@@ -181,7 +181,7 @@ class Test(unittest.TestCase):
cls.bss_hostapd = [ HostapdCLI(config='ft-psk-ccmp-1.conf'),
HostapdCLI(config='ft-psk-ccmp-2.conf') ]
rad0 = hwsim.get_radio('rad0')
- rad2 = hwsim.get_radio('rad2')
+ rad2 = hwsim.get_radio('rad3')
cls.rule0 = hwsim.rules.create()
cls.rule0.source = rad2.addresses[0]
@@ -26,8 +26,10 @@ mobility_domain=1234
reassociation_deadline=60000
r0kh=12:00:00:00:00:01 dummy1 000102030405060708090a0b0c0d0e0f
r0kh=12:00:00:00:00:02 dummy2 000102030405060708090a0b0c0d0e0f
+r0kh=12:00:00:00:00:03 dummy3 000102030405060708090a0b0c0d0e0f
r1kh=12:00:00:00:00:01 00:00:00:00:00:01 000102030405060708090a0b0c0d0e0f
r1kh=12:00:00:00:00:02 00:00:00:00:00:02 000102030405060708090a0b0c0d0e0f
+r1kh=12:00:00:00:00:03 00:00:00:00:00:03 000102030405060708090a0b0c0d0e0f
# Push mode only needed for 8021x, not PSK mode since msk already known
pmk_r1_push=0
# Allow locally generated FT response so we don't have to configure push/pull
@@ -26,8 +26,10 @@ mobility_domain=1234
reassociation_deadline=60000
r0kh=12:00:00:00:00:01 dummy1 000102030405060708090a0b0c0d0e0f
r0kh=12:00:00:00:00:02 dummy2 000102030405060708090a0b0c0d0e0f
+r0kh=12:00:00:00:00:03 dummy3 000102030405060708090a0b0c0d0e0f
r1kh=12:00:00:00:00:01 00:00:00:00:00:01 000102030405060708090a0b0c0d0e0f
r1kh=12:00:00:00:00:02 00:00:00:00:00:02 000102030405060708090a0b0c0d0e0f
+r1kh=12:00:00:00:00:03 00:00:00:00:00:03 000102030405060708090a0b0c0d0e0f
# Push mode only needed for 8021x, not PSK mode since msk already known
pmk_r1_push=0
# Allow locally generated FT response so we don't have to configure push/pull
new file mode 100644
@@ -0,0 +1,44 @@
+hw_mode=g
+channel=3
+op_class=81
+ssid=TestFT
+utf8_ssid=1
+ctrl_interface=/var/run/hostapd
+
+r1_key_holder=120000000003
+nas_identifier=dummy3
+
+wpa=2
+# Can support WPA-PSK and FT-PSK (space separated list) and/or EAP at the same
+# time but we want to force FT
+wpa_key_mgmt=FT-PSK
+wpa_pairwise=CCMP
+wpa_passphrase=EasilyGuessedPassword
+wpa_ptk_rekey=30
+wpa_group_rekey=80
+ieee80211w=1
+rsn_preauth=1
+rsn_preauth_interfaces=lo
+disable_pmksa_caching=0
+# Allow PMK cache to be shared opportunistically among configured interfaces
+# and BSSes (i.e., all configurations within a single hostapd process).
+okc=1
+mobility_domain=1234
+reassociation_deadline=60000
+r0kh=12:00:00:00:00:01 dummy1 000102030405060708090a0b0c0d0e0f
+r0kh=12:00:00:00:00:02 dummy2 000102030405060708090a0b0c0d0e0f
+r0kh=12:00:00:00:00:03 dummy3 000102030405060708090a0b0c0d0e0f
+r1kh=12:00:00:00:00:01 00:00:00:00:00:01 000102030405060708090a0b0c0d0e0f
+r1kh=12:00:00:00:00:02 00:00:00:00:00:02 000102030405060708090a0b0c0d0e0f
+r1kh=12:00:00:00:00:03 00:00:00:00:00:03 000102030405060708090a0b0c0d0e0f
+# Push mode only needed for 8021x, not PSK mode since msk already known
+pmk_r1_push=0
+# Allow locally generated FT response so we don't have to configure push/pull
+# between BSSes running as separate hostapd processes as in the test-runner
+# case. Only works with FT-PSK, otherwise brctl needs to be installed and
+# CONFIG_BRIDGE enabled in the kernel.
+ft_psk_generate_local=1
+ft_over_ds=0
+ap_table_expiration_time=36000
+ap_table_max_size=10
+rrm_neighbor_report=1
@@ -1,8 +1,9 @@
[SETUP]
-num_radios=3
+num_radios=4
start_iwd=0
hwsim_medium=yes
[HOSTAPD]
rad0=ft-psk-ccmp-1.conf
rad1=ft-psk-ccmp-2.conf
+rad2=ft-psk-ccmp-3.conf
new file mode 100644
@@ -0,0 +1,134 @@
+#! /usr/bin/python3
+
+import unittest
+import sys, os
+
+sys.path.append('../util')
+import iwd
+from iwd import IWD
+from iwd import PSKAgent
+from iwd import NetworkType
+from hwsim import Hwsim
+from hostapd import HostapdCLI
+import testutil
+
+class Test(unittest.TestCase):
+ def validate_connection(self, wd):
+ device = wd.list_devices(1)[0]
+
+ ordered_network = device.get_ordered_network('TestFT', full_scan=True)
+
+ self.assertEqual(ordered_network.type, NetworkType.psk)
+
+ condition = 'not obj.connected'
+ wd.wait_for_object_condition(ordered_network.network_object, condition)
+
+ self.assertFalse(self.bss_hostapd[0].list_sta())
+ self.assertFalse(self.bss_hostapd[1].list_sta())
+
+ device.connect_bssid(self.bss_hostapd[0].bssid)
+
+ condition = 'obj.state == DeviceState.connected'
+ wd.wait_for_object_condition(device, condition)
+
+ self.bss_hostapd[0].wait_for_event('AP-STA-CONNECTED %s' % device.address)
+
+ testutil.test_iface_operstate(device.name)
+ testutil.test_ifaces_connected(self.bss_hostapd[0].ifname, device.name)
+ self.assertRaises(Exception, testutil.test_ifaces_connected,
+ (self.bss_hostapd[1].ifname, device.name, True, True))
+
+ condition = 'obj.state == DeviceState.roaming'
+ wd.wait_for_object_condition(device, condition)
+
+ # Check that iwd is on BSS 1 once out of roaming state and doesn't
+ # go through 'disconnected', 'autoconnect', 'connecting' in between
+ from_condition = 'obj.state == DeviceState.roaming'
+ to_condition = 'obj.state == DeviceState.connected'
+ wd.wait_for_object_change(device, from_condition, to_condition)
+
+ self.bss_hostapd[1].wait_for_event('AP-STA-CONNECTED %s' % device.address)
+
+ testutil.test_iface_operstate(device.name)
+ testutil.test_ifaces_connected(self.bss_hostapd[1].ifname, device.name)
+ self.assertRaises(Exception, testutil.test_ifaces_connected,
+ (self.bss_hostapd[0].ifname, device.name, True, True))
+
+ self.bss_hostapd[1].deauthenticate(device.address)
+ condition = 'obj.state == DeviceState.disconnected'
+ wd.wait_for_object_condition(device, condition)
+
+ def test_ft_psk(self):
+ wd = IWD(True)
+
+ self.bss_hostapd[0].set_value('wpa_key_mgmt', 'FT-PSK')
+ self.bss_hostapd[0].set_value('ft_over_ds', '0')
+ self.bss_hostapd[0].set_value('ocv', '1')
+ self.bss_hostapd[0].reload()
+ self.bss_hostapd[0].wait_for_event("AP-ENABLED")
+
+ self.bss_hostapd[1].set_value('wpa_key_mgmt', 'FT-PSK')
+ self.bss_hostapd[1].set_value('ft_over_ds', '0')
+ self.bss_hostapd[1].set_value('ocv', '1')
+ self.bss_hostapd[1].reload()
+ self.bss_hostapd[1].wait_for_event("AP-ENABLED")
+
+ self.bss_hostapd[2].set_value('wpa_key_mgmt', 'FT-PSK')
+ self.bss_hostapd[2].set_value('ft_over_ds', '0')
+ self.bss_hostapd[2].set_value('ocv', '1')
+ self.bss_hostapd[2].reload()
+ self.bss_hostapd[2].wait_for_event("AP-ENABLED")
+
+ self.validate_connection(wd)
+
+ @classmethod
+ def setUpClass(cls):
+ hwsim = Hwsim()
+
+ IWD.copy_to_storage('TestFT.psk')
+
+ cls.bss_hostapd = [ HostapdCLI(config='ft-psk-ccmp-1.conf'),
+ HostapdCLI(config='ft-psk-ccmp-2.conf'),
+ HostapdCLI(config='ft-psk-ccmp-3.conf') ]
+
+ cls.bss_hostapd[0].set_address('12:00:00:00:00:01')
+ cls.bss_hostapd[1].set_address('12:00:00:00:00:02')
+ cls.bss_hostapd[2].set_address('12:00:00:00:00:03')
+
+ # Connect here first, worst candidate
+ cls.rule0 = hwsim.rules.create()
+ cls.rule0.source = hwsim.get_radio('rad0').addresses[0]
+ cls.rule0.bidirectional = True
+ cls.rule0.signal = -8500
+ cls.rule0.enabled = True
+
+ # Second best candidate, IWD should eventually get here after failing
+ # to connect to bss_hostapd[2]
+ cls.rule1 = hwsim.rules.create()
+ cls.rule1.source = hwsim.get_radio('rad1').addresses[0]
+ cls.rule1.bidirectional = True
+ cls.rule1.signal = -8000
+ cls.rule1.enabled = True
+
+ # Best candidate, IWD should try this first, fail (since auth is
+ # dropped), and move onto another candidate.
+ cls.rule2 = hwsim.rules.create()
+ cls.rule2.source = hwsim.get_radio('rad2').addresses[0]
+ cls.rule2.bidirectional = True
+ cls.rule2.signal = -2000
+ cls.rule2.prefix = 'b0'
+ cls.rule2.drop = True
+ cls.rule2.enabled = True
+
+ HostapdCLI.group_neighbors(*cls.bss_hostapd)
+
+ @classmethod
+ def tearDownClass(cls):
+ IWD.clear_storage()
+ cls.bss_hostapd = None
+ cls.rule0.enabled = False
+ cls.rule1.enabled = False
+ cls.rule2.enabled = False
+
+if __name__ == '__main__':
+ unittest.main(exit=True)