Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2025-02-21 03:23:04 -05:00
Code Issues Projects Releases Wiki Activity

tests: Verify multi-cred sp_priority use

Browse Source 
test_ap_hs20_multi_cred_sp_prio verifies that two credentials
provisioned by a single SP are selected properly based on sp_priority
when a single BSS matches both credentials.
test_ap_hs20_multi_cred_sp_prio2 does the same when there a separate BSS
for each credential.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2013-10-29 19:46:38 +02:00 committed by Jouni Malinen
parent b61e70c4f3
commit 078683ac2b
2 changed files with 91 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
tests/hwsim/test_ap_hs20.py
View File

@ -80,7 +80,9 @@ def hlr_auc_gw_available():
def interworking_ext_sim_connect(dev, bssid, method): def interworking_ext_sim_connect(dev, bssid, method):
dev.request("INTERWORKING_CONNECT " + bssid) dev.request("INTERWORKING_CONNECT " + bssid)
interworking_ext_sim_auth(dev, method)
def interworking_ext_sim_auth(dev, method):
ev = dev.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout=15) ev = dev.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout=15)
if ev is None: if ev is None:
raise Exception("Network connected timed out") raise Exception("Network connected timed out")
@ -111,7 +113,9 @@ def interworking_ext_sim_connect(dev, bssid, method):
def interworking_connect(dev, bssid, method): def interworking_connect(dev, bssid, method):
dev.request("INTERWORKING_CONNECT " + bssid) dev.request("INTERWORKING_CONNECT " + bssid)
interworking_auth(dev, method)
def interworking_auth(dev, method):
ev = dev.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout=15) ev = dev.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout=15)
if ev is None: if ev is None:
raise Exception("Network connected timed out") raise Exception("Network connected timed out")
@ -827,3 +831,88 @@ def test_ap_hs20_domain_suffix_match(dev, apdev):
raise Exception("TLS certificate error not reported") raise Exception("TLS certificate error not reported")
if "Domain suffix mismatch" not in ev: if "Domain suffix mismatch" not in ev:
raise Exception("Domain suffix mismatch not reported") raise Exception("Domain suffix mismatch not reported")
def test_ap_hs20_multi_cred_sp_prio(dev, apdev):
"""Hotspot 2.0 multi-cred sp_priority"""
if not hlr_auc_gw_available():
return "skip"
bssid = apdev[0]['bssid']
params = hs20_ap_params()
params['hessid'] = bssid
del params['domain_name']
params['anqp_3gpp_cell_net'] = "232,01"
hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].hs20_enable()
dev[0].request("SET external_sim 1")
id1 = dev[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
'provisioning_sp': "example.com",
'sp_priority' :"1" })
id2 = dev[0].add_cred_values({ 'realm': "example.com",
'username': "hs20-test",
'password': "password",
'domain': "example.com",
'provisioning_sp': "example.com",
'sp_priority': "2" })
dev[0].dump_monitor()
dev[0].request("INTERWORKING_SELECT auto")
interworking_ext_sim_auth(dev[0], "SIM")
check_sp_type(dev[0], "unknown")
dev[0].request("REMOVE_NETWORK all")
dev[0].set_cred(id1, "sp_priority", "2")
dev[0].set_cred(id2, "sp_priority", "1")
dev[0].dump_monitor()
dev[0].request("INTERWORKING_SELECT auto")
interworking_auth(dev[0], "TTLS")
check_sp_type(dev[0], "unknown")
def test_ap_hs20_multi_cred_sp_prio2(dev, apdev):
"""Hotspot 2.0 multi-cred sp_priority with two BSSes"""
if not hlr_auc_gw_available():
return "skip"
bssid = apdev[0]['bssid']
params = hs20_ap_params()
params['hessid'] = bssid
del params['nai_realm']
del params['domain_name']
params['anqp_3gpp_cell_net'] = "232,01"
hostapd.add_ap(apdev[0]['ifname'], params)
bssid2 = apdev[1]['bssid']
params = hs20_ap_params()
params['ssid'] = "test-hs20-other"
params['hessid'] = bssid2
del params['domain_name']
del params['anqp_3gpp_cell_net']
hostapd.add_ap(apdev[1]['ifname'], params)
dev[0].hs20_enable()
dev[0].request("SET external_sim 1")
id1 = dev[0].add_cred_values({ 'imsi': "23201-0000000000", 'eap': "SIM",
'provisioning_sp': "example.com",
'sp_priority': "1" })
id2 = dev[0].add_cred_values({ 'realm': "example.com",
'username': "hs20-test",
'password': "password",
'domain': "example.com",
'provisioning_sp': "example.com",
'sp_priority': "2" })
dev[0].dump_monitor()
dev[0].request("INTERWORKING_SELECT auto")
interworking_ext_sim_auth(dev[0], "SIM")
check_sp_type(dev[0], "unknown")
conn_bssid = dev[0].get_status_field("bssid")
if conn_bssid != bssid:
raise Exception("Connected to incorrect BSS")
dev[0].request("REMOVE_NETWORK all")
dev[0].set_cred(id1, "sp_priority", "2")
dev[0].set_cred(id2, "sp_priority", "1")
dev[0].dump_monitor()
dev[0].request("INTERWORKING_SELECT auto")
interworking_auth(dev[0], "TTLS")
check_sp_type(dev[0], "unknown")
conn_bssid = dev[0].get_status_field("bssid")
if conn_bssid != bssid2:
raise Exception("Connected to incorrect BSS")

4
tests/hwsim/wpasupplicant.py
View File

@ -209,13 +209,13 @@ class WpaSupplicant:
quoted = [ "realm", "username", "password", "domain", "imsi", quoted = [ "realm", "username", "password", "domain", "imsi",
"excluded_ssid", "milenage", "ca_cert", "client_cert", "excluded_ssid", "milenage", "ca_cert", "client_cert",
"private_key", "domain_suffix_match" ] "private_key", "domain_suffix_match", "provisioning_sp" ]
for field in quoted: for field in quoted:
if field in params: if field in params:
self.set_cred_quoted(id, field, params[field]) self.set_cred_quoted(id, field, params[field])
not_quoted = [ "eap", "roaming_consortium", not_quoted = [ "eap", "roaming_consortium",
"required_roaming_consortium" ] "required_roaming_consortium", "sp_priority" ]
for field in not_quoted: for field in not_quoted:
if field in params: if field in params:
self.set_cred(id, field, params[field]) self.set_cred(id, field, params[field])