ba
2 changed files with 20 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
tests/hwsim/auth_serv/eap_user.conf
View file

@ -152,6 +152,10 @@ radius_accept_attr=56:x:32000011
"hs20-deauth-test" TTLS-MSCHAPV2 "password" [2] "hs20-deauth-test" TTLS-MSCHAPV2 "password" [2]
radius_accept_attr=26:x:00009f680405016400 radius_accept_attr=26:x:00009f680405016400
"hs20-deauth-test-url" TTLS-MSCHAPV2 "password" [2]
radius_accept_attr=26:x:00009f68042000000068747470733a2f2f6578616d706c652e636f6d2f6465617574682f
"hs20-subrem-test" TTLS-MSCHAPV2 "password" [2] "hs20-subrem-test" TTLS-MSCHAPV2 "password" [2]
radius_accept_attr=26:x:00009f6801170168747470733a2f2f6578616d706c652e636f6d2f radius_accept_attr=26:x:00009f6801170168747470733a2f2f6578616d706c652e636f6d2f

21
tests/hwsim/test_ap_hs20.py
View file

@ -2587,7 +2587,15 @@ def test_ap_hs20_deauth_req_from_radius(dev, apdev):
finally: finally:
dev[0].request("SET pmf 0") dev[0].request("SET pmf 0")
def _test_ap_hs20_deauth_req_from_radius(dev, apdev): def test_ap_hs20_deauth_req_from_radius_url(dev, apdev):
"""Hotspot 2.0 connection and deauthentication request from RADIUS with URL"""
check_eap_capa(dev[0], "MSCHAPV2")
try:
_test_ap_hs20_deauth_req_from_radius(dev, apdev, url=True)
finally:
dev[0].set("pmf", "0")
def _test_ap_hs20_deauth_req_from_radius(dev, apdev, url=False):
bssid = apdev[0]['bssid'] bssid = apdev[0]['bssid']
params = hs20_ap_params() params = hs20_ap_params()
params['nai_realm'] = ["0,example.com,21[2:4]"] params['nai_realm'] = ["0,example.com,21[2:4]"]
@ -2596,17 +2604,20 @@ def _test_ap_hs20_deauth_req_from_radius(dev, apdev):
dev[0].request("SET pmf 2") dev[0].request("SET pmf 2")
dev[0].hs20_enable() dev[0].hs20_enable()
user = "hs20-deauth-test-url" if url else "hs20-deauth-test"
dev[0].add_cred_values({'realm': "example.com", dev[0].add_cred_values({'realm': "example.com",
'username': "hs20-deauth-test", 'username': user,
'password': "password"}) 'password': "password"})
interworking_select(dev[0], bssid, freq="2412") interworking_select(dev[0], bssid, freq="2412")
interworking_connect(dev[0], bssid, "TTLS") interworking_connect(dev[0], bssid, "TTLS")
ev = dev[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"], timeout=5) ev = dev[0].wait_event(["HS20-DEAUTH-IMMINENT-NOTICE"], timeout=5)
if ev is None: if ev is None:
raise Exception("Timeout on deauth imminent notice") raise Exception("Timeout on deauth imminent notice")
if " 1 100" not in ev: if not url and ev.split(' ', 1)[1] != "1 100 ":
raise Exception("Unexpected deauth imminent contents") raise Exception("Unexpected deauth imminent contents: " + ev)
dev[0].wait_disconnected(timeout=3) if url and ev.split(' ', 1)[1] != "0 0 https://example.com/deauth/":
raise Exception("Unexpected deauth imminent contents: " + ev)
dev[0].wait_disconnected(timeout=3 if url else 1)
def test_ap_hs20_deauth_req_without_pmf(dev, apdev): def test_ap_hs20_deauth_req_without_pmf(dev, apdev):
"""Hotspot 2.0 connection and deauthentication request without PMF""" """Hotspot 2.0 connection and deauthentication request without PMF"""