]> git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_wps.py
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tests: Verify dual-radio WPS operations
[thirdparty/hostap.git] / tests / hwsim / test_ap_wps.py
1 #!/usr/bin/python
2 #
3 # WPS tests
4 # Copyright (c) 2013, Jouni Malinen <j@w1.fi>
5 #
6 # This software may be distributed under the terms of the BSD license.
7 # See README for more details.
8
9 import time
10 import subprocess
11 import logging
12 logger = logging.getLogger()
13
14 import hwsim_utils
15 import hostapd
16
17 def test_ap_wps_init(dev, apdev):
18 """Initial AP configuration with first WPS Enrollee"""
19 ssid = "test-wps"
20 hostapd.add_ap(apdev[0]['ifname'],
21 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
22 hapd = hostapd.Hostapd(apdev[0]['ifname'])
23 logger.info("WPS provisioning step")
24 hapd.request("WPS_PBC")
25 dev[0].request("SET ignore_old_scan_res 1")
26 dev[0].dump_monitor()
27 dev[0].request("WPS_PBC")
28 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
29 if ev is None:
30 raise Exception("Association with the AP timed out")
31 status = dev[0].get_status()
32 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
33 raise Exception("Not fully connected")
34 if status['ssid'] != ssid:
35 raise Exception("Unexpected SSID")
36 if status['pairwise_cipher'] != 'CCMP':
37 raise Exception("Unexpected encryption configuration")
38 if status['key_mgmt'] != 'WPA2-PSK':
39 raise Exception("Unexpected key_mgmt")
40
41 def test_ap_wps_init_2ap_pbc(dev, apdev):
42 """Initial two-radio AP configuration with first WPS PBC Enrollee"""
43 ssid = "test-wps"
44 params = { "ssid": ssid, "eap_server": "1", "wps_state": "1" }
45 hostapd.add_ap(apdev[0]['ifname'], params)
46 hostapd.add_ap(apdev[1]['ifname'], params)
47 hapd = hostapd.Hostapd(apdev[0]['ifname'])
48 logger.info("WPS provisioning step")
49 hapd.request("WPS_PBC")
50 dev[0].request("SET ignore_old_scan_res 1")
51 dev[0].scan(freq="2412")
52 bss = dev[0].get_bss(apdev[0]['bssid'])
53 if "[WPS-PBC]" not in bss['flags']:
54 raise Exception("WPS-PBC flag missing from AP1")
55 bss = dev[0].get_bss(apdev[1]['bssid'])
56 if "[WPS-PBC]" not in bss['flags']:
57 raise Exception("WPS-PBC flag missing from AP2")
58 dev[0].dump_monitor()
59 dev[0].request("WPS_PBC")
60 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
61 if ev is None:
62 raise Exception("Association with the AP timed out")
63
64 dev[1].request("SET ignore_old_scan_res 1")
65 dev[1].scan(freq="2412")
66 bss = dev[1].get_bss(apdev[0]['bssid'])
67 if "[WPS-PBC]" in bss['flags']:
68 raise Exception("WPS-PBC flag not cleared from AP1")
69 bss = dev[1].get_bss(apdev[1]['bssid'])
70 if "[WPS-PBC]" in bss['flags']:
71 raise Exception("WPS-PBC flag bit ckeared from AP2")
72
73 def test_ap_wps_init_2ap_pin(dev, apdev):
74 """Initial two-radio AP configuration with first WPS PIN Enrollee"""
75 ssid = "test-wps"
76 params = { "ssid": ssid, "eap_server": "1", "wps_state": "1" }
77 hostapd.add_ap(apdev[0]['ifname'], params)
78 hostapd.add_ap(apdev[1]['ifname'], params)
79 hapd = hostapd.Hostapd(apdev[0]['ifname'])
80 logger.info("WPS provisioning step")
81 pin = dev[0].wps_read_pin()
82 hapd.request("WPS_PIN any " + pin)
83 dev[0].request("SET ignore_old_scan_res 1")
84 dev[0].scan(freq="2412")
85 bss = dev[0].get_bss(apdev[0]['bssid'])
86 if "[WPS-AUTH]" not in bss['flags']:
87 raise Exception("WPS-AUTH flag missing from AP1")
88 bss = dev[0].get_bss(apdev[1]['bssid'])
89 if "[WPS-AUTH]" not in bss['flags']:
90 raise Exception("WPS-AUTH flag missing from AP2")
91 dev[0].dump_monitor()
92 dev[0].request("WPS_PIN any " + pin)
93 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
94 if ev is None:
95 raise Exception("Association with the AP timed out")
96
97 dev[1].request("SET ignore_old_scan_res 1")
98 dev[1].scan(freq="2412")
99 bss = dev[1].get_bss(apdev[0]['bssid'])
100 if "[WPS-AUTH]" in bss['flags']:
101 raise Exception("WPS-AUTH flag not cleared from AP1")
102 bss = dev[1].get_bss(apdev[1]['bssid'])
103 if "[WPS-AUTH]" in bss['flags']:
104 raise Exception("WPS-AUTH flag bit ckeared from AP2")
105
106 def test_ap_wps_conf(dev, apdev):
107 """WPS PBC provisioning with configured AP"""
108 ssid = "test-wps-conf"
109 hostapd.add_ap(apdev[0]['ifname'],
110 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
111 "wpa_passphrase": "12345678", "wpa": "2",
112 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
113 hapd = hostapd.Hostapd(apdev[0]['ifname'])
114 logger.info("WPS provisioning step")
115 hapd.request("WPS_PBC")
116 dev[0].dump_monitor()
117 dev[0].request("WPS_PBC")
118 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
119 if ev is None:
120 raise Exception("Association with the AP timed out")
121 status = dev[0].get_status()
122 if status['wpa_state'] != 'COMPLETED':
123 raise Exception("Not fully connected")
124 if status['bssid'] != apdev[0]['bssid']:
125 raise Exception("Unexpected BSSID")
126 if status['ssid'] != ssid:
127 raise Exception("Unexpected SSID")
128 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
129 raise Exception("Unexpected encryption configuration")
130 if status['key_mgmt'] != 'WPA2-PSK':
131 raise Exception("Unexpected key_mgmt")
132
133 def test_ap_wps_twice(dev, apdev):
134 """WPS provisioning with twice to change passphrase"""
135 ssid = "test-wps-twice"
136 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
137 "wpa_passphrase": "12345678", "wpa": "2",
138 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }
139 hostapd.add_ap(apdev[0]['ifname'], params)
140 hapd = hostapd.Hostapd(apdev[0]['ifname'])
141 logger.info("WPS provisioning step")
142 hapd.request("WPS_PBC")
143 dev[0].request("SET ignore_old_scan_res 1")
144 dev[0].dump_monitor()
145 dev[0].request("WPS_PBC")
146 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
147 if ev is None:
148 raise Exception("Association with the AP timed out")
149 dev[0].request("DISCONNECT")
150
151 logger.info("Restart AP with different passphrase and re-run WPS")
152 hapd_global = hostapd.HostapdGlobal()
153 hapd_global.remove(apdev[0]['ifname'])
154 params['wpa_passphrase'] = 'another passphrase'
155 hostapd.add_ap(apdev[0]['ifname'], params)
156 hapd = hostapd.Hostapd(apdev[0]['ifname'])
157 logger.info("WPS provisioning step")
158 hapd.request("WPS_PBC")
159 dev[0].dump_monitor()
160 dev[0].request("WPS_PBC")
161 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
162 if ev is None:
163 raise Exception("Association with the AP timed out")
164 networks = dev[0].list_networks()
165 if len(networks) > 1:
166 raise Exception("Unexpected duplicated network block present")
167
168 def test_ap_wps_incorrect_pin(dev, apdev):
169 """WPS PIN provisioning with incorrect PIN"""
170 ssid = "test-wps-incorrect-pin"
171 hostapd.add_ap(apdev[0]['ifname'],
172 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
173 "wpa_passphrase": "12345678", "wpa": "2",
174 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
175 hapd = hostapd.Hostapd(apdev[0]['ifname'])
176
177 logger.info("WPS provisioning attempt 1")
178 hapd.request("WPS_PIN any 12345670")
179 dev[0].request("SET ignore_old_scan_res 1")
180 dev[0].dump_monitor()
181 dev[0].request("WPS_PIN any 55554444")
182 ev = dev[0].wait_event(["WPS-FAIL"], timeout=30)
183 if ev is None:
184 raise Exception("WPS operation timed out")
185 if "config_error=18" not in ev:
186 raise Exception("Incorrect config_error reported")
187 if "msg=8" not in ev:
188 raise Exception("PIN error detected on incorrect message")
189 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
190 if ev is None:
191 raise Exception("Timeout on disconnection event")
192 dev[0].request("WPS_CANCEL")
193 # if a scan was in progress, wait for it to complete before trying WPS again
194 ev = dev[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
195
196 logger.info("WPS provisioning attempt 2")
197 hapd.request("WPS_PIN any 12345670")
198 dev[0].dump_monitor()
199 dev[0].request("WPS_PIN any 12344444")
200 ev = dev[0].wait_event(["WPS-FAIL"], timeout=30)
201 if ev is None:
202 raise Exception("WPS operation timed out")
203 if "config_error=18" not in ev:
204 raise Exception("Incorrect config_error reported")
205 if "msg=10" not in ev:
206 raise Exception("PIN error detected on incorrect message")
207 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
208 if ev is None:
209 raise Exception("Timeout on disconnection event")
210
211 def test_ap_wps_conf_pin(dev, apdev):
212 """WPS PIN provisioning with configured AP"""
213 ssid = "test-wps-conf-pin"
214 hostapd.add_ap(apdev[0]['ifname'],
215 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
216 "wpa_passphrase": "12345678", "wpa": "2",
217 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
218 hapd = hostapd.Hostapd(apdev[0]['ifname'])
219 logger.info("WPS provisioning step")
220 pin = dev[0].wps_read_pin()
221 hapd.request("WPS_PIN any " + pin)
222 dev[0].request("SET ignore_old_scan_res 1")
223 dev[0].dump_monitor()
224 dev[0].request("WPS_PIN any " + pin)
225 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
226 if ev is None:
227 raise Exception("Association with the AP timed out")
228 status = dev[0].get_status()
229 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
230 raise Exception("Not fully connected")
231 if status['ssid'] != ssid:
232 raise Exception("Unexpected SSID")
233 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
234 raise Exception("Unexpected encryption configuration")
235 if status['key_mgmt'] != 'WPA2-PSK':
236 raise Exception("Unexpected key_mgmt")
237
238 dev[1].request("SET ignore_old_scan_res 1")
239 dev[1].scan(freq="2412")
240 bss = dev[1].get_bss(apdev[0]['bssid'])
241 if "[WPS-AUTH]" in bss['flags']:
242 raise Exception("WPS-AUTH flag not cleared")
243 logger.info("Try to connect from another station using the same PIN")
244 dev[1].request("WPS_PIN any " + pin)
245 ev = dev[1].wait_event(["WPS-M2D","CTRL-EVENT-CONNECTED"], timeout=30)
246 if ev is None:
247 raise Exception("Operation timed out")
248 if "WPS-M2D" not in ev:
249 raise Exception("Unexpected WPS operation started")
250
251 def test_ap_wps_conf_pin_2sta(dev, apdev):
252 """Two stations trying to use WPS PIN at the same time"""
253 ssid = "test-wps-conf-pin2"
254 hostapd.add_ap(apdev[0]['ifname'],
255 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
256 "wpa_passphrase": "12345678", "wpa": "2",
257 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
258 hapd = hostapd.Hostapd(apdev[0]['ifname'])
259 logger.info("WPS provisioning step")
260 pin = "12345670"
261 pin2 = "55554444"
262 hapd.request("WPS_PIN " + dev[0].get_status_field("uuid") + " " + pin)
263 hapd.request("WPS_PIN " + dev[1].get_status_field("uuid") + " " + pin)
264 dev[0].request("SET ignore_old_scan_res 1")
265 dev[0].dump_monitor()
266 dev[1].request("SET ignore_old_scan_res 1")
267 dev[1].dump_monitor()
268 dev[0].request("WPS_PIN any " + pin)
269 dev[1].request("WPS_PIN any " + pin)
270 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
271 if ev is None:
272 raise Exception("Association with the AP timed out")
273 ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
274 if ev is None:
275 raise Exception("Association with the AP timed out")
276
277 def test_ap_wps_reg_connect(dev, apdev):
278 """WPS registrar using AP PIN to connect"""
279 ssid = "test-wps-reg-ap-pin"
280 appin = "12345670"
281 hostapd.add_ap(apdev[0]['ifname'],
282 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
283 "wpa_passphrase": "12345678", "wpa": "2",
284 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
285 "ap_pin": appin})
286 logger.info("WPS provisioning step")
287 dev[0].request("SET ignore_old_scan_res 1")
288 dev[0].dump_monitor()
289 dev[0].wps_reg(apdev[0]['bssid'], appin)
290 status = dev[0].get_status()
291 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
292 raise Exception("Not fully connected")
293 if status['ssid'] != ssid:
294 raise Exception("Unexpected SSID")
295 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
296 raise Exception("Unexpected encryption configuration")
297 if status['key_mgmt'] != 'WPA2-PSK':
298 raise Exception("Unexpected key_mgmt")
299
300 def test_ap_wps_random_ap_pin(dev, apdev):
301 """WPS registrar using random AP PIN"""
302 ssid = "test-wps-reg-random-ap-pin"
303 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
304 hostapd.add_ap(apdev[0]['ifname'],
305 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
306 "wpa_passphrase": "12345678", "wpa": "2",
307 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
308 "device_name": "Wireless AP", "manufacturer": "Company",
309 "model_name": "WAP", "model_number": "123",
310 "serial_number": "12345", "device_type": "6-0050F204-1",
311 "os_version": "01020300",
312 "config_methods": "label push_button",
313 "uuid": ap_uuid, "upnp_iface": "lo" })
314 hapd = hostapd.Hostapd(apdev[0]['ifname'])
315 appin = hapd.request("WPS_AP_PIN random")
316 if "FAIL" in appin:
317 raise Exception("Could not generate random AP PIN")
318 if appin not in hapd.request("WPS_AP_PIN get"):
319 raise Exception("Could not fetch current AP PIN")
320 logger.info("WPS provisioning step")
321 dev[0].request("SET ignore_old_scan_res 1")
322 dev[0].wps_reg(apdev[0]['bssid'], appin)
323
324 hapd.request("WPS_AP_PIN disable")
325 logger.info("WPS provisioning step with AP PIN disabled")
326 dev[1].request("SET ignore_old_scan_res 1")
327 dev[1].request("WPS_REG " + apdev[0]['bssid'] + " " + appin)
328 ev = dev[1].wait_event(["WPS-SUCCESS", "WPS-FAIL"], timeout=15)
329 if ev is None:
330 raise Exception("WPS operation timed out")
331 if "WPS-SUCCESS" in ev:
332 raise Exception("WPS operation succeeded unexpectedly")
333 if "config_error=15" not in ev:
334 raise Exception("WPS setup locked state was not reported correctly")
335
336 def test_ap_wps_reg_config(dev, apdev):
337 """WPS registrar configuring and AP using AP PIN"""
338 ssid = "test-wps-init-ap-pin"
339 appin = "12345670"
340 hostapd.add_ap(apdev[0]['ifname'],
341 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
342 "ap_pin": appin})
343 logger.info("WPS configuration step")
344 dev[0].request("SET ignore_old_scan_res 1")
345 dev[0].dump_monitor()
346 new_ssid = "wps-new-ssid"
347 new_passphrase = "1234567890"
348 dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPA2PSK", "CCMP",
349 new_passphrase)
350 status = dev[0].get_status()
351 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
352 raise Exception("Not fully connected")
353 if status['ssid'] != new_ssid:
354 raise Exception("Unexpected SSID")
355 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
356 raise Exception("Unexpected encryption configuration")
357 if status['key_mgmt'] != 'WPA2-PSK':
358 raise Exception("Unexpected key_mgmt")
359
360 def test_ap_wps_reg_config_tkip(dev, apdev):
361 """WPS registrar configuring AP to use TKIP and AP upgrading to TKIP+CCMP"""
362 ssid = "test-wps-init-ap"
363 appin = "12345670"
364 hostapd.add_ap(apdev[0]['ifname'],
365 { "ssid": ssid, "eap_server": "1", "wps_state": "1",
366 "ap_pin": appin})
367 logger.info("WPS configuration step")
368 dev[0].request("SET ignore_old_scan_res 1")
369 dev[0].request("SET wps_version_number 0x10")
370 dev[0].dump_monitor()
371 new_ssid = "wps-new-ssid-with-tkip"
372 new_passphrase = "1234567890"
373 dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPAPSK", "TKIP",
374 new_passphrase)
375 logger.info("Re-connect to verify WPA2 mixed mode")
376 dev[0].request("DISCONNECT")
377 id = 0
378 dev[0].set_network(id, "pairwise", "CCMP")
379 dev[0].set_network(id, "proto", "RSN")
380 dev[0].connect_network(id)
381 status = dev[0].get_status()
382 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
383 raise Exception("Not fully connected")
384 if status['ssid'] != new_ssid:
385 raise Exception("Unexpected SSID")
386 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP':
387 raise Exception("Unexpected encryption configuration")
388 if status['key_mgmt'] != 'WPA2-PSK':
389 raise Exception("Unexpected key_mgmt")
390
391 def test_ap_wps_setup_locked(dev, apdev):
392 """WPS registrar locking up AP setup on AP PIN failures"""
393 ssid = "test-wps-incorrect-ap-pin"
394 appin = "12345670"
395 hostapd.add_ap(apdev[0]['ifname'],
396 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
397 "wpa_passphrase": "12345678", "wpa": "2",
398 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
399 "ap_pin": appin})
400 dev[0].request("SET ignore_old_scan_res 1")
401 new_ssid = "wps-new-ssid-test"
402 new_passphrase = "1234567890"
403
404 ap_setup_locked=False
405 for pin in ["55554444", "1234", "12345678", "00000000", "11111111"]:
406 dev[0].dump_monitor()
407 logger.info("Try incorrect AP PIN - attempt " + pin)
408 dev[0].wps_reg(apdev[0]['bssid'], pin, new_ssid, "WPA2PSK",
409 "CCMP", new_passphrase, no_wait=True)
410 ev = dev[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
411 if ev is None:
412 raise Exception("Timeout on receiving WPS operation failure event")
413 if "CTRL-EVENT-CONNECTED" in ev:
414 raise Exception("Unexpected connection")
415 if "config_error=15" in ev:
416 logger.info("AP Setup Locked")
417 ap_setup_locked=True
418 elif "config_error=18" not in ev:
419 raise Exception("config_error=18 not reported")
420 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
421 if ev is None:
422 raise Exception("Timeout on disconnection event")
423 time.sleep(0.1)
424 if not ap_setup_locked:
425 raise Exception("AP setup was not locked")
426
427 time.sleep(0.5)
428 dev[0].dump_monitor()
429 logger.info("WPS provisioning step")
430 pin = dev[0].wps_read_pin()
431 hapd = hostapd.Hostapd(apdev[0]['ifname'])
432 hapd.request("WPS_PIN any " + pin)
433 dev[0].request("WPS_PIN any " + pin)
434 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=30)
435 if ev is None:
436 raise Exception("WPS success was not reported")
437 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
438 if ev is None:
439 raise Exception("Association with the AP timed out")
440
441 def test_ap_wps_pbc_overlap_2ap(dev, apdev):
442 """WPS PBC session overlap with two active APs"""
443 hostapd.add_ap(apdev[0]['ifname'],
444 { "ssid": "wps1", "eap_server": "1", "wps_state": "2",
445 "wpa_passphrase": "12345678", "wpa": "2",
446 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
447 "wps_independent": "1"})
448 hostapd.add_ap(apdev[1]['ifname'],
449 { "ssid": "wps2", "eap_server": "1", "wps_state": "2",
450 "wpa_passphrase": "123456789", "wpa": "2",
451 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
452 "wps_independent": "1"})
453 hapd = hostapd.Hostapd(apdev[0]['ifname'])
454 hapd.request("WPS_PBC")
455 hapd2 = hostapd.Hostapd(apdev[1]['ifname'])
456 hapd2.request("WPS_PBC")
457 logger.info("WPS provisioning step")
458 dev[0].dump_monitor()
459 dev[0].request("WPS_PBC")
460 ev = dev[0].wait_event(["WPS-OVERLAP-DETECTED"], timeout=15)
461 if ev is None:
462 raise Exception("PBC session overlap not detected")
463
464 def test_ap_wps_pbc_overlap_2sta(dev, apdev):
465 """WPS PBC session overlap with two active STAs"""
466 ssid = "test-wps-pbc-overlap"
467 hostapd.add_ap(apdev[0]['ifname'],
468 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
469 "wpa_passphrase": "12345678", "wpa": "2",
470 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
471 hapd = hostapd.Hostapd(apdev[0]['ifname'])
472 logger.info("WPS provisioning step")
473 hapd.request("WPS_PBC")
474 dev[0].request("SET ignore_old_scan_res 1")
475 dev[1].request("SET ignore_old_scan_res 1")
476 dev[0].dump_monitor()
477 dev[1].dump_monitor()
478 dev[0].request("WPS_PBC")
479 dev[1].request("WPS_PBC")
480 ev = dev[0].wait_event(["WPS-M2D"], timeout=15)
481 if ev is None:
482 raise Exception("PBC session overlap not detected (dev0)")
483 if "config_error=12" not in ev:
484 raise Exception("PBC session overlap not correctly reported (dev0)")
485 ev = dev[1].wait_event(["WPS-M2D"], timeout=15)
486 if ev is None:
487 raise Exception("PBC session overlap not detected (dev1)")
488 if "config_error=12" not in ev:
489 raise Exception("PBC session overlap not correctly reported (dev1)")
490
491 def test_ap_wps_cancel(dev, apdev):
492 """WPS AP cancelling enabled config method"""
493 ssid = "test-wps-ap-cancel"
494 hostapd.add_ap(apdev[0]['ifname'],
495 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
496 "wpa_passphrase": "12345678", "wpa": "2",
497 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
498 bssid = apdev[0]['bssid']
499 hapd = hostapd.Hostapd(apdev[0]['ifname'])
500
501 logger.info("Verify PBC enable/cancel")
502 hapd.request("WPS_PBC")
503 dev[0].request("SET ignore_old_scan_res 1")
504 dev[0].scan(freq="2412")
505 bss = dev[0].get_bss(apdev[0]['bssid'])
506 if "[WPS-PBC]" not in bss['flags']:
507 raise Exception("WPS-PBC flag missing")
508 if "FAIL" in hapd.request("WPS_CANCEL"):
509 raise Exception("WPS_CANCEL failed")
510 dev[0].scan(freq="2412")
511 bss = dev[0].get_bss(apdev[0]['bssid'])
512 if "[WPS-PBC]" in bss['flags']:
513 raise Exception("WPS-PBC flag not cleared")
514
515 logger.info("Verify PIN enable/cancel")
516 hapd.request("WPS_PIN any 12345670")
517 dev[0].scan(freq="2412")
518 bss = dev[0].get_bss(apdev[0]['bssid'])
519 if "[WPS-AUTH]" not in bss['flags']:
520 raise Exception("WPS-AUTH flag missing")
521 if "FAIL" in hapd.request("WPS_CANCEL"):
522 raise Exception("WPS_CANCEL failed")
523 dev[0].scan(freq="2412")
524 bss = dev[0].get_bss(apdev[0]['bssid'])
525 if "[WPS-AUTH]" in bss['flags']:
526 raise Exception("WPS-AUTH flag not cleared")
527
528 def test_ap_wps_er_add_enrollee(dev, apdev):
529 """WPS ER configuring AP and adding a new enrollee using PIN"""
530 ssid = "wps-er-add-enrollee"
531 ap_pin = "12345670"
532 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
533 hostapd.add_ap(apdev[0]['ifname'],
534 { "ssid": ssid, "eap_server": "1", "wps_state": "1",
535 "device_name": "Wireless AP", "manufacturer": "Company",
536 "model_name": "WAP", "model_number": "123",
537 "serial_number": "12345", "device_type": "6-0050F204-1",
538 "os_version": "01020300",
539 "config_methods": "label push_button",
540 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
541 logger.info("WPS configuration step")
542 new_passphrase = "1234567890"
543 dev[0].dump_monitor()
544 dev[0].request("SET ignore_old_scan_res 1")
545 dev[0].wps_reg(apdev[0]['bssid'], ap_pin, ssid, "WPA2PSK", "CCMP",
546 new_passphrase)
547 status = dev[0].get_status()
548 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
549 raise Exception("Not fully connected")
550 if status['ssid'] != ssid:
551 raise Exception("Unexpected SSID")
552 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
553 raise Exception("Unexpected encryption configuration")
554 if status['key_mgmt'] != 'WPA2-PSK':
555 raise Exception("Unexpected key_mgmt")
556
557 logger.info("Start ER")
558 dev[0].request("WPS_ER_START ifname=lo")
559 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
560 if ev is None:
561 raise Exception("AP discovery timed out")
562 if ap_uuid not in ev:
563 raise Exception("Expected AP UUID not found")
564
565 logger.info("Learn AP configuration through UPnP")
566 dev[0].dump_monitor()
567 dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
568 ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15)
569 if ev is None:
570 raise Exception("AP learn timed out")
571 if ap_uuid not in ev:
572 raise Exception("Expected AP UUID not in settings")
573 if "ssid=" + ssid not in ev:
574 raise Exception("Expected SSID not in settings")
575 if "key=" + new_passphrase not in ev:
576 raise Exception("Expected passphrase not in settings")
577
578 logger.info("Add Enrollee using ER")
579 pin = dev[1].wps_read_pin()
580 dev[0].dump_monitor()
581 dev[0].request("WPS_ER_PIN any " + pin + " " + dev[1].p2p_interface_addr())
582 dev[1].request("SET ignore_old_scan_res 1")
583 dev[1].dump_monitor()
584 dev[1].request("WPS_PIN any " + pin)
585 ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=30)
586 if ev is None:
587 raise Exception("Enrollee did not report success")
588 ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
589 if ev is None:
590 raise Exception("Association with the AP timed out")
591 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
592 if ev is None:
593 raise Exception("WPS ER did not report success")
594 hwsim_utils.test_connectivity_sta(dev[0], dev[1])
595
596 logger.info("Verify registrar selection behavior")
597 dev[0].request("WPS_ER_PIN any " + pin + " " + dev[1].p2p_interface_addr())
598 dev[1].request("DISCONNECT")
599 dev[1].wait_event(["CTRL-EVENT-DISCONNECTED"])
600 dev[1].scan(freq="2412")
601 bss = dev[1].get_bss(apdev[0]['bssid'])
602 if "[WPS-AUTH]" not in bss['flags']:
603 raise Exception("WPS-AUTH flag missing")
604
605 logger.info("Stop ER")
606 dev[0].dump_monitor()
607 dev[0].request("WPS_ER_STOP")
608 ev = dev[0].wait_event(["WPS-ER-AP-REMOVE"])
609 if ev is None:
610 raise Exception("WPS ER unsubscription timed out")
611
612 dev[1].scan(freq="2412")
613 bss = dev[1].get_bss(apdev[0]['bssid'])
614 if "[WPS-AUTH]" in bss['flags']:
615 raise Exception("WPS-AUTH flag not removed")
616
617 def test_ap_wps_er_add_enrollee_pbc(dev, apdev):
618 """WPS ER connected to AP and adding a new enrollee using PBC"""
619 ssid = "wps-er-add-enrollee-pbc"
620 ap_pin = "12345670"
621 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
622 hostapd.add_ap(apdev[0]['ifname'],
623 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
624 "wpa_passphrase": "12345678", "wpa": "2",
625 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
626 "device_name": "Wireless AP", "manufacturer": "Company",
627 "model_name": "WAP", "model_number": "123",
628 "serial_number": "12345", "device_type": "6-0050F204-1",
629 "os_version": "01020300",
630 "config_methods": "label push_button",
631 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
632 logger.info("Learn AP configuration")
633 dev[0].dump_monitor()
634 dev[0].request("SET ignore_old_scan_res 1")
635 dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
636 status = dev[0].get_status()
637 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
638 raise Exception("Not fully connected")
639
640 logger.info("Start ER")
641 dev[0].request("WPS_ER_START ifname=lo")
642 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
643 if ev is None:
644 raise Exception("AP discovery timed out")
645 if ap_uuid not in ev:
646 raise Exception("Expected AP UUID not found")
647
648 logger.info("Use learned network configuration on ER")
649 dev[0].request("WPS_ER_SET_CONFIG " + ap_uuid + " 0")
650
651 logger.info("Add Enrollee using ER and PBC")
652 dev[0].dump_monitor()
653 enrollee = dev[1].p2p_interface_addr()
654 dev[1].request("SET ignore_old_scan_res 1")
655 dev[1].dump_monitor()
656 dev[1].request("WPS_PBC")
657
658 ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=15)
659 if ev is None:
660 raise Exception("Enrollee discovery timed out")
661 if enrollee not in ev:
662 raise Exception("Expected Enrollee not found")
663 dev[0].request("WPS_ER_PBC " + enrollee)
664
665 ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=15)
666 if ev is None:
667 raise Exception("Enrollee did not report success")
668 ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
669 if ev is None:
670 raise Exception("Association with the AP timed out")
671 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
672 if ev is None:
673 raise Exception("WPS ER did not report success")
674 hwsim_utils.test_connectivity_sta(dev[0], dev[1])
675
676 # verify BSSID selection of the AP instead of UUID
677 if "FAIL" in dev[0].request("WPS_ER_SET_CONFIG " + apdev[0]['bssid'] + " 0"):
678 raise Exception("Could not select AP based on BSSID")
679
680 def test_ap_wps_er_config_ap(dev, apdev):
681 """WPS ER configuring AP over UPnP"""
682 ssid = "wps-er-ap-config"
683 ap_pin = "12345670"
684 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
685 hostapd.add_ap(apdev[0]['ifname'],
686 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
687 "wpa_passphrase": "12345678", "wpa": "2",
688 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
689 "device_name": "Wireless AP", "manufacturer": "Company",
690 "model_name": "WAP", "model_number": "123",
691 "serial_number": "12345", "device_type": "6-0050F204-1",
692 "os_version": "01020300",
693 "config_methods": "label push_button",
694 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
695
696 logger.info("Connect ER to the AP")
697 dev[0].connect(ssid, psk="12345678", scan_freq="2412")
698
699 logger.info("WPS configuration step")
700 dev[0].request("WPS_ER_START ifname=lo")
701 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
702 if ev is None:
703 raise Exception("AP discovery timed out")
704 if ap_uuid not in ev:
705 raise Exception("Expected AP UUID not found")
706 new_passphrase = "1234567890"
707 dev[0].request("WPS_ER_CONFIG " + apdev[0]['bssid'] + " " + ap_pin + " " +
708 ssid.encode("hex") + " WPA2PSK CCMP " +
709 new_passphrase.encode("hex"))
710 ev = dev[0].wait_event(["WPS-SUCCESS"])
711 if ev is None:
712 raise Exception("WPS ER configuration operation timed out")
713 dev[1].wait_event(["CTRL-EVENT-DISCONNECTED"])
714 dev[0].connect(ssid, psk="1234567890", scan_freq="2412")
715
716 def test_ap_wps_fragmentation(dev, apdev):
717 """WPS with fragmentation in EAP-WSC and mixed mode WPA+WPA2"""
718 ssid = "test-wps-fragmentation"
719 hostapd.add_ap(apdev[0]['ifname'],
720 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
721 "wpa_passphrase": "12345678", "wpa": "3",
722 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
723 "wpa_pairwise": "TKIP",
724 "fragment_size": "50" })
725 hapd = hostapd.Hostapd(apdev[0]['ifname'])
726 logger.info("WPS provisioning step")
727 hapd.request("WPS_PBC")
728 dev[0].request("SET ignore_old_scan_res 1")
729 dev[0].dump_monitor()
730 dev[0].request("SET wps_fragment_size 50")
731 dev[0].request("WPS_PBC")
732 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
733 if ev is None:
734 raise Exception("Association with the AP timed out")
735 status = dev[0].get_status()
736 if status['wpa_state'] != 'COMPLETED':
737 raise Exception("Not fully connected")
738 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP':
739 raise Exception("Unexpected encryption configuration")
740 if status['key_mgmt'] != 'WPA2-PSK':
741 raise Exception("Unexpected key_mgmt")
742
743 def test_ap_wps_new_version_sta(dev, apdev):
744 """WPS compatibility with new version number on the station"""
745 ssid = "test-wps-ver"
746 hostapd.add_ap(apdev[0]['ifname'],
747 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
748 "wpa_passphrase": "12345678", "wpa": "2",
749 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
750 hapd = hostapd.Hostapd(apdev[0]['ifname'])
751 logger.info("WPS provisioning step")
752 hapd.request("WPS_PBC")
753 dev[0].request("SET ignore_old_scan_res 1")
754 dev[0].dump_monitor()
755 dev[0].request("SET wps_version_number 0x43")
756 dev[0].request("WPS_PBC")
757 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
758 if ev is None:
759 raise Exception("Association with the AP timed out")
760
761 def test_ap_wps_new_version_ap(dev, apdev):
762 """WPS compatibility with new version number on the AP"""
763 ssid = "test-wps-ver"
764 hostapd.add_ap(apdev[0]['ifname'],
765 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
766 "wpa_passphrase": "12345678", "wpa": "2",
767 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
768 hapd = hostapd.Hostapd(apdev[0]['ifname'])
769 logger.info("WPS provisioning step")
770 if "FAIL" in hapd.request("SET wps_version_number 0x43"):
771 raise Exception("Failed to enable test functionality")
772 hapd.request("WPS_PBC")
773 dev[0].request("SET ignore_old_scan_res 1")
774 dev[0].dump_monitor()
775 dev[0].request("WPS_PBC")
776 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
777 hapd.request("SET wps_version_number 0x20")
778 if ev is None:
779 raise Exception("Association with the AP timed out")
Unnamed repository; edit this file 'description' to name the repository.