]> git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_wps.py
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tests: Verify selected registrar clearing on PIN method completion
[thirdparty/hostap.git] / tests / hwsim / test_ap_wps.py
1 #!/usr/bin/python
2 #
3 # WPS tests
4 # Copyright (c) 2013, Jouni Malinen <j@w1.fi>
5 #
6 # This software may be distributed under the terms of the BSD license.
7 # See README for more details.
8
9 import time
10 import subprocess
11 import logging
12 logger = logging.getLogger()
13
14 import hwsim_utils
15 import hostapd
16
17 def test_ap_wps_init(dev, apdev):
18 """Initial AP configuration with first WPS Enrollee"""
19 ssid = "test-wps"
20 hostapd.add_ap(apdev[0]['ifname'],
21 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
22 hapd = hostapd.Hostapd(apdev[0]['ifname'])
23 logger.info("WPS provisioning step")
24 hapd.request("WPS_PBC")
25 dev[0].request("SET ignore_old_scan_res 1")
26 dev[0].dump_monitor()
27 dev[0].request("WPS_PBC")
28 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
29 if ev is None:
30 raise Exception("Association with the AP timed out")
31 status = dev[0].get_status()
32 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
33 raise Exception("Not fully connected")
34 if status['ssid'] != ssid:
35 raise Exception("Unexpected SSID")
36 if status['pairwise_cipher'] != 'CCMP':
37 raise Exception("Unexpected encryption configuration")
38 if status['key_mgmt'] != 'WPA2-PSK':
39 raise Exception("Unexpected key_mgmt")
40
41 def test_ap_wps_conf(dev, apdev):
42 """WPS PBC provisioning with configured AP"""
43 ssid = "test-wps-conf"
44 hostapd.add_ap(apdev[0]['ifname'],
45 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
46 "wpa_passphrase": "12345678", "wpa": "2",
47 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
48 hapd = hostapd.Hostapd(apdev[0]['ifname'])
49 logger.info("WPS provisioning step")
50 hapd.request("WPS_PBC")
51 dev[0].dump_monitor()
52 dev[0].request("WPS_PBC")
53 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
54 if ev is None:
55 raise Exception("Association with the AP timed out")
56 status = dev[0].get_status()
57 if status['wpa_state'] != 'COMPLETED':
58 raise Exception("Not fully connected")
59 if status['bssid'] != apdev[0]['bssid']:
60 raise Exception("Unexpected BSSID")
61 if status['ssid'] != ssid:
62 raise Exception("Unexpected SSID")
63 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
64 raise Exception("Unexpected encryption configuration")
65 if status['key_mgmt'] != 'WPA2-PSK':
66 raise Exception("Unexpected key_mgmt")
67
68 def test_ap_wps_twice(dev, apdev):
69 """WPS provisioning with twice to change passphrase"""
70 ssid = "test-wps-twice"
71 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
72 "wpa_passphrase": "12345678", "wpa": "2",
73 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }
74 hostapd.add_ap(apdev[0]['ifname'], params)
75 hapd = hostapd.Hostapd(apdev[0]['ifname'])
76 logger.info("WPS provisioning step")
77 hapd.request("WPS_PBC")
78 dev[0].request("SET ignore_old_scan_res 1")
79 dev[0].dump_monitor()
80 dev[0].request("WPS_PBC")
81 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
82 if ev is None:
83 raise Exception("Association with the AP timed out")
84 dev[0].request("DISCONNECT")
85
86 logger.info("Restart AP with different passphrase and re-run WPS")
87 hapd_global = hostapd.HostapdGlobal()
88 hapd_global.remove(apdev[0]['ifname'])
89 params['wpa_passphrase'] = 'another passphrase'
90 hostapd.add_ap(apdev[0]['ifname'], params)
91 hapd = hostapd.Hostapd(apdev[0]['ifname'])
92 logger.info("WPS provisioning step")
93 hapd.request("WPS_PBC")
94 dev[0].dump_monitor()
95 dev[0].request("WPS_PBC")
96 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
97 if ev is None:
98 raise Exception("Association with the AP timed out")
99 networks = dev[0].list_networks()
100 if len(networks) > 1:
101 raise Exception("Unexpected duplicated network block present")
102
103 def test_ap_wps_incorrect_pin(dev, apdev):
104 """WPS PIN provisioning with incorrect PIN"""
105 ssid = "test-wps-incorrect-pin"
106 hostapd.add_ap(apdev[0]['ifname'],
107 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
108 "wpa_passphrase": "12345678", "wpa": "2",
109 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
110 hapd = hostapd.Hostapd(apdev[0]['ifname'])
111
112 logger.info("WPS provisioning attempt 1")
113 hapd.request("WPS_PIN any 12345670")
114 dev[0].request("SET ignore_old_scan_res 1")
115 dev[0].dump_monitor()
116 dev[0].request("WPS_PIN any 55554444")
117 ev = dev[0].wait_event(["WPS-FAIL"], timeout=30)
118 if ev is None:
119 raise Exception("WPS operation timed out")
120 if "config_error=18" not in ev:
121 raise Exception("Incorrect config_error reported")
122 if "msg=8" not in ev:
123 raise Exception("PIN error detected on incorrect message")
124 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
125 if ev is None:
126 raise Exception("Timeout on disconnection event")
127 dev[0].request("WPS_CANCEL")
128 # if a scan was in progress, wait for it to complete before trying WPS again
129 ev = dev[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
130
131 logger.info("WPS provisioning attempt 2")
132 hapd.request("WPS_PIN any 12345670")
133 dev[0].dump_monitor()
134 dev[0].request("WPS_PIN any 12344444")
135 ev = dev[0].wait_event(["WPS-FAIL"], timeout=30)
136 if ev is None:
137 raise Exception("WPS operation timed out")
138 if "config_error=18" not in ev:
139 raise Exception("Incorrect config_error reported")
140 if "msg=10" not in ev:
141 raise Exception("PIN error detected on incorrect message")
142 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
143 if ev is None:
144 raise Exception("Timeout on disconnection event")
145
146 def test_ap_wps_conf_pin(dev, apdev):
147 """WPS PIN provisioning with configured AP"""
148 ssid = "test-wps-conf-pin"
149 hostapd.add_ap(apdev[0]['ifname'],
150 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
151 "wpa_passphrase": "12345678", "wpa": "2",
152 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
153 hapd = hostapd.Hostapd(apdev[0]['ifname'])
154 logger.info("WPS provisioning step")
155 pin = dev[0].wps_read_pin()
156 hapd.request("WPS_PIN any " + pin)
157 dev[0].request("SET ignore_old_scan_res 1")
158 dev[0].dump_monitor()
159 dev[0].request("WPS_PIN any " + pin)
160 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
161 if ev is None:
162 raise Exception("Association with the AP timed out")
163 status = dev[0].get_status()
164 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
165 raise Exception("Not fully connected")
166 if status['ssid'] != ssid:
167 raise Exception("Unexpected SSID")
168 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
169 raise Exception("Unexpected encryption configuration")
170 if status['key_mgmt'] != 'WPA2-PSK':
171 raise Exception("Unexpected key_mgmt")
172
173 dev[1].request("SET ignore_old_scan_res 1")
174 dev[1].scan(freq="2412")
175 bss = dev[1].get_bss(apdev[0]['bssid'])
176 if "[WPS-AUTH]" in bss['flags']:
177 raise Exception("WPS-AUTH flag not cleared")
178
179 def test_ap_wps_reg_connect(dev, apdev):
180 """WPS registrar using AP PIN to connect"""
181 ssid = "test-wps-reg-ap-pin"
182 appin = "12345670"
183 hostapd.add_ap(apdev[0]['ifname'],
184 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
185 "wpa_passphrase": "12345678", "wpa": "2",
186 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
187 "ap_pin": appin})
188 logger.info("WPS provisioning step")
189 dev[0].request("SET ignore_old_scan_res 1")
190 dev[0].dump_monitor()
191 dev[0].wps_reg(apdev[0]['bssid'], appin)
192 status = dev[0].get_status()
193 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
194 raise Exception("Not fully connected")
195 if status['ssid'] != ssid:
196 raise Exception("Unexpected SSID")
197 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
198 raise Exception("Unexpected encryption configuration")
199 if status['key_mgmt'] != 'WPA2-PSK':
200 raise Exception("Unexpected key_mgmt")
201
202 def test_ap_wps_reg_config(dev, apdev):
203 """WPS registrar configuring and AP using AP PIN"""
204 ssid = "test-wps-init-ap-pin"
205 appin = "12345670"
206 hostapd.add_ap(apdev[0]['ifname'],
207 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
208 "ap_pin": appin})
209 logger.info("WPS configuration step")
210 dev[0].request("SET ignore_old_scan_res 1")
211 dev[0].dump_monitor()
212 new_ssid = "wps-new-ssid"
213 new_passphrase = "1234567890"
214 dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPA2PSK", "CCMP",
215 new_passphrase)
216 status = dev[0].get_status()
217 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
218 raise Exception("Not fully connected")
219 if status['ssid'] != new_ssid:
220 raise Exception("Unexpected SSID")
221 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
222 raise Exception("Unexpected encryption configuration")
223 if status['key_mgmt'] != 'WPA2-PSK':
224 raise Exception("Unexpected key_mgmt")
225
226 def test_ap_wps_reg_config_tkip(dev, apdev):
227 """WPS registrar configuring AP to use TKIP and AP upgrading to TKIP+CCMP"""
228 ssid = "test-wps-init-ap"
229 appin = "12345670"
230 hostapd.add_ap(apdev[0]['ifname'],
231 { "ssid": ssid, "eap_server": "1", "wps_state": "1",
232 "ap_pin": appin})
233 logger.info("WPS configuration step")
234 dev[0].request("SET ignore_old_scan_res 1")
235 dev[0].request("SET wps_version_number 0x10")
236 dev[0].dump_monitor()
237 new_ssid = "wps-new-ssid-with-tkip"
238 new_passphrase = "1234567890"
239 dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPAPSK", "TKIP",
240 new_passphrase)
241 logger.info("Re-connect to verify WPA2 mixed mode")
242 dev[0].request("DISCONNECT")
243 id = 0
244 dev[0].set_network(id, "pairwise", "CCMP")
245 dev[0].set_network(id, "proto", "RSN")
246 dev[0].connect_network(id)
247 status = dev[0].get_status()
248 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
249 raise Exception("Not fully connected")
250 if status['ssid'] != new_ssid:
251 raise Exception("Unexpected SSID")
252 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP':
253 raise Exception("Unexpected encryption configuration")
254 if status['key_mgmt'] != 'WPA2-PSK':
255 raise Exception("Unexpected key_mgmt")
256
257 def test_ap_wps_setup_locked(dev, apdev):
258 """WPS registrar locking up AP setup on AP PIN failures"""
259 ssid = "test-wps-incorrect-ap-pin"
260 appin = "12345670"
261 hostapd.add_ap(apdev[0]['ifname'],
262 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
263 "wpa_passphrase": "12345678", "wpa": "2",
264 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
265 "ap_pin": appin})
266 dev[0].request("SET ignore_old_scan_res 1")
267 new_ssid = "wps-new-ssid-test"
268 new_passphrase = "1234567890"
269
270 ap_setup_locked=False
271 for pin in ["55554444", "1234", "12345678", "00000000", "11111111"]:
272 dev[0].dump_monitor()
273 logger.info("Try incorrect AP PIN - attempt " + pin)
274 dev[0].wps_reg(apdev[0]['bssid'], pin, new_ssid, "WPA2PSK",
275 "CCMP", new_passphrase, no_wait=True)
276 ev = dev[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
277 if ev is None:
278 raise Exception("Timeout on receiving WPS operation failure event")
279 if "CTRL-EVENT-CONNECTED" in ev:
280 raise Exception("Unexpected connection")
281 if "config_error=15" in ev:
282 logger.info("AP Setup Locked")
283 ap_setup_locked=True
284 elif "config_error=18" not in ev:
285 raise Exception("config_error=18 not reported")
286 ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
287 if ev is None:
288 raise Exception("Timeout on disconnection event")
289 time.sleep(0.1)
290 if not ap_setup_locked:
291 raise Exception("AP setup was not locked")
292
293 time.sleep(0.5)
294 dev[0].dump_monitor()
295 logger.info("WPS provisioning step")
296 pin = dev[0].wps_read_pin()
297 hapd = hostapd.Hostapd(apdev[0]['ifname'])
298 hapd.request("WPS_PIN any " + pin)
299 dev[0].request("WPS_PIN any " + pin)
300 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=30)
301 if ev is None:
302 raise Exception("WPS success was not reported")
303 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
304 if ev is None:
305 raise Exception("Association with the AP timed out")
306
307 def test_ap_wps_pbc_overlap_2ap(dev, apdev):
308 """WPS PBC session overlap with two active APs"""
309 hostapd.add_ap(apdev[0]['ifname'],
310 { "ssid": "wps1", "eap_server": "1", "wps_state": "2",
311 "wpa_passphrase": "12345678", "wpa": "2",
312 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
313 "wps_independent": "1"})
314 hostapd.add_ap(apdev[1]['ifname'],
315 { "ssid": "wps2", "eap_server": "1", "wps_state": "2",
316 "wpa_passphrase": "123456789", "wpa": "2",
317 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
318 "wps_independent": "1"})
319 hapd = hostapd.Hostapd(apdev[0]['ifname'])
320 hapd.request("WPS_PBC")
321 hapd2 = hostapd.Hostapd(apdev[1]['ifname'])
322 hapd2.request("WPS_PBC")
323 logger.info("WPS provisioning step")
324 dev[0].dump_monitor()
325 dev[0].request("WPS_PBC")
326 ev = dev[0].wait_event(["WPS-OVERLAP-DETECTED"], timeout=15)
327 if ev is None:
328 raise Exception("PBC session overlap not detected")
329
330 def test_ap_wps_pbc_overlap_2sta(dev, apdev):
331 """WPS PBC session overlap with two active STAs"""
332 ssid = "test-wps-pbc-overlap"
333 hostapd.add_ap(apdev[0]['ifname'],
334 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
335 "wpa_passphrase": "12345678", "wpa": "2",
336 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
337 hapd = hostapd.Hostapd(apdev[0]['ifname'])
338 logger.info("WPS provisioning step")
339 hapd.request("WPS_PBC")
340 dev[0].request("SET ignore_old_scan_res 1")
341 dev[1].request("SET ignore_old_scan_res 1")
342 dev[0].dump_monitor()
343 dev[1].dump_monitor()
344 dev[0].request("WPS_PBC")
345 dev[1].request("WPS_PBC")
346 ev = dev[0].wait_event(["WPS-M2D"], timeout=15)
347 if ev is None:
348 raise Exception("PBC session overlap not detected (dev0)")
349 if "config_error=12" not in ev:
350 raise Exception("PBC session overlap not correctly reported (dev0)")
351 ev = dev[1].wait_event(["WPS-M2D"], timeout=15)
352 if ev is None:
353 raise Exception("PBC session overlap not detected (dev1)")
354 if "config_error=12" not in ev:
355 raise Exception("PBC session overlap not correctly reported (dev1)")
356
357 def test_ap_wps_cancel(dev, apdev):
358 """WPS AP cancelling enabled config method"""
359 ssid = "test-wps-ap-cancel"
360 hostapd.add_ap(apdev[0]['ifname'],
361 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
362 "wpa_passphrase": "12345678", "wpa": "2",
363 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
364 bssid = apdev[0]['bssid']
365 hapd = hostapd.Hostapd(apdev[0]['ifname'])
366
367 logger.info("Verify PBC enable/cancel")
368 hapd.request("WPS_PBC")
369 dev[0].request("SET ignore_old_scan_res 1")
370 dev[0].scan(freq="2412")
371 bss = dev[0].get_bss(apdev[0]['bssid'])
372 if "[WPS-PBC]" not in bss['flags']:
373 raise Exception("WPS-PBC flag missing")
374 if "FAIL" in hapd.request("WPS_CANCEL"):
375 raise Exception("WPS_CANCEL failed")
376 dev[0].scan(freq="2412")
377 bss = dev[0].get_bss(apdev[0]['bssid'])
378 if "[WPS-PBC]" in bss['flags']:
379 raise Exception("WPS-PBC flag not cleared")
380
381 logger.info("Verify PIN enable/cancel")
382 hapd.request("WPS_PIN any 12345670")
383 dev[0].scan(freq="2412")
384 bss = dev[0].get_bss(apdev[0]['bssid'])
385 if "[WPS-AUTH]" not in bss['flags']:
386 raise Exception("WPS-AUTH flag missing")
387 if "FAIL" in hapd.request("WPS_CANCEL"):
388 raise Exception("WPS_CANCEL failed")
389 dev[0].scan(freq="2412")
390 bss = dev[0].get_bss(apdev[0]['bssid'])
391 if "[WPS-AUTH]" in bss['flags']:
392 raise Exception("WPS-AUTH flag not cleared")
393
394 def test_ap_wps_er_add_enrollee(dev, apdev):
395 """WPS ER configuring AP and adding a new enrollee using PIN"""
396 ssid = "wps-er-add-enrollee"
397 ap_pin = "12345670"
398 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
399 hostapd.add_ap(apdev[0]['ifname'],
400 { "ssid": ssid, "eap_server": "1", "wps_state": "1",
401 "device_name": "Wireless AP", "manufacturer": "Company",
402 "model_name": "WAP", "model_number": "123",
403 "serial_number": "12345", "device_type": "6-0050F204-1",
404 "os_version": "01020300",
405 "config_methods": "label push_button",
406 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
407 logger.info("WPS configuration step")
408 new_passphrase = "1234567890"
409 dev[0].dump_monitor()
410 dev[0].request("SET ignore_old_scan_res 1")
411 dev[0].wps_reg(apdev[0]['bssid'], ap_pin, ssid, "WPA2PSK", "CCMP",
412 new_passphrase)
413 status = dev[0].get_status()
414 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
415 raise Exception("Not fully connected")
416 if status['ssid'] != ssid:
417 raise Exception("Unexpected SSID")
418 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
419 raise Exception("Unexpected encryption configuration")
420 if status['key_mgmt'] != 'WPA2-PSK':
421 raise Exception("Unexpected key_mgmt")
422
423 logger.info("Start ER")
424 dev[0].request("WPS_ER_START ifname=lo")
425 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
426 if ev is None:
427 raise Exception("AP discovery timed out")
428 if ap_uuid not in ev:
429 raise Exception("Expected AP UUID not found")
430
431 logger.info("Learn AP configuration through UPnP")
432 dev[0].dump_monitor()
433 dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
434 ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15)
435 if ev is None:
436 raise Exception("AP learn timed out")
437 if ap_uuid not in ev:
438 raise Exception("Expected AP UUID not in settings")
439 if "ssid=" + ssid not in ev:
440 raise Exception("Expected SSID not in settings")
441 if "key=" + new_passphrase not in ev:
442 raise Exception("Expected passphrase not in settings")
443
444 logger.info("Add Enrollee using ER")
445 pin = dev[1].wps_read_pin()
446 dev[0].dump_monitor()
447 dev[0].request("WPS_ER_PIN any " + pin + " " + dev[1].p2p_interface_addr())
448 dev[1].request("SET ignore_old_scan_res 1")
449 dev[1].dump_monitor()
450 dev[1].request("WPS_PIN any " + pin)
451 ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=30)
452 if ev is None:
453 raise Exception("Enrollee did not report success")
454 ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
455 if ev is None:
456 raise Exception("Association with the AP timed out")
457 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
458 if ev is None:
459 raise Exception("WPS ER did not report success")
460 hwsim_utils.test_connectivity_sta(dev[0], dev[1])
461
462 logger.info("Verify registrar selection behavior")
463 dev[0].request("WPS_ER_PIN any " + pin + " " + dev[1].p2p_interface_addr())
464 dev[1].request("DISCONNECT")
465 dev[1].wait_event(["CTRL-EVENT-DISCONNECTED"])
466 dev[1].scan(freq="2412")
467 bss = dev[1].get_bss(apdev[0]['bssid'])
468 if "[WPS-AUTH]" not in bss['flags']:
469 raise Exception("WPS-AUTH flag missing")
470
471 logger.info("Stop ER")
472 dev[0].dump_monitor()
473 dev[0].request("WPS_ER_STOP")
474 ev = dev[0].wait_event(["WPS-ER-AP-REMOVE"])
475 if ev is None:
476 raise Exception("WPS ER unsubscription timed out")
477
478 dev[1].scan(freq="2412")
479 bss = dev[1].get_bss(apdev[0]['bssid'])
480 if "[WPS-AUTH]" in bss['flags']:
481 raise Exception("WPS-AUTH flag not removed")
482
483 def test_ap_wps_er_add_enrollee_pbc(dev, apdev):
484 """WPS ER connected to AP and adding a new enrollee using PBC"""
485 ssid = "wps-er-add-enrollee-pbc"
486 ap_pin = "12345670"
487 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
488 hostapd.add_ap(apdev[0]['ifname'],
489 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
490 "wpa_passphrase": "12345678", "wpa": "2",
491 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
492 "device_name": "Wireless AP", "manufacturer": "Company",
493 "model_name": "WAP", "model_number": "123",
494 "serial_number": "12345", "device_type": "6-0050F204-1",
495 "os_version": "01020300",
496 "config_methods": "label push_button",
497 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
498 logger.info("Learn AP configuration")
499 dev[0].dump_monitor()
500 dev[0].request("SET ignore_old_scan_res 1")
501 dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
502 status = dev[0].get_status()
503 if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
504 raise Exception("Not fully connected")
505
506 logger.info("Start ER")
507 dev[0].request("WPS_ER_START ifname=lo")
508 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
509 if ev is None:
510 raise Exception("AP discovery timed out")
511 if ap_uuid not in ev:
512 raise Exception("Expected AP UUID not found")
513
514 logger.info("Use learned network configuration on ER")
515 dev[0].request("WPS_ER_SET_CONFIG " + ap_uuid + " 0")
516
517 logger.info("Add Enrollee using ER and PBC")
518 dev[0].dump_monitor()
519 enrollee = dev[1].p2p_interface_addr()
520 dev[1].request("SET ignore_old_scan_res 1")
521 dev[1].dump_monitor()
522 dev[1].request("WPS_PBC")
523
524 ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=15)
525 if ev is None:
526 raise Exception("Enrollee discovery timed out")
527 if enrollee not in ev:
528 raise Exception("Expected Enrollee not found")
529 dev[0].request("WPS_ER_PBC " + enrollee)
530
531 ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=15)
532 if ev is None:
533 raise Exception("Enrollee did not report success")
534 ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
535 if ev is None:
536 raise Exception("Association with the AP timed out")
537 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
538 if ev is None:
539 raise Exception("WPS ER did not report success")
540 hwsim_utils.test_connectivity_sta(dev[0], dev[1])
541
542 # verify BSSID selection of the AP instead of UUID
543 if "FAIL" in dev[0].request("WPS_ER_SET_CONFIG " + apdev[0]['bssid'] + " 0"):
544 raise Exception("Could not select AP based on BSSID")
545
546 def test_ap_wps_er_config_ap(dev, apdev):
547 """WPS ER configuring AP over UPnP"""
548 ssid = "wps-er-ap-config"
549 ap_pin = "12345670"
550 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
551 hostapd.add_ap(apdev[0]['ifname'],
552 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
553 "wpa_passphrase": "12345678", "wpa": "2",
554 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
555 "device_name": "Wireless AP", "manufacturer": "Company",
556 "model_name": "WAP", "model_number": "123",
557 "serial_number": "12345", "device_type": "6-0050F204-1",
558 "os_version": "01020300",
559 "config_methods": "label push_button",
560 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
561
562 logger.info("Connect ER to the AP")
563 dev[0].connect(ssid, psk="12345678", scan_freq="2412")
564
565 logger.info("WPS configuration step")
566 dev[0].request("WPS_ER_START ifname=lo")
567 ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
568 if ev is None:
569 raise Exception("AP discovery timed out")
570 if ap_uuid not in ev:
571 raise Exception("Expected AP UUID not found")
572 new_passphrase = "1234567890"
573 dev[0].request("WPS_ER_CONFIG " + apdev[0]['bssid'] + " " + ap_pin + " " +
574 ssid.encode("hex") + " WPA2PSK CCMP " +
575 new_passphrase.encode("hex"))
576 ev = dev[0].wait_event(["WPS-SUCCESS"])
577 if ev is None:
578 raise Exception("WPS ER configuration operation timed out")
579 dev[1].wait_event(["CTRL-EVENT-DISCONNECTED"])
580 dev[0].connect(ssid, psk="1234567890", scan_freq="2412")
581
582 def test_ap_wps_fragmentation(dev, apdev):
583 """WPS with fragmentation in EAP-WSC and mixed mode WPA+WPA2"""
584 ssid = "test-wps-fragmentation"
585 hostapd.add_ap(apdev[0]['ifname'],
586 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
587 "wpa_passphrase": "12345678", "wpa": "3",
588 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
589 "wpa_pairwise": "TKIP",
590 "fragment_size": "50" })
591 hapd = hostapd.Hostapd(apdev[0]['ifname'])
592 logger.info("WPS provisioning step")
593 hapd.request("WPS_PBC")
594 dev[0].request("SET ignore_old_scan_res 1")
595 dev[0].dump_monitor()
596 dev[0].request("SET wps_fragment_size 50")
597 dev[0].request("WPS_PBC")
598 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
599 if ev is None:
600 raise Exception("Association with the AP timed out")
601 status = dev[0].get_status()
602 if status['wpa_state'] != 'COMPLETED':
603 raise Exception("Not fully connected")
604 if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP':
605 raise Exception("Unexpected encryption configuration")
606 if status['key_mgmt'] != 'WPA2-PSK':
607 raise Exception("Unexpected key_mgmt")
608
609 def test_ap_wps_new_version_sta(dev, apdev):
610 """WPS compatibility with new version number on the station"""
611 ssid = "test-wps-ver"
612 hostapd.add_ap(apdev[0]['ifname'],
613 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
614 "wpa_passphrase": "12345678", "wpa": "2",
615 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
616 hapd = hostapd.Hostapd(apdev[0]['ifname'])
617 logger.info("WPS provisioning step")
618 hapd.request("WPS_PBC")
619 dev[0].request("SET ignore_old_scan_res 1")
620 dev[0].dump_monitor()
621 dev[0].request("SET wps_version_number 0x43")
622 dev[0].request("WPS_PBC")
623 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
624 if ev is None:
625 raise Exception("Association with the AP timed out")
626
627 def test_ap_wps_new_version_ap(dev, apdev):
628 """WPS compatibility with new version number on the AP"""
629 ssid = "test-wps-ver"
630 hostapd.add_ap(apdev[0]['ifname'],
631 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
632 "wpa_passphrase": "12345678", "wpa": "2",
633 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
634 hapd = hostapd.Hostapd(apdev[0]['ifname'])
635 logger.info("WPS provisioning step")
636 if "FAIL" in hapd.request("SET wps_version_number 0x43"):
637 raise Exception("Failed to enable test functionality")
638 hapd.request("WPS_PBC")
639 dev[0].request("SET ignore_old_scan_res 1")
640 dev[0].dump_monitor()
641 dev[0].request("WPS_PBC")
642 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
643 hapd.request("SET wps_version_number 0x20")
644 if ev is None:
645 raise Exception("Association with the AP timed out")
Unnamed repository; edit this file 'description' to name the repository.