]> git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_wps.py
projects / thirdparty / hostap.git / blob
? search:


58baec9b31e4c4025eebf71fca124adc9ed58a96
[thirdparty/hostap.git] / tests / hwsim / test_ap_wps.py
1 # WPS tests
2 # Copyright (c) 2013-2017, Jouni Malinen <j@w1.fi>
3 #
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
6
7 from remotehost import remote_compatible
8 import base64
9 import binascii
10 from Crypto.Cipher import AES
11 import hashlib
12 import hmac
13 import os
14 import time
15 import stat
16 import subprocess
17 import logging
18 logger = logging.getLogger()
19 import re
20 import socket
21 import struct
22 import httplib
23 import urlparse
24 import urllib
25 import xml.etree.ElementTree as ET
26 import StringIO
27 import SocketServer
28
29 import hwsim_utils
30 import hostapd
31 from wpasupplicant import WpaSupplicant
32 from utils import HwsimSkip, alloc_fail, fail_test, skip_with_fips
33 from utils import wait_fail_trigger
34 from test_ap_eap import int_eap_server_params
35
36 def wps_start_ap(apdev, ssid="test-wps-conf"):
37 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
38 "wpa_passphrase": "12345678", "wpa": "2",
39 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }
40 return hostapd.add_ap(apdev, params)
41
42 @remote_compatible
43 def test_ap_wps_init(dev, apdev):
44 """Initial AP configuration with first WPS Enrollee"""
45 ssid = "test-wps"
46 hapd = hostapd.add_ap(apdev[0],
47 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
48 logger.info("WPS provisioning step")
49 hapd.request("WPS_PBC")
50 if "PBC Status: Active" not in hapd.request("WPS_GET_STATUS"):
51 raise Exception("PBC status not shown correctly")
52
53 id = dev[0].add_network()
54 dev[0].set_network_quoted(id, "ssid", "home")
55 dev[0].set_network_quoted(id, "psk", "12345678")
56 dev[0].request("ENABLE_NETWORK %s no-connect" % id)
57
58 id = dev[0].add_network()
59 dev[0].set_network_quoted(id, "ssid", "home2")
60 dev[0].set_network(id, "bssid", "00:11:22:33:44:55")
61 dev[0].set_network(id, "key_mgmt", "NONE")
62 dev[0].request("ENABLE_NETWORK %s no-connect" % id)
63
64 dev[0].request("WPS_PBC")
65 dev[0].wait_connected(timeout=30)
66 status = dev[0].get_status()
67 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
68 raise Exception("Not fully connected")
69 if status['ssid'] != ssid:
70 raise Exception("Unexpected SSID")
71 if status['pairwise_cipher'] != 'CCMP':
72 raise Exception("Unexpected encryption configuration")
73 if status['key_mgmt'] != 'WPA2-PSK':
74 raise Exception("Unexpected key_mgmt")
75
76 status = hapd.request("WPS_GET_STATUS")
77 if "PBC Status: Disabled" not in status:
78 raise Exception("PBC status not shown correctly")
79 if "Last WPS result: Success" not in status:
80 raise Exception("Last WPS result not shown correctly")
81 if "Peer Address: " + dev[0].p2p_interface_addr() not in status:
82 raise Exception("Peer address not shown correctly")
83 conf = hapd.request("GET_CONFIG")
84 if "wps_state=configured" not in conf:
85 raise Exception("AP not in WPS configured state")
86 if "wpa=3" not in conf:
87 raise Exception("AP not in WPA+WPA2 configuration")
88 if "rsn_pairwise_cipher=CCMP TKIP" not in conf:
89 raise Exception("Unexpected rsn_pairwise_cipher")
90 if "wpa_pairwise_cipher=CCMP TKIP" not in conf:
91 raise Exception("Unexpected wpa_pairwise_cipher")
92 if "group_cipher=TKIP" not in conf:
93 raise Exception("Unexpected group_cipher")
94
95 if len(dev[0].list_networks()) != 3:
96 raise Exception("Unexpected number of network blocks")
97
98 def test_ap_wps_init_2ap_pbc(dev, apdev):
99 """Initial two-radio AP configuration with first WPS PBC Enrollee"""
100 ssid = "test-wps"
101 params = { "ssid": ssid, "eap_server": "1", "wps_state": "1" }
102 hapd = hostapd.add_ap(apdev[0], params)
103 hostapd.add_ap(apdev[1], params)
104 logger.info("WPS provisioning step")
105 hapd.request("WPS_PBC")
106 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412", force_scan=True)
107 dev[0].scan_for_bss(apdev[1]['bssid'], freq="2412")
108 bss = dev[0].get_bss(apdev[0]['bssid'])
109 if "[WPS-PBC]" not in bss['flags']:
110 raise Exception("WPS-PBC flag missing from AP1")
111 bss = dev[0].get_bss(apdev[1]['bssid'])
112 if "[WPS-PBC]" not in bss['flags']:
113 raise Exception("WPS-PBC flag missing from AP2")
114 dev[0].dump_monitor()
115 dev[0].request("SET wps_cred_processing 2")
116 dev[0].request("WPS_PBC")
117 ev = dev[0].wait_event(["WPS-CRED-RECEIVED"], timeout=30)
118 dev[0].request("SET wps_cred_processing 0")
119 if ev is None:
120 raise Exception("WPS cred event not seen")
121 if "100e" not in ev:
122 raise Exception("WPS attributes not included in the cred event")
123 dev[0].wait_connected(timeout=30)
124
125 dev[1].scan_for_bss(apdev[0]['bssid'], freq="2412", force_scan=True)
126 dev[1].scan_for_bss(apdev[1]['bssid'], freq="2412")
127 bss = dev[1].get_bss(apdev[0]['bssid'])
128 if "[WPS-PBC]" in bss['flags']:
129 raise Exception("WPS-PBC flag not cleared from AP1")
130 bss = dev[1].get_bss(apdev[1]['bssid'])
131 if "[WPS-PBC]" in bss['flags']:
132 raise Exception("WPS-PBC flag not cleared from AP2")
133
134 def test_ap_wps_init_2ap_pin(dev, apdev):
135 """Initial two-radio AP configuration with first WPS PIN Enrollee"""
136 ssid = "test-wps"
137 params = { "ssid": ssid, "eap_server": "1", "wps_state": "1" }
138 hapd = hostapd.add_ap(apdev[0], params)
139 hostapd.add_ap(apdev[1], params)
140 logger.info("WPS provisioning step")
141 pin = dev[0].wps_read_pin()
142 hapd.request("WPS_PIN any " + pin)
143 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412", force_scan=True)
144 dev[0].scan_for_bss(apdev[1]['bssid'], freq="2412")
145 bss = dev[0].get_bss(apdev[0]['bssid'])
146 if "[WPS-AUTH]" not in bss['flags']:
147 raise Exception("WPS-AUTH flag missing from AP1")
148 bss = dev[0].get_bss(apdev[1]['bssid'])
149 if "[WPS-AUTH]" not in bss['flags']:
150 raise Exception("WPS-AUTH flag missing from AP2")
151 dev[0].dump_monitor()
152 dev[0].request("WPS_PIN any " + pin)
153 dev[0].wait_connected(timeout=30)
154
155 dev[1].scan_for_bss(apdev[0]['bssid'], freq="2412", force_scan=True)
156 dev[1].scan_for_bss(apdev[1]['bssid'], freq="2412")
157 bss = dev[1].get_bss(apdev[0]['bssid'])
158 if "[WPS-AUTH]" in bss['flags']:
159 raise Exception("WPS-AUTH flag not cleared from AP1")
160 bss = dev[1].get_bss(apdev[1]['bssid'])
161 if "[WPS-AUTH]" in bss['flags']:
162 raise Exception("WPS-AUTH flag not cleared from AP2")
163
164 @remote_compatible
165 def test_ap_wps_init_through_wps_config(dev, apdev):
166 """Initial AP configuration using wps_config command"""
167 ssid = "test-wps-init-config"
168 hapd = hostapd.add_ap(apdev[0],
169 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
170 if "FAIL" in hapd.request("WPS_CONFIG " + ssid.encode("hex") + " WPA2PSK CCMP " + "12345678".encode("hex")):
171 raise Exception("WPS_CONFIG command failed")
172 ev = hapd.wait_event(["WPS-NEW-AP-SETTINGS"], timeout=5)
173 if ev is None:
174 raise Exception("Timeout on WPS-NEW-AP-SETTINGS events")
175 # It takes some time for the AP to update Beacon and Probe Response frames,
176 # so wait here before requesting the scan to be started to avoid adding
177 # extra five second wait to the test due to fetching obsolete scan results.
178 hapd.ping()
179 time.sleep(0.2)
180 dev[0].connect(ssid, psk="12345678", scan_freq="2412", proto="WPA2",
181 pairwise="CCMP", group="CCMP")
182
183 if "FAIL" not in hapd.request("WPS_CONFIG foo"):
184 raise Exception("Invalid WPS_CONFIG accepted")
185
186 @remote_compatible
187 def test_ap_wps_init_through_wps_config_2(dev, apdev):
188 """AP configuration using wps_config and wps_cred_processing=2"""
189 ssid = "test-wps-init-config"
190 hapd = hostapd.add_ap(apdev[0],
191 { "ssid": ssid, "eap_server": "1", "wps_state": "1",
192 "wps_cred_processing": "2" })
193 if "FAIL" in hapd.request("WPS_CONFIG " + ssid.encode("hex") + " WPA2PSK CCMP " + "12345678".encode("hex")):
194 raise Exception("WPS_CONFIG command failed")
195 ev = hapd.wait_event(["WPS-NEW-AP-SETTINGS"], timeout=5)
196 if ev is None:
197 raise Exception("Timeout on WPS-NEW-AP-SETTINGS events")
198 if "100e" not in ev:
199 raise Exception("WPS-NEW-AP-SETTINGS did not include Credential")
200
201 @remote_compatible
202 def test_ap_wps_invalid_wps_config_passphrase(dev, apdev):
203 """AP configuration using wps_config command with invalid passphrase"""
204 ssid = "test-wps-init-config"
205 hapd = hostapd.add_ap(apdev[0],
206 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
207 if "FAIL" not in hapd.request("WPS_CONFIG " + ssid.encode("hex") + " WPA2PSK CCMP " + "1234567".encode("hex")):
208 raise Exception("Invalid WPS_CONFIG command accepted")
209
210 def test_ap_wps_conf(dev, apdev):
211 """WPS PBC provisioning with configured AP"""
212 ssid = "test-wps-conf"
213 hapd = hostapd.add_ap(apdev[0],
214 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
215 "wpa_passphrase": "12345678", "wpa": "2",
216 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
217 logger.info("WPS provisioning step")
218 hapd.request("WPS_PBC")
219 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
220 dev[0].dump_monitor()
221 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
222 dev[0].wait_connected(timeout=30)
223 status = dev[0].get_status()
224 if status['wpa_state'] != 'COMPLETED':
225 raise Exception("Not fully connected")
226 if status['bssid'] != apdev[0]['bssid']:
227 raise Exception("Unexpected BSSID")
228 if status['ssid'] != ssid:
229 raise Exception("Unexpected SSID")
230 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
231 raise Exception("Unexpected encryption configuration")
232 if status['key_mgmt'] != 'WPA2-PSK':
233 raise Exception("Unexpected key_mgmt")
234
235 sta = hapd.get_sta(dev[0].p2p_interface_addr())
236 if 'wpsDeviceName' not in sta or sta['wpsDeviceName'] != "Device A":
237 raise Exception("Device name not available in STA command")
238
239 def test_ap_wps_conf_5ghz(dev, apdev):
240 """WPS PBC provisioning with configured AP on 5 GHz band"""
241 try:
242 hapd = None
243 ssid = "test-wps-conf"
244 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
245 "wpa_passphrase": "12345678", "wpa": "2",
246 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
247 "country_code": "FI", "hw_mode": "a", "channel": "36" }
248 hapd = hostapd.add_ap(apdev[0], params)
249 logger.info("WPS provisioning step")
250 hapd.request("WPS_PBC")
251 dev[0].scan_for_bss(apdev[0]['bssid'], freq="5180")
252 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
253 dev[0].wait_connected(timeout=30)
254
255 sta = hapd.get_sta(dev[0].p2p_interface_addr())
256 if 'wpsDeviceName' not in sta or sta['wpsDeviceName'] != "Device A":
257 raise Exception("Device name not available in STA command")
258 finally:
259 dev[0].request("DISCONNECT")
260 if hapd:
261 hapd.request("DISABLE")
262 subprocess.call(['iw', 'reg', 'set', '00'])
263 dev[0].flush_scan_cache()
264
265 def test_ap_wps_conf_chan14(dev, apdev):
266 """WPS PBC provisioning with configured AP on channel 14"""
267 try:
268 hapd = None
269 ssid = "test-wps-conf"
270 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
271 "wpa_passphrase": "12345678", "wpa": "2",
272 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
273 "country_code": "JP", "hw_mode": "b", "channel": "14" }
274 hapd = hostapd.add_ap(apdev[0], params)
275 logger.info("WPS provisioning step")
276 hapd.request("WPS_PBC")
277 dev[0].request("WPS_PBC")
278 dev[0].wait_connected(timeout=30)
279
280 sta = hapd.get_sta(dev[0].p2p_interface_addr())
281 if 'wpsDeviceName' not in sta or sta['wpsDeviceName'] != "Device A":
282 raise Exception("Device name not available in STA command")
283 finally:
284 dev[0].request("DISCONNECT")
285 if hapd:
286 hapd.request("DISABLE")
287 subprocess.call(['iw', 'reg', 'set', '00'])
288 dev[0].flush_scan_cache()
289
290 @remote_compatible
291 def test_ap_wps_twice(dev, apdev):
292 """WPS provisioning with twice to change passphrase"""
293 ssid = "test-wps-twice"
294 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
295 "wpa_passphrase": "12345678", "wpa": "2",
296 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }
297 hapd = hostapd.add_ap(apdev[0], params)
298 logger.info("WPS provisioning step")
299 hapd.request("WPS_PBC")
300 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
301 dev[0].dump_monitor()
302 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
303 dev[0].wait_connected(timeout=30)
304 dev[0].request("DISCONNECT")
305
306 logger.info("Restart AP with different passphrase and re-run WPS")
307 hostapd.remove_bss(apdev[0])
308 params['wpa_passphrase'] = 'another passphrase'
309 hapd = hostapd.add_ap(apdev[0], params)
310 logger.info("WPS provisioning step")
311 hapd.request("WPS_PBC")
312 dev[0].dump_monitor()
313 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
314 dev[0].wait_connected(timeout=30)
315 networks = dev[0].list_networks()
316 if len(networks) > 1:
317 raise Exception("Unexpected duplicated network block present")
318
319 @remote_compatible
320 def test_ap_wps_incorrect_pin(dev, apdev):
321 """WPS PIN provisioning with incorrect PIN"""
322 ssid = "test-wps-incorrect-pin"
323 hapd = hostapd.add_ap(apdev[0],
324 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
325 "wpa_passphrase": "12345678", "wpa": "2",
326 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
327
328 logger.info("WPS provisioning attempt 1")
329 hapd.request("WPS_PIN any 12345670")
330 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
331 dev[0].dump_monitor()
332 dev[0].request("WPS_PIN %s 55554444" % apdev[0]['bssid'])
333 ev = dev[0].wait_event(["WPS-FAIL"], timeout=30)
334 if ev is None:
335 raise Exception("WPS operation timed out")
336 if "config_error=18" not in ev:
337 raise Exception("Incorrect config_error reported")
338 if "msg=8" not in ev:
339 raise Exception("PIN error detected on incorrect message")
340 dev[0].wait_disconnected(timeout=10)
341 dev[0].request("WPS_CANCEL")
342 # if a scan was in progress, wait for it to complete before trying WPS again
343 ev = dev[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
344
345 status = hapd.request("WPS_GET_STATUS")
346 if "Last WPS result: Failed" not in status:
347 raise Exception("WPS failure result not shown correctly")
348
349 logger.info("WPS provisioning attempt 2")
350 hapd.request("WPS_PIN any 12345670")
351 dev[0].dump_monitor()
352 dev[0].request("WPS_PIN %s 12344444" % apdev[0]['bssid'])
353 ev = dev[0].wait_event(["WPS-FAIL"], timeout=30)
354 if ev is None:
355 raise Exception("WPS operation timed out")
356 if "config_error=18" not in ev:
357 raise Exception("Incorrect config_error reported")
358 if "msg=10" not in ev:
359 raise Exception("PIN error detected on incorrect message")
360 dev[0].wait_disconnected(timeout=10)
361
362 @remote_compatible
363 def test_ap_wps_conf_pin(dev, apdev):
364 """WPS PIN provisioning with configured AP"""
365 ssid = "test-wps-conf-pin"
366 hapd = hostapd.add_ap(apdev[0],
367 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
368 "wpa_passphrase": "12345678", "wpa": "2",
369 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
370 logger.info("WPS provisioning step")
371 pin = dev[0].wps_read_pin()
372 hapd.request("WPS_PIN any " + pin)
373 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
374 dev[0].dump_monitor()
375 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
376 dev[0].wait_connected(timeout=30)
377 status = dev[0].get_status()
378 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
379 raise Exception("Not fully connected")
380 if status['ssid'] != ssid:
381 raise Exception("Unexpected SSID")
382 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
383 raise Exception("Unexpected encryption configuration")
384 if status['key_mgmt'] != 'WPA2-PSK':
385 raise Exception("Unexpected key_mgmt")
386
387 dev[1].scan_for_bss(apdev[0]['bssid'], freq="2412", force_scan=True)
388 bss = dev[1].get_bss(apdev[0]['bssid'])
389 if "[WPS-AUTH]" in bss['flags']:
390 raise Exception("WPS-AUTH flag not cleared")
391 logger.info("Try to connect from another station using the same PIN")
392 pin = dev[1].request("WPS_PIN " + apdev[0]['bssid'])
393 ev = dev[1].wait_event(["WPS-M2D","CTRL-EVENT-CONNECTED"], timeout=30)
394 if ev is None:
395 raise Exception("Operation timed out")
396 if "WPS-M2D" not in ev:
397 raise Exception("Unexpected WPS operation started")
398 hapd.request("WPS_PIN any " + pin)
399 dev[1].wait_connected(timeout=30)
400
401 def test_ap_wps_conf_pin_mixed_mode(dev, apdev):
402 """WPS PIN provisioning with configured AP (WPA+WPA2)"""
403 ssid = "test-wps-conf-pin-mixed"
404 hapd = hostapd.add_ap(apdev[0],
405 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
406 "wpa_passphrase": "12345678", "wpa": "3",
407 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
408 "wpa_pairwise": "TKIP" })
409
410 logger.info("WPS provisioning step")
411 pin = dev[0].wps_read_pin()
412 hapd.request("WPS_PIN any " + pin)
413 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
414 dev[0].dump_monitor()
415 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
416 dev[0].wait_connected(timeout=30)
417 status = dev[0].get_status()
418 dev[0].request("REMOVE_NETWORK all")
419 dev[0].wait_disconnected()
420 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP' or status['key_mgmt'] != 'WPA2-PSK':
421 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status['pairwise_cipher'], status['group_cipher'], status['key_mgmt']))
422
423 logger.info("WPS provisioning step (auth_types=0x1b)")
424 if "OK" not in dev[0].request("SET wps_force_auth_types 0x1b"):
425 raise Exception("Failed to set wps_force_auth_types 0x1b")
426 pin = dev[0].wps_read_pin()
427 hapd.request("WPS_PIN any " + pin)
428 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
429 dev[0].dump_monitor()
430 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
431 dev[0].wait_connected(timeout=30)
432 status = dev[0].get_status()
433 dev[0].request("REMOVE_NETWORK all")
434 dev[0].wait_disconnected()
435 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP' or status['key_mgmt'] != 'WPA2-PSK':
436 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status['pairwise_cipher'], status['group_cipher'], status['key_mgmt']))
437
438 logger.info("WPS provisioning step (auth_types=0 encr_types=0)")
439 if "OK" not in dev[0].request("SET wps_force_auth_types 0"):
440 raise Exception("Failed to set wps_force_auth_types 0")
441 if "OK" not in dev[0].request("SET wps_force_encr_types 0"):
442 raise Exception("Failed to set wps_force_encr_types 0")
443 pin = dev[0].wps_read_pin()
444 hapd.request("WPS_PIN any " + pin)
445 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
446 dev[0].dump_monitor()
447 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
448 dev[0].wait_connected(timeout=30)
449 status = dev[0].get_status()
450 dev[0].request("REMOVE_NETWORK all")
451 dev[0].wait_disconnected()
452 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP' or status['key_mgmt'] != 'WPA2-PSK':
453 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status['pairwise_cipher'], status['group_cipher'], status['key_mgmt']))
454
455 dev[0].request("SET wps_force_auth_types ")
456 dev[0].request("SET wps_force_encr_types ")
457
458 @remote_compatible
459 def test_ap_wps_conf_pin_v1(dev, apdev):
460 """WPS PIN provisioning with configured WPS v1.0 AP"""
461 ssid = "test-wps-conf-pin-v1"
462 hapd = hostapd.add_ap(apdev[0],
463 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
464 "wpa_passphrase": "12345678", "wpa": "2",
465 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
466 logger.info("WPS provisioning step")
467 pin = dev[0].wps_read_pin()
468 hapd.request("SET wps_version_number 0x10")
469 hapd.request("WPS_PIN any " + pin)
470 found = False
471 for i in range(0, 10):
472 dev[0].scan(freq="2412")
473 if "[WPS-PIN]" in dev[0].request("SCAN_RESULTS"):
474 found = True
475 break
476 if not found:
477 hapd.request("SET wps_version_number 0x20")
478 raise Exception("WPS-PIN flag not seen in scan results")
479 dev[0].dump_monitor()
480 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
481 dev[0].wait_connected(timeout=30)
482 hapd.request("SET wps_version_number 0x20")
483
484 @remote_compatible
485 def test_ap_wps_conf_pin_2sta(dev, apdev):
486 """Two stations trying to use WPS PIN at the same time"""
487 ssid = "test-wps-conf-pin2"
488 hapd = hostapd.add_ap(apdev[0],
489 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
490 "wpa_passphrase": "12345678", "wpa": "2",
491 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
492 logger.info("WPS provisioning step")
493 pin = "12345670"
494 pin2 = "55554444"
495 hapd.request("WPS_PIN " + dev[0].get_status_field("uuid") + " " + pin)
496 hapd.request("WPS_PIN " + dev[1].get_status_field("uuid") + " " + pin)
497 dev[0].dump_monitor()
498 dev[1].dump_monitor()
499 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
500 dev[1].scan_for_bss(apdev[0]['bssid'], freq="2412")
501 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
502 dev[1].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
503 dev[0].wait_connected(timeout=30)
504 dev[1].wait_connected(timeout=30)
505
506 @remote_compatible
507 def test_ap_wps_conf_pin_timeout(dev, apdev):
508 """WPS PIN provisioning with configured AP timing out PIN"""
509 ssid = "test-wps-conf-pin"
510 hapd = hostapd.add_ap(apdev[0],
511 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
512 "wpa_passphrase": "12345678", "wpa": "2",
513 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
514 addr = dev[0].p2p_interface_addr()
515 pin = dev[0].wps_read_pin()
516 if "FAIL" not in hapd.request("WPS_PIN "):
517 raise Exception("Unexpected success on invalid WPS_PIN")
518 hapd.request("WPS_PIN any " + pin + " 1")
519 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
520 time.sleep(1.1)
521 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
522 ev = hapd.wait_event(["WPS-PIN-NEEDED"], timeout=20)
523 if ev is None:
524 raise Exception("WPS-PIN-NEEDED event timed out")
525 ev = dev[0].wait_event(["WPS-M2D"])
526 if ev is None:
527 raise Exception("M2D not reported")
528 dev[0].request("WPS_CANCEL")
529
530 hapd.request("WPS_PIN any " + pin + " 20 " + addr)
531 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
532 dev[0].wait_connected(timeout=30)
533
534 def test_ap_wps_reg_connect(dev, apdev):
535 """WPS registrar using AP PIN to connect"""
536 ssid = "test-wps-reg-ap-pin"
537 appin = "12345670"
538 hostapd.add_ap(apdev[0],
539 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
540 "wpa_passphrase": "12345678", "wpa": "2",
541 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
542 "ap_pin": appin})
543 logger.info("WPS provisioning step")
544 dev[0].dump_monitor()
545 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
546 dev[0].wps_reg(apdev[0]['bssid'], appin)
547 status = dev[0].get_status()
548 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
549 raise Exception("Not fully connected")
550 if status['ssid'] != ssid:
551 raise Exception("Unexpected SSID")
552 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
553 raise Exception("Unexpected encryption configuration")
554 if status['key_mgmt'] != 'WPA2-PSK':
555 raise Exception("Unexpected key_mgmt")
556
557 def test_ap_wps_reg_connect_mixed_mode(dev, apdev):
558 """WPS registrar using AP PIN to connect (WPA+WPA2)"""
559 ssid = "test-wps-reg-ap-pin"
560 appin = "12345670"
561 hostapd.add_ap(apdev[0],
562 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
563 "wpa_passphrase": "12345678", "wpa": "3",
564 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
565 "wpa_pairwise": "TKIP", "ap_pin": appin})
566 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
567 dev[0].wps_reg(apdev[0]['bssid'], appin)
568 status = dev[0].get_status()
569 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
570 raise Exception("Not fully connected")
571 if status['ssid'] != ssid:
572 raise Exception("Unexpected SSID")
573 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP':
574 raise Exception("Unexpected encryption configuration")
575 if status['key_mgmt'] != 'WPA2-PSK':
576 raise Exception("Unexpected key_mgmt")
577
578 def test_ap_wps_reg_override_ap_settings(dev, apdev):
579 """WPS registrar and ap_settings override"""
580 ap_settings = "/tmp/ap_wps_reg_override_ap_settings"
581 try:
582 os.remove(ap_settings)
583 except:
584 pass
585 # Override AP Settings with values that point to another AP
586 data = build_wsc_attr(ATTR_NETWORK_INDEX, '\x01')
587 data += build_wsc_attr(ATTR_SSID, "test")
588 data += build_wsc_attr(ATTR_AUTH_TYPE, '\x00\x01')
589 data += build_wsc_attr(ATTR_ENCR_TYPE, '\x00\x01')
590 data += build_wsc_attr(ATTR_NETWORK_KEY, '')
591 data += build_wsc_attr(ATTR_MAC_ADDR, binascii.unhexlify(apdev[1]['bssid'].replace(':', '')))
592 with open(ap_settings, "w") as f:
593 f.write(data)
594 ssid = "test-wps-reg-ap-pin"
595 appin = "12345670"
596 hostapd.add_ap(apdev[0],
597 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
598 "wpa_passphrase": "12345678", "wpa": "2",
599 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
600 "ap_pin": appin, "ap_settings": ap_settings })
601 hapd2 = hostapd.add_ap(apdev[1], { "ssid": "test" })
602 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
603 dev[0].scan_for_bss(apdev[1]['bssid'], freq=2412)
604 dev[0].wps_reg(apdev[0]['bssid'], appin)
605 ev = hapd2.wait_event(['AP-STA-CONNECTED'], timeout=10)
606 os.remove(ap_settings)
607 if ev is None:
608 raise Exception("No connection with the other AP")
609
610 def check_wps_reg_failure(dev, ap, appin):
611 dev.request("WPS_REG " + ap['bssid'] + " " + appin)
612 ev = dev.wait_event(["WPS-SUCCESS", "WPS-FAIL"], timeout=15)
613 if ev is None:
614 raise Exception("WPS operation timed out")
615 if "WPS-SUCCESS" in ev:
616 raise Exception("WPS operation succeeded unexpectedly")
617 if "config_error=15" not in ev:
618 raise Exception("WPS setup locked state was not reported correctly")
619
620 def test_ap_wps_random_ap_pin(dev, apdev):
621 """WPS registrar using random AP PIN"""
622 ssid = "test-wps-reg-random-ap-pin"
623 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
624 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
625 "wpa_passphrase": "12345678", "wpa": "2",
626 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
627 "device_name": "Wireless AP", "manufacturer": "Company",
628 "model_name": "WAP", "model_number": "123",
629 "serial_number": "12345", "device_type": "6-0050F204-1",
630 "os_version": "01020300",
631 "config_methods": "label push_button",
632 "uuid": ap_uuid, "upnp_iface": "lo" }
633 hapd = hostapd.add_ap(apdev[0], params)
634 appin = hapd.request("WPS_AP_PIN random")
635 if "FAIL" in appin:
636 raise Exception("Could not generate random AP PIN")
637 if appin not in hapd.request("WPS_AP_PIN get"):
638 raise Exception("Could not fetch current AP PIN")
639 logger.info("WPS provisioning step")
640 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
641 dev[0].wps_reg(apdev[0]['bssid'], appin)
642
643 hapd.request("WPS_AP_PIN disable")
644 logger.info("WPS provisioning step with AP PIN disabled")
645 dev[1].scan_for_bss(apdev[0]['bssid'], freq=2412)
646 check_wps_reg_failure(dev[1], apdev[0], appin)
647
648 logger.info("WPS provisioning step with AP PIN reset")
649 appin = "12345670"
650 hapd.request("WPS_AP_PIN set " + appin)
651 dev[1].wps_reg(apdev[0]['bssid'], appin)
652 dev[0].request("REMOVE_NETWORK all")
653 dev[1].request("REMOVE_NETWORK all")
654 dev[0].wait_disconnected(timeout=10)
655 dev[1].wait_disconnected(timeout=10)
656
657 logger.info("WPS provisioning step after AP PIN timeout")
658 hapd.request("WPS_AP_PIN disable")
659 appin = hapd.request("WPS_AP_PIN random 1")
660 time.sleep(1.1)
661 if "FAIL" not in hapd.request("WPS_AP_PIN get"):
662 raise Exception("AP PIN unexpectedly still enabled")
663 check_wps_reg_failure(dev[0], apdev[0], appin)
664
665 logger.info("WPS provisioning step after AP PIN timeout(2)")
666 hapd.request("WPS_AP_PIN disable")
667 appin = "12345670"
668 hapd.request("WPS_AP_PIN set " + appin + " 1")
669 time.sleep(1.1)
670 if "FAIL" not in hapd.request("WPS_AP_PIN get"):
671 raise Exception("AP PIN unexpectedly still enabled")
672 check_wps_reg_failure(dev[1], apdev[0], appin)
673
674 with fail_test(hapd, 1, "os_get_random;wps_generate_pin"):
675 hapd.request("WPS_AP_PIN random 1")
676 hapd.request("WPS_AP_PIN disable")
677
678 with alloc_fail(hapd, 1, "upnp_wps_set_ap_pin"):
679 hapd.request("WPS_AP_PIN set 12345670")
680 hapd.request("WPS_AP_PIN disable")
681
682 if "FAIL" not in hapd.request("WPS_AP_PIN set"):
683 raise Exception("Invalid WPS_AP_PIN accepted")
684 if "FAIL" not in hapd.request("WPS_AP_PIN foo"):
685 raise Exception("Invalid WPS_AP_PIN accepted")
686
687 def test_ap_wps_reg_config(dev, apdev):
688 """WPS registrar configuring an AP using AP PIN"""
689 ssid = "test-wps-init-ap-pin"
690 appin = "12345670"
691 hostapd.add_ap(apdev[0],
692 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
693 "ap_pin": appin})
694 logger.info("WPS configuration step")
695 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
696 dev[0].dump_monitor()
697 new_ssid = "wps-new-ssid"
698 new_passphrase = "1234567890"
699 dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPA2PSK", "CCMP",
700 new_passphrase)
701 status = dev[0].get_status()
702 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
703 raise Exception("Not fully connected")
704 if status['ssid'] != new_ssid:
705 raise Exception("Unexpected SSID")
706 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
707 raise Exception("Unexpected encryption configuration")
708 if status['key_mgmt'] != 'WPA2-PSK':
709 raise Exception("Unexpected key_mgmt")
710
711 logger.info("Re-configure back to open")
712 dev[0].request("REMOVE_NETWORK all")
713 dev[0].flush_scan_cache()
714 dev[0].dump_monitor()
715 dev[0].wps_reg(apdev[0]['bssid'], appin, "wps-open", "OPEN", "NONE", "")
716 status = dev[0].get_status()
717 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
718 raise Exception("Not fully connected")
719 if status['ssid'] != "wps-open":
720 raise Exception("Unexpected SSID")
721 if status['key_mgmt'] != 'NONE':
722 raise Exception("Unexpected key_mgmt")
723
724 def test_ap_wps_reg_config_ext_processing(dev, apdev):
725 """WPS registrar configuring an AP with external config processing"""
726 ssid = "test-wps-init-ap-pin"
727 appin = "12345670"
728 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
729 "wps_cred_processing": "1", "ap_pin": appin}
730 hapd = hostapd.add_ap(apdev[0], params)
731 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
732 new_ssid = "wps-new-ssid"
733 new_passphrase = "1234567890"
734 dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPA2PSK", "CCMP",
735 new_passphrase, no_wait=True)
736 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
737 if ev is None:
738 raise Exception("WPS registrar operation timed out")
739 ev = hapd.wait_event(["WPS-NEW-AP-SETTINGS"], timeout=15)
740 if ev is None:
741 raise Exception("WPS configuration timed out")
742 if "1026" not in ev:
743 raise Exception("AP Settings missing from event")
744 hapd.request("SET wps_cred_processing 0")
745 if "FAIL" in hapd.request("WPS_CONFIG " + new_ssid.encode("hex") + " WPA2PSK CCMP " + new_passphrase.encode("hex")):
746 raise Exception("WPS_CONFIG command failed")
747 dev[0].wait_connected(timeout=15)
748
749 def test_ap_wps_reg_config_tkip(dev, apdev):
750 """WPS registrar configuring AP to use TKIP and AP upgrading to TKIP+CCMP"""
751 skip_with_fips(dev[0])
752 ssid = "test-wps-init-ap"
753 appin = "12345670"
754 hostapd.add_ap(apdev[0],
755 { "ssid": ssid, "eap_server": "1", "wps_state": "1",
756 "ap_pin": appin})
757 logger.info("WPS configuration step")
758 dev[0].request("SET wps_version_number 0x10")
759 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
760 dev[0].dump_monitor()
761 new_ssid = "wps-new-ssid-with-tkip"
762 new_passphrase = "1234567890"
763 dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPAPSK", "TKIP",
764 new_passphrase)
765 logger.info("Re-connect to verify WPA2 mixed mode")
766 dev[0].request("DISCONNECT")
767 id = 0
768 dev[0].set_network(id, "pairwise", "CCMP")
769 dev[0].set_network(id, "proto", "RSN")
770 dev[0].connect_network(id)
771 status = dev[0].get_status()
772 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
773 raise Exception("Not fully connected: wpa_state={} bssid={}".format(status['wpa_state'], status['bssid']))
774 if status['ssid'] != new_ssid:
775 raise Exception("Unexpected SSID")
776 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP':
777 raise Exception("Unexpected encryption configuration")
778 if status['key_mgmt'] != 'WPA2-PSK':
779 raise Exception("Unexpected key_mgmt")
780
781 def test_ap_wps_setup_locked(dev, apdev):
782 """WPS registrar locking up AP setup on AP PIN failures"""
783 ssid = "test-wps-incorrect-ap-pin"
784 appin = "12345670"
785 hapd = hostapd.add_ap(apdev[0],
786 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
787 "wpa_passphrase": "12345678", "wpa": "2",
788 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
789 "ap_pin": appin})
790 new_ssid = "wps-new-ssid-test"
791 new_passphrase = "1234567890"
792
793 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
794 ap_setup_locked=False
795 for pin in ["55554444", "1234", "12345678", "00000000", "11111111"]:
796 dev[0].dump_monitor()
797 logger.info("Try incorrect AP PIN - attempt " + pin)
798 dev[0].wps_reg(apdev[0]['bssid'], pin, new_ssid, "WPA2PSK",
799 "CCMP", new_passphrase, no_wait=True)
800 ev = dev[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
801 if ev is None:
802 raise Exception("Timeout on receiving WPS operation failure event")
803 if "CTRL-EVENT-CONNECTED" in ev:
804 raise Exception("Unexpected connection")
805 if "config_error=15" in ev:
806 logger.info("AP Setup Locked")
807 ap_setup_locked=True
808 elif "config_error=18" not in ev:
809 raise Exception("config_error=18 not reported")
810 dev[0].wait_disconnected(timeout=10)
811 time.sleep(0.1)
812 if not ap_setup_locked:
813 raise Exception("AP setup was not locked")
814 dev[0].request("WPS_CANCEL")
815 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412, force_scan=True,
816 only_new=True)
817 bss = dev[0].get_bss(apdev[0]['bssid'])
818 if 'wps_ap_setup_locked' not in bss or bss['wps_ap_setup_locked'] != '1':
819 logger.info("BSS: " + str(bss))
820 raise Exception("AP Setup Locked not indicated in scan results")
821
822 status = hapd.request("WPS_GET_STATUS")
823 if "Last WPS result: Failed" not in status:
824 raise Exception("WPS failure result not shown correctly")
825 if "Peer Address: " + dev[0].p2p_interface_addr() not in status:
826 raise Exception("Peer address not shown correctly")
827
828 time.sleep(0.5)
829 dev[0].dump_monitor()
830 logger.info("WPS provisioning step")
831 pin = dev[0].wps_read_pin()
832 hapd.request("WPS_PIN any " + pin)
833 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
834 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=30)
835 if ev is None:
836 raise Exception("WPS success was not reported")
837 dev[0].wait_connected(timeout=30)
838
839 appin = hapd.request("WPS_AP_PIN random")
840 if "FAIL" in appin:
841 raise Exception("Could not generate random AP PIN")
842 ev = hapd.wait_event(["WPS-AP-SETUP-UNLOCKED"], timeout=10)
843 if ev is None:
844 raise Exception("Failed to unlock AP PIN")
845
846 def test_ap_wps_setup_locked_timeout(dev, apdev):
847 """WPS re-enabling AP PIN after timeout"""
848 ssid = "test-wps-incorrect-ap-pin"
849 appin = "12345670"
850 hapd = hostapd.add_ap(apdev[0],
851 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
852 "wpa_passphrase": "12345678", "wpa": "2",
853 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
854 "ap_pin": appin})
855 new_ssid = "wps-new-ssid-test"
856 new_passphrase = "1234567890"
857
858 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
859 ap_setup_locked=False
860 for pin in ["55554444", "1234", "12345678", "00000000", "11111111"]:
861 dev[0].dump_monitor()
862 logger.info("Try incorrect AP PIN - attempt " + pin)
863 dev[0].wps_reg(apdev[0]['bssid'], pin, new_ssid, "WPA2PSK",
864 "CCMP", new_passphrase, no_wait=True)
865 ev = dev[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"], timeout=15)
866 if ev is None:
867 raise Exception("Timeout on receiving WPS operation failure event")
868 if "CTRL-EVENT-CONNECTED" in ev:
869 raise Exception("Unexpected connection")
870 if "config_error=15" in ev:
871 logger.info("AP Setup Locked")
872 ap_setup_locked=True
873 break
874 elif "config_error=18" not in ev:
875 raise Exception("config_error=18 not reported")
876 dev[0].wait_disconnected(timeout=10)
877 time.sleep(0.1)
878 if not ap_setup_locked:
879 raise Exception("AP setup was not locked")
880 ev = hapd.wait_event(["WPS-AP-SETUP-UNLOCKED"], timeout=80)
881 if ev is None:
882 raise Exception("AP PIN did not get unlocked on 60 second timeout")
883
884 def test_ap_wps_setup_locked_2(dev, apdev):
885 """WPS AP configured for special ap_setup_locked=2 mode"""
886 ssid = "test-wps-ap-pin"
887 appin = "12345670"
888 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
889 "wpa_passphrase": "12345678", "wpa": "2",
890 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
891 "ap_pin": appin, "ap_setup_locked": "2" }
892 hapd = hostapd.add_ap(apdev[0], params)
893 new_ssid = "wps-new-ssid-test"
894 new_passphrase = "1234567890"
895
896 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
897 dev[0].wps_reg(apdev[0]['bssid'], appin)
898 dev[0].request("REMOVE_NETWORK all")
899 dev[0].wait_disconnected()
900
901 hapd.dump_monitor()
902 dev[0].dump_monitor()
903 dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPA2PSK",
904 "CCMP", new_passphrase, no_wait=True)
905
906 ev = hapd.wait_event(["WPS-FAIL"], timeout=5)
907 if ev is None:
908 raise Exception("hostapd did not report WPS failure")
909 if "msg=12 config_error=15" not in ev:
910 raise Exception("Unexpected failure reason (AP): " + ev)
911
912 ev = dev[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
913 if ev is None:
914 raise Exception("Timeout on receiving WPS operation failure event")
915 if "CTRL-EVENT-CONNECTED" in ev:
916 raise Exception("Unexpected connection")
917 if "config_error=15" not in ev:
918 raise Exception("Unexpected failure reason (STA): " + ev)
919 dev[0].request("WPS_CANCEL")
920 dev[0].wait_disconnected()
921
922 @remote_compatible
923 def test_ap_wps_pbc_overlap_2ap(dev, apdev):
924 """WPS PBC session overlap with two active APs"""
925 params = { "ssid": "wps1", "eap_server": "1", "wps_state": "2",
926 "wpa_passphrase": "12345678", "wpa": "2",
927 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
928 "wps_independent": "1"}
929 hapd = hostapd.add_ap(apdev[0], params)
930 params = { "ssid": "wps2", "eap_server": "1", "wps_state": "2",
931 "wpa_passphrase": "123456789", "wpa": "2",
932 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
933 "wps_independent": "1"}
934 hapd2 = hostapd.add_ap(apdev[1], params)
935 hapd.request("WPS_PBC")
936 hapd2.request("WPS_PBC")
937 logger.info("WPS provisioning step")
938 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412", force_scan=True)
939 dev[0].scan_for_bss(apdev[1]['bssid'], freq="2412")
940 dev[0].request("WPS_PBC")
941 ev = dev[0].wait_event(["WPS-OVERLAP-DETECTED"], timeout=15)
942 if ev is None:
943 raise Exception("PBC session overlap not detected")
944 hapd.request("DISABLE")
945 hapd2.request("DISABLE")
946 dev[0].flush_scan_cache()
947
948 @remote_compatible
949 def test_ap_wps_pbc_overlap_2sta(dev, apdev):
950 """WPS PBC session overlap with two active STAs"""
951 ssid = "test-wps-pbc-overlap"
952 hapd = hostapd.add_ap(apdev[0],
953 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
954 "wpa_passphrase": "12345678", "wpa": "2",
955 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
956 logger.info("WPS provisioning step")
957 hapd.request("WPS_PBC")
958 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
959 dev[0].dump_monitor()
960 dev[1].scan_for_bss(apdev[0]['bssid'], freq="2412")
961 dev[1].dump_monitor()
962 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
963 dev[1].request("WPS_PBC " + apdev[0]['bssid'])
964 ev = dev[0].wait_event(["WPS-M2D"], timeout=15)
965 if ev is None:
966 raise Exception("PBC session overlap not detected (dev0)")
967 if "config_error=12" not in ev:
968 raise Exception("PBC session overlap not correctly reported (dev0)")
969 dev[0].request("WPS_CANCEL")
970 dev[0].request("DISCONNECT")
971 ev = dev[1].wait_event(["WPS-M2D"], timeout=15)
972 if ev is None:
973 raise Exception("PBC session overlap not detected (dev1)")
974 if "config_error=12" not in ev:
975 raise Exception("PBC session overlap not correctly reported (dev1)")
976 dev[1].request("WPS_CANCEL")
977 dev[1].request("DISCONNECT")
978 hapd.request("WPS_CANCEL")
979 ret = hapd.request("WPS_PBC")
980 if "FAIL" not in ret:
981 raise Exception("PBC mode allowed to be started while PBC overlap still active")
982 hapd.request("DISABLE")
983 dev[0].flush_scan_cache()
984 dev[1].flush_scan_cache()
985
986 @remote_compatible
987 def test_ap_wps_cancel(dev, apdev):
988 """WPS AP cancelling enabled config method"""
989 ssid = "test-wps-ap-cancel"
990 hapd = hostapd.add_ap(apdev[0],
991 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
992 "wpa_passphrase": "12345678", "wpa": "2",
993 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
994 bssid = apdev[0]['bssid']
995
996 logger.info("Verify PBC enable/cancel")
997 hapd.request("WPS_PBC")
998 dev[0].scan(freq="2412")
999 dev[0].scan(freq="2412")
1000 bss = dev[0].get_bss(apdev[0]['bssid'])
1001 if "[WPS-PBC]" not in bss['flags']:
1002 raise Exception("WPS-PBC flag missing")
1003 if "FAIL" in hapd.request("WPS_CANCEL"):
1004 raise Exception("WPS_CANCEL failed")
1005 dev[0].scan(freq="2412")
1006 dev[0].scan(freq="2412")
1007 bss = dev[0].get_bss(apdev[0]['bssid'])
1008 if "[WPS-PBC]" in bss['flags']:
1009 raise Exception("WPS-PBC flag not cleared")
1010
1011 logger.info("Verify PIN enable/cancel")
1012 hapd.request("WPS_PIN any 12345670")
1013 dev[0].scan(freq="2412")
1014 dev[0].scan(freq="2412")
1015 bss = dev[0].get_bss(apdev[0]['bssid'])
1016 if "[WPS-AUTH]" not in bss['flags']:
1017 raise Exception("WPS-AUTH flag missing")
1018 if "FAIL" in hapd.request("WPS_CANCEL"):
1019 raise Exception("WPS_CANCEL failed")
1020 dev[0].scan(freq="2412")
1021 dev[0].scan(freq="2412")
1022 bss = dev[0].get_bss(apdev[0]['bssid'])
1023 if "[WPS-AUTH]" in bss['flags']:
1024 raise Exception("WPS-AUTH flag not cleared")
1025
1026 def test_ap_wps_er_add_enrollee(dev, apdev):
1027 """WPS ER configuring AP and adding a new enrollee using PIN"""
1028 try:
1029 _test_ap_wps_er_add_enrollee(dev, apdev)
1030 finally:
1031 dev[0].request("WPS_ER_STOP")
1032
1033 def _test_ap_wps_er_add_enrollee(dev, apdev):
1034 ssid = "wps-er-add-enrollee"
1035 ap_pin = "12345670"
1036 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1037 hostapd.add_ap(apdev[0],
1038 { "ssid": ssid, "eap_server": "1", "wps_state": "1",
1039 "device_name": "Wireless AP", "manufacturer": "Company",
1040 "model_name": "WAP", "model_number": "123",
1041 "serial_number": "12345", "device_type": "6-0050F204-1",
1042 "os_version": "01020300",
1043 'friendly_name': "WPS AP - <>&'\" - TEST",
1044 "config_methods": "label push_button",
1045 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
1046 logger.info("WPS configuration step")
1047 new_passphrase = "1234567890"
1048 dev[0].dump_monitor()
1049 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
1050 dev[0].wps_reg(apdev[0]['bssid'], ap_pin, ssid, "WPA2PSK", "CCMP",
1051 new_passphrase)
1052 status = dev[0].get_status()
1053 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
1054 raise Exception("Not fully connected")
1055 if status['ssid'] != ssid:
1056 raise Exception("Unexpected SSID")
1057 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
1058 raise Exception("Unexpected encryption configuration")
1059 if status['key_mgmt'] != 'WPA2-PSK':
1060 raise Exception("Unexpected key_mgmt")
1061
1062 logger.info("Start ER")
1063 dev[0].request("WPS_ER_START ifname=lo")
1064 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
1065 if ev is None:
1066 raise Exception("AP discovery timed out")
1067 if ap_uuid not in ev:
1068 raise Exception("Expected AP UUID not found")
1069 if "|WPS AP - &lt;&gt;&amp;&apos;&quot; - TEST|Company|" not in ev:
1070 raise Exception("Expected friendly name not found")
1071
1072 logger.info("Learn AP configuration through UPnP")
1073 dev[0].dump_monitor()
1074 dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
1075 ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15)
1076 if ev is None:
1077 raise Exception("AP learn timed out")
1078 if ap_uuid not in ev:
1079 raise Exception("Expected AP UUID not in settings")
1080 if "ssid=" + ssid not in ev:
1081 raise Exception("Expected SSID not in settings")
1082 if "key=" + new_passphrase not in ev:
1083 raise Exception("Expected passphrase not in settings")
1084 ev = dev[0].wait_event(["WPS-FAIL"], timeout=15)
1085 if ev is None:
1086 raise Exception("WPS-FAIL after AP learn timed out")
1087 time.sleep(0.1)
1088
1089 logger.info("Add Enrollee using ER")
1090 pin = dev[1].wps_read_pin()
1091 dev[0].dump_monitor()
1092 dev[0].request("WPS_ER_PIN any " + pin + " " + dev[1].p2p_interface_addr())
1093 dev[1].scan_for_bss(apdev[0]['bssid'], freq=2412)
1094 dev[1].dump_monitor()
1095 dev[1].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
1096 ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=30)
1097 if ev is None:
1098 raise Exception("Enrollee did not report success")
1099 dev[1].wait_connected(timeout=15)
1100 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
1101 if ev is None:
1102 raise Exception("WPS ER did not report success")
1103 hwsim_utils.test_connectivity_sta(dev[0], dev[1])
1104
1105 logger.info("Add a specific Enrollee using ER")
1106 pin = dev[2].wps_read_pin()
1107 addr2 = dev[2].p2p_interface_addr()
1108 dev[0].dump_monitor()
1109 dev[2].scan_for_bss(apdev[0]['bssid'], freq=2412)
1110 dev[2].dump_monitor()
1111 dev[2].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
1112 ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=10)
1113 if ev is None:
1114 raise Exception("Enrollee not seen")
1115 if addr2 not in ev:
1116 raise Exception("Unexpected Enrollee MAC address")
1117 dev[0].request("WPS_ER_PIN " + addr2 + " " + pin + " " + addr2)
1118 dev[2].wait_connected(timeout=30)
1119 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
1120 if ev is None:
1121 raise Exception("WPS ER did not report success")
1122
1123 logger.info("Verify registrar selection behavior")
1124 dev[0].request("WPS_ER_PIN any " + pin + " " + dev[1].p2p_interface_addr())
1125 dev[1].request("DISCONNECT")
1126 dev[1].wait_disconnected(timeout=10)
1127 dev[1].scan_for_bss(apdev[0]['bssid'], freq="2412")
1128 dev[1].scan(freq="2412")
1129 bss = dev[1].get_bss(apdev[0]['bssid'])
1130 if "[WPS-AUTH]" not in bss['flags']:
1131 # It is possible for scan to miss an update especially when running
1132 # tests under load with multiple VMs, so allow another attempt.
1133 dev[1].scan(freq="2412")
1134 bss = dev[1].get_bss(apdev[0]['bssid'])
1135 if "[WPS-AUTH]" not in bss['flags']:
1136 raise Exception("WPS-AUTH flag missing")
1137
1138 logger.info("Stop ER")
1139 dev[0].dump_monitor()
1140 dev[0].request("WPS_ER_STOP")
1141 ev = dev[0].wait_event(["WPS-ER-AP-REMOVE"])
1142 if ev is None:
1143 raise Exception("WPS ER unsubscription timed out")
1144 # It takes some time for the UPnP UNSUBSCRIBE command to go through, so wait
1145 # a bit before verifying that the scan results have changed.
1146 time.sleep(0.2)
1147
1148 for i in range(0, 10):
1149 dev[1].request("BSS_FLUSH 0")
1150 dev[1].scan(freq="2412", only_new=True)
1151 bss = dev[1].get_bss(apdev[0]['bssid'])
1152 if bss and 'flags' in bss and "[WPS-AUTH]" not in bss['flags']:
1153 break
1154 logger.debug("WPS-AUTH flag was still in place - wait a bit longer")
1155 time.sleep(0.1)
1156 if "[WPS-AUTH]" in bss['flags']:
1157 raise Exception("WPS-AUTH flag not removed")
1158
1159 def test_ap_wps_er_add_enrollee_uuid(dev, apdev):
1160 """WPS ER adding a new enrollee identified by UUID"""
1161 try:
1162 _test_ap_wps_er_add_enrollee_uuid(dev, apdev)
1163 finally:
1164 dev[0].request("WPS_ER_STOP")
1165
1166 def _test_ap_wps_er_add_enrollee_uuid(dev, apdev):
1167 ssid = "wps-er-add-enrollee"
1168 ap_pin = "12345670"
1169 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1170 hostapd.add_ap(apdev[0],
1171 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1172 "wpa_passphrase": "12345678", "wpa": "2",
1173 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1174 "device_name": "Wireless AP", "manufacturer": "Company",
1175 "model_name": "WAP", "model_number": "123",
1176 "serial_number": "12345", "device_type": "6-0050F204-1",
1177 "os_version": "01020300",
1178 "config_methods": "label push_button",
1179 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
1180 logger.info("WPS configuration step")
1181 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
1182 dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
1183
1184 logger.info("Start ER")
1185 dev[0].request("WPS_ER_START ifname=lo")
1186 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
1187 if ev is None:
1188 raise Exception("AP discovery timed out")
1189 if ap_uuid not in ev:
1190 raise Exception("Expected AP UUID not found")
1191
1192 logger.info("Learn AP configuration through UPnP")
1193 dev[0].dump_monitor()
1194 dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
1195 ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15)
1196 if ev is None:
1197 raise Exception("AP learn timed out")
1198 if ap_uuid not in ev:
1199 raise Exception("Expected AP UUID not in settings")
1200 ev = dev[0].wait_event(["WPS-FAIL"], timeout=15)
1201 if ev is None:
1202 raise Exception("WPS-FAIL after AP learn timed out")
1203 time.sleep(0.1)
1204
1205 logger.info("Add a specific Enrollee using ER (PBC/UUID)")
1206 addr1 = dev[1].p2p_interface_addr()
1207 dev[0].dump_monitor()
1208 dev[1].scan_for_bss(apdev[0]['bssid'], freq=2412)
1209 dev[1].dump_monitor()
1210 dev[1].request("WPS_PBC %s" % apdev[0]['bssid'])
1211 ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=10)
1212 if ev is None:
1213 raise Exception("Enrollee not seen")
1214 if addr1 not in ev:
1215 raise Exception("Unexpected Enrollee MAC address")
1216 uuid = ev.split(' ')[1]
1217 dev[0].request("WPS_ER_PBC " + uuid)
1218 dev[1].wait_connected(timeout=30)
1219 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
1220 if ev is None:
1221 raise Exception("WPS ER did not report success")
1222
1223 logger.info("Add a specific Enrollee using ER (PIN/UUID)")
1224 pin = dev[2].wps_read_pin()
1225 addr2 = dev[2].p2p_interface_addr()
1226 dev[0].dump_monitor()
1227 dev[2].scan_for_bss(apdev[0]['bssid'], freq=2412)
1228 dev[2].dump_monitor()
1229 dev[2].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
1230 ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=10)
1231 if ev is None:
1232 raise Exception("Enrollee not seen")
1233 if addr2 not in ev:
1234 raise Exception("Unexpected Enrollee MAC address")
1235 uuid = ev.split(' ')[1]
1236 dev[0].request("WPS_ER_PIN " + uuid + " " + pin)
1237 dev[2].wait_connected(timeout=30)
1238 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
1239 if ev is None:
1240 raise Exception("WPS ER did not report success")
1241
1242 ev = dev[0].wait_event(["WPS-ER-ENROLLEE-REMOVE"], timeout=15)
1243 if ev is None:
1244 raise Exception("No Enrollee STA entry timeout seen")
1245
1246 logger.info("Stop ER")
1247 dev[0].dump_monitor()
1248 dev[0].request("WPS_ER_STOP")
1249
1250 def test_ap_wps_er_multi_add_enrollee(dev, apdev):
1251 """Multiple WPS ERs adding a new enrollee using PIN"""
1252 try:
1253 _test_ap_wps_er_multi_add_enrollee(dev, apdev)
1254 finally:
1255 for i in range(2):
1256 dev[i].request("WPS_ER_STOP")
1257
1258 def _test_ap_wps_er_multi_add_enrollee(dev, apdev):
1259 ssid = "wps-er-add-enrollee"
1260 ap_pin = "12345670"
1261 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1262 hostapd.add_ap(apdev[0],
1263 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1264 "wpa_passphrase": "12345678", "wpa": "2",
1265 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1266 "device_name": "Wireless AP", "manufacturer": "Company",
1267 "model_name": "WAP", "model_number": "123",
1268 "serial_number": "12345", "device_type": "6-0050F204-1",
1269 "os_version": "01020300",
1270 'friendly_name': "WPS AP",
1271 "config_methods": "label push_button",
1272 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
1273
1274 for i in range(2):
1275 dev[i].scan_for_bss(apdev[0]['bssid'], freq=2412)
1276 dev[i].wps_reg(apdev[0]['bssid'], ap_pin)
1277 for i in range(2):
1278 dev[i].request("WPS_ER_START ifname=lo")
1279 for i in range(2):
1280 ev = dev[i].wait_event(["WPS-ER-AP-ADD"], timeout=15)
1281 if ev is None:
1282 raise Exception("AP discovery timed out")
1283 dev[i].dump_monitor()
1284 for i in range(2):
1285 dev[i].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
1286 for i in range(2):
1287 ev = dev[i].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15)
1288 if ev is None:
1289 raise Exception("AP learn timed out")
1290 ev = dev[i].wait_event(["WPS-FAIL"], timeout=15)
1291 if ev is None:
1292 raise Exception("WPS-FAIL after AP learn timed out")
1293
1294 time.sleep(0.1)
1295
1296 pin = dev[2].wps_read_pin()
1297 addr = dev[2].own_addr()
1298 dev[0].dump_monitor()
1299 dev[0].request("WPS_ER_PIN any " + pin + " " + addr)
1300 dev[1].dump_monitor()
1301 dev[1].request("WPS_ER_PIN any " + pin + " " + addr)
1302
1303 dev[2].scan_for_bss(apdev[0]['bssid'], freq=2412)
1304 dev[2].dump_monitor()
1305 dev[2].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
1306 ev = dev[2].wait_event(["WPS-SUCCESS"], timeout=30)
1307 if ev is None:
1308 raise Exception("Enrollee did not report success")
1309 dev[2].wait_connected(timeout=15)
1310
1311 def test_ap_wps_er_add_enrollee_pbc(dev, apdev):
1312 """WPS ER connected to AP and adding a new enrollee using PBC"""
1313 try:
1314 _test_ap_wps_er_add_enrollee_pbc(dev, apdev)
1315 finally:
1316 dev[0].request("WPS_ER_STOP")
1317
1318 def _test_ap_wps_er_add_enrollee_pbc(dev, apdev):
1319 ssid = "wps-er-add-enrollee-pbc"
1320 ap_pin = "12345670"
1321 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1322 hostapd.add_ap(apdev[0],
1323 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1324 "wpa_passphrase": "12345678", "wpa": "2",
1325 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1326 "device_name": "Wireless AP", "manufacturer": "Company",
1327 "model_name": "WAP", "model_number": "123",
1328 "serial_number": "12345", "device_type": "6-0050F204-1",
1329 "os_version": "01020300",
1330 "config_methods": "label push_button",
1331 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
1332 logger.info("Learn AP configuration")
1333 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
1334 dev[0].dump_monitor()
1335 dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
1336 status = dev[0].get_status()
1337 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
1338 raise Exception("Not fully connected")
1339
1340 logger.info("Start ER")
1341 dev[0].request("WPS_ER_START ifname=lo")
1342 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
1343 if ev is None:
1344 raise Exception("AP discovery timed out")
1345 if ap_uuid not in ev:
1346 raise Exception("Expected AP UUID not found")
1347
1348 enrollee = dev[1].p2p_interface_addr()
1349
1350 if "FAIL-UNKNOWN-UUID" not in dev[0].request("WPS_ER_PBC " + enrollee):
1351 raise Exception("Unknown UUID not reported")
1352
1353 logger.info("Add Enrollee using ER and PBC")
1354 dev[0].dump_monitor()
1355 dev[1].dump_monitor()
1356 dev[1].request("WPS_PBC")
1357
1358 for i in range(0, 2):
1359 ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=15)
1360 if ev is None:
1361 raise Exception("Enrollee discovery timed out")
1362 if enrollee in ev:
1363 break
1364 if i == 1:
1365 raise Exception("Expected Enrollee not found")
1366 if "FAIL-NO-AP-SETTINGS" not in dev[0].request("WPS_ER_PBC " + enrollee):
1367 raise Exception("Unknown UUID not reported")
1368 logger.info("Use learned network configuration on ER")
1369 dev[0].request("WPS_ER_SET_CONFIG " + ap_uuid + " 0")
1370 if "OK" not in dev[0].request("WPS_ER_PBC " + enrollee):
1371 raise Exception("WPS_ER_PBC failed")
1372
1373 ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=15)
1374 if ev is None:
1375 raise Exception("Enrollee did not report success")
1376 dev[1].wait_connected(timeout=15)
1377 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
1378 if ev is None:
1379 raise Exception("WPS ER did not report success")
1380 hwsim_utils.test_connectivity_sta(dev[0], dev[1])
1381
1382 def test_ap_wps_er_pbc_overlap(dev, apdev):
1383 """WPS ER connected to AP and PBC session overlap"""
1384 try:
1385 _test_ap_wps_er_pbc_overlap(dev, apdev)
1386 finally:
1387 dev[0].request("WPS_ER_STOP")
1388
1389 def _test_ap_wps_er_pbc_overlap(dev, apdev):
1390 ssid = "wps-er-add-enrollee-pbc"
1391 ap_pin = "12345670"
1392 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1393 hostapd.add_ap(apdev[0],
1394 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1395 "wpa_passphrase": "12345678", "wpa": "2",
1396 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1397 "device_name": "Wireless AP", "manufacturer": "Company",
1398 "model_name": "WAP", "model_number": "123",
1399 "serial_number": "12345", "device_type": "6-0050F204-1",
1400 "os_version": "01020300",
1401 "config_methods": "label push_button",
1402 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
1403 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
1404 dev[0].dump_monitor()
1405 dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
1406
1407 dev[1].scan_for_bss(apdev[0]['bssid'], freq="2412")
1408 dev[2].scan_for_bss(apdev[0]['bssid'], freq="2412")
1409 # avoid leaving dev 1 or 2 as the last Probe Request to the AP
1410 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412, force_scan=True)
1411
1412 dev[0].dump_monitor()
1413 dev[0].request("WPS_ER_START ifname=lo")
1414
1415 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
1416 if ev is None:
1417 raise Exception("AP discovery timed out")
1418 if ap_uuid not in ev:
1419 raise Exception("Expected AP UUID not found")
1420
1421 # verify BSSID selection of the AP instead of UUID
1422 if "FAIL" in dev[0].request("WPS_ER_SET_CONFIG " + apdev[0]['bssid'] + " 0"):
1423 raise Exception("Could not select AP based on BSSID")
1424
1425 dev[0].dump_monitor()
1426 dev[1].request("WPS_PBC " + apdev[0]['bssid'])
1427 dev[2].request("WPS_PBC " + apdev[0]['bssid'])
1428 ev = dev[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout=10)
1429 if ev is None:
1430 raise Exception("PBC scan failed")
1431 ev = dev[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout=10)
1432 if ev is None:
1433 raise Exception("PBC scan failed")
1434 found1 = False
1435 found2 = False
1436 addr1 = dev[1].own_addr()
1437 addr2 = dev[2].own_addr()
1438 for i in range(3):
1439 ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=15)
1440 if ev is None:
1441 raise Exception("Enrollee discovery timed out")
1442 if addr1 in ev:
1443 found1 = True
1444 if found2:
1445 break
1446 if addr2 in ev:
1447 found2 = True
1448 if found1:
1449 break
1450 if dev[0].request("WPS_ER_PBC " + ap_uuid) != "FAIL-PBC-OVERLAP\n":
1451 raise Exception("PBC overlap not reported")
1452 dev[1].request("WPS_CANCEL")
1453 dev[2].request("WPS_CANCEL")
1454 if dev[0].request("WPS_ER_PBC foo") != "FAIL\n":
1455 raise Exception("Invalid WPS_ER_PBC accepted")
1456
1457 def test_ap_wps_er_v10_add_enrollee_pin(dev, apdev):
1458 """WPS v1.0 ER connected to AP and adding a new enrollee using PIN"""
1459 try:
1460 _test_ap_wps_er_v10_add_enrollee_pin(dev, apdev)
1461 finally:
1462 dev[0].request("WPS_ER_STOP")
1463
1464 def _test_ap_wps_er_v10_add_enrollee_pin(dev, apdev):
1465 ssid = "wps-er-add-enrollee-pbc"
1466 ap_pin = "12345670"
1467 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1468 hostapd.add_ap(apdev[0],
1469 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1470 "wpa_passphrase": "12345678", "wpa": "2",
1471 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1472 "device_name": "Wireless AP", "manufacturer": "Company",
1473 "model_name": "WAP", "model_number": "123",
1474 "serial_number": "12345", "device_type": "6-0050F204-1",
1475 "os_version": "01020300",
1476 "config_methods": "label push_button",
1477 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
1478 logger.info("Learn AP configuration")
1479 dev[0].request("SET wps_version_number 0x10")
1480 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
1481 dev[0].dump_monitor()
1482 dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
1483 status = dev[0].get_status()
1484 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
1485 raise Exception("Not fully connected")
1486
1487 logger.info("Start ER")
1488 dev[0].request("WPS_ER_START ifname=lo")
1489 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
1490 if ev is None:
1491 raise Exception("AP discovery timed out")
1492 if ap_uuid not in ev:
1493 raise Exception("Expected AP UUID not found")
1494
1495 logger.info("Use learned network configuration on ER")
1496 dev[0].request("WPS_ER_SET_CONFIG " + ap_uuid + " 0")
1497
1498 logger.info("Add Enrollee using ER and PIN")
1499 enrollee = dev[1].p2p_interface_addr()
1500 pin = dev[1].wps_read_pin()
1501 dev[0].dump_monitor()
1502 dev[0].request("WPS_ER_PIN any " + pin + " " + enrollee)
1503 dev[1].scan_for_bss(apdev[0]['bssid'], freq=2412)
1504 dev[1].dump_monitor()
1505 dev[1].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
1506 dev[1].wait_connected(timeout=30)
1507 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
1508 if ev is None:
1509 raise Exception("WPS ER did not report success")
1510
1511 @remote_compatible
1512 def test_ap_wps_er_config_ap(dev, apdev):
1513 """WPS ER configuring AP over UPnP"""
1514 try:
1515 _test_ap_wps_er_config_ap(dev, apdev)
1516 finally:
1517 dev[0].request("WPS_ER_STOP")
1518
1519 def _test_ap_wps_er_config_ap(dev, apdev):
1520 ssid = "wps-er-ap-config"
1521 ap_pin = "12345670"
1522 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1523 hostapd.add_ap(apdev[0],
1524 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1525 "wpa_passphrase": "12345678", "wpa": "2",
1526 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1527 "device_name": "Wireless AP", "manufacturer": "Company",
1528 "model_name": "WAP", "model_number": "123",
1529 "serial_number": "12345", "device_type": "6-0050F204-1",
1530 "os_version": "01020300",
1531 "config_methods": "label push_button",
1532 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
1533
1534 logger.info("Connect ER to the AP")
1535 dev[0].connect(ssid, psk="12345678", scan_freq="2412")
1536
1537 logger.info("WPS configuration step")
1538 dev[0].request("WPS_ER_START ifname=lo")
1539 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
1540 if ev is None:
1541 raise Exception("AP discovery timed out")
1542 if ap_uuid not in ev:
1543 raise Exception("Expected AP UUID not found")
1544 new_passphrase = "1234567890"
1545 dev[0].request("WPS_ER_CONFIG " + apdev[0]['bssid'] + " " + ap_pin + " " +
1546 ssid.encode("hex") + " WPA2PSK CCMP " +
1547 new_passphrase.encode("hex"))
1548 ev = dev[0].wait_event(["WPS-SUCCESS"])
1549 if ev is None:
1550 raise Exception("WPS ER configuration operation timed out")
1551 dev[0].wait_disconnected(timeout=10)
1552 dev[0].connect(ssid, psk="1234567890", scan_freq="2412")
1553
1554 logger.info("WPS ER restart")
1555 dev[0].request("WPS_ER_START")
1556 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
1557 if ev is None:
1558 raise Exception("AP discovery timed out on ER restart")
1559 if ap_uuid not in ev:
1560 raise Exception("Expected AP UUID not found on ER restart")
1561 if "OK" not in dev[0].request("WPS_ER_STOP"):
1562 raise Exception("WPS_ER_STOP failed")
1563 if "OK" not in dev[0].request("WPS_ER_STOP"):
1564 raise Exception("WPS_ER_STOP failed")
1565
1566 @remote_compatible
1567 def test_ap_wps_er_cache_ap_settings(dev, apdev):
1568 """WPS ER caching AP settings"""
1569 try:
1570 _test_ap_wps_er_cache_ap_settings(dev, apdev)
1571 finally:
1572 dev[0].request("WPS_ER_STOP")
1573
1574 def _test_ap_wps_er_cache_ap_settings(dev, apdev):
1575 ssid = "wps-er-add-enrollee"
1576 ap_pin = "12345670"
1577 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1578 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1579 "wpa_passphrase": "12345678", "wpa": "2",
1580 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1581 "device_name": "Wireless AP", "manufacturer": "Company",
1582 "model_name": "WAP", "model_number": "123",
1583 "serial_number": "12345", "device_type": "6-0050F204-1",
1584 "os_version": "01020300",
1585 "config_methods": "label push_button",
1586 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo" }
1587 hapd = hostapd.add_ap(apdev[0], params)
1588 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
1589 dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
1590 id = int(dev[0].list_networks()[0]['id'])
1591 dev[0].set_network(id, "scan_freq", "2412")
1592
1593 dev[0].request("WPS_ER_START ifname=lo")
1594 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
1595 if ev is None:
1596 raise Exception("AP discovery timed out")
1597 if ap_uuid not in ev:
1598 raise Exception("Expected AP UUID not found")
1599
1600 dev[0].dump_monitor()
1601 dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
1602 ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15)
1603 if ev is None:
1604 raise Exception("AP learn timed out")
1605 ev = dev[0].wait_event(["WPS-FAIL"], timeout=15)
1606 if ev is None:
1607 raise Exception("WPS-FAIL after AP learn timed out")
1608 time.sleep(0.1)
1609
1610 hapd.disable()
1611
1612 for i in range(2):
1613 ev = dev[0].wait_event([ "WPS-ER-AP-REMOVE",
1614 "CTRL-EVENT-DISCONNECTED" ],
1615 timeout=15)
1616 if ev is None:
1617 raise Exception("AP removal or disconnection timed out")
1618
1619 hapd = hostapd.add_ap(apdev[0], params)
1620 for i in range(2):
1621 ev = dev[0].wait_event([ "WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED" ],
1622 timeout=15)
1623 if ev is None:
1624 raise Exception("AP discovery or connection timed out")
1625
1626 pin = dev[1].wps_read_pin()
1627 dev[0].dump_monitor()
1628 dev[0].request("WPS_ER_PIN any " + pin + " " + dev[1].p2p_interface_addr())
1629
1630 time.sleep(0.2)
1631
1632 dev[1].scan_for_bss(apdev[0]['bssid'], freq=2412)
1633 dev[1].dump_monitor()
1634 dev[1].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
1635 ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=30)
1636 if ev is None:
1637 raise Exception("Enrollee did not report success")
1638 dev[1].wait_connected(timeout=15)
1639 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
1640 if ev is None:
1641 raise Exception("WPS ER did not report success")
1642
1643 dev[0].dump_monitor()
1644 dev[0].request("WPS_ER_STOP")
1645
1646 def test_ap_wps_er_cache_ap_settings_oom(dev, apdev):
1647 """WPS ER caching AP settings (OOM)"""
1648 try:
1649 _test_ap_wps_er_cache_ap_settings_oom(dev, apdev)
1650 finally:
1651 dev[0].request("WPS_ER_STOP")
1652
1653 def _test_ap_wps_er_cache_ap_settings_oom(dev, apdev):
1654 ssid = "wps-er-add-enrollee"
1655 ap_pin = "12345670"
1656 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1657 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1658 "wpa_passphrase": "12345678", "wpa": "2",
1659 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1660 "device_name": "Wireless AP", "manufacturer": "Company",
1661 "model_name": "WAP", "model_number": "123",
1662 "serial_number": "12345", "device_type": "6-0050F204-1",
1663 "os_version": "01020300",
1664 "config_methods": "label push_button",
1665 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo" }
1666 hapd = hostapd.add_ap(apdev[0], params)
1667 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
1668 dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
1669 id = int(dev[0].list_networks()[0]['id'])
1670 dev[0].set_network(id, "scan_freq", "2412")
1671
1672 dev[0].request("WPS_ER_START ifname=lo")
1673 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
1674 if ev is None:
1675 raise Exception("AP discovery timed out")
1676 if ap_uuid not in ev:
1677 raise Exception("Expected AP UUID not found")
1678
1679 dev[0].dump_monitor()
1680 dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
1681 ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15)
1682 if ev is None:
1683 raise Exception("AP learn timed out")
1684 ev = dev[0].wait_event(["WPS-FAIL"], timeout=15)
1685 if ev is None:
1686 raise Exception("WPS-FAIL after AP learn timed out")
1687 time.sleep(0.1)
1688
1689 with alloc_fail(dev[0], 1, "=wps_er_ap_use_cached_settings"):
1690 hapd.disable()
1691
1692 for i in range(2):
1693 ev = dev[0].wait_event([ "WPS-ER-AP-REMOVE",
1694 "CTRL-EVENT-DISCONNECTED" ],
1695 timeout=15)
1696 if ev is None:
1697 raise Exception("AP removal or disconnection timed out")
1698
1699 hapd = hostapd.add_ap(apdev[0], params)
1700 for i in range(2):
1701 ev = dev[0].wait_event([ "WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED" ],
1702 timeout=15)
1703 if ev is None:
1704 raise Exception("AP discovery or connection timed out")
1705
1706 dev[0].request("WPS_ER_STOP")
1707
1708 def test_ap_wps_er_cache_ap_settings_oom2(dev, apdev):
1709 """WPS ER caching AP settings (OOM 2)"""
1710 try:
1711 _test_ap_wps_er_cache_ap_settings_oom2(dev, apdev)
1712 finally:
1713 dev[0].request("WPS_ER_STOP")
1714
1715 def _test_ap_wps_er_cache_ap_settings_oom2(dev, apdev):
1716 ssid = "wps-er-add-enrollee"
1717 ap_pin = "12345670"
1718 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1719 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1720 "wpa_passphrase": "12345678", "wpa": "2",
1721 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1722 "device_name": "Wireless AP", "manufacturer": "Company",
1723 "model_name": "WAP", "model_number": "123",
1724 "serial_number": "12345", "device_type": "6-0050F204-1",
1725 "os_version": "01020300",
1726 "config_methods": "label push_button",
1727 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo" }
1728 hapd = hostapd.add_ap(apdev[0], params)
1729 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
1730 dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
1731 id = int(dev[0].list_networks()[0]['id'])
1732 dev[0].set_network(id, "scan_freq", "2412")
1733
1734 dev[0].request("WPS_ER_START ifname=lo")
1735 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
1736 if ev is None:
1737 raise Exception("AP discovery timed out")
1738 if ap_uuid not in ev:
1739 raise Exception("Expected AP UUID not found")
1740
1741 dev[0].dump_monitor()
1742 dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
1743 ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15)
1744 if ev is None:
1745 raise Exception("AP learn timed out")
1746 ev = dev[0].wait_event(["WPS-FAIL"], timeout=15)
1747 if ev is None:
1748 raise Exception("WPS-FAIL after AP learn timed out")
1749 time.sleep(0.1)
1750
1751 with alloc_fail(dev[0], 1, "=wps_er_ap_cache_settings"):
1752 hapd.disable()
1753
1754 for i in range(2):
1755 ev = dev[0].wait_event([ "WPS-ER-AP-REMOVE",
1756 "CTRL-EVENT-DISCONNECTED" ],
1757 timeout=15)
1758 if ev is None:
1759 raise Exception("AP removal or disconnection timed out")
1760
1761 hapd = hostapd.add_ap(apdev[0], params)
1762 for i in range(2):
1763 ev = dev[0].wait_event([ "WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED" ],
1764 timeout=15)
1765 if ev is None:
1766 raise Exception("AP discovery or connection timed out")
1767
1768 dev[0].request("WPS_ER_STOP")
1769
1770 def test_ap_wps_er_subscribe_oom(dev, apdev):
1771 """WPS ER subscribe OOM"""
1772 try:
1773 _test_ap_wps_er_subscribe_oom(dev, apdev)
1774 finally:
1775 dev[0].request("WPS_ER_STOP")
1776
1777 def _test_ap_wps_er_subscribe_oom(dev, apdev):
1778 ssid = "wps-er-add-enrollee"
1779 ap_pin = "12345670"
1780 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1781 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1782 "wpa_passphrase": "12345678", "wpa": "2",
1783 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1784 "device_name": "Wireless AP", "manufacturer": "Company",
1785 "model_name": "WAP", "model_number": "123",
1786 "serial_number": "12345", "device_type": "6-0050F204-1",
1787 "os_version": "01020300",
1788 "config_methods": "label push_button",
1789 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo" }
1790 hapd = hostapd.add_ap(apdev[0], params)
1791 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
1792 dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
1793 id = int(dev[0].list_networks()[0]['id'])
1794 dev[0].set_network(id, "scan_freq", "2412")
1795
1796 with alloc_fail(dev[0], 1, "http_client_addr;wps_er_subscribe"):
1797 dev[0].request("WPS_ER_START ifname=lo")
1798 for i in range(50):
1799 res = dev[0].request("GET_ALLOC_FAIL")
1800 if res.startswith("0:"):
1801 break
1802 time.sleep(0.1)
1803 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=0)
1804 if ev:
1805 raise Exception("Unexpected AP discovery during OOM")
1806
1807 dev[0].request("WPS_ER_STOP")
1808
1809 def test_ap_wps_er_set_sel_reg_oom(dev, apdev):
1810 """WPS ER SetSelectedRegistrar OOM"""
1811 try:
1812 _test_ap_wps_er_set_sel_reg_oom(dev, apdev)
1813 finally:
1814 dev[0].request("WPS_ER_STOP")
1815
1816 def _test_ap_wps_er_set_sel_reg_oom(dev, apdev):
1817 ssid = "wps-er-add-enrollee"
1818 ap_pin = "12345670"
1819 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1820 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1821 "wpa_passphrase": "12345678", "wpa": "2",
1822 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1823 "device_name": "Wireless AP", "manufacturer": "Company",
1824 "model_name": "WAP", "model_number": "123",
1825 "serial_number": "12345", "device_type": "6-0050F204-1",
1826 "os_version": "01020300",
1827 "config_methods": "label push_button",
1828 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo" }
1829 hapd = hostapd.add_ap(apdev[0], params)
1830 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
1831 dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
1832
1833 dev[0].request("WPS_ER_START ifname=lo")
1834 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=10)
1835 if ev is None:
1836 raise Exception("AP not discovered")
1837
1838 dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
1839 ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15)
1840 if ev is None:
1841 raise Exception("AP learn timed out")
1842 ev = dev[0].wait_event(["WPS-FAIL"], timeout=15)
1843 if ev is None:
1844 raise Exception("WPS-FAIL timed out")
1845 time.sleep(0.1)
1846
1847 for func in [ "http_client_url_parse;wps_er_send_set_sel_reg",
1848 "wps_er_soap_hdr;wps_er_send_set_sel_reg",
1849 "http_client_addr;wps_er_send_set_sel_reg",
1850 "wpabuf_alloc;wps_er_set_sel_reg" ]:
1851 with alloc_fail(dev[0], 1, func):
1852 if "OK" not in dev[0].request("WPS_ER_PBC " + ap_uuid):
1853 raise Exception("WPS_ER_PBC failed")
1854 ev = dev[0].wait_event(["WPS-PBC-ACTIVE"], timeout=3)
1855 if ev is None:
1856 raise Exception("WPS-PBC-ACTIVE not seen")
1857
1858 dev[0].request("WPS_ER_STOP")
1859
1860 @remote_compatible
1861 def test_ap_wps_er_learn_oom(dev, apdev):
1862 """WPS ER learn OOM"""
1863 try:
1864 _test_ap_wps_er_learn_oom(dev, apdev)
1865 finally:
1866 dev[0].request("WPS_ER_STOP")
1867
1868 def _test_ap_wps_er_learn_oom(dev, apdev):
1869 ssid = "wps-er-add-enrollee"
1870 ap_pin = "12345670"
1871 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1872 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1873 "wpa_passphrase": "12345678", "wpa": "2",
1874 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1875 "device_name": "Wireless AP", "manufacturer": "Company",
1876 "model_name": "WAP", "model_number": "123",
1877 "serial_number": "12345", "device_type": "6-0050F204-1",
1878 "os_version": "01020300",
1879 "config_methods": "label push_button",
1880 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo" }
1881 hapd = hostapd.add_ap(apdev[0], params)
1882 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
1883 dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
1884
1885 dev[0].request("WPS_ER_START ifname=lo")
1886 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=10)
1887 if ev is None:
1888 raise Exception("AP not discovered")
1889
1890 for func in [ "wps_er_http_put_message_cb",
1891 "xml_get_base64_item;wps_er_http_put_message_cb",
1892 "http_client_url_parse;wps_er_ap_put_message",
1893 "wps_er_soap_hdr;wps_er_ap_put_message",
1894 "http_client_addr;wps_er_ap_put_message" ]:
1895 with alloc_fail(dev[0], 1, func):
1896 dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
1897 ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=1)
1898 if ev is not None:
1899 raise Exception("AP learn succeeded during OOM")
1900
1901 dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
1902 ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=10)
1903 if ev is None:
1904 raise Exception("AP learn did not succeed")
1905
1906 if "FAIL" not in dev[0].request("WPS_ER_LEARN 00000000-9e5c-4e73-bd82-f89cbcd10d7e " + ap_pin):
1907 raise Exception("WPS_ER_LEARN for unknown AP accepted")
1908
1909 dev[0].request("WPS_ER_STOP")
1910
1911 def test_ap_wps_fragmentation(dev, apdev):
1912 """WPS with fragmentation in EAP-WSC and mixed mode WPA+WPA2"""
1913 ssid = "test-wps-fragmentation"
1914 appin = "12345670"
1915 hapd = hostapd.add_ap(apdev[0],
1916 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1917 "wpa_passphrase": "12345678", "wpa": "3",
1918 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1919 "wpa_pairwise": "TKIP", "ap_pin": appin,
1920 "fragment_size": "50" })
1921 logger.info("WPS provisioning step (PBC)")
1922 hapd.request("WPS_PBC")
1923 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
1924 dev[0].dump_monitor()
1925 dev[0].request("SET wps_fragment_size 50")
1926 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
1927 dev[0].wait_connected(timeout=30)
1928 status = dev[0].get_status()
1929 if status['wpa_state'] != 'COMPLETED':
1930 raise Exception("Not fully connected")
1931 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP':
1932 raise Exception("Unexpected encryption configuration")
1933 if status['key_mgmt'] != 'WPA2-PSK':
1934 raise Exception("Unexpected key_mgmt")
1935
1936 logger.info("WPS provisioning step (PIN)")
1937 pin = dev[1].wps_read_pin()
1938 hapd.request("WPS_PIN any " + pin)
1939 dev[1].scan_for_bss(apdev[0]['bssid'], freq=2412)
1940 dev[1].request("SET wps_fragment_size 50")
1941 dev[1].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
1942 dev[1].wait_connected(timeout=30)
1943 status = dev[1].get_status()
1944 if status['wpa_state'] != 'COMPLETED':
1945 raise Exception("Not fully connected")
1946 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP':
1947 raise Exception("Unexpected encryption configuration")
1948 if status['key_mgmt'] != 'WPA2-PSK':
1949 raise Exception("Unexpected key_mgmt")
1950
1951 logger.info("WPS connection as registrar")
1952 dev[2].scan_for_bss(apdev[0]['bssid'], freq=2412)
1953 dev[2].request("SET wps_fragment_size 50")
1954 dev[2].wps_reg(apdev[0]['bssid'], appin)
1955 status = dev[2].get_status()
1956 if status['wpa_state'] != 'COMPLETED':
1957 raise Exception("Not fully connected")
1958 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP':
1959 raise Exception("Unexpected encryption configuration")
1960 if status['key_mgmt'] != 'WPA2-PSK':
1961 raise Exception("Unexpected key_mgmt")
1962
1963 @remote_compatible
1964 def test_ap_wps_new_version_sta(dev, apdev):
1965 """WPS compatibility with new version number on the station"""
1966 ssid = "test-wps-ver"
1967 hapd = hostapd.add_ap(apdev[0],
1968 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1969 "wpa_passphrase": "12345678", "wpa": "2",
1970 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
1971 logger.info("WPS provisioning step")
1972 hapd.request("WPS_PBC")
1973 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
1974 dev[0].dump_monitor()
1975 dev[0].request("SET wps_version_number 0x43")
1976 dev[0].request("SET wps_vendor_ext_m1 000137100100020001")
1977 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
1978 dev[0].wait_connected(timeout=30)
1979
1980 @remote_compatible
1981 def test_ap_wps_new_version_ap(dev, apdev):
1982 """WPS compatibility with new version number on the AP"""
1983 ssid = "test-wps-ver"
1984 hapd = hostapd.add_ap(apdev[0],
1985 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
1986 "wpa_passphrase": "12345678", "wpa": "2",
1987 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
1988 logger.info("WPS provisioning step")
1989 if "FAIL" in hapd.request("SET wps_version_number 0x43"):
1990 raise Exception("Failed to enable test functionality")
1991 hapd.request("WPS_PBC")
1992 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
1993 dev[0].dump_monitor()
1994 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
1995 dev[0].wait_connected(timeout=30)
1996 hapd.request("SET wps_version_number 0x20")
1997
1998 @remote_compatible
1999 def test_ap_wps_check_pin(dev, apdev):
2000 """Verify PIN checking through control interface"""
2001 hapd = hostapd.add_ap(apdev[0],
2002 { "ssid": "wps", "eap_server": "1", "wps_state": "2",
2003 "wpa_passphrase": "12345678", "wpa": "2",
2004 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
2005 for t in [ ("12345670", "12345670"),
2006 ("12345678", "FAIL-CHECKSUM"),
2007 ("12345", "FAIL"),
2008 ("123456789", "FAIL"),
2009 ("1234-5670", "12345670"),
2010 ("1234 5670", "12345670"),
2011 ("1-2.3:4 5670", "12345670") ]:
2012 res = hapd.request("WPS_CHECK_PIN " + t[0]).rstrip('\n')
2013 res2 = dev[0].request("WPS_CHECK_PIN " + t[0]).rstrip('\n')
2014 if res != res2:
2015 raise Exception("Unexpected difference in WPS_CHECK_PIN responses")
2016 if res != t[1]:
2017 raise Exception("Incorrect WPS_CHECK_PIN response {} (expected {})".format(res, t[1]))
2018
2019 if "FAIL" not in hapd.request("WPS_CHECK_PIN 12345"):
2020 raise Exception("Unexpected WPS_CHECK_PIN success")
2021 if "FAIL" not in hapd.request("WPS_CHECK_PIN 123456789"):
2022 raise Exception("Unexpected WPS_CHECK_PIN success")
2023
2024 for i in range(0, 10):
2025 pin = dev[0].request("WPS_PIN get")
2026 rpin = dev[0].request("WPS_CHECK_PIN " + pin).rstrip('\n')
2027 if pin != rpin:
2028 raise Exception("Random PIN validation failed for " + pin)
2029
2030 def test_ap_wps_pin_get_failure(dev, apdev):
2031 """PIN generation failure"""
2032 with fail_test(dev[0], 1,
2033 "os_get_random;wpa_supplicant_ctrl_iface_wps_pin"):
2034 if "FAIL" not in dev[0].request("WPS_PIN get"):
2035 raise Exception("WPS_PIN did not report failure")
2036
2037 def test_ap_wps_wep_config(dev, apdev):
2038 """WPS 2.0 AP rejecting WEP configuration"""
2039 ssid = "test-wps-config"
2040 appin = "12345670"
2041 hapd = hostapd.add_ap(apdev[0],
2042 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
2043 "ap_pin": appin})
2044 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
2045 dev[0].wps_reg(apdev[0]['bssid'], appin, "wps-new-ssid-wep", "OPEN", "WEP",
2046 "hello", no_wait=True)
2047 ev = hapd.wait_event(["WPS-FAIL"], timeout=15)
2048 if ev is None:
2049 raise Exception("WPS-FAIL timed out")
2050 if "reason=2" not in ev:
2051 raise Exception("Unexpected reason code in WPS-FAIL")
2052 status = hapd.request("WPS_GET_STATUS")
2053 if "Last WPS result: Failed" not in status:
2054 raise Exception("WPS failure result not shown correctly")
2055 if "Failure Reason: WEP Prohibited" not in status:
2056 raise Exception("Failure reason not reported correctly")
2057 if "Peer Address: " + dev[0].p2p_interface_addr() not in status:
2058 raise Exception("Peer address not shown correctly")
2059
2060 def test_ap_wps_wep_enroll(dev, apdev):
2061 """WPS 2.0 STA rejecting WEP configuration"""
2062 ssid = "test-wps-wep"
2063 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
2064 "skip_cred_build": "1", "extra_cred": "wps-wep-cred" }
2065 hapd = hostapd.add_ap(apdev[0], params)
2066 hapd.request("WPS_PBC")
2067 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
2068 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
2069 ev = dev[0].wait_event(["WPS-FAIL"], timeout=15)
2070 if ev is None:
2071 raise Exception("WPS-FAIL event timed out")
2072 if "msg=12" not in ev or "reason=2 (WEP Prohibited)" not in ev:
2073 raise Exception("Unexpected WPS-FAIL event: " + ev)
2074
2075 @remote_compatible
2076 def test_ap_wps_ie_fragmentation(dev, apdev):
2077 """WPS AP using fragmented WPS IE"""
2078 ssid = "test-wps-ie-fragmentation"
2079 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
2080 "wpa_passphrase": "12345678", "wpa": "2",
2081 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
2082 "device_name": "1234567890abcdef1234567890abcdef",
2083 "manufacturer": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
2084 "model_name": "1234567890abcdef1234567890abcdef",
2085 "model_number": "1234567890abcdef1234567890abcdef",
2086 "serial_number": "1234567890abcdef1234567890abcdef" }
2087 hapd = hostapd.add_ap(apdev[0], params)
2088 hapd.request("WPS_PBC")
2089 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
2090 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
2091 dev[0].wait_connected(timeout=30)
2092 bss = dev[0].get_bss(apdev[0]['bssid'])
2093 if "wps_device_name" not in bss or bss['wps_device_name'] != "1234567890abcdef1234567890abcdef":
2094 logger.info("Device Name not received correctly")
2095 logger.info(bss)
2096 # This can fail if Probe Response frame is missed and Beacon frame was
2097 # used to fill in the BSS entry. This can happen, e.g., during heavy
2098 # load every now and then and is not really an error, so try to
2099 # workaround by runnign another scan.
2100 dev[0].scan(freq="2412", only_new=True)
2101 bss = dev[0].get_bss(apdev[0]['bssid'])
2102 if not bss or "wps_device_name" not in bss or bss['wps_device_name'] != "1234567890abcdef1234567890abcdef":
2103 logger.info(bss)
2104 raise Exception("Device Name not received correctly")
2105 if len(re.findall("dd..0050f204", bss['ie'])) != 2:
2106 raise Exception("Unexpected number of WPS IEs")
2107
2108 def get_psk(pskfile):
2109 psks = {}
2110 with open(pskfile, "r") as f:
2111 lines = f.read().splitlines()
2112 for l in lines:
2113 if l == "# WPA PSKs":
2114 continue
2115 (addr,psk) = l.split(' ')
2116 psks[addr] = psk
2117 return psks
2118
2119 def test_ap_wps_per_station_psk(dev, apdev):
2120 """WPS PBC provisioning with per-station PSK"""
2121 addr0 = dev[0].own_addr()
2122 addr1 = dev[1].own_addr()
2123 addr2 = dev[2].own_addr()
2124 ssid = "wps"
2125 appin = "12345670"
2126 pskfile = "/tmp/ap_wps_per_enrollee_psk.psk_file"
2127 try:
2128 os.remove(pskfile)
2129 except:
2130 pass
2131
2132 hapd = None
2133 try:
2134 with open(pskfile, "w") as f:
2135 f.write("# WPA PSKs\n")
2136
2137 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
2138 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
2139 "rsn_pairwise": "CCMP", "ap_pin": appin,
2140 "wpa_psk_file": pskfile }
2141 hapd = hostapd.add_ap(apdev[0], params)
2142
2143 logger.info("First enrollee")
2144 hapd.request("WPS_PBC")
2145 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
2146 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
2147 dev[0].wait_connected(timeout=30)
2148
2149 logger.info("Second enrollee")
2150 hapd.request("WPS_PBC")
2151 dev[1].scan_for_bss(apdev[0]['bssid'], freq=2412)
2152 dev[1].request("WPS_PBC " + apdev[0]['bssid'])
2153 dev[1].wait_connected(timeout=30)
2154
2155 logger.info("External registrar")
2156 dev[2].scan_for_bss(apdev[0]['bssid'], freq=2412)
2157 dev[2].wps_reg(apdev[0]['bssid'], appin)
2158
2159 logger.info("Verifying PSK results")
2160 psks = get_psk(pskfile)
2161 if addr0 not in psks:
2162 raise Exception("No PSK recorded for sta0")
2163 if addr1 not in psks:
2164 raise Exception("No PSK recorded for sta1")
2165 if addr2 not in psks:
2166 raise Exception("No PSK recorded for sta2")
2167 if psks[addr0] == psks[addr1]:
2168 raise Exception("Same PSK recorded for sta0 and sta1")
2169 if psks[addr0] == psks[addr2]:
2170 raise Exception("Same PSK recorded for sta0 and sta2")
2171 if psks[addr1] == psks[addr2]:
2172 raise Exception("Same PSK recorded for sta1 and sta2")
2173
2174 dev[0].request("REMOVE_NETWORK all")
2175 logger.info("Second external registrar")
2176 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
2177 dev[0].wps_reg(apdev[0]['bssid'], appin)
2178 psks2 = get_psk(pskfile)
2179 if addr0 not in psks2:
2180 raise Exception("No PSK recorded for sta0(reg)")
2181 if psks[addr0] == psks2[addr0]:
2182 raise Exception("Same PSK recorded for sta0(enrollee) and sta0(reg)")
2183 finally:
2184 os.remove(pskfile)
2185 if hapd:
2186 dev[0].request("DISCONNECT")
2187 dev[1].request("DISCONNECT")
2188 dev[2].request("DISCONNECT")
2189 hapd.disable()
2190 dev[0].flush_scan_cache()
2191 dev[1].flush_scan_cache()
2192 dev[2].flush_scan_cache()
2193
2194 def test_ap_wps_per_station_psk_failure(dev, apdev):
2195 """WPS PBC provisioning with per-station PSK (file not writable)"""
2196 addr0 = dev[0].p2p_dev_addr()
2197 addr1 = dev[1].p2p_dev_addr()
2198 addr2 = dev[2].p2p_dev_addr()
2199 ssid = "wps"
2200 appin = "12345670"
2201 pskfile = "/tmp/ap_wps_per_enrollee_psk.psk_file"
2202 try:
2203 os.remove(pskfile)
2204 except:
2205 pass
2206
2207 hapd = None
2208 try:
2209 with open(pskfile, "w") as f:
2210 f.write("# WPA PSKs\n")
2211
2212 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
2213 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
2214 "rsn_pairwise": "CCMP", "ap_pin": appin,
2215 "wpa_psk_file": pskfile }
2216 hapd = hostapd.add_ap(apdev[0], params)
2217 if "FAIL" in hapd.request("SET wpa_psk_file /tmp/does/not/exists/ap_wps_per_enrollee_psk_failure.psk_file"):
2218 raise Exception("Failed to set wpa_psk_file")
2219
2220 logger.info("First enrollee")
2221 hapd.request("WPS_PBC")
2222 dev[0].scan_for_bss(apdev[0]['bssid'], freq=2412)
2223 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
2224 dev[0].wait_connected(timeout=30)
2225
2226 logger.info("Second enrollee")
2227 hapd.request("WPS_PBC")
2228 dev[1].scan_for_bss(apdev[0]['bssid'], freq=2412)
2229 dev[1].request("WPS_PBC " + apdev[0]['bssid'])
2230 dev[1].wait_connected(timeout=30)
2231
2232 logger.info("External registrar")
2233 dev[2].scan_for_bss(apdev[0]['bssid'], freq=2412)
2234 dev[2].wps_reg(apdev[0]['bssid'], appin)
2235
2236 logger.info("Verifying PSK results")
2237 psks = get_psk(pskfile)
2238 if len(psks) > 0:
2239 raise Exception("PSK recorded unexpectedly")
2240 finally:
2241 if hapd:
2242 for i in range(3):
2243 dev[i].request("DISCONNECT")
2244 hapd.disable()
2245 for i in range(3):
2246 dev[i].flush_scan_cache()
2247 os.remove(pskfile)
2248
2249 def test_ap_wps_pin_request_file(dev, apdev):
2250 """WPS PIN provisioning with configured AP"""
2251 ssid = "wps"
2252 pinfile = "/tmp/ap_wps_pin_request_file.log"
2253 if os.path.exists(pinfile):
2254 os.remove(pinfile)
2255 hapd = hostapd.add_ap(apdev[0],
2256 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
2257 "wps_pin_requests": pinfile,
2258 "wpa_passphrase": "12345678", "wpa": "2",
2259 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2260 uuid = dev[0].get_status_field("uuid")
2261 pin = dev[0].wps_read_pin()
2262 try:
2263 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
2264 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
2265 ev = hapd.wait_event(["WPS-PIN-NEEDED"], timeout=15)
2266 if ev is None:
2267 raise Exception("PIN needed event not shown")
2268 if uuid not in ev:
2269 raise Exception("UUID mismatch")
2270 dev[0].request("WPS_CANCEL")
2271 success = False
2272 with open(pinfile, "r") as f:
2273 lines = f.readlines()
2274 for l in lines:
2275 if uuid in l:
2276 success = True
2277 break
2278 if not success:
2279 raise Exception("PIN request entry not in the log file")
2280 finally:
2281 try:
2282 os.remove(pinfile)
2283 except:
2284 pass
2285
2286 def test_ap_wps_auto_setup_with_config_file(dev, apdev):
2287 """WPS auto-setup with configuration file"""
2288 conffile = "/tmp/ap_wps_auto_setup_with_config_file.conf"
2289 ifname = apdev[0]['ifname']
2290 try:
2291 with open(conffile, "w") as f:
2292 f.write("driver=nl80211\n")
2293 f.write("hw_mode=g\n")
2294 f.write("channel=1\n")
2295 f.write("ieee80211n=1\n")
2296 f.write("interface=%s\n" % ifname)
2297 f.write("ctrl_interface=/var/run/hostapd\n")
2298 f.write("ssid=wps\n")
2299 f.write("eap_server=1\n")
2300 f.write("wps_state=1\n")
2301 hapd = hostapd.add_bss(apdev[0], ifname, conffile)
2302 hapd.request("WPS_PBC")
2303 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
2304 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
2305 dev[0].wait_connected(timeout=30)
2306 with open(conffile, "r") as f:
2307 lines = f.read().splitlines()
2308 vals = dict()
2309 for l in lines:
2310 try:
2311 [name,value] = l.split('=', 1)
2312 vals[name] = value
2313 except ValueError, e:
2314 if "# WPS configuration" in l:
2315 pass
2316 else:
2317 raise Exception("Unexpected configuration line: " + l)
2318 if vals['ieee80211n'] != '1' or vals['wps_state'] != '2' or "WPA-PSK" not in vals['wpa_key_mgmt']:
2319 raise Exception("Incorrect configuration: " + str(vals))
2320 finally:
2321 try:
2322 os.remove(conffile)
2323 except:
2324 pass
2325
2326 def test_ap_wps_pbc_timeout(dev, apdev, params):
2327 """wpa_supplicant PBC walk time and WPS ER SelReg timeout [long]"""
2328 if not params['long']:
2329 raise HwsimSkip("Skip test case with long duration due to --long not specified")
2330 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2331 hapd = add_ssdp_ap(apdev[0], ap_uuid)
2332
2333 location = ssdp_get_location(ap_uuid)
2334 urls = upnp_get_urls(location)
2335 eventurl = urlparse.urlparse(urls['event_sub_url'])
2336 ctrlurl = urlparse.urlparse(urls['control_url'])
2337
2338 url = urlparse.urlparse(location)
2339 conn = httplib.HTTPConnection(url.netloc)
2340
2341 class WPSERHTTPServer(SocketServer.StreamRequestHandler):
2342 def handle(self):
2343 data = self.rfile.readline().strip()
2344 logger.debug(data)
2345 self.wfile.write(gen_wps_event())
2346
2347 server = MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer)
2348 server.timeout = 1
2349
2350 headers = { "callback": '<http://127.0.0.1:12345/event>',
2351 "NT": "upnp:event",
2352 "timeout": "Second-1234" }
2353 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
2354 resp = conn.getresponse()
2355 if resp.status != 200:
2356 raise Exception("Unexpected HTTP response: %d" % resp.status)
2357 sid = resp.getheader("sid")
2358 logger.debug("Subscription SID " + sid)
2359
2360 msg = '''<?xml version="1.0"?>
2361 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
2362 <s:Body>
2363 <u:SetSelectedRegistrar xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
2364 <NewMessage>EEoAARAQQQABARASAAIAABBTAAIxSBBJAA4ANyoAASABBv///////xBIABA2LbR7pTpRkYj7
2365 VFi5hrLk
2366 </NewMessage>
2367 </u:SetSelectedRegistrar>
2368 </s:Body>
2369 </s:Envelope>'''
2370 headers = { "Content-type": 'text/xml; charset="utf-8"' }
2371 headers["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % "SetSelectedRegistrar"
2372 conn.request("POST", ctrlurl.path, msg, headers)
2373 resp = conn.getresponse()
2374 if resp.status != 200:
2375 raise Exception("Unexpected HTTP response: %d" % resp.status)
2376
2377 server.handle_request()
2378
2379 logger.info("Start WPS_PBC and wait for PBC walk time expiration")
2380 if "OK" not in dev[0].request("WPS_PBC"):
2381 raise Exception("WPS_PBC failed")
2382
2383 start = os.times()[4]
2384
2385 server.handle_request()
2386 dev[1].request("BSS_FLUSH 0")
2387 dev[1].scan_for_bss(apdev[0]['bssid'], freq="2412", force_scan=True,
2388 only_new=True)
2389 bss = dev[1].get_bss(apdev[0]['bssid'])
2390 logger.debug("BSS: " + str(bss))
2391 if '[WPS-AUTH]' not in bss['flags']:
2392 raise Exception("WPS not indicated authorized")
2393
2394 server.handle_request()
2395
2396 wps_timeout_seen = False
2397
2398 while True:
2399 hapd.dump_monitor()
2400 dev[1].dump_monitor()
2401 if not wps_timeout_seen:
2402 ev = dev[0].wait_event(["WPS-TIMEOUT"], timeout=0)
2403 if ev is not None:
2404 logger.info("PBC timeout seen")
2405 wps_timeout_seen = True
2406 else:
2407 dev[0].dump_monitor()
2408 now = os.times()[4]
2409 if now - start > 130:
2410 raise Exception("Selected registration information not removed")
2411 dev[1].request("BSS_FLUSH 0")
2412 dev[1].scan_for_bss(apdev[0]['bssid'], freq="2412", force_scan=True,
2413 only_new=True)
2414 bss = dev[1].get_bss(apdev[0]['bssid'])
2415 logger.debug("BSS: " + str(bss))
2416 if '[WPS-AUTH]' not in bss['flags']:
2417 break
2418 server.handle_request()
2419
2420 server.server_close()
2421
2422 if wps_timeout_seen:
2423 return
2424
2425 now = os.times()[4]
2426 if now < start + 150:
2427 dur = start + 150 - now
2428 else:
2429 dur = 1
2430 logger.info("Continue waiting for PBC timeout (%d sec)" % dur)
2431 ev = dev[0].wait_event(["WPS-TIMEOUT"], timeout=dur)
2432 if ev is None:
2433 raise Exception("WPS-TIMEOUT not reported")
2434
2435 def add_ssdp_ap(ap, ap_uuid):
2436 ssid = "wps-ssdp"
2437 ap_pin = "12345670"
2438 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
2439 "wpa_passphrase": "12345678", "wpa": "2",
2440 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
2441 "device_name": "Wireless AP", "manufacturer": "Company",
2442 "model_name": "WAP", "model_number": "123",
2443 "serial_number": "12345", "device_type": "6-0050F204-1",
2444 "os_version": "01020300",
2445 "config_methods": "label push_button",
2446 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo",
2447 "friendly_name": "WPS Access Point",
2448 "manufacturer_url": "http://www.example.com/",
2449 "model_description": "Wireless Access Point",
2450 "model_url": "http://www.example.com/model/",
2451 "upc": "123456789012" }
2452 return hostapd.add_ap(ap, params)
2453
2454 def ssdp_send(msg, no_recv=False):
2455 socket.setdefaulttimeout(1)
2456 sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
2457 sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
2458 sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 2)
2459 sock.bind(("127.0.0.1", 0))
2460 sock.sendto(msg, ("239.255.255.250", 1900))
2461 if no_recv:
2462 return None
2463 return sock.recv(1000)
2464
2465 def ssdp_send_msearch(st, no_recv=False):
2466 msg = '\r\n'.join([
2467 'M-SEARCH * HTTP/1.1',
2468 'HOST: 239.255.255.250:1900',
2469 'MX: 1',
2470 'MAN: "ssdp:discover"',
2471 'ST: ' + st,
2472 '', ''])
2473 return ssdp_send(msg, no_recv=no_recv)
2474
2475 def test_ap_wps_ssdp_msearch(dev, apdev):
2476 """WPS AP and SSDP M-SEARCH messages"""
2477 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2478 add_ssdp_ap(apdev[0], ap_uuid)
2479
2480 msg = '\r\n'.join([
2481 'M-SEARCH * HTTP/1.1',
2482 'Host: 239.255.255.250:1900',
2483 'Mx: 1',
2484 'Man: "ssdp:discover"',
2485 'St: urn:schemas-wifialliance-org:device:WFADevice:1',
2486 '', ''])
2487 ssdp_send(msg)
2488
2489 msg = '\r\n'.join([
2490 'M-SEARCH * HTTP/1.1',
2491 'host:\t239.255.255.250:1900\t\t\t\t \t\t',
2492 'mx: \t1\t\t ',
2493 'man: \t \t "ssdp:discover" ',
2494 'st: urn:schemas-wifialliance-org:device:WFADevice:1\t\t',
2495 '', ''])
2496 ssdp_send(msg)
2497
2498 ssdp_send_msearch("ssdp:all")
2499 ssdp_send_msearch("upnp:rootdevice")
2500 ssdp_send_msearch("uuid:" + ap_uuid)
2501 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1")
2502 ssdp_send_msearch("urn:schemas-wifialliance-org:device:WFADevice:1")
2503
2504 msg = '\r\n'.join([
2505 'M-SEARCH * HTTP/1.1',
2506 'HOST:\t239.255.255.250:1900',
2507 'MAN: "ssdp:discover"',
2508 'MX: 130',
2509 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2510 '', ''])
2511 ssdp_send(msg, no_recv=True)
2512
2513 def test_ap_wps_ssdp_invalid_msearch(dev, apdev):
2514 """WPS AP and invalid SSDP M-SEARCH messages"""
2515 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2516 add_ssdp_ap(apdev[0], ap_uuid)
2517
2518 socket.setdefaulttimeout(1)
2519 sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
2520 sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
2521 sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 2)
2522 sock.bind(("127.0.0.1", 0))
2523
2524 logger.debug("Missing MX")
2525 msg = '\r\n'.join([
2526 'M-SEARCH * HTTP/1.1',
2527 'HOST: 239.255.255.250:1900',
2528 'MAN: "ssdp:discover"',
2529 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2530 '', ''])
2531 sock.sendto(msg, ("239.255.255.250", 1900))
2532
2533 logger.debug("Negative MX")
2534 msg = '\r\n'.join([
2535 'M-SEARCH * HTTP/1.1',
2536 'HOST: 239.255.255.250:1900',
2537 'MX: -1',
2538 'MAN: "ssdp:discover"',
2539 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2540 '', ''])
2541 sock.sendto(msg, ("239.255.255.250", 1900))
2542
2543 logger.debug("Invalid MX")
2544 msg = '\r\n'.join([
2545 'M-SEARCH * HTTP/1.1',
2546 'HOST: 239.255.255.250:1900',
2547 'MX; 1',
2548 'MAN: "ssdp:discover"',
2549 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2550 '', ''])
2551 sock.sendto(msg, ("239.255.255.250", 1900))
2552
2553 logger.debug("Missing MAN")
2554 msg = '\r\n'.join([
2555 'M-SEARCH * HTTP/1.1',
2556 'HOST: 239.255.255.250:1900',
2557 'MX: 1',
2558 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2559 '', ''])
2560 sock.sendto(msg, ("239.255.255.250", 1900))
2561
2562 logger.debug("Invalid MAN")
2563 msg = '\r\n'.join([
2564 'M-SEARCH * HTTP/1.1',
2565 'HOST: 239.255.255.250:1900',
2566 'MX: 1',
2567 'MAN: foo',
2568 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2569 '', ''])
2570 sock.sendto(msg, ("239.255.255.250", 1900))
2571 msg = '\r\n'.join([
2572 'M-SEARCH * HTTP/1.1',
2573 'HOST: 239.255.255.250:1900',
2574 'MX: 1',
2575 'MAN; "ssdp:discover"',
2576 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2577 '', ''])
2578 sock.sendto(msg, ("239.255.255.250", 1900))
2579
2580 logger.debug("Missing HOST")
2581 msg = '\r\n'.join([
2582 'M-SEARCH * HTTP/1.1',
2583 'MAN: "ssdp:discover"',
2584 'MX: 1',
2585 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2586 '', ''])
2587 sock.sendto(msg, ("239.255.255.250", 1900))
2588
2589 logger.debug("Missing ST")
2590 msg = '\r\n'.join([
2591 'M-SEARCH * HTTP/1.1',
2592 'HOST: 239.255.255.250:1900',
2593 'MAN: "ssdp:discover"',
2594 'MX: 1',
2595 '', ''])
2596 sock.sendto(msg, ("239.255.255.250", 1900))
2597
2598 logger.debug("Mismatching ST")
2599 msg = '\r\n'.join([
2600 'M-SEARCH * HTTP/1.1',
2601 'HOST: 239.255.255.250:1900',
2602 'MAN: "ssdp:discover"',
2603 'MX: 1',
2604 'ST: uuid:16d5f8a9-4ee4-4f5e-81f9-cc6e2f47f42d',
2605 '', ''])
2606 sock.sendto(msg, ("239.255.255.250", 1900))
2607 msg = '\r\n'.join([
2608 'M-SEARCH * HTTP/1.1',
2609 'HOST: 239.255.255.250:1900',
2610 'MAN: "ssdp:discover"',
2611 'MX: 1',
2612 'ST: foo:bar',
2613 '', ''])
2614 sock.sendto(msg, ("239.255.255.250", 1900))
2615 msg = '\r\n'.join([
2616 'M-SEARCH * HTTP/1.1',
2617 'HOST: 239.255.255.250:1900',
2618 'MAN: "ssdp:discover"',
2619 'MX: 1',
2620 'ST: foobar',
2621 '', ''])
2622 sock.sendto(msg, ("239.255.255.250", 1900))
2623
2624 logger.debug("Invalid ST")
2625 msg = '\r\n'.join([
2626 'M-SEARCH * HTTP/1.1',
2627 'HOST: 239.255.255.250:1900',
2628 'MAN: "ssdp:discover"',
2629 'MX: 1',
2630 'ST; urn:schemas-wifialliance-org:device:WFADevice:1',
2631 '', ''])
2632 sock.sendto(msg, ("239.255.255.250", 1900))
2633
2634 logger.debug("Invalid M-SEARCH")
2635 msg = '\r\n'.join([
2636 'M+SEARCH * HTTP/1.1',
2637 'HOST: 239.255.255.250:1900',
2638 'MAN: "ssdp:discover"',
2639 'MX: 1',
2640 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2641 '', ''])
2642 sock.sendto(msg, ("239.255.255.250", 1900))
2643 msg = '\r\n'.join([
2644 'M-SEARCH-* HTTP/1.1',
2645 'HOST: 239.255.255.250:1900',
2646 'MAN: "ssdp:discover"',
2647 'MX: 1',
2648 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2649 '', ''])
2650 sock.sendto(msg, ("239.255.255.250", 1900))
2651
2652 logger.debug("Invalid message format")
2653 sock.sendto("NOTIFY * HTTP/1.1", ("239.255.255.250", 1900))
2654 msg = '\r'.join([
2655 'M-SEARCH * HTTP/1.1',
2656 'HOST: 239.255.255.250:1900',
2657 'MAN: "ssdp:discover"',
2658 'MX: 1',
2659 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2660 '', ''])
2661 sock.sendto(msg, ("239.255.255.250", 1900))
2662
2663 try:
2664 r = sock.recv(1000)
2665 raise Exception("Unexpected M-SEARCH response: " + r)
2666 except socket.timeout:
2667 pass
2668
2669 logger.debug("Valid M-SEARCH")
2670 msg = '\r\n'.join([
2671 'M-SEARCH * HTTP/1.1',
2672 'HOST: 239.255.255.250:1900',
2673 'MAN: "ssdp:discover"',
2674 'MX: 1',
2675 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2676 '', ''])
2677 sock.sendto(msg, ("239.255.255.250", 1900))
2678
2679 try:
2680 r = sock.recv(1000)
2681 pass
2682 except socket.timeout:
2683 raise Exception("No SSDP response")
2684
2685 def test_ap_wps_ssdp_burst(dev, apdev):
2686 """WPS AP and SSDP burst"""
2687 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2688 add_ssdp_ap(apdev[0], ap_uuid)
2689
2690 msg = '\r\n'.join([
2691 'M-SEARCH * HTTP/1.1',
2692 'HOST: 239.255.255.250:1900',
2693 'MAN: "ssdp:discover"',
2694 'MX: 1',
2695 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2696 '', ''])
2697 socket.setdefaulttimeout(1)
2698 sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
2699 sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
2700 sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 2)
2701 sock.bind(("127.0.0.1", 0))
2702 for i in range(0, 25):
2703 sock.sendto(msg, ("239.255.255.250", 1900))
2704 resp = 0
2705 while True:
2706 try:
2707 r = sock.recv(1000)
2708 if not r.startswith("HTTP/1.1 200 OK\r\n"):
2709 raise Exception("Unexpected message: " + r)
2710 resp += 1
2711 except socket.timeout:
2712 break
2713 if resp < 20:
2714 raise Exception("Too few SSDP responses")
2715
2716 sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
2717 sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
2718 sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 2)
2719 sock.bind(("127.0.0.1", 0))
2720 for i in range(0, 25):
2721 sock.sendto(msg, ("239.255.255.250", 1900))
2722 while True:
2723 try:
2724 r = sock.recv(1000)
2725 if ap_uuid in r:
2726 break
2727 except socket.timeout:
2728 raise Exception("No SSDP response")
2729
2730 def ssdp_get_location(uuid):
2731 res = ssdp_send_msearch("uuid:" + uuid)
2732 location = None
2733 for l in res.splitlines():
2734 if l.lower().startswith("location:"):
2735 location = l.split(':', 1)[1].strip()
2736 break
2737 if location is None:
2738 raise Exception("No UPnP location found")
2739 return location
2740
2741 def upnp_get_urls(location):
2742 conn = urllib.urlopen(location, proxies={})
2743 tree = ET.parse(conn)
2744 root = tree.getroot()
2745 urn = '{urn:schemas-upnp-org:device-1-0}'
2746 service = root.find("./" + urn + "device/" + urn + "serviceList/" + urn + "service")
2747 res = {}
2748 res['scpd_url'] = urlparse.urljoin(location, service.find(urn + 'SCPDURL').text)
2749 res['control_url'] = urlparse.urljoin(location, service.find(urn + 'controlURL').text)
2750 res['event_sub_url'] = urlparse.urljoin(location, service.find(urn + 'eventSubURL').text)
2751 return res
2752
2753 def upnp_soap_action(conn, path, action, include_soap_action=True,
2754 soap_action_override=None, newmsg=None, neweventtype=None,
2755 neweventmac=None):
2756 soapns = 'http://schemas.xmlsoap.org/soap/envelope/'
2757 wpsns = 'urn:schemas-wifialliance-org:service:WFAWLANConfig:1'
2758 ET.register_namespace('soapenv', soapns)
2759 ET.register_namespace('wfa', wpsns)
2760 attrib = {}
2761 attrib['{%s}encodingStyle' % soapns] = 'http://schemas.xmlsoap.org/soap/encoding/'
2762 root = ET.Element("{%s}Envelope" % soapns, attrib=attrib)
2763 body = ET.SubElement(root, "{%s}Body" % soapns)
2764 act = ET.SubElement(body, "{%s}%s" % (wpsns, action))
2765 if newmsg:
2766 msg = ET.SubElement(act, "NewMessage")
2767 msg.text = base64.b64encode(newmsg)
2768 if neweventtype:
2769 msg = ET.SubElement(act, "NewWLANEventType")
2770 msg.text = neweventtype
2771 if neweventmac:
2772 msg = ET.SubElement(act, "NewWLANEventMAC")
2773 msg.text = neweventmac
2774 tree = ET.ElementTree(root)
2775 soap = StringIO.StringIO()
2776 tree.write(soap, xml_declaration=True, encoding='utf-8')
2777
2778 headers = { "Content-type": 'text/xml; charset="utf-8"' }
2779 if include_soap_action:
2780 headers["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % action
2781 elif soap_action_override:
2782 headers["SOAPAction"] = soap_action_override
2783 conn.request("POST", path, soap.getvalue(), headers)
2784 return conn.getresponse()
2785
2786 def test_ap_wps_upnp(dev, apdev):
2787 """WPS AP and UPnP operations"""
2788 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2789 add_ssdp_ap(apdev[0], ap_uuid)
2790
2791 location = ssdp_get_location(ap_uuid)
2792 urls = upnp_get_urls(location)
2793
2794 conn = urllib.urlopen(urls['scpd_url'], proxies={})
2795 scpd = conn.read()
2796
2797 conn = urllib.urlopen(urlparse.urljoin(location, "unknown.html"),
2798 proxies={})
2799 if conn.getcode() != 404:
2800 raise Exception("Unexpected HTTP response to GET unknown URL")
2801
2802 url = urlparse.urlparse(location)
2803 conn = httplib.HTTPConnection(url.netloc)
2804 #conn.set_debuglevel(1)
2805 headers = { "Content-type": 'text/xml; charset="utf-8"',
2806 "SOAPAction": '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#GetDeviceInfo"' }
2807 conn.request("POST", "hello", "\r\n\r\n", headers)
2808 resp = conn.getresponse()
2809 if resp.status != 404:
2810 raise Exception("Unexpected HTTP response: %d" % resp.status)
2811
2812 conn.request("UNKNOWN", "hello", "\r\n\r\n", headers)
2813 resp = conn.getresponse()
2814 if resp.status != 501:
2815 raise Exception("Unexpected HTTP response: %d" % resp.status)
2816
2817 headers = { "Content-type": 'text/xml; charset="utf-8"',
2818 "SOAPAction": '"urn:some-unknown-action#GetDeviceInfo"' }
2819 ctrlurl = urlparse.urlparse(urls['control_url'])
2820 conn.request("POST", ctrlurl.path, "\r\n\r\n", headers)
2821 resp = conn.getresponse()
2822 if resp.status != 401:
2823 raise Exception("Unexpected HTTP response: %d" % resp.status)
2824
2825 logger.debug("GetDeviceInfo without SOAPAction header")
2826 resp = upnp_soap_action(conn, ctrlurl.path, "GetDeviceInfo",
2827 include_soap_action=False)
2828 if resp.status != 401:
2829 raise Exception("Unexpected HTTP response: %d" % resp.status)
2830
2831 logger.debug("GetDeviceInfo with invalid SOAPAction header")
2832 for act in [ "foo",
2833 "urn:schemas-wifialliance-org:service:WFAWLANConfig:1#GetDeviceInfo",
2834 '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1"',
2835 '"urn:schemas-wifialliance-org:service:WFAWLANConfig:123#GetDevice']:
2836 resp = upnp_soap_action(conn, ctrlurl.path, "GetDeviceInfo",
2837 include_soap_action=False,
2838 soap_action_override=act)
2839 if resp.status != 401:
2840 raise Exception("Unexpected HTTP response: %d" % resp.status)
2841
2842 resp = upnp_soap_action(conn, ctrlurl.path, "GetDeviceInfo")
2843 if resp.status != 200:
2844 raise Exception("Unexpected HTTP response: %d" % resp.status)
2845 dev = resp.read()
2846 if "NewDeviceInfo" not in dev:
2847 raise Exception("Unexpected GetDeviceInfo response")
2848
2849 logger.debug("PutMessage without required parameters")
2850 resp = upnp_soap_action(conn, ctrlurl.path, "PutMessage")
2851 if resp.status != 600:
2852 raise Exception("Unexpected HTTP response: %d" % resp.status)
2853
2854 logger.debug("PutWLANResponse without required parameters")
2855 resp = upnp_soap_action(conn, ctrlurl.path, "PutWLANResponse")
2856 if resp.status != 600:
2857 raise Exception("Unexpected HTTP response: %d" % resp.status)
2858
2859 logger.debug("SetSelectedRegistrar from unregistered ER")
2860 resp = upnp_soap_action(conn, ctrlurl.path, "SetSelectedRegistrar")
2861 if resp.status != 501:
2862 raise Exception("Unexpected HTTP response: %d" % resp.status)
2863
2864 logger.debug("Unknown action")
2865 resp = upnp_soap_action(conn, ctrlurl.path, "Unknown")
2866 if resp.status != 401:
2867 raise Exception("Unexpected HTTP response: %d" % resp.status)
2868
2869 def test_ap_wps_upnp_subscribe(dev, apdev):
2870 """WPS AP and UPnP event subscription"""
2871 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2872 hapd = add_ssdp_ap(apdev[0], ap_uuid)
2873
2874 location = ssdp_get_location(ap_uuid)
2875 urls = upnp_get_urls(location)
2876 eventurl = urlparse.urlparse(urls['event_sub_url'])
2877
2878 url = urlparse.urlparse(location)
2879 conn = httplib.HTTPConnection(url.netloc)
2880 #conn.set_debuglevel(1)
2881 headers = { "callback": '<http://127.0.0.1:12345/event>',
2882 "timeout": "Second-1234" }
2883 conn.request("SUBSCRIBE", "hello", "\r\n\r\n", headers)
2884 resp = conn.getresponse()
2885 if resp.status != 412:
2886 raise Exception("Unexpected HTTP response: %d" % resp.status)
2887
2888 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
2889 resp = conn.getresponse()
2890 if resp.status != 412:
2891 raise Exception("Unexpected HTTP response: %d" % resp.status)
2892
2893 headers = { "NT": "upnp:event",
2894 "timeout": "Second-1234" }
2895 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
2896 resp = conn.getresponse()
2897 if resp.status != 412:
2898 raise Exception("Unexpected HTTP response: %d" % resp.status)
2899
2900 headers = { "callback": '<http://127.0.0.1:12345/event>',
2901 "NT": "upnp:foobar",
2902 "timeout": "Second-1234" }
2903 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
2904 resp = conn.getresponse()
2905 if resp.status != 400:
2906 raise Exception("Unexpected HTTP response: %d" % resp.status)
2907
2908 logger.debug("Valid subscription")
2909 headers = { "callback": '<http://127.0.0.1:12345/event>',
2910 "NT": "upnp:event",
2911 "timeout": "Second-1234" }
2912 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
2913 resp = conn.getresponse()
2914 if resp.status != 200:
2915 raise Exception("Unexpected HTTP response: %d" % resp.status)
2916 sid = resp.getheader("sid")
2917 logger.debug("Subscription SID " + sid)
2918
2919 logger.debug("Invalid re-subscription")
2920 headers = { "NT": "upnp:event",
2921 "sid": "123456734567854",
2922 "timeout": "Second-1234" }
2923 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
2924 resp = conn.getresponse()
2925 if resp.status != 400:
2926 raise Exception("Unexpected HTTP response: %d" % resp.status)
2927
2928 logger.debug("Invalid re-subscription")
2929 headers = { "NT": "upnp:event",
2930 "sid": "uuid:123456734567854",
2931 "timeout": "Second-1234" }
2932 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
2933 resp = conn.getresponse()
2934 if resp.status != 400:
2935 raise Exception("Unexpected HTTP response: %d" % resp.status)
2936
2937 logger.debug("Invalid re-subscription")
2938 headers = { "callback": '<http://127.0.0.1:12345/event>',
2939 "NT": "upnp:event",
2940 "sid": sid,
2941 "timeout": "Second-1234" }
2942 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
2943 resp = conn.getresponse()
2944 if resp.status != 400:
2945 raise Exception("Unexpected HTTP response: %d" % resp.status)
2946
2947 logger.debug("SID mismatch in re-subscription")
2948 headers = { "NT": "upnp:event",
2949 "sid": "uuid:4c2bca79-1ff4-4e43-85d4-952a2b8a51fb",
2950 "timeout": "Second-1234" }
2951 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
2952 resp = conn.getresponse()
2953 if resp.status != 412:
2954 raise Exception("Unexpected HTTP response: %d" % resp.status)
2955
2956 logger.debug("Valid re-subscription")
2957 headers = { "NT": "upnp:event",
2958 "sid": sid,
2959 "timeout": "Second-1234" }
2960 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
2961 resp = conn.getresponse()
2962 if resp.status != 200:
2963 raise Exception("Unexpected HTTP response: %d" % resp.status)
2964 sid2 = resp.getheader("sid")
2965 logger.debug("Subscription SID " + sid2)
2966
2967 if sid != sid2:
2968 raise Exception("Unexpected SID change")
2969
2970 logger.debug("Valid re-subscription")
2971 headers = { "NT": "upnp:event",
2972 "sid": "uuid: \t \t" + sid.split(':')[1],
2973 "timeout": "Second-1234" }
2974 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
2975 resp = conn.getresponse()
2976 if resp.status != 200:
2977 raise Exception("Unexpected HTTP response: %d" % resp.status)
2978
2979 logger.debug("Invalid unsubscription")
2980 headers = { "sid": sid }
2981 conn.request("UNSUBSCRIBE", "/hello", "\r\n\r\n", headers)
2982 resp = conn.getresponse()
2983 if resp.status != 412:
2984 raise Exception("Unexpected HTTP response: %d" % resp.status)
2985 headers = { "foo": "bar" }
2986 conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
2987 resp = conn.getresponse()
2988 if resp.status != 412:
2989 raise Exception("Unexpected HTTP response: %d" % resp.status)
2990
2991 logger.debug("Valid unsubscription")
2992 headers = { "sid": sid }
2993 conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
2994 resp = conn.getresponse()
2995 if resp.status != 200:
2996 raise Exception("Unexpected HTTP response: %d" % resp.status)
2997
2998 logger.debug("Unsubscription for not existing SID")
2999 headers = { "sid": sid }
3000 conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3001 resp = conn.getresponse()
3002 if resp.status != 412:
3003 raise Exception("Unexpected HTTP response: %d" % resp.status)
3004
3005 logger.debug("Invalid unsubscription")
3006 headers = { "sid": " \t \tfoo" }
3007 conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3008 resp = conn.getresponse()
3009 if resp.status != 400:
3010 raise Exception("Unexpected HTTP response: %d" % resp.status)
3011
3012 logger.debug("Invalid unsubscription")
3013 headers = { "sid": "uuid:\t \tfoo" }
3014 conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3015 resp = conn.getresponse()
3016 if resp.status != 400:
3017 raise Exception("Unexpected HTTP response: %d" % resp.status)
3018
3019 logger.debug("Invalid unsubscription")
3020 headers = { "NT": "upnp:event",
3021 "sid": sid }
3022 conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3023 resp = conn.getresponse()
3024 if resp.status != 400:
3025 raise Exception("Unexpected HTTP response: %d" % resp.status)
3026 headers = { "callback": '<http://127.0.0.1:12345/event>',
3027 "sid": sid }
3028 conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3029 resp = conn.getresponse()
3030 if resp.status != 400:
3031 raise Exception("Unexpected HTTP response: %d" % resp.status)
3032
3033 logger.debug("Valid subscription with multiple callbacks")
3034 headers = { "callback": '<http://127.0.0.1:12345/event> <http://127.0.0.1:12345/event>\t<http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event>',
3035 "NT": "upnp:event",
3036 "timeout": "Second-1234" }
3037 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3038 resp = conn.getresponse()
3039 if resp.status != 200:
3040 raise Exception("Unexpected HTTP response: %d" % resp.status)
3041 sid = resp.getheader("sid")
3042 logger.debug("Subscription SID " + sid)
3043
3044 # Force subscription to be deleted due to errors
3045 dev[1].scan_for_bss(apdev[0]['bssid'], freq=2412)
3046 dev[2].scan_for_bss(apdev[0]['bssid'], freq=2412)
3047 with alloc_fail(hapd, 1, "event_build_message"):
3048 for i in range(10):
3049 dev[1].dump_monitor()
3050 dev[2].dump_monitor()
3051 dev[1].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
3052 dev[2].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
3053 dev[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3054 dev[1].request("WPS_CANCEL")
3055 dev[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3056 dev[2].request("WPS_CANCEL")
3057 if i % 4 == 1:
3058 time.sleep(1)
3059 else:
3060 time.sleep(0.1)
3061 time.sleep(0.2)
3062
3063 headers = { "sid": sid }
3064 conn.request("UNSUBSCRIBE", eventurl.path, "", headers)
3065 resp = conn.getresponse()
3066 if resp.status != 200 and resp.status != 412:
3067 raise Exception("Unexpected HTTP response for UNSUBSCRIBE: %d" % resp.status)
3068
3069 headers = { "callback": '<http://127.0.0.1:12345/event>',
3070 "NT": "upnp:event",
3071 "timeout": "Second-1234" }
3072 with alloc_fail(hapd, 1, "http_client_addr;event_send_start"):
3073 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3074 resp = conn.getresponse()
3075 if resp.status != 200:
3076 raise Exception("Unexpected HTTP response for SUBSCRIBE: %d" % resp.status)
3077 sid = resp.getheader("sid")
3078 logger.debug("Subscription SID " + sid)
3079
3080 headers = { "sid": sid }
3081 conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3082 resp = conn.getresponse()
3083 if resp.status != 200:
3084 raise Exception("Unexpected HTTP response for UNSUBSCRIBE: %d" % resp.status)
3085
3086 headers = { "callback": '<http://127.0.0.1:12345/event>',
3087 "NT": "upnp:event",
3088 "timeout": "Second-1234" }
3089 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3090 resp = conn.getresponse()
3091 if resp.status != 200:
3092 raise Exception("Unexpected HTTP response: %d" % resp.status)
3093 sid = resp.getheader("sid")
3094 logger.debug("Subscription SID " + sid)
3095
3096 with alloc_fail(hapd, 1, "=event_add"):
3097 for i in range(2):
3098 dev[1].dump_monitor()
3099 dev[2].dump_monitor()
3100 dev[1].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
3101 dev[2].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
3102 dev[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3103 dev[1].request("WPS_CANCEL")
3104 dev[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3105 dev[2].request("WPS_CANCEL")
3106 if i == 0:
3107 time.sleep(1)
3108 else:
3109 time.sleep(0.1)
3110
3111 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3112 resp = conn.getresponse()
3113 if resp.status != 200:
3114 raise Exception("Unexpected HTTP response: %d" % resp.status)
3115
3116 with alloc_fail(hapd, 1, "wpabuf_dup;event_add"):
3117 dev[1].dump_monitor()
3118 dev[2].dump_monitor()
3119 dev[1].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
3120 dev[2].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
3121 dev[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3122 dev[1].request("WPS_CANCEL")
3123 dev[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3124 dev[2].request("WPS_CANCEL")
3125 time.sleep(0.1)
3126
3127 with fail_test(hapd, 1, "os_get_random;uuid_make;subscription_start"):
3128 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3129 resp = conn.getresponse()
3130 if resp.status != 500:
3131 raise Exception("Unexpected HTTP response: %d" % resp.status)
3132
3133 with alloc_fail(hapd, 1, "=subscription_start"):
3134 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3135 resp = conn.getresponse()
3136 if resp.status != 500:
3137 raise Exception("Unexpected HTTP response: %d" % resp.status)
3138
3139 headers = { "callback": '',
3140 "NT": "upnp:event",
3141 "timeout": "Second-1234" }
3142 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3143 resp = conn.getresponse()
3144 if resp.status != 500:
3145 raise Exception("Unexpected HTTP response: %d" % resp.status)
3146
3147 headers = { "callback": ' <',
3148 "NT": "upnp:event",
3149 "timeout": "Second-1234" }
3150 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3151 resp = conn.getresponse()
3152 if resp.status != 500:
3153 raise Exception("Unexpected HTTP response: %d" % resp.status)
3154
3155 headers = { "callback": '<http://127.0.0.1:12345/event>',
3156 "NT": "upnp:event",
3157 "timeout": "Second-1234" }
3158 with alloc_fail(hapd, 1, "wpabuf_alloc;subscription_first_event"):
3159 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3160 resp = conn.getresponse()
3161 if resp.status != 500:
3162 raise Exception("Unexpected HTTP response: %d" % resp.status)
3163
3164 with alloc_fail(hapd, 1, "event_add;subscription_first_event"):
3165 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3166 resp = conn.getresponse()
3167 if resp.status != 500:
3168 raise Exception("Unexpected HTTP response: %d" % resp.status)
3169
3170 with alloc_fail(hapd, 1, "subscr_addr_add_url"):
3171 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3172 resp = conn.getresponse()
3173 if resp.status != 500:
3174 raise Exception("Unexpected HTTP response: %d" % resp.status)
3175
3176 with alloc_fail(hapd, 2, "subscr_addr_add_url"):
3177 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3178 resp = conn.getresponse()
3179 if resp.status != 500:
3180 raise Exception("Unexpected HTTP response: %d" % resp.status)
3181
3182 for i in range(6):
3183 headers = { "callback": '<http://127.0.0.1:%d/event>' % (12345 + i),
3184 "NT": "upnp:event",
3185 "timeout": "Second-1234" }
3186 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3187 resp = conn.getresponse()
3188 if resp.status != 200:
3189 raise Exception("Unexpected HTTP response: %d" % resp.status)
3190
3191 with alloc_fail(hapd, 1, "=upnp_wps_device_send_wlan_event"):
3192 dev[1].dump_monitor()
3193 dev[1].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
3194 dev[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3195 dev[1].request("WPS_CANCEL")
3196 time.sleep(0.1)
3197
3198 with alloc_fail(hapd, 1, "wpabuf_alloc;upnp_wps_device_send_event"):
3199 dev[1].dump_monitor()
3200 dev[1].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
3201 dev[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3202 dev[1].request("WPS_CANCEL")
3203 time.sleep(0.1)
3204
3205 with alloc_fail(hapd, 1,
3206 "base64_gen_encode;?base64_encode;upnp_wps_device_send_wlan_event"):
3207 dev[1].dump_monitor()
3208 dev[1].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
3209 dev[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3210 dev[1].request("WPS_CANCEL")
3211 time.sleep(0.1)
3212
3213 hapd.disable()
3214 with alloc_fail(hapd, 1, "get_netif_info"):
3215 if "FAIL" not in hapd.request("ENABLE"):
3216 raise Exception("ENABLE succeeded during OOM")
3217
3218 def test_ap_wps_upnp_subscribe_events(dev, apdev):
3219 """WPS AP and UPnP event subscription and many events"""
3220 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3221 hapd = add_ssdp_ap(apdev[0], ap_uuid)
3222
3223 location = ssdp_get_location(ap_uuid)
3224 urls = upnp_get_urls(location)
3225 eventurl = urlparse.urlparse(urls['event_sub_url'])
3226
3227 class WPSERHTTPServer(SocketServer.StreamRequestHandler):
3228 def handle(self):
3229 data = self.rfile.readline().strip()
3230 logger.debug(data)
3231 self.wfile.write(gen_wps_event())
3232
3233 server = MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer)
3234 server.timeout = 1
3235
3236 url = urlparse.urlparse(location)
3237 conn = httplib.HTTPConnection(url.netloc)
3238
3239 headers = { "callback": '<http://127.0.0.1:12345/event>',
3240 "NT": "upnp:event",
3241 "timeout": "Second-1234" }
3242 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
3243 resp = conn.getresponse()
3244 if resp.status != 200:
3245 raise Exception("Unexpected HTTP response: %d" % resp.status)
3246 sid = resp.getheader("sid")
3247 logger.debug("Subscription SID " + sid)
3248
3249 # Fetch the first event message
3250 server.handle_request()
3251
3252 # Force subscription event queue to reach the maximum length by generating
3253 # new proxied events without the ER fetching any of the pending events.
3254 dev[1].scan_for_bss(apdev[0]['bssid'], freq=2412)
3255 dev[2].scan_for_bss(apdev[0]['bssid'], freq=2412)
3256 for i in range(16):
3257 dev[1].dump_monitor()
3258 dev[2].dump_monitor()
3259 dev[1].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
3260 dev[2].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
3261 dev[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3262 dev[1].request("WPS_CANCEL")
3263 dev[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3264 dev[2].request("WPS_CANCEL")
3265 if i % 4 == 1:
3266 time.sleep(1)
3267 else:
3268 time.sleep(0.1)
3269
3270 hapd.request("WPS_PIN any 12345670")
3271 dev[1].dump_monitor()
3272 dev[1].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
3273 ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=10)
3274 if ev is None:
3275 raise Exception("WPS success not reported")
3276
3277 # Close the WPS ER HTTP server without fetching all the pending events.
3278 # This tests hostapd code path that clears subscription and the remaining
3279 # event queue when the interface is deinitialized.
3280 server.handle_request()
3281 server.server_close()
3282
3283 dev[1].wait_connected()
3284
3285 def test_ap_wps_upnp_http_proto(dev, apdev):
3286 """WPS AP and UPnP/HTTP protocol testing"""
3287 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3288 add_ssdp_ap(apdev[0], ap_uuid)
3289
3290 location = ssdp_get_location(ap_uuid)
3291
3292 url = urlparse.urlparse(location)
3293 conn = httplib.HTTPConnection(url.netloc, timeout=0.2)
3294 #conn.set_debuglevel(1)
3295
3296 conn.request("HEAD", "hello")
3297 resp = conn.getresponse()
3298 if resp.status != 501:
3299 raise Exception("Unexpected response to HEAD: " + str(resp.status))
3300 conn.close()
3301
3302 for cmd in [ "PUT", "DELETE", "TRACE", "CONNECT", "M-SEARCH", "M-POST" ]:
3303 try:
3304 conn.request(cmd, "hello")
3305 resp = conn.getresponse()
3306 except Exception, e:
3307 pass
3308 conn.close()
3309
3310 headers = { "Content-Length": 'abc' }
3311 conn.request("HEAD", "hello", "\r\n\r\n", headers)
3312 try:
3313 resp = conn.getresponse()
3314 except Exception, e:
3315 pass
3316 conn.close()
3317
3318 headers = { "Content-Length": '-10' }
3319 conn.request("HEAD", "hello", "\r\n\r\n", headers)
3320 try:
3321 resp = conn.getresponse()
3322 except Exception, e:
3323 pass
3324 conn.close()
3325
3326 headers = { "Content-Length": '10000000000000' }
3327 conn.request("HEAD", "hello", "\r\n\r\nhello", headers)
3328 try:
3329 resp = conn.getresponse()
3330 except Exception, e:
3331 pass
3332 conn.close()
3333
3334 headers = { "Transfer-Encoding": 'abc' }
3335 conn.request("HEAD", "hello", "\r\n\r\n", headers)
3336 resp = conn.getresponse()
3337 if resp.status != 501:
3338 raise Exception("Unexpected response to HEAD: " + str(resp.status))
3339 conn.close()
3340
3341 headers = { "Transfer-Encoding": 'chunked' }
3342 conn.request("HEAD", "hello", "\r\n\r\n", headers)
3343 resp = conn.getresponse()
3344 if resp.status != 501:
3345 raise Exception("Unexpected response to HEAD: " + str(resp.status))
3346 conn.close()
3347
3348 # Too long a header
3349 conn.request("HEAD", 5000 * 'A')
3350 try:
3351 resp = conn.getresponse()
3352 except Exception, e:
3353 pass
3354 conn.close()
3355
3356 # Long URL but within header length limits
3357 conn.request("HEAD", 3000 * 'A')
3358 resp = conn.getresponse()
3359 if resp.status != 501:
3360 raise Exception("Unexpected response to HEAD: " + str(resp.status))
3361 conn.close()
3362
3363 headers = { "Content-Length": '20' }
3364 conn.request("POST", "hello", 10 * 'A' + "\r\n\r\n", headers)
3365 try:
3366 resp = conn.getresponse()
3367 except Exception, e:
3368 pass
3369 conn.close()
3370
3371 conn.request("POST", "hello", 5000 * 'A' + "\r\n\r\n")
3372 resp = conn.getresponse()
3373 if resp.status != 404:
3374 raise Exception("Unexpected HTTP response: %d" % resp.status)
3375 conn.close()
3376
3377 conn.request("POST", "hello", 60000 * 'A' + "\r\n\r\n")
3378 try:
3379 resp = conn.getresponse()
3380 except Exception, e:
3381 pass
3382 conn.close()
3383
3384 def test_ap_wps_upnp_http_proto_chunked(dev, apdev):
3385 """WPS AP and UPnP/HTTP protocol testing for chunked encoding"""
3386 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3387 add_ssdp_ap(apdev[0], ap_uuid)
3388
3389 location = ssdp_get_location(ap_uuid)
3390
3391 url = urlparse.urlparse(location)
3392 conn = httplib.HTTPConnection(url.netloc)
3393 #conn.set_debuglevel(1)
3394
3395 headers = { "Transfer-Encoding": 'chunked' }
3396 conn.request("POST", "hello",
3397 "a\r\nabcdefghij\r\n" + "2\r\nkl\r\n" + "0\r\n\r\n",
3398 headers)
3399 resp = conn.getresponse()
3400 if resp.status != 404:
3401 raise Exception("Unexpected HTTP response: %d" % resp.status)
3402 conn.close()
3403
3404 conn.putrequest("POST", "hello")
3405 conn.putheader('Transfer-Encoding', 'chunked')
3406 conn.endheaders()
3407 conn.send("a\r\nabcdefghij\r\n")
3408 time.sleep(0.1)
3409 conn.send("2\r\nkl\r\n")
3410 conn.send("0\r\n\r\n")
3411 resp = conn.getresponse()
3412 if resp.status != 404:
3413 raise Exception("Unexpected HTTP response: %d" % resp.status)
3414 conn.close()
3415
3416 conn.putrequest("POST", "hello")
3417 conn.putheader('Transfer-Encoding', 'chunked')
3418 conn.endheaders()
3419 completed = False
3420 try:
3421 for i in range(20000):
3422 conn.send("1\r\nZ\r\n")
3423 conn.send("0\r\n\r\n")
3424 resp = conn.getresponse()
3425 completed = True
3426 except Exception, e:
3427 pass
3428 conn.close()
3429 if completed:
3430 raise Exception("Too long chunked request did not result in connection reset")
3431
3432 headers = { "Transfer-Encoding": 'chunked' }
3433 conn.request("POST", "hello", "80000000\r\na", headers)
3434 try:
3435 resp = conn.getresponse()
3436 except Exception, e:
3437 pass
3438 conn.close()
3439
3440 conn.request("POST", "hello", "10000000\r\na", headers)
3441 try:
3442 resp = conn.getresponse()
3443 except Exception, e:
3444 pass
3445 conn.close()
3446
3447 @remote_compatible
3448 def test_ap_wps_disabled(dev, apdev):
3449 """WPS operations while WPS is disabled"""
3450 ssid = "test-wps-disabled"
3451 hapd = hostapd.add_ap(apdev[0], { "ssid": ssid })
3452 if "FAIL" not in hapd.request("WPS_PBC"):
3453 raise Exception("WPS_PBC succeeded unexpectedly")
3454 if "FAIL" not in hapd.request("WPS_CANCEL"):
3455 raise Exception("WPS_CANCEL succeeded unexpectedly")
3456
3457 def test_ap_wps_mixed_cred(dev, apdev):
3458 """WPS 2.0 STA merging mixed mode WPA/WPA2 credentials"""
3459 ssid = "test-wps-wep"
3460 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
3461 "skip_cred_build": "1", "extra_cred": "wps-mixed-cred" }
3462 hapd = hostapd.add_ap(apdev[0], params)
3463 hapd.request("WPS_PBC")
3464 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
3465 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
3466 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=30)
3467 if ev is None:
3468 raise Exception("WPS-SUCCESS event timed out")
3469 nets = dev[0].list_networks()
3470 if len(nets) != 1:
3471 raise Exception("Unexpected number of network blocks")
3472 id = nets[0]['id']
3473 proto = dev[0].get_network(id, "proto")
3474 if proto != "WPA RSN":
3475 raise Exception("Unexpected merged proto field value: " + proto)
3476 pairwise = dev[0].get_network(id, "pairwise")
3477 if pairwise != "CCMP TKIP" and pairwise != "CCMP GCMP TKIP":
3478 raise Exception("Unexpected merged pairwise field value: " + pairwise)
3479
3480 @remote_compatible
3481 def test_ap_wps_while_connected(dev, apdev):
3482 """WPS PBC provisioning while connected to another AP"""
3483 ssid = "test-wps-conf"
3484 hapd = hostapd.add_ap(apdev[0],
3485 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
3486 "wpa_passphrase": "12345678", "wpa": "2",
3487 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3488
3489 hostapd.add_ap(apdev[1], { "ssid": "open" })
3490 dev[0].connect("open", key_mgmt="NONE", scan_freq="2412")
3491
3492 logger.info("WPS provisioning step")
3493 hapd.request("WPS_PBC")
3494 dev[0].dump_monitor()
3495 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
3496 dev[0].wait_connected(timeout=30)
3497 status = dev[0].get_status()
3498 if status['bssid'] != apdev[0]['bssid']:
3499 raise Exception("Unexpected BSSID")
3500
3501 @remote_compatible
3502 def test_ap_wps_while_connected_no_autoconnect(dev, apdev):
3503 """WPS PBC provisioning while connected to another AP and STA_AUTOCONNECT disabled"""
3504 ssid = "test-wps-conf"
3505 hapd = hostapd.add_ap(apdev[0],
3506 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
3507 "wpa_passphrase": "12345678", "wpa": "2",
3508 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3509
3510 hostapd.add_ap(apdev[1], { "ssid": "open" })
3511
3512 try:
3513 dev[0].request("STA_AUTOCONNECT 0")
3514 dev[0].connect("open", key_mgmt="NONE", scan_freq="2412")
3515
3516 logger.info("WPS provisioning step")
3517 hapd.request("WPS_PBC")
3518 dev[0].dump_monitor()
3519 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
3520 dev[0].wait_connected(timeout=30)
3521 status = dev[0].get_status()
3522 if status['bssid'] != apdev[0]['bssid']:
3523 raise Exception("Unexpected BSSID")
3524 finally:
3525 dev[0].request("STA_AUTOCONNECT 1")
3526
3527 @remote_compatible
3528 def test_ap_wps_from_event(dev, apdev):
3529 """WPS PBC event on AP to enable PBC"""
3530 ssid = "test-wps-conf"
3531 hapd = hostapd.add_ap(apdev[0],
3532 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
3533 "wpa_passphrase": "12345678", "wpa": "2",
3534 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3535 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
3536 dev[0].dump_monitor()
3537 hapd.dump_monitor()
3538 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
3539
3540 ev = hapd.wait_event(['WPS-ENROLLEE-SEEN'], timeout=15)
3541 if ev is None:
3542 raise Exception("No WPS-ENROLLEE-SEEN event on AP")
3543 vals = ev.split(' ')
3544 if vals[1] != dev[0].p2p_interface_addr():
3545 raise Exception("Unexpected enrollee address: " + vals[1])
3546 if vals[5] != '4':
3547 raise Exception("Unexpected Device Password Id: " + vals[5])
3548 hapd.request("WPS_PBC")
3549 dev[0].wait_connected(timeout=30)
3550
3551 def test_ap_wps_ap_scan_2(dev, apdev):
3552 """AP_SCAN 2 for WPS"""
3553 ssid = "test-wps-conf"
3554 hapd = hostapd.add_ap(apdev[0],
3555 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
3556 "wpa_passphrase": "12345678", "wpa": "2",
3557 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3558 hapd.request("WPS_PBC")
3559
3560 wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
3561 wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
3562 wpas.dump_monitor()
3563
3564 if "OK" not in wpas.request("AP_SCAN 2"):
3565 raise Exception("Failed to set AP_SCAN 2")
3566
3567 wpas.flush_scan_cache()
3568 wpas.scan_for_bss(apdev[0]['bssid'], freq="2412")
3569 wpas.dump_monitor()
3570 wpas.request("WPS_PBC " + apdev[0]['bssid'])
3571 ev = wpas.wait_event(["WPS-SUCCESS"], timeout=15)
3572 if ev is None:
3573 raise Exception("WPS-SUCCESS event timed out")
3574 wpas.wait_connected(timeout=30)
3575 wpas.dump_monitor()
3576 wpas.request("DISCONNECT")
3577 wpas.request("BSS_FLUSH 0")
3578 wpas.dump_monitor()
3579 wpas.request("REASSOCIATE")
3580 wpas.wait_connected(timeout=30)
3581 wpas.dump_monitor()
3582
3583 @remote_compatible
3584 def test_ap_wps_eapol_workaround(dev, apdev):
3585 """EAPOL workaround code path for 802.1X header length mismatch"""
3586 ssid = "test-wps"
3587 hapd = hostapd.add_ap(apdev[0],
3588 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
3589 bssid = apdev[0]['bssid']
3590 hapd.request("SET ext_eapol_frame_io 1")
3591 dev[0].request("SET ext_eapol_frame_io 1")
3592 hapd.request("WPS_PBC")
3593 dev[0].request("WPS_PBC")
3594
3595 ev = hapd.wait_event(["EAPOL-TX"], timeout=15)
3596 if ev is None:
3597 raise Exception("Timeout on EAPOL-TX from hostapd")
3598
3599 res = dev[0].request("EAPOL_RX " + bssid + " 020000040193000501FFFF")
3600 if "OK" not in res:
3601 raise Exception("EAPOL_RX to wpa_supplicant failed")
3602
3603 def test_ap_wps_iteration(dev, apdev):
3604 """WPS PIN and iterate through APs without selected registrar"""
3605 ssid = "test-wps-conf"
3606 hapd = hostapd.add_ap(apdev[0],
3607 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
3608 "wpa_passphrase": "12345678", "wpa": "2",
3609 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3610
3611 ssid2 = "test-wps-conf2"
3612 hapd2 = hostapd.add_ap(apdev[1],
3613 { "ssid": ssid2, "eap_server": "1", "wps_state": "2",
3614 "wpa_passphrase": "12345678", "wpa": "2",
3615 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3616
3617 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
3618 dev[0].scan_for_bss(apdev[1]['bssid'], freq="2412")
3619 dev[0].dump_monitor()
3620 pin = dev[0].request("WPS_PIN any")
3621
3622 # Wait for iteration through all WPS APs to happen before enabling any
3623 # Registrar.
3624 for i in range(2):
3625 ev = dev[0].wait_event(["Associated with"], timeout=30)
3626 if ev is None:
3627 raise Exception("No association seen")
3628 ev = dev[0].wait_event(["WPS-M2D"], timeout=10)
3629 if ev is None:
3630 raise Exception("No M2D from AP")
3631 dev[0].wait_disconnected()
3632
3633 # Verify that each AP requested PIN
3634 ev = hapd.wait_event(["WPS-PIN-NEEDED"], timeout=1)
3635 if ev is None:
3636 raise Exception("No WPS-PIN-NEEDED event from AP")
3637 ev = hapd2.wait_event(["WPS-PIN-NEEDED"], timeout=1)
3638 if ev is None:
3639 raise Exception("No WPS-PIN-NEEDED event from AP2")
3640
3641 # Provide PIN to one of the APs and verify that connection gets formed
3642 hapd.request("WPS_PIN any " + pin)
3643 dev[0].wait_connected(timeout=30)
3644
3645 def test_ap_wps_iteration_error(dev, apdev):
3646 """WPS AP iteration on no Selected Registrar and error case with an AP"""
3647 ssid = "test-wps-conf-pin"
3648 hapd = hostapd.add_ap(apdev[0],
3649 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
3650 "wpa_passphrase": "12345678", "wpa": "2",
3651 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3652 "wps_independent": "1" })
3653 hapd.request("SET ext_eapol_frame_io 1")
3654 bssid = apdev[0]['bssid']
3655 pin = dev[0].wps_read_pin()
3656 dev[0].request("WPS_PIN any " + pin)
3657
3658 ev = hapd.wait_event(["EAPOL-TX"], timeout=15)
3659 if ev is None:
3660 raise Exception("No EAPOL-TX (EAP-Request/Identity) from hostapd")
3661 dev[0].request("EAPOL_RX " + bssid + " " + ev.split(' ')[2])
3662
3663 ev = hapd.wait_event(["EAPOL-TX"], timeout=15)
3664 if ev is None:
3665 raise Exception("No EAPOL-TX (EAP-WSC/Start) from hostapd")
3666 ev = dev[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout=5)
3667 if ev is None:
3668 raise Exception("No CTRL-EVENT-EAP-STARTED")
3669
3670 # Do not forward any more EAPOL frames to test wpa_supplicant behavior for
3671 # a case with an incorrectly behaving WPS AP.
3672
3673 # Start the real target AP and activate registrar on it.
3674 hapd2 = hostapd.add_ap(apdev[1],
3675 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
3676 "wpa_passphrase": "12345678", "wpa": "2",
3677 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3678 "wps_independent": "1" })
3679 hapd2.request("WPS_PIN any " + pin)
3680
3681 dev[0].wait_disconnected(timeout=15)
3682 ev = dev[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout=15)
3683 if ev is None:
3684 raise Exception("No CTRL-EVENT-EAP-STARTED for the second AP")
3685 ev = dev[0].wait_event(["WPS-CRED-RECEIVED"], timeout=15)
3686 if ev is None:
3687 raise Exception("No WPS-CRED-RECEIVED for the second AP")
3688 dev[0].wait_connected(timeout=15)
3689
3690 @remote_compatible
3691 def test_ap_wps_priority(dev, apdev):
3692 """WPS PIN provisioning with configured AP and wps_priority"""
3693 ssid = "test-wps-conf-pin"
3694 hapd = hostapd.add_ap(apdev[0],
3695 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
3696 "wpa_passphrase": "12345678", "wpa": "2",
3697 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3698 logger.info("WPS provisioning step")
3699 pin = dev[0].wps_read_pin()
3700 hapd.request("WPS_PIN any " + pin)
3701 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
3702 dev[0].dump_monitor()
3703 try:
3704 dev[0].request("SET wps_priority 6")
3705 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
3706 dev[0].wait_connected(timeout=30)
3707 netw = dev[0].list_networks()
3708 prio = dev[0].get_network(netw[0]['id'], 'priority')
3709 if prio != '6':
3710 raise Exception("Unexpected network priority: " + prio)
3711 finally:
3712 dev[0].request("SET wps_priority 0")
3713
3714 @remote_compatible
3715 def test_ap_wps_and_non_wps(dev, apdev):
3716 """WPS and non-WPS AP in single hostapd process"""
3717 params = { "ssid": "wps", "eap_server": "1", "wps_state": "1" }
3718 hapd = hostapd.add_ap(apdev[0], params)
3719
3720 params = { "ssid": "no wps" }
3721 hapd2 = hostapd.add_ap(apdev[1], params)
3722
3723 appin = hapd.request("WPS_AP_PIN random")
3724 if "FAIL" in appin:
3725 raise Exception("Could not generate random AP PIN")
3726 if appin not in hapd.request("WPS_AP_PIN get"):
3727 raise Exception("Could not fetch current AP PIN")
3728
3729 if "FAIL" in hapd.request("WPS_PBC"):
3730 raise Exception("WPS_PBC failed")
3731 if "FAIL" in hapd.request("WPS_CANCEL"):
3732 raise Exception("WPS_CANCEL failed")
3733
3734 def test_ap_wps_init_oom(dev, apdev):
3735 """Initial AP configuration and OOM during PSK generation"""
3736 ssid = "test-wps"
3737 params = { "ssid": ssid, "eap_server": "1", "wps_state": "1" }
3738 hapd = hostapd.add_ap(apdev[0], params)
3739
3740 with alloc_fail(hapd, 1, "base64_gen_encode;?base64_encode;wps_build_cred"):
3741 pin = dev[0].wps_read_pin()
3742 hapd.request("WPS_PIN any " + pin)
3743 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
3744 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
3745 dev[0].wait_disconnected()
3746
3747 hapd.request("WPS_PIN any " + pin)
3748 dev[0].wait_connected(timeout=30)
3749
3750 @remote_compatible
3751 def test_ap_wps_er_oom(dev, apdev):
3752 """WPS ER OOM in XML processing"""
3753 try:
3754 _test_ap_wps_er_oom(dev, apdev)
3755 finally:
3756 dev[0].request("WPS_ER_STOP")
3757 dev[1].request("WPS_CANCEL")
3758 dev[0].request("DISCONNECT")
3759
3760 def _test_ap_wps_er_oom(dev, apdev):
3761 ssid = "wps-er-ap-config"
3762 ap_pin = "12345670"
3763 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3764 hostapd.add_ap(apdev[0],
3765 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
3766 "wpa_passphrase": "12345678", "wpa": "2",
3767 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3768 "device_name": "Wireless AP", "manufacturer": "Company",
3769 "model_name": "WAP", "model_number": "123",
3770 "serial_number": "12345", "device_type": "6-0050F204-1",
3771 "os_version": "01020300",
3772 "config_methods": "label push_button",
3773 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
3774
3775 dev[0].connect(ssid, psk="12345678", scan_freq="2412")
3776
3777 with alloc_fail(dev[0], 1,
3778 "base64_gen_decode;?base64_decode;xml_get_base64_item"):
3779 dev[0].request("WPS_ER_START ifname=lo")
3780 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=3)
3781 if ev is not None:
3782 raise Exception("Unexpected AP discovery")
3783
3784 dev[0].request("WPS_ER_STOP")
3785 dev[0].request("WPS_ER_START ifname=lo")
3786 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=10)
3787 if ev is None:
3788 raise Exception("AP discovery timed out")
3789
3790 dev[1].scan_for_bss(apdev[0]['bssid'], freq=2412)
3791 with alloc_fail(dev[0], 1,
3792 "base64_gen_decode;?base64_decode;xml_get_base64_item"):
3793 dev[1].request("WPS_PBC " + apdev[0]['bssid'])
3794 ev = dev[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout=10)
3795 if ev is None:
3796 raise Exception("PBC scan failed")
3797 ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=15)
3798 if ev is None:
3799 raise Exception("Enrollee discovery timed out")
3800
3801 @remote_compatible
3802 def test_ap_wps_er_init_oom(dev, apdev):
3803 """WPS ER and OOM during init"""
3804 try:
3805 _test_ap_wps_er_init_oom(dev, apdev)
3806 finally:
3807 dev[0].request("WPS_ER_STOP")
3808
3809 def _test_ap_wps_er_init_oom(dev, apdev):
3810 with alloc_fail(dev[0], 1, "wps_er_init"):
3811 if "FAIL" not in dev[0].request("WPS_ER_START ifname=lo"):
3812 raise Exception("WPS_ER_START succeeded during OOM")
3813 with alloc_fail(dev[0], 1, "http_server_init"):
3814 if "FAIL" not in dev[0].request("WPS_ER_START ifname=lo"):
3815 raise Exception("WPS_ER_START succeeded during OOM")
3816 with alloc_fail(dev[0], 2, "http_server_init"):
3817 if "FAIL" not in dev[0].request("WPS_ER_START ifname=lo"):
3818 raise Exception("WPS_ER_START succeeded during OOM")
3819 with alloc_fail(dev[0], 1, "eloop_sock_table_add_sock;?eloop_register_sock;wps_er_ssdp_init"):
3820 if "FAIL" not in dev[0].request("WPS_ER_START ifname=lo"):
3821 raise Exception("WPS_ER_START succeeded during OOM")
3822 with fail_test(dev[0], 1, "os_get_random;wps_er_init"):
3823 if "FAIL" not in dev[0].request("WPS_ER_START ifname=lo"):
3824 raise Exception("WPS_ER_START succeeded during os_get_random failure")
3825
3826 @remote_compatible
3827 def test_ap_wps_er_init_fail(dev, apdev):
3828 """WPS ER init failure"""
3829 if "FAIL" not in dev[0].request("WPS_ER_START ifname=does-not-exist"):
3830 dev[0].request("WPS_ER_STOP")
3831 raise Exception("WPS_ER_START with non-existing ifname succeeded")
3832
3833 def test_ap_wps_wpa_cli_action(dev, apdev, test_params):
3834 """WPS events and wpa_cli action script"""
3835 logdir = os.path.abspath(test_params['logdir'])
3836 pidfile = os.path.join(logdir, 'ap_wps_wpa_cli_action.wpa_cli.pid')
3837 logfile = os.path.join(logdir, 'ap_wps_wpa_cli_action.wpa_cli.res')
3838 actionfile = os.path.join(logdir, 'ap_wps_wpa_cli_action.wpa_cli.action.sh')
3839
3840 with open(actionfile, 'w') as f:
3841 f.write('#!/bin/sh\n')
3842 f.write('echo $* >> %s\n' % logfile)
3843 # Kill the process and wait some time before returning to allow all the
3844 # pending events to be processed with some of this happening after the
3845 # eloop SIGALRM signal has been scheduled.
3846 f.write('if [ $2 = "WPS-SUCCESS" -a -r %s ]; then kill `cat %s`; sleep 1; fi\n' % (pidfile, pidfile))
3847
3848 os.chmod(actionfile, stat.S_IREAD | stat.S_IWRITE | stat.S_IEXEC |
3849 stat.S_IRGRP | stat.S_IXGRP | stat.S_IROTH | stat.S_IXOTH)
3850
3851 ssid = "test-wps-conf"
3852 hapd = hostapd.add_ap(apdev[0],
3853 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
3854 "wpa_passphrase": "12345678", "wpa": "2",
3855 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3856
3857 prg = os.path.join(test_params['logdir'],
3858 'alt-wpa_supplicant/wpa_supplicant/wpa_cli')
3859 if not os.path.exists(prg):
3860 prg = '../../wpa_supplicant/wpa_cli'
3861 arg = [ prg, '-P', pidfile, '-B', '-i', dev[0].ifname, '-a', actionfile ]
3862 subprocess.call(arg)
3863
3864 arg = [ 'ps', 'ax' ]
3865 cmd = subprocess.Popen(arg, stdout=subprocess.PIPE)
3866 out = cmd.communicate()[0]
3867 cmd.wait()
3868 logger.debug("Processes:\n" + out)
3869 if "wpa_cli -P %s -B -i %s" % (pidfile, dev[0].ifname) not in out:
3870 raise Exception("Did not see wpa_cli running")
3871
3872 hapd.request("WPS_PIN any 12345670")
3873 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
3874 dev[0].dump_monitor()
3875 dev[0].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
3876 dev[0].wait_connected(timeout=30)
3877
3878 for i in range(30):
3879 if not os.path.exists(pidfile):
3880 break
3881 time.sleep(0.1)
3882
3883 if not os.path.exists(logfile):
3884 raise Exception("wpa_cli action results file not found")
3885 with open(logfile, 'r') as f:
3886 res = f.read()
3887 if "WPS-SUCCESS" not in res:
3888 raise Exception("WPS-SUCCESS event not seen in action file")
3889
3890 arg = [ 'ps', 'ax' ]
3891 cmd = subprocess.Popen(arg, stdout=subprocess.PIPE)
3892 out = cmd.communicate()[0]
3893 cmd.wait()
3894 logger.debug("Remaining processes:\n" + out)
3895 if "wpa_cli -P %s -B -i %s" % (pidfile, dev[0].ifname) in out:
3896 raise Exception("wpa_cli still running")
3897
3898 if os.path.exists(pidfile):
3899 raise Exception("PID file not removed")
3900
3901 def test_ap_wps_er_ssdp_proto(dev, apdev):
3902 """WPS ER SSDP protocol testing"""
3903 try:
3904 _test_ap_wps_er_ssdp_proto(dev, apdev)
3905 finally:
3906 dev[0].request("WPS_ER_STOP")
3907
3908 def _test_ap_wps_er_ssdp_proto(dev, apdev):
3909 socket.setdefaulttimeout(1)
3910 sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
3911 sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
3912 sock.bind(("239.255.255.250", 1900))
3913 if "FAIL" not in dev[0].request("WPS_ER_START ifname=lo foo"):
3914 raise Exception("Invalid filter accepted")
3915 if "OK" not in dev[0].request("WPS_ER_START ifname=lo 1.2.3.4"):
3916 raise Exception("WPS_ER_START with filter failed")
3917 (msg,addr) = sock.recvfrom(1000)
3918 logger.debug("Received SSDP message from %s: %s" % (str(addr), msg))
3919 if "M-SEARCH" not in msg:
3920 raise Exception("Not an M-SEARCH")
3921 sock.sendto("FOO", addr)
3922 time.sleep(0.1)
3923 dev[0].request("WPS_ER_STOP")
3924
3925 dev[0].request("WPS_ER_START ifname=lo")
3926 (msg,addr) = sock.recvfrom(1000)
3927 logger.debug("Received SSDP message from %s: %s" % (str(addr), msg))
3928 if "M-SEARCH" not in msg:
3929 raise Exception("Not an M-SEARCH")
3930 sock.sendto("FOO", addr)
3931 sock.sendto("HTTP/1.1 200 OK\r\nFOO\r\n\r\n", addr)
3932 sock.sendto("HTTP/1.1 200 OK\r\nNTS:foo\r\n\r\n", addr)
3933 sock.sendto("HTTP/1.1 200 OK\r\nNTS:ssdp:byebye\r\n\r\n", addr)
3934 sock.sendto("HTTP/1.1 200 OK\r\ncache-control: foo=1\r\n\r\n", addr)
3935 sock.sendto("HTTP/1.1 200 OK\r\ncache-control: max-age=1\r\n\r\n", addr)
3936 sock.sendto("HTTP/1.1 200 OK\r\nusn:\r\n\r\n", addr)
3937 sock.sendto("HTTP/1.1 200 OK\r\nusn:foo\r\n\r\n", addr)
3938 sock.sendto("HTTP/1.1 200 OK\r\nusn: uuid:\r\n\r\n", addr)
3939 sock.sendto("HTTP/1.1 200 OK\r\nusn: uuid: \r\n\r\n", addr)
3940 sock.sendto("HTTP/1.1 200 OK\r\nusn: uuid: foo\r\n\r\n", addr)
3941 sock.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\n\r\n", addr)
3942 sock.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nNTS:ssdp:byebye\r\n\r\n", addr)
3943 sock.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\n\r\n", addr)
3944 with alloc_fail(dev[0], 1, "wps_er_ap_add"):
3945 sock.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr)
3946 time.sleep(0.1)
3947 with alloc_fail(dev[0], 2, "wps_er_ap_add"):
3948 sock.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr)
3949 time.sleep(0.1)
3950
3951 # Add an AP with bogus URL
3952 sock.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr)
3953 # Update timeout on AP without updating URL
3954 sock.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1:12345/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr)
3955 ev = dev[0].wait_event(["WPS-ER-AP-REMOVE"], timeout=5)
3956 if ev is None:
3957 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
3958
3959 # Add an AP with a valid URL (but no server listing to it)
3960 sock.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1:12345/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr)
3961 ev = dev[0].wait_event(["WPS-ER-AP-REMOVE"], timeout=5)
3962 if ev is None:
3963 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
3964
3965 sock.close()
3966
3967 wps_event_url = None
3968
3969 def gen_upnp_info(eventSubURL='wps_event', controlURL='wps_control',
3970 udn='uuid:27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'):
3971 payload = '''<?xml version="1.0"?>
3972 <root xmlns="urn:schemas-upnp-org:device-1-0">
3973 <specVersion>
3974 <major>1</major>
3975 <minor>0</minor>
3976 </specVersion>
3977 <device>
3978 <deviceType>urn:schemas-wifialliance-org:device:WFADevice:1</deviceType>
3979 <friendlyName>WPS Access Point</friendlyName>
3980 <manufacturer>Company</manufacturer>
3981 <modelName>WAP</modelName>
3982 <modelNumber>123</modelNumber>
3983 <serialNumber>12345</serialNumber>
3984 '''
3985 if udn:
3986 payload += '<UDN>' + udn + '</UDN>'
3987 payload += '''<serviceList>
3988 <service>
3989 <serviceType>urn:schemas-wifialliance-org:service:WFAWLANConfig:1</serviceType>
3990 <serviceId>urn:wifialliance-org:serviceId:WFAWLANConfig1</serviceId>
3991 <SCPDURL>wps_scpd.xml</SCPDURL>
3992 '''
3993 if controlURL:
3994 payload += '<controlURL>' + controlURL + '</controlURL>\n'
3995 if eventSubURL:
3996 payload += '<eventSubURL>' + eventSubURL + '</eventSubURL>\n'
3997 payload += '''</service>
3998 </serviceList>
3999 </device>
4000 </root>
4001 '''
4002 hdr = 'HTTP/1.1 200 OK\r\n' + \
4003 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4004 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4005 'Connection: close\r\n' + \
4006 'Content-Length: ' + str(len(payload)) + '\r\n' + \
4007 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4008 return hdr + payload
4009
4010 def gen_wps_control(payload_override=None):
4011 payload = '''<?xml version="1.0"?>
4012 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
4013 <s:Body>
4014 <u:GetDeviceInfoResponse xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
4015 <NewDeviceInfo>EEoAARAQIgABBBBHABAn6oAanlxOc72C+Jy80Q1+ECAABgIAAAADABAaABCJZ7DPtbU3Ust9
4016 Z3wJF07WEDIAwH45D3i1OqB7eJGwTzqeapS71h3KyXncK2xJZ+xqScrlorNEg6LijBJzG2Ca
4017 +FZli0iliDJd397yAx/jk4nFXco3q5ylBSvSw9dhJ5u1xBKSnTilKGlUHPhLP75PUqM3fot9
4018 7zwtFZ4bx6x1sBA6oEe2d0aUJmLumQGCiKEIWlnxs44zego/2tAe81bDzdPBM7o5HH/FUhD+
4019 KoGzFXp51atP+1n9Vta6AkI0Vye99JKLcC6Md9dMJltSVBgd4Xc4lRAEAAIAIxAQAAIADRAN
4020 AAEBEAgAAgAEEEQAAQIQIQAHQ29tcGFueRAjAANXQVAQJAADMTIzEEIABTEyMzQ1EFQACAAG
4021 AFDyBAABEBEAC1dpcmVsZXNzIEFQEDwAAQEQAgACAAAQEgACAAAQCQACAAAQLQAEgQIDABBJ
4022 AAYANyoAASA=
4023 </NewDeviceInfo>
4024 </u:GetDeviceInfoResponse>
4025 </s:Body>
4026 </s:Envelope>
4027 '''
4028 if payload_override:
4029 payload = payload_override
4030 hdr = 'HTTP/1.1 200 OK\r\n' + \
4031 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4032 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4033 'Connection: close\r\n' + \
4034 'Content-Length: ' + str(len(payload)) + '\r\n' + \
4035 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4036 return hdr + payload
4037
4038 def gen_wps_event(sid='uuid:7eb3342a-8a5f-47fe-a585-0785bfec6d8a'):
4039 payload = ""
4040 hdr = 'HTTP/1.1 200 OK\r\n' + \
4041 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4042 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4043 'Connection: close\r\n' + \
4044 'Content-Length: ' + str(len(payload)) + '\r\n'
4045 if sid:
4046 hdr += 'SID: ' + sid + '\r\n'
4047 hdr += 'Timeout: Second-1801\r\n' + \
4048 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4049 return hdr + payload
4050
4051 class WPSAPHTTPServer(SocketServer.StreamRequestHandler):
4052 def handle(self):
4053 data = self.rfile.readline().strip()
4054 logger.info("HTTP server received: " + data)
4055 while True:
4056 hdr = self.rfile.readline().strip()
4057 if len(hdr) == 0:
4058 break
4059 logger.info("HTTP header: " + hdr)
4060 if "CALLBACK:" in hdr:
4061 global wps_event_url
4062 wps_event_url = hdr.split(' ')[1].strip('<>')
4063
4064 if "GET /foo.xml" in data:
4065 self.handle_upnp_info()
4066 elif "POST /wps_control" in data:
4067 self.handle_wps_control()
4068 elif "SUBSCRIBE /wps_event" in data:
4069 self.handle_wps_event()
4070 else:
4071 self.handle_others(data)
4072
4073 def handle_upnp_info(self):
4074 self.wfile.write(gen_upnp_info())
4075
4076 def handle_wps_control(self):
4077 self.wfile.write(gen_wps_control())
4078
4079 def handle_wps_event(self):
4080 self.wfile.write(gen_wps_event())
4081
4082 def handle_others(self, data):
4083 logger.info("Ignore HTTP request: " + data)
4084
4085 class MyTCPServer(SocketServer.TCPServer):
4086 def __init__(self, addr, handler):
4087 self.allow_reuse_address = True
4088 SocketServer.TCPServer.__init__(self, addr, handler)
4089
4090 def wps_er_start(dev, http_server, max_age=1, wait_m_search=False,
4091 location_url=None):
4092 socket.setdefaulttimeout(1)
4093 sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
4094 sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
4095 sock.bind(("239.255.255.250", 1900))
4096 dev.request("WPS_ER_START ifname=lo")
4097 for i in range(100):
4098 (msg,addr) = sock.recvfrom(1000)
4099 logger.debug("Received SSDP message from %s: %s" % (str(addr), msg))
4100 if "M-SEARCH" in msg:
4101 break
4102 if not wait_m_search:
4103 raise Exception("Not an M-SEARCH")
4104 if i == 99:
4105 raise Exception("No M-SEARCH seen")
4106
4107 # Add an AP with a valid URL and server listing to it
4108 server = MyTCPServer(("127.0.0.1", 12345), http_server)
4109 if not location_url:
4110 location_url = 'http://127.0.0.1:12345/foo.xml'
4111 sock.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:%s\r\ncache-control:max-age=%d\r\n\r\n" % (location_url, max_age), addr)
4112 server.timeout = 1
4113 return server,sock
4114
4115 def wps_er_stop(dev, sock, server, on_alloc_fail=False):
4116 sock.close()
4117 server.server_close()
4118
4119 if on_alloc_fail:
4120 done = False
4121 for i in range(50):
4122 res = dev.request("GET_ALLOC_FAIL")
4123 if res.startswith("0:"):
4124 done = True
4125 break
4126 time.sleep(0.1)
4127 if not done:
4128 raise Exception("No allocation failure reported")
4129 else:
4130 ev = dev.wait_event(["WPS-ER-AP-REMOVE"], timeout=5)
4131 if ev is None:
4132 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
4133 dev.request("WPS_ER_STOP")
4134
4135 def run_wps_er_proto_test(dev, handler, no_event_url=False, location_url=None):
4136 try:
4137 uuid = '27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'
4138 server,sock = wps_er_start(dev, handler, location_url=location_url)
4139 global wps_event_url
4140 wps_event_url = None
4141 server.handle_request()
4142 server.handle_request()
4143 server.handle_request()
4144 server.server_close()
4145 if no_event_url:
4146 if wps_event_url:
4147 raise Exception("Received event URL unexpectedly")
4148 return
4149 if wps_event_url is None:
4150 raise Exception("Did not get event URL")
4151 logger.info("Event URL: " + wps_event_url)
4152 finally:
4153 dev.request("WPS_ER_STOP")
4154
4155 def send_wlanevent(url, uuid, data, no_response=False):
4156 conn = httplib.HTTPConnection(url.netloc)
4157 payload = '''<?xml version="1.0" encoding="utf-8"?>
4158 <e:propertyset xmlns:e="urn:schemas-upnp-org:event-1-0">
4159 <e:property><STAStatus>1</STAStatus></e:property>
4160 <e:property><APStatus>1</APStatus></e:property>
4161 <e:property><WLANEvent>'''
4162 payload += base64.b64encode(data)
4163 payload += '</WLANEvent></e:property></e:propertyset>'
4164 headers = { "Content-type": 'text/xml; charset="utf-8"',
4165 "Server": "Unspecified, UPnP/1.0, Unspecified",
4166 "HOST": url.netloc,
4167 "NT": "upnp:event",
4168 "SID": "uuid:" + uuid,
4169 "SEQ": "0",
4170 "Content-Length": str(len(payload)) }
4171 conn.request("NOTIFY", url.path, payload, headers)
4172 if no_response:
4173 try:
4174 conn.getresponse()
4175 except Exception, e:
4176 pass
4177 return
4178 resp = conn.getresponse()
4179 if resp.status != 200:
4180 raise Exception("Unexpected HTTP response: %d" % resp.status)
4181
4182 def test_ap_wps_er_http_proto(dev, apdev):
4183 """WPS ER HTTP protocol testing"""
4184 try:
4185 _test_ap_wps_er_http_proto(dev, apdev)
4186 finally:
4187 dev[0].request("WPS_ER_STOP")
4188
4189 def _test_ap_wps_er_http_proto(dev, apdev):
4190 uuid = '27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'
4191 server,sock = wps_er_start(dev[0], WPSAPHTTPServer, max_age=15)
4192 global wps_event_url
4193 wps_event_url = None
4194 server.handle_request()
4195 server.handle_request()
4196 server.handle_request()
4197 server.server_close()
4198 if wps_event_url is None:
4199 raise Exception("Did not get event URL")
4200 logger.info("Event URL: " + wps_event_url)
4201
4202 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=10)
4203 if ev is None:
4204 raise Exception("No WPS-ER-AP-ADD event")
4205 if uuid not in ev:
4206 raise Exception("UUID mismatch")
4207
4208 sock.close()
4209
4210 logger.info("Valid Probe Request notification")
4211 url = urlparse.urlparse(wps_event_url)
4212 conn = httplib.HTTPConnection(url.netloc)
4213 payload = '''<?xml version="1.0" encoding="utf-8"?>
4214 <e:propertyset xmlns:e="urn:schemas-upnp-org:event-1-0">
4215 <e:property><STAStatus>1</STAStatus></e:property>
4216 <e:property><APStatus>1</APStatus></e:property>
4217 <e:property><WLANEvent>ATAyOjAwOjAwOjAwOjAwOjAwEEoAARAQOgABAhAIAAIxSBBHABA2LbR7pTpRkYj7VFi5hrLk
4218 EFQACAAAAAAAAAAAEDwAAQMQAgACAAAQCQACAAAQEgACAAAQIQABIBAjAAEgECQAASAQEQAI
4219 RGV2aWNlIEEQSQAGADcqAAEg
4220 </WLANEvent></e:property>
4221 </e:propertyset>
4222 '''
4223 headers = { "Content-type": 'text/xml; charset="utf-8"',
4224 "Server": "Unspecified, UPnP/1.0, Unspecified",
4225 "HOST": url.netloc,
4226 "NT": "upnp:event",
4227 "SID": "uuid:" + uuid,
4228 "SEQ": "0",
4229 "Content-Length": str(len(payload)) }
4230 conn.request("NOTIFY", url.path, payload, headers)
4231 resp = conn.getresponse()
4232 if resp.status != 200:
4233 raise Exception("Unexpected HTTP response: %d" % resp.status)
4234
4235 ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=5)
4236 if ev is None:
4237 raise Exception("No WPS-ER-ENROLLEE-ADD event")
4238 if "362db47b-a53a-5191-88fb-5458b986b2e4" not in ev:
4239 raise Exception("No Enrollee UUID match")
4240
4241 logger.info("Incorrect event URL AP id")
4242 conn = httplib.HTTPConnection(url.netloc)
4243 conn.request("NOTIFY", url.path + '123', payload, headers)
4244 resp = conn.getresponse()
4245 if resp.status != 404:
4246 raise Exception("Unexpected HTTP response: %d" % resp.status)
4247
4248 logger.info("Missing AP id")
4249 conn = httplib.HTTPConnection(url.netloc)
4250 conn.request("NOTIFY", '/event/' + url.path.split('/')[2],
4251 payload, headers)
4252 time.sleep(0.1)
4253
4254 logger.info("Incorrect event URL event id")
4255 conn = httplib.HTTPConnection(url.netloc)
4256 conn.request("NOTIFY", '/event/123456789/123', payload, headers)
4257 time.sleep(0.1)
4258
4259 logger.info("Incorrect event URL prefix")
4260 conn = httplib.HTTPConnection(url.netloc)
4261 conn.request("NOTIFY", '/foobar/123456789/123', payload, headers)
4262 resp = conn.getresponse()
4263 if resp.status != 404:
4264 raise Exception("Unexpected HTTP response: %d" % resp.status)
4265
4266 logger.info("Unsupported request")
4267 conn = httplib.HTTPConnection(url.netloc)
4268 conn.request("FOOBAR", '/foobar/123456789/123', payload, headers)
4269 resp = conn.getresponse()
4270 if resp.status != 501:
4271 raise Exception("Unexpected HTTP response: %d" % resp.status)
4272
4273 logger.info("Unsupported request and OOM")
4274 with alloc_fail(dev[0], 1, "wps_er_http_req"):
4275 conn = httplib.HTTPConnection(url.netloc)
4276 conn.request("FOOBAR", '/foobar/123456789/123', payload, headers)
4277 time.sleep(0.5)
4278
4279 logger.info("Too short WLANEvent")
4280 data = '\x00'
4281 send_wlanevent(url, uuid, data)
4282
4283 logger.info("Invalid WLANEventMAC")
4284 data = '\x00qwertyuiopasdfghjklzxcvbnm'
4285 send_wlanevent(url, uuid, data)
4286
4287 logger.info("Unknown WLANEventType")
4288 data = '\xff02:00:00:00:00:00'
4289 send_wlanevent(url, uuid, data)
4290
4291 logger.info("Probe Request notification without any attributes")
4292 data = '\x0102:00:00:00:00:00'
4293 send_wlanevent(url, uuid, data)
4294
4295 logger.info("Probe Request notification with invalid attribute")
4296 data = '\x0102:00:00:00:00:00\xff'
4297 send_wlanevent(url, uuid, data)
4298
4299 logger.info("EAP message without any attributes")
4300 data = '\x0202:00:00:00:00:00'
4301 send_wlanevent(url, uuid, data)
4302
4303 logger.info("EAP message with invalid attribute")
4304 data = '\x0202:00:00:00:00:00\xff'
4305 send_wlanevent(url, uuid, data)
4306
4307 logger.info("EAP message from new STA and not M1")
4308 data = '\x0202:ff:ff:ff:ff:ff' + '\x10\x22\x00\x01\x05'
4309 send_wlanevent(url, uuid, data)
4310
4311 logger.info("EAP message: M1")
4312 data = '\x0202:00:00:00:00:00'
4313 data += '\x10\x22\x00\x01\x04'
4314 data += '\x10\x47\x00\x10' + 16*'\x00'
4315 data += '\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4316 data += '\x10\x1a\x00\x10' + 16*'\x00'
4317 data += '\x10\x32\x00\xc0' + 192*'\x00'
4318 data += '\x10\x04\x00\x02\x00\x00'
4319 data += '\x10\x10\x00\x02\x00\x00'
4320 data += '\x10\x0d\x00\x01\x00'
4321 data += '\x10\x08\x00\x02\x00\x00'
4322 data += '\x10\x44\x00\x01\x00'
4323 data += '\x10\x21\x00\x00'
4324 data += '\x10\x23\x00\x00'
4325 data += '\x10\x24\x00\x00'
4326 data += '\x10\x42\x00\x00'
4327 data += '\x10\x54\x00\x08' + 8*'\x00'
4328 data += '\x10\x11\x00\x00'
4329 data += '\x10\x3c\x00\x01\x00'
4330 data += '\x10\x02\x00\x02\x00\x00'
4331 data += '\x10\x12\x00\x02\x00\x00'
4332 data += '\x10\x09\x00\x02\x00\x00'
4333 data += '\x10\x2d\x00\x04\x00\x00\x00\x00'
4334 m1 = data
4335 send_wlanevent(url, uuid, data)
4336
4337 logger.info("EAP message: WSC_ACK")
4338 data = '\x0202:00:00:00:00:00' + '\x10\x22\x00\x01\x0d'
4339 send_wlanevent(url, uuid, data)
4340
4341 logger.info("EAP message: M1")
4342 send_wlanevent(url, uuid, m1)
4343
4344 logger.info("EAP message: WSC_NACK")
4345 data = '\x0202:00:00:00:00:00' + '\x10\x22\x00\x01\x0e'
4346 send_wlanevent(url, uuid, data)
4347
4348 logger.info("EAP message: M1 - Too long attribute values")
4349 data = '\x0202:00:00:00:00:00'
4350 data += '\x10\x11\x00\x21' + 33*'\x00'
4351 data += '\x10\x45\x00\x21' + 33*'\x00'
4352 data += '\x10\x42\x00\x21' + 33*'\x00'
4353 data += '\x10\x24\x00\x21' + 33*'\x00'
4354 data += '\x10\x23\x00\x21' + 33*'\x00'
4355 data += '\x10\x21\x00\x41' + 65*'\x00'
4356 data += '\x10\x49\x00\x09\x00\x37\x2a\x05\x02\x00\x00\x05\x00'
4357 send_wlanevent(url, uuid, data)
4358
4359 logger.info("EAP message: M1 missing UUID-E")
4360 data = '\x0202:00:00:00:00:00'
4361 data += '\x10\x22\x00\x01\x04'
4362 send_wlanevent(url, uuid, data)
4363
4364 logger.info("EAP message: M1 missing MAC Address")
4365 data += '\x10\x47\x00\x10' + 16*'\x00'
4366 send_wlanevent(url, uuid, data)
4367
4368 logger.info("EAP message: M1 missing Enrollee Nonce")
4369 data += '\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4370 send_wlanevent(url, uuid, data)
4371
4372 logger.info("EAP message: M1 missing Public Key")
4373 data += '\x10\x1a\x00\x10' + 16*'\x00'
4374 send_wlanevent(url, uuid, data)
4375
4376 logger.info("EAP message: M1 missing Authentication Type flags")
4377 data += '\x10\x32\x00\xc0' + 192*'\x00'
4378 send_wlanevent(url, uuid, data)
4379
4380 logger.info("EAP message: M1 missing Encryption Type Flags")
4381 data += '\x10\x04\x00\x02\x00\x00'
4382 send_wlanevent(url, uuid, data)
4383
4384 logger.info("EAP message: M1 missing Connection Type flags")
4385 data += '\x10\x10\x00\x02\x00\x00'
4386 send_wlanevent(url, uuid, data)
4387
4388 logger.info("EAP message: M1 missing Config Methods")
4389 data += '\x10\x0d\x00\x01\x00'
4390 send_wlanevent(url, uuid, data)
4391
4392 logger.info("EAP message: M1 missing Wi-Fi Protected Setup State")
4393 data += '\x10\x08\x00\x02\x00\x00'
4394 send_wlanevent(url, uuid, data)
4395
4396 logger.info("EAP message: M1 missing Manufacturer")
4397 data += '\x10\x44\x00\x01\x00'
4398 send_wlanevent(url, uuid, data)
4399
4400 logger.info("EAP message: M1 missing Model Name")
4401 data += '\x10\x21\x00\x00'
4402 send_wlanevent(url, uuid, data)
4403
4404 logger.info("EAP message: M1 missing Model Number")
4405 data += '\x10\x23\x00\x00'
4406 send_wlanevent(url, uuid, data)
4407
4408 logger.info("EAP message: M1 missing Serial Number")
4409 data += '\x10\x24\x00\x00'
4410 send_wlanevent(url, uuid, data)
4411
4412 logger.info("EAP message: M1 missing Primary Device Type")
4413 data += '\x10\x42\x00\x00'
4414 send_wlanevent(url, uuid, data)
4415
4416 logger.info("EAP message: M1 missing Device Name")
4417 data += '\x10\x54\x00\x08' + 8*'\x00'
4418 send_wlanevent(url, uuid, data)
4419
4420 logger.info("EAP message: M1 missing RF Bands")
4421 data += '\x10\x11\x00\x00'
4422 send_wlanevent(url, uuid, data)
4423
4424 logger.info("EAP message: M1 missing Association State")
4425 data += '\x10\x3c\x00\x01\x00'
4426 send_wlanevent(url, uuid, data)
4427
4428 logger.info("EAP message: M1 missing Device Password ID")
4429 data += '\x10\x02\x00\x02\x00\x00'
4430 send_wlanevent(url, uuid, data)
4431
4432 logger.info("EAP message: M1 missing Configuration Error")
4433 data += '\x10\x12\x00\x02\x00\x00'
4434 send_wlanevent(url, uuid, data)
4435
4436 logger.info("EAP message: M1 missing OS Version")
4437 data += '\x10\x09\x00\x02\x00\x00'
4438 send_wlanevent(url, uuid, data)
4439
4440 logger.info("Check max concurrent requests")
4441 addr = (url.hostname, url.port)
4442 socks = {}
4443 for i in range(20):
4444 socks[i] = socket.socket(socket.AF_INET, socket.SOCK_STREAM,
4445 socket.IPPROTO_TCP)
4446 socks[i].settimeout(10)
4447 socks[i].connect(addr)
4448 for i in range(20):
4449 socks[i].send("GET / HTTP/1.1\r\n\r\n")
4450 count = 0
4451 for i in range(20):
4452 try:
4453 res = socks[i].recv(100)
4454 if "HTTP/1" in res:
4455 count += 1
4456 else:
4457 logger.info("recv[%d]: len=%d" % (i, len(res)))
4458 except:
4459 pass
4460 socks[i].close()
4461 logger.info("%d concurrent HTTP GET operations returned response" % count)
4462 if count < 8:
4463 raise Exception("Too few concurrent HTTP connections accepted")
4464
4465 logger.info("OOM in HTTP server")
4466 for func in [ "http_request_init", "httpread_create",
4467 "eloop_register_timeout;httpread_create",
4468 "eloop_sock_table_add_sock;?eloop_register_sock;httpread_create",
4469 "httpread_hdr_analyze" ]:
4470 with alloc_fail(dev[0], 1, func):
4471 sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM,
4472 socket.IPPROTO_TCP)
4473 sock.connect(addr)
4474 sock.send("GET / HTTP/1.1\r\n\r\n")
4475 try:
4476 sock.recv(100)
4477 except:
4478 pass
4479 sock.close()
4480
4481 logger.info("Invalid HTTP header")
4482 for req in [ " GET / HTTP/1.1\r\n\r\n",
4483 "HTTP/1.1 200 OK\r\n\r\n",
4484 "HTTP/\r\n\r\n",
4485 "GET %%a%aa% HTTP/1.1\r\n\r\n",
4486 "GET / HTTP/1.1\r\n FOO\r\n\r\n",
4487 "NOTIFY / HTTP/1.1\r\n" + 4097*'a' + '\r\n\r\n',
4488 "NOTIFY / HTTP/1.1\r\n\r\n" + 8193*'a',
4489 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n foo\r\n",
4490 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n1\r\nfoo\r\n",
4491 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n0\r\n",
4492 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n0\r\naa\ra\r\n\ra" ]:
4493 sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM,
4494 socket.IPPROTO_TCP)
4495 sock.settimeout(0.1)
4496 sock.connect(addr)
4497 sock.send(req)
4498 try:
4499 sock.recv(100)
4500 except:
4501 pass
4502 sock.close()
4503
4504 with alloc_fail(dev[0], 2, "httpread_read_handler"):
4505 sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM,
4506 socket.IPPROTO_TCP)
4507 sock.connect(addr)
4508 sock.send("NOTIFY / HTTP/1.1\r\n\r\n" + 4500*'a')
4509 try:
4510 sock.recv(100)
4511 except:
4512 pass
4513 sock.close()
4514
4515 conn = httplib.HTTPConnection(url.netloc)
4516 payload = '<foo'
4517 headers = { "Content-type": 'text/xml; charset="utf-8"',
4518 "Server": "Unspecified, UPnP/1.0, Unspecified",
4519 "HOST": url.netloc,
4520 "NT": "upnp:event",
4521 "SID": "uuid:" + uuid,
4522 "SEQ": "0",
4523 "Content-Length": str(len(payload)) }
4524 conn.request("NOTIFY", url.path, payload, headers)
4525 resp = conn.getresponse()
4526 if resp.status != 200:
4527 raise Exception("Unexpected HTTP response: %d" % resp.status)
4528
4529 conn = httplib.HTTPConnection(url.netloc)
4530 payload = '<WLANEvent foo></WLANEvent>'
4531 headers = { "Content-type": 'text/xml; charset="utf-8"',
4532 "Server": "Unspecified, UPnP/1.0, Unspecified",
4533 "HOST": url.netloc,
4534 "NT": "upnp:event",
4535 "SID": "uuid:" + uuid,
4536 "SEQ": "0",
4537 "Content-Length": str(len(payload)) }
4538 conn.request("NOTIFY", url.path, payload, headers)
4539 resp = conn.getresponse()
4540 if resp.status != 200:
4541 raise Exception("Unexpected HTTP response: %d" % resp.status)
4542
4543 with alloc_fail(dev[0], 1, "xml_get_first_item"):
4544 send_wlanevent(url, uuid, '')
4545
4546 with alloc_fail(dev[0], 1, "wpabuf_alloc_ext_data;xml_get_base64_item"):
4547 send_wlanevent(url, uuid, 'foo')
4548
4549 for func in [ "wps_init",
4550 "wps_process_manufacturer",
4551 "wps_process_model_name",
4552 "wps_process_model_number",
4553 "wps_process_serial_number",
4554 "wps_process_dev_name" ]:
4555 with alloc_fail(dev[0], 1, func):
4556 send_wlanevent(url, uuid, m1)
4557
4558 with alloc_fail(dev[0], 1, "wps_er_http_resp_ok"):
4559 send_wlanevent(url, uuid, m1, no_response=True)
4560
4561 with alloc_fail(dev[0], 1, "wps_er_http_resp_not_found"):
4562 url2 = urlparse.urlparse(wps_event_url.replace('/event/', '/notfound/'))
4563 send_wlanevent(url2, uuid, m1, no_response=True)
4564
4565 logger.info("EAP message: M1")
4566 data = '\x0202:11:22:00:00:00'
4567 data += '\x10\x22\x00\x01\x04'
4568 data += '\x10\x47\x00\x10' + 16*'\x00'
4569 data += '\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4570 data += '\x10\x1a\x00\x10' + 16*'\x00'
4571 data += '\x10\x32\x00\xc0' + 192*'\x00'
4572 data += '\x10\x04\x00\x02\x00\x00'
4573 data += '\x10\x10\x00\x02\x00\x00'
4574 data += '\x10\x0d\x00\x01\x00'
4575 data += '\x10\x08\x00\x02\x00\x00'
4576 data += '\x10\x44\x00\x01\x00'
4577 data += '\x10\x21\x00\x00'
4578 data += '\x10\x23\x00\x00'
4579 data += '\x10\x24\x00\x00'
4580 data += '\x10\x42\x00\x00'
4581 data += '\x10\x54\x00\x08' + 8*'\x00'
4582 data += '\x10\x11\x00\x00'
4583 data += '\x10\x3c\x00\x01\x00'
4584 data += '\x10\x02\x00\x02\x00\x00'
4585 data += '\x10\x12\x00\x02\x00\x00'
4586 data += '\x10\x09\x00\x02\x00\x00'
4587 data += '\x10\x2d\x00\x04\x00\x00\x00\x00'
4588 dev[0].dump_monitor()
4589 with alloc_fail(dev[0], 1, "wps_er_add_sta_data"):
4590 send_wlanevent(url, uuid, data)
4591 ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=0.1)
4592 if ev is not None:
4593 raise Exception("Unexpected enrollee add event")
4594 send_wlanevent(url, uuid, data)
4595 ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=2)
4596 if ev is None:
4597 raise Exception("Enrollee add event not seen")
4598
4599 with alloc_fail(dev[0], 1,
4600 "base64_gen_encode;?base64_encode;wps_er_soap_hdr"):
4601 send_wlanevent(url, uuid, data)
4602
4603 with alloc_fail(dev[0], 1, "wpabuf_alloc;wps_er_soap_hdr"):
4604 send_wlanevent(url, uuid, data)
4605
4606 with alloc_fail(dev[0], 1, "http_client_url_parse;wps_er_sta_send_msg"):
4607 send_wlanevent(url, uuid, data)
4608
4609 with alloc_fail(dev[0], 1, "http_client_addr;wps_er_sta_send_msg"):
4610 send_wlanevent(url, uuid, data)
4611
4612 def test_ap_wps_er_http_proto_no_event_sub_url(dev, apdev):
4613 """WPS ER HTTP protocol testing - no eventSubURL"""
4614 class WPSAPHTTPServer_no_event_sub_url(WPSAPHTTPServer):
4615 def handle_upnp_info(self):
4616 self.wfile.write(gen_upnp_info(eventSubURL=None))
4617 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_no_event_sub_url,
4618 no_event_url=True)
4619
4620 def test_ap_wps_er_http_proto_event_sub_url_dns(dev, apdev):
4621 """WPS ER HTTP protocol testing - DNS name in eventSubURL"""
4622 class WPSAPHTTPServer_event_sub_url_dns(WPSAPHTTPServer):
4623 def handle_upnp_info(self):
4624 self.wfile.write(gen_upnp_info(eventSubURL='http://example.com/wps_event'))
4625 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_event_sub_url_dns,
4626 no_event_url=True)
4627
4628 def test_ap_wps_er_http_proto_subscribe_oom(dev, apdev):
4629 """WPS ER HTTP protocol testing - subscribe OOM"""
4630 try:
4631 _test_ap_wps_er_http_proto_subscribe_oom(dev, apdev)
4632 finally:
4633 dev[0].request("WPS_ER_STOP")
4634
4635 def _test_ap_wps_er_http_proto_subscribe_oom(dev, apdev):
4636 tests = [ (1, "http_client_url_parse"),
4637 (1, "wpabuf_alloc;wps_er_subscribe"),
4638 (1, "http_client_addr"),
4639 (1, "eloop_sock_table_add_sock;?eloop_register_sock;http_client_addr"),
4640 (1, "eloop_register_timeout;http_client_addr") ]
4641 for count,func in tests:
4642 with alloc_fail(dev[0], count, func):
4643 server,sock = wps_er_start(dev[0], WPSAPHTTPServer)
4644 server.handle_request()
4645 server.handle_request()
4646 wps_er_stop(dev[0], sock, server, on_alloc_fail=True)
4647
4648 def test_ap_wps_er_http_proto_no_sid(dev, apdev):
4649 """WPS ER HTTP protocol testing - no SID"""
4650 class WPSAPHTTPServer_no_sid(WPSAPHTTPServer):
4651 def handle_wps_event(self):
4652 self.wfile.write(gen_wps_event(sid=None))
4653 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_no_sid)
4654
4655 def test_ap_wps_er_http_proto_invalid_sid_no_uuid(dev, apdev):
4656 """WPS ER HTTP protocol testing - invalid SID - no UUID"""
4657 class WPSAPHTTPServer_invalid_sid_no_uuid(WPSAPHTTPServer):
4658 def handle_wps_event(self):
4659 self.wfile.write(gen_wps_event(sid='FOO'))
4660 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_invalid_sid_no_uuid)
4661
4662 def test_ap_wps_er_http_proto_invalid_sid_uuid(dev, apdev):
4663 """WPS ER HTTP protocol testing - invalid SID UUID"""
4664 class WPSAPHTTPServer_invalid_sid_uuid(WPSAPHTTPServer):
4665 def handle_wps_event(self):
4666 self.wfile.write(gen_wps_event(sid='uuid:FOO'))
4667 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_invalid_sid_uuid)
4668
4669 def test_ap_wps_er_http_proto_subscribe_failing(dev, apdev):
4670 """WPS ER HTTP protocol testing - SUBSCRIBE failing"""
4671 class WPSAPHTTPServer_fail_subscribe(WPSAPHTTPServer):
4672 def handle_wps_event(self):
4673 payload = ""
4674 hdr = 'HTTP/1.1 404 Not Found\r\n' + \
4675 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4676 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4677 'Connection: close\r\n' + \
4678 'Content-Length: ' + str(len(payload)) + '\r\n' + \
4679 'Timeout: Second-1801\r\n' + \
4680 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4681 self.wfile.write(hdr + payload)
4682 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_fail_subscribe)
4683
4684 def test_ap_wps_er_http_proto_subscribe_invalid_response(dev, apdev):
4685 """WPS ER HTTP protocol testing - SUBSCRIBE and invalid response"""
4686 class WPSAPHTTPServer_subscribe_invalid_response(WPSAPHTTPServer):
4687 def handle_wps_event(self):
4688 payload = ""
4689 hdr = 'HTTP/1.1 FOO\r\n' + \
4690 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4691 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4692 'Connection: close\r\n' + \
4693 'Content-Length: ' + str(len(payload)) + '\r\n' + \
4694 'Timeout: Second-1801\r\n' + \
4695 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4696 self.wfile.write(hdr + payload)
4697 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_subscribe_invalid_response)
4698
4699 def test_ap_wps_er_http_proto_subscribe_invalid_response(dev, apdev):
4700 """WPS ER HTTP protocol testing - SUBSCRIBE and invalid response"""
4701 class WPSAPHTTPServer_invalid_m1(WPSAPHTTPServer):
4702 def handle_wps_control(self):
4703 payload = '''<?xml version="1.0"?>
4704 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
4705 <s:Body>
4706 <u:GetDeviceInfoResponse xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
4707 <NewDeviceInfo>Rk9P</NewDeviceInfo>
4708 </u:GetDeviceInfoResponse>
4709 </s:Body>
4710 </s:Envelope>
4711 '''
4712 self.wfile.write(gen_wps_control(payload_override=payload))
4713 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_invalid_m1, no_event_url=True)
4714
4715 def test_ap_wps_er_http_proto_upnp_info_no_device(dev, apdev):
4716 """WPS ER HTTP protocol testing - No device in UPnP info"""
4717 class WPSAPHTTPServer_no_device(WPSAPHTTPServer):
4718 def handle_upnp_info(self):
4719 payload = '''<?xml version="1.0"?>
4720 <root xmlns="urn:schemas-upnp-org:device-1-0">
4721 <specVersion>
4722 <major>1</major>
4723 <minor>0</minor>
4724 </specVersion>
4725 </root>
4726 '''
4727 hdr = 'HTTP/1.1 200 OK\r\n' + \
4728 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4729 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4730 'Connection: close\r\n' + \
4731 'Content-Length: ' + str(len(payload)) + '\r\n' + \
4732 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4733 self.wfile.write(hdr + payload)
4734 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_no_device, no_event_url=True)
4735
4736 def test_ap_wps_er_http_proto_upnp_info_no_device_type(dev, apdev):
4737 """WPS ER HTTP protocol testing - No deviceType in UPnP info"""
4738 class WPSAPHTTPServer_no_device(WPSAPHTTPServer):
4739 def handle_upnp_info(self):
4740 payload = '''<?xml version="1.0"?>
4741 <root xmlns="urn:schemas-upnp-org:device-1-0">
4742 <specVersion>
4743 <major>1</major>
4744 <minor>0</minor>
4745 </specVersion>
4746 <device>
4747 </device>
4748 </root>
4749 '''
4750 hdr = 'HTTP/1.1 200 OK\r\n' + \
4751 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4752 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4753 'Connection: close\r\n' + \
4754 'Content-Length: ' + str(len(payload)) + '\r\n' + \
4755 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4756 self.wfile.write(hdr + payload)
4757 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_no_device, no_event_url=True)
4758
4759 def test_ap_wps_er_http_proto_upnp_info_invalid_udn_uuid(dev, apdev):
4760 """WPS ER HTTP protocol testing - Invalid UDN UUID"""
4761 class WPSAPHTTPServer_invalid_udn_uuid(WPSAPHTTPServer):
4762 def handle_upnp_info(self):
4763 self.wfile.write(gen_upnp_info(udn='uuid:foo'))
4764 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_invalid_udn_uuid)
4765
4766 def test_ap_wps_er_http_proto_no_control_url(dev, apdev):
4767 """WPS ER HTTP protocol testing - no controlURL"""
4768 class WPSAPHTTPServer_no_control_url(WPSAPHTTPServer):
4769 def handle_upnp_info(self):
4770 self.wfile.write(gen_upnp_info(controlURL=None))
4771 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_no_control_url,
4772 no_event_url=True)
4773
4774 def test_ap_wps_er_http_proto_control_url_dns(dev, apdev):
4775 """WPS ER HTTP protocol testing - DNS name in controlURL"""
4776 class WPSAPHTTPServer_control_url_dns(WPSAPHTTPServer):
4777 def handle_upnp_info(self):
4778 self.wfile.write(gen_upnp_info(controlURL='http://example.com/wps_control'))
4779 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_control_url_dns,
4780 no_event_url=True)
4781
4782 def test_ap_wps_http_timeout(dev, apdev):
4783 """WPS AP/ER and HTTP timeout"""
4784 try:
4785 _test_ap_wps_http_timeout(dev, apdev)
4786 finally:
4787 dev[0].request("WPS_ER_STOP")
4788
4789 def _test_ap_wps_http_timeout(dev, apdev):
4790 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
4791 add_ssdp_ap(apdev[0], ap_uuid)
4792
4793 location = ssdp_get_location(ap_uuid)
4794 url = urlparse.urlparse(location)
4795 addr = (url.hostname, url.port)
4796 logger.debug("Open HTTP connection to hostapd, but do not complete request")
4797 sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM,
4798 socket.IPPROTO_TCP)
4799 sock.connect(addr)
4800 sock.send("G")
4801
4802 class DummyServer(SocketServer.StreamRequestHandler):
4803 def handle(self):
4804 logger.debug("DummyServer - start 31 sec wait")
4805 time.sleep(31)
4806 logger.debug("DummyServer - wait done")
4807
4808 logger.debug("Start WPS ER")
4809 server,sock2 = wps_er_start(dev[0], DummyServer, max_age=40,
4810 wait_m_search=True)
4811
4812 logger.debug("Start server to accept, but not complete, HTTP connection from WPS ER")
4813 # This will wait for 31 seconds..
4814 server.handle_request()
4815
4816 logger.debug("Complete HTTP connection with hostapd (that should have already closed the connection)")
4817 try:
4818 sock.send("ET / HTTP/1.1\r\n\r\n")
4819 res = sock.recv(100)
4820 sock.close()
4821 except:
4822 pass
4823
4824 def test_ap_wps_er_url_parse(dev, apdev):
4825 """WPS ER and URL parsing special cases"""
4826 try:
4827 _test_ap_wps_er_url_parse(dev, apdev)
4828 finally:
4829 dev[0].request("WPS_ER_STOP")
4830
4831 def _test_ap_wps_er_url_parse(dev, apdev):
4832 sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
4833 sock.settimeout(1)
4834 sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
4835 sock.bind(("239.255.255.250", 1900))
4836 dev[0].request("WPS_ER_START ifname=lo")
4837 (msg,addr) = sock.recvfrom(1000)
4838 logger.debug("Received SSDP message from %s: %s" % (str(addr), msg))
4839 if "M-SEARCH" not in msg:
4840 raise Exception("Not an M-SEARCH")
4841 sock.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1\r\ncache-control:max-age=1\r\n\r\n", addr)
4842 ev = dev[0].wait_event(["WPS-ER-AP-REMOVE"], timeout=2)
4843 sock.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1/:foo\r\ncache-control:max-age=1\r\n\r\n", addr)
4844 ev = dev[0].wait_event(["WPS-ER-AP-REMOVE"], timeout=2)
4845 sock.sendto("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://255.255.255.255:0/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr)
4846 ev = dev[0].wait_event(["WPS-ER-AP-REMOVE"], timeout=2)
4847
4848 sock.close()
4849
4850 def test_ap_wps_er_link_update(dev, apdev):
4851 """WPS ER and link update special cases"""
4852 class WPSAPHTTPServer_link_update(WPSAPHTTPServer):
4853 def handle_upnp_info(self):
4854 self.wfile.write(gen_upnp_info(controlURL='/wps_control'))
4855 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_link_update)
4856
4857 class WPSAPHTTPServer_link_update2(WPSAPHTTPServer):
4858 def handle_others(self, data):
4859 if "GET / " in data:
4860 self.wfile.write(gen_upnp_info(controlURL='/wps_control'))
4861 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_link_update2,
4862 location_url='http://127.0.0.1:12345')
4863
4864 def test_ap_wps_er_http_client(dev, apdev):
4865 """WPS ER and HTTP client special cases"""
4866 with alloc_fail(dev[0], 1, "http_link_update"):
4867 run_wps_er_proto_test(dev[0], WPSAPHTTPServer)
4868
4869 with alloc_fail(dev[0], 1, "wpabuf_alloc;http_client_url"):
4870 run_wps_er_proto_test(dev[0], WPSAPHTTPServer, no_event_url=True)
4871
4872 with alloc_fail(dev[0], 1, "httpread_create;http_client_tx_ready"):
4873 run_wps_er_proto_test(dev[0], WPSAPHTTPServer, no_event_url=True)
4874
4875 class WPSAPHTTPServer_req_as_resp(WPSAPHTTPServer):
4876 def handle_upnp_info(self):
4877 self.wfile.write("GET / HTTP/1.1\r\n\r\n")
4878 run_wps_er_proto_test(dev[0], WPSAPHTTPServer_req_as_resp,
4879 no_event_url=True)
4880
4881 def test_ap_wps_init_oom(dev, apdev):
4882 """wps_init OOM cases"""
4883 ssid = "test-wps"
4884 appin = "12345670"
4885 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
4886 "ap_pin": appin }
4887 hapd = hostapd.add_ap(apdev[0], params)
4888 pin = dev[0].wps_read_pin()
4889
4890 with alloc_fail(hapd, 1, "wps_init"):
4891 hapd.request("WPS_PIN any " + pin)
4892 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
4893 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
4894 ev = hapd.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=10)
4895 if ev is None:
4896 raise Exception("No EAP failure reported")
4897 dev[0].request("WPS_CANCEL")
4898
4899 with alloc_fail(dev[0], 2, "wps_init"):
4900 hapd.request("WPS_PIN any " + pin)
4901 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
4902 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
4903 ev = hapd.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=10)
4904 if ev is None:
4905 raise Exception("No EAP failure reported")
4906 dev[0].request("WPS_CANCEL")
4907
4908 with alloc_fail(dev[0], 2, "wps_init"):
4909 hapd.request("WPS_PBC")
4910 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
4911 dev[0].request("WPS_PBC %s" % (apdev[0]['bssid']))
4912 ev = hapd.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=10)
4913 if ev is None:
4914 raise Exception("No EAP failure reported")
4915 dev[0].request("WPS_CANCEL")
4916
4917 dev[0].dump_monitor()
4918 new_ssid = "wps-new-ssid"
4919 new_passphrase = "1234567890"
4920 with alloc_fail(dev[0], 3, "wps_init"):
4921 dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPA2PSK", "CCMP",
4922 new_passphrase, no_wait=True)
4923 ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=10)
4924 if ev is None:
4925 raise Exception("No EAP failure reported")
4926
4927 dev[0].flush_scan_cache()
4928
4929 @remote_compatible
4930 def test_ap_wps_invalid_assoc_req_elem(dev, apdev):
4931 """WPS and invalid IE in Association Request frame"""
4932 ssid = "test-wps"
4933 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2" }
4934 hapd = hostapd.add_ap(apdev[0], params)
4935 pin = "12345670"
4936 hapd.request("WPS_PIN any " + pin)
4937 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
4938 try:
4939 dev[0].request("VENDOR_ELEM_ADD 13 dd050050f20410")
4940 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
4941 for i in range(5):
4942 ev = hapd.wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout=10)
4943 if ev and "vendor=14122" in ev:
4944 break
4945 if ev is None or "vendor=14122" not in ev:
4946 raise Exception("EAP-WSC not started")
4947 dev[0].request("WPS_CANCEL")
4948 finally:
4949 dev[0].request("VENDOR_ELEM_REMOVE 13 *")
4950
4951 def test_ap_wps_pbc_pin_mismatch(dev, apdev):
4952 """WPS PBC/PIN mismatch"""
4953 ssid = "test-wps"
4954 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2" }
4955 hapd = hostapd.add_ap(apdev[0], params)
4956 hapd.request("SET wps_version_number 0x10")
4957 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
4958 hapd.request("WPS_PBC")
4959 pin = dev[0].wps_read_pin()
4960 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
4961 ev = dev[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
4962 if ev is None:
4963 raise Exception("Scan did not complete")
4964 dev[0].request("WPS_CANCEL")
4965
4966 hapd.request("WPS_CANCEL")
4967 dev[0].flush_scan_cache()
4968
4969 @remote_compatible
4970 def test_ap_wps_ie_invalid(dev, apdev):
4971 """WPS PIN attempt with AP that has invalid WSC IE"""
4972 ssid = "test-wps"
4973 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
4974 "vendor_elements": "dd050050f20410" }
4975 hapd = hostapd.add_ap(apdev[0], params)
4976 params = { 'ssid': "another", "vendor_elements": "dd050050f20410" }
4977 hostapd.add_ap(apdev[1], params)
4978 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
4979 pin = dev[0].wps_read_pin()
4980 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
4981 ev = dev[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
4982 if ev is None:
4983 raise Exception("Scan did not complete")
4984 dev[0].request("WPS_CANCEL")
4985
4986 @remote_compatible
4987 def test_ap_wps_scan_prio_order(dev, apdev):
4988 """WPS scan priority ordering"""
4989 ssid = "test-wps"
4990 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2" }
4991 hapd = hostapd.add_ap(apdev[0], params)
4992 params = { 'ssid': "another", "vendor_elements": "dd050050f20410" }
4993 hostapd.add_ap(apdev[1], params)
4994 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
4995 dev[0].scan_for_bss(apdev[1]['bssid'], freq="2412")
4996 pin = dev[0].wps_read_pin()
4997 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
4998 ev = dev[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
4999 if ev is None:
5000 raise Exception("Scan did not complete")
5001 dev[0].request("WPS_CANCEL")
5002
5003 def test_ap_wps_probe_req_ie_oom(dev, apdev):
5004 """WPS ProbeReq IE OOM"""
5005 ssid = "test-wps"
5006 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2" }
5007 hapd = hostapd.add_ap(apdev[0], params)
5008 pin = dev[0].wps_read_pin()
5009 hapd.request("WPS_PIN any " + pin)
5010 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
5011 with alloc_fail(dev[0], 1, "wps_build_probe_req_ie"):
5012 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
5013 ev = hapd.wait_event(["AP-STA-CONNECTED"], timeout=10)
5014 if ev is None:
5015 raise Exception("Association not seen")
5016 dev[0].request("WPS_CANCEL")
5017 dev[0].wait_disconnected()
5018
5019 with alloc_fail(dev[0], 1, "wps_ie_encapsulate"):
5020 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
5021 ev = hapd.wait_event(["AP-STA-CONNECTED"], timeout=10)
5022 if ev is None:
5023 raise Exception("Association not seen")
5024 dev[0].request("WPS_CANCEL")
5025 hapd.disable()
5026 dev[0].request("REMOVE_NETWORK all")
5027 dev[0].wait_disconnected()
5028 time.sleep(0.2)
5029 dev[0].flush_scan_cache()
5030
5031 def test_ap_wps_assoc_req_ie_oom(dev, apdev):
5032 """WPS AssocReq IE OOM"""
5033 ssid = "test-wps"
5034 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2" }
5035 hapd = hostapd.add_ap(apdev[0], params)
5036 pin = dev[0].wps_read_pin()
5037 hapd.request("WPS_PIN any " + pin)
5038 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
5039 with alloc_fail(dev[0], 1, "wps_build_assoc_req_ie"):
5040 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
5041 ev = hapd.wait_event(["AP-STA-CONNECTED"], timeout=10)
5042 if ev is None:
5043 raise Exception("Association not seen")
5044 dev[0].request("WPS_CANCEL")
5045
5046 def test_ap_wps_assoc_resp_ie_oom(dev, apdev):
5047 """WPS AssocResp IE OOM"""
5048 ssid = "test-wps"
5049 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2" }
5050 hapd = hostapd.add_ap(apdev[0], params)
5051 pin = dev[0].wps_read_pin()
5052 hapd.request("WPS_PIN any " + pin)
5053 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
5054 with alloc_fail(hapd, 1, "wps_build_assoc_resp_ie"):
5055 dev[0].request("WPS_PIN %s %s" % (apdev[0]['bssid'], pin))
5056 ev = hapd.wait_event(["AP-STA-CONNECTED"], timeout=10)
5057 if ev is None:
5058 raise Exception("Association not seen")
5059 dev[0].request("WPS_CANCEL")
5060
5061 @remote_compatible
5062 def test_ap_wps_bss_info_errors(dev, apdev):
5063 """WPS BSS info errors"""
5064 params = { "ssid": "1",
5065 "vendor_elements": "dd0e0050f20410440001ff101100010a" }
5066 hostapd.add_ap(apdev[0], params)
5067 params = { 'ssid': "2", "vendor_elements": "dd050050f20410" }
5068 hostapd.add_ap(apdev[1], params)
5069 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
5070 dev[0].scan_for_bss(apdev[1]['bssid'], freq="2412")
5071 bss = dev[0].get_bss(apdev[0]['bssid'])
5072 logger.info("BSS: " + str(bss))
5073 if "wps_state" in bss:
5074 raise Exception("Unexpected wps_state in BSS info")
5075 if 'wps_device_name' not in bss:
5076 raise Exception("No wps_device_name in BSS info")
5077 if bss['wps_device_name'] != '_':
5078 raise Exception("Unexpected wps_device_name value")
5079 bss = dev[0].get_bss(apdev[1]['bssid'])
5080 logger.info("BSS: " + str(bss))
5081
5082 with alloc_fail(dev[0], 1, "=wps_attr_text"):
5083 bss = dev[0].get_bss(apdev[0]['bssid'])
5084 logger.info("BSS(OOM): " + str(bss))
5085
5086 def wps_run_pbc_fail_ap(apdev, dev, hapd):
5087 hapd.request("WPS_PBC")
5088 dev.scan_for_bss(apdev['bssid'], freq="2412")
5089 dev.request("WPS_PBC " + apdev['bssid'])
5090 ev = dev.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=10)
5091 if ev is None:
5092 raise Exception("No EAP failure reported")
5093 dev.request("WPS_CANCEL")
5094 dev.wait_disconnected()
5095 for i in range(5):
5096 try:
5097 dev.flush_scan_cache()
5098 break
5099 except Exception, e:
5100 if str(e).startswith("Failed to trigger scan"):
5101 # Try again
5102 time.sleep(1)
5103 else:
5104 raise
5105
5106 def wps_run_pbc_fail(apdev, dev):
5107 hapd = wps_start_ap(apdev)
5108 wps_run_pbc_fail_ap(apdev, dev, hapd)
5109
5110 @remote_compatible
5111 def test_ap_wps_pk_oom(dev, apdev):
5112 """WPS and public key OOM"""
5113 with alloc_fail(dev[0], 1, "wps_build_public_key"):
5114 wps_run_pbc_fail(apdev[0], dev[0])
5115
5116 @remote_compatible
5117 def test_ap_wps_pk_oom_ap(dev, apdev):
5118 """WPS and public key OOM on AP"""
5119 hapd = wps_start_ap(apdev[0])
5120 with alloc_fail(hapd, 1, "wps_build_public_key"):
5121 wps_run_pbc_fail_ap(apdev[0], dev[0], hapd)
5122
5123 @remote_compatible
5124 def test_ap_wps_encr_oom_ap(dev, apdev):
5125 """WPS and encrypted settings decryption OOM on AP"""
5126 hapd = wps_start_ap(apdev[0])
5127 pin = dev[0].wps_read_pin()
5128 hapd.request("WPS_PIN any " + pin)
5129 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
5130 with alloc_fail(hapd, 1, "wps_decrypt_encr_settings"):
5131 dev[0].request("WPS_PIN " + apdev[0]['bssid'] + " " + pin)
5132 ev = hapd.wait_event(["WPS-FAIL"], timeout=10)
5133 if ev is None:
5134 raise Exception("No WPS-FAIL reported")
5135 dev[0].request("WPS_CANCEL")
5136 dev[0].wait_disconnected()
5137
5138 @remote_compatible
5139 def test_ap_wps_encr_no_random_ap(dev, apdev):
5140 """WPS and no random data available for encryption on AP"""
5141 hapd = wps_start_ap(apdev[0])
5142 with fail_test(hapd, 1, "os_get_random;wps_build_encr_settings"):
5143 wps_run_pbc_fail_ap(apdev[0], dev[0], hapd)
5144
5145 @remote_compatible
5146 def test_ap_wps_e_hash_no_random_sta(dev, apdev):
5147 """WPS and no random data available for e-hash on STA"""
5148 with fail_test(dev[0], 1, "os_get_random;wps_build_e_hash"):
5149 wps_run_pbc_fail(apdev[0], dev[0])
5150
5151 @remote_compatible
5152 def test_ap_wps_m1_no_random(dev, apdev):
5153 """WPS and no random for M1 on STA"""
5154 with fail_test(dev[0], 1, "os_get_random;wps_build_m1"):
5155 wps_run_pbc_fail(apdev[0], dev[0])
5156
5157 @remote_compatible
5158 def test_ap_wps_m1_oom(dev, apdev):
5159 """WPS and OOM for M1 on STA"""
5160 with alloc_fail(dev[0], 1, "wps_build_m1"):
5161 wps_run_pbc_fail(apdev[0], dev[0])
5162
5163 @remote_compatible
5164 def test_ap_wps_m3_oom(dev, apdev):
5165 """WPS and OOM for M3 on STA"""
5166 with alloc_fail(dev[0], 1, "wps_build_m3"):
5167 wps_run_pbc_fail(apdev[0], dev[0])
5168
5169 @remote_compatible
5170 def test_ap_wps_m5_oom(dev, apdev):
5171 """WPS and OOM for M5 on STA"""
5172 hapd = wps_start_ap(apdev[0])
5173 hapd.request("WPS_PBC")
5174 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
5175 for i in range(1, 3):
5176 with alloc_fail(dev[0], i, "wps_build_m5"):
5177 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
5178 ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=10)
5179 if ev is None:
5180 raise Exception("No EAP failure reported")
5181 dev[0].request("WPS_CANCEL")
5182 dev[0].wait_disconnected()
5183 dev[0].flush_scan_cache()
5184
5185 @remote_compatible
5186 def test_ap_wps_m5_no_random(dev, apdev):
5187 """WPS and no random for M5 on STA"""
5188 with fail_test(dev[0], 1,
5189 "os_get_random;wps_build_encr_settings;wps_build_m5"):
5190 wps_run_pbc_fail(apdev[0], dev[0])
5191
5192 @remote_compatible
5193 def test_ap_wps_m7_oom(dev, apdev):
5194 """WPS and OOM for M7 on STA"""
5195 hapd = wps_start_ap(apdev[0])
5196 hapd.request("WPS_PBC")
5197 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
5198 for i in range(1, 3):
5199 with alloc_fail(dev[0], i, "wps_build_m7"):
5200 dev[0].request("WPS_PBC " + apdev[0]['bssid'])
5201 ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=10)
5202 if ev is None:
5203 raise Exception("No EAP failure reported")
5204 dev[0].request("WPS_CANCEL")
5205 dev[0].wait_disconnected()
5206 dev[0].flush_scan_cache()
5207
5208 @remote_compatible
5209 def test_ap_wps_m7_no_random(dev, apdev):
5210 """WPS and no random for M7 on STA"""
5211 with fail_test(dev[0], 1,
5212 "os_get_random;wps_build_encr_settings;wps_build_m7"):
5213 wps_run_pbc_fail(apdev[0], dev[0])
5214
5215 @remote_compatible
5216 def test_ap_wps_wsc_done_oom(dev, apdev):
5217 """WPS and OOM for WSC_Done on STA"""
5218 with alloc_fail(dev[0], 1, "wps_build_wsc_done"):
5219 wps_run_pbc_fail(apdev[0], dev[0])
5220
5221 def test_ap_wps_random_psk_fail(dev, apdev):
5222 """WPS and no random for PSK on AP"""
5223 ssid = "test-wps"
5224 pskfile = "/tmp/ap_wps_per_enrollee_psk.psk_file"
5225 appin = "12345670"
5226 try:
5227 os.remove(pskfile)
5228 except:
5229 pass
5230
5231 try:
5232 with open(pskfile, "w") as f:
5233 f.write("# WPA PSKs\n")
5234
5235 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
5236 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
5237 "rsn_pairwise": "CCMP", "ap_pin": appin,
5238 "wpa_psk_file": pskfile }
5239 hapd = hostapd.add_ap(apdev[0], params)
5240
5241 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
5242 with fail_test(hapd, 1, "os_get_random;wps_build_cred_network_key"):
5243 dev[0].request("WPS_REG " + apdev[0]['bssid'] + " " + appin)
5244 ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=10)
5245 if ev is None:
5246 raise Exception("No EAP failure reported")
5247 dev[0].request("WPS_CANCEL")
5248 dev[0].wait_disconnected()
5249
5250 with fail_test(hapd, 1, "os_get_random;wps_build_cred"):
5251 wps_run_pbc_fail_ap(apdev[0], dev[0], hapd)
5252
5253 with alloc_fail(hapd, 1, "wps_build_cred"):
5254 wps_run_pbc_fail_ap(apdev[0], dev[0], hapd)
5255
5256 with alloc_fail(hapd, 2, "wps_build_cred"):
5257 wps_run_pbc_fail_ap(apdev[0], dev[0], hapd)
5258 finally:
5259 os.remove(pskfile)
5260
5261 def wps_ext_eap_identity_req(dev, hapd, bssid):
5262 logger.debug("EAP-Identity/Request")
5263 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5264 if ev is None:
5265 raise Exception("Timeout on EAPOL-TX from hostapd")
5266 res = dev.request("EAPOL_RX " + bssid + " " + ev.split(' ')[2])
5267 if "OK" not in res:
5268 raise Exception("EAPOL_RX to wpa_supplicant failed")
5269
5270 def wps_ext_eap_identity_resp(hapd, dev, addr):
5271 ev = dev.wait_event(["EAPOL-TX"], timeout=10)
5272 if ev is None:
5273 raise Exception("Timeout on EAPOL-TX from wpa_supplicant")
5274 res = hapd.request("EAPOL_RX " + addr + " " + ev.split(' ')[2])
5275 if "OK" not in res:
5276 raise Exception("EAPOL_RX to hostapd failed")
5277
5278 def wps_ext_eap_wsc(dst, src, src_addr, msg):
5279 logger.debug(msg)
5280 ev = src.wait_event(["EAPOL-TX"], timeout=10)
5281 if ev is None:
5282 raise Exception("Timeout on EAPOL-TX")
5283 res = dst.request("EAPOL_RX " + src_addr + " " + ev.split(' ')[2])
5284 if "OK" not in res:
5285 raise Exception("EAPOL_RX failed")
5286
5287 def wps_start_ext(apdev, dev, pbc=False, pin=None):
5288 addr = dev.own_addr()
5289 bssid = apdev['bssid']
5290 ssid = "test-wps-conf"
5291 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
5292 "wpa_passphrase": "12345678", "wpa": "2",
5293 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
5294 hapd = hostapd.add_ap(apdev, params)
5295
5296 if pbc:
5297 hapd.request("WPS_PBC")
5298 else:
5299 if pin is None:
5300 pin = dev.wps_read_pin()
5301 hapd.request("WPS_PIN any " + pin)
5302 dev.scan_for_bss(bssid, freq="2412")
5303 hapd.request("SET ext_eapol_frame_io 1")
5304 dev.request("SET ext_eapol_frame_io 1")
5305
5306 if pbc:
5307 dev.request("WPS_PBC " + bssid)
5308 else:
5309 dev.request("WPS_PIN " + bssid + " " + pin)
5310 return addr,bssid,hapd
5311
5312 def wps_auth_corrupt(dst, src, addr):
5313 ev = src.wait_event(["EAPOL-TX"], timeout=10)
5314 if ev is None:
5315 raise Exception("Timeout on EAPOL-TX")
5316 src.request("SET ext_eapol_frame_io 0")
5317 dst.request("SET ext_eapol_frame_io 0")
5318 msg = ev.split(' ')[2]
5319 if msg[-24:-16] != '10050008':
5320 raise Exception("Could not find Authenticator attribute")
5321 # Corrupt Authenticator value
5322 msg = msg[:-1] + '%x' % ((int(msg[-1], 16) + 1) % 16)
5323 res = dst.request("EAPOL_RX " + addr + " " + msg)
5324 if "OK" not in res:
5325 raise Exception("EAPOL_RX failed")
5326
5327 def wps_fail_finish(hapd, dev, fail_str):
5328 ev = hapd.wait_event(["WPS-FAIL"], timeout=5)
5329 if ev is None:
5330 raise Exception("WPS-FAIL not indicated")
5331 if fail_str not in ev:
5332 raise Exception("Unexpected WPS-FAIL value: " + ev)
5333 dev.request("WPS_CANCEL")
5334 dev.wait_disconnected()
5335
5336 def wps_auth_corrupt_from_ap(dev, hapd, bssid, fail_str):
5337 wps_auth_corrupt(dev, hapd, bssid)
5338 wps_fail_finish(hapd, dev, fail_str)
5339
5340 def wps_auth_corrupt_to_ap(dev, hapd, addr, fail_str):
5341 wps_auth_corrupt(hapd, dev, addr)
5342 wps_fail_finish(hapd, dev, fail_str)
5343
5344 def test_ap_wps_authenticator_mismatch_m2(dev, apdev):
5345 """WPS and Authenticator attribute mismatch in M2"""
5346 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0])
5347 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5348 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5349 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5350 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5351 logger.debug("M2")
5352 wps_auth_corrupt_from_ap(dev[0], hapd, bssid, "msg=5")
5353
5354 def test_ap_wps_authenticator_mismatch_m3(dev, apdev):
5355 """WPS and Authenticator attribute mismatch in M3"""
5356 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0])
5357 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5358 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5359 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5360 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5361 wps_ext_eap_wsc(dev[0], hapd, bssid, "M2")
5362 logger.debug("M3")
5363 wps_auth_corrupt_to_ap(dev[0], hapd, addr, "msg=7")
5364
5365 def test_ap_wps_authenticator_mismatch_m4(dev, apdev):
5366 """WPS and Authenticator attribute mismatch in M4"""
5367 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0])
5368 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5369 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5370 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5371 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5372 wps_ext_eap_wsc(dev[0], hapd, bssid, "M2")
5373 wps_ext_eap_wsc(hapd, dev[0], addr, "M3")
5374 logger.debug("M4")
5375 wps_auth_corrupt_from_ap(dev[0], hapd, bssid, "msg=8")
5376
5377 def test_ap_wps_authenticator_mismatch_m5(dev, apdev):
5378 """WPS and Authenticator attribute mismatch in M5"""
5379 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0])
5380 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5381 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5382 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5383 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5384 wps_ext_eap_wsc(dev[0], hapd, bssid, "M2")
5385 wps_ext_eap_wsc(hapd, dev[0], addr, "M3")
5386 wps_ext_eap_wsc(dev[0], hapd, bssid, "M4")
5387 logger.debug("M5")
5388 wps_auth_corrupt_to_ap(dev[0], hapd, addr, "msg=9")
5389
5390 def test_ap_wps_authenticator_mismatch_m6(dev, apdev):
5391 """WPS and Authenticator attribute mismatch in M6"""
5392 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0])
5393 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5394 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5395 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5396 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5397 wps_ext_eap_wsc(dev[0], hapd, bssid, "M2")
5398 wps_ext_eap_wsc(hapd, dev[0], addr, "M3")
5399 wps_ext_eap_wsc(dev[0], hapd, bssid, "M4")
5400 wps_ext_eap_wsc(hapd, dev[0], addr, "M5")
5401 logger.debug("M6")
5402 wps_auth_corrupt_from_ap(dev[0], hapd, bssid, "msg=10")
5403
5404 def test_ap_wps_authenticator_mismatch_m7(dev, apdev):
5405 """WPS and Authenticator attribute mismatch in M7"""
5406 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0])
5407 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5408 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5409 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5410 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5411 wps_ext_eap_wsc(dev[0], hapd, bssid, "M2")
5412 wps_ext_eap_wsc(hapd, dev[0], addr, "M3")
5413 wps_ext_eap_wsc(dev[0], hapd, bssid, "M4")
5414 wps_ext_eap_wsc(hapd, dev[0], addr, "M5")
5415 wps_ext_eap_wsc(dev[0], hapd, bssid, "M6")
5416 logger.debug("M7")
5417 wps_auth_corrupt_to_ap(dev[0], hapd, addr, "msg=11")
5418
5419 def test_ap_wps_authenticator_mismatch_m8(dev, apdev):
5420 """WPS and Authenticator attribute mismatch in M8"""
5421 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0])
5422 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5423 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5424 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5425 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5426 wps_ext_eap_wsc(dev[0], hapd, bssid, "M2")
5427 wps_ext_eap_wsc(hapd, dev[0], addr, "M3")
5428 wps_ext_eap_wsc(dev[0], hapd, bssid, "M4")
5429 wps_ext_eap_wsc(hapd, dev[0], addr, "M5")
5430 wps_ext_eap_wsc(dev[0], hapd, bssid, "M6")
5431 wps_ext_eap_wsc(hapd, dev[0], addr, "M7")
5432 logger.debug("M8")
5433 wps_auth_corrupt_from_ap(dev[0], hapd, bssid, "msg=12")
5434
5435 def test_ap_wps_authenticator_missing_m2(dev, apdev):
5436 """WPS and Authenticator attribute missing from M2"""
5437 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0])
5438 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5439 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5440 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5441 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5442 logger.debug("M2")
5443 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5444 if ev is None:
5445 raise Exception("Timeout on EAPOL-TX")
5446 hapd.request("SET ext_eapol_frame_io 0")
5447 dev[0].request("SET ext_eapol_frame_io 0")
5448 msg = ev.split(' ')[2]
5449 if msg[-24:-16] != '10050008':
5450 raise Exception("Could not find Authenticator attribute")
5451 # Remove Authenticator value
5452 msg = msg[:-24]
5453 mlen = "%04x" % (int(msg[4:8], 16) - 12)
5454 msg = msg[0:4] + mlen + msg[8:12] + mlen + msg[16:]
5455 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5456 if "OK" not in res:
5457 raise Exception("EAPOL_RX failed")
5458 wps_fail_finish(hapd, dev[0], "msg=5")
5459
5460 def test_ap_wps_m2_dev_passwd_id_p2p(dev, apdev):
5461 """WPS and M2 with different Device Password ID (P2P)"""
5462 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0])
5463 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5464 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5465 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5466 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5467 logger.debug("M2")
5468 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5469 if ev is None:
5470 raise Exception("Timeout on EAPOL-TX")
5471 hapd.request("SET ext_eapol_frame_io 0")
5472 dev[0].request("SET ext_eapol_frame_io 0")
5473 msg = ev.split(' ')[2]
5474 if msg[722:730] != '10120002':
5475 raise Exception("Could not find Device Password ID attribute")
5476 # Replace Device Password ID value. This will fail Authenticator check, but
5477 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5478 # log.
5479 msg = msg[0:730] + "0005" + msg[734:]
5480 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5481 if "OK" not in res:
5482 raise Exception("EAPOL_RX failed")
5483 wps_fail_finish(hapd, dev[0], "msg=5")
5484
5485 def test_ap_wps_m2_dev_passwd_id_change_pin_to_pbc(dev, apdev):
5486 """WPS and M2 with different Device Password ID (PIN to PBC)"""
5487 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0])
5488 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5489 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5490 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5491 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5492 logger.debug("M2")
5493 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5494 if ev is None:
5495 raise Exception("Timeout on EAPOL-TX")
5496 hapd.request("SET ext_eapol_frame_io 0")
5497 dev[0].request("SET ext_eapol_frame_io 0")
5498 msg = ev.split(' ')[2]
5499 if msg[722:730] != '10120002':
5500 raise Exception("Could not find Device Password ID attribute")
5501 # Replace Device Password ID value (PIN --> PBC). This will be rejected.
5502 msg = msg[0:730] + "0004" + msg[734:]
5503 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5504 if "OK" not in res:
5505 raise Exception("EAPOL_RX failed")
5506 wps_fail_finish(hapd, dev[0], "msg=5")
5507
5508 def test_ap_wps_m2_dev_passwd_id_change_pbc_to_pin(dev, apdev):
5509 """WPS and M2 with different Device Password ID (PBC to PIN)"""
5510 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pbc=True)
5511 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5512 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5513 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5514 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5515 logger.debug("M2")
5516 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5517 if ev is None:
5518 raise Exception("Timeout on EAPOL-TX")
5519 hapd.request("SET ext_eapol_frame_io 0")
5520 dev[0].request("SET ext_eapol_frame_io 0")
5521 msg = ev.split(' ')[2]
5522 if msg[722:730] != '10120002':
5523 raise Exception("Could not find Device Password ID attribute")
5524 # Replace Device Password ID value. This will fail Authenticator check, but
5525 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5526 # log.
5527 msg = msg[0:730] + "0000" + msg[734:]
5528 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5529 if "OK" not in res:
5530 raise Exception("EAPOL_RX failed")
5531 wps_fail_finish(hapd, dev[0], "msg=5")
5532 dev[0].flush_scan_cache()
5533
5534 def test_ap_wps_m2_missing_dev_passwd_id(dev, apdev):
5535 """WPS and M2 without Device Password ID"""
5536 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0])
5537 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5538 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5539 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5540 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5541 logger.debug("M2")
5542 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5543 if ev is None:
5544 raise Exception("Timeout on EAPOL-TX")
5545 hapd.request("SET ext_eapol_frame_io 0")
5546 dev[0].request("SET ext_eapol_frame_io 0")
5547 msg = ev.split(' ')[2]
5548 if msg[722:730] != '10120002':
5549 raise Exception("Could not find Device Password ID attribute")
5550 # Remove Device Password ID value. This will fail Authenticator check, but
5551 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5552 # log.
5553 mlen = "%04x" % (int(msg[4:8], 16) - 6)
5554 msg = msg[0:4] + mlen + msg[8:12] + mlen + msg[16:722] + msg[734:]
5555 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5556 if "OK" not in res:
5557 raise Exception("EAPOL_RX failed")
5558 wps_fail_finish(hapd, dev[0], "msg=5")
5559
5560 def test_ap_wps_m2_missing_registrar_nonce(dev, apdev):
5561 """WPS and M2 without Registrar Nonce"""
5562 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pbc=True)
5563 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5564 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5565 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5566 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5567 logger.debug("M2")
5568 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5569 if ev is None:
5570 raise Exception("Timeout on EAPOL-TX")
5571 hapd.request("SET ext_eapol_frame_io 0")
5572 dev[0].request("SET ext_eapol_frame_io 0")
5573 msg = ev.split(' ')[2]
5574 if msg[96:104] != '10390010':
5575 raise Exception("Could not find Registrar Nonce attribute")
5576 # Remove Registrar Nonce. This will fail Authenticator check, but
5577 # allows the code path in wps_process_registrar_nonce() to be checked from
5578 # the debug log.
5579 mlen = "%04x" % (int(msg[4:8], 16) - 20)
5580 msg = msg[0:4] + mlen + msg[8:12] + mlen + msg[16:96] + msg[136:]
5581 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5582 if "OK" not in res:
5583 raise Exception("EAPOL_RX failed")
5584 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout=5)
5585 if ev is None:
5586 raise Exception("Disconnect event not seen")
5587 dev[0].request("WPS_CANCEL")
5588 dev[0].flush_scan_cache()
5589
5590 def test_ap_wps_m2_missing_enrollee_nonce(dev, apdev):
5591 """WPS and M2 without Enrollee Nonce"""
5592 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pbc=True)
5593 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5594 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5595 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5596 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5597 logger.debug("M2")
5598 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5599 if ev is None:
5600 raise Exception("Timeout on EAPOL-TX")
5601 hapd.request("SET ext_eapol_frame_io 0")
5602 dev[0].request("SET ext_eapol_frame_io 0")
5603 msg = ev.split(' ')[2]
5604 if msg[56:64] != '101a0010':
5605 raise Exception("Could not find enrollee Nonce attribute")
5606 # Remove Enrollee Nonce. This will fail Authenticator check, but
5607 # allows the code path in wps_process_enrollee_nonce() to be checked from
5608 # the debug log.
5609 mlen = "%04x" % (int(msg[4:8], 16) - 20)
5610 msg = msg[0:4] + mlen + msg[8:12] + mlen + msg[16:56] + msg[96:]
5611 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5612 if "OK" not in res:
5613 raise Exception("EAPOL_RX failed")
5614 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout=5)
5615 if ev is None:
5616 raise Exception("Disconnect event not seen")
5617 dev[0].request("WPS_CANCEL")
5618 dev[0].flush_scan_cache()
5619
5620 def test_ap_wps_m2_missing_uuid_r(dev, apdev):
5621 """WPS and M2 without UUID-R"""
5622 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pbc=True)
5623 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5624 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5625 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5626 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5627 logger.debug("M2")
5628 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5629 if ev is None:
5630 raise Exception("Timeout on EAPOL-TX")
5631 hapd.request("SET ext_eapol_frame_io 0")
5632 dev[0].request("SET ext_eapol_frame_io 0")
5633 msg = ev.split(' ')[2]
5634 if msg[136:144] != '10480010':
5635 raise Exception("Could not find enrollee Nonce attribute")
5636 # Remove UUID-R. This will fail Authenticator check, but allows the code
5637 # path in wps_process_uuid_r() to be checked from the debug log.
5638 mlen = "%04x" % (int(msg[4:8], 16) - 20)
5639 msg = msg[0:4] + mlen + msg[8:12] + mlen + msg[16:136] + msg[176:]
5640 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5641 if "OK" not in res:
5642 raise Exception("EAPOL_RX failed")
5643 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout=5)
5644 if ev is None:
5645 raise Exception("Disconnect event not seen")
5646 dev[0].request("WPS_CANCEL")
5647 dev[0].flush_scan_cache()
5648
5649 def test_ap_wps_m2_invalid(dev, apdev):
5650 """WPS and M2 parsing failure"""
5651 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pbc=True)
5652 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5653 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5654 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5655 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5656 logger.debug("M2")
5657 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5658 if ev is None:
5659 raise Exception("Timeout on EAPOL-TX")
5660 hapd.request("SET ext_eapol_frame_io 0")
5661 dev[0].request("SET ext_eapol_frame_io 0")
5662 msg = ev.split(' ')[2]
5663 if msg[136:144] != '10480010':
5664 raise Exception("Could not find enrollee Nonce attribute")
5665 # Remove UUID-R. This will fail Authenticator check, but allows the code
5666 # path in wps_process_uuid_r() to be checked from the debug log.
5667 mlen = "%04x" % (int(msg[4:8], 16) - 1)
5668 msg = msg[0:4] + mlen + msg[8:12] + mlen + msg[16:-2]
5669 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5670 if "OK" not in res:
5671 raise Exception("EAPOL_RX failed")
5672 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout=5)
5673 if ev is None:
5674 raise Exception("Disconnect event not seen")
5675 dev[0].request("WPS_CANCEL")
5676 dev[0].flush_scan_cache()
5677
5678 def test_ap_wps_m2_missing_msg_type(dev, apdev):
5679 """WPS and M2 without Message Type"""
5680 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pbc=True)
5681 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5682 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5683 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5684 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5685 logger.debug("M2")
5686 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5687 if ev is None:
5688 raise Exception("Timeout on EAPOL-TX")
5689 hapd.request("SET ext_eapol_frame_io 0")
5690 dev[0].request("SET ext_eapol_frame_io 0")
5691 msg = ev.split(' ')[2]
5692 if msg[46:54] != '10220001':
5693 raise Exception("Could not find Message Type attribute")
5694 # Remove Message Type. This will fail Authenticator check, but allows the
5695 # code path in wps_process_wsc_msg() to be checked from the debug log.
5696 mlen = "%04x" % (int(msg[4:8], 16) - 5)
5697 msg = msg[0:4] + mlen + msg[8:12] + mlen + msg[16:46] + msg[56:]
5698 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5699 if "OK" not in res:
5700 raise Exception("EAPOL_RX failed")
5701 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout=5)
5702 if ev is None:
5703 raise Exception("Disconnect event not seen")
5704 dev[0].request("WPS_CANCEL")
5705 dev[0].flush_scan_cache()
5706
5707 def test_ap_wps_m2_unknown_msg_type(dev, apdev):
5708 """WPS and M2 but unknown Message Type"""
5709 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pbc=True)
5710 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5711 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5712 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5713 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5714 logger.debug("M2")
5715 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5716 if ev is None:
5717 raise Exception("Timeout on EAPOL-TX")
5718 hapd.request("SET ext_eapol_frame_io 0")
5719 dev[0].request("SET ext_eapol_frame_io 0")
5720 msg = ev.split(' ')[2]
5721 if msg[46:54] != '10220001':
5722 raise Exception("Could not find Message Type attribute")
5723 # Replace Message Type value. This will be rejected.
5724 msg = msg[0:54] + "00" + msg[56:]
5725 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5726 if "OK" not in res:
5727 raise Exception("EAPOL_RX failed")
5728 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout=5)
5729 if ev is None:
5730 raise Exception("Disconnect event not seen")
5731 dev[0].request("WPS_CANCEL")
5732 dev[0].flush_scan_cache()
5733
5734 def test_ap_wps_m2_unknown_opcode(dev, apdev):
5735 """WPS and M2 but unknown opcode"""
5736 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pbc=True)
5737 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5738 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5739 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5740 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5741 logger.debug("M2")
5742 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5743 if ev is None:
5744 raise Exception("Timeout on EAPOL-TX")
5745 hapd.request("SET ext_eapol_frame_io 0")
5746 dev[0].request("SET ext_eapol_frame_io 0")
5747 msg = ev.split(' ')[2]
5748 # Replace opcode. This will be discarded in EAP-WSC processing.
5749 msg = msg[0:32] + "00" + msg[34:]
5750 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5751 if "OK" not in res:
5752 raise Exception("EAPOL_RX failed")
5753 dev[0].request("WPS_CANCEL")
5754 dev[0].wait_disconnected()
5755 dev[0].flush_scan_cache()
5756
5757 def test_ap_wps_m2_unknown_opcode2(dev, apdev):
5758 """WPS and M2 but unknown opcode (WSC_Start)"""
5759 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pbc=True)
5760 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5761 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5762 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5763 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5764 logger.debug("M2")
5765 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5766 if ev is None:
5767 raise Exception("Timeout on EAPOL-TX")
5768 hapd.request("SET ext_eapol_frame_io 0")
5769 dev[0].request("SET ext_eapol_frame_io 0")
5770 msg = ev.split(' ')[2]
5771 # Replace opcode. This will be discarded in EAP-WSC processing.
5772 msg = msg[0:32] + "01" + msg[34:]
5773 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5774 if "OK" not in res:
5775 raise Exception("EAPOL_RX failed")
5776 dev[0].request("WPS_CANCEL")
5777 dev[0].wait_disconnected()
5778 dev[0].flush_scan_cache()
5779
5780 def test_ap_wps_m2_unknown_opcode3(dev, apdev):
5781 """WPS and M2 but unknown opcode (WSC_Done)"""
5782 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pbc=True)
5783 wps_ext_eap_identity_req(dev[0], hapd, bssid)
5784 wps_ext_eap_identity_resp(hapd, dev[0], addr)
5785 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
5786 wps_ext_eap_wsc(hapd, dev[0], addr, "M1")
5787 logger.debug("M2")
5788 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5789 if ev is None:
5790 raise Exception("Timeout on EAPOL-TX")
5791 hapd.request("SET ext_eapol_frame_io 0")
5792 dev[0].request("SET ext_eapol_frame_io 0")
5793 msg = ev.split(' ')[2]
5794 # Replace opcode. This will be discarded in WPS Enrollee processing.
5795 msg = msg[0:32] + "05" + msg[34:]
5796 res = dev[0].request("EAPOL_RX " + bssid + " " + msg)
5797 if "OK" not in res:
5798 raise Exception("EAPOL_RX failed")
5799 dev[0].request("WPS_CANCEL")
5800 dev[0].wait_disconnected()
5801 dev[0].flush_scan_cache()
5802
5803 def wps_m2_but_other(dev, apdev, title, msgtype):
5804 addr,bssid,hapd = wps_start_ext(apdev, dev)
5805 wps_ext_eap_identity_req(dev, hapd, bssid)
5806 wps_ext_eap_identity_resp(hapd, dev, addr)
5807 wps_ext_eap_wsc(dev, hapd, bssid, "EAP-WSC/Start")
5808 wps_ext_eap_wsc(hapd, dev, addr, "M1")
5809 logger.debug(title)
5810 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5811 if ev is None:
5812 raise Exception("Timeout on EAPOL-TX")
5813 hapd.request("SET ext_eapol_frame_io 0")
5814 dev.request("SET ext_eapol_frame_io 0")
5815 msg = ev.split(' ')[2]
5816 if msg[46:54] != '10220001':
5817 raise Exception("Could not find Message Type attribute")
5818 # Replace Message Type value. This will be rejected.
5819 msg = msg[0:54] + msgtype + msg[56:]
5820 res = dev.request("EAPOL_RX " + bssid + " " + msg)
5821 if "OK" not in res:
5822 raise Exception("EAPOL_RX failed")
5823 ev = dev.wait_event(["WPS-FAIL"], timeout=5)
5824 if ev is None:
5825 raise Exception("WPS-FAIL event not seen")
5826 dev.request("WPS_CANCEL")
5827 dev.wait_disconnected()
5828
5829 def wps_m4_but_other(dev, apdev, title, msgtype):
5830 addr,bssid,hapd = wps_start_ext(apdev, dev)
5831 wps_ext_eap_identity_req(dev, hapd, bssid)
5832 wps_ext_eap_identity_resp(hapd, dev, addr)
5833 wps_ext_eap_wsc(dev, hapd, bssid, "EAP-WSC/Start")
5834 wps_ext_eap_wsc(hapd, dev, addr, "M1")
5835 wps_ext_eap_wsc(dev, hapd, bssid, "M2")
5836 wps_ext_eap_wsc(hapd, dev, addr, "M3")
5837 logger.debug(title)
5838 ev = hapd.wait_event(["EAPOL-TX"], timeout=10)
5839 if ev is None:
5840 raise Exception("Timeout on EAPOL-TX")
5841 hapd.request("SET ext_eapol_frame_io 0")
5842 dev.request("SET ext_eapol_frame_io 0")
5843 msg = ev.split(' ')[2]
5844 if msg[46:54] != '10220001':
5845 raise Exception("Could not find Message Type attribute")
5846 # Replace Message Type value. This will be rejected.
5847 msg = msg[0:54] + msgtype + msg[56:]
5848 res = dev.request("EAPOL_RX " + bssid + " " + msg)
5849 if "OK" not in res:
5850 raise Exception("EAPOL_RX failed")
5851 ev = hapd.wait_event(["WPS-FAIL"], timeout=5)
5852 if ev is None:
5853 raise Exception("WPS-FAIL event not seen")
5854 dev.request("WPS_CANCEL")
5855 dev.wait_disconnected()
5856
5857 def test_ap_wps_m2_msg_type_m4(dev, apdev):
5858 """WPS and M2 but Message Type M4"""
5859 wps_m2_but_other(dev[0], apdev[0], "M2/M4", "08")
5860
5861 def test_ap_wps_m2_msg_type_m6(dev, apdev):
5862 """WPS and M2 but Message Type M6"""
5863 wps_m2_but_other(dev[0], apdev[0], "M2/M6", "0a")
5864
5865 def test_ap_wps_m2_msg_type_m8(dev, apdev):
5866 """WPS and M2 but Message Type M8"""
5867 wps_m2_but_other(dev[0], apdev[0], "M2/M8", "0c")
5868
5869 def test_ap_wps_m4_msg_type_m2(dev, apdev):
5870 """WPS and M4 but Message Type M2"""
5871 wps_m4_but_other(dev[0], apdev[0], "M4/M2", "05")
5872
5873 def test_ap_wps_m4_msg_type_m2d(dev, apdev):
5874 """WPS and M4 but Message Type M2D"""
5875 wps_m4_but_other(dev[0], apdev[0], "M4/M2D", "06")
5876
5877 @remote_compatible
5878 def test_ap_wps_config_methods(dev, apdev):
5879 """WPS configuration method parsing"""
5880 ssid = "test-wps-conf"
5881 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
5882 "wpa_passphrase": "12345678", "wpa": "2",
5883 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
5884 "config_methods": "ethernet display ext_nfc_token int_nfc_token physical_display physical_push_button" }
5885 hapd = hostapd.add_ap(apdev[0], params)
5886 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
5887 "wpa_passphrase": "12345678", "wpa": "2",
5888 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
5889 "config_methods": "display push_button" }
5890 hapd2 = hostapd.add_ap(apdev[1], params)
5891
5892 def test_ap_wps_set_selected_registrar_proto(dev, apdev):
5893 """WPS UPnP SetSelectedRegistrar protocol testing"""
5894 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
5895 hapd = add_ssdp_ap(apdev[0], ap_uuid)
5896
5897 location = ssdp_get_location(ap_uuid)
5898 urls = upnp_get_urls(location)
5899 eventurl = urlparse.urlparse(urls['event_sub_url'])
5900 ctrlurl = urlparse.urlparse(urls['control_url'])
5901 url = urlparse.urlparse(location)
5902 conn = httplib.HTTPConnection(url.netloc)
5903
5904 class WPSERHTTPServer(SocketServer.StreamRequestHandler):
5905 def handle(self):
5906 data = self.rfile.readline().strip()
5907 logger.debug(data)
5908 self.wfile.write(gen_wps_event())
5909
5910 server = MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer)
5911 server.timeout = 1
5912
5913 headers = { "callback": '<http://127.0.0.1:12345/event>',
5914 "NT": "upnp:event",
5915 "timeout": "Second-1234" }
5916 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
5917 resp = conn.getresponse()
5918 if resp.status != 200:
5919 raise Exception("Unexpected HTTP response: %d" % resp.status)
5920 sid = resp.getheader("sid")
5921 logger.debug("Subscription SID " + sid)
5922 server.handle_request()
5923
5924 tests = [ (500, "10"),
5925 (200, "104a000110" + "1041000101" + "101200020000" +
5926 "105300023148" +
5927 "1049002c00372a0001200124111111111111222222222222333333333333444444444444555555555555666666666666" +
5928 "10480010362db47ba53a519188fb5458b986b2e4"),
5929 (200, "104a000110" + "1041000100" + "101200020000" +
5930 "105300020000"),
5931 (200, "104a000110" + "1041000100"),
5932 (200, "104a000110") ]
5933 for status,test in tests:
5934 tlvs = binascii.unhexlify(test)
5935 newmsg = base64.b64encode(tlvs)
5936 msg = '<?xml version="1.0"?>\n'
5937 msg += '<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">'
5938 msg += '<s:Body>'
5939 msg += '<u:SetSelectedRegistrar xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">'
5940 msg += '<NewMessage>'
5941 msg += newmsg
5942 msg += "</NewMessage></u:SetSelectedRegistrar></s:Body></s:Envelope>"
5943 headers = { "Content-type": 'text/xml; charset="utf-8"' }
5944 headers["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % "SetSelectedRegistrar"
5945 conn.request("POST", ctrlurl.path, msg, headers)
5946 resp = conn.getresponse()
5947 if resp.status != status:
5948 raise Exception("Unexpected HTTP response: %d (expected %d)" % (resp.status, status))
5949
5950 def test_ap_wps_adv_oom(dev, apdev):
5951 """WPS AP and advertisement OOM"""
5952 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
5953 hapd = add_ssdp_ap(apdev[0], ap_uuid)
5954
5955 with alloc_fail(hapd, 1, "=msearchreply_state_machine_start"):
5956 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1",
5957 no_recv=True)
5958 time.sleep(0.2)
5959
5960 with alloc_fail(hapd, 1, "eloop_register_timeout;msearchreply_state_machine_start"):
5961 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1",
5962 no_recv=True)
5963 time.sleep(0.2)
5964
5965 with alloc_fail(hapd, 1,
5966 "next_advertisement;advertisement_state_machine_stop"):
5967 hapd.disable()
5968
5969 with alloc_fail(hapd, 1, "ssdp_listener_start"):
5970 if "FAIL" not in hapd.request("ENABLE"):
5971 raise Exception("ENABLE succeeded during OOM")
5972
5973 def test_wps_config_methods(dev):
5974 """WPS config method update"""
5975 wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
5976 wpas.interface_add("wlan5")
5977 if "OK" not in wpas.request("SET config_methods display label"):
5978 raise Exception("Failed to set config_methods")
5979 if wpas.request("GET config_methods").strip() != "display label":
5980 raise Exception("config_methods were not updated")
5981 if "OK" not in wpas.request("SET config_methods "):
5982 raise Exception("Failed to clear config_methods")
5983 if wpas.request("GET config_methods").strip() != "":
5984 raise Exception("config_methods were not cleared")
5985
5986 WPS_VENDOR_ID_WFA = 14122
5987 WPS_VENDOR_TYPE = 1
5988
5989 # EAP-WSC Op-Code values
5990 WSC_Start = 0x01
5991 WSC_ACK = 0x02
5992 WSC_NACK = 0x03
5993 WSC_MSG = 0x04
5994 WSC_Done = 0x05
5995 WSC_FRAG_ACK = 0x06
5996
5997 ATTR_AP_CHANNEL = 0x1001
5998 ATTR_ASSOC_STATE = 0x1002
5999 ATTR_AUTH_TYPE = 0x1003
6000 ATTR_AUTH_TYPE_FLAGS = 0x1004
6001 ATTR_AUTHENTICATOR = 0x1005
6002 ATTR_CONFIG_METHODS = 0x1008
6003 ATTR_CONFIG_ERROR = 0x1009
6004 ATTR_CONFIRM_URL4 = 0x100a
6005 ATTR_CONFIRM_URL6 = 0x100b
6006 ATTR_CONN_TYPE = 0x100c
6007 ATTR_CONN_TYPE_FLAGS = 0x100d
6008 ATTR_CRED = 0x100e
6009 ATTR_ENCR_TYPE = 0x100f
6010 ATTR_ENCR_TYPE_FLAGS = 0x1010
6011 ATTR_DEV_NAME = 0x1011
6012 ATTR_DEV_PASSWORD_ID = 0x1012
6013 ATTR_E_HASH1 = 0x1014
6014 ATTR_E_HASH2 = 0x1015
6015 ATTR_E_SNONCE1 = 0x1016
6016 ATTR_E_SNONCE2 = 0x1017
6017 ATTR_ENCR_SETTINGS = 0x1018
6018 ATTR_ENROLLEE_NONCE = 0x101a
6019 ATTR_FEATURE_ID = 0x101b
6020 ATTR_IDENTITY = 0x101c
6021 ATTR_IDENTITY_PROOF = 0x101d
6022 ATTR_KEY_WRAP_AUTH = 0x101e
6023 ATTR_KEY_ID = 0x101f
6024 ATTR_MAC_ADDR = 0x1020
6025 ATTR_MANUFACTURER = 0x1021
6026 ATTR_MSG_TYPE = 0x1022
6027 ATTR_MODEL_NAME = 0x1023
6028 ATTR_MODEL_NUMBER = 0x1024
6029 ATTR_NETWORK_INDEX = 0x1026
6030 ATTR_NETWORK_KEY = 0x1027
6031 ATTR_NETWORK_KEY_INDEX = 0x1028
6032 ATTR_NEW_DEVICE_NAME = 0x1029
6033 ATTR_NEW_PASSWORD = 0x102a
6034 ATTR_OOB_DEVICE_PASSWORD = 0x102c
6035 ATTR_OS_VERSION = 0x102d
6036 ATTR_POWER_LEVEL = 0x102f
6037 ATTR_PSK_CURRENT = 0x1030
6038 ATTR_PSK_MAX = 0x1031
6039 ATTR_PUBLIC_KEY = 0x1032
6040 ATTR_RADIO_ENABLE = 0x1033
6041 ATTR_REBOOT = 0x1034
6042 ATTR_REGISTRAR_CURRENT = 0x1035
6043 ATTR_REGISTRAR_ESTABLISHED = 0x1036
6044 ATTR_REGISTRAR_LIST = 0x1037
6045 ATTR_REGISTRAR_MAX = 0x1038
6046 ATTR_REGISTRAR_NONCE = 0x1039
6047 ATTR_REQUEST_TYPE = 0x103a
6048 ATTR_RESPONSE_TYPE = 0x103b
6049 ATTR_RF_BANDS = 0x103c
6050 ATTR_R_HASH1 = 0x103d
6051 ATTR_R_HASH2 = 0x103e
6052 ATTR_R_SNONCE1 = 0x103f
6053 ATTR_R_SNONCE2 = 0x1040
6054 ATTR_SELECTED_REGISTRAR = 0x1041
6055 ATTR_SERIAL_NUMBER = 0x1042
6056 ATTR_WPS_STATE = 0x1044
6057 ATTR_SSID = 0x1045
6058 ATTR_TOTAL_NETWORKS = 0x1046
6059 ATTR_UUID_E = 0x1047
6060 ATTR_UUID_R = 0x1048
6061 ATTR_VENDOR_EXT = 0x1049
6062 ATTR_VERSION = 0x104a
6063 ATTR_X509_CERT_REQ = 0x104b
6064 ATTR_X509_CERT = 0x104c
6065 ATTR_EAP_IDENTITY = 0x104d
6066 ATTR_MSG_COUNTER = 0x104e
6067 ATTR_PUBKEY_HASH = 0x104f
6068 ATTR_REKEY_KEY = 0x1050
6069 ATTR_KEY_LIFETIME = 0x1051
6070 ATTR_PERMITTED_CFG_METHODS = 0x1052
6071 ATTR_SELECTED_REGISTRAR_CONFIG_METHODS = 0x1053
6072 ATTR_PRIMARY_DEV_TYPE = 0x1054
6073 ATTR_SECONDARY_DEV_TYPE_LIST = 0x1055
6074 ATTR_PORTABLE_DEV = 0x1056
6075 ATTR_AP_SETUP_LOCKED = 0x1057
6076 ATTR_APPLICATION_EXT = 0x1058
6077 ATTR_EAP_TYPE = 0x1059
6078 ATTR_IV = 0x1060
6079 ATTR_KEY_PROVIDED_AUTO = 0x1061
6080 ATTR_802_1X_ENABLED = 0x1062
6081 ATTR_APPSESSIONKEY = 0x1063
6082 ATTR_WEPTRANSMITKEY = 0x1064
6083 ATTR_REQUESTED_DEV_TYPE = 0x106a
6084
6085 # Message Type
6086 WPS_Beacon = 0x01
6087 WPS_ProbeRequest = 0x02
6088 WPS_ProbeResponse = 0x03
6089 WPS_M1 = 0x04
6090 WPS_M2 = 0x05
6091 WPS_M2D = 0x06
6092 WPS_M3 = 0x07
6093 WPS_M4 = 0x08
6094 WPS_M5 = 0x09
6095 WPS_M6 = 0x0a
6096 WPS_M7 = 0x0b
6097 WPS_M8 = 0x0c
6098 WPS_WSC_ACK = 0x0d
6099 WPS_WSC_NACK = 0x0e
6100 WPS_WSC_DONE = 0x0f
6101
6102 def get_wsc_msg(dev):
6103 ev = dev.wait_event(["EAPOL-TX"], timeout=10)
6104 if ev is None:
6105 raise Exception("Timeout on EAPOL-TX")
6106 data = binascii.unhexlify(ev.split(' ')[2])
6107 msg = {}
6108
6109 # Parse EAPOL header
6110 if len(data) < 4:
6111 raise Exception("No room for EAPOL header")
6112 version,type,length = struct.unpack('>BBH', data[0:4])
6113 msg['eapol_version'] = version
6114 msg['eapol_type'] = type
6115 msg['eapol_length'] = length
6116 data = data[4:]
6117 if length != len(data):
6118 raise Exception("EAPOL header length mismatch (%d != %d)" % (length, len(data)))
6119 if type != 0:
6120 raise Exception("Unexpected EAPOL header type: %d" % type)
6121
6122 # Parse EAP header
6123 if len(data) < 4:
6124 raise Exception("No room for EAP header")
6125 code,identifier,length = struct.unpack('>BBH', data[0:4])
6126 msg['eap_code'] = code
6127 msg['eap_identifier'] = identifier
6128 msg['eap_length'] = length
6129 data = data[4:]
6130 if msg['eapol_length'] != msg['eap_length']:
6131 raise Exception("EAP header length mismatch (%d != %d)" % (msg['eapol_length'], length))
6132
6133 # Parse EAP expanded header
6134 if len(data) < 1:
6135 raise Exception("No EAP type included")
6136 msg['eap_type'], = struct.unpack('B', data[0])
6137 data = data[1:]
6138
6139 if msg['eap_type'] == 254:
6140 if len(data) < 3 + 4:
6141 raise Exception("Truncated EAP expanded header")
6142 msg['eap_vendor_id'], msg['eap_vendor_type'] = struct.unpack('>LL', '\0' + data[0:7])
6143 data = data[7:]
6144 else:
6145 raise Exception("Unexpected EAP type")
6146
6147 if msg['eap_vendor_id'] != WPS_VENDOR_ID_WFA:
6148 raise Exception("Unexpected Vendor-Id")
6149 if msg['eap_vendor_type'] != WPS_VENDOR_TYPE:
6150 raise Exception("Unexpected Vendor-Type")
6151
6152 # Parse EAP-WSC header
6153 if len(data) < 2:
6154 raise Exception("Truncated EAP-WSC header")
6155 msg['wsc_opcode'], msg['wsc_flags'] = struct.unpack('BB', data[0:2])
6156 data = data[2:]
6157
6158 # Parse WSC attributes
6159 msg['raw_attrs'] = data
6160 attrs = {}
6161 while len(data) > 0:
6162 if len(data) < 4:
6163 raise Exception("Truncated attribute header")
6164 attr,length = struct.unpack('>HH', data[0:4])
6165 data = data[4:]
6166 if length > len(data):
6167 raise Exception("Truncated attribute 0x%04x" % attr)
6168 attrs[attr] = data[0:length]
6169 data = data[length:]
6170 msg['wsc_attrs'] = attrs
6171
6172 if ATTR_MSG_TYPE in attrs:
6173 msg['wsc_msg_type'], = struct.unpack('B', attrs[ATTR_MSG_TYPE])
6174
6175 return msg
6176
6177 def recv_wsc_msg(dev, opcode, msg_type):
6178 msg = get_wsc_msg(dev)
6179 if msg['wsc_opcode'] != opcode or msg['wsc_msg_type'] != msg_type:
6180 raise Exception("Unexpected Op-Code/MsgType")
6181 return msg, msg['wsc_attrs'], msg['raw_attrs']
6182
6183 def build_wsc_attr(attr, payload):
6184 return struct.pack('>HH', attr, len(payload)) + payload
6185
6186 def build_attr_msg_type(msg_type):
6187 return build_wsc_attr(ATTR_MSG_TYPE, struct.pack('B', msg_type))
6188
6189 def build_eap_wsc(eap_code, eap_id, payload, opcode=WSC_MSG):
6190 length = 4 + 8 + 2 + len(payload)
6191 # EAPOL header
6192 msg = struct.pack('>BBH', 2, 0, length)
6193 # EAP header
6194 msg += struct.pack('>BBH', eap_code, eap_id, length)
6195 # EAP expanded header for EAP-WSC
6196 msg += struct.pack('B', 254)
6197 msg += struct.pack('>L', WPS_VENDOR_ID_WFA)[1:4]
6198 msg += struct.pack('>L', WPS_VENDOR_TYPE)
6199 # EAP-WSC header
6200 msg += struct.pack('BB', opcode, 0)
6201 # WSC attributes
6202 msg += payload
6203 return msg
6204
6205 def build_eap_success(eap_id):
6206 length = 4
6207 # EAPOL header
6208 msg = struct.pack('>BBH', 2, 0, length)
6209 # EAP header
6210 msg += struct.pack('>BBH', 3, eap_id, length)
6211 return msg
6212
6213 def build_eap_failure(eap_id):
6214 length = 4
6215 # EAPOL header
6216 msg = struct.pack('>BBH', 2, 0, length)
6217 # EAP header
6218 msg += struct.pack('>BBH', 4, eap_id, length)
6219 return msg
6220
6221 def send_wsc_msg(dev, src, msg):
6222 res = dev.request("EAPOL_RX " + src + " " + binascii.hexlify(msg))
6223 if "OK" not in res:
6224 raise Exception("EAPOL_RX failed")
6225
6226 group_5_prime = 0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF
6227 group_5_generator = 2
6228
6229 def wsc_kdf(key, label, bits):
6230 result = ''
6231 i = 1
6232 while len(result) * 8 < bits:
6233 data = struct.pack('>L', i) + label + struct.pack('>L', bits)
6234 m = hmac.new(key, data, hashlib.sha256)
6235 result += m.digest()
6236 i += 1
6237 return result[0:bits / 8]
6238
6239 def wsc_keys(kdk):
6240 keys = wsc_kdf(kdk, "Wi-Fi Easy and Secure Key Derivation", 640)
6241 authkey = keys[0:32]
6242 keywrapkey = keys[32:48]
6243 emsk = keys[48:80]
6244 return authkey,keywrapkey,emsk
6245
6246 def wsc_dev_pw_half_psk(authkey, dev_pw):
6247 m = hmac.new(authkey, dev_pw, hashlib.sha256)
6248 return m.digest()[0:16]
6249
6250 def wsc_dev_pw_psk(authkey, dev_pw):
6251 dev_pw_1 = dev_pw[0:len(dev_pw) / 2]
6252 dev_pw_2 = dev_pw[len(dev_pw) / 2:]
6253 psk1 = wsc_dev_pw_half_psk(authkey, dev_pw_1)
6254 psk2 = wsc_dev_pw_half_psk(authkey, dev_pw_2)
6255 return psk1,psk2
6256
6257 def build_attr_authenticator(authkey, prev_msg, curr_msg):
6258 m = hmac.new(authkey, prev_msg + curr_msg, hashlib.sha256)
6259 auth = m.digest()[0:8]
6260 return build_wsc_attr(ATTR_AUTHENTICATOR, auth)
6261
6262 def build_attr_encr_settings(authkey, keywrapkey, data):
6263 m = hmac.new(authkey, data, hashlib.sha256)
6264 kwa = m.digest()[0:8]
6265 data += build_wsc_attr(ATTR_KEY_WRAP_AUTH, kwa)
6266 iv = 16*'\x99'
6267 aes = AES.new(keywrapkey, AES.MODE_CBC, iv)
6268 pad_len = 16 - len(data) % 16
6269 ps = pad_len * struct.pack('B', pad_len)
6270 data += ps
6271 wrapped = aes.encrypt(data)
6272 return build_wsc_attr(ATTR_ENCR_SETTINGS, iv + wrapped)
6273
6274 def decrypt_attr_encr_settings(authkey, keywrapkey, data):
6275 if len(data) < 32 or len(data) % 16 != 0:
6276 raise Exception("Unexpected Encrypted Settings length: %d" % len(data))
6277 iv = data[0:16]
6278 encr = data[16:]
6279 aes = AES.new(keywrapkey, AES.MODE_CBC, iv)
6280 decrypted = aes.decrypt(encr)
6281 pad_len, = struct.unpack('B', decrypted[-1])
6282 if pad_len > len(decrypted):
6283 raise Exception("Invalid padding in Encrypted Settings")
6284 for i in range(-pad_len, -1):
6285 if decrypted[i] != decrypted[-1]:
6286 raise Exception("Invalid PS value in Encrypted Settings")
6287
6288 decrypted = decrypted[0:len(decrypted) - pad_len]
6289 if len(decrypted) < 12:
6290 raise Exception("Truncated Encrypted Settings plaintext")
6291 kwa = decrypted[-12:]
6292 attr,length = struct.unpack(">HH", kwa[0:4])
6293 if attr != ATTR_KEY_WRAP_AUTH or length != 8:
6294 raise Exception("Invalid KWA header")
6295 kwa = kwa[4:]
6296 decrypted = decrypted[0:len(decrypted) - 12]
6297
6298 m = hmac.new(authkey, decrypted, hashlib.sha256)
6299 calc_kwa = m.digest()[0:8]
6300 if kwa != calc_kwa:
6301 raise Exception("KWA mismatch")
6302
6303 return decrypted
6304
6305 def zeropad_str(val, pad_len):
6306 while len(val) < pad_len * 2:
6307 val = '0' + val
6308 return val
6309
6310 def wsc_dh_init():
6311 # For now, use a hardcoded private key. In theory, this is supposed to be
6312 # randomly selected.
6313 own_private = 0x123456789
6314 own_public = pow(group_5_generator, own_private, group_5_prime)
6315 pk = binascii.unhexlify(zeropad_str(format(own_public, '02x'), 192))
6316 return own_private, pk
6317
6318 def wsc_dh_kdf(peer_pk, own_private, mac_addr, e_nonce, r_nonce):
6319 peer_public = long(binascii.hexlify(peer_pk), 16)
6320 if peer_public < 2 or peer_public >= group_5_prime:
6321 raise Exception("Invalid peer public key")
6322 if pow(peer_public, (group_5_prime - 1) / 2, group_5_prime) != 1:
6323 raise Exception("Unexpected Legendre symbol for peer public key")
6324
6325 shared_secret = pow(peer_public, own_private, group_5_prime)
6326 ss = zeropad_str(format(shared_secret, "02x"), 192)
6327 logger.debug("DH shared secret: " + ss)
6328
6329 dhkey = hashlib.sha256(binascii.unhexlify(ss)).digest()
6330 logger.debug("DHKey: " + binascii.hexlify(dhkey))
6331
6332 m = hmac.new(dhkey, e_nonce + mac_addr + r_nonce, hashlib.sha256)
6333 kdk = m.digest()
6334 logger.debug("KDK: " + binascii.hexlify(kdk))
6335 authkey,keywrapkey,emsk = wsc_keys(kdk)
6336 logger.debug("AuthKey: " + binascii.hexlify(authkey))
6337 logger.debug("KeyWrapKey: " + binascii.hexlify(keywrapkey))
6338 logger.debug("EMSK: " + binascii.hexlify(emsk))
6339 return authkey,keywrapkey
6340
6341 def wsc_dev_pw_hash(authkey, dev_pw, e_pk, r_pk):
6342 psk1,psk2 = wsc_dev_pw_psk(authkey, dev_pw)
6343 logger.debug("PSK1: " + binascii.hexlify(psk1))
6344 logger.debug("PSK2: " + binascii.hexlify(psk2))
6345
6346 # Note: Secret values are supposed to be random, but hardcoded values are
6347 # fine for testing.
6348 s1 = 16*'\x77'
6349 m = hmac.new(authkey, s1 + psk1 + e_pk + r_pk, hashlib.sha256)
6350 hash1 = m.digest()
6351 logger.debug("Hash1: " + binascii.hexlify(hash1))
6352
6353 s2 = 16*'\x88'
6354 m = hmac.new(authkey, s2 + psk2 + e_pk + r_pk, hashlib.sha256)
6355 hash2 = m.digest()
6356 logger.debug("Hash2: " + binascii.hexlify(hash2))
6357 return s1,s2,hash1,hash2
6358
6359 def build_m1(eap_id, uuid_e, mac_addr, e_nonce, e_pk,
6360 manufacturer='', model_name='', config_methods='\x00\x00'):
6361 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6362 attrs += build_attr_msg_type(WPS_M1)
6363 attrs += build_wsc_attr(ATTR_UUID_E, uuid_e)
6364 attrs += build_wsc_attr(ATTR_MAC_ADDR, mac_addr)
6365 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
6366 attrs += build_wsc_attr(ATTR_PUBLIC_KEY, e_pk)
6367 attrs += build_wsc_attr(ATTR_AUTH_TYPE_FLAGS, '\x00\x00')
6368 attrs += build_wsc_attr(ATTR_ENCR_TYPE_FLAGS, '\x00\x00')
6369 attrs += build_wsc_attr(ATTR_CONN_TYPE_FLAGS, '\x00')
6370 attrs += build_wsc_attr(ATTR_CONFIG_METHODS, config_methods)
6371 attrs += build_wsc_attr(ATTR_WPS_STATE, '\x00')
6372 attrs += build_wsc_attr(ATTR_MANUFACTURER, manufacturer)
6373 attrs += build_wsc_attr(ATTR_MODEL_NAME, model_name)
6374 attrs += build_wsc_attr(ATTR_MODEL_NUMBER, '')
6375 attrs += build_wsc_attr(ATTR_SERIAL_NUMBER, '')
6376 attrs += build_wsc_attr(ATTR_PRIMARY_DEV_TYPE, 8*'\x00')
6377 attrs += build_wsc_attr(ATTR_DEV_NAME, '')
6378 attrs += build_wsc_attr(ATTR_RF_BANDS, '\x00')
6379 attrs += build_wsc_attr(ATTR_ASSOC_STATE, '\x00\x00')
6380 attrs += build_wsc_attr(ATTR_DEV_PASSWORD_ID, '\x00\x00')
6381 attrs += build_wsc_attr(ATTR_CONFIG_ERROR, '\x00\x00')
6382 attrs += build_wsc_attr(ATTR_OS_VERSION, '\x00\x00\x00\x00')
6383 m1 = build_eap_wsc(2, eap_id, attrs)
6384 return m1, attrs
6385
6386 def build_m2(authkey, m1, eap_id, e_nonce, r_nonce, uuid_r, r_pk,
6387 dev_pw_id='\x00\x00', eap_code=1):
6388 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6389 attrs += build_attr_msg_type(WPS_M2)
6390 if e_nonce:
6391 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
6392 if r_nonce:
6393 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
6394 attrs += build_wsc_attr(ATTR_UUID_R, uuid_r)
6395 if r_pk:
6396 attrs += build_wsc_attr(ATTR_PUBLIC_KEY, r_pk)
6397 attrs += build_wsc_attr(ATTR_AUTH_TYPE_FLAGS, '\x00\x00')
6398 attrs += build_wsc_attr(ATTR_ENCR_TYPE_FLAGS, '\x00\x00')
6399 attrs += build_wsc_attr(ATTR_CONN_TYPE_FLAGS, '\x00')
6400 attrs += build_wsc_attr(ATTR_CONFIG_METHODS, '\x00\x00')
6401 attrs += build_wsc_attr(ATTR_MANUFACTURER, '')
6402 attrs += build_wsc_attr(ATTR_MODEL_NAME, '')
6403 attrs += build_wsc_attr(ATTR_MODEL_NUMBER, '')
6404 attrs += build_wsc_attr(ATTR_SERIAL_NUMBER, '')
6405 attrs += build_wsc_attr(ATTR_PRIMARY_DEV_TYPE, 8*'\x00')
6406 attrs += build_wsc_attr(ATTR_DEV_NAME, '')
6407 attrs += build_wsc_attr(ATTR_RF_BANDS, '\x00')
6408 attrs += build_wsc_attr(ATTR_ASSOC_STATE, '\x00\x00')
6409 attrs += build_wsc_attr(ATTR_CONFIG_ERROR, '\x00\x00')
6410 attrs += build_wsc_attr(ATTR_DEV_PASSWORD_ID, dev_pw_id)
6411 attrs += build_wsc_attr(ATTR_OS_VERSION, '\x00\x00\x00\x00')
6412 attrs += build_attr_authenticator(authkey, m1, attrs)
6413 m2 = build_eap_wsc(eap_code, eap_id, attrs)
6414 return m2, attrs
6415
6416 def build_m2d(m1, eap_id, e_nonce, r_nonce, uuid_r, dev_pw_id=None, eap_code=1):
6417 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6418 attrs += build_attr_msg_type(WPS_M2D)
6419 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
6420 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
6421 attrs += build_wsc_attr(ATTR_UUID_R, uuid_r)
6422 attrs += build_wsc_attr(ATTR_AUTH_TYPE_FLAGS, '\x00\x00')
6423 attrs += build_wsc_attr(ATTR_ENCR_TYPE_FLAGS, '\x00\x00')
6424 attrs += build_wsc_attr(ATTR_CONN_TYPE_FLAGS, '\x00')
6425 attrs += build_wsc_attr(ATTR_CONFIG_METHODS, '\x00\x00')
6426 attrs += build_wsc_attr(ATTR_MANUFACTURER, '')
6427 attrs += build_wsc_attr(ATTR_MODEL_NAME, '')
6428 #attrs += build_wsc_attr(ATTR_MODEL_NUMBER, '')
6429 attrs += build_wsc_attr(ATTR_SERIAL_NUMBER, '')
6430 attrs += build_wsc_attr(ATTR_PRIMARY_DEV_TYPE, 8*'\x00')
6431 attrs += build_wsc_attr(ATTR_DEV_NAME, '')
6432 attrs += build_wsc_attr(ATTR_RF_BANDS, '\x00')
6433 attrs += build_wsc_attr(ATTR_ASSOC_STATE, '\x00\x00')
6434 attrs += build_wsc_attr(ATTR_CONFIG_ERROR, '\x00\x00')
6435 attrs += build_wsc_attr(ATTR_OS_VERSION, '\x00\x00\x00\x00')
6436 if dev_pw_id:
6437 attrs += build_wsc_attr(ATTR_DEV_PASSWORD_ID, dev_pw_id)
6438 m2d = build_eap_wsc(eap_code, eap_id, attrs)
6439 return m2d, attrs
6440
6441 def build_ack(eap_id, e_nonce, r_nonce, msg_type=WPS_WSC_ACK, eap_code=1):
6442 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6443 if msg_type is not None:
6444 attrs += build_attr_msg_type(msg_type)
6445 if e_nonce:
6446 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
6447 if r_nonce:
6448 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
6449 msg = build_eap_wsc(eap_code, eap_id, attrs, opcode=WSC_ACK)
6450 return msg, attrs
6451
6452 def build_nack(eap_id, e_nonce, r_nonce, config_error='\x00\x00',
6453 msg_type=WPS_WSC_NACK, eap_code=1):
6454 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6455 if msg_type is not None:
6456 attrs += build_attr_msg_type(msg_type)
6457 if e_nonce:
6458 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
6459 if r_nonce:
6460 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
6461 if config_error:
6462 attrs += build_wsc_attr(ATTR_CONFIG_ERROR, config_error)
6463 msg = build_eap_wsc(eap_code, eap_id, attrs, opcode=WSC_NACK)
6464 return msg, attrs
6465
6466 def test_wps_ext(dev, apdev):
6467 """WPS against external implementation"""
6468 pin = "12345670"
6469 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
6470 wps_ext_eap_identity_req(dev[0], hapd, bssid)
6471 wps_ext_eap_identity_resp(hapd, dev[0], addr)
6472
6473 logger.debug("Receive WSC/Start from AP")
6474 msg = get_wsc_msg(hapd)
6475 if msg['wsc_opcode'] != WSC_Start:
6476 raise Exception("Unexpected Op-Code for WSC/Start")
6477 wsc_start_id = msg['eap_identifier']
6478
6479 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6480 uuid_e = 16*'\x11'
6481 e_nonce = 16*'\x22'
6482 own_private, e_pk = wsc_dh_init()
6483
6484 logger.debug("Send M1 to AP")
6485 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
6486 e_nonce, e_pk)
6487 send_wsc_msg(hapd, addr, m1)
6488
6489 logger.debug("Receive M2 from AP")
6490 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
6491
6492 authkey,keywrapkey = wsc_dh_kdf(m2_attrs[ATTR_PUBLIC_KEY], own_private,
6493 mac_addr, e_nonce,
6494 m2_attrs[ATTR_REGISTRAR_NONCE])
6495 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk,
6496 m2_attrs[ATTR_PUBLIC_KEY])
6497
6498 logger.debug("Send M3 to AP")
6499 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6500 attrs += build_attr_msg_type(WPS_M3)
6501 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE,
6502 m2_attrs[ATTR_REGISTRAR_NONCE])
6503 attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
6504 attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
6505 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
6506 raw_m3_attrs = attrs
6507 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
6508 send_wsc_msg(hapd, addr, m3)
6509
6510 logger.debug("Receive M4 from AP")
6511 msg, m4_attrs, raw_m4_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M4)
6512
6513 logger.debug("Send M5 to AP")
6514 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6515 attrs += build_attr_msg_type(WPS_M5)
6516 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE,
6517 m2_attrs[ATTR_REGISTRAR_NONCE])
6518 data = build_wsc_attr(ATTR_E_SNONCE1, e_s1)
6519 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
6520 attrs += build_attr_authenticator(authkey, raw_m4_attrs, attrs)
6521 raw_m5_attrs = attrs
6522 m5 = build_eap_wsc(2, msg['eap_identifier'], attrs)
6523 send_wsc_msg(hapd, addr, m5)
6524
6525 logger.debug("Receive M6 from AP")
6526 msg, m6_attrs, raw_m6_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M6)
6527
6528 logger.debug("Send M7 to AP")
6529 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6530 attrs += build_attr_msg_type(WPS_M7)
6531 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE,
6532 m2_attrs[ATTR_REGISTRAR_NONCE])
6533 data = build_wsc_attr(ATTR_E_SNONCE2, e_s2)
6534 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
6535 attrs += build_attr_authenticator(authkey, raw_m6_attrs, attrs)
6536 m7 = build_eap_wsc(2, msg['eap_identifier'], attrs)
6537 raw_m7_attrs = attrs
6538 send_wsc_msg(hapd, addr, m7)
6539
6540 logger.debug("Receive M8 from AP")
6541 msg, m8_attrs, raw_m8_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M8)
6542 m8_cred = decrypt_attr_encr_settings(authkey, keywrapkey,
6543 m8_attrs[ATTR_ENCR_SETTINGS])
6544 logger.debug("M8 Credential: " + binascii.hexlify(m8_cred))
6545
6546 logger.debug("Prepare WSC_Done")
6547 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6548 attrs += build_attr_msg_type(WPS_WSC_DONE)
6549 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
6550 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE,
6551 m2_attrs[ATTR_REGISTRAR_NONCE])
6552 wsc_done = build_eap_wsc(2, msg['eap_identifier'], attrs, opcode=WSC_Done)
6553 # Do not send WSC_Done yet to allow exchangw with STA complete before the
6554 # AP disconnects.
6555
6556 uuid_r = 16*'\x33'
6557 r_nonce = 16*'\x44'
6558
6559 eap_id = wsc_start_id
6560 logger.debug("Send WSC/Start to STA")
6561 wsc_start = build_eap_wsc(1, eap_id, "", opcode=WSC_Start)
6562 send_wsc_msg(dev[0], bssid, wsc_start)
6563 eap_id = (eap_id + 1) % 256
6564
6565 logger.debug("Receive M1 from STA")
6566 msg, m1_attrs, raw_m1_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M1)
6567
6568 authkey,keywrapkey = wsc_dh_kdf(m1_attrs[ATTR_PUBLIC_KEY], own_private,
6569 mac_addr, m1_attrs[ATTR_ENROLLEE_NONCE],
6570 r_nonce)
6571 r_s1,r_s2,r_hash1,r_hash2 = wsc_dev_pw_hash(authkey, pin,
6572 m1_attrs[ATTR_PUBLIC_KEY], e_pk)
6573
6574 logger.debug("Send M2 to STA")
6575 m2, raw_m2_attrs = build_m2(authkey, raw_m1_attrs, eap_id,
6576 m1_attrs[ATTR_ENROLLEE_NONCE],
6577 r_nonce, uuid_r, e_pk)
6578 send_wsc_msg(dev[0], bssid, m2)
6579 eap_id = (eap_id + 1) % 256
6580
6581 logger.debug("Receive M3 from STA")
6582 msg, m3_attrs, raw_m3_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M3)
6583
6584 logger.debug("Send M4 to STA")
6585 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6586 attrs += build_attr_msg_type(WPS_M4)
6587 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, m1_attrs[ATTR_ENROLLEE_NONCE])
6588 attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
6589 attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
6590 data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
6591 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
6592 attrs += build_attr_authenticator(authkey, raw_m3_attrs, attrs)
6593 raw_m4_attrs = attrs
6594 m4 = build_eap_wsc(1, eap_id, attrs)
6595 send_wsc_msg(dev[0], bssid, m4)
6596 eap_id = (eap_id + 1) % 256
6597
6598 logger.debug("Receive M5 from STA")
6599 msg, m5_attrs, raw_m5_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M5)
6600
6601 logger.debug("Send M6 to STA")
6602 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6603 attrs += build_attr_msg_type(WPS_M6)
6604 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE,
6605 m1_attrs[ATTR_ENROLLEE_NONCE])
6606 data = build_wsc_attr(ATTR_R_SNONCE2, r_s2)
6607 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
6608 attrs += build_attr_authenticator(authkey, raw_m5_attrs, attrs)
6609 raw_m6_attrs = attrs
6610 m6 = build_eap_wsc(1, eap_id, attrs)
6611 send_wsc_msg(dev[0], bssid, m6)
6612 eap_id = (eap_id + 1) % 256
6613
6614 logger.debug("Receive M7 from STA")
6615 msg, m7_attrs, raw_m7_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M7)
6616
6617 logger.debug("Send M8 to STA")
6618 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6619 attrs += build_attr_msg_type(WPS_M8)
6620 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE,
6621 m1_attrs[ATTR_ENROLLEE_NONCE])
6622 attrs += build_attr_encr_settings(authkey, keywrapkey, m8_cred)
6623 attrs += build_attr_authenticator(authkey, raw_m7_attrs, attrs)
6624 raw_m8_attrs = attrs
6625 m8 = build_eap_wsc(1, eap_id, attrs)
6626 send_wsc_msg(dev[0], bssid, m8)
6627 eap_id = (eap_id + 1) % 256
6628
6629 ev = dev[0].wait_event(["WPS-CRED-RECEIVED"], timeout=5)
6630 if ev is None:
6631 raise Exception("wpa_supplicant did not report credential")
6632
6633 logger.debug("Receive WSC_Done from STA")
6634 msg = get_wsc_msg(dev[0])
6635 if msg['wsc_opcode'] != WSC_Done or msg['wsc_msg_type'] != WPS_WSC_DONE:
6636 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
6637
6638 logger.debug("Send WSC_Done to AP")
6639 hapd.request("SET ext_eapol_frame_io 0")
6640 dev[0].request("SET ext_eapol_frame_io 0")
6641 send_wsc_msg(hapd, addr, wsc_done)
6642
6643 ev = hapd.wait_event(["WPS-REG-SUCCESS"], timeout=5)
6644 if ev is None:
6645 raise Exception("hostapd did not report WPS success")
6646
6647 dev[0].wait_connected()
6648
6649 def wps_start_kwa(dev, apdev):
6650 pin = "12345670"
6651 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
6652 wps_ext_eap_identity_req(dev[0], hapd, bssid)
6653 wps_ext_eap_identity_resp(hapd, dev[0], addr)
6654 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
6655
6656 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6657 uuid_r = 16*'\x33'
6658 r_nonce = 16*'\x44'
6659 own_private, e_pk = wsc_dh_init()
6660
6661 logger.debug("Receive M1 from STA")
6662 msg, m1_attrs, raw_m1_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M1)
6663 eap_id = (msg['eap_identifier'] + 1) % 256
6664
6665 authkey,keywrapkey = wsc_dh_kdf(m1_attrs[ATTR_PUBLIC_KEY], own_private,
6666 mac_addr, m1_attrs[ATTR_ENROLLEE_NONCE],
6667 r_nonce)
6668 r_s1,r_s2,r_hash1,r_hash2 = wsc_dev_pw_hash(authkey, pin,
6669 m1_attrs[ATTR_PUBLIC_KEY], e_pk)
6670
6671 logger.debug("Send M2 to STA")
6672 m2, raw_m2_attrs = build_m2(authkey, raw_m1_attrs, eap_id,
6673 m1_attrs[ATTR_ENROLLEE_NONCE],
6674 r_nonce, uuid_r, e_pk)
6675 send_wsc_msg(dev[0], bssid, m2)
6676 eap_id = (eap_id + 1) % 256
6677
6678 logger.debug("Receive M3 from STA")
6679 msg, m3_attrs, raw_m3_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M3)
6680
6681 logger.debug("Send M4 to STA")
6682 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6683 attrs += build_attr_msg_type(WPS_M4)
6684 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, m1_attrs[ATTR_ENROLLEE_NONCE])
6685 attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
6686 attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
6687
6688 return r_s1, keywrapkey, authkey, raw_m3_attrs, eap_id, bssid, attrs
6689
6690 def wps_stop_kwa(dev, bssid, attrs, authkey, raw_m3_attrs, eap_id):
6691 attrs += build_attr_authenticator(authkey, raw_m3_attrs, attrs)
6692 m4 = build_eap_wsc(1, eap_id, attrs)
6693 send_wsc_msg(dev[0], bssid, m4)
6694 eap_id = (eap_id + 1) % 256
6695
6696 logger.debug("Receive M5 from STA")
6697 msg = get_wsc_msg(dev[0])
6698 if msg['wsc_opcode'] != WSC_NACK:
6699 raise Exception("Unexpected message - expected WSC_Nack")
6700
6701 dev[0].request("WPS_CANCEL")
6702 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
6703 dev[0].wait_disconnected()
6704
6705 def test_wps_ext_kwa_proto_no_kwa(dev, apdev):
6706 """WPS and KWA error: No KWA attribute"""
6707 r_s1,keywrapkey,authkey,raw_m3_attrs,eap_id,bssid,attrs = wps_start_kwa(dev, apdev)
6708 data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
6709 # Encrypted Settings without KWA
6710 iv = 16*'\x99'
6711 aes = AES.new(keywrapkey, AES.MODE_CBC, iv)
6712 pad_len = 16 - len(data) % 16
6713 ps = pad_len * struct.pack('B', pad_len)
6714 data += ps
6715 wrapped = aes.encrypt(data)
6716 attrs += build_wsc_attr(ATTR_ENCR_SETTINGS, iv + wrapped)
6717 wps_stop_kwa(dev, bssid, attrs, authkey, raw_m3_attrs, eap_id)
6718
6719 def test_wps_ext_kwa_proto_data_after_kwa(dev, apdev):
6720 """WPS and KWA error: Data after KWA"""
6721 r_s1,keywrapkey,authkey,raw_m3_attrs,eap_id,bssid,attrs = wps_start_kwa(dev, apdev)
6722 data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
6723 # Encrypted Settings and data after KWA
6724 m = hmac.new(authkey, data, hashlib.sha256)
6725 kwa = m.digest()[0:8]
6726 data += build_wsc_attr(ATTR_KEY_WRAP_AUTH, kwa)
6727 data += build_wsc_attr(ATTR_VENDOR_EXT, "1234567890")
6728 iv = 16*'\x99'
6729 aes = AES.new(keywrapkey, AES.MODE_CBC, iv)
6730 pad_len = 16 - len(data) % 16
6731 ps = pad_len * struct.pack('B', pad_len)
6732 data += ps
6733 wrapped = aes.encrypt(data)
6734 attrs += build_wsc_attr(ATTR_ENCR_SETTINGS, iv + wrapped)
6735 wps_stop_kwa(dev, bssid, attrs, authkey, raw_m3_attrs, eap_id)
6736
6737 def test_wps_ext_kwa_proto_kwa_mismatch(dev, apdev):
6738 """WPS and KWA error: KWA mismatch"""
6739 r_s1,keywrapkey,authkey,raw_m3_attrs,eap_id,bssid,attrs = wps_start_kwa(dev, apdev)
6740 data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
6741 # Encrypted Settings and KWA with incorrect value
6742 data += build_wsc_attr(ATTR_KEY_WRAP_AUTH, 8*'\x00')
6743 iv = 16*'\x99'
6744 aes = AES.new(keywrapkey, AES.MODE_CBC, iv)
6745 pad_len = 16 - len(data) % 16
6746 ps = pad_len * struct.pack('B', pad_len)
6747 data += ps
6748 wrapped = aes.encrypt(data)
6749 attrs += build_wsc_attr(ATTR_ENCR_SETTINGS, iv + wrapped)
6750 wps_stop_kwa(dev, bssid, attrs, authkey, raw_m3_attrs, eap_id)
6751
6752 def wps_run_cred_proto(dev, apdev, m8_cred, connect=False, no_connect=False):
6753 pin = "12345670"
6754 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
6755 wps_ext_eap_identity_req(dev[0], hapd, bssid)
6756 wps_ext_eap_identity_resp(hapd, dev[0], addr)
6757 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
6758
6759 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6760 uuid_r = 16*'\x33'
6761 r_nonce = 16*'\x44'
6762 own_private, e_pk = wsc_dh_init()
6763
6764 logger.debug("Receive M1 from STA")
6765 msg, m1_attrs, raw_m1_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M1)
6766 eap_id = (msg['eap_identifier'] + 1) % 256
6767
6768 authkey,keywrapkey = wsc_dh_kdf(m1_attrs[ATTR_PUBLIC_KEY], own_private,
6769 mac_addr, m1_attrs[ATTR_ENROLLEE_NONCE],
6770 r_nonce)
6771 r_s1,r_s2,r_hash1,r_hash2 = wsc_dev_pw_hash(authkey, pin,
6772 m1_attrs[ATTR_PUBLIC_KEY], e_pk)
6773
6774 logger.debug("Send M2 to STA")
6775 m2, raw_m2_attrs = build_m2(authkey, raw_m1_attrs, eap_id,
6776 m1_attrs[ATTR_ENROLLEE_NONCE],
6777 r_nonce, uuid_r, e_pk)
6778 send_wsc_msg(dev[0], bssid, m2)
6779 eap_id = (eap_id + 1) % 256
6780
6781 logger.debug("Receive M3 from STA")
6782 msg, m3_attrs, raw_m3_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M3)
6783
6784 logger.debug("Send M4 to STA")
6785 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6786 attrs += build_attr_msg_type(WPS_M4)
6787 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, m1_attrs[ATTR_ENROLLEE_NONCE])
6788 attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
6789 attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
6790 data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
6791 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
6792 attrs += build_attr_authenticator(authkey, raw_m3_attrs, attrs)
6793 raw_m4_attrs = attrs
6794 m4 = build_eap_wsc(1, eap_id, attrs)
6795 send_wsc_msg(dev[0], bssid, m4)
6796 eap_id = (eap_id + 1) % 256
6797
6798 logger.debug("Receive M5 from STA")
6799 msg, m5_attrs, raw_m5_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M5)
6800
6801 logger.debug("Send M6 to STA")
6802 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6803 attrs += build_attr_msg_type(WPS_M6)
6804 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE,
6805 m1_attrs[ATTR_ENROLLEE_NONCE])
6806 data = build_wsc_attr(ATTR_R_SNONCE2, r_s2)
6807 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
6808 attrs += build_attr_authenticator(authkey, raw_m5_attrs, attrs)
6809 raw_m6_attrs = attrs
6810 m6 = build_eap_wsc(1, eap_id, attrs)
6811 send_wsc_msg(dev[0], bssid, m6)
6812 eap_id = (eap_id + 1) % 256
6813
6814 logger.debug("Receive M7 from STA")
6815 msg, m7_attrs, raw_m7_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M7)
6816
6817 logger.debug("Send M8 to STA")
6818 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
6819 attrs += build_attr_msg_type(WPS_M8)
6820 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE,
6821 m1_attrs[ATTR_ENROLLEE_NONCE])
6822 attrs += build_attr_encr_settings(authkey, keywrapkey, m8_cred)
6823 attrs += build_attr_authenticator(authkey, raw_m7_attrs, attrs)
6824 raw_m8_attrs = attrs
6825 m8 = build_eap_wsc(1, eap_id, attrs)
6826 send_wsc_msg(dev[0], bssid, m8)
6827 eap_id = (eap_id + 1) % 256
6828
6829 if no_connect:
6830 logger.debug("Receive WSC_Done from STA")
6831 msg = get_wsc_msg(dev[0])
6832 if msg['wsc_opcode'] != WSC_Done or msg['wsc_msg_type'] != WPS_WSC_DONE:
6833 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
6834
6835 hapd.request("SET ext_eapol_frame_io 0")
6836 dev[0].request("SET ext_eapol_frame_io 0")
6837
6838 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
6839
6840 dev[0].wait_disconnected()
6841 dev[0].request("REMOVE_NETWORK all")
6842 elif connect:
6843 logger.debug("Receive WSC_Done from STA")
6844 msg = get_wsc_msg(dev[0])
6845 if msg['wsc_opcode'] != WSC_Done or msg['wsc_msg_type'] != WPS_WSC_DONE:
6846 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
6847
6848 hapd.request("SET ext_eapol_frame_io 0")
6849 dev[0].request("SET ext_eapol_frame_io 0")
6850
6851 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
6852
6853 dev[0].wait_connected()
6854 else:
6855 # Verify STA NACK's the credential
6856 msg = get_wsc_msg(dev[0])
6857 if msg['wsc_opcode'] != WSC_NACK:
6858 raise Exception("Unexpected message - expected WSC_Nack")
6859 dev[0].request("WPS_CANCEL")
6860 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
6861 dev[0].wait_disconnected()
6862
6863 def build_cred(nw_idx='\x01', ssid='test-wps-conf', auth_type='\x00\x20',
6864 encr_type='\x00\x08', nw_key="12345678",
6865 mac_addr='\x00\x00\x00\x00\x00\x00'):
6866 attrs = ''
6867 if nw_idx is not None:
6868 attrs += build_wsc_attr(ATTR_NETWORK_INDEX, nw_idx)
6869 if ssid is not None:
6870 attrs += build_wsc_attr(ATTR_SSID, ssid)
6871 if auth_type is not None:
6872 attrs += build_wsc_attr(ATTR_AUTH_TYPE, auth_type)
6873 if encr_type is not None:
6874 attrs += build_wsc_attr(ATTR_ENCR_TYPE, encr_type)
6875 if nw_key is not None:
6876 attrs += build_wsc_attr(ATTR_NETWORK_KEY, nw_key)
6877 if mac_addr is not None:
6878 attrs += build_wsc_attr(ATTR_MAC_ADDR, mac_addr)
6879 return build_wsc_attr(ATTR_CRED, attrs)
6880
6881 def test_wps_ext_cred_proto_success(dev, apdev):
6882 """WPS and Credential: success"""
6883 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6884 m8_cred = build_cred(mac_addr=mac_addr)
6885 wps_run_cred_proto(dev, apdev, m8_cred, connect=True)
6886
6887 def test_wps_ext_cred_proto_mac_addr_mismatch(dev, apdev):
6888 """WPS and Credential: MAC Address mismatch"""
6889 m8_cred = build_cred()
6890 wps_run_cred_proto(dev, apdev, m8_cred, connect=True)
6891
6892 def test_wps_ext_cred_proto_zero_padding(dev, apdev):
6893 """WPS and Credential: zeropadded attributes"""
6894 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6895 m8_cred = build_cred(mac_addr=mac_addr, ssid='test-wps-conf\x00',
6896 nw_key="12345678\x00")
6897 wps_run_cred_proto(dev, apdev, m8_cred, connect=True)
6898
6899 def test_wps_ext_cred_proto_ssid_missing(dev, apdev):
6900 """WPS and Credential: SSID missing"""
6901 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6902 m8_cred = build_cred(mac_addr=mac_addr, ssid=None)
6903 wps_run_cred_proto(dev, apdev, m8_cred)
6904
6905 def test_wps_ext_cred_proto_ssid_zero_len(dev, apdev):
6906 """WPS and Credential: Zero-length SSID"""
6907 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6908 m8_cred = build_cred(mac_addr=mac_addr, ssid="")
6909 wps_run_cred_proto(dev, apdev, m8_cred, no_connect=True)
6910
6911 def test_wps_ext_cred_proto_auth_type_missing(dev, apdev):
6912 """WPS and Credential: Auth Type missing"""
6913 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6914 m8_cred = build_cred(mac_addr=mac_addr, auth_type=None)
6915 wps_run_cred_proto(dev, apdev, m8_cred)
6916
6917 def test_wps_ext_cred_proto_encr_type_missing(dev, apdev):
6918 """WPS and Credential: Encr Type missing"""
6919 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6920 m8_cred = build_cred(mac_addr=mac_addr, encr_type=None)
6921 wps_run_cred_proto(dev, apdev, m8_cred)
6922
6923 def test_wps_ext_cred_proto_network_key_missing(dev, apdev):
6924 """WPS and Credential: Network Key missing"""
6925 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6926 m8_cred = build_cred(mac_addr=mac_addr, nw_key=None)
6927 wps_run_cred_proto(dev, apdev, m8_cred)
6928
6929 def test_wps_ext_cred_proto_network_key_missing_open(dev, apdev):
6930 """WPS and Credential: Network Key missing (open)"""
6931 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6932 m8_cred = build_cred(mac_addr=mac_addr, auth_type='\x00\x01',
6933 encr_type='\x00\x01', nw_key=None, ssid="foo")
6934 wps_run_cred_proto(dev, apdev, m8_cred, no_connect=True)
6935
6936 def test_wps_ext_cred_proto_mac_addr_missing(dev, apdev):
6937 """WPS and Credential: MAC Address missing"""
6938 m8_cred = build_cred(mac_addr=None)
6939 wps_run_cred_proto(dev, apdev, m8_cred)
6940
6941 def test_wps_ext_cred_proto_invalid_encr_type(dev, apdev):
6942 """WPS and Credential: Invalid Encr Type"""
6943 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6944 m8_cred = build_cred(mac_addr=mac_addr, encr_type='\x00\x00')
6945 wps_run_cred_proto(dev, apdev, m8_cred)
6946
6947 def test_wps_ext_cred_proto_missing_cred(dev, apdev):
6948 """WPS and Credential: Missing Credential"""
6949 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6950 m8_cred = ''
6951 wps_run_cred_proto(dev, apdev, m8_cred)
6952
6953 def test_wps_ext_proto_m2_no_public_key(dev, apdev):
6954 """WPS and no Public Key in M2"""
6955 pin = "12345670"
6956 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
6957 wps_ext_eap_identity_req(dev[0], hapd, bssid)
6958 wps_ext_eap_identity_resp(hapd, dev[0], addr)
6959 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
6960
6961 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
6962 uuid_r = 16*'\x33'
6963 r_nonce = 16*'\x44'
6964 own_private, e_pk = wsc_dh_init()
6965
6966 logger.debug("Receive M1 from STA")
6967 msg, m1_attrs, raw_m1_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M1)
6968 eap_id = (msg['eap_identifier'] + 1) % 256
6969
6970 authkey,keywrapkey = wsc_dh_kdf(m1_attrs[ATTR_PUBLIC_KEY], own_private,
6971 mac_addr, m1_attrs[ATTR_ENROLLEE_NONCE],
6972 r_nonce)
6973 r_s1,r_s2,r_hash1,r_hash2 = wsc_dev_pw_hash(authkey, pin,
6974 m1_attrs[ATTR_PUBLIC_KEY], e_pk)
6975
6976 logger.debug("Send M2 to STA")
6977 m2, raw_m2_attrs = build_m2(authkey, raw_m1_attrs, eap_id,
6978 m1_attrs[ATTR_ENROLLEE_NONCE],
6979 r_nonce, uuid_r, None)
6980 send_wsc_msg(dev[0], bssid, m2)
6981 eap_id = (eap_id + 1) % 256
6982
6983 # Verify STA NACK's the credential
6984 msg = get_wsc_msg(dev[0])
6985 if msg['wsc_opcode'] != WSC_NACK:
6986 raise Exception("Unexpected message - expected WSC_Nack")
6987 dev[0].request("WPS_CANCEL")
6988 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
6989 dev[0].wait_disconnected()
6990
6991 def test_wps_ext_proto_m2_invalid_public_key(dev, apdev):
6992 """WPS and invalid Public Key in M2"""
6993 pin = "12345670"
6994 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
6995 wps_ext_eap_identity_req(dev[0], hapd, bssid)
6996 wps_ext_eap_identity_resp(hapd, dev[0], addr)
6997 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
6998
6999 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
7000 uuid_r = 16*'\x33'
7001 r_nonce = 16*'\x44'
7002 own_private, e_pk = wsc_dh_init()
7003
7004 logger.debug("Receive M1 from STA")
7005 msg, m1_attrs, raw_m1_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M1)
7006 eap_id = (msg['eap_identifier'] + 1) % 256
7007
7008 authkey,keywrapkey = wsc_dh_kdf(m1_attrs[ATTR_PUBLIC_KEY], own_private,
7009 mac_addr, m1_attrs[ATTR_ENROLLEE_NONCE],
7010 r_nonce)
7011 r_s1,r_s2,r_hash1,r_hash2 = wsc_dev_pw_hash(authkey, pin,
7012 m1_attrs[ATTR_PUBLIC_KEY], e_pk)
7013
7014 logger.debug("Send M2 to STA")
7015 m2, raw_m2_attrs = build_m2(authkey, raw_m1_attrs, eap_id,
7016 m1_attrs[ATTR_ENROLLEE_NONCE],
7017 r_nonce, uuid_r, 192*'\xff')
7018 send_wsc_msg(dev[0], bssid, m2)
7019 eap_id = (eap_id + 1) % 256
7020
7021 # Verify STA NACK's the credential
7022 msg = get_wsc_msg(dev[0])
7023 if msg['wsc_opcode'] != WSC_NACK:
7024 raise Exception("Unexpected message - expected WSC_Nack")
7025 dev[0].request("WPS_CANCEL")
7026 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
7027 dev[0].wait_disconnected()
7028
7029 def test_wps_ext_proto_m2_public_key_oom(dev, apdev):
7030 """WPS and Public Key OOM in M2"""
7031 pin = "12345670"
7032 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
7033 wps_ext_eap_identity_req(dev[0], hapd, bssid)
7034 wps_ext_eap_identity_resp(hapd, dev[0], addr)
7035 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
7036
7037 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
7038 uuid_r = 16*'\x33'
7039 r_nonce = 16*'\x44'
7040 own_private, e_pk = wsc_dh_init()
7041
7042 logger.debug("Receive M1 from STA")
7043 msg, m1_attrs, raw_m1_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M1)
7044 eap_id = (msg['eap_identifier'] + 1) % 256
7045
7046 authkey,keywrapkey = wsc_dh_kdf(m1_attrs[ATTR_PUBLIC_KEY], own_private,
7047 mac_addr, m1_attrs[ATTR_ENROLLEE_NONCE],
7048 r_nonce)
7049 r_s1,r_s2,r_hash1,r_hash2 = wsc_dev_pw_hash(authkey, pin,
7050 m1_attrs[ATTR_PUBLIC_KEY], e_pk)
7051
7052 logger.debug("Send M2 to STA")
7053 m2, raw_m2_attrs = build_m2(authkey, raw_m1_attrs, eap_id,
7054 m1_attrs[ATTR_ENROLLEE_NONCE],
7055 r_nonce, uuid_r, e_pk)
7056 with alloc_fail(dev[0], 1, "wpabuf_alloc_copy;wps_process_pubkey"):
7057 send_wsc_msg(dev[0], bssid, m2)
7058 eap_id = (eap_id + 1) % 256
7059
7060 # Verify STA NACK's the credential
7061 msg = get_wsc_msg(dev[0])
7062 if msg['wsc_opcode'] != WSC_NACK:
7063 raise Exception("Unexpected message - expected WSC_Nack")
7064 dev[0].request("WPS_CANCEL")
7065 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
7066 dev[0].wait_disconnected()
7067
7068 def test_wps_ext_proto_nack_m3(dev, apdev):
7069 """WPS and NACK M3"""
7070 pin = "12345670"
7071 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
7072 wps_ext_eap_identity_req(dev[0], hapd, bssid)
7073 wps_ext_eap_identity_resp(hapd, dev[0], addr)
7074 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
7075
7076 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
7077 uuid_r = 16*'\x33'
7078 r_nonce = 16*'\x44'
7079 own_private, e_pk = wsc_dh_init()
7080
7081 logger.debug("Receive M1 from STA")
7082 msg, m1_attrs, raw_m1_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M1)
7083 eap_id = (msg['eap_identifier'] + 1) % 256
7084
7085 authkey,keywrapkey = wsc_dh_kdf(m1_attrs[ATTR_PUBLIC_KEY], own_private,
7086 mac_addr, m1_attrs[ATTR_ENROLLEE_NONCE],
7087 r_nonce)
7088 r_s1,r_s2,r_hash1,r_hash2 = wsc_dev_pw_hash(authkey, pin,
7089 m1_attrs[ATTR_PUBLIC_KEY], e_pk)
7090
7091 logger.debug("Send M2 to STA")
7092 m2, raw_m2_attrs = build_m2(authkey, raw_m1_attrs, eap_id,
7093 m1_attrs[ATTR_ENROLLEE_NONCE],
7094 r_nonce, uuid_r, e_pk)
7095 send_wsc_msg(dev[0], bssid, m2)
7096 eap_id = (eap_id + 1) % 256
7097
7098 logger.debug("Receive M3 from STA")
7099 msg, m3_attrs, raw_m3_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M3)
7100
7101 logger.debug("Send NACK to STA")
7102 msg, attrs = build_nack(eap_id, m1_attrs[ATTR_ENROLLEE_NONCE],
7103 r_nonce, config_error='\x01\x23')
7104 send_wsc_msg(dev[0], bssid, msg)
7105 ev = dev[0].wait_event(["WPS-FAIL"], timeout=5)
7106 if ev is None:
7107 raise Exception("Failure not reported")
7108 if "msg=7 config_error=291" not in ev:
7109 raise Exception("Unexpected failure reason: " + ev)
7110
7111 def test_wps_ext_proto_nack_m5(dev, apdev):
7112 """WPS and NACK M5"""
7113 pin = "12345670"
7114 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
7115 wps_ext_eap_identity_req(dev[0], hapd, bssid)
7116 wps_ext_eap_identity_resp(hapd, dev[0], addr)
7117 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
7118
7119 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
7120 uuid_r = 16*'\x33'
7121 r_nonce = 16*'\x44'
7122 own_private, e_pk = wsc_dh_init()
7123
7124 logger.debug("Receive M1 from STA")
7125 msg, m1_attrs, raw_m1_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M1)
7126 eap_id = (msg['eap_identifier'] + 1) % 256
7127
7128 authkey,keywrapkey = wsc_dh_kdf(m1_attrs[ATTR_PUBLIC_KEY], own_private,
7129 mac_addr, m1_attrs[ATTR_ENROLLEE_NONCE],
7130 r_nonce)
7131 r_s1,r_s2,r_hash1,r_hash2 = wsc_dev_pw_hash(authkey, pin,
7132 m1_attrs[ATTR_PUBLIC_KEY], e_pk)
7133
7134 logger.debug("Send M2 to STA")
7135 m2, raw_m2_attrs = build_m2(authkey, raw_m1_attrs, eap_id,
7136 m1_attrs[ATTR_ENROLLEE_NONCE],
7137 r_nonce, uuid_r, e_pk)
7138 send_wsc_msg(dev[0], bssid, m2)
7139 eap_id = (eap_id + 1) % 256
7140
7141 logger.debug("Receive M3 from STA")
7142 msg, m3_attrs, raw_m3_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M3)
7143
7144 logger.debug("Send M4 to STA")
7145 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7146 attrs += build_attr_msg_type(WPS_M4)
7147 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, m1_attrs[ATTR_ENROLLEE_NONCE])
7148 attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
7149 attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
7150 data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
7151 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7152 attrs += build_attr_authenticator(authkey, raw_m3_attrs, attrs)
7153 raw_m4_attrs = attrs
7154 m4 = build_eap_wsc(1, eap_id, attrs)
7155 send_wsc_msg(dev[0], bssid, m4)
7156 eap_id = (eap_id + 1) % 256
7157
7158 logger.debug("Receive M5 from STA")
7159 msg, m5_attrs, raw_m5_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M5)
7160
7161 logger.debug("Send NACK to STA")
7162 msg, attrs = build_nack(eap_id, m1_attrs[ATTR_ENROLLEE_NONCE],
7163 r_nonce, config_error='\x01\x24')
7164 send_wsc_msg(dev[0], bssid, msg)
7165 ev = dev[0].wait_event(["WPS-FAIL"], timeout=5)
7166 if ev is None:
7167 raise Exception("Failure not reported")
7168 if "msg=9 config_error=292" not in ev:
7169 raise Exception("Unexpected failure reason: " + ev)
7170
7171 def wps_nack_m3(dev, apdev):
7172 pin = "00000000"
7173 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pbc=True)
7174 wps_ext_eap_identity_req(dev[0], hapd, bssid)
7175 wps_ext_eap_identity_resp(hapd, dev[0], addr)
7176 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
7177
7178 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
7179 uuid_r = 16*'\x33'
7180 r_nonce = 16*'\x44'
7181 own_private, e_pk = wsc_dh_init()
7182
7183 logger.debug("Receive M1 from STA")
7184 msg, m1_attrs, raw_m1_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M1)
7185 eap_id = (msg['eap_identifier'] + 1) % 256
7186
7187 authkey,keywrapkey = wsc_dh_kdf(m1_attrs[ATTR_PUBLIC_KEY], own_private,
7188 mac_addr, m1_attrs[ATTR_ENROLLEE_NONCE],
7189 r_nonce)
7190 r_s1,r_s2,r_hash1,r_hash2 = wsc_dev_pw_hash(authkey, pin,
7191 m1_attrs[ATTR_PUBLIC_KEY], e_pk)
7192
7193 logger.debug("Send M2 to STA")
7194 m2, raw_m2_attrs = build_m2(authkey, raw_m1_attrs, eap_id,
7195 m1_attrs[ATTR_ENROLLEE_NONCE],
7196 r_nonce, uuid_r, e_pk, dev_pw_id='\x00\x04')
7197 send_wsc_msg(dev[0], bssid, m2)
7198 eap_id = (eap_id + 1) % 256
7199
7200 logger.debug("Receive M3 from STA")
7201 msg, m3_attrs, raw_m3_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M3)
7202 return eap_id, m1_attrs[ATTR_ENROLLEE_NONCE], r_nonce, bssid
7203
7204 def test_wps_ext_proto_nack_m3_no_config_error(dev, apdev):
7205 """WPS and NACK M3 missing Config Error"""
7206 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7207 logger.debug("Send NACK to STA")
7208 msg, attrs = build_nack(eap_id, e_nonce, r_nonce, config_error=None)
7209 send_wsc_msg(dev[0], bssid, msg)
7210 dev[0].request("WPS_CANCEL")
7211 dev[0].wait_disconnected()
7212 dev[0].flush_scan_cache()
7213
7214 def test_wps_ext_proto_nack_m3_no_e_nonce(dev, apdev):
7215 """WPS and NACK M3 missing E-Nonce"""
7216 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7217 logger.debug("Send NACK to STA")
7218 msg, attrs = build_nack(eap_id, None, r_nonce)
7219 send_wsc_msg(dev[0], bssid, msg)
7220 dev[0].request("WPS_CANCEL")
7221 dev[0].wait_disconnected()
7222 dev[0].flush_scan_cache()
7223
7224 def test_wps_ext_proto_nack_m3_e_nonce_mismatch(dev, apdev):
7225 """WPS and NACK M3 E-Nonce mismatch"""
7226 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7227 logger.debug("Send NACK to STA")
7228 msg, attrs = build_nack(eap_id, 16*'\x00', r_nonce)
7229 send_wsc_msg(dev[0], bssid, msg)
7230 dev[0].request("WPS_CANCEL")
7231 dev[0].wait_disconnected()
7232 dev[0].flush_scan_cache()
7233
7234 def test_wps_ext_proto_nack_m3_no_r_nonce(dev, apdev):
7235 """WPS and NACK M3 missing R-Nonce"""
7236 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7237 logger.debug("Send NACK to STA")
7238 msg, attrs = build_nack(eap_id, e_nonce, None)
7239 send_wsc_msg(dev[0], bssid, msg)
7240 dev[0].request("WPS_CANCEL")
7241 dev[0].wait_disconnected()
7242 dev[0].flush_scan_cache()
7243
7244 def test_wps_ext_proto_nack_m3_r_nonce_mismatch(dev, apdev):
7245 """WPS and NACK M3 R-Nonce mismatch"""
7246 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7247 logger.debug("Send NACK to STA")
7248 msg, attrs = build_nack(eap_id, e_nonce, 16*'\x00')
7249 send_wsc_msg(dev[0], bssid, msg)
7250 dev[0].request("WPS_CANCEL")
7251 dev[0].wait_disconnected()
7252 dev[0].flush_scan_cache()
7253
7254 def test_wps_ext_proto_nack_m3_no_msg_type(dev, apdev):
7255 """WPS and NACK M3 no Message Type"""
7256 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7257 logger.debug("Send NACK to STA")
7258 msg, attrs = build_nack(eap_id, e_nonce, r_nonce, msg_type=None)
7259 send_wsc_msg(dev[0], bssid, msg)
7260 dev[0].request("WPS_CANCEL")
7261 dev[0].wait_disconnected()
7262 dev[0].flush_scan_cache()
7263
7264 def test_wps_ext_proto_nack_m3_invalid_msg_type(dev, apdev):
7265 """WPS and NACK M3 invalid Message Type"""
7266 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7267 logger.debug("Send NACK to STA")
7268 msg, attrs = build_nack(eap_id, e_nonce, r_nonce, msg_type=123)
7269 send_wsc_msg(dev[0], bssid, msg)
7270 dev[0].request("WPS_CANCEL")
7271 dev[0].wait_disconnected()
7272 dev[0].flush_scan_cache()
7273
7274 def test_wps_ext_proto_nack_m3_invalid_attr(dev, apdev):
7275 """WPS and NACK M3 invalid attribute"""
7276 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7277 logger.debug("Send NACK to STA")
7278 attrs = '\x10\x10\x00'
7279 msg = build_eap_wsc(1, eap_id, attrs, opcode=WSC_NACK)
7280 send_wsc_msg(dev[0], bssid, msg)
7281 dev[0].request("WPS_CANCEL")
7282 dev[0].wait_disconnected()
7283 dev[0].flush_scan_cache()
7284
7285 def test_wps_ext_proto_ack_m3_no_e_nonce(dev, apdev):
7286 """WPS and ACK M3 missing E-Nonce"""
7287 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7288 logger.debug("Send NACK to STA")
7289 msg, attrs = build_ack(eap_id, None, r_nonce)
7290 send_wsc_msg(dev[0], bssid, msg)
7291 dev[0].request("WPS_CANCEL")
7292 dev[0].wait_disconnected()
7293 dev[0].flush_scan_cache()
7294
7295 def test_wps_ext_proto_ack_m3_e_nonce_mismatch(dev, apdev):
7296 """WPS and ACK M3 E-Nonce mismatch"""
7297 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7298 logger.debug("Send NACK to STA")
7299 msg, attrs = build_ack(eap_id, 16*'\x00', r_nonce)
7300 send_wsc_msg(dev[0], bssid, msg)
7301 dev[0].request("WPS_CANCEL")
7302 dev[0].wait_disconnected()
7303 dev[0].flush_scan_cache()
7304
7305 def test_wps_ext_proto_ack_m3_no_r_nonce(dev, apdev):
7306 """WPS and ACK M3 missing R-Nonce"""
7307 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7308 logger.debug("Send NACK to STA")
7309 msg, attrs = build_ack(eap_id, e_nonce, None)
7310 send_wsc_msg(dev[0], bssid, msg)
7311 dev[0].request("WPS_CANCEL")
7312 dev[0].wait_disconnected()
7313 dev[0].flush_scan_cache()
7314
7315 def test_wps_ext_proto_ack_m3_r_nonce_mismatch(dev, apdev):
7316 """WPS and ACK M3 R-Nonce mismatch"""
7317 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7318 logger.debug("Send NACK to STA")
7319 msg, attrs = build_ack(eap_id, e_nonce, 16*'\x00')
7320 send_wsc_msg(dev[0], bssid, msg)
7321 dev[0].request("WPS_CANCEL")
7322 dev[0].wait_disconnected()
7323 dev[0].flush_scan_cache()
7324
7325 def test_wps_ext_proto_ack_m3_no_msg_type(dev, apdev):
7326 """WPS and ACK M3 no Message Type"""
7327 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7328 logger.debug("Send NACK to STA")
7329 msg, attrs = build_ack(eap_id, e_nonce, r_nonce, msg_type=None)
7330 send_wsc_msg(dev[0], bssid, msg)
7331 dev[0].request("WPS_CANCEL")
7332 dev[0].wait_disconnected()
7333 dev[0].flush_scan_cache()
7334
7335 def test_wps_ext_proto_ack_m3_invalid_msg_type(dev, apdev):
7336 """WPS and ACK M3 invalid Message Type"""
7337 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7338 logger.debug("Send NACK to STA")
7339 msg, attrs = build_ack(eap_id, e_nonce, r_nonce, msg_type=123)
7340 send_wsc_msg(dev[0], bssid, msg)
7341 dev[0].request("WPS_CANCEL")
7342 dev[0].wait_disconnected()
7343 dev[0].flush_scan_cache()
7344
7345 def test_wps_ext_proto_ack_m3_invalid_attr(dev, apdev):
7346 """WPS and ACK M3 invalid attribute"""
7347 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7348 logger.debug("Send ACK to STA")
7349 attrs = '\x10\x10\x00'
7350 msg = build_eap_wsc(1, eap_id, attrs, opcode=WSC_ACK)
7351 send_wsc_msg(dev[0], bssid, msg)
7352 dev[0].request("WPS_CANCEL")
7353 dev[0].wait_disconnected()
7354 dev[0].flush_scan_cache()
7355
7356 def test_wps_ext_proto_ack_m3(dev, apdev):
7357 """WPS and ACK M3"""
7358 eap_id, e_nonce, r_nonce, bssid = wps_nack_m3(dev, apdev)
7359 logger.debug("Send ACK to STA")
7360 msg, attrs = build_ack(eap_id, e_nonce, r_nonce)
7361 send_wsc_msg(dev[0], bssid, msg)
7362 dev[0].request("WPS_CANCEL")
7363 dev[0].wait_disconnected()
7364 dev[0].flush_scan_cache()
7365
7366 def wps_to_m3_helper(dev, apdev):
7367 pin = "12345670"
7368 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
7369 wps_ext_eap_identity_req(dev[0], hapd, bssid)
7370 wps_ext_eap_identity_resp(hapd, dev[0], addr)
7371 wps_ext_eap_wsc(dev[0], hapd, bssid, "EAP-WSC/Start")
7372
7373 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
7374 uuid_r = 16*'\x33'
7375 r_nonce = 16*'\x44'
7376 own_private, e_pk = wsc_dh_init()
7377
7378 logger.debug("Receive M1 from STA")
7379 msg, m1_attrs, raw_m1_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M1)
7380 eap_id = (msg['eap_identifier'] + 1) % 256
7381
7382 authkey,keywrapkey = wsc_dh_kdf(m1_attrs[ATTR_PUBLIC_KEY], own_private,
7383 mac_addr, m1_attrs[ATTR_ENROLLEE_NONCE],
7384 r_nonce)
7385 r_s1,r_s2,r_hash1,r_hash2 = wsc_dev_pw_hash(authkey, pin,
7386 m1_attrs[ATTR_PUBLIC_KEY], e_pk)
7387
7388 logger.debug("Send M2 to STA")
7389 m2, raw_m2_attrs = build_m2(authkey, raw_m1_attrs, eap_id,
7390 m1_attrs[ATTR_ENROLLEE_NONCE],
7391 r_nonce, uuid_r, e_pk)
7392 send_wsc_msg(dev[0], bssid, m2)
7393 eap_id = (eap_id + 1) % 256
7394
7395 logger.debug("Receive M3 from STA")
7396 msg, m3_attrs, raw_m3_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M3)
7397 return eap_id, m1_attrs, r_nonce, bssid, r_hash1, r_hash2, r_s1, r_s2, raw_m3_attrs, authkey, keywrapkey
7398
7399 def wps_to_m3(dev, apdev):
7400 eap_id, m1_attrs, r_nonce, bssid, r_hash1, r_hash2, r_s1, r_s2, raw_m3_attrs, authkey, keywrapkey = wps_to_m3_helper(dev, apdev)
7401 return eap_id, m1_attrs[ATTR_ENROLLEE_NONCE], r_nonce, bssid, r_hash1, r_hash2, r_s1, raw_m3_attrs, authkey, keywrapkey
7402
7403 def wps_to_m5(dev, apdev):
7404 eap_id, m1_attrs, r_nonce, bssid, r_hash1, r_hash2, r_s1, r_s2, raw_m3_attrs, authkey, keywrapkey = wps_to_m3_helper(dev, apdev)
7405
7406 logger.debug("Send M4 to STA")
7407 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7408 attrs += build_attr_msg_type(WPS_M4)
7409 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, m1_attrs[ATTR_ENROLLEE_NONCE])
7410 attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
7411 attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
7412 data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
7413 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7414 attrs += build_attr_authenticator(authkey, raw_m3_attrs, attrs)
7415 raw_m4_attrs = attrs
7416 m4 = build_eap_wsc(1, eap_id, attrs)
7417 send_wsc_msg(dev[0], bssid, m4)
7418 eap_id = (eap_id + 1) % 256
7419
7420 logger.debug("Receive M5 from STA")
7421 msg, m5_attrs, raw_m5_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M5)
7422
7423 return eap_id, m1_attrs[ATTR_ENROLLEE_NONCE], r_nonce, bssid, r_hash1, r_hash2, r_s2, raw_m5_attrs, authkey, keywrapkey
7424
7425 def test_wps_ext_proto_m4_missing_r_hash1(dev, apdev):
7426 """WPS and no R-Hash1 in M4"""
7427 eap_id, e_nonce, r_nonce, bssid, r_hash1, r_hash2, r_s1, m3, authkey, keywrapkey = wps_to_m3(dev, apdev)
7428
7429 logger.debug("Send M4 to STA")
7430 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7431 attrs += build_attr_msg_type(WPS_M4)
7432 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
7433 #attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
7434 attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
7435 data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
7436 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7437 attrs += build_attr_authenticator(authkey, m3, attrs)
7438 m4 = build_eap_wsc(1, eap_id, attrs)
7439 send_wsc_msg(dev[0], bssid, m4)
7440 eap_id = (eap_id + 1) % 256
7441
7442 logger.debug("Receive M5 (NACK) from STA")
7443 msg = get_wsc_msg(dev[0])
7444 if msg['wsc_opcode'] != WSC_NACK:
7445 raise Exception("Unexpected message - expected WSC_Nack")
7446
7447 dev[0].request("WPS_CANCEL")
7448 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
7449 dev[0].wait_disconnected()
7450
7451 def test_wps_ext_proto_m4_missing_r_hash2(dev, apdev):
7452 """WPS and no R-Hash2 in M4"""
7453 eap_id, e_nonce, r_nonce, bssid, r_hash1, r_hash2, r_s1, m3, authkey, keywrapkey = wps_to_m3(dev, apdev)
7454
7455 logger.debug("Send M4 to STA")
7456 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7457 attrs += build_attr_msg_type(WPS_M4)
7458 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
7459 attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
7460 #attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
7461 data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
7462 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7463 attrs += build_attr_authenticator(authkey, m3, attrs)
7464 m4 = build_eap_wsc(1, eap_id, attrs)
7465 send_wsc_msg(dev[0], bssid, m4)
7466 eap_id = (eap_id + 1) % 256
7467
7468 logger.debug("Receive M5 (NACK) from STA")
7469 msg = get_wsc_msg(dev[0])
7470 if msg['wsc_opcode'] != WSC_NACK:
7471 raise Exception("Unexpected message - expected WSC_Nack")
7472
7473 dev[0].request("WPS_CANCEL")
7474 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
7475 dev[0].wait_disconnected()
7476
7477 def test_wps_ext_proto_m4_missing_r_snonce1(dev, apdev):
7478 """WPS and no R-SNonce1 in M4"""
7479 eap_id, e_nonce, r_nonce, bssid, r_hash1, r_hash2, r_s1, m3, authkey, keywrapkey = wps_to_m3(dev, apdev)
7480
7481 logger.debug("Send M4 to STA")
7482 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7483 attrs += build_attr_msg_type(WPS_M4)
7484 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
7485 attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
7486 attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
7487 #data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
7488 data = ''
7489 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7490 attrs += build_attr_authenticator(authkey, m3, attrs)
7491 m4 = build_eap_wsc(1, eap_id, attrs)
7492 send_wsc_msg(dev[0], bssid, m4)
7493 eap_id = (eap_id + 1) % 256
7494
7495 logger.debug("Receive M5 (NACK) from STA")
7496 msg = get_wsc_msg(dev[0])
7497 if msg['wsc_opcode'] != WSC_NACK:
7498 raise Exception("Unexpected message - expected WSC_Nack")
7499
7500 dev[0].request("WPS_CANCEL")
7501 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
7502 dev[0].wait_disconnected()
7503
7504 def test_wps_ext_proto_m4_invalid_pad_string(dev, apdev):
7505 """WPS and invalid pad string in M4"""
7506 eap_id, e_nonce, r_nonce, bssid, r_hash1, r_hash2, r_s1, m3, authkey, keywrapkey = wps_to_m3(dev, apdev)
7507
7508 logger.debug("Send M4 to STA")
7509 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7510 attrs += build_attr_msg_type(WPS_M4)
7511 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
7512 attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
7513 attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
7514 data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
7515
7516 m = hmac.new(authkey, data, hashlib.sha256)
7517 kwa = m.digest()[0:8]
7518 data += build_wsc_attr(ATTR_KEY_WRAP_AUTH, kwa)
7519 iv = 16*'\x99'
7520 aes = AES.new(keywrapkey, AES.MODE_CBC, iv)
7521 pad_len = 16 - len(data) % 16
7522 ps = (pad_len - 1) * struct.pack('B', pad_len) + struct.pack('B', pad_len - 1)
7523 data += ps
7524 wrapped = aes.encrypt(data)
7525 attrs += build_wsc_attr(ATTR_ENCR_SETTINGS, iv + wrapped)
7526
7527 attrs += build_attr_authenticator(authkey, m3, attrs)
7528 m4 = build_eap_wsc(1, eap_id, attrs)
7529 send_wsc_msg(dev[0], bssid, m4)
7530 eap_id = (eap_id + 1) % 256
7531
7532 logger.debug("Receive M5 (NACK) from STA")
7533 msg = get_wsc_msg(dev[0])
7534 if msg['wsc_opcode'] != WSC_NACK:
7535 raise Exception("Unexpected message - expected WSC_Nack")
7536
7537 dev[0].request("WPS_CANCEL")
7538 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
7539 dev[0].wait_disconnected()
7540
7541 def test_wps_ext_proto_m4_invalid_pad_value(dev, apdev):
7542 """WPS and invalid pad value in M4"""
7543 eap_id, e_nonce, r_nonce, bssid, r_hash1, r_hash2, r_s1, m3, authkey, keywrapkey = wps_to_m3(dev, apdev)
7544
7545 logger.debug("Send M4 to STA")
7546 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7547 attrs += build_attr_msg_type(WPS_M4)
7548 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
7549 attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
7550 attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
7551 data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
7552
7553 m = hmac.new(authkey, data, hashlib.sha256)
7554 kwa = m.digest()[0:8]
7555 data += build_wsc_attr(ATTR_KEY_WRAP_AUTH, kwa)
7556 iv = 16*'\x99'
7557 aes = AES.new(keywrapkey, AES.MODE_CBC, iv)
7558 pad_len = 16 - len(data) % 16
7559 ps = (pad_len - 1) * struct.pack('B', pad_len) + struct.pack('B', 255)
7560 data += ps
7561 wrapped = aes.encrypt(data)
7562 attrs += build_wsc_attr(ATTR_ENCR_SETTINGS, iv + wrapped)
7563
7564 attrs += build_attr_authenticator(authkey, m3, attrs)
7565 m4 = build_eap_wsc(1, eap_id, attrs)
7566 send_wsc_msg(dev[0], bssid, m4)
7567 eap_id = (eap_id + 1) % 256
7568
7569 logger.debug("Receive M5 (NACK) from STA")
7570 msg = get_wsc_msg(dev[0])
7571 if msg['wsc_opcode'] != WSC_NACK:
7572 raise Exception("Unexpected message - expected WSC_Nack")
7573
7574 dev[0].request("WPS_CANCEL")
7575 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
7576 dev[0].wait_disconnected()
7577
7578 def test_wps_ext_proto_m4_no_encr_settings(dev, apdev):
7579 """WPS and no Encr Settings in M4"""
7580 eap_id, e_nonce, r_nonce, bssid, r_hash1, r_hash2, r_s1, m3, authkey, keywrapkey = wps_to_m3(dev, apdev)
7581
7582 logger.debug("Send M4 to STA")
7583 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7584 attrs += build_attr_msg_type(WPS_M4)
7585 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
7586 attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
7587 attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
7588 attrs += build_attr_authenticator(authkey, m3, attrs)
7589 m4 = build_eap_wsc(1, eap_id, attrs)
7590 send_wsc_msg(dev[0], bssid, m4)
7591 eap_id = (eap_id + 1) % 256
7592
7593 logger.debug("Receive M5 (NACK) from STA")
7594 msg = get_wsc_msg(dev[0])
7595 if msg['wsc_opcode'] != WSC_NACK:
7596 raise Exception("Unexpected message - expected WSC_Nack")
7597
7598 dev[0].request("WPS_CANCEL")
7599 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
7600 dev[0].wait_disconnected()
7601
7602 def test_wps_ext_proto_m6_missing_r_snonce2(dev, apdev):
7603 """WPS and no R-SNonce2 in M6"""
7604 eap_id, e_nonce, r_nonce, bssid, r_hash1, r_hash2, r_s2, m5, authkey, keywrapkey = wps_to_m5(dev, apdev)
7605
7606 logger.debug("Send M6 to STA")
7607 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7608 attrs += build_attr_msg_type(WPS_M6)
7609 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
7610 #data = build_wsc_attr(ATTR_R_SNONCE2, r_s2)
7611 data = ''
7612 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7613 attrs += build_attr_authenticator(authkey, m5, attrs)
7614 m6 = build_eap_wsc(1, eap_id, attrs)
7615 send_wsc_msg(dev[0], bssid, m6)
7616 eap_id = (eap_id + 1) % 256
7617
7618 logger.debug("Receive M7 (NACK) from STA")
7619 msg = get_wsc_msg(dev[0])
7620 if msg['wsc_opcode'] != WSC_NACK:
7621 raise Exception("Unexpected message - expected WSC_Nack")
7622
7623 dev[0].request("WPS_CANCEL")
7624 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
7625 dev[0].wait_disconnected()
7626
7627 def test_wps_ext_proto_m6_no_encr_settings(dev, apdev):
7628 """WPS and no Encr Settings in M6"""
7629 eap_id, e_nonce, r_nonce, bssid, r_hash1, r_hash2, r_s2, m5, authkey, keywrapkey = wps_to_m5(dev, apdev)
7630
7631 logger.debug("Send M6 to STA")
7632 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7633 attrs += build_attr_msg_type(WPS_M6)
7634 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
7635 data = build_wsc_attr(ATTR_R_SNONCE2, r_s2)
7636 #attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7637 attrs += build_attr_authenticator(authkey, m5, attrs)
7638 m6 = build_eap_wsc(1, eap_id, attrs)
7639 send_wsc_msg(dev[0], bssid, m6)
7640 eap_id = (eap_id + 1) % 256
7641
7642 logger.debug("Receive M7 (NACK) from STA")
7643 msg = get_wsc_msg(dev[0])
7644 if msg['wsc_opcode'] != WSC_NACK:
7645 raise Exception("Unexpected message - expected WSC_Nack")
7646
7647 dev[0].request("WPS_CANCEL")
7648 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
7649 dev[0].wait_disconnected()
7650
7651 def test_wps_ext_proto_m8_no_encr_settings(dev, apdev):
7652 """WPS and no Encr Settings in M6"""
7653 eap_id, e_nonce, r_nonce, bssid, r_hash1, r_hash2, r_s2, m5, authkey, keywrapkey = wps_to_m5(dev, apdev)
7654
7655 logger.debug("Send M6 to STA")
7656 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7657 attrs += build_attr_msg_type(WPS_M6)
7658 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
7659 data = build_wsc_attr(ATTR_R_SNONCE2, r_s2)
7660 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7661 attrs += build_attr_authenticator(authkey, m5, attrs)
7662 raw_m6_attrs = attrs
7663 m6 = build_eap_wsc(1, eap_id, attrs)
7664 send_wsc_msg(dev[0], bssid, m6)
7665 eap_id = (eap_id + 1) % 256
7666
7667 logger.debug("Receive M7 from STA")
7668 msg, m7_attrs, raw_m7_attrs = recv_wsc_msg(dev[0], WSC_MSG, WPS_M7)
7669
7670 logger.debug("Send M8 to STA")
7671 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7672 attrs += build_attr_msg_type(WPS_M8)
7673 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
7674 #attrs += build_attr_encr_settings(authkey, keywrapkey, m8_cred)
7675 attrs += build_attr_authenticator(authkey, raw_m7_attrs, attrs)
7676 raw_m8_attrs = attrs
7677 m8 = build_eap_wsc(1, eap_id, attrs)
7678 send_wsc_msg(dev[0], bssid, m8)
7679
7680 logger.debug("Receive WSC_Done (NACK) from STA")
7681 msg = get_wsc_msg(dev[0])
7682 if msg['wsc_opcode'] != WSC_NACK:
7683 raise Exception("Unexpected message - expected WSC_Nack")
7684
7685 dev[0].request("WPS_CANCEL")
7686 send_wsc_msg(dev[0], bssid, build_eap_failure(eap_id))
7687 dev[0].wait_disconnected()
7688
7689 def wps_start_ext_reg(apdev, dev):
7690 addr = dev.own_addr()
7691 bssid = apdev['bssid']
7692 ssid = "test-wps-conf"
7693 appin = "12345670"
7694 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
7695 "wpa_passphrase": "12345678", "wpa": "2",
7696 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
7697 "ap_pin": appin }
7698 hapd = hostapd.add_ap(apdev, params)
7699
7700 dev.scan_for_bss(bssid, freq="2412")
7701 hapd.request("SET ext_eapol_frame_io 1")
7702 dev.request("SET ext_eapol_frame_io 1")
7703
7704 dev.request("WPS_REG " + bssid + " " + appin)
7705
7706 return addr,bssid,hapd
7707
7708 def wps_run_ap_settings_proto(dev, apdev, ap_settings, success):
7709 addr,bssid,hapd = wps_start_ext_reg(apdev[0], dev[0])
7710 wps_ext_eap_identity_req(dev[0], hapd, bssid)
7711 wps_ext_eap_identity_resp(hapd, dev[0], addr)
7712
7713 logger.debug("Receive M1 from AP")
7714 msg, m1_attrs, raw_m1_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M1)
7715 mac_addr = m1_attrs[ATTR_MAC_ADDR]
7716 e_nonce = m1_attrs[ATTR_ENROLLEE_NONCE]
7717 e_pk = m1_attrs[ATTR_PUBLIC_KEY]
7718
7719 appin = '12345670'
7720 uuid_r = 16*'\x33'
7721 r_nonce = 16*'\x44'
7722 own_private, r_pk = wsc_dh_init()
7723 authkey,keywrapkey = wsc_dh_kdf(e_pk, own_private, mac_addr, e_nonce,
7724 r_nonce)
7725 r_s1,r_s2,r_hash1,r_hash2 = wsc_dev_pw_hash(authkey, appin, e_pk, r_pk)
7726
7727 logger.debug("Send M2 to AP")
7728 m2, raw_m2_attrs = build_m2(authkey, raw_m1_attrs, msg['eap_identifier'],
7729 e_nonce, r_nonce, uuid_r, r_pk, eap_code=2)
7730 send_wsc_msg(hapd, addr, m2)
7731
7732 logger.debug("Receive M3 from AP")
7733 msg, m3_attrs, raw_m3_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M3)
7734
7735 logger.debug("Send M4 to AP")
7736 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7737 attrs += build_attr_msg_type(WPS_M4)
7738 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
7739 attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
7740 attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
7741 data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
7742 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7743 attrs += build_attr_authenticator(authkey, raw_m3_attrs, attrs)
7744 raw_m4_attrs = attrs
7745 m4 = build_eap_wsc(2, msg['eap_identifier'], attrs)
7746 send_wsc_msg(hapd, addr, m4)
7747
7748 logger.debug("Receive M5 from AP")
7749 msg, m5_attrs, raw_m5_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M5)
7750
7751 logger.debug("Send M6 to STA")
7752 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7753 attrs += build_attr_msg_type(WPS_M6)
7754 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
7755 data = build_wsc_attr(ATTR_R_SNONCE2, r_s2)
7756 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7757 attrs += build_attr_authenticator(authkey, raw_m5_attrs, attrs)
7758 raw_m6_attrs = attrs
7759 m6 = build_eap_wsc(2, msg['eap_identifier'], attrs)
7760 send_wsc_msg(hapd, addr, m6)
7761
7762 logger.debug("Receive M7 from AP")
7763 msg, m7_attrs, raw_m7_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M7)
7764
7765 logger.debug("Send M8 to STA")
7766 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7767 attrs += build_attr_msg_type(WPS_M8)
7768 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
7769 if ap_settings:
7770 attrs += build_attr_encr_settings(authkey, keywrapkey, ap_settings)
7771 attrs += build_attr_authenticator(authkey, raw_m7_attrs, attrs)
7772 raw_m8_attrs = attrs
7773 m8 = build_eap_wsc(2, msg['eap_identifier'], attrs)
7774 send_wsc_msg(hapd, addr, m8)
7775
7776 if success:
7777 ev = hapd.wait_event(["WPS-NEW-AP-SETTINGS"], timeout=5)
7778 if ev is None:
7779 raise Exception("New AP settings not reported")
7780 logger.debug("Receive WSC_Done from AP")
7781 msg = get_wsc_msg(hapd)
7782 if msg['wsc_opcode'] != WSC_Done:
7783 raise Exception("Unexpected message - expected WSC_Done")
7784
7785 logger.debug("Send WSC_ACK to AP")
7786 ack,attrs = build_ack(msg['eap_identifier'], e_nonce, r_nonce,
7787 eap_code=2)
7788 send_wsc_msg(hapd, addr, ack)
7789 dev[0].wait_disconnected()
7790 else:
7791 ev = hapd.wait_event(["WPS-FAIL"], timeout=5)
7792 if ev is None:
7793 raise Exception("WPS failure not reported")
7794 logger.debug("Receive WSC_NACK from AP")
7795 msg = get_wsc_msg(hapd)
7796 if msg['wsc_opcode'] != WSC_NACK:
7797 raise Exception("Unexpected message - expected WSC_NACK")
7798
7799 logger.debug("Send WSC_NACK to AP")
7800 nack,attrs = build_nack(msg['eap_identifier'], e_nonce, r_nonce,
7801 eap_code=2)
7802 send_wsc_msg(hapd, addr, nack)
7803 dev[0].wait_disconnected()
7804
7805 def test_wps_ext_ap_settings_success(dev, apdev):
7806 """WPS and AP Settings: success"""
7807 ap_settings = build_wsc_attr(ATTR_NETWORK_INDEX, '\x01')
7808 ap_settings += build_wsc_attr(ATTR_SSID, "test")
7809 ap_settings += build_wsc_attr(ATTR_AUTH_TYPE, '\x00\x01')
7810 ap_settings += build_wsc_attr(ATTR_ENCR_TYPE, '\x00\x01')
7811 ap_settings += build_wsc_attr(ATTR_NETWORK_KEY, '')
7812 ap_settings += build_wsc_attr(ATTR_MAC_ADDR, binascii.unhexlify(apdev[0]['bssid'].replace(':', '')))
7813 wps_run_ap_settings_proto(dev, apdev, ap_settings, True)
7814
7815 @remote_compatible
7816 def test_wps_ext_ap_settings_missing(dev, apdev):
7817 """WPS and AP Settings: missing"""
7818 wps_run_ap_settings_proto(dev, apdev, None, False)
7819
7820 @remote_compatible
7821 def test_wps_ext_ap_settings_mac_addr_mismatch(dev, apdev):
7822 """WPS and AP Settings: MAC Address mismatch"""
7823 ap_settings = build_wsc_attr(ATTR_NETWORK_INDEX, '\x01')
7824 ap_settings += build_wsc_attr(ATTR_SSID, "test")
7825 ap_settings += build_wsc_attr(ATTR_AUTH_TYPE, '\x00\x01')
7826 ap_settings += build_wsc_attr(ATTR_ENCR_TYPE, '\x00\x01')
7827 ap_settings += build_wsc_attr(ATTR_NETWORK_KEY, '')
7828 ap_settings += build_wsc_attr(ATTR_MAC_ADDR, '\x00\x00\x00\x00\x00\x00')
7829 wps_run_ap_settings_proto(dev, apdev, ap_settings, True)
7830
7831 @remote_compatible
7832 def test_wps_ext_ap_settings_mac_addr_missing(dev, apdev):
7833 """WPS and AP Settings: missing MAC Address"""
7834 ap_settings = build_wsc_attr(ATTR_NETWORK_INDEX, '\x01')
7835 ap_settings += build_wsc_attr(ATTR_SSID, "test")
7836 ap_settings += build_wsc_attr(ATTR_AUTH_TYPE, '\x00\x01')
7837 ap_settings += build_wsc_attr(ATTR_ENCR_TYPE, '\x00\x01')
7838 ap_settings += build_wsc_attr(ATTR_NETWORK_KEY, '')
7839 wps_run_ap_settings_proto(dev, apdev, ap_settings, False)
7840
7841 @remote_compatible
7842 def test_wps_ext_ap_settings_reject_encr_type(dev, apdev):
7843 """WPS and AP Settings: reject Encr Type"""
7844 ap_settings = build_wsc_attr(ATTR_NETWORK_INDEX, '\x01')
7845 ap_settings += build_wsc_attr(ATTR_SSID, "test")
7846 ap_settings += build_wsc_attr(ATTR_AUTH_TYPE, '\x00\x01')
7847 ap_settings += build_wsc_attr(ATTR_ENCR_TYPE, '\x00\x00')
7848 ap_settings += build_wsc_attr(ATTR_NETWORK_KEY, '')
7849 ap_settings += build_wsc_attr(ATTR_MAC_ADDR, binascii.unhexlify(apdev[0]['bssid'].replace(':', '')))
7850 wps_run_ap_settings_proto(dev, apdev, ap_settings, False)
7851
7852 @remote_compatible
7853 def test_wps_ext_ap_settings_m2d(dev, apdev):
7854 """WPS and AP Settings: M2D"""
7855 addr,bssid,hapd = wps_start_ext_reg(apdev[0], dev[0])
7856 wps_ext_eap_identity_req(dev[0], hapd, bssid)
7857 wps_ext_eap_identity_resp(hapd, dev[0], addr)
7858
7859 logger.debug("Receive M1 from AP")
7860 msg, m1_attrs, raw_m1_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M1)
7861 e_nonce = m1_attrs[ATTR_ENROLLEE_NONCE]
7862
7863 r_nonce = 16*'\x44'
7864 uuid_r = 16*'\x33'
7865
7866 logger.debug("Send M2D to AP")
7867 m2d, raw_m2d_attrs = build_m2d(raw_m1_attrs, msg['eap_identifier'],
7868 e_nonce, r_nonce, uuid_r,
7869 dev_pw_id='\x00\x00', eap_code=2)
7870 send_wsc_msg(hapd, addr, m2d)
7871
7872 ev = hapd.wait_event(["WPS-M2D"], timeout=5)
7873 if ev is None:
7874 raise Exception("M2D not reported")
7875
7876 wps_wait_ap_nack(hapd, dev[0], e_nonce, r_nonce)
7877
7878 def wps_wait_ap_nack(hapd, dev, e_nonce, r_nonce):
7879 logger.debug("Receive WSC_NACK from AP")
7880 msg = get_wsc_msg(hapd)
7881 if msg['wsc_opcode'] != WSC_NACK:
7882 raise Exception("Unexpected message - expected WSC_NACK")
7883
7884 logger.debug("Send WSC_NACK to AP")
7885 nack,attrs = build_nack(msg['eap_identifier'], e_nonce, r_nonce,
7886 eap_code=2)
7887 send_wsc_msg(hapd, dev.own_addr(), nack)
7888 dev.wait_disconnected()
7889
7890 @remote_compatible
7891 def test_wps_ext_m3_missing_e_hash1(dev, apdev):
7892 """WPS proto: M3 missing E-Hash1"""
7893 pin = "12345670"
7894 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
7895 wps_ext_eap_identity_req(dev[0], hapd, bssid)
7896 wps_ext_eap_identity_resp(hapd, dev[0], addr)
7897
7898 logger.debug("Receive WSC/Start from AP")
7899 msg = get_wsc_msg(hapd)
7900 if msg['wsc_opcode'] != WSC_Start:
7901 raise Exception("Unexpected Op-Code for WSC/Start")
7902
7903 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
7904 uuid_e = 16*'\x11'
7905 e_nonce = 16*'\x22'
7906 own_private, e_pk = wsc_dh_init()
7907
7908 logger.debug("Send M1 to AP")
7909 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
7910 e_nonce, e_pk)
7911 send_wsc_msg(hapd, addr, m1)
7912
7913 logger.debug("Receive M2 from AP")
7914 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
7915 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
7916 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
7917
7918 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
7919 r_nonce)
7920 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
7921
7922 logger.debug("Send M3 to AP")
7923 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7924 attrs += build_attr_msg_type(WPS_M3)
7925 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
7926 #attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
7927 attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
7928 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
7929 raw_m3_attrs = attrs
7930 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
7931 send_wsc_msg(hapd, addr, m3)
7932
7933 wps_wait_ap_nack(hapd, dev[0], e_nonce, r_nonce)
7934
7935 @remote_compatible
7936 def test_wps_ext_m3_missing_e_hash2(dev, apdev):
7937 """WPS proto: M3 missing E-Hash2"""
7938 pin = "12345670"
7939 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
7940 wps_ext_eap_identity_req(dev[0], hapd, bssid)
7941 wps_ext_eap_identity_resp(hapd, dev[0], addr)
7942
7943 logger.debug("Receive WSC/Start from AP")
7944 msg = get_wsc_msg(hapd)
7945 if msg['wsc_opcode'] != WSC_Start:
7946 raise Exception("Unexpected Op-Code for WSC/Start")
7947
7948 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
7949 uuid_e = 16*'\x11'
7950 e_nonce = 16*'\x22'
7951 own_private, e_pk = wsc_dh_init()
7952
7953 logger.debug("Send M1 to AP")
7954 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
7955 e_nonce, e_pk)
7956 send_wsc_msg(hapd, addr, m1)
7957
7958 logger.debug("Receive M2 from AP")
7959 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
7960 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
7961 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
7962
7963 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
7964 r_nonce)
7965 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
7966
7967 logger.debug("Send M3 to AP")
7968 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
7969 attrs += build_attr_msg_type(WPS_M3)
7970 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
7971 attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
7972 #attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
7973 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
7974 raw_m3_attrs = attrs
7975 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
7976 send_wsc_msg(hapd, addr, m3)
7977
7978 wps_wait_ap_nack(hapd, dev[0], e_nonce, r_nonce)
7979
7980 @remote_compatible
7981 def test_wps_ext_m5_missing_e_snonce1(dev, apdev):
7982 """WPS proto: M5 missing E-SNonce1"""
7983 pin = "12345670"
7984 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
7985 wps_ext_eap_identity_req(dev[0], hapd, bssid)
7986 wps_ext_eap_identity_resp(hapd, dev[0], addr)
7987
7988 logger.debug("Receive WSC/Start from AP")
7989 msg = get_wsc_msg(hapd)
7990 if msg['wsc_opcode'] != WSC_Start:
7991 raise Exception("Unexpected Op-Code for WSC/Start")
7992
7993 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
7994 uuid_e = 16*'\x11'
7995 e_nonce = 16*'\x22'
7996 own_private, e_pk = wsc_dh_init()
7997
7998 logger.debug("Send M1 to AP")
7999 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8000 e_nonce, e_pk)
8001 send_wsc_msg(hapd, addr, m1)
8002
8003 logger.debug("Receive M2 from AP")
8004 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8005 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8006 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8007
8008 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8009 r_nonce)
8010 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8011
8012 logger.debug("Send M3 to AP")
8013 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8014 attrs += build_attr_msg_type(WPS_M3)
8015 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8016 attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
8017 attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
8018 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
8019 raw_m3_attrs = attrs
8020 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8021 send_wsc_msg(hapd, addr, m3)
8022
8023 logger.debug("Receive M4 from AP")
8024 msg, m4_attrs, raw_m4_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M4)
8025
8026 logger.debug("Send M5 to AP")
8027 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8028 attrs += build_attr_msg_type(WPS_M5)
8029 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8030 #data = build_wsc_attr(ATTR_E_SNONCE1, e_s1)
8031 data = ''
8032 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
8033 attrs += build_attr_authenticator(authkey, raw_m4_attrs, attrs)
8034 raw_m5_attrs = attrs
8035 m5 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8036 send_wsc_msg(hapd, addr, m5)
8037
8038 wps_wait_ap_nack(hapd, dev[0], e_nonce, r_nonce)
8039
8040 @remote_compatible
8041 def test_wps_ext_m5_e_snonce1_mismatch(dev, apdev):
8042 """WPS proto: M5 E-SNonce1 mismatch"""
8043 pin = "12345670"
8044 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8045 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8046 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8047
8048 logger.debug("Receive WSC/Start from AP")
8049 msg = get_wsc_msg(hapd)
8050 if msg['wsc_opcode'] != WSC_Start:
8051 raise Exception("Unexpected Op-Code for WSC/Start")
8052
8053 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8054 uuid_e = 16*'\x11'
8055 e_nonce = 16*'\x22'
8056 own_private, e_pk = wsc_dh_init()
8057
8058 logger.debug("Send M1 to AP")
8059 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8060 e_nonce, e_pk)
8061 send_wsc_msg(hapd, addr, m1)
8062
8063 logger.debug("Receive M2 from AP")
8064 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8065 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8066 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8067
8068 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8069 r_nonce)
8070 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8071
8072 logger.debug("Send M3 to AP")
8073 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8074 attrs += build_attr_msg_type(WPS_M3)
8075 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8076 attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
8077 attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
8078 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
8079 raw_m3_attrs = attrs
8080 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8081 send_wsc_msg(hapd, addr, m3)
8082
8083 logger.debug("Receive M4 from AP")
8084 msg, m4_attrs, raw_m4_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M4)
8085
8086 logger.debug("Send M5 to AP")
8087 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8088 attrs += build_attr_msg_type(WPS_M5)
8089 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8090 data = build_wsc_attr(ATTR_E_SNONCE1, 16*'\x00')
8091 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
8092 attrs += build_attr_authenticator(authkey, raw_m4_attrs, attrs)
8093 raw_m5_attrs = attrs
8094 m5 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8095 send_wsc_msg(hapd, addr, m5)
8096
8097 wps_wait_ap_nack(hapd, dev[0], e_nonce, r_nonce)
8098
8099 def test_wps_ext_m7_missing_e_snonce2(dev, apdev):
8100 """WPS proto: M7 missing E-SNonce2"""
8101 pin = "12345670"
8102 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8103 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8104 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8105
8106 logger.debug("Receive WSC/Start from AP")
8107 msg = get_wsc_msg(hapd)
8108 if msg['wsc_opcode'] != WSC_Start:
8109 raise Exception("Unexpected Op-Code for WSC/Start")
8110
8111 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8112 uuid_e = 16*'\x11'
8113 e_nonce = 16*'\x22'
8114 own_private, e_pk = wsc_dh_init()
8115
8116 logger.debug("Send M1 to AP")
8117 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8118 e_nonce, e_pk)
8119 send_wsc_msg(hapd, addr, m1)
8120
8121 logger.debug("Receive M2 from AP")
8122 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8123 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8124 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8125
8126 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8127 r_nonce)
8128 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8129
8130 logger.debug("Send M3 to AP")
8131 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8132 attrs += build_attr_msg_type(WPS_M3)
8133 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8134 attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
8135 attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
8136 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
8137 raw_m3_attrs = attrs
8138 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8139 send_wsc_msg(hapd, addr, m3)
8140
8141 logger.debug("Receive M4 from AP")
8142 msg, m4_attrs, raw_m4_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M4)
8143
8144 logger.debug("Send M5 to AP")
8145 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8146 attrs += build_attr_msg_type(WPS_M5)
8147 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8148 data = build_wsc_attr(ATTR_E_SNONCE1, e_s1)
8149 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
8150 attrs += build_attr_authenticator(authkey, raw_m4_attrs, attrs)
8151 raw_m5_attrs = attrs
8152 m5 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8153 send_wsc_msg(hapd, addr, m5)
8154
8155 logger.debug("Receive M6 from AP")
8156 msg, m6_attrs, raw_m6_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M6)
8157
8158 logger.debug("Send M7 to AP")
8159 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8160 attrs += build_attr_msg_type(WPS_M7)
8161 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8162 #data = build_wsc_attr(ATTR_E_SNONCE2, e_s2)
8163 data = ''
8164 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
8165 attrs += build_attr_authenticator(authkey, raw_m6_attrs, attrs)
8166 m7 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8167 raw_m7_attrs = attrs
8168 send_wsc_msg(hapd, addr, m7)
8169
8170 wps_wait_ap_nack(hapd, dev[0], e_nonce, r_nonce)
8171
8172 @remote_compatible
8173 def test_wps_ext_m7_e_snonce2_mismatch(dev, apdev):
8174 """WPS proto: M7 E-SNonce2 mismatch"""
8175 pin = "12345670"
8176 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8177 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8178 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8179
8180 logger.debug("Receive WSC/Start from AP")
8181 msg = get_wsc_msg(hapd)
8182 if msg['wsc_opcode'] != WSC_Start:
8183 raise Exception("Unexpected Op-Code for WSC/Start")
8184
8185 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8186 uuid_e = 16*'\x11'
8187 e_nonce = 16*'\x22'
8188 own_private, e_pk = wsc_dh_init()
8189
8190 logger.debug("Send M1 to AP")
8191 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8192 e_nonce, e_pk)
8193 send_wsc_msg(hapd, addr, m1)
8194
8195 logger.debug("Receive M2 from AP")
8196 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8197 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8198 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8199
8200 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8201 r_nonce)
8202 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8203
8204 logger.debug("Send M3 to AP")
8205 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8206 attrs += build_attr_msg_type(WPS_M3)
8207 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8208 attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
8209 attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
8210 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
8211 raw_m3_attrs = attrs
8212 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8213 send_wsc_msg(hapd, addr, m3)
8214
8215 logger.debug("Receive M4 from AP")
8216 msg, m4_attrs, raw_m4_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M4)
8217
8218 logger.debug("Send M5 to AP")
8219 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8220 attrs += build_attr_msg_type(WPS_M5)
8221 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8222 data = build_wsc_attr(ATTR_E_SNONCE1, e_s1)
8223 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
8224 attrs += build_attr_authenticator(authkey, raw_m4_attrs, attrs)
8225 raw_m5_attrs = attrs
8226 m5 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8227 send_wsc_msg(hapd, addr, m5)
8228
8229 logger.debug("Receive M6 from AP")
8230 msg, m6_attrs, raw_m6_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M6)
8231
8232 logger.debug("Send M7 to AP")
8233 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8234 attrs += build_attr_msg_type(WPS_M7)
8235 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8236 data = build_wsc_attr(ATTR_E_SNONCE2, 16*'\x00')
8237 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
8238 attrs += build_attr_authenticator(authkey, raw_m6_attrs, attrs)
8239 m7 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8240 raw_m7_attrs = attrs
8241 send_wsc_msg(hapd, addr, m7)
8242
8243 wps_wait_ap_nack(hapd, dev[0], e_nonce, r_nonce)
8244
8245 @remote_compatible
8246 def test_wps_ext_m1_pubkey_oom(dev, apdev):
8247 """WPS proto: M1 PubKey OOM"""
8248 pin = "12345670"
8249 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8250 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8251 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8252
8253 logger.debug("Receive WSC/Start from AP")
8254 msg = get_wsc_msg(hapd)
8255 if msg['wsc_opcode'] != WSC_Start:
8256 raise Exception("Unexpected Op-Code for WSC/Start")
8257
8258 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8259 uuid_e = 16*'\x11'
8260 e_nonce = 16*'\x22'
8261 own_private, e_pk = wsc_dh_init()
8262
8263 logger.debug("Send M1 to AP")
8264 with alloc_fail(hapd, 1, "wpabuf_alloc_copy;wps_process_pubkey"):
8265 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8266 e_nonce, e_pk)
8267 send_wsc_msg(hapd, addr, m1)
8268 wps_wait_eap_failure(hapd, dev[0])
8269
8270 def wps_wait_eap_failure(hapd, dev):
8271 ev = hapd.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=5)
8272 if ev is None:
8273 raise Exception("EAP-Failure not reported")
8274 dev.wait_disconnected()
8275
8276 @remote_compatible
8277 def test_wps_ext_m3_m1(dev, apdev):
8278 """WPS proto: M3 replaced with M1"""
8279 pin = "12345670"
8280 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8281 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8282 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8283
8284 logger.debug("Receive WSC/Start from AP")
8285 msg = get_wsc_msg(hapd)
8286 if msg['wsc_opcode'] != WSC_Start:
8287 raise Exception("Unexpected Op-Code for WSC/Start")
8288
8289 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8290 uuid_e = 16*'\x11'
8291 e_nonce = 16*'\x22'
8292 own_private, e_pk = wsc_dh_init()
8293
8294 logger.debug("Send M1 to AP")
8295 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8296 e_nonce, e_pk)
8297 send_wsc_msg(hapd, addr, m1)
8298
8299 logger.debug("Receive M2 from AP")
8300 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8301 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8302 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8303
8304 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8305 r_nonce)
8306 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8307
8308 logger.debug("Send M3(M1) to AP")
8309 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8310 attrs += build_attr_msg_type(WPS_M1)
8311 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8312 attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
8313 attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
8314 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
8315 raw_m3_attrs = attrs
8316 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8317 send_wsc_msg(hapd, addr, m3)
8318
8319 wps_wait_eap_failure(hapd, dev[0])
8320
8321 @remote_compatible
8322 def test_wps_ext_m5_m3(dev, apdev):
8323 """WPS proto: M5 replaced with M3"""
8324 pin = "12345670"
8325 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8326 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8327 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8328
8329 logger.debug("Receive WSC/Start from AP")
8330 msg = get_wsc_msg(hapd)
8331 if msg['wsc_opcode'] != WSC_Start:
8332 raise Exception("Unexpected Op-Code for WSC/Start")
8333
8334 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8335 uuid_e = 16*'\x11'
8336 e_nonce = 16*'\x22'
8337 own_private, e_pk = wsc_dh_init()
8338
8339 logger.debug("Send M1 to AP")
8340 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8341 e_nonce, e_pk)
8342 send_wsc_msg(hapd, addr, m1)
8343
8344 logger.debug("Receive M2 from AP")
8345 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8346 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8347 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8348
8349 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8350 r_nonce)
8351 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8352
8353 logger.debug("Send M3 to AP")
8354 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8355 attrs += build_attr_msg_type(WPS_M3)
8356 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8357 attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
8358 attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
8359 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
8360 raw_m3_attrs = attrs
8361 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8362 send_wsc_msg(hapd, addr, m3)
8363
8364 logger.debug("Receive M4 from AP")
8365 msg, m4_attrs, raw_m4_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M4)
8366
8367 logger.debug("Send M5(M3) to AP")
8368 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8369 attrs += build_attr_msg_type(WPS_M3)
8370 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8371 data = build_wsc_attr(ATTR_E_SNONCE1, e_s1)
8372 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
8373 attrs += build_attr_authenticator(authkey, raw_m4_attrs, attrs)
8374 raw_m5_attrs = attrs
8375 m5 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8376 send_wsc_msg(hapd, addr, m5)
8377
8378 wps_wait_ap_nack(hapd, dev[0], e_nonce, r_nonce)
8379
8380 @remote_compatible
8381 def test_wps_ext_m3_m2(dev, apdev):
8382 """WPS proto: M3 replaced with M2"""
8383 pin = "12345670"
8384 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8385 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8386 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8387
8388 logger.debug("Receive WSC/Start from AP")
8389 msg = get_wsc_msg(hapd)
8390 if msg['wsc_opcode'] != WSC_Start:
8391 raise Exception("Unexpected Op-Code for WSC/Start")
8392
8393 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8394 uuid_e = 16*'\x11'
8395 e_nonce = 16*'\x22'
8396 own_private, e_pk = wsc_dh_init()
8397
8398 logger.debug("Send M1 to AP")
8399 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8400 e_nonce, e_pk)
8401 send_wsc_msg(hapd, addr, m1)
8402
8403 logger.debug("Receive M2 from AP")
8404 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8405 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8406 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8407
8408 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8409 r_nonce)
8410 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8411
8412 logger.debug("Send M3(M2) to AP")
8413 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8414 attrs += build_attr_msg_type(WPS_M2)
8415 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8416 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
8417 raw_m3_attrs = attrs
8418 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8419 send_wsc_msg(hapd, addr, m3)
8420
8421 wps_wait_eap_failure(hapd, dev[0])
8422
8423 @remote_compatible
8424 def test_wps_ext_m3_m5(dev, apdev):
8425 """WPS proto: M3 replaced with M5"""
8426 pin = "12345670"
8427 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8428 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8429 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8430
8431 logger.debug("Receive WSC/Start from AP")
8432 msg = get_wsc_msg(hapd)
8433 if msg['wsc_opcode'] != WSC_Start:
8434 raise Exception("Unexpected Op-Code for WSC/Start")
8435
8436 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8437 uuid_e = 16*'\x11'
8438 e_nonce = 16*'\x22'
8439 own_private, e_pk = wsc_dh_init()
8440
8441 logger.debug("Send M1 to AP")
8442 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8443 e_nonce, e_pk)
8444 send_wsc_msg(hapd, addr, m1)
8445
8446 logger.debug("Receive M2 from AP")
8447 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8448 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8449 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8450
8451 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8452 r_nonce)
8453 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8454
8455 logger.debug("Send M3(M5) to AP")
8456 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8457 attrs += build_attr_msg_type(WPS_M5)
8458 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8459 attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
8460 attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
8461 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
8462 raw_m3_attrs = attrs
8463 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8464 send_wsc_msg(hapd, addr, m3)
8465
8466 wps_wait_ap_nack(hapd, dev[0], e_nonce, r_nonce)
8467
8468 @remote_compatible
8469 def test_wps_ext_m3_m7(dev, apdev):
8470 """WPS proto: M3 replaced with M7"""
8471 pin = "12345670"
8472 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8473 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8474 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8475
8476 logger.debug("Receive WSC/Start from AP")
8477 msg = get_wsc_msg(hapd)
8478 if msg['wsc_opcode'] != WSC_Start:
8479 raise Exception("Unexpected Op-Code for WSC/Start")
8480
8481 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8482 uuid_e = 16*'\x11'
8483 e_nonce = 16*'\x22'
8484 own_private, e_pk = wsc_dh_init()
8485
8486 logger.debug("Send M1 to AP")
8487 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8488 e_nonce, e_pk)
8489 send_wsc_msg(hapd, addr, m1)
8490
8491 logger.debug("Receive M2 from AP")
8492 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8493 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8494 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8495
8496 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8497 r_nonce)
8498 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8499
8500 logger.debug("Send M3(M7) to AP")
8501 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8502 attrs += build_attr_msg_type(WPS_M7)
8503 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
8504 attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
8505 attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
8506 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
8507 raw_m3_attrs = attrs
8508 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8509 send_wsc_msg(hapd, addr, m3)
8510
8511 wps_wait_ap_nack(hapd, dev[0], e_nonce, r_nonce)
8512
8513 @remote_compatible
8514 def test_wps_ext_m3_done(dev, apdev):
8515 """WPS proto: M3 replaced with WSC_Done"""
8516 pin = "12345670"
8517 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8518 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8519 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8520
8521 logger.debug("Receive WSC/Start from AP")
8522 msg = get_wsc_msg(hapd)
8523 if msg['wsc_opcode'] != WSC_Start:
8524 raise Exception("Unexpected Op-Code for WSC/Start")
8525
8526 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8527 uuid_e = 16*'\x11'
8528 e_nonce = 16*'\x22'
8529 own_private, e_pk = wsc_dh_init()
8530
8531 logger.debug("Send M1 to AP")
8532 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8533 e_nonce, e_pk)
8534 send_wsc_msg(hapd, addr, m1)
8535
8536 logger.debug("Receive M2 from AP")
8537 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8538 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8539 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8540
8541 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8542 r_nonce)
8543 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8544
8545 logger.debug("Send M3(WSC_Done) to AP")
8546 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8547 attrs += build_attr_msg_type(WPS_WSC_DONE)
8548 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
8549 raw_m3_attrs = attrs
8550 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs, opcode=WSC_Done)
8551 send_wsc_msg(hapd, addr, m3)
8552
8553 wps_wait_eap_failure(hapd, dev[0])
8554
8555 @remote_compatible
8556 def test_wps_ext_m2_nack_invalid(dev, apdev):
8557 """WPS proto: M2 followed by invalid NACK"""
8558 pin = "12345670"
8559 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8560 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8561 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8562
8563 logger.debug("Receive WSC/Start from AP")
8564 msg = get_wsc_msg(hapd)
8565 if msg['wsc_opcode'] != WSC_Start:
8566 raise Exception("Unexpected Op-Code for WSC/Start")
8567
8568 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8569 uuid_e = 16*'\x11'
8570 e_nonce = 16*'\x22'
8571 own_private, e_pk = wsc_dh_init()
8572
8573 logger.debug("Send M1 to AP")
8574 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8575 e_nonce, e_pk)
8576 send_wsc_msg(hapd, addr, m1)
8577
8578 logger.debug("Receive M2 from AP")
8579 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8580 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8581 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8582
8583 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8584 r_nonce)
8585 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8586
8587 logger.debug("Send WSC_NACK to AP")
8588 attrs = '\x10\x00\x00'
8589 nack = build_eap_wsc(2, msg['eap_identifier'], attrs, opcode=WSC_NACK)
8590 send_wsc_msg(hapd, addr, nack)
8591
8592 wps_wait_eap_failure(hapd, dev[0])
8593
8594 @remote_compatible
8595 def test_wps_ext_m2_nack_no_msg_type(dev, apdev):
8596 """WPS proto: M2 followed by NACK without Msg Type"""
8597 pin = "12345670"
8598 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8599 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8600 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8601
8602 logger.debug("Receive WSC/Start from AP")
8603 msg = get_wsc_msg(hapd)
8604 if msg['wsc_opcode'] != WSC_Start:
8605 raise Exception("Unexpected Op-Code for WSC/Start")
8606
8607 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8608 uuid_e = 16*'\x11'
8609 e_nonce = 16*'\x22'
8610 own_private, e_pk = wsc_dh_init()
8611
8612 logger.debug("Send M1 to AP")
8613 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8614 e_nonce, e_pk)
8615 send_wsc_msg(hapd, addr, m1)
8616
8617 logger.debug("Receive M2 from AP")
8618 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8619 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8620 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8621
8622 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8623 r_nonce)
8624 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8625
8626 logger.debug("Send WSC_NACK to AP")
8627 nack,attrs = build_nack(msg['eap_identifier'], e_nonce, r_nonce,
8628 msg_type=None, eap_code=2)
8629 send_wsc_msg(hapd, addr, nack)
8630
8631 wps_wait_eap_failure(hapd, dev[0])
8632
8633 @remote_compatible
8634 def test_wps_ext_m2_nack_invalid_msg_type(dev, apdev):
8635 """WPS proto: M2 followed by NACK with invalid Msg Type"""
8636 pin = "12345670"
8637 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8638 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8639 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8640
8641 logger.debug("Receive WSC/Start from AP")
8642 msg = get_wsc_msg(hapd)
8643 if msg['wsc_opcode'] != WSC_Start:
8644 raise Exception("Unexpected Op-Code for WSC/Start")
8645
8646 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8647 uuid_e = 16*'\x11'
8648 e_nonce = 16*'\x22'
8649 own_private, e_pk = wsc_dh_init()
8650
8651 logger.debug("Send M1 to AP")
8652 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8653 e_nonce, e_pk)
8654 send_wsc_msg(hapd, addr, m1)
8655
8656 logger.debug("Receive M2 from AP")
8657 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8658 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8659 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8660
8661 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8662 r_nonce)
8663 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8664
8665 logger.debug("Send WSC_NACK to AP")
8666 nack,attrs = build_nack(msg['eap_identifier'], e_nonce, r_nonce,
8667 msg_type=WPS_WSC_ACK, eap_code=2)
8668 send_wsc_msg(hapd, addr, nack)
8669
8670 wps_wait_eap_failure(hapd, dev[0])
8671
8672 @remote_compatible
8673 def test_wps_ext_m2_nack_e_nonce_mismatch(dev, apdev):
8674 """WPS proto: M2 followed by NACK with e-nonce mismatch"""
8675 pin = "12345670"
8676 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8677 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8678 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8679
8680 logger.debug("Receive WSC/Start from AP")
8681 msg = get_wsc_msg(hapd)
8682 if msg['wsc_opcode'] != WSC_Start:
8683 raise Exception("Unexpected Op-Code for WSC/Start")
8684
8685 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8686 uuid_e = 16*'\x11'
8687 e_nonce = 16*'\x22'
8688 own_private, e_pk = wsc_dh_init()
8689
8690 logger.debug("Send M1 to AP")
8691 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8692 e_nonce, e_pk)
8693 send_wsc_msg(hapd, addr, m1)
8694
8695 logger.debug("Receive M2 from AP")
8696 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8697 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8698 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8699
8700 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8701 r_nonce)
8702 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8703
8704 logger.debug("Send WSC_NACK to AP")
8705 nack,attrs = build_nack(msg['eap_identifier'], 16*'\x00', r_nonce,
8706 eap_code=2)
8707 send_wsc_msg(hapd, addr, nack)
8708
8709 wps_wait_eap_failure(hapd, dev[0])
8710
8711 @remote_compatible
8712 def test_wps_ext_m2_nack_no_config_error(dev, apdev):
8713 """WPS proto: M2 followed by NACK without Config Error"""
8714 pin = "12345670"
8715 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8716 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8717 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8718
8719 logger.debug("Receive WSC/Start from AP")
8720 msg = get_wsc_msg(hapd)
8721 if msg['wsc_opcode'] != WSC_Start:
8722 raise Exception("Unexpected Op-Code for WSC/Start")
8723
8724 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8725 uuid_e = 16*'\x11'
8726 e_nonce = 16*'\x22'
8727 own_private, e_pk = wsc_dh_init()
8728
8729 logger.debug("Send M1 to AP")
8730 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8731 e_nonce, e_pk)
8732 send_wsc_msg(hapd, addr, m1)
8733
8734 logger.debug("Receive M2 from AP")
8735 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8736 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8737 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8738
8739 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8740 r_nonce)
8741 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8742
8743 logger.debug("Send WSC_NACK to AP")
8744 nack,attrs = build_nack(msg['eap_identifier'], e_nonce, r_nonce,
8745 config_error=None, eap_code=2)
8746 send_wsc_msg(hapd, addr, nack)
8747
8748 wps_wait_eap_failure(hapd, dev[0])
8749
8750 @remote_compatible
8751 def test_wps_ext_m2_ack_invalid(dev, apdev):
8752 """WPS proto: M2 followed by invalid ACK"""
8753 pin = "12345670"
8754 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8755 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8756 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8757
8758 logger.debug("Receive WSC/Start from AP")
8759 msg = get_wsc_msg(hapd)
8760 if msg['wsc_opcode'] != WSC_Start:
8761 raise Exception("Unexpected Op-Code for WSC/Start")
8762
8763 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8764 uuid_e = 16*'\x11'
8765 e_nonce = 16*'\x22'
8766 own_private, e_pk = wsc_dh_init()
8767
8768 logger.debug("Send M1 to AP")
8769 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8770 e_nonce, e_pk)
8771 send_wsc_msg(hapd, addr, m1)
8772
8773 logger.debug("Receive M2 from AP")
8774 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8775 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8776 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8777
8778 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8779 r_nonce)
8780 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8781
8782 logger.debug("Send WSC_ACK to AP")
8783 attrs = '\x10\x00\x00'
8784 ack = build_eap_wsc(2, msg['eap_identifier'], attrs, opcode=WSC_ACK)
8785 send_wsc_msg(hapd, addr, ack)
8786
8787 wps_wait_eap_failure(hapd, dev[0])
8788
8789 @remote_compatible
8790 def test_wps_ext_m2_ack(dev, apdev):
8791 """WPS proto: M2 followed by ACK"""
8792 pin = "12345670"
8793 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8794 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8795 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8796
8797 logger.debug("Receive WSC/Start from AP")
8798 msg = get_wsc_msg(hapd)
8799 if msg['wsc_opcode'] != WSC_Start:
8800 raise Exception("Unexpected Op-Code for WSC/Start")
8801
8802 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8803 uuid_e = 16*'\x11'
8804 e_nonce = 16*'\x22'
8805 own_private, e_pk = wsc_dh_init()
8806
8807 logger.debug("Send M1 to AP")
8808 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8809 e_nonce, e_pk)
8810 send_wsc_msg(hapd, addr, m1)
8811
8812 logger.debug("Receive M2 from AP")
8813 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8814 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8815 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8816
8817 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8818 r_nonce)
8819 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8820
8821 logger.debug("Send WSC_ACK to AP")
8822 ack,attrs = build_ack(msg['eap_identifier'], e_nonce, r_nonce, eap_code=2)
8823 send_wsc_msg(hapd, addr, ack)
8824
8825 wps_wait_eap_failure(hapd, dev[0])
8826
8827 @remote_compatible
8828 def test_wps_ext_m2_ack_no_msg_type(dev, apdev):
8829 """WPS proto: M2 followed by ACK missing Msg Type"""
8830 pin = "12345670"
8831 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8832 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8833 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8834
8835 logger.debug("Receive WSC/Start from AP")
8836 msg = get_wsc_msg(hapd)
8837 if msg['wsc_opcode'] != WSC_Start:
8838 raise Exception("Unexpected Op-Code for WSC/Start")
8839
8840 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8841 uuid_e = 16*'\x11'
8842 e_nonce = 16*'\x22'
8843 own_private, e_pk = wsc_dh_init()
8844
8845 logger.debug("Send M1 to AP")
8846 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8847 e_nonce, e_pk)
8848 send_wsc_msg(hapd, addr, m1)
8849
8850 logger.debug("Receive M2 from AP")
8851 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8852 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8853 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8854
8855 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8856 r_nonce)
8857 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8858
8859 logger.debug("Send WSC_ACK to AP")
8860 ack,attrs = build_ack(msg['eap_identifier'], e_nonce, r_nonce,
8861 msg_type=None, eap_code=2)
8862 send_wsc_msg(hapd, addr, ack)
8863
8864 wps_wait_eap_failure(hapd, dev[0])
8865
8866 @remote_compatible
8867 def test_wps_ext_m2_ack_invalid_msg_type(dev, apdev):
8868 """WPS proto: M2 followed by ACK with invalid Msg Type"""
8869 pin = "12345670"
8870 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8871 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8872 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8873
8874 logger.debug("Receive WSC/Start from AP")
8875 msg = get_wsc_msg(hapd)
8876 if msg['wsc_opcode'] != WSC_Start:
8877 raise Exception("Unexpected Op-Code for WSC/Start")
8878
8879 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8880 uuid_e = 16*'\x11'
8881 e_nonce = 16*'\x22'
8882 own_private, e_pk = wsc_dh_init()
8883
8884 logger.debug("Send M1 to AP")
8885 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8886 e_nonce, e_pk)
8887 send_wsc_msg(hapd, addr, m1)
8888
8889 logger.debug("Receive M2 from AP")
8890 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8891 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8892 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8893
8894 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8895 r_nonce)
8896 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8897
8898 logger.debug("Send WSC_ACK to AP")
8899 ack,attrs = build_ack(msg['eap_identifier'], e_nonce, r_nonce,
8900 msg_type=WPS_WSC_NACK, eap_code=2)
8901 send_wsc_msg(hapd, addr, ack)
8902
8903 wps_wait_eap_failure(hapd, dev[0])
8904
8905 @remote_compatible
8906 def test_wps_ext_m2_ack_e_nonce_mismatch(dev, apdev):
8907 """WPS proto: M2 followed by ACK with e-nonce mismatch"""
8908 pin = "12345670"
8909 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8910 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8911 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8912
8913 logger.debug("Receive WSC/Start from AP")
8914 msg = get_wsc_msg(hapd)
8915 if msg['wsc_opcode'] != WSC_Start:
8916 raise Exception("Unexpected Op-Code for WSC/Start")
8917
8918 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8919 uuid_e = 16*'\x11'
8920 e_nonce = 16*'\x22'
8921 own_private, e_pk = wsc_dh_init()
8922
8923 logger.debug("Send M1 to AP")
8924 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
8925 e_nonce, e_pk)
8926 send_wsc_msg(hapd, addr, m1)
8927
8928 logger.debug("Receive M2 from AP")
8929 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
8930 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
8931 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
8932
8933 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
8934 r_nonce)
8935 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
8936
8937 logger.debug("Send WSC_ACK to AP")
8938 ack,attrs = build_ack(msg['eap_identifier'], 16*'\x00', r_nonce,
8939 eap_code=2)
8940 send_wsc_msg(hapd, addr, ack)
8941
8942 wps_wait_eap_failure(hapd, dev[0])
8943
8944 @remote_compatible
8945 def test_wps_ext_m1_invalid(dev, apdev):
8946 """WPS proto: M1 failing parsing"""
8947 pin = "12345670"
8948 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8949 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8950 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8951
8952 logger.debug("Receive WSC/Start from AP")
8953 msg = get_wsc_msg(hapd)
8954 if msg['wsc_opcode'] != WSC_Start:
8955 raise Exception("Unexpected Op-Code for WSC/Start")
8956
8957 logger.debug("Send M1 to AP")
8958 attrs = '\x10\x00\x00'
8959 m1 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8960 send_wsc_msg(hapd, addr, m1)
8961
8962 wps_wait_eap_failure(hapd, dev[0])
8963
8964 def test_wps_ext_m1_missing_msg_type(dev, apdev):
8965 """WPS proto: M1 missing Msg Type"""
8966 pin = "12345670"
8967 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8968 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8969 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8970
8971 logger.debug("Receive WSC/Start from AP")
8972 msg = get_wsc_msg(hapd)
8973 if msg['wsc_opcode'] != WSC_Start:
8974 raise Exception("Unexpected Op-Code for WSC/Start")
8975
8976 logger.debug("Send M1 to AP")
8977 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
8978 m1 = build_eap_wsc(2, msg['eap_identifier'], attrs)
8979 send_wsc_msg(hapd, addr, m1)
8980
8981 wps_wait_ap_nack(hapd, dev[0], 16*'\x00', 16*'\x00')
8982
8983 def wps_ext_wsc_done(dev, apdev):
8984 pin = "12345670"
8985 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
8986 wps_ext_eap_identity_req(dev[0], hapd, bssid)
8987 wps_ext_eap_identity_resp(hapd, dev[0], addr)
8988
8989 logger.debug("Receive WSC/Start from AP")
8990 msg = get_wsc_msg(hapd)
8991 if msg['wsc_opcode'] != WSC_Start:
8992 raise Exception("Unexpected Op-Code for WSC/Start")
8993
8994 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
8995 uuid_e = 16*'\x11'
8996 e_nonce = 16*'\x22'
8997 own_private, e_pk = wsc_dh_init()
8998
8999 logger.debug("Send M1 to AP")
9000 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
9001 e_nonce, e_pk)
9002 send_wsc_msg(hapd, addr, m1)
9003
9004 logger.debug("Receive M2 from AP")
9005 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
9006 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
9007 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
9008
9009 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
9010 r_nonce)
9011 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
9012
9013 logger.debug("Send M3 to AP")
9014 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
9015 attrs += build_attr_msg_type(WPS_M3)
9016 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9017 attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
9018 attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
9019 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
9020 raw_m3_attrs = attrs
9021 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
9022 send_wsc_msg(hapd, addr, m3)
9023
9024 logger.debug("Receive M4 from AP")
9025 msg, m4_attrs, raw_m4_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M4)
9026
9027 logger.debug("Send M5 to AP")
9028 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
9029 attrs += build_attr_msg_type(WPS_M5)
9030 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9031 data = build_wsc_attr(ATTR_E_SNONCE1, e_s1)
9032 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
9033 attrs += build_attr_authenticator(authkey, raw_m4_attrs, attrs)
9034 raw_m5_attrs = attrs
9035 m5 = build_eap_wsc(2, msg['eap_identifier'], attrs)
9036 send_wsc_msg(hapd, addr, m5)
9037
9038 logger.debug("Receive M6 from AP")
9039 msg, m6_attrs, raw_m6_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M6)
9040
9041 logger.debug("Send M7 to AP")
9042 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
9043 attrs += build_attr_msg_type(WPS_M7)
9044 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9045 data = build_wsc_attr(ATTR_E_SNONCE2, e_s2)
9046 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
9047 attrs += build_attr_authenticator(authkey, raw_m6_attrs, attrs)
9048 m7 = build_eap_wsc(2, msg['eap_identifier'], attrs)
9049 raw_m7_attrs = attrs
9050 send_wsc_msg(hapd, addr, m7)
9051
9052 logger.debug("Receive M8 from AP")
9053 msg, m8_attrs, raw_m8_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M8)
9054 return hapd, msg, e_nonce, r_nonce
9055
9056 @remote_compatible
9057 def test_wps_ext_wsc_done_invalid(dev, apdev):
9058 """WPS proto: invalid WSC_Done"""
9059 hapd, msg, e_nonce, r_nonce = wps_ext_wsc_done(dev, apdev)
9060
9061 logger.debug("Send WSC_Done to AP")
9062 attrs = '\x10\x00\x00'
9063 wsc_done = build_eap_wsc(2, msg['eap_identifier'], attrs, opcode=WSC_Done)
9064 send_wsc_msg(hapd, dev[0].own_addr(), wsc_done)
9065
9066 wps_wait_eap_failure(hapd, dev[0])
9067
9068 @remote_compatible
9069 def test_wps_ext_wsc_done_no_msg_type(dev, apdev):
9070 """WPS proto: invalid WSC_Done"""
9071 hapd, msg, e_nonce, r_nonce = wps_ext_wsc_done(dev, apdev)
9072
9073 logger.debug("Send WSC_Done to AP")
9074 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
9075 #attrs += build_attr_msg_type(WPS_WSC_DONE)
9076 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
9077 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9078 wsc_done = build_eap_wsc(2, msg['eap_identifier'], attrs, opcode=WSC_Done)
9079 send_wsc_msg(hapd, dev[0].own_addr(), wsc_done)
9080
9081 wps_wait_eap_failure(hapd, dev[0])
9082
9083 @remote_compatible
9084 def test_wps_ext_wsc_done_wrong_msg_type(dev, apdev):
9085 """WPS proto: WSC_Done with wrong Msg Type"""
9086 hapd, msg, e_nonce, r_nonce = wps_ext_wsc_done(dev, apdev)
9087
9088 logger.debug("Send WSC_Done to AP")
9089 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
9090 attrs += build_attr_msg_type(WPS_WSC_ACK)
9091 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
9092 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9093 wsc_done = build_eap_wsc(2, msg['eap_identifier'], attrs, opcode=WSC_Done)
9094 send_wsc_msg(hapd, dev[0].own_addr(), wsc_done)
9095
9096 wps_wait_eap_failure(hapd, dev[0])
9097
9098 @remote_compatible
9099 def test_wps_ext_wsc_done_no_e_nonce(dev, apdev):
9100 """WPS proto: WSC_Done without e_nonce"""
9101 hapd, msg, e_nonce, r_nonce = wps_ext_wsc_done(dev, apdev)
9102
9103 logger.debug("Send WSC_Done to AP")
9104 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
9105 attrs += build_attr_msg_type(WPS_WSC_DONE)
9106 #attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
9107 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9108 wsc_done = build_eap_wsc(2, msg['eap_identifier'], attrs, opcode=WSC_Done)
9109 send_wsc_msg(hapd, dev[0].own_addr(), wsc_done)
9110
9111 wps_wait_eap_failure(hapd, dev[0])
9112
9113 def test_wps_ext_wsc_done_no_r_nonce(dev, apdev):
9114 """WPS proto: WSC_Done without r_nonce"""
9115 hapd, msg, e_nonce, r_nonce = wps_ext_wsc_done(dev, apdev)
9116
9117 logger.debug("Send WSC_Done to AP")
9118 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
9119 attrs += build_attr_msg_type(WPS_WSC_DONE)
9120 attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
9121 #attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9122 wsc_done = build_eap_wsc(2, msg['eap_identifier'], attrs, opcode=WSC_Done)
9123 send_wsc_msg(hapd, dev[0].own_addr(), wsc_done)
9124
9125 wps_wait_eap_failure(hapd, dev[0])
9126
9127 @remote_compatible
9128 def test_wps_ext_m7_no_encr_settings(dev, apdev):
9129 """WPS proto: M7 without Encr Settings"""
9130 pin = "12345670"
9131 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
9132 wps_ext_eap_identity_req(dev[0], hapd, bssid)
9133 wps_ext_eap_identity_resp(hapd, dev[0], addr)
9134
9135 logger.debug("Receive WSC/Start from AP")
9136 msg = get_wsc_msg(hapd)
9137 if msg['wsc_opcode'] != WSC_Start:
9138 raise Exception("Unexpected Op-Code for WSC/Start")
9139
9140 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
9141 uuid_e = 16*'\x11'
9142 e_nonce = 16*'\x22'
9143 own_private, e_pk = wsc_dh_init()
9144
9145 logger.debug("Send M1 to AP")
9146 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
9147 e_nonce, e_pk)
9148 send_wsc_msg(hapd, addr, m1)
9149
9150 logger.debug("Receive M2 from AP")
9151 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
9152 r_nonce = m2_attrs[ATTR_REGISTRAR_NONCE]
9153 r_pk = m2_attrs[ATTR_PUBLIC_KEY]
9154
9155 authkey,keywrapkey = wsc_dh_kdf(r_pk, own_private, mac_addr, e_nonce,
9156 r_nonce)
9157 e_s1,e_s2,e_hash1,e_hash2 = wsc_dev_pw_hash(authkey, pin, e_pk, r_pk)
9158
9159 logger.debug("Send M3 to AP")
9160 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
9161 attrs += build_attr_msg_type(WPS_M3)
9162 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9163 attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
9164 attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
9165 attrs += build_attr_authenticator(authkey, raw_m2_attrs, attrs)
9166 raw_m3_attrs = attrs
9167 m3 = build_eap_wsc(2, msg['eap_identifier'], attrs)
9168 send_wsc_msg(hapd, addr, m3)
9169
9170 logger.debug("Receive M4 from AP")
9171 msg, m4_attrs, raw_m4_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M4)
9172
9173 logger.debug("Send M5 to AP")
9174 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
9175 attrs += build_attr_msg_type(WPS_M5)
9176 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9177 data = build_wsc_attr(ATTR_E_SNONCE1, e_s1)
9178 attrs += build_attr_encr_settings(authkey, keywrapkey, data)
9179 attrs += build_attr_authenticator(authkey, raw_m4_attrs, attrs)
9180 raw_m5_attrs = attrs
9181 m5 = build_eap_wsc(2, msg['eap_identifier'], attrs)
9182 send_wsc_msg(hapd, addr, m5)
9183
9184 logger.debug("Receive M6 from AP")
9185 msg, m6_attrs, raw_m6_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M6)
9186
9187 logger.debug("Send M7 to AP")
9188 attrs = build_wsc_attr(ATTR_VERSION, '\x10')
9189 attrs += build_attr_msg_type(WPS_M7)
9190 attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9191 #data = build_wsc_attr(ATTR_E_SNONCE2, e_s2)
9192 #attrs += build_attr_encr_settings(authkey, keywrapkey, data)
9193 attrs += build_attr_authenticator(authkey, raw_m6_attrs, attrs)
9194 m7 = build_eap_wsc(2, msg['eap_identifier'], attrs)
9195 raw_m7_attrs = attrs
9196 send_wsc_msg(hapd, addr, m7)
9197
9198 wps_wait_ap_nack(hapd, dev[0], e_nonce, r_nonce)
9199
9200 @remote_compatible
9201 def test_wps_ext_m1_workaround(dev, apdev):
9202 """WPS proto: M1 Manufacturer/Model workaround"""
9203 pin = "12345670"
9204 addr,bssid,hapd = wps_start_ext(apdev[0], dev[0], pin=pin)
9205 wps_ext_eap_identity_req(dev[0], hapd, bssid)
9206 wps_ext_eap_identity_resp(hapd, dev[0], addr)
9207
9208 logger.debug("Receive WSC/Start from AP")
9209 msg = get_wsc_msg(hapd)
9210 if msg['wsc_opcode'] != WSC_Start:
9211 raise Exception("Unexpected Op-Code for WSC/Start")
9212
9213 mac_addr = binascii.unhexlify(dev[0].own_addr().replace(':', ''))
9214 uuid_e = 16*'\x11'
9215 e_nonce = 16*'\x22'
9216 own_private, e_pk = wsc_dh_init()
9217
9218 logger.debug("Send M1 to AP")
9219 m1, raw_m1_attrs = build_m1(msg['eap_identifier'], uuid_e, mac_addr,
9220 e_nonce, e_pk, manufacturer='Apple TEST',
9221 model_name='AirPort', config_methods='\xff\xff')
9222 send_wsc_msg(hapd, addr, m1)
9223
9224 logger.debug("Receive M2 from AP")
9225 msg, m2_attrs, raw_m2_attrs = recv_wsc_msg(hapd, WSC_MSG, WPS_M2)
9226
9227 @remote_compatible
9228 def test_ap_wps_disable_enable(dev, apdev):
9229 """WPS and DISABLE/ENABLE AP"""
9230 hapd = wps_start_ap(apdev[0])
9231 hapd.disable()
9232 hapd.enable()
9233 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
9234
9235 def test_ap_wps_upnp_web_oom(dev, apdev, params):
9236 """hostapd WPS UPnP web OOM"""
9237 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9238 hapd = add_ssdp_ap(apdev[0], ap_uuid)
9239
9240 location = ssdp_get_location(ap_uuid)
9241 url = urlparse.urlparse(location)
9242 urls = upnp_get_urls(location)
9243 eventurl = urlparse.urlparse(urls['event_sub_url'])
9244 ctrlurl = urlparse.urlparse(urls['control_url'])
9245
9246 conn = httplib.HTTPConnection(url.netloc)
9247 with alloc_fail(hapd, 1, "web_connection_parse_get"):
9248 conn.request("GET", "/wps_device.xml")
9249 try:
9250 resp = conn.getresponse()
9251 except:
9252 pass
9253
9254 conn = httplib.HTTPConnection(url.netloc)
9255 conn.request("GET", "/unknown")
9256 resp = conn.getresponse()
9257 if resp.status != 404:
9258 raise Exception("Unexpected HTTP result for unknown URL: %d" + resp.status)
9259
9260 with alloc_fail(hapd, 1, "web_connection_parse_get"):
9261 conn.request("GET", "/unknown")
9262 try:
9263 resp = conn.getresponse()
9264 print resp.status
9265 except:
9266 pass
9267
9268 conn = httplib.HTTPConnection(url.netloc)
9269 conn.request("GET", "/wps_device.xml")
9270 resp = conn.getresponse()
9271 if resp.status != 200:
9272 raise Exception("GET /wps_device.xml failed")
9273
9274 conn = httplib.HTTPConnection(url.netloc)
9275 resp = upnp_soap_action(conn, ctrlurl.path, "GetDeviceInfo")
9276 if resp.status != 200:
9277 raise Exception("GetDeviceInfo failed")
9278
9279 with alloc_fail(hapd, 1, "web_process_get_device_info"):
9280 conn = httplib.HTTPConnection(url.netloc)
9281 resp = upnp_soap_action(conn, ctrlurl.path, "GetDeviceInfo")
9282 if resp.status != 500:
9283 raise Exception("Internal error not reported from GetDeviceInfo OOM")
9284
9285 with alloc_fail(hapd, 1, "wps_build_m1;web_process_get_device_info"):
9286 conn = httplib.HTTPConnection(url.netloc)
9287 resp = upnp_soap_action(conn, ctrlurl.path, "GetDeviceInfo")
9288 if resp.status != 500:
9289 raise Exception("Internal error not reported from GetDeviceInfo OOM")
9290
9291 with alloc_fail(hapd, 1, "wpabuf_alloc;web_connection_send_reply"):
9292 conn = httplib.HTTPConnection(url.netloc)
9293 try:
9294 resp = upnp_soap_action(conn, ctrlurl.path, "GetDeviceInfo")
9295 except:
9296 pass
9297
9298 conn = httplib.HTTPConnection(url.netloc)
9299 resp = upnp_soap_action(conn, ctrlurl.path, "GetDeviceInfo")
9300 if resp.status != 200:
9301 raise Exception("GetDeviceInfo failed")
9302
9303 # No NewWLANEventType in PutWLANResponse NewMessage
9304 conn = httplib.HTTPConnection(url.netloc)
9305 resp = upnp_soap_action(conn, ctrlurl.path, "PutWLANResponse", newmsg="foo")
9306 if resp.status != 600:
9307 raise Exception("Unexpected HTTP response: %d" % resp.status)
9308
9309 # No NewWLANEventMAC in PutWLANResponse NewMessage
9310 conn = httplib.HTTPConnection(url.netloc)
9311 resp = upnp_soap_action(conn, ctrlurl.path, "PutWLANResponse",
9312 newmsg="foo", neweventtype="1")
9313 if resp.status != 600:
9314 raise Exception("Unexpected HTTP response: %d" % resp.status)
9315
9316 # Invalid NewWLANEventMAC in PutWLANResponse NewMessage
9317 conn = httplib.HTTPConnection(url.netloc)
9318 resp = upnp_soap_action(conn, ctrlurl.path, "PutWLANResponse",
9319 newmsg="foo", neweventtype="1",
9320 neweventmac="foo")
9321 if resp.status != 600:
9322 raise Exception("Unexpected HTTP response: %d" % resp.status)
9323
9324 # Workaround for NewWLANEventMAC in PutWLANResponse NewMessage
9325 # Ignored unexpected PutWLANResponse WLANEventType 1
9326 conn = httplib.HTTPConnection(url.netloc)
9327 resp = upnp_soap_action(conn, ctrlurl.path, "PutWLANResponse",
9328 newmsg="foo", neweventtype="1",
9329 neweventmac="00.11.22.33.44.55")
9330 if resp.status != 500:
9331 raise Exception("Unexpected HTTP response: %d" % resp.status)
9332
9333 # PutWLANResponse NewMessage with invalid EAP message
9334 conn = httplib.HTTPConnection(url.netloc)
9335 resp = upnp_soap_action(conn, ctrlurl.path, "PutWLANResponse",
9336 newmsg="foo", neweventtype="2",
9337 neweventmac="00:11:22:33:44:55")
9338 if resp.status != 200:
9339 raise Exception("Unexpected HTTP response: %d" % resp.status)
9340
9341 with alloc_fail(hapd, 1, "web_connection_parse_subscribe"):
9342 conn = httplib.HTTPConnection(url.netloc)
9343 headers = { "callback": '<http://127.0.0.1:12345/event>',
9344 "NT": "upnp:event",
9345 "timeout": "Second-1234" }
9346 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
9347 try:
9348 resp = conn.getresponse()
9349 except:
9350 pass
9351
9352 with alloc_fail(hapd, 1, "dup_binstr;web_connection_parse_subscribe"):
9353 conn = httplib.HTTPConnection(url.netloc)
9354 headers = { "callback": '<http://127.0.0.1:12345/event>',
9355 "NT": "upnp:event",
9356 "timeout": "Second-1234" }
9357 conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
9358 resp = conn.getresponse()
9359 if resp.status != 500:
9360 raise Exception("Unexpected HTTP response: %d" % resp.status)
9361
9362 with alloc_fail(hapd, 1, "wpabuf_alloc;web_connection_parse_unsubscribe"):
9363 conn = httplib.HTTPConnection(url.netloc)
9364 headers = { "callback": '<http://127.0.0.1:12345/event>',
9365 "NT": "upnp:event",
9366 "timeout": "Second-1234" }
9367 conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
9368 try:
9369 resp = conn.getresponse()
9370 except:
9371 pass
9372
9373 with alloc_fail(hapd, 1, "web_connection_unimplemented"):
9374 conn = httplib.HTTPConnection(url.netloc)
9375 conn.request("HEAD", "/wps_device.xml")
9376 try:
9377 resp = conn.getresponse()
9378 except:
9379 pass
9380
9381 def test_ap_wps_frag_ack_oom(dev, apdev):
9382 """WPS and fragment ack OOM"""
9383 dev[0].request("SET wps_fragment_size 50")
9384 hapd = wps_start_ap(apdev[0])
9385 with alloc_fail(hapd, 1, "eap_wsc_build_frag_ack"):
9386 wps_run_pbc_fail_ap(apdev[0], dev[0], hapd)
9387
9388 def wait_scan_stopped(dev):
9389 dev.request("ABORT_SCAN")
9390 for i in range(50):
9391 res = dev.get_driver_status_field("scan_state")
9392 if "SCAN_STARTED" not in res and "SCAN_REQUESTED" not in res:
9393 break
9394 logger.debug("Waiting for scan to complete")
9395 time.sleep(0.1)
9396
9397 @remote_compatible
9398 def test_ap_wps_eap_wsc_errors(dev, apdev):
9399 """WPS and EAP-WSC error cases"""
9400 ssid = "test-wps-conf-pin"
9401 appin = "12345670"
9402 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
9403 "wpa_passphrase": "12345678", "wpa": "2",
9404 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9405 "fragment_size": "300", "ap_pin": appin }
9406 hapd = hostapd.add_ap(apdev[0], params)
9407 bssid = apdev[0]['bssid']
9408
9409 pin = dev[0].wps_read_pin()
9410 hapd.request("WPS_PIN any " + pin)
9411 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
9412 dev[0].dump_monitor()
9413
9414 dev[0].wps_reg(bssid, appin + " new_ssid=a", "new ssid", "WPA2PSK", "CCMP",
9415 "new passphrase", no_wait=True)
9416 ev = dev[0].wait_event(["WPS-FAIL"], timeout=10)
9417 if ev is None:
9418 raise Exception("WPS-FAIL not reported")
9419 dev[0].request("WPS_CANCEL")
9420 dev[0].wait_disconnected()
9421 wait_scan_stopped(dev[0])
9422 dev[0].dump_monitor()
9423
9424 dev[0].wps_reg(bssid, appin, "new ssid", "FOO", "CCMP",
9425 "new passphrase", no_wait=True)
9426 ev = dev[0].wait_event(["WPS-FAIL"], timeout=10)
9427 if ev is None:
9428 raise Exception("WPS-FAIL not reported")
9429 dev[0].request("WPS_CANCEL")
9430 dev[0].wait_disconnected()
9431 wait_scan_stopped(dev[0])
9432 dev[0].dump_monitor()
9433
9434 dev[0].wps_reg(bssid, appin, "new ssid", "WPA2PSK", "FOO",
9435 "new passphrase", no_wait=True)
9436 ev = dev[0].wait_event(["WPS-FAIL"], timeout=10)
9437 if ev is None:
9438 raise Exception("WPS-FAIL not reported")
9439 dev[0].request("WPS_CANCEL")
9440 dev[0].wait_disconnected()
9441 wait_scan_stopped(dev[0])
9442 dev[0].dump_monitor()
9443
9444 dev[0].wps_reg(bssid, appin + "new_key=a", "new ssid", "WPA2PSK", "CCMP",
9445 "new passphrase", no_wait=True)
9446 ev = dev[0].wait_event(["WPS-FAIL"], timeout=10)
9447 if ev is None:
9448 raise Exception("WPS-FAIL not reported")
9449 dev[0].request("WPS_CANCEL")
9450 dev[0].wait_disconnected()
9451 wait_scan_stopped(dev[0])
9452 dev[0].dump_monitor()
9453
9454 tests = [ "eap_wsc_init",
9455 "eap_msg_alloc;eap_wsc_build_msg",
9456 "wpabuf_alloc;eap_wsc_process_fragment" ]
9457 for func in tests:
9458 with alloc_fail(dev[0], 1, func):
9459 dev[0].request("WPS_PIN %s %s" % (bssid, pin))
9460 wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
9461 dev[0].request("WPS_CANCEL")
9462 dev[0].wait_disconnected()
9463 wait_scan_stopped(dev[0])
9464 dev[0].dump_monitor()
9465
9466 with alloc_fail(dev[0], 1, "eap_msg_alloc;eap_sm_build_expanded_nak"):
9467 dev[0].wps_reg(bssid, appin + " new_ssid=a", "new ssid", "WPA2PSK",
9468 "CCMP", "new passphrase", no_wait=True)
9469 wait_fail_trigger(dev[0], "GET_ALLOC_FAIL")
9470 dev[0].request("WPS_CANCEL")
9471 dev[0].wait_disconnected()
9472 wait_scan_stopped(dev[0])
9473 dev[0].dump_monitor()
9474
9475 def test_ap_wps_eap_wsc(dev, apdev):
9476 """WPS and EAP-WSC in network profile"""
9477 params = int_eap_server_params()
9478 params["wps_state"] = "2"
9479 hapd = hostapd.add_ap(apdev[0], params)
9480 bssid = apdev[0]['bssid']
9481
9482 logger.info("Unexpected identity")
9483 dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", scan_freq="2412",
9484 eap="WSC", identity="WFA-SimpleConfig-Enrollee-unexpected",
9485 wait_connect=False)
9486 ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=5)
9487 if ev is None:
9488 raise Exception("No EAP-Failure seen")
9489 dev[0].request("REMOVE_NETWORK all")
9490 dev[0].wait_disconnected()
9491
9492 logger.info("No phase1 parameter")
9493 dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", scan_freq="2412",
9494 eap="WSC", identity="WFA-SimpleConfig-Enrollee-1-0",
9495 wait_connect=False)
9496 ev = dev[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout=5)
9497 if ev is None:
9498 raise Exception("Timeout on EAP method start")
9499 ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=5)
9500 if ev is None:
9501 raise Exception("No EAP-Failure seen")
9502 dev[0].request("REMOVE_NETWORK all")
9503 dev[0].wait_disconnected()
9504
9505 logger.info("No PIN/PBC in phase1")
9506 dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", scan_freq="2412",
9507 eap="WSC", identity="WFA-SimpleConfig-Enrollee-1-0",
9508 phase1="foo", wait_connect=False)
9509 ev = dev[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout=5)
9510 if ev is None:
9511 raise Exception("Timeout on EAP method start")
9512 ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=5)
9513 if ev is None:
9514 raise Exception("No EAP-Failure seen")
9515 dev[0].request("REMOVE_NETWORK all")
9516 dev[0].wait_disconnected()
9517
9518 logger.info("Invalid pkhash in phase1")
9519 dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", scan_freq="2412",
9520 eap="WSC", identity="WFA-SimpleConfig-Enrollee-1-0",
9521 phase1="foo pkhash=q pbc=1", wait_connect=False)
9522 ev = dev[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout=5)
9523 if ev is None:
9524 raise Exception("Timeout on EAP method start")
9525 ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=5)
9526 if ev is None:
9527 raise Exception("No EAP-Failure seen")
9528 dev[0].request("REMOVE_NETWORK all")
9529 dev[0].wait_disconnected()
9530
9531 logger.info("Zero fragment_size")
9532 dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", scan_freq="2412",
9533 eap="WSC", identity="WFA-SimpleConfig-Enrollee-1-0",
9534 fragment_size="0", phase1="pin=12345670", wait_connect=False)
9535 ev = dev[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout=5)
9536 if ev is None:
9537 raise Exception("Timeout on EAP method start")
9538 ev = dev[0].wait_event(["WPS-M2D"], timeout=5)
9539 if ev is None:
9540 raise Exception("No M2D seen")
9541 ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=5)
9542 if ev is None:
9543 raise Exception("No EAP-Failure seen")
9544 dev[0].request("REMOVE_NETWORK all")
9545 dev[0].wait_disconnected()
9546
9547 logger.info("Missing new_auth")
9548 dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", scan_freq="2412",
9549 eap="WSC", identity="WFA-SimpleConfig-Enrollee-1-0",
9550 phase1="pin=12345670 new_ssid=aa", wait_connect=False)
9551 ev = dev[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout=5)
9552 if ev is None:
9553 raise Exception("Timeout on EAP method start")
9554 ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=5)
9555 if ev is None:
9556 raise Exception("No EAP-Failure seen")
9557 dev[0].request("REMOVE_NETWORK all")
9558 dev[0].wait_disconnected()
9559
9560 logger.info("Missing new_encr")
9561 dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", scan_freq="2412",
9562 eap="WSC", identity="WFA-SimpleConfig-Enrollee-1-0",
9563 phase1="pin=12345670 new_auth=WPA2PSK new_ssid=aa", wait_connect=False)
9564 ev = dev[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout=5)
9565 if ev is None:
9566 raise Exception("Timeout on EAP method start")
9567 ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=5)
9568 if ev is None:
9569 raise Exception("No EAP-Failure seen")
9570 dev[0].request("REMOVE_NETWORK all")
9571 dev[0].wait_disconnected()
9572
9573 logger.info("Missing new_key")
9574 dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", scan_freq="2412",
9575 eap="WSC", identity="WFA-SimpleConfig-Enrollee-1-0",
9576 phase1="pin=12345670 new_auth=WPA2PSK new_ssid=aa new_encr=CCMP",
9577 wait_connect=False)
9578 ev = dev[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout=5)
9579 if ev is None:
9580 raise Exception("Timeout on EAP method start")
9581 ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout=5)
9582 if ev is None:
9583 raise Exception("No EAP-Failure seen")
9584 dev[0].request("REMOVE_NETWORK all")
9585 dev[0].wait_disconnected()
9586
9587 def test_ap_wps_and_bss_limit(dev, apdev):
9588 """WPS and wpa_supplicant BSS entry limit"""
9589 try:
9590 _test_ap_wps_and_bss_limit(dev, apdev)
9591 finally:
9592 dev[0].request("SET bss_max_count 200")
9593 pass
9594
9595 def _test_ap_wps_and_bss_limit(dev, apdev):
9596 params = { "ssid": "test-wps", "eap_server": "1", "wps_state": "2",
9597 "wpa_passphrase": "12345678", "wpa": "2",
9598 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }
9599 hapd = hostapd.add_ap(apdev[0], params)
9600
9601 params = { "ssid": "test-wps-2", "eap_server": "1", "wps_state": "2",
9602 "wpa_passphrase": "1234567890", "wpa": "2",
9603 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }
9604 hapd2 = hostapd.add_ap(apdev[1], params)
9605
9606 id = dev[1].add_network()
9607 dev[1].set_network(id, "mode", "2")
9608 dev[1].set_network_quoted(id, "ssid", "wpas-ap-no-wps")
9609 dev[1].set_network_quoted(id, "psk", "12345678")
9610 dev[1].set_network(id, "frequency", "2462")
9611 dev[1].set_network(id, "scan_freq", "2462")
9612 dev[1].set_network(id, "wps_disabled", "1")
9613 dev[1].select_network(id)
9614
9615 id = dev[2].add_network()
9616 dev[2].set_network(id, "mode", "2")
9617 dev[2].set_network_quoted(id, "ssid", "wpas-ap")
9618 dev[2].set_network_quoted(id, "psk", "12345678")
9619 dev[2].set_network(id, "frequency", "2437")
9620 dev[2].set_network(id, "scan_freq", "2437")
9621 dev[2].select_network(id)
9622
9623 wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
9624 wpas.interface_add("wlan5")
9625 id = wpas.add_network()
9626 wpas.set_network(id, "mode", "2")
9627 wpas.set_network_quoted(id, "ssid", "wpas-ap")
9628 wpas.set_network_quoted(id, "psk", "12345678")
9629 wpas.set_network(id, "frequency", "2437")
9630 wpas.set_network(id, "scan_freq", "2437")
9631 wpas.select_network(id)
9632
9633 dev[1].wait_connected()
9634 dev[2].wait_connected()
9635 wpas.wait_connected()
9636 wpas.request("WPS_PIN any 12345670")
9637
9638 hapd.request("WPS_PBC")
9639 hapd2.request("WPS_PBC")
9640
9641 dev[0].request("SET bss_max_count 1")
9642
9643 id = dev[0].add_network()
9644 dev[0].set_network_quoted(id, "ssid", "testing")
9645
9646 id = dev[0].add_network()
9647 dev[0].set_network_quoted(id, "ssid", "testing")
9648 dev[0].set_network(id, "key_mgmt", "WPS")
9649
9650 dev[0].request("WPS_PBC")
9651 ev = dev[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout=10)
9652 dev[0].request("WPS_CANCEL")
9653
9654 id = dev[0].add_network()
9655 dev[0].set_network_quoted(id, "ssid", "testing")
9656 dev[0].set_network(id, "key_mgmt", "WPS")
9657
9658 dev[0].scan(freq="2412")
9659
9660 def test_ap_wps_pbc_2ap(dev, apdev):
9661 """WPS PBC with two APs advertising same SSID"""
9662 params = { "ssid": "wps", "eap_server": "1", "wps_state": "2",
9663 "wpa_passphrase": "12345678", "wpa": "2",
9664 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9665 "wps_independent": "1"}
9666 hapd = hostapd.add_ap(apdev[0], params)
9667 params = { "ssid": "wps", "eap_server": "1", "wps_state": "2",
9668 "wpa_passphrase": "123456789", "wpa": "2",
9669 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9670 "wps_independent": "1"}
9671 hapd2 = hostapd.add_ap(apdev[1], params)
9672 hapd.request("WPS_PBC")
9673
9674 wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
9675 wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
9676 wpas.dump_monitor()
9677
9678 wpas.scan_for_bss(apdev[0]['bssid'], freq="2412", force_scan=True)
9679 wpas.scan_for_bss(apdev[1]['bssid'], freq="2412")
9680 wpas.request("WPS_PBC")
9681 wpas.wait_connected()
9682 wpas.request("DISCONNECT")
9683 hapd.request("DISABLE")
9684 hapd2.request("DISABLE")
9685 wpas.flush_scan_cache()
9686
9687 def test_ap_wps_er_enrollee_to_conf_ap(dev, apdev):
9688 """WPS ER enrolling a new device to a configured AP"""
9689 try:
9690 _test_ap_wps_er_enrollee_to_conf_ap(dev, apdev)
9691 finally:
9692 dev[0].request("WPS_ER_STOP")
9693
9694 def _test_ap_wps_er_enrollee_to_conf_ap(dev, apdev):
9695 ssid = "wps-er-enrollee-to-conf-ap"
9696 ap_pin = "12345670"
9697 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9698 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
9699 "wpa_passphrase": "12345678", "wpa": "2",
9700 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9701 "device_name": "Wireless AP", "manufacturer": "Company",
9702 "model_name": "WAP", "model_number": "123",
9703 "serial_number": "12345", "device_type": "6-0050F204-1",
9704 "os_version": "01020300",
9705 "config_methods": "label push_button",
9706 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"}
9707 hapd = hostapd.add_ap(apdev[0], params)
9708 bssid = hapd.own_addr()
9709
9710 id = dev[0].connect(ssid, psk="12345678", scan_freq="2412")
9711 dev[0].dump_monitor()
9712
9713 dev[0].request("WPS_ER_START ifname=lo")
9714 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
9715 if ev is None:
9716 raise Exception("AP discovery timed out")
9717 if ap_uuid not in ev:
9718 raise Exception("Expected AP UUID not found")
9719
9720 pin = dev[2].wps_read_pin()
9721 addr2 = dev[2].own_addr()
9722 dev[0].dump_monitor()
9723 dev[2].scan_for_bss(bssid, freq=2412)
9724 dev[2].dump_monitor()
9725 dev[2].request("WPS_PIN %s %s" % (bssid, pin))
9726
9727 for i in range(3):
9728 ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=10)
9729 if ev is None:
9730 raise Exception("Enrollee not seen")
9731 if addr2 in ev:
9732 break
9733 if addr2 not in ev:
9734 raise Exception("Unexpected Enrollee MAC address")
9735 dev[0].dump_monitor()
9736
9737 dev[0].request("WPS_ER_SET_CONFIG " + ap_uuid + " " + str(id))
9738 dev[0].request("WPS_ER_PIN " + addr2 + " " + pin + " " + addr2)
9739 dev[2].wait_connected(timeout=30)
9740 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
9741 if ev is None:
9742 raise Exception("WPS ER did not report success")
9743
9744 def test_ap_wps_er_enrollee_to_conf_ap2(dev, apdev):
9745 """WPS ER enrolling a new device to a configured AP (2)"""
9746 try:
9747 _test_ap_wps_er_enrollee_to_conf_ap2(dev, apdev)
9748 finally:
9749 dev[0].request("WPS_ER_STOP")
9750
9751 def _test_ap_wps_er_enrollee_to_conf_ap2(dev, apdev):
9752 ssid = "wps-er-enrollee-to-conf-ap"
9753 ap_pin = "12345670"
9754 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9755 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
9756 "wpa_passphrase": "12345678", "wpa": "2",
9757 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9758 "device_name": "Wireless AP", "manufacturer": "Company",
9759 "model_name": "WAP", "model_number": "123",
9760 "serial_number": "12345", "device_type": "6-0050F204-1",
9761 "os_version": "01020300",
9762 "config_methods": "label push_button",
9763 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"}
9764 hapd = hostapd.add_ap(apdev[0], params)
9765 bssid = hapd.own_addr()
9766
9767 id = dev[0].connect(ssid, psk="12345678", scan_freq="2412")
9768 dev[0].dump_monitor()
9769
9770 dev[0].request("WPS_ER_START ifname=lo")
9771 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
9772 if ev is None:
9773 raise Exception("AP discovery timed out")
9774 if ap_uuid not in ev:
9775 raise Exception("Expected AP UUID not found")
9776
9777 dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
9778 ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15)
9779 if ev is None:
9780 raise Exception("AP learn timed out")
9781 if ap_uuid not in ev:
9782 raise Exception("Expected AP UUID not in settings")
9783 ev = dev[0].wait_event(["WPS-FAIL"], timeout=15)
9784 if ev is None:
9785 raise Exception("WPS-FAIL after AP learn timed out")
9786 time.sleep(0.1)
9787
9788 pin = dev[1].wps_read_pin()
9789 addr1 = dev[1].own_addr()
9790 dev[0].dump_monitor()
9791 dev[0].request("WPS_ER_PIN any " + pin)
9792 time.sleep(0.1)
9793 dev[1].scan_for_bss(bssid, freq=2412)
9794 dev[1].request("WPS_PIN any %s" % pin)
9795 ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=30)
9796 if ev is None:
9797 raise Exception("Enrollee did not report success")
9798 dev[1].wait_connected(timeout=15)
9799 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
9800 if ev is None:
9801 raise Exception("WPS ER did not report success")
9802
9803 def test_ap_wps_ignore_broadcast_ssid(dev, apdev):
9804 """WPS AP trying to ignore broadcast SSID"""
9805 ssid = "test-wps"
9806 hapd = hostapd.add_ap(apdev[0],
9807 { "ssid": ssid, "eap_server": "1", "wps_state": "1",
9808 "ignore_broadcast_ssid": "1" })
9809 if "FAIL" not in hapd.request("WPS_PBC"):
9810 raise Exception("WPS unexpectedly enabled")
9811
9812 def test_ap_wps_wep(dev, apdev):
9813 """WPS AP trying to enable WEP"""
9814 ssid = "test-wps"
9815 hapd = hostapd.add_ap(apdev[0],
9816 { "ssid": ssid, "eap_server": "1", "wps_state": "1",
9817 "ieee80211n": "0", "wep_key0": '"hello"' })
9818 if "FAIL" not in hapd.request("WPS_PBC"):
9819 raise Exception("WPS unexpectedly enabled")
9820
9821 def test_ap_wps_tkip(dev, apdev):
9822 """WPS AP trying to enable TKIP"""
9823 ssid = "test-wps"
9824 hapd = hostapd.add_ap(apdev[0],
9825 { "ssid": ssid, "eap_server": "1", "wps_state": "1",
9826 "ieee80211n": "0", "wpa": '1',
9827 "wpa_key_mgmt": "WPA-PSK",
9828 "wpa_passphrase": "12345678" })
9829 if "FAIL" not in hapd.request("WPS_PBC"):
9830 raise Exception("WPS unexpectedly enabled")
9831
9832 def test_ap_wps_conf_dummy_cred(dev, apdev):
9833 """WPS PIN provisioning with configured AP using dummy cred"""
9834 ssid = "test-wps-conf"
9835 hapd = hostapd.add_ap(apdev[0],
9836 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
9837 "wpa_passphrase": "12345678", "wpa": "2",
9838 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
9839 hapd.request("WPS_PIN any 12345670")
9840 dev[0].scan_for_bss(apdev[0]['bssid'], freq="2412")
9841 dev[0].dump_monitor()
9842 try:
9843 hapd.set("wps_testing_dummy_cred", "1")
9844 dev[0].request("WPS_PIN " + apdev[0]['bssid'] + " 12345670")
9845 for i in range(1, 3):
9846 ev = dev[0].wait_event(["WPS-CRED-RECEIVED"], timeout=15)
9847 if ev is None:
9848 raise Exception("WPS credential %d not received" % i)
9849 dev[0].wait_connected(timeout=30)
9850 finally:
9851 hapd.set("wps_testing_dummy_cred", "0")
9852
9853 def test_ap_wps_rf_bands(dev, apdev):
9854 """WPS and wps_rf_bands configuration"""
9855 ssid = "test-wps-conf"
9856 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
9857 "wpa_passphrase": "12345678", "wpa": "2",
9858 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9859 "wps_rf_bands": "ag" }
9860
9861 hapd = hostapd.add_ap(apdev[0], params)
9862 bssid = hapd.own_addr()
9863 hapd.request("WPS_PBC")
9864 dev[0].scan_for_bss(bssid, freq="2412")
9865 dev[0].dump_monitor()
9866 dev[0].request("WPS_PBC " + bssid)
9867 dev[0].wait_connected(timeout=30)
9868 bss = dev[0].get_bss(bssid)
9869 logger.info("BSS: " + str(bss))
9870 if "103c000103" not in bss['ie']:
9871 raise Exception("RF Bands attribute with expected values not found")
9872 dev[0].request("DISCONNECT")
9873 dev[0].wait_disconnected()
9874 hapd.set("wps_rf_bands", "ad")
9875 hapd.set("wps_rf_bands", "a")
9876 hapd.set("wps_rf_bands", "g")
9877 hapd.set("wps_rf_bands", "b")
9878 hapd.set("wps_rf_bands", "ga")
9879 hapd.disable()
9880 dev[0].dump_monitor()
9881 dev[0].flush_scan_cache()
9882
9883 def test_ap_wps_pbc_in_m1(dev, apdev):
9884 """WPS and pbc_in_m1"""
9885 ssid = "test-wps-conf"
9886 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
9887 "wpa_passphrase": "12345678", "wpa": "2",
9888 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9889 "config_methods": "virtual_push_button virtual_display",
9890 "pbc_in_m1": "1" }
9891
9892 hapd = hostapd.add_ap(apdev[0], params)
9893 bssid = hapd.own_addr()
9894 hapd.request("WPS_PBC")
9895 dev[0].scan_for_bss(bssid, freq="2412")
9896 dev[0].dump_monitor()
9897 dev[0].request("WPS_PBC " + bssid)
9898 dev[0].wait_connected(timeout=30)
9899 dev[0].request("DISCONNECT")
9900 dev[0].wait_disconnected()
9901 hapd.disable()
9902 dev[0].dump_monitor()
9903 dev[0].flush_scan_cache()
9904
9905 def test_ap_wps_pin_start_failure(dev, apdev):
9906 """WPS_PIN start failure"""
9907 with alloc_fail(dev[0], 1, "wpas_wps_start_dev_pw"):
9908 if "FAIL" not in dev[0].request("WPS_PIN any 12345670"):
9909 raise Exception("WPS_PIN not rejected during OOM")
9910 with alloc_fail(dev[0], 1, "wpas_wps_start_dev_pw"):
9911 if "FAIL" not in dev[0].request("WPS_PIN any"):
9912 raise Exception("WPS_PIN not rejected during OOM")
9913
9914 def test_ap_wps_ap_pin_failure(dev, apdev):
9915 """WPS_AP_PIN failure"""
9916 id = dev[0].add_network()
9917 dev[0].set_network(id, "mode", "2")
9918 dev[0].set_network_quoted(id, "ssid", "wpas-ap-wps")
9919 dev[0].set_network_quoted(id, "psk", "1234567890")
9920 dev[0].set_network(id, "frequency", "2412")
9921 dev[0].set_network(id, "scan_freq", "2412")
9922 dev[0].select_network(id)
9923 dev[0].wait_connected()
9924
9925 with fail_test(dev[0], 1,
9926 "os_get_random;wpa_supplicant_ctrl_iface_wps_ap_pin"):
9927 if "FAIL" not in dev[0].request("WPS_AP_PIN random"):
9928 raise Exception("WPS_AP_PIN random accepted")
9929 with alloc_fail(dev[0], 1, "wpas_wps_ap_pin_set"):
9930 if "FAIL" not in dev[0].request("WPS_AP_PIN set 12345670"):
9931 raise Exception("WPS_AP_PIN set accepted")
9932
9933 dev[0].request("DISCONNECT")
9934 dev[0].wait_disconnected()
9935
9936 def test_ap_wps_random_uuid(dev, apdev, params):
9937 """WPS and random UUID on Enrollee"""
9938 ssid = "test-wps-conf"
9939 hapd = hostapd.add_ap(apdev[0],
9940 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
9941 "wpa_passphrase": "12345678", "wpa": "2",
9942 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
9943
9944 config = os.path.join(params['logdir'], 'ap_wps_random_uuid.conf')
9945 with open(config, "w") as f:
9946 f.write("auto_uuid=1\n")
9947
9948 wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
9949
9950 uuid = []
9951 for i in range(3):
9952 wpas.interface_add("wlan5", config=config)
9953
9954 wpas.scan_for_bss(apdev[0]['bssid'], freq="2412")
9955 wpas.dump_monitor()
9956 wpas.request("WPS_PBC " + apdev[0]['bssid'])
9957
9958 ev = hapd.wait_event(["WPS-ENROLLEE-SEEN"], timeout=10)
9959 if ev is None:
9960 raise Exception("Enrollee not seen")
9961 uuid.append(ev.split(' ')[2])
9962 wpas.request("WPS_CANCEL")
9963 wpas.dump_monitor()
9964
9965 wpas.interface_remove("wlan5")
9966
9967 hapd.dump_monitor()
9968
9969 logger.info("Seen UUIDs: " + str(uuid))
9970 if uuid[0] == uuid[1] or uuid[0] == uuid[2] or uuid[1] == uuid[2]:
9971 raise Exception("Same UUID used multiple times")
Unnamed repository; edit this file 'description' to name the repository.