diff --git a/tests/hwsim/test_ap_hs20.py b/tests/hwsim/test_ap_hs20.py index a982252d8..365067297 100644 --- a/tests/hwsim/test_ap_hs20.py +++ b/tests/hwsim/test_ap_hs20.py @@ -799,3 +799,31 @@ def test_ap_hs20_roam_to_higher_prio(dev, apdev): raise Exception("Unexpected AP selected") if bssid2 not in ev: raise Exception("Unexpected BSSID after reconnection") + +def test_ap_hs20_domain_suffix_match(dev, apdev): + """Hotspot 2.0 and domain_suffix_match""" + bssid = apdev[0]['bssid'] + params = hs20_ap_params() + hostapd.add_ap(apdev[0]['ifname'], params) + + dev[0].hs20_enable() + id = dev[0].add_cred_values({ 'realm': "example.com", + 'username': "hs20-test", + 'password': "password", + 'domain': "example.com", + 'domain_suffix_match': "w1.fi" }) + interworking_select(dev[0], bssid, "home", freq="2412") + dev[0].dump_monitor() + interworking_connect(dev[0], bssid, "TTLS") + dev[0].request("REMOVE_NETWORK all") + dev[0].dump_monitor() + + dev[0].set_cred_quoted(id, "domain_suffix_match", "no-match.example.com") + interworking_select(dev[0], bssid, "home", freq="2412") + dev[0].dump_monitor() + dev[0].request("INTERWORKING_CONNECT " + bssid) + ev = dev[0].wait_event(["CTRL-EVENT-EAP-TLS-CERT-ERROR"]) + if ev is None: + raise Exception("TLS certificate error not reported") + if "Domain suffix mismatch" not in ev: + raise Exception("Domain suffix mismatch not reported") diff --git a/tests/hwsim/wpasupplicant.py b/tests/hwsim/wpasupplicant.py index 3c6c4352a..23a4a3926 100644 --- a/tests/hwsim/wpasupplicant.py +++ b/tests/hwsim/wpasupplicant.py @@ -208,7 +208,7 @@ class WpaSupplicant: quoted = [ "realm", "username", "password", "domain", "imsi", "excluded_ssid", "milenage", "ca_cert", "client_cert", - "private_key" ] + "private_key", "domain_suffix_match" ] for field in quoted: if field in params: self.set_cred_quoted(id, field, params[field])