Testing functionality to allow EAPOL-Key Reserved field to be set
The new hostapd configuration parameter eapol_key_reserved_random=1 can be used for testing STA/Supplicant functionality to accept a random value in the Reserved field within EAPOL-Key frames. Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
parent
2e4c612dd2
commit
296104d35c
6 changed files with 22 additions and 0 deletions
|
@ -4613,6 +4613,8 @@ static int hostapd_config_fill(struct hostapd_config *conf,
|
||||||
return 1;
|
return 1;
|
||||||
} else if (os_strcmp(buf, "eapol_m3_no_encrypt") == 0) {
|
} else if (os_strcmp(buf, "eapol_m3_no_encrypt") == 0) {
|
||||||
bss->eapol_m3_no_encrypt = atoi(pos);
|
bss->eapol_m3_no_encrypt = atoi(pos);
|
||||||
|
} else if (os_strcmp(buf, "eapol_key_reserved_random") == 0) {
|
||||||
|
bss->eapol_key_reserved_random = atoi(pos);
|
||||||
} else if (os_strcmp(buf, "test_assoc_comeback_type") == 0) {
|
} else if (os_strcmp(buf, "test_assoc_comeback_type") == 0) {
|
||||||
bss->test_assoc_comeback_type = atoi(pos);
|
bss->test_assoc_comeback_type = atoi(pos);
|
||||||
} else if (os_strcmp(buf, "presp_elements") == 0) {
|
} else if (os_strcmp(buf, "presp_elements") == 0) {
|
||||||
|
|
|
@ -725,6 +725,7 @@ struct hostapd_bss_config {
|
||||||
struct wpabuf *eapol_m1_elements;
|
struct wpabuf *eapol_m1_elements;
|
||||||
struct wpabuf *eapol_m3_elements;
|
struct wpabuf *eapol_m3_elements;
|
||||||
bool eapol_m3_no_encrypt;
|
bool eapol_m3_no_encrypt;
|
||||||
|
bool eapol_key_reserved_random;
|
||||||
int test_assoc_comeback_type;
|
int test_assoc_comeback_type;
|
||||||
struct wpabuf *presp_elements;
|
struct wpabuf *presp_elements;
|
||||||
|
|
||||||
|
|
|
@ -2067,6 +2067,11 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
|
||||||
if (key_rsc)
|
if (key_rsc)
|
||||||
os_memcpy(key->key_rsc, key_rsc, WPA_KEY_RSC_LEN);
|
os_memcpy(key->key_rsc, key_rsc, WPA_KEY_RSC_LEN);
|
||||||
|
|
||||||
|
#ifdef CONFIG_TESTING_OPTIONS
|
||||||
|
if (conf->eapol_key_reserved_random)
|
||||||
|
random_get_bytes(key->key_id, sizeof(key->key_id));
|
||||||
|
#endif /* CONFIG_TESTING_OPTIONS */
|
||||||
|
|
||||||
if (kde && !encr) {
|
if (kde && !encr) {
|
||||||
os_memcpy(key_data, kde, kde_len);
|
os_memcpy(key_data, kde, kde_len);
|
||||||
WPA_PUT_BE16(key_mic + mic_len, kde_len);
|
WPA_PUT_BE16(key_mic + mic_len, kde_len);
|
||||||
|
|
|
@ -266,6 +266,7 @@ struct wpa_auth_config {
|
||||||
struct wpabuf *eapol_m1_elements;
|
struct wpabuf *eapol_m1_elements;
|
||||||
struct wpabuf *eapol_m3_elements;
|
struct wpabuf *eapol_m3_elements;
|
||||||
bool eapol_m3_no_encrypt;
|
bool eapol_m3_no_encrypt;
|
||||||
|
bool eapol_key_reserved_random;
|
||||||
#endif /* CONFIG_TESTING_OPTIONS */
|
#endif /* CONFIG_TESTING_OPTIONS */
|
||||||
unsigned int oci_freq_override_eapol_m3;
|
unsigned int oci_freq_override_eapol_m3;
|
||||||
unsigned int oci_freq_override_eapol_g1;
|
unsigned int oci_freq_override_eapol_g1;
|
||||||
|
|
|
@ -236,6 +236,7 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf,
|
||||||
if (conf->eapol_m3_elements)
|
if (conf->eapol_m3_elements)
|
||||||
wconf->eapol_m3_elements = wpabuf_dup(conf->eapol_m3_elements);
|
wconf->eapol_m3_elements = wpabuf_dup(conf->eapol_m3_elements);
|
||||||
wconf->eapol_m3_no_encrypt = conf->eapol_m3_no_encrypt;
|
wconf->eapol_m3_no_encrypt = conf->eapol_m3_no_encrypt;
|
||||||
|
wconf->eapol_key_reserved_random = conf->eapol_key_reserved_random;
|
||||||
#endif /* CONFIG_TESTING_OPTIONS */
|
#endif /* CONFIG_TESTING_OPTIONS */
|
||||||
#ifdef CONFIG_P2P
|
#ifdef CONFIG_P2P
|
||||||
os_memcpy(wconf->ip_addr_go, conf->ip_addr_go, 4);
|
os_memcpy(wconf->ip_addr_go, conf->ip_addr_go, 4);
|
||||||
|
|
|
@ -3273,3 +3273,15 @@ def test_sae_ssid_protection(dev, apdev):
|
||||||
|
|
||||||
if dev[0].get_status_field("ssid_verified") != "1":
|
if dev[0].get_status_field("ssid_verified") != "1":
|
||||||
raise Exception("ssid_verified=1 not in STATUS")
|
raise Exception("ssid_verified=1 not in STATUS")
|
||||||
|
|
||||||
|
def test_sae_eapol_key_reserved_random(dev, apdev):
|
||||||
|
"""SAE with EAPOL-Key Reserved field set to random value"""
|
||||||
|
check_sae_capab(dev[0])
|
||||||
|
params = hostapd.wpa2_params(ssid="test-sae", passphrase="12345678")
|
||||||
|
params['wpa_key_mgmt'] = 'SAE'
|
||||||
|
params['eapol_key_reserved_random'] = '1'
|
||||||
|
hapd = hostapd.add_ap(apdev[0], params)
|
||||||
|
|
||||||
|
dev[0].set("sae_groups", "")
|
||||||
|
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
|
||||||
|
scan_freq="2412")
|
||||||
|
|
Loading…
Reference in a new issue