|
@@ -8,11 +8,13 @@ from remotehost import remote_compatible
|
|
|
import binascii
|
|
import binascii
|
|
|
import hmac
|
|
import hmac
|
|
|
import logging
|
|
import logging
|
|
|
|
|
+import os
|
|
|
import time
|
|
import time
|
|
|
|
|
|
|
|
import hostapd
|
|
import hostapd
|
|
|
import hwsim_utils
|
|
import hwsim_utils
|
|
|
from utils import skip_with_fips
|
|
from utils import skip_with_fips
|
|
|
|
|
+from tshark import run_tshark
|
|
|
|
|
|
|
|
logger = logging.getLogger()
|
|
logger = logging.getLogger()
|
|
|
|
|
|
|
@@ -290,6 +292,59 @@ def test_ieee8021x_reauth(dev, apdev):
|
|
|
time.sleep(0.1)
|
|
time.sleep(0.1)
|
|
|
hwsim_utils.test_connectivity(dev[0], hapd)
|
|
hwsim_utils.test_connectivity(dev[0], hapd)
|
|
|
|
|
|
|
|
|
|
+def test_ieee8021x_reauth_wep(dev, apdev, params):
|
|
|
|
|
+ """IEEE 802.1X and EAPOL_REAUTH request with WEP"""
|
|
|
|
|
+ logdir = params['logdir']
|
|
|
|
|
+
|
|
|
|
|
+ params = hostapd.radius_params()
|
|
|
|
|
+ params["ssid"] = "ieee8021x-open"
|
|
|
|
|
+ params["ieee8021x"] = "1"
|
|
|
|
|
+ params["wep_key_len_broadcast"] = "13"
|
|
|
|
|
+ params["wep_key_len_unicast"] = "13"
|
|
|
|
|
+ hapd = hostapd.add_ap(apdev[0], params)
|
|
|
|
|
+
|
|
|
|
|
+ dev[0].connect("ieee8021x-open", key_mgmt="IEEE8021X",
|
|
|
|
|
+ eap="PSK", identity="psk.user@example.com",
|
|
|
|
|
+ password_hex="0123456789abcdef0123456789abcdef",
|
|
|
|
|
+ scan_freq="2412")
|
|
|
|
|
+ hwsim_utils.test_connectivity(dev[0], hapd)
|
|
|
|
|
+
|
|
|
|
|
+ hapd.request("EAPOL_REAUTH " + dev[0].own_addr())
|
|
|
|
|
+ ev = dev[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout=5)
|
|
|
|
|
+ if ev is None:
|
|
|
|
|
+ raise Exception("EAP authentication did not start")
|
|
|
|
|
+ ev = dev[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout=5)
|
|
|
|
|
+ if ev is None:
|
|
|
|
|
+ raise Exception("EAP authentication did not succeed")
|
|
|
|
|
+ time.sleep(0.1)
|
|
|
|
|
+ hwsim_utils.test_connectivity(dev[0], hapd)
|
|
|
|
|
+
|
|
|
|
|
+ out = run_tshark(os.path.join(logdir, "hwsim0.pcapng"),
|
|
|
|
|
+ "llc.type == 0x888e", ["eapol.type", "eap.code"])
|
|
|
|
|
+ if out is None:
|
|
|
|
|
+ raise Exception("Could not find EAPOL frames in capture")
|
|
|
|
|
+ num_eapol_key = 0
|
|
|
|
|
+ num_eap_req = 0
|
|
|
|
|
+ num_eap_resp = 0
|
|
|
|
|
+ for line in out.splitlines():
|
|
|
|
|
+ vals = line.split()
|
|
|
|
|
+ if vals[0] == '3':
|
|
|
|
|
+ num_eapol_key += 1
|
|
|
|
|
+ if vals[0] == '0' and len(vals) == 2:
|
|
|
|
|
+ if vals[1] == '1':
|
|
|
|
|
+ num_eap_req += 1
|
|
|
|
|
+ elif vals[1] == '2':
|
|
|
|
|
+ num_eap_resp += 1
|
|
|
|
|
+ logger.info("num_eapol_key: %d" % num_eapol_key)
|
|
|
|
|
+ logger.info("num_eap_req: %d" % num_eap_req)
|
|
|
|
|
+ logger.info("num_eap_resp: %d" % num_eap_resp)
|
|
|
|
|
+ if num_eapol_key < 4:
|
|
|
|
|
+ raise Exception("Did not see four unencrypted EAPOL-Key frames")
|
|
|
|
|
+ if num_eap_req < 6:
|
|
|
|
|
+ raise Exception("Did not see six unencrypted EAP-Request frames")
|
|
|
|
|
+ if num_eap_resp < 6:
|
|
|
|
|
+ raise Exception("Did not see six unencrypted EAP-Response frames")
|
|
|
|
|
+
|
|
|
def test_ieee8021x_set_conf(dev, apdev):
|
|
def test_ieee8021x_set_conf(dev, apdev):
|
|
|
"""IEEE 802.1X and EAPOL_SET command"""
|
|
"""IEEE 802.1X and EAPOL_SET command"""
|
|
|
params = hostapd.radius_params()
|
|
params = hostapd.radius_params()
|
Jouni Malinen