tests: IEEE 802.1X and FORCE_UNAUTH state

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2021-03-28 12:36:18 +03:00
parent e72e322539
commit 00bec7b5be
2 changed files with 30 additions and 0 deletions

View file

@ -245,6 +245,23 @@ def test_ieee8021x_held(dev, apdev):
dev[0].request("SET EAPOL::maxStart 3") dev[0].request("SET EAPOL::maxStart 3")
dev[0].request("SET EAPOL::heldPeriod 60") dev[0].request("SET EAPOL::heldPeriod 60")
def test_ieee8021x_force_unauth(dev, apdev):
"""IEEE 802.1X and FORCE_UNAUTH state"""
params = hostapd.radius_params()
params["ssid"] = "ieee8021x-open"
params["ieee8021x"] = "1"
hapd = hostapd.add_ap(apdev[0], params)
bssid = apdev[0]['bssid']
dev[0].connect("ieee8021x-open", key_mgmt="IEEE8021X", eapol_flags="0",
eap="PSK", identity="psk.user@example.com",
password_hex="0123456789abcdef0123456789abcdef",
scan_freq="2412")
dev[0].request("SET EAPOL::portControl ForceUnauthorized")
pae = dev[0].get_status_field('Supplicant PAE state')
dev[0].wait_disconnected()
dev[0].request("SET EAPOL::portControl Auto")
def send_eapol_key(dev, bssid, signkey, frame_start, frame_end): def send_eapol_key(dev, bssid, signkey, frame_start, frame_end):
zero_sign = "00000000000000000000000000000000" zero_sign = "00000000000000000000000000000000"
frame = frame_start + zero_sign + frame_end frame = frame_start + zero_sign + frame_end

View file

@ -512,6 +512,19 @@ static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s,
} else if (os_strcasecmp(cmd, "EAPOL::maxStart") == 0) { } else if (os_strcasecmp(cmd, "EAPOL::maxStart") == 0) {
eapol_sm_configure(wpa_s->eapol, eapol_sm_configure(wpa_s->eapol,
-1, -1, -1, atoi(value)); -1, -1, -1, atoi(value));
#ifdef CONFIG_TESTING_OPTIONS
} else if (os_strcasecmp(cmd, "EAPOL::portControl") == 0) {
if (os_strcmp(value, "Auto") == 0)
eapol_sm_notify_portControl(wpa_s->eapol, Auto);
else if (os_strcmp(value, "ForceUnauthorized") == 0)
eapol_sm_notify_portControl(wpa_s->eapol,
ForceUnauthorized);
else if (os_strcmp(value, "ForceAuthorized") == 0)
eapol_sm_notify_portControl(wpa_s->eapol,
ForceAuthorized);
else
ret = -1;
#endif /* CONFIG_TESTING_OPTIONS */
} else if (os_strcasecmp(cmd, "dot11RSNAConfigPMKLifetime") == 0) { } else if (os_strcasecmp(cmd, "dot11RSNAConfigPMKLifetime") == 0) {
if (wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME, if (wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
atoi(value))) { atoi(value))) {