2 # Copyright (c) 2013-2017, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
7 from remotehost
import remote_compatible
10 from Crypto
.Cipher
import AES
18 logger
= logging
.getLogger()
25 import xml
.etree
.ElementTree
as ET
31 from wpasupplicant
import WpaSupplicant
32 from utils
import HwsimSkip
, alloc_fail
, fail_test
, skip_with_fips
33 from utils
import wait_fail_trigger
34 from test_ap_eap
import int_eap_server_params
36 def wps_start_ap(apdev
, ssid
="test-wps-conf"):
37 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
38 "wpa_passphrase": "12345678", "wpa": "2",
39 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }
40 return hostapd
.add_ap(apdev
, params
)
43 def test_ap_wps_init(dev
, apdev
):
44 """Initial AP configuration with first WPS Enrollee"""
46 hapd
= hostapd
.add_ap(apdev
[0],
47 { "ssid": ssid
, "eap_server": "1", "wps_state": "1" })
48 logger
.info("WPS provisioning step")
49 hapd
.request("WPS_PBC")
50 if "PBC Status: Active" not in hapd
.request("WPS_GET_STATUS"):
51 raise Exception("PBC status not shown correctly")
53 id = dev
[0].add_network()
54 dev
[0].set_network_quoted(id, "ssid", "home")
55 dev
[0].set_network_quoted(id, "psk", "12345678")
56 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
58 id = dev
[0].add_network()
59 dev
[0].set_network_quoted(id, "ssid", "home2")
60 dev
[0].set_network(id, "bssid", "00:11:22:33:44:55")
61 dev
[0].set_network(id, "key_mgmt", "NONE")
62 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
64 dev
[0].request("WPS_PBC")
65 dev
[0].wait_connected(timeout
=30)
66 status
= dev
[0].get_status()
67 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
68 raise Exception("Not fully connected")
69 if status
['ssid'] != ssid
:
70 raise Exception("Unexpected SSID")
71 if status
['pairwise_cipher'] != 'CCMP':
72 raise Exception("Unexpected encryption configuration")
73 if status
['key_mgmt'] != 'WPA2-PSK':
74 raise Exception("Unexpected key_mgmt")
76 status
= hapd
.request("WPS_GET_STATUS")
77 if "PBC Status: Disabled" not in status
:
78 raise Exception("PBC status not shown correctly")
79 if "Last WPS result: Success" not in status
:
80 raise Exception("Last WPS result not shown correctly")
81 if "Peer Address: " + dev
[0].p2p_interface_addr() not in status
:
82 raise Exception("Peer address not shown correctly")
83 conf
= hapd
.request("GET_CONFIG")
84 if "wps_state=configured" not in conf
:
85 raise Exception("AP not in WPS configured state")
86 if "wpa=3" not in conf
:
87 raise Exception("AP not in WPA+WPA2 configuration")
88 if "rsn_pairwise_cipher=CCMP TKIP" not in conf
:
89 raise Exception("Unexpected rsn_pairwise_cipher")
90 if "wpa_pairwise_cipher=CCMP TKIP" not in conf
:
91 raise Exception("Unexpected wpa_pairwise_cipher")
92 if "group_cipher=TKIP" not in conf
:
93 raise Exception("Unexpected group_cipher")
95 if len(dev
[0].list_networks()) != 3:
96 raise Exception("Unexpected number of network blocks")
98 def test_ap_wps_init_2ap_pbc(dev
, apdev
):
99 """Initial two-radio AP configuration with first WPS PBC Enrollee"""
101 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "1" }
102 hapd
= hostapd
.add_ap(apdev
[0], params
)
103 hostapd
.add_ap(apdev
[1], params
)
104 logger
.info("WPS provisioning step")
105 hapd
.request("WPS_PBC")
106 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
107 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
108 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
109 if "[WPS-PBC]" not in bss
['flags']:
110 raise Exception("WPS-PBC flag missing from AP1")
111 bss
= dev
[0].get_bss(apdev
[1]['bssid'])
112 if "[WPS-PBC]" not in bss
['flags']:
113 raise Exception("WPS-PBC flag missing from AP2")
114 dev
[0].dump_monitor()
115 dev
[0].request("SET wps_cred_processing 2")
116 dev
[0].request("WPS_PBC")
117 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=30)
118 dev
[0].request("SET wps_cred_processing 0")
120 raise Exception("WPS cred event not seen")
122 raise Exception("WPS attributes not included in the cred event")
123 dev
[0].wait_connected(timeout
=30)
125 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
126 dev
[1].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
127 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
128 if "[WPS-PBC]" in bss
['flags']:
129 raise Exception("WPS-PBC flag not cleared from AP1")
130 bss
= dev
[1].get_bss(apdev
[1]['bssid'])
131 if "[WPS-PBC]" in bss
['flags']:
132 raise Exception("WPS-PBC flag not cleared from AP2")
134 def test_ap_wps_init_2ap_pin(dev
, apdev
):
135 """Initial two-radio AP configuration with first WPS PIN Enrollee"""
137 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "1" }
138 hapd
= hostapd
.add_ap(apdev
[0], params
)
139 hostapd
.add_ap(apdev
[1], params
)
140 logger
.info("WPS provisioning step")
141 pin
= dev
[0].wps_read_pin()
142 hapd
.request("WPS_PIN any " + pin
)
143 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
144 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
145 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
146 if "[WPS-AUTH]" not in bss
['flags']:
147 raise Exception("WPS-AUTH flag missing from AP1")
148 bss
= dev
[0].get_bss(apdev
[1]['bssid'])
149 if "[WPS-AUTH]" not in bss
['flags']:
150 raise Exception("WPS-AUTH flag missing from AP2")
151 dev
[0].dump_monitor()
152 dev
[0].request("WPS_PIN any " + pin
)
153 dev
[0].wait_connected(timeout
=30)
155 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
156 dev
[1].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
157 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
158 if "[WPS-AUTH]" in bss
['flags']:
159 raise Exception("WPS-AUTH flag not cleared from AP1")
160 bss
= dev
[1].get_bss(apdev
[1]['bssid'])
161 if "[WPS-AUTH]" in bss
['flags']:
162 raise Exception("WPS-AUTH flag not cleared from AP2")
165 def test_ap_wps_init_through_wps_config(dev
, apdev
):
166 """Initial AP configuration using wps_config command"""
167 ssid
= "test-wps-init-config"
168 hapd
= hostapd
.add_ap(apdev
[0],
169 { "ssid": ssid
, "eap_server": "1", "wps_state": "1" })
170 if "FAIL" in hapd
.request("WPS_CONFIG " + ssid
.encode("hex") + " WPA2PSK CCMP " + "12345678".encode("hex")):
171 raise Exception("WPS_CONFIG command failed")
172 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=5)
174 raise Exception("Timeout on WPS-NEW-AP-SETTINGS events")
175 # It takes some time for the AP to update Beacon and Probe Response frames,
176 # so wait here before requesting the scan to be started to avoid adding
177 # extra five second wait to the test due to fetching obsolete scan results.
180 dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412", proto
="WPA2",
181 pairwise
="CCMP", group
="CCMP")
183 if "FAIL" not in hapd
.request("WPS_CONFIG foo"):
184 raise Exception("Invalid WPS_CONFIG accepted")
187 def test_ap_wps_init_through_wps_config_2(dev
, apdev
):
188 """AP configuration using wps_config and wps_cred_processing=2"""
189 ssid
= "test-wps-init-config"
190 hapd
= hostapd
.add_ap(apdev
[0],
191 { "ssid": ssid
, "eap_server": "1", "wps_state": "1",
192 "wps_cred_processing": "2" })
193 if "FAIL" in hapd
.request("WPS_CONFIG " + ssid
.encode("hex") + " WPA2PSK CCMP " + "12345678".encode("hex")):
194 raise Exception("WPS_CONFIG command failed")
195 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=5)
197 raise Exception("Timeout on WPS-NEW-AP-SETTINGS events")
199 raise Exception("WPS-NEW-AP-SETTINGS did not include Credential")
202 def test_ap_wps_invalid_wps_config_passphrase(dev
, apdev
):
203 """AP configuration using wps_config command with invalid passphrase"""
204 ssid
= "test-wps-init-config"
205 hapd
= hostapd
.add_ap(apdev
[0],
206 { "ssid": ssid
, "eap_server": "1", "wps_state": "1" })
207 if "FAIL" not in hapd
.request("WPS_CONFIG " + ssid
.encode("hex") + " WPA2PSK CCMP " + "1234567".encode("hex")):
208 raise Exception("Invalid WPS_CONFIG command accepted")
210 def test_ap_wps_conf(dev
, apdev
):
211 """WPS PBC provisioning with configured AP"""
212 ssid
= "test-wps-conf"
213 hapd
= hostapd
.add_ap(apdev
[0],
214 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
215 "wpa_passphrase": "12345678", "wpa": "2",
216 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
217 logger
.info("WPS provisioning step")
218 hapd
.request("WPS_PBC")
219 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
220 dev
[0].dump_monitor()
221 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
222 dev
[0].wait_connected(timeout
=30)
223 status
= dev
[0].get_status()
224 if status
['wpa_state'] != 'COMPLETED':
225 raise Exception("Not fully connected")
226 if status
['bssid'] != apdev
[0]['bssid']:
227 raise Exception("Unexpected BSSID")
228 if status
['ssid'] != ssid
:
229 raise Exception("Unexpected SSID")
230 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
231 raise Exception("Unexpected encryption configuration")
232 if status
['key_mgmt'] != 'WPA2-PSK':
233 raise Exception("Unexpected key_mgmt")
235 sta
= hapd
.get_sta(dev
[0].p2p_interface_addr())
236 if 'wpsDeviceName' not in sta
or sta
['wpsDeviceName'] != "Device A":
237 raise Exception("Device name not available in STA command")
239 def test_ap_wps_conf_5ghz(dev
, apdev
):
240 """WPS PBC provisioning with configured AP on 5 GHz band"""
243 ssid
= "test-wps-conf"
244 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
245 "wpa_passphrase": "12345678", "wpa": "2",
246 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
247 "country_code": "FI", "hw_mode": "a", "channel": "36" }
248 hapd
= hostapd
.add_ap(apdev
[0], params
)
249 logger
.info("WPS provisioning step")
250 hapd
.request("WPS_PBC")
251 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="5180")
252 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
253 dev
[0].wait_connected(timeout
=30)
255 sta
= hapd
.get_sta(dev
[0].p2p_interface_addr())
256 if 'wpsDeviceName' not in sta
or sta
['wpsDeviceName'] != "Device A":
257 raise Exception("Device name not available in STA command")
259 dev
[0].request("DISCONNECT")
261 hapd
.request("DISABLE")
262 subprocess
.call(['iw', 'reg', 'set', '00'])
263 dev
[0].flush_scan_cache()
265 def test_ap_wps_conf_chan14(dev
, apdev
):
266 """WPS PBC provisioning with configured AP on channel 14"""
269 ssid
= "test-wps-conf"
270 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
271 "wpa_passphrase": "12345678", "wpa": "2",
272 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
273 "country_code": "JP", "hw_mode": "b", "channel": "14" }
274 hapd
= hostapd
.add_ap(apdev
[0], params
)
275 logger
.info("WPS provisioning step")
276 hapd
.request("WPS_PBC")
277 dev
[0].request("WPS_PBC")
278 dev
[0].wait_connected(timeout
=30)
280 sta
= hapd
.get_sta(dev
[0].p2p_interface_addr())
281 if 'wpsDeviceName' not in sta
or sta
['wpsDeviceName'] != "Device A":
282 raise Exception("Device name not available in STA command")
284 dev
[0].request("DISCONNECT")
286 hapd
.request("DISABLE")
287 subprocess
.call(['iw', 'reg', 'set', '00'])
288 dev
[0].flush_scan_cache()
291 def test_ap_wps_twice(dev
, apdev
):
292 """WPS provisioning with twice to change passphrase"""
293 ssid
= "test-wps-twice"
294 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
295 "wpa_passphrase": "12345678", "wpa": "2",
296 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }
297 hapd
= hostapd
.add_ap(apdev
[0], params
)
298 logger
.info("WPS provisioning step")
299 hapd
.request("WPS_PBC")
300 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
301 dev
[0].dump_monitor()
302 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
303 dev
[0].wait_connected(timeout
=30)
304 dev
[0].request("DISCONNECT")
306 logger
.info("Restart AP with different passphrase and re-run WPS")
307 hostapd
.remove_bss(apdev
[0])
308 params
['wpa_passphrase'] = 'another passphrase'
309 hapd
= hostapd
.add_ap(apdev
[0], params
)
310 logger
.info("WPS provisioning step")
311 hapd
.request("WPS_PBC")
312 dev
[0].dump_monitor()
313 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
314 dev
[0].wait_connected(timeout
=30)
315 networks
= dev
[0].list_networks()
316 if len(networks
) > 1:
317 raise Exception("Unexpected duplicated network block present")
320 def test_ap_wps_incorrect_pin(dev
, apdev
):
321 """WPS PIN provisioning with incorrect PIN"""
322 ssid
= "test-wps-incorrect-pin"
323 hapd
= hostapd
.add_ap(apdev
[0],
324 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
325 "wpa_passphrase": "12345678", "wpa": "2",
326 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
328 logger
.info("WPS provisioning attempt 1")
329 hapd
.request("WPS_PIN any 12345670")
330 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
331 dev
[0].dump_monitor()
332 dev
[0].request("WPS_PIN %s 55554444" % apdev
[0]['bssid'])
333 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=30)
335 raise Exception("WPS operation timed out")
336 if "config_error=18" not in ev
:
337 raise Exception("Incorrect config_error reported")
338 if "msg=8" not in ev
:
339 raise Exception("PIN error detected on incorrect message")
340 dev
[0].wait_disconnected(timeout
=10)
341 dev
[0].request("WPS_CANCEL")
342 # if a scan was in progress, wait for it to complete before trying WPS again
343 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
345 status
= hapd
.request("WPS_GET_STATUS")
346 if "Last WPS result: Failed" not in status
:
347 raise Exception("WPS failure result not shown correctly")
349 logger
.info("WPS provisioning attempt 2")
350 hapd
.request("WPS_PIN any 12345670")
351 dev
[0].dump_monitor()
352 dev
[0].request("WPS_PIN %s 12344444" % apdev
[0]['bssid'])
353 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=30)
355 raise Exception("WPS operation timed out")
356 if "config_error=18" not in ev
:
357 raise Exception("Incorrect config_error reported")
358 if "msg=10" not in ev
:
359 raise Exception("PIN error detected on incorrect message")
360 dev
[0].wait_disconnected(timeout
=10)
363 def test_ap_wps_conf_pin(dev
, apdev
):
364 """WPS PIN provisioning with configured AP"""
365 ssid
= "test-wps-conf-pin"
366 hapd
= hostapd
.add_ap(apdev
[0],
367 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
368 "wpa_passphrase": "12345678", "wpa": "2",
369 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
370 logger
.info("WPS provisioning step")
371 pin
= dev
[0].wps_read_pin()
372 hapd
.request("WPS_PIN any " + pin
)
373 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
374 dev
[0].dump_monitor()
375 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
376 dev
[0].wait_connected(timeout
=30)
377 status
= dev
[0].get_status()
378 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
379 raise Exception("Not fully connected")
380 if status
['ssid'] != ssid
:
381 raise Exception("Unexpected SSID")
382 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
383 raise Exception("Unexpected encryption configuration")
384 if status
['key_mgmt'] != 'WPA2-PSK':
385 raise Exception("Unexpected key_mgmt")
387 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
388 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
389 if "[WPS-AUTH]" in bss
['flags']:
390 raise Exception("WPS-AUTH flag not cleared")
391 logger
.info("Try to connect from another station using the same PIN")
392 pin
= dev
[1].request("WPS_PIN " + apdev
[0]['bssid'])
393 ev
= dev
[1].wait_event(["WPS-M2D","CTRL-EVENT-CONNECTED"], timeout
=30)
395 raise Exception("Operation timed out")
396 if "WPS-M2D" not in ev
:
397 raise Exception("Unexpected WPS operation started")
398 hapd
.request("WPS_PIN any " + pin
)
399 dev
[1].wait_connected(timeout
=30)
401 def test_ap_wps_conf_pin_mixed_mode(dev
, apdev
):
402 """WPS PIN provisioning with configured AP (WPA+WPA2)"""
403 ssid
= "test-wps-conf-pin-mixed"
404 hapd
= hostapd
.add_ap(apdev
[0],
405 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
406 "wpa_passphrase": "12345678", "wpa": "3",
407 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
408 "wpa_pairwise": "TKIP" })
410 logger
.info("WPS provisioning step")
411 pin
= dev
[0].wps_read_pin()
412 hapd
.request("WPS_PIN any " + pin
)
413 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
414 dev
[0].dump_monitor()
415 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
416 dev
[0].wait_connected(timeout
=30)
417 status
= dev
[0].get_status()
418 dev
[0].request("REMOVE_NETWORK all")
419 dev
[0].wait_disconnected()
420 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP' or status
['key_mgmt'] != 'WPA2-PSK':
421 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status
['pairwise_cipher'], status
['group_cipher'], status
['key_mgmt']))
423 logger
.info("WPS provisioning step (auth_types=0x1b)")
424 if "OK" not in dev
[0].request("SET wps_force_auth_types 0x1b"):
425 raise Exception("Failed to set wps_force_auth_types 0x1b")
426 pin
= dev
[0].wps_read_pin()
427 hapd
.request("WPS_PIN any " + pin
)
428 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
429 dev
[0].dump_monitor()
430 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
431 dev
[0].wait_connected(timeout
=30)
432 status
= dev
[0].get_status()
433 dev
[0].request("REMOVE_NETWORK all")
434 dev
[0].wait_disconnected()
435 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP' or status
['key_mgmt'] != 'WPA2-PSK':
436 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status
['pairwise_cipher'], status
['group_cipher'], status
['key_mgmt']))
438 logger
.info("WPS provisioning step (auth_types=0 encr_types=0)")
439 if "OK" not in dev
[0].request("SET wps_force_auth_types 0"):
440 raise Exception("Failed to set wps_force_auth_types 0")
441 if "OK" not in dev
[0].request("SET wps_force_encr_types 0"):
442 raise Exception("Failed to set wps_force_encr_types 0")
443 pin
= dev
[0].wps_read_pin()
444 hapd
.request("WPS_PIN any " + pin
)
445 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
446 dev
[0].dump_monitor()
447 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
448 dev
[0].wait_connected(timeout
=30)
449 status
= dev
[0].get_status()
450 dev
[0].request("REMOVE_NETWORK all")
451 dev
[0].wait_disconnected()
452 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP' or status
['key_mgmt'] != 'WPA2-PSK':
453 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status
['pairwise_cipher'], status
['group_cipher'], status
['key_mgmt']))
455 dev
[0].request("SET wps_force_auth_types ")
456 dev
[0].request("SET wps_force_encr_types ")
459 def test_ap_wps_conf_pin_v1(dev
, apdev
):
460 """WPS PIN provisioning with configured WPS v1.0 AP"""
461 ssid
= "test-wps-conf-pin-v1"
462 hapd
= hostapd
.add_ap(apdev
[0],
463 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
464 "wpa_passphrase": "12345678", "wpa": "2",
465 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
466 logger
.info("WPS provisioning step")
467 pin
= dev
[0].wps_read_pin()
468 hapd
.request("SET wps_version_number 0x10")
469 hapd
.request("WPS_PIN any " + pin
)
471 for i
in range(0, 10):
472 dev
[0].scan(freq
="2412")
473 if "[WPS-PIN]" in dev
[0].request("SCAN_RESULTS"):
477 hapd
.request("SET wps_version_number 0x20")
478 raise Exception("WPS-PIN flag not seen in scan results")
479 dev
[0].dump_monitor()
480 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
481 dev
[0].wait_connected(timeout
=30)
482 hapd
.request("SET wps_version_number 0x20")
485 def test_ap_wps_conf_pin_2sta(dev
, apdev
):
486 """Two stations trying to use WPS PIN at the same time"""
487 ssid
= "test-wps-conf-pin2"
488 hapd
= hostapd
.add_ap(apdev
[0],
489 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
490 "wpa_passphrase": "12345678", "wpa": "2",
491 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
492 logger
.info("WPS provisioning step")
495 hapd
.request("WPS_PIN " + dev
[0].get_status_field("uuid") + " " + pin
)
496 hapd
.request("WPS_PIN " + dev
[1].get_status_field("uuid") + " " + pin
)
497 dev
[0].dump_monitor()
498 dev
[1].dump_monitor()
499 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
500 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
501 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
502 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
503 dev
[0].wait_connected(timeout
=30)
504 dev
[1].wait_connected(timeout
=30)
507 def test_ap_wps_conf_pin_timeout(dev
, apdev
):
508 """WPS PIN provisioning with configured AP timing out PIN"""
509 ssid
= "test-wps-conf-pin"
510 hapd
= hostapd
.add_ap(apdev
[0],
511 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
512 "wpa_passphrase": "12345678", "wpa": "2",
513 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
514 addr
= dev
[0].p2p_interface_addr()
515 pin
= dev
[0].wps_read_pin()
516 if "FAIL" not in hapd
.request("WPS_PIN "):
517 raise Exception("Unexpected success on invalid WPS_PIN")
518 hapd
.request("WPS_PIN any " + pin
+ " 1")
519 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
521 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
522 ev
= hapd
.wait_event(["WPS-PIN-NEEDED"], timeout
=20)
524 raise Exception("WPS-PIN-NEEDED event timed out")
525 ev
= dev
[0].wait_event(["WPS-M2D"])
527 raise Exception("M2D not reported")
528 dev
[0].request("WPS_CANCEL")
530 hapd
.request("WPS_PIN any " + pin
+ " 20 " + addr
)
531 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
532 dev
[0].wait_connected(timeout
=30)
534 def test_ap_wps_reg_connect(dev
, apdev
):
535 """WPS registrar using AP PIN to connect"""
536 ssid
= "test-wps-reg-ap-pin"
538 hostapd
.add_ap(apdev
[0],
539 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
540 "wpa_passphrase": "12345678", "wpa": "2",
541 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
543 logger
.info("WPS provisioning step")
544 dev
[0].dump_monitor()
545 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
546 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
547 status
= dev
[0].get_status()
548 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
549 raise Exception("Not fully connected")
550 if status
['ssid'] != ssid
:
551 raise Exception("Unexpected SSID")
552 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
553 raise Exception("Unexpected encryption configuration")
554 if status
['key_mgmt'] != 'WPA2-PSK':
555 raise Exception("Unexpected key_mgmt")
557 def test_ap_wps_reg_connect_mixed_mode(dev
, apdev
):
558 """WPS registrar using AP PIN to connect (WPA+WPA2)"""
559 ssid
= "test-wps-reg-ap-pin"
561 hostapd
.add_ap(apdev
[0],
562 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
563 "wpa_passphrase": "12345678", "wpa": "3",
564 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
565 "wpa_pairwise": "TKIP", "ap_pin": appin
})
566 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
567 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
568 status
= dev
[0].get_status()
569 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
570 raise Exception("Not fully connected")
571 if status
['ssid'] != ssid
:
572 raise Exception("Unexpected SSID")
573 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
574 raise Exception("Unexpected encryption configuration")
575 if status
['key_mgmt'] != 'WPA2-PSK':
576 raise Exception("Unexpected key_mgmt")
578 def test_ap_wps_reg_override_ap_settings(dev
, apdev
):
579 """WPS registrar and ap_settings override"""
580 ap_settings
= "/tmp/ap_wps_reg_override_ap_settings"
582 os
.remove(ap_settings
)
585 # Override AP Settings with values that point to another AP
586 data
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
587 data
+= build_wsc_attr(ATTR_SSID
, "test")
588 data
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
589 data
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x01')
590 data
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
591 data
+= build_wsc_attr(ATTR_MAC_ADDR
, binascii
.unhexlify(apdev
[1]['bssid'].replace(':', '')))
592 with
open(ap_settings
, "w") as f
:
594 ssid
= "test-wps-reg-ap-pin"
596 hostapd
.add_ap(apdev
[0],
597 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
598 "wpa_passphrase": "12345678", "wpa": "2",
599 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
600 "ap_pin": appin
, "ap_settings": ap_settings
})
601 hapd2
= hostapd
.add_ap(apdev
[1], { "ssid": "test" })
602 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
603 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
=2412)
604 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
605 ev
= hapd2
.wait_event(['AP-STA-CONNECTED'], timeout
=10)
606 os
.remove(ap_settings
)
608 raise Exception("No connection with the other AP")
610 def check_wps_reg_failure(dev
, ap
, appin
):
611 dev
.request("WPS_REG " + ap
['bssid'] + " " + appin
)
612 ev
= dev
.wait_event(["WPS-SUCCESS", "WPS-FAIL"], timeout
=15)
614 raise Exception("WPS operation timed out")
615 if "WPS-SUCCESS" in ev
:
616 raise Exception("WPS operation succeeded unexpectedly")
617 if "config_error=15" not in ev
:
618 raise Exception("WPS setup locked state was not reported correctly")
620 def test_ap_wps_random_ap_pin(dev
, apdev
):
621 """WPS registrar using random AP PIN"""
622 ssid
= "test-wps-reg-random-ap-pin"
623 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
624 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
625 "wpa_passphrase": "12345678", "wpa": "2",
626 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
627 "device_name": "Wireless AP", "manufacturer": "Company",
628 "model_name": "WAP", "model_number": "123",
629 "serial_number": "12345", "device_type": "6-0050F204-1",
630 "os_version": "01020300",
631 "config_methods": "label push_button",
632 "uuid": ap_uuid
, "upnp_iface": "lo" }
633 hapd
= hostapd
.add_ap(apdev
[0], params
)
634 appin
= hapd
.request("WPS_AP_PIN random")
636 raise Exception("Could not generate random AP PIN")
637 if appin
not in hapd
.request("WPS_AP_PIN get"):
638 raise Exception("Could not fetch current AP PIN")
639 logger
.info("WPS provisioning step")
640 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
641 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
643 hapd
.request("WPS_AP_PIN disable")
644 logger
.info("WPS provisioning step with AP PIN disabled")
645 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
646 check_wps_reg_failure(dev
[1], apdev
[0], appin
)
648 logger
.info("WPS provisioning step with AP PIN reset")
650 hapd
.request("WPS_AP_PIN set " + appin
)
651 dev
[1].wps_reg(apdev
[0]['bssid'], appin
)
652 dev
[0].request("REMOVE_NETWORK all")
653 dev
[1].request("REMOVE_NETWORK all")
654 dev
[0].wait_disconnected(timeout
=10)
655 dev
[1].wait_disconnected(timeout
=10)
657 logger
.info("WPS provisioning step after AP PIN timeout")
658 hapd
.request("WPS_AP_PIN disable")
659 appin
= hapd
.request("WPS_AP_PIN random 1")
661 if "FAIL" not in hapd
.request("WPS_AP_PIN get"):
662 raise Exception("AP PIN unexpectedly still enabled")
663 check_wps_reg_failure(dev
[0], apdev
[0], appin
)
665 logger
.info("WPS provisioning step after AP PIN timeout(2)")
666 hapd
.request("WPS_AP_PIN disable")
668 hapd
.request("WPS_AP_PIN set " + appin
+ " 1")
670 if "FAIL" not in hapd
.request("WPS_AP_PIN get"):
671 raise Exception("AP PIN unexpectedly still enabled")
672 check_wps_reg_failure(dev
[1], apdev
[0], appin
)
674 with
fail_test(hapd
, 1, "os_get_random;wps_generate_pin"):
675 hapd
.request("WPS_AP_PIN random 1")
676 hapd
.request("WPS_AP_PIN disable")
678 with
alloc_fail(hapd
, 1, "upnp_wps_set_ap_pin"):
679 hapd
.request("WPS_AP_PIN set 12345670")
680 hapd
.request("WPS_AP_PIN disable")
682 if "FAIL" not in hapd
.request("WPS_AP_PIN set"):
683 raise Exception("Invalid WPS_AP_PIN accepted")
684 if "FAIL" not in hapd
.request("WPS_AP_PIN foo"):
685 raise Exception("Invalid WPS_AP_PIN accepted")
687 def test_ap_wps_reg_config(dev
, apdev
):
688 """WPS registrar configuring an AP using AP PIN"""
689 ssid
= "test-wps-init-ap-pin"
691 hostapd
.add_ap(apdev
[0],
692 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
694 logger
.info("WPS configuration step")
695 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
696 dev
[0].dump_monitor()
697 new_ssid
= "wps-new-ssid"
698 new_passphrase
= "1234567890"
699 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
701 status
= dev
[0].get_status()
702 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
703 raise Exception("Not fully connected")
704 if status
['ssid'] != new_ssid
:
705 raise Exception("Unexpected SSID")
706 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
707 raise Exception("Unexpected encryption configuration")
708 if status
['key_mgmt'] != 'WPA2-PSK':
709 raise Exception("Unexpected key_mgmt")
711 logger
.info("Re-configure back to open")
712 dev
[0].request("REMOVE_NETWORK all")
713 dev
[0].flush_scan_cache()
714 dev
[0].dump_monitor()
715 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, "wps-open", "OPEN", "NONE", "")
716 status
= dev
[0].get_status()
717 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
718 raise Exception("Not fully connected")
719 if status
['ssid'] != "wps-open":
720 raise Exception("Unexpected SSID")
721 if status
['key_mgmt'] != 'NONE':
722 raise Exception("Unexpected key_mgmt")
724 def test_ap_wps_reg_config_ext_processing(dev
, apdev
):
725 """WPS registrar configuring an AP with external config processing"""
726 ssid
= "test-wps-init-ap-pin"
728 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
729 "wps_cred_processing": "1", "ap_pin": appin
}
730 hapd
= hostapd
.add_ap(apdev
[0], params
)
731 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
732 new_ssid
= "wps-new-ssid"
733 new_passphrase
= "1234567890"
734 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
735 new_passphrase
, no_wait
=True)
736 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
738 raise Exception("WPS registrar operation timed out")
739 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=15)
741 raise Exception("WPS configuration timed out")
743 raise Exception("AP Settings missing from event")
744 hapd
.request("SET wps_cred_processing 0")
745 if "FAIL" in hapd
.request("WPS_CONFIG " + new_ssid
.encode("hex") + " WPA2PSK CCMP " + new_passphrase
.encode("hex")):
746 raise Exception("WPS_CONFIG command failed")
747 dev
[0].wait_connected(timeout
=15)
749 def test_ap_wps_reg_config_tkip(dev
, apdev
):
750 """WPS registrar configuring AP to use TKIP and AP upgrading to TKIP+CCMP"""
751 skip_with_fips(dev
[0])
752 ssid
= "test-wps-init-ap"
754 hostapd
.add_ap(apdev
[0],
755 { "ssid": ssid
, "eap_server": "1", "wps_state": "1",
757 logger
.info("WPS configuration step")
758 dev
[0].request("SET wps_version_number 0x10")
759 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
760 dev
[0].dump_monitor()
761 new_ssid
= "wps-new-ssid-with-tkip"
762 new_passphrase
= "1234567890"
763 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPAPSK", "TKIP",
765 logger
.info("Re-connect to verify WPA2 mixed mode")
766 dev
[0].request("DISCONNECT")
768 dev
[0].set_network(id, "pairwise", "CCMP")
769 dev
[0].set_network(id, "proto", "RSN")
770 dev
[0].connect_network(id)
771 status
= dev
[0].get_status()
772 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
773 raise Exception("Not fully connected: wpa_state={} bssid={}".format(status
['wpa_state'], status
['bssid']))
774 if status
['ssid'] != new_ssid
:
775 raise Exception("Unexpected SSID")
776 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
777 raise Exception("Unexpected encryption configuration")
778 if status
['key_mgmt'] != 'WPA2-PSK':
779 raise Exception("Unexpected key_mgmt")
781 def test_ap_wps_setup_locked(dev
, apdev
):
782 """WPS registrar locking up AP setup on AP PIN failures"""
783 ssid
= "test-wps-incorrect-ap-pin"
785 hapd
= hostapd
.add_ap(apdev
[0],
786 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
787 "wpa_passphrase": "12345678", "wpa": "2",
788 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
790 new_ssid
= "wps-new-ssid-test"
791 new_passphrase
= "1234567890"
793 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
794 ap_setup_locked
=False
795 for pin
in ["55554444", "1234", "12345678", "00000000", "11111111"]:
796 dev
[0].dump_monitor()
797 logger
.info("Try incorrect AP PIN - attempt " + pin
)
798 dev
[0].wps_reg(apdev
[0]['bssid'], pin
, new_ssid
, "WPA2PSK",
799 "CCMP", new_passphrase
, no_wait
=True)
800 ev
= dev
[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
802 raise Exception("Timeout on receiving WPS operation failure event")
803 if "CTRL-EVENT-CONNECTED" in ev
:
804 raise Exception("Unexpected connection")
805 if "config_error=15" in ev
:
806 logger
.info("AP Setup Locked")
808 elif "config_error=18" not in ev
:
809 raise Exception("config_error=18 not reported")
810 dev
[0].wait_disconnected(timeout
=10)
812 if not ap_setup_locked
:
813 raise Exception("AP setup was not locked")
814 dev
[0].request("WPS_CANCEL")
815 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412, force_scan
=True,
817 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
818 if 'wps_ap_setup_locked' not in bss
or bss
['wps_ap_setup_locked'] != '1':
819 logger
.info("BSS: " + str(bss
))
820 raise Exception("AP Setup Locked not indicated in scan results")
822 status
= hapd
.request("WPS_GET_STATUS")
823 if "Last WPS result: Failed" not in status
:
824 raise Exception("WPS failure result not shown correctly")
825 if "Peer Address: " + dev
[0].p2p_interface_addr() not in status
:
826 raise Exception("Peer address not shown correctly")
829 dev
[0].dump_monitor()
830 logger
.info("WPS provisioning step")
831 pin
= dev
[0].wps_read_pin()
832 hapd
.request("WPS_PIN any " + pin
)
833 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
834 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=30)
836 raise Exception("WPS success was not reported")
837 dev
[0].wait_connected(timeout
=30)
839 appin
= hapd
.request("WPS_AP_PIN random")
841 raise Exception("Could not generate random AP PIN")
842 ev
= hapd
.wait_event(["WPS-AP-SETUP-UNLOCKED"], timeout
=10)
844 raise Exception("Failed to unlock AP PIN")
846 def test_ap_wps_setup_locked_timeout(dev
, apdev
):
847 """WPS re-enabling AP PIN after timeout"""
848 ssid
= "test-wps-incorrect-ap-pin"
850 hapd
= hostapd
.add_ap(apdev
[0],
851 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
852 "wpa_passphrase": "12345678", "wpa": "2",
853 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
855 new_ssid
= "wps-new-ssid-test"
856 new_passphrase
= "1234567890"
858 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
859 ap_setup_locked
=False
860 for pin
in ["55554444", "1234", "12345678", "00000000", "11111111"]:
861 dev
[0].dump_monitor()
862 logger
.info("Try incorrect AP PIN - attempt " + pin
)
863 dev
[0].wps_reg(apdev
[0]['bssid'], pin
, new_ssid
, "WPA2PSK",
864 "CCMP", new_passphrase
, no_wait
=True)
865 ev
= dev
[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"], timeout
=15)
867 raise Exception("Timeout on receiving WPS operation failure event")
868 if "CTRL-EVENT-CONNECTED" in ev
:
869 raise Exception("Unexpected connection")
870 if "config_error=15" in ev
:
871 logger
.info("AP Setup Locked")
874 elif "config_error=18" not in ev
:
875 raise Exception("config_error=18 not reported")
876 dev
[0].wait_disconnected(timeout
=10)
878 if not ap_setup_locked
:
879 raise Exception("AP setup was not locked")
880 ev
= hapd
.wait_event(["WPS-AP-SETUP-UNLOCKED"], timeout
=80)
882 raise Exception("AP PIN did not get unlocked on 60 second timeout")
884 def test_ap_wps_setup_locked_2(dev
, apdev
):
885 """WPS AP configured for special ap_setup_locked=2 mode"""
886 ssid
= "test-wps-ap-pin"
888 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
889 "wpa_passphrase": "12345678", "wpa": "2",
890 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
891 "ap_pin": appin
, "ap_setup_locked": "2" }
892 hapd
= hostapd
.add_ap(apdev
[0], params
)
893 new_ssid
= "wps-new-ssid-test"
894 new_passphrase
= "1234567890"
896 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
897 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
898 dev
[0].request("REMOVE_NETWORK all")
899 dev
[0].wait_disconnected()
902 dev
[0].dump_monitor()
903 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK",
904 "CCMP", new_passphrase
, no_wait
=True)
906 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
908 raise Exception("hostapd did not report WPS failure")
909 if "msg=12 config_error=15" not in ev
:
910 raise Exception("Unexpected failure reason (AP): " + ev
)
912 ev
= dev
[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
914 raise Exception("Timeout on receiving WPS operation failure event")
915 if "CTRL-EVENT-CONNECTED" in ev
:
916 raise Exception("Unexpected connection")
917 if "config_error=15" not in ev
:
918 raise Exception("Unexpected failure reason (STA): " + ev
)
919 dev
[0].request("WPS_CANCEL")
920 dev
[0].wait_disconnected()
923 def test_ap_wps_pbc_overlap_2ap(dev
, apdev
):
924 """WPS PBC session overlap with two active APs"""
925 params
= { "ssid": "wps1", "eap_server": "1", "wps_state": "2",
926 "wpa_passphrase": "12345678", "wpa": "2",
927 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
928 "wps_independent": "1"}
929 hapd
= hostapd
.add_ap(apdev
[0], params
)
930 params
= { "ssid": "wps2", "eap_server": "1", "wps_state": "2",
931 "wpa_passphrase": "123456789", "wpa": "2",
932 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
933 "wps_independent": "1"}
934 hapd2
= hostapd
.add_ap(apdev
[1], params
)
935 hapd
.request("WPS_PBC")
936 hapd2
.request("WPS_PBC")
937 logger
.info("WPS provisioning step")
938 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
939 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
940 dev
[0].request("WPS_PBC")
941 ev
= dev
[0].wait_event(["WPS-OVERLAP-DETECTED"], timeout
=15)
943 raise Exception("PBC session overlap not detected")
944 hapd
.request("DISABLE")
945 hapd2
.request("DISABLE")
946 dev
[0].flush_scan_cache()
949 def test_ap_wps_pbc_overlap_2sta(dev
, apdev
):
950 """WPS PBC session overlap with two active STAs"""
951 ssid
= "test-wps-pbc-overlap"
952 hapd
= hostapd
.add_ap(apdev
[0],
953 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
954 "wpa_passphrase": "12345678", "wpa": "2",
955 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
956 logger
.info("WPS provisioning step")
957 hapd
.request("WPS_PBC")
958 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
959 dev
[0].dump_monitor()
960 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
961 dev
[1].dump_monitor()
962 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
963 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
964 ev
= dev
[0].wait_event(["WPS-M2D"], timeout
=15)
966 raise Exception("PBC session overlap not detected (dev0)")
967 if "config_error=12" not in ev
:
968 raise Exception("PBC session overlap not correctly reported (dev0)")
969 dev
[0].request("WPS_CANCEL")
970 dev
[0].request("DISCONNECT")
971 ev
= dev
[1].wait_event(["WPS-M2D"], timeout
=15)
973 raise Exception("PBC session overlap not detected (dev1)")
974 if "config_error=12" not in ev
:
975 raise Exception("PBC session overlap not correctly reported (dev1)")
976 dev
[1].request("WPS_CANCEL")
977 dev
[1].request("DISCONNECT")
978 hapd
.request("WPS_CANCEL")
979 ret
= hapd
.request("WPS_PBC")
980 if "FAIL" not in ret
:
981 raise Exception("PBC mode allowed to be started while PBC overlap still active")
982 hapd
.request("DISABLE")
983 dev
[0].flush_scan_cache()
984 dev
[1].flush_scan_cache()
987 def test_ap_wps_cancel(dev
, apdev
):
988 """WPS AP cancelling enabled config method"""
989 ssid
= "test-wps-ap-cancel"
990 hapd
= hostapd
.add_ap(apdev
[0],
991 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
992 "wpa_passphrase": "12345678", "wpa": "2",
993 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
994 bssid
= apdev
[0]['bssid']
996 logger
.info("Verify PBC enable/cancel")
997 hapd
.request("WPS_PBC")
998 dev
[0].scan(freq
="2412")
999 dev
[0].scan(freq
="2412")
1000 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1001 if "[WPS-PBC]" not in bss
['flags']:
1002 raise Exception("WPS-PBC flag missing")
1003 if "FAIL" in hapd
.request("WPS_CANCEL"):
1004 raise Exception("WPS_CANCEL failed")
1005 dev
[0].scan(freq
="2412")
1006 dev
[0].scan(freq
="2412")
1007 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1008 if "[WPS-PBC]" in bss
['flags']:
1009 raise Exception("WPS-PBC flag not cleared")
1011 logger
.info("Verify PIN enable/cancel")
1012 hapd
.request("WPS_PIN any 12345670")
1013 dev
[0].scan(freq
="2412")
1014 dev
[0].scan(freq
="2412")
1015 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1016 if "[WPS-AUTH]" not in bss
['flags']:
1017 raise Exception("WPS-AUTH flag missing")
1018 if "FAIL" in hapd
.request("WPS_CANCEL"):
1019 raise Exception("WPS_CANCEL failed")
1020 dev
[0].scan(freq
="2412")
1021 dev
[0].scan(freq
="2412")
1022 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1023 if "[WPS-AUTH]" in bss
['flags']:
1024 raise Exception("WPS-AUTH flag not cleared")
1026 def test_ap_wps_er_add_enrollee(dev
, apdev
):
1027 """WPS ER configuring AP and adding a new enrollee using PIN"""
1029 _test_ap_wps_er_add_enrollee(dev
, apdev
)
1031 dev
[0].request("WPS_ER_STOP")
1033 def _test_ap_wps_er_add_enrollee(dev
, apdev
):
1034 ssid
= "wps-er-add-enrollee"
1036 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1037 hostapd
.add_ap(apdev
[0],
1038 { "ssid": ssid
, "eap_server": "1", "wps_state": "1",
1039 "device_name": "Wireless AP", "manufacturer": "Company",
1040 "model_name": "WAP", "model_number": "123",
1041 "serial_number": "12345", "device_type": "6-0050F204-1",
1042 "os_version": "01020300",
1043 'friendly_name': "WPS AP - <>&'\" - TEST",
1044 "config_methods": "label push_button",
1045 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1046 logger
.info("WPS configuration step")
1047 new_passphrase
= "1234567890"
1048 dev
[0].dump_monitor()
1049 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1050 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
, ssid
, "WPA2PSK", "CCMP",
1052 status
= dev
[0].get_status()
1053 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
1054 raise Exception("Not fully connected")
1055 if status
['ssid'] != ssid
:
1056 raise Exception("Unexpected SSID")
1057 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
1058 raise Exception("Unexpected encryption configuration")
1059 if status
['key_mgmt'] != 'WPA2-PSK':
1060 raise Exception("Unexpected key_mgmt")
1062 logger
.info("Start ER")
1063 dev
[0].request("WPS_ER_START ifname=lo")
1064 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1066 raise Exception("AP discovery timed out")
1067 if ap_uuid
not in ev
:
1068 raise Exception("Expected AP UUID not found")
1069 if "|WPS AP - <>&'" - TEST|Company|" not in ev
:
1070 raise Exception("Expected friendly name not found")
1072 logger
.info("Learn AP configuration through UPnP")
1073 dev
[0].dump_monitor()
1074 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1075 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1077 raise Exception("AP learn timed out")
1078 if ap_uuid
not in ev
:
1079 raise Exception("Expected AP UUID not in settings")
1080 if "ssid=" + ssid
not in ev
:
1081 raise Exception("Expected SSID not in settings")
1082 if "key=" + new_passphrase
not in ev
:
1083 raise Exception("Expected passphrase not in settings")
1084 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1086 raise Exception("WPS-FAIL after AP learn timed out")
1089 logger
.info("Add Enrollee using ER")
1090 pin
= dev
[1].wps_read_pin()
1091 dev
[0].dump_monitor()
1092 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + dev
[1].p2p_interface_addr())
1093 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1094 dev
[1].dump_monitor()
1095 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1096 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=30)
1098 raise Exception("Enrollee did not report success")
1099 dev
[1].wait_connected(timeout
=15)
1100 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1102 raise Exception("WPS ER did not report success")
1103 hwsim_utils
.test_connectivity_sta(dev
[0], dev
[1])
1105 logger
.info("Add a specific Enrollee using ER")
1106 pin
= dev
[2].wps_read_pin()
1107 addr2
= dev
[2].p2p_interface_addr()
1108 dev
[0].dump_monitor()
1109 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1110 dev
[2].dump_monitor()
1111 dev
[2].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1112 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
1114 raise Exception("Enrollee not seen")
1116 raise Exception("Unexpected Enrollee MAC address")
1117 dev
[0].request("WPS_ER_PIN " + addr2
+ " " + pin
+ " " + addr2
)
1118 dev
[2].wait_connected(timeout
=30)
1119 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1121 raise Exception("WPS ER did not report success")
1123 logger
.info("Verify registrar selection behavior")
1124 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + dev
[1].p2p_interface_addr())
1125 dev
[1].request("DISCONNECT")
1126 dev
[1].wait_disconnected(timeout
=10)
1127 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1128 dev
[1].scan(freq
="2412")
1129 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
1130 if "[WPS-AUTH]" not in bss
['flags']:
1131 # It is possible for scan to miss an update especially when running
1132 # tests under load with multiple VMs, so allow another attempt.
1133 dev
[1].scan(freq
="2412")
1134 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
1135 if "[WPS-AUTH]" not in bss
['flags']:
1136 raise Exception("WPS-AUTH flag missing")
1138 logger
.info("Stop ER")
1139 dev
[0].dump_monitor()
1140 dev
[0].request("WPS_ER_STOP")
1141 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"])
1143 raise Exception("WPS ER unsubscription timed out")
1144 # It takes some time for the UPnP UNSUBSCRIBE command to go through, so wait
1145 # a bit before verifying that the scan results have changed.
1148 for i
in range(0, 10):
1149 dev
[1].request("BSS_FLUSH 0")
1150 dev
[1].scan(freq
="2412", only_new
=True)
1151 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
1152 if bss
and 'flags' in bss
and "[WPS-AUTH]" not in bss
['flags']:
1154 logger
.debug("WPS-AUTH flag was still in place - wait a bit longer")
1156 if "[WPS-AUTH]" in bss
['flags']:
1157 raise Exception("WPS-AUTH flag not removed")
1159 def test_ap_wps_er_add_enrollee_uuid(dev
, apdev
):
1160 """WPS ER adding a new enrollee identified by UUID"""
1162 _test_ap_wps_er_add_enrollee_uuid(dev
, apdev
)
1164 dev
[0].request("WPS_ER_STOP")
1166 def _test_ap_wps_er_add_enrollee_uuid(dev
, apdev
):
1167 ssid
= "wps-er-add-enrollee"
1169 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1170 hostapd
.add_ap(apdev
[0],
1171 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1172 "wpa_passphrase": "12345678", "wpa": "2",
1173 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1174 "device_name": "Wireless AP", "manufacturer": "Company",
1175 "model_name": "WAP", "model_number": "123",
1176 "serial_number": "12345", "device_type": "6-0050F204-1",
1177 "os_version": "01020300",
1178 "config_methods": "label push_button",
1179 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1180 logger
.info("WPS configuration step")
1181 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1182 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1184 logger
.info("Start ER")
1185 dev
[0].request("WPS_ER_START ifname=lo")
1186 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1188 raise Exception("AP discovery timed out")
1189 if ap_uuid
not in ev
:
1190 raise Exception("Expected AP UUID not found")
1192 logger
.info("Learn AP configuration through UPnP")
1193 dev
[0].dump_monitor()
1194 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1195 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1197 raise Exception("AP learn timed out")
1198 if ap_uuid
not in ev
:
1199 raise Exception("Expected AP UUID not in settings")
1200 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1202 raise Exception("WPS-FAIL after AP learn timed out")
1205 logger
.info("Add a specific Enrollee using ER (PBC/UUID)")
1206 addr1
= dev
[1].p2p_interface_addr()
1207 dev
[0].dump_monitor()
1208 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1209 dev
[1].dump_monitor()
1210 dev
[1].request("WPS_PBC %s" % apdev
[0]['bssid'])
1211 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
1213 raise Exception("Enrollee not seen")
1215 raise Exception("Unexpected Enrollee MAC address")
1216 uuid
= ev
.split(' ')[1]
1217 dev
[0].request("WPS_ER_PBC " + uuid
)
1218 dev
[1].wait_connected(timeout
=30)
1219 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1221 raise Exception("WPS ER did not report success")
1223 logger
.info("Add a specific Enrollee using ER (PIN/UUID)")
1224 pin
= dev
[2].wps_read_pin()
1225 addr2
= dev
[2].p2p_interface_addr()
1226 dev
[0].dump_monitor()
1227 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1228 dev
[2].dump_monitor()
1229 dev
[2].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1230 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
1232 raise Exception("Enrollee not seen")
1234 raise Exception("Unexpected Enrollee MAC address")
1235 uuid
= ev
.split(' ')[1]
1236 dev
[0].request("WPS_ER_PIN " + uuid
+ " " + pin
)
1237 dev
[2].wait_connected(timeout
=30)
1238 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1240 raise Exception("WPS ER did not report success")
1242 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-REMOVE"], timeout
=15)
1244 raise Exception("No Enrollee STA entry timeout seen")
1246 logger
.info("Stop ER")
1247 dev
[0].dump_monitor()
1248 dev
[0].request("WPS_ER_STOP")
1250 def test_ap_wps_er_multi_add_enrollee(dev
, apdev
):
1251 """Multiple WPS ERs adding a new enrollee using PIN"""
1253 _test_ap_wps_er_multi_add_enrollee(dev
, apdev
)
1256 dev
[i
].request("WPS_ER_STOP")
1258 def _test_ap_wps_er_multi_add_enrollee(dev
, apdev
):
1259 ssid
= "wps-er-add-enrollee"
1261 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1262 hostapd
.add_ap(apdev
[0],
1263 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1264 "wpa_passphrase": "12345678", "wpa": "2",
1265 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1266 "device_name": "Wireless AP", "manufacturer": "Company",
1267 "model_name": "WAP", "model_number": "123",
1268 "serial_number": "12345", "device_type": "6-0050F204-1",
1269 "os_version": "01020300",
1270 'friendly_name': "WPS AP",
1271 "config_methods": "label push_button",
1272 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1275 dev
[i
].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1276 dev
[i
].wps_reg(apdev
[0]['bssid'], ap_pin
)
1278 dev
[i
].request("WPS_ER_START ifname=lo")
1280 ev
= dev
[i
].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1282 raise Exception("AP discovery timed out")
1283 dev
[i
].dump_monitor()
1285 dev
[i
].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1287 ev
= dev
[i
].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1289 raise Exception("AP learn timed out")
1290 ev
= dev
[i
].wait_event(["WPS-FAIL"], timeout
=15)
1292 raise Exception("WPS-FAIL after AP learn timed out")
1296 pin
= dev
[2].wps_read_pin()
1297 addr
= dev
[2].own_addr()
1298 dev
[0].dump_monitor()
1299 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + addr
)
1300 dev
[1].dump_monitor()
1301 dev
[1].request("WPS_ER_PIN any " + pin
+ " " + addr
)
1303 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1304 dev
[2].dump_monitor()
1305 dev
[2].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1306 ev
= dev
[2].wait_event(["WPS-SUCCESS"], timeout
=30)
1308 raise Exception("Enrollee did not report success")
1309 dev
[2].wait_connected(timeout
=15)
1311 def test_ap_wps_er_add_enrollee_pbc(dev
, apdev
):
1312 """WPS ER connected to AP and adding a new enrollee using PBC"""
1314 _test_ap_wps_er_add_enrollee_pbc(dev
, apdev
)
1316 dev
[0].request("WPS_ER_STOP")
1318 def _test_ap_wps_er_add_enrollee_pbc(dev
, apdev
):
1319 ssid
= "wps-er-add-enrollee-pbc"
1321 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1322 hostapd
.add_ap(apdev
[0],
1323 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1324 "wpa_passphrase": "12345678", "wpa": "2",
1325 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1326 "device_name": "Wireless AP", "manufacturer": "Company",
1327 "model_name": "WAP", "model_number": "123",
1328 "serial_number": "12345", "device_type": "6-0050F204-1",
1329 "os_version": "01020300",
1330 "config_methods": "label push_button",
1331 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1332 logger
.info("Learn AP configuration")
1333 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1334 dev
[0].dump_monitor()
1335 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1336 status
= dev
[0].get_status()
1337 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
1338 raise Exception("Not fully connected")
1340 logger
.info("Start ER")
1341 dev
[0].request("WPS_ER_START ifname=lo")
1342 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1344 raise Exception("AP discovery timed out")
1345 if ap_uuid
not in ev
:
1346 raise Exception("Expected AP UUID not found")
1348 enrollee
= dev
[1].p2p_interface_addr()
1350 if "FAIL-UNKNOWN-UUID" not in dev
[0].request("WPS_ER_PBC " + enrollee
):
1351 raise Exception("Unknown UUID not reported")
1353 logger
.info("Add Enrollee using ER and PBC")
1354 dev
[0].dump_monitor()
1355 dev
[1].dump_monitor()
1356 dev
[1].request("WPS_PBC")
1358 for i
in range(0, 2):
1359 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=15)
1361 raise Exception("Enrollee discovery timed out")
1365 raise Exception("Expected Enrollee not found")
1366 if "FAIL-NO-AP-SETTINGS" not in dev
[0].request("WPS_ER_PBC " + enrollee
):
1367 raise Exception("Unknown UUID not reported")
1368 logger
.info("Use learned network configuration on ER")
1369 dev
[0].request("WPS_ER_SET_CONFIG " + ap_uuid
+ " 0")
1370 if "OK" not in dev
[0].request("WPS_ER_PBC " + enrollee
):
1371 raise Exception("WPS_ER_PBC failed")
1373 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=15)
1375 raise Exception("Enrollee did not report success")
1376 dev
[1].wait_connected(timeout
=15)
1377 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1379 raise Exception("WPS ER did not report success")
1380 hwsim_utils
.test_connectivity_sta(dev
[0], dev
[1])
1382 def test_ap_wps_er_pbc_overlap(dev
, apdev
):
1383 """WPS ER connected to AP and PBC session overlap"""
1385 _test_ap_wps_er_pbc_overlap(dev
, apdev
)
1387 dev
[0].request("WPS_ER_STOP")
1389 def _test_ap_wps_er_pbc_overlap(dev
, apdev
):
1390 ssid
= "wps-er-add-enrollee-pbc"
1392 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1393 hostapd
.add_ap(apdev
[0],
1394 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1395 "wpa_passphrase": "12345678", "wpa": "2",
1396 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1397 "device_name": "Wireless AP", "manufacturer": "Company",
1398 "model_name": "WAP", "model_number": "123",
1399 "serial_number": "12345", "device_type": "6-0050F204-1",
1400 "os_version": "01020300",
1401 "config_methods": "label push_button",
1402 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1403 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1404 dev
[0].dump_monitor()
1405 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1407 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1408 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1409 # avoid leaving dev 1 or 2 as the last Probe Request to the AP
1410 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412, force_scan
=True)
1412 dev
[0].dump_monitor()
1413 dev
[0].request("WPS_ER_START ifname=lo")
1415 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1417 raise Exception("AP discovery timed out")
1418 if ap_uuid
not in ev
:
1419 raise Exception("Expected AP UUID not found")
1421 # verify BSSID selection of the AP instead of UUID
1422 if "FAIL" in dev
[0].request("WPS_ER_SET_CONFIG " + apdev
[0]['bssid'] + " 0"):
1423 raise Exception("Could not select AP based on BSSID")
1425 dev
[0].dump_monitor()
1426 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
1427 dev
[2].request("WPS_PBC " + apdev
[0]['bssid'])
1428 ev
= dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
1430 raise Exception("PBC scan failed")
1431 ev
= dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
1433 raise Exception("PBC scan failed")
1436 addr1
= dev
[1].own_addr()
1437 addr2
= dev
[2].own_addr()
1439 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=15)
1441 raise Exception("Enrollee discovery timed out")
1450 if dev
[0].request("WPS_ER_PBC " + ap_uuid
) != "FAIL-PBC-OVERLAP\n":
1451 raise Exception("PBC overlap not reported")
1452 dev
[1].request("WPS_CANCEL")
1453 dev
[2].request("WPS_CANCEL")
1454 if dev
[0].request("WPS_ER_PBC foo") != "FAIL\n":
1455 raise Exception("Invalid WPS_ER_PBC accepted")
1457 def test_ap_wps_er_v10_add_enrollee_pin(dev
, apdev
):
1458 """WPS v1.0 ER connected to AP and adding a new enrollee using PIN"""
1460 _test_ap_wps_er_v10_add_enrollee_pin(dev
, apdev
)
1462 dev
[0].request("WPS_ER_STOP")
1464 def _test_ap_wps_er_v10_add_enrollee_pin(dev
, apdev
):
1465 ssid
= "wps-er-add-enrollee-pbc"
1467 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1468 hostapd
.add_ap(apdev
[0],
1469 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1470 "wpa_passphrase": "12345678", "wpa": "2",
1471 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1472 "device_name": "Wireless AP", "manufacturer": "Company",
1473 "model_name": "WAP", "model_number": "123",
1474 "serial_number": "12345", "device_type": "6-0050F204-1",
1475 "os_version": "01020300",
1476 "config_methods": "label push_button",
1477 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1478 logger
.info("Learn AP configuration")
1479 dev
[0].request("SET wps_version_number 0x10")
1480 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1481 dev
[0].dump_monitor()
1482 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1483 status
= dev
[0].get_status()
1484 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
1485 raise Exception("Not fully connected")
1487 logger
.info("Start ER")
1488 dev
[0].request("WPS_ER_START ifname=lo")
1489 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1491 raise Exception("AP discovery timed out")
1492 if ap_uuid
not in ev
:
1493 raise Exception("Expected AP UUID not found")
1495 logger
.info("Use learned network configuration on ER")
1496 dev
[0].request("WPS_ER_SET_CONFIG " + ap_uuid
+ " 0")
1498 logger
.info("Add Enrollee using ER and PIN")
1499 enrollee
= dev
[1].p2p_interface_addr()
1500 pin
= dev
[1].wps_read_pin()
1501 dev
[0].dump_monitor()
1502 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + enrollee
)
1503 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1504 dev
[1].dump_monitor()
1505 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1506 dev
[1].wait_connected(timeout
=30)
1507 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1509 raise Exception("WPS ER did not report success")
1512 def test_ap_wps_er_config_ap(dev
, apdev
):
1513 """WPS ER configuring AP over UPnP"""
1515 _test_ap_wps_er_config_ap(dev
, apdev
)
1517 dev
[0].request("WPS_ER_STOP")
1519 def _test_ap_wps_er_config_ap(dev
, apdev
):
1520 ssid
= "wps-er-ap-config"
1522 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1523 hostapd
.add_ap(apdev
[0],
1524 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1525 "wpa_passphrase": "12345678", "wpa": "2",
1526 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1527 "device_name": "Wireless AP", "manufacturer": "Company",
1528 "model_name": "WAP", "model_number": "123",
1529 "serial_number": "12345", "device_type": "6-0050F204-1",
1530 "os_version": "01020300",
1531 "config_methods": "label push_button",
1532 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1534 logger
.info("Connect ER to the AP")
1535 dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
1537 logger
.info("WPS configuration step")
1538 dev
[0].request("WPS_ER_START ifname=lo")
1539 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1541 raise Exception("AP discovery timed out")
1542 if ap_uuid
not in ev
:
1543 raise Exception("Expected AP UUID not found")
1544 new_passphrase
= "1234567890"
1545 dev
[0].request("WPS_ER_CONFIG " + apdev
[0]['bssid'] + " " + ap_pin
+ " " +
1546 ssid
.encode("hex") + " WPA2PSK CCMP " +
1547 new_passphrase
.encode("hex"))
1548 ev
= dev
[0].wait_event(["WPS-SUCCESS"])
1550 raise Exception("WPS ER configuration operation timed out")
1551 dev
[0].wait_disconnected(timeout
=10)
1552 dev
[0].connect(ssid
, psk
="1234567890", scan_freq
="2412")
1554 logger
.info("WPS ER restart")
1555 dev
[0].request("WPS_ER_START")
1556 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1558 raise Exception("AP discovery timed out on ER restart")
1559 if ap_uuid
not in ev
:
1560 raise Exception("Expected AP UUID not found on ER restart")
1561 if "OK" not in dev
[0].request("WPS_ER_STOP"):
1562 raise Exception("WPS_ER_STOP failed")
1563 if "OK" not in dev
[0].request("WPS_ER_STOP"):
1564 raise Exception("WPS_ER_STOP failed")
1567 def test_ap_wps_er_cache_ap_settings(dev
, apdev
):
1568 """WPS ER caching AP settings"""
1570 _test_ap_wps_er_cache_ap_settings(dev
, apdev
)
1572 dev
[0].request("WPS_ER_STOP")
1574 def _test_ap_wps_er_cache_ap_settings(dev
, apdev
):
1575 ssid
= "wps-er-add-enrollee"
1577 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1578 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1579 "wpa_passphrase": "12345678", "wpa": "2",
1580 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1581 "device_name": "Wireless AP", "manufacturer": "Company",
1582 "model_name": "WAP", "model_number": "123",
1583 "serial_number": "12345", "device_type": "6-0050F204-1",
1584 "os_version": "01020300",
1585 "config_methods": "label push_button",
1586 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo" }
1587 hapd
= hostapd
.add_ap(apdev
[0], params
)
1588 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1589 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1590 id = int(dev
[0].list_networks()[0]['id'])
1591 dev
[0].set_network(id, "scan_freq", "2412")
1593 dev
[0].request("WPS_ER_START ifname=lo")
1594 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1596 raise Exception("AP discovery timed out")
1597 if ap_uuid
not in ev
:
1598 raise Exception("Expected AP UUID not found")
1600 dev
[0].dump_monitor()
1601 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1602 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1604 raise Exception("AP learn timed out")
1605 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1607 raise Exception("WPS-FAIL after AP learn timed out")
1613 ev
= dev
[0].wait_event([ "WPS-ER-AP-REMOVE",
1614 "CTRL-EVENT-DISCONNECTED" ],
1617 raise Exception("AP removal or disconnection timed out")
1619 hapd
= hostapd
.add_ap(apdev
[0], params
)
1621 ev
= dev
[0].wait_event([ "WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED" ],
1624 raise Exception("AP discovery or connection timed out")
1626 pin
= dev
[1].wps_read_pin()
1627 dev
[0].dump_monitor()
1628 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + dev
[1].p2p_interface_addr())
1632 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1633 dev
[1].dump_monitor()
1634 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1635 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=30)
1637 raise Exception("Enrollee did not report success")
1638 dev
[1].wait_connected(timeout
=15)
1639 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1641 raise Exception("WPS ER did not report success")
1643 dev
[0].dump_monitor()
1644 dev
[0].request("WPS_ER_STOP")
1646 def test_ap_wps_er_cache_ap_settings_oom(dev
, apdev
):
1647 """WPS ER caching AP settings (OOM)"""
1649 _test_ap_wps_er_cache_ap_settings_oom(dev
, apdev
)
1651 dev
[0].request("WPS_ER_STOP")
1653 def _test_ap_wps_er_cache_ap_settings_oom(dev
, apdev
):
1654 ssid
= "wps-er-add-enrollee"
1656 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1657 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1658 "wpa_passphrase": "12345678", "wpa": "2",
1659 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1660 "device_name": "Wireless AP", "manufacturer": "Company",
1661 "model_name": "WAP", "model_number": "123",
1662 "serial_number": "12345", "device_type": "6-0050F204-1",
1663 "os_version": "01020300",
1664 "config_methods": "label push_button",
1665 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo" }
1666 hapd
= hostapd
.add_ap(apdev
[0], params
)
1667 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1668 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1669 id = int(dev
[0].list_networks()[0]['id'])
1670 dev
[0].set_network(id, "scan_freq", "2412")
1672 dev
[0].request("WPS_ER_START ifname=lo")
1673 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1675 raise Exception("AP discovery timed out")
1676 if ap_uuid
not in ev
:
1677 raise Exception("Expected AP UUID not found")
1679 dev
[0].dump_monitor()
1680 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1681 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1683 raise Exception("AP learn timed out")
1684 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1686 raise Exception("WPS-FAIL after AP learn timed out")
1689 with
alloc_fail(dev
[0], 1, "=wps_er_ap_use_cached_settings"):
1693 ev
= dev
[0].wait_event([ "WPS-ER-AP-REMOVE",
1694 "CTRL-EVENT-DISCONNECTED" ],
1697 raise Exception("AP removal or disconnection timed out")
1699 hapd
= hostapd
.add_ap(apdev
[0], params
)
1701 ev
= dev
[0].wait_event([ "WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED" ],
1704 raise Exception("AP discovery or connection timed out")
1706 dev
[0].request("WPS_ER_STOP")
1708 def test_ap_wps_er_cache_ap_settings_oom2(dev
, apdev
):
1709 """WPS ER caching AP settings (OOM 2)"""
1711 _test_ap_wps_er_cache_ap_settings_oom2(dev
, apdev
)
1713 dev
[0].request("WPS_ER_STOP")
1715 def _test_ap_wps_er_cache_ap_settings_oom2(dev
, apdev
):
1716 ssid
= "wps-er-add-enrollee"
1718 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1719 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1720 "wpa_passphrase": "12345678", "wpa": "2",
1721 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1722 "device_name": "Wireless AP", "manufacturer": "Company",
1723 "model_name": "WAP", "model_number": "123",
1724 "serial_number": "12345", "device_type": "6-0050F204-1",
1725 "os_version": "01020300",
1726 "config_methods": "label push_button",
1727 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo" }
1728 hapd
= hostapd
.add_ap(apdev
[0], params
)
1729 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1730 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1731 id = int(dev
[0].list_networks()[0]['id'])
1732 dev
[0].set_network(id, "scan_freq", "2412")
1734 dev
[0].request("WPS_ER_START ifname=lo")
1735 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1737 raise Exception("AP discovery timed out")
1738 if ap_uuid
not in ev
:
1739 raise Exception("Expected AP UUID not found")
1741 dev
[0].dump_monitor()
1742 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1743 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1745 raise Exception("AP learn timed out")
1746 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1748 raise Exception("WPS-FAIL after AP learn timed out")
1751 with
alloc_fail(dev
[0], 1, "=wps_er_ap_cache_settings"):
1755 ev
= dev
[0].wait_event([ "WPS-ER-AP-REMOVE",
1756 "CTRL-EVENT-DISCONNECTED" ],
1759 raise Exception("AP removal or disconnection timed out")
1761 hapd
= hostapd
.add_ap(apdev
[0], params
)
1763 ev
= dev
[0].wait_event([ "WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED" ],
1766 raise Exception("AP discovery or connection timed out")
1768 dev
[0].request("WPS_ER_STOP")
1770 def test_ap_wps_er_subscribe_oom(dev
, apdev
):
1771 """WPS ER subscribe OOM"""
1773 _test_ap_wps_er_subscribe_oom(dev
, apdev
)
1775 dev
[0].request("WPS_ER_STOP")
1777 def _test_ap_wps_er_subscribe_oom(dev
, apdev
):
1778 ssid
= "wps-er-add-enrollee"
1780 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1781 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1782 "wpa_passphrase": "12345678", "wpa": "2",
1783 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1784 "device_name": "Wireless AP", "manufacturer": "Company",
1785 "model_name": "WAP", "model_number": "123",
1786 "serial_number": "12345", "device_type": "6-0050F204-1",
1787 "os_version": "01020300",
1788 "config_methods": "label push_button",
1789 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo" }
1790 hapd
= hostapd
.add_ap(apdev
[0], params
)
1791 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1792 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1793 id = int(dev
[0].list_networks()[0]['id'])
1794 dev
[0].set_network(id, "scan_freq", "2412")
1796 with
alloc_fail(dev
[0], 1, "http_client_addr;wps_er_subscribe"):
1797 dev
[0].request("WPS_ER_START ifname=lo")
1799 res
= dev
[0].request("GET_ALLOC_FAIL")
1800 if res
.startswith("0:"):
1803 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=0)
1805 raise Exception("Unexpected AP discovery during OOM")
1807 dev
[0].request("WPS_ER_STOP")
1809 def test_ap_wps_er_set_sel_reg_oom(dev
, apdev
):
1810 """WPS ER SetSelectedRegistrar OOM"""
1812 _test_ap_wps_er_set_sel_reg_oom(dev
, apdev
)
1814 dev
[0].request("WPS_ER_STOP")
1816 def _test_ap_wps_er_set_sel_reg_oom(dev
, apdev
):
1817 ssid
= "wps-er-add-enrollee"
1819 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1820 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1821 "wpa_passphrase": "12345678", "wpa": "2",
1822 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1823 "device_name": "Wireless AP", "manufacturer": "Company",
1824 "model_name": "WAP", "model_number": "123",
1825 "serial_number": "12345", "device_type": "6-0050F204-1",
1826 "os_version": "01020300",
1827 "config_methods": "label push_button",
1828 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo" }
1829 hapd
= hostapd
.add_ap(apdev
[0], params
)
1830 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1831 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1833 dev
[0].request("WPS_ER_START ifname=lo")
1834 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
1836 raise Exception("AP not discovered")
1838 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1839 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1841 raise Exception("AP learn timed out")
1842 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1844 raise Exception("WPS-FAIL timed out")
1847 for func
in [ "http_client_url_parse;wps_er_send_set_sel_reg",
1848 "wps_er_soap_hdr;wps_er_send_set_sel_reg",
1849 "http_client_addr;wps_er_send_set_sel_reg",
1850 "wpabuf_alloc;wps_er_set_sel_reg" ]:
1851 with
alloc_fail(dev
[0], 1, func
):
1852 if "OK" not in dev
[0].request("WPS_ER_PBC " + ap_uuid
):
1853 raise Exception("WPS_ER_PBC failed")
1854 ev
= dev
[0].wait_event(["WPS-PBC-ACTIVE"], timeout
=3)
1856 raise Exception("WPS-PBC-ACTIVE not seen")
1858 dev
[0].request("WPS_ER_STOP")
1861 def test_ap_wps_er_learn_oom(dev
, apdev
):
1862 """WPS ER learn OOM"""
1864 _test_ap_wps_er_learn_oom(dev
, apdev
)
1866 dev
[0].request("WPS_ER_STOP")
1868 def _test_ap_wps_er_learn_oom(dev
, apdev
):
1869 ssid
= "wps-er-add-enrollee"
1871 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1872 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1873 "wpa_passphrase": "12345678", "wpa": "2",
1874 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1875 "device_name": "Wireless AP", "manufacturer": "Company",
1876 "model_name": "WAP", "model_number": "123",
1877 "serial_number": "12345", "device_type": "6-0050F204-1",
1878 "os_version": "01020300",
1879 "config_methods": "label push_button",
1880 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo" }
1881 hapd
= hostapd
.add_ap(apdev
[0], params
)
1882 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1883 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1885 dev
[0].request("WPS_ER_START ifname=lo")
1886 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
1888 raise Exception("AP not discovered")
1890 for func
in [ "wps_er_http_put_message_cb",
1891 "xml_get_base64_item;wps_er_http_put_message_cb",
1892 "http_client_url_parse;wps_er_ap_put_message",
1893 "wps_er_soap_hdr;wps_er_ap_put_message",
1894 "http_client_addr;wps_er_ap_put_message" ]:
1895 with
alloc_fail(dev
[0], 1, func
):
1896 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1897 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=1)
1899 raise Exception("AP learn succeeded during OOM")
1901 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1902 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=10)
1904 raise Exception("AP learn did not succeed")
1906 if "FAIL" not in dev
[0].request("WPS_ER_LEARN 00000000-9e5c-4e73-bd82-f89cbcd10d7e " + ap_pin
):
1907 raise Exception("WPS_ER_LEARN for unknown AP accepted")
1909 dev
[0].request("WPS_ER_STOP")
1911 def test_ap_wps_fragmentation(dev
, apdev
):
1912 """WPS with fragmentation in EAP-WSC and mixed mode WPA+WPA2"""
1913 ssid
= "test-wps-fragmentation"
1915 hapd
= hostapd
.add_ap(apdev
[0],
1916 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1917 "wpa_passphrase": "12345678", "wpa": "3",
1918 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1919 "wpa_pairwise": "TKIP", "ap_pin": appin
,
1920 "fragment_size": "50" })
1921 logger
.info("WPS provisioning step (PBC)")
1922 hapd
.request("WPS_PBC")
1923 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1924 dev
[0].dump_monitor()
1925 dev
[0].request("SET wps_fragment_size 50")
1926 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
1927 dev
[0].wait_connected(timeout
=30)
1928 status
= dev
[0].get_status()
1929 if status
['wpa_state'] != 'COMPLETED':
1930 raise Exception("Not fully connected")
1931 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
1932 raise Exception("Unexpected encryption configuration")
1933 if status
['key_mgmt'] != 'WPA2-PSK':
1934 raise Exception("Unexpected key_mgmt")
1936 logger
.info("WPS provisioning step (PIN)")
1937 pin
= dev
[1].wps_read_pin()
1938 hapd
.request("WPS_PIN any " + pin
)
1939 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1940 dev
[1].request("SET wps_fragment_size 50")
1941 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1942 dev
[1].wait_connected(timeout
=30)
1943 status
= dev
[1].get_status()
1944 if status
['wpa_state'] != 'COMPLETED':
1945 raise Exception("Not fully connected")
1946 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
1947 raise Exception("Unexpected encryption configuration")
1948 if status
['key_mgmt'] != 'WPA2-PSK':
1949 raise Exception("Unexpected key_mgmt")
1951 logger
.info("WPS connection as registrar")
1952 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1953 dev
[2].request("SET wps_fragment_size 50")
1954 dev
[2].wps_reg(apdev
[0]['bssid'], appin
)
1955 status
= dev
[2].get_status()
1956 if status
['wpa_state'] != 'COMPLETED':
1957 raise Exception("Not fully connected")
1958 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
1959 raise Exception("Unexpected encryption configuration")
1960 if status
['key_mgmt'] != 'WPA2-PSK':
1961 raise Exception("Unexpected key_mgmt")
1964 def test_ap_wps_new_version_sta(dev
, apdev
):
1965 """WPS compatibility with new version number on the station"""
1966 ssid
= "test-wps-ver"
1967 hapd
= hostapd
.add_ap(apdev
[0],
1968 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1969 "wpa_passphrase": "12345678", "wpa": "2",
1970 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
1971 logger
.info("WPS provisioning step")
1972 hapd
.request("WPS_PBC")
1973 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1974 dev
[0].dump_monitor()
1975 dev
[0].request("SET wps_version_number 0x43")
1976 dev
[0].request("SET wps_vendor_ext_m1 000137100100020001")
1977 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
1978 dev
[0].wait_connected(timeout
=30)
1981 def test_ap_wps_new_version_ap(dev
, apdev
):
1982 """WPS compatibility with new version number on the AP"""
1983 ssid
= "test-wps-ver"
1984 hapd
= hostapd
.add_ap(apdev
[0],
1985 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
1986 "wpa_passphrase": "12345678", "wpa": "2",
1987 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
1988 logger
.info("WPS provisioning step")
1989 if "FAIL" in hapd
.request("SET wps_version_number 0x43"):
1990 raise Exception("Failed to enable test functionality")
1991 hapd
.request("WPS_PBC")
1992 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1993 dev
[0].dump_monitor()
1994 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
1995 dev
[0].wait_connected(timeout
=30)
1996 hapd
.request("SET wps_version_number 0x20")
1999 def test_ap_wps_check_pin(dev
, apdev
):
2000 """Verify PIN checking through control interface"""
2001 hapd
= hostapd
.add_ap(apdev
[0],
2002 { "ssid": "wps", "eap_server": "1", "wps_state": "2",
2003 "wpa_passphrase": "12345678", "wpa": "2",
2004 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
2005 for t
in [ ("12345670", "12345670"),
2006 ("12345678", "FAIL-CHECKSUM"),
2008 ("123456789", "FAIL"),
2009 ("1234-5670", "12345670"),
2010 ("1234 5670", "12345670"),
2011 ("1-2.3:4 5670", "12345670") ]:
2012 res
= hapd
.request("WPS_CHECK_PIN " + t
[0]).rstrip('\n')
2013 res2
= dev
[0].request("WPS_CHECK_PIN " + t
[0]).rstrip('\n')
2015 raise Exception("Unexpected difference in WPS_CHECK_PIN responses")
2017 raise Exception("Incorrect WPS_CHECK_PIN response {} (expected {})".format(res
, t
[1]))
2019 if "FAIL" not in hapd
.request("WPS_CHECK_PIN 12345"):
2020 raise Exception("Unexpected WPS_CHECK_PIN success")
2021 if "FAIL" not in hapd
.request("WPS_CHECK_PIN 123456789"):
2022 raise Exception("Unexpected WPS_CHECK_PIN success")
2024 for i
in range(0, 10):
2025 pin
= dev
[0].request("WPS_PIN get")
2026 rpin
= dev
[0].request("WPS_CHECK_PIN " + pin
).rstrip('\n')
2028 raise Exception("Random PIN validation failed for " + pin
)
2030 def test_ap_wps_pin_get_failure(dev
, apdev
):
2031 """PIN generation failure"""
2032 with
fail_test(dev
[0], 1,
2033 "os_get_random;wpa_supplicant_ctrl_iface_wps_pin"):
2034 if "FAIL" not in dev
[0].request("WPS_PIN get"):
2035 raise Exception("WPS_PIN did not report failure")
2037 def test_ap_wps_wep_config(dev
, apdev
):
2038 """WPS 2.0 AP rejecting WEP configuration"""
2039 ssid
= "test-wps-config"
2041 hapd
= hostapd
.add_ap(apdev
[0],
2042 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
2044 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2045 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, "wps-new-ssid-wep", "OPEN", "WEP",
2046 "hello", no_wait
=True)
2047 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=15)
2049 raise Exception("WPS-FAIL timed out")
2050 if "reason=2" not in ev
:
2051 raise Exception("Unexpected reason code in WPS-FAIL")
2052 status
= hapd
.request("WPS_GET_STATUS")
2053 if "Last WPS result: Failed" not in status
:
2054 raise Exception("WPS failure result not shown correctly")
2055 if "Failure Reason: WEP Prohibited" not in status
:
2056 raise Exception("Failure reason not reported correctly")
2057 if "Peer Address: " + dev
[0].p2p_interface_addr() not in status
:
2058 raise Exception("Peer address not shown correctly")
2060 def test_ap_wps_wep_enroll(dev
, apdev
):
2061 """WPS 2.0 STA rejecting WEP configuration"""
2062 ssid
= "test-wps-wep"
2063 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
2064 "skip_cred_build": "1", "extra_cred": "wps-wep-cred" }
2065 hapd
= hostapd
.add_ap(apdev
[0], params
)
2066 hapd
.request("WPS_PBC")
2067 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2068 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2069 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
2071 raise Exception("WPS-FAIL event timed out")
2072 if "msg=12" not in ev
or "reason=2 (WEP Prohibited)" not in ev
:
2073 raise Exception("Unexpected WPS-FAIL event: " + ev
)
2076 def test_ap_wps_ie_fragmentation(dev
, apdev
):
2077 """WPS AP using fragmented WPS IE"""
2078 ssid
= "test-wps-ie-fragmentation"
2079 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
2080 "wpa_passphrase": "12345678", "wpa": "2",
2081 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
2082 "device_name": "1234567890abcdef1234567890abcdef",
2083 "manufacturer": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
2084 "model_name": "1234567890abcdef1234567890abcdef",
2085 "model_number": "1234567890abcdef1234567890abcdef",
2086 "serial_number": "1234567890abcdef1234567890abcdef" }
2087 hapd
= hostapd
.add_ap(apdev
[0], params
)
2088 hapd
.request("WPS_PBC")
2089 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2090 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2091 dev
[0].wait_connected(timeout
=30)
2092 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
2093 if "wps_device_name" not in bss
or bss
['wps_device_name'] != "1234567890abcdef1234567890abcdef":
2094 logger
.info("Device Name not received correctly")
2096 # This can fail if Probe Response frame is missed and Beacon frame was
2097 # used to fill in the BSS entry. This can happen, e.g., during heavy
2098 # load every now and then and is not really an error, so try to
2099 # workaround by runnign another scan.
2100 dev
[0].scan(freq
="2412", only_new
=True)
2101 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
2102 if not bss
or "wps_device_name" not in bss
or bss
['wps_device_name'] != "1234567890abcdef1234567890abcdef":
2104 raise Exception("Device Name not received correctly")
2105 if len(re
.findall("dd..0050f204", bss
['ie'])) != 2:
2106 raise Exception("Unexpected number of WPS IEs")
2108 def get_psk(pskfile
):
2110 with
open(pskfile
, "r") as f
:
2111 lines
= f
.read().splitlines()
2113 if l
== "# WPA PSKs":
2115 (addr
,psk
) = l
.split(' ')
2119 def test_ap_wps_per_station_psk(dev
, apdev
):
2120 """WPS PBC provisioning with per-station PSK"""
2121 addr0
= dev
[0].own_addr()
2122 addr1
= dev
[1].own_addr()
2123 addr2
= dev
[2].own_addr()
2126 pskfile
= "/tmp/ap_wps_per_enrollee_psk.psk_file"
2134 with
open(pskfile
, "w") as f
:
2135 f
.write("# WPA PSKs\n")
2137 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
2138 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
2139 "rsn_pairwise": "CCMP", "ap_pin": appin
,
2140 "wpa_psk_file": pskfile
}
2141 hapd
= hostapd
.add_ap(apdev
[0], params
)
2143 logger
.info("First enrollee")
2144 hapd
.request("WPS_PBC")
2145 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2146 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2147 dev
[0].wait_connected(timeout
=30)
2149 logger
.info("Second enrollee")
2150 hapd
.request("WPS_PBC")
2151 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2152 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
2153 dev
[1].wait_connected(timeout
=30)
2155 logger
.info("External registrar")
2156 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2157 dev
[2].wps_reg(apdev
[0]['bssid'], appin
)
2159 logger
.info("Verifying PSK results")
2160 psks
= get_psk(pskfile
)
2161 if addr0
not in psks
:
2162 raise Exception("No PSK recorded for sta0")
2163 if addr1
not in psks
:
2164 raise Exception("No PSK recorded for sta1")
2165 if addr2
not in psks
:
2166 raise Exception("No PSK recorded for sta2")
2167 if psks
[addr0
] == psks
[addr1
]:
2168 raise Exception("Same PSK recorded for sta0 and sta1")
2169 if psks
[addr0
] == psks
[addr2
]:
2170 raise Exception("Same PSK recorded for sta0 and sta2")
2171 if psks
[addr1
] == psks
[addr2
]:
2172 raise Exception("Same PSK recorded for sta1 and sta2")
2174 dev
[0].request("REMOVE_NETWORK all")
2175 logger
.info("Second external registrar")
2176 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2177 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
2178 psks2
= get_psk(pskfile
)
2179 if addr0
not in psks2
:
2180 raise Exception("No PSK recorded for sta0(reg)")
2181 if psks
[addr0
] == psks2
[addr0
]:
2182 raise Exception("Same PSK recorded for sta0(enrollee) and sta0(reg)")
2186 dev
[0].request("DISCONNECT")
2187 dev
[1].request("DISCONNECT")
2188 dev
[2].request("DISCONNECT")
2190 dev
[0].flush_scan_cache()
2191 dev
[1].flush_scan_cache()
2192 dev
[2].flush_scan_cache()
2194 def test_ap_wps_per_station_psk_failure(dev
, apdev
):
2195 """WPS PBC provisioning with per-station PSK (file not writable)"""
2196 addr0
= dev
[0].p2p_dev_addr()
2197 addr1
= dev
[1].p2p_dev_addr()
2198 addr2
= dev
[2].p2p_dev_addr()
2201 pskfile
= "/tmp/ap_wps_per_enrollee_psk.psk_file"
2209 with
open(pskfile
, "w") as f
:
2210 f
.write("# WPA PSKs\n")
2212 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
2213 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
2214 "rsn_pairwise": "CCMP", "ap_pin": appin
,
2215 "wpa_psk_file": pskfile
}
2216 hapd
= hostapd
.add_ap(apdev
[0], params
)
2217 if "FAIL" in hapd
.request("SET wpa_psk_file /tmp/does/not/exists/ap_wps_per_enrollee_psk_failure.psk_file"):
2218 raise Exception("Failed to set wpa_psk_file")
2220 logger
.info("First enrollee")
2221 hapd
.request("WPS_PBC")
2222 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2223 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2224 dev
[0].wait_connected(timeout
=30)
2226 logger
.info("Second enrollee")
2227 hapd
.request("WPS_PBC")
2228 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2229 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
2230 dev
[1].wait_connected(timeout
=30)
2232 logger
.info("External registrar")
2233 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2234 dev
[2].wps_reg(apdev
[0]['bssid'], appin
)
2236 logger
.info("Verifying PSK results")
2237 psks
= get_psk(pskfile
)
2239 raise Exception("PSK recorded unexpectedly")
2243 dev
[i
].request("DISCONNECT")
2246 dev
[i
].flush_scan_cache()
2249 def test_ap_wps_pin_request_file(dev
, apdev
):
2250 """WPS PIN provisioning with configured AP"""
2252 pinfile
= "/tmp/ap_wps_pin_request_file.log"
2253 if os
.path
.exists(pinfile
):
2255 hapd
= hostapd
.add_ap(apdev
[0],
2256 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
2257 "wps_pin_requests": pinfile
,
2258 "wpa_passphrase": "12345678", "wpa": "2",
2259 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2260 uuid
= dev
[0].get_status_field("uuid")
2261 pin
= dev
[0].wps_read_pin()
2263 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2264 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
2265 ev
= hapd
.wait_event(["WPS-PIN-NEEDED"], timeout
=15)
2267 raise Exception("PIN needed event not shown")
2269 raise Exception("UUID mismatch")
2270 dev
[0].request("WPS_CANCEL")
2272 with
open(pinfile
, "r") as f
:
2273 lines
= f
.readlines()
2279 raise Exception("PIN request entry not in the log file")
2286 def test_ap_wps_auto_setup_with_config_file(dev
, apdev
):
2287 """WPS auto-setup with configuration file"""
2288 conffile
= "/tmp/ap_wps_auto_setup_with_config_file.conf"
2289 ifname
= apdev
[0]['ifname']
2291 with
open(conffile
, "w") as f
:
2292 f
.write("driver=nl80211\n")
2293 f
.write("hw_mode=g\n")
2294 f
.write("channel=1\n")
2295 f
.write("ieee80211n=1\n")
2296 f
.write("interface=%s\n" % ifname
)
2297 f
.write("ctrl_interface=/var/run/hostapd\n")
2298 f
.write("ssid=wps\n")
2299 f
.write("eap_server=1\n")
2300 f
.write("wps_state=1\n")
2301 hapd
= hostapd
.add_bss(apdev
[0], ifname
, conffile
)
2302 hapd
.request("WPS_PBC")
2303 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2304 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2305 dev
[0].wait_connected(timeout
=30)
2306 with
open(conffile
, "r") as f
:
2307 lines
= f
.read().splitlines()
2311 [name
,value
] = l
.split('=', 1)
2313 except ValueError, e
:
2314 if "# WPS configuration" in l
:
2317 raise Exception("Unexpected configuration line: " + l
)
2318 if vals
['ieee80211n'] != '1' or vals
['wps_state'] != '2' or "WPA-PSK" not in vals
['wpa_key_mgmt']:
2319 raise Exception("Incorrect configuration: " + str(vals
))
2326 def test_ap_wps_pbc_timeout(dev
, apdev
, params
):
2327 """wpa_supplicant PBC walk time and WPS ER SelReg timeout [long]"""
2328 if not params
['long']:
2329 raise HwsimSkip("Skip test case with long duration due to --long not specified")
2330 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2331 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
2333 location
= ssdp_get_location(ap_uuid
)
2334 urls
= upnp_get_urls(location
)
2335 eventurl
= urlparse
.urlparse(urls
['event_sub_url'])
2336 ctrlurl
= urlparse
.urlparse(urls
['control_url'])
2338 url
= urlparse
.urlparse(location
)
2339 conn
= httplib
.HTTPConnection(url
.netloc
)
2341 class WPSERHTTPServer(SocketServer
.StreamRequestHandler
):
2343 data
= self
.rfile
.readline().strip()
2345 self
.wfile
.write(gen_wps_event())
2347 server
= MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer
)
2350 headers
= { "callback": '<http://127.0.0.1:12345/event>',
2352 "timeout": "Second-1234" }
2353 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2354 resp
= conn
.getresponse()
2355 if resp
.status
!= 200:
2356 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2357 sid
= resp
.getheader("sid")
2358 logger
.debug("Subscription SID " + sid
)
2360 msg
= '''<?xml version="1.0"?>
2361 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
2363 <u:SetSelectedRegistrar xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
2364 <NewMessage>EEoAARAQQQABARASAAIAABBTAAIxSBBJAA4ANyoAASABBv///////xBIABA2LbR7pTpRkYj7
2367 </u:SetSelectedRegistrar>
2370 headers
= { "Content-type": 'text/xml; charset="utf-8"' }
2371 headers
["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % "SetSelectedRegistrar"
2372 conn
.request("POST", ctrlurl
.path
, msg
, headers
)
2373 resp
= conn
.getresponse()
2374 if resp
.status
!= 200:
2375 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2377 server
.handle_request()
2379 logger
.info("Start WPS_PBC and wait for PBC walk time expiration")
2380 if "OK" not in dev
[0].request("WPS_PBC"):
2381 raise Exception("WPS_PBC failed")
2383 start
= os
.times()[4]
2385 server
.handle_request()
2386 dev
[1].request("BSS_FLUSH 0")
2387 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True,
2389 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
2390 logger
.debug("BSS: " + str(bss
))
2391 if '[WPS-AUTH]' not in bss
['flags']:
2392 raise Exception("WPS not indicated authorized")
2394 server
.handle_request()
2396 wps_timeout_seen
= False
2400 dev
[1].dump_monitor()
2401 if not wps_timeout_seen
:
2402 ev
= dev
[0].wait_event(["WPS-TIMEOUT"], timeout
=0)
2404 logger
.info("PBC timeout seen")
2405 wps_timeout_seen
= True
2407 dev
[0].dump_monitor()
2409 if now
- start
> 130:
2410 raise Exception("Selected registration information not removed")
2411 dev
[1].request("BSS_FLUSH 0")
2412 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True,
2414 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
2415 logger
.debug("BSS: " + str(bss
))
2416 if '[WPS-AUTH]' not in bss
['flags']:
2418 server
.handle_request()
2420 server
.server_close()
2422 if wps_timeout_seen
:
2426 if now
< start
+ 150:
2427 dur
= start
+ 150 - now
2430 logger
.info("Continue waiting for PBC timeout (%d sec)" % dur
)
2431 ev
= dev
[0].wait_event(["WPS-TIMEOUT"], timeout
=dur
)
2433 raise Exception("WPS-TIMEOUT not reported")
2435 def add_ssdp_ap(ap
, ap_uuid
):
2438 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
2439 "wpa_passphrase": "12345678", "wpa": "2",
2440 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
2441 "device_name": "Wireless AP", "manufacturer": "Company",
2442 "model_name": "WAP", "model_number": "123",
2443 "serial_number": "12345", "device_type": "6-0050F204-1",
2444 "os_version": "01020300",
2445 "config_methods": "label push_button",
2446 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo",
2447 "friendly_name": "WPS Access Point",
2448 "manufacturer_url": "http://www.example.com/",
2449 "model_description": "Wireless Access Point",
2450 "model_url": "http://www.example.com/model/",
2451 "upc": "123456789012" }
2452 return hostapd
.add_ap(ap
, params
)
2454 def ssdp_send(msg
, no_recv
=False):
2455 socket
.setdefaulttimeout(1)
2456 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2457 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2458 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2459 sock
.bind(("127.0.0.1", 0))
2460 sock
.sendto(msg
, ("239.255.255.250", 1900))
2463 return sock
.recv(1000)
2465 def ssdp_send_msearch(st
, no_recv
=False):
2467 'M-SEARCH * HTTP/1.1',
2468 'HOST: 239.255.255.250:1900',
2470 'MAN: "ssdp:discover"',
2473 return ssdp_send(msg
, no_recv
=no_recv
)
2475 def test_ap_wps_ssdp_msearch(dev
, apdev
):
2476 """WPS AP and SSDP M-SEARCH messages"""
2477 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2478 add_ssdp_ap(apdev
[0], ap_uuid
)
2481 'M-SEARCH * HTTP/1.1',
2482 'Host: 239.255.255.250:1900',
2484 'Man: "ssdp:discover"',
2485 'St: urn:schemas-wifialliance-org:device:WFADevice:1',
2490 'M-SEARCH * HTTP/1.1',
2491 'host:\t239.255.255.250:1900\t\t\t\t \t\t',
2493 'man: \t \t "ssdp:discover" ',
2494 'st: urn:schemas-wifialliance-org:device:WFADevice:1\t\t',
2498 ssdp_send_msearch("ssdp:all")
2499 ssdp_send_msearch("upnp:rootdevice")
2500 ssdp_send_msearch("uuid:" + ap_uuid
)
2501 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1")
2502 ssdp_send_msearch("urn:schemas-wifialliance-org:device:WFADevice:1")
2505 'M-SEARCH * HTTP/1.1',
2506 'HOST:\t239.255.255.250:1900',
2507 'MAN: "ssdp:discover"',
2509 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2511 ssdp_send(msg
, no_recv
=True)
2513 def test_ap_wps_ssdp_invalid_msearch(dev
, apdev
):
2514 """WPS AP and invalid SSDP M-SEARCH messages"""
2515 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2516 add_ssdp_ap(apdev
[0], ap_uuid
)
2518 socket
.setdefaulttimeout(1)
2519 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2520 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2521 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2522 sock
.bind(("127.0.0.1", 0))
2524 logger
.debug("Missing MX")
2526 'M-SEARCH * HTTP/1.1',
2527 'HOST: 239.255.255.250:1900',
2528 'MAN: "ssdp:discover"',
2529 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2531 sock
.sendto(msg
, ("239.255.255.250", 1900))
2533 logger
.debug("Negative MX")
2535 'M-SEARCH * HTTP/1.1',
2536 'HOST: 239.255.255.250:1900',
2538 'MAN: "ssdp:discover"',
2539 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2541 sock
.sendto(msg
, ("239.255.255.250", 1900))
2543 logger
.debug("Invalid MX")
2545 'M-SEARCH * HTTP/1.1',
2546 'HOST: 239.255.255.250:1900',
2548 'MAN: "ssdp:discover"',
2549 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2551 sock
.sendto(msg
, ("239.255.255.250", 1900))
2553 logger
.debug("Missing MAN")
2555 'M-SEARCH * HTTP/1.1',
2556 'HOST: 239.255.255.250:1900',
2558 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2560 sock
.sendto(msg
, ("239.255.255.250", 1900))
2562 logger
.debug("Invalid MAN")
2564 'M-SEARCH * HTTP/1.1',
2565 'HOST: 239.255.255.250:1900',
2568 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2570 sock
.sendto(msg
, ("239.255.255.250", 1900))
2572 'M-SEARCH * HTTP/1.1',
2573 'HOST: 239.255.255.250:1900',
2575 'MAN; "ssdp:discover"',
2576 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2578 sock
.sendto(msg
, ("239.255.255.250", 1900))
2580 logger
.debug("Missing HOST")
2582 'M-SEARCH * HTTP/1.1',
2583 'MAN: "ssdp:discover"',
2585 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2587 sock
.sendto(msg
, ("239.255.255.250", 1900))
2589 logger
.debug("Missing ST")
2591 'M-SEARCH * HTTP/1.1',
2592 'HOST: 239.255.255.250:1900',
2593 'MAN: "ssdp:discover"',
2596 sock
.sendto(msg
, ("239.255.255.250", 1900))
2598 logger
.debug("Mismatching ST")
2600 'M-SEARCH * HTTP/1.1',
2601 'HOST: 239.255.255.250:1900',
2602 'MAN: "ssdp:discover"',
2604 'ST: uuid:16d5f8a9-4ee4-4f5e-81f9-cc6e2f47f42d',
2606 sock
.sendto(msg
, ("239.255.255.250", 1900))
2608 'M-SEARCH * HTTP/1.1',
2609 'HOST: 239.255.255.250:1900',
2610 'MAN: "ssdp:discover"',
2614 sock
.sendto(msg
, ("239.255.255.250", 1900))
2616 'M-SEARCH * HTTP/1.1',
2617 'HOST: 239.255.255.250:1900',
2618 'MAN: "ssdp:discover"',
2622 sock
.sendto(msg
, ("239.255.255.250", 1900))
2624 logger
.debug("Invalid ST")
2626 'M-SEARCH * HTTP/1.1',
2627 'HOST: 239.255.255.250:1900',
2628 'MAN: "ssdp:discover"',
2630 'ST; urn:schemas-wifialliance-org:device:WFADevice:1',
2632 sock
.sendto(msg
, ("239.255.255.250", 1900))
2634 logger
.debug("Invalid M-SEARCH")
2636 'M+SEARCH * HTTP/1.1',
2637 'HOST: 239.255.255.250:1900',
2638 'MAN: "ssdp:discover"',
2640 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2642 sock
.sendto(msg
, ("239.255.255.250", 1900))
2644 'M-SEARCH-* HTTP/1.1',
2645 'HOST: 239.255.255.250:1900',
2646 'MAN: "ssdp:discover"',
2648 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2650 sock
.sendto(msg
, ("239.255.255.250", 1900))
2652 logger
.debug("Invalid message format")
2653 sock
.sendto("NOTIFY * HTTP/1.1", ("239.255.255.250", 1900))
2655 'M-SEARCH * HTTP/1.1',
2656 'HOST: 239.255.255.250:1900',
2657 'MAN: "ssdp:discover"',
2659 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2661 sock
.sendto(msg
, ("239.255.255.250", 1900))
2665 raise Exception("Unexpected M-SEARCH response: " + r
)
2666 except socket
.timeout
:
2669 logger
.debug("Valid M-SEARCH")
2671 'M-SEARCH * HTTP/1.1',
2672 'HOST: 239.255.255.250:1900',
2673 'MAN: "ssdp:discover"',
2675 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2677 sock
.sendto(msg
, ("239.255.255.250", 1900))
2682 except socket
.timeout
:
2683 raise Exception("No SSDP response")
2685 def test_ap_wps_ssdp_burst(dev
, apdev
):
2686 """WPS AP and SSDP burst"""
2687 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2688 add_ssdp_ap(apdev
[0], ap_uuid
)
2691 'M-SEARCH * HTTP/1.1',
2692 'HOST: 239.255.255.250:1900',
2693 'MAN: "ssdp:discover"',
2695 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2697 socket
.setdefaulttimeout(1)
2698 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2699 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2700 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2701 sock
.bind(("127.0.0.1", 0))
2702 for i
in range(0, 25):
2703 sock
.sendto(msg
, ("239.255.255.250", 1900))
2708 if not r
.startswith("HTTP/1.1 200 OK\r\n"):
2709 raise Exception("Unexpected message: " + r
)
2711 except socket
.timeout
:
2714 raise Exception("Too few SSDP responses")
2716 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2717 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2718 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2719 sock
.bind(("127.0.0.1", 0))
2720 for i
in range(0, 25):
2721 sock
.sendto(msg
, ("239.255.255.250", 1900))
2727 except socket
.timeout
:
2728 raise Exception("No SSDP response")
2730 def ssdp_get_location(uuid
):
2731 res
= ssdp_send_msearch("uuid:" + uuid
)
2733 for l
in res
.splitlines():
2734 if l
.lower().startswith("location:"):
2735 location
= l
.split(':', 1)[1].strip()
2737 if location
is None:
2738 raise Exception("No UPnP location found")
2741 def upnp_get_urls(location
):
2742 conn
= urllib
.urlopen(location
, proxies
={})
2743 tree
= ET
.parse(conn
)
2744 root
= tree
.getroot()
2745 urn
= '{urn:schemas-upnp-org:device-1-0}'
2746 service
= root
.find("./" + urn
+ "device/" + urn
+ "serviceList/" + urn
+ "service")
2748 res
['scpd_url'] = urlparse
.urljoin(location
, service
.find(urn
+ 'SCPDURL').text
)
2749 res
['control_url'] = urlparse
.urljoin(location
, service
.find(urn
+ 'controlURL').text
)
2750 res
['event_sub_url'] = urlparse
.urljoin(location
, service
.find(urn
+ 'eventSubURL').text
)
2753 def upnp_soap_action(conn
, path
, action
, include_soap_action
=True,
2754 soap_action_override
=None, newmsg
=None, neweventtype
=None,
2756 soapns
= 'http://schemas.xmlsoap.org/soap/envelope/'
2757 wpsns
= 'urn:schemas-wifialliance-org:service:WFAWLANConfig:1'
2758 ET
.register_namespace('soapenv', soapns
)
2759 ET
.register_namespace('wfa', wpsns
)
2761 attrib
['{%s}encodingStyle' % soapns
] = 'http://schemas.xmlsoap.org/soap/encoding/'
2762 root
= ET
.Element("{%s}Envelope" % soapns
, attrib
=attrib
)
2763 body
= ET
.SubElement(root
, "{%s}Body" % soapns
)
2764 act
= ET
.SubElement(body
, "{%s}%s" % (wpsns
, action
))
2766 msg
= ET
.SubElement(act
, "NewMessage")
2767 msg
.text
= base64
.b64encode(newmsg
)
2769 msg
= ET
.SubElement(act
, "NewWLANEventType")
2770 msg
.text
= neweventtype
2772 msg
= ET
.SubElement(act
, "NewWLANEventMAC")
2773 msg
.text
= neweventmac
2774 tree
= ET
.ElementTree(root
)
2775 soap
= StringIO
.StringIO()
2776 tree
.write(soap
, xml_declaration
=True, encoding
='utf-8')
2778 headers
= { "Content-type": 'text/xml; charset="utf-8"' }
2779 if include_soap_action
:
2780 headers
["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % action
2781 elif soap_action_override
:
2782 headers
["SOAPAction"] = soap_action_override
2783 conn
.request("POST", path
, soap
.getvalue(), headers
)
2784 return conn
.getresponse()
2786 def test_ap_wps_upnp(dev
, apdev
):
2787 """WPS AP and UPnP operations"""
2788 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2789 add_ssdp_ap(apdev
[0], ap_uuid
)
2791 location
= ssdp_get_location(ap_uuid
)
2792 urls
= upnp_get_urls(location
)
2794 conn
= urllib
.urlopen(urls
['scpd_url'], proxies
={})
2797 conn
= urllib
.urlopen(urlparse
.urljoin(location
, "unknown.html"),
2799 if conn
.getcode() != 404:
2800 raise Exception("Unexpected HTTP response to GET unknown URL")
2802 url
= urlparse
.urlparse(location
)
2803 conn
= httplib
.HTTPConnection(url
.netloc
)
2804 #conn.set_debuglevel(1)
2805 headers
= { "Content-type": 'text/xml; charset="utf-8"',
2806 "SOAPAction": '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#GetDeviceInfo"' }
2807 conn
.request("POST", "hello", "\r\n\r\n", headers
)
2808 resp
= conn
.getresponse()
2809 if resp
.status
!= 404:
2810 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2812 conn
.request("UNKNOWN", "hello", "\r\n\r\n", headers
)
2813 resp
= conn
.getresponse()
2814 if resp
.status
!= 501:
2815 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2817 headers
= { "Content-type": 'text/xml; charset="utf-8"',
2818 "SOAPAction": '"urn:some-unknown-action#GetDeviceInfo"' }
2819 ctrlurl
= urlparse
.urlparse(urls
['control_url'])
2820 conn
.request("POST", ctrlurl
.path
, "\r\n\r\n", headers
)
2821 resp
= conn
.getresponse()
2822 if resp
.status
!= 401:
2823 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2825 logger
.debug("GetDeviceInfo without SOAPAction header")
2826 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo",
2827 include_soap_action
=False)
2828 if resp
.status
!= 401:
2829 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2831 logger
.debug("GetDeviceInfo with invalid SOAPAction header")
2833 "urn:schemas-wifialliance-org:service:WFAWLANConfig:1#GetDeviceInfo",
2834 '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1"',
2835 '"urn:schemas-wifialliance-org:service:WFAWLANConfig:123#GetDevice']:
2836 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo",
2837 include_soap_action
=False,
2838 soap_action_override
=act
)
2839 if resp
.status
!= 401:
2840 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2842 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
2843 if resp
.status
!= 200:
2844 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2846 if "NewDeviceInfo" not in dev
:
2847 raise Exception("Unexpected GetDeviceInfo response")
2849 logger
.debug("PutMessage without required parameters")
2850 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutMessage")
2851 if resp
.status
!= 600:
2852 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2854 logger
.debug("PutWLANResponse without required parameters")
2855 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse")
2856 if resp
.status
!= 600:
2857 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2859 logger
.debug("SetSelectedRegistrar from unregistered ER")
2860 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "SetSelectedRegistrar")
2861 if resp
.status
!= 501:
2862 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2864 logger
.debug("Unknown action")
2865 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "Unknown")
2866 if resp
.status
!= 401:
2867 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2869 def test_ap_wps_upnp_subscribe(dev
, apdev
):
2870 """WPS AP and UPnP event subscription"""
2871 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2872 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
2874 location
= ssdp_get_location(ap_uuid
)
2875 urls
= upnp_get_urls(location
)
2876 eventurl
= urlparse
.urlparse(urls
['event_sub_url'])
2878 url
= urlparse
.urlparse(location
)
2879 conn
= httplib
.HTTPConnection(url
.netloc
)
2880 #conn.set_debuglevel(1)
2881 headers
= { "callback": '<http://127.0.0.1:12345/event>',
2882 "timeout": "Second-1234" }
2883 conn
.request("SUBSCRIBE", "hello", "\r\n\r\n", headers
)
2884 resp
= conn
.getresponse()
2885 if resp
.status
!= 412:
2886 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2888 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2889 resp
= conn
.getresponse()
2890 if resp
.status
!= 412:
2891 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2893 headers
= { "NT": "upnp:event",
2894 "timeout": "Second-1234" }
2895 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2896 resp
= conn
.getresponse()
2897 if resp
.status
!= 412:
2898 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2900 headers
= { "callback": '<http://127.0.0.1:12345/event>',
2901 "NT": "upnp:foobar",
2902 "timeout": "Second-1234" }
2903 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2904 resp
= conn
.getresponse()
2905 if resp
.status
!= 400:
2906 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2908 logger
.debug("Valid subscription")
2909 headers
= { "callback": '<http://127.0.0.1:12345/event>',
2911 "timeout": "Second-1234" }
2912 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2913 resp
= conn
.getresponse()
2914 if resp
.status
!= 200:
2915 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2916 sid
= resp
.getheader("sid")
2917 logger
.debug("Subscription SID " + sid
)
2919 logger
.debug("Invalid re-subscription")
2920 headers
= { "NT": "upnp:event",
2921 "sid": "123456734567854",
2922 "timeout": "Second-1234" }
2923 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2924 resp
= conn
.getresponse()
2925 if resp
.status
!= 400:
2926 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2928 logger
.debug("Invalid re-subscription")
2929 headers
= { "NT": "upnp:event",
2930 "sid": "uuid:123456734567854",
2931 "timeout": "Second-1234" }
2932 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2933 resp
= conn
.getresponse()
2934 if resp
.status
!= 400:
2935 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2937 logger
.debug("Invalid re-subscription")
2938 headers
= { "callback": '<http://127.0.0.1:12345/event>',
2941 "timeout": "Second-1234" }
2942 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2943 resp
= conn
.getresponse()
2944 if resp
.status
!= 400:
2945 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2947 logger
.debug("SID mismatch in re-subscription")
2948 headers
= { "NT": "upnp:event",
2949 "sid": "uuid:4c2bca79-1ff4-4e43-85d4-952a2b8a51fb",
2950 "timeout": "Second-1234" }
2951 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2952 resp
= conn
.getresponse()
2953 if resp
.status
!= 412:
2954 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2956 logger
.debug("Valid re-subscription")
2957 headers
= { "NT": "upnp:event",
2959 "timeout": "Second-1234" }
2960 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2961 resp
= conn
.getresponse()
2962 if resp
.status
!= 200:
2963 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2964 sid2
= resp
.getheader("sid")
2965 logger
.debug("Subscription SID " + sid2
)
2968 raise Exception("Unexpected SID change")
2970 logger
.debug("Valid re-subscription")
2971 headers
= { "NT": "upnp:event",
2972 "sid": "uuid: \t \t" + sid
.split(':')[1],
2973 "timeout": "Second-1234" }
2974 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2975 resp
= conn
.getresponse()
2976 if resp
.status
!= 200:
2977 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2979 logger
.debug("Invalid unsubscription")
2980 headers
= { "sid": sid
}
2981 conn
.request("UNSUBSCRIBE", "/hello", "\r\n\r\n", headers
)
2982 resp
= conn
.getresponse()
2983 if resp
.status
!= 412:
2984 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2985 headers
= { "foo": "bar" }
2986 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2987 resp
= conn
.getresponse()
2988 if resp
.status
!= 412:
2989 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2991 logger
.debug("Valid unsubscription")
2992 headers
= { "sid": sid
}
2993 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2994 resp
= conn
.getresponse()
2995 if resp
.status
!= 200:
2996 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2998 logger
.debug("Unsubscription for not existing SID")
2999 headers
= { "sid": sid
}
3000 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3001 resp
= conn
.getresponse()
3002 if resp
.status
!= 412:
3003 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3005 logger
.debug("Invalid unsubscription")
3006 headers
= { "sid": " \t \tfoo" }
3007 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3008 resp
= conn
.getresponse()
3009 if resp
.status
!= 400:
3010 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3012 logger
.debug("Invalid unsubscription")
3013 headers
= { "sid": "uuid:\t \tfoo" }
3014 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3015 resp
= conn
.getresponse()
3016 if resp
.status
!= 400:
3017 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3019 logger
.debug("Invalid unsubscription")
3020 headers
= { "NT": "upnp:event",
3022 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3023 resp
= conn
.getresponse()
3024 if resp
.status
!= 400:
3025 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3026 headers
= { "callback": '<http://127.0.0.1:12345/event>',
3028 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3029 resp
= conn
.getresponse()
3030 if resp
.status
!= 400:
3031 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3033 logger
.debug("Valid subscription with multiple callbacks")
3034 headers
= { "callback": '<http://127.0.0.1:12345/event> <http://127.0.0.1:12345/event>\t<http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event>',
3036 "timeout": "Second-1234" }
3037 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3038 resp
= conn
.getresponse()
3039 if resp
.status
!= 200:
3040 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3041 sid
= resp
.getheader("sid")
3042 logger
.debug("Subscription SID " + sid
)
3044 # Force subscription to be deleted due to errors
3045 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3046 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3047 with
alloc_fail(hapd
, 1, "event_build_message"):
3049 dev
[1].dump_monitor()
3050 dev
[2].dump_monitor()
3051 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3052 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3053 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3054 dev
[1].request("WPS_CANCEL")
3055 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3056 dev
[2].request("WPS_CANCEL")
3063 headers
= { "sid": sid
}
3064 conn
.request("UNSUBSCRIBE", eventurl
.path
, "", headers
)
3065 resp
= conn
.getresponse()
3066 if resp
.status
!= 200 and resp
.status
!= 412:
3067 raise Exception("Unexpected HTTP response for UNSUBSCRIBE: %d" % resp
.status
)
3069 headers
= { "callback": '<http://127.0.0.1:12345/event>',
3071 "timeout": "Second-1234" }
3072 with
alloc_fail(hapd
, 1, "http_client_addr;event_send_start"):
3073 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3074 resp
= conn
.getresponse()
3075 if resp
.status
!= 200:
3076 raise Exception("Unexpected HTTP response for SUBSCRIBE: %d" % resp
.status
)
3077 sid
= resp
.getheader("sid")
3078 logger
.debug("Subscription SID " + sid
)
3080 headers
= { "sid": sid
}
3081 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3082 resp
= conn
.getresponse()
3083 if resp
.status
!= 200:
3084 raise Exception("Unexpected HTTP response for UNSUBSCRIBE: %d" % resp
.status
)
3086 headers
= { "callback": '<http://127.0.0.1:12345/event>',
3088 "timeout": "Second-1234" }
3089 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3090 resp
= conn
.getresponse()
3091 if resp
.status
!= 200:
3092 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3093 sid
= resp
.getheader("sid")
3094 logger
.debug("Subscription SID " + sid
)
3096 with
alloc_fail(hapd
, 1, "=event_add"):
3098 dev
[1].dump_monitor()
3099 dev
[2].dump_monitor()
3100 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3101 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3102 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3103 dev
[1].request("WPS_CANCEL")
3104 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3105 dev
[2].request("WPS_CANCEL")
3111 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3112 resp
= conn
.getresponse()
3113 if resp
.status
!= 200:
3114 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3116 with
alloc_fail(hapd
, 1, "wpabuf_dup;event_add"):
3117 dev
[1].dump_monitor()
3118 dev
[2].dump_monitor()
3119 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3120 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3121 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3122 dev
[1].request("WPS_CANCEL")
3123 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3124 dev
[2].request("WPS_CANCEL")
3127 with
fail_test(hapd
, 1, "os_get_random;uuid_make;subscription_start"):
3128 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3129 resp
= conn
.getresponse()
3130 if resp
.status
!= 500:
3131 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3133 with
alloc_fail(hapd
, 1, "=subscription_start"):
3134 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3135 resp
= conn
.getresponse()
3136 if resp
.status
!= 500:
3137 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3139 headers
= { "callback": '',
3141 "timeout": "Second-1234" }
3142 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3143 resp
= conn
.getresponse()
3144 if resp
.status
!= 500:
3145 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3147 headers
= { "callback": ' <',
3149 "timeout": "Second-1234" }
3150 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3151 resp
= conn
.getresponse()
3152 if resp
.status
!= 500:
3153 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3155 headers
= { "callback": '<http://127.0.0.1:12345/event>',
3157 "timeout": "Second-1234" }
3158 with
alloc_fail(hapd
, 1, "wpabuf_alloc;subscription_first_event"):
3159 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3160 resp
= conn
.getresponse()
3161 if resp
.status
!= 500:
3162 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3164 with
alloc_fail(hapd
, 1, "event_add;subscription_first_event"):
3165 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3166 resp
= conn
.getresponse()
3167 if resp
.status
!= 500:
3168 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3170 with
alloc_fail(hapd
, 1, "subscr_addr_add_url"):
3171 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3172 resp
= conn
.getresponse()
3173 if resp
.status
!= 500:
3174 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3176 with
alloc_fail(hapd
, 2, "subscr_addr_add_url"):
3177 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3178 resp
= conn
.getresponse()
3179 if resp
.status
!= 500:
3180 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3183 headers
= { "callback": '<http://127.0.0.1:%d/event>' % (12345 + i
),
3185 "timeout": "Second-1234" }
3186 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3187 resp
= conn
.getresponse()
3188 if resp
.status
!= 200:
3189 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3191 with
alloc_fail(hapd
, 1, "=upnp_wps_device_send_wlan_event"):
3192 dev
[1].dump_monitor()
3193 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3194 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3195 dev
[1].request("WPS_CANCEL")
3198 with
alloc_fail(hapd
, 1, "wpabuf_alloc;upnp_wps_device_send_event"):
3199 dev
[1].dump_monitor()
3200 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3201 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3202 dev
[1].request("WPS_CANCEL")
3205 with
alloc_fail(hapd
, 1,
3206 "base64_gen_encode;?base64_encode;upnp_wps_device_send_wlan_event"):
3207 dev
[1].dump_monitor()
3208 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3209 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3210 dev
[1].request("WPS_CANCEL")
3214 with
alloc_fail(hapd
, 1, "get_netif_info"):
3215 if "FAIL" not in hapd
.request("ENABLE"):
3216 raise Exception("ENABLE succeeded during OOM")
3218 def test_ap_wps_upnp_subscribe_events(dev
, apdev
):
3219 """WPS AP and UPnP event subscription and many events"""
3220 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3221 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
3223 location
= ssdp_get_location(ap_uuid
)
3224 urls
= upnp_get_urls(location
)
3225 eventurl
= urlparse
.urlparse(urls
['event_sub_url'])
3227 class WPSERHTTPServer(SocketServer
.StreamRequestHandler
):
3229 data
= self
.rfile
.readline().strip()
3231 self
.wfile
.write(gen_wps_event())
3233 server
= MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer
)
3236 url
= urlparse
.urlparse(location
)
3237 conn
= httplib
.HTTPConnection(url
.netloc
)
3239 headers
= { "callback": '<http://127.0.0.1:12345/event>',
3241 "timeout": "Second-1234" }
3242 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3243 resp
= conn
.getresponse()
3244 if resp
.status
!= 200:
3245 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3246 sid
= resp
.getheader("sid")
3247 logger
.debug("Subscription SID " + sid
)
3249 # Fetch the first event message
3250 server
.handle_request()
3252 # Force subscription event queue to reach the maximum length by generating
3253 # new proxied events without the ER fetching any of the pending events.
3254 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3255 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3257 dev
[1].dump_monitor()
3258 dev
[2].dump_monitor()
3259 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3260 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3261 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3262 dev
[1].request("WPS_CANCEL")
3263 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3264 dev
[2].request("WPS_CANCEL")
3270 hapd
.request("WPS_PIN any 12345670")
3271 dev
[1].dump_monitor()
3272 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3273 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=10)
3275 raise Exception("WPS success not reported")
3277 # Close the WPS ER HTTP server without fetching all the pending events.
3278 # This tests hostapd code path that clears subscription and the remaining
3279 # event queue when the interface is deinitialized.
3280 server
.handle_request()
3281 server
.server_close()
3283 dev
[1].wait_connected()
3285 def test_ap_wps_upnp_http_proto(dev
, apdev
):
3286 """WPS AP and UPnP/HTTP protocol testing"""
3287 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3288 add_ssdp_ap(apdev
[0], ap_uuid
)
3290 location
= ssdp_get_location(ap_uuid
)
3292 url
= urlparse
.urlparse(location
)
3293 conn
= httplib
.HTTPConnection(url
.netloc
, timeout
=0.2)
3294 #conn.set_debuglevel(1)
3296 conn
.request("HEAD", "hello")
3297 resp
= conn
.getresponse()
3298 if resp
.status
!= 501:
3299 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3302 for cmd
in [ "PUT", "DELETE", "TRACE", "CONNECT", "M-SEARCH", "M-POST" ]:
3304 conn
.request(cmd
, "hello")
3305 resp
= conn
.getresponse()
3306 except Exception, e
:
3310 headers
= { "Content-Length": 'abc' }
3311 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3313 resp
= conn
.getresponse()
3314 except Exception, e
:
3318 headers
= { "Content-Length": '-10' }
3319 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3321 resp
= conn
.getresponse()
3322 except Exception, e
:
3326 headers
= { "Content-Length": '10000000000000' }
3327 conn
.request("HEAD", "hello", "\r\n\r\nhello", headers
)
3329 resp
= conn
.getresponse()
3330 except Exception, e
:
3334 headers
= { "Transfer-Encoding": 'abc' }
3335 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3336 resp
= conn
.getresponse()
3337 if resp
.status
!= 501:
3338 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3341 headers
= { "Transfer-Encoding": 'chunked' }
3342 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3343 resp
= conn
.getresponse()
3344 if resp
.status
!= 501:
3345 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3349 conn
.request("HEAD", 5000 * 'A')
3351 resp
= conn
.getresponse()
3352 except Exception, e
:
3356 # Long URL but within header length limits
3357 conn
.request("HEAD", 3000 * 'A')
3358 resp
= conn
.getresponse()
3359 if resp
.status
!= 501:
3360 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3363 headers
= { "Content-Length": '20' }
3364 conn
.request("POST", "hello", 10 * 'A' + "\r\n\r\n", headers
)
3366 resp
= conn
.getresponse()
3367 except Exception, e
:
3371 conn
.request("POST", "hello", 5000 * 'A' + "\r\n\r\n")
3372 resp
= conn
.getresponse()
3373 if resp
.status
!= 404:
3374 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3377 conn
.request("POST", "hello", 60000 * 'A' + "\r\n\r\n")
3379 resp
= conn
.getresponse()
3380 except Exception, e
:
3384 def test_ap_wps_upnp_http_proto_chunked(dev
, apdev
):
3385 """WPS AP and UPnP/HTTP protocol testing for chunked encoding"""
3386 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3387 add_ssdp_ap(apdev
[0], ap_uuid
)
3389 location
= ssdp_get_location(ap_uuid
)
3391 url
= urlparse
.urlparse(location
)
3392 conn
= httplib
.HTTPConnection(url
.netloc
)
3393 #conn.set_debuglevel(1)
3395 headers
= { "Transfer-Encoding": 'chunked' }
3396 conn
.request("POST", "hello",
3397 "a\r\nabcdefghij\r\n" + "2\r\nkl\r\n" + "0\r\n\r\n",
3399 resp
= conn
.getresponse()
3400 if resp
.status
!= 404:
3401 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3404 conn
.putrequest("POST", "hello")
3405 conn
.putheader('Transfer-Encoding', 'chunked')
3407 conn
.send("a\r\nabcdefghij\r\n")
3409 conn
.send("2\r\nkl\r\n")
3410 conn
.send("0\r\n\r\n")
3411 resp
= conn
.getresponse()
3412 if resp
.status
!= 404:
3413 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3416 conn
.putrequest("POST", "hello")
3417 conn
.putheader('Transfer-Encoding', 'chunked')
3421 for i
in range(20000):
3422 conn
.send("1\r\nZ\r\n")
3423 conn
.send("0\r\n\r\n")
3424 resp
= conn
.getresponse()
3426 except Exception, e
:
3430 raise Exception("Too long chunked request did not result in connection reset")
3432 headers
= { "Transfer-Encoding": 'chunked' }
3433 conn
.request("POST", "hello", "80000000\r\na", headers
)
3435 resp
= conn
.getresponse()
3436 except Exception, e
:
3440 conn
.request("POST", "hello", "10000000\r\na", headers
)
3442 resp
= conn
.getresponse()
3443 except Exception, e
:
3448 def test_ap_wps_disabled(dev
, apdev
):
3449 """WPS operations while WPS is disabled"""
3450 ssid
= "test-wps-disabled"
3451 hapd
= hostapd
.add_ap(apdev
[0], { "ssid": ssid
})
3452 if "FAIL" not in hapd
.request("WPS_PBC"):
3453 raise Exception("WPS_PBC succeeded unexpectedly")
3454 if "FAIL" not in hapd
.request("WPS_CANCEL"):
3455 raise Exception("WPS_CANCEL succeeded unexpectedly")
3457 def test_ap_wps_mixed_cred(dev
, apdev
):
3458 """WPS 2.0 STA merging mixed mode WPA/WPA2 credentials"""
3459 ssid
= "test-wps-wep"
3460 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
3461 "skip_cred_build": "1", "extra_cred": "wps-mixed-cred" }
3462 hapd
= hostapd
.add_ap(apdev
[0], params
)
3463 hapd
.request("WPS_PBC")
3464 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3465 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3466 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=30)
3468 raise Exception("WPS-SUCCESS event timed out")
3469 nets
= dev
[0].list_networks()
3471 raise Exception("Unexpected number of network blocks")
3473 proto
= dev
[0].get_network(id, "proto")
3474 if proto
!= "WPA RSN":
3475 raise Exception("Unexpected merged proto field value: " + proto
)
3476 pairwise
= dev
[0].get_network(id, "pairwise")
3477 if pairwise
!= "CCMP TKIP" and pairwise
!= "CCMP GCMP TKIP":
3478 raise Exception("Unexpected merged pairwise field value: " + pairwise
)
3481 def test_ap_wps_while_connected(dev
, apdev
):
3482 """WPS PBC provisioning while connected to another AP"""
3483 ssid
= "test-wps-conf"
3484 hapd
= hostapd
.add_ap(apdev
[0],
3485 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
3486 "wpa_passphrase": "12345678", "wpa": "2",
3487 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3489 hostapd
.add_ap(apdev
[1], { "ssid": "open" })
3490 dev
[0].connect("open", key_mgmt
="NONE", scan_freq
="2412")
3492 logger
.info("WPS provisioning step")
3493 hapd
.request("WPS_PBC")
3494 dev
[0].dump_monitor()
3495 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3496 dev
[0].wait_connected(timeout
=30)
3497 status
= dev
[0].get_status()
3498 if status
['bssid'] != apdev
[0]['bssid']:
3499 raise Exception("Unexpected BSSID")
3502 def test_ap_wps_while_connected_no_autoconnect(dev
, apdev
):
3503 """WPS PBC provisioning while connected to another AP and STA_AUTOCONNECT disabled"""
3504 ssid
= "test-wps-conf"
3505 hapd
= hostapd
.add_ap(apdev
[0],
3506 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
3507 "wpa_passphrase": "12345678", "wpa": "2",
3508 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3510 hostapd
.add_ap(apdev
[1], { "ssid": "open" })
3513 dev
[0].request("STA_AUTOCONNECT 0")
3514 dev
[0].connect("open", key_mgmt
="NONE", scan_freq
="2412")
3516 logger
.info("WPS provisioning step")
3517 hapd
.request("WPS_PBC")
3518 dev
[0].dump_monitor()
3519 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3520 dev
[0].wait_connected(timeout
=30)
3521 status
= dev
[0].get_status()
3522 if status
['bssid'] != apdev
[0]['bssid']:
3523 raise Exception("Unexpected BSSID")
3525 dev
[0].request("STA_AUTOCONNECT 1")
3528 def test_ap_wps_from_event(dev
, apdev
):
3529 """WPS PBC event on AP to enable PBC"""
3530 ssid
= "test-wps-conf"
3531 hapd
= hostapd
.add_ap(apdev
[0],
3532 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
3533 "wpa_passphrase": "12345678", "wpa": "2",
3534 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3535 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3536 dev
[0].dump_monitor()
3538 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3540 ev
= hapd
.wait_event(['WPS-ENROLLEE-SEEN'], timeout
=15)
3542 raise Exception("No WPS-ENROLLEE-SEEN event on AP")
3543 vals
= ev
.split(' ')
3544 if vals
[1] != dev
[0].p2p_interface_addr():
3545 raise Exception("Unexpected enrollee address: " + vals
[1])
3547 raise Exception("Unexpected Device Password Id: " + vals
[5])
3548 hapd
.request("WPS_PBC")
3549 dev
[0].wait_connected(timeout
=30)
3551 def test_ap_wps_ap_scan_2(dev
, apdev
):
3552 """AP_SCAN 2 for WPS"""
3553 ssid
= "test-wps-conf"
3554 hapd
= hostapd
.add_ap(apdev
[0],
3555 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
3556 "wpa_passphrase": "12345678", "wpa": "2",
3557 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3558 hapd
.request("WPS_PBC")
3560 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
3561 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
3564 if "OK" not in wpas
.request("AP_SCAN 2"):
3565 raise Exception("Failed to set AP_SCAN 2")
3567 wpas
.flush_scan_cache()
3568 wpas
.scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3570 wpas
.request("WPS_PBC " + apdev
[0]['bssid'])
3571 ev
= wpas
.wait_event(["WPS-SUCCESS"], timeout
=15)
3573 raise Exception("WPS-SUCCESS event timed out")
3574 wpas
.wait_connected(timeout
=30)
3576 wpas
.request("DISCONNECT")
3577 wpas
.request("BSS_FLUSH 0")
3579 wpas
.request("REASSOCIATE")
3580 wpas
.wait_connected(timeout
=30)
3584 def test_ap_wps_eapol_workaround(dev
, apdev
):
3585 """EAPOL workaround code path for 802.1X header length mismatch"""
3587 hapd
= hostapd
.add_ap(apdev
[0],
3588 { "ssid": ssid
, "eap_server": "1", "wps_state": "1" })
3589 bssid
= apdev
[0]['bssid']
3590 hapd
.request("SET ext_eapol_frame_io 1")
3591 dev
[0].request("SET ext_eapol_frame_io 1")
3592 hapd
.request("WPS_PBC")
3593 dev
[0].request("WPS_PBC")
3595 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=15)
3597 raise Exception("Timeout on EAPOL-TX from hostapd")
3599 res
= dev
[0].request("EAPOL_RX " + bssid
+ " 020000040193000501FFFF")
3601 raise Exception("EAPOL_RX to wpa_supplicant failed")
3603 def test_ap_wps_iteration(dev
, apdev
):
3604 """WPS PIN and iterate through APs without selected registrar"""
3605 ssid
= "test-wps-conf"
3606 hapd
= hostapd
.add_ap(apdev
[0],
3607 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
3608 "wpa_passphrase": "12345678", "wpa": "2",
3609 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3611 ssid2
= "test-wps-conf2"
3612 hapd2
= hostapd
.add_ap(apdev
[1],
3613 { "ssid": ssid2
, "eap_server": "1", "wps_state": "2",
3614 "wpa_passphrase": "12345678", "wpa": "2",
3615 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3617 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3618 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
3619 dev
[0].dump_monitor()
3620 pin
= dev
[0].request("WPS_PIN any")
3622 # Wait for iteration through all WPS APs to happen before enabling any
3625 ev
= dev
[0].wait_event(["Associated with"], timeout
=30)
3627 raise Exception("No association seen")
3628 ev
= dev
[0].wait_event(["WPS-M2D"], timeout
=10)
3630 raise Exception("No M2D from AP")
3631 dev
[0].wait_disconnected()
3633 # Verify that each AP requested PIN
3634 ev
= hapd
.wait_event(["WPS-PIN-NEEDED"], timeout
=1)
3636 raise Exception("No WPS-PIN-NEEDED event from AP")
3637 ev
= hapd2
.wait_event(["WPS-PIN-NEEDED"], timeout
=1)
3639 raise Exception("No WPS-PIN-NEEDED event from AP2")
3641 # Provide PIN to one of the APs and verify that connection gets formed
3642 hapd
.request("WPS_PIN any " + pin
)
3643 dev
[0].wait_connected(timeout
=30)
3645 def test_ap_wps_iteration_error(dev
, apdev
):
3646 """WPS AP iteration on no Selected Registrar and error case with an AP"""
3647 ssid
= "test-wps-conf-pin"
3648 hapd
= hostapd
.add_ap(apdev
[0],
3649 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
3650 "wpa_passphrase": "12345678", "wpa": "2",
3651 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3652 "wps_independent": "1" })
3653 hapd
.request("SET ext_eapol_frame_io 1")
3654 bssid
= apdev
[0]['bssid']
3655 pin
= dev
[0].wps_read_pin()
3656 dev
[0].request("WPS_PIN any " + pin
)
3658 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=15)
3660 raise Exception("No EAPOL-TX (EAP-Request/Identity) from hostapd")
3661 dev
[0].request("EAPOL_RX " + bssid
+ " " + ev
.split(' ')[2])
3663 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=15)
3665 raise Exception("No EAPOL-TX (EAP-WSC/Start) from hostapd")
3666 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
3668 raise Exception("No CTRL-EVENT-EAP-STARTED")
3670 # Do not forward any more EAPOL frames to test wpa_supplicant behavior for
3671 # a case with an incorrectly behaving WPS AP.
3673 # Start the real target AP and activate registrar on it.
3674 hapd2
= hostapd
.add_ap(apdev
[1],
3675 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
3676 "wpa_passphrase": "12345678", "wpa": "2",
3677 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3678 "wps_independent": "1" })
3679 hapd2
.request("WPS_PIN any " + pin
)
3681 dev
[0].wait_disconnected(timeout
=15)
3682 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=15)
3684 raise Exception("No CTRL-EVENT-EAP-STARTED for the second AP")
3685 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=15)
3687 raise Exception("No WPS-CRED-RECEIVED for the second AP")
3688 dev
[0].wait_connected(timeout
=15)
3691 def test_ap_wps_priority(dev
, apdev
):
3692 """WPS PIN provisioning with configured AP and wps_priority"""
3693 ssid
= "test-wps-conf-pin"
3694 hapd
= hostapd
.add_ap(apdev
[0],
3695 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
3696 "wpa_passphrase": "12345678", "wpa": "2",
3697 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3698 logger
.info("WPS provisioning step")
3699 pin
= dev
[0].wps_read_pin()
3700 hapd
.request("WPS_PIN any " + pin
)
3701 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3702 dev
[0].dump_monitor()
3704 dev
[0].request("SET wps_priority 6")
3705 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
3706 dev
[0].wait_connected(timeout
=30)
3707 netw
= dev
[0].list_networks()
3708 prio
= dev
[0].get_network(netw
[0]['id'], 'priority')
3710 raise Exception("Unexpected network priority: " + prio
)
3712 dev
[0].request("SET wps_priority 0")
3715 def test_ap_wps_and_non_wps(dev
, apdev
):
3716 """WPS and non-WPS AP in single hostapd process"""
3717 params
= { "ssid": "wps", "eap_server": "1", "wps_state": "1" }
3718 hapd
= hostapd
.add_ap(apdev
[0], params
)
3720 params
= { "ssid": "no wps" }
3721 hapd2
= hostapd
.add_ap(apdev
[1], params
)
3723 appin
= hapd
.request("WPS_AP_PIN random")
3725 raise Exception("Could not generate random AP PIN")
3726 if appin
not in hapd
.request("WPS_AP_PIN get"):
3727 raise Exception("Could not fetch current AP PIN")
3729 if "FAIL" in hapd
.request("WPS_PBC"):
3730 raise Exception("WPS_PBC failed")
3731 if "FAIL" in hapd
.request("WPS_CANCEL"):
3732 raise Exception("WPS_CANCEL failed")
3734 def test_ap_wps_init_oom(dev
, apdev
):
3735 """Initial AP configuration and OOM during PSK generation"""
3737 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "1" }
3738 hapd
= hostapd
.add_ap(apdev
[0], params
)
3740 with
alloc_fail(hapd
, 1, "base64_gen_encode;?base64_encode;wps_build_cred"):
3741 pin
= dev
[0].wps_read_pin()
3742 hapd
.request("WPS_PIN any " + pin
)
3743 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3744 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
3745 dev
[0].wait_disconnected()
3747 hapd
.request("WPS_PIN any " + pin
)
3748 dev
[0].wait_connected(timeout
=30)
3751 def test_ap_wps_er_oom(dev
, apdev
):
3752 """WPS ER OOM in XML processing"""
3754 _test_ap_wps_er_oom(dev
, apdev
)
3756 dev
[0].request("WPS_ER_STOP")
3757 dev
[1].request("WPS_CANCEL")
3758 dev
[0].request("DISCONNECT")
3760 def _test_ap_wps_er_oom(dev
, apdev
):
3761 ssid
= "wps-er-ap-config"
3763 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3764 hostapd
.add_ap(apdev
[0],
3765 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
3766 "wpa_passphrase": "12345678", "wpa": "2",
3767 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3768 "device_name": "Wireless AP", "manufacturer": "Company",
3769 "model_name": "WAP", "model_number": "123",
3770 "serial_number": "12345", "device_type": "6-0050F204-1",
3771 "os_version": "01020300",
3772 "config_methods": "label push_button",
3773 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
3775 dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
3777 with
alloc_fail(dev
[0], 1,
3778 "base64_gen_decode;?base64_decode;xml_get_base64_item"):
3779 dev
[0].request("WPS_ER_START ifname=lo")
3780 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=3)
3782 raise Exception("Unexpected AP discovery")
3784 dev
[0].request("WPS_ER_STOP")
3785 dev
[0].request("WPS_ER_START ifname=lo")
3786 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
3788 raise Exception("AP discovery timed out")
3790 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3791 with
alloc_fail(dev
[0], 1,
3792 "base64_gen_decode;?base64_decode;xml_get_base64_item"):
3793 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
3794 ev
= dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
3796 raise Exception("PBC scan failed")
3797 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=15)
3799 raise Exception("Enrollee discovery timed out")
3802 def test_ap_wps_er_init_oom(dev
, apdev
):
3803 """WPS ER and OOM during init"""
3805 _test_ap_wps_er_init_oom(dev
, apdev
)
3807 dev
[0].request("WPS_ER_STOP")
3809 def _test_ap_wps_er_init_oom(dev
, apdev
):
3810 with
alloc_fail(dev
[0], 1, "wps_er_init"):
3811 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3812 raise Exception("WPS_ER_START succeeded during OOM")
3813 with
alloc_fail(dev
[0], 1, "http_server_init"):
3814 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3815 raise Exception("WPS_ER_START succeeded during OOM")
3816 with
alloc_fail(dev
[0], 2, "http_server_init"):
3817 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3818 raise Exception("WPS_ER_START succeeded during OOM")
3819 with
alloc_fail(dev
[0], 1, "eloop_sock_table_add_sock;?eloop_register_sock;wps_er_ssdp_init"):
3820 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3821 raise Exception("WPS_ER_START succeeded during OOM")
3822 with
fail_test(dev
[0], 1, "os_get_random;wps_er_init"):
3823 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3824 raise Exception("WPS_ER_START succeeded during os_get_random failure")
3827 def test_ap_wps_er_init_fail(dev
, apdev
):
3828 """WPS ER init failure"""
3829 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=does-not-exist"):
3830 dev
[0].request("WPS_ER_STOP")
3831 raise Exception("WPS_ER_START with non-existing ifname succeeded")
3833 def test_ap_wps_wpa_cli_action(dev
, apdev
, test_params
):
3834 """WPS events and wpa_cli action script"""
3835 logdir
= os
.path
.abspath(test_params
['logdir'])
3836 pidfile
= os
.path
.join(logdir
, 'ap_wps_wpa_cli_action.wpa_cli.pid')
3837 logfile
= os
.path
.join(logdir
, 'ap_wps_wpa_cli_action.wpa_cli.res')
3838 actionfile
= os
.path
.join(logdir
, 'ap_wps_wpa_cli_action.wpa_cli.action.sh')
3840 with
open(actionfile
, 'w') as f
:
3841 f
.write('#!/bin/sh\n')
3842 f
.write('echo $* >> %s\n' % logfile
)
3843 # Kill the process and wait some time before returning to allow all the
3844 # pending events to be processed with some of this happening after the
3845 # eloop SIGALRM signal has been scheduled.
3846 f
.write('if [ $2 = "WPS-SUCCESS" -a -r %s ]; then kill `cat %s`; sleep 1; fi\n' % (pidfile
, pidfile
))
3848 os
.chmod(actionfile
, stat
.S_IREAD | stat
.S_IWRITE | stat
.S_IEXEC |
3849 stat
.S_IRGRP | stat
.S_IXGRP | stat
.S_IROTH | stat
.S_IXOTH
)
3851 ssid
= "test-wps-conf"
3852 hapd
= hostapd
.add_ap(apdev
[0],
3853 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
3854 "wpa_passphrase": "12345678", "wpa": "2",
3855 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3857 prg
= os
.path
.join(test_params
['logdir'],
3858 'alt-wpa_supplicant/wpa_supplicant/wpa_cli')
3859 if not os
.path
.exists(prg
):
3860 prg
= '../../wpa_supplicant/wpa_cli'
3861 arg
= [ prg
, '-P', pidfile
, '-B', '-i', dev
[0].ifname
, '-a', actionfile
]
3862 subprocess
.call(arg
)
3864 arg
= [ 'ps', 'ax' ]
3865 cmd
= subprocess
.Popen(arg
, stdout
=subprocess
.PIPE
)
3866 out
= cmd
.communicate()[0]
3868 logger
.debug("Processes:\n" + out
)
3869 if "wpa_cli -P %s -B -i %s" % (pidfile
, dev
[0].ifname
) not in out
:
3870 raise Exception("Did not see wpa_cli running")
3872 hapd
.request("WPS_PIN any 12345670")
3873 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3874 dev
[0].dump_monitor()
3875 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3876 dev
[0].wait_connected(timeout
=30)
3879 if not os
.path
.exists(pidfile
):
3883 if not os
.path
.exists(logfile
):
3884 raise Exception("wpa_cli action results file not found")
3885 with
open(logfile
, 'r') as f
:
3887 if "WPS-SUCCESS" not in res
:
3888 raise Exception("WPS-SUCCESS event not seen in action file")
3890 arg
= [ 'ps', 'ax' ]
3891 cmd
= subprocess
.Popen(arg
, stdout
=subprocess
.PIPE
)
3892 out
= cmd
.communicate()[0]
3894 logger
.debug("Remaining processes:\n" + out
)
3895 if "wpa_cli -P %s -B -i %s" % (pidfile
, dev
[0].ifname
) in out
:
3896 raise Exception("wpa_cli still running")
3898 if os
.path
.exists(pidfile
):
3899 raise Exception("PID file not removed")
3901 def test_ap_wps_er_ssdp_proto(dev
, apdev
):
3902 """WPS ER SSDP protocol testing"""
3904 _test_ap_wps_er_ssdp_proto(dev
, apdev
)
3906 dev
[0].request("WPS_ER_STOP")
3908 def _test_ap_wps_er_ssdp_proto(dev
, apdev
):
3909 socket
.setdefaulttimeout(1)
3910 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
3911 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
3912 sock
.bind(("239.255.255.250", 1900))
3913 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo foo"):
3914 raise Exception("Invalid filter accepted")
3915 if "OK" not in dev
[0].request("WPS_ER_START ifname=lo 1.2.3.4"):
3916 raise Exception("WPS_ER_START with filter failed")
3917 (msg
,addr
) = sock
.recvfrom(1000)
3918 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
3919 if "M-SEARCH" not in msg
:
3920 raise Exception("Not an M-SEARCH")
3921 sock
.sendto("FOO", addr
)
3923 dev
[0].request("WPS_ER_STOP")
3925 dev
[0].request("WPS_ER_START ifname=lo")
3926 (msg
,addr
) = sock
.recvfrom(1000)
3927 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
3928 if "M-SEARCH" not in msg
:
3929 raise Exception("Not an M-SEARCH")
3930 sock
.sendto("FOO", addr
)
3931 sock
.sendto("HTTP/1.1 200 OK\r\nFOO\r\n\r\n", addr
)
3932 sock
.sendto("HTTP/1.1 200 OK\r\nNTS:foo\r\n\r\n", addr
)
3933 sock
.sendto("HTTP/1.1 200 OK\r\nNTS:ssdp:byebye\r\n\r\n", addr
)
3934 sock
.sendto("HTTP/1.1 200 OK\r\ncache-control: foo=1\r\n\r\n", addr
)
3935 sock
.sendto("HTTP/1.1 200 OK\r\ncache-control: max-age=1\r\n\r\n", addr
)
3936 sock
.sendto("HTTP/1.1 200 OK\r\nusn:\r\n\r\n", addr
)
3937 sock
.sendto("HTTP/1.1 200 OK\r\nusn:foo\r\n\r\n", addr
)
3938 sock
.sendto("HTTP/1.1 200 OK\r\nusn: uuid:\r\n\r\n", addr
)
3939 sock
.sendto("HTTP/1.1 200 OK\r\nusn: uuid: \r\n\r\n", addr
)
3940 sock
.sendto("HTTP/1.1 200 OK\r\nusn: uuid: foo\r\n\r\n", addr
)
3941 sock
.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\n\r\n", addr
)
3942 sock
.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nNTS:ssdp:byebye\r\n\r\n", addr
)
3943 sock
.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\n\r\n", addr
)
3944 with
alloc_fail(dev
[0], 1, "wps_er_ap_add"):
3945 sock
.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
3947 with
alloc_fail(dev
[0], 2, "wps_er_ap_add"):
3948 sock
.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
3951 # Add an AP with bogus URL
3952 sock
.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
3953 # Update timeout on AP without updating URL
3954 sock
.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1:12345/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr
)
3955 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=5)
3957 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
3959 # Add an AP with a valid URL (but no server listing to it)
3960 sock
.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1:12345/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr
)
3961 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=5)
3963 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
3967 wps_event_url
= None
3969 def gen_upnp_info(eventSubURL
='wps_event', controlURL
='wps_control',
3970 udn
='uuid:27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'):
3971 payload
= '''<?xml version="1.0"?>
3972 <root xmlns="urn:schemas-upnp-org:device-1-0">
3978 <deviceType>urn:schemas-wifialliance-org:device:WFADevice:1</deviceType>
3979 <friendlyName>WPS Access Point</friendlyName>
3980 <manufacturer>Company</manufacturer>
3981 <modelName>WAP</modelName>
3982 <modelNumber>123</modelNumber>
3983 <serialNumber>12345</serialNumber>
3986 payload
+= '<UDN>' + udn
+ '</UDN>'
3987 payload
+= '''<serviceList>
3989 <serviceType>urn:schemas-wifialliance-org:service:WFAWLANConfig:1</serviceType>
3990 <serviceId>urn:wifialliance-org:serviceId:WFAWLANConfig1</serviceId>
3991 <SCPDURL>wps_scpd.xml</SCPDURL>
3994 payload
+= '<controlURL>' + controlURL
+ '</controlURL>\n'
3996 payload
+= '<eventSubURL>' + eventSubURL
+ '</eventSubURL>\n'
3997 payload
+= '''</service>
4002 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4003 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4004 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4005 'Connection: close\r\n' + \
4006 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4007 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4008 return hdr
+ payload
4010 def gen_wps_control(payload_override
=None):
4011 payload
= '''<?xml version="1.0"?>
4012 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
4014 <u:GetDeviceInfoResponse xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
4015 <NewDeviceInfo>EEoAARAQIgABBBBHABAn6oAanlxOc72C+Jy80Q1+ECAABgIAAAADABAaABCJZ7DPtbU3Ust9
4016 Z3wJF07WEDIAwH45D3i1OqB7eJGwTzqeapS71h3KyXncK2xJZ+xqScrlorNEg6LijBJzG2Ca
4017 +FZli0iliDJd397yAx/jk4nFXco3q5ylBSvSw9dhJ5u1xBKSnTilKGlUHPhLP75PUqM3fot9
4018 7zwtFZ4bx6x1sBA6oEe2d0aUJmLumQGCiKEIWlnxs44zego/2tAe81bDzdPBM7o5HH/FUhD+
4019 KoGzFXp51atP+1n9Vta6AkI0Vye99JKLcC6Md9dMJltSVBgd4Xc4lRAEAAIAIxAQAAIADRAN
4020 AAEBEAgAAgAEEEQAAQIQIQAHQ29tcGFueRAjAANXQVAQJAADMTIzEEIABTEyMzQ1EFQACAAG
4021 AFDyBAABEBEAC1dpcmVsZXNzIEFQEDwAAQEQAgACAAAQEgACAAAQCQACAAAQLQAEgQIDABBJ
4024 </u:GetDeviceInfoResponse>
4028 if payload_override
:
4029 payload
= payload_override
4030 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4031 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4032 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4033 'Connection: close\r\n' + \
4034 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4035 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4036 return hdr
+ payload
4038 def gen_wps_event(sid
='uuid:7eb3342a-8a5f-47fe-a585-0785bfec6d8a'):
4040 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4041 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4042 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4043 'Connection: close\r\n' + \
4044 'Content-Length: ' + str(len(payload
)) + '\r\n'
4046 hdr
+= 'SID: ' + sid
+ '\r\n'
4047 hdr
+= 'Timeout: Second-1801\r\n' + \
4048 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4049 return hdr
+ payload
4051 class WPSAPHTTPServer(SocketServer
.StreamRequestHandler
):
4053 data
= self
.rfile
.readline().strip()
4054 logger
.info("HTTP server received: " + data
)
4056 hdr
= self
.rfile
.readline().strip()
4059 logger
.info("HTTP header: " + hdr
)
4060 if "CALLBACK:" in hdr
:
4061 global wps_event_url
4062 wps_event_url
= hdr
.split(' ')[1].strip('<>')
4064 if "GET /foo.xml" in data
:
4065 self
.handle_upnp_info()
4066 elif "POST /wps_control" in data
:
4067 self
.handle_wps_control()
4068 elif "SUBSCRIBE /wps_event" in data
:
4069 self
.handle_wps_event()
4071 self
.handle_others(data
)
4073 def handle_upnp_info(self
):
4074 self
.wfile
.write(gen_upnp_info())
4076 def handle_wps_control(self
):
4077 self
.wfile
.write(gen_wps_control())
4079 def handle_wps_event(self
):
4080 self
.wfile
.write(gen_wps_event())
4082 def handle_others(self
, data
):
4083 logger
.info("Ignore HTTP request: " + data
)
4085 class MyTCPServer(SocketServer
.TCPServer
):
4086 def __init__(self
, addr
, handler
):
4087 self
.allow_reuse_address
= True
4088 SocketServer
.TCPServer
.__init
__(self
, addr
, handler
)
4090 def wps_er_start(dev
, http_server
, max_age
=1, wait_m_search
=False,
4092 socket
.setdefaulttimeout(1)
4093 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
4094 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
4095 sock
.bind(("239.255.255.250", 1900))
4096 dev
.request("WPS_ER_START ifname=lo")
4097 for i
in range(100):
4098 (msg
,addr
) = sock
.recvfrom(1000)
4099 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
4100 if "M-SEARCH" in msg
:
4102 if not wait_m_search
:
4103 raise Exception("Not an M-SEARCH")
4105 raise Exception("No M-SEARCH seen")
4107 # Add an AP with a valid URL and server listing to it
4108 server
= MyTCPServer(("127.0.0.1", 12345), http_server
)
4109 if not location_url
:
4110 location_url
= 'http://127.0.0.1:12345/foo.xml'
4111 sock
.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:%s\r\ncache-control:max-age=%d\r\n\r\n" % (location_url
, max_age
), addr
)
4115 def wps_er_stop(dev
, sock
, server
, on_alloc_fail
=False):
4117 server
.server_close()
4122 res
= dev
.request("GET_ALLOC_FAIL")
4123 if res
.startswith("0:"):
4128 raise Exception("No allocation failure reported")
4130 ev
= dev
.wait_event(["WPS-ER-AP-REMOVE"], timeout
=5)
4132 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
4133 dev
.request("WPS_ER_STOP")
4135 def run_wps_er_proto_test(dev
, handler
, no_event_url
=False, location_url
=None):
4137 uuid
= '27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'
4138 server
,sock
= wps_er_start(dev
, handler
, location_url
=location_url
)
4139 global wps_event_url
4140 wps_event_url
= None
4141 server
.handle_request()
4142 server
.handle_request()
4143 server
.handle_request()
4144 server
.server_close()
4147 raise Exception("Received event URL unexpectedly")
4149 if wps_event_url
is None:
4150 raise Exception("Did not get event URL")
4151 logger
.info("Event URL: " + wps_event_url
)
4153 dev
.request("WPS_ER_STOP")
4155 def send_wlanevent(url
, uuid
, data
, no_response
=False):
4156 conn
= httplib
.HTTPConnection(url
.netloc
)
4157 payload
= '''<?xml version="1.0" encoding="utf-8"?>
4158 <e:propertyset xmlns:e="urn:schemas-upnp-org:event-1-0">
4159 <e:property><STAStatus>1</STAStatus></e:property>
4160 <e:property><APStatus>1</APStatus></e:property>
4161 <e:property><WLANEvent>'''
4162 payload
+= base64
.b64encode(data
)
4163 payload
+= '</WLANEvent></e:property></e:propertyset>'
4164 headers
= { "Content-type": 'text/xml; charset="utf-8"',
4165 "Server": "Unspecified, UPnP/1.0, Unspecified",
4168 "SID": "uuid:" + uuid
,
4170 "Content-Length": str(len(payload
)) }
4171 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4175 except Exception, e
:
4178 resp
= conn
.getresponse()
4179 if resp
.status
!= 200:
4180 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4182 def test_ap_wps_er_http_proto(dev
, apdev
):
4183 """WPS ER HTTP protocol testing"""
4185 _test_ap_wps_er_http_proto(dev
, apdev
)
4187 dev
[0].request("WPS_ER_STOP")
4189 def _test_ap_wps_er_http_proto(dev
, apdev
):
4190 uuid
= '27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'
4191 server
,sock
= wps_er_start(dev
[0], WPSAPHTTPServer
, max_age
=15)
4192 global wps_event_url
4193 wps_event_url
= None
4194 server
.handle_request()
4195 server
.handle_request()
4196 server
.handle_request()
4197 server
.server_close()
4198 if wps_event_url
is None:
4199 raise Exception("Did not get event URL")
4200 logger
.info("Event URL: " + wps_event_url
)
4202 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
4204 raise Exception("No WPS-ER-AP-ADD event")
4206 raise Exception("UUID mismatch")
4210 logger
.info("Valid Probe Request notification")
4211 url
= urlparse
.urlparse(wps_event_url
)
4212 conn
= httplib
.HTTPConnection(url
.netloc
)
4213 payload
= '''<?xml version="1.0" encoding="utf-8"?>
4214 <e:propertyset xmlns:e="urn:schemas-upnp-org:event-1-0">
4215 <e:property><STAStatus>1</STAStatus></e:property>
4216 <e:property><APStatus>1</APStatus></e:property>
4217 <e:property><WLANEvent>ATAyOjAwOjAwOjAwOjAwOjAwEEoAARAQOgABAhAIAAIxSBBHABA2LbR7pTpRkYj7VFi5hrLk
4218 EFQACAAAAAAAAAAAEDwAAQMQAgACAAAQCQACAAAQEgACAAAQIQABIBAjAAEgECQAASAQEQAI
4219 RGV2aWNlIEEQSQAGADcqAAEg
4220 </WLANEvent></e:property>
4223 headers
= { "Content-type": 'text/xml; charset="utf-8"',
4224 "Server": "Unspecified, UPnP/1.0, Unspecified",
4227 "SID": "uuid:" + uuid
,
4229 "Content-Length": str(len(payload
)) }
4230 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4231 resp
= conn
.getresponse()
4232 if resp
.status
!= 200:
4233 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4235 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=5)
4237 raise Exception("No WPS-ER-ENROLLEE-ADD event")
4238 if "362db47b-a53a-5191-88fb-5458b986b2e4" not in ev
:
4239 raise Exception("No Enrollee UUID match")
4241 logger
.info("Incorrect event URL AP id")
4242 conn
= httplib
.HTTPConnection(url
.netloc
)
4243 conn
.request("NOTIFY", url
.path
+ '123', payload
, headers
)
4244 resp
= conn
.getresponse()
4245 if resp
.status
!= 404:
4246 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4248 logger
.info("Missing AP id")
4249 conn
= httplib
.HTTPConnection(url
.netloc
)
4250 conn
.request("NOTIFY", '/event/' + url
.path
.split('/')[2],
4254 logger
.info("Incorrect event URL event id")
4255 conn
= httplib
.HTTPConnection(url
.netloc
)
4256 conn
.request("NOTIFY", '/event/123456789/123', payload
, headers
)
4259 logger
.info("Incorrect event URL prefix")
4260 conn
= httplib
.HTTPConnection(url
.netloc
)
4261 conn
.request("NOTIFY", '/foobar/123456789/123', payload
, headers
)
4262 resp
= conn
.getresponse()
4263 if resp
.status
!= 404:
4264 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4266 logger
.info("Unsupported request")
4267 conn
= httplib
.HTTPConnection(url
.netloc
)
4268 conn
.request("FOOBAR", '/foobar/123456789/123', payload
, headers
)
4269 resp
= conn
.getresponse()
4270 if resp
.status
!= 501:
4271 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4273 logger
.info("Unsupported request and OOM")
4274 with
alloc_fail(dev
[0], 1, "wps_er_http_req"):
4275 conn
= httplib
.HTTPConnection(url
.netloc
)
4276 conn
.request("FOOBAR", '/foobar/123456789/123', payload
, headers
)
4279 logger
.info("Too short WLANEvent")
4281 send_wlanevent(url
, uuid
, data
)
4283 logger
.info("Invalid WLANEventMAC")
4284 data
= '\x00qwertyuiopasdfghjklzxcvbnm'
4285 send_wlanevent(url
, uuid
, data
)
4287 logger
.info("Unknown WLANEventType")
4288 data
= '\xff02:00:00:00:00:00'
4289 send_wlanevent(url
, uuid
, data
)
4291 logger
.info("Probe Request notification without any attributes")
4292 data
= '\x0102:00:00:00:00:00'
4293 send_wlanevent(url
, uuid
, data
)
4295 logger
.info("Probe Request notification with invalid attribute")
4296 data
= '\x0102:00:00:00:00:00\xff'
4297 send_wlanevent(url
, uuid
, data
)
4299 logger
.info("EAP message without any attributes")
4300 data
= '\x0202:00:00:00:00:00'
4301 send_wlanevent(url
, uuid
, data
)
4303 logger
.info("EAP message with invalid attribute")
4304 data
= '\x0202:00:00:00:00:00\xff'
4305 send_wlanevent(url
, uuid
, data
)
4307 logger
.info("EAP message from new STA and not M1")
4308 data
= '\x0202:ff:ff:ff:ff:ff' + '\x10\x22\x00\x01\x05'
4309 send_wlanevent(url
, uuid
, data
)
4311 logger
.info("EAP message: M1")
4312 data
= '\x0202:00:00:00:00:00'
4313 data
+= '\x10\x22\x00\x01\x04'
4314 data
+= '\x10\x47\x00\x10' + 16*'\x00'
4315 data
+= '\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4316 data
+= '\x10\x1a\x00\x10' + 16*'\x00'
4317 data
+= '\x10\x32\x00\xc0' + 192*'\x00'
4318 data
+= '\x10\x04\x00\x02\x00\x00'
4319 data
+= '\x10\x10\x00\x02\x00\x00'
4320 data
+= '\x10\x0d\x00\x01\x00'
4321 data
+= '\x10\x08\x00\x02\x00\x00'
4322 data
+= '\x10\x44\x00\x01\x00'
4323 data
+= '\x10\x21\x00\x00'
4324 data
+= '\x10\x23\x00\x00'
4325 data
+= '\x10\x24\x00\x00'
4326 data
+= '\x10\x42\x00\x00'
4327 data
+= '\x10\x54\x00\x08' + 8*'\x00'
4328 data
+= '\x10\x11\x00\x00'
4329 data
+= '\x10\x3c\x00\x01\x00'
4330 data
+= '\x10\x02\x00\x02\x00\x00'
4331 data
+= '\x10\x12\x00\x02\x00\x00'
4332 data
+= '\x10\x09\x00\x02\x00\x00'
4333 data
+= '\x10\x2d\x00\x04\x00\x00\x00\x00'
4335 send_wlanevent(url
, uuid
, data
)
4337 logger
.info("EAP message: WSC_ACK")
4338 data
= '\x0202:00:00:00:00:00' + '\x10\x22\x00\x01\x0d'
4339 send_wlanevent(url
, uuid
, data
)
4341 logger
.info("EAP message: M1")
4342 send_wlanevent(url
, uuid
, m1
)
4344 logger
.info("EAP message: WSC_NACK")
4345 data
= '\x0202:00:00:00:00:00' + '\x10\x22\x00\x01\x0e'
4346 send_wlanevent(url
, uuid
, data
)
4348 logger
.info("EAP message: M1 - Too long attribute values")
4349 data
= '\x0202:00:00:00:00:00'
4350 data
+= '\x10\x11\x00\x21' + 33*'\x00'
4351 data
+= '\x10\x45\x00\x21' + 33*'\x00'
4352 data
+= '\x10\x42\x00\x21' + 33*'\x00'
4353 data
+= '\x10\x24\x00\x21' + 33*'\x00'
4354 data
+= '\x10\x23\x00\x21' + 33*'\x00'
4355 data
+= '\x10\x21\x00\x41' + 65*'\x00'
4356 data
+= '\x10\x49\x00\x09\x00\x37\x2a\x05\x02\x00\x00\x05\x00'
4357 send_wlanevent(url
, uuid
, data
)
4359 logger
.info("EAP message: M1 missing UUID-E")
4360 data
= '\x0202:00:00:00:00:00'
4361 data
+= '\x10\x22\x00\x01\x04'
4362 send_wlanevent(url
, uuid
, data
)
4364 logger
.info("EAP message: M1 missing MAC Address")
4365 data
+= '\x10\x47\x00\x10' + 16*'\x00'
4366 send_wlanevent(url
, uuid
, data
)
4368 logger
.info("EAP message: M1 missing Enrollee Nonce")
4369 data
+= '\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4370 send_wlanevent(url
, uuid
, data
)
4372 logger
.info("EAP message: M1 missing Public Key")
4373 data
+= '\x10\x1a\x00\x10' + 16*'\x00'
4374 send_wlanevent(url
, uuid
, data
)
4376 logger
.info("EAP message: M1 missing Authentication Type flags")
4377 data
+= '\x10\x32\x00\xc0' + 192*'\x00'
4378 send_wlanevent(url
, uuid
, data
)
4380 logger
.info("EAP message: M1 missing Encryption Type Flags")
4381 data
+= '\x10\x04\x00\x02\x00\x00'
4382 send_wlanevent(url
, uuid
, data
)
4384 logger
.info("EAP message: M1 missing Connection Type flags")
4385 data
+= '\x10\x10\x00\x02\x00\x00'
4386 send_wlanevent(url
, uuid
, data
)
4388 logger
.info("EAP message: M1 missing Config Methods")
4389 data
+= '\x10\x0d\x00\x01\x00'
4390 send_wlanevent(url
, uuid
, data
)
4392 logger
.info("EAP message: M1 missing Wi-Fi Protected Setup State")
4393 data
+= '\x10\x08\x00\x02\x00\x00'
4394 send_wlanevent(url
, uuid
, data
)
4396 logger
.info("EAP message: M1 missing Manufacturer")
4397 data
+= '\x10\x44\x00\x01\x00'
4398 send_wlanevent(url
, uuid
, data
)
4400 logger
.info("EAP message: M1 missing Model Name")
4401 data
+= '\x10\x21\x00\x00'
4402 send_wlanevent(url
, uuid
, data
)
4404 logger
.info("EAP message: M1 missing Model Number")
4405 data
+= '\x10\x23\x00\x00'
4406 send_wlanevent(url
, uuid
, data
)
4408 logger
.info("EAP message: M1 missing Serial Number")
4409 data
+= '\x10\x24\x00\x00'
4410 send_wlanevent(url
, uuid
, data
)
4412 logger
.info("EAP message: M1 missing Primary Device Type")
4413 data
+= '\x10\x42\x00\x00'
4414 send_wlanevent(url
, uuid
, data
)
4416 logger
.info("EAP message: M1 missing Device Name")
4417 data
+= '\x10\x54\x00\x08' + 8*'\x00'
4418 send_wlanevent(url
, uuid
, data
)
4420 logger
.info("EAP message: M1 missing RF Bands")
4421 data
+= '\x10\x11\x00\x00'
4422 send_wlanevent(url
, uuid
, data
)
4424 logger
.info("EAP message: M1 missing Association State")
4425 data
+= '\x10\x3c\x00\x01\x00'
4426 send_wlanevent(url
, uuid
, data
)
4428 logger
.info("EAP message: M1 missing Device Password ID")
4429 data
+= '\x10\x02\x00\x02\x00\x00'
4430 send_wlanevent(url
, uuid
, data
)
4432 logger
.info("EAP message: M1 missing Configuration Error")
4433 data
+= '\x10\x12\x00\x02\x00\x00'
4434 send_wlanevent(url
, uuid
, data
)
4436 logger
.info("EAP message: M1 missing OS Version")
4437 data
+= '\x10\x09\x00\x02\x00\x00'
4438 send_wlanevent(url
, uuid
, data
)
4440 logger
.info("Check max concurrent requests")
4441 addr
= (url
.hostname
, url
.port
)
4444 socks
[i
] = socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4446 socks
[i
].settimeout(10)
4447 socks
[i
].connect(addr
)
4449 socks
[i
].send("GET / HTTP/1.1\r\n\r\n")
4453 res
= socks
[i
].recv(100)
4457 logger
.info("recv[%d]: len=%d" % (i
, len(res
)))
4461 logger
.info("%d concurrent HTTP GET operations returned response" % count
)
4463 raise Exception("Too few concurrent HTTP connections accepted")
4465 logger
.info("OOM in HTTP server")
4466 for func
in [ "http_request_init", "httpread_create",
4467 "eloop_register_timeout;httpread_create",
4468 "eloop_sock_table_add_sock;?eloop_register_sock;httpread_create",
4469 "httpread_hdr_analyze" ]:
4470 with
alloc_fail(dev
[0], 1, func
):
4471 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4474 sock
.send("GET / HTTP/1.1\r\n\r\n")
4481 logger
.info("Invalid HTTP header")
4482 for req
in [ " GET / HTTP/1.1\r\n\r\n",
4483 "HTTP/1.1 200 OK\r\n\r\n",
4485 "GET %%a%aa% HTTP/1.1\r\n\r\n",
4486 "GET / HTTP/1.1\r\n FOO\r\n\r\n",
4487 "NOTIFY / HTTP/1.1\r\n" + 4097*'a' + '\r\n\r\n',
4488 "NOTIFY / HTTP/1.1\r\n\r\n" + 8193*'a',
4489 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n foo\r\n",
4490 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n1\r\nfoo\r\n",
4491 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n0\r\n",
4492 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n0\r\naa\ra\r\n\ra" ]:
4493 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4495 sock
.settimeout(0.1)
4504 with
alloc_fail(dev
[0], 2, "httpread_read_handler"):
4505 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4508 sock
.send("NOTIFY / HTTP/1.1\r\n\r\n" + 4500*'a')
4515 conn
= httplib
.HTTPConnection(url
.netloc
)
4517 headers
= { "Content-type": 'text/xml; charset="utf-8"',
4518 "Server": "Unspecified, UPnP/1.0, Unspecified",
4521 "SID": "uuid:" + uuid
,
4523 "Content-Length": str(len(payload
)) }
4524 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4525 resp
= conn
.getresponse()
4526 if resp
.status
!= 200:
4527 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4529 conn
= httplib
.HTTPConnection(url
.netloc
)
4530 payload
= '<WLANEvent foo></WLANEvent>'
4531 headers
= { "Content-type": 'text/xml; charset="utf-8"',
4532 "Server": "Unspecified, UPnP/1.0, Unspecified",
4535 "SID": "uuid:" + uuid
,
4537 "Content-Length": str(len(payload
)) }
4538 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4539 resp
= conn
.getresponse()
4540 if resp
.status
!= 200:
4541 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4543 with
alloc_fail(dev
[0], 1, "xml_get_first_item"):
4544 send_wlanevent(url
, uuid
, '')
4546 with
alloc_fail(dev
[0], 1, "wpabuf_alloc_ext_data;xml_get_base64_item"):
4547 send_wlanevent(url
, uuid
, 'foo')
4549 for func
in [ "wps_init",
4550 "wps_process_manufacturer",
4551 "wps_process_model_name",
4552 "wps_process_model_number",
4553 "wps_process_serial_number",
4554 "wps_process_dev_name" ]:
4555 with
alloc_fail(dev
[0], 1, func
):
4556 send_wlanevent(url
, uuid
, m1
)
4558 with
alloc_fail(dev
[0], 1, "wps_er_http_resp_ok"):
4559 send_wlanevent(url
, uuid
, m1
, no_response
=True)
4561 with
alloc_fail(dev
[0], 1, "wps_er_http_resp_not_found"):
4562 url2
= urlparse
.urlparse(wps_event_url
.replace('/event/', '/notfound/'))
4563 send_wlanevent(url2
, uuid
, m1
, no_response
=True)
4565 logger
.info("EAP message: M1")
4566 data
= '\x0202:11:22:00:00:00'
4567 data
+= '\x10\x22\x00\x01\x04'
4568 data
+= '\x10\x47\x00\x10' + 16*'\x00'
4569 data
+= '\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4570 data
+= '\x10\x1a\x00\x10' + 16*'\x00'
4571 data
+= '\x10\x32\x00\xc0' + 192*'\x00'
4572 data
+= '\x10\x04\x00\x02\x00\x00'
4573 data
+= '\x10\x10\x00\x02\x00\x00'
4574 data
+= '\x10\x0d\x00\x01\x00'
4575 data
+= '\x10\x08\x00\x02\x00\x00'
4576 data
+= '\x10\x44\x00\x01\x00'
4577 data
+= '\x10\x21\x00\x00'
4578 data
+= '\x10\x23\x00\x00'
4579 data
+= '\x10\x24\x00\x00'
4580 data
+= '\x10\x42\x00\x00'
4581 data
+= '\x10\x54\x00\x08' + 8*'\x00'
4582 data
+= '\x10\x11\x00\x00'
4583 data
+= '\x10\x3c\x00\x01\x00'
4584 data
+= '\x10\x02\x00\x02\x00\x00'
4585 data
+= '\x10\x12\x00\x02\x00\x00'
4586 data
+= '\x10\x09\x00\x02\x00\x00'
4587 data
+= '\x10\x2d\x00\x04\x00\x00\x00\x00'
4588 dev
[0].dump_monitor()
4589 with
alloc_fail(dev
[0], 1, "wps_er_add_sta_data"):
4590 send_wlanevent(url
, uuid
, data
)
4591 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=0.1)
4593 raise Exception("Unexpected enrollee add event")
4594 send_wlanevent(url
, uuid
, data
)
4595 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=2)
4597 raise Exception("Enrollee add event not seen")
4599 with
alloc_fail(dev
[0], 1,
4600 "base64_gen_encode;?base64_encode;wps_er_soap_hdr"):
4601 send_wlanevent(url
, uuid
, data
)
4603 with
alloc_fail(dev
[0], 1, "wpabuf_alloc;wps_er_soap_hdr"):
4604 send_wlanevent(url
, uuid
, data
)
4606 with
alloc_fail(dev
[0], 1, "http_client_url_parse;wps_er_sta_send_msg"):
4607 send_wlanevent(url
, uuid
, data
)
4609 with
alloc_fail(dev
[0], 1, "http_client_addr;wps_er_sta_send_msg"):
4610 send_wlanevent(url
, uuid
, data
)
4612 def test_ap_wps_er_http_proto_no_event_sub_url(dev
, apdev
):
4613 """WPS ER HTTP protocol testing - no eventSubURL"""
4614 class WPSAPHTTPServer_no_event_sub_url(WPSAPHTTPServer
):
4615 def handle_upnp_info(self
):
4616 self
.wfile
.write(gen_upnp_info(eventSubURL
=None))
4617 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_event_sub_url
,
4620 def test_ap_wps_er_http_proto_event_sub_url_dns(dev
, apdev
):
4621 """WPS ER HTTP protocol testing - DNS name in eventSubURL"""
4622 class WPSAPHTTPServer_event_sub_url_dns(WPSAPHTTPServer
):
4623 def handle_upnp_info(self
):
4624 self
.wfile
.write(gen_upnp_info(eventSubURL
='http://example.com/wps_event'))
4625 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_event_sub_url_dns
,
4628 def test_ap_wps_er_http_proto_subscribe_oom(dev
, apdev
):
4629 """WPS ER HTTP protocol testing - subscribe OOM"""
4631 _test_ap_wps_er_http_proto_subscribe_oom(dev
, apdev
)
4633 dev
[0].request("WPS_ER_STOP")
4635 def _test_ap_wps_er_http_proto_subscribe_oom(dev
, apdev
):
4636 tests
= [ (1, "http_client_url_parse"),
4637 (1, "wpabuf_alloc;wps_er_subscribe"),
4638 (1, "http_client_addr"),
4639 (1, "eloop_sock_table_add_sock;?eloop_register_sock;http_client_addr"),
4640 (1, "eloop_register_timeout;http_client_addr") ]
4641 for count
,func
in tests
:
4642 with
alloc_fail(dev
[0], count
, func
):
4643 server
,sock
= wps_er_start(dev
[0], WPSAPHTTPServer
)
4644 server
.handle_request()
4645 server
.handle_request()
4646 wps_er_stop(dev
[0], sock
, server
, on_alloc_fail
=True)
4648 def test_ap_wps_er_http_proto_no_sid(dev
, apdev
):
4649 """WPS ER HTTP protocol testing - no SID"""
4650 class WPSAPHTTPServer_no_sid(WPSAPHTTPServer
):
4651 def handle_wps_event(self
):
4652 self
.wfile
.write(gen_wps_event(sid
=None))
4653 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_sid
)
4655 def test_ap_wps_er_http_proto_invalid_sid_no_uuid(dev
, apdev
):
4656 """WPS ER HTTP protocol testing - invalid SID - no UUID"""
4657 class WPSAPHTTPServer_invalid_sid_no_uuid(WPSAPHTTPServer
):
4658 def handle_wps_event(self
):
4659 self
.wfile
.write(gen_wps_event(sid
='FOO'))
4660 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_sid_no_uuid
)
4662 def test_ap_wps_er_http_proto_invalid_sid_uuid(dev
, apdev
):
4663 """WPS ER HTTP protocol testing - invalid SID UUID"""
4664 class WPSAPHTTPServer_invalid_sid_uuid(WPSAPHTTPServer
):
4665 def handle_wps_event(self
):
4666 self
.wfile
.write(gen_wps_event(sid
='uuid:FOO'))
4667 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_sid_uuid
)
4669 def test_ap_wps_er_http_proto_subscribe_failing(dev
, apdev
):
4670 """WPS ER HTTP protocol testing - SUBSCRIBE failing"""
4671 class WPSAPHTTPServer_fail_subscribe(WPSAPHTTPServer
):
4672 def handle_wps_event(self
):
4674 hdr
= 'HTTP/1.1 404 Not Found\r\n' + \
4675 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4676 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4677 'Connection: close\r\n' + \
4678 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4679 'Timeout: Second-1801\r\n' + \
4680 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4681 self
.wfile
.write(hdr
+ payload
)
4682 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_fail_subscribe
)
4684 def test_ap_wps_er_http_proto_subscribe_invalid_response(dev
, apdev
):
4685 """WPS ER HTTP protocol testing - SUBSCRIBE and invalid response"""
4686 class WPSAPHTTPServer_subscribe_invalid_response(WPSAPHTTPServer
):
4687 def handle_wps_event(self
):
4689 hdr
= 'HTTP/1.1 FOO\r\n' + \
4690 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4691 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4692 'Connection: close\r\n' + \
4693 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4694 'Timeout: Second-1801\r\n' + \
4695 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4696 self
.wfile
.write(hdr
+ payload
)
4697 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_subscribe_invalid_response
)
4699 def test_ap_wps_er_http_proto_subscribe_invalid_response(dev
, apdev
):
4700 """WPS ER HTTP protocol testing - SUBSCRIBE and invalid response"""
4701 class WPSAPHTTPServer_invalid_m1(WPSAPHTTPServer
):
4702 def handle_wps_control(self
):
4703 payload
= '''<?xml version="1.0"?>
4704 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
4706 <u:GetDeviceInfoResponse xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
4707 <NewDeviceInfo>Rk9P</NewDeviceInfo>
4708 </u:GetDeviceInfoResponse>
4712 self
.wfile
.write(gen_wps_control(payload_override
=payload
))
4713 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_m1
, no_event_url
=True)
4715 def test_ap_wps_er_http_proto_upnp_info_no_device(dev
, apdev
):
4716 """WPS ER HTTP protocol testing - No device in UPnP info"""
4717 class WPSAPHTTPServer_no_device(WPSAPHTTPServer
):
4718 def handle_upnp_info(self
):
4719 payload
= '''<?xml version="1.0"?>
4720 <root xmlns="urn:schemas-upnp-org:device-1-0">
4727 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4728 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4729 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4730 'Connection: close\r\n' + \
4731 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4732 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4733 self
.wfile
.write(hdr
+ payload
)
4734 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_device
, no_event_url
=True)
4736 def test_ap_wps_er_http_proto_upnp_info_no_device_type(dev
, apdev
):
4737 """WPS ER HTTP protocol testing - No deviceType in UPnP info"""
4738 class WPSAPHTTPServer_no_device(WPSAPHTTPServer
):
4739 def handle_upnp_info(self
):
4740 payload
= '''<?xml version="1.0"?>
4741 <root xmlns="urn:schemas-upnp-org:device-1-0">
4750 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4751 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4752 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4753 'Connection: close\r\n' + \
4754 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4755 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4756 self
.wfile
.write(hdr
+ payload
)
4757 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_device
, no_event_url
=True)
4759 def test_ap_wps_er_http_proto_upnp_info_invalid_udn_uuid(dev
, apdev
):
4760 """WPS ER HTTP protocol testing - Invalid UDN UUID"""
4761 class WPSAPHTTPServer_invalid_udn_uuid(WPSAPHTTPServer
):
4762 def handle_upnp_info(self
):
4763 self
.wfile
.write(gen_upnp_info(udn
='uuid:foo'))
4764 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_udn_uuid
)
4766 def test_ap_wps_er_http_proto_no_control_url(dev
, apdev
):
4767 """WPS ER HTTP protocol testing - no controlURL"""
4768 class WPSAPHTTPServer_no_control_url(WPSAPHTTPServer
):
4769 def handle_upnp_info(self
):
4770 self
.wfile
.write(gen_upnp_info(controlURL
=None))
4771 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_control_url
,
4774 def test_ap_wps_er_http_proto_control_url_dns(dev
, apdev
):
4775 """WPS ER HTTP protocol testing - DNS name in controlURL"""
4776 class WPSAPHTTPServer_control_url_dns(WPSAPHTTPServer
):
4777 def handle_upnp_info(self
):
4778 self
.wfile
.write(gen_upnp_info(controlURL
='http://example.com/wps_control'))
4779 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_control_url_dns
,
4782 def test_ap_wps_http_timeout(dev
, apdev
):
4783 """WPS AP/ER and HTTP timeout"""
4785 _test_ap_wps_http_timeout(dev
, apdev
)
4787 dev
[0].request("WPS_ER_STOP")
4789 def _test_ap_wps_http_timeout(dev
, apdev
):
4790 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
4791 add_ssdp_ap(apdev
[0], ap_uuid
)
4793 location
= ssdp_get_location(ap_uuid
)
4794 url
= urlparse
.urlparse(location
)
4795 addr
= (url
.hostname
, url
.port
)
4796 logger
.debug("Open HTTP connection to hostapd, but do not complete request")
4797 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4802 class DummyServer(SocketServer
.StreamRequestHandler
):
4804 logger
.debug("DummyServer - start 31 sec wait")
4806 logger
.debug("DummyServer - wait done")
4808 logger
.debug("Start WPS ER")
4809 server
,sock2
= wps_er_start(dev
[0], DummyServer
, max_age
=40,
4812 logger
.debug("Start server to accept, but not complete, HTTP connection from WPS ER")
4813 # This will wait for 31 seconds..
4814 server
.handle_request()
4816 logger
.debug("Complete HTTP connection with hostapd (that should have already closed the connection)")
4818 sock
.send("ET / HTTP/1.1\r\n\r\n")
4819 res
= sock
.recv(100)
4824 def test_ap_wps_er_url_parse(dev
, apdev
):
4825 """WPS ER and URL parsing special cases"""
4827 _test_ap_wps_er_url_parse(dev
, apdev
)
4829 dev
[0].request("WPS_ER_STOP")
4831 def _test_ap_wps_er_url_parse(dev
, apdev
):
4832 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
4834 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
4835 sock
.bind(("239.255.255.250", 1900))
4836 dev
[0].request("WPS_ER_START ifname=lo")
4837 (msg
,addr
) = sock
.recvfrom(1000)
4838 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
4839 if "M-SEARCH" not in msg
:
4840 raise Exception("Not an M-SEARCH")
4841 sock
.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1\r\ncache-control:max-age=1\r\n\r\n", addr
)
4842 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=2)
4843 sock
.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1/:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
4844 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=2)
4845 sock
.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://255.255.255.255:0/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr
)
4846 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=2)
4850 def test_ap_wps_er_link_update(dev
, apdev
):
4851 """WPS ER and link update special cases"""
4852 class WPSAPHTTPServer_link_update(WPSAPHTTPServer
):
4853 def handle_upnp_info(self
):
4854 self
.wfile
.write(gen_upnp_info(controlURL
='/wps_control'))
4855 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_link_update
)
4857 class WPSAPHTTPServer_link_update2(WPSAPHTTPServer
):
4858 def handle_others(self
, data
):
4859 if "GET / " in data
:
4860 self
.wfile
.write(gen_upnp_info(controlURL
='/wps_control'))
4861 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_link_update2
,
4862 location_url
='http://127.0.0.1:12345')
4864 def test_ap_wps_er_http_client(dev
, apdev
):
4865 """WPS ER and HTTP client special cases"""
4866 with
alloc_fail(dev
[0], 1, "http_link_update"):
4867 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer
)
4869 with
alloc_fail(dev
[0], 1, "wpabuf_alloc;http_client_url"):
4870 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer
, no_event_url
=True)
4872 with
alloc_fail(dev
[0], 1, "httpread_create;http_client_tx_ready"):
4873 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer
, no_event_url
=True)
4875 class WPSAPHTTPServer_req_as_resp(WPSAPHTTPServer
):
4876 def handle_upnp_info(self
):
4877 self
.wfile
.write("GET / HTTP/1.1\r\n\r\n")
4878 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_req_as_resp
,
4881 def test_ap_wps_init_oom(dev
, apdev
):
4882 """wps_init OOM cases"""
4885 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
4887 hapd
= hostapd
.add_ap(apdev
[0], params
)
4888 pin
= dev
[0].wps_read_pin()
4890 with
alloc_fail(hapd
, 1, "wps_init"):
4891 hapd
.request("WPS_PIN any " + pin
)
4892 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4893 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
4894 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
4896 raise Exception("No EAP failure reported")
4897 dev
[0].request("WPS_CANCEL")
4899 with
alloc_fail(dev
[0], 2, "wps_init"):
4900 hapd
.request("WPS_PIN any " + pin
)
4901 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4902 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
4903 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
4905 raise Exception("No EAP failure reported")
4906 dev
[0].request("WPS_CANCEL")
4908 with
alloc_fail(dev
[0], 2, "wps_init"):
4909 hapd
.request("WPS_PBC")
4910 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4911 dev
[0].request("WPS_PBC %s" % (apdev
[0]['bssid']))
4912 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
4914 raise Exception("No EAP failure reported")
4915 dev
[0].request("WPS_CANCEL")
4917 dev
[0].dump_monitor()
4918 new_ssid
= "wps-new-ssid"
4919 new_passphrase
= "1234567890"
4920 with
alloc_fail(dev
[0], 3, "wps_init"):
4921 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
4922 new_passphrase
, no_wait
=True)
4923 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
4925 raise Exception("No EAP failure reported")
4927 dev
[0].flush_scan_cache()
4930 def test_ap_wps_invalid_assoc_req_elem(dev
, apdev
):
4931 """WPS and invalid IE in Association Request frame"""
4933 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2" }
4934 hapd
= hostapd
.add_ap(apdev
[0], params
)
4936 hapd
.request("WPS_PIN any " + pin
)
4937 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4939 dev
[0].request("VENDOR_ELEM_ADD 13 dd050050f20410")
4940 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
4942 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=10)
4943 if ev
and "vendor=14122" in ev
:
4945 if ev
is None or "vendor=14122" not in ev
:
4946 raise Exception("EAP-WSC not started")
4947 dev
[0].request("WPS_CANCEL")
4949 dev
[0].request("VENDOR_ELEM_REMOVE 13 *")
4951 def test_ap_wps_pbc_pin_mismatch(dev
, apdev
):
4952 """WPS PBC/PIN mismatch"""
4954 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2" }
4955 hapd
= hostapd
.add_ap(apdev
[0], params
)
4956 hapd
.request("SET wps_version_number 0x10")
4957 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4958 hapd
.request("WPS_PBC")
4959 pin
= dev
[0].wps_read_pin()
4960 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
4961 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
4963 raise Exception("Scan did not complete")
4964 dev
[0].request("WPS_CANCEL")
4966 hapd
.request("WPS_CANCEL")
4967 dev
[0].flush_scan_cache()
4970 def test_ap_wps_ie_invalid(dev
, apdev
):
4971 """WPS PIN attempt with AP that has invalid WSC IE"""
4973 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
4974 "vendor_elements": "dd050050f20410" }
4975 hapd
= hostapd
.add_ap(apdev
[0], params
)
4976 params
= { 'ssid': "another", "vendor_elements": "dd050050f20410" }
4977 hostapd
.add_ap(apdev
[1], params
)
4978 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4979 pin
= dev
[0].wps_read_pin()
4980 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
4981 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
4983 raise Exception("Scan did not complete")
4984 dev
[0].request("WPS_CANCEL")
4987 def test_ap_wps_scan_prio_order(dev
, apdev
):
4988 """WPS scan priority ordering"""
4990 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2" }
4991 hapd
= hostapd
.add_ap(apdev
[0], params
)
4992 params
= { 'ssid': "another", "vendor_elements": "dd050050f20410" }
4993 hostapd
.add_ap(apdev
[1], params
)
4994 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4995 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
4996 pin
= dev
[0].wps_read_pin()
4997 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
4998 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
5000 raise Exception("Scan did not complete")
5001 dev
[0].request("WPS_CANCEL")
5003 def test_ap_wps_probe_req_ie_oom(dev
, apdev
):
5004 """WPS ProbeReq IE OOM"""
5006 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2" }
5007 hapd
= hostapd
.add_ap(apdev
[0], params
)
5008 pin
= dev
[0].wps_read_pin()
5009 hapd
.request("WPS_PIN any " + pin
)
5010 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5011 with
alloc_fail(dev
[0], 1, "wps_build_probe_req_ie"):
5012 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5013 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5015 raise Exception("Association not seen")
5016 dev
[0].request("WPS_CANCEL")
5017 dev
[0].wait_disconnected()
5019 with
alloc_fail(dev
[0], 1, "wps_ie_encapsulate"):
5020 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5021 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5023 raise Exception("Association not seen")
5024 dev
[0].request("WPS_CANCEL")
5026 dev
[0].request("REMOVE_NETWORK all")
5027 dev
[0].wait_disconnected()
5029 dev
[0].flush_scan_cache()
5031 def test_ap_wps_assoc_req_ie_oom(dev
, apdev
):
5032 """WPS AssocReq IE OOM"""
5034 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2" }
5035 hapd
= hostapd
.add_ap(apdev
[0], params
)
5036 pin
= dev
[0].wps_read_pin()
5037 hapd
.request("WPS_PIN any " + pin
)
5038 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5039 with
alloc_fail(dev
[0], 1, "wps_build_assoc_req_ie"):
5040 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5041 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5043 raise Exception("Association not seen")
5044 dev
[0].request("WPS_CANCEL")
5046 def test_ap_wps_assoc_resp_ie_oom(dev
, apdev
):
5047 """WPS AssocResp IE OOM"""
5049 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2" }
5050 hapd
= hostapd
.add_ap(apdev
[0], params
)
5051 pin
= dev
[0].wps_read_pin()
5052 hapd
.request("WPS_PIN any " + pin
)
5053 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5054 with
alloc_fail(hapd
, 1, "wps_build_assoc_resp_ie"):
5055 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5056 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5058 raise Exception("Association not seen")
5059 dev
[0].request("WPS_CANCEL")
5062 def test_ap_wps_bss_info_errors(dev
, apdev
):
5063 """WPS BSS info errors"""
5064 params
= { "ssid": "1",
5065 "vendor_elements": "dd0e0050f20410440001ff101100010a" }
5066 hostapd
.add_ap(apdev
[0], params
)
5067 params
= { 'ssid': "2", "vendor_elements": "dd050050f20410" }
5068 hostapd
.add_ap(apdev
[1], params
)
5069 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5070 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
5071 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
5072 logger
.info("BSS: " + str(bss
))
5073 if "wps_state" in bss
:
5074 raise Exception("Unexpected wps_state in BSS info")
5075 if 'wps_device_name' not in bss
:
5076 raise Exception("No wps_device_name in BSS info")
5077 if bss
['wps_device_name'] != '_':
5078 raise Exception("Unexpected wps_device_name value")
5079 bss
= dev
[0].get_bss(apdev
[1]['bssid'])
5080 logger
.info("BSS: " + str(bss
))
5082 with
alloc_fail(dev
[0], 1, "=wps_attr_text"):
5083 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
5084 logger
.info("BSS(OOM): " + str(bss
))
5086 def wps_run_pbc_fail_ap(apdev
, dev
, hapd
):
5087 hapd
.request("WPS_PBC")
5088 dev
.scan_for_bss(apdev
['bssid'], freq
="2412")
5089 dev
.request("WPS_PBC " + apdev
['bssid'])
5090 ev
= dev
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5092 raise Exception("No EAP failure reported")
5093 dev
.request("WPS_CANCEL")
5094 dev
.wait_disconnected()
5097 dev
.flush_scan_cache()
5099 except Exception, e
:
5100 if str(e
).startswith("Failed to trigger scan"):
5106 def wps_run_pbc_fail(apdev
, dev
):
5107 hapd
= wps_start_ap(apdev
)
5108 wps_run_pbc_fail_ap(apdev
, dev
, hapd
)
5111 def test_ap_wps_pk_oom(dev
, apdev
):
5112 """WPS and public key OOM"""
5113 with
alloc_fail(dev
[0], 1, "wps_build_public_key"):
5114 wps_run_pbc_fail(apdev
[0], dev
[0])
5117 def test_ap_wps_pk_oom_ap(dev
, apdev
):
5118 """WPS and public key OOM on AP"""
5119 hapd
= wps_start_ap(apdev
[0])
5120 with
alloc_fail(hapd
, 1, "wps_build_public_key"):
5121 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5124 def test_ap_wps_encr_oom_ap(dev
, apdev
):
5125 """WPS and encrypted settings decryption OOM on AP"""
5126 hapd
= wps_start_ap(apdev
[0])
5127 pin
= dev
[0].wps_read_pin()
5128 hapd
.request("WPS_PIN any " + pin
)
5129 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5130 with
alloc_fail(hapd
, 1, "wps_decrypt_encr_settings"):
5131 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " " + pin
)
5132 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=10)
5134 raise Exception("No WPS-FAIL reported")
5135 dev
[0].request("WPS_CANCEL")
5136 dev
[0].wait_disconnected()
5139 def test_ap_wps_encr_no_random_ap(dev
, apdev
):
5140 """WPS and no random data available for encryption on AP"""
5141 hapd
= wps_start_ap(apdev
[0])
5142 with
fail_test(hapd
, 1, "os_get_random;wps_build_encr_settings"):
5143 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5146 def test_ap_wps_e_hash_no_random_sta(dev
, apdev
):
5147 """WPS and no random data available for e-hash on STA"""
5148 with
fail_test(dev
[0], 1, "os_get_random;wps_build_e_hash"):
5149 wps_run_pbc_fail(apdev
[0], dev
[0])
5152 def test_ap_wps_m1_no_random(dev
, apdev
):
5153 """WPS and no random for M1 on STA"""
5154 with
fail_test(dev
[0], 1, "os_get_random;wps_build_m1"):
5155 wps_run_pbc_fail(apdev
[0], dev
[0])
5158 def test_ap_wps_m1_oom(dev
, apdev
):
5159 """WPS and OOM for M1 on STA"""
5160 with
alloc_fail(dev
[0], 1, "wps_build_m1"):
5161 wps_run_pbc_fail(apdev
[0], dev
[0])
5164 def test_ap_wps_m3_oom(dev
, apdev
):
5165 """WPS and OOM for M3 on STA"""
5166 with
alloc_fail(dev
[0], 1, "wps_build_m3"):
5167 wps_run_pbc_fail(apdev
[0], dev
[0])
5170 def test_ap_wps_m5_oom(dev
, apdev
):
5171 """WPS and OOM for M5 on STA"""
5172 hapd
= wps_start_ap(apdev
[0])
5173 hapd
.request("WPS_PBC")
5174 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5175 for i
in range(1, 3):
5176 with
alloc_fail(dev
[0], i
, "wps_build_m5"):
5177 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
5178 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5180 raise Exception("No EAP failure reported")
5181 dev
[0].request("WPS_CANCEL")
5182 dev
[0].wait_disconnected()
5183 dev
[0].flush_scan_cache()
5186 def test_ap_wps_m5_no_random(dev
, apdev
):
5187 """WPS and no random for M5 on STA"""
5188 with
fail_test(dev
[0], 1,
5189 "os_get_random;wps_build_encr_settings;wps_build_m5"):
5190 wps_run_pbc_fail(apdev
[0], dev
[0])
5193 def test_ap_wps_m7_oom(dev
, apdev
):
5194 """WPS and OOM for M7 on STA"""
5195 hapd
= wps_start_ap(apdev
[0])
5196 hapd
.request("WPS_PBC")
5197 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5198 for i
in range(1, 3):
5199 with
alloc_fail(dev
[0], i
, "wps_build_m7"):
5200 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
5201 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5203 raise Exception("No EAP failure reported")
5204 dev
[0].request("WPS_CANCEL")
5205 dev
[0].wait_disconnected()
5206 dev
[0].flush_scan_cache()
5209 def test_ap_wps_m7_no_random(dev
, apdev
):
5210 """WPS and no random for M7 on STA"""
5211 with
fail_test(dev
[0], 1,
5212 "os_get_random;wps_build_encr_settings;wps_build_m7"):
5213 wps_run_pbc_fail(apdev
[0], dev
[0])
5216 def test_ap_wps_wsc_done_oom(dev
, apdev
):
5217 """WPS and OOM for WSC_Done on STA"""
5218 with
alloc_fail(dev
[0], 1, "wps_build_wsc_done"):
5219 wps_run_pbc_fail(apdev
[0], dev
[0])
5221 def test_ap_wps_random_psk_fail(dev
, apdev
):
5222 """WPS and no random for PSK on AP"""
5224 pskfile
= "/tmp/ap_wps_per_enrollee_psk.psk_file"
5232 with
open(pskfile
, "w") as f
:
5233 f
.write("# WPA PSKs\n")
5235 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
5236 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
5237 "rsn_pairwise": "CCMP", "ap_pin": appin
,
5238 "wpa_psk_file": pskfile
}
5239 hapd
= hostapd
.add_ap(apdev
[0], params
)
5241 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5242 with
fail_test(hapd
, 1, "os_get_random;wps_build_cred_network_key"):
5243 dev
[0].request("WPS_REG " + apdev
[0]['bssid'] + " " + appin
)
5244 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5246 raise Exception("No EAP failure reported")
5247 dev
[0].request("WPS_CANCEL")
5248 dev
[0].wait_disconnected()
5250 with
fail_test(hapd
, 1, "os_get_random;wps_build_cred"):
5251 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5253 with
alloc_fail(hapd
, 1, "wps_build_cred"):
5254 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5256 with
alloc_fail(hapd
, 2, "wps_build_cred"):
5257 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5261 def wps_ext_eap_identity_req(dev
, hapd
, bssid
):
5262 logger
.debug("EAP-Identity/Request")
5263 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5265 raise Exception("Timeout on EAPOL-TX from hostapd")
5266 res
= dev
.request("EAPOL_RX " + bssid
+ " " + ev
.split(' ')[2])
5268 raise Exception("EAPOL_RX to wpa_supplicant failed")
5270 def wps_ext_eap_identity_resp(hapd
, dev
, addr
):
5271 ev
= dev
.wait_event(["EAPOL-TX"], timeout
=10)
5273 raise Exception("Timeout on EAPOL-TX from wpa_supplicant")
5274 res
= hapd
.request("EAPOL_RX " + addr
+ " " + ev
.split(' ')[2])
5276 raise Exception("EAPOL_RX to hostapd failed")
5278 def wps_ext_eap_wsc(dst
, src
, src_addr
, msg
):
5280 ev
= src
.wait_event(["EAPOL-TX"], timeout
=10)
5282 raise Exception("Timeout on EAPOL-TX")
5283 res
= dst
.request("EAPOL_RX " + src_addr
+ " " + ev
.split(' ')[2])
5285 raise Exception("EAPOL_RX failed")
5287 def wps_start_ext(apdev
, dev
, pbc
=False, pin
=None):
5288 addr
= dev
.own_addr()
5289 bssid
= apdev
['bssid']
5290 ssid
= "test-wps-conf"
5291 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
5292 "wpa_passphrase": "12345678", "wpa": "2",
5293 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
5294 hapd
= hostapd
.add_ap(apdev
, params
)
5297 hapd
.request("WPS_PBC")
5300 pin
= dev
.wps_read_pin()
5301 hapd
.request("WPS_PIN any " + pin
)
5302 dev
.scan_for_bss(bssid
, freq
="2412")
5303 hapd
.request("SET ext_eapol_frame_io 1")
5304 dev
.request("SET ext_eapol_frame_io 1")
5307 dev
.request("WPS_PBC " + bssid
)
5309 dev
.request("WPS_PIN " + bssid
+ " " + pin
)
5310 return addr
,bssid
,hapd
5312 def wps_auth_corrupt(dst
, src
, addr
):
5313 ev
= src
.wait_event(["EAPOL-TX"], timeout
=10)
5315 raise Exception("Timeout on EAPOL-TX")
5316 src
.request("SET ext_eapol_frame_io 0")
5317 dst
.request("SET ext_eapol_frame_io 0")
5318 msg
= ev
.split(' ')[2]
5319 if msg
[-24:-16] != '10050008':
5320 raise Exception("Could not find Authenticator attribute")
5321 # Corrupt Authenticator value
5322 msg
= msg
[:-1] + '%x' % ((int(msg
[-1], 16) + 1) % 16)
5323 res
= dst
.request("EAPOL_RX " + addr
+ " " + msg
)
5325 raise Exception("EAPOL_RX failed")
5327 def wps_fail_finish(hapd
, dev
, fail_str
):
5328 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
5330 raise Exception("WPS-FAIL not indicated")
5331 if fail_str
not in ev
:
5332 raise Exception("Unexpected WPS-FAIL value: " + ev
)
5333 dev
.request("WPS_CANCEL")
5334 dev
.wait_disconnected()
5336 def wps_auth_corrupt_from_ap(dev
, hapd
, bssid
, fail_str
):
5337 wps_auth_corrupt(dev
, hapd
, bssid
)
5338 wps_fail_finish(hapd
, dev
, fail_str
)
5340 def wps_auth_corrupt_to_ap(dev
, hapd
, addr
, fail_str
):
5341 wps_auth_corrupt(hapd
, dev
, addr
)
5342 wps_fail_finish(hapd
, dev
, fail_str
)
5344 def test_ap_wps_authenticator_mismatch_m2(dev
, apdev
):
5345 """WPS and Authenticator attribute mismatch in M2"""
5346 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0])
5347 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5348 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5349 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5350 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5352 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=5")
5354 def test_ap_wps_authenticator_mismatch_m3(dev
, apdev
):
5355 """WPS and Authenticator attribute mismatch in M3"""
5356 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0])
5357 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5358 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5359 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5360 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5361 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5363 wps_auth_corrupt_to_ap(dev
[0], hapd
, addr
, "msg=7")
5365 def test_ap_wps_authenticator_mismatch_m4(dev
, apdev
):
5366 """WPS and Authenticator attribute mismatch in M4"""
5367 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0])
5368 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5369 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5370 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5371 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5372 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5373 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5375 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=8")
5377 def test_ap_wps_authenticator_mismatch_m5(dev
, apdev
):
5378 """WPS and Authenticator attribute mismatch in M5"""
5379 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0])
5380 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5381 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5382 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5383 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5384 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5385 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5386 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5388 wps_auth_corrupt_to_ap(dev
[0], hapd
, addr
, "msg=9")
5390 def test_ap_wps_authenticator_mismatch_m6(dev
, apdev
):
5391 """WPS and Authenticator attribute mismatch in M6"""
5392 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0])
5393 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5394 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5395 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5396 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5397 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5398 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5399 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5400 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M5")
5402 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=10")
5404 def test_ap_wps_authenticator_mismatch_m7(dev
, apdev
):
5405 """WPS and Authenticator attribute mismatch in M7"""
5406 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0])
5407 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5408 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5409 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5410 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5411 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5412 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5413 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5414 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M5")
5415 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M6")
5417 wps_auth_corrupt_to_ap(dev
[0], hapd
, addr
, "msg=11")
5419 def test_ap_wps_authenticator_mismatch_m8(dev
, apdev
):
5420 """WPS and Authenticator attribute mismatch in M8"""
5421 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0])
5422 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5423 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5424 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5425 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5426 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5427 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5428 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5429 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M5")
5430 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M6")
5431 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M7")
5433 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=12")
5435 def test_ap_wps_authenticator_missing_m2(dev
, apdev
):
5436 """WPS and Authenticator attribute missing from M2"""
5437 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0])
5438 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5439 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5440 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5441 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5443 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5445 raise Exception("Timeout on EAPOL-TX")
5446 hapd
.request("SET ext_eapol_frame_io 0")
5447 dev
[0].request("SET ext_eapol_frame_io 0")
5448 msg
= ev
.split(' ')[2]
5449 if msg
[-24:-16] != '10050008':
5450 raise Exception("Could not find Authenticator attribute")
5451 # Remove Authenticator value
5453 mlen
= "%04x" % (int(msg
[4:8], 16) - 12)
5454 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:]
5455 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5457 raise Exception("EAPOL_RX failed")
5458 wps_fail_finish(hapd
, dev
[0], "msg=5")
5460 def test_ap_wps_m2_dev_passwd_id_p2p(dev
, apdev
):
5461 """WPS and M2 with different Device Password ID (P2P)"""
5462 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0])
5463 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5464 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5465 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5466 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5468 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5470 raise Exception("Timeout on EAPOL-TX")
5471 hapd
.request("SET ext_eapol_frame_io 0")
5472 dev
[0].request("SET ext_eapol_frame_io 0")
5473 msg
= ev
.split(' ')[2]
5474 if msg
[722:730] != '10120002':
5475 raise Exception("Could not find Device Password ID attribute")
5476 # Replace Device Password ID value. This will fail Authenticator check, but
5477 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5479 msg
= msg
[0:730] + "0005" + msg
[734:]
5480 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5482 raise Exception("EAPOL_RX failed")
5483 wps_fail_finish(hapd
, dev
[0], "msg=5")
5485 def test_ap_wps_m2_dev_passwd_id_change_pin_to_pbc(dev
, apdev
):
5486 """WPS and M2 with different Device Password ID (PIN to PBC)"""
5487 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0])
5488 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5489 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5490 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5491 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5493 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5495 raise Exception("Timeout on EAPOL-TX")
5496 hapd
.request("SET ext_eapol_frame_io 0")
5497 dev
[0].request("SET ext_eapol_frame_io 0")
5498 msg
= ev
.split(' ')[2]
5499 if msg
[722:730] != '10120002':
5500 raise Exception("Could not find Device Password ID attribute")
5501 # Replace Device Password ID value (PIN --> PBC). This will be rejected.
5502 msg
= msg
[0:730] + "0004" + msg
[734:]
5503 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5505 raise Exception("EAPOL_RX failed")
5506 wps_fail_finish(hapd
, dev
[0], "msg=5")
5508 def test_ap_wps_m2_dev_passwd_id_change_pbc_to_pin(dev
, apdev
):
5509 """WPS and M2 with different Device Password ID (PBC to PIN)"""
5510 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5511 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5512 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5513 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5514 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5516 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5518 raise Exception("Timeout on EAPOL-TX")
5519 hapd
.request("SET ext_eapol_frame_io 0")
5520 dev
[0].request("SET ext_eapol_frame_io 0")
5521 msg
= ev
.split(' ')[2]
5522 if msg
[722:730] != '10120002':
5523 raise Exception("Could not find Device Password ID attribute")
5524 # Replace Device Password ID value. This will fail Authenticator check, but
5525 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5527 msg
= msg
[0:730] + "0000" + msg
[734:]
5528 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5530 raise Exception("EAPOL_RX failed")
5531 wps_fail_finish(hapd
, dev
[0], "msg=5")
5532 dev
[0].flush_scan_cache()
5534 def test_ap_wps_m2_missing_dev_passwd_id(dev
, apdev
):
5535 """WPS and M2 without Device Password ID"""
5536 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0])
5537 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5538 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5539 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5540 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5542 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5544 raise Exception("Timeout on EAPOL-TX")
5545 hapd
.request("SET ext_eapol_frame_io 0")
5546 dev
[0].request("SET ext_eapol_frame_io 0")
5547 msg
= ev
.split(' ')[2]
5548 if msg
[722:730] != '10120002':
5549 raise Exception("Could not find Device Password ID attribute")
5550 # Remove Device Password ID value. This will fail Authenticator check, but
5551 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5553 mlen
= "%04x" % (int(msg
[4:8], 16) - 6)
5554 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:722] + msg
[734:]
5555 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5557 raise Exception("EAPOL_RX failed")
5558 wps_fail_finish(hapd
, dev
[0], "msg=5")
5560 def test_ap_wps_m2_missing_registrar_nonce(dev
, apdev
):
5561 """WPS and M2 without Registrar Nonce"""
5562 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5563 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5564 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5565 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5566 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5568 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5570 raise Exception("Timeout on EAPOL-TX")
5571 hapd
.request("SET ext_eapol_frame_io 0")
5572 dev
[0].request("SET ext_eapol_frame_io 0")
5573 msg
= ev
.split(' ')[2]
5574 if msg
[96:104] != '10390010':
5575 raise Exception("Could not find Registrar Nonce attribute")
5576 # Remove Registrar Nonce. This will fail Authenticator check, but
5577 # allows the code path in wps_process_registrar_nonce() to be checked from
5579 mlen
= "%04x" % (int(msg
[4:8], 16) - 20)
5580 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:96] + msg
[136:]
5581 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5583 raise Exception("EAPOL_RX failed")
5584 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5586 raise Exception("Disconnect event not seen")
5587 dev
[0].request("WPS_CANCEL")
5588 dev
[0].flush_scan_cache()
5590 def test_ap_wps_m2_missing_enrollee_nonce(dev
, apdev
):
5591 """WPS and M2 without Enrollee Nonce"""
5592 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5593 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5594 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5595 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5596 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5598 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5600 raise Exception("Timeout on EAPOL-TX")
5601 hapd
.request("SET ext_eapol_frame_io 0")
5602 dev
[0].request("SET ext_eapol_frame_io 0")
5603 msg
= ev
.split(' ')[2]
5604 if msg
[56:64] != '101a0010':
5605 raise Exception("Could not find enrollee Nonce attribute")
5606 # Remove Enrollee Nonce. This will fail Authenticator check, but
5607 # allows the code path in wps_process_enrollee_nonce() to be checked from
5609 mlen
= "%04x" % (int(msg
[4:8], 16) - 20)
5610 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:56] + msg
[96:]
5611 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5613 raise Exception("EAPOL_RX failed")
5614 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5616 raise Exception("Disconnect event not seen")
5617 dev
[0].request("WPS_CANCEL")
5618 dev
[0].flush_scan_cache()
5620 def test_ap_wps_m2_missing_uuid_r(dev
, apdev
):
5621 """WPS and M2 without UUID-R"""
5622 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5623 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5624 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5625 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5626 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5628 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5630 raise Exception("Timeout on EAPOL-TX")
5631 hapd
.request("SET ext_eapol_frame_io 0")
5632 dev
[0].request("SET ext_eapol_frame_io 0")
5633 msg
= ev
.split(' ')[2]
5634 if msg
[136:144] != '10480010':
5635 raise Exception("Could not find enrollee Nonce attribute")
5636 # Remove UUID-R. This will fail Authenticator check, but allows the code
5637 # path in wps_process_uuid_r() to be checked from the debug log.
5638 mlen
= "%04x" % (int(msg
[4:8], 16) - 20)
5639 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:136] + msg
[176:]
5640 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5642 raise Exception("EAPOL_RX failed")
5643 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5645 raise Exception("Disconnect event not seen")
5646 dev
[0].request("WPS_CANCEL")
5647 dev
[0].flush_scan_cache()
5649 def test_ap_wps_m2_invalid(dev
, apdev
):
5650 """WPS and M2 parsing failure"""
5651 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5652 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5653 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5654 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5655 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5657 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5659 raise Exception("Timeout on EAPOL-TX")
5660 hapd
.request("SET ext_eapol_frame_io 0")
5661 dev
[0].request("SET ext_eapol_frame_io 0")
5662 msg
= ev
.split(' ')[2]
5663 if msg
[136:144] != '10480010':
5664 raise Exception("Could not find enrollee Nonce attribute")
5665 # Remove UUID-R. This will fail Authenticator check, but allows the code
5666 # path in wps_process_uuid_r() to be checked from the debug log.
5667 mlen
= "%04x" % (int(msg
[4:8], 16) - 1)
5668 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:-2]
5669 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5671 raise Exception("EAPOL_RX failed")
5672 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5674 raise Exception("Disconnect event not seen")
5675 dev
[0].request("WPS_CANCEL")
5676 dev
[0].flush_scan_cache()
5678 def test_ap_wps_m2_missing_msg_type(dev
, apdev
):
5679 """WPS and M2 without Message Type"""
5680 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5681 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5682 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5683 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5684 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5686 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5688 raise Exception("Timeout on EAPOL-TX")
5689 hapd
.request("SET ext_eapol_frame_io 0")
5690 dev
[0].request("SET ext_eapol_frame_io 0")
5691 msg
= ev
.split(' ')[2]
5692 if msg
[46:54] != '10220001':
5693 raise Exception("Could not find Message Type attribute")
5694 # Remove Message Type. This will fail Authenticator check, but allows the
5695 # code path in wps_process_wsc_msg() to be checked from the debug log.
5696 mlen
= "%04x" % (int(msg
[4:8], 16) - 5)
5697 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:46] + msg
[56:]
5698 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5700 raise Exception("EAPOL_RX failed")
5701 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5703 raise Exception("Disconnect event not seen")
5704 dev
[0].request("WPS_CANCEL")
5705 dev
[0].flush_scan_cache()
5707 def test_ap_wps_m2_unknown_msg_type(dev
, apdev
):
5708 """WPS and M2 but unknown Message Type"""
5709 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5710 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5711 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5712 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5713 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5715 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5717 raise Exception("Timeout on EAPOL-TX")
5718 hapd
.request("SET ext_eapol_frame_io 0")
5719 dev
[0].request("SET ext_eapol_frame_io 0")
5720 msg
= ev
.split(' ')[2]
5721 if msg
[46:54] != '10220001':
5722 raise Exception("Could not find Message Type attribute")
5723 # Replace Message Type value. This will be rejected.
5724 msg
= msg
[0:54] + "00" + msg
[56:]
5725 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5727 raise Exception("EAPOL_RX failed")
5728 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5730 raise Exception("Disconnect event not seen")
5731 dev
[0].request("WPS_CANCEL")
5732 dev
[0].flush_scan_cache()
5734 def test_ap_wps_m2_unknown_opcode(dev
, apdev
):
5735 """WPS and M2 but unknown opcode"""
5736 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5737 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5738 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5739 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5740 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5742 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5744 raise Exception("Timeout on EAPOL-TX")
5745 hapd
.request("SET ext_eapol_frame_io 0")
5746 dev
[0].request("SET ext_eapol_frame_io 0")
5747 msg
= ev
.split(' ')[2]
5748 # Replace opcode. This will be discarded in EAP-WSC processing.
5749 msg
= msg
[0:32] + "00" + msg
[34:]
5750 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5752 raise Exception("EAPOL_RX failed")
5753 dev
[0].request("WPS_CANCEL")
5754 dev
[0].wait_disconnected()
5755 dev
[0].flush_scan_cache()
5757 def test_ap_wps_m2_unknown_opcode2(dev
, apdev
):
5758 """WPS and M2 but unknown opcode (WSC_Start)"""
5759 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5760 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5761 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5762 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5763 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5765 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5767 raise Exception("Timeout on EAPOL-TX")
5768 hapd
.request("SET ext_eapol_frame_io 0")
5769 dev
[0].request("SET ext_eapol_frame_io 0")
5770 msg
= ev
.split(' ')[2]
5771 # Replace opcode. This will be discarded in EAP-WSC processing.
5772 msg
= msg
[0:32] + "01" + msg
[34:]
5773 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5775 raise Exception("EAPOL_RX failed")
5776 dev
[0].request("WPS_CANCEL")
5777 dev
[0].wait_disconnected()
5778 dev
[0].flush_scan_cache()
5780 def test_ap_wps_m2_unknown_opcode3(dev
, apdev
):
5781 """WPS and M2 but unknown opcode (WSC_Done)"""
5782 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5783 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5784 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5785 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5786 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5788 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5790 raise Exception("Timeout on EAPOL-TX")
5791 hapd
.request("SET ext_eapol_frame_io 0")
5792 dev
[0].request("SET ext_eapol_frame_io 0")
5793 msg
= ev
.split(' ')[2]
5794 # Replace opcode. This will be discarded in WPS Enrollee processing.
5795 msg
= msg
[0:32] + "05" + msg
[34:]
5796 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5798 raise Exception("EAPOL_RX failed")
5799 dev
[0].request("WPS_CANCEL")
5800 dev
[0].wait_disconnected()
5801 dev
[0].flush_scan_cache()
5803 def wps_m2_but_other(dev
, apdev
, title
, msgtype
):
5804 addr
,bssid
,hapd
= wps_start_ext(apdev
, dev
)
5805 wps_ext_eap_identity_req(dev
, hapd
, bssid
)
5806 wps_ext_eap_identity_resp(hapd
, dev
, addr
)
5807 wps_ext_eap_wsc(dev
, hapd
, bssid
, "EAP-WSC/Start")
5808 wps_ext_eap_wsc(hapd
, dev
, addr
, "M1")
5810 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5812 raise Exception("Timeout on EAPOL-TX")
5813 hapd
.request("SET ext_eapol_frame_io 0")
5814 dev
.request("SET ext_eapol_frame_io 0")
5815 msg
= ev
.split(' ')[2]
5816 if msg
[46:54] != '10220001':
5817 raise Exception("Could not find Message Type attribute")
5818 # Replace Message Type value. This will be rejected.
5819 msg
= msg
[0:54] + msgtype
+ msg
[56:]
5820 res
= dev
.request("EAPOL_RX " + bssid
+ " " + msg
)
5822 raise Exception("EAPOL_RX failed")
5823 ev
= dev
.wait_event(["WPS-FAIL"], timeout
=5)
5825 raise Exception("WPS-FAIL event not seen")
5826 dev
.request("WPS_CANCEL")
5827 dev
.wait_disconnected()
5829 def wps_m4_but_other(dev
, apdev
, title
, msgtype
):
5830 addr
,bssid
,hapd
= wps_start_ext(apdev
, dev
)
5831 wps_ext_eap_identity_req(dev
, hapd
, bssid
)
5832 wps_ext_eap_identity_resp(hapd
, dev
, addr
)
5833 wps_ext_eap_wsc(dev
, hapd
, bssid
, "EAP-WSC/Start")
5834 wps_ext_eap_wsc(hapd
, dev
, addr
, "M1")
5835 wps_ext_eap_wsc(dev
, hapd
, bssid
, "M2")
5836 wps_ext_eap_wsc(hapd
, dev
, addr
, "M3")
5838 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5840 raise Exception("Timeout on EAPOL-TX")
5841 hapd
.request("SET ext_eapol_frame_io 0")
5842 dev
.request("SET ext_eapol_frame_io 0")
5843 msg
= ev
.split(' ')[2]
5844 if msg
[46:54] != '10220001':
5845 raise Exception("Could not find Message Type attribute")
5846 # Replace Message Type value. This will be rejected.
5847 msg
= msg
[0:54] + msgtype
+ msg
[56:]
5848 res
= dev
.request("EAPOL_RX " + bssid
+ " " + msg
)
5850 raise Exception("EAPOL_RX failed")
5851 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
5853 raise Exception("WPS-FAIL event not seen")
5854 dev
.request("WPS_CANCEL")
5855 dev
.wait_disconnected()
5857 def test_ap_wps_m2_msg_type_m4(dev
, apdev
):
5858 """WPS and M2 but Message Type M4"""
5859 wps_m2_but_other(dev
[0], apdev
[0], "M2/M4", "08")
5861 def test_ap_wps_m2_msg_type_m6(dev
, apdev
):
5862 """WPS and M2 but Message Type M6"""
5863 wps_m2_but_other(dev
[0], apdev
[0], "M2/M6", "0a")
5865 def test_ap_wps_m2_msg_type_m8(dev
, apdev
):
5866 """WPS and M2 but Message Type M8"""
5867 wps_m2_but_other(dev
[0], apdev
[0], "M2/M8", "0c")
5869 def test_ap_wps_m4_msg_type_m2(dev
, apdev
):
5870 """WPS and M4 but Message Type M2"""
5871 wps_m4_but_other(dev
[0], apdev
[0], "M4/M2", "05")
5873 def test_ap_wps_m4_msg_type_m2d(dev
, apdev
):
5874 """WPS and M4 but Message Type M2D"""
5875 wps_m4_but_other(dev
[0], apdev
[0], "M4/M2D", "06")
5878 def test_ap_wps_config_methods(dev
, apdev
):
5879 """WPS configuration method parsing"""
5880 ssid
= "test-wps-conf"
5881 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
5882 "wpa_passphrase": "12345678", "wpa": "2",
5883 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
5884 "config_methods": "ethernet display ext_nfc_token int_nfc_token physical_display physical_push_button" }
5885 hapd
= hostapd
.add_ap(apdev
[0], params
)
5886 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
5887 "wpa_passphrase": "12345678", "wpa": "2",
5888 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
5889 "config_methods": "display push_button" }
5890 hapd2
= hostapd
.add_ap(apdev
[1], params
)
5892 def test_ap_wps_set_selected_registrar_proto(dev
, apdev
):
5893 """WPS UPnP SetSelectedRegistrar protocol testing"""
5894 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
5895 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
5897 location
= ssdp_get_location(ap_uuid
)
5898 urls
= upnp_get_urls(location
)
5899 eventurl
= urlparse
.urlparse(urls
['event_sub_url'])
5900 ctrlurl
= urlparse
.urlparse(urls
['control_url'])
5901 url
= urlparse
.urlparse(location
)
5902 conn
= httplib
.HTTPConnection(url
.netloc
)
5904 class WPSERHTTPServer(SocketServer
.StreamRequestHandler
):
5906 data
= self
.rfile
.readline().strip()
5908 self
.wfile
.write(gen_wps_event())
5910 server
= MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer
)
5913 headers
= { "callback": '<http://127.0.0.1:12345/event>',
5915 "timeout": "Second-1234" }
5916 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
5917 resp
= conn
.getresponse()
5918 if resp
.status
!= 200:
5919 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
5920 sid
= resp
.getheader("sid")
5921 logger
.debug("Subscription SID " + sid
)
5922 server
.handle_request()
5924 tests
= [ (500, "10"),
5925 (200, "104a000110" + "1041000101" + "101200020000" +
5927 "1049002c00372a0001200124111111111111222222222222333333333333444444444444555555555555666666666666" +
5928 "10480010362db47ba53a519188fb5458b986b2e4"),
5929 (200, "104a000110" + "1041000100" + "101200020000" +
5931 (200, "104a000110" + "1041000100"),
5932 (200, "104a000110") ]
5933 for status
,test
in tests
:
5934 tlvs
= binascii
.unhexlify(test
)
5935 newmsg
= base64
.b64encode(tlvs
)
5936 msg
= '<?xml version="1.0"?>\n'
5937 msg
+= '<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">'
5939 msg
+= '<u:SetSelectedRegistrar xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">'
5940 msg
+= '<NewMessage>'
5942 msg
+= "</NewMessage></u:SetSelectedRegistrar></s:Body></s:Envelope>"
5943 headers
= { "Content-type": 'text/xml; charset="utf-8"' }
5944 headers
["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % "SetSelectedRegistrar"
5945 conn
.request("POST", ctrlurl
.path
, msg
, headers
)
5946 resp
= conn
.getresponse()
5947 if resp
.status
!= status
:
5948 raise Exception("Unexpected HTTP response: %d (expected %d)" % (resp
.status
, status
))
5950 def test_ap_wps_adv_oom(dev
, apdev
):
5951 """WPS AP and advertisement OOM"""
5952 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
5953 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
5955 with
alloc_fail(hapd
, 1, "=msearchreply_state_machine_start"):
5956 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1",
5960 with
alloc_fail(hapd
, 1, "eloop_register_timeout;msearchreply_state_machine_start"):
5961 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1",
5965 with
alloc_fail(hapd
, 1,
5966 "next_advertisement;advertisement_state_machine_stop"):
5969 with
alloc_fail(hapd
, 1, "ssdp_listener_start"):
5970 if "FAIL" not in hapd
.request("ENABLE"):
5971 raise Exception("ENABLE succeeded during OOM")
5973 def test_wps_config_methods(dev
):
5974 """WPS config method update"""
5975 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
5976 wpas
.interface_add("wlan5")
5977 if "OK" not in wpas
.request("SET config_methods display label"):
5978 raise Exception("Failed to set config_methods")
5979 if wpas
.request("GET config_methods").strip() != "display label":
5980 raise Exception("config_methods were not updated")
5981 if "OK" not in wpas
.request("SET config_methods "):
5982 raise Exception("Failed to clear config_methods")
5983 if wpas
.request("GET config_methods").strip() != "":
5984 raise Exception("config_methods were not cleared")
5986 WPS_VENDOR_ID_WFA
= 14122
5989 # EAP-WSC Op-Code values
5997 ATTR_AP_CHANNEL
= 0x1001
5998 ATTR_ASSOC_STATE
= 0x1002
5999 ATTR_AUTH_TYPE
= 0x1003
6000 ATTR_AUTH_TYPE_FLAGS
= 0x1004
6001 ATTR_AUTHENTICATOR
= 0x1005
6002 ATTR_CONFIG_METHODS
= 0x1008
6003 ATTR_CONFIG_ERROR
= 0x1009
6004 ATTR_CONFIRM_URL4
= 0x100a
6005 ATTR_CONFIRM_URL6
= 0x100b
6006 ATTR_CONN_TYPE
= 0x100c
6007 ATTR_CONN_TYPE_FLAGS
= 0x100d
6009 ATTR_ENCR_TYPE
= 0x100f
6010 ATTR_ENCR_TYPE_FLAGS
= 0x1010
6011 ATTR_DEV_NAME
= 0x1011
6012 ATTR_DEV_PASSWORD_ID
= 0x1012
6013 ATTR_E_HASH1
= 0x1014
6014 ATTR_E_HASH2
= 0x1015
6015 ATTR_E_SNONCE1
= 0x1016
6016 ATTR_E_SNONCE2
= 0x1017
6017 ATTR_ENCR_SETTINGS
= 0x1018
6018 ATTR_ENROLLEE_NONCE
= 0x101a
6019 ATTR_FEATURE_ID
= 0x101b
6020 ATTR_IDENTITY
= 0x101c
6021 ATTR_IDENTITY_PROOF
= 0x101d
6022 ATTR_KEY_WRAP_AUTH
= 0x101e
6023 ATTR_KEY_ID
= 0x101f
6024 ATTR_MAC_ADDR
= 0x1020
6025 ATTR_MANUFACTURER
= 0x1021
6026 ATTR_MSG_TYPE
= 0x1022
6027 ATTR_MODEL_NAME
= 0x1023
6028 ATTR_MODEL_NUMBER
= 0x1024
6029 ATTR_NETWORK_INDEX
= 0x1026
6030 ATTR_NETWORK_KEY
= 0x1027
6031 ATTR_NETWORK_KEY_INDEX
= 0x1028
6032 ATTR_NEW_DEVICE_NAME
= 0x1029
6033 ATTR_NEW_PASSWORD
= 0x102a
6034 ATTR_OOB_DEVICE_PASSWORD
= 0x102c
6035 ATTR_OS_VERSION
= 0x102d
6036 ATTR_POWER_LEVEL
= 0x102f
6037 ATTR_PSK_CURRENT
= 0x1030
6038 ATTR_PSK_MAX
= 0x1031
6039 ATTR_PUBLIC_KEY
= 0x1032
6040 ATTR_RADIO_ENABLE
= 0x1033
6041 ATTR_REBOOT
= 0x1034
6042 ATTR_REGISTRAR_CURRENT
= 0x1035
6043 ATTR_REGISTRAR_ESTABLISHED
= 0x1036
6044 ATTR_REGISTRAR_LIST
= 0x1037
6045 ATTR_REGISTRAR_MAX
= 0x1038
6046 ATTR_REGISTRAR_NONCE
= 0x1039
6047 ATTR_REQUEST_TYPE
= 0x103a
6048 ATTR_RESPONSE_TYPE
= 0x103b
6049 ATTR_RF_BANDS
= 0x103c
6050 ATTR_R_HASH1
= 0x103d
6051 ATTR_R_HASH2
= 0x103e
6052 ATTR_R_SNONCE1
= 0x103f
6053 ATTR_R_SNONCE2
= 0x1040
6054 ATTR_SELECTED_REGISTRAR
= 0x1041
6055 ATTR_SERIAL_NUMBER
= 0x1042
6056 ATTR_WPS_STATE
= 0x1044
6058 ATTR_TOTAL_NETWORKS
= 0x1046
6059 ATTR_UUID_E
= 0x1047
6060 ATTR_UUID_R
= 0x1048
6061 ATTR_VENDOR_EXT
= 0x1049
6062 ATTR_VERSION
= 0x104a
6063 ATTR_X509_CERT_REQ
= 0x104b
6064 ATTR_X509_CERT
= 0x104c
6065 ATTR_EAP_IDENTITY
= 0x104d
6066 ATTR_MSG_COUNTER
= 0x104e
6067 ATTR_PUBKEY_HASH
= 0x104f
6068 ATTR_REKEY_KEY
= 0x1050
6069 ATTR_KEY_LIFETIME
= 0x1051
6070 ATTR_PERMITTED_CFG_METHODS
= 0x1052
6071 ATTR_SELECTED_REGISTRAR_CONFIG_METHODS
= 0x1053
6072 ATTR_PRIMARY_DEV_TYPE
= 0x1054
6073 ATTR_SECONDARY_DEV_TYPE_LIST
= 0x1055
6074 ATTR_PORTABLE_DEV
= 0x1056
6075 ATTR_AP_SETUP_LOCKED
= 0x1057
6076 ATTR_APPLICATION_EXT
= 0x1058
6077 ATTR_EAP_TYPE
= 0x1059
6079 ATTR_KEY_PROVIDED_AUTO
= 0x1061
6080 ATTR_802_1X_ENABLED
= 0x1062
6081 ATTR_APPSESSIONKEY
= 0x1063
6082 ATTR_WEPTRANSMITKEY
= 0x1064
6083 ATTR_REQUESTED_DEV_TYPE
= 0x106a
6087 WPS_ProbeRequest
= 0x02
6088 WPS_ProbeResponse
= 0x03
6102 def get_wsc_msg(dev
):
6103 ev
= dev
.wait_event(["EAPOL-TX"], timeout
=10)
6105 raise Exception("Timeout on EAPOL-TX")
6106 data
= binascii
.unhexlify(ev
.split(' ')[2])
6109 # Parse EAPOL header
6111 raise Exception("No room for EAPOL header")
6112 version
,type,length
= struct
.unpack('>BBH', data
[0:4])
6113 msg
['eapol_version'] = version
6114 msg
['eapol_type'] = type
6115 msg
['eapol_length'] = length
6117 if length
!= len(data
):
6118 raise Exception("EAPOL header length mismatch (%d != %d)" % (length
, len(data
)))
6120 raise Exception("Unexpected EAPOL header type: %d" % type)
6124 raise Exception("No room for EAP header")
6125 code
,identifier
,length
= struct
.unpack('>BBH', data
[0:4])
6126 msg
['eap_code'] = code
6127 msg
['eap_identifier'] = identifier
6128 msg
['eap_length'] = length
6130 if msg
['eapol_length'] != msg
['eap_length']:
6131 raise Exception("EAP header length mismatch (%d != %d)" % (msg
['eapol_length'], length
))
6133 # Parse EAP expanded header
6135 raise Exception("No EAP type included")
6136 msg
['eap_type'], = struct
.unpack('B', data
[0])
6139 if msg
['eap_type'] == 254:
6140 if len(data
) < 3 + 4:
6141 raise Exception("Truncated EAP expanded header")
6142 msg
['eap_vendor_id'], msg
['eap_vendor_type'] = struct
.unpack('>LL', '\0' + data
[0:7])
6145 raise Exception("Unexpected EAP type")
6147 if msg
['eap_vendor_id'] != WPS_VENDOR_ID_WFA
:
6148 raise Exception("Unexpected Vendor-Id")
6149 if msg
['eap_vendor_type'] != WPS_VENDOR_TYPE
:
6150 raise Exception("Unexpected Vendor-Type")
6152 # Parse EAP-WSC header
6154 raise Exception("Truncated EAP-WSC header")
6155 msg
['wsc_opcode'], msg
['wsc_flags'] = struct
.unpack('BB', data
[0:2])
6158 # Parse WSC attributes
6159 msg
['raw_attrs'] = data
6161 while len(data
) > 0:
6163 raise Exception("Truncated attribute header")
6164 attr
,length
= struct
.unpack('>HH', data
[0:4])
6166 if length
> len(data
):
6167 raise Exception("Truncated attribute 0x%04x" % attr
)
6168 attrs
[attr
] = data
[0:length
]
6169 data
= data
[length
:]
6170 msg
['wsc_attrs'] = attrs
6172 if ATTR_MSG_TYPE
in attrs
:
6173 msg
['wsc_msg_type'], = struct
.unpack('B', attrs
[ATTR_MSG_TYPE
])
6177 def recv_wsc_msg(dev
, opcode
, msg_type
):
6178 msg
= get_wsc_msg(dev
)
6179 if msg
['wsc_opcode'] != opcode
or msg
['wsc_msg_type'] != msg_type
:
6180 raise Exception("Unexpected Op-Code/MsgType")
6181 return msg
, msg
['wsc_attrs'], msg
['raw_attrs']
6183 def build_wsc_attr(attr
, payload
):
6184 return struct
.pack('>HH', attr
, len(payload
)) + payload
6186 def build_attr_msg_type(msg_type
):
6187 return build_wsc_attr(ATTR_MSG_TYPE
, struct
.pack('B', msg_type
))
6189 def build_eap_wsc(eap_code
, eap_id
, payload
, opcode
=WSC_MSG
):
6190 length
= 4 + 8 + 2 + len(payload
)
6192 msg
= struct
.pack('>BBH', 2, 0, length
)
6194 msg
+= struct
.pack('>BBH', eap_code
, eap_id
, length
)
6195 # EAP expanded header for EAP-WSC
6196 msg
+= struct
.pack('B', 254)
6197 msg
+= struct
.pack('>L', WPS_VENDOR_ID_WFA
)[1:4]
6198 msg
+= struct
.pack('>L', WPS_VENDOR_TYPE
)
6200 msg
+= struct
.pack('BB', opcode
, 0)
6205 def build_eap_success(eap_id
):
6208 msg
= struct
.pack('>BBH', 2, 0, length
)
6210 msg
+= struct
.pack('>BBH', 3, eap_id
, length
)
6213 def build_eap_failure(eap_id
):
6216 msg
= struct
.pack('>BBH', 2, 0, length
)
6218 msg
+= struct
.pack('>BBH', 4, eap_id
, length
)
6221 def send_wsc_msg(dev
, src
, msg
):
6222 res
= dev
.request("EAPOL_RX " + src
+ " " + binascii
.hexlify(msg
))
6224 raise Exception("EAPOL_RX failed")
6226 group_5_prime
= 0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF
6227 group_5_generator
= 2
6229 def wsc_kdf(key
, label
, bits
):
6232 while len(result
) * 8 < bits
:
6233 data
= struct
.pack('>L', i
) + label
+ struct
.pack('>L', bits
)
6234 m
= hmac
.new(key
, data
, hashlib
.sha256
)
6235 result
+= m
.digest()
6237 return result
[0:bits
/ 8]
6240 keys
= wsc_kdf(kdk
, "Wi-Fi Easy and Secure Key Derivation", 640)
6241 authkey
= keys
[0:32]
6242 keywrapkey
= keys
[32:48]
6244 return authkey
,keywrapkey
,emsk
6246 def wsc_dev_pw_half_psk(authkey
, dev_pw
):
6247 m
= hmac
.new(authkey
, dev_pw
, hashlib
.sha256
)
6248 return m
.digest()[0:16]
6250 def wsc_dev_pw_psk(authkey
, dev_pw
):
6251 dev_pw_1
= dev_pw
[0:len(dev_pw
) / 2]
6252 dev_pw_2
= dev_pw
[len(dev_pw
) / 2:]
6253 psk1
= wsc_dev_pw_half_psk(authkey
, dev_pw_1
)
6254 psk2
= wsc_dev_pw_half_psk(authkey
, dev_pw_2
)
6257 def build_attr_authenticator(authkey
, prev_msg
, curr_msg
):
6258 m
= hmac
.new(authkey
, prev_msg
+ curr_msg
, hashlib
.sha256
)
6259 auth
= m
.digest()[0:8]
6260 return build_wsc_attr(ATTR_AUTHENTICATOR
, auth
)
6262 def build_attr_encr_settings(authkey
, keywrapkey
, data
):
6263 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
6264 kwa
= m
.digest()[0:8]
6265 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
6267 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6268 pad_len
= 16 - len(data
) % 16
6269 ps
= pad_len
* struct
.pack('B', pad_len
)
6271 wrapped
= aes
.encrypt(data
)
6272 return build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6274 def decrypt_attr_encr_settings(authkey
, keywrapkey
, data
):
6275 if len(data
) < 32 or len(data
) % 16 != 0:
6276 raise Exception("Unexpected Encrypted Settings length: %d" % len(data
))
6279 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6280 decrypted
= aes
.decrypt(encr
)
6281 pad_len
, = struct
.unpack('B', decrypted
[-1])
6282 if pad_len
> len(decrypted
):
6283 raise Exception("Invalid padding in Encrypted Settings")
6284 for i
in range(-pad_len
, -1):
6285 if decrypted
[i
] != decrypted
[-1]:
6286 raise Exception("Invalid PS value in Encrypted Settings")
6288 decrypted
= decrypted
[0:len(decrypted
) - pad_len
]
6289 if len(decrypted
) < 12:
6290 raise Exception("Truncated Encrypted Settings plaintext")
6291 kwa
= decrypted
[-12:]
6292 attr
,length
= struct
.unpack(">HH", kwa
[0:4])
6293 if attr
!= ATTR_KEY_WRAP_AUTH
or length
!= 8:
6294 raise Exception("Invalid KWA header")
6296 decrypted
= decrypted
[0:len(decrypted
) - 12]
6298 m
= hmac
.new(authkey
, decrypted
, hashlib
.sha256
)
6299 calc_kwa
= m
.digest()[0:8]
6301 raise Exception("KWA mismatch")
6305 def zeropad_str(val
, pad_len
):
6306 while len(val
) < pad_len
* 2:
6311 # For now, use a hardcoded private key. In theory, this is supposed to be
6312 # randomly selected.
6313 own_private
= 0x123456789
6314 own_public
= pow(group_5_generator
, own_private
, group_5_prime
)
6315 pk
= binascii
.unhexlify(zeropad_str(format(own_public
, '02x'), 192))
6316 return own_private
, pk
6318 def wsc_dh_kdf(peer_pk
, own_private
, mac_addr
, e_nonce
, r_nonce
):
6319 peer_public
= long(binascii
.hexlify(peer_pk
), 16)
6320 if peer_public
< 2 or peer_public
>= group_5_prime
:
6321 raise Exception("Invalid peer public key")
6322 if pow(peer_public
, (group_5_prime
- 1) / 2, group_5_prime
) != 1:
6323 raise Exception("Unexpected Legendre symbol for peer public key")
6325 shared_secret
= pow(peer_public
, own_private
, group_5_prime
)
6326 ss
= zeropad_str(format(shared_secret
, "02x"), 192)
6327 logger
.debug("DH shared secret: " + ss
)
6329 dhkey
= hashlib
.sha256(binascii
.unhexlify(ss
)).digest()
6330 logger
.debug("DHKey: " + binascii
.hexlify(dhkey
))
6332 m
= hmac
.new(dhkey
, e_nonce
+ mac_addr
+ r_nonce
, hashlib
.sha256
)
6334 logger
.debug("KDK: " + binascii
.hexlify(kdk
))
6335 authkey
,keywrapkey
,emsk
= wsc_keys(kdk
)
6336 logger
.debug("AuthKey: " + binascii
.hexlify(authkey
))
6337 logger
.debug("KeyWrapKey: " + binascii
.hexlify(keywrapkey
))
6338 logger
.debug("EMSK: " + binascii
.hexlify(emsk
))
6339 return authkey
,keywrapkey
6341 def wsc_dev_pw_hash(authkey
, dev_pw
, e_pk
, r_pk
):
6342 psk1
,psk2
= wsc_dev_pw_psk(authkey
, dev_pw
)
6343 logger
.debug("PSK1: " + binascii
.hexlify(psk1
))
6344 logger
.debug("PSK2: " + binascii
.hexlify(psk2
))
6346 # Note: Secret values are supposed to be random, but hardcoded values are
6349 m
= hmac
.new(authkey
, s1
+ psk1
+ e_pk
+ r_pk
, hashlib
.sha256
)
6351 logger
.debug("Hash1: " + binascii
.hexlify(hash1
))
6354 m
= hmac
.new(authkey
, s2
+ psk2
+ e_pk
+ r_pk
, hashlib
.sha256
)
6356 logger
.debug("Hash2: " + binascii
.hexlify(hash2
))
6357 return s1
,s2
,hash1
,hash2
6359 def build_m1(eap_id
, uuid_e
, mac_addr
, e_nonce
, e_pk
,
6360 manufacturer
='', model_name
='', config_methods
='\x00\x00'):
6361 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6362 attrs
+= build_attr_msg_type(WPS_M1
)
6363 attrs
+= build_wsc_attr(ATTR_UUID_E
, uuid_e
)
6364 attrs
+= build_wsc_attr(ATTR_MAC_ADDR
, mac_addr
)
6365 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6366 attrs
+= build_wsc_attr(ATTR_PUBLIC_KEY
, e_pk
)
6367 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE_FLAGS
, '\x00\x00')
6368 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE_FLAGS
, '\x00\x00')
6369 attrs
+= build_wsc_attr(ATTR_CONN_TYPE_FLAGS
, '\x00')
6370 attrs
+= build_wsc_attr(ATTR_CONFIG_METHODS
, config_methods
)
6371 attrs
+= build_wsc_attr(ATTR_WPS_STATE
, '\x00')
6372 attrs
+= build_wsc_attr(ATTR_MANUFACTURER
, manufacturer
)
6373 attrs
+= build_wsc_attr(ATTR_MODEL_NAME
, model_name
)
6374 attrs
+= build_wsc_attr(ATTR_MODEL_NUMBER
, '')
6375 attrs
+= build_wsc_attr(ATTR_SERIAL_NUMBER
, '')
6376 attrs
+= build_wsc_attr(ATTR_PRIMARY_DEV_TYPE
, 8*'\x00')
6377 attrs
+= build_wsc_attr(ATTR_DEV_NAME
, '')
6378 attrs
+= build_wsc_attr(ATTR_RF_BANDS
, '\x00')
6379 attrs
+= build_wsc_attr(ATTR_ASSOC_STATE
, '\x00\x00')
6380 attrs
+= build_wsc_attr(ATTR_DEV_PASSWORD_ID
, '\x00\x00')
6381 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, '\x00\x00')
6382 attrs
+= build_wsc_attr(ATTR_OS_VERSION
, '\x00\x00\x00\x00')
6383 m1
= build_eap_wsc(2, eap_id
, attrs
)
6386 def build_m2(authkey
, m1
, eap_id
, e_nonce
, r_nonce
, uuid_r
, r_pk
,
6387 dev_pw_id
='\x00\x00', eap_code
=1):
6388 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6389 attrs
+= build_attr_msg_type(WPS_M2
)
6391 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6393 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6394 attrs
+= build_wsc_attr(ATTR_UUID_R
, uuid_r
)
6396 attrs
+= build_wsc_attr(ATTR_PUBLIC_KEY
, r_pk
)
6397 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE_FLAGS
, '\x00\x00')
6398 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE_FLAGS
, '\x00\x00')
6399 attrs
+= build_wsc_attr(ATTR_CONN_TYPE_FLAGS
, '\x00')
6400 attrs
+= build_wsc_attr(ATTR_CONFIG_METHODS
, '\x00\x00')
6401 attrs
+= build_wsc_attr(ATTR_MANUFACTURER
, '')
6402 attrs
+= build_wsc_attr(ATTR_MODEL_NAME
, '')
6403 attrs
+= build_wsc_attr(ATTR_MODEL_NUMBER
, '')
6404 attrs
+= build_wsc_attr(ATTR_SERIAL_NUMBER
, '')
6405 attrs
+= build_wsc_attr(ATTR_PRIMARY_DEV_TYPE
, 8*'\x00')
6406 attrs
+= build_wsc_attr(ATTR_DEV_NAME
, '')
6407 attrs
+= build_wsc_attr(ATTR_RF_BANDS
, '\x00')
6408 attrs
+= build_wsc_attr(ATTR_ASSOC_STATE
, '\x00\x00')
6409 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, '\x00\x00')
6410 attrs
+= build_wsc_attr(ATTR_DEV_PASSWORD_ID
, dev_pw_id
)
6411 attrs
+= build_wsc_attr(ATTR_OS_VERSION
, '\x00\x00\x00\x00')
6412 attrs
+= build_attr_authenticator(authkey
, m1
, attrs
)
6413 m2
= build_eap_wsc(eap_code
, eap_id
, attrs
)
6416 def build_m2d(m1
, eap_id
, e_nonce
, r_nonce
, uuid_r
, dev_pw_id
=None, eap_code
=1):
6417 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6418 attrs
+= build_attr_msg_type(WPS_M2D
)
6419 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6420 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6421 attrs
+= build_wsc_attr(ATTR_UUID_R
, uuid_r
)
6422 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE_FLAGS
, '\x00\x00')
6423 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE_FLAGS
, '\x00\x00')
6424 attrs
+= build_wsc_attr(ATTR_CONN_TYPE_FLAGS
, '\x00')
6425 attrs
+= build_wsc_attr(ATTR_CONFIG_METHODS
, '\x00\x00')
6426 attrs
+= build_wsc_attr(ATTR_MANUFACTURER
, '')
6427 attrs
+= build_wsc_attr(ATTR_MODEL_NAME
, '')
6428 #attrs += build_wsc_attr(ATTR_MODEL_NUMBER, '')
6429 attrs
+= build_wsc_attr(ATTR_SERIAL_NUMBER
, '')
6430 attrs
+= build_wsc_attr(ATTR_PRIMARY_DEV_TYPE
, 8*'\x00')
6431 attrs
+= build_wsc_attr(ATTR_DEV_NAME
, '')
6432 attrs
+= build_wsc_attr(ATTR_RF_BANDS
, '\x00')
6433 attrs
+= build_wsc_attr(ATTR_ASSOC_STATE
, '\x00\x00')
6434 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, '\x00\x00')
6435 attrs
+= build_wsc_attr(ATTR_OS_VERSION
, '\x00\x00\x00\x00')
6437 attrs
+= build_wsc_attr(ATTR_DEV_PASSWORD_ID
, dev_pw_id
)
6438 m2d
= build_eap_wsc(eap_code
, eap_id
, attrs
)
6441 def build_ack(eap_id
, e_nonce
, r_nonce
, msg_type
=WPS_WSC_ACK
, eap_code
=1):
6442 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6443 if msg_type
is not None:
6444 attrs
+= build_attr_msg_type(msg_type
)
6446 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6448 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6449 msg
= build_eap_wsc(eap_code
, eap_id
, attrs
, opcode
=WSC_ACK
)
6452 def build_nack(eap_id
, e_nonce
, r_nonce
, config_error
='\x00\x00',
6453 msg_type
=WPS_WSC_NACK
, eap_code
=1):
6454 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6455 if msg_type
is not None:
6456 attrs
+= build_attr_msg_type(msg_type
)
6458 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6460 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6462 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, config_error
)
6463 msg
= build_eap_wsc(eap_code
, eap_id
, attrs
, opcode
=WSC_NACK
)
6466 def test_wps_ext(dev
, apdev
):
6467 """WPS against external implementation"""
6469 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6470 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6471 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6473 logger
.debug("Receive WSC/Start from AP")
6474 msg
= get_wsc_msg(hapd
)
6475 if msg
['wsc_opcode'] != WSC_Start
:
6476 raise Exception("Unexpected Op-Code for WSC/Start")
6477 wsc_start_id
= msg
['eap_identifier']
6479 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6482 own_private
, e_pk
= wsc_dh_init()
6484 logger
.debug("Send M1 to AP")
6485 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
6487 send_wsc_msg(hapd
, addr
, m1
)
6489 logger
.debug("Receive M2 from AP")
6490 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
6492 authkey
,keywrapkey
= wsc_dh_kdf(m2_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6494 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6495 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
,
6496 m2_attrs
[ATTR_PUBLIC_KEY
])
6498 logger
.debug("Send M3 to AP")
6499 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6500 attrs
+= build_attr_msg_type(WPS_M3
)
6501 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6502 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6503 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
6504 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
6505 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
6506 raw_m3_attrs
= attrs
6507 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
6508 send_wsc_msg(hapd
, addr
, m3
)
6510 logger
.debug("Receive M4 from AP")
6511 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
6513 logger
.debug("Send M5 to AP")
6514 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6515 attrs
+= build_attr_msg_type(WPS_M5
)
6516 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6517 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6518 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
6519 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6520 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
6521 raw_m5_attrs
= attrs
6522 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
6523 send_wsc_msg(hapd
, addr
, m5
)
6525 logger
.debug("Receive M6 from AP")
6526 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
6528 logger
.debug("Send M7 to AP")
6529 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6530 attrs
+= build_attr_msg_type(WPS_M7
)
6531 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6532 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6533 data
= build_wsc_attr(ATTR_E_SNONCE2
, e_s2
)
6534 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6535 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
6536 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
6537 raw_m7_attrs
= attrs
6538 send_wsc_msg(hapd
, addr
, m7
)
6540 logger
.debug("Receive M8 from AP")
6541 msg
, m8_attrs
, raw_m8_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M8
)
6542 m8_cred
= decrypt_attr_encr_settings(authkey
, keywrapkey
,
6543 m8_attrs
[ATTR_ENCR_SETTINGS
])
6544 logger
.debug("M8 Credential: " + binascii
.hexlify(m8_cred
))
6546 logger
.debug("Prepare WSC_Done")
6547 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6548 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
6549 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6550 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6551 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6552 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
6553 # Do not send WSC_Done yet to allow exchangw with STA complete before the
6559 eap_id
= wsc_start_id
6560 logger
.debug("Send WSC/Start to STA")
6561 wsc_start
= build_eap_wsc(1, eap_id
, "", opcode
=WSC_Start
)
6562 send_wsc_msg(dev
[0], bssid
, wsc_start
)
6563 eap_id
= (eap_id
+ 1) % 256
6565 logger
.debug("Receive M1 from STA")
6566 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
6568 authkey
,keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6569 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
6571 r_s1
,r_s2
,r_hash1
,r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
6572 m1_attrs
[ATTR_PUBLIC_KEY
], e_pk
)
6574 logger
.debug("Send M2 to STA")
6575 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
6576 m1_attrs
[ATTR_ENROLLEE_NONCE
],
6577 r_nonce
, uuid_r
, e_pk
)
6578 send_wsc_msg(dev
[0], bssid
, m2
)
6579 eap_id
= (eap_id
+ 1) % 256
6581 logger
.debug("Receive M3 from STA")
6582 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
6584 logger
.debug("Send M4 to STA")
6585 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6586 attrs
+= build_attr_msg_type(WPS_M4
)
6587 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
6588 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
6589 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
6590 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6591 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6592 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
6593 raw_m4_attrs
= attrs
6594 m4
= build_eap_wsc(1, eap_id
, attrs
)
6595 send_wsc_msg(dev
[0], bssid
, m4
)
6596 eap_id
= (eap_id
+ 1) % 256
6598 logger
.debug("Receive M5 from STA")
6599 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
6601 logger
.debug("Send M6 to STA")
6602 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6603 attrs
+= build_attr_msg_type(WPS_M6
)
6604 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6605 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6606 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
6607 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6608 attrs
+= build_attr_authenticator(authkey
, raw_m5_attrs
, attrs
)
6609 raw_m6_attrs
= attrs
6610 m6
= build_eap_wsc(1, eap_id
, attrs
)
6611 send_wsc_msg(dev
[0], bssid
, m6
)
6612 eap_id
= (eap_id
+ 1) % 256
6614 logger
.debug("Receive M7 from STA")
6615 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M7
)
6617 logger
.debug("Send M8 to STA")
6618 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6619 attrs
+= build_attr_msg_type(WPS_M8
)
6620 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6621 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6622 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, m8_cred
)
6623 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
6624 raw_m8_attrs
= attrs
6625 m8
= build_eap_wsc(1, eap_id
, attrs
)
6626 send_wsc_msg(dev
[0], bssid
, m8
)
6627 eap_id
= (eap_id
+ 1) % 256
6629 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=5)
6631 raise Exception("wpa_supplicant did not report credential")
6633 logger
.debug("Receive WSC_Done from STA")
6634 msg
= get_wsc_msg(dev
[0])
6635 if msg
['wsc_opcode'] != WSC_Done
or msg
['wsc_msg_type'] != WPS_WSC_DONE
:
6636 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
6638 logger
.debug("Send WSC_Done to AP")
6639 hapd
.request("SET ext_eapol_frame_io 0")
6640 dev
[0].request("SET ext_eapol_frame_io 0")
6641 send_wsc_msg(hapd
, addr
, wsc_done
)
6643 ev
= hapd
.wait_event(["WPS-REG-SUCCESS"], timeout
=5)
6645 raise Exception("hostapd did not report WPS success")
6647 dev
[0].wait_connected()
6649 def wps_start_kwa(dev
, apdev
):
6651 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6652 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6653 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6654 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
6656 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6659 own_private
, e_pk
= wsc_dh_init()
6661 logger
.debug("Receive M1 from STA")
6662 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
6663 eap_id
= (msg
['eap_identifier'] + 1) % 256
6665 authkey
,keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6666 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
6668 r_s1
,r_s2
,r_hash1
,r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
6669 m1_attrs
[ATTR_PUBLIC_KEY
], e_pk
)
6671 logger
.debug("Send M2 to STA")
6672 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
6673 m1_attrs
[ATTR_ENROLLEE_NONCE
],
6674 r_nonce
, uuid_r
, e_pk
)
6675 send_wsc_msg(dev
[0], bssid
, m2
)
6676 eap_id
= (eap_id
+ 1) % 256
6678 logger
.debug("Receive M3 from STA")
6679 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
6681 logger
.debug("Send M4 to STA")
6682 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6683 attrs
+= build_attr_msg_type(WPS_M4
)
6684 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
6685 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
6686 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
6688 return r_s1
, keywrapkey
, authkey
, raw_m3_attrs
, eap_id
, bssid
, attrs
6690 def wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
):
6691 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
6692 m4
= build_eap_wsc(1, eap_id
, attrs
)
6693 send_wsc_msg(dev
[0], bssid
, m4
)
6694 eap_id
= (eap_id
+ 1) % 256
6696 logger
.debug("Receive M5 from STA")
6697 msg
= get_wsc_msg(dev
[0])
6698 if msg
['wsc_opcode'] != WSC_NACK
:
6699 raise Exception("Unexpected message - expected WSC_Nack")
6701 dev
[0].request("WPS_CANCEL")
6702 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6703 dev
[0].wait_disconnected()
6705 def test_wps_ext_kwa_proto_no_kwa(dev
, apdev
):
6706 """WPS and KWA error: No KWA attribute"""
6707 r_s1
,keywrapkey
,authkey
,raw_m3_attrs
,eap_id
,bssid
,attrs
= wps_start_kwa(dev
, apdev
)
6708 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6709 # Encrypted Settings without KWA
6711 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6712 pad_len
= 16 - len(data
) % 16
6713 ps
= pad_len
* struct
.pack('B', pad_len
)
6715 wrapped
= aes
.encrypt(data
)
6716 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6717 wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
)
6719 def test_wps_ext_kwa_proto_data_after_kwa(dev
, apdev
):
6720 """WPS and KWA error: Data after KWA"""
6721 r_s1
,keywrapkey
,authkey
,raw_m3_attrs
,eap_id
,bssid
,attrs
= wps_start_kwa(dev
, apdev
)
6722 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6723 # Encrypted Settings and data after KWA
6724 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
6725 kwa
= m
.digest()[0:8]
6726 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
6727 data
+= build_wsc_attr(ATTR_VENDOR_EXT
, "1234567890")
6729 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6730 pad_len
= 16 - len(data
) % 16
6731 ps
= pad_len
* struct
.pack('B', pad_len
)
6733 wrapped
= aes
.encrypt(data
)
6734 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6735 wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
)
6737 def test_wps_ext_kwa_proto_kwa_mismatch(dev
, apdev
):
6738 """WPS and KWA error: KWA mismatch"""
6739 r_s1
,keywrapkey
,authkey
,raw_m3_attrs
,eap_id
,bssid
,attrs
= wps_start_kwa(dev
, apdev
)
6740 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6741 # Encrypted Settings and KWA with incorrect value
6742 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, 8*'\x00')
6744 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6745 pad_len
= 16 - len(data
) % 16
6746 ps
= pad_len
* struct
.pack('B', pad_len
)
6748 wrapped
= aes
.encrypt(data
)
6749 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6750 wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
)
6752 def wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=False, no_connect
=False):
6754 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6755 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6756 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6757 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
6759 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6762 own_private
, e_pk
= wsc_dh_init()
6764 logger
.debug("Receive M1 from STA")
6765 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
6766 eap_id
= (msg
['eap_identifier'] + 1) % 256
6768 authkey
,keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6769 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
6771 r_s1
,r_s2
,r_hash1
,r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
6772 m1_attrs
[ATTR_PUBLIC_KEY
], e_pk
)
6774 logger
.debug("Send M2 to STA")
6775 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
6776 m1_attrs
[ATTR_ENROLLEE_NONCE
],
6777 r_nonce
, uuid_r
, e_pk
)
6778 send_wsc_msg(dev
[0], bssid
, m2
)
6779 eap_id
= (eap_id
+ 1) % 256
6781 logger
.debug("Receive M3 from STA")
6782 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
6784 logger
.debug("Send M4 to STA")
6785 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6786 attrs
+= build_attr_msg_type(WPS_M4
)
6787 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
6788 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
6789 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
6790 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6791 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6792 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
6793 raw_m4_attrs
= attrs
6794 m4
= build_eap_wsc(1, eap_id
, attrs
)
6795 send_wsc_msg(dev
[0], bssid
, m4
)
6796 eap_id
= (eap_id
+ 1) % 256
6798 logger
.debug("Receive M5 from STA")
6799 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
6801 logger
.debug("Send M6 to STA")
6802 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6803 attrs
+= build_attr_msg_type(WPS_M6
)
6804 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6805 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6806 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
6807 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6808 attrs
+= build_attr_authenticator(authkey
, raw_m5_attrs
, attrs
)
6809 raw_m6_attrs
= attrs
6810 m6
= build_eap_wsc(1, eap_id
, attrs
)
6811 send_wsc_msg(dev
[0], bssid
, m6
)
6812 eap_id
= (eap_id
+ 1) % 256
6814 logger
.debug("Receive M7 from STA")
6815 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M7
)
6817 logger
.debug("Send M8 to STA")
6818 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6819 attrs
+= build_attr_msg_type(WPS_M8
)
6820 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6821 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6822 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, m8_cred
)
6823 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
6824 raw_m8_attrs
= attrs
6825 m8
= build_eap_wsc(1, eap_id
, attrs
)
6826 send_wsc_msg(dev
[0], bssid
, m8
)
6827 eap_id
= (eap_id
+ 1) % 256
6830 logger
.debug("Receive WSC_Done from STA")
6831 msg
= get_wsc_msg(dev
[0])
6832 if msg
['wsc_opcode'] != WSC_Done
or msg
['wsc_msg_type'] != WPS_WSC_DONE
:
6833 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
6835 hapd
.request("SET ext_eapol_frame_io 0")
6836 dev
[0].request("SET ext_eapol_frame_io 0")
6838 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6840 dev
[0].wait_disconnected()
6841 dev
[0].request("REMOVE_NETWORK all")
6843 logger
.debug("Receive WSC_Done from STA")
6844 msg
= get_wsc_msg(dev
[0])
6845 if msg
['wsc_opcode'] != WSC_Done
or msg
['wsc_msg_type'] != WPS_WSC_DONE
:
6846 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
6848 hapd
.request("SET ext_eapol_frame_io 0")
6849 dev
[0].request("SET ext_eapol_frame_io 0")
6851 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6853 dev
[0].wait_connected()
6855 # Verify STA NACK's the credential
6856 msg
= get_wsc_msg(dev
[0])
6857 if msg
['wsc_opcode'] != WSC_NACK
:
6858 raise Exception("Unexpected message - expected WSC_Nack")
6859 dev
[0].request("WPS_CANCEL")
6860 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6861 dev
[0].wait_disconnected()
6863 def build_cred(nw_idx
='\x01', ssid
='test-wps-conf', auth_type
='\x00\x20',
6864 encr_type
='\x00\x08', nw_key
="12345678",
6865 mac_addr
='\x00\x00\x00\x00\x00\x00'):
6867 if nw_idx
is not None:
6868 attrs
+= build_wsc_attr(ATTR_NETWORK_INDEX
, nw_idx
)
6869 if ssid
is not None:
6870 attrs
+= build_wsc_attr(ATTR_SSID
, ssid
)
6871 if auth_type
is not None:
6872 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE
, auth_type
)
6873 if encr_type
is not None:
6874 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE
, encr_type
)
6875 if nw_key
is not None:
6876 attrs
+= build_wsc_attr(ATTR_NETWORK_KEY
, nw_key
)
6877 if mac_addr
is not None:
6878 attrs
+= build_wsc_attr(ATTR_MAC_ADDR
, mac_addr
)
6879 return build_wsc_attr(ATTR_CRED
, attrs
)
6881 def test_wps_ext_cred_proto_success(dev
, apdev
):
6882 """WPS and Credential: success"""
6883 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6884 m8_cred
= build_cred(mac_addr
=mac_addr
)
6885 wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=True)
6887 def test_wps_ext_cred_proto_mac_addr_mismatch(dev
, apdev
):
6888 """WPS and Credential: MAC Address mismatch"""
6889 m8_cred
= build_cred()
6890 wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=True)
6892 def test_wps_ext_cred_proto_zero_padding(dev
, apdev
):
6893 """WPS and Credential: zeropadded attributes"""
6894 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6895 m8_cred
= build_cred(mac_addr
=mac_addr
, ssid
='test-wps-conf\x00',
6896 nw_key
="12345678\x00")
6897 wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=True)
6899 def test_wps_ext_cred_proto_ssid_missing(dev
, apdev
):
6900 """WPS and Credential: SSID missing"""
6901 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6902 m8_cred
= build_cred(mac_addr
=mac_addr
, ssid
=None)
6903 wps_run_cred_proto(dev
, apdev
, m8_cred
)
6905 def test_wps_ext_cred_proto_ssid_zero_len(dev
, apdev
):
6906 """WPS and Credential: Zero-length SSID"""
6907 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6908 m8_cred
= build_cred(mac_addr
=mac_addr
, ssid
="")
6909 wps_run_cred_proto(dev
, apdev
, m8_cred
, no_connect
=True)
6911 def test_wps_ext_cred_proto_auth_type_missing(dev
, apdev
):
6912 """WPS and Credential: Auth Type missing"""
6913 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6914 m8_cred
= build_cred(mac_addr
=mac_addr
, auth_type
=None)
6915 wps_run_cred_proto(dev
, apdev
, m8_cred
)
6917 def test_wps_ext_cred_proto_encr_type_missing(dev
, apdev
):
6918 """WPS and Credential: Encr Type missing"""
6919 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6920 m8_cred
= build_cred(mac_addr
=mac_addr
, encr_type
=None)
6921 wps_run_cred_proto(dev
, apdev
, m8_cred
)
6923 def test_wps_ext_cred_proto_network_key_missing(dev
, apdev
):
6924 """WPS and Credential: Network Key missing"""
6925 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6926 m8_cred
= build_cred(mac_addr
=mac_addr
, nw_key
=None)
6927 wps_run_cred_proto(dev
, apdev
, m8_cred
)
6929 def test_wps_ext_cred_proto_network_key_missing_open(dev
, apdev
):
6930 """WPS and Credential: Network Key missing (open)"""
6931 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6932 m8_cred
= build_cred(mac_addr
=mac_addr
, auth_type
='\x00\x01',
6933 encr_type
='\x00\x01', nw_key
=None, ssid
="foo")
6934 wps_run_cred_proto(dev
, apdev
, m8_cred
, no_connect
=True)
6936 def test_wps_ext_cred_proto_mac_addr_missing(dev
, apdev
):
6937 """WPS and Credential: MAC Address missing"""
6938 m8_cred
= build_cred(mac_addr
=None)
6939 wps_run_cred_proto(dev
, apdev
, m8_cred
)
6941 def test_wps_ext_cred_proto_invalid_encr_type(dev
, apdev
):
6942 """WPS and Credential: Invalid Encr Type"""
6943 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6944 m8_cred
= build_cred(mac_addr
=mac_addr
, encr_type
='\x00\x00')
6945 wps_run_cred_proto(dev
, apdev
, m8_cred
)
6947 def test_wps_ext_cred_proto_missing_cred(dev
, apdev
):
6948 """WPS and Credential: Missing Credential"""
6949 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6951 wps_run_cred_proto(dev
, apdev
, m8_cred
)
6953 def test_wps_ext_proto_m2_no_public_key(dev
, apdev
):
6954 """WPS and no Public Key in M2"""
6956 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6957 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6958 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6959 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
6961 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6964 own_private
, e_pk
= wsc_dh_init()
6966 logger
.debug("Receive M1 from STA")
6967 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
6968 eap_id
= (msg
['eap_identifier'] + 1) % 256
6970 authkey
,keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6971 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
6973 r_s1
,r_s2
,r_hash1
,r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
6974 m1_attrs
[ATTR_PUBLIC_KEY
], e_pk
)
6976 logger
.debug("Send M2 to STA")
6977 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
6978 m1_attrs
[ATTR_ENROLLEE_NONCE
],
6979 r_nonce
, uuid_r
, None)
6980 send_wsc_msg(dev
[0], bssid
, m2
)
6981 eap_id
= (eap_id
+ 1) % 256
6983 # Verify STA NACK's the credential
6984 msg
= get_wsc_msg(dev
[0])
6985 if msg
['wsc_opcode'] != WSC_NACK
:
6986 raise Exception("Unexpected message - expected WSC_Nack")
6987 dev
[0].request("WPS_CANCEL")
6988 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6989 dev
[0].wait_disconnected()
6991 def test_wps_ext_proto_m2_invalid_public_key(dev
, apdev
):
6992 """WPS and invalid Public Key in M2"""
6994 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6995 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6996 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6997 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
6999 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7002 own_private
, e_pk
= wsc_dh_init()
7004 logger
.debug("Receive M1 from STA")
7005 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7006 eap_id
= (msg
['eap_identifier'] + 1) % 256
7008 authkey
,keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7009 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7011 r_s1
,r_s2
,r_hash1
,r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7012 m1_attrs
[ATTR_PUBLIC_KEY
], e_pk
)
7014 logger
.debug("Send M2 to STA")
7015 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7016 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7017 r_nonce
, uuid_r
, 192*'\xff')
7018 send_wsc_msg(dev
[0], bssid
, m2
)
7019 eap_id
= (eap_id
+ 1) % 256
7021 # Verify STA NACK's the credential
7022 msg
= get_wsc_msg(dev
[0])
7023 if msg
['wsc_opcode'] != WSC_NACK
:
7024 raise Exception("Unexpected message - expected WSC_Nack")
7025 dev
[0].request("WPS_CANCEL")
7026 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7027 dev
[0].wait_disconnected()
7029 def test_wps_ext_proto_m2_public_key_oom(dev
, apdev
):
7030 """WPS and Public Key OOM in M2"""
7032 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7033 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7034 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7035 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7037 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7040 own_private
, e_pk
= wsc_dh_init()
7042 logger
.debug("Receive M1 from STA")
7043 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7044 eap_id
= (msg
['eap_identifier'] + 1) % 256
7046 authkey
,keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7047 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7049 r_s1
,r_s2
,r_hash1
,r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7050 m1_attrs
[ATTR_PUBLIC_KEY
], e_pk
)
7052 logger
.debug("Send M2 to STA")
7053 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7054 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7055 r_nonce
, uuid_r
, e_pk
)
7056 with
alloc_fail(dev
[0], 1, "wpabuf_alloc_copy;wps_process_pubkey"):
7057 send_wsc_msg(dev
[0], bssid
, m2
)
7058 eap_id
= (eap_id
+ 1) % 256
7060 # Verify STA NACK's the credential
7061 msg
= get_wsc_msg(dev
[0])
7062 if msg
['wsc_opcode'] != WSC_NACK
:
7063 raise Exception("Unexpected message - expected WSC_Nack")
7064 dev
[0].request("WPS_CANCEL")
7065 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7066 dev
[0].wait_disconnected()
7068 def test_wps_ext_proto_nack_m3(dev
, apdev
):
7069 """WPS and NACK M3"""
7071 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7072 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7073 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7074 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7076 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7079 own_private
, e_pk
= wsc_dh_init()
7081 logger
.debug("Receive M1 from STA")
7082 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7083 eap_id
= (msg
['eap_identifier'] + 1) % 256
7085 authkey
,keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7086 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7088 r_s1
,r_s2
,r_hash1
,r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7089 m1_attrs
[ATTR_PUBLIC_KEY
], e_pk
)
7091 logger
.debug("Send M2 to STA")
7092 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7093 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7094 r_nonce
, uuid_r
, e_pk
)
7095 send_wsc_msg(dev
[0], bssid
, m2
)
7096 eap_id
= (eap_id
+ 1) % 256
7098 logger
.debug("Receive M3 from STA")
7099 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7101 logger
.debug("Send NACK to STA")
7102 msg
, attrs
= build_nack(eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7103 r_nonce
, config_error
='\x01\x23')
7104 send_wsc_msg(dev
[0], bssid
, msg
)
7105 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=5)
7107 raise Exception("Failure not reported")
7108 if "msg=7 config_error=291" not in ev
:
7109 raise Exception("Unexpected failure reason: " + ev
)
7111 def test_wps_ext_proto_nack_m5(dev
, apdev
):
7112 """WPS and NACK M5"""
7114 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7115 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7116 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7117 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7119 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7122 own_private
, e_pk
= wsc_dh_init()
7124 logger
.debug("Receive M1 from STA")
7125 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7126 eap_id
= (msg
['eap_identifier'] + 1) % 256
7128 authkey
,keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7129 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7131 r_s1
,r_s2
,r_hash1
,r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7132 m1_attrs
[ATTR_PUBLIC_KEY
], e_pk
)
7134 logger
.debug("Send M2 to STA")
7135 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7136 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7137 r_nonce
, uuid_r
, e_pk
)
7138 send_wsc_msg(dev
[0], bssid
, m2
)
7139 eap_id
= (eap_id
+ 1) % 256
7141 logger
.debug("Receive M3 from STA")
7142 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7144 logger
.debug("Send M4 to STA")
7145 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7146 attrs
+= build_attr_msg_type(WPS_M4
)
7147 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
7148 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7149 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7150 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7151 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7152 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
7153 raw_m4_attrs
= attrs
7154 m4
= build_eap_wsc(1, eap_id
, attrs
)
7155 send_wsc_msg(dev
[0], bssid
, m4
)
7156 eap_id
= (eap_id
+ 1) % 256
7158 logger
.debug("Receive M5 from STA")
7159 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
7161 logger
.debug("Send NACK to STA")
7162 msg
, attrs
= build_nack(eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7163 r_nonce
, config_error
='\x01\x24')
7164 send_wsc_msg(dev
[0], bssid
, msg
)
7165 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=5)
7167 raise Exception("Failure not reported")
7168 if "msg=9 config_error=292" not in ev
:
7169 raise Exception("Unexpected failure reason: " + ev
)
7171 def wps_nack_m3(dev
, apdev
):
7173 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
7174 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7175 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7176 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7178 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7181 own_private
, e_pk
= wsc_dh_init()
7183 logger
.debug("Receive M1 from STA")
7184 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7185 eap_id
= (msg
['eap_identifier'] + 1) % 256
7187 authkey
,keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7188 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7190 r_s1
,r_s2
,r_hash1
,r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7191 m1_attrs
[ATTR_PUBLIC_KEY
], e_pk
)
7193 logger
.debug("Send M2 to STA")
7194 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7195 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7196 r_nonce
, uuid_r
, e_pk
, dev_pw_id
='\x00\x04')
7197 send_wsc_msg(dev
[0], bssid
, m2
)
7198 eap_id
= (eap_id
+ 1) % 256
7200 logger
.debug("Receive M3 from STA")
7201 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7202 return eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
], r_nonce
, bssid
7204 def test_wps_ext_proto_nack_m3_no_config_error(dev
, apdev
):
7205 """WPS and NACK M3 missing Config Error"""
7206 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7207 logger
.debug("Send NACK to STA")
7208 msg
, attrs
= build_nack(eap_id
, e_nonce
, r_nonce
, config_error
=None)
7209 send_wsc_msg(dev
[0], bssid
, msg
)
7210 dev
[0].request("WPS_CANCEL")
7211 dev
[0].wait_disconnected()
7212 dev
[0].flush_scan_cache()
7214 def test_wps_ext_proto_nack_m3_no_e_nonce(dev
, apdev
):
7215 """WPS and NACK M3 missing E-Nonce"""
7216 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7217 logger
.debug("Send NACK to STA")
7218 msg
, attrs
= build_nack(eap_id
, None, r_nonce
)
7219 send_wsc_msg(dev
[0], bssid
, msg
)
7220 dev
[0].request("WPS_CANCEL")
7221 dev
[0].wait_disconnected()
7222 dev
[0].flush_scan_cache()
7224 def test_wps_ext_proto_nack_m3_e_nonce_mismatch(dev
, apdev
):
7225 """WPS and NACK M3 E-Nonce mismatch"""
7226 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7227 logger
.debug("Send NACK to STA")
7228 msg
, attrs
= build_nack(eap_id
, 16*'\x00', r_nonce
)
7229 send_wsc_msg(dev
[0], bssid
, msg
)
7230 dev
[0].request("WPS_CANCEL")
7231 dev
[0].wait_disconnected()
7232 dev
[0].flush_scan_cache()
7234 def test_wps_ext_proto_nack_m3_no_r_nonce(dev
, apdev
):
7235 """WPS and NACK M3 missing R-Nonce"""
7236 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7237 logger
.debug("Send NACK to STA")
7238 msg
, attrs
= build_nack(eap_id
, e_nonce
, None)
7239 send_wsc_msg(dev
[0], bssid
, msg
)
7240 dev
[0].request("WPS_CANCEL")
7241 dev
[0].wait_disconnected()
7242 dev
[0].flush_scan_cache()
7244 def test_wps_ext_proto_nack_m3_r_nonce_mismatch(dev
, apdev
):
7245 """WPS and NACK M3 R-Nonce mismatch"""
7246 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7247 logger
.debug("Send NACK to STA")
7248 msg
, attrs
= build_nack(eap_id
, e_nonce
, 16*'\x00')
7249 send_wsc_msg(dev
[0], bssid
, msg
)
7250 dev
[0].request("WPS_CANCEL")
7251 dev
[0].wait_disconnected()
7252 dev
[0].flush_scan_cache()
7254 def test_wps_ext_proto_nack_m3_no_msg_type(dev
, apdev
):
7255 """WPS and NACK M3 no Message Type"""
7256 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7257 logger
.debug("Send NACK to STA")
7258 msg
, attrs
= build_nack(eap_id
, e_nonce
, r_nonce
, msg_type
=None)
7259 send_wsc_msg(dev
[0], bssid
, msg
)
7260 dev
[0].request("WPS_CANCEL")
7261 dev
[0].wait_disconnected()
7262 dev
[0].flush_scan_cache()
7264 def test_wps_ext_proto_nack_m3_invalid_msg_type(dev
, apdev
):
7265 """WPS and NACK M3 invalid Message Type"""
7266 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7267 logger
.debug("Send NACK to STA")
7268 msg
, attrs
= build_nack(eap_id
, e_nonce
, r_nonce
, msg_type
=123)
7269 send_wsc_msg(dev
[0], bssid
, msg
)
7270 dev
[0].request("WPS_CANCEL")
7271 dev
[0].wait_disconnected()
7272 dev
[0].flush_scan_cache()
7274 def test_wps_ext_proto_nack_m3_invalid_attr(dev
, apdev
):
7275 """WPS and NACK M3 invalid attribute"""
7276 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7277 logger
.debug("Send NACK to STA")
7278 attrs
= '\x10\x10\x00'
7279 msg
= build_eap_wsc(1, eap_id
, attrs
, opcode
=WSC_NACK
)
7280 send_wsc_msg(dev
[0], bssid
, msg
)
7281 dev
[0].request("WPS_CANCEL")
7282 dev
[0].wait_disconnected()
7283 dev
[0].flush_scan_cache()
7285 def test_wps_ext_proto_ack_m3_no_e_nonce(dev
, apdev
):
7286 """WPS and ACK M3 missing E-Nonce"""
7287 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7288 logger
.debug("Send NACK to STA")
7289 msg
, attrs
= build_ack(eap_id
, None, r_nonce
)
7290 send_wsc_msg(dev
[0], bssid
, msg
)
7291 dev
[0].request("WPS_CANCEL")
7292 dev
[0].wait_disconnected()
7293 dev
[0].flush_scan_cache()
7295 def test_wps_ext_proto_ack_m3_e_nonce_mismatch(dev
, apdev
):
7296 """WPS and ACK M3 E-Nonce mismatch"""
7297 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7298 logger
.debug("Send NACK to STA")
7299 msg
, attrs
= build_ack(eap_id
, 16*'\x00', r_nonce
)
7300 send_wsc_msg(dev
[0], bssid
, msg
)
7301 dev
[0].request("WPS_CANCEL")
7302 dev
[0].wait_disconnected()
7303 dev
[0].flush_scan_cache()
7305 def test_wps_ext_proto_ack_m3_no_r_nonce(dev
, apdev
):
7306 """WPS and ACK M3 missing R-Nonce"""
7307 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7308 logger
.debug("Send NACK to STA")
7309 msg
, attrs
= build_ack(eap_id
, e_nonce
, None)
7310 send_wsc_msg(dev
[0], bssid
, msg
)
7311 dev
[0].request("WPS_CANCEL")
7312 dev
[0].wait_disconnected()
7313 dev
[0].flush_scan_cache()
7315 def test_wps_ext_proto_ack_m3_r_nonce_mismatch(dev
, apdev
):
7316 """WPS and ACK M3 R-Nonce mismatch"""
7317 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7318 logger
.debug("Send NACK to STA")
7319 msg
, attrs
= build_ack(eap_id
, e_nonce
, 16*'\x00')
7320 send_wsc_msg(dev
[0], bssid
, msg
)
7321 dev
[0].request("WPS_CANCEL")
7322 dev
[0].wait_disconnected()
7323 dev
[0].flush_scan_cache()
7325 def test_wps_ext_proto_ack_m3_no_msg_type(dev
, apdev
):
7326 """WPS and ACK M3 no Message Type"""
7327 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7328 logger
.debug("Send NACK to STA")
7329 msg
, attrs
= build_ack(eap_id
, e_nonce
, r_nonce
, msg_type
=None)
7330 send_wsc_msg(dev
[0], bssid
, msg
)
7331 dev
[0].request("WPS_CANCEL")
7332 dev
[0].wait_disconnected()
7333 dev
[0].flush_scan_cache()
7335 def test_wps_ext_proto_ack_m3_invalid_msg_type(dev
, apdev
):
7336 """WPS and ACK M3 invalid Message Type"""
7337 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7338 logger
.debug("Send NACK to STA")
7339 msg
, attrs
= build_ack(eap_id
, e_nonce
, r_nonce
, msg_type
=123)
7340 send_wsc_msg(dev
[0], bssid
, msg
)
7341 dev
[0].request("WPS_CANCEL")
7342 dev
[0].wait_disconnected()
7343 dev
[0].flush_scan_cache()
7345 def test_wps_ext_proto_ack_m3_invalid_attr(dev
, apdev
):
7346 """WPS and ACK M3 invalid attribute"""
7347 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7348 logger
.debug("Send ACK to STA")
7349 attrs
= '\x10\x10\x00'
7350 msg
= build_eap_wsc(1, eap_id
, attrs
, opcode
=WSC_ACK
)
7351 send_wsc_msg(dev
[0], bssid
, msg
)
7352 dev
[0].request("WPS_CANCEL")
7353 dev
[0].wait_disconnected()
7354 dev
[0].flush_scan_cache()
7356 def test_wps_ext_proto_ack_m3(dev
, apdev
):
7357 """WPS and ACK M3"""
7358 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7359 logger
.debug("Send ACK to STA")
7360 msg
, attrs
= build_ack(eap_id
, e_nonce
, r_nonce
)
7361 send_wsc_msg(dev
[0], bssid
, msg
)
7362 dev
[0].request("WPS_CANCEL")
7363 dev
[0].wait_disconnected()
7364 dev
[0].flush_scan_cache()
7366 def wps_to_m3_helper(dev
, apdev
):
7368 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7369 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7370 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7371 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7373 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7376 own_private
, e_pk
= wsc_dh_init()
7378 logger
.debug("Receive M1 from STA")
7379 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7380 eap_id
= (msg
['eap_identifier'] + 1) % 256
7382 authkey
,keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7383 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7385 r_s1
,r_s2
,r_hash1
,r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7386 m1_attrs
[ATTR_PUBLIC_KEY
], e_pk
)
7388 logger
.debug("Send M2 to STA")
7389 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7390 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7391 r_nonce
, uuid_r
, e_pk
)
7392 send_wsc_msg(dev
[0], bssid
, m2
)
7393 eap_id
= (eap_id
+ 1) % 256
7395 logger
.debug("Receive M3 from STA")
7396 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7397 return eap_id
, m1_attrs
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, r_s2
, raw_m3_attrs
, authkey
, keywrapkey
7399 def wps_to_m3(dev
, apdev
):
7400 eap_id
, m1_attrs
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, r_s2
, raw_m3_attrs
, authkey
, keywrapkey
= wps_to_m3_helper(dev
, apdev
)
7401 return eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
], r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, raw_m3_attrs
, authkey
, keywrapkey
7403 def wps_to_m5(dev
, apdev
):
7404 eap_id
, m1_attrs
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, r_s2
, raw_m3_attrs
, authkey
, keywrapkey
= wps_to_m3_helper(dev
, apdev
)
7406 logger
.debug("Send M4 to STA")
7407 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7408 attrs
+= build_attr_msg_type(WPS_M4
)
7409 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
7410 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7411 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7412 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7413 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7414 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
7415 raw_m4_attrs
= attrs
7416 m4
= build_eap_wsc(1, eap_id
, attrs
)
7417 send_wsc_msg(dev
[0], bssid
, m4
)
7418 eap_id
= (eap_id
+ 1) % 256
7420 logger
.debug("Receive M5 from STA")
7421 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
7423 return eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
], r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, raw_m5_attrs
, authkey
, keywrapkey
7425 def test_wps_ext_proto_m4_missing_r_hash1(dev
, apdev
):
7426 """WPS and no R-Hash1 in M4"""
7427 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7429 logger
.debug("Send M4 to STA")
7430 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7431 attrs
+= build_attr_msg_type(WPS_M4
)
7432 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7433 #attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
7434 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7435 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7436 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7437 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7438 m4
= build_eap_wsc(1, eap_id
, attrs
)
7439 send_wsc_msg(dev
[0], bssid
, m4
)
7440 eap_id
= (eap_id
+ 1) % 256
7442 logger
.debug("Receive M5 (NACK) from STA")
7443 msg
= get_wsc_msg(dev
[0])
7444 if msg
['wsc_opcode'] != WSC_NACK
:
7445 raise Exception("Unexpected message - expected WSC_Nack")
7447 dev
[0].request("WPS_CANCEL")
7448 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7449 dev
[0].wait_disconnected()
7451 def test_wps_ext_proto_m4_missing_r_hash2(dev
, apdev
):
7452 """WPS and no R-Hash2 in M4"""
7453 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7455 logger
.debug("Send M4 to STA")
7456 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7457 attrs
+= build_attr_msg_type(WPS_M4
)
7458 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7459 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7460 #attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
7461 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7462 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7463 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7464 m4
= build_eap_wsc(1, eap_id
, attrs
)
7465 send_wsc_msg(dev
[0], bssid
, m4
)
7466 eap_id
= (eap_id
+ 1) % 256
7468 logger
.debug("Receive M5 (NACK) from STA")
7469 msg
= get_wsc_msg(dev
[0])
7470 if msg
['wsc_opcode'] != WSC_NACK
:
7471 raise Exception("Unexpected message - expected WSC_Nack")
7473 dev
[0].request("WPS_CANCEL")
7474 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7475 dev
[0].wait_disconnected()
7477 def test_wps_ext_proto_m4_missing_r_snonce1(dev
, apdev
):
7478 """WPS and no R-SNonce1 in M4"""
7479 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7481 logger
.debug("Send M4 to STA")
7482 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7483 attrs
+= build_attr_msg_type(WPS_M4
)
7484 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7485 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7486 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7487 #data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
7489 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7490 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7491 m4
= build_eap_wsc(1, eap_id
, attrs
)
7492 send_wsc_msg(dev
[0], bssid
, m4
)
7493 eap_id
= (eap_id
+ 1) % 256
7495 logger
.debug("Receive M5 (NACK) from STA")
7496 msg
= get_wsc_msg(dev
[0])
7497 if msg
['wsc_opcode'] != WSC_NACK
:
7498 raise Exception("Unexpected message - expected WSC_Nack")
7500 dev
[0].request("WPS_CANCEL")
7501 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7502 dev
[0].wait_disconnected()
7504 def test_wps_ext_proto_m4_invalid_pad_string(dev
, apdev
):
7505 """WPS and invalid pad string in M4"""
7506 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7508 logger
.debug("Send M4 to STA")
7509 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7510 attrs
+= build_attr_msg_type(WPS_M4
)
7511 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7512 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7513 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7514 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7516 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
7517 kwa
= m
.digest()[0:8]
7518 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
7520 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
7521 pad_len
= 16 - len(data
) % 16
7522 ps
= (pad_len
- 1) * struct
.pack('B', pad_len
) + struct
.pack('B', pad_len
- 1)
7524 wrapped
= aes
.encrypt(data
)
7525 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
7527 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7528 m4
= build_eap_wsc(1, eap_id
, attrs
)
7529 send_wsc_msg(dev
[0], bssid
, m4
)
7530 eap_id
= (eap_id
+ 1) % 256
7532 logger
.debug("Receive M5 (NACK) from STA")
7533 msg
= get_wsc_msg(dev
[0])
7534 if msg
['wsc_opcode'] != WSC_NACK
:
7535 raise Exception("Unexpected message - expected WSC_Nack")
7537 dev
[0].request("WPS_CANCEL")
7538 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7539 dev
[0].wait_disconnected()
7541 def test_wps_ext_proto_m4_invalid_pad_value(dev
, apdev
):
7542 """WPS and invalid pad value in M4"""
7543 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7545 logger
.debug("Send M4 to STA")
7546 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7547 attrs
+= build_attr_msg_type(WPS_M4
)
7548 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7549 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7550 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7551 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7553 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
7554 kwa
= m
.digest()[0:8]
7555 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
7557 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
7558 pad_len
= 16 - len(data
) % 16
7559 ps
= (pad_len
- 1) * struct
.pack('B', pad_len
) + struct
.pack('B', 255)
7561 wrapped
= aes
.encrypt(data
)
7562 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
7564 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7565 m4
= build_eap_wsc(1, eap_id
, attrs
)
7566 send_wsc_msg(dev
[0], bssid
, m4
)
7567 eap_id
= (eap_id
+ 1) % 256
7569 logger
.debug("Receive M5 (NACK) from STA")
7570 msg
= get_wsc_msg(dev
[0])
7571 if msg
['wsc_opcode'] != WSC_NACK
:
7572 raise Exception("Unexpected message - expected WSC_Nack")
7574 dev
[0].request("WPS_CANCEL")
7575 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7576 dev
[0].wait_disconnected()
7578 def test_wps_ext_proto_m4_no_encr_settings(dev
, apdev
):
7579 """WPS and no Encr Settings in M4"""
7580 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7582 logger
.debug("Send M4 to STA")
7583 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7584 attrs
+= build_attr_msg_type(WPS_M4
)
7585 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7586 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7587 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7588 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7589 m4
= build_eap_wsc(1, eap_id
, attrs
)
7590 send_wsc_msg(dev
[0], bssid
, m4
)
7591 eap_id
= (eap_id
+ 1) % 256
7593 logger
.debug("Receive M5 (NACK) from STA")
7594 msg
= get_wsc_msg(dev
[0])
7595 if msg
['wsc_opcode'] != WSC_NACK
:
7596 raise Exception("Unexpected message - expected WSC_Nack")
7598 dev
[0].request("WPS_CANCEL")
7599 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7600 dev
[0].wait_disconnected()
7602 def test_wps_ext_proto_m6_missing_r_snonce2(dev
, apdev
):
7603 """WPS and no R-SNonce2 in M6"""
7604 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, m5
, authkey
, keywrapkey
= wps_to_m5(dev
, apdev
)
7606 logger
.debug("Send M6 to STA")
7607 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7608 attrs
+= build_attr_msg_type(WPS_M6
)
7609 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7610 #data = build_wsc_attr(ATTR_R_SNONCE2, r_s2)
7612 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7613 attrs
+= build_attr_authenticator(authkey
, m5
, attrs
)
7614 m6
= build_eap_wsc(1, eap_id
, attrs
)
7615 send_wsc_msg(dev
[0], bssid
, m6
)
7616 eap_id
= (eap_id
+ 1) % 256
7618 logger
.debug("Receive M7 (NACK) from STA")
7619 msg
= get_wsc_msg(dev
[0])
7620 if msg
['wsc_opcode'] != WSC_NACK
:
7621 raise Exception("Unexpected message - expected WSC_Nack")
7623 dev
[0].request("WPS_CANCEL")
7624 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7625 dev
[0].wait_disconnected()
7627 def test_wps_ext_proto_m6_no_encr_settings(dev
, apdev
):
7628 """WPS and no Encr Settings in M6"""
7629 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, m5
, authkey
, keywrapkey
= wps_to_m5(dev
, apdev
)
7631 logger
.debug("Send M6 to STA")
7632 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7633 attrs
+= build_attr_msg_type(WPS_M6
)
7634 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7635 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
7636 #attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7637 attrs
+= build_attr_authenticator(authkey
, m5
, attrs
)
7638 m6
= build_eap_wsc(1, eap_id
, attrs
)
7639 send_wsc_msg(dev
[0], bssid
, m6
)
7640 eap_id
= (eap_id
+ 1) % 256
7642 logger
.debug("Receive M7 (NACK) from STA")
7643 msg
= get_wsc_msg(dev
[0])
7644 if msg
['wsc_opcode'] != WSC_NACK
:
7645 raise Exception("Unexpected message - expected WSC_Nack")
7647 dev
[0].request("WPS_CANCEL")
7648 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7649 dev
[0].wait_disconnected()
7651 def test_wps_ext_proto_m8_no_encr_settings(dev
, apdev
):
7652 """WPS and no Encr Settings in M6"""
7653 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, m5
, authkey
, keywrapkey
= wps_to_m5(dev
, apdev
)
7655 logger
.debug("Send M6 to STA")
7656 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7657 attrs
+= build_attr_msg_type(WPS_M6
)
7658 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7659 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
7660 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7661 attrs
+= build_attr_authenticator(authkey
, m5
, attrs
)
7662 raw_m6_attrs
= attrs
7663 m6
= build_eap_wsc(1, eap_id
, attrs
)
7664 send_wsc_msg(dev
[0], bssid
, m6
)
7665 eap_id
= (eap_id
+ 1) % 256
7667 logger
.debug("Receive M7 from STA")
7668 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M7
)
7670 logger
.debug("Send M8 to STA")
7671 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7672 attrs
+= build_attr_msg_type(WPS_M8
)
7673 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7674 #attrs += build_attr_encr_settings(authkey, keywrapkey, m8_cred)
7675 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
7676 raw_m8_attrs
= attrs
7677 m8
= build_eap_wsc(1, eap_id
, attrs
)
7678 send_wsc_msg(dev
[0], bssid
, m8
)
7680 logger
.debug("Receive WSC_Done (NACK) from STA")
7681 msg
= get_wsc_msg(dev
[0])
7682 if msg
['wsc_opcode'] != WSC_NACK
:
7683 raise Exception("Unexpected message - expected WSC_Nack")
7685 dev
[0].request("WPS_CANCEL")
7686 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7687 dev
[0].wait_disconnected()
7689 def wps_start_ext_reg(apdev
, dev
):
7690 addr
= dev
.own_addr()
7691 bssid
= apdev
['bssid']
7692 ssid
= "test-wps-conf"
7694 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
7695 "wpa_passphrase": "12345678", "wpa": "2",
7696 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
7698 hapd
= hostapd
.add_ap(apdev
, params
)
7700 dev
.scan_for_bss(bssid
, freq
="2412")
7701 hapd
.request("SET ext_eapol_frame_io 1")
7702 dev
.request("SET ext_eapol_frame_io 1")
7704 dev
.request("WPS_REG " + bssid
+ " " + appin
)
7706 return addr
,bssid
,hapd
7708 def wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, success
):
7709 addr
,bssid
,hapd
= wps_start_ext_reg(apdev
[0], dev
[0])
7710 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7711 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7713 logger
.debug("Receive M1 from AP")
7714 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M1
)
7715 mac_addr
= m1_attrs
[ATTR_MAC_ADDR
]
7716 e_nonce
= m1_attrs
[ATTR_ENROLLEE_NONCE
]
7717 e_pk
= m1_attrs
[ATTR_PUBLIC_KEY
]
7722 own_private
, r_pk
= wsc_dh_init()
7723 authkey
,keywrapkey
= wsc_dh_kdf(e_pk
, own_private
, mac_addr
, e_nonce
,
7725 r_s1
,r_s2
,r_hash1
,r_hash2
= wsc_dev_pw_hash(authkey
, appin
, e_pk
, r_pk
)
7727 logger
.debug("Send M2 to AP")
7728 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, msg
['eap_identifier'],
7729 e_nonce
, r_nonce
, uuid_r
, r_pk
, eap_code
=2)
7730 send_wsc_msg(hapd
, addr
, m2
)
7732 logger
.debug("Receive M3 from AP")
7733 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M3
)
7735 logger
.debug("Send M4 to AP")
7736 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7737 attrs
+= build_attr_msg_type(WPS_M4
)
7738 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7739 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7740 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7741 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7742 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7743 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
7744 raw_m4_attrs
= attrs
7745 m4
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7746 send_wsc_msg(hapd
, addr
, m4
)
7748 logger
.debug("Receive M5 from AP")
7749 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M5
)
7751 logger
.debug("Send M6 to STA")
7752 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7753 attrs
+= build_attr_msg_type(WPS_M6
)
7754 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7755 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
7756 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7757 attrs
+= build_attr_authenticator(authkey
, raw_m5_attrs
, attrs
)
7758 raw_m6_attrs
= attrs
7759 m6
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7760 send_wsc_msg(hapd
, addr
, m6
)
7762 logger
.debug("Receive M7 from AP")
7763 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M7
)
7765 logger
.debug("Send M8 to STA")
7766 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7767 attrs
+= build_attr_msg_type(WPS_M8
)
7768 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7770 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, ap_settings
)
7771 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
7772 raw_m8_attrs
= attrs
7773 m8
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7774 send_wsc_msg(hapd
, addr
, m8
)
7777 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=5)
7779 raise Exception("New AP settings not reported")
7780 logger
.debug("Receive WSC_Done from AP")
7781 msg
= get_wsc_msg(hapd
)
7782 if msg
['wsc_opcode'] != WSC_Done
:
7783 raise Exception("Unexpected message - expected WSC_Done")
7785 logger
.debug("Send WSC_ACK to AP")
7786 ack
,attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
,
7788 send_wsc_msg(hapd
, addr
, ack
)
7789 dev
[0].wait_disconnected()
7791 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
7793 raise Exception("WPS failure not reported")
7794 logger
.debug("Receive WSC_NACK from AP")
7795 msg
= get_wsc_msg(hapd
)
7796 if msg
['wsc_opcode'] != WSC_NACK
:
7797 raise Exception("Unexpected message - expected WSC_NACK")
7799 logger
.debug("Send WSC_NACK to AP")
7800 nack
,attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
7802 send_wsc_msg(hapd
, addr
, nack
)
7803 dev
[0].wait_disconnected()
7805 def test_wps_ext_ap_settings_success(dev
, apdev
):
7806 """WPS and AP Settings: success"""
7807 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
7808 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
7809 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
7810 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x01')
7811 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
7812 ap_settings
+= build_wsc_attr(ATTR_MAC_ADDR
, binascii
.unhexlify(apdev
[0]['bssid'].replace(':', '')))
7813 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, True)
7816 def test_wps_ext_ap_settings_missing(dev
, apdev
):
7817 """WPS and AP Settings: missing"""
7818 wps_run_ap_settings_proto(dev
, apdev
, None, False)
7821 def test_wps_ext_ap_settings_mac_addr_mismatch(dev
, apdev
):
7822 """WPS and AP Settings: MAC Address mismatch"""
7823 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
7824 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
7825 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
7826 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x01')
7827 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
7828 ap_settings
+= build_wsc_attr(ATTR_MAC_ADDR
, '\x00\x00\x00\x00\x00\x00')
7829 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, True)
7832 def test_wps_ext_ap_settings_mac_addr_missing(dev
, apdev
):
7833 """WPS and AP Settings: missing MAC Address"""
7834 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
7835 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
7836 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
7837 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x01')
7838 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
7839 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, False)
7842 def test_wps_ext_ap_settings_reject_encr_type(dev
, apdev
):
7843 """WPS and AP Settings: reject Encr Type"""
7844 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
7845 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
7846 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
7847 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x00')
7848 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
7849 ap_settings
+= build_wsc_attr(ATTR_MAC_ADDR
, binascii
.unhexlify(apdev
[0]['bssid'].replace(':', '')))
7850 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, False)
7853 def test_wps_ext_ap_settings_m2d(dev
, apdev
):
7854 """WPS and AP Settings: M2D"""
7855 addr
,bssid
,hapd
= wps_start_ext_reg(apdev
[0], dev
[0])
7856 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7857 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7859 logger
.debug("Receive M1 from AP")
7860 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M1
)
7861 e_nonce
= m1_attrs
[ATTR_ENROLLEE_NONCE
]
7866 logger
.debug("Send M2D to AP")
7867 m2d
, raw_m2d_attrs
= build_m2d(raw_m1_attrs
, msg
['eap_identifier'],
7868 e_nonce
, r_nonce
, uuid_r
,
7869 dev_pw_id
='\x00\x00', eap_code
=2)
7870 send_wsc_msg(hapd
, addr
, m2d
)
7872 ev
= hapd
.wait_event(["WPS-M2D"], timeout
=5)
7874 raise Exception("M2D not reported")
7876 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
7878 def wps_wait_ap_nack(hapd
, dev
, e_nonce
, r_nonce
):
7879 logger
.debug("Receive WSC_NACK from AP")
7880 msg
= get_wsc_msg(hapd
)
7881 if msg
['wsc_opcode'] != WSC_NACK
:
7882 raise Exception("Unexpected message - expected WSC_NACK")
7884 logger
.debug("Send WSC_NACK to AP")
7885 nack
,attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
7887 send_wsc_msg(hapd
, dev
.own_addr(), nack
)
7888 dev
.wait_disconnected()
7891 def test_wps_ext_m3_missing_e_hash1(dev
, apdev
):
7892 """WPS proto: M3 missing E-Hash1"""
7894 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7895 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7896 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7898 logger
.debug("Receive WSC/Start from AP")
7899 msg
= get_wsc_msg(hapd
)
7900 if msg
['wsc_opcode'] != WSC_Start
:
7901 raise Exception("Unexpected Op-Code for WSC/Start")
7903 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7906 own_private
, e_pk
= wsc_dh_init()
7908 logger
.debug("Send M1 to AP")
7909 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
7911 send_wsc_msg(hapd
, addr
, m1
)
7913 logger
.debug("Receive M2 from AP")
7914 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
7915 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
7916 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
7918 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
7920 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
7922 logger
.debug("Send M3 to AP")
7923 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7924 attrs
+= build_attr_msg_type(WPS_M3
)
7925 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
7926 #attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
7927 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
7928 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
7929 raw_m3_attrs
= attrs
7930 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7931 send_wsc_msg(hapd
, addr
, m3
)
7933 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
7936 def test_wps_ext_m3_missing_e_hash2(dev
, apdev
):
7937 """WPS proto: M3 missing E-Hash2"""
7939 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7940 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7941 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7943 logger
.debug("Receive WSC/Start from AP")
7944 msg
= get_wsc_msg(hapd
)
7945 if msg
['wsc_opcode'] != WSC_Start
:
7946 raise Exception("Unexpected Op-Code for WSC/Start")
7948 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7951 own_private
, e_pk
= wsc_dh_init()
7953 logger
.debug("Send M1 to AP")
7954 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
7956 send_wsc_msg(hapd
, addr
, m1
)
7958 logger
.debug("Receive M2 from AP")
7959 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
7960 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
7961 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
7963 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
7965 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
7967 logger
.debug("Send M3 to AP")
7968 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7969 attrs
+= build_attr_msg_type(WPS_M3
)
7970 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
7971 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
7972 #attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
7973 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
7974 raw_m3_attrs
= attrs
7975 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7976 send_wsc_msg(hapd
, addr
, m3
)
7978 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
7981 def test_wps_ext_m5_missing_e_snonce1(dev
, apdev
):
7982 """WPS proto: M5 missing E-SNonce1"""
7984 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7985 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7986 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7988 logger
.debug("Receive WSC/Start from AP")
7989 msg
= get_wsc_msg(hapd
)
7990 if msg
['wsc_opcode'] != WSC_Start
:
7991 raise Exception("Unexpected Op-Code for WSC/Start")
7993 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7996 own_private
, e_pk
= wsc_dh_init()
7998 logger
.debug("Send M1 to AP")
7999 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8001 send_wsc_msg(hapd
, addr
, m1
)
8003 logger
.debug("Receive M2 from AP")
8004 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8005 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8006 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8008 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8010 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8012 logger
.debug("Send M3 to AP")
8013 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8014 attrs
+= build_attr_msg_type(WPS_M3
)
8015 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8016 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8017 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8018 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8019 raw_m3_attrs
= attrs
8020 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8021 send_wsc_msg(hapd
, addr
, m3
)
8023 logger
.debug("Receive M4 from AP")
8024 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8026 logger
.debug("Send M5 to AP")
8027 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8028 attrs
+= build_attr_msg_type(WPS_M5
)
8029 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8030 #data = build_wsc_attr(ATTR_E_SNONCE1, e_s1)
8032 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8033 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8034 raw_m5_attrs
= attrs
8035 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8036 send_wsc_msg(hapd
, addr
, m5
)
8038 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8041 def test_wps_ext_m5_e_snonce1_mismatch(dev
, apdev
):
8042 """WPS proto: M5 E-SNonce1 mismatch"""
8044 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8045 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8046 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8048 logger
.debug("Receive WSC/Start from AP")
8049 msg
= get_wsc_msg(hapd
)
8050 if msg
['wsc_opcode'] != WSC_Start
:
8051 raise Exception("Unexpected Op-Code for WSC/Start")
8053 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8056 own_private
, e_pk
= wsc_dh_init()
8058 logger
.debug("Send M1 to AP")
8059 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8061 send_wsc_msg(hapd
, addr
, m1
)
8063 logger
.debug("Receive M2 from AP")
8064 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8065 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8066 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8068 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8070 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8072 logger
.debug("Send M3 to AP")
8073 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8074 attrs
+= build_attr_msg_type(WPS_M3
)
8075 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8076 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8077 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8078 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8079 raw_m3_attrs
= attrs
8080 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8081 send_wsc_msg(hapd
, addr
, m3
)
8083 logger
.debug("Receive M4 from AP")
8084 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8086 logger
.debug("Send M5 to AP")
8087 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8088 attrs
+= build_attr_msg_type(WPS_M5
)
8089 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8090 data
= build_wsc_attr(ATTR_E_SNONCE1
, 16*'\x00')
8091 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8092 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8093 raw_m5_attrs
= attrs
8094 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8095 send_wsc_msg(hapd
, addr
, m5
)
8097 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8099 def test_wps_ext_m7_missing_e_snonce2(dev
, apdev
):
8100 """WPS proto: M7 missing E-SNonce2"""
8102 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8103 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8104 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8106 logger
.debug("Receive WSC/Start from AP")
8107 msg
= get_wsc_msg(hapd
)
8108 if msg
['wsc_opcode'] != WSC_Start
:
8109 raise Exception("Unexpected Op-Code for WSC/Start")
8111 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8114 own_private
, e_pk
= wsc_dh_init()
8116 logger
.debug("Send M1 to AP")
8117 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8119 send_wsc_msg(hapd
, addr
, m1
)
8121 logger
.debug("Receive M2 from AP")
8122 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8123 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8124 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8126 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8128 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8130 logger
.debug("Send M3 to AP")
8131 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8132 attrs
+= build_attr_msg_type(WPS_M3
)
8133 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8134 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8135 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8136 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8137 raw_m3_attrs
= attrs
8138 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8139 send_wsc_msg(hapd
, addr
, m3
)
8141 logger
.debug("Receive M4 from AP")
8142 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8144 logger
.debug("Send M5 to AP")
8145 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8146 attrs
+= build_attr_msg_type(WPS_M5
)
8147 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8148 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
8149 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8150 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8151 raw_m5_attrs
= attrs
8152 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8153 send_wsc_msg(hapd
, addr
, m5
)
8155 logger
.debug("Receive M6 from AP")
8156 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
8158 logger
.debug("Send M7 to AP")
8159 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8160 attrs
+= build_attr_msg_type(WPS_M7
)
8161 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8162 #data = build_wsc_attr(ATTR_E_SNONCE2, e_s2)
8164 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8165 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
8166 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8167 raw_m7_attrs
= attrs
8168 send_wsc_msg(hapd
, addr
, m7
)
8170 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8173 def test_wps_ext_m7_e_snonce2_mismatch(dev
, apdev
):
8174 """WPS proto: M7 E-SNonce2 mismatch"""
8176 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8177 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8178 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8180 logger
.debug("Receive WSC/Start from AP")
8181 msg
= get_wsc_msg(hapd
)
8182 if msg
['wsc_opcode'] != WSC_Start
:
8183 raise Exception("Unexpected Op-Code for WSC/Start")
8185 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8188 own_private
, e_pk
= wsc_dh_init()
8190 logger
.debug("Send M1 to AP")
8191 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8193 send_wsc_msg(hapd
, addr
, m1
)
8195 logger
.debug("Receive M2 from AP")
8196 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8197 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8198 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8200 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8202 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8204 logger
.debug("Send M3 to AP")
8205 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8206 attrs
+= build_attr_msg_type(WPS_M3
)
8207 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8208 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8209 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8210 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8211 raw_m3_attrs
= attrs
8212 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8213 send_wsc_msg(hapd
, addr
, m3
)
8215 logger
.debug("Receive M4 from AP")
8216 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8218 logger
.debug("Send M5 to AP")
8219 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8220 attrs
+= build_attr_msg_type(WPS_M5
)
8221 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8222 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
8223 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8224 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8225 raw_m5_attrs
= attrs
8226 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8227 send_wsc_msg(hapd
, addr
, m5
)
8229 logger
.debug("Receive M6 from AP")
8230 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
8232 logger
.debug("Send M7 to AP")
8233 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8234 attrs
+= build_attr_msg_type(WPS_M7
)
8235 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8236 data
= build_wsc_attr(ATTR_E_SNONCE2
, 16*'\x00')
8237 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8238 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
8239 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8240 raw_m7_attrs
= attrs
8241 send_wsc_msg(hapd
, addr
, m7
)
8243 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8246 def test_wps_ext_m1_pubkey_oom(dev
, apdev
):
8247 """WPS proto: M1 PubKey OOM"""
8249 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8250 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8251 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8253 logger
.debug("Receive WSC/Start from AP")
8254 msg
= get_wsc_msg(hapd
)
8255 if msg
['wsc_opcode'] != WSC_Start
:
8256 raise Exception("Unexpected Op-Code for WSC/Start")
8258 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8261 own_private
, e_pk
= wsc_dh_init()
8263 logger
.debug("Send M1 to AP")
8264 with
alloc_fail(hapd
, 1, "wpabuf_alloc_copy;wps_process_pubkey"):
8265 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8267 send_wsc_msg(hapd
, addr
, m1
)
8268 wps_wait_eap_failure(hapd
, dev
[0])
8270 def wps_wait_eap_failure(hapd
, dev
):
8271 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
8273 raise Exception("EAP-Failure not reported")
8274 dev
.wait_disconnected()
8277 def test_wps_ext_m3_m1(dev
, apdev
):
8278 """WPS proto: M3 replaced with M1"""
8280 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8281 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8282 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8284 logger
.debug("Receive WSC/Start from AP")
8285 msg
= get_wsc_msg(hapd
)
8286 if msg
['wsc_opcode'] != WSC_Start
:
8287 raise Exception("Unexpected Op-Code for WSC/Start")
8289 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8292 own_private
, e_pk
= wsc_dh_init()
8294 logger
.debug("Send M1 to AP")
8295 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8297 send_wsc_msg(hapd
, addr
, m1
)
8299 logger
.debug("Receive M2 from AP")
8300 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8301 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8302 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8304 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8306 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8308 logger
.debug("Send M3(M1) to AP")
8309 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8310 attrs
+= build_attr_msg_type(WPS_M1
)
8311 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8312 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8313 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8314 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8315 raw_m3_attrs
= attrs
8316 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8317 send_wsc_msg(hapd
, addr
, m3
)
8319 wps_wait_eap_failure(hapd
, dev
[0])
8322 def test_wps_ext_m5_m3(dev
, apdev
):
8323 """WPS proto: M5 replaced with M3"""
8325 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8326 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8327 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8329 logger
.debug("Receive WSC/Start from AP")
8330 msg
= get_wsc_msg(hapd
)
8331 if msg
['wsc_opcode'] != WSC_Start
:
8332 raise Exception("Unexpected Op-Code for WSC/Start")
8334 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8337 own_private
, e_pk
= wsc_dh_init()
8339 logger
.debug("Send M1 to AP")
8340 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8342 send_wsc_msg(hapd
, addr
, m1
)
8344 logger
.debug("Receive M2 from AP")
8345 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8346 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8347 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8349 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8351 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8353 logger
.debug("Send M3 to AP")
8354 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8355 attrs
+= build_attr_msg_type(WPS_M3
)
8356 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8357 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8358 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8359 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8360 raw_m3_attrs
= attrs
8361 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8362 send_wsc_msg(hapd
, addr
, m3
)
8364 logger
.debug("Receive M4 from AP")
8365 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8367 logger
.debug("Send M5(M3) to AP")
8368 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8369 attrs
+= build_attr_msg_type(WPS_M3
)
8370 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8371 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
8372 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8373 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8374 raw_m5_attrs
= attrs
8375 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8376 send_wsc_msg(hapd
, addr
, m5
)
8378 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8381 def test_wps_ext_m3_m2(dev
, apdev
):
8382 """WPS proto: M3 replaced with M2"""
8384 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8385 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8386 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8388 logger
.debug("Receive WSC/Start from AP")
8389 msg
= get_wsc_msg(hapd
)
8390 if msg
['wsc_opcode'] != WSC_Start
:
8391 raise Exception("Unexpected Op-Code for WSC/Start")
8393 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8396 own_private
, e_pk
= wsc_dh_init()
8398 logger
.debug("Send M1 to AP")
8399 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8401 send_wsc_msg(hapd
, addr
, m1
)
8403 logger
.debug("Receive M2 from AP")
8404 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8405 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8406 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8408 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8410 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8412 logger
.debug("Send M3(M2) to AP")
8413 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8414 attrs
+= build_attr_msg_type(WPS_M2
)
8415 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8416 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8417 raw_m3_attrs
= attrs
8418 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8419 send_wsc_msg(hapd
, addr
, m3
)
8421 wps_wait_eap_failure(hapd
, dev
[0])
8424 def test_wps_ext_m3_m5(dev
, apdev
):
8425 """WPS proto: M3 replaced with M5"""
8427 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8428 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8429 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8431 logger
.debug("Receive WSC/Start from AP")
8432 msg
= get_wsc_msg(hapd
)
8433 if msg
['wsc_opcode'] != WSC_Start
:
8434 raise Exception("Unexpected Op-Code for WSC/Start")
8436 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8439 own_private
, e_pk
= wsc_dh_init()
8441 logger
.debug("Send M1 to AP")
8442 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8444 send_wsc_msg(hapd
, addr
, m1
)
8446 logger
.debug("Receive M2 from AP")
8447 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8448 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8449 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8451 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8453 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8455 logger
.debug("Send M3(M5) to AP")
8456 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8457 attrs
+= build_attr_msg_type(WPS_M5
)
8458 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8459 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8460 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8461 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8462 raw_m3_attrs
= attrs
8463 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8464 send_wsc_msg(hapd
, addr
, m3
)
8466 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8469 def test_wps_ext_m3_m7(dev
, apdev
):
8470 """WPS proto: M3 replaced with M7"""
8472 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8473 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8474 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8476 logger
.debug("Receive WSC/Start from AP")
8477 msg
= get_wsc_msg(hapd
)
8478 if msg
['wsc_opcode'] != WSC_Start
:
8479 raise Exception("Unexpected Op-Code for WSC/Start")
8481 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8484 own_private
, e_pk
= wsc_dh_init()
8486 logger
.debug("Send M1 to AP")
8487 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8489 send_wsc_msg(hapd
, addr
, m1
)
8491 logger
.debug("Receive M2 from AP")
8492 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8493 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8494 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8496 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8498 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8500 logger
.debug("Send M3(M7) to AP")
8501 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8502 attrs
+= build_attr_msg_type(WPS_M7
)
8503 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8504 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8505 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8506 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8507 raw_m3_attrs
= attrs
8508 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8509 send_wsc_msg(hapd
, addr
, m3
)
8511 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8514 def test_wps_ext_m3_done(dev
, apdev
):
8515 """WPS proto: M3 replaced with WSC_Done"""
8517 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8518 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8519 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8521 logger
.debug("Receive WSC/Start from AP")
8522 msg
= get_wsc_msg(hapd
)
8523 if msg
['wsc_opcode'] != WSC_Start
:
8524 raise Exception("Unexpected Op-Code for WSC/Start")
8526 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8529 own_private
, e_pk
= wsc_dh_init()
8531 logger
.debug("Send M1 to AP")
8532 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8534 send_wsc_msg(hapd
, addr
, m1
)
8536 logger
.debug("Receive M2 from AP")
8537 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8538 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8539 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8541 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8543 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8545 logger
.debug("Send M3(WSC_Done) to AP")
8546 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8547 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
8548 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8549 raw_m3_attrs
= attrs
8550 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
8551 send_wsc_msg(hapd
, addr
, m3
)
8553 wps_wait_eap_failure(hapd
, dev
[0])
8556 def test_wps_ext_m2_nack_invalid(dev
, apdev
):
8557 """WPS proto: M2 followed by invalid NACK"""
8559 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8560 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8561 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8563 logger
.debug("Receive WSC/Start from AP")
8564 msg
= get_wsc_msg(hapd
)
8565 if msg
['wsc_opcode'] != WSC_Start
:
8566 raise Exception("Unexpected Op-Code for WSC/Start")
8568 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8571 own_private
, e_pk
= wsc_dh_init()
8573 logger
.debug("Send M1 to AP")
8574 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8576 send_wsc_msg(hapd
, addr
, m1
)
8578 logger
.debug("Receive M2 from AP")
8579 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8580 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8581 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8583 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8585 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8587 logger
.debug("Send WSC_NACK to AP")
8588 attrs
= '\x10\x00\x00'
8589 nack
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_NACK
)
8590 send_wsc_msg(hapd
, addr
, nack
)
8592 wps_wait_eap_failure(hapd
, dev
[0])
8595 def test_wps_ext_m2_nack_no_msg_type(dev
, apdev
):
8596 """WPS proto: M2 followed by NACK without Msg Type"""
8598 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8599 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8600 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8602 logger
.debug("Receive WSC/Start from AP")
8603 msg
= get_wsc_msg(hapd
)
8604 if msg
['wsc_opcode'] != WSC_Start
:
8605 raise Exception("Unexpected Op-Code for WSC/Start")
8607 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8610 own_private
, e_pk
= wsc_dh_init()
8612 logger
.debug("Send M1 to AP")
8613 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8615 send_wsc_msg(hapd
, addr
, m1
)
8617 logger
.debug("Receive M2 from AP")
8618 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8619 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8620 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8622 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8624 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8626 logger
.debug("Send WSC_NACK to AP")
8627 nack
,attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8628 msg_type
=None, eap_code
=2)
8629 send_wsc_msg(hapd
, addr
, nack
)
8631 wps_wait_eap_failure(hapd
, dev
[0])
8634 def test_wps_ext_m2_nack_invalid_msg_type(dev
, apdev
):
8635 """WPS proto: M2 followed by NACK with invalid Msg Type"""
8637 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8638 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8639 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8641 logger
.debug("Receive WSC/Start from AP")
8642 msg
= get_wsc_msg(hapd
)
8643 if msg
['wsc_opcode'] != WSC_Start
:
8644 raise Exception("Unexpected Op-Code for WSC/Start")
8646 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8649 own_private
, e_pk
= wsc_dh_init()
8651 logger
.debug("Send M1 to AP")
8652 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8654 send_wsc_msg(hapd
, addr
, m1
)
8656 logger
.debug("Receive M2 from AP")
8657 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8658 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8659 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8661 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8663 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8665 logger
.debug("Send WSC_NACK to AP")
8666 nack
,attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8667 msg_type
=WPS_WSC_ACK
, eap_code
=2)
8668 send_wsc_msg(hapd
, addr
, nack
)
8670 wps_wait_eap_failure(hapd
, dev
[0])
8673 def test_wps_ext_m2_nack_e_nonce_mismatch(dev
, apdev
):
8674 """WPS proto: M2 followed by NACK with e-nonce mismatch"""
8676 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8677 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8678 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8680 logger
.debug("Receive WSC/Start from AP")
8681 msg
= get_wsc_msg(hapd
)
8682 if msg
['wsc_opcode'] != WSC_Start
:
8683 raise Exception("Unexpected Op-Code for WSC/Start")
8685 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8688 own_private
, e_pk
= wsc_dh_init()
8690 logger
.debug("Send M1 to AP")
8691 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8693 send_wsc_msg(hapd
, addr
, m1
)
8695 logger
.debug("Receive M2 from AP")
8696 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8697 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8698 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8700 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8702 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8704 logger
.debug("Send WSC_NACK to AP")
8705 nack
,attrs
= build_nack(msg
['eap_identifier'], 16*'\x00', r_nonce
,
8707 send_wsc_msg(hapd
, addr
, nack
)
8709 wps_wait_eap_failure(hapd
, dev
[0])
8712 def test_wps_ext_m2_nack_no_config_error(dev
, apdev
):
8713 """WPS proto: M2 followed by NACK without Config Error"""
8715 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8716 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8717 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8719 logger
.debug("Receive WSC/Start from AP")
8720 msg
= get_wsc_msg(hapd
)
8721 if msg
['wsc_opcode'] != WSC_Start
:
8722 raise Exception("Unexpected Op-Code for WSC/Start")
8724 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8727 own_private
, e_pk
= wsc_dh_init()
8729 logger
.debug("Send M1 to AP")
8730 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8732 send_wsc_msg(hapd
, addr
, m1
)
8734 logger
.debug("Receive M2 from AP")
8735 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8736 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8737 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8739 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8741 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8743 logger
.debug("Send WSC_NACK to AP")
8744 nack
,attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8745 config_error
=None, eap_code
=2)
8746 send_wsc_msg(hapd
, addr
, nack
)
8748 wps_wait_eap_failure(hapd
, dev
[0])
8751 def test_wps_ext_m2_ack_invalid(dev
, apdev
):
8752 """WPS proto: M2 followed by invalid ACK"""
8754 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8755 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8756 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8758 logger
.debug("Receive WSC/Start from AP")
8759 msg
= get_wsc_msg(hapd
)
8760 if msg
['wsc_opcode'] != WSC_Start
:
8761 raise Exception("Unexpected Op-Code for WSC/Start")
8763 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8766 own_private
, e_pk
= wsc_dh_init()
8768 logger
.debug("Send M1 to AP")
8769 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8771 send_wsc_msg(hapd
, addr
, m1
)
8773 logger
.debug("Receive M2 from AP")
8774 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8775 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8776 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8778 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8780 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8782 logger
.debug("Send WSC_ACK to AP")
8783 attrs
= '\x10\x00\x00'
8784 ack
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_ACK
)
8785 send_wsc_msg(hapd
, addr
, ack
)
8787 wps_wait_eap_failure(hapd
, dev
[0])
8790 def test_wps_ext_m2_ack(dev
, apdev
):
8791 """WPS proto: M2 followed by ACK"""
8793 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8794 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8795 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8797 logger
.debug("Receive WSC/Start from AP")
8798 msg
= get_wsc_msg(hapd
)
8799 if msg
['wsc_opcode'] != WSC_Start
:
8800 raise Exception("Unexpected Op-Code for WSC/Start")
8802 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8805 own_private
, e_pk
= wsc_dh_init()
8807 logger
.debug("Send M1 to AP")
8808 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8810 send_wsc_msg(hapd
, addr
, m1
)
8812 logger
.debug("Receive M2 from AP")
8813 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8814 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8815 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8817 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8819 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8821 logger
.debug("Send WSC_ACK to AP")
8822 ack
,attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
, eap_code
=2)
8823 send_wsc_msg(hapd
, addr
, ack
)
8825 wps_wait_eap_failure(hapd
, dev
[0])
8828 def test_wps_ext_m2_ack_no_msg_type(dev
, apdev
):
8829 """WPS proto: M2 followed by ACK missing Msg Type"""
8831 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8832 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8833 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8835 logger
.debug("Receive WSC/Start from AP")
8836 msg
= get_wsc_msg(hapd
)
8837 if msg
['wsc_opcode'] != WSC_Start
:
8838 raise Exception("Unexpected Op-Code for WSC/Start")
8840 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8843 own_private
, e_pk
= wsc_dh_init()
8845 logger
.debug("Send M1 to AP")
8846 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8848 send_wsc_msg(hapd
, addr
, m1
)
8850 logger
.debug("Receive M2 from AP")
8851 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8852 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8853 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8855 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8857 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8859 logger
.debug("Send WSC_ACK to AP")
8860 ack
,attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8861 msg_type
=None, eap_code
=2)
8862 send_wsc_msg(hapd
, addr
, ack
)
8864 wps_wait_eap_failure(hapd
, dev
[0])
8867 def test_wps_ext_m2_ack_invalid_msg_type(dev
, apdev
):
8868 """WPS proto: M2 followed by ACK with invalid Msg Type"""
8870 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8871 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8872 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8874 logger
.debug("Receive WSC/Start from AP")
8875 msg
= get_wsc_msg(hapd
)
8876 if msg
['wsc_opcode'] != WSC_Start
:
8877 raise Exception("Unexpected Op-Code for WSC/Start")
8879 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8882 own_private
, e_pk
= wsc_dh_init()
8884 logger
.debug("Send M1 to AP")
8885 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8887 send_wsc_msg(hapd
, addr
, m1
)
8889 logger
.debug("Receive M2 from AP")
8890 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8891 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8892 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8894 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8896 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8898 logger
.debug("Send WSC_ACK to AP")
8899 ack
,attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8900 msg_type
=WPS_WSC_NACK
, eap_code
=2)
8901 send_wsc_msg(hapd
, addr
, ack
)
8903 wps_wait_eap_failure(hapd
, dev
[0])
8906 def test_wps_ext_m2_ack_e_nonce_mismatch(dev
, apdev
):
8907 """WPS proto: M2 followed by ACK with e-nonce mismatch"""
8909 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8910 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8911 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8913 logger
.debug("Receive WSC/Start from AP")
8914 msg
= get_wsc_msg(hapd
)
8915 if msg
['wsc_opcode'] != WSC_Start
:
8916 raise Exception("Unexpected Op-Code for WSC/Start")
8918 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8921 own_private
, e_pk
= wsc_dh_init()
8923 logger
.debug("Send M1 to AP")
8924 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8926 send_wsc_msg(hapd
, addr
, m1
)
8928 logger
.debug("Receive M2 from AP")
8929 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8930 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8931 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8933 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8935 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8937 logger
.debug("Send WSC_ACK to AP")
8938 ack
,attrs
= build_ack(msg
['eap_identifier'], 16*'\x00', r_nonce
,
8940 send_wsc_msg(hapd
, addr
, ack
)
8942 wps_wait_eap_failure(hapd
, dev
[0])
8945 def test_wps_ext_m1_invalid(dev
, apdev
):
8946 """WPS proto: M1 failing parsing"""
8948 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8949 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8950 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8952 logger
.debug("Receive WSC/Start from AP")
8953 msg
= get_wsc_msg(hapd
)
8954 if msg
['wsc_opcode'] != WSC_Start
:
8955 raise Exception("Unexpected Op-Code for WSC/Start")
8957 logger
.debug("Send M1 to AP")
8958 attrs
= '\x10\x00\x00'
8959 m1
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8960 send_wsc_msg(hapd
, addr
, m1
)
8962 wps_wait_eap_failure(hapd
, dev
[0])
8964 def test_wps_ext_m1_missing_msg_type(dev
, apdev
):
8965 """WPS proto: M1 missing Msg Type"""
8967 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8968 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8969 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8971 logger
.debug("Receive WSC/Start from AP")
8972 msg
= get_wsc_msg(hapd
)
8973 if msg
['wsc_opcode'] != WSC_Start
:
8974 raise Exception("Unexpected Op-Code for WSC/Start")
8976 logger
.debug("Send M1 to AP")
8977 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8978 m1
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8979 send_wsc_msg(hapd
, addr
, m1
)
8981 wps_wait_ap_nack(hapd
, dev
[0], 16*'\x00', 16*'\x00')
8983 def wps_ext_wsc_done(dev
, apdev
):
8985 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8986 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8987 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8989 logger
.debug("Receive WSC/Start from AP")
8990 msg
= get_wsc_msg(hapd
)
8991 if msg
['wsc_opcode'] != WSC_Start
:
8992 raise Exception("Unexpected Op-Code for WSC/Start")
8994 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8997 own_private
, e_pk
= wsc_dh_init()
8999 logger
.debug("Send M1 to AP")
9000 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9002 send_wsc_msg(hapd
, addr
, m1
)
9004 logger
.debug("Receive M2 from AP")
9005 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9006 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
9007 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
9009 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9011 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9013 logger
.debug("Send M3 to AP")
9014 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9015 attrs
+= build_attr_msg_type(WPS_M3
)
9016 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9017 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
9018 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
9019 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
9020 raw_m3_attrs
= attrs
9021 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9022 send_wsc_msg(hapd
, addr
, m3
)
9024 logger
.debug("Receive M4 from AP")
9025 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
9027 logger
.debug("Send M5 to AP")
9028 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9029 attrs
+= build_attr_msg_type(WPS_M5
)
9030 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9031 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
9032 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
9033 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
9034 raw_m5_attrs
= attrs
9035 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9036 send_wsc_msg(hapd
, addr
, m5
)
9038 logger
.debug("Receive M6 from AP")
9039 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
9041 logger
.debug("Send M7 to AP")
9042 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9043 attrs
+= build_attr_msg_type(WPS_M7
)
9044 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9045 data
= build_wsc_attr(ATTR_E_SNONCE2
, e_s2
)
9046 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
9047 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
9048 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9049 raw_m7_attrs
= attrs
9050 send_wsc_msg(hapd
, addr
, m7
)
9052 logger
.debug("Receive M8 from AP")
9053 msg
, m8_attrs
, raw_m8_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M8
)
9054 return hapd
, msg
, e_nonce
, r_nonce
9057 def test_wps_ext_wsc_done_invalid(dev
, apdev
):
9058 """WPS proto: invalid WSC_Done"""
9059 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9061 logger
.debug("Send WSC_Done to AP")
9062 attrs
= '\x10\x00\x00'
9063 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9064 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9066 wps_wait_eap_failure(hapd
, dev
[0])
9069 def test_wps_ext_wsc_done_no_msg_type(dev
, apdev
):
9070 """WPS proto: invalid WSC_Done"""
9071 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9073 logger
.debug("Send WSC_Done to AP")
9074 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9075 #attrs += build_attr_msg_type(WPS_WSC_DONE)
9076 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
9077 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9078 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9079 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9081 wps_wait_eap_failure(hapd
, dev
[0])
9084 def test_wps_ext_wsc_done_wrong_msg_type(dev
, apdev
):
9085 """WPS proto: WSC_Done with wrong Msg Type"""
9086 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9088 logger
.debug("Send WSC_Done to AP")
9089 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9090 attrs
+= build_attr_msg_type(WPS_WSC_ACK
)
9091 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
9092 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9093 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9094 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9096 wps_wait_eap_failure(hapd
, dev
[0])
9099 def test_wps_ext_wsc_done_no_e_nonce(dev
, apdev
):
9100 """WPS proto: WSC_Done without e_nonce"""
9101 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9103 logger
.debug("Send WSC_Done to AP")
9104 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9105 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
9106 #attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
9107 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9108 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9109 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9111 wps_wait_eap_failure(hapd
, dev
[0])
9113 def test_wps_ext_wsc_done_no_r_nonce(dev
, apdev
):
9114 """WPS proto: WSC_Done without r_nonce"""
9115 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9117 logger
.debug("Send WSC_Done to AP")
9118 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9119 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
9120 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
9121 #attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9122 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9123 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9125 wps_wait_eap_failure(hapd
, dev
[0])
9128 def test_wps_ext_m7_no_encr_settings(dev
, apdev
):
9129 """WPS proto: M7 without Encr Settings"""
9131 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9132 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9133 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9135 logger
.debug("Receive WSC/Start from AP")
9136 msg
= get_wsc_msg(hapd
)
9137 if msg
['wsc_opcode'] != WSC_Start
:
9138 raise Exception("Unexpected Op-Code for WSC/Start")
9140 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9143 own_private
, e_pk
= wsc_dh_init()
9145 logger
.debug("Send M1 to AP")
9146 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9148 send_wsc_msg(hapd
, addr
, m1
)
9150 logger
.debug("Receive M2 from AP")
9151 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9152 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
9153 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
9155 authkey
,keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9157 e_s1
,e_s2
,e_hash1
,e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9159 logger
.debug("Send M3 to AP")
9160 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9161 attrs
+= build_attr_msg_type(WPS_M3
)
9162 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9163 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
9164 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
9165 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
9166 raw_m3_attrs
= attrs
9167 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9168 send_wsc_msg(hapd
, addr
, m3
)
9170 logger
.debug("Receive M4 from AP")
9171 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
9173 logger
.debug("Send M5 to AP")
9174 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9175 attrs
+= build_attr_msg_type(WPS_M5
)
9176 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9177 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
9178 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
9179 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
9180 raw_m5_attrs
= attrs
9181 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9182 send_wsc_msg(hapd
, addr
, m5
)
9184 logger
.debug("Receive M6 from AP")
9185 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
9187 logger
.debug("Send M7 to AP")
9188 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9189 attrs
+= build_attr_msg_type(WPS_M7
)
9190 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9191 #data = build_wsc_attr(ATTR_E_SNONCE2, e_s2)
9192 #attrs += build_attr_encr_settings(authkey, keywrapkey, data)
9193 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
9194 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9195 raw_m7_attrs
= attrs
9196 send_wsc_msg(hapd
, addr
, m7
)
9198 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
9201 def test_wps_ext_m1_workaround(dev
, apdev
):
9202 """WPS proto: M1 Manufacturer/Model workaround"""
9204 addr
,bssid
,hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9205 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9206 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9208 logger
.debug("Receive WSC/Start from AP")
9209 msg
= get_wsc_msg(hapd
)
9210 if msg
['wsc_opcode'] != WSC_Start
:
9211 raise Exception("Unexpected Op-Code for WSC/Start")
9213 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9216 own_private
, e_pk
= wsc_dh_init()
9218 logger
.debug("Send M1 to AP")
9219 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9220 e_nonce
, e_pk
, manufacturer
='Apple TEST',
9221 model_name
='AirPort', config_methods
='\xff\xff')
9222 send_wsc_msg(hapd
, addr
, m1
)
9224 logger
.debug("Receive M2 from AP")
9225 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9228 def test_ap_wps_disable_enable(dev
, apdev
):
9229 """WPS and DISABLE/ENABLE AP"""
9230 hapd
= wps_start_ap(apdev
[0])
9233 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
9235 def test_ap_wps_upnp_web_oom(dev
, apdev
, params
):
9236 """hostapd WPS UPnP web OOM"""
9237 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9238 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
9240 location
= ssdp_get_location(ap_uuid
)
9241 url
= urlparse
.urlparse(location
)
9242 urls
= upnp_get_urls(location
)
9243 eventurl
= urlparse
.urlparse(urls
['event_sub_url'])
9244 ctrlurl
= urlparse
.urlparse(urls
['control_url'])
9246 conn
= httplib
.HTTPConnection(url
.netloc
)
9247 with
alloc_fail(hapd
, 1, "web_connection_parse_get"):
9248 conn
.request("GET", "/wps_device.xml")
9250 resp
= conn
.getresponse()
9254 conn
= httplib
.HTTPConnection(url
.netloc
)
9255 conn
.request("GET", "/unknown")
9256 resp
= conn
.getresponse()
9257 if resp
.status
!= 404:
9258 raise Exception("Unexpected HTTP result for unknown URL: %d" + resp
.status
)
9260 with
alloc_fail(hapd
, 1, "web_connection_parse_get"):
9261 conn
.request("GET", "/unknown")
9263 resp
= conn
.getresponse()
9268 conn
= httplib
.HTTPConnection(url
.netloc
)
9269 conn
.request("GET", "/wps_device.xml")
9270 resp
= conn
.getresponse()
9271 if resp
.status
!= 200:
9272 raise Exception("GET /wps_device.xml failed")
9274 conn
= httplib
.HTTPConnection(url
.netloc
)
9275 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9276 if resp
.status
!= 200:
9277 raise Exception("GetDeviceInfo failed")
9279 with
alloc_fail(hapd
, 1, "web_process_get_device_info"):
9280 conn
= httplib
.HTTPConnection(url
.netloc
)
9281 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9282 if resp
.status
!= 500:
9283 raise Exception("Internal error not reported from GetDeviceInfo OOM")
9285 with
alloc_fail(hapd
, 1, "wps_build_m1;web_process_get_device_info"):
9286 conn
= httplib
.HTTPConnection(url
.netloc
)
9287 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9288 if resp
.status
!= 500:
9289 raise Exception("Internal error not reported from GetDeviceInfo OOM")
9291 with
alloc_fail(hapd
, 1, "wpabuf_alloc;web_connection_send_reply"):
9292 conn
= httplib
.HTTPConnection(url
.netloc
)
9294 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9298 conn
= httplib
.HTTPConnection(url
.netloc
)
9299 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9300 if resp
.status
!= 200:
9301 raise Exception("GetDeviceInfo failed")
9303 # No NewWLANEventType in PutWLANResponse NewMessage
9304 conn
= httplib
.HTTPConnection(url
.netloc
)
9305 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse", newmsg
="foo")
9306 if resp
.status
!= 600:
9307 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9309 # No NewWLANEventMAC in PutWLANResponse NewMessage
9310 conn
= httplib
.HTTPConnection(url
.netloc
)
9311 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9312 newmsg
="foo", neweventtype
="1")
9313 if resp
.status
!= 600:
9314 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9316 # Invalid NewWLANEventMAC in PutWLANResponse NewMessage
9317 conn
= httplib
.HTTPConnection(url
.netloc
)
9318 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9319 newmsg
="foo", neweventtype
="1",
9321 if resp
.status
!= 600:
9322 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9324 # Workaround for NewWLANEventMAC in PutWLANResponse NewMessage
9325 # Ignored unexpected PutWLANResponse WLANEventType 1
9326 conn
= httplib
.HTTPConnection(url
.netloc
)
9327 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9328 newmsg
="foo", neweventtype
="1",
9329 neweventmac
="00.11.22.33.44.55")
9330 if resp
.status
!= 500:
9331 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9333 # PutWLANResponse NewMessage with invalid EAP message
9334 conn
= httplib
.HTTPConnection(url
.netloc
)
9335 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9336 newmsg
="foo", neweventtype
="2",
9337 neweventmac
="00:11:22:33:44:55")
9338 if resp
.status
!= 200:
9339 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9341 with
alloc_fail(hapd
, 1, "web_connection_parse_subscribe"):
9342 conn
= httplib
.HTTPConnection(url
.netloc
)
9343 headers
= { "callback": '<http://127.0.0.1:12345/event>',
9345 "timeout": "Second-1234" }
9346 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
9348 resp
= conn
.getresponse()
9352 with
alloc_fail(hapd
, 1, "dup_binstr;web_connection_parse_subscribe"):
9353 conn
= httplib
.HTTPConnection(url
.netloc
)
9354 headers
= { "callback": '<http://127.0.0.1:12345/event>',
9356 "timeout": "Second-1234" }
9357 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
9358 resp
= conn
.getresponse()
9359 if resp
.status
!= 500:
9360 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9362 with
alloc_fail(hapd
, 1, "wpabuf_alloc;web_connection_parse_unsubscribe"):
9363 conn
= httplib
.HTTPConnection(url
.netloc
)
9364 headers
= { "callback": '<http://127.0.0.1:12345/event>',
9366 "timeout": "Second-1234" }
9367 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
9369 resp
= conn
.getresponse()
9373 with
alloc_fail(hapd
, 1, "web_connection_unimplemented"):
9374 conn
= httplib
.HTTPConnection(url
.netloc
)
9375 conn
.request("HEAD", "/wps_device.xml")
9377 resp
= conn
.getresponse()
9381 def test_ap_wps_frag_ack_oom(dev
, apdev
):
9382 """WPS and fragment ack OOM"""
9383 dev
[0].request("SET wps_fragment_size 50")
9384 hapd
= wps_start_ap(apdev
[0])
9385 with
alloc_fail(hapd
, 1, "eap_wsc_build_frag_ack"):
9386 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
9388 def wait_scan_stopped(dev
):
9389 dev
.request("ABORT_SCAN")
9391 res
= dev
.get_driver_status_field("scan_state")
9392 if "SCAN_STARTED" not in res
and "SCAN_REQUESTED" not in res
:
9394 logger
.debug("Waiting for scan to complete")
9398 def test_ap_wps_eap_wsc_errors(dev
, apdev
):
9399 """WPS and EAP-WSC error cases"""
9400 ssid
= "test-wps-conf-pin"
9402 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
9403 "wpa_passphrase": "12345678", "wpa": "2",
9404 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9405 "fragment_size": "300", "ap_pin": appin
}
9406 hapd
= hostapd
.add_ap(apdev
[0], params
)
9407 bssid
= apdev
[0]['bssid']
9409 pin
= dev
[0].wps_read_pin()
9410 hapd
.request("WPS_PIN any " + pin
)
9411 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
9412 dev
[0].dump_monitor()
9414 dev
[0].wps_reg(bssid
, appin
+ " new_ssid=a", "new ssid", "WPA2PSK", "CCMP",
9415 "new passphrase", no_wait
=True)
9416 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9418 raise Exception("WPS-FAIL not reported")
9419 dev
[0].request("WPS_CANCEL")
9420 dev
[0].wait_disconnected()
9421 wait_scan_stopped(dev
[0])
9422 dev
[0].dump_monitor()
9424 dev
[0].wps_reg(bssid
, appin
, "new ssid", "FOO", "CCMP",
9425 "new passphrase", no_wait
=True)
9426 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9428 raise Exception("WPS-FAIL not reported")
9429 dev
[0].request("WPS_CANCEL")
9430 dev
[0].wait_disconnected()
9431 wait_scan_stopped(dev
[0])
9432 dev
[0].dump_monitor()
9434 dev
[0].wps_reg(bssid
, appin
, "new ssid", "WPA2PSK", "FOO",
9435 "new passphrase", no_wait
=True)
9436 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9438 raise Exception("WPS-FAIL not reported")
9439 dev
[0].request("WPS_CANCEL")
9440 dev
[0].wait_disconnected()
9441 wait_scan_stopped(dev
[0])
9442 dev
[0].dump_monitor()
9444 dev
[0].wps_reg(bssid
, appin
+ "new_key=a", "new ssid", "WPA2PSK", "CCMP",
9445 "new passphrase", no_wait
=True)
9446 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9448 raise Exception("WPS-FAIL not reported")
9449 dev
[0].request("WPS_CANCEL")
9450 dev
[0].wait_disconnected()
9451 wait_scan_stopped(dev
[0])
9452 dev
[0].dump_monitor()
9454 tests
= [ "eap_wsc_init",
9455 "eap_msg_alloc;eap_wsc_build_msg",
9456 "wpabuf_alloc;eap_wsc_process_fragment" ]
9458 with
alloc_fail(dev
[0], 1, func
):
9459 dev
[0].request("WPS_PIN %s %s" % (bssid
, pin
))
9460 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
9461 dev
[0].request("WPS_CANCEL")
9462 dev
[0].wait_disconnected()
9463 wait_scan_stopped(dev
[0])
9464 dev
[0].dump_monitor()
9466 with
alloc_fail(dev
[0], 1, "eap_msg_alloc;eap_sm_build_expanded_nak"):
9467 dev
[0].wps_reg(bssid
, appin
+ " new_ssid=a", "new ssid", "WPA2PSK",
9468 "CCMP", "new passphrase", no_wait
=True)
9469 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
9470 dev
[0].request("WPS_CANCEL")
9471 dev
[0].wait_disconnected()
9472 wait_scan_stopped(dev
[0])
9473 dev
[0].dump_monitor()
9475 def test_ap_wps_eap_wsc(dev
, apdev
):
9476 """WPS and EAP-WSC in network profile"""
9477 params
= int_eap_server_params()
9478 params
["wps_state"] = "2"
9479 hapd
= hostapd
.add_ap(apdev
[0], params
)
9480 bssid
= apdev
[0]['bssid']
9482 logger
.info("Unexpected identity")
9483 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9484 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-unexpected",
9486 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9488 raise Exception("No EAP-Failure seen")
9489 dev
[0].request("REMOVE_NETWORK all")
9490 dev
[0].wait_disconnected()
9492 logger
.info("No phase1 parameter")
9493 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9494 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9496 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9498 raise Exception("Timeout on EAP method start")
9499 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9501 raise Exception("No EAP-Failure seen")
9502 dev
[0].request("REMOVE_NETWORK all")
9503 dev
[0].wait_disconnected()
9505 logger
.info("No PIN/PBC in phase1")
9506 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9507 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9508 phase1
="foo", wait_connect
=False)
9509 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9511 raise Exception("Timeout on EAP method start")
9512 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9514 raise Exception("No EAP-Failure seen")
9515 dev
[0].request("REMOVE_NETWORK all")
9516 dev
[0].wait_disconnected()
9518 logger
.info("Invalid pkhash in phase1")
9519 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9520 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9521 phase1
="foo pkhash=q pbc=1", wait_connect
=False)
9522 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9524 raise Exception("Timeout on EAP method start")
9525 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9527 raise Exception("No EAP-Failure seen")
9528 dev
[0].request("REMOVE_NETWORK all")
9529 dev
[0].wait_disconnected()
9531 logger
.info("Zero fragment_size")
9532 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9533 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9534 fragment_size
="0", phase1
="pin=12345670", wait_connect
=False)
9535 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9537 raise Exception("Timeout on EAP method start")
9538 ev
= dev
[0].wait_event(["WPS-M2D"], timeout
=5)
9540 raise Exception("No M2D seen")
9541 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9543 raise Exception("No EAP-Failure seen")
9544 dev
[0].request("REMOVE_NETWORK all")
9545 dev
[0].wait_disconnected()
9547 logger
.info("Missing new_auth")
9548 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9549 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9550 phase1
="pin=12345670 new_ssid=aa", wait_connect
=False)
9551 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9553 raise Exception("Timeout on EAP method start")
9554 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9556 raise Exception("No EAP-Failure seen")
9557 dev
[0].request("REMOVE_NETWORK all")
9558 dev
[0].wait_disconnected()
9560 logger
.info("Missing new_encr")
9561 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9562 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9563 phase1
="pin=12345670 new_auth=WPA2PSK new_ssid=aa", wait_connect
=False)
9564 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9566 raise Exception("Timeout on EAP method start")
9567 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9569 raise Exception("No EAP-Failure seen")
9570 dev
[0].request("REMOVE_NETWORK all")
9571 dev
[0].wait_disconnected()
9573 logger
.info("Missing new_key")
9574 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9575 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9576 phase1
="pin=12345670 new_auth=WPA2PSK new_ssid=aa new_encr=CCMP",
9578 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9580 raise Exception("Timeout on EAP method start")
9581 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9583 raise Exception("No EAP-Failure seen")
9584 dev
[0].request("REMOVE_NETWORK all")
9585 dev
[0].wait_disconnected()
9587 def test_ap_wps_and_bss_limit(dev
, apdev
):
9588 """WPS and wpa_supplicant BSS entry limit"""
9590 _test_ap_wps_and_bss_limit(dev
, apdev
)
9592 dev
[0].request("SET bss_max_count 200")
9595 def _test_ap_wps_and_bss_limit(dev
, apdev
):
9596 params
= { "ssid": "test-wps", "eap_server": "1", "wps_state": "2",
9597 "wpa_passphrase": "12345678", "wpa": "2",
9598 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }
9599 hapd
= hostapd
.add_ap(apdev
[0], params
)
9601 params
= { "ssid": "test-wps-2", "eap_server": "1", "wps_state": "2",
9602 "wpa_passphrase": "1234567890", "wpa": "2",
9603 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }
9604 hapd2
= hostapd
.add_ap(apdev
[1], params
)
9606 id = dev
[1].add_network()
9607 dev
[1].set_network(id, "mode", "2")
9608 dev
[1].set_network_quoted(id, "ssid", "wpas-ap-no-wps")
9609 dev
[1].set_network_quoted(id, "psk", "12345678")
9610 dev
[1].set_network(id, "frequency", "2462")
9611 dev
[1].set_network(id, "scan_freq", "2462")
9612 dev
[1].set_network(id, "wps_disabled", "1")
9613 dev
[1].select_network(id)
9615 id = dev
[2].add_network()
9616 dev
[2].set_network(id, "mode", "2")
9617 dev
[2].set_network_quoted(id, "ssid", "wpas-ap")
9618 dev
[2].set_network_quoted(id, "psk", "12345678")
9619 dev
[2].set_network(id, "frequency", "2437")
9620 dev
[2].set_network(id, "scan_freq", "2437")
9621 dev
[2].select_network(id)
9623 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
9624 wpas
.interface_add("wlan5")
9625 id = wpas
.add_network()
9626 wpas
.set_network(id, "mode", "2")
9627 wpas
.set_network_quoted(id, "ssid", "wpas-ap")
9628 wpas
.set_network_quoted(id, "psk", "12345678")
9629 wpas
.set_network(id, "frequency", "2437")
9630 wpas
.set_network(id, "scan_freq", "2437")
9631 wpas
.select_network(id)
9633 dev
[1].wait_connected()
9634 dev
[2].wait_connected()
9635 wpas
.wait_connected()
9636 wpas
.request("WPS_PIN any 12345670")
9638 hapd
.request("WPS_PBC")
9639 hapd2
.request("WPS_PBC")
9641 dev
[0].request("SET bss_max_count 1")
9643 id = dev
[0].add_network()
9644 dev
[0].set_network_quoted(id, "ssid", "testing")
9646 id = dev
[0].add_network()
9647 dev
[0].set_network_quoted(id, "ssid", "testing")
9648 dev
[0].set_network(id, "key_mgmt", "WPS")
9650 dev
[0].request("WPS_PBC")
9651 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
9652 dev
[0].request("WPS_CANCEL")
9654 id = dev
[0].add_network()
9655 dev
[0].set_network_quoted(id, "ssid", "testing")
9656 dev
[0].set_network(id, "key_mgmt", "WPS")
9658 dev
[0].scan(freq
="2412")
9660 def test_ap_wps_pbc_2ap(dev
, apdev
):
9661 """WPS PBC with two APs advertising same SSID"""
9662 params
= { "ssid": "wps", "eap_server": "1", "wps_state": "2",
9663 "wpa_passphrase": "12345678", "wpa": "2",
9664 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9665 "wps_independent": "1"}
9666 hapd
= hostapd
.add_ap(apdev
[0], params
)
9667 params
= { "ssid": "wps", "eap_server": "1", "wps_state": "2",
9668 "wpa_passphrase": "123456789", "wpa": "2",
9669 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9670 "wps_independent": "1"}
9671 hapd2
= hostapd
.add_ap(apdev
[1], params
)
9672 hapd
.request("WPS_PBC")
9674 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
9675 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
9678 wpas
.scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
9679 wpas
.scan_for_bss(apdev
[1]['bssid'], freq
="2412")
9680 wpas
.request("WPS_PBC")
9681 wpas
.wait_connected()
9682 wpas
.request("DISCONNECT")
9683 hapd
.request("DISABLE")
9684 hapd2
.request("DISABLE")
9685 wpas
.flush_scan_cache()
9687 def test_ap_wps_er_enrollee_to_conf_ap(dev
, apdev
):
9688 """WPS ER enrolling a new device to a configured AP"""
9690 _test_ap_wps_er_enrollee_to_conf_ap(dev
, apdev
)
9692 dev
[0].request("WPS_ER_STOP")
9694 def _test_ap_wps_er_enrollee_to_conf_ap(dev
, apdev
):
9695 ssid
= "wps-er-enrollee-to-conf-ap"
9697 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9698 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
9699 "wpa_passphrase": "12345678", "wpa": "2",
9700 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9701 "device_name": "Wireless AP", "manufacturer": "Company",
9702 "model_name": "WAP", "model_number": "123",
9703 "serial_number": "12345", "device_type": "6-0050F204-1",
9704 "os_version": "01020300",
9705 "config_methods": "label push_button",
9706 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
9707 hapd
= hostapd
.add_ap(apdev
[0], params
)
9708 bssid
= hapd
.own_addr()
9710 id = dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
9711 dev
[0].dump_monitor()
9713 dev
[0].request("WPS_ER_START ifname=lo")
9714 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
9716 raise Exception("AP discovery timed out")
9717 if ap_uuid
not in ev
:
9718 raise Exception("Expected AP UUID not found")
9720 pin
= dev
[2].wps_read_pin()
9721 addr2
= dev
[2].own_addr()
9722 dev
[0].dump_monitor()
9723 dev
[2].scan_for_bss(bssid
, freq
=2412)
9724 dev
[2].dump_monitor()
9725 dev
[2].request("WPS_PIN %s %s" % (bssid
, pin
))
9728 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
9730 raise Exception("Enrollee not seen")
9734 raise Exception("Unexpected Enrollee MAC address")
9735 dev
[0].dump_monitor()
9737 dev
[0].request("WPS_ER_SET_CONFIG " + ap_uuid
+ " " + str(id))
9738 dev
[0].request("WPS_ER_PIN " + addr2
+ " " + pin
+ " " + addr2
)
9739 dev
[2].wait_connected(timeout
=30)
9740 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
9742 raise Exception("WPS ER did not report success")
9744 def test_ap_wps_er_enrollee_to_conf_ap2(dev
, apdev
):
9745 """WPS ER enrolling a new device to a configured AP (2)"""
9747 _test_ap_wps_er_enrollee_to_conf_ap2(dev
, apdev
)
9749 dev
[0].request("WPS_ER_STOP")
9751 def _test_ap_wps_er_enrollee_to_conf_ap2(dev
, apdev
):
9752 ssid
= "wps-er-enrollee-to-conf-ap"
9754 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9755 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
9756 "wpa_passphrase": "12345678", "wpa": "2",
9757 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9758 "device_name": "Wireless AP", "manufacturer": "Company",
9759 "model_name": "WAP", "model_number": "123",
9760 "serial_number": "12345", "device_type": "6-0050F204-1",
9761 "os_version": "01020300",
9762 "config_methods": "label push_button",
9763 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
9764 hapd
= hostapd
.add_ap(apdev
[0], params
)
9765 bssid
= hapd
.own_addr()
9767 id = dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
9768 dev
[0].dump_monitor()
9770 dev
[0].request("WPS_ER_START ifname=lo")
9771 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
9773 raise Exception("AP discovery timed out")
9774 if ap_uuid
not in ev
:
9775 raise Exception("Expected AP UUID not found")
9777 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
9778 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
9780 raise Exception("AP learn timed out")
9781 if ap_uuid
not in ev
:
9782 raise Exception("Expected AP UUID not in settings")
9783 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
9785 raise Exception("WPS-FAIL after AP learn timed out")
9788 pin
= dev
[1].wps_read_pin()
9789 addr1
= dev
[1].own_addr()
9790 dev
[0].dump_monitor()
9791 dev
[0].request("WPS_ER_PIN any " + pin
)
9793 dev
[1].scan_for_bss(bssid
, freq
=2412)
9794 dev
[1].request("WPS_PIN any %s" % pin
)
9795 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=30)
9797 raise Exception("Enrollee did not report success")
9798 dev
[1].wait_connected(timeout
=15)
9799 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
9801 raise Exception("WPS ER did not report success")
9803 def test_ap_wps_ignore_broadcast_ssid(dev
, apdev
):
9804 """WPS AP trying to ignore broadcast SSID"""
9806 hapd
= hostapd
.add_ap(apdev
[0],
9807 { "ssid": ssid
, "eap_server": "1", "wps_state": "1",
9808 "ignore_broadcast_ssid": "1" })
9809 if "FAIL" not in hapd
.request("WPS_PBC"):
9810 raise Exception("WPS unexpectedly enabled")
9812 def test_ap_wps_wep(dev
, apdev
):
9813 """WPS AP trying to enable WEP"""
9815 hapd
= hostapd
.add_ap(apdev
[0],
9816 { "ssid": ssid
, "eap_server": "1", "wps_state": "1",
9817 "ieee80211n": "0", "wep_key0": '"hello"' })
9818 if "FAIL" not in hapd
.request("WPS_PBC"):
9819 raise Exception("WPS unexpectedly enabled")
9821 def test_ap_wps_tkip(dev
, apdev
):
9822 """WPS AP trying to enable TKIP"""
9824 hapd
= hostapd
.add_ap(apdev
[0],
9825 { "ssid": ssid
, "eap_server": "1", "wps_state": "1",
9826 "ieee80211n": "0", "wpa": '1',
9827 "wpa_key_mgmt": "WPA-PSK",
9828 "wpa_passphrase": "12345678" })
9829 if "FAIL" not in hapd
.request("WPS_PBC"):
9830 raise Exception("WPS unexpectedly enabled")
9832 def test_ap_wps_conf_dummy_cred(dev
, apdev
):
9833 """WPS PIN provisioning with configured AP using dummy cred"""
9834 ssid
= "test-wps-conf"
9835 hapd
= hostapd
.add_ap(apdev
[0],
9836 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
9837 "wpa_passphrase": "12345678", "wpa": "2",
9838 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
9839 hapd
.request("WPS_PIN any 12345670")
9840 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
9841 dev
[0].dump_monitor()
9843 hapd
.set("wps_testing_dummy_cred", "1")
9844 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
9845 for i
in range(1, 3):
9846 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=15)
9848 raise Exception("WPS credential %d not received" % i
)
9849 dev
[0].wait_connected(timeout
=30)
9851 hapd
.set("wps_testing_dummy_cred", "0")
9853 def test_ap_wps_rf_bands(dev
, apdev
):
9854 """WPS and wps_rf_bands configuration"""
9855 ssid
= "test-wps-conf"
9856 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
9857 "wpa_passphrase": "12345678", "wpa": "2",
9858 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9859 "wps_rf_bands": "ag" }
9861 hapd
= hostapd
.add_ap(apdev
[0], params
)
9862 bssid
= hapd
.own_addr()
9863 hapd
.request("WPS_PBC")
9864 dev
[0].scan_for_bss(bssid
, freq
="2412")
9865 dev
[0].dump_monitor()
9866 dev
[0].request("WPS_PBC " + bssid
)
9867 dev
[0].wait_connected(timeout
=30)
9868 bss
= dev
[0].get_bss(bssid
)
9869 logger
.info("BSS: " + str(bss
))
9870 if "103c000103" not in bss
['ie']:
9871 raise Exception("RF Bands attribute with expected values not found")
9872 dev
[0].request("DISCONNECT")
9873 dev
[0].wait_disconnected()
9874 hapd
.set("wps_rf_bands", "ad")
9875 hapd
.set("wps_rf_bands", "a")
9876 hapd
.set("wps_rf_bands", "g")
9877 hapd
.set("wps_rf_bands", "b")
9878 hapd
.set("wps_rf_bands", "ga")
9880 dev
[0].dump_monitor()
9881 dev
[0].flush_scan_cache()
9883 def test_ap_wps_pbc_in_m1(dev
, apdev
):
9884 """WPS and pbc_in_m1"""
9885 ssid
= "test-wps-conf"
9886 params
= { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
9887 "wpa_passphrase": "12345678", "wpa": "2",
9888 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9889 "config_methods": "virtual_push_button virtual_display",
9892 hapd
= hostapd
.add_ap(apdev
[0], params
)
9893 bssid
= hapd
.own_addr()
9894 hapd
.request("WPS_PBC")
9895 dev
[0].scan_for_bss(bssid
, freq
="2412")
9896 dev
[0].dump_monitor()
9897 dev
[0].request("WPS_PBC " + bssid
)
9898 dev
[0].wait_connected(timeout
=30)
9899 dev
[0].request("DISCONNECT")
9900 dev
[0].wait_disconnected()
9902 dev
[0].dump_monitor()
9903 dev
[0].flush_scan_cache()
9905 def test_ap_wps_pin_start_failure(dev
, apdev
):
9906 """WPS_PIN start failure"""
9907 with
alloc_fail(dev
[0], 1, "wpas_wps_start_dev_pw"):
9908 if "FAIL" not in dev
[0].request("WPS_PIN any 12345670"):
9909 raise Exception("WPS_PIN not rejected during OOM")
9910 with
alloc_fail(dev
[0], 1, "wpas_wps_start_dev_pw"):
9911 if "FAIL" not in dev
[0].request("WPS_PIN any"):
9912 raise Exception("WPS_PIN not rejected during OOM")
9914 def test_ap_wps_ap_pin_failure(dev
, apdev
):
9915 """WPS_AP_PIN failure"""
9916 id = dev
[0].add_network()
9917 dev
[0].set_network(id, "mode", "2")
9918 dev
[0].set_network_quoted(id, "ssid", "wpas-ap-wps")
9919 dev
[0].set_network_quoted(id, "psk", "1234567890")
9920 dev
[0].set_network(id, "frequency", "2412")
9921 dev
[0].set_network(id, "scan_freq", "2412")
9922 dev
[0].select_network(id)
9923 dev
[0].wait_connected()
9925 with
fail_test(dev
[0], 1,
9926 "os_get_random;wpa_supplicant_ctrl_iface_wps_ap_pin"):
9927 if "FAIL" not in dev
[0].request("WPS_AP_PIN random"):
9928 raise Exception("WPS_AP_PIN random accepted")
9929 with
alloc_fail(dev
[0], 1, "wpas_wps_ap_pin_set"):
9930 if "FAIL" not in dev
[0].request("WPS_AP_PIN set 12345670"):
9931 raise Exception("WPS_AP_PIN set accepted")
9933 dev
[0].request("DISCONNECT")
9934 dev
[0].wait_disconnected()
9936 def test_ap_wps_random_uuid(dev
, apdev
, params
):
9937 """WPS and random UUID on Enrollee"""
9938 ssid
= "test-wps-conf"
9939 hapd
= hostapd
.add_ap(apdev
[0],
9940 { "ssid": ssid
, "eap_server": "1", "wps_state": "2",
9941 "wpa_passphrase": "12345678", "wpa": "2",
9942 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
9944 config
= os
.path
.join(params
['logdir'], 'ap_wps_random_uuid.conf')
9945 with
open(config
, "w") as f
:
9946 f
.write("auto_uuid=1\n")
9948 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
9952 wpas
.interface_add("wlan5", config
=config
)
9954 wpas
.scan_for_bss(apdev
[0]['bssid'], freq
="2412")
9956 wpas
.request("WPS_PBC " + apdev
[0]['bssid'])
9958 ev
= hapd
.wait_event(["WPS-ENROLLEE-SEEN"], timeout
=10)
9960 raise Exception("Enrollee not seen")
9961 uuid
.append(ev
.split(' ')[2])
9962 wpas
.request("WPS_CANCEL")
9965 wpas
.interface_remove("wlan5")
9969 logger
.info("Seen UUIDs: " + str(uuid
))
9970 if uuid
[0] == uuid
[1] or uuid
[0] == uuid
[2] or uuid
[1] == uuid
[2]:
9971 raise Exception("Same UUID used multiple times")