]>
Commit | Line | Data |
---|---|---|
302b7a1b JM |
1 | #!/usr/bin/python |
2 | # | |
3 | # WPS tests | |
8674c022 | 4 | # Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi> |
302b7a1b JM |
5 | # |
6 | # This software may be distributed under the terms of the BSD license. | |
7 | # See README for more details. | |
8 | ||
9 | import time | |
10 | import subprocess | |
11 | import logging | |
c9aa4308 | 12 | logger = logging.getLogger() |
1013a576 | 13 | import re |
302b7a1b JM |
14 | |
15 | import hwsim_utils | |
16 | import hostapd | |
17 | ||
ae3ad328 | 18 | def test_ap_wps_init(dev, apdev): |
302b7a1b JM |
19 | """Initial AP configuration with first WPS Enrollee""" |
20 | ssid = "test-wps" | |
ae3ad328 | 21 | hostapd.add_ap(apdev[0]['ifname'], |
302b7a1b | 22 | { "ssid": ssid, "eap_server": "1", "wps_state": "1" }) |
ae3ad328 | 23 | hapd = hostapd.Hostapd(apdev[0]['ifname']) |
302b7a1b JM |
24 | logger.info("WPS provisioning step") |
25 | hapd.request("WPS_PBC") | |
d671a420 JM |
26 | if "PBC Status: Active" not in hapd.request("WPS_GET_STATUS"): |
27 | raise Exception("PBC status not shown correctly") | |
302b7a1b JM |
28 | dev[0].dump_monitor() |
29 | dev[0].request("WPS_PBC") | |
853b49a0 | 30 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) |
302b7a1b JM |
31 | if ev is None: |
32 | raise Exception("Association with the AP timed out") | |
33 | status = dev[0].get_status() | |
ae3ad328 | 34 | if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']: |
302b7a1b JM |
35 | raise Exception("Not fully connected") |
36 | if status['ssid'] != ssid: | |
37 | raise Exception("Unexpected SSID") | |
38 | if status['pairwise_cipher'] != 'CCMP': | |
39 | raise Exception("Unexpected encryption configuration") | |
40 | if status['key_mgmt'] != 'WPA2-PSK': | |
41 | raise Exception("Unexpected key_mgmt") | |
42 | ||
d671a420 JM |
43 | status = hapd.request("WPS_GET_STATUS") |
44 | if "PBC Status: Disabled" not in status: | |
45 | raise Exception("PBC status not shown correctly") | |
46 | if "Last WPS result: Success" not in status: | |
47 | raise Exception("Last WPS result not shown correctly") | |
48 | if "Peer Address: " + dev[0].p2p_interface_addr() not in status: | |
49 | raise Exception("Peer address not shown correctly") | |
75b25ece JM |
50 | conf = hapd.request("GET_CONFIG") |
51 | if "wps_state=configured" not in conf: | |
52 | raise Exception("AP not in WPS configured state") | |
53 | if "rsn_pairwise_cipher=CCMP TKIP" not in conf: | |
54 | raise Exception("Unexpected rsn_pairwise_cipher") | |
55 | if "wpa_pairwise_cipher=CCMP TKIP" not in conf: | |
56 | raise Exception("Unexpected wpa_pairwise_cipher") | |
57 | if "group_cipher=TKIP" not in conf: | |
58 | raise Exception("Unexpected group_cipher") | |
d671a420 | 59 | |
18030dc0 JM |
60 | def test_ap_wps_init_2ap_pbc(dev, apdev): |
61 | """Initial two-radio AP configuration with first WPS PBC Enrollee""" | |
62 | ssid = "test-wps" | |
63 | params = { "ssid": ssid, "eap_server": "1", "wps_state": "1" } | |
64 | hostapd.add_ap(apdev[0]['ifname'], params) | |
65 | hostapd.add_ap(apdev[1]['ifname'], params) | |
66 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
67 | logger.info("WPS provisioning step") | |
68 | hapd.request("WPS_PBC") | |
18030dc0 JM |
69 | dev[0].scan(freq="2412") |
70 | bss = dev[0].get_bss(apdev[0]['bssid']) | |
71 | if "[WPS-PBC]" not in bss['flags']: | |
72 | raise Exception("WPS-PBC flag missing from AP1") | |
73 | bss = dev[0].get_bss(apdev[1]['bssid']) | |
74 | if "[WPS-PBC]" not in bss['flags']: | |
75 | raise Exception("WPS-PBC flag missing from AP2") | |
76 | dev[0].dump_monitor() | |
77 | dev[0].request("WPS_PBC") | |
78 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) | |
79 | if ev is None: | |
80 | raise Exception("Association with the AP timed out") | |
81 | ||
18030dc0 JM |
82 | dev[1].scan(freq="2412") |
83 | bss = dev[1].get_bss(apdev[0]['bssid']) | |
84 | if "[WPS-PBC]" in bss['flags']: | |
85 | raise Exception("WPS-PBC flag not cleared from AP1") | |
86 | bss = dev[1].get_bss(apdev[1]['bssid']) | |
87 | if "[WPS-PBC]" in bss['flags']: | |
88 | raise Exception("WPS-PBC flag bit ckeared from AP2") | |
89 | ||
90 | def test_ap_wps_init_2ap_pin(dev, apdev): | |
91 | """Initial two-radio AP configuration with first WPS PIN Enrollee""" | |
92 | ssid = "test-wps" | |
93 | params = { "ssid": ssid, "eap_server": "1", "wps_state": "1" } | |
94 | hostapd.add_ap(apdev[0]['ifname'], params) | |
95 | hostapd.add_ap(apdev[1]['ifname'], params) | |
96 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
97 | logger.info("WPS provisioning step") | |
98 | pin = dev[0].wps_read_pin() | |
99 | hapd.request("WPS_PIN any " + pin) | |
18030dc0 JM |
100 | dev[0].scan(freq="2412") |
101 | bss = dev[0].get_bss(apdev[0]['bssid']) | |
102 | if "[WPS-AUTH]" not in bss['flags']: | |
103 | raise Exception("WPS-AUTH flag missing from AP1") | |
104 | bss = dev[0].get_bss(apdev[1]['bssid']) | |
105 | if "[WPS-AUTH]" not in bss['flags']: | |
106 | raise Exception("WPS-AUTH flag missing from AP2") | |
107 | dev[0].dump_monitor() | |
108 | dev[0].request("WPS_PIN any " + pin) | |
109 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) | |
110 | if ev is None: | |
111 | raise Exception("Association with the AP timed out") | |
112 | ||
18030dc0 JM |
113 | dev[1].scan(freq="2412") |
114 | bss = dev[1].get_bss(apdev[0]['bssid']) | |
115 | if "[WPS-AUTH]" in bss['flags']: | |
116 | raise Exception("WPS-AUTH flag not cleared from AP1") | |
117 | bss = dev[1].get_bss(apdev[1]['bssid']) | |
118 | if "[WPS-AUTH]" in bss['flags']: | |
119 | raise Exception("WPS-AUTH flag bit ckeared from AP2") | |
120 | ||
35831e94 JM |
121 | def test_ap_wps_init_through_wps_config(dev, apdev): |
122 | """Initial AP configuration using wps_config command""" | |
123 | ssid = "test-wps-init-config" | |
124 | hostapd.add_ap(apdev[0]['ifname'], | |
125 | { "ssid": ssid, "eap_server": "1", "wps_state": "1" }) | |
126 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
127 | if "FAIL" in hapd.request("WPS_CONFIG " + ssid.encode("hex") + " WPA2PSK CCMP " + "12345678".encode("hex")): | |
128 | raise Exception("WPS_CONFIG command failed") | |
129 | dev[0].connect(ssid, psk="12345678", scan_freq="2412", proto="WPA2", | |
130 | pairwise="CCMP", group="CCMP") | |
131 | ||
ae3ad328 | 132 | def test_ap_wps_conf(dev, apdev): |
302b7a1b JM |
133 | """WPS PBC provisioning with configured AP""" |
134 | ssid = "test-wps-conf" | |
ae3ad328 | 135 | hostapd.add_ap(apdev[0]['ifname'], |
302b7a1b JM |
136 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", |
137 | "wpa_passphrase": "12345678", "wpa": "2", | |
138 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}) | |
ae3ad328 | 139 | hapd = hostapd.Hostapd(apdev[0]['ifname']) |
302b7a1b JM |
140 | logger.info("WPS provisioning step") |
141 | hapd.request("WPS_PBC") | |
142 | dev[0].dump_monitor() | |
143 | dev[0].request("WPS_PBC") | |
7e3f110b | 144 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) |
302b7a1b JM |
145 | if ev is None: |
146 | raise Exception("Association with the AP timed out") | |
147 | status = dev[0].get_status() | |
ae3ad328 | 148 | if status['wpa_state'] != 'COMPLETED': |
302b7a1b | 149 | raise Exception("Not fully connected") |
ae3ad328 JM |
150 | if status['bssid'] != apdev[0]['bssid']: |
151 | raise Exception("Unexpected BSSID") | |
302b7a1b JM |
152 | if status['ssid'] != ssid: |
153 | raise Exception("Unexpected SSID") | |
154 | if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP': | |
155 | raise Exception("Unexpected encryption configuration") | |
156 | if status['key_mgmt'] != 'WPA2-PSK': | |
157 | raise Exception("Unexpected key_mgmt") | |
158 | ||
097cd9cd JM |
159 | sta = hapd.get_sta(dev[0].p2p_interface_addr()) |
160 | if 'wpsDeviceName' not in sta or sta['wpsDeviceName'] != "Device A": | |
161 | raise Exception("Device name not available in STA command") | |
162 | ||
04e62788 JM |
163 | def test_ap_wps_twice(dev, apdev): |
164 | """WPS provisioning with twice to change passphrase""" | |
165 | ssid = "test-wps-twice" | |
166 | params = { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
167 | "wpa_passphrase": "12345678", "wpa": "2", | |
168 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" } | |
169 | hostapd.add_ap(apdev[0]['ifname'], params) | |
170 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
171 | logger.info("WPS provisioning step") | |
172 | hapd.request("WPS_PBC") | |
04e62788 JM |
173 | dev[0].dump_monitor() |
174 | dev[0].request("WPS_PBC") | |
175 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) | |
176 | if ev is None: | |
177 | raise Exception("Association with the AP timed out") | |
178 | dev[0].request("DISCONNECT") | |
179 | ||
180 | logger.info("Restart AP with different passphrase and re-run WPS") | |
181 | hapd_global = hostapd.HostapdGlobal() | |
182 | hapd_global.remove(apdev[0]['ifname']) | |
183 | params['wpa_passphrase'] = 'another passphrase' | |
184 | hostapd.add_ap(apdev[0]['ifname'], params) | |
185 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
186 | logger.info("WPS provisioning step") | |
187 | hapd.request("WPS_PBC") | |
188 | dev[0].dump_monitor() | |
189 | dev[0].request("WPS_PBC") | |
190 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) | |
191 | if ev is None: | |
192 | raise Exception("Association with the AP timed out") | |
193 | networks = dev[0].list_networks() | |
194 | if len(networks) > 1: | |
195 | raise Exception("Unexpected duplicated network block present") | |
196 | ||
d658205a JM |
197 | def test_ap_wps_incorrect_pin(dev, apdev): |
198 | """WPS PIN provisioning with incorrect PIN""" | |
199 | ssid = "test-wps-incorrect-pin" | |
200 | hostapd.add_ap(apdev[0]['ifname'], | |
201 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
202 | "wpa_passphrase": "12345678", "wpa": "2", | |
203 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}) | |
204 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
205 | ||
206 | logger.info("WPS provisioning attempt 1") | |
207 | hapd.request("WPS_PIN any 12345670") | |
d658205a JM |
208 | dev[0].dump_monitor() |
209 | dev[0].request("WPS_PIN any 55554444") | |
210 | ev = dev[0].wait_event(["WPS-FAIL"], timeout=30) | |
211 | if ev is None: | |
212 | raise Exception("WPS operation timed out") | |
213 | if "config_error=18" not in ev: | |
214 | raise Exception("Incorrect config_error reported") | |
215 | if "msg=8" not in ev: | |
216 | raise Exception("PIN error detected on incorrect message") | |
217 | ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"]) | |
218 | if ev is None: | |
219 | raise Exception("Timeout on disconnection event") | |
220 | dev[0].request("WPS_CANCEL") | |
221 | # if a scan was in progress, wait for it to complete before trying WPS again | |
222 | ev = dev[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5) | |
223 | ||
d671a420 JM |
224 | status = hapd.request("WPS_GET_STATUS") |
225 | if "Last WPS result: Failed" not in status: | |
226 | raise Exception("WPS failure result not shown correctly") | |
227 | ||
d658205a JM |
228 | logger.info("WPS provisioning attempt 2") |
229 | hapd.request("WPS_PIN any 12345670") | |
230 | dev[0].dump_monitor() | |
231 | dev[0].request("WPS_PIN any 12344444") | |
232 | ev = dev[0].wait_event(["WPS-FAIL"], timeout=30) | |
233 | if ev is None: | |
234 | raise Exception("WPS operation timed out") | |
235 | if "config_error=18" not in ev: | |
236 | raise Exception("Incorrect config_error reported") | |
237 | if "msg=10" not in ev: | |
238 | raise Exception("PIN error detected on incorrect message") | |
239 | ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"]) | |
240 | if ev is None: | |
241 | raise Exception("Timeout on disconnection event") | |
242 | ||
ae3ad328 | 243 | def test_ap_wps_conf_pin(dev, apdev): |
302b7a1b JM |
244 | """WPS PIN provisioning with configured AP""" |
245 | ssid = "test-wps-conf-pin" | |
ae3ad328 | 246 | hostapd.add_ap(apdev[0]['ifname'], |
302b7a1b JM |
247 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", |
248 | "wpa_passphrase": "12345678", "wpa": "2", | |
249 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}) | |
ae3ad328 | 250 | hapd = hostapd.Hostapd(apdev[0]['ifname']) |
302b7a1b JM |
251 | logger.info("WPS provisioning step") |
252 | pin = dev[0].wps_read_pin() | |
253 | hapd.request("WPS_PIN any " + pin) | |
254 | dev[0].dump_monitor() | |
255 | dev[0].request("WPS_PIN any " + pin) | |
7e3f110b | 256 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) |
302b7a1b JM |
257 | if ev is None: |
258 | raise Exception("Association with the AP timed out") | |
259 | status = dev[0].get_status() | |
ae3ad328 | 260 | if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']: |
302b7a1b JM |
261 | raise Exception("Not fully connected") |
262 | if status['ssid'] != ssid: | |
263 | raise Exception("Unexpected SSID") | |
264 | if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP': | |
265 | raise Exception("Unexpected encryption configuration") | |
266 | if status['key_mgmt'] != 'WPA2-PSK': | |
267 | raise Exception("Unexpected key_mgmt") | |
268 | ||
362ba6de JM |
269 | dev[1].scan(freq="2412") |
270 | bss = dev[1].get_bss(apdev[0]['bssid']) | |
271 | if "[WPS-AUTH]" in bss['flags']: | |
272 | raise Exception("WPS-AUTH flag not cleared") | |
a60a6d6b JM |
273 | logger.info("Try to connect from another station using the same PIN") |
274 | dev[1].request("WPS_PIN any " + pin) | |
275 | ev = dev[1].wait_event(["WPS-M2D","CTRL-EVENT-CONNECTED"], timeout=30) | |
276 | if ev is None: | |
277 | raise Exception("Operation timed out") | |
278 | if "WPS-M2D" not in ev: | |
279 | raise Exception("Unexpected WPS operation started") | |
362ba6de | 280 | |
e9129860 JM |
281 | def test_ap_wps_conf_pin_2sta(dev, apdev): |
282 | """Two stations trying to use WPS PIN at the same time""" | |
283 | ssid = "test-wps-conf-pin2" | |
284 | hostapd.add_ap(apdev[0]['ifname'], | |
285 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
286 | "wpa_passphrase": "12345678", "wpa": "2", | |
287 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}) | |
288 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
289 | logger.info("WPS provisioning step") | |
290 | pin = "12345670" | |
291 | pin2 = "55554444" | |
292 | hapd.request("WPS_PIN " + dev[0].get_status_field("uuid") + " " + pin) | |
293 | hapd.request("WPS_PIN " + dev[1].get_status_field("uuid") + " " + pin) | |
e9129860 | 294 | dev[0].dump_monitor() |
e9129860 JM |
295 | dev[1].dump_monitor() |
296 | dev[0].request("WPS_PIN any " + pin) | |
297 | dev[1].request("WPS_PIN any " + pin) | |
298 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) | |
299 | if ev is None: | |
300 | raise Exception("Association with the AP timed out") | |
301 | ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) | |
302 | if ev is None: | |
303 | raise Exception("Association with the AP timed out") | |
304 | ||
ae3ad328 | 305 | def test_ap_wps_reg_connect(dev, apdev): |
302b7a1b | 306 | """WPS registrar using AP PIN to connect""" |
803edd1c | 307 | ssid = "test-wps-reg-ap-pin" |
302b7a1b | 308 | appin = "12345670" |
ae3ad328 | 309 | hostapd.add_ap(apdev[0]['ifname'], |
302b7a1b JM |
310 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", |
311 | "wpa_passphrase": "12345678", "wpa": "2", | |
312 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP", | |
313 | "ap_pin": appin}) | |
314 | logger.info("WPS provisioning step") | |
302b7a1b | 315 | dev[0].dump_monitor() |
6edaee9c | 316 | dev[0].wps_reg(apdev[0]['bssid'], appin) |
302b7a1b | 317 | status = dev[0].get_status() |
ae3ad328 | 318 | if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']: |
302b7a1b JM |
319 | raise Exception("Not fully connected") |
320 | if status['ssid'] != ssid: | |
321 | raise Exception("Unexpected SSID") | |
322 | if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP': | |
323 | raise Exception("Unexpected encryption configuration") | |
324 | if status['key_mgmt'] != 'WPA2-PSK': | |
325 | raise Exception("Unexpected key_mgmt") | |
326 | ||
9488858f JM |
327 | def check_wps_reg_failure(dev, ap, appin): |
328 | dev.request("WPS_REG " + ap['bssid'] + " " + appin) | |
329 | ev = dev.wait_event(["WPS-SUCCESS", "WPS-FAIL"], timeout=15) | |
330 | if ev is None: | |
331 | raise Exception("WPS operation timed out") | |
332 | if "WPS-SUCCESS" in ev: | |
333 | raise Exception("WPS operation succeeded unexpectedly") | |
334 | if "config_error=15" not in ev: | |
335 | raise Exception("WPS setup locked state was not reported correctly") | |
336 | ||
e4357b19 JM |
337 | def test_ap_wps_random_ap_pin(dev, apdev): |
338 | """WPS registrar using random AP PIN""" | |
339 | ssid = "test-wps-reg-random-ap-pin" | |
340 | ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e" | |
341 | hostapd.add_ap(apdev[0]['ifname'], | |
342 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
343 | "wpa_passphrase": "12345678", "wpa": "2", | |
344 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP", | |
345 | "device_name": "Wireless AP", "manufacturer": "Company", | |
346 | "model_name": "WAP", "model_number": "123", | |
347 | "serial_number": "12345", "device_type": "6-0050F204-1", | |
348 | "os_version": "01020300", | |
349 | "config_methods": "label push_button", | |
350 | "uuid": ap_uuid, "upnp_iface": "lo" }) | |
351 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
352 | appin = hapd.request("WPS_AP_PIN random") | |
353 | if "FAIL" in appin: | |
354 | raise Exception("Could not generate random AP PIN") | |
355 | if appin not in hapd.request("WPS_AP_PIN get"): | |
356 | raise Exception("Could not fetch current AP PIN") | |
357 | logger.info("WPS provisioning step") | |
e4357b19 JM |
358 | dev[0].wps_reg(apdev[0]['bssid'], appin) |
359 | ||
360 | hapd.request("WPS_AP_PIN disable") | |
361 | logger.info("WPS provisioning step with AP PIN disabled") | |
9488858f JM |
362 | check_wps_reg_failure(dev[1], apdev[0], appin) |
363 | ||
364 | logger.info("WPS provisioning step with AP PIN reset") | |
365 | appin = "12345670" | |
366 | hapd.request("WPS_AP_PIN set " + appin) | |
367 | dev[1].wps_reg(apdev[0]['bssid'], appin) | |
368 | dev[0].request("REMOVE_NETWORK all") | |
369 | dev[1].request("REMOVE_NETWORK all") | |
370 | dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"]) | |
371 | dev[1].wait_event(["CTRL-EVENT-DISCONNECTED"]) | |
372 | ||
373 | logger.info("WPS provisioning step after AP PIN timeout") | |
374 | hapd.request("WPS_AP_PIN disable") | |
375 | appin = hapd.request("WPS_AP_PIN random 1") | |
376 | time.sleep(1.1) | |
377 | if "FAIL" not in hapd.request("WPS_AP_PIN get"): | |
378 | raise Exception("AP PIN unexpectedly still enabled") | |
379 | check_wps_reg_failure(dev[0], apdev[0], appin) | |
380 | ||
381 | logger.info("WPS provisioning step after AP PIN timeout(2)") | |
382 | hapd.request("WPS_AP_PIN disable") | |
383 | appin = "12345670" | |
384 | hapd.request("WPS_AP_PIN set " + appin + " 1") | |
385 | time.sleep(1.1) | |
386 | if "FAIL" not in hapd.request("WPS_AP_PIN get"): | |
387 | raise Exception("AP PIN unexpectedly still enabled") | |
388 | check_wps_reg_failure(dev[1], apdev[0], appin) | |
e4357b19 | 389 | |
ae3ad328 | 390 | def test_ap_wps_reg_config(dev, apdev): |
302b7a1b JM |
391 | """WPS registrar configuring and AP using AP PIN""" |
392 | ssid = "test-wps-init-ap-pin" | |
393 | appin = "12345670" | |
ae3ad328 | 394 | hostapd.add_ap(apdev[0]['ifname'], |
302b7a1b JM |
395 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", |
396 | "ap_pin": appin}) | |
397 | logger.info("WPS configuration step") | |
302b7a1b JM |
398 | dev[0].dump_monitor() |
399 | new_ssid = "wps-new-ssid" | |
400 | new_passphrase = "1234567890" | |
6edaee9c JM |
401 | dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPA2PSK", "CCMP", |
402 | new_passphrase) | |
302b7a1b | 403 | status = dev[0].get_status() |
ae3ad328 | 404 | if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']: |
302b7a1b JM |
405 | raise Exception("Not fully connected") |
406 | if status['ssid'] != new_ssid: | |
407 | raise Exception("Unexpected SSID") | |
408 | if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP': | |
409 | raise Exception("Unexpected encryption configuration") | |
410 | if status['key_mgmt'] != 'WPA2-PSK': | |
411 | raise Exception("Unexpected key_mgmt") | |
412 | ||
eeefe187 JM |
413 | def test_ap_wps_reg_config_tkip(dev, apdev): |
414 | """WPS registrar configuring AP to use TKIP and AP upgrading to TKIP+CCMP""" | |
415 | ssid = "test-wps-init-ap" | |
416 | appin = "12345670" | |
417 | hostapd.add_ap(apdev[0]['ifname'], | |
418 | { "ssid": ssid, "eap_server": "1", "wps_state": "1", | |
419 | "ap_pin": appin}) | |
420 | logger.info("WPS configuration step") | |
eeefe187 JM |
421 | dev[0].request("SET wps_version_number 0x10") |
422 | dev[0].dump_monitor() | |
423 | new_ssid = "wps-new-ssid-with-tkip" | |
424 | new_passphrase = "1234567890" | |
425 | dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPAPSK", "TKIP", | |
426 | new_passphrase) | |
427 | logger.info("Re-connect to verify WPA2 mixed mode") | |
428 | dev[0].request("DISCONNECT") | |
429 | id = 0 | |
430 | dev[0].set_network(id, "pairwise", "CCMP") | |
431 | dev[0].set_network(id, "proto", "RSN") | |
432 | dev[0].connect_network(id) | |
433 | status = dev[0].get_status() | |
434 | if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']: | |
435 | raise Exception("Not fully connected") | |
436 | if status['ssid'] != new_ssid: | |
437 | raise Exception("Unexpected SSID") | |
438 | if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP': | |
439 | raise Exception("Unexpected encryption configuration") | |
440 | if status['key_mgmt'] != 'WPA2-PSK': | |
441 | raise Exception("Unexpected key_mgmt") | |
442 | ||
6645ff50 JM |
443 | def test_ap_wps_setup_locked(dev, apdev): |
444 | """WPS registrar locking up AP setup on AP PIN failures""" | |
445 | ssid = "test-wps-incorrect-ap-pin" | |
446 | appin = "12345670" | |
447 | hostapd.add_ap(apdev[0]['ifname'], | |
448 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
449 | "wpa_passphrase": "12345678", "wpa": "2", | |
450 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP", | |
451 | "ap_pin": appin}) | |
6645ff50 JM |
452 | new_ssid = "wps-new-ssid-test" |
453 | new_passphrase = "1234567890" | |
454 | ||
455 | ap_setup_locked=False | |
456 | for pin in ["55554444", "1234", "12345678", "00000000", "11111111"]: | |
457 | dev[0].dump_monitor() | |
458 | logger.info("Try incorrect AP PIN - attempt " + pin) | |
459 | dev[0].wps_reg(apdev[0]['bssid'], pin, new_ssid, "WPA2PSK", | |
460 | "CCMP", new_passphrase, no_wait=True) | |
461 | ev = dev[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"]) | |
462 | if ev is None: | |
463 | raise Exception("Timeout on receiving WPS operation failure event") | |
464 | if "CTRL-EVENT-CONNECTED" in ev: | |
465 | raise Exception("Unexpected connection") | |
466 | if "config_error=15" in ev: | |
467 | logger.info("AP Setup Locked") | |
468 | ap_setup_locked=True | |
469 | elif "config_error=18" not in ev: | |
470 | raise Exception("config_error=18 not reported") | |
471 | ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"]) | |
472 | if ev is None: | |
473 | raise Exception("Timeout on disconnection event") | |
474 | time.sleep(0.1) | |
475 | if not ap_setup_locked: | |
476 | raise Exception("AP setup was not locked") | |
477 | ||
d671a420 JM |
478 | hapd = hostapd.Hostapd(apdev[0]['ifname']) |
479 | status = hapd.request("WPS_GET_STATUS") | |
480 | if "Last WPS result: Failed" not in status: | |
481 | raise Exception("WPS failure result not shown correctly") | |
482 | if "Peer Address: " + dev[0].p2p_interface_addr() not in status: | |
483 | raise Exception("Peer address not shown correctly") | |
484 | ||
6645ff50 JM |
485 | time.sleep(0.5) |
486 | dev[0].dump_monitor() | |
487 | logger.info("WPS provisioning step") | |
488 | pin = dev[0].wps_read_pin() | |
489 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
490 | hapd.request("WPS_PIN any " + pin) | |
491 | dev[0].request("WPS_PIN any " + pin) | |
492 | ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=30) | |
493 | if ev is None: | |
494 | raise Exception("WPS success was not reported") | |
495 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) | |
496 | if ev is None: | |
497 | raise Exception("Association with the AP timed out") | |
498 | ||
ae3ad328 | 499 | def test_ap_wps_pbc_overlap_2ap(dev, apdev): |
302b7a1b | 500 | """WPS PBC session overlap with two active APs""" |
ae3ad328 | 501 | hostapd.add_ap(apdev[0]['ifname'], |
302b7a1b JM |
502 | { "ssid": "wps1", "eap_server": "1", "wps_state": "2", |
503 | "wpa_passphrase": "12345678", "wpa": "2", | |
504 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP", | |
505 | "wps_independent": "1"}) | |
ae3ad328 | 506 | hostapd.add_ap(apdev[1]['ifname'], |
302b7a1b JM |
507 | { "ssid": "wps2", "eap_server": "1", "wps_state": "2", |
508 | "wpa_passphrase": "123456789", "wpa": "2", | |
509 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP", | |
510 | "wps_independent": "1"}) | |
ae3ad328 | 511 | hapd = hostapd.Hostapd(apdev[0]['ifname']) |
302b7a1b | 512 | hapd.request("WPS_PBC") |
ae3ad328 | 513 | hapd2 = hostapd.Hostapd(apdev[1]['ifname']) |
302b7a1b JM |
514 | hapd2.request("WPS_PBC") |
515 | logger.info("WPS provisioning step") | |
516 | dev[0].dump_monitor() | |
517 | dev[0].request("WPS_PBC") | |
518 | ev = dev[0].wait_event(["WPS-OVERLAP-DETECTED"], timeout=15) | |
519 | if ev is None: | |
520 | raise Exception("PBC session overlap not detected") | |
521 | ||
ae3ad328 | 522 | def test_ap_wps_pbc_overlap_2sta(dev, apdev): |
302b7a1b JM |
523 | """WPS PBC session overlap with two active STAs""" |
524 | ssid = "test-wps-pbc-overlap" | |
ae3ad328 | 525 | hostapd.add_ap(apdev[0]['ifname'], |
302b7a1b JM |
526 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", |
527 | "wpa_passphrase": "12345678", "wpa": "2", | |
528 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}) | |
ae3ad328 | 529 | hapd = hostapd.Hostapd(apdev[0]['ifname']) |
302b7a1b JM |
530 | logger.info("WPS provisioning step") |
531 | hapd.request("WPS_PBC") | |
302b7a1b JM |
532 | dev[0].dump_monitor() |
533 | dev[1].dump_monitor() | |
534 | dev[0].request("WPS_PBC") | |
535 | dev[1].request("WPS_PBC") | |
536 | ev = dev[0].wait_event(["WPS-M2D"], timeout=15) | |
537 | if ev is None: | |
538 | raise Exception("PBC session overlap not detected (dev0)") | |
539 | if "config_error=12" not in ev: | |
540 | raise Exception("PBC session overlap not correctly reported (dev0)") | |
541 | ev = dev[1].wait_event(["WPS-M2D"], timeout=15) | |
542 | if ev is None: | |
543 | raise Exception("PBC session overlap not detected (dev1)") | |
544 | if "config_error=12" not in ev: | |
545 | raise Exception("PBC session overlap not correctly reported (dev1)") | |
6edaee9c | 546 | |
71afe834 JM |
547 | def test_ap_wps_cancel(dev, apdev): |
548 | """WPS AP cancelling enabled config method""" | |
549 | ssid = "test-wps-ap-cancel" | |
550 | hostapd.add_ap(apdev[0]['ifname'], | |
551 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
552 | "wpa_passphrase": "12345678", "wpa": "2", | |
553 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }) | |
554 | bssid = apdev[0]['bssid'] | |
555 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
556 | ||
557 | logger.info("Verify PBC enable/cancel") | |
558 | hapd.request("WPS_PBC") | |
71afe834 JM |
559 | dev[0].scan(freq="2412") |
560 | bss = dev[0].get_bss(apdev[0]['bssid']) | |
561 | if "[WPS-PBC]" not in bss['flags']: | |
562 | raise Exception("WPS-PBC flag missing") | |
563 | if "FAIL" in hapd.request("WPS_CANCEL"): | |
564 | raise Exception("WPS_CANCEL failed") | |
565 | dev[0].scan(freq="2412") | |
566 | bss = dev[0].get_bss(apdev[0]['bssid']) | |
567 | if "[WPS-PBC]" in bss['flags']: | |
568 | raise Exception("WPS-PBC flag not cleared") | |
569 | ||
570 | logger.info("Verify PIN enable/cancel") | |
571 | hapd.request("WPS_PIN any 12345670") | |
572 | dev[0].scan(freq="2412") | |
573 | bss = dev[0].get_bss(apdev[0]['bssid']) | |
574 | if "[WPS-AUTH]" not in bss['flags']: | |
575 | raise Exception("WPS-AUTH flag missing") | |
576 | if "FAIL" in hapd.request("WPS_CANCEL"): | |
577 | raise Exception("WPS_CANCEL failed") | |
578 | dev[0].scan(freq="2412") | |
579 | bss = dev[0].get_bss(apdev[0]['bssid']) | |
580 | if "[WPS-AUTH]" in bss['flags']: | |
581 | raise Exception("WPS-AUTH flag not cleared") | |
582 | ||
6edaee9c JM |
583 | def test_ap_wps_er_add_enrollee(dev, apdev): |
584 | """WPS ER configuring AP and adding a new enrollee using PIN""" | |
585 | ssid = "wps-er-add-enrollee" | |
586 | ap_pin = "12345670" | |
587 | ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e" | |
588 | hostapd.add_ap(apdev[0]['ifname'], | |
589 | { "ssid": ssid, "eap_server": "1", "wps_state": "1", | |
590 | "device_name": "Wireless AP", "manufacturer": "Company", | |
591 | "model_name": "WAP", "model_number": "123", | |
592 | "serial_number": "12345", "device_type": "6-0050F204-1", | |
593 | "os_version": "01020300", | |
594 | "config_methods": "label push_button", | |
595 | "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"}) | |
596 | logger.info("WPS configuration step") | |
597 | new_passphrase = "1234567890" | |
598 | dev[0].dump_monitor() | |
6edaee9c JM |
599 | dev[0].wps_reg(apdev[0]['bssid'], ap_pin, ssid, "WPA2PSK", "CCMP", |
600 | new_passphrase) | |
601 | status = dev[0].get_status() | |
602 | if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']: | |
603 | raise Exception("Not fully connected") | |
604 | if status['ssid'] != ssid: | |
605 | raise Exception("Unexpected SSID") | |
606 | if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP': | |
607 | raise Exception("Unexpected encryption configuration") | |
608 | if status['key_mgmt'] != 'WPA2-PSK': | |
609 | raise Exception("Unexpected key_mgmt") | |
610 | ||
611 | logger.info("Start ER") | |
612 | dev[0].request("WPS_ER_START ifname=lo") | |
613 | ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15) | |
614 | if ev is None: | |
615 | raise Exception("AP discovery timed out") | |
616 | if ap_uuid not in ev: | |
617 | raise Exception("Expected AP UUID not found") | |
618 | ||
619 | logger.info("Learn AP configuration through UPnP") | |
620 | dev[0].dump_monitor() | |
621 | dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin) | |
622 | ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15) | |
623 | if ev is None: | |
624 | raise Exception("AP learn timed out") | |
625 | if ap_uuid not in ev: | |
626 | raise Exception("Expected AP UUID not in settings") | |
627 | if "ssid=" + ssid not in ev: | |
628 | raise Exception("Expected SSID not in settings") | |
629 | if "key=" + new_passphrase not in ev: | |
630 | raise Exception("Expected passphrase not in settings") | |
631 | ||
632 | logger.info("Add Enrollee using ER") | |
633 | pin = dev[1].wps_read_pin() | |
634 | dev[0].dump_monitor() | |
635 | dev[0].request("WPS_ER_PIN any " + pin + " " + dev[1].p2p_interface_addr()) | |
6edaee9c JM |
636 | dev[1].dump_monitor() |
637 | dev[1].request("WPS_PIN any " + pin) | |
846be889 | 638 | ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=30) |
6edaee9c JM |
639 | if ev is None: |
640 | raise Exception("Enrollee did not report success") | |
641 | ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15) | |
642 | if ev is None: | |
643 | raise Exception("Association with the AP timed out") | |
644 | ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15) | |
645 | if ev is None: | |
646 | raise Exception("WPS ER did not report success") | |
647 | hwsim_utils.test_connectivity_sta(dev[0], dev[1]) | |
648 | ||
38ae43de JM |
649 | logger.info("Verify registrar selection behavior") |
650 | dev[0].request("WPS_ER_PIN any " + pin + " " + dev[1].p2p_interface_addr()) | |
651 | dev[1].request("DISCONNECT") | |
652 | dev[1].wait_event(["CTRL-EVENT-DISCONNECTED"]) | |
653 | dev[1].scan(freq="2412") | |
654 | bss = dev[1].get_bss(apdev[0]['bssid']) | |
655 | if "[WPS-AUTH]" not in bss['flags']: | |
656 | raise Exception("WPS-AUTH flag missing") | |
657 | ||
658 | logger.info("Stop ER") | |
659 | dev[0].dump_monitor() | |
660 | dev[0].request("WPS_ER_STOP") | |
661 | ev = dev[0].wait_event(["WPS-ER-AP-REMOVE"]) | |
662 | if ev is None: | |
663 | raise Exception("WPS ER unsubscription timed out") | |
8697cbc0 JM |
664 | # It takes some time for the UPnP UNSUBSCRIBE command to go through, so wait |
665 | # a bit before verifying that the scan results have change. | |
666 | time.sleep(0.2) | |
38ae43de JM |
667 | |
668 | dev[1].scan(freq="2412") | |
669 | bss = dev[1].get_bss(apdev[0]['bssid']) | |
670 | if "[WPS-AUTH]" in bss['flags']: | |
671 | raise Exception("WPS-AUTH flag not removed") | |
672 | ||
6edaee9c JM |
673 | def test_ap_wps_er_add_enrollee_pbc(dev, apdev): |
674 | """WPS ER connected to AP and adding a new enrollee using PBC""" | |
675 | ssid = "wps-er-add-enrollee-pbc" | |
676 | ap_pin = "12345670" | |
677 | ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e" | |
678 | hostapd.add_ap(apdev[0]['ifname'], | |
679 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
680 | "wpa_passphrase": "12345678", "wpa": "2", | |
681 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP", | |
682 | "device_name": "Wireless AP", "manufacturer": "Company", | |
683 | "model_name": "WAP", "model_number": "123", | |
684 | "serial_number": "12345", "device_type": "6-0050F204-1", | |
685 | "os_version": "01020300", | |
686 | "config_methods": "label push_button", | |
687 | "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"}) | |
688 | logger.info("Learn AP configuration") | |
689 | dev[0].dump_monitor() | |
6edaee9c JM |
690 | dev[0].wps_reg(apdev[0]['bssid'], ap_pin) |
691 | status = dev[0].get_status() | |
692 | if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']: | |
693 | raise Exception("Not fully connected") | |
694 | ||
695 | logger.info("Start ER") | |
696 | dev[0].request("WPS_ER_START ifname=lo") | |
697 | ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15) | |
698 | if ev is None: | |
699 | raise Exception("AP discovery timed out") | |
700 | if ap_uuid not in ev: | |
701 | raise Exception("Expected AP UUID not found") | |
702 | ||
703 | logger.info("Use learned network configuration on ER") | |
704 | dev[0].request("WPS_ER_SET_CONFIG " + ap_uuid + " 0") | |
705 | ||
706 | logger.info("Add Enrollee using ER and PBC") | |
707 | dev[0].dump_monitor() | |
708 | enrollee = dev[1].p2p_interface_addr() | |
6edaee9c JM |
709 | dev[1].dump_monitor() |
710 | dev[1].request("WPS_PBC") | |
711 | ||
8674c022 JM |
712 | for i in range(0, 2): |
713 | ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=15) | |
714 | if ev is None: | |
715 | raise Exception("Enrollee discovery timed out") | |
716 | if enrollee in ev: | |
717 | break | |
718 | if i == 1: | |
719 | raise Exception("Expected Enrollee not found") | |
6edaee9c JM |
720 | dev[0].request("WPS_ER_PBC " + enrollee) |
721 | ||
722 | ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=15) | |
723 | if ev is None: | |
724 | raise Exception("Enrollee did not report success") | |
725 | ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15) | |
726 | if ev is None: | |
727 | raise Exception("Association with the AP timed out") | |
728 | ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15) | |
729 | if ev is None: | |
730 | raise Exception("WPS ER did not report success") | |
731 | hwsim_utils.test_connectivity_sta(dev[0], dev[1]) | |
bff3ac5b | 732 | |
800bcf4e JM |
733 | # verify BSSID selection of the AP instead of UUID |
734 | if "FAIL" in dev[0].request("WPS_ER_SET_CONFIG " + apdev[0]['bssid'] + " 0"): | |
735 | raise Exception("Could not select AP based on BSSID") | |
736 | ||
be923570 JM |
737 | def test_ap_wps_er_config_ap(dev, apdev): |
738 | """WPS ER configuring AP over UPnP""" | |
739 | ssid = "wps-er-ap-config" | |
740 | ap_pin = "12345670" | |
741 | ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e" | |
742 | hostapd.add_ap(apdev[0]['ifname'], | |
743 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
744 | "wpa_passphrase": "12345678", "wpa": "2", | |
745 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP", | |
746 | "device_name": "Wireless AP", "manufacturer": "Company", | |
747 | "model_name": "WAP", "model_number": "123", | |
748 | "serial_number": "12345", "device_type": "6-0050F204-1", | |
749 | "os_version": "01020300", | |
750 | "config_methods": "label push_button", | |
751 | "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"}) | |
752 | ||
753 | logger.info("Connect ER to the AP") | |
754 | dev[0].connect(ssid, psk="12345678", scan_freq="2412") | |
755 | ||
756 | logger.info("WPS configuration step") | |
757 | dev[0].request("WPS_ER_START ifname=lo") | |
758 | ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15) | |
759 | if ev is None: | |
760 | raise Exception("AP discovery timed out") | |
761 | if ap_uuid not in ev: | |
762 | raise Exception("Expected AP UUID not found") | |
763 | new_passphrase = "1234567890" | |
764 | dev[0].request("WPS_ER_CONFIG " + apdev[0]['bssid'] + " " + ap_pin + " " + | |
765 | ssid.encode("hex") + " WPA2PSK CCMP " + | |
766 | new_passphrase.encode("hex")) | |
767 | ev = dev[0].wait_event(["WPS-SUCCESS"]) | |
768 | if ev is None: | |
769 | raise Exception("WPS ER configuration operation timed out") | |
770 | dev[1].wait_event(["CTRL-EVENT-DISCONNECTED"]) | |
771 | dev[0].connect(ssid, psk="1234567890", scan_freq="2412") | |
772 | ||
bff3ac5b JM |
773 | def test_ap_wps_fragmentation(dev, apdev): |
774 | """WPS with fragmentation in EAP-WSC and mixed mode WPA+WPA2""" | |
775 | ssid = "test-wps-fragmentation" | |
776 | hostapd.add_ap(apdev[0]['ifname'], | |
777 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
778 | "wpa_passphrase": "12345678", "wpa": "3", | |
779 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP", | |
780 | "wpa_pairwise": "TKIP", | |
781 | "fragment_size": "50" }) | |
782 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
783 | logger.info("WPS provisioning step") | |
784 | hapd.request("WPS_PBC") | |
bff3ac5b JM |
785 | dev[0].dump_monitor() |
786 | dev[0].request("SET wps_fragment_size 50") | |
787 | dev[0].request("WPS_PBC") | |
788 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) | |
789 | if ev is None: | |
790 | raise Exception("Association with the AP timed out") | |
791 | status = dev[0].get_status() | |
792 | if status['wpa_state'] != 'COMPLETED': | |
793 | raise Exception("Not fully connected") | |
794 | if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP': | |
795 | raise Exception("Unexpected encryption configuration") | |
796 | if status['key_mgmt'] != 'WPA2-PSK': | |
797 | raise Exception("Unexpected key_mgmt") | |
10ea6848 JM |
798 | |
799 | def test_ap_wps_new_version_sta(dev, apdev): | |
800 | """WPS compatibility with new version number on the station""" | |
801 | ssid = "test-wps-ver" | |
802 | hostapd.add_ap(apdev[0]['ifname'], | |
803 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
804 | "wpa_passphrase": "12345678", "wpa": "2", | |
805 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }) | |
806 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
807 | logger.info("WPS provisioning step") | |
808 | hapd.request("WPS_PBC") | |
10ea6848 JM |
809 | dev[0].dump_monitor() |
810 | dev[0].request("SET wps_version_number 0x43") | |
811 | dev[0].request("WPS_PBC") | |
812 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) | |
813 | if ev is None: | |
814 | raise Exception("Association with the AP timed out") | |
815 | ||
816 | def test_ap_wps_new_version_ap(dev, apdev): | |
817 | """WPS compatibility with new version number on the AP""" | |
818 | ssid = "test-wps-ver" | |
819 | hostapd.add_ap(apdev[0]['ifname'], | |
820 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
821 | "wpa_passphrase": "12345678", "wpa": "2", | |
822 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }) | |
823 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
824 | logger.info("WPS provisioning step") | |
825 | if "FAIL" in hapd.request("SET wps_version_number 0x43"): | |
826 | raise Exception("Failed to enable test functionality") | |
827 | hapd.request("WPS_PBC") | |
10ea6848 JM |
828 | dev[0].dump_monitor() |
829 | dev[0].request("WPS_PBC") | |
830 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) | |
831 | hapd.request("SET wps_version_number 0x20") | |
832 | if ev is None: | |
833 | raise Exception("Association with the AP timed out") | |
3bdf7d7f JM |
834 | |
835 | def test_ap_wps_check_pin(dev, apdev): | |
836 | """Verify PIN checking through control interface""" | |
837 | hostapd.add_ap(apdev[0]['ifname'], | |
838 | { "ssid": "wps", "eap_server": "1", "wps_state": "2", | |
839 | "wpa_passphrase": "12345678", "wpa": "2", | |
840 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }) | |
841 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
842 | for t in [ ("12345670", "12345670"), | |
843 | ("12345678", "FAIL-CHECKSUM"), | |
844 | ("1234-5670", "12345670"), | |
845 | ("1234 5670", "12345670"), | |
846 | ("1-2.3:4 5670", "12345670") ]: | |
847 | res = hapd.request("WPS_CHECK_PIN " + t[0]).rstrip('\n') | |
848 | res2 = dev[0].request("WPS_CHECK_PIN " + t[0]).rstrip('\n') | |
849 | if res != res2: | |
850 | raise Exception("Unexpected difference in WPS_CHECK_PIN responses") | |
851 | if res != t[1]: | |
852 | raise Exception("Incorrect WPS_CHECK_PIN response {} (expected {})".format(res, t[1])) | |
9ba1fcb0 JM |
853 | |
854 | def test_ap_wps_wep_config(dev, apdev): | |
855 | """WPS 2.0 AP rejecting WEP configuration""" | |
856 | ssid = "test-wps-config" | |
857 | appin = "12345670" | |
858 | hostapd.add_ap(apdev[0]['ifname'], | |
859 | { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
860 | "ap_pin": appin}) | |
861 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
862 | dev[0].wps_reg(apdev[0]['bssid'], appin, "wps-new-ssid-wep", "OPEN", "WEP", | |
863 | "hello", no_wait=True) | |
864 | ev = hapd.wait_event(["WPS-FAIL"], timeout=15) | |
865 | if ev is None: | |
866 | raise Exception("WPS-FAIL timed out") | |
867 | if "reason=2" not in ev: | |
868 | raise Exception("Unexpected reason code in WPS-FAIL") | |
869 | status = hapd.request("WPS_GET_STATUS") | |
870 | if "Last WPS result: Failed" not in status: | |
871 | raise Exception("WPS failure result not shown correctly") | |
872 | if "Failure Reason: WEP Prohibited" not in status: | |
873 | raise Exception("Failure reason not reported correctly") | |
874 | if "Peer Address: " + dev[0].p2p_interface_addr() not in status: | |
875 | raise Exception("Peer address not shown correctly") | |
1013a576 JM |
876 | |
877 | def test_ap_wps_ie_fragmentation(dev, apdev): | |
878 | """WPS AP using fragmented WPS IE""" | |
879 | ssid = "test-wps-ie-fragmentation" | |
880 | params = { "ssid": ssid, "eap_server": "1", "wps_state": "2", | |
881 | "wpa_passphrase": "12345678", "wpa": "2", | |
882 | "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP", | |
883 | "device_name": "1234567890abcdef1234567890abcdef", | |
884 | "manufacturer": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef", | |
885 | "model_name": "1234567890abcdef1234567890abcdef", | |
886 | "model_number": "1234567890abcdef1234567890abcdef", | |
887 | "serial_number": "1234567890abcdef1234567890abcdef" } | |
888 | hostapd.add_ap(apdev[0]['ifname'], params) | |
889 | hapd = hostapd.Hostapd(apdev[0]['ifname']) | |
890 | hapd.request("WPS_PBC") | |
891 | dev[0].request("WPS_PBC") | |
892 | ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) | |
893 | if ev is None: | |
894 | raise Exception("Association with the AP timed out") | |
895 | bss = dev[0].get_bss(apdev[0]['bssid']) | |
896 | if "wps_device_name" not in bss or bss['wps_device_name'] != "1234567890abcdef1234567890abcdef": | |
897 | raise Exception("Device Name not received correctly") | |
898 | if len(re.findall("dd..0050f204", bss['ie'])) != 2: | |
899 | raise Exception("Unexpected number of WPS IEs") |