jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

tests: Generate ACL files

Browse source 
Generate ACL files instead of using files with hardcoded values for the
STA MAC addresses. Send the generated files also to the remote client if
required.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
This commit is contained in:
Janusz Dziedzic 2020-01-12 23:02:22 +01:00 committed by Jouni Malinen
parent 16f18b2ca7
commit 4d14838421
8 changed files with 107 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
tests/hwsim/hostapd.accept
View file

@ -1,2 +0,0 @@
02:00:00:00:00:00 1
02:00:00:00:01:00 2

3
tests/hwsim/hostapd.accept2
View file

@ -1,3 +0,0 @@
02:00:00:00:00:00 1
02:00:00:00:01:00 2
02:00:00:00:02:00 3

7
tests/hwsim/hostapd.macaddr
View file

@ -1,7 +0,0 @@
02:00:00:00:00:00
02:00:00:00:00:12
02:00:00:00:00:34
-02:00:00:00:00:12
-02:00:00:00:00:34
01:01:01:01:01:01
03:01:01:01:01:03

32
tests/hwsim/hostapd.py
View file

@ -757,3 +757,35 @@ def cmd_execute(apdev, cmd, shell=False):
def send_file(apdev, src, dst):
hapd_global = HostapdGlobal(apdev)
return hapd_global.send_file(src, dst)
def acl_file(dev, apdev, conf):
filename = os.path.join("/tmp", conf)
if conf == 'hostapd.macaddr':
with open(filename, 'w') as f:
mac0 = dev[0].get_status_field("address")
f.write(mac0 + '\n')
f.write("02:00:00:00:00:12\n")
f.write("02:00:00:00:00:34\n")
f.write("-02:00:00:00:00:12\n")
f.write("-02:00:00:00:00:34\n")
f.write("01:01:01:01:01:01\n")
f.write("03:01:01:01:01:03\n")
elif conf == 'hostapd.accept':
with open(filename, 'w') as f:
mac0 = dev[0].get_status_field("address")
mac1 = dev[1].get_status_field("address")
f.write(mac0 + " 1\n")
f.write(mac1 + " 2\n")
elif conf == 'hostapd.accept2':
with open(filename, 'w') as f:
mac0 = dev[0].get_status_field("address")
mac1 = dev[1].get_status_field("address")
mac2 = dev[2].get_status_field("address")
f.write(mac0 + " 1\n")
f.write(mac1 + " 2\n")
f.write(mac2 + " 3\n")
else:
return conf
return filename

46
tests/hwsim/test_ap_ft.py
View file

@ -336,15 +336,18 @@ def test_ap_ft_vlan(dev, apdev):
"""WPA2-PSK-FT AP with VLAN"""
ssid = "test-ft"
passphrase = "12345678"
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
hostapd.send_file(apdev[1], filename, filename)
params = ft_params1(ssid=ssid, passphrase=passphrase)
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
params = ft_params2(ssid=ssid, passphrase=passphrase)
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, conndev="brvlan1")
@ -355,16 +358,19 @@ def test_ap_ft_vlan_disconnected(dev, apdev):
"""WPA2-PSK-FT AP with VLAN and local key generation"""
ssid = "test-ft"
passphrase = "12345678"
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
hostapd.send_file(apdev[1], filename, filename)
params = ft_params1a(ssid=ssid, passphrase=passphrase)
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
params['ft_psk_generate_local'] = "1"
hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
params = ft_params2a(ssid=ssid, passphrase=passphrase)
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
params['ft_psk_generate_local'] = "1"
hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
@ -376,10 +382,12 @@ def test_ap_ft_vlan_2(dev, apdev):
"""WPA2-PSK-FT AP with VLAN and dest-AP does not have VLAN info locally"""
ssid = "test-ft"
passphrase = "12345678"
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
params = ft_params1(ssid=ssid, passphrase=passphrase)
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
params = ft_params2(ssid=ssid, passphrase=passphrase)
@ -407,15 +415,18 @@ def test_ap_ft_many_vlan(dev, apdev):
"""WPA2-PSK-FT AP with VLAN multiple times"""
ssid = "test-ft"
passphrase = "12345678"
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
hostapd.send_file(apdev[1], filename, filename)
params = ft_params1(ssid=ssid, passphrase=passphrase)
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
params = ft_params2(ssid=ssid, passphrase=passphrase)
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, roams=50,
@ -707,14 +718,17 @@ def test_ap_ft_vlan_over_ds(dev, apdev):
"""WPA2-PSK-FT AP over DS with VLAN"""
ssid = "test-ft"
passphrase = "12345678"
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
hostapd.send_file(apdev[1], filename, filename)
params = ft_params1(ssid=ssid, passphrase=passphrase)
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
params = ft_params2(ssid=ssid, passphrase=passphrase)
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True,
@ -739,14 +753,17 @@ def test_ap_ft_vlan_over_ds_many(dev, apdev):
"""WPA2-PSK-FT AP over DS with VLAN multiple times"""
ssid = "test-ft"
passphrase = "12345678"
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
hostapd.send_file(apdev[1], filename, filename)
params = ft_params1(ssid=ssid, passphrase=passphrase)
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
params = ft_params2(ssid=ssid, passphrase=passphrase)
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True,
@ -944,16 +961,19 @@ def test_ap_ft_over_ds_pull_vlan(dev, apdev):
"""WPA2-PSK-FT AP over DS (pull PMK) with VLAN"""
ssid = "test-ft"
passphrase = "12345678"
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
hostapd.send_file(apdev[1], filename, filename)
params = ft_params1(ssid=ssid, passphrase=passphrase)
params["pmk_r1_push"] = "0"
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
params = ft_params2(ssid=ssid, passphrase=passphrase)
params["pmk_r1_push"] = "0"
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True,

12
tests/hwsim/test_ap_params.py
View file

@ -140,8 +140,10 @@ def test_ap_acl_accept(dev, apdev):
"""MAC ACL accept list"""
ssid = "acl"
params = {}
filename = hostapd.acl_file(dev, apdev, 'hostapd.macaddr')
hostapd.send_file(apdev[0], filename, filename)
params['ssid'] = ssid
params['accept_mac_file'] = "hostapd.macaddr"
params['accept_mac_file'] = filename
hapd = hostapd.add_ap(apdev[0], params)
dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
dev[0].connect(ssid, key_mgmt="NONE", scan_freq="2412")
@ -161,8 +163,10 @@ def test_ap_acl_deny(dev, apdev):
"""MAC ACL deny list"""
ssid = "acl"
params = {}
filename = hostapd.acl_file(dev, apdev, 'hostapd.macaddr')
hostapd.send_file(apdev[0], filename, filename)
params['ssid'] = ssid
params['deny_mac_file'] = "hostapd.macaddr"
params['deny_mac_file'] = filename
hapd = hostapd.add_ap(apdev[0], params)
dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412", passive=True)
dev[0].connect(ssid, key_mgmt="NONE", scan_freq="2412", wait_connect=False)
@ -176,8 +180,10 @@ def test_ap_acl_mgmt(dev, apdev):
"""MAC ACL accept/deny management"""
ssid = "acl"
params = {}
filename = hostapd.acl_file(dev, apdev, 'hostapd.macaddr')
hostapd.send_file(apdev[0], filename, filename)
params['ssid'] = ssid
params['deny_mac_file'] = "hostapd.macaddr"
params['deny_mac_file'] = filename
hapd = hostapd.add_ap(apdev[0], params)
accept = hapd.request("ACCEPT_ACL SHOW").splitlines()

32
tests/hwsim/test_ap_vlan.py
View file

@ -26,9 +26,11 @@ from tshark import run_tshark
def test_ap_vlan_open(dev, apdev):
"""AP VLAN with open network"""
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
params = {"ssid": "test-vlan-open",
"dynamic_vlan": "1",
"accept_mac_file": "hostapd.accept"}
"accept_mac_file": filename}
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect("test-vlan-open", key_mgmt="NONE", scan_freq="2412")
@ -40,10 +42,12 @@ def test_ap_vlan_open(dev, apdev):
def test_ap_vlan_file_open(dev, apdev):
"""AP VLAN with open network and vlan_file mapping"""
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
params = {"ssid": "test-vlan-open",
"dynamic_vlan": "1",
"vlan_file": "hostapd.vlan",
"accept_mac_file": "hostapd.accept"}
"accept_mac_file": filename}
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect("test-vlan-open", key_mgmt="NONE", scan_freq="2412")
@ -55,10 +59,12 @@ def test_ap_vlan_file_open(dev, apdev):
def test_ap_vlan_file_open2(dev, apdev):
"""AP VLAN with open network and vlan_file mapping (2)"""
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept2')
hostapd.send_file(apdev[0], filename, filename)
params = {"ssid": "test-vlan-open",
"dynamic_vlan": "1",
"vlan_file": "hostapd.vlan2",
"accept_mac_file": "hostapd.accept2"}
"accept_mac_file": filename}
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect("test-vlan-open", key_mgmt="NONE", scan_freq="2412")
@ -109,10 +115,12 @@ def test_ap_vlan_file_parsing(dev, apdev, params):
def test_ap_vlan_wpa2(dev, apdev):
"""AP VLAN with WPA2-PSK"""
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
params = hostapd.wpa2_params(ssid="test-vlan",
passphrase="12345678")
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect("test-vlan", psk="12345678", scan_freq="2412")
@ -166,11 +174,13 @@ def test_ap_vlan_wpa2_radius_2(dev, apdev):
def test_ap_vlan_wpa2_radius_local(dev, apdev):
"""AP VLAN with WPA2-Enterprise and local file setting VLAN IDs"""
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
params = hostapd.wpa2_eap_params(ssid="test-vlan")
params['dynamic_vlan'] = "0"
params['vlan_file'] = "hostapd.vlan"
params['vlan_bridge'] = "test_br_vlan"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect("test-vlan", key_mgmt="WPA-EAP", eap="PAX",
@ -340,10 +350,12 @@ def test_ap_vlan_wpa2_radius_required(dev, apdev):
def test_ap_vlan_tagged(dev, apdev):
"""AP VLAN with tagged interface"""
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
params = {"ssid": "test-vlan-open",
"dynamic_vlan": "1",
"vlan_tagged_interface": "lo",
"accept_mac_file": "hostapd.accept"}
"accept_mac_file": filename}
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect("test-vlan-open", key_mgmt="NONE", scan_freq="2412")
@ -546,6 +558,8 @@ def test_ap_vlan_iface_cleanup_multibss_per_sta_vif(dev, apdev):
def test_ap_vlan_without_station(dev, apdev, p):
"""AP VLAN with WPA2-PSK and no station"""
try:
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
subprocess.call(['brctl', 'addbr', 'brvlan1'])
subprocess.call(['brctl', 'setfd', 'brvlan1', '0'])
subprocess.call(['ifconfig', 'brvlan1', 'up'])
@ -555,7 +569,7 @@ def test_ap_vlan_without_station(dev, apdev, p):
passphrase="12345678x")
params['dynamic_vlan'] = "1"
params['vlan_file'] = 'hostapd.wlan3.vlan'
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd = hostapd.add_ap(apdev[0], params)
# inject some traffic
@ -707,10 +721,12 @@ def test_ap_vlan_wpa2_radius_mixed(dev, apdev):
def test_ap_vlan_reconnect(dev, apdev):
"""AP VLAN with WPA2-PSK connect, disconnect, connect"""
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
hostapd.send_file(apdev[0], filename, filename)
params = hostapd.wpa2_params(ssid="test-vlan",
passphrase="12345678")
params['dynamic_vlan'] = "1"
params['accept_mac_file'] = "hostapd.accept"
params['accept_mac_file'] = filename
hapd = hostapd.add_ap(apdev[0], params)
logger.info("connect sta")

12
tests/hwsim/test_hapd_ctrl.py
View file

@ -283,11 +283,13 @@ def test_hapd_ctrl_ess_disassoc(dev, apdev):
def test_hapd_ctrl_set_deny_mac_file(dev, apdev):
"""hostapd and SET deny_mac_file ctrl_iface command"""
ssid = "hapd-ctrl"
filename = hostapd.acl_file(dev, apdev, 'hostapd.macaddr')
params = {"ssid": ssid}
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect(ssid, key_mgmt="NONE", scan_freq="2412")
dev[1].connect(ssid, key_mgmt="NONE", scan_freq="2412")
if "OK" not in hapd.request("SET deny_mac_file hostapd.macaddr"):
hapd.send_file(filename, filename)
if "OK" not in hapd.request("SET deny_mac_file " + filename):
raise Exception("Unexpected SET failure")
dev[0].wait_disconnected(timeout=15)
ev = dev[1].wait_event(["CTRL-EVENT-DISCONNECTED"], 1)
@ -297,12 +299,14 @@ def test_hapd_ctrl_set_deny_mac_file(dev, apdev):
def test_hapd_ctrl_set_accept_mac_file(dev, apdev):
"""hostapd and SET accept_mac_file ctrl_iface command"""
ssid = "hapd-ctrl"
filename = hostapd.acl_file(dev, apdev, 'hostapd.macaddr')
params = {"ssid": ssid}
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect(ssid, key_mgmt="NONE", scan_freq="2412")
dev[1].connect(ssid, key_mgmt="NONE", scan_freq="2412")
hapd.send_file(filename, filename)
hapd.request("SET macaddr_acl 1")
if "OK" not in hapd.request("SET accept_mac_file hostapd.macaddr"):
if "OK" not in hapd.request("SET accept_mac_file " + filename):
raise Exception("Unexpected SET failure")
dev[1].wait_disconnected(timeout=15)
ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"], 1)
@ -312,12 +316,14 @@ def test_hapd_ctrl_set_accept_mac_file(dev, apdev):
def test_hapd_ctrl_set_accept_mac_file_vlan(dev, apdev):
"""hostapd and SET accept_mac_file ctrl_iface command (VLAN ID)"""
ssid = "hapd-ctrl"
filename = hostapd.acl_file(dev, apdev, 'hostapd.accept')
params = {"ssid": ssid}
hapd = hostapd.add_ap(apdev[0], params)
dev[0].connect(ssid, key_mgmt="NONE", scan_freq="2412")
dev[1].connect(ssid, key_mgmt="NONE", scan_freq="2412")
hapd.send_file(filename, filename)
hapd.request("SET macaddr_acl 1")
if "OK" not in hapd.request("SET accept_mac_file hostapd.accept"):
if "OK" not in hapd.request("SET accept_mac_file " + filename):
raise Exception("Unexpected SET failure")
dev[1].wait_disconnected(timeout=15)
dev[0].wait_disconnected(timeout=15)