tests: PMKSA cache entry timeout based on Session-Timeout

This verifies that hostapd uses Session-Timeout value from Access-Accept
as the lifetime for the PMKSA cache entries and expires entries both
while the station is disconnected and during an association.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2014-10-04 19:38:55 +03:00
parent 47ea24c13d
commit 2cde175a93
2 changed files with 33 additions and 0 deletions

View File

@ -27,6 +27,9 @@ radius_accept_attr=25:x:00112233445566778899
radius_accept_attr=89:s:gpsk-chargeable-user-identity radius_accept_attr=89:s:gpsk-chargeable-user-identity
radius_accept_attr=25:x:00112233445566778899aa radius_accept_attr=25:x:00112233445566778899aa
"gpsk-user-session-timeout" GPSK "abcdefghijklmnop0123456789abcdef"
radius_accept_attr=27:d:3
"020000000000" MACACL "020000000000" "020000000000" MACACL "020000000000"
"0232010000000000@ttls" TTLS,AKA "0232010000000000@ttls" TTLS,AKA

View File

@ -427,3 +427,33 @@ def test_pmksa_cache_disabled(dev, apdev):
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=20) ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=20)
if ev is None: if ev is None:
raise Exception("Roaming with the AP timed out") raise Exception("Roaming with the AP timed out")
def test_pmksa_cache_ap_expiration(dev, apdev):
"""PMKSA cache entry expiring on AP"""
params = hostapd.wpa2_eap_params(ssid="test-pmksa-cache")
hostapd.add_ap(apdev[0]['ifname'], params)
bssid = apdev[0]['bssid']
dev[0].connect("test-pmksa-cache", proto="RSN", key_mgmt="WPA-EAP",
eap="GPSK", identity="gpsk-user-session-timeout",
password="abcdefghijklmnop0123456789abcdef",
scan_freq="2412")
dev[0].request("DISCONNECT")
time.sleep(5)
dev[0].dump_monitor()
dev[0].request("RECONNECT")
ev = dev[0].wait_event(["CTRL-EVENT-EAP-STARTED",
"CTRL-EVENT-CONNECTED"], timeout=20)
if ev is None:
raise Exception("Roaming with the AP timed out")
if "CTRL-EVENT-CONNECTED" in ev:
raise Exception("EAP exchange missing")
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=20)
if ev is None:
raise Exception("Reassociation with the AP timed out")
dev[0].dump_monitor()
ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=20)
if ev is None:
raise Exception("Disconnection event timed out")
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=20)
if ev is None:
raise Exception("Reassociation with the AP timed out")