diff --git a/tests/hwsim/test_ap_ft.py b/tests/hwsim/test_ap_ft.py index 3980b4c84..e791ed345 100644 --- a/tests/hwsim/test_ap_ft.py +++ b/tests/hwsim/test_ap_ft.py @@ -1,5 +1,5 @@ # Fast BSS Transition tests -# Copyright (c) 2013-2019, Jouni Malinen +# Copyright (c) 2013-2024, Jouni Malinen # # This software may be distributed under the terms of the BSD license. # See README for more details. @@ -13,6 +13,7 @@ logger = logging.getLogger() import signal import struct import subprocess +import tempfile import hwsim_utils from hwsim import HWSimRadio @@ -3682,3 +3683,67 @@ def test_ap_ft_diff_mobility_domain_over_ds(dev, apdev): dev[0].scan_for_bss(dst, freq="2412") if "FAIL" not in dev[0].request("FT_DS " + dst): raise Exception("FT_DS to another mobility domain accepted") + +def test_ap_ft_eap_dynamic_rxkhs(dev, apdev): + """FT with dynamic RxKHs configuration""" + fd1, fn1 = tempfile.mkstemp() + fd2, fn2 = tempfile.mkstemp() + try: + f1 = os.fdopen(fd1, 'w') + f2 = os.fdopen(fd2, 'w') + run_ap_ft_eap_dynamic_rxkhs(dev, apdev, f1, fn1, f2, fn2) + finally: + os.unlink(fn1) + os.unlink(fn2) + +def run_ap_ft_eap_dynamic_rxkhs(dev, apdev, f1, fn1, f2, fn2): + ssid = "test-ft" + passphrase = "12345678" + + bssid0 = apdev[0]['bssid'] + bssid1 = apdev[1]['bssid'] + + radius = hostapd.radius_params() + + f1.write('r0kh=' + bssid1 + ' nas2.w1.fi 300102030405060708090a0b0c0d0e0f300102030405060708090a0b0c0d0e0f\n') + f1.write('r1kh=' + bssid1 + ' 00:01:02:03:04:06 200102030405060708090a0b0c0d0e0f200102030405060708090a0b0c0d0e0f\n') + f1.close() + + params = ft_params1a(rsn=True, ssid=ssid, passphrase=passphrase) + params["ieee80211w"] = "2" + params['wpa_key_mgmt'] = "FT-EAP" + params["ieee8021x"] = "1" + params["rxkh_file"] = fn1 + params = dict(list(radius.items()) + list(params.items())) + hapd0 = hostapd.add_ap(apdev[0], params) + + if len(hapd0.request("GET_RXKHS").splitlines()) != 2: + raise Exception("Unexpected number of RxKHs (AP0)") + + params = ft_params2a(rsn=True, ssid=ssid, passphrase=passphrase) + params["ieee80211w"] = "2" + params['wpa_key_mgmt'] = "FT-EAP" + params["ieee8021x"] = "1" + params["rxkh_file"] = fn2 + params = dict(list(radius.items()) + list(params.items())) + hapd1 = hostapd.add_ap(apdev[1], params) + + if len(hapd1.request("GET_RXKHS").splitlines()) != 0: + raise Exception("Unexpected number of RxKHs (AP1a)") + + bssid = run_roams(dev[1], apdev, hapd0, hapd1, ssid, passphrase, eap=True, + return_after_initial=True) + # This roam attempt fails since the APs did not yet have matching RxKH + # configuration. + dev[1].roam(bssid, check_bssid=False) + + f2.write('r0kh=' + bssid0 + ' nas1.w1.fi 200102030405060708090a0b0c0d0e0f200102030405060708090a0b0c0d0e0f\n') + f2.write('r1kh=' + bssid0 + ' 00:01:02:03:04:05 300102030405060708090a0b0c0d0e0f300102030405060708090a0b0c0d0e0f\n') + f2.close() + if "OK" not in hapd1.request("RELOAD_RXKHS"): + raise Exception("Failed to reload RxKHs") + + if len(hapd1.request("GET_RXKHS").splitlines()) != 2: + raise Exception("Unexpected number of RxKHs (AP1b)") + + run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, eap=True)