2 # Copyright (c) 2013-2017, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
7 from remotehost
import remote_compatible
8 from tshark
import run_tshark
11 from Crypto
.Cipher
import AES
20 logger
= logging
.getLogger()
25 from http
.client
import HTTPConnection
26 from urllib
.request
import urlopen
27 from urllib
.parse
import urlparse
, urljoin
28 from urllib
.error
import HTTPError
29 from io
import StringIO
30 from socketserver
import StreamRequestHandler
, TCPServer
32 from httplib
import HTTPConnection
33 from urllib
import urlopen
34 from urlparse
import urlparse
, urljoin
35 from urllib2
import build_opener
, ProxyHandler
, HTTPError
36 from StringIO
import StringIO
37 from SocketServer
import StreamRequestHandler
, TCPServer
39 import xml
.etree
.ElementTree
as ET
43 from wpasupplicant
import WpaSupplicant
44 from utils
import HwsimSkip
, alloc_fail
, fail_test
, skip_with_fips
45 from utils
import wait_fail_trigger
, clear_regdom
46 from test_ap_eap
import int_eap_server_params
47 from test_sae
import check_sae_capab
49 def wps_start_ap(apdev
, ssid
="test-wps-conf"):
50 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
51 "wpa_passphrase": "12345678", "wpa": "2",
52 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
53 return hostapd
.add_ap(apdev
, params
)
56 def test_ap_wps_init(dev
, apdev
):
57 """Initial AP configuration with first WPS Enrollee"""
59 hapd
= hostapd
.add_ap(apdev
[0],
60 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
61 logger
.info("WPS provisioning step")
62 hapd
.request("WPS_PBC")
63 if "PBC Status: Active" not in hapd
.request("WPS_GET_STATUS"):
64 raise Exception("PBC status not shown correctly")
66 id = dev
[0].add_network()
67 dev
[0].set_network_quoted(id, "ssid", "home")
68 dev
[0].set_network_quoted(id, "psk", "12345678")
69 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
71 id = dev
[0].add_network()
72 dev
[0].set_network_quoted(id, "ssid", "home2")
73 dev
[0].set_network(id, "bssid", "00:11:22:33:44:55")
74 dev
[0].set_network(id, "key_mgmt", "NONE")
75 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
77 dev
[0].request("WPS_PBC")
78 dev
[0].wait_connected(timeout
=30)
79 status
= dev
[0].get_status()
80 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
81 raise Exception("Not fully connected")
82 if status
['ssid'] != ssid
:
83 raise Exception("Unexpected SSID")
84 if status
['pairwise_cipher'] != 'CCMP':
85 raise Exception("Unexpected encryption configuration")
86 if status
['key_mgmt'] != 'WPA2-PSK':
87 raise Exception("Unexpected key_mgmt")
89 status
= hapd
.request("WPS_GET_STATUS")
90 if "PBC Status: Disabled" not in status
:
91 raise Exception("PBC status not shown correctly")
92 if "Last WPS result: Success" not in status
:
93 raise Exception("Last WPS result not shown correctly")
94 if "Peer Address: " + dev
[0].p2p_interface_addr() not in status
:
95 raise Exception("Peer address not shown correctly")
96 conf
= hapd
.request("GET_CONFIG")
97 if "wps_state=configured" not in conf
:
98 raise Exception("AP not in WPS configured state")
99 if "wpa=3" not in conf
:
100 raise Exception("AP not in WPA+WPA2 configuration")
101 if "rsn_pairwise_cipher=CCMP TKIP" not in conf
:
102 raise Exception("Unexpected rsn_pairwise_cipher")
103 if "wpa_pairwise_cipher=CCMP TKIP" not in conf
:
104 raise Exception("Unexpected wpa_pairwise_cipher")
105 if "group_cipher=TKIP" not in conf
:
106 raise Exception("Unexpected group_cipher")
108 if len(dev
[0].list_networks()) != 3:
109 raise Exception("Unexpected number of network blocks")
111 def test_ap_wps_init_2ap_pbc(dev
, apdev
):
112 """Initial two-radio AP configuration with first WPS PBC Enrollee"""
114 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "1"}
115 hapd
= hostapd
.add_ap(apdev
[0], params
)
116 hostapd
.add_ap(apdev
[1], params
)
117 logger
.info("WPS provisioning step")
118 hapd
.request("WPS_PBC")
119 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
120 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
121 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
122 if "[WPS-PBC]" not in bss
['flags']:
123 raise Exception("WPS-PBC flag missing from AP1")
124 bss
= dev
[0].get_bss(apdev
[1]['bssid'])
125 if "[WPS-PBC]" not in bss
['flags']:
126 raise Exception("WPS-PBC flag missing from AP2")
127 dev
[0].dump_monitor()
128 dev
[0].request("SET wps_cred_processing 2")
129 dev
[0].request("WPS_PBC")
130 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=30)
131 dev
[0].request("SET wps_cred_processing 0")
133 raise Exception("WPS cred event not seen")
135 raise Exception("WPS attributes not included in the cred event")
136 dev
[0].wait_connected(timeout
=30)
138 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
139 dev
[1].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
140 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
141 if "[WPS-PBC]" in bss
['flags']:
142 raise Exception("WPS-PBC flag not cleared from AP1")
143 bss
= dev
[1].get_bss(apdev
[1]['bssid'])
144 if "[WPS-PBC]" in bss
['flags']:
145 raise Exception("WPS-PBC flag not cleared from AP2")
147 def test_ap_wps_init_2ap_pin(dev
, apdev
):
148 """Initial two-radio AP configuration with first WPS PIN Enrollee"""
150 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "1"}
151 hapd
= hostapd
.add_ap(apdev
[0], params
)
152 hostapd
.add_ap(apdev
[1], params
)
153 logger
.info("WPS provisioning step")
154 pin
= dev
[0].wps_read_pin()
155 hapd
.request("WPS_PIN any " + pin
)
156 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
157 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
158 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
159 if "[WPS-AUTH]" not in bss
['flags']:
160 raise Exception("WPS-AUTH flag missing from AP1")
161 bss
= dev
[0].get_bss(apdev
[1]['bssid'])
162 if "[WPS-AUTH]" not in bss
['flags']:
163 raise Exception("WPS-AUTH flag missing from AP2")
164 dev
[0].dump_monitor()
165 dev
[0].request("WPS_PIN any " + pin
)
166 dev
[0].wait_connected(timeout
=30)
168 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
169 dev
[1].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
170 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
171 if "[WPS-AUTH]" in bss
['flags']:
172 raise Exception("WPS-AUTH flag not cleared from AP1")
173 bss
= dev
[1].get_bss(apdev
[1]['bssid'])
174 if "[WPS-AUTH]" in bss
['flags']:
175 raise Exception("WPS-AUTH flag not cleared from AP2")
178 def test_ap_wps_init_through_wps_config(dev
, apdev
):
179 """Initial AP configuration using wps_config command"""
180 ssid
= "test-wps-init-config"
181 hapd
= hostapd
.add_ap(apdev
[0],
182 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
183 if "FAIL" in hapd
.request("WPS_CONFIG " + binascii
.hexlify(ssid
.encode()).decode() + " WPA2PSK CCMP " + binascii
.hexlify(b
"12345678").decode()):
184 raise Exception("WPS_CONFIG command failed")
185 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=5)
187 raise Exception("Timeout on WPS-NEW-AP-SETTINGS events")
188 # It takes some time for the AP to update Beacon and Probe Response frames,
189 # so wait here before requesting the scan to be started to avoid adding
190 # extra five second wait to the test due to fetching obsolete scan results.
193 dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412", proto
="WPA2",
194 pairwise
="CCMP", group
="CCMP")
196 if "FAIL" not in hapd
.request("WPS_CONFIG foo"):
197 raise Exception("Invalid WPS_CONFIG accepted")
200 def test_ap_wps_init_through_wps_config_2(dev
, apdev
):
201 """AP configuration using wps_config and wps_cred_processing=2"""
202 ssid
= "test-wps-init-config"
203 hapd
= hostapd
.add_ap(apdev
[0],
204 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
205 "wps_cred_processing": "2"})
206 if "FAIL" in hapd
.request("WPS_CONFIG " + binascii
.hexlify(ssid
.encode()).decode() + " WPA2PSK CCMP " + binascii
.hexlify(b
"12345678").decode()):
207 raise Exception("WPS_CONFIG command failed")
208 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=5)
210 raise Exception("Timeout on WPS-NEW-AP-SETTINGS events")
212 raise Exception("WPS-NEW-AP-SETTINGS did not include Credential")
215 def test_ap_wps_invalid_wps_config_passphrase(dev
, apdev
):
216 """AP configuration using wps_config command with invalid passphrase"""
217 ssid
= "test-wps-init-config"
218 hapd
= hostapd
.add_ap(apdev
[0],
219 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
220 if "FAIL" not in hapd
.request("WPS_CONFIG " + binascii
.hexlify(ssid
.encode()).decode() + " WPA2PSK CCMP " + binascii
.hexlify(b
"1234567").decode()):
221 raise Exception("Invalid WPS_CONFIG command accepted")
223 def test_ap_wps_conf(dev
, apdev
):
224 """WPS PBC provisioning with configured AP"""
225 ssid
= "test-wps-conf"
226 hapd
= hostapd
.add_ap(apdev
[0],
227 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
228 "wpa_passphrase": "12345678", "wpa": "2",
229 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
230 logger
.info("WPS provisioning step")
231 hapd
.request("WPS_PBC")
232 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
233 dev
[0].dump_monitor()
234 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
235 dev
[0].wait_connected(timeout
=30)
236 status
= dev
[0].get_status()
237 if status
['wpa_state'] != 'COMPLETED':
238 raise Exception("Not fully connected")
239 if status
['bssid'] != apdev
[0]['bssid']:
240 raise Exception("Unexpected BSSID")
241 if status
['ssid'] != ssid
:
242 raise Exception("Unexpected SSID")
243 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
244 raise Exception("Unexpected encryption configuration")
245 if status
['key_mgmt'] != 'WPA2-PSK':
246 raise Exception("Unexpected key_mgmt")
248 sta
= hapd
.get_sta(dev
[0].p2p_interface_addr())
249 if 'wpsDeviceName' not in sta
or sta
['wpsDeviceName'] != "Device A":
250 raise Exception("Device name not available in STA command")
252 def test_ap_wps_conf_5ghz(dev
, apdev
):
253 """WPS PBC provisioning with configured AP on 5 GHz band"""
256 ssid
= "test-wps-conf"
257 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
258 "wpa_passphrase": "12345678", "wpa": "2",
259 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
260 "country_code": "FI", "hw_mode": "a", "channel": "36"}
261 hapd
= hostapd
.add_ap(apdev
[0], params
)
262 logger
.info("WPS provisioning step")
263 hapd
.request("WPS_PBC")
264 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="5180")
265 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
266 dev
[0].wait_connected(timeout
=30)
268 sta
= hapd
.get_sta(dev
[0].p2p_interface_addr())
269 if 'wpsDeviceName' not in sta
or sta
['wpsDeviceName'] != "Device A":
270 raise Exception("Device name not available in STA command")
272 dev
[0].request("DISCONNECT")
273 clear_regdom(hapd
, dev
)
275 def test_ap_wps_conf_chan14(dev
, apdev
):
276 """WPS PBC provisioning with configured AP on channel 14"""
279 ssid
= "test-wps-conf"
280 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
281 "wpa_passphrase": "12345678", "wpa": "2",
282 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
283 "country_code": "JP", "hw_mode": "b", "channel": "14"}
284 hapd
= hostapd
.add_ap(apdev
[0], params
)
285 logger
.info("WPS provisioning step")
286 hapd
.request("WPS_PBC")
287 dev
[0].request("WPS_PBC")
288 dev
[0].wait_connected(timeout
=30)
290 sta
= hapd
.get_sta(dev
[0].p2p_interface_addr())
291 if 'wpsDeviceName' not in sta
or sta
['wpsDeviceName'] != "Device A":
292 raise Exception("Device name not available in STA command")
294 dev
[0].request("DISCONNECT")
295 clear_regdom(hapd
, dev
)
298 def test_ap_wps_twice(dev
, apdev
):
299 """WPS provisioning with twice to change passphrase"""
300 ssid
= "test-wps-twice"
301 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
302 "wpa_passphrase": "12345678", "wpa": "2",
303 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
304 hapd
= hostapd
.add_ap(apdev
[0], params
)
305 logger
.info("WPS provisioning step")
306 hapd
.request("WPS_PBC")
307 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
308 dev
[0].dump_monitor()
309 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
310 dev
[0].wait_connected(timeout
=30)
311 dev
[0].request("DISCONNECT")
313 logger
.info("Restart AP with different passphrase and re-run WPS")
314 hostapd
.remove_bss(apdev
[0])
315 params
['wpa_passphrase'] = 'another passphrase'
316 hapd
= hostapd
.add_ap(apdev
[0], params
)
317 logger
.info("WPS provisioning step")
318 hapd
.request("WPS_PBC")
319 dev
[0].dump_monitor()
320 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
321 dev
[0].wait_connected(timeout
=30)
322 networks
= dev
[0].list_networks()
323 if len(networks
) > 1:
324 raise Exception("Unexpected duplicated network block present")
327 def test_ap_wps_incorrect_pin(dev
, apdev
):
328 """WPS PIN provisioning with incorrect PIN"""
329 ssid
= "test-wps-incorrect-pin"
330 hapd
= hostapd
.add_ap(apdev
[0],
331 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
332 "wpa_passphrase": "12345678", "wpa": "2",
333 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
335 logger
.info("WPS provisioning attempt 1")
336 hapd
.request("WPS_PIN any 12345670")
337 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
338 dev
[0].dump_monitor()
339 dev
[0].request("WPS_PIN %s 55554444" % apdev
[0]['bssid'])
340 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=30)
342 raise Exception("WPS operation timed out")
343 if "config_error=18" not in ev
:
344 raise Exception("Incorrect config_error reported")
345 if "msg=8" not in ev
:
346 raise Exception("PIN error detected on incorrect message")
347 dev
[0].wait_disconnected(timeout
=10)
348 dev
[0].request("WPS_CANCEL")
349 # if a scan was in progress, wait for it to complete before trying WPS again
350 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
352 status
= hapd
.request("WPS_GET_STATUS")
353 if "Last WPS result: Failed" not in status
:
354 raise Exception("WPS failure result not shown correctly")
356 logger
.info("WPS provisioning attempt 2")
357 hapd
.request("WPS_PIN any 12345670")
358 dev
[0].dump_monitor()
359 dev
[0].request("WPS_PIN %s 12344444" % apdev
[0]['bssid'])
360 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=30)
362 raise Exception("WPS operation timed out")
363 if "config_error=18" not in ev
:
364 raise Exception("Incorrect config_error reported")
365 if "msg=10" not in ev
:
366 raise Exception("PIN error detected on incorrect message")
367 dev
[0].wait_disconnected(timeout
=10)
370 def test_ap_wps_conf_pin(dev
, apdev
):
371 """WPS PIN provisioning with configured AP"""
372 ssid
= "test-wps-conf-pin"
373 hapd
= hostapd
.add_ap(apdev
[0],
374 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
375 "wpa_passphrase": "12345678", "wpa": "2",
376 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
377 logger
.info("WPS provisioning step")
378 pin
= dev
[0].wps_read_pin()
379 hapd
.request("WPS_PIN any " + pin
)
380 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
381 dev
[0].dump_monitor()
382 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
383 dev
[0].wait_connected(timeout
=30)
384 status
= dev
[0].get_status()
385 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
386 raise Exception("Not fully connected")
387 if status
['ssid'] != ssid
:
388 raise Exception("Unexpected SSID")
389 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
390 raise Exception("Unexpected encryption configuration")
391 if status
['key_mgmt'] != 'WPA2-PSK':
392 raise Exception("Unexpected key_mgmt")
394 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
395 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
396 if "[WPS-AUTH]" in bss
['flags']:
397 raise Exception("WPS-AUTH flag not cleared")
398 logger
.info("Try to connect from another station using the same PIN")
399 pin
= dev
[1].request("WPS_PIN " + apdev
[0]['bssid'])
400 ev
= dev
[1].wait_event(["WPS-M2D", "CTRL-EVENT-CONNECTED"], timeout
=30)
402 raise Exception("Operation timed out")
403 if "WPS-M2D" not in ev
:
404 raise Exception("Unexpected WPS operation started")
405 hapd
.request("WPS_PIN any " + pin
)
406 dev
[1].wait_connected(timeout
=30)
408 def test_ap_wps_conf_pin_mixed_mode(dev
, apdev
):
409 """WPS PIN provisioning with configured AP (WPA+WPA2)"""
410 ssid
= "test-wps-conf-pin-mixed"
411 hapd
= hostapd
.add_ap(apdev
[0],
412 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
413 "wpa_passphrase": "12345678", "wpa": "3",
414 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
415 "wpa_pairwise": "TKIP"})
417 logger
.info("WPS provisioning step")
418 pin
= dev
[0].wps_read_pin()
419 hapd
.request("WPS_PIN any " + pin
)
420 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
421 dev
[0].dump_monitor()
422 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
423 dev
[0].wait_connected(timeout
=30)
424 status
= dev
[0].get_status()
425 dev
[0].request("REMOVE_NETWORK all")
426 dev
[0].wait_disconnected()
427 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP' or status
['key_mgmt'] != 'WPA2-PSK':
428 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status
['pairwise_cipher'], status
['group_cipher'], status
['key_mgmt']))
430 logger
.info("WPS provisioning step (auth_types=0x1b)")
431 if "OK" not in dev
[0].request("SET wps_force_auth_types 0x1b"):
432 raise Exception("Failed to set wps_force_auth_types 0x1b")
433 pin
= dev
[0].wps_read_pin()
434 hapd
.request("WPS_PIN any " + pin
)
435 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
436 dev
[0].dump_monitor()
437 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
438 dev
[0].wait_connected(timeout
=30)
439 status
= dev
[0].get_status()
440 dev
[0].request("REMOVE_NETWORK all")
441 dev
[0].wait_disconnected()
442 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP' or status
['key_mgmt'] != 'WPA2-PSK':
443 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status
['pairwise_cipher'], status
['group_cipher'], status
['key_mgmt']))
445 logger
.info("WPS provisioning step (auth_types=0 encr_types=0)")
446 if "OK" not in dev
[0].request("SET wps_force_auth_types 0"):
447 raise Exception("Failed to set wps_force_auth_types 0")
448 if "OK" not in dev
[0].request("SET wps_force_encr_types 0"):
449 raise Exception("Failed to set wps_force_encr_types 0")
450 pin
= dev
[0].wps_read_pin()
451 hapd
.request("WPS_PIN any " + pin
)
452 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
453 dev
[0].dump_monitor()
454 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
455 dev
[0].wait_connected(timeout
=30)
456 status
= dev
[0].get_status()
457 dev
[0].request("REMOVE_NETWORK all")
458 dev
[0].wait_disconnected()
459 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP' or status
['key_mgmt'] != 'WPA2-PSK':
460 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status
['pairwise_cipher'], status
['group_cipher'], status
['key_mgmt']))
462 dev
[0].request("SET wps_force_auth_types ")
463 dev
[0].request("SET wps_force_encr_types ")
466 def test_ap_wps_conf_pin_v1(dev
, apdev
):
467 """WPS PIN provisioning with configured WPS v1.0 AP"""
468 ssid
= "test-wps-conf-pin-v1"
469 hapd
= hostapd
.add_ap(apdev
[0],
470 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
471 "wpa_passphrase": "12345678", "wpa": "2",
472 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
473 logger
.info("WPS provisioning step")
474 pin
= dev
[0].wps_read_pin()
475 hapd
.request("SET wps_version_number 0x10")
476 hapd
.request("WPS_PIN any " + pin
)
478 for i
in range(0, 10):
479 dev
[0].scan(freq
="2412")
480 if "[WPS-PIN]" in dev
[0].request("SCAN_RESULTS"):
484 hapd
.request("SET wps_version_number 0x20")
485 raise Exception("WPS-PIN flag not seen in scan results")
486 dev
[0].dump_monitor()
487 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
488 dev
[0].wait_connected(timeout
=30)
489 hapd
.request("SET wps_version_number 0x20")
492 def test_ap_wps_conf_pin_2sta(dev
, apdev
):
493 """Two stations trying to use WPS PIN at the same time"""
494 ssid
= "test-wps-conf-pin2"
495 hapd
= hostapd
.add_ap(apdev
[0],
496 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
497 "wpa_passphrase": "12345678", "wpa": "2",
498 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
499 logger
.info("WPS provisioning step")
502 hapd
.request("WPS_PIN " + dev
[0].get_status_field("uuid") + " " + pin
)
503 hapd
.request("WPS_PIN " + dev
[1].get_status_field("uuid") + " " + pin
)
504 dev
[0].dump_monitor()
505 dev
[1].dump_monitor()
506 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
507 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
508 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
509 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
510 dev
[0].wait_connected(timeout
=30)
511 dev
[1].wait_connected(timeout
=30)
514 def test_ap_wps_conf_pin_timeout(dev
, apdev
):
515 """WPS PIN provisioning with configured AP timing out PIN"""
516 ssid
= "test-wps-conf-pin"
517 hapd
= hostapd
.add_ap(apdev
[0],
518 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
519 "wpa_passphrase": "12345678", "wpa": "2",
520 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
521 addr
= dev
[0].p2p_interface_addr()
522 pin
= dev
[0].wps_read_pin()
523 if "FAIL" not in hapd
.request("WPS_PIN "):
524 raise Exception("Unexpected success on invalid WPS_PIN")
525 hapd
.request("WPS_PIN any " + pin
+ " 1")
526 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
528 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
529 ev
= hapd
.wait_event(["WPS-PIN-NEEDED"], timeout
=20)
531 raise Exception("WPS-PIN-NEEDED event timed out")
532 ev
= dev
[0].wait_event(["WPS-M2D"])
534 raise Exception("M2D not reported")
535 dev
[0].request("WPS_CANCEL")
537 hapd
.request("WPS_PIN any " + pin
+ " 20 " + addr
)
538 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
539 dev
[0].wait_connected(timeout
=30)
541 def test_ap_wps_reg_connect(dev
, apdev
):
542 """WPS registrar using AP PIN to connect"""
543 ssid
= "test-wps-reg-ap-pin"
545 hostapd
.add_ap(apdev
[0],
546 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
547 "wpa_passphrase": "12345678", "wpa": "2",
548 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
550 logger
.info("WPS provisioning step")
551 dev
[0].dump_monitor()
552 dev
[0].flush_scan_cache()
553 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
554 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
555 status
= dev
[0].get_status()
556 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
557 raise Exception("Not fully connected")
558 if status
['ssid'] != ssid
:
559 raise Exception("Unexpected SSID")
560 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
561 raise Exception("Unexpected encryption configuration")
562 if status
['key_mgmt'] != 'WPA2-PSK':
563 raise Exception("Unexpected key_mgmt")
565 def test_ap_wps_reg_connect_zero_len_ap_pin(dev
, apdev
):
566 """hostapd with zero length ap_pin parameter"""
567 ssid
= "test-wps-reg-ap-pin"
569 hostapd
.add_ap(apdev
[0],
570 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
571 "wpa_passphrase": "12345678", "wpa": "2",
572 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
574 logger
.info("WPS provisioning step")
575 dev
[0].dump_monitor()
576 dev
[0].flush_scan_cache()
577 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
578 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, no_wait
=True)
579 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
581 raise Exception("No WPS-FAIL reported")
582 if "msg=5 config_error=15" not in ev
:
583 raise Exception("Unexpected WPS-FAIL: " + ev
)
585 def test_ap_wps_reg_connect_mixed_mode(dev
, apdev
):
586 """WPS registrar using AP PIN to connect (WPA+WPA2)"""
587 ssid
= "test-wps-reg-ap-pin"
589 hostapd
.add_ap(apdev
[0],
590 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
591 "wpa_passphrase": "12345678", "wpa": "3",
592 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
593 "wpa_pairwise": "TKIP", "ap_pin": appin
})
594 dev
[0].flush_scan_cache()
595 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
596 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
597 status
= dev
[0].get_status()
598 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
599 raise Exception("Not fully connected")
600 if status
['ssid'] != ssid
:
601 raise Exception("Unexpected SSID")
602 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
603 raise Exception("Unexpected encryption configuration")
604 if status
['key_mgmt'] != 'WPA2-PSK':
605 raise Exception("Unexpected key_mgmt")
607 def test_ap_wps_reg_override_ap_settings(dev
, apdev
):
608 """WPS registrar and ap_settings override"""
609 ap_settings
= "/tmp/ap_wps_reg_override_ap_settings"
611 os
.remove(ap_settings
)
614 # Override AP Settings with values that point to another AP
615 data
= build_wsc_attr(ATTR_NETWORK_INDEX
, b
'\x01')
616 data
+= build_wsc_attr(ATTR_SSID
, b
"test")
617 data
+= build_wsc_attr(ATTR_AUTH_TYPE
, b
'\x00\x01')
618 data
+= build_wsc_attr(ATTR_ENCR_TYPE
, b
'\x00\x01')
619 data
+= build_wsc_attr(ATTR_NETWORK_KEY
, b
'')
620 data
+= build_wsc_attr(ATTR_MAC_ADDR
, binascii
.unhexlify(apdev
[1]['bssid'].replace(':', '')))
621 with
open(ap_settings
, "wb") as f
:
623 ssid
= "test-wps-reg-ap-pin"
625 hostapd
.add_ap(apdev
[0],
626 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
627 "wpa_passphrase": "12345678", "wpa": "2",
628 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
629 "ap_pin": appin
, "ap_settings": ap_settings
})
630 hapd2
= hostapd
.add_ap(apdev
[1], {"ssid": "test"})
631 dev
[0].flush_scan_cache()
632 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
633 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
=2412)
634 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
635 ev
= hapd2
.wait_event(['AP-STA-CONNECTED'], timeout
=10)
636 os
.remove(ap_settings
)
638 raise Exception("No connection with the other AP")
640 def check_wps_reg_failure(dev
, ap
, appin
):
641 dev
.request("WPS_REG " + ap
['bssid'] + " " + appin
)
642 ev
= dev
.wait_event(["WPS-SUCCESS", "WPS-FAIL"], timeout
=15)
644 raise Exception("WPS operation timed out")
645 if "WPS-SUCCESS" in ev
:
646 raise Exception("WPS operation succeeded unexpectedly")
647 if "config_error=15" not in ev
:
648 raise Exception("WPS setup locked state was not reported correctly")
650 def test_ap_wps_random_ap_pin(dev
, apdev
):
651 """WPS registrar using random AP PIN"""
652 ssid
= "test-wps-reg-random-ap-pin"
653 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
654 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
655 "wpa_passphrase": "12345678", "wpa": "2",
656 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
657 "device_name": "Wireless AP", "manufacturer": "Company",
658 "model_name": "WAP", "model_number": "123",
659 "serial_number": "12345", "device_type": "6-0050F204-1",
660 "os_version": "01020300",
661 "config_methods": "label push_button",
662 "uuid": ap_uuid
, "upnp_iface": "lo"}
663 hapd
= hostapd
.add_ap(apdev
[0], params
)
664 appin
= hapd
.request("WPS_AP_PIN random")
666 raise Exception("Could not generate random AP PIN")
667 if appin
not in hapd
.request("WPS_AP_PIN get"):
668 raise Exception("Could not fetch current AP PIN")
669 logger
.info("WPS provisioning step")
670 dev
[0].flush_scan_cache()
671 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
672 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
674 hapd
.request("WPS_AP_PIN disable")
675 logger
.info("WPS provisioning step with AP PIN disabled")
676 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
677 check_wps_reg_failure(dev
[1], apdev
[0], appin
)
679 logger
.info("WPS provisioning step with AP PIN reset")
681 hapd
.request("WPS_AP_PIN set " + appin
)
682 dev
[1].wps_reg(apdev
[0]['bssid'], appin
)
683 dev
[0].request("REMOVE_NETWORK all")
684 dev
[1].request("REMOVE_NETWORK all")
685 dev
[0].wait_disconnected(timeout
=10)
686 dev
[1].wait_disconnected(timeout
=10)
688 logger
.info("WPS provisioning step after AP PIN timeout")
689 hapd
.request("WPS_AP_PIN disable")
690 appin
= hapd
.request("WPS_AP_PIN random 1")
692 if "FAIL" not in hapd
.request("WPS_AP_PIN get"):
693 raise Exception("AP PIN unexpectedly still enabled")
694 check_wps_reg_failure(dev
[0], apdev
[0], appin
)
696 logger
.info("WPS provisioning step after AP PIN timeout(2)")
697 hapd
.request("WPS_AP_PIN disable")
699 hapd
.request("WPS_AP_PIN set " + appin
+ " 1")
701 if "FAIL" not in hapd
.request("WPS_AP_PIN get"):
702 raise Exception("AP PIN unexpectedly still enabled")
703 check_wps_reg_failure(dev
[1], apdev
[0], appin
)
705 with
fail_test(hapd
, 1, "os_get_random;wps_generate_pin"):
706 hapd
.request("WPS_AP_PIN random 1")
707 hapd
.request("WPS_AP_PIN disable")
709 with
alloc_fail(hapd
, 1, "upnp_wps_set_ap_pin"):
710 hapd
.request("WPS_AP_PIN set 12345670")
711 hapd
.request("WPS_AP_PIN disable")
713 if "FAIL" not in hapd
.request("WPS_AP_PIN set"):
714 raise Exception("Invalid WPS_AP_PIN accepted")
715 if "FAIL" not in hapd
.request("WPS_AP_PIN foo"):
716 raise Exception("Invalid WPS_AP_PIN accepted")
718 def test_ap_wps_reg_config(dev
, apdev
):
719 """WPS registrar configuring an AP using AP PIN"""
720 ssid
= "test-wps-init-ap-pin"
722 hostapd
.add_ap(apdev
[0],
723 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
725 logger
.info("WPS configuration step")
726 dev
[0].flush_scan_cache()
727 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
728 dev
[0].dump_monitor()
729 new_ssid
= "wps-new-ssid"
730 new_passphrase
= "1234567890"
731 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
733 status
= dev
[0].get_status()
734 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
735 raise Exception("Not fully connected")
736 if status
['ssid'] != new_ssid
:
737 raise Exception("Unexpected SSID")
738 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
739 raise Exception("Unexpected encryption configuration")
740 if status
['key_mgmt'] != 'WPA2-PSK':
741 raise Exception("Unexpected key_mgmt")
743 logger
.info("Re-configure back to open")
744 dev
[0].request("REMOVE_NETWORK all")
745 dev
[0].flush_scan_cache()
746 dev
[0].dump_monitor()
747 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, "wps-open", "OPEN", "NONE", "")
748 status
= dev
[0].get_status()
749 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
750 raise Exception("Not fully connected")
751 if status
['ssid'] != "wps-open":
752 raise Exception("Unexpected SSID")
753 if status
['key_mgmt'] != 'NONE':
754 raise Exception("Unexpected key_mgmt")
756 def test_ap_wps_reg_config_ext_processing(dev
, apdev
):
757 """WPS registrar configuring an AP with external config processing"""
758 ssid
= "test-wps-init-ap-pin"
760 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
761 "wps_cred_processing": "1", "ap_pin": appin
}
762 hapd
= hostapd
.add_ap(apdev
[0], params
)
763 dev
[0].flush_scan_cache()
764 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
765 new_ssid
= "wps-new-ssid"
766 new_passphrase
= "1234567890"
767 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
768 new_passphrase
, no_wait
=True)
769 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
771 raise Exception("WPS registrar operation timed out")
772 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=15)
774 raise Exception("WPS configuration timed out")
776 raise Exception("AP Settings missing from event")
777 hapd
.request("SET wps_cred_processing 0")
778 if "FAIL" in hapd
.request("WPS_CONFIG " + binascii
.hexlify(new_ssid
.encode()).decode() + " WPA2PSK CCMP " + binascii
.hexlify(new_passphrase
.encode()).decode()):
779 raise Exception("WPS_CONFIG command failed")
780 dev
[0].wait_connected(timeout
=15)
782 def test_ap_wps_reg_config_tkip(dev
, apdev
):
783 """WPS registrar configuring AP to use TKIP and AP upgrading to TKIP+CCMP"""
784 skip_with_fips(dev
[0])
785 ssid
= "test-wps-init-ap"
787 hostapd
.add_ap(apdev
[0],
788 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
790 logger
.info("WPS configuration step")
791 dev
[0].flush_scan_cache()
792 dev
[0].request("SET wps_version_number 0x10")
793 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
794 dev
[0].dump_monitor()
795 new_ssid
= "wps-new-ssid-with-tkip"
796 new_passphrase
= "1234567890"
797 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPAPSK", "TKIP",
799 logger
.info("Re-connect to verify WPA2 mixed mode")
800 dev
[0].request("DISCONNECT")
802 dev
[0].set_network(id, "pairwise", "CCMP")
803 dev
[0].set_network(id, "proto", "RSN")
804 dev
[0].connect_network(id)
805 status
= dev
[0].get_status()
806 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
807 raise Exception("Not fully connected: wpa_state={} bssid={}".format(status
['wpa_state'], status
['bssid']))
808 if status
['ssid'] != new_ssid
:
809 raise Exception("Unexpected SSID")
810 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
811 raise Exception("Unexpected encryption configuration")
812 if status
['key_mgmt'] != 'WPA2-PSK':
813 raise Exception("Unexpected key_mgmt")
815 def test_ap_wps_setup_locked(dev
, apdev
):
816 """WPS registrar locking up AP setup on AP PIN failures"""
817 ssid
= "test-wps-incorrect-ap-pin"
819 hapd
= hostapd
.add_ap(apdev
[0],
820 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
821 "wpa_passphrase": "12345678", "wpa": "2",
822 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
824 new_ssid
= "wps-new-ssid-test"
825 new_passphrase
= "1234567890"
827 dev
[0].flush_scan_cache()
828 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
829 ap_setup_locked
= False
830 for pin
in ["55554444", "1234", "12345678", "00000000", "11111111"]:
831 dev
[0].dump_monitor()
832 logger
.info("Try incorrect AP PIN - attempt " + pin
)
833 dev
[0].wps_reg(apdev
[0]['bssid'], pin
, new_ssid
, "WPA2PSK",
834 "CCMP", new_passphrase
, no_wait
=True)
835 ev
= dev
[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
837 raise Exception("Timeout on receiving WPS operation failure event")
838 if "CTRL-EVENT-CONNECTED" in ev
:
839 raise Exception("Unexpected connection")
840 if "config_error=15" in ev
:
841 logger
.info("AP Setup Locked")
842 ap_setup_locked
= True
843 elif "config_error=18" not in ev
:
844 raise Exception("config_error=18 not reported")
845 dev
[0].wait_disconnected(timeout
=10)
847 if not ap_setup_locked
:
848 raise Exception("AP setup was not locked")
849 dev
[0].request("WPS_CANCEL")
850 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412, force_scan
=True,
852 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
853 if 'wps_ap_setup_locked' not in bss
or bss
['wps_ap_setup_locked'] != '1':
854 logger
.info("BSS: " + str(bss
))
855 raise Exception("AP Setup Locked not indicated in scan results")
857 status
= hapd
.request("WPS_GET_STATUS")
858 if "Last WPS result: Failed" not in status
:
859 raise Exception("WPS failure result not shown correctly")
860 if "Peer Address: " + dev
[0].p2p_interface_addr() not in status
:
861 raise Exception("Peer address not shown correctly")
864 dev
[0].dump_monitor()
865 logger
.info("WPS provisioning step")
866 pin
= dev
[0].wps_read_pin()
867 hapd
.request("WPS_PIN any " + pin
)
868 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
869 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=30)
871 raise Exception("WPS success was not reported")
872 dev
[0].wait_connected(timeout
=30)
874 appin
= hapd
.request("WPS_AP_PIN random")
876 raise Exception("Could not generate random AP PIN")
877 ev
= hapd
.wait_event(["WPS-AP-SETUP-UNLOCKED"], timeout
=10)
879 raise Exception("Failed to unlock AP PIN")
881 def test_ap_wps_setup_locked_timeout(dev
, apdev
):
882 """WPS re-enabling AP PIN after timeout"""
883 ssid
= "test-wps-incorrect-ap-pin"
885 hapd
= hostapd
.add_ap(apdev
[0],
886 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
887 "wpa_passphrase": "12345678", "wpa": "2",
888 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
890 new_ssid
= "wps-new-ssid-test"
891 new_passphrase
= "1234567890"
893 dev
[0].flush_scan_cache()
894 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
895 ap_setup_locked
= False
896 for pin
in ["55554444", "1234", "12345678", "00000000", "11111111"]:
897 dev
[0].dump_monitor()
898 logger
.info("Try incorrect AP PIN - attempt " + pin
)
899 dev
[0].wps_reg(apdev
[0]['bssid'], pin
, new_ssid
, "WPA2PSK",
900 "CCMP", new_passphrase
, no_wait
=True)
901 ev
= dev
[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"], timeout
=15)
903 raise Exception("Timeout on receiving WPS operation failure event")
904 if "CTRL-EVENT-CONNECTED" in ev
:
905 raise Exception("Unexpected connection")
906 if "config_error=15" in ev
:
907 logger
.info("AP Setup Locked")
908 ap_setup_locked
= True
910 elif "config_error=18" not in ev
:
911 raise Exception("config_error=18 not reported")
912 dev
[0].wait_disconnected(timeout
=10)
914 if not ap_setup_locked
:
915 raise Exception("AP setup was not locked")
916 ev
= hapd
.wait_event(["WPS-AP-SETUP-UNLOCKED"], timeout
=80)
918 raise Exception("AP PIN did not get unlocked on 60 second timeout")
920 def test_ap_wps_setup_locked_2(dev
, apdev
):
921 """WPS AP configured for special ap_setup_locked=2 mode"""
922 ssid
= "test-wps-ap-pin"
924 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
925 "wpa_passphrase": "12345678", "wpa": "2",
926 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
927 "ap_pin": appin
, "ap_setup_locked": "2"}
928 hapd
= hostapd
.add_ap(apdev
[0], params
)
929 new_ssid
= "wps-new-ssid-test"
930 new_passphrase
= "1234567890"
932 dev
[0].flush_scan_cache()
933 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
934 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
935 dev
[0].request("REMOVE_NETWORK all")
936 dev
[0].wait_disconnected()
939 dev
[0].dump_monitor()
940 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK",
941 "CCMP", new_passphrase
, no_wait
=True)
943 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
945 raise Exception("hostapd did not report WPS failure")
946 if "msg=12 config_error=15" not in ev
:
947 raise Exception("Unexpected failure reason (AP): " + ev
)
949 ev
= dev
[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
951 raise Exception("Timeout on receiving WPS operation failure event")
952 if "CTRL-EVENT-CONNECTED" in ev
:
953 raise Exception("Unexpected connection")
954 if "config_error=15" not in ev
:
955 raise Exception("Unexpected failure reason (STA): " + ev
)
956 dev
[0].request("WPS_CANCEL")
957 dev
[0].wait_disconnected()
959 def setup_ap_wps_pbc_overlap_2ap(apdev
):
960 params
= {"ssid": "wps1", "eap_server": "1", "wps_state": "2",
961 "wpa_passphrase": "12345678", "wpa": "2",
962 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
963 "wps_independent": "1"}
964 hapd
= hostapd
.add_ap(apdev
[0], params
)
965 params
= {"ssid": "wps2", "eap_server": "1", "wps_state": "2",
966 "wpa_passphrase": "123456789", "wpa": "2",
967 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
968 "wps_independent": "1"}
969 hapd2
= hostapd
.add_ap(apdev
[1], params
)
970 hapd
.request("WPS_PBC")
971 hapd2
.request("WPS_PBC")
975 def test_ap_wps_pbc_overlap_2ap(dev
, apdev
):
976 """WPS PBC session overlap with two active APs"""
977 hapd
, hapd2
= setup_ap_wps_pbc_overlap_2ap(apdev
)
978 logger
.info("WPS provisioning step")
979 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
980 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
981 dev
[0].request("WPS_PBC")
982 ev
= dev
[0].wait_event(["WPS-OVERLAP-DETECTED"], timeout
=15)
983 hapd
.request("DISABLE")
984 hapd2
.request("DISABLE")
985 dev
[0].flush_scan_cache()
987 raise Exception("PBC session overlap not detected")
990 def test_ap_wps_pbc_overlap_2ap_specific_bssid(dev
, apdev
):
991 """WPS PBC session overlap with two active APs (specific BSSID selected)"""
992 hapd
, hapd2
= setup_ap_wps_pbc_overlap_2ap(apdev
)
993 logger
.info("WPS provisioning step")
994 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
995 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
996 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
997 ev
= dev
[0].wait_event(["WPS-OVERLAP-DETECTED",
998 "CTRL-EVENT-CONNECTED"], timeout
=15)
999 dev
[0].request("DISCONNECT")
1000 hapd
.request("DISABLE")
1001 hapd2
.request("DISABLE")
1002 dev
[0].flush_scan_cache()
1004 raise Exception("PBC session overlap result not reported")
1005 if "CTRL-EVENT-CONNECTED" not in ev
:
1006 raise Exception("Connection did not complete")
1009 def test_ap_wps_pbc_overlap_2sta(dev
, apdev
):
1010 """WPS PBC session overlap with two active STAs"""
1011 ssid
= "test-wps-pbc-overlap"
1012 hapd
= hostapd
.add_ap(apdev
[0],
1013 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1014 "wpa_passphrase": "12345678", "wpa": "2",
1015 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
1016 logger
.info("WPS provisioning step")
1017 hapd
.request("WPS_PBC")
1018 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1019 dev
[0].dump_monitor()
1020 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1021 dev
[1].dump_monitor()
1022 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
1023 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
1024 ev
= dev
[0].wait_event(["WPS-M2D"], timeout
=15)
1026 raise Exception("PBC session overlap not detected (dev0)")
1027 if "config_error=12" not in ev
:
1028 raise Exception("PBC session overlap not correctly reported (dev0)")
1029 dev
[0].request("WPS_CANCEL")
1030 dev
[0].request("DISCONNECT")
1031 ev
= dev
[1].wait_event(["WPS-M2D"], timeout
=15)
1033 raise Exception("PBC session overlap not detected (dev1)")
1034 if "config_error=12" not in ev
:
1035 raise Exception("PBC session overlap not correctly reported (dev1)")
1036 dev
[1].request("WPS_CANCEL")
1037 dev
[1].request("DISCONNECT")
1038 hapd
.request("WPS_CANCEL")
1039 ret
= hapd
.request("WPS_PBC")
1040 if "FAIL" not in ret
:
1041 raise Exception("PBC mode allowed to be started while PBC overlap still active")
1042 hapd
.request("DISABLE")
1043 dev
[0].flush_scan_cache()
1044 dev
[1].flush_scan_cache()
1047 def test_ap_wps_cancel(dev
, apdev
):
1048 """WPS AP cancelling enabled config method"""
1049 ssid
= "test-wps-ap-cancel"
1050 hapd
= hostapd
.add_ap(apdev
[0],
1051 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1052 "wpa_passphrase": "12345678", "wpa": "2",
1053 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
1054 bssid
= apdev
[0]['bssid']
1056 logger
.info("Verify PBC enable/cancel")
1057 hapd
.request("WPS_PBC")
1058 dev
[0].scan(freq
="2412")
1059 dev
[0].scan(freq
="2412")
1060 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1061 if "[WPS-PBC]" not in bss
['flags']:
1062 raise Exception("WPS-PBC flag missing")
1063 if "FAIL" in hapd
.request("WPS_CANCEL"):
1064 raise Exception("WPS_CANCEL failed")
1065 dev
[0].scan(freq
="2412")
1066 dev
[0].scan(freq
="2412")
1067 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1068 if "[WPS-PBC]" in bss
['flags']:
1069 raise Exception("WPS-PBC flag not cleared")
1071 logger
.info("Verify PIN enable/cancel")
1072 hapd
.request("WPS_PIN any 12345670")
1073 dev
[0].scan(freq
="2412")
1074 dev
[0].scan(freq
="2412")
1075 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1076 if "[WPS-AUTH]" not in bss
['flags']:
1077 raise Exception("WPS-AUTH flag missing")
1078 if "FAIL" in hapd
.request("WPS_CANCEL"):
1079 raise Exception("WPS_CANCEL failed")
1080 dev
[0].scan(freq
="2412")
1081 dev
[0].scan(freq
="2412")
1082 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1083 if "[WPS-AUTH]" in bss
['flags']:
1084 raise Exception("WPS-AUTH flag not cleared")
1086 def test_ap_wps_er_add_enrollee(dev
, apdev
):
1087 """WPS ER configuring AP and adding a new enrollee using PIN"""
1089 _test_ap_wps_er_add_enrollee(dev
, apdev
)
1091 dev
[0].request("WPS_ER_STOP")
1093 def _test_ap_wps_er_add_enrollee(dev
, apdev
):
1094 ssid
= "wps-er-add-enrollee"
1096 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1097 hostapd
.add_ap(apdev
[0],
1098 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
1099 "device_name": "Wireless AP", "manufacturer": "Company",
1100 "model_name": "WAP", "model_number": "123",
1101 "serial_number": "12345", "device_type": "6-0050F204-1",
1102 "os_version": "01020300",
1103 'friendly_name': "WPS AP - <>&'\" - TEST",
1104 "config_methods": "label push_button",
1105 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1106 logger
.info("WPS configuration step")
1107 new_passphrase
= "1234567890"
1108 dev
[0].dump_monitor()
1109 dev
[0].flush_scan_cache()
1110 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1111 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
, ssid
, "WPA2PSK", "CCMP",
1113 status
= dev
[0].get_status()
1114 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
1115 raise Exception("Not fully connected")
1116 if status
['ssid'] != ssid
:
1117 raise Exception("Unexpected SSID")
1118 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
1119 raise Exception("Unexpected encryption configuration")
1120 if status
['key_mgmt'] != 'WPA2-PSK':
1121 raise Exception("Unexpected key_mgmt")
1123 logger
.info("Start ER")
1124 dev
[0].request("WPS_ER_START ifname=lo")
1125 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1127 raise Exception("AP discovery timed out")
1128 if ap_uuid
not in ev
:
1129 raise Exception("Expected AP UUID not found")
1130 if "|WPS AP - <>&'" - TEST|Company|" not in ev
:
1131 raise Exception("Expected friendly name not found")
1133 logger
.info("Learn AP configuration through UPnP")
1134 dev
[0].dump_monitor()
1135 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1136 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1138 raise Exception("AP learn timed out")
1139 if ap_uuid
not in ev
:
1140 raise Exception("Expected AP UUID not in settings")
1141 if "ssid=" + ssid
not in ev
:
1142 raise Exception("Expected SSID not in settings")
1143 if "key=" + new_passphrase
not in ev
:
1144 raise Exception("Expected passphrase not in settings")
1145 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1147 raise Exception("WPS-FAIL after AP learn timed out")
1150 logger
.info("Add Enrollee using ER")
1151 pin
= dev
[1].wps_read_pin()
1152 dev
[0].dump_monitor()
1153 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + dev
[1].p2p_interface_addr())
1154 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1155 dev
[1].dump_monitor()
1156 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1157 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=30)
1159 raise Exception("Enrollee did not report success")
1160 dev
[1].wait_connected(timeout
=15)
1161 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1163 raise Exception("WPS ER did not report success")
1164 hwsim_utils
.test_connectivity_sta(dev
[0], dev
[1])
1166 logger
.info("Add a specific Enrollee using ER")
1167 pin
= dev
[2].wps_read_pin()
1168 addr2
= dev
[2].p2p_interface_addr()
1169 dev
[0].dump_monitor()
1170 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1171 dev
[2].dump_monitor()
1172 dev
[2].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1173 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
1175 raise Exception("Enrollee not seen")
1177 raise Exception("Unexpected Enrollee MAC address")
1178 dev
[0].request("WPS_ER_PIN " + addr2
+ " " + pin
+ " " + addr2
)
1179 dev
[2].wait_connected(timeout
=30)
1180 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1182 raise Exception("WPS ER did not report success")
1184 logger
.info("Verify registrar selection behavior")
1185 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + dev
[1].p2p_interface_addr())
1186 dev
[1].request("DISCONNECT")
1187 dev
[1].wait_disconnected(timeout
=10)
1188 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1189 dev
[1].scan(freq
="2412")
1190 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
1191 if "[WPS-AUTH]" not in bss
['flags']:
1192 # It is possible for scan to miss an update especially when running
1193 # tests under load with multiple VMs, so allow another attempt.
1194 dev
[1].scan(freq
="2412")
1195 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
1196 if "[WPS-AUTH]" not in bss
['flags']:
1197 raise Exception("WPS-AUTH flag missing")
1199 logger
.info("Stop ER")
1200 dev
[0].dump_monitor()
1201 dev
[0].request("WPS_ER_STOP")
1202 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"])
1204 raise Exception("WPS ER unsubscription timed out")
1205 # It takes some time for the UPnP UNSUBSCRIBE command to go through, so wait
1206 # a bit before verifying that the scan results have changed.
1209 for i
in range(0, 10):
1210 dev
[1].request("BSS_FLUSH 0")
1211 dev
[1].scan(freq
="2412", only_new
=True)
1212 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
1213 if bss
and 'flags' in bss
and "[WPS-AUTH]" not in bss
['flags']:
1215 logger
.debug("WPS-AUTH flag was still in place - wait a bit longer")
1217 if "[WPS-AUTH]" in bss
['flags']:
1218 raise Exception("WPS-AUTH flag not removed")
1220 def test_ap_wps_er_add_enrollee_uuid(dev
, apdev
):
1221 """WPS ER adding a new enrollee identified by UUID"""
1223 _test_ap_wps_er_add_enrollee_uuid(dev
, apdev
)
1225 dev
[0].request("WPS_ER_STOP")
1227 def _test_ap_wps_er_add_enrollee_uuid(dev
, apdev
):
1228 ssid
= "wps-er-add-enrollee"
1230 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1231 hostapd
.add_ap(apdev
[0],
1232 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1233 "wpa_passphrase": "12345678", "wpa": "2",
1234 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1235 "device_name": "Wireless AP", "manufacturer": "Company",
1236 "model_name": "WAP", "model_number": "123",
1237 "serial_number": "12345", "device_type": "6-0050F204-1",
1238 "os_version": "01020300",
1239 "config_methods": "label push_button",
1240 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1241 logger
.info("WPS configuration step")
1242 dev
[0].flush_scan_cache()
1243 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1244 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1246 logger
.info("Start ER")
1247 dev
[0].request("WPS_ER_START ifname=lo")
1248 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1250 raise Exception("AP discovery timed out")
1251 if ap_uuid
not in ev
:
1252 raise Exception("Expected AP UUID not found")
1254 logger
.info("Learn AP configuration through UPnP")
1255 dev
[0].dump_monitor()
1256 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1257 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1259 raise Exception("AP learn timed out")
1260 if ap_uuid
not in ev
:
1261 raise Exception("Expected AP UUID not in settings")
1262 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1264 raise Exception("WPS-FAIL after AP learn timed out")
1267 logger
.info("Add a specific Enrollee using ER (PBC/UUID)")
1268 addr1
= dev
[1].p2p_interface_addr()
1269 dev
[0].dump_monitor()
1270 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1271 dev
[1].dump_monitor()
1272 dev
[1].request("WPS_PBC %s" % apdev
[0]['bssid'])
1273 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
1275 raise Exception("Enrollee not seen")
1277 raise Exception("Unexpected Enrollee MAC address")
1278 uuid
= ev
.split(' ')[1]
1279 dev
[0].request("WPS_ER_PBC " + uuid
)
1280 dev
[1].wait_connected(timeout
=30)
1281 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1283 raise Exception("WPS ER did not report success")
1285 logger
.info("Add a specific Enrollee using ER (PIN/UUID)")
1286 pin
= dev
[2].wps_read_pin()
1287 addr2
= dev
[2].p2p_interface_addr()
1288 dev
[0].dump_monitor()
1289 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1290 dev
[2].dump_monitor()
1291 dev
[2].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1292 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
1294 raise Exception("Enrollee not seen")
1296 raise Exception("Unexpected Enrollee MAC address")
1297 uuid
= ev
.split(' ')[1]
1298 dev
[0].request("WPS_ER_PIN " + uuid
+ " " + pin
)
1299 dev
[2].wait_connected(timeout
=30)
1300 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1302 raise Exception("WPS ER did not report success")
1304 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-REMOVE"], timeout
=15)
1306 raise Exception("No Enrollee STA entry timeout seen")
1308 logger
.info("Stop ER")
1309 dev
[0].dump_monitor()
1310 dev
[0].request("WPS_ER_STOP")
1312 def test_ap_wps_er_multi_add_enrollee(dev
, apdev
):
1313 """Multiple WPS ERs adding a new enrollee using PIN"""
1315 _test_ap_wps_er_multi_add_enrollee(dev
, apdev
)
1318 dev
[i
].request("WPS_ER_STOP")
1320 def _test_ap_wps_er_multi_add_enrollee(dev
, apdev
):
1321 ssid
= "wps-er-add-enrollee"
1323 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1324 hostapd
.add_ap(apdev
[0],
1325 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1326 "wpa_passphrase": "12345678", "wpa": "2",
1327 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1328 "device_name": "Wireless AP", "manufacturer": "Company",
1329 "model_name": "WAP", "model_number": "123",
1330 "serial_number": "12345", "device_type": "6-0050F204-1",
1331 "os_version": "01020300",
1332 'friendly_name': "WPS AP",
1333 "config_methods": "label push_button",
1334 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1337 dev
[i
].flush_scan_cache()
1338 dev
[i
].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1339 dev
[i
].wps_reg(apdev
[0]['bssid'], ap_pin
)
1341 dev
[i
].request("WPS_ER_START ifname=lo")
1343 ev
= dev
[i
].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1345 raise Exception("AP discovery timed out")
1346 dev
[i
].dump_monitor()
1348 dev
[i
].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1350 ev
= dev
[i
].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1352 raise Exception("AP learn timed out")
1353 ev
= dev
[i
].wait_event(["WPS-FAIL"], timeout
=15)
1355 raise Exception("WPS-FAIL after AP learn timed out")
1359 pin
= dev
[2].wps_read_pin()
1360 addr
= dev
[2].own_addr()
1361 dev
[0].dump_monitor()
1362 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + addr
)
1363 dev
[1].dump_monitor()
1364 dev
[1].request("WPS_ER_PIN any " + pin
+ " " + addr
)
1366 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1367 dev
[2].dump_monitor()
1368 dev
[2].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1369 ev
= dev
[2].wait_event(["WPS-SUCCESS"], timeout
=30)
1371 raise Exception("Enrollee did not report success")
1372 dev
[2].wait_connected(timeout
=15)
1374 def test_ap_wps_er_add_enrollee_pbc(dev
, apdev
):
1375 """WPS ER connected to AP and adding a new enrollee using PBC"""
1377 _test_ap_wps_er_add_enrollee_pbc(dev
, apdev
)
1379 dev
[0].request("WPS_ER_STOP")
1381 def _test_ap_wps_er_add_enrollee_pbc(dev
, apdev
):
1382 ssid
= "wps-er-add-enrollee-pbc"
1384 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1385 hostapd
.add_ap(apdev
[0],
1386 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1387 "wpa_passphrase": "12345678", "wpa": "2",
1388 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1389 "device_name": "Wireless AP", "manufacturer": "Company",
1390 "model_name": "WAP", "model_number": "123",
1391 "serial_number": "12345", "device_type": "6-0050F204-1",
1392 "os_version": "01020300",
1393 "config_methods": "label push_button",
1394 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1395 logger
.info("Learn AP configuration")
1396 dev
[0].flush_scan_cache()
1397 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1398 dev
[0].dump_monitor()
1399 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1400 status
= dev
[0].get_status()
1401 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
1402 raise Exception("Not fully connected")
1404 logger
.info("Start ER")
1405 dev
[0].request("WPS_ER_START ifname=lo")
1406 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1408 raise Exception("AP discovery timed out")
1409 if ap_uuid
not in ev
:
1410 raise Exception("Expected AP UUID not found")
1412 enrollee
= dev
[1].p2p_interface_addr()
1414 if "FAIL-UNKNOWN-UUID" not in dev
[0].request("WPS_ER_PBC " + enrollee
):
1415 raise Exception("Unknown UUID not reported")
1417 logger
.info("Add Enrollee using ER and PBC")
1418 dev
[0].dump_monitor()
1419 dev
[1].dump_monitor()
1420 dev
[1].request("WPS_PBC")
1422 for i
in range(0, 2):
1423 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=15)
1425 raise Exception("Enrollee discovery timed out")
1429 raise Exception("Expected Enrollee not found")
1430 if "FAIL-NO-AP-SETTINGS" not in dev
[0].request("WPS_ER_PBC " + enrollee
):
1431 raise Exception("Unknown UUID not reported")
1432 logger
.info("Use learned network configuration on ER")
1433 dev
[0].request("WPS_ER_SET_CONFIG " + ap_uuid
+ " 0")
1434 if "OK" not in dev
[0].request("WPS_ER_PBC " + enrollee
):
1435 raise Exception("WPS_ER_PBC failed")
1437 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=15)
1439 raise Exception("Enrollee did not report success")
1440 dev
[1].wait_connected(timeout
=15)
1441 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1443 raise Exception("WPS ER did not report success")
1444 hwsim_utils
.test_connectivity_sta(dev
[0], dev
[1])
1446 def test_ap_wps_er_pbc_overlap(dev
, apdev
):
1447 """WPS ER connected to AP and PBC session overlap"""
1449 _test_ap_wps_er_pbc_overlap(dev
, apdev
)
1451 dev
[0].request("WPS_ER_STOP")
1453 def _test_ap_wps_er_pbc_overlap(dev
, apdev
):
1454 ssid
= "wps-er-add-enrollee-pbc"
1456 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1457 hostapd
.add_ap(apdev
[0],
1458 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1459 "wpa_passphrase": "12345678", "wpa": "2",
1460 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1461 "device_name": "Wireless AP", "manufacturer": "Company",
1462 "model_name": "WAP", "model_number": "123",
1463 "serial_number": "12345", "device_type": "6-0050F204-1",
1464 "os_version": "01020300",
1465 "config_methods": "label push_button",
1466 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1467 dev
[0].flush_scan_cache()
1468 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1469 dev
[0].dump_monitor()
1470 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1472 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1473 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1474 # avoid leaving dev 1 or 2 as the last Probe Request to the AP
1475 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412, force_scan
=True)
1477 dev
[0].dump_monitor()
1478 dev
[0].request("WPS_ER_START ifname=lo")
1480 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1482 raise Exception("AP discovery timed out")
1483 if ap_uuid
not in ev
:
1484 raise Exception("Expected AP UUID not found")
1486 # verify BSSID selection of the AP instead of UUID
1487 if "FAIL" in dev
[0].request("WPS_ER_SET_CONFIG " + apdev
[0]['bssid'] + " 0"):
1488 raise Exception("Could not select AP based on BSSID")
1490 dev
[0].dump_monitor()
1491 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
1492 dev
[2].request("WPS_PBC " + apdev
[0]['bssid'])
1493 ev
= dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
1495 raise Exception("PBC scan failed")
1496 ev
= dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
1498 raise Exception("PBC scan failed")
1501 addr1
= dev
[1].own_addr()
1502 addr2
= dev
[2].own_addr()
1504 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=15)
1506 raise Exception("Enrollee discovery timed out")
1515 if dev
[0].request("WPS_ER_PBC " + ap_uuid
) != "FAIL-PBC-OVERLAP\n":
1516 raise Exception("PBC overlap not reported")
1517 dev
[1].request("WPS_CANCEL")
1518 dev
[2].request("WPS_CANCEL")
1519 if dev
[0].request("WPS_ER_PBC foo") != "FAIL\n":
1520 raise Exception("Invalid WPS_ER_PBC accepted")
1522 def test_ap_wps_er_v10_add_enrollee_pin(dev
, apdev
):
1523 """WPS v1.0 ER connected to AP and adding a new enrollee using PIN"""
1525 _test_ap_wps_er_v10_add_enrollee_pin(dev
, apdev
)
1527 dev
[0].request("WPS_ER_STOP")
1529 def _test_ap_wps_er_v10_add_enrollee_pin(dev
, apdev
):
1530 ssid
= "wps-er-add-enrollee-pbc"
1532 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1533 hostapd
.add_ap(apdev
[0],
1534 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1535 "wpa_passphrase": "12345678", "wpa": "2",
1536 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1537 "device_name": "Wireless AP", "manufacturer": "Company",
1538 "model_name": "WAP", "model_number": "123",
1539 "serial_number": "12345", "device_type": "6-0050F204-1",
1540 "os_version": "01020300",
1541 "config_methods": "label push_button",
1542 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1543 logger
.info("Learn AP configuration")
1544 dev
[0].request("SET wps_version_number 0x10")
1545 dev
[0].flush_scan_cache()
1546 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1547 dev
[0].dump_monitor()
1548 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1549 status
= dev
[0].get_status()
1550 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
1551 raise Exception("Not fully connected")
1553 logger
.info("Start ER")
1554 dev
[0].request("WPS_ER_START ifname=lo")
1555 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1557 raise Exception("AP discovery timed out")
1558 if ap_uuid
not in ev
:
1559 raise Exception("Expected AP UUID not found")
1561 logger
.info("Use learned network configuration on ER")
1562 dev
[0].request("WPS_ER_SET_CONFIG " + ap_uuid
+ " 0")
1564 logger
.info("Add Enrollee using ER and PIN")
1565 enrollee
= dev
[1].p2p_interface_addr()
1566 pin
= dev
[1].wps_read_pin()
1567 dev
[0].dump_monitor()
1568 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + enrollee
)
1569 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1570 dev
[1].dump_monitor()
1571 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1572 dev
[1].wait_connected(timeout
=30)
1573 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1575 raise Exception("WPS ER did not report success")
1578 def test_ap_wps_er_config_ap(dev
, apdev
):
1579 """WPS ER configuring AP over UPnP"""
1581 _test_ap_wps_er_config_ap(dev
, apdev
)
1583 dev
[0].request("WPS_ER_STOP")
1585 def _test_ap_wps_er_config_ap(dev
, apdev
):
1586 ssid
= "wps-er-ap-config"
1588 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1589 hostapd
.add_ap(apdev
[0],
1590 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1591 "wpa_passphrase": "12345678", "wpa": "2",
1592 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1593 "device_name": "Wireless AP", "manufacturer": "Company",
1594 "model_name": "WAP", "model_number": "123",
1595 "serial_number": "12345", "device_type": "6-0050F204-1",
1596 "os_version": "01020300",
1597 "config_methods": "label push_button",
1598 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1600 logger
.info("Connect ER to the AP")
1601 dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
1603 logger
.info("WPS configuration step")
1604 dev
[0].request("WPS_ER_START ifname=lo")
1605 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1607 raise Exception("AP discovery timed out")
1608 if ap_uuid
not in ev
:
1609 raise Exception("Expected AP UUID not found")
1610 new_passphrase
= "1234567890"
1611 dev
[0].request("WPS_ER_CONFIG " + apdev
[0]['bssid'] + " " + ap_pin
+ " " +
1612 binascii
.hexlify(ssid
.encode()).decode() + " WPA2PSK CCMP " +
1613 binascii
.hexlify(new_passphrase
.encode()).decode())
1614 ev
= dev
[0].wait_event(["WPS-SUCCESS"])
1616 raise Exception("WPS ER configuration operation timed out")
1617 dev
[0].wait_disconnected(timeout
=10)
1618 dev
[0].connect(ssid
, psk
="1234567890", scan_freq
="2412")
1620 logger
.info("WPS ER restart")
1621 dev
[0].request("WPS_ER_START")
1622 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1624 raise Exception("AP discovery timed out on ER restart")
1625 if ap_uuid
not in ev
:
1626 raise Exception("Expected AP UUID not found on ER restart")
1627 if "OK" not in dev
[0].request("WPS_ER_STOP"):
1628 raise Exception("WPS_ER_STOP failed")
1629 if "OK" not in dev
[0].request("WPS_ER_STOP"):
1630 raise Exception("WPS_ER_STOP failed")
1633 def test_ap_wps_er_cache_ap_settings(dev
, apdev
):
1634 """WPS ER caching AP settings"""
1636 _test_ap_wps_er_cache_ap_settings(dev
, apdev
)
1638 dev
[0].request("WPS_ER_STOP")
1640 def _test_ap_wps_er_cache_ap_settings(dev
, apdev
):
1641 ssid
= "wps-er-add-enrollee"
1643 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1644 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1645 "wpa_passphrase": "12345678", "wpa": "2",
1646 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1647 "device_name": "Wireless AP", "manufacturer": "Company",
1648 "model_name": "WAP", "model_number": "123",
1649 "serial_number": "12345", "device_type": "6-0050F204-1",
1650 "os_version": "01020300",
1651 "config_methods": "label push_button",
1652 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1653 hapd
= hostapd
.add_ap(apdev
[0], params
)
1654 dev
[0].flush_scan_cache()
1655 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1656 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1657 id = int(dev
[0].list_networks()[0]['id'])
1658 dev
[0].set_network(id, "scan_freq", "2412")
1660 dev
[0].request("WPS_ER_START ifname=lo")
1661 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1663 raise Exception("AP discovery timed out")
1664 if ap_uuid
not in ev
:
1665 raise Exception("Expected AP UUID not found")
1667 dev
[0].dump_monitor()
1668 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1669 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1671 raise Exception("AP learn timed out")
1672 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1674 raise Exception("WPS-FAIL after AP learn timed out")
1680 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE", "CTRL-EVENT-DISCONNECTED"],
1683 raise Exception("AP removal or disconnection timed out")
1685 hapd
= hostapd
.add_ap(apdev
[0], params
)
1687 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED"],
1690 raise Exception("AP discovery or connection timed out")
1692 pin
= dev
[1].wps_read_pin()
1693 dev
[0].dump_monitor()
1694 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + dev
[1].p2p_interface_addr())
1698 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1699 dev
[1].dump_monitor()
1700 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1701 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=30)
1703 raise Exception("Enrollee did not report success")
1704 dev
[1].wait_connected(timeout
=15)
1705 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1707 raise Exception("WPS ER did not report success")
1709 dev
[0].dump_monitor()
1710 dev
[0].request("WPS_ER_STOP")
1712 def test_ap_wps_er_cache_ap_settings_oom(dev
, apdev
):
1713 """WPS ER caching AP settings (OOM)"""
1715 _test_ap_wps_er_cache_ap_settings_oom(dev
, apdev
)
1717 dev
[0].request("WPS_ER_STOP")
1719 def _test_ap_wps_er_cache_ap_settings_oom(dev
, apdev
):
1720 ssid
= "wps-er-add-enrollee"
1722 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1723 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1724 "wpa_passphrase": "12345678", "wpa": "2",
1725 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1726 "device_name": "Wireless AP", "manufacturer": "Company",
1727 "model_name": "WAP", "model_number": "123",
1728 "serial_number": "12345", "device_type": "6-0050F204-1",
1729 "os_version": "01020300",
1730 "config_methods": "label push_button",
1731 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1732 hapd
= hostapd
.add_ap(apdev
[0], params
)
1733 dev
[0].flush_scan_cache()
1734 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1735 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1736 id = int(dev
[0].list_networks()[0]['id'])
1737 dev
[0].set_network(id, "scan_freq", "2412")
1739 dev
[0].request("WPS_ER_START ifname=lo")
1740 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1742 raise Exception("AP discovery timed out")
1743 if ap_uuid
not in ev
:
1744 raise Exception("Expected AP UUID not found")
1746 dev
[0].dump_monitor()
1747 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1748 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1750 raise Exception("AP learn timed out")
1751 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1753 raise Exception("WPS-FAIL after AP learn timed out")
1756 with
alloc_fail(dev
[0], 1, "=wps_er_ap_use_cached_settings"):
1760 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE",
1761 "CTRL-EVENT-DISCONNECTED"],
1764 raise Exception("AP removal or disconnection timed out")
1766 hapd
= hostapd
.add_ap(apdev
[0], params
)
1768 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED"],
1771 raise Exception("AP discovery or connection timed out")
1773 dev
[0].request("WPS_ER_STOP")
1775 def test_ap_wps_er_cache_ap_settings_oom2(dev
, apdev
):
1776 """WPS ER caching AP settings (OOM 2)"""
1778 _test_ap_wps_er_cache_ap_settings_oom2(dev
, apdev
)
1780 dev
[0].request("WPS_ER_STOP")
1782 def _test_ap_wps_er_cache_ap_settings_oom2(dev
, apdev
):
1783 ssid
= "wps-er-add-enrollee"
1785 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1786 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1787 "wpa_passphrase": "12345678", "wpa": "2",
1788 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1789 "device_name": "Wireless AP", "manufacturer": "Company",
1790 "model_name": "WAP", "model_number": "123",
1791 "serial_number": "12345", "device_type": "6-0050F204-1",
1792 "os_version": "01020300",
1793 "config_methods": "label push_button",
1794 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1795 hapd
= hostapd
.add_ap(apdev
[0], params
)
1796 dev
[0].flush_scan_cache()
1797 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1798 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1799 id = int(dev
[0].list_networks()[0]['id'])
1800 dev
[0].set_network(id, "scan_freq", "2412")
1802 dev
[0].request("WPS_ER_START ifname=lo")
1803 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1805 raise Exception("AP discovery timed out")
1806 if ap_uuid
not in ev
:
1807 raise Exception("Expected AP UUID not found")
1809 dev
[0].dump_monitor()
1810 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1811 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1813 raise Exception("AP learn timed out")
1814 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1816 raise Exception("WPS-FAIL after AP learn timed out")
1819 with
alloc_fail(dev
[0], 1, "=wps_er_ap_cache_settings"):
1823 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE",
1824 "CTRL-EVENT-DISCONNECTED"],
1827 raise Exception("AP removal or disconnection timed out")
1829 hapd
= hostapd
.add_ap(apdev
[0], params
)
1831 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED"],
1834 raise Exception("AP discovery or connection timed out")
1836 dev
[0].request("WPS_ER_STOP")
1838 def test_ap_wps_er_subscribe_oom(dev
, apdev
):
1839 """WPS ER subscribe OOM"""
1841 _test_ap_wps_er_subscribe_oom(dev
, apdev
)
1843 dev
[0].request("WPS_ER_STOP")
1845 def _test_ap_wps_er_subscribe_oom(dev
, apdev
):
1846 ssid
= "wps-er-add-enrollee"
1848 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1849 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1850 "wpa_passphrase": "12345678", "wpa": "2",
1851 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1852 "device_name": "Wireless AP", "manufacturer": "Company",
1853 "model_name": "WAP", "model_number": "123",
1854 "serial_number": "12345", "device_type": "6-0050F204-1",
1855 "os_version": "01020300",
1856 "config_methods": "label push_button",
1857 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1858 hapd
= hostapd
.add_ap(apdev
[0], params
)
1859 dev
[0].flush_scan_cache()
1860 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1861 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1862 id = int(dev
[0].list_networks()[0]['id'])
1863 dev
[0].set_network(id, "scan_freq", "2412")
1865 with
alloc_fail(dev
[0], 1, "http_client_addr;wps_er_subscribe"):
1866 dev
[0].request("WPS_ER_START ifname=lo")
1868 res
= dev
[0].request("GET_ALLOC_FAIL")
1869 if res
.startswith("0:"):
1872 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=0)
1874 raise Exception("Unexpected AP discovery during OOM")
1876 dev
[0].request("WPS_ER_STOP")
1878 def test_ap_wps_er_set_sel_reg_oom(dev
, apdev
):
1879 """WPS ER SetSelectedRegistrar OOM"""
1881 _test_ap_wps_er_set_sel_reg_oom(dev
, apdev
)
1883 dev
[0].request("WPS_ER_STOP")
1885 def _test_ap_wps_er_set_sel_reg_oom(dev
, apdev
):
1886 ssid
= "wps-er-add-enrollee"
1888 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1889 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1890 "wpa_passphrase": "12345678", "wpa": "2",
1891 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1892 "device_name": "Wireless AP", "manufacturer": "Company",
1893 "model_name": "WAP", "model_number": "123",
1894 "serial_number": "12345", "device_type": "6-0050F204-1",
1895 "os_version": "01020300",
1896 "config_methods": "label push_button",
1897 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1898 hapd
= hostapd
.add_ap(apdev
[0], params
)
1899 dev
[0].flush_scan_cache()
1900 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1901 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1903 dev
[0].request("WPS_ER_START ifname=lo")
1904 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
1906 raise Exception("AP not discovered")
1908 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1909 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1911 raise Exception("AP learn timed out")
1912 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1914 raise Exception("WPS-FAIL timed out")
1917 for func
in ["http_client_url_parse;wps_er_send_set_sel_reg",
1918 "wps_er_soap_hdr;wps_er_send_set_sel_reg",
1919 "http_client_addr;wps_er_send_set_sel_reg",
1920 "wpabuf_alloc;wps_er_set_sel_reg"]:
1921 with
alloc_fail(dev
[0], 1, func
):
1922 if "OK" not in dev
[0].request("WPS_ER_PBC " + ap_uuid
):
1923 raise Exception("WPS_ER_PBC failed")
1924 ev
= dev
[0].wait_event(["WPS-PBC-ACTIVE"], timeout
=3)
1926 raise Exception("WPS-PBC-ACTIVE not seen")
1928 dev
[0].request("WPS_ER_STOP")
1931 def test_ap_wps_er_learn_oom(dev
, apdev
):
1932 """WPS ER learn OOM"""
1934 _test_ap_wps_er_learn_oom(dev
, apdev
)
1936 dev
[0].request("WPS_ER_STOP")
1938 def _test_ap_wps_er_learn_oom(dev
, apdev
):
1939 ssid
= "wps-er-add-enrollee"
1941 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1942 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1943 "wpa_passphrase": "12345678", "wpa": "2",
1944 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1945 "device_name": "Wireless AP", "manufacturer": "Company",
1946 "model_name": "WAP", "model_number": "123",
1947 "serial_number": "12345", "device_type": "6-0050F204-1",
1948 "os_version": "01020300",
1949 "config_methods": "label push_button",
1950 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1951 hapd
= hostapd
.add_ap(apdev
[0], params
)
1952 dev
[0].flush_scan_cache()
1953 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1954 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1956 dev
[0].request("WPS_ER_START ifname=lo")
1957 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
1959 raise Exception("AP not discovered")
1961 for func
in ["wps_er_http_put_message_cb",
1962 "xml_get_base64_item;wps_er_http_put_message_cb",
1963 "http_client_url_parse;wps_er_ap_put_message",
1964 "wps_er_soap_hdr;wps_er_ap_put_message",
1965 "http_client_addr;wps_er_ap_put_message"]:
1966 with
alloc_fail(dev
[0], 1, func
):
1967 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1968 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=1)
1970 raise Exception("AP learn succeeded during OOM")
1972 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1973 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=10)
1975 raise Exception("AP learn did not succeed")
1977 if "FAIL" not in dev
[0].request("WPS_ER_LEARN 00000000-9e5c-4e73-bd82-f89cbcd10d7e " + ap_pin
):
1978 raise Exception("WPS_ER_LEARN for unknown AP accepted")
1980 dev
[0].request("WPS_ER_STOP")
1982 def test_ap_wps_fragmentation(dev
, apdev
):
1983 """WPS with fragmentation in EAP-WSC and mixed mode WPA+WPA2"""
1984 ssid
= "test-wps-fragmentation"
1986 hapd
= hostapd
.add_ap(apdev
[0],
1987 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1988 "wpa_passphrase": "12345678", "wpa": "3",
1989 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1990 "wpa_pairwise": "TKIP", "ap_pin": appin
,
1991 "fragment_size": "50"})
1992 logger
.info("WPS provisioning step (PBC)")
1993 hapd
.request("WPS_PBC")
1994 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1995 dev
[0].dump_monitor()
1996 dev
[0].request("SET wps_fragment_size 50")
1997 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
1998 dev
[0].wait_connected(timeout
=30)
1999 status
= dev
[0].get_status()
2000 if status
['wpa_state'] != 'COMPLETED':
2001 raise Exception("Not fully connected")
2002 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
2003 raise Exception("Unexpected encryption configuration")
2004 if status
['key_mgmt'] != 'WPA2-PSK':
2005 raise Exception("Unexpected key_mgmt")
2007 logger
.info("WPS provisioning step (PIN)")
2008 pin
= dev
[1].wps_read_pin()
2009 hapd
.request("WPS_PIN any " + pin
)
2010 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2011 dev
[1].request("SET wps_fragment_size 50")
2012 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
2013 dev
[1].wait_connected(timeout
=30)
2014 status
= dev
[1].get_status()
2015 if status
['wpa_state'] != 'COMPLETED':
2016 raise Exception("Not fully connected")
2017 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
2018 raise Exception("Unexpected encryption configuration")
2019 if status
['key_mgmt'] != 'WPA2-PSK':
2020 raise Exception("Unexpected key_mgmt")
2022 logger
.info("WPS connection as registrar")
2023 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2024 dev
[2].request("SET wps_fragment_size 50")
2025 dev
[2].wps_reg(apdev
[0]['bssid'], appin
)
2026 status
= dev
[2].get_status()
2027 if status
['wpa_state'] != 'COMPLETED':
2028 raise Exception("Not fully connected")
2029 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
2030 raise Exception("Unexpected encryption configuration")
2031 if status
['key_mgmt'] != 'WPA2-PSK':
2032 raise Exception("Unexpected key_mgmt")
2035 def test_ap_wps_new_version_sta(dev
, apdev
):
2036 """WPS compatibility with new version number on the station"""
2037 ssid
= "test-wps-ver"
2038 hapd
= hostapd
.add_ap(apdev
[0],
2039 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2040 "wpa_passphrase": "12345678", "wpa": "2",
2041 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2042 logger
.info("WPS provisioning step")
2043 hapd
.request("WPS_PBC")
2044 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2045 dev
[0].dump_monitor()
2046 dev
[0].request("SET wps_version_number 0x43")
2047 dev
[0].request("SET wps_vendor_ext_m1 000137100100020001")
2048 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2049 dev
[0].wait_connected(timeout
=30)
2052 def test_ap_wps_new_version_ap(dev
, apdev
):
2053 """WPS compatibility with new version number on the AP"""
2054 ssid
= "test-wps-ver"
2055 hapd
= hostapd
.add_ap(apdev
[0],
2056 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2057 "wpa_passphrase": "12345678", "wpa": "2",
2058 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2059 logger
.info("WPS provisioning step")
2060 if "FAIL" in hapd
.request("SET wps_version_number 0x43"):
2061 raise Exception("Failed to enable test functionality")
2062 hapd
.request("WPS_PBC")
2063 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2064 dev
[0].dump_monitor()
2065 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2066 dev
[0].wait_connected(timeout
=30)
2067 hapd
.request("SET wps_version_number 0x20")
2070 def test_ap_wps_check_pin(dev
, apdev
):
2071 """Verify PIN checking through control interface"""
2072 hapd
= hostapd
.add_ap(apdev
[0],
2073 {"ssid": "wps", "eap_server": "1", "wps_state": "2",
2074 "wpa_passphrase": "12345678", "wpa": "2",
2075 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2076 for t
in [("12345670", "12345670"),
2077 ("12345678", "FAIL-CHECKSUM"),
2079 ("123456789", "FAIL"),
2080 ("1234-5670", "12345670"),
2081 ("1234 5670", "12345670"),
2082 ("1-2.3:4 5670", "12345670")]:
2083 res
= hapd
.request("WPS_CHECK_PIN " + t
[0]).rstrip('\n')
2084 res2
= dev
[0].request("WPS_CHECK_PIN " + t
[0]).rstrip('\n')
2086 raise Exception("Unexpected difference in WPS_CHECK_PIN responses")
2088 raise Exception("Incorrect WPS_CHECK_PIN response {} (expected {})".format(res
, t
[1]))
2090 if "FAIL" not in hapd
.request("WPS_CHECK_PIN 12345"):
2091 raise Exception("Unexpected WPS_CHECK_PIN success")
2092 if "FAIL" not in hapd
.request("WPS_CHECK_PIN 123456789"):
2093 raise Exception("Unexpected WPS_CHECK_PIN success")
2095 for i
in range(0, 10):
2096 pin
= dev
[0].request("WPS_PIN get")
2097 rpin
= dev
[0].request("WPS_CHECK_PIN " + pin
).rstrip('\n')
2099 raise Exception("Random PIN validation failed for " + pin
)
2101 def test_ap_wps_pin_get_failure(dev
, apdev
):
2102 """PIN generation failure"""
2103 with
fail_test(dev
[0], 1,
2104 "os_get_random;wpa_supplicant_ctrl_iface_wps_pin"):
2105 if "FAIL" not in dev
[0].request("WPS_PIN get"):
2106 raise Exception("WPS_PIN did not report failure")
2108 def test_ap_wps_wep_config(dev
, apdev
):
2109 """WPS 2.0 AP rejecting WEP configuration"""
2110 ssid
= "test-wps-config"
2112 hapd
= hostapd
.add_ap(apdev
[0],
2113 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2115 dev
[0].flush_scan_cache()
2116 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2117 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, "wps-new-ssid-wep", "OPEN", "WEP",
2118 "hello", no_wait
=True)
2119 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=15)
2121 raise Exception("WPS-FAIL timed out")
2122 if "reason=2" not in ev
:
2123 raise Exception("Unexpected reason code in WPS-FAIL")
2124 status
= hapd
.request("WPS_GET_STATUS")
2125 if "Last WPS result: Failed" not in status
:
2126 raise Exception("WPS failure result not shown correctly")
2127 if "Failure Reason: WEP Prohibited" not in status
:
2128 raise Exception("Failure reason not reported correctly")
2129 if "Peer Address: " + dev
[0].p2p_interface_addr() not in status
:
2130 raise Exception("Peer address not shown correctly")
2132 def test_ap_wps_wep_enroll(dev
, apdev
):
2133 """WPS 2.0 STA rejecting WEP configuration"""
2134 ssid
= "test-wps-wep"
2135 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2136 "skip_cred_build": "1", "extra_cred": "wps-wep-cred"}
2137 hapd
= hostapd
.add_ap(apdev
[0], params
)
2138 hapd
.request("WPS_PBC")
2139 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2140 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2141 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
2143 raise Exception("WPS-FAIL event timed out")
2144 if "msg=12" not in ev
or "reason=2 (WEP Prohibited)" not in ev
:
2145 raise Exception("Unexpected WPS-FAIL event: " + ev
)
2148 def test_ap_wps_ie_fragmentation(dev
, apdev
):
2149 """WPS AP using fragmented WPS IE"""
2150 ssid
= "test-wps-ie-fragmentation"
2151 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2152 "wpa_passphrase": "12345678", "wpa": "2",
2153 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
2154 "device_name": "1234567890abcdef1234567890abcdef",
2155 "manufacturer": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
2156 "model_name": "1234567890abcdef1234567890abcdef",
2157 "model_number": "1234567890abcdef1234567890abcdef",
2158 "serial_number": "1234567890abcdef1234567890abcdef"}
2159 hapd
= hostapd
.add_ap(apdev
[0], params
)
2160 hapd
.request("WPS_PBC")
2161 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2162 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2163 dev
[0].wait_connected(timeout
=30)
2164 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
2165 if "wps_device_name" not in bss
or bss
['wps_device_name'] != "1234567890abcdef1234567890abcdef":
2166 logger
.info("Device Name not received correctly")
2168 # This can fail if Probe Response frame is missed and Beacon frame was
2169 # used to fill in the BSS entry. This can happen, e.g., during heavy
2170 # load every now and then and is not really an error, so try to
2171 # workaround by runnign another scan.
2172 dev
[0].scan(freq
="2412", only_new
=True)
2173 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
2174 if not bss
or "wps_device_name" not in bss
or bss
['wps_device_name'] != "1234567890abcdef1234567890abcdef":
2176 raise Exception("Device Name not received correctly")
2177 if len(re
.findall("dd..0050f204", bss
['ie'])) != 2:
2178 raise Exception("Unexpected number of WPS IEs")
2180 def get_psk(pskfile
):
2182 with
open(pskfile
, "r") as f
:
2183 lines
= f
.read().splitlines()
2185 if l
== "# WPA PSKs":
2188 if len(vals
) != 3 or vals
[0] != "wps=1":
2195 def test_ap_wps_per_station_psk(dev
, apdev
):
2196 """WPS PBC provisioning with per-station PSK"""
2197 addr0
= dev
[0].own_addr()
2198 addr1
= dev
[1].own_addr()
2199 addr2
= dev
[2].own_addr()
2202 pskfile
= "/tmp/ap_wps_per_enrollee_psk.psk_file"
2210 with
open(pskfile
, "w") as f
:
2211 f
.write("# WPA PSKs\n")
2213 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2214 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
2215 "rsn_pairwise": "CCMP", "ap_pin": appin
,
2216 "wpa_psk_file": pskfile
}
2217 hapd
= hostapd
.add_ap(apdev
[0], params
)
2219 logger
.info("First enrollee")
2220 hapd
.request("WPS_PBC")
2221 dev
[0].flush_scan_cache()
2222 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2223 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2224 dev
[0].wait_connected(timeout
=30)
2226 logger
.info("Second enrollee")
2227 hapd
.request("WPS_PBC")
2228 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2229 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
2230 dev
[1].wait_connected(timeout
=30)
2232 logger
.info("External registrar")
2233 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2234 dev
[2].wps_reg(apdev
[0]['bssid'], appin
)
2236 logger
.info("Verifying PSK results")
2237 psks
= get_psk(pskfile
)
2238 if addr0
not in psks
:
2239 raise Exception("No PSK recorded for sta0")
2240 if addr1
not in psks
:
2241 raise Exception("No PSK recorded for sta1")
2242 if addr2
not in psks
:
2243 raise Exception("No PSK recorded for sta2")
2244 if psks
[addr0
] == psks
[addr1
]:
2245 raise Exception("Same PSK recorded for sta0 and sta1")
2246 if psks
[addr0
] == psks
[addr2
]:
2247 raise Exception("Same PSK recorded for sta0 and sta2")
2248 if psks
[addr1
] == psks
[addr2
]:
2249 raise Exception("Same PSK recorded for sta1 and sta2")
2251 dev
[0].request("REMOVE_NETWORK all")
2252 logger
.info("Second external registrar")
2253 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2254 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
2255 psks2
= get_psk(pskfile
)
2256 if addr0
not in psks2
:
2257 raise Exception("No PSK recorded for sta0(reg)")
2258 if psks
[addr0
] == psks2
[addr0
]:
2259 raise Exception("Same PSK recorded for sta0(enrollee) and sta0(reg)")
2263 dev
[0].request("DISCONNECT")
2264 dev
[1].request("DISCONNECT")
2265 dev
[2].request("DISCONNECT")
2267 dev
[0].flush_scan_cache()
2268 dev
[1].flush_scan_cache()
2269 dev
[2].flush_scan_cache()
2271 def test_ap_wps_per_station_psk_preset(dev
, apdev
):
2272 """WPS PIN provisioning with per-station PSK preset"""
2273 addr0
= dev
[0].own_addr()
2274 addr1
= dev
[1].own_addr()
2275 addr2
= dev
[2].own_addr()
2278 pskfile
= "/tmp/ap_wps_per_enrollee_psk_preset.psk_file"
2286 with
open(pskfile
, "w") as f
:
2287 f
.write("# WPA PSKs\n")
2288 f
.write("wps=1 " + addr0
+ " preset-passphrase-0\n")
2289 f
.write("wps=1 " + addr2
+ " preset-passphrase-2\n")
2291 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2292 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
2293 "rsn_pairwise": "CCMP", "ap_pin": appin
,
2294 "wpa_psk_file": pskfile
}
2295 hapd
= hostapd
.add_ap(apdev
[0], params
)
2296 bssid
= hapd
.own_addr()
2298 logger
.info("First enrollee")
2299 pin
= dev
[0].wps_read_pin()
2300 hapd
.request("WPS_PIN any " + pin
)
2301 dev
[0].scan_for_bss(bssid
, freq
=2412)
2302 dev
[0].request("WPS_PIN %s %s" % (bssid
, pin
))
2303 dev
[0].wait_connected(timeout
=30)
2305 logger
.info("Second enrollee")
2306 pin
= dev
[1].wps_read_pin()
2307 hapd
.request("WPS_PIN any " + pin
)
2308 dev
[1].scan_for_bss(bssid
, freq
=2412)
2309 dev
[1].request("WPS_PIN %s %s" % (bssid
, pin
))
2310 dev
[1].wait_connected(timeout
=30)
2312 logger
.info("External registrar")
2313 dev
[2].scan_for_bss(bssid
, freq
=2412)
2314 dev
[2].wps_reg(bssid
, appin
)
2316 logger
.info("Verifying PSK results")
2317 psks
= get_psk(pskfile
)
2318 if addr0
not in psks
:
2319 raise Exception("No PSK recorded for sta0")
2320 if addr1
not in psks
:
2321 raise Exception("No PSK recorded for sta1")
2322 if addr2
not in psks
:
2323 raise Exception("No PSK recorded for sta2")
2324 logger
.info("PSK[0]: " + psks
[addr0
])
2325 logger
.info("PSK[1]: " + psks
[addr1
])
2326 logger
.info("PSK[2]: " + psks
[addr2
])
2327 if psks
[addr0
] == psks
[addr1
]:
2328 raise Exception("Same PSK recorded for sta0 and sta1")
2329 if psks
[addr0
] == psks
[addr2
]:
2330 raise Exception("Same PSK recorded for sta0 and sta2")
2331 if psks
[addr1
] == psks
[addr2
]:
2332 raise Exception("Same PSK recorded for sta1 and sta2")
2333 pmk0
= hapd
.request("GET_PMK " + addr0
)
2334 pmk1
= hapd
.request("GET_PMK " + addr1
)
2335 pmk2
= hapd
.request("GET_PMK " + addr2
)
2336 logger
.info("PMK[0]: " + pmk0
)
2337 logger
.info("PMK[1]: " + pmk1
)
2338 logger
.info("PMK[2]: " + pmk2
)
2339 if pmk0
!= "565faec21ff04702d9d17c464e1301efd36c8a3ea46bb866b4bec7fed4384579":
2340 raise Exception("PSK[0] mismatch")
2341 if psks
[addr1
] != pmk1
:
2342 raise Exception("PSK[1] mismatch")
2343 if psks
[addr2
] != pmk2
:
2344 raise Exception("PSK[2] mismatch")
2346 dev
[0].request("REMOVE_NETWORK all")
2347 dev
[0].wait_disconnected()
2348 dev
[0].dump_monitor()
2349 logger
.info("First enrollee again")
2350 pin
= dev
[0].wps_read_pin()
2351 hapd
.request("WPS_PIN any " + pin
)
2352 dev
[0].scan_for_bss(bssid
, freq
=2412)
2353 dev
[0].request("WPS_PIN %s %s" % (bssid
, pin
))
2354 dev
[0].wait_connected(timeout
=30)
2355 psks2
= get_psk(pskfile
)
2356 if addr0
not in psks2
:
2357 raise Exception("No PSK recorded for sta0 (2)")
2358 if psks
[addr0
] != psks2
[addr0
]:
2359 raise Exception("Different PSK recorded for sta0(enrollee) and sta0(enrollee 2)")
2363 def test_ap_wps_per_station_psk_failure(dev
, apdev
):
2364 """WPS PBC provisioning with per-station PSK (file not writable)"""
2365 addr0
= dev
[0].p2p_dev_addr()
2366 addr1
= dev
[1].p2p_dev_addr()
2367 addr2
= dev
[2].p2p_dev_addr()
2370 pskfile
= "/tmp/ap_wps_per_enrollee_psk.psk_file"
2378 with
open(pskfile
, "w") as f
:
2379 f
.write("# WPA PSKs\n")
2381 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2382 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
2383 "rsn_pairwise": "CCMP", "ap_pin": appin
,
2384 "wpa_psk_file": pskfile
}
2385 hapd
= hostapd
.add_ap(apdev
[0], params
)
2386 if "FAIL" in hapd
.request("SET wpa_psk_file /tmp/does/not/exists/ap_wps_per_enrollee_psk_failure.psk_file"):
2387 raise Exception("Failed to set wpa_psk_file")
2389 logger
.info("First enrollee")
2390 hapd
.request("WPS_PBC")
2391 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2392 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2393 dev
[0].wait_connected(timeout
=30)
2395 logger
.info("Second enrollee")
2396 hapd
.request("WPS_PBC")
2397 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2398 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
2399 dev
[1].wait_connected(timeout
=30)
2401 logger
.info("External registrar")
2402 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2403 dev
[2].wps_reg(apdev
[0]['bssid'], appin
)
2405 logger
.info("Verifying PSK results")
2406 psks
= get_psk(pskfile
)
2408 raise Exception("PSK recorded unexpectedly")
2412 dev
[i
].request("DISCONNECT")
2415 dev
[i
].flush_scan_cache()
2418 def test_ap_wps_pin_request_file(dev
, apdev
):
2419 """WPS PIN provisioning with configured AP"""
2421 pinfile
= "/tmp/ap_wps_pin_request_file.log"
2422 if os
.path
.exists(pinfile
):
2424 hapd
= hostapd
.add_ap(apdev
[0],
2425 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2426 "wps_pin_requests": pinfile
,
2427 "wpa_passphrase": "12345678", "wpa": "2",
2428 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2429 uuid
= dev
[0].get_status_field("uuid")
2430 pin
= dev
[0].wps_read_pin()
2432 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2433 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
2434 ev
= hapd
.wait_event(["WPS-PIN-NEEDED"], timeout
=15)
2436 raise Exception("PIN needed event not shown")
2438 raise Exception("UUID mismatch")
2439 dev
[0].request("WPS_CANCEL")
2441 with
open(pinfile
, "r") as f
:
2442 lines
= f
.readlines()
2448 raise Exception("PIN request entry not in the log file")
2455 def test_ap_wps_auto_setup_with_config_file(dev
, apdev
):
2456 """WPS auto-setup with configuration file"""
2457 conffile
= "/tmp/ap_wps_auto_setup_with_config_file.conf"
2458 ifname
= apdev
[0]['ifname']
2460 with
open(conffile
, "w") as f
:
2461 f
.write("driver=nl80211\n")
2462 f
.write("hw_mode=g\n")
2463 f
.write("channel=1\n")
2464 f
.write("ieee80211n=1\n")
2465 f
.write("interface=%s\n" % ifname
)
2466 f
.write("ctrl_interface=/var/run/hostapd\n")
2467 f
.write("ssid=wps\n")
2468 f
.write("eap_server=1\n")
2469 f
.write("wps_state=1\n")
2470 hapd
= hostapd
.add_bss(apdev
[0], ifname
, conffile
)
2471 hapd
.request("WPS_PBC")
2472 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2473 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2474 dev
[0].wait_connected(timeout
=30)
2475 with
open(conffile
, "r") as f
:
2476 lines
= f
.read().splitlines()
2480 [name
, value
] = l
.split('=', 1)
2482 except ValueError as e
:
2483 if "# WPS configuration" in l
:
2486 raise Exception("Unexpected configuration line: " + l
)
2487 if vals
['ieee80211n'] != '1' or vals
['wps_state'] != '2' or "WPA-PSK" not in vals
['wpa_key_mgmt']:
2488 raise Exception("Incorrect configuration: " + str(vals
))
2495 def test_ap_wps_pbc_timeout(dev
, apdev
, params
):
2496 """wpa_supplicant PBC walk time and WPS ER SelReg timeout [long]"""
2497 if not params
['long']:
2498 raise HwsimSkip("Skip test case with long duration due to --long not specified")
2499 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2500 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
2502 location
= ssdp_get_location(ap_uuid
)
2503 urls
= upnp_get_urls(location
)
2504 eventurl
= urlparse(urls
['event_sub_url'])
2505 ctrlurl
= urlparse(urls
['control_url'])
2507 url
= urlparse(location
)
2508 conn
= HTTPConnection(url
.netloc
)
2510 class WPSERHTTPServer(StreamRequestHandler
):
2512 data
= self
.rfile
.readline().strip()
2514 self
.wfile
.write(gen_wps_event())
2516 server
= MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer
)
2519 headers
= {"callback": '<http://127.0.0.1:12345/event>',
2521 "timeout": "Second-1234"}
2522 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2523 resp
= conn
.getresponse()
2524 if resp
.status
!= 200:
2525 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2526 sid
= resp
.getheader("sid")
2527 logger
.debug("Subscription SID " + sid
)
2529 msg
= '''<?xml version="1.0"?>
2530 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
2532 <u:SetSelectedRegistrar xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
2533 <NewMessage>EEoAARAQQQABARASAAIAABBTAAIxSBBJAA4ANyoAASABBv///////xBIABA2LbR7pTpRkYj7
2536 </u:SetSelectedRegistrar>
2539 headers
= {"Content-type": 'text/xml; charset="utf-8"'}
2540 headers
["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % "SetSelectedRegistrar"
2541 conn
.request("POST", ctrlurl
.path
, msg
, headers
)
2542 resp
= conn
.getresponse()
2543 if resp
.status
!= 200:
2544 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2546 server
.handle_request()
2548 logger
.info("Start WPS_PBC and wait for PBC walk time expiration")
2549 if "OK" not in dev
[0].request("WPS_PBC"):
2550 raise Exception("WPS_PBC failed")
2552 start
= os
.times()[4]
2554 server
.handle_request()
2555 dev
[1].request("BSS_FLUSH 0")
2556 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True,
2558 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
2559 logger
.debug("BSS: " + str(bss
))
2560 if '[WPS-AUTH]' not in bss
['flags']:
2561 raise Exception("WPS not indicated authorized")
2563 server
.handle_request()
2565 wps_timeout_seen
= False
2569 dev
[1].dump_monitor()
2570 if not wps_timeout_seen
:
2571 ev
= dev
[0].wait_event(["WPS-TIMEOUT"], timeout
=0)
2573 logger
.info("PBC timeout seen")
2574 wps_timeout_seen
= True
2576 dev
[0].dump_monitor()
2578 if now
- start
> 130:
2579 raise Exception("Selected registration information not removed")
2580 dev
[1].request("BSS_FLUSH 0")
2581 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True,
2583 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
2584 logger
.debug("BSS: " + str(bss
))
2585 if '[WPS-AUTH]' not in bss
['flags']:
2587 server
.handle_request()
2589 server
.server_close()
2591 if wps_timeout_seen
:
2595 if now
< start
+ 150:
2596 dur
= start
+ 150 - now
2599 logger
.info("Continue waiting for PBC timeout (%d sec)" % dur
)
2600 ev
= dev
[0].wait_event(["WPS-TIMEOUT"], timeout
=dur
)
2602 raise Exception("WPS-TIMEOUT not reported")
2604 def add_ssdp_ap(ap
, ap_uuid
):
2607 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2608 "wpa_passphrase": "12345678", "wpa": "2",
2609 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
2610 "device_name": "Wireless AP", "manufacturer": "Company",
2611 "model_name": "WAP", "model_number": "123",
2612 "serial_number": "12345", "device_type": "6-0050F204-1",
2613 "os_version": "01020300",
2614 "config_methods": "label push_button",
2615 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo",
2616 "friendly_name": "WPS Access Point",
2617 "manufacturer_url": "http://www.example.com/",
2618 "model_description": "Wireless Access Point",
2619 "model_url": "http://www.example.com/model/",
2620 "upc": "123456789012"}
2621 return hostapd
.add_ap(ap
, params
)
2623 def ssdp_send(msg
, no_recv
=False):
2624 socket
.setdefaulttimeout(1)
2625 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2626 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2627 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2628 sock
.bind(("127.0.0.1", 0))
2629 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2632 return sock
.recv(1000).decode()
2634 def ssdp_send_msearch(st
, no_recv
=False):
2636 'M-SEARCH * HTTP/1.1',
2637 'HOST: 239.255.255.250:1900',
2639 'MAN: "ssdp:discover"',
2642 return ssdp_send(msg
, no_recv
=no_recv
)
2644 def test_ap_wps_ssdp_msearch(dev
, apdev
):
2645 """WPS AP and SSDP M-SEARCH messages"""
2646 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2647 add_ssdp_ap(apdev
[0], ap_uuid
)
2650 'M-SEARCH * HTTP/1.1',
2651 'Host: 239.255.255.250:1900',
2653 'Man: "ssdp:discover"',
2654 'St: urn:schemas-wifialliance-org:device:WFADevice:1',
2659 'M-SEARCH * HTTP/1.1',
2660 'host:\t239.255.255.250:1900\t\t\t\t \t\t',
2662 'man: \t \t "ssdp:discover" ',
2663 'st: urn:schemas-wifialliance-org:device:WFADevice:1\t\t',
2667 ssdp_send_msearch("ssdp:all")
2668 ssdp_send_msearch("upnp:rootdevice")
2669 ssdp_send_msearch("uuid:" + ap_uuid
)
2670 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1")
2671 ssdp_send_msearch("urn:schemas-wifialliance-org:device:WFADevice:1")
2674 'M-SEARCH * HTTP/1.1',
2675 'HOST:\t239.255.255.250:1900',
2676 'MAN: "ssdp:discover"',
2678 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2680 ssdp_send(msg
, no_recv
=True)
2682 def test_ap_wps_ssdp_invalid_msearch(dev
, apdev
):
2683 """WPS AP and invalid SSDP M-SEARCH messages"""
2684 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2685 add_ssdp_ap(apdev
[0], ap_uuid
)
2687 socket
.setdefaulttimeout(1)
2688 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2689 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2690 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2691 sock
.bind(("127.0.0.1", 0))
2693 logger
.debug("Missing MX")
2695 'M-SEARCH * HTTP/1.1',
2696 'HOST: 239.255.255.250:1900',
2697 'MAN: "ssdp:discover"',
2698 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2700 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2702 logger
.debug("Negative MX")
2704 'M-SEARCH * HTTP/1.1',
2705 'HOST: 239.255.255.250:1900',
2707 'MAN: "ssdp:discover"',
2708 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2710 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2712 logger
.debug("Invalid MX")
2714 'M-SEARCH * HTTP/1.1',
2715 'HOST: 239.255.255.250:1900',
2717 'MAN: "ssdp:discover"',
2718 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2720 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2722 logger
.debug("Missing MAN")
2724 'M-SEARCH * HTTP/1.1',
2725 'HOST: 239.255.255.250:1900',
2727 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2729 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2731 logger
.debug("Invalid MAN")
2733 'M-SEARCH * HTTP/1.1',
2734 'HOST: 239.255.255.250:1900',
2737 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2739 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2741 'M-SEARCH * HTTP/1.1',
2742 'HOST: 239.255.255.250:1900',
2744 'MAN; "ssdp:discover"',
2745 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2747 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2749 logger
.debug("Missing HOST")
2751 'M-SEARCH * HTTP/1.1',
2752 'MAN: "ssdp:discover"',
2754 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2756 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2758 logger
.debug("Missing ST")
2760 'M-SEARCH * HTTP/1.1',
2761 'HOST: 239.255.255.250:1900',
2762 'MAN: "ssdp:discover"',
2765 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2767 logger
.debug("Mismatching ST")
2769 'M-SEARCH * HTTP/1.1',
2770 'HOST: 239.255.255.250:1900',
2771 'MAN: "ssdp:discover"',
2773 'ST: uuid:16d5f8a9-4ee4-4f5e-81f9-cc6e2f47f42d',
2775 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2777 'M-SEARCH * HTTP/1.1',
2778 'HOST: 239.255.255.250:1900',
2779 'MAN: "ssdp:discover"',
2783 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2785 'M-SEARCH * HTTP/1.1',
2786 'HOST: 239.255.255.250:1900',
2787 'MAN: "ssdp:discover"',
2791 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2793 logger
.debug("Invalid ST")
2795 'M-SEARCH * HTTP/1.1',
2796 'HOST: 239.255.255.250:1900',
2797 'MAN: "ssdp:discover"',
2799 'ST; urn:schemas-wifialliance-org:device:WFADevice:1',
2801 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2803 logger
.debug("Invalid M-SEARCH")
2805 'M+SEARCH * HTTP/1.1',
2806 'HOST: 239.255.255.250:1900',
2807 'MAN: "ssdp:discover"',
2809 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2811 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2813 'M-SEARCH-* HTTP/1.1',
2814 'HOST: 239.255.255.250:1900',
2815 'MAN: "ssdp:discover"',
2817 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2819 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2821 logger
.debug("Invalid message format")
2822 sock
.sendto(b
"NOTIFY * HTTP/1.1", ("239.255.255.250", 1900))
2824 'M-SEARCH * HTTP/1.1',
2825 'HOST: 239.255.255.250:1900',
2826 'MAN: "ssdp:discover"',
2828 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2830 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2834 raise Exception("Unexpected M-SEARCH response: " + r
)
2835 except socket
.timeout
:
2838 logger
.debug("Valid M-SEARCH")
2840 'M-SEARCH * HTTP/1.1',
2841 'HOST: 239.255.255.250:1900',
2842 'MAN: "ssdp:discover"',
2844 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2846 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2851 except socket
.timeout
:
2852 raise Exception("No SSDP response")
2854 def test_ap_wps_ssdp_burst(dev
, apdev
):
2855 """WPS AP and SSDP burst"""
2856 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2857 add_ssdp_ap(apdev
[0], ap_uuid
)
2860 'M-SEARCH * HTTP/1.1',
2861 'HOST: 239.255.255.250:1900',
2862 'MAN: "ssdp:discover"',
2864 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2866 socket
.setdefaulttimeout(1)
2867 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2868 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2869 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2870 sock
.bind(("127.0.0.1", 0))
2871 for i
in range(0, 25):
2872 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2876 r
= sock
.recv(1000).decode()
2877 if not r
.startswith("HTTP/1.1 200 OK\r\n"):
2878 raise Exception("Unexpected message: " + r
)
2880 except socket
.timeout
:
2883 raise Exception("Too few SSDP responses")
2885 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2886 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2887 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2888 sock
.bind(("127.0.0.1", 0))
2889 for i
in range(0, 25):
2890 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2893 r
= sock
.recv(1000).decode()
2896 except socket
.timeout
:
2897 raise Exception("No SSDP response")
2899 def ssdp_get_location(uuid
):
2900 res
= ssdp_send_msearch("uuid:" + uuid
)
2902 for l
in res
.splitlines():
2903 if l
.lower().startswith("location:"):
2904 location
= l
.split(':', 1)[1].strip()
2906 if location
is None:
2907 raise Exception("No UPnP location found")
2910 def upnp_get_urls(location
):
2911 if sys
.version_info
[0] > 2:
2912 conn
= urlopen(location
)
2914 conn
= urlopen(location
, proxies
={})
2915 tree
= ET
.parse(conn
)
2916 root
= tree
.getroot()
2917 urn
= '{urn:schemas-upnp-org:device-1-0}'
2918 service
= root
.find("./" + urn
+ "device/" + urn
+ "serviceList/" + urn
+ "service")
2920 res
['scpd_url'] = urljoin(location
, service
.find(urn
+ 'SCPDURL').text
)
2921 res
['control_url'] = urljoin(location
,
2922 service
.find(urn
+ 'controlURL').text
)
2923 res
['event_sub_url'] = urljoin(location
,
2924 service
.find(urn
+ 'eventSubURL').text
)
2927 def upnp_soap_action(conn
, path
, action
, include_soap_action
=True,
2928 soap_action_override
=None, newmsg
=None, neweventtype
=None,
2930 soapns
= 'http://schemas.xmlsoap.org/soap/envelope/'
2931 wpsns
= 'urn:schemas-wifialliance-org:service:WFAWLANConfig:1'
2932 ET
.register_namespace('soapenv', soapns
)
2933 ET
.register_namespace('wfa', wpsns
)
2935 attrib
['{%s}encodingStyle' % soapns
] = 'http://schemas.xmlsoap.org/soap/encoding/'
2936 root
= ET
.Element("{%s}Envelope" % soapns
, attrib
=attrib
)
2937 body
= ET
.SubElement(root
, "{%s}Body" % soapns
)
2938 act
= ET
.SubElement(body
, "{%s}%s" % (wpsns
, action
))
2940 msg
= ET
.SubElement(act
, "NewMessage")
2941 msg
.text
= base64
.b64encode(newmsg
.encode()).decode()
2943 msg
= ET
.SubElement(act
, "NewWLANEventType")
2944 msg
.text
= neweventtype
2946 msg
= ET
.SubElement(act
, "NewWLANEventMAC")
2947 msg
.text
= neweventmac
2949 headers
= {"Content-type": 'text/xml; charset="utf-8"'}
2950 if include_soap_action
:
2951 headers
["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % action
2952 elif soap_action_override
:
2953 headers
["SOAPAction"] = soap_action_override
2954 decl
= b
'<?xml version=\'1.0\' encoding=\'utf8\'?>\n'
2955 conn
.request("POST", path
, decl
+ ET
.tostring(root
), headers
)
2956 return conn
.getresponse()
2958 def test_ap_wps_upnp(dev
, apdev
):
2959 """WPS AP and UPnP operations"""
2960 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2961 add_ssdp_ap(apdev
[0], ap_uuid
)
2963 location
= ssdp_get_location(ap_uuid
)
2964 urls
= upnp_get_urls(location
)
2966 if sys
.version_info
[0] > 2:
2967 conn
= urlopen(urls
['scpd_url'])
2969 conn
= urlopen(urls
['scpd_url'], proxies
={})
2972 if sys
.version_info
[0] > 2:
2974 conn
= urlopen(urljoin(location
, "unknown.html"))
2975 raise Exception("Unexpected HTTP response to GET unknown URL")
2976 except HTTPError
as e
:
2978 raise Exception("Unexpected HTTP response to GET unknown URL")
2980 conn
= urlopen(urljoin(location
, "unknown.html"), proxies
={})
2981 if conn
.getcode() != 404:
2982 raise Exception("Unexpected HTTP response to GET unknown URL")
2984 url
= urlparse(location
)
2985 conn
= HTTPConnection(url
.netloc
)
2986 #conn.set_debuglevel(1)
2987 headers
= {"Content-type": 'text/xml; charset="utf-8"',
2988 "SOAPAction": '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#GetDeviceInfo"'}
2989 conn
.request("POST", "hello", "\r\n\r\n", headers
)
2990 resp
= conn
.getresponse()
2991 if resp
.status
!= 404:
2992 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2994 conn
.request("UNKNOWN", "hello", "\r\n\r\n", headers
)
2995 resp
= conn
.getresponse()
2996 if resp
.status
!= 501:
2997 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2999 headers
= {"Content-type": 'text/xml; charset="utf-8"',
3000 "SOAPAction": '"urn:some-unknown-action#GetDeviceInfo"'}
3001 ctrlurl
= urlparse(urls
['control_url'])
3002 conn
.request("POST", ctrlurl
.path
, "\r\n\r\n", headers
)
3003 resp
= conn
.getresponse()
3004 if resp
.status
!= 401:
3005 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3007 logger
.debug("GetDeviceInfo without SOAPAction header")
3008 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo",
3009 include_soap_action
=False)
3010 if resp
.status
!= 401:
3011 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3013 logger
.debug("GetDeviceInfo with invalid SOAPAction header")
3015 "urn:schemas-wifialliance-org:service:WFAWLANConfig:1#GetDeviceInfo",
3016 '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1"',
3017 '"urn:schemas-wifialliance-org:service:WFAWLANConfig:123#GetDevice']:
3018 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo",
3019 include_soap_action
=False,
3020 soap_action_override
=act
)
3021 if resp
.status
!= 401:
3022 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3024 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
3025 if resp
.status
!= 200:
3026 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3027 dev
= resp
.read().decode()
3028 if "NewDeviceInfo" not in dev
:
3029 raise Exception("Unexpected GetDeviceInfo response")
3031 logger
.debug("PutMessage without required parameters")
3032 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutMessage")
3033 if resp
.status
!= 600:
3034 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3036 logger
.debug("PutWLANResponse without required parameters")
3037 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse")
3038 if resp
.status
!= 600:
3039 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3041 logger
.debug("SetSelectedRegistrar from unregistered ER")
3042 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "SetSelectedRegistrar")
3043 if resp
.status
!= 501:
3044 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3046 logger
.debug("Unknown action")
3047 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "Unknown")
3048 if resp
.status
!= 401:
3049 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3051 def test_ap_wps_upnp_subscribe(dev
, apdev
):
3052 """WPS AP and UPnP event subscription"""
3053 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3054 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
3056 location
= ssdp_get_location(ap_uuid
)
3057 urls
= upnp_get_urls(location
)
3058 eventurl
= urlparse(urls
['event_sub_url'])
3060 url
= urlparse(location
)
3061 conn
= HTTPConnection(url
.netloc
)
3062 #conn.set_debuglevel(1)
3063 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3064 "timeout": "Second-1234"}
3065 conn
.request("SUBSCRIBE", "hello", "\r\n\r\n", headers
)
3066 resp
= conn
.getresponse()
3067 if resp
.status
!= 412:
3068 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3070 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3071 resp
= conn
.getresponse()
3072 if resp
.status
!= 412:
3073 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3075 headers
= {"NT": "upnp:event",
3076 "timeout": "Second-1234"}
3077 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3078 resp
= conn
.getresponse()
3079 if resp
.status
!= 412:
3080 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3082 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3083 "NT": "upnp:foobar",
3084 "timeout": "Second-1234"}
3085 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3086 resp
= conn
.getresponse()
3087 if resp
.status
!= 400:
3088 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3090 logger
.debug("Valid subscription")
3091 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3093 "timeout": "Second-1234"}
3094 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3095 resp
= conn
.getresponse()
3096 if resp
.status
!= 200:
3097 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3098 sid
= resp
.getheader("sid")
3099 logger
.debug("Subscription SID " + sid
)
3101 logger
.debug("Invalid re-subscription")
3102 headers
= {"NT": "upnp:event",
3103 "sid": "123456734567854",
3104 "timeout": "Second-1234"}
3105 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3106 resp
= conn
.getresponse()
3107 if resp
.status
!= 400:
3108 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3110 logger
.debug("Invalid re-subscription")
3111 headers
= {"NT": "upnp:event",
3112 "sid": "uuid:123456734567854",
3113 "timeout": "Second-1234"}
3114 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3115 resp
= conn
.getresponse()
3116 if resp
.status
!= 400:
3117 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3119 logger
.debug("Invalid re-subscription")
3120 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3123 "timeout": "Second-1234"}
3124 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3125 resp
= conn
.getresponse()
3126 if resp
.status
!= 400:
3127 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3129 logger
.debug("SID mismatch in re-subscription")
3130 headers
= {"NT": "upnp:event",
3131 "sid": "uuid:4c2bca79-1ff4-4e43-85d4-952a2b8a51fb",
3132 "timeout": "Second-1234"}
3133 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3134 resp
= conn
.getresponse()
3135 if resp
.status
!= 412:
3136 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3138 logger
.debug("Valid re-subscription")
3139 headers
= {"NT": "upnp:event",
3141 "timeout": "Second-1234"}
3142 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3143 resp
= conn
.getresponse()
3144 if resp
.status
!= 200:
3145 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3146 sid2
= resp
.getheader("sid")
3147 logger
.debug("Subscription SID " + sid2
)
3150 raise Exception("Unexpected SID change")
3152 logger
.debug("Valid re-subscription")
3153 headers
= {"NT": "upnp:event",
3154 "sid": "uuid: \t \t" + sid
.split(':')[1],
3155 "timeout": "Second-1234"}
3156 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3157 resp
= conn
.getresponse()
3158 if resp
.status
!= 200:
3159 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3161 logger
.debug("Invalid unsubscription")
3162 headers
= {"sid": sid
}
3163 conn
.request("UNSUBSCRIBE", "/hello", "\r\n\r\n", headers
)
3164 resp
= conn
.getresponse()
3165 if resp
.status
!= 412:
3166 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3167 headers
= {"foo": "bar"}
3168 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3169 resp
= conn
.getresponse()
3170 if resp
.status
!= 412:
3171 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3173 logger
.debug("Valid unsubscription")
3174 headers
= {"sid": sid
}
3175 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3176 resp
= conn
.getresponse()
3177 if resp
.status
!= 200:
3178 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3180 logger
.debug("Unsubscription for not existing SID")
3181 headers
= {"sid": sid
}
3182 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3183 resp
= conn
.getresponse()
3184 if resp
.status
!= 412:
3185 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3187 logger
.debug("Invalid unsubscription")
3188 headers
= {"sid": " \t \tfoo"}
3189 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3190 resp
= conn
.getresponse()
3191 if resp
.status
!= 400:
3192 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3194 logger
.debug("Invalid unsubscription")
3195 headers
= {"sid": "uuid:\t \tfoo"}
3196 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3197 resp
= conn
.getresponse()
3198 if resp
.status
!= 400:
3199 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3201 logger
.debug("Invalid unsubscription")
3202 headers
= {"NT": "upnp:event",
3204 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3205 resp
= conn
.getresponse()
3206 if resp
.status
!= 400:
3207 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3208 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3210 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3211 resp
= conn
.getresponse()
3212 if resp
.status
!= 400:
3213 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3215 logger
.debug("Valid subscription with multiple callbacks")
3216 headers
= {"callback": '<http://127.0.0.1:12345/event> <http://127.0.0.1:12345/event>\t<http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event>',
3218 "timeout": "Second-1234"}
3219 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3220 resp
= conn
.getresponse()
3221 if resp
.status
!= 200:
3222 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3223 sid
= resp
.getheader("sid")
3224 logger
.debug("Subscription SID " + sid
)
3226 # Force subscription to be deleted due to errors
3227 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3228 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3229 with
alloc_fail(hapd
, 1, "event_build_message"):
3231 dev
[1].dump_monitor()
3232 dev
[2].dump_monitor()
3233 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3234 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3235 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3236 dev
[1].request("WPS_CANCEL")
3237 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3238 dev
[2].request("WPS_CANCEL")
3245 headers
= {"sid": sid
}
3246 conn
.request("UNSUBSCRIBE", eventurl
.path
, "", headers
)
3247 resp
= conn
.getresponse()
3248 if resp
.status
!= 200 and resp
.status
!= 412:
3249 raise Exception("Unexpected HTTP response for UNSUBSCRIBE: %d" % resp
.status
)
3251 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3253 "timeout": "Second-1234"}
3254 with
alloc_fail(hapd
, 1, "http_client_addr;event_send_start"):
3255 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3256 resp
= conn
.getresponse()
3257 if resp
.status
!= 200:
3258 raise Exception("Unexpected HTTP response for SUBSCRIBE: %d" % resp
.status
)
3259 sid
= resp
.getheader("sid")
3260 logger
.debug("Subscription SID " + sid
)
3262 headers
= {"sid": sid
}
3263 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3264 resp
= conn
.getresponse()
3265 if resp
.status
!= 200:
3266 raise Exception("Unexpected HTTP response for UNSUBSCRIBE: %d" % resp
.status
)
3268 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3270 "timeout": "Second-1234"}
3271 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3272 resp
= conn
.getresponse()
3273 if resp
.status
!= 200:
3274 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3275 sid
= resp
.getheader("sid")
3276 logger
.debug("Subscription SID " + sid
)
3278 with
alloc_fail(hapd
, 1, "=wps_upnp_event_add"):
3280 dev
[1].dump_monitor()
3281 dev
[2].dump_monitor()
3282 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3283 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3284 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3285 dev
[1].request("WPS_CANCEL")
3286 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3287 dev
[2].request("WPS_CANCEL")
3293 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3294 resp
= conn
.getresponse()
3295 if resp
.status
!= 200:
3296 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3298 with
alloc_fail(hapd
, 1, "wpabuf_dup;wps_upnp_event_add"):
3299 dev
[1].dump_monitor()
3300 dev
[2].dump_monitor()
3301 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3302 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3303 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3304 dev
[1].request("WPS_CANCEL")
3305 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3306 dev
[2].request("WPS_CANCEL")
3309 with
fail_test(hapd
, 1, "os_get_random;uuid_make;subscription_start"):
3310 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3311 resp
= conn
.getresponse()
3312 if resp
.status
!= 500:
3313 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3315 with
alloc_fail(hapd
, 1, "=subscription_start"):
3316 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3317 resp
= conn
.getresponse()
3318 if resp
.status
!= 500:
3319 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3321 headers
= {"callback": '',
3323 "timeout": "Second-1234"}
3324 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3325 resp
= conn
.getresponse()
3326 if resp
.status
!= 500:
3327 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3329 headers
= {"callback": ' <',
3331 "timeout": "Second-1234"}
3332 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3333 resp
= conn
.getresponse()
3334 if resp
.status
!= 500:
3335 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3337 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3339 "timeout": "Second-1234"}
3340 with
alloc_fail(hapd
, 1, "wpabuf_alloc;subscription_first_event"):
3341 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3342 resp
= conn
.getresponse()
3343 if resp
.status
!= 500:
3344 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3346 with
alloc_fail(hapd
, 1, "wps_upnp_event_add;subscription_first_event"):
3347 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3348 resp
= conn
.getresponse()
3349 if resp
.status
!= 500:
3350 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3352 with
alloc_fail(hapd
, 1, "subscr_addr_add_url"):
3353 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3354 resp
= conn
.getresponse()
3355 if resp
.status
!= 500:
3356 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3358 with
alloc_fail(hapd
, 2, "subscr_addr_add_url"):
3359 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3360 resp
= conn
.getresponse()
3361 if resp
.status
!= 500:
3362 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3365 headers
= {"callback": '<http://127.0.0.1:%d/event>' % (12345 + i
),
3367 "timeout": "Second-1234"}
3368 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3369 resp
= conn
.getresponse()
3370 if resp
.status
!= 200:
3371 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3373 with
alloc_fail(hapd
, 1, "=upnp_wps_device_send_wlan_event"):
3374 dev
[1].dump_monitor()
3375 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3376 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3377 dev
[1].request("WPS_CANCEL")
3380 with
alloc_fail(hapd
, 1, "wpabuf_alloc;upnp_wps_device_send_event"):
3381 dev
[1].dump_monitor()
3382 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3383 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3384 dev
[1].request("WPS_CANCEL")
3387 with
alloc_fail(hapd
, 1,
3388 "base64_gen_encode;?base64_encode;upnp_wps_device_send_wlan_event"):
3389 dev
[1].dump_monitor()
3390 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3391 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3392 dev
[1].request("WPS_CANCEL")
3396 with
alloc_fail(hapd
, 1, "get_netif_info"):
3397 if "FAIL" not in hapd
.request("ENABLE"):
3398 raise Exception("ENABLE succeeded during OOM")
3400 def test_ap_wps_upnp_subscribe_events(dev
, apdev
):
3401 """WPS AP and UPnP event subscription and many events"""
3402 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3403 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
3405 location
= ssdp_get_location(ap_uuid
)
3406 urls
= upnp_get_urls(location
)
3407 eventurl
= urlparse(urls
['event_sub_url'])
3409 class WPSERHTTPServer(StreamRequestHandler
):
3411 data
= self
.rfile
.readline().strip()
3413 self
.wfile
.write(gen_wps_event())
3415 server
= MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer
)
3418 url
= urlparse(location
)
3419 conn
= HTTPConnection(url
.netloc
)
3421 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3423 "timeout": "Second-1234"}
3424 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3425 resp
= conn
.getresponse()
3426 if resp
.status
!= 200:
3427 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3428 sid
= resp
.getheader("sid")
3429 logger
.debug("Subscription SID " + sid
)
3431 # Fetch the first event message
3432 server
.handle_request()
3434 # Force subscription event queue to reach the maximum length by generating
3435 # new proxied events without the ER fetching any of the pending events.
3436 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3437 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3439 dev
[1].dump_monitor()
3440 dev
[2].dump_monitor()
3441 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3442 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3443 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3444 dev
[1].request("WPS_CANCEL")
3445 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3446 dev
[2].request("WPS_CANCEL")
3452 hapd
.request("WPS_PIN any 12345670")
3453 dev
[1].dump_monitor()
3454 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3455 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=10)
3457 raise Exception("WPS success not reported")
3459 # Close the WPS ER HTTP server without fetching all the pending events.
3460 # This tests hostapd code path that clears subscription and the remaining
3461 # event queue when the interface is deinitialized.
3462 server
.handle_request()
3463 server
.server_close()
3465 dev
[1].wait_connected()
3467 def test_ap_wps_upnp_http_proto(dev
, apdev
):
3468 """WPS AP and UPnP/HTTP protocol testing"""
3469 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3470 add_ssdp_ap(apdev
[0], ap_uuid
)
3472 location
= ssdp_get_location(ap_uuid
)
3474 url
= urlparse(location
)
3475 conn
= HTTPConnection(url
.netloc
, timeout
=0.2)
3476 #conn.set_debuglevel(1)
3478 conn
.request("HEAD", "hello")
3479 resp
= conn
.getresponse()
3480 if resp
.status
!= 501:
3481 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3484 for cmd
in ["PUT", "DELETE", "TRACE", "CONNECT", "M-SEARCH", "M-POST"]:
3486 conn
.request(cmd
, "hello")
3487 resp
= conn
.getresponse()
3488 except Exception as e
:
3492 headers
= {"Content-Length": 'abc'}
3493 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3495 resp
= conn
.getresponse()
3496 except Exception as e
:
3500 headers
= {"Content-Length": '-10'}
3501 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3503 resp
= conn
.getresponse()
3504 except Exception as e
:
3508 headers
= {"Content-Length": '10000000000000'}
3509 conn
.request("HEAD", "hello", "\r\n\r\nhello", headers
)
3511 resp
= conn
.getresponse()
3512 except Exception as e
:
3516 headers
= {"Transfer-Encoding": 'abc'}
3517 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3518 resp
= conn
.getresponse()
3519 if resp
.status
!= 501:
3520 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3523 headers
= {"Transfer-Encoding": 'chunked'}
3524 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3525 resp
= conn
.getresponse()
3526 if resp
.status
!= 501:
3527 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3531 conn
.request("HEAD", 5000 * 'A')
3533 resp
= conn
.getresponse()
3534 except Exception as e
:
3538 # Long URL but within header length limits
3539 conn
.request("HEAD", 3000 * 'A')
3540 resp
= conn
.getresponse()
3541 if resp
.status
!= 501:
3542 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3545 headers
= {"Content-Length": '20'}
3546 conn
.request("POST", "hello", 10 * 'A' + "\r\n\r\n", headers
)
3548 resp
= conn
.getresponse()
3549 except Exception as e
:
3553 conn
.request("POST", "hello", 5000 * 'A' + "\r\n\r\n")
3554 resp
= conn
.getresponse()
3555 if resp
.status
!= 404:
3556 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3559 conn
.request("POST", "hello", 60000 * 'A' + "\r\n\r\n")
3561 resp
= conn
.getresponse()
3562 except Exception as e
:
3566 def test_ap_wps_upnp_http_proto_chunked(dev
, apdev
):
3567 """WPS AP and UPnP/HTTP protocol testing for chunked encoding"""
3568 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3569 add_ssdp_ap(apdev
[0], ap_uuid
)
3571 location
= ssdp_get_location(ap_uuid
)
3573 url
= urlparse(location
)
3574 conn
= HTTPConnection(url
.netloc
)
3575 #conn.set_debuglevel(1)
3577 headers
= {"Transfer-Encoding": 'chunked'}
3578 conn
.request("POST", "hello",
3579 "a\r\nabcdefghij\r\n" + "2\r\nkl\r\n" + "0\r\n\r\n",
3581 resp
= conn
.getresponse()
3582 if resp
.status
!= 404:
3583 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3586 conn
.putrequest("POST", "hello")
3587 conn
.putheader('Transfer-Encoding', 'chunked')
3589 conn
.send(b
"a\r\nabcdefghij\r\n")
3591 conn
.send(b
"2\r\nkl\r\n")
3592 conn
.send(b
"0\r\n\r\n")
3593 resp
= conn
.getresponse()
3594 if resp
.status
!= 404:
3595 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3598 conn
.putrequest("POST", "hello")
3599 conn
.putheader('Transfer-Encoding', 'chunked')
3603 for i
in range(20000):
3604 conn
.send(b
"1\r\nZ\r\n")
3605 conn
.send(b
"0\r\n\r\n")
3606 resp
= conn
.getresponse()
3608 except Exception as e
:
3612 raise Exception("Too long chunked request did not result in connection reset")
3614 headers
= {"Transfer-Encoding": 'chunked'}
3615 conn
.request("POST", "hello", "80000000\r\na", headers
)
3617 resp
= conn
.getresponse()
3618 except Exception as e
:
3622 conn
.request("POST", "hello", "10000000\r\na", headers
)
3624 resp
= conn
.getresponse()
3625 except Exception as e
:
3630 def test_ap_wps_disabled(dev
, apdev
):
3631 """WPS operations while WPS is disabled"""
3632 ssid
= "test-wps-disabled"
3633 hapd
= hostapd
.add_ap(apdev
[0], {"ssid": ssid
})
3634 if "FAIL" not in hapd
.request("WPS_PBC"):
3635 raise Exception("WPS_PBC succeeded unexpectedly")
3636 if "FAIL" not in hapd
.request("WPS_CANCEL"):
3637 raise Exception("WPS_CANCEL succeeded unexpectedly")
3639 def test_ap_wps_mixed_cred(dev
, apdev
):
3640 """WPS 2.0 STA merging mixed mode WPA/WPA2 credentials"""
3641 ssid
= "test-wps-wep"
3642 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3643 "skip_cred_build": "1", "extra_cred": "wps-mixed-cred"}
3644 hapd
= hostapd
.add_ap(apdev
[0], params
)
3645 hapd
.request("WPS_PBC")
3646 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3647 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3648 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=30)
3650 raise Exception("WPS-SUCCESS event timed out")
3651 nets
= dev
[0].list_networks()
3653 raise Exception("Unexpected number of network blocks")
3655 proto
= dev
[0].get_network(id, "proto")
3656 if proto
!= "WPA RSN":
3657 raise Exception("Unexpected merged proto field value: " + proto
)
3658 pairwise
= dev
[0].get_network(id, "pairwise")
3659 p
= pairwise
.split()
3660 if "CCMP" not in p
or "TKIP" not in p
:
3661 raise Exception("Unexpected merged pairwise field value: " + pairwise
)
3664 def test_ap_wps_while_connected(dev
, apdev
):
3665 """WPS PBC provisioning while connected to another AP"""
3666 ssid
= "test-wps-conf"
3667 hapd
= hostapd
.add_ap(apdev
[0],
3668 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3669 "wpa_passphrase": "12345678", "wpa": "2",
3670 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3672 hostapd
.add_ap(apdev
[1], {"ssid": "open"})
3673 dev
[0].connect("open", key_mgmt
="NONE", scan_freq
="2412")
3675 logger
.info("WPS provisioning step")
3676 hapd
.request("WPS_PBC")
3677 dev
[0].dump_monitor()
3678 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3679 dev
[0].wait_connected(timeout
=30)
3680 status
= dev
[0].get_status()
3681 if status
['bssid'] != apdev
[0]['bssid']:
3682 raise Exception("Unexpected BSSID")
3685 def test_ap_wps_while_connected_no_autoconnect(dev
, apdev
):
3686 """WPS PBC provisioning while connected to another AP and STA_AUTOCONNECT disabled"""
3687 ssid
= "test-wps-conf"
3688 hapd
= hostapd
.add_ap(apdev
[0],
3689 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3690 "wpa_passphrase": "12345678", "wpa": "2",
3691 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3693 hostapd
.add_ap(apdev
[1], {"ssid": "open"})
3696 dev
[0].request("STA_AUTOCONNECT 0")
3697 dev
[0].connect("open", key_mgmt
="NONE", scan_freq
="2412")
3699 logger
.info("WPS provisioning step")
3700 hapd
.request("WPS_PBC")
3701 dev
[0].dump_monitor()
3702 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3703 dev
[0].wait_connected(timeout
=30)
3704 status
= dev
[0].get_status()
3705 if status
['bssid'] != apdev
[0]['bssid']:
3706 raise Exception("Unexpected BSSID")
3708 dev
[0].request("STA_AUTOCONNECT 1")
3711 def test_ap_wps_from_event(dev
, apdev
):
3712 """WPS PBC event on AP to enable PBC"""
3713 ssid
= "test-wps-conf"
3714 hapd
= hostapd
.add_ap(apdev
[0],
3715 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3716 "wpa_passphrase": "12345678", "wpa": "2",
3717 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3718 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3719 dev
[0].dump_monitor()
3721 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3723 ev
= hapd
.wait_event(['WPS-ENROLLEE-SEEN'], timeout
=15)
3725 raise Exception("No WPS-ENROLLEE-SEEN event on AP")
3726 vals
= ev
.split(' ')
3727 if vals
[1] != dev
[0].p2p_interface_addr():
3728 raise Exception("Unexpected enrollee address: " + vals
[1])
3730 raise Exception("Unexpected Device Password Id: " + vals
[5])
3731 hapd
.request("WPS_PBC")
3732 dev
[0].wait_connected(timeout
=30)
3734 def test_ap_wps_ap_scan_2(dev
, apdev
):
3735 """AP_SCAN 2 for WPS"""
3736 ssid
= "test-wps-conf"
3737 hapd
= hostapd
.add_ap(apdev
[0],
3738 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3739 "wpa_passphrase": "12345678", "wpa": "2",
3740 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3741 hapd
.request("WPS_PBC")
3743 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
3744 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
3747 if "OK" not in wpas
.request("AP_SCAN 2"):
3748 raise Exception("Failed to set AP_SCAN 2")
3750 wpas
.flush_scan_cache()
3751 wpas
.scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3753 wpas
.request("WPS_PBC " + apdev
[0]['bssid'])
3754 ev
= wpas
.wait_event(["WPS-SUCCESS"], timeout
=15)
3756 raise Exception("WPS-SUCCESS event timed out")
3757 wpas
.wait_connected(timeout
=30)
3759 wpas
.request("DISCONNECT")
3760 wpas
.wait_disconnected()
3761 id = wpas
.list_networks()[0]['id']
3762 pairwise
= wpas
.get_network(id, "pairwise")
3763 if "CCMP" not in pairwise
.split():
3764 raise Exception("Unexpected pairwise parameter value: " + pairwise
)
3765 group
= wpas
.get_network(id, "group")
3766 if "CCMP" not in group
.split():
3767 raise Exception("Unexpected group parameter value: " + group
)
3768 # Need to select a single cipher for ap_scan=2 testing
3769 wpas
.set_network(id, "pairwise", "CCMP")
3770 wpas
.set_network(id, "group", "CCMP")
3771 wpas
.request("BSS_FLUSH 0")
3773 wpas
.request("REASSOCIATE")
3774 wpas
.wait_connected(timeout
=30)
3776 wpas
.request("DISCONNECT")
3777 wpas
.wait_disconnected()
3778 wpas
.flush_scan_cache()
3781 def test_ap_wps_eapol_workaround(dev
, apdev
):
3782 """EAPOL workaround code path for 802.1X header length mismatch"""
3784 hapd
= hostapd
.add_ap(apdev
[0],
3785 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
3786 bssid
= apdev
[0]['bssid']
3787 hapd
.request("SET ext_eapol_frame_io 1")
3788 dev
[0].request("SET ext_eapol_frame_io 1")
3789 hapd
.request("WPS_PBC")
3790 dev
[0].request("WPS_PBC")
3792 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=15)
3794 raise Exception("Timeout on EAPOL-TX from hostapd")
3796 res
= dev
[0].request("EAPOL_RX " + bssid
+ " 020000040193000501FFFF")
3798 raise Exception("EAPOL_RX to wpa_supplicant failed")
3800 def test_ap_wps_iteration(dev
, apdev
):
3801 """WPS PIN and iterate through APs without selected registrar"""
3802 ssid
= "test-wps-conf"
3803 hapd
= hostapd
.add_ap(apdev
[0],
3804 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3805 "wpa_passphrase": "12345678", "wpa": "2",
3806 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3808 ssid2
= "test-wps-conf2"
3809 hapd2
= hostapd
.add_ap(apdev
[1],
3810 {"ssid": ssid2
, "eap_server": "1", "wps_state": "2",
3811 "wpa_passphrase": "12345678", "wpa": "2",
3812 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3814 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3815 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
3816 dev
[0].dump_monitor()
3817 pin
= dev
[0].request("WPS_PIN any")
3819 # Wait for iteration through all WPS APs to happen before enabling any
3822 ev
= dev
[0].wait_event(["Associated with"], timeout
=30)
3824 raise Exception("No association seen")
3825 ev
= dev
[0].wait_event(["WPS-M2D"], timeout
=10)
3827 raise Exception("No M2D from AP")
3828 dev
[0].wait_disconnected()
3830 # Verify that each AP requested PIN
3831 ev
= hapd
.wait_event(["WPS-PIN-NEEDED"], timeout
=1)
3833 raise Exception("No WPS-PIN-NEEDED event from AP")
3834 ev
= hapd2
.wait_event(["WPS-PIN-NEEDED"], timeout
=1)
3836 raise Exception("No WPS-PIN-NEEDED event from AP2")
3838 # Provide PIN to one of the APs and verify that connection gets formed
3839 hapd
.request("WPS_PIN any " + pin
)
3840 dev
[0].wait_connected(timeout
=30)
3842 def test_ap_wps_iteration_error(dev
, apdev
):
3843 """WPS AP iteration on no Selected Registrar and error case with an AP"""
3844 ssid
= "test-wps-conf-pin"
3845 hapd
= hostapd
.add_ap(apdev
[0],
3846 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3847 "wpa_passphrase": "12345678", "wpa": "2",
3848 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3849 "wps_independent": "1"})
3850 hapd
.request("SET ext_eapol_frame_io 1")
3851 bssid
= apdev
[0]['bssid']
3852 pin
= dev
[0].wps_read_pin()
3853 dev
[0].request("WPS_PIN any " + pin
)
3855 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=15)
3857 raise Exception("No EAPOL-TX (EAP-Request/Identity) from hostapd")
3858 dev
[0].request("EAPOL_RX " + bssid
+ " " + ev
.split(' ')[2])
3860 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=15)
3862 raise Exception("No EAPOL-TX (EAP-WSC/Start) from hostapd")
3863 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
3865 raise Exception("No CTRL-EVENT-EAP-STARTED")
3867 # Do not forward any more EAPOL frames to test wpa_supplicant behavior for
3868 # a case with an incorrectly behaving WPS AP.
3870 # Start the real target AP and activate registrar on it.
3871 hapd2
= hostapd
.add_ap(apdev
[1],
3872 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3873 "wpa_passphrase": "12345678", "wpa": "2",
3874 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3875 "wps_independent": "1"})
3876 hapd2
.request("WPS_PIN any " + pin
)
3878 dev
[0].wait_disconnected(timeout
=15)
3879 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=15)
3881 raise Exception("No CTRL-EVENT-EAP-STARTED for the second AP")
3882 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=15)
3884 raise Exception("No WPS-CRED-RECEIVED for the second AP")
3885 dev
[0].wait_connected(timeout
=15)
3888 def test_ap_wps_priority(dev
, apdev
):
3889 """WPS PIN provisioning with configured AP and wps_priority"""
3890 ssid
= "test-wps-conf-pin"
3891 hapd
= hostapd
.add_ap(apdev
[0],
3892 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3893 "wpa_passphrase": "12345678", "wpa": "2",
3894 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3895 logger
.info("WPS provisioning step")
3896 pin
= dev
[0].wps_read_pin()
3897 hapd
.request("WPS_PIN any " + pin
)
3898 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3899 dev
[0].dump_monitor()
3901 dev
[0].request("SET wps_priority 6")
3902 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
3903 dev
[0].wait_connected(timeout
=30)
3904 netw
= dev
[0].list_networks()
3905 prio
= dev
[0].get_network(netw
[0]['id'], 'priority')
3907 raise Exception("Unexpected network priority: " + prio
)
3909 dev
[0].request("SET wps_priority 0")
3912 def test_ap_wps_and_non_wps(dev
, apdev
):
3913 """WPS and non-WPS AP in single hostapd process"""
3914 params
= {"ssid": "wps", "eap_server": "1", "wps_state": "1"}
3915 hapd
= hostapd
.add_ap(apdev
[0], params
)
3917 params
= {"ssid": "no wps"}
3918 hapd2
= hostapd
.add_ap(apdev
[1], params
)
3920 appin
= hapd
.request("WPS_AP_PIN random")
3922 raise Exception("Could not generate random AP PIN")
3923 if appin
not in hapd
.request("WPS_AP_PIN get"):
3924 raise Exception("Could not fetch current AP PIN")
3926 if "FAIL" in hapd
.request("WPS_PBC"):
3927 raise Exception("WPS_PBC failed")
3928 if "FAIL" in hapd
.request("WPS_CANCEL"):
3929 raise Exception("WPS_CANCEL failed")
3931 def test_ap_wps_init_oom(dev
, apdev
):
3932 """Initial AP configuration and OOM during PSK generation"""
3934 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "1"}
3935 hapd
= hostapd
.add_ap(apdev
[0], params
)
3937 with
alloc_fail(hapd
, 1, "base64_gen_encode;?base64_encode;wps_build_cred"):
3938 pin
= dev
[0].wps_read_pin()
3939 hapd
.request("WPS_PIN any " + pin
)
3940 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3941 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
3942 dev
[0].wait_disconnected()
3944 hapd
.request("WPS_PIN any " + pin
)
3945 dev
[0].wait_connected(timeout
=30)
3948 def test_ap_wps_er_oom(dev
, apdev
):
3949 """WPS ER OOM in XML processing"""
3951 _test_ap_wps_er_oom(dev
, apdev
)
3953 dev
[0].request("WPS_ER_STOP")
3954 dev
[1].request("WPS_CANCEL")
3955 dev
[0].request("DISCONNECT")
3957 def _test_ap_wps_er_oom(dev
, apdev
):
3958 ssid
= "wps-er-ap-config"
3960 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3961 hostapd
.add_ap(apdev
[0],
3962 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3963 "wpa_passphrase": "12345678", "wpa": "2",
3964 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3965 "device_name": "Wireless AP", "manufacturer": "Company",
3966 "model_name": "WAP", "model_number": "123",
3967 "serial_number": "12345", "device_type": "6-0050F204-1",
3968 "os_version": "01020300",
3969 "config_methods": "label push_button",
3970 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
3972 dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
3974 with
alloc_fail(dev
[0], 1,
3975 "base64_gen_decode;?base64_decode;xml_get_base64_item"):
3976 dev
[0].request("WPS_ER_START ifname=lo")
3977 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=3)
3979 raise Exception("Unexpected AP discovery")
3981 dev
[0].request("WPS_ER_STOP")
3982 dev
[0].request("WPS_ER_START ifname=lo")
3983 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
3985 raise Exception("AP discovery timed out")
3987 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3988 with
alloc_fail(dev
[0], 1,
3989 "base64_gen_decode;?base64_decode;xml_get_base64_item"):
3990 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
3991 ev
= dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
3993 raise Exception("PBC scan failed")
3994 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=15)
3996 raise Exception("Enrollee discovery timed out")
3999 def test_ap_wps_er_init_oom(dev
, apdev
):
4000 """WPS ER and OOM during init"""
4002 _test_ap_wps_er_init_oom(dev
, apdev
)
4004 dev
[0].request("WPS_ER_STOP")
4006 def _test_ap_wps_er_init_oom(dev
, apdev
):
4007 with
alloc_fail(dev
[0], 1, "wps_er_init"):
4008 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
4009 raise Exception("WPS_ER_START succeeded during OOM")
4010 with
alloc_fail(dev
[0], 1, "http_server_init"):
4011 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
4012 raise Exception("WPS_ER_START succeeded during OOM")
4013 with
alloc_fail(dev
[0], 2, "http_server_init"):
4014 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
4015 raise Exception("WPS_ER_START succeeded during OOM")
4016 with
alloc_fail(dev
[0], 1, "eloop_sock_table_add_sock;?eloop_register_sock;wps_er_ssdp_init"):
4017 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
4018 raise Exception("WPS_ER_START succeeded during OOM")
4019 with
fail_test(dev
[0], 1, "os_get_random;wps_er_init"):
4020 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
4021 raise Exception("WPS_ER_START succeeded during os_get_random failure")
4024 def test_ap_wps_er_init_fail(dev
, apdev
):
4025 """WPS ER init failure"""
4026 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=does-not-exist"):
4027 dev
[0].request("WPS_ER_STOP")
4028 raise Exception("WPS_ER_START with non-existing ifname succeeded")
4030 def test_ap_wps_wpa_cli_action(dev
, apdev
, test_params
):
4031 """WPS events and wpa_cli action script"""
4032 logdir
= os
.path
.abspath(test_params
['logdir'])
4033 pidfile
= os
.path
.join(logdir
, 'ap_wps_wpa_cli_action.wpa_cli.pid')
4034 logfile
= os
.path
.join(logdir
, 'ap_wps_wpa_cli_action.wpa_cli.res')
4035 actionfile
= os
.path
.join(logdir
, 'ap_wps_wpa_cli_action.wpa_cli.action.sh')
4037 with
open(actionfile
, 'w') as f
:
4038 f
.write('#!/bin/sh\n')
4039 f
.write('echo $* >> %s\n' % logfile
)
4040 # Kill the process and wait some time before returning to allow all the
4041 # pending events to be processed with some of this happening after the
4042 # eloop SIGALRM signal has been scheduled.
4043 f
.write('if [ $2 = "WPS-SUCCESS" -a -r %s ]; then kill `cat %s`; sleep 1; fi\n' % (pidfile
, pidfile
))
4045 os
.chmod(actionfile
, stat
.S_IREAD | stat
.S_IWRITE | stat
.S_IEXEC |
4046 stat
.S_IRGRP | stat
.S_IXGRP | stat
.S_IROTH | stat
.S_IXOTH
)
4048 ssid
= "test-wps-conf"
4049 hapd
= hostapd
.add_ap(apdev
[0],
4050 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
4051 "wpa_passphrase": "12345678", "wpa": "2",
4052 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
4054 prg
= os
.path
.join(test_params
['logdir'],
4055 'alt-wpa_supplicant/wpa_supplicant/wpa_cli')
4056 if not os
.path
.exists(prg
):
4057 prg
= '../../wpa_supplicant/wpa_cli'
4058 arg
= [prg
, '-P', pidfile
, '-B', '-i', dev
[0].ifname
, '-a', actionfile
]
4059 subprocess
.call(arg
)
4062 cmd
= subprocess
.Popen(arg
, stdout
=subprocess
.PIPE
)
4063 out
= cmd
.communicate()[0].decode()
4065 logger
.debug("Processes:\n" + out
)
4066 if "wpa_cli -P %s -B -i %s" % (pidfile
, dev
[0].ifname
) not in out
:
4067 raise Exception("Did not see wpa_cli running")
4069 hapd
.request("WPS_PIN any 12345670")
4070 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4071 dev
[0].dump_monitor()
4072 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
4073 dev
[0].wait_connected(timeout
=30)
4076 if not os
.path
.exists(pidfile
):
4080 if not os
.path
.exists(logfile
):
4081 raise Exception("wpa_cli action results file not found")
4082 with
open(logfile
, 'r') as f
:
4084 if "WPS-SUCCESS" not in res
:
4085 raise Exception("WPS-SUCCESS event not seen in action file")
4088 cmd
= subprocess
.Popen(arg
, stdout
=subprocess
.PIPE
)
4089 out
= cmd
.communicate()[0].decode()
4091 logger
.debug("Remaining processes:\n" + out
)
4092 if "wpa_cli -P %s -B -i %s" % (pidfile
, dev
[0].ifname
) in out
:
4093 raise Exception("wpa_cli still running")
4095 if os
.path
.exists(pidfile
):
4096 raise Exception("PID file not removed")
4098 def test_ap_wps_er_ssdp_proto(dev
, apdev
):
4099 """WPS ER SSDP protocol testing"""
4101 _test_ap_wps_er_ssdp_proto(dev
, apdev
)
4103 dev
[0].request("WPS_ER_STOP")
4105 def _test_ap_wps_er_ssdp_proto(dev
, apdev
):
4106 socket
.setdefaulttimeout(1)
4107 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
4108 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
4109 sock
.bind(("239.255.255.250", 1900))
4110 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo foo"):
4111 raise Exception("Invalid filter accepted")
4112 if "OK" not in dev
[0].request("WPS_ER_START ifname=lo 1.2.3.4"):
4113 raise Exception("WPS_ER_START with filter failed")
4114 (msg
, addr
) = sock
.recvfrom(1000)
4116 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
4117 if "M-SEARCH" not in msg
:
4118 raise Exception("Not an M-SEARCH")
4119 sock
.sendto(b
"FOO", addr
)
4121 dev
[0].request("WPS_ER_STOP")
4123 dev
[0].request("WPS_ER_START ifname=lo")
4124 (msg
, addr
) = sock
.recvfrom(1000)
4126 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
4127 if "M-SEARCH" not in msg
:
4128 raise Exception("Not an M-SEARCH")
4129 sock
.sendto(b
"FOO", addr
)
4130 sock
.sendto(b
"HTTP/1.1 200 OK\r\nFOO\r\n\r\n", addr
)
4131 sock
.sendto(b
"HTTP/1.1 200 OK\r\nNTS:foo\r\n\r\n", addr
)
4132 sock
.sendto(b
"HTTP/1.1 200 OK\r\nNTS:ssdp:byebye\r\n\r\n", addr
)
4133 sock
.sendto(b
"HTTP/1.1 200 OK\r\ncache-control: foo=1\r\n\r\n", addr
)
4134 sock
.sendto(b
"HTTP/1.1 200 OK\r\ncache-control: max-age=1\r\n\r\n", addr
)
4135 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn:\r\n\r\n", addr
)
4136 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn:foo\r\n\r\n", addr
)
4137 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn: uuid:\r\n\r\n", addr
)
4138 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn: uuid: \r\n\r\n", addr
)
4139 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn: uuid: foo\r\n\r\n", addr
)
4140 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\n\r\n", addr
)
4141 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nNTS:ssdp:byebye\r\n\r\n", addr
)
4142 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\n\r\n", addr
)
4143 with
alloc_fail(dev
[0], 1, "wps_er_ap_add"):
4144 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
4146 with
alloc_fail(dev
[0], 2, "wps_er_ap_add"):
4147 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
4150 # Add an AP with bogus URL
4151 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
4152 # Update timeout on AP without updating URL
4153 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1:12345/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr
)
4154 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=5)
4156 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
4158 # Add an AP with a valid URL (but no server listing to it)
4159 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1:12345/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr
)
4160 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=5)
4162 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
4166 wps_event_url
= None
4168 def gen_upnp_info(eventSubURL
='wps_event', controlURL
='wps_control',
4169 udn
='uuid:27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'):
4170 payload
= '''<?xml version="1.0"?>
4171 <root xmlns="urn:schemas-upnp-org:device-1-0">
4177 <deviceType>urn:schemas-wifialliance-org:device:WFADevice:1</deviceType>
4178 <friendlyName>WPS Access Point</friendlyName>
4179 <manufacturer>Company</manufacturer>
4180 <modelName>WAP</modelName>
4181 <modelNumber>123</modelNumber>
4182 <serialNumber>12345</serialNumber>
4185 payload
+= '<UDN>' + udn
+ '</UDN>'
4186 payload
+= '''<serviceList>
4188 <serviceType>urn:schemas-wifialliance-org:service:WFAWLANConfig:1</serviceType>
4189 <serviceId>urn:wifialliance-org:serviceId:WFAWLANConfig1</serviceId>
4190 <SCPDURL>wps_scpd.xml</SCPDURL>
4193 payload
+= '<controlURL>' + controlURL
+ '</controlURL>\n'
4195 payload
+= '<eventSubURL>' + eventSubURL
+ '</eventSubURL>\n'
4196 payload
+= '''</service>
4201 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4202 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4203 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4204 'Connection: close\r\n' + \
4205 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4206 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4207 return (hdr
+ payload
).encode()
4209 def gen_wps_control(payload_override
=None):
4210 payload
= '''<?xml version="1.0"?>
4211 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
4213 <u:GetDeviceInfoResponse xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
4214 <NewDeviceInfo>EEoAARAQIgABBBBHABAn6oAanlxOc72C+Jy80Q1+ECAABgIAAAADABAaABCJZ7DPtbU3Ust9
4215 Z3wJF07WEDIAwH45D3i1OqB7eJGwTzqeapS71h3KyXncK2xJZ+xqScrlorNEg6LijBJzG2Ca
4216 +FZli0iliDJd397yAx/jk4nFXco3q5ylBSvSw9dhJ5u1xBKSnTilKGlUHPhLP75PUqM3fot9
4217 7zwtFZ4bx6x1sBA6oEe2d0aUJmLumQGCiKEIWlnxs44zego/2tAe81bDzdPBM7o5HH/FUhD+
4218 KoGzFXp51atP+1n9Vta6AkI0Vye99JKLcC6Md9dMJltSVBgd4Xc4lRAEAAIAIxAQAAIADRAN
4219 AAEBEAgAAgAEEEQAAQIQIQAHQ29tcGFueRAjAANXQVAQJAADMTIzEEIABTEyMzQ1EFQACAAG
4220 AFDyBAABEBEAC1dpcmVsZXNzIEFQEDwAAQEQAgACAAAQEgACAAAQCQACAAAQLQAEgQIDABBJ
4223 </u:GetDeviceInfoResponse>
4227 if payload_override
:
4228 payload
= payload_override
4229 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4230 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4231 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4232 'Connection: close\r\n' + \
4233 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4234 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4235 return (hdr
+ payload
).encode()
4237 def gen_wps_event(sid
='uuid:7eb3342a-8a5f-47fe-a585-0785bfec6d8a'):
4239 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4240 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4241 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4242 'Connection: close\r\n' + \
4243 'Content-Length: ' + str(len(payload
)) + '\r\n'
4245 hdr
+= 'SID: ' + sid
+ '\r\n'
4246 hdr
+= 'Timeout: Second-1801\r\n' + \
4247 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4248 return (hdr
+ payload
).encode()
4250 class WPSAPHTTPServer(StreamRequestHandler
):
4252 data
= self
.rfile
.readline().decode().strip()
4253 logger
.info("HTTP server received: " + data
)
4255 hdr
= self
.rfile
.readline().decode().strip()
4258 logger
.info("HTTP header: " + hdr
)
4259 if "CALLBACK:" in hdr
:
4260 global wps_event_url
4261 wps_event_url
= hdr
.split(' ')[1].strip('<>')
4263 if "GET /foo.xml" in data
:
4264 self
.handle_upnp_info()
4265 elif "POST /wps_control" in data
:
4266 self
.handle_wps_control()
4267 elif "SUBSCRIBE /wps_event" in data
:
4268 self
.handle_wps_event()
4270 self
.handle_others(data
)
4272 def handle_upnp_info(self
):
4273 self
.wfile
.write(gen_upnp_info())
4275 def handle_wps_control(self
):
4276 self
.wfile
.write(gen_wps_control())
4278 def handle_wps_event(self
):
4279 self
.wfile
.write(gen_wps_event())
4281 def handle_others(self
, data
):
4282 logger
.info("Ignore HTTP request: " + data
)
4284 class MyTCPServer(TCPServer
):
4285 def __init__(self
, addr
, handler
):
4286 self
.allow_reuse_address
= True
4287 TCPServer
.__init
__(self
, addr
, handler
)
4289 def wps_er_start(dev
, http_server
, max_age
=1, wait_m_search
=False,
4291 socket
.setdefaulttimeout(1)
4292 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
4293 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
4294 sock
.bind(("239.255.255.250", 1900))
4295 dev
.request("WPS_ER_START ifname=lo")
4296 for i
in range(100):
4297 (msg
, addr
) = sock
.recvfrom(1000)
4299 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
4300 if "M-SEARCH" in msg
:
4302 if not wait_m_search
:
4303 raise Exception("Not an M-SEARCH")
4305 raise Exception("No M-SEARCH seen")
4307 # Add an AP with a valid URL and server listing to it
4308 server
= MyTCPServer(("127.0.0.1", 12345), http_server
)
4309 if not location_url
:
4310 location_url
= 'http://127.0.0.1:12345/foo.xml'
4311 sock
.sendto(("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:%s\r\ncache-control:max-age=%d\r\n\r\n" % (location_url
, max_age
)).encode(), addr
)
4315 def wps_er_stop(dev
, sock
, server
, on_alloc_fail
=False):
4317 server
.server_close()
4322 res
= dev
.request("GET_ALLOC_FAIL")
4323 if res
.startswith("0:"):
4328 raise Exception("No allocation failure reported")
4330 ev
= dev
.wait_event(["WPS-ER-AP-REMOVE"], timeout
=5)
4332 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
4333 dev
.request("WPS_ER_STOP")
4335 def run_wps_er_proto_test(dev
, handler
, no_event_url
=False, location_url
=None):
4337 uuid
= '27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'
4338 server
, sock
= wps_er_start(dev
, handler
, location_url
=location_url
)
4339 global wps_event_url
4340 wps_event_url
= None
4341 server
.handle_request()
4342 server
.handle_request()
4343 server
.handle_request()
4344 server
.server_close()
4347 raise Exception("Received event URL unexpectedly")
4349 if wps_event_url
is None:
4350 raise Exception("Did not get event URL")
4351 logger
.info("Event URL: " + wps_event_url
)
4353 dev
.request("WPS_ER_STOP")
4355 def send_wlanevent(url
, uuid
, data
, no_response
=False):
4356 conn
= HTTPConnection(url
.netloc
)
4357 payload
= '''<?xml version="1.0" encoding="utf-8"?>
4358 <e:propertyset xmlns:e="urn:schemas-upnp-org:event-1-0">
4359 <e:property><STAStatus>1</STAStatus></e:property>
4360 <e:property><APStatus>1</APStatus></e:property>
4361 <e:property><WLANEvent>'''
4362 payload
+= base64
.b64encode(data
).decode()
4363 payload
+= '</WLANEvent></e:property></e:propertyset>'
4364 headers
= {"Content-type": 'text/xml; charset="utf-8"',
4365 "Server": "Unspecified, UPnP/1.0, Unspecified",
4368 "SID": "uuid:" + uuid
,
4370 "Content-Length": str(len(payload
))}
4371 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4375 except Exception as e
:
4378 resp
= conn
.getresponse()
4379 if resp
.status
!= 200:
4380 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4382 def test_ap_wps_er_http_proto(dev
, apdev
):
4383 """WPS ER HTTP protocol testing"""
4385 _test_ap_wps_er_http_proto(dev
, apdev
)
4387 dev
[0].request("WPS_ER_STOP")
4389 def _test_ap_wps_er_http_proto(dev
, apdev
):
4390 uuid
= '27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'
4391 server
, sock
= wps_er_start(dev
[0], WPSAPHTTPServer
, max_age
=15)
4392 global wps_event_url
4393 wps_event_url
= None
4394 server
.handle_request()
4395 server
.handle_request()
4396 server
.handle_request()
4397 server
.server_close()
4398 if wps_event_url
is None:
4399 raise Exception("Did not get event URL")
4400 logger
.info("Event URL: " + wps_event_url
)
4402 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
4404 raise Exception("No WPS-ER-AP-ADD event")
4406 raise Exception("UUID mismatch")
4410 logger
.info("Valid Probe Request notification")
4411 url
= urlparse(wps_event_url
)
4412 conn
= HTTPConnection(url
.netloc
)
4413 payload
= '''<?xml version="1.0" encoding="utf-8"?>
4414 <e:propertyset xmlns:e="urn:schemas-upnp-org:event-1-0">
4415 <e:property><STAStatus>1</STAStatus></e:property>
4416 <e:property><APStatus>1</APStatus></e:property>
4417 <e:property><WLANEvent>ATAyOjAwOjAwOjAwOjAwOjAwEEoAARAQOgABAhAIAAIxSBBHABA2LbR7pTpRkYj7VFi5hrLk
4418 EFQACAAAAAAAAAAAEDwAAQMQAgACAAAQCQACAAAQEgACAAAQIQABIBAjAAEgECQAASAQEQAI
4419 RGV2aWNlIEEQSQAGADcqAAEg
4420 </WLANEvent></e:property>
4423 headers
= {"Content-type": 'text/xml; charset="utf-8"',
4424 "Server": "Unspecified, UPnP/1.0, Unspecified",
4427 "SID": "uuid:" + uuid
,
4429 "Content-Length": str(len(payload
))}
4430 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4431 resp
= conn
.getresponse()
4432 if resp
.status
!= 200:
4433 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4435 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=5)
4437 raise Exception("No WPS-ER-ENROLLEE-ADD event")
4438 if "362db47b-a53a-5191-88fb-5458b986b2e4" not in ev
:
4439 raise Exception("No Enrollee UUID match")
4441 logger
.info("Incorrect event URL AP id")
4442 conn
= HTTPConnection(url
.netloc
)
4443 conn
.request("NOTIFY", url
.path
+ '123', payload
, headers
)
4444 resp
= conn
.getresponse()
4445 if resp
.status
!= 404:
4446 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4448 logger
.info("Missing AP id")
4449 conn
= HTTPConnection(url
.netloc
)
4450 conn
.request("NOTIFY", '/event/' + url
.path
.split('/')[2],
4454 logger
.info("Incorrect event URL event id")
4455 conn
= HTTPConnection(url
.netloc
)
4456 conn
.request("NOTIFY", '/event/123456789/123', payload
, headers
)
4459 logger
.info("Incorrect event URL prefix")
4460 conn
= HTTPConnection(url
.netloc
)
4461 conn
.request("NOTIFY", '/foobar/123456789/123', payload
, headers
)
4462 resp
= conn
.getresponse()
4463 if resp
.status
!= 404:
4464 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4466 logger
.info("Unsupported request")
4467 conn
= HTTPConnection(url
.netloc
)
4468 conn
.request("FOOBAR", '/foobar/123456789/123', payload
, headers
)
4469 resp
= conn
.getresponse()
4470 if resp
.status
!= 501:
4471 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4473 logger
.info("Unsupported request and OOM")
4474 with
alloc_fail(dev
[0], 1, "wps_er_http_req"):
4475 conn
= HTTPConnection(url
.netloc
)
4476 conn
.request("FOOBAR", '/foobar/123456789/123', payload
, headers
)
4479 logger
.info("Too short WLANEvent")
4481 send_wlanevent(url
, uuid
, data
)
4483 logger
.info("Invalid WLANEventMAC")
4484 data
= b
'\x00qwertyuiopasdfghjklzxcvbnm'
4485 send_wlanevent(url
, uuid
, data
)
4487 logger
.info("Unknown WLANEventType")
4488 data
= b
'\xff02:00:00:00:00:00'
4489 send_wlanevent(url
, uuid
, data
)
4491 logger
.info("Probe Request notification without any attributes")
4492 data
= b
'\x0102:00:00:00:00:00'
4493 send_wlanevent(url
, uuid
, data
)
4495 logger
.info("Probe Request notification with invalid attribute")
4496 data
= b
'\x0102:00:00:00:00:00\xff'
4497 send_wlanevent(url
, uuid
, data
)
4499 logger
.info("EAP message without any attributes")
4500 data
= b
'\x0202:00:00:00:00:00'
4501 send_wlanevent(url
, uuid
, data
)
4503 logger
.info("EAP message with invalid attribute")
4504 data
= b
'\x0202:00:00:00:00:00\xff'
4505 send_wlanevent(url
, uuid
, data
)
4507 logger
.info("EAP message from new STA and not M1")
4508 data
= b
'\x0202:ff:ff:ff:ff:ff' + b
'\x10\x22\x00\x01\x05'
4509 send_wlanevent(url
, uuid
, data
)
4511 logger
.info("EAP message: M1")
4512 data
= b
'\x0202:00:00:00:00:00'
4513 data
+= b
'\x10\x22\x00\x01\x04'
4514 data
+= b
'\x10\x47\x00\x10' + 16 * b
'\x00'
4515 data
+= b
'\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4516 data
+= b
'\x10\x1a\x00\x10' + 16 * b
'\x00'
4517 data
+= b
'\x10\x32\x00\xc0' + 192 * b
'\x00'
4518 data
+= b
'\x10\x04\x00\x02\x00\x00'
4519 data
+= b
'\x10\x10\x00\x02\x00\x00'
4520 data
+= b
'\x10\x0d\x00\x01\x00'
4521 data
+= b
'\x10\x08\x00\x02\x00\x00'
4522 data
+= b
'\x10\x44\x00\x01\x00'
4523 data
+= b
'\x10\x21\x00\x00'
4524 data
+= b
'\x10\x23\x00\x00'
4525 data
+= b
'\x10\x24\x00\x00'
4526 data
+= b
'\x10\x42\x00\x00'
4527 data
+= b
'\x10\x54\x00\x08' + 8 * b
'\x00'
4528 data
+= b
'\x10\x11\x00\x00'
4529 data
+= b
'\x10\x3c\x00\x01\x00'
4530 data
+= b
'\x10\x02\x00\x02\x00\x00'
4531 data
+= b
'\x10\x12\x00\x02\x00\x00'
4532 data
+= b
'\x10\x09\x00\x02\x00\x00'
4533 data
+= b
'\x10\x2d\x00\x04\x00\x00\x00\x00'
4535 send_wlanevent(url
, uuid
, data
)
4537 logger
.info("EAP message: WSC_ACK")
4538 data
= b
'\x0202:00:00:00:00:00' + b
'\x10\x22\x00\x01\x0d'
4539 send_wlanevent(url
, uuid
, data
)
4541 logger
.info("EAP message: M1")
4542 send_wlanevent(url
, uuid
, m1
)
4544 logger
.info("EAP message: WSC_NACK")
4545 data
= b
'\x0202:00:00:00:00:00' + b
'\x10\x22\x00\x01\x0e'
4546 send_wlanevent(url
, uuid
, data
)
4548 logger
.info("EAP message: M1 - Too long attribute values")
4549 data
= b
'\x0202:00:00:00:00:00'
4550 data
+= b
'\x10\x11\x00\x21' + 33 * b
'\x00'
4551 data
+= b
'\x10\x45\x00\x21' + 33 * b
'\x00'
4552 data
+= b
'\x10\x42\x00\x21' + 33 * b
'\x00'
4553 data
+= b
'\x10\x24\x00\x21' + 33 * b
'\x00'
4554 data
+= b
'\x10\x23\x00\x21' + 33 * b
'\x00'
4555 data
+= b
'\x10\x21\x00\x41' + 65 * b
'\x00'
4556 data
+= b
'\x10\x49\x00\x09\x00\x37\x2a\x05\x02\x00\x00\x05\x00'
4557 send_wlanevent(url
, uuid
, data
)
4559 logger
.info("EAP message: M1 missing UUID-E")
4560 data
= b
'\x0202:00:00:00:00:00'
4561 data
+= b
'\x10\x22\x00\x01\x04'
4562 send_wlanevent(url
, uuid
, data
)
4564 logger
.info("EAP message: M1 missing MAC Address")
4565 data
+= b
'\x10\x47\x00\x10' + 16 * b
'\x00'
4566 send_wlanevent(url
, uuid
, data
)
4568 logger
.info("EAP message: M1 missing Enrollee Nonce")
4569 data
+= b
'\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4570 send_wlanevent(url
, uuid
, data
)
4572 logger
.info("EAP message: M1 missing Public Key")
4573 data
+= b
'\x10\x1a\x00\x10' + 16 * b
'\x00'
4574 send_wlanevent(url
, uuid
, data
)
4576 logger
.info("EAP message: M1 missing Authentication Type flags")
4577 data
+= b
'\x10\x32\x00\xc0' + 192 * b
'\x00'
4578 send_wlanevent(url
, uuid
, data
)
4580 logger
.info("EAP message: M1 missing Encryption Type Flags")
4581 data
+= b
'\x10\x04\x00\x02\x00\x00'
4582 send_wlanevent(url
, uuid
, data
)
4584 logger
.info("EAP message: M1 missing Connection Type flags")
4585 data
+= b
'\x10\x10\x00\x02\x00\x00'
4586 send_wlanevent(url
, uuid
, data
)
4588 logger
.info("EAP message: M1 missing Config Methods")
4589 data
+= b
'\x10\x0d\x00\x01\x00'
4590 send_wlanevent(url
, uuid
, data
)
4592 logger
.info("EAP message: M1 missing Wi-Fi Protected Setup State")
4593 data
+= b
'\x10\x08\x00\x02\x00\x00'
4594 send_wlanevent(url
, uuid
, data
)
4596 logger
.info("EAP message: M1 missing Manufacturer")
4597 data
+= b
'\x10\x44\x00\x01\x00'
4598 send_wlanevent(url
, uuid
, data
)
4600 logger
.info("EAP message: M1 missing Model Name")
4601 data
+= b
'\x10\x21\x00\x00'
4602 send_wlanevent(url
, uuid
, data
)
4604 logger
.info("EAP message: M1 missing Model Number")
4605 data
+= b
'\x10\x23\x00\x00'
4606 send_wlanevent(url
, uuid
, data
)
4608 logger
.info("EAP message: M1 missing Serial Number")
4609 data
+= b
'\x10\x24\x00\x00'
4610 send_wlanevent(url
, uuid
, data
)
4612 logger
.info("EAP message: M1 missing Primary Device Type")
4613 data
+= b
'\x10\x42\x00\x00'
4614 send_wlanevent(url
, uuid
, data
)
4616 logger
.info("EAP message: M1 missing Device Name")
4617 data
+= b
'\x10\x54\x00\x08' + 8 * b
'\x00'
4618 send_wlanevent(url
, uuid
, data
)
4620 logger
.info("EAP message: M1 missing RF Bands")
4621 data
+= b
'\x10\x11\x00\x00'
4622 send_wlanevent(url
, uuid
, data
)
4624 logger
.info("EAP message: M1 missing Association State")
4625 data
+= b
'\x10\x3c\x00\x01\x00'
4626 send_wlanevent(url
, uuid
, data
)
4628 logger
.info("EAP message: M1 missing Device Password ID")
4629 data
+= b
'\x10\x02\x00\x02\x00\x00'
4630 send_wlanevent(url
, uuid
, data
)
4632 logger
.info("EAP message: M1 missing Configuration Error")
4633 data
+= b
'\x10\x12\x00\x02\x00\x00'
4634 send_wlanevent(url
, uuid
, data
)
4636 logger
.info("EAP message: M1 missing OS Version")
4637 data
+= b
'\x10\x09\x00\x02\x00\x00'
4638 send_wlanevent(url
, uuid
, data
)
4640 logger
.info("Check max concurrent requests")
4641 addr
= (url
.hostname
, url
.port
)
4644 socks
[i
] = socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4646 socks
[i
].settimeout(10)
4647 socks
[i
].connect(addr
)
4649 socks
[i
].send(b
"GET / HTTP/1.1\r\n\r\n")
4653 res
= socks
[i
].recv(100).decode()
4657 logger
.info("recv[%d]: len=%d" % (i
, len(res
)))
4661 logger
.info("%d concurrent HTTP GET operations returned response" % count
)
4663 raise Exception("Too few concurrent HTTP connections accepted")
4665 logger
.info("OOM in HTTP server")
4666 for func
in ["http_request_init", "httpread_create",
4667 "eloop_register_timeout;httpread_create",
4668 "eloop_sock_table_add_sock;?eloop_register_sock;httpread_create",
4669 "httpread_hdr_analyze"]:
4670 with
alloc_fail(dev
[0], 1, func
):
4671 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4674 sock
.send(b
"GET / HTTP/1.1\r\n\r\n")
4681 logger
.info("Invalid HTTP header")
4682 for req
in [" GET / HTTP/1.1\r\n\r\n",
4683 "HTTP/1.1 200 OK\r\n\r\n",
4685 "GET %%a%aa% HTTP/1.1\r\n\r\n",
4686 "GET / HTTP/1.1\r\n FOO\r\n\r\n",
4687 "NOTIFY / HTTP/1.1\r\n" + 4097*'a' + '\r\n\r\n',
4688 "NOTIFY / HTTP/1.1\r\n\r\n" + 8193*'a',
4689 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n foo\r\n",
4690 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n1\r\nfoo\r\n",
4691 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n0\r\n",
4692 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n0\r\naa\ra\r\n\ra"]:
4693 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4695 sock
.settimeout(0.1)
4697 sock
.send(req
.encode())
4704 with
alloc_fail(dev
[0], 2, "httpread_read_handler"):
4705 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4708 sock
.send(b
"NOTIFY / HTTP/1.1\r\n\r\n" + 4500 * b
'a')
4715 conn
= HTTPConnection(url
.netloc
)
4717 headers
= {"Content-type": 'text/xml; charset="utf-8"',
4718 "Server": "Unspecified, UPnP/1.0, Unspecified",
4721 "SID": "uuid:" + uuid
,
4723 "Content-Length": str(len(payload
))}
4724 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4725 resp
= conn
.getresponse()
4726 if resp
.status
!= 200:
4727 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4729 conn
= HTTPConnection(url
.netloc
)
4730 payload
= '<WLANEvent foo></WLANEvent>'
4731 headers
= {"Content-type": 'text/xml; charset="utf-8"',
4732 "Server": "Unspecified, UPnP/1.0, Unspecified",
4735 "SID": "uuid:" + uuid
,
4737 "Content-Length": str(len(payload
))}
4738 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4739 resp
= conn
.getresponse()
4740 if resp
.status
!= 200:
4741 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4743 with
alloc_fail(dev
[0], 1, "xml_get_first_item"):
4744 send_wlanevent(url
, uuid
, b
'')
4746 with
alloc_fail(dev
[0], 1, "wpabuf_alloc_ext_data;xml_get_base64_item"):
4747 send_wlanevent(url
, uuid
, b
'foo')
4749 for func
in ["wps_init",
4750 "wps_process_manufacturer",
4751 "wps_process_model_name",
4752 "wps_process_model_number",
4753 "wps_process_serial_number",
4754 "wps_process_dev_name"]:
4755 with
alloc_fail(dev
[0], 1, func
):
4756 send_wlanevent(url
, uuid
, m1
)
4758 with
alloc_fail(dev
[0], 1, "wps_er_http_resp_ok"):
4759 send_wlanevent(url
, uuid
, m1
, no_response
=True)
4761 with
alloc_fail(dev
[0], 1, "wps_er_http_resp_not_found"):
4762 url2
= urlparse(wps_event_url
.replace('/event/', '/notfound/'))
4763 send_wlanevent(url2
, uuid
, m1
, no_response
=True)
4765 logger
.info("EAP message: M1")
4766 data
= b
'\x0202:11:22:00:00:00'
4767 data
+= b
'\x10\x22\x00\x01\x04'
4768 data
+= b
'\x10\x47\x00\x10' + 16 * b
'\x00'
4769 data
+= b
'\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4770 data
+= b
'\x10\x1a\x00\x10' + 16 * b
'\x00'
4771 data
+= b
'\x10\x32\x00\xc0' + 192 * b
'\x00'
4772 data
+= b
'\x10\x04\x00\x02\x00\x00'
4773 data
+= b
'\x10\x10\x00\x02\x00\x00'
4774 data
+= b
'\x10\x0d\x00\x01\x00'
4775 data
+= b
'\x10\x08\x00\x02\x00\x00'
4776 data
+= b
'\x10\x44\x00\x01\x00'
4777 data
+= b
'\x10\x21\x00\x00'
4778 data
+= b
'\x10\x23\x00\x00'
4779 data
+= b
'\x10\x24\x00\x00'
4780 data
+= b
'\x10\x42\x00\x00'
4781 data
+= b
'\x10\x54\x00\x08' + 8 * b
'\x00'
4782 data
+= b
'\x10\x11\x00\x00'
4783 data
+= b
'\x10\x3c\x00\x01\x00'
4784 data
+= b
'\x10\x02\x00\x02\x00\x00'
4785 data
+= b
'\x10\x12\x00\x02\x00\x00'
4786 data
+= b
'\x10\x09\x00\x02\x00\x00'
4787 data
+= b
'\x10\x2d\x00\x04\x00\x00\x00\x00'
4788 dev
[0].dump_monitor()
4789 with
alloc_fail(dev
[0], 1, "wps_er_add_sta_data"):
4790 send_wlanevent(url
, uuid
, data
)
4791 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=0.1)
4793 raise Exception("Unexpected enrollee add event")
4794 send_wlanevent(url
, uuid
, data
)
4795 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=2)
4797 raise Exception("Enrollee add event not seen")
4799 with
alloc_fail(dev
[0], 1,
4800 "base64_gen_encode;?base64_encode;wps_er_soap_hdr"):
4801 send_wlanevent(url
, uuid
, data
)
4803 with
alloc_fail(dev
[0], 1, "wpabuf_alloc;wps_er_soap_hdr"):
4804 send_wlanevent(url
, uuid
, data
)
4806 with
alloc_fail(dev
[0], 1, "http_client_url_parse;wps_er_sta_send_msg"):
4807 send_wlanevent(url
, uuid
, data
)
4809 with
alloc_fail(dev
[0], 1, "http_client_addr;wps_er_sta_send_msg"):
4810 send_wlanevent(url
, uuid
, data
)
4812 def test_ap_wps_er_http_proto_no_event_sub_url(dev
, apdev
):
4813 """WPS ER HTTP protocol testing - no eventSubURL"""
4814 class WPSAPHTTPServer_no_event_sub_url(WPSAPHTTPServer
):
4815 def handle_upnp_info(self
):
4816 self
.wfile
.write(gen_upnp_info(eventSubURL
=None))
4817 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_event_sub_url
,
4820 def test_ap_wps_er_http_proto_event_sub_url_dns(dev
, apdev
):
4821 """WPS ER HTTP protocol testing - DNS name in eventSubURL"""
4822 class WPSAPHTTPServer_event_sub_url_dns(WPSAPHTTPServer
):
4823 def handle_upnp_info(self
):
4824 self
.wfile
.write(gen_upnp_info(eventSubURL
='http://example.com/wps_event'))
4825 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_event_sub_url_dns
,
4828 def test_ap_wps_er_http_proto_subscribe_oom(dev
, apdev
):
4829 """WPS ER HTTP protocol testing - subscribe OOM"""
4831 _test_ap_wps_er_http_proto_subscribe_oom(dev
, apdev
)
4833 dev
[0].request("WPS_ER_STOP")
4835 def _test_ap_wps_er_http_proto_subscribe_oom(dev
, apdev
):
4836 tests
= [(1, "http_client_url_parse"),
4837 (1, "wpabuf_alloc;wps_er_subscribe"),
4838 (1, "http_client_addr"),
4839 (1, "eloop_sock_table_add_sock;?eloop_register_sock;http_client_addr"),
4840 (1, "eloop_register_timeout;http_client_addr")]
4841 for count
, func
in tests
:
4842 with
alloc_fail(dev
[0], count
, func
):
4843 server
, sock
= wps_er_start(dev
[0], WPSAPHTTPServer
)
4844 server
.handle_request()
4845 server
.handle_request()
4846 wps_er_stop(dev
[0], sock
, server
, on_alloc_fail
=True)
4848 def test_ap_wps_er_http_proto_no_sid(dev
, apdev
):
4849 """WPS ER HTTP protocol testing - no SID"""
4850 class WPSAPHTTPServer_no_sid(WPSAPHTTPServer
):
4851 def handle_wps_event(self
):
4852 self
.wfile
.write(gen_wps_event(sid
=None))
4853 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_sid
)
4855 def test_ap_wps_er_http_proto_invalid_sid_no_uuid(dev
, apdev
):
4856 """WPS ER HTTP protocol testing - invalid SID - no UUID"""
4857 class WPSAPHTTPServer_invalid_sid_no_uuid(WPSAPHTTPServer
):
4858 def handle_wps_event(self
):
4859 self
.wfile
.write(gen_wps_event(sid
='FOO'))
4860 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_sid_no_uuid
)
4862 def test_ap_wps_er_http_proto_invalid_sid_uuid(dev
, apdev
):
4863 """WPS ER HTTP protocol testing - invalid SID UUID"""
4864 class WPSAPHTTPServer_invalid_sid_uuid(WPSAPHTTPServer
):
4865 def handle_wps_event(self
):
4866 self
.wfile
.write(gen_wps_event(sid
='uuid:FOO'))
4867 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_sid_uuid
)
4869 def test_ap_wps_er_http_proto_subscribe_failing(dev
, apdev
):
4870 """WPS ER HTTP protocol testing - SUBSCRIBE failing"""
4871 class WPSAPHTTPServer_fail_subscribe(WPSAPHTTPServer
):
4872 def handle_wps_event(self
):
4874 hdr
= 'HTTP/1.1 404 Not Found\r\n' + \
4875 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4876 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4877 'Connection: close\r\n' + \
4878 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4879 'Timeout: Second-1801\r\n' + \
4880 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4881 self
.wfile
.write((hdr
+ payload
).encode())
4882 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_fail_subscribe
)
4884 def test_ap_wps_er_http_proto_subscribe_invalid_response(dev
, apdev
):
4885 """WPS ER HTTP protocol testing - SUBSCRIBE and invalid response"""
4886 class WPSAPHTTPServer_subscribe_invalid_response(WPSAPHTTPServer
):
4887 def handle_wps_event(self
):
4889 hdr
= 'HTTP/1.1 FOO\r\n' + \
4890 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4891 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4892 'Connection: close\r\n' + \
4893 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4894 'Timeout: Second-1801\r\n' + \
4895 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4896 self
.wfile
.write((hdr
+ payload
).encode())
4897 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_subscribe_invalid_response
)
4899 def test_ap_wps_er_http_proto_subscribe_invalid_response(dev
, apdev
):
4900 """WPS ER HTTP protocol testing - SUBSCRIBE and invalid response"""
4901 class WPSAPHTTPServer_invalid_m1(WPSAPHTTPServer
):
4902 def handle_wps_control(self
):
4903 payload
= '''<?xml version="1.0"?>
4904 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
4906 <u:GetDeviceInfoResponse xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
4907 <NewDeviceInfo>Rk9P</NewDeviceInfo>
4908 </u:GetDeviceInfoResponse>
4912 self
.wfile
.write(gen_wps_control(payload_override
=payload
))
4913 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_m1
, no_event_url
=True)
4915 def test_ap_wps_er_http_proto_upnp_info_no_device(dev
, apdev
):
4916 """WPS ER HTTP protocol testing - No device in UPnP info"""
4917 class WPSAPHTTPServer_no_device(WPSAPHTTPServer
):
4918 def handle_upnp_info(self
):
4919 payload
= '''<?xml version="1.0"?>
4920 <root xmlns="urn:schemas-upnp-org:device-1-0">
4927 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4928 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4929 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4930 'Connection: close\r\n' + \
4931 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4932 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4933 self
.wfile
.write((hdr
+ payload
).encode())
4934 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_device
, no_event_url
=True)
4936 def test_ap_wps_er_http_proto_upnp_info_no_device_type(dev
, apdev
):
4937 """WPS ER HTTP protocol testing - No deviceType in UPnP info"""
4938 class WPSAPHTTPServer_no_device(WPSAPHTTPServer
):
4939 def handle_upnp_info(self
):
4940 payload
= '''<?xml version="1.0"?>
4941 <root xmlns="urn:schemas-upnp-org:device-1-0">
4950 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4951 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4952 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4953 'Connection: close\r\n' + \
4954 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4955 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4956 self
.wfile
.write((hdr
+ payload
).encode())
4957 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_device
, no_event_url
=True)
4959 def test_ap_wps_er_http_proto_upnp_info_invalid_udn_uuid(dev
, apdev
):
4960 """WPS ER HTTP protocol testing - Invalid UDN UUID"""
4961 class WPSAPHTTPServer_invalid_udn_uuid(WPSAPHTTPServer
):
4962 def handle_upnp_info(self
):
4963 self
.wfile
.write(gen_upnp_info(udn
='uuid:foo'))
4964 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_udn_uuid
)
4966 def test_ap_wps_er_http_proto_no_control_url(dev
, apdev
):
4967 """WPS ER HTTP protocol testing - no controlURL"""
4968 class WPSAPHTTPServer_no_control_url(WPSAPHTTPServer
):
4969 def handle_upnp_info(self
):
4970 self
.wfile
.write(gen_upnp_info(controlURL
=None))
4971 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_control_url
,
4974 def test_ap_wps_er_http_proto_control_url_dns(dev
, apdev
):
4975 """WPS ER HTTP protocol testing - DNS name in controlURL"""
4976 class WPSAPHTTPServer_control_url_dns(WPSAPHTTPServer
):
4977 def handle_upnp_info(self
):
4978 self
.wfile
.write(gen_upnp_info(controlURL
='http://example.com/wps_control'))
4979 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_control_url_dns
,
4982 def test_ap_wps_http_timeout(dev
, apdev
):
4983 """WPS AP/ER and HTTP timeout"""
4985 _test_ap_wps_http_timeout(dev
, apdev
)
4987 dev
[0].request("WPS_ER_STOP")
4989 def _test_ap_wps_http_timeout(dev
, apdev
):
4990 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
4991 add_ssdp_ap(apdev
[0], ap_uuid
)
4993 location
= ssdp_get_location(ap_uuid
)
4994 url
= urlparse(location
)
4995 addr
= (url
.hostname
, url
.port
)
4996 logger
.debug("Open HTTP connection to hostapd, but do not complete request")
4997 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
5002 class DummyServer(StreamRequestHandler
):
5004 logger
.debug("DummyServer - start 31 sec wait")
5006 logger
.debug("DummyServer - wait done")
5008 logger
.debug("Start WPS ER")
5009 server
, sock2
= wps_er_start(dev
[0], DummyServer
, max_age
=40,
5012 logger
.debug("Start server to accept, but not complete, HTTP connection from WPS ER")
5013 # This will wait for 31 seconds..
5014 server
.handle_request()
5016 logger
.debug("Complete HTTP connection with hostapd (that should have already closed the connection)")
5018 sock
.send("ET / HTTP/1.1\r\n\r\n")
5019 res
= sock
.recv(100)
5024 def test_ap_wps_er_url_parse(dev
, apdev
):
5025 """WPS ER and URL parsing special cases"""
5027 _test_ap_wps_er_url_parse(dev
, apdev
)
5029 dev
[0].request("WPS_ER_STOP")
5031 def _test_ap_wps_er_url_parse(dev
, apdev
):
5032 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
5034 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
5035 sock
.bind(("239.255.255.250", 1900))
5036 dev
[0].request("WPS_ER_START ifname=lo")
5037 (msg
, addr
) = sock
.recvfrom(1000)
5039 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
5040 if "M-SEARCH" not in msg
:
5041 raise Exception("Not an M-SEARCH")
5042 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1\r\ncache-control:max-age=1\r\n\r\n", addr
)
5043 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=2)
5044 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1/:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
5045 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=2)
5046 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://255.255.255.255:0/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr
)
5047 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=2)
5051 def test_ap_wps_er_link_update(dev
, apdev
):
5052 """WPS ER and link update special cases"""
5053 class WPSAPHTTPServer_link_update(WPSAPHTTPServer
):
5054 def handle_upnp_info(self
):
5055 self
.wfile
.write(gen_upnp_info(controlURL
='/wps_control'))
5056 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_link_update
)
5058 class WPSAPHTTPServer_link_update2(WPSAPHTTPServer
):
5059 def handle_others(self
, data
):
5060 if "GET / " in data
:
5061 self
.wfile
.write(gen_upnp_info(controlURL
='/wps_control'))
5062 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_link_update2
,
5063 location_url
='http://127.0.0.1:12345')
5065 def test_ap_wps_er_http_client(dev
, apdev
):
5066 """WPS ER and HTTP client special cases"""
5067 with
alloc_fail(dev
[0], 1, "http_link_update"):
5068 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer
)
5070 with
alloc_fail(dev
[0], 1, "wpabuf_alloc;http_client_url"):
5071 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer
, no_event_url
=True)
5073 with
alloc_fail(dev
[0], 1, "httpread_create;http_client_tx_ready"):
5074 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer
, no_event_url
=True)
5076 class WPSAPHTTPServer_req_as_resp(WPSAPHTTPServer
):
5077 def handle_upnp_info(self
):
5078 self
.wfile
.write(b
"GET / HTTP/1.1\r\n\r\n")
5079 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_req_as_resp
,
5082 def test_ap_wps_init_oom(dev
, apdev
):
5083 """wps_init OOM cases"""
5086 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5088 hapd
= hostapd
.add_ap(apdev
[0], params
)
5089 pin
= dev
[0].wps_read_pin()
5091 with
alloc_fail(hapd
, 1, "wps_init"):
5092 hapd
.request("WPS_PIN any " + pin
)
5093 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5094 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5095 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5097 raise Exception("No EAP failure reported")
5098 dev
[0].request("WPS_CANCEL")
5100 with
alloc_fail(dev
[0], 2, "wps_init"):
5101 hapd
.request("WPS_PIN any " + pin
)
5102 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5103 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5104 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5106 raise Exception("No EAP failure reported")
5107 dev
[0].request("WPS_CANCEL")
5109 with
alloc_fail(dev
[0], 2, "wps_init"):
5110 hapd
.request("WPS_PBC")
5111 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5112 dev
[0].request("WPS_PBC %s" % (apdev
[0]['bssid']))
5113 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5115 raise Exception("No EAP failure reported")
5116 dev
[0].request("WPS_CANCEL")
5118 dev
[0].dump_monitor()
5119 new_ssid
= "wps-new-ssid"
5120 new_passphrase
= "1234567890"
5121 with
alloc_fail(dev
[0], 3, "wps_init"):
5122 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
5123 new_passphrase
, no_wait
=True)
5124 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5126 raise Exception("No EAP failure reported")
5128 dev
[0].flush_scan_cache()
5131 def test_ap_wps_invalid_assoc_req_elem(dev
, apdev
):
5132 """WPS and invalid IE in Association Request frame"""
5134 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5135 hapd
= hostapd
.add_ap(apdev
[0], params
)
5137 hapd
.request("WPS_PIN any " + pin
)
5138 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5140 dev
[0].request("VENDOR_ELEM_ADD 13 dd050050f20410")
5141 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5143 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=10)
5144 if ev
and "vendor=14122" in ev
:
5146 if ev
is None or "vendor=14122" not in ev
:
5147 raise Exception("EAP-WSC not started")
5148 dev
[0].request("WPS_CANCEL")
5150 dev
[0].request("VENDOR_ELEM_REMOVE 13 *")
5152 def test_ap_wps_pbc_pin_mismatch(dev
, apdev
):
5153 """WPS PBC/PIN mismatch"""
5155 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5156 hapd
= hostapd
.add_ap(apdev
[0], params
)
5157 hapd
.request("SET wps_version_number 0x10")
5158 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5159 hapd
.request("WPS_PBC")
5160 pin
= dev
[0].wps_read_pin()
5161 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5162 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
5164 raise Exception("Scan did not complete")
5165 dev
[0].request("WPS_CANCEL")
5167 hapd
.request("WPS_CANCEL")
5168 dev
[0].flush_scan_cache()
5171 def test_ap_wps_ie_invalid(dev
, apdev
):
5172 """WPS PIN attempt with AP that has invalid WSC IE"""
5174 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5175 "vendor_elements": "dd050050f20410"}
5176 hapd
= hostapd
.add_ap(apdev
[0], params
)
5177 params
= {'ssid': "another", "vendor_elements": "dd050050f20410"}
5178 hostapd
.add_ap(apdev
[1], params
)
5179 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5180 pin
= dev
[0].wps_read_pin()
5181 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5182 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
5184 raise Exception("Scan did not complete")
5185 dev
[0].request("WPS_CANCEL")
5188 def test_ap_wps_scan_prio_order(dev
, apdev
):
5189 """WPS scan priority ordering"""
5191 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5192 hapd
= hostapd
.add_ap(apdev
[0], params
)
5193 params
= {'ssid': "another", "vendor_elements": "dd050050f20410"}
5194 hostapd
.add_ap(apdev
[1], params
)
5195 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5196 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
5197 pin
= dev
[0].wps_read_pin()
5198 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5199 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
5201 raise Exception("Scan did not complete")
5202 dev
[0].request("WPS_CANCEL")
5204 def test_ap_wps_probe_req_ie_oom(dev
, apdev
):
5205 """WPS ProbeReq IE OOM"""
5207 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5208 hapd
= hostapd
.add_ap(apdev
[0], params
)
5209 pin
= dev
[0].wps_read_pin()
5210 hapd
.request("WPS_PIN any " + pin
)
5211 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5212 with
alloc_fail(dev
[0], 1, "wps_build_probe_req_ie"):
5213 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5214 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5216 raise Exception("Association not seen")
5217 dev
[0].request("WPS_CANCEL")
5218 dev
[0].wait_disconnected()
5220 with
alloc_fail(dev
[0], 1, "wps_ie_encapsulate"):
5221 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5222 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5224 raise Exception("Association not seen")
5225 dev
[0].request("WPS_CANCEL")
5227 dev
[0].request("REMOVE_NETWORK all")
5228 dev
[0].wait_disconnected()
5230 dev
[0].flush_scan_cache()
5232 def test_ap_wps_assoc_req_ie_oom(dev
, apdev
):
5233 """WPS AssocReq IE OOM"""
5235 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5236 hapd
= hostapd
.add_ap(apdev
[0], params
)
5237 pin
= dev
[0].wps_read_pin()
5238 hapd
.request("WPS_PIN any " + pin
)
5239 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5240 with
alloc_fail(dev
[0], 1, "wps_build_assoc_req_ie"):
5241 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5242 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5244 raise Exception("Association not seen")
5245 dev
[0].request("WPS_CANCEL")
5247 def test_ap_wps_assoc_resp_ie_oom(dev
, apdev
):
5248 """WPS AssocResp IE OOM"""
5250 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5251 hapd
= hostapd
.add_ap(apdev
[0], params
)
5252 pin
= dev
[0].wps_read_pin()
5253 hapd
.request("WPS_PIN any " + pin
)
5254 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5255 with
alloc_fail(hapd
, 1, "wps_build_assoc_resp_ie"):
5256 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5257 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5259 raise Exception("Association not seen")
5260 dev
[0].request("WPS_CANCEL")
5263 def test_ap_wps_bss_info_errors(dev
, apdev
):
5264 """WPS BSS info errors"""
5265 params
= {"ssid": "1",
5266 "vendor_elements": "dd0e0050f20410440001ff101100010a"}
5267 hostapd
.add_ap(apdev
[0], params
)
5268 params
= {'ssid': "2", "vendor_elements": "dd050050f20410"}
5269 hostapd
.add_ap(apdev
[1], params
)
5270 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5271 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
5272 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
5273 logger
.info("BSS: " + str(bss
))
5274 if "wps_state" in bss
:
5275 raise Exception("Unexpected wps_state in BSS info")
5276 if 'wps_device_name' not in bss
:
5277 raise Exception("No wps_device_name in BSS info")
5278 if bss
['wps_device_name'] != '_':
5279 raise Exception("Unexpected wps_device_name value")
5280 bss
= dev
[0].get_bss(apdev
[1]['bssid'])
5281 logger
.info("BSS: " + str(bss
))
5283 with
alloc_fail(dev
[0], 1, "=wps_attr_text"):
5284 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
5285 logger
.info("BSS(OOM): " + str(bss
))
5287 def wps_run_pbc_fail_ap(apdev
, dev
, hapd
):
5288 hapd
.request("WPS_PBC")
5289 dev
.scan_for_bss(apdev
['bssid'], freq
="2412")
5290 dev
.request("WPS_PBC " + apdev
['bssid'])
5291 ev
= dev
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5293 raise Exception("No EAP failure reported")
5294 dev
.request("WPS_CANCEL")
5295 dev
.wait_disconnected()
5298 dev
.flush_scan_cache()
5300 except Exception as e
:
5301 if str(e
).startswith("Failed to trigger scan"):
5307 def wps_run_pbc_fail(apdev
, dev
):
5308 hapd
= wps_start_ap(apdev
)
5309 wps_run_pbc_fail_ap(apdev
, dev
, hapd
)
5312 def test_ap_wps_pk_oom(dev
, apdev
):
5313 """WPS and public key OOM"""
5314 with
alloc_fail(dev
[0], 1, "wps_build_public_key"):
5315 wps_run_pbc_fail(apdev
[0], dev
[0])
5318 def test_ap_wps_pk_oom_ap(dev
, apdev
):
5319 """WPS and public key OOM on AP"""
5320 hapd
= wps_start_ap(apdev
[0])
5321 with
alloc_fail(hapd
, 1, "wps_build_public_key"):
5322 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5325 def test_ap_wps_encr_oom_ap(dev
, apdev
):
5326 """WPS and encrypted settings decryption OOM on AP"""
5327 hapd
= wps_start_ap(apdev
[0])
5328 pin
= dev
[0].wps_read_pin()
5329 hapd
.request("WPS_PIN any " + pin
)
5330 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5331 with
alloc_fail(hapd
, 1, "wps_decrypt_encr_settings"):
5332 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " " + pin
)
5333 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=10)
5335 raise Exception("No WPS-FAIL reported")
5336 dev
[0].request("WPS_CANCEL")
5337 dev
[0].wait_disconnected()
5340 def test_ap_wps_encr_no_random_ap(dev
, apdev
):
5341 """WPS and no random data available for encryption on AP"""
5342 hapd
= wps_start_ap(apdev
[0])
5343 with
fail_test(hapd
, 1, "os_get_random;wps_build_encr_settings"):
5344 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5347 def test_ap_wps_e_hash_no_random_sta(dev
, apdev
):
5348 """WPS and no random data available for e-hash on STA"""
5349 with
fail_test(dev
[0], 1, "os_get_random;wps_build_e_hash"):
5350 wps_run_pbc_fail(apdev
[0], dev
[0])
5353 def test_ap_wps_m1_no_random(dev
, apdev
):
5354 """WPS and no random for M1 on STA"""
5355 with
fail_test(dev
[0], 1, "os_get_random;wps_build_m1"):
5356 wps_run_pbc_fail(apdev
[0], dev
[0])
5359 def test_ap_wps_m1_oom(dev
, apdev
):
5360 """WPS and OOM for M1 on STA"""
5361 with
alloc_fail(dev
[0], 1, "wps_build_m1"):
5362 wps_run_pbc_fail(apdev
[0], dev
[0])
5365 def test_ap_wps_m3_oom(dev
, apdev
):
5366 """WPS and OOM for M3 on STA"""
5367 with
alloc_fail(dev
[0], 1, "wps_build_m3"):
5368 wps_run_pbc_fail(apdev
[0], dev
[0])
5371 def test_ap_wps_m5_oom(dev
, apdev
):
5372 """WPS and OOM for M5 on STA"""
5373 hapd
= wps_start_ap(apdev
[0])
5374 hapd
.request("WPS_PBC")
5375 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5376 for i
in range(1, 3):
5377 with
alloc_fail(dev
[0], i
, "wps_build_m5"):
5378 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
5379 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5381 raise Exception("No EAP failure reported")
5382 dev
[0].request("WPS_CANCEL")
5383 dev
[0].wait_disconnected()
5384 dev
[0].flush_scan_cache()
5387 def test_ap_wps_m5_no_random(dev
, apdev
):
5388 """WPS and no random for M5 on STA"""
5389 with
fail_test(dev
[0], 1,
5390 "os_get_random;wps_build_encr_settings;wps_build_m5"):
5391 wps_run_pbc_fail(apdev
[0], dev
[0])
5394 def test_ap_wps_m7_oom(dev
, apdev
):
5395 """WPS and OOM for M7 on STA"""
5396 hapd
= wps_start_ap(apdev
[0])
5397 hapd
.request("WPS_PBC")
5398 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5399 for i
in range(1, 3):
5400 with
alloc_fail(dev
[0], i
, "wps_build_m7"):
5401 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
5402 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5404 raise Exception("No EAP failure reported")
5405 dev
[0].request("WPS_CANCEL")
5406 dev
[0].wait_disconnected()
5407 dev
[0].flush_scan_cache()
5410 def test_ap_wps_m7_no_random(dev
, apdev
):
5411 """WPS and no random for M7 on STA"""
5412 with
fail_test(dev
[0], 1,
5413 "os_get_random;wps_build_encr_settings;wps_build_m7"):
5414 wps_run_pbc_fail(apdev
[0], dev
[0])
5417 def test_ap_wps_wsc_done_oom(dev
, apdev
):
5418 """WPS and OOM for WSC_Done on STA"""
5419 with
alloc_fail(dev
[0], 1, "wps_build_wsc_done"):
5420 wps_run_pbc_fail(apdev
[0], dev
[0])
5422 def test_ap_wps_random_psk_fail(dev
, apdev
):
5423 """WPS and no random for PSK on AP"""
5425 pskfile
= "/tmp/ap_wps_per_enrollee_psk.psk_file"
5433 with
open(pskfile
, "w") as f
:
5434 f
.write("# WPA PSKs\n")
5436 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5437 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
5438 "rsn_pairwise": "CCMP", "ap_pin": appin
,
5439 "wpa_psk_file": pskfile
}
5440 hapd
= hostapd
.add_ap(apdev
[0], params
)
5442 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5443 with
fail_test(hapd
, 1, "os_get_random;wps_build_cred_network_key"):
5444 dev
[0].request("WPS_REG " + apdev
[0]['bssid'] + " " + appin
)
5445 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5447 raise Exception("No EAP failure reported")
5448 dev
[0].request("WPS_CANCEL")
5449 dev
[0].wait_disconnected()
5451 with
fail_test(hapd
, 1, "os_get_random;wps_build_cred"):
5452 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5454 with
alloc_fail(hapd
, 1, "wps_build_cred"):
5455 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5457 with
alloc_fail(hapd
, 2, "wps_build_cred"):
5458 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5462 def wps_ext_eap_identity_req(dev
, hapd
, bssid
):
5463 logger
.debug("EAP-Identity/Request")
5464 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5466 raise Exception("Timeout on EAPOL-TX from hostapd")
5467 res
= dev
.request("EAPOL_RX " + bssid
+ " " + ev
.split(' ')[2])
5469 raise Exception("EAPOL_RX to wpa_supplicant failed")
5471 def wps_ext_eap_identity_resp(hapd
, dev
, addr
):
5472 ev
= dev
.wait_event(["EAPOL-TX"], timeout
=10)
5474 raise Exception("Timeout on EAPOL-TX from wpa_supplicant")
5475 res
= hapd
.request("EAPOL_RX " + addr
+ " " + ev
.split(' ')[2])
5477 raise Exception("EAPOL_RX to hostapd failed")
5479 def wps_ext_eap_wsc(dst
, src
, src_addr
, msg
):
5481 ev
= src
.wait_event(["EAPOL-TX"], timeout
=10)
5483 raise Exception("Timeout on EAPOL-TX")
5484 res
= dst
.request("EAPOL_RX " + src_addr
+ " " + ev
.split(' ')[2])
5486 raise Exception("EAPOL_RX failed")
5488 def wps_start_ext(apdev
, dev
, pbc
=False, pin
=None):
5489 addr
= dev
.own_addr()
5490 bssid
= apdev
['bssid']
5491 ssid
= "test-wps-conf"
5492 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5493 "wpa_passphrase": "12345678", "wpa": "2",
5494 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
5495 hapd
= hostapd
.add_ap(apdev
, params
)
5498 hapd
.request("WPS_PBC")
5501 pin
= dev
.wps_read_pin()
5502 hapd
.request("WPS_PIN any " + pin
)
5503 dev
.scan_for_bss(bssid
, freq
="2412")
5504 hapd
.request("SET ext_eapol_frame_io 1")
5505 dev
.request("SET ext_eapol_frame_io 1")
5508 dev
.request("WPS_PBC " + bssid
)
5510 dev
.request("WPS_PIN " + bssid
+ " " + pin
)
5511 return addr
, bssid
, hapd
5513 def wps_auth_corrupt(dst
, src
, addr
):
5514 ev
= src
.wait_event(["EAPOL-TX"], timeout
=10)
5516 raise Exception("Timeout on EAPOL-TX")
5517 src
.request("SET ext_eapol_frame_io 0")
5518 dst
.request("SET ext_eapol_frame_io 0")
5519 msg
= ev
.split(' ')[2]
5520 if msg
[-24:-16] != '10050008':
5521 raise Exception("Could not find Authenticator attribute")
5522 # Corrupt Authenticator value
5523 msg
= msg
[:-1] + '%x' % ((int(msg
[-1], 16) + 1) % 16)
5524 res
= dst
.request("EAPOL_RX " + addr
+ " " + msg
)
5526 raise Exception("EAPOL_RX failed")
5528 def wps_fail_finish(hapd
, dev
, fail_str
):
5529 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
5531 raise Exception("WPS-FAIL not indicated")
5532 if fail_str
not in ev
:
5533 raise Exception("Unexpected WPS-FAIL value: " + ev
)
5534 dev
.request("WPS_CANCEL")
5535 dev
.wait_disconnected()
5537 def wps_auth_corrupt_from_ap(dev
, hapd
, bssid
, fail_str
):
5538 wps_auth_corrupt(dev
, hapd
, bssid
)
5539 wps_fail_finish(hapd
, dev
, fail_str
)
5541 def wps_auth_corrupt_to_ap(dev
, hapd
, addr
, fail_str
):
5542 wps_auth_corrupt(hapd
, dev
, addr
)
5543 wps_fail_finish(hapd
, dev
, fail_str
)
5545 def test_ap_wps_authenticator_mismatch_m2(dev
, apdev
):
5546 """WPS and Authenticator attribute mismatch in M2"""
5547 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5548 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5549 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5550 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5551 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5553 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=5")
5555 def test_ap_wps_authenticator_mismatch_m3(dev
, apdev
):
5556 """WPS and Authenticator attribute mismatch in M3"""
5557 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5558 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5559 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5560 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5561 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5562 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5564 wps_auth_corrupt_to_ap(dev
[0], hapd
, addr
, "msg=7")
5566 def test_ap_wps_authenticator_mismatch_m4(dev
, apdev
):
5567 """WPS and Authenticator attribute mismatch in M4"""
5568 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5569 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5570 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5571 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5572 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5573 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5574 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5576 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=8")
5578 def test_ap_wps_authenticator_mismatch_m5(dev
, apdev
):
5579 """WPS and Authenticator attribute mismatch in M5"""
5580 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5581 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5582 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5583 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5584 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5585 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5586 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5587 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5589 wps_auth_corrupt_to_ap(dev
[0], hapd
, addr
, "msg=9")
5591 def test_ap_wps_authenticator_mismatch_m6(dev
, apdev
):
5592 """WPS and Authenticator attribute mismatch in M6"""
5593 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5594 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5595 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5596 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5597 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5598 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5599 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5600 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5601 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M5")
5603 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=10")
5605 def test_ap_wps_authenticator_mismatch_m7(dev
, apdev
):
5606 """WPS and Authenticator attribute mismatch in M7"""
5607 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5608 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5609 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5610 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5611 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5612 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5613 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5614 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5615 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M5")
5616 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M6")
5618 wps_auth_corrupt_to_ap(dev
[0], hapd
, addr
, "msg=11")
5620 def test_ap_wps_authenticator_mismatch_m8(dev
, apdev
):
5621 """WPS and Authenticator attribute mismatch in M8"""
5622 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5623 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5624 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5625 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5626 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5627 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5628 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5629 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5630 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M5")
5631 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M6")
5632 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M7")
5634 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=12")
5636 def test_ap_wps_authenticator_missing_m2(dev
, apdev
):
5637 """WPS and Authenticator attribute missing from M2"""
5638 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5639 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5640 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5641 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5642 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5644 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5646 raise Exception("Timeout on EAPOL-TX")
5647 hapd
.request("SET ext_eapol_frame_io 0")
5648 dev
[0].request("SET ext_eapol_frame_io 0")
5649 msg
= ev
.split(' ')[2]
5650 if msg
[-24:-16] != '10050008':
5651 raise Exception("Could not find Authenticator attribute")
5652 # Remove Authenticator value
5654 mlen
= "%04x" % (int(msg
[4:8], 16) - 12)
5655 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:]
5656 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5658 raise Exception("EAPOL_RX failed")
5659 wps_fail_finish(hapd
, dev
[0], "msg=5")
5661 def test_ap_wps_m2_dev_passwd_id_p2p(dev
, apdev
):
5662 """WPS and M2 with different Device Password ID (P2P)"""
5663 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5664 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5665 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5666 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5667 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5669 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5671 raise Exception("Timeout on EAPOL-TX")
5672 hapd
.request("SET ext_eapol_frame_io 0")
5673 dev
[0].request("SET ext_eapol_frame_io 0")
5674 msg
= ev
.split(' ')[2]
5675 if msg
[722:730] != '10120002':
5676 raise Exception("Could not find Device Password ID attribute")
5677 # Replace Device Password ID value. This will fail Authenticator check, but
5678 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5680 msg
= msg
[0:730] + "0005" + msg
[734:]
5681 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5683 raise Exception("EAPOL_RX failed")
5684 wps_fail_finish(hapd
, dev
[0], "msg=5")
5686 def test_ap_wps_m2_dev_passwd_id_change_pin_to_pbc(dev
, apdev
):
5687 """WPS and M2 with different Device Password ID (PIN to PBC)"""
5688 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5689 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5690 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5691 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5692 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5694 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5696 raise Exception("Timeout on EAPOL-TX")
5697 hapd
.request("SET ext_eapol_frame_io 0")
5698 dev
[0].request("SET ext_eapol_frame_io 0")
5699 msg
= ev
.split(' ')[2]
5700 if msg
[722:730] != '10120002':
5701 raise Exception("Could not find Device Password ID attribute")
5702 # Replace Device Password ID value (PIN --> PBC). This will be rejected.
5703 msg
= msg
[0:730] + "0004" + msg
[734:]
5704 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5706 raise Exception("EAPOL_RX failed")
5707 wps_fail_finish(hapd
, dev
[0], "msg=5")
5709 def test_ap_wps_m2_dev_passwd_id_change_pbc_to_pin(dev
, apdev
):
5710 """WPS and M2 with different Device Password ID (PBC to PIN)"""
5711 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5712 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5713 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5714 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5715 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5717 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5719 raise Exception("Timeout on EAPOL-TX")
5720 hapd
.request("SET ext_eapol_frame_io 0")
5721 dev
[0].request("SET ext_eapol_frame_io 0")
5722 msg
= ev
.split(' ')[2]
5723 if msg
[722:730] != '10120002':
5724 raise Exception("Could not find Device Password ID attribute")
5725 # Replace Device Password ID value. This will fail Authenticator check, but
5726 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5728 msg
= msg
[0:730] + "0000" + msg
[734:]
5729 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5731 raise Exception("EAPOL_RX failed")
5732 wps_fail_finish(hapd
, dev
[0], "msg=5")
5733 dev
[0].flush_scan_cache()
5735 def test_ap_wps_m2_missing_dev_passwd_id(dev
, apdev
):
5736 """WPS and M2 without Device Password ID"""
5737 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5738 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5739 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5740 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5741 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5743 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5745 raise Exception("Timeout on EAPOL-TX")
5746 hapd
.request("SET ext_eapol_frame_io 0")
5747 dev
[0].request("SET ext_eapol_frame_io 0")
5748 msg
= ev
.split(' ')[2]
5749 if msg
[722:730] != '10120002':
5750 raise Exception("Could not find Device Password ID attribute")
5751 # Remove Device Password ID value. This will fail Authenticator check, but
5752 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5754 mlen
= "%04x" % (int(msg
[4:8], 16) - 6)
5755 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:722] + msg
[734:]
5756 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5758 raise Exception("EAPOL_RX failed")
5759 wps_fail_finish(hapd
, dev
[0], "msg=5")
5761 def test_ap_wps_m2_missing_registrar_nonce(dev
, apdev
):
5762 """WPS and M2 without Registrar Nonce"""
5763 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5764 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5765 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5766 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5767 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5769 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5771 raise Exception("Timeout on EAPOL-TX")
5772 hapd
.request("SET ext_eapol_frame_io 0")
5773 dev
[0].request("SET ext_eapol_frame_io 0")
5774 msg
= ev
.split(' ')[2]
5775 if msg
[96:104] != '10390010':
5776 raise Exception("Could not find Registrar Nonce attribute")
5777 # Remove Registrar Nonce. This will fail Authenticator check, but
5778 # allows the code path in wps_process_registrar_nonce() to be checked from
5780 mlen
= "%04x" % (int(msg
[4:8], 16) - 20)
5781 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:96] + msg
[136:]
5782 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5784 raise Exception("EAPOL_RX failed")
5785 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5787 raise Exception("Disconnect event not seen")
5788 dev
[0].request("WPS_CANCEL")
5789 dev
[0].flush_scan_cache()
5791 def test_ap_wps_m2_missing_enrollee_nonce(dev
, apdev
):
5792 """WPS and M2 without Enrollee Nonce"""
5793 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5794 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5795 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5796 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5797 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5799 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5801 raise Exception("Timeout on EAPOL-TX")
5802 hapd
.request("SET ext_eapol_frame_io 0")
5803 dev
[0].request("SET ext_eapol_frame_io 0")
5804 msg
= ev
.split(' ')[2]
5805 if msg
[56:64] != '101a0010':
5806 raise Exception("Could not find enrollee Nonce attribute")
5807 # Remove Enrollee Nonce. This will fail Authenticator check, but
5808 # allows the code path in wps_process_enrollee_nonce() to be checked from
5810 mlen
= "%04x" % (int(msg
[4:8], 16) - 20)
5811 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:56] + msg
[96:]
5812 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5814 raise Exception("EAPOL_RX failed")
5815 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5817 raise Exception("Disconnect event not seen")
5818 dev
[0].request("WPS_CANCEL")
5819 dev
[0].flush_scan_cache()
5821 def test_ap_wps_m2_missing_uuid_r(dev
, apdev
):
5822 """WPS and M2 without UUID-R"""
5823 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5824 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5825 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5826 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5827 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5829 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5831 raise Exception("Timeout on EAPOL-TX")
5832 hapd
.request("SET ext_eapol_frame_io 0")
5833 dev
[0].request("SET ext_eapol_frame_io 0")
5834 msg
= ev
.split(' ')[2]
5835 if msg
[136:144] != '10480010':
5836 raise Exception("Could not find enrollee Nonce attribute")
5837 # Remove UUID-R. This will fail Authenticator check, but allows the code
5838 # path in wps_process_uuid_r() to be checked from the debug log.
5839 mlen
= "%04x" % (int(msg
[4:8], 16) - 20)
5840 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:136] + msg
[176:]
5841 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5843 raise Exception("EAPOL_RX failed")
5844 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5846 raise Exception("Disconnect event not seen")
5847 dev
[0].request("WPS_CANCEL")
5848 dev
[0].flush_scan_cache()
5850 def test_ap_wps_m2_invalid(dev
, apdev
):
5851 """WPS and M2 parsing failure"""
5852 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5853 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5854 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5855 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5856 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5858 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5860 raise Exception("Timeout on EAPOL-TX")
5861 hapd
.request("SET ext_eapol_frame_io 0")
5862 dev
[0].request("SET ext_eapol_frame_io 0")
5863 msg
= ev
.split(' ')[2]
5864 if msg
[136:144] != '10480010':
5865 raise Exception("Could not find enrollee Nonce attribute")
5866 # Remove UUID-R. This will fail Authenticator check, but allows the code
5867 # path in wps_process_uuid_r() to be checked from the debug log.
5868 mlen
= "%04x" % (int(msg
[4:8], 16) - 1)
5869 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:-2]
5870 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5872 raise Exception("EAPOL_RX failed")
5873 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5875 raise Exception("Disconnect event not seen")
5876 dev
[0].request("WPS_CANCEL")
5877 dev
[0].flush_scan_cache()
5879 def test_ap_wps_m2_missing_msg_type(dev
, apdev
):
5880 """WPS and M2 without Message Type"""
5881 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5882 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5883 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5884 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5885 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5887 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5889 raise Exception("Timeout on EAPOL-TX")
5890 hapd
.request("SET ext_eapol_frame_io 0")
5891 dev
[0].request("SET ext_eapol_frame_io 0")
5892 msg
= ev
.split(' ')[2]
5893 if msg
[46:54] != '10220001':
5894 raise Exception("Could not find Message Type attribute")
5895 # Remove Message Type. This will fail Authenticator check, but allows the
5896 # code path in wps_process_wsc_msg() to be checked from the debug log.
5897 mlen
= "%04x" % (int(msg
[4:8], 16) - 5)
5898 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:46] + msg
[56:]
5899 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5901 raise Exception("EAPOL_RX failed")
5902 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5904 raise Exception("Disconnect event not seen")
5905 dev
[0].request("WPS_CANCEL")
5906 dev
[0].flush_scan_cache()
5908 def test_ap_wps_m2_unknown_msg_type(dev
, apdev
):
5909 """WPS and M2 but unknown Message Type"""
5910 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5911 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5912 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5913 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5914 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5916 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5918 raise Exception("Timeout on EAPOL-TX")
5919 hapd
.request("SET ext_eapol_frame_io 0")
5920 dev
[0].request("SET ext_eapol_frame_io 0")
5921 msg
= ev
.split(' ')[2]
5922 if msg
[46:54] != '10220001':
5923 raise Exception("Could not find Message Type attribute")
5924 # Replace Message Type value. This will be rejected.
5925 msg
= msg
[0:54] + "00" + msg
[56:]
5926 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5928 raise Exception("EAPOL_RX failed")
5929 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5931 raise Exception("Disconnect event not seen")
5932 dev
[0].request("WPS_CANCEL")
5933 dev
[0].flush_scan_cache()
5935 def test_ap_wps_m2_unknown_opcode(dev
, apdev
):
5936 """WPS and M2 but unknown opcode"""
5937 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5938 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5939 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5940 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5941 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5943 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5945 raise Exception("Timeout on EAPOL-TX")
5946 hapd
.request("SET ext_eapol_frame_io 0")
5947 dev
[0].request("SET ext_eapol_frame_io 0")
5948 msg
= ev
.split(' ')[2]
5949 # Replace opcode. This will be discarded in EAP-WSC processing.
5950 msg
= msg
[0:32] + "00" + msg
[34:]
5951 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5953 raise Exception("EAPOL_RX failed")
5954 dev
[0].request("WPS_CANCEL")
5955 dev
[0].wait_disconnected()
5956 dev
[0].flush_scan_cache()
5958 def test_ap_wps_m2_unknown_opcode2(dev
, apdev
):
5959 """WPS and M2 but unknown opcode (WSC_Start)"""
5960 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5961 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5962 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5963 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5964 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5966 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5968 raise Exception("Timeout on EAPOL-TX")
5969 hapd
.request("SET ext_eapol_frame_io 0")
5970 dev
[0].request("SET ext_eapol_frame_io 0")
5971 msg
= ev
.split(' ')[2]
5972 # Replace opcode. This will be discarded in EAP-WSC processing.
5973 msg
= msg
[0:32] + "01" + msg
[34:]
5974 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5976 raise Exception("EAPOL_RX failed")
5977 dev
[0].request("WPS_CANCEL")
5978 dev
[0].wait_disconnected()
5979 dev
[0].flush_scan_cache()
5981 def test_ap_wps_m2_unknown_opcode3(dev
, apdev
):
5982 """WPS and M2 but unknown opcode (WSC_Done)"""
5983 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5984 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5985 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5986 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5987 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5989 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5991 raise Exception("Timeout on EAPOL-TX")
5992 hapd
.request("SET ext_eapol_frame_io 0")
5993 dev
[0].request("SET ext_eapol_frame_io 0")
5994 msg
= ev
.split(' ')[2]
5995 # Replace opcode. This will be discarded in WPS Enrollee processing.
5996 msg
= msg
[0:32] + "05" + msg
[34:]
5997 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5999 raise Exception("EAPOL_RX failed")
6000 dev
[0].request("WPS_CANCEL")
6001 dev
[0].wait_disconnected()
6002 dev
[0].flush_scan_cache()
6004 def wps_m2_but_other(dev
, apdev
, title
, msgtype
):
6005 addr
, bssid
, hapd
= wps_start_ext(apdev
, dev
)
6006 wps_ext_eap_identity_req(dev
, hapd
, bssid
)
6007 wps_ext_eap_identity_resp(hapd
, dev
, addr
)
6008 wps_ext_eap_wsc(dev
, hapd
, bssid
, "EAP-WSC/Start")
6009 wps_ext_eap_wsc(hapd
, dev
, addr
, "M1")
6011 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
6013 raise Exception("Timeout on EAPOL-TX")
6014 hapd
.request("SET ext_eapol_frame_io 0")
6015 dev
.request("SET ext_eapol_frame_io 0")
6016 msg
= ev
.split(' ')[2]
6017 if msg
[46:54] != '10220001':
6018 raise Exception("Could not find Message Type attribute")
6019 # Replace Message Type value. This will be rejected.
6020 msg
= msg
[0:54] + msgtype
+ msg
[56:]
6021 res
= dev
.request("EAPOL_RX " + bssid
+ " " + msg
)
6023 raise Exception("EAPOL_RX failed")
6024 ev
= dev
.wait_event(["WPS-FAIL"], timeout
=5)
6026 raise Exception("WPS-FAIL event not seen")
6027 dev
.request("WPS_CANCEL")
6028 dev
.wait_disconnected()
6030 def wps_m4_but_other(dev
, apdev
, title
, msgtype
):
6031 addr
, bssid
, hapd
= wps_start_ext(apdev
, dev
)
6032 wps_ext_eap_identity_req(dev
, hapd
, bssid
)
6033 wps_ext_eap_identity_resp(hapd
, dev
, addr
)
6034 wps_ext_eap_wsc(dev
, hapd
, bssid
, "EAP-WSC/Start")
6035 wps_ext_eap_wsc(hapd
, dev
, addr
, "M1")
6036 wps_ext_eap_wsc(dev
, hapd
, bssid
, "M2")
6037 wps_ext_eap_wsc(hapd
, dev
, addr
, "M3")
6039 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
6041 raise Exception("Timeout on EAPOL-TX")
6042 hapd
.request("SET ext_eapol_frame_io 0")
6043 dev
.request("SET ext_eapol_frame_io 0")
6044 msg
= ev
.split(' ')[2]
6045 if msg
[46:54] != '10220001':
6046 raise Exception("Could not find Message Type attribute")
6047 # Replace Message Type value. This will be rejected.
6048 msg
= msg
[0:54] + msgtype
+ msg
[56:]
6049 res
= dev
.request("EAPOL_RX " + bssid
+ " " + msg
)
6051 raise Exception("EAPOL_RX failed")
6052 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
6054 raise Exception("WPS-FAIL event not seen")
6055 dev
.request("WPS_CANCEL")
6056 dev
.wait_disconnected()
6058 def test_ap_wps_m2_msg_type_m4(dev
, apdev
):
6059 """WPS and M2 but Message Type M4"""
6060 wps_m2_but_other(dev
[0], apdev
[0], "M2/M4", "08")
6062 def test_ap_wps_m2_msg_type_m6(dev
, apdev
):
6063 """WPS and M2 but Message Type M6"""
6064 wps_m2_but_other(dev
[0], apdev
[0], "M2/M6", "0a")
6066 def test_ap_wps_m2_msg_type_m8(dev
, apdev
):
6067 """WPS and M2 but Message Type M8"""
6068 wps_m2_but_other(dev
[0], apdev
[0], "M2/M8", "0c")
6070 def test_ap_wps_m4_msg_type_m2(dev
, apdev
):
6071 """WPS and M4 but Message Type M2"""
6072 wps_m4_but_other(dev
[0], apdev
[0], "M4/M2", "05")
6074 def test_ap_wps_m4_msg_type_m2d(dev
, apdev
):
6075 """WPS and M4 but Message Type M2D"""
6076 wps_m4_but_other(dev
[0], apdev
[0], "M4/M2D", "06")
6079 def test_ap_wps_config_methods(dev
, apdev
):
6080 """WPS configuration method parsing"""
6081 ssid
= "test-wps-conf"
6082 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
6083 "wpa_passphrase": "12345678", "wpa": "2",
6084 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
6085 "config_methods": "ethernet display ext_nfc_token int_nfc_token physical_display physical_push_button"}
6086 hapd
= hostapd
.add_ap(apdev
[0], params
)
6087 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
6088 "wpa_passphrase": "12345678", "wpa": "2",
6089 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
6090 "config_methods": "display push_button"}
6091 hapd2
= hostapd
.add_ap(apdev
[1], params
)
6093 def test_ap_wps_set_selected_registrar_proto(dev
, apdev
):
6094 """WPS UPnP SetSelectedRegistrar protocol testing"""
6095 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
6096 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
6098 location
= ssdp_get_location(ap_uuid
)
6099 urls
= upnp_get_urls(location
)
6100 eventurl
= urlparse(urls
['event_sub_url'])
6101 ctrlurl
= urlparse(urls
['control_url'])
6102 url
= urlparse(location
)
6103 conn
= HTTPConnection(url
.netloc
)
6105 class WPSERHTTPServer(StreamRequestHandler
):
6107 data
= self
.rfile
.readline().strip()
6109 self
.wfile
.write(gen_wps_event())
6111 server
= MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer
)
6114 headers
= {"callback": '<http://127.0.0.1:12345/event>',
6116 "timeout": "Second-1234"}
6117 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
6118 resp
= conn
.getresponse()
6119 if resp
.status
!= 200:
6120 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
6121 sid
= resp
.getheader("sid")
6122 logger
.debug("Subscription SID " + sid
)
6123 server
.handle_request()
6125 tests
= [(500, "10"),
6126 (200, "104a000110" + "1041000101" + "101200020000" +
6128 "1049002c00372a0001200124111111111111222222222222333333333333444444444444555555555555666666666666" +
6129 "10480010362db47ba53a519188fb5458b986b2e4"),
6130 (200, "104a000110" + "1041000100" + "101200020000" +
6132 (200, "104a000110" + "1041000100"),
6133 (200, "104a000110")]
6134 for status
, test
in tests
:
6135 tlvs
= binascii
.unhexlify(test
)
6136 newmsg
= base64
.b64encode(tlvs
).decode()
6137 msg
= '<?xml version="1.0"?>\n'
6138 msg
+= '<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">'
6140 msg
+= '<u:SetSelectedRegistrar xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">'
6141 msg
+= '<NewMessage>'
6143 msg
+= "</NewMessage></u:SetSelectedRegistrar></s:Body></s:Envelope>"
6144 headers
= {"Content-type": 'text/xml; charset="utf-8"'}
6145 headers
["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % "SetSelectedRegistrar"
6146 conn
.request("POST", ctrlurl
.path
, msg
, headers
)
6147 resp
= conn
.getresponse()
6148 if resp
.status
!= status
:
6149 raise Exception("Unexpected HTTP response: %d (expected %d)" % (resp
.status
, status
))
6151 def test_ap_wps_adv_oom(dev
, apdev
):
6152 """WPS AP and advertisement OOM"""
6153 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
6154 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
6156 with
alloc_fail(hapd
, 1, "=msearchreply_state_machine_start"):
6157 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1",
6161 with
alloc_fail(hapd
, 1, "eloop_register_timeout;msearchreply_state_machine_start"):
6162 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1",
6166 with
alloc_fail(hapd
, 1,
6167 "next_advertisement;advertisement_state_machine_stop"):
6170 with
alloc_fail(hapd
, 1, "ssdp_listener_start"):
6171 if "FAIL" not in hapd
.request("ENABLE"):
6172 raise Exception("ENABLE succeeded during OOM")
6174 def test_wps_config_methods(dev
):
6175 """WPS config method update"""
6176 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
6177 wpas
.interface_add("wlan5")
6178 if "OK" not in wpas
.request("SET config_methods display label"):
6179 raise Exception("Failed to set config_methods")
6180 if wpas
.request("GET config_methods").strip() != "display label":
6181 raise Exception("config_methods were not updated")
6182 if "OK" not in wpas
.request("SET config_methods "):
6183 raise Exception("Failed to clear config_methods")
6184 if wpas
.request("GET config_methods").strip() != "":
6185 raise Exception("config_methods were not cleared")
6187 WPS_VENDOR_ID_WFA
= 14122
6190 # EAP-WSC Op-Code values
6198 ATTR_AP_CHANNEL
= 0x1001
6199 ATTR_ASSOC_STATE
= 0x1002
6200 ATTR_AUTH_TYPE
= 0x1003
6201 ATTR_AUTH_TYPE_FLAGS
= 0x1004
6202 ATTR_AUTHENTICATOR
= 0x1005
6203 ATTR_CONFIG_METHODS
= 0x1008
6204 ATTR_CONFIG_ERROR
= 0x1009
6205 ATTR_CONFIRM_URL4
= 0x100a
6206 ATTR_CONFIRM_URL6
= 0x100b
6207 ATTR_CONN_TYPE
= 0x100c
6208 ATTR_CONN_TYPE_FLAGS
= 0x100d
6210 ATTR_ENCR_TYPE
= 0x100f
6211 ATTR_ENCR_TYPE_FLAGS
= 0x1010
6212 ATTR_DEV_NAME
= 0x1011
6213 ATTR_DEV_PASSWORD_ID
= 0x1012
6214 ATTR_E_HASH1
= 0x1014
6215 ATTR_E_HASH2
= 0x1015
6216 ATTR_E_SNONCE1
= 0x1016
6217 ATTR_E_SNONCE2
= 0x1017
6218 ATTR_ENCR_SETTINGS
= 0x1018
6219 ATTR_ENROLLEE_NONCE
= 0x101a
6220 ATTR_FEATURE_ID
= 0x101b
6221 ATTR_IDENTITY
= 0x101c
6222 ATTR_IDENTITY_PROOF
= 0x101d
6223 ATTR_KEY_WRAP_AUTH
= 0x101e
6224 ATTR_KEY_ID
= 0x101f
6225 ATTR_MAC_ADDR
= 0x1020
6226 ATTR_MANUFACTURER
= 0x1021
6227 ATTR_MSG_TYPE
= 0x1022
6228 ATTR_MODEL_NAME
= 0x1023
6229 ATTR_MODEL_NUMBER
= 0x1024
6230 ATTR_NETWORK_INDEX
= 0x1026
6231 ATTR_NETWORK_KEY
= 0x1027
6232 ATTR_NETWORK_KEY_INDEX
= 0x1028
6233 ATTR_NEW_DEVICE_NAME
= 0x1029
6234 ATTR_NEW_PASSWORD
= 0x102a
6235 ATTR_OOB_DEVICE_PASSWORD
= 0x102c
6236 ATTR_OS_VERSION
= 0x102d
6237 ATTR_POWER_LEVEL
= 0x102f
6238 ATTR_PSK_CURRENT
= 0x1030
6239 ATTR_PSK_MAX
= 0x1031
6240 ATTR_PUBLIC_KEY
= 0x1032
6241 ATTR_RADIO_ENABLE
= 0x1033
6242 ATTR_REBOOT
= 0x1034
6243 ATTR_REGISTRAR_CURRENT
= 0x1035
6244 ATTR_REGISTRAR_ESTABLISHED
= 0x1036
6245 ATTR_REGISTRAR_LIST
= 0x1037
6246 ATTR_REGISTRAR_MAX
= 0x1038
6247 ATTR_REGISTRAR_NONCE
= 0x1039
6248 ATTR_REQUEST_TYPE
= 0x103a
6249 ATTR_RESPONSE_TYPE
= 0x103b
6250 ATTR_RF_BANDS
= 0x103c
6251 ATTR_R_HASH1
= 0x103d
6252 ATTR_R_HASH2
= 0x103e
6253 ATTR_R_SNONCE1
= 0x103f
6254 ATTR_R_SNONCE2
= 0x1040
6255 ATTR_SELECTED_REGISTRAR
= 0x1041
6256 ATTR_SERIAL_NUMBER
= 0x1042
6257 ATTR_WPS_STATE
= 0x1044
6259 ATTR_TOTAL_NETWORKS
= 0x1046
6260 ATTR_UUID_E
= 0x1047
6261 ATTR_UUID_R
= 0x1048
6262 ATTR_VENDOR_EXT
= 0x1049
6263 ATTR_VERSION
= 0x104a
6264 ATTR_X509_CERT_REQ
= 0x104b
6265 ATTR_X509_CERT
= 0x104c
6266 ATTR_EAP_IDENTITY
= 0x104d
6267 ATTR_MSG_COUNTER
= 0x104e
6268 ATTR_PUBKEY_HASH
= 0x104f
6269 ATTR_REKEY_KEY
= 0x1050
6270 ATTR_KEY_LIFETIME
= 0x1051
6271 ATTR_PERMITTED_CFG_METHODS
= 0x1052
6272 ATTR_SELECTED_REGISTRAR_CONFIG_METHODS
= 0x1053
6273 ATTR_PRIMARY_DEV_TYPE
= 0x1054
6274 ATTR_SECONDARY_DEV_TYPE_LIST
= 0x1055
6275 ATTR_PORTABLE_DEV
= 0x1056
6276 ATTR_AP_SETUP_LOCKED
= 0x1057
6277 ATTR_APPLICATION_EXT
= 0x1058
6278 ATTR_EAP_TYPE
= 0x1059
6280 ATTR_KEY_PROVIDED_AUTO
= 0x1061
6281 ATTR_802_1X_ENABLED
= 0x1062
6282 ATTR_APPSESSIONKEY
= 0x1063
6283 ATTR_WEPTRANSMITKEY
= 0x1064
6284 ATTR_REQUESTED_DEV_TYPE
= 0x106a
6288 WPS_ProbeRequest
= 0x02
6289 WPS_ProbeResponse
= 0x03
6303 def get_wsc_msg(dev
):
6304 ev
= dev
.wait_event(["EAPOL-TX"], timeout
=10)
6306 raise Exception("Timeout on EAPOL-TX")
6307 data
= binascii
.unhexlify(ev
.split(' ')[2])
6310 # Parse EAPOL header
6312 raise Exception("No room for EAPOL header")
6313 version
, type, length
= struct
.unpack('>BBH', data
[0:4])
6314 msg
['eapol_version'] = version
6315 msg
['eapol_type'] = type
6316 msg
['eapol_length'] = length
6318 if length
!= len(data
):
6319 raise Exception("EAPOL header length mismatch (%d != %d)" % (length
, len(data
)))
6321 raise Exception("Unexpected EAPOL header type: %d" % type)
6325 raise Exception("No room for EAP header")
6326 code
, identifier
, length
= struct
.unpack('>BBH', data
[0:4])
6327 msg
['eap_code'] = code
6328 msg
['eap_identifier'] = identifier
6329 msg
['eap_length'] = length
6331 if msg
['eapol_length'] != msg
['eap_length']:
6332 raise Exception("EAP header length mismatch (%d != %d)" % (msg
['eapol_length'], length
))
6334 # Parse EAP expanded header
6336 raise Exception("No EAP type included")
6337 msg
['eap_type'], = struct
.unpack('B', data
[0:1])
6340 if msg
['eap_type'] == 254:
6341 if len(data
) < 3 + 4:
6342 raise Exception("Truncated EAP expanded header")
6343 msg
['eap_vendor_id'], msg
['eap_vendor_type'] = struct
.unpack('>LL', b
'\x00' + data
[0:7])
6346 raise Exception("Unexpected EAP type")
6348 if msg
['eap_vendor_id'] != WPS_VENDOR_ID_WFA
:
6349 raise Exception("Unexpected Vendor-Id")
6350 if msg
['eap_vendor_type'] != WPS_VENDOR_TYPE
:
6351 raise Exception("Unexpected Vendor-Type")
6353 # Parse EAP-WSC header
6355 raise Exception("Truncated EAP-WSC header")
6356 msg
['wsc_opcode'], msg
['wsc_flags'] = struct
.unpack('BB', data
[0:2])
6359 # Parse WSC attributes
6360 msg
['raw_attrs'] = data
6362 while len(data
) > 0:
6364 raise Exception("Truncated attribute header")
6365 attr
, length
= struct
.unpack('>HH', data
[0:4])
6367 if length
> len(data
):
6368 raise Exception("Truncated attribute 0x%04x" % attr
)
6369 attrs
[attr
] = data
[0:length
]
6370 data
= data
[length
:]
6371 msg
['wsc_attrs'] = attrs
6373 if ATTR_MSG_TYPE
in attrs
:
6374 msg
['wsc_msg_type'], = struct
.unpack('B', attrs
[ATTR_MSG_TYPE
])
6378 def recv_wsc_msg(dev
, opcode
, msg_type
):
6379 msg
= get_wsc_msg(dev
)
6380 if msg
['wsc_opcode'] != opcode
or msg
['wsc_msg_type'] != msg_type
:
6381 raise Exception("Unexpected Op-Code/MsgType")
6382 return msg
, msg
['wsc_attrs'], msg
['raw_attrs']
6384 def build_wsc_attr(attr
, payload
):
6385 _payload
= payload
if type(payload
) == bytes
else payload
.encode()
6386 return struct
.pack('>HH', attr
, len(_payload
)) + _payload
6388 def build_attr_msg_type(msg_type
):
6389 return build_wsc_attr(ATTR_MSG_TYPE
, struct
.pack('B', msg_type
))
6391 def build_eap_wsc(eap_code
, eap_id
, payload
, opcode
=WSC_MSG
):
6392 length
= 4 + 8 + 2 + len(payload
)
6394 msg
= struct
.pack('>BBH', 2, 0, length
)
6396 msg
+= struct
.pack('>BBH', eap_code
, eap_id
, length
)
6397 # EAP expanded header for EAP-WSC
6398 msg
+= struct
.pack('B', 254)
6399 msg
+= struct
.pack('>L', WPS_VENDOR_ID_WFA
)[1:4]
6400 msg
+= struct
.pack('>L', WPS_VENDOR_TYPE
)
6402 msg
+= struct
.pack('BB', opcode
, 0)
6407 def build_eap_success(eap_id
):
6410 msg
= struct
.pack('>BBH', 2, 0, length
)
6412 msg
+= struct
.pack('>BBH', 3, eap_id
, length
)
6415 def build_eap_failure(eap_id
):
6418 msg
= struct
.pack('>BBH', 2, 0, length
)
6420 msg
+= struct
.pack('>BBH', 4, eap_id
, length
)
6423 def send_wsc_msg(dev
, src
, msg
):
6424 res
= dev
.request("EAPOL_RX " + src
+ " " + binascii
.hexlify(msg
).decode())
6426 raise Exception("EAPOL_RX failed")
6428 group_5_prime
= 0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF
6429 group_5_generator
= 2
6431 def wsc_kdf(key
, label
, bits
):
6434 while len(result
) * 8 < bits
:
6435 data
= struct
.pack('>L', i
) + label
.encode() + struct
.pack('>L', bits
)
6436 m
= hmac
.new(key
, data
, hashlib
.sha256
)
6437 result
+= m
.digest()
6439 return result
[0:bits
// 8]
6442 keys
= wsc_kdf(kdk
, "Wi-Fi Easy and Secure Key Derivation", 640)
6443 authkey
= keys
[0:32]
6444 keywrapkey
= keys
[32:48]
6446 return authkey
, keywrapkey
, emsk
6448 def wsc_dev_pw_half_psk(authkey
, dev_pw
):
6449 m
= hmac
.new(authkey
, dev_pw
.encode(), hashlib
.sha256
)
6450 return m
.digest()[0:16]
6452 def wsc_dev_pw_psk(authkey
, dev_pw
):
6453 dev_pw_1
= dev_pw
[0:len(dev_pw
) // 2]
6454 dev_pw_2
= dev_pw
[len(dev_pw
) // 2:]
6455 psk1
= wsc_dev_pw_half_psk(authkey
, dev_pw_1
)
6456 psk2
= wsc_dev_pw_half_psk(authkey
, dev_pw_2
)
6459 def build_attr_authenticator(authkey
, prev_msg
, curr_msg
):
6460 m
= hmac
.new(authkey
, prev_msg
+ curr_msg
, hashlib
.sha256
)
6461 auth
= m
.digest()[0:8]
6462 return build_wsc_attr(ATTR_AUTHENTICATOR
, auth
)
6464 def build_attr_encr_settings(authkey
, keywrapkey
, data
):
6465 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
6466 kwa
= m
.digest()[0:8]
6467 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
6469 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6470 pad_len
= 16 - len(data
) % 16
6471 ps
= pad_len
* struct
.pack('B', pad_len
)
6473 wrapped
= aes
.encrypt(data
)
6474 return build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6476 def decrypt_attr_encr_settings(authkey
, keywrapkey
, data
):
6477 if len(data
) < 32 or len(data
) % 16 != 0:
6478 raise Exception("Unexpected Encrypted Settings length: %d" % len(data
))
6481 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6482 decrypted
= aes
.decrypt(encr
)
6483 pad_len
, = struct
.unpack('B', decrypted
[-1:])
6484 if pad_len
> len(decrypted
):
6485 raise Exception("Invalid padding in Encrypted Settings")
6486 for i
in range(-pad_len
, -1):
6487 if decrypted
[i
] != decrypted
[-1]:
6488 raise Exception("Invalid PS value in Encrypted Settings")
6490 decrypted
= decrypted
[0:len(decrypted
) - pad_len
]
6491 if len(decrypted
) < 12:
6492 raise Exception("Truncated Encrypted Settings plaintext")
6493 kwa
= decrypted
[-12:]
6494 attr
, length
= struct
.unpack(">HH", kwa
[0:4])
6495 if attr
!= ATTR_KEY_WRAP_AUTH
or length
!= 8:
6496 raise Exception("Invalid KWA header")
6498 decrypted
= decrypted
[0:len(decrypted
) - 12]
6500 m
= hmac
.new(authkey
, decrypted
, hashlib
.sha256
)
6501 calc_kwa
= m
.digest()[0:8]
6503 raise Exception("KWA mismatch")
6507 def zeropad_str(val
, pad_len
):
6508 while len(val
) < pad_len
* 2:
6513 # For now, use a hardcoded private key. In theory, this is supposed to be
6514 # randomly selected.
6515 own_private
= 0x123456789
6516 own_public
= pow(group_5_generator
, own_private
, group_5_prime
)
6517 pk
= binascii
.unhexlify(zeropad_str(format(own_public
, '02x'), 192))
6518 return own_private
, pk
6520 def wsc_dh_kdf(peer_pk
, own_private
, mac_addr
, e_nonce
, r_nonce
):
6521 peer_public
= int(binascii
.hexlify(peer_pk
), 16)
6522 if peer_public
< 2 or peer_public
>= group_5_prime
:
6523 raise Exception("Invalid peer public key")
6524 if pow(peer_public
, (group_5_prime
- 1) // 2, group_5_prime
) != 1:
6525 raise Exception("Unexpected Legendre symbol for peer public key")
6527 shared_secret
= pow(peer_public
, own_private
, group_5_prime
)
6528 ss
= zeropad_str(format(shared_secret
, "02x"), 192)
6529 logger
.debug("DH shared secret: " + ss
)
6531 dhkey
= hashlib
.sha256(binascii
.unhexlify(ss
)).digest()
6532 logger
.debug("DHKey: " + binascii
.hexlify(dhkey
).decode())
6534 m
= hmac
.new(dhkey
, e_nonce
+ mac_addr
+ r_nonce
, hashlib
.sha256
)
6536 logger
.debug("KDK: " + binascii
.hexlify(kdk
).decode())
6537 authkey
, keywrapkey
, emsk
= wsc_keys(kdk
)
6538 logger
.debug("AuthKey: " + binascii
.hexlify(authkey
).decode())
6539 logger
.debug("KeyWrapKey: " + binascii
.hexlify(keywrapkey
).decode())
6540 logger
.debug("EMSK: " + binascii
.hexlify(emsk
).decode())
6541 return authkey
, keywrapkey
6543 def wsc_dev_pw_hash(authkey
, dev_pw
, e_pk
, r_pk
):
6544 psk1
, psk2
= wsc_dev_pw_psk(authkey
, dev_pw
)
6545 logger
.debug("PSK1: " + binascii
.hexlify(psk1
).decode())
6546 logger
.debug("PSK2: " + binascii
.hexlify(psk2
).decode())
6548 # Note: Secret values are supposed to be random, but hardcoded values are
6551 m
= hmac
.new(authkey
, s1
+ psk1
+ e_pk
+ r_pk
, hashlib
.sha256
)
6553 logger
.debug("Hash1: " + binascii
.hexlify(hash1
).decode())
6556 m
= hmac
.new(authkey
, s2
+ psk2
+ e_pk
+ r_pk
, hashlib
.sha256
)
6558 logger
.debug("Hash2: " + binascii
.hexlify(hash2
).decode())
6559 return s1
, s2
, hash1
, hash2
6561 def build_m1(eap_id
, uuid_e
, mac_addr
, e_nonce
, e_pk
,
6562 manufacturer
='', model_name
='', config_methods
='\x00\x00'):
6563 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6564 attrs
+= build_attr_msg_type(WPS_M1
)
6565 attrs
+= build_wsc_attr(ATTR_UUID_E
, uuid_e
)
6566 attrs
+= build_wsc_attr(ATTR_MAC_ADDR
, mac_addr
)
6567 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6568 attrs
+= build_wsc_attr(ATTR_PUBLIC_KEY
, e_pk
)
6569 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE_FLAGS
, '\x00\x00')
6570 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE_FLAGS
, '\x00\x00')
6571 attrs
+= build_wsc_attr(ATTR_CONN_TYPE_FLAGS
, '\x00')
6572 attrs
+= build_wsc_attr(ATTR_CONFIG_METHODS
, config_methods
)
6573 attrs
+= build_wsc_attr(ATTR_WPS_STATE
, '\x00')
6574 attrs
+= build_wsc_attr(ATTR_MANUFACTURER
, manufacturer
)
6575 attrs
+= build_wsc_attr(ATTR_MODEL_NAME
, model_name
)
6576 attrs
+= build_wsc_attr(ATTR_MODEL_NUMBER
, '')
6577 attrs
+= build_wsc_attr(ATTR_SERIAL_NUMBER
, '')
6578 attrs
+= build_wsc_attr(ATTR_PRIMARY_DEV_TYPE
, 8*'\x00')
6579 attrs
+= build_wsc_attr(ATTR_DEV_NAME
, '')
6580 attrs
+= build_wsc_attr(ATTR_RF_BANDS
, '\x00')
6581 attrs
+= build_wsc_attr(ATTR_ASSOC_STATE
, '\x00\x00')
6582 attrs
+= build_wsc_attr(ATTR_DEV_PASSWORD_ID
, '\x00\x00')
6583 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, '\x00\x00')
6584 attrs
+= build_wsc_attr(ATTR_OS_VERSION
, '\x00\x00\x00\x00')
6585 m1
= build_eap_wsc(2, eap_id
, attrs
)
6588 def build_m2(authkey
, m1
, eap_id
, e_nonce
, r_nonce
, uuid_r
, r_pk
,
6589 dev_pw_id
='\x00\x00', eap_code
=1):
6590 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6591 attrs
+= build_attr_msg_type(WPS_M2
)
6593 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6595 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6596 attrs
+= build_wsc_attr(ATTR_UUID_R
, uuid_r
)
6598 attrs
+= build_wsc_attr(ATTR_PUBLIC_KEY
, r_pk
)
6599 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE_FLAGS
, '\x00\x00')
6600 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE_FLAGS
, '\x00\x00')
6601 attrs
+= build_wsc_attr(ATTR_CONN_TYPE_FLAGS
, '\x00')
6602 attrs
+= build_wsc_attr(ATTR_CONFIG_METHODS
, '\x00\x00')
6603 attrs
+= build_wsc_attr(ATTR_MANUFACTURER
, '')
6604 attrs
+= build_wsc_attr(ATTR_MODEL_NAME
, '')
6605 attrs
+= build_wsc_attr(ATTR_MODEL_NUMBER
, '')
6606 attrs
+= build_wsc_attr(ATTR_SERIAL_NUMBER
, '')
6607 attrs
+= build_wsc_attr(ATTR_PRIMARY_DEV_TYPE
, 8*'\x00')
6608 attrs
+= build_wsc_attr(ATTR_DEV_NAME
, '')
6609 attrs
+= build_wsc_attr(ATTR_RF_BANDS
, '\x00')
6610 attrs
+= build_wsc_attr(ATTR_ASSOC_STATE
, '\x00\x00')
6611 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, '\x00\x00')
6612 attrs
+= build_wsc_attr(ATTR_DEV_PASSWORD_ID
, dev_pw_id
)
6613 attrs
+= build_wsc_attr(ATTR_OS_VERSION
, '\x00\x00\x00\x00')
6614 attrs
+= build_attr_authenticator(authkey
, m1
, attrs
)
6615 m2
= build_eap_wsc(eap_code
, eap_id
, attrs
)
6618 def build_m2d(m1
, eap_id
, e_nonce
, r_nonce
, uuid_r
, dev_pw_id
=None, eap_code
=1):
6619 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6620 attrs
+= build_attr_msg_type(WPS_M2D
)
6621 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6622 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6623 attrs
+= build_wsc_attr(ATTR_UUID_R
, uuid_r
)
6624 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE_FLAGS
, '\x00\x00')
6625 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE_FLAGS
, '\x00\x00')
6626 attrs
+= build_wsc_attr(ATTR_CONN_TYPE_FLAGS
, '\x00')
6627 attrs
+= build_wsc_attr(ATTR_CONFIG_METHODS
, '\x00\x00')
6628 attrs
+= build_wsc_attr(ATTR_MANUFACTURER
, '')
6629 attrs
+= build_wsc_attr(ATTR_MODEL_NAME
, '')
6630 #attrs += build_wsc_attr(ATTR_MODEL_NUMBER, '')
6631 attrs
+= build_wsc_attr(ATTR_SERIAL_NUMBER
, '')
6632 attrs
+= build_wsc_attr(ATTR_PRIMARY_DEV_TYPE
, 8*'\x00')
6633 attrs
+= build_wsc_attr(ATTR_DEV_NAME
, '')
6634 attrs
+= build_wsc_attr(ATTR_RF_BANDS
, '\x00')
6635 attrs
+= build_wsc_attr(ATTR_ASSOC_STATE
, '\x00\x00')
6636 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, '\x00\x00')
6637 attrs
+= build_wsc_attr(ATTR_OS_VERSION
, '\x00\x00\x00\x00')
6639 attrs
+= build_wsc_attr(ATTR_DEV_PASSWORD_ID
, dev_pw_id
)
6640 m2d
= build_eap_wsc(eap_code
, eap_id
, attrs
)
6643 def build_ack(eap_id
, e_nonce
, r_nonce
, msg_type
=WPS_WSC_ACK
, eap_code
=1):
6644 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6645 if msg_type
is not None:
6646 attrs
+= build_attr_msg_type(msg_type
)
6648 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6650 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6651 msg
= build_eap_wsc(eap_code
, eap_id
, attrs
, opcode
=WSC_ACK
)
6654 def build_nack(eap_id
, e_nonce
, r_nonce
, config_error
='\x00\x00',
6655 msg_type
=WPS_WSC_NACK
, eap_code
=1):
6656 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6657 if msg_type
is not None:
6658 attrs
+= build_attr_msg_type(msg_type
)
6660 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6662 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6664 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, config_error
)
6665 msg
= build_eap_wsc(eap_code
, eap_id
, attrs
, opcode
=WSC_NACK
)
6668 def test_wps_ext(dev
, apdev
):
6669 """WPS against external implementation"""
6671 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6672 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6673 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6675 logger
.debug("Receive WSC/Start from AP")
6676 msg
= get_wsc_msg(hapd
)
6677 if msg
['wsc_opcode'] != WSC_Start
:
6678 raise Exception("Unexpected Op-Code for WSC/Start")
6679 wsc_start_id
= msg
['eap_identifier']
6681 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6683 e_nonce
= 16*b
'\x22'
6684 own_private
, e_pk
= wsc_dh_init()
6686 logger
.debug("Send M1 to AP")
6687 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
6689 send_wsc_msg(hapd
, addr
, m1
)
6691 logger
.debug("Receive M2 from AP")
6692 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
6694 authkey
, keywrapkey
= wsc_dh_kdf(m2_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6696 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6697 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
,
6698 m2_attrs
[ATTR_PUBLIC_KEY
])
6700 logger
.debug("Send M3 to AP")
6701 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6702 attrs
+= build_attr_msg_type(WPS_M3
)
6703 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6704 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6705 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
6706 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
6707 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
6708 raw_m3_attrs
= attrs
6709 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
6710 send_wsc_msg(hapd
, addr
, m3
)
6712 logger
.debug("Receive M4 from AP")
6713 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
6715 logger
.debug("Send M5 to AP")
6716 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6717 attrs
+= build_attr_msg_type(WPS_M5
)
6718 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6719 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6720 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
6721 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6722 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
6723 raw_m5_attrs
= attrs
6724 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
6725 send_wsc_msg(hapd
, addr
, m5
)
6727 logger
.debug("Receive M6 from AP")
6728 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
6730 logger
.debug("Send M7 to AP")
6731 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6732 attrs
+= build_attr_msg_type(WPS_M7
)
6733 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6734 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6735 data
= build_wsc_attr(ATTR_E_SNONCE2
, e_s2
)
6736 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6737 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
6738 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
6739 raw_m7_attrs
= attrs
6740 send_wsc_msg(hapd
, addr
, m7
)
6742 logger
.debug("Receive M8 from AP")
6743 msg
, m8_attrs
, raw_m8_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M8
)
6744 m8_cred
= decrypt_attr_encr_settings(authkey
, keywrapkey
,
6745 m8_attrs
[ATTR_ENCR_SETTINGS
])
6746 logger
.debug("M8 Credential: " + binascii
.hexlify(m8_cred
).decode())
6748 logger
.debug("Prepare WSC_Done")
6749 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6750 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
6751 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6752 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6753 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6754 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
6755 # Do not send WSC_Done yet to allow exchangw with STA complete before the
6759 r_nonce
= 16*b
'\x44'
6761 eap_id
= wsc_start_id
6762 logger
.debug("Send WSC/Start to STA")
6763 wsc_start
= build_eap_wsc(1, eap_id
, b
'', opcode
=WSC_Start
)
6764 send_wsc_msg(dev
[0], bssid
, wsc_start
)
6765 eap_id
= (eap_id
+ 1) % 256
6767 logger
.debug("Receive M1 from STA")
6768 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
6770 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6771 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
6773 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
6774 m1_attrs
[ATTR_PUBLIC_KEY
],
6777 logger
.debug("Send M2 to STA")
6778 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
6779 m1_attrs
[ATTR_ENROLLEE_NONCE
],
6780 r_nonce
, uuid_r
, e_pk
)
6781 send_wsc_msg(dev
[0], bssid
, m2
)
6782 eap_id
= (eap_id
+ 1) % 256
6784 logger
.debug("Receive M3 from STA")
6785 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
6787 logger
.debug("Send M4 to STA")
6788 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6789 attrs
+= build_attr_msg_type(WPS_M4
)
6790 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
6791 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
6792 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
6793 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6794 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6795 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
6796 raw_m4_attrs
= attrs
6797 m4
= build_eap_wsc(1, eap_id
, attrs
)
6798 send_wsc_msg(dev
[0], bssid
, m4
)
6799 eap_id
= (eap_id
+ 1) % 256
6801 logger
.debug("Receive M5 from STA")
6802 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
6804 logger
.debug("Send M6 to STA")
6805 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6806 attrs
+= build_attr_msg_type(WPS_M6
)
6807 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6808 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6809 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
6810 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6811 attrs
+= build_attr_authenticator(authkey
, raw_m5_attrs
, attrs
)
6812 raw_m6_attrs
= attrs
6813 m6
= build_eap_wsc(1, eap_id
, attrs
)
6814 send_wsc_msg(dev
[0], bssid
, m6
)
6815 eap_id
= (eap_id
+ 1) % 256
6817 logger
.debug("Receive M7 from STA")
6818 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M7
)
6820 logger
.debug("Send M8 to STA")
6821 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6822 attrs
+= build_attr_msg_type(WPS_M8
)
6823 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6824 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6825 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, m8_cred
)
6826 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
6827 raw_m8_attrs
= attrs
6828 m8
= build_eap_wsc(1, eap_id
, attrs
)
6829 send_wsc_msg(dev
[0], bssid
, m8
)
6830 eap_id
= (eap_id
+ 1) % 256
6832 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=5)
6834 raise Exception("wpa_supplicant did not report credential")
6836 logger
.debug("Receive WSC_Done from STA")
6837 msg
= get_wsc_msg(dev
[0])
6838 if msg
['wsc_opcode'] != WSC_Done
or msg
['wsc_msg_type'] != WPS_WSC_DONE
:
6839 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
6841 logger
.debug("Send WSC_Done to AP")
6842 hapd
.request("SET ext_eapol_frame_io 0")
6843 dev
[0].request("SET ext_eapol_frame_io 0")
6844 send_wsc_msg(hapd
, addr
, wsc_done
)
6846 ev
= hapd
.wait_event(["WPS-REG-SUCCESS"], timeout
=5)
6848 raise Exception("hostapd did not report WPS success")
6850 dev
[0].wait_connected()
6852 def wps_start_kwa(dev
, apdev
):
6854 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6855 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6856 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6857 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
6859 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6861 r_nonce
= 16*b
'\x44'
6862 own_private
, e_pk
= wsc_dh_init()
6864 logger
.debug("Receive M1 from STA")
6865 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
6866 eap_id
= (msg
['eap_identifier'] + 1) % 256
6868 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6869 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
6871 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
6872 m1_attrs
[ATTR_PUBLIC_KEY
],
6875 logger
.debug("Send M2 to STA")
6876 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
6877 m1_attrs
[ATTR_ENROLLEE_NONCE
],
6878 r_nonce
, uuid_r
, e_pk
)
6879 send_wsc_msg(dev
[0], bssid
, m2
)
6880 eap_id
= (eap_id
+ 1) % 256
6882 logger
.debug("Receive M3 from STA")
6883 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
6885 logger
.debug("Send M4 to STA")
6886 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6887 attrs
+= build_attr_msg_type(WPS_M4
)
6888 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
6889 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
6890 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
6892 return r_s1
, keywrapkey
, authkey
, raw_m3_attrs
, eap_id
, bssid
, attrs
6894 def wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
):
6895 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
6896 m4
= build_eap_wsc(1, eap_id
, attrs
)
6897 send_wsc_msg(dev
[0], bssid
, m4
)
6898 eap_id
= (eap_id
+ 1) % 256
6900 logger
.debug("Receive M5 from STA")
6901 msg
= get_wsc_msg(dev
[0])
6902 if msg
['wsc_opcode'] != WSC_NACK
:
6903 raise Exception("Unexpected message - expected WSC_Nack")
6905 dev
[0].request("WPS_CANCEL")
6906 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6907 dev
[0].wait_disconnected()
6909 def test_wps_ext_kwa_proto_no_kwa(dev
, apdev
):
6910 """WPS and KWA error: No KWA attribute"""
6911 r_s1
, keywrapkey
, authkey
, raw_m3_attrs
, eap_id
, bssid
, attrs
= wps_start_kwa(dev
, apdev
)
6912 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6913 # Encrypted Settings without KWA
6915 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6916 pad_len
= 16 - len(data
) % 16
6917 ps
= pad_len
* struct
.pack('B', pad_len
)
6919 wrapped
= aes
.encrypt(data
)
6920 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6921 wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
)
6923 def test_wps_ext_kwa_proto_data_after_kwa(dev
, apdev
):
6924 """WPS and KWA error: Data after KWA"""
6925 r_s1
, keywrapkey
, authkey
, raw_m3_attrs
, eap_id
, bssid
, attrs
= wps_start_kwa(dev
, apdev
)
6926 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6927 # Encrypted Settings and data after KWA
6928 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
6929 kwa
= m
.digest()[0:8]
6930 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
6931 data
+= build_wsc_attr(ATTR_VENDOR_EXT
, "1234567890")
6933 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6934 pad_len
= 16 - len(data
) % 16
6935 ps
= pad_len
* struct
.pack('B', pad_len
)
6937 wrapped
= aes
.encrypt(data
)
6938 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6939 wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
)
6941 def test_wps_ext_kwa_proto_kwa_mismatch(dev
, apdev
):
6942 """WPS and KWA error: KWA mismatch"""
6943 r_s1
, keywrapkey
, authkey
, raw_m3_attrs
, eap_id
, bssid
, attrs
= wps_start_kwa(dev
, apdev
)
6944 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6945 # Encrypted Settings and KWA with incorrect value
6946 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, 8*'\x00')
6948 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6949 pad_len
= 16 - len(data
) % 16
6950 ps
= pad_len
* struct
.pack('B', pad_len
)
6952 wrapped
= aes
.encrypt(data
)
6953 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6954 wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
)
6956 def wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=False, no_connect
=False):
6958 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6959 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6960 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6961 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
6963 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6965 r_nonce
= 16*b
'\x44'
6966 own_private
, e_pk
= wsc_dh_init()
6968 logger
.debug("Receive M1 from STA")
6969 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
6970 eap_id
= (msg
['eap_identifier'] + 1) % 256
6972 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6973 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
6975 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
6976 m1_attrs
[ATTR_PUBLIC_KEY
],
6979 logger
.debug("Send M2 to STA")
6980 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
6981 m1_attrs
[ATTR_ENROLLEE_NONCE
],
6982 r_nonce
, uuid_r
, e_pk
)
6983 send_wsc_msg(dev
[0], bssid
, m2
)
6984 eap_id
= (eap_id
+ 1) % 256
6986 logger
.debug("Receive M3 from STA")
6987 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
6989 logger
.debug("Send M4 to STA")
6990 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6991 attrs
+= build_attr_msg_type(WPS_M4
)
6992 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
6993 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
6994 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
6995 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6996 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6997 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
6998 raw_m4_attrs
= attrs
6999 m4
= build_eap_wsc(1, eap_id
, attrs
)
7000 send_wsc_msg(dev
[0], bssid
, m4
)
7001 eap_id
= (eap_id
+ 1) % 256
7003 logger
.debug("Receive M5 from STA")
7004 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
7006 logger
.debug("Send M6 to STA")
7007 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7008 attrs
+= build_attr_msg_type(WPS_M6
)
7009 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
7010 m1_attrs
[ATTR_ENROLLEE_NONCE
])
7011 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
7012 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7013 attrs
+= build_attr_authenticator(authkey
, raw_m5_attrs
, attrs
)
7014 raw_m6_attrs
= attrs
7015 m6
= build_eap_wsc(1, eap_id
, attrs
)
7016 send_wsc_msg(dev
[0], bssid
, m6
)
7017 eap_id
= (eap_id
+ 1) % 256
7019 logger
.debug("Receive M7 from STA")
7020 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M7
)
7022 logger
.debug("Send M8 to STA")
7023 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7024 attrs
+= build_attr_msg_type(WPS_M8
)
7025 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
7026 m1_attrs
[ATTR_ENROLLEE_NONCE
])
7027 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, m8_cred
)
7028 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
7029 raw_m8_attrs
= attrs
7030 m8
= build_eap_wsc(1, eap_id
, attrs
)
7031 send_wsc_msg(dev
[0], bssid
, m8
)
7032 eap_id
= (eap_id
+ 1) % 256
7035 logger
.debug("Receive WSC_Done from STA")
7036 msg
= get_wsc_msg(dev
[0])
7037 if msg
['wsc_opcode'] != WSC_Done
or msg
['wsc_msg_type'] != WPS_WSC_DONE
:
7038 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
7040 hapd
.request("SET ext_eapol_frame_io 0")
7041 dev
[0].request("SET ext_eapol_frame_io 0")
7043 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7045 dev
[0].wait_disconnected()
7046 dev
[0].request("REMOVE_NETWORK all")
7048 logger
.debug("Receive WSC_Done from STA")
7049 msg
= get_wsc_msg(dev
[0])
7050 if msg
['wsc_opcode'] != WSC_Done
or msg
['wsc_msg_type'] != WPS_WSC_DONE
:
7051 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
7053 hapd
.request("SET ext_eapol_frame_io 0")
7054 dev
[0].request("SET ext_eapol_frame_io 0")
7056 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7058 dev
[0].wait_connected()
7060 # Verify STA NACK's the credential
7061 msg
= get_wsc_msg(dev
[0])
7062 if msg
['wsc_opcode'] != WSC_NACK
:
7063 raise Exception("Unexpected message - expected WSC_Nack")
7064 dev
[0].request("WPS_CANCEL")
7065 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7066 dev
[0].wait_disconnected()
7068 def build_cred(nw_idx
='\x01', ssid
='test-wps-conf', auth_type
='\x00\x20',
7069 encr_type
='\x00\x08', nw_key
="12345678",
7070 mac_addr
='\x00\x00\x00\x00\x00\x00'):
7072 if nw_idx
is not None:
7073 attrs
+= build_wsc_attr(ATTR_NETWORK_INDEX
, nw_idx
)
7074 if ssid
is not None:
7075 attrs
+= build_wsc_attr(ATTR_SSID
, ssid
)
7076 if auth_type
is not None:
7077 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE
, auth_type
)
7078 if encr_type
is not None:
7079 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE
, encr_type
)
7080 if nw_key
is not None:
7081 attrs
+= build_wsc_attr(ATTR_NETWORK_KEY
, nw_key
)
7082 if mac_addr
is not None:
7083 attrs
+= build_wsc_attr(ATTR_MAC_ADDR
, mac_addr
)
7084 return build_wsc_attr(ATTR_CRED
, attrs
)
7086 def test_wps_ext_cred_proto_success(dev
, apdev
):
7087 """WPS and Credential: success"""
7088 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7089 m8_cred
= build_cred(mac_addr
=mac_addr
)
7090 wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=True)
7092 def test_wps_ext_cred_proto_mac_addr_mismatch(dev
, apdev
):
7093 """WPS and Credential: MAC Address mismatch"""
7094 m8_cred
= build_cred()
7095 wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=True)
7097 def test_wps_ext_cred_proto_zero_padding(dev
, apdev
):
7098 """WPS and Credential: zeropadded attributes"""
7099 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7100 m8_cred
= build_cred(mac_addr
=mac_addr
, ssid
='test-wps-conf\x00',
7101 nw_key
="12345678\x00")
7102 wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=True)
7104 def test_wps_ext_cred_proto_ssid_missing(dev
, apdev
):
7105 """WPS and Credential: SSID missing"""
7106 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7107 m8_cred
= build_cred(mac_addr
=mac_addr
, ssid
=None)
7108 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7110 def test_wps_ext_cred_proto_ssid_zero_len(dev
, apdev
):
7111 """WPS and Credential: Zero-length SSID"""
7112 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7113 m8_cred
= build_cred(mac_addr
=mac_addr
, ssid
="")
7114 wps_run_cred_proto(dev
, apdev
, m8_cred
, no_connect
=True)
7116 def test_wps_ext_cred_proto_auth_type_missing(dev
, apdev
):
7117 """WPS and Credential: Auth Type missing"""
7118 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7119 m8_cred
= build_cred(mac_addr
=mac_addr
, auth_type
=None)
7120 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7122 def test_wps_ext_cred_proto_encr_type_missing(dev
, apdev
):
7123 """WPS and Credential: Encr Type missing"""
7124 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7125 m8_cred
= build_cred(mac_addr
=mac_addr
, encr_type
=None)
7126 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7128 def test_wps_ext_cred_proto_network_key_missing(dev
, apdev
):
7129 """WPS and Credential: Network Key missing"""
7130 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7131 m8_cred
= build_cred(mac_addr
=mac_addr
, nw_key
=None)
7132 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7134 def test_wps_ext_cred_proto_network_key_missing_open(dev
, apdev
):
7135 """WPS and Credential: Network Key missing (open)"""
7136 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7137 m8_cred
= build_cred(mac_addr
=mac_addr
, auth_type
='\x00\x01',
7138 encr_type
='\x00\x01', nw_key
=None, ssid
="foo")
7139 wps_run_cred_proto(dev
, apdev
, m8_cred
, no_connect
=True)
7141 def test_wps_ext_cred_proto_mac_addr_missing(dev
, apdev
):
7142 """WPS and Credential: MAC Address missing"""
7143 m8_cred
= build_cred(mac_addr
=None)
7144 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7146 def test_wps_ext_cred_proto_invalid_encr_type(dev
, apdev
):
7147 """WPS and Credential: Invalid Encr Type"""
7148 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7149 m8_cred
= build_cred(mac_addr
=mac_addr
, encr_type
='\x00\x00')
7150 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7152 def test_wps_ext_cred_proto_missing_cred(dev
, apdev
):
7153 """WPS and Credential: Missing Credential"""
7154 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7156 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7158 def test_wps_ext_proto_m2_no_public_key(dev
, apdev
):
7159 """WPS and no Public Key in M2"""
7161 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7162 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7163 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7164 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7166 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7168 r_nonce
= 16*b
'\x44'
7169 own_private
, e_pk
= wsc_dh_init()
7171 logger
.debug("Receive M1 from STA")
7172 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7173 eap_id
= (msg
['eap_identifier'] + 1) % 256
7175 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7176 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7178 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7179 m1_attrs
[ATTR_PUBLIC_KEY
],
7182 logger
.debug("Send M2 to STA")
7183 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7184 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7185 r_nonce
, uuid_r
, None)
7186 send_wsc_msg(dev
[0], bssid
, m2
)
7187 eap_id
= (eap_id
+ 1) % 256
7189 # Verify STA NACK's the credential
7190 msg
= get_wsc_msg(dev
[0])
7191 if msg
['wsc_opcode'] != WSC_NACK
:
7192 raise Exception("Unexpected message - expected WSC_Nack")
7193 dev
[0].request("WPS_CANCEL")
7194 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7195 dev
[0].wait_disconnected()
7197 def test_wps_ext_proto_m2_invalid_public_key(dev
, apdev
):
7198 """WPS and invalid Public Key in M2"""
7200 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7201 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7202 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7203 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7205 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7207 r_nonce
= 16*b
'\x44'
7208 own_private
, e_pk
= wsc_dh_init()
7210 logger
.debug("Receive M1 from STA")
7211 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7212 eap_id
= (msg
['eap_identifier'] + 1) % 256
7214 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7215 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7217 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7218 m1_attrs
[ATTR_PUBLIC_KEY
],
7221 logger
.debug("Send M2 to STA")
7222 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7223 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7224 r_nonce
, uuid_r
, 192*b
'\xff')
7225 send_wsc_msg(dev
[0], bssid
, m2
)
7226 eap_id
= (eap_id
+ 1) % 256
7228 # Verify STA NACK's the credential
7229 msg
= get_wsc_msg(dev
[0])
7230 if msg
['wsc_opcode'] != WSC_NACK
:
7231 raise Exception("Unexpected message - expected WSC_Nack")
7232 dev
[0].request("WPS_CANCEL")
7233 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7234 dev
[0].wait_disconnected()
7236 def test_wps_ext_proto_m2_public_key_oom(dev
, apdev
):
7237 """WPS and Public Key OOM in M2"""
7239 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7240 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7241 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7242 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7244 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7246 r_nonce
= 16*b
'\x44'
7247 own_private
, e_pk
= wsc_dh_init()
7249 logger
.debug("Receive M1 from STA")
7250 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7251 eap_id
= (msg
['eap_identifier'] + 1) % 256
7253 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7254 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7256 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7257 m1_attrs
[ATTR_PUBLIC_KEY
],
7260 logger
.debug("Send M2 to STA")
7261 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7262 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7263 r_nonce
, uuid_r
, e_pk
)
7264 with
alloc_fail(dev
[0], 1, "wpabuf_alloc_copy;wps_process_pubkey"):
7265 send_wsc_msg(dev
[0], bssid
, m2
)
7266 eap_id
= (eap_id
+ 1) % 256
7268 # Verify STA NACK's the credential
7269 msg
= get_wsc_msg(dev
[0])
7270 if msg
['wsc_opcode'] != WSC_NACK
:
7271 raise Exception("Unexpected message - expected WSC_Nack")
7272 dev
[0].request("WPS_CANCEL")
7273 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7274 dev
[0].wait_disconnected()
7276 def test_wps_ext_proto_nack_m3(dev
, apdev
):
7277 """WPS and NACK M3"""
7279 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7280 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7281 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7282 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7284 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7286 r_nonce
= 16*b
'\x44'
7287 own_private
, e_pk
= wsc_dh_init()
7289 logger
.debug("Receive M1 from STA")
7290 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7291 eap_id
= (msg
['eap_identifier'] + 1) % 256
7293 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7294 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7296 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7297 m1_attrs
[ATTR_PUBLIC_KEY
],
7300 logger
.debug("Send M2 to STA")
7301 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7302 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7303 r_nonce
, uuid_r
, e_pk
)
7304 send_wsc_msg(dev
[0], bssid
, m2
)
7305 eap_id
= (eap_id
+ 1) % 256
7307 logger
.debug("Receive M3 from STA")
7308 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7310 logger
.debug("Send NACK to STA")
7311 msg
, attrs
= build_nack(eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7312 r_nonce
, config_error
='\x01\x23')
7313 send_wsc_msg(dev
[0], bssid
, msg
)
7314 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=5)
7316 raise Exception("Failure not reported")
7317 if "msg=7 config_error=291" not in ev
:
7318 raise Exception("Unexpected failure reason: " + ev
)
7320 def test_wps_ext_proto_nack_m5(dev
, apdev
):
7321 """WPS and NACK M5"""
7323 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7324 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7325 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7326 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7328 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7330 r_nonce
= 16*b
'\x44'
7331 own_private
, e_pk
= wsc_dh_init()
7333 logger
.debug("Receive M1 from STA")
7334 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7335 eap_id
= (msg
['eap_identifier'] + 1) % 256
7337 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7338 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7340 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7341 m1_attrs
[ATTR_PUBLIC_KEY
],
7344 logger
.debug("Send M2 to STA")
7345 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7346 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7347 r_nonce
, uuid_r
, e_pk
)
7348 send_wsc_msg(dev
[0], bssid
, m2
)
7349 eap_id
= (eap_id
+ 1) % 256
7351 logger
.debug("Receive M3 from STA")
7352 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7354 logger
.debug("Send M4 to STA")
7355 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7356 attrs
+= build_attr_msg_type(WPS_M4
)
7357 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
7358 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7359 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7360 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7361 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7362 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
7363 raw_m4_attrs
= attrs
7364 m4
= build_eap_wsc(1, eap_id
, attrs
)
7365 send_wsc_msg(dev
[0], bssid
, m4
)
7366 eap_id
= (eap_id
+ 1) % 256
7368 logger
.debug("Receive M5 from STA")
7369 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
7371 logger
.debug("Send NACK to STA")
7372 msg
, attrs
= build_nack(eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7373 r_nonce
, config_error
='\x01\x24')
7374 send_wsc_msg(dev
[0], bssid
, msg
)
7375 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=5)
7377 raise Exception("Failure not reported")
7378 if "msg=9 config_error=292" not in ev
:
7379 raise Exception("Unexpected failure reason: " + ev
)
7381 def wps_nack_m3(dev
, apdev
):
7383 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
7384 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7385 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7386 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7388 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7390 r_nonce
= 16*b
'\x44'
7391 own_private
, e_pk
= wsc_dh_init()
7393 logger
.debug("Receive M1 from STA")
7394 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7395 eap_id
= (msg
['eap_identifier'] + 1) % 256
7397 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7398 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7400 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7401 m1_attrs
[ATTR_PUBLIC_KEY
],
7404 logger
.debug("Send M2 to STA")
7405 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7406 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7407 r_nonce
, uuid_r
, e_pk
, dev_pw_id
='\x00\x04')
7408 send_wsc_msg(dev
[0], bssid
, m2
)
7409 eap_id
= (eap_id
+ 1) % 256
7411 logger
.debug("Receive M3 from STA")
7412 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7413 return eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
], r_nonce
, bssid
7415 def test_wps_ext_proto_nack_m3_no_config_error(dev
, apdev
):
7416 """WPS and NACK M3 missing Config Error"""
7417 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7418 logger
.debug("Send NACK to STA")
7419 msg
, attrs
= build_nack(eap_id
, e_nonce
, r_nonce
, config_error
=None)
7420 send_wsc_msg(dev
[0], bssid
, msg
)
7421 dev
[0].request("WPS_CANCEL")
7422 dev
[0].wait_disconnected()
7423 dev
[0].flush_scan_cache()
7425 def test_wps_ext_proto_nack_m3_no_e_nonce(dev
, apdev
):
7426 """WPS and NACK M3 missing E-Nonce"""
7427 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7428 logger
.debug("Send NACK to STA")
7429 msg
, attrs
= build_nack(eap_id
, None, r_nonce
)
7430 send_wsc_msg(dev
[0], bssid
, msg
)
7431 dev
[0].request("WPS_CANCEL")
7432 dev
[0].wait_disconnected()
7433 dev
[0].flush_scan_cache()
7435 def test_wps_ext_proto_nack_m3_e_nonce_mismatch(dev
, apdev
):
7436 """WPS and NACK M3 E-Nonce mismatch"""
7437 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7438 logger
.debug("Send NACK to STA")
7439 msg
, attrs
= build_nack(eap_id
, 16*'\x00', r_nonce
)
7440 send_wsc_msg(dev
[0], bssid
, msg
)
7441 dev
[0].request("WPS_CANCEL")
7442 dev
[0].wait_disconnected()
7443 dev
[0].flush_scan_cache()
7445 def test_wps_ext_proto_nack_m3_no_r_nonce(dev
, apdev
):
7446 """WPS and NACK M3 missing R-Nonce"""
7447 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7448 logger
.debug("Send NACK to STA")
7449 msg
, attrs
= build_nack(eap_id
, e_nonce
, None)
7450 send_wsc_msg(dev
[0], bssid
, msg
)
7451 dev
[0].request("WPS_CANCEL")
7452 dev
[0].wait_disconnected()
7453 dev
[0].flush_scan_cache()
7455 def test_wps_ext_proto_nack_m3_r_nonce_mismatch(dev
, apdev
):
7456 """WPS and NACK M3 R-Nonce mismatch"""
7457 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7458 logger
.debug("Send NACK to STA")
7459 msg
, attrs
= build_nack(eap_id
, e_nonce
, 16*'\x00')
7460 send_wsc_msg(dev
[0], bssid
, msg
)
7461 dev
[0].request("WPS_CANCEL")
7462 dev
[0].wait_disconnected()
7463 dev
[0].flush_scan_cache()
7465 def test_wps_ext_proto_nack_m3_no_msg_type(dev
, apdev
):
7466 """WPS and NACK M3 no Message Type"""
7467 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7468 logger
.debug("Send NACK to STA")
7469 msg
, attrs
= build_nack(eap_id
, e_nonce
, r_nonce
, msg_type
=None)
7470 send_wsc_msg(dev
[0], bssid
, msg
)
7471 dev
[0].request("WPS_CANCEL")
7472 dev
[0].wait_disconnected()
7473 dev
[0].flush_scan_cache()
7475 def test_wps_ext_proto_nack_m3_invalid_msg_type(dev
, apdev
):
7476 """WPS and NACK M3 invalid Message Type"""
7477 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7478 logger
.debug("Send NACK to STA")
7479 msg
, attrs
= build_nack(eap_id
, e_nonce
, r_nonce
, msg_type
=123)
7480 send_wsc_msg(dev
[0], bssid
, msg
)
7481 dev
[0].request("WPS_CANCEL")
7482 dev
[0].wait_disconnected()
7483 dev
[0].flush_scan_cache()
7485 def test_wps_ext_proto_nack_m3_invalid_attr(dev
, apdev
):
7486 """WPS and NACK M3 invalid attribute"""
7487 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7488 logger
.debug("Send NACK to STA")
7489 attrs
= b
'\x10\x10\x00'
7490 msg
= build_eap_wsc(1, eap_id
, attrs
, opcode
=WSC_NACK
)
7491 send_wsc_msg(dev
[0], bssid
, msg
)
7492 dev
[0].request("WPS_CANCEL")
7493 dev
[0].wait_disconnected()
7494 dev
[0].flush_scan_cache()
7496 def test_wps_ext_proto_ack_m3_no_e_nonce(dev
, apdev
):
7497 """WPS and ACK M3 missing E-Nonce"""
7498 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7499 logger
.debug("Send NACK to STA")
7500 msg
, attrs
= build_ack(eap_id
, None, r_nonce
)
7501 send_wsc_msg(dev
[0], bssid
, msg
)
7502 dev
[0].request("WPS_CANCEL")
7503 dev
[0].wait_disconnected()
7504 dev
[0].flush_scan_cache()
7506 def test_wps_ext_proto_ack_m3_e_nonce_mismatch(dev
, apdev
):
7507 """WPS and ACK M3 E-Nonce mismatch"""
7508 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7509 logger
.debug("Send NACK to STA")
7510 msg
, attrs
= build_ack(eap_id
, 16*'\x00', r_nonce
)
7511 send_wsc_msg(dev
[0], bssid
, msg
)
7512 dev
[0].request("WPS_CANCEL")
7513 dev
[0].wait_disconnected()
7514 dev
[0].flush_scan_cache()
7516 def test_wps_ext_proto_ack_m3_no_r_nonce(dev
, apdev
):
7517 """WPS and ACK M3 missing R-Nonce"""
7518 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7519 logger
.debug("Send NACK to STA")
7520 msg
, attrs
= build_ack(eap_id
, e_nonce
, None)
7521 send_wsc_msg(dev
[0], bssid
, msg
)
7522 dev
[0].request("WPS_CANCEL")
7523 dev
[0].wait_disconnected()
7524 dev
[0].flush_scan_cache()
7526 def test_wps_ext_proto_ack_m3_r_nonce_mismatch(dev
, apdev
):
7527 """WPS and ACK M3 R-Nonce mismatch"""
7528 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7529 logger
.debug("Send NACK to STA")
7530 msg
, attrs
= build_ack(eap_id
, e_nonce
, 16*'\x00')
7531 send_wsc_msg(dev
[0], bssid
, msg
)
7532 dev
[0].request("WPS_CANCEL")
7533 dev
[0].wait_disconnected()
7534 dev
[0].flush_scan_cache()
7536 def test_wps_ext_proto_ack_m3_no_msg_type(dev
, apdev
):
7537 """WPS and ACK M3 no Message Type"""
7538 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7539 logger
.debug("Send NACK to STA")
7540 msg
, attrs
= build_ack(eap_id
, e_nonce
, r_nonce
, msg_type
=None)
7541 send_wsc_msg(dev
[0], bssid
, msg
)
7542 dev
[0].request("WPS_CANCEL")
7543 dev
[0].wait_disconnected()
7544 dev
[0].flush_scan_cache()
7546 def test_wps_ext_proto_ack_m3_invalid_msg_type(dev
, apdev
):
7547 """WPS and ACK M3 invalid Message Type"""
7548 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7549 logger
.debug("Send NACK to STA")
7550 msg
, attrs
= build_ack(eap_id
, e_nonce
, r_nonce
, msg_type
=123)
7551 send_wsc_msg(dev
[0], bssid
, msg
)
7552 dev
[0].request("WPS_CANCEL")
7553 dev
[0].wait_disconnected()
7554 dev
[0].flush_scan_cache()
7556 def test_wps_ext_proto_ack_m3_invalid_attr(dev
, apdev
):
7557 """WPS and ACK M3 invalid attribute"""
7558 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7559 logger
.debug("Send ACK to STA")
7560 attrs
= b
'\x10\x10\x00'
7561 msg
= build_eap_wsc(1, eap_id
, attrs
, opcode
=WSC_ACK
)
7562 send_wsc_msg(dev
[0], bssid
, msg
)
7563 dev
[0].request("WPS_CANCEL")
7564 dev
[0].wait_disconnected()
7565 dev
[0].flush_scan_cache()
7567 def test_wps_ext_proto_ack_m3(dev
, apdev
):
7568 """WPS and ACK M3"""
7569 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7570 logger
.debug("Send ACK to STA")
7571 msg
, attrs
= build_ack(eap_id
, e_nonce
, r_nonce
)
7572 send_wsc_msg(dev
[0], bssid
, msg
)
7573 dev
[0].request("WPS_CANCEL")
7574 dev
[0].wait_disconnected()
7575 dev
[0].flush_scan_cache()
7577 def wps_to_m3_helper(dev
, apdev
):
7579 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7580 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7581 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7582 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7584 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7586 r_nonce
= 16*b
'\x44'
7587 own_private
, e_pk
= wsc_dh_init()
7589 logger
.debug("Receive M1 from STA")
7590 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7591 eap_id
= (msg
['eap_identifier'] + 1) % 256
7593 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7594 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7596 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7597 m1_attrs
[ATTR_PUBLIC_KEY
],
7600 logger
.debug("Send M2 to STA")
7601 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7602 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7603 r_nonce
, uuid_r
, e_pk
)
7604 send_wsc_msg(dev
[0], bssid
, m2
)
7605 eap_id
= (eap_id
+ 1) % 256
7607 logger
.debug("Receive M3 from STA")
7608 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7609 return eap_id
, m1_attrs
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, r_s2
, raw_m3_attrs
, authkey
, keywrapkey
7611 def wps_to_m3(dev
, apdev
):
7612 eap_id
, m1_attrs
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, r_s2
, raw_m3_attrs
, authkey
, keywrapkey
= wps_to_m3_helper(dev
, apdev
)
7613 return eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
], r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, raw_m3_attrs
, authkey
, keywrapkey
7615 def wps_to_m5(dev
, apdev
):
7616 eap_id
, m1_attrs
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, r_s2
, raw_m3_attrs
, authkey
, keywrapkey
= wps_to_m3_helper(dev
, apdev
)
7618 logger
.debug("Send M4 to STA")
7619 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7620 attrs
+= build_attr_msg_type(WPS_M4
)
7621 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
7622 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7623 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7624 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7625 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7626 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
7627 raw_m4_attrs
= attrs
7628 m4
= build_eap_wsc(1, eap_id
, attrs
)
7629 send_wsc_msg(dev
[0], bssid
, m4
)
7630 eap_id
= (eap_id
+ 1) % 256
7632 logger
.debug("Receive M5 from STA")
7633 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
7635 return eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
], r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, raw_m5_attrs
, authkey
, keywrapkey
7637 def test_wps_ext_proto_m4_missing_r_hash1(dev
, apdev
):
7638 """WPS and no R-Hash1 in M4"""
7639 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7641 logger
.debug("Send M4 to STA")
7642 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7643 attrs
+= build_attr_msg_type(WPS_M4
)
7644 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7645 #attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
7646 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7647 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7648 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7649 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7650 m4
= build_eap_wsc(1, eap_id
, attrs
)
7651 send_wsc_msg(dev
[0], bssid
, m4
)
7652 eap_id
= (eap_id
+ 1) % 256
7654 logger
.debug("Receive M5 (NACK) from STA")
7655 msg
= get_wsc_msg(dev
[0])
7656 if msg
['wsc_opcode'] != WSC_NACK
:
7657 raise Exception("Unexpected message - expected WSC_Nack")
7659 dev
[0].request("WPS_CANCEL")
7660 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7661 dev
[0].wait_disconnected()
7663 def test_wps_ext_proto_m4_missing_r_hash2(dev
, apdev
):
7664 """WPS and no R-Hash2 in M4"""
7665 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7667 logger
.debug("Send M4 to STA")
7668 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7669 attrs
+= build_attr_msg_type(WPS_M4
)
7670 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7671 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7672 #attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
7673 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7674 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7675 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7676 m4
= build_eap_wsc(1, eap_id
, attrs
)
7677 send_wsc_msg(dev
[0], bssid
, m4
)
7678 eap_id
= (eap_id
+ 1) % 256
7680 logger
.debug("Receive M5 (NACK) from STA")
7681 msg
= get_wsc_msg(dev
[0])
7682 if msg
['wsc_opcode'] != WSC_NACK
:
7683 raise Exception("Unexpected message - expected WSC_Nack")
7685 dev
[0].request("WPS_CANCEL")
7686 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7687 dev
[0].wait_disconnected()
7689 def test_wps_ext_proto_m4_missing_r_snonce1(dev
, apdev
):
7690 """WPS and no R-SNonce1 in M4"""
7691 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7693 logger
.debug("Send M4 to STA")
7694 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7695 attrs
+= build_attr_msg_type(WPS_M4
)
7696 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7697 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7698 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7699 #data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
7701 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7702 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7703 m4
= build_eap_wsc(1, eap_id
, attrs
)
7704 send_wsc_msg(dev
[0], bssid
, m4
)
7705 eap_id
= (eap_id
+ 1) % 256
7707 logger
.debug("Receive M5 (NACK) from STA")
7708 msg
= get_wsc_msg(dev
[0])
7709 if msg
['wsc_opcode'] != WSC_NACK
:
7710 raise Exception("Unexpected message - expected WSC_Nack")
7712 dev
[0].request("WPS_CANCEL")
7713 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7714 dev
[0].wait_disconnected()
7716 def test_wps_ext_proto_m4_invalid_pad_string(dev
, apdev
):
7717 """WPS and invalid pad string in M4"""
7718 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7720 logger
.debug("Send M4 to STA")
7721 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7722 attrs
+= build_attr_msg_type(WPS_M4
)
7723 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7724 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7725 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7726 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7728 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
7729 kwa
= m
.digest()[0:8]
7730 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
7732 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
7733 pad_len
= 16 - len(data
) % 16
7734 ps
= (pad_len
- 1) * struct
.pack('B', pad_len
) + struct
.pack('B', pad_len
- 1)
7736 wrapped
= aes
.encrypt(data
)
7737 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
7739 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7740 m4
= build_eap_wsc(1, eap_id
, attrs
)
7741 send_wsc_msg(dev
[0], bssid
, m4
)
7742 eap_id
= (eap_id
+ 1) % 256
7744 logger
.debug("Receive M5 (NACK) from STA")
7745 msg
= get_wsc_msg(dev
[0])
7746 if msg
['wsc_opcode'] != WSC_NACK
:
7747 raise Exception("Unexpected message - expected WSC_Nack")
7749 dev
[0].request("WPS_CANCEL")
7750 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7751 dev
[0].wait_disconnected()
7753 def test_wps_ext_proto_m4_invalid_pad_value(dev
, apdev
):
7754 """WPS and invalid pad value in M4"""
7755 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7757 logger
.debug("Send M4 to STA")
7758 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7759 attrs
+= build_attr_msg_type(WPS_M4
)
7760 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7761 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7762 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7763 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7765 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
7766 kwa
= m
.digest()[0:8]
7767 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
7769 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
7770 pad_len
= 16 - len(data
) % 16
7771 ps
= (pad_len
- 1) * struct
.pack('B', pad_len
) + struct
.pack('B', 255)
7773 wrapped
= aes
.encrypt(data
)
7774 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
7776 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7777 m4
= build_eap_wsc(1, eap_id
, attrs
)
7778 send_wsc_msg(dev
[0], bssid
, m4
)
7779 eap_id
= (eap_id
+ 1) % 256
7781 logger
.debug("Receive M5 (NACK) from STA")
7782 msg
= get_wsc_msg(dev
[0])
7783 if msg
['wsc_opcode'] != WSC_NACK
:
7784 raise Exception("Unexpected message - expected WSC_Nack")
7786 dev
[0].request("WPS_CANCEL")
7787 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7788 dev
[0].wait_disconnected()
7790 def test_wps_ext_proto_m4_no_encr_settings(dev
, apdev
):
7791 """WPS and no Encr Settings in M4"""
7792 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7794 logger
.debug("Send M4 to STA")
7795 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7796 attrs
+= build_attr_msg_type(WPS_M4
)
7797 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7798 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7799 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7800 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7801 m4
= build_eap_wsc(1, eap_id
, attrs
)
7802 send_wsc_msg(dev
[0], bssid
, m4
)
7803 eap_id
= (eap_id
+ 1) % 256
7805 logger
.debug("Receive M5 (NACK) from STA")
7806 msg
= get_wsc_msg(dev
[0])
7807 if msg
['wsc_opcode'] != WSC_NACK
:
7808 raise Exception("Unexpected message - expected WSC_Nack")
7810 dev
[0].request("WPS_CANCEL")
7811 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7812 dev
[0].wait_disconnected()
7814 def test_wps_ext_proto_m6_missing_r_snonce2(dev
, apdev
):
7815 """WPS and no R-SNonce2 in M6"""
7816 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, m5
, authkey
, keywrapkey
= wps_to_m5(dev
, apdev
)
7818 logger
.debug("Send M6 to STA")
7819 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7820 attrs
+= build_attr_msg_type(WPS_M6
)
7821 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7822 #data = build_wsc_attr(ATTR_R_SNONCE2, r_s2)
7824 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7825 attrs
+= build_attr_authenticator(authkey
, m5
, attrs
)
7826 m6
= build_eap_wsc(1, eap_id
, attrs
)
7827 send_wsc_msg(dev
[0], bssid
, m6
)
7828 eap_id
= (eap_id
+ 1) % 256
7830 logger
.debug("Receive M7 (NACK) from STA")
7831 msg
= get_wsc_msg(dev
[0])
7832 if msg
['wsc_opcode'] != WSC_NACK
:
7833 raise Exception("Unexpected message - expected WSC_Nack")
7835 dev
[0].request("WPS_CANCEL")
7836 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7837 dev
[0].wait_disconnected()
7839 def test_wps_ext_proto_m6_no_encr_settings(dev
, apdev
):
7840 """WPS and no Encr Settings in M6"""
7841 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, m5
, authkey
, keywrapkey
= wps_to_m5(dev
, apdev
)
7843 logger
.debug("Send M6 to STA")
7844 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7845 attrs
+= build_attr_msg_type(WPS_M6
)
7846 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7847 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
7848 #attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7849 attrs
+= build_attr_authenticator(authkey
, m5
, attrs
)
7850 m6
= build_eap_wsc(1, eap_id
, attrs
)
7851 send_wsc_msg(dev
[0], bssid
, m6
)
7852 eap_id
= (eap_id
+ 1) % 256
7854 logger
.debug("Receive M7 (NACK) from STA")
7855 msg
= get_wsc_msg(dev
[0])
7856 if msg
['wsc_opcode'] != WSC_NACK
:
7857 raise Exception("Unexpected message - expected WSC_Nack")
7859 dev
[0].request("WPS_CANCEL")
7860 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7861 dev
[0].wait_disconnected()
7863 def test_wps_ext_proto_m8_no_encr_settings(dev
, apdev
):
7864 """WPS and no Encr Settings in M6"""
7865 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, m5
, authkey
, keywrapkey
= wps_to_m5(dev
, apdev
)
7867 logger
.debug("Send M6 to STA")
7868 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7869 attrs
+= build_attr_msg_type(WPS_M6
)
7870 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7871 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
7872 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7873 attrs
+= build_attr_authenticator(authkey
, m5
, attrs
)
7874 raw_m6_attrs
= attrs
7875 m6
= build_eap_wsc(1, eap_id
, attrs
)
7876 send_wsc_msg(dev
[0], bssid
, m6
)
7877 eap_id
= (eap_id
+ 1) % 256
7879 logger
.debug("Receive M7 from STA")
7880 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M7
)
7882 logger
.debug("Send M8 to STA")
7883 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7884 attrs
+= build_attr_msg_type(WPS_M8
)
7885 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7886 #attrs += build_attr_encr_settings(authkey, keywrapkey, m8_cred)
7887 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
7888 raw_m8_attrs
= attrs
7889 m8
= build_eap_wsc(1, eap_id
, attrs
)
7890 send_wsc_msg(dev
[0], bssid
, m8
)
7892 logger
.debug("Receive WSC_Done (NACK) from STA")
7893 msg
= get_wsc_msg(dev
[0])
7894 if msg
['wsc_opcode'] != WSC_NACK
:
7895 raise Exception("Unexpected message - expected WSC_Nack")
7897 dev
[0].request("WPS_CANCEL")
7898 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7899 dev
[0].wait_disconnected()
7901 def wps_start_ext_reg(apdev
, dev
):
7902 addr
= dev
.own_addr()
7903 bssid
= apdev
['bssid']
7904 ssid
= "test-wps-conf"
7906 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
7907 "wpa_passphrase": "12345678", "wpa": "2",
7908 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
7910 hapd
= hostapd
.add_ap(apdev
, params
)
7912 dev
.scan_for_bss(bssid
, freq
="2412")
7913 hapd
.request("SET ext_eapol_frame_io 1")
7914 dev
.request("SET ext_eapol_frame_io 1")
7916 dev
.request("WPS_REG " + bssid
+ " " + appin
)
7918 return addr
, bssid
, hapd
7920 def wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, success
):
7921 addr
, bssid
, hapd
= wps_start_ext_reg(apdev
[0], dev
[0])
7922 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7923 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7925 logger
.debug("Receive M1 from AP")
7926 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M1
)
7927 mac_addr
= m1_attrs
[ATTR_MAC_ADDR
]
7928 e_nonce
= m1_attrs
[ATTR_ENROLLEE_NONCE
]
7929 e_pk
= m1_attrs
[ATTR_PUBLIC_KEY
]
7933 r_nonce
= 16*b
'\x44'
7934 own_private
, r_pk
= wsc_dh_init()
7935 authkey
, keywrapkey
= wsc_dh_kdf(e_pk
, own_private
, mac_addr
, e_nonce
,
7937 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, appin
, e_pk
, r_pk
)
7939 logger
.debug("Send M2 to AP")
7940 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, msg
['eap_identifier'],
7941 e_nonce
, r_nonce
, uuid_r
, r_pk
, eap_code
=2)
7942 send_wsc_msg(hapd
, addr
, m2
)
7944 logger
.debug("Receive M3 from AP")
7945 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M3
)
7947 logger
.debug("Send M4 to AP")
7948 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7949 attrs
+= build_attr_msg_type(WPS_M4
)
7950 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7951 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7952 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7953 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7954 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7955 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
7956 raw_m4_attrs
= attrs
7957 m4
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7958 send_wsc_msg(hapd
, addr
, m4
)
7960 logger
.debug("Receive M5 from AP")
7961 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M5
)
7963 logger
.debug("Send M6 to STA")
7964 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7965 attrs
+= build_attr_msg_type(WPS_M6
)
7966 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7967 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
7968 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7969 attrs
+= build_attr_authenticator(authkey
, raw_m5_attrs
, attrs
)
7970 raw_m6_attrs
= attrs
7971 m6
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7972 send_wsc_msg(hapd
, addr
, m6
)
7974 logger
.debug("Receive M7 from AP")
7975 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M7
)
7977 logger
.debug("Send M8 to STA")
7978 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7979 attrs
+= build_attr_msg_type(WPS_M8
)
7980 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7982 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, ap_settings
)
7983 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
7984 raw_m8_attrs
= attrs
7985 m8
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7986 send_wsc_msg(hapd
, addr
, m8
)
7989 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=5)
7991 raise Exception("New AP settings not reported")
7992 logger
.debug("Receive WSC_Done from AP")
7993 msg
= get_wsc_msg(hapd
)
7994 if msg
['wsc_opcode'] != WSC_Done
:
7995 raise Exception("Unexpected message - expected WSC_Done")
7997 logger
.debug("Send WSC_ACK to AP")
7998 ack
, attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8000 send_wsc_msg(hapd
, addr
, ack
)
8001 dev
[0].wait_disconnected()
8003 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
8005 raise Exception("WPS failure not reported")
8006 logger
.debug("Receive WSC_NACK from AP")
8007 msg
= get_wsc_msg(hapd
)
8008 if msg
['wsc_opcode'] != WSC_NACK
:
8009 raise Exception("Unexpected message - expected WSC_NACK")
8011 logger
.debug("Send WSC_NACK to AP")
8012 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8014 send_wsc_msg(hapd
, addr
, nack
)
8015 dev
[0].wait_disconnected()
8017 def test_wps_ext_ap_settings_success(dev
, apdev
):
8018 """WPS and AP Settings: success"""
8019 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
8020 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
8021 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
8022 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x01')
8023 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
8024 ap_settings
+= build_wsc_attr(ATTR_MAC_ADDR
, binascii
.unhexlify(apdev
[0]['bssid'].replace(':', '')))
8025 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, True)
8028 def test_wps_ext_ap_settings_missing(dev
, apdev
):
8029 """WPS and AP Settings: missing"""
8030 wps_run_ap_settings_proto(dev
, apdev
, None, False)
8033 def test_wps_ext_ap_settings_mac_addr_mismatch(dev
, apdev
):
8034 """WPS and AP Settings: MAC Address mismatch"""
8035 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
8036 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
8037 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
8038 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x01')
8039 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
8040 ap_settings
+= build_wsc_attr(ATTR_MAC_ADDR
, '\x00\x00\x00\x00\x00\x00')
8041 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, True)
8044 def test_wps_ext_ap_settings_mac_addr_missing(dev
, apdev
):
8045 """WPS and AP Settings: missing MAC Address"""
8046 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
8047 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
8048 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
8049 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x01')
8050 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
8051 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, False)
8054 def test_wps_ext_ap_settings_reject_encr_type(dev
, apdev
):
8055 """WPS and AP Settings: reject Encr Type"""
8056 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
8057 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
8058 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
8059 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x00')
8060 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
8061 ap_settings
+= build_wsc_attr(ATTR_MAC_ADDR
, binascii
.unhexlify(apdev
[0]['bssid'].replace(':', '')))
8062 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, False)
8065 def test_wps_ext_ap_settings_m2d(dev
, apdev
):
8066 """WPS and AP Settings: M2D"""
8067 addr
, bssid
, hapd
= wps_start_ext_reg(apdev
[0], dev
[0])
8068 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8069 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8071 logger
.debug("Receive M1 from AP")
8072 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M1
)
8073 e_nonce
= m1_attrs
[ATTR_ENROLLEE_NONCE
]
8078 logger
.debug("Send M2D to AP")
8079 m2d
, raw_m2d_attrs
= build_m2d(raw_m1_attrs
, msg
['eap_identifier'],
8080 e_nonce
, r_nonce
, uuid_r
,
8081 dev_pw_id
='\x00\x00', eap_code
=2)
8082 send_wsc_msg(hapd
, addr
, m2d
)
8084 ev
= hapd
.wait_event(["WPS-M2D"], timeout
=5)
8086 raise Exception("M2D not reported")
8088 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8090 def wps_wait_ap_nack(hapd
, dev
, e_nonce
, r_nonce
):
8091 logger
.debug("Receive WSC_NACK from AP")
8092 msg
= get_wsc_msg(hapd
)
8093 if msg
['wsc_opcode'] != WSC_NACK
:
8094 raise Exception("Unexpected message - expected WSC_NACK")
8096 logger
.debug("Send WSC_NACK to AP")
8097 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8099 send_wsc_msg(hapd
, dev
.own_addr(), nack
)
8100 dev
.wait_disconnected()
8103 def test_wps_ext_m3_missing_e_hash1(dev
, apdev
):
8104 """WPS proto: M3 missing E-Hash1"""
8106 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8107 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8108 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8110 logger
.debug("Receive WSC/Start from AP")
8111 msg
= get_wsc_msg(hapd
)
8112 if msg
['wsc_opcode'] != WSC_Start
:
8113 raise Exception("Unexpected Op-Code for WSC/Start")
8115 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8117 e_nonce
= 16*b
'\x22'
8118 own_private
, e_pk
= wsc_dh_init()
8120 logger
.debug("Send M1 to AP")
8121 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8123 send_wsc_msg(hapd
, addr
, m1
)
8125 logger
.debug("Receive M2 from AP")
8126 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8127 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8128 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8130 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8132 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8134 logger
.debug("Send M3 to AP")
8135 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8136 attrs
+= build_attr_msg_type(WPS_M3
)
8137 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8138 #attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
8139 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8140 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8141 raw_m3_attrs
= attrs
8142 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8143 send_wsc_msg(hapd
, addr
, m3
)
8145 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8148 def test_wps_ext_m3_missing_e_hash2(dev
, apdev
):
8149 """WPS proto: M3 missing E-Hash2"""
8151 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8152 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8153 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8155 logger
.debug("Receive WSC/Start from AP")
8156 msg
= get_wsc_msg(hapd
)
8157 if msg
['wsc_opcode'] != WSC_Start
:
8158 raise Exception("Unexpected Op-Code for WSC/Start")
8160 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8162 e_nonce
= 16*b
'\x22'
8163 own_private
, e_pk
= wsc_dh_init()
8165 logger
.debug("Send M1 to AP")
8166 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8168 send_wsc_msg(hapd
, addr
, m1
)
8170 logger
.debug("Receive M2 from AP")
8171 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8172 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8173 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8175 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8177 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8179 logger
.debug("Send M3 to AP")
8180 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8181 attrs
+= build_attr_msg_type(WPS_M3
)
8182 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8183 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8184 #attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
8185 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8186 raw_m3_attrs
= attrs
8187 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8188 send_wsc_msg(hapd
, addr
, m3
)
8190 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8193 def test_wps_ext_m5_missing_e_snonce1(dev
, apdev
):
8194 """WPS proto: M5 missing E-SNonce1"""
8196 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8197 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8198 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8200 logger
.debug("Receive WSC/Start from AP")
8201 msg
= get_wsc_msg(hapd
)
8202 if msg
['wsc_opcode'] != WSC_Start
:
8203 raise Exception("Unexpected Op-Code for WSC/Start")
8205 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8207 e_nonce
= 16*b
'\x22'
8208 own_private
, e_pk
= wsc_dh_init()
8210 logger
.debug("Send M1 to AP")
8211 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8213 send_wsc_msg(hapd
, addr
, m1
)
8215 logger
.debug("Receive M2 from AP")
8216 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8217 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8218 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8220 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8222 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8224 logger
.debug("Send M3 to AP")
8225 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8226 attrs
+= build_attr_msg_type(WPS_M3
)
8227 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8228 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8229 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8230 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8231 raw_m3_attrs
= attrs
8232 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8233 send_wsc_msg(hapd
, addr
, m3
)
8235 logger
.debug("Receive M4 from AP")
8236 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8238 logger
.debug("Send M5 to AP")
8239 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8240 attrs
+= build_attr_msg_type(WPS_M5
)
8241 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8242 #data = build_wsc_attr(ATTR_E_SNONCE1, e_s1)
8244 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8245 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8246 raw_m5_attrs
= attrs
8247 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8248 send_wsc_msg(hapd
, addr
, m5
)
8250 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8253 def test_wps_ext_m5_e_snonce1_mismatch(dev
, apdev
):
8254 """WPS proto: M5 E-SNonce1 mismatch"""
8256 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8257 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8258 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8260 logger
.debug("Receive WSC/Start from AP")
8261 msg
= get_wsc_msg(hapd
)
8262 if msg
['wsc_opcode'] != WSC_Start
:
8263 raise Exception("Unexpected Op-Code for WSC/Start")
8265 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8267 e_nonce
= 16*b
'\x22'
8268 own_private
, e_pk
= wsc_dh_init()
8270 logger
.debug("Send M1 to AP")
8271 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8273 send_wsc_msg(hapd
, addr
, m1
)
8275 logger
.debug("Receive M2 from AP")
8276 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8277 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8278 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8280 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8282 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8284 logger
.debug("Send M3 to AP")
8285 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8286 attrs
+= build_attr_msg_type(WPS_M3
)
8287 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8288 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8289 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8290 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8291 raw_m3_attrs
= attrs
8292 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8293 send_wsc_msg(hapd
, addr
, m3
)
8295 logger
.debug("Receive M4 from AP")
8296 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8298 logger
.debug("Send M5 to AP")
8299 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8300 attrs
+= build_attr_msg_type(WPS_M5
)
8301 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8302 data
= build_wsc_attr(ATTR_E_SNONCE1
, 16*'\x00')
8303 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8304 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8305 raw_m5_attrs
= attrs
8306 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8307 send_wsc_msg(hapd
, addr
, m5
)
8309 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8311 def test_wps_ext_m7_missing_e_snonce2(dev
, apdev
):
8312 """WPS proto: M7 missing E-SNonce2"""
8314 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8315 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8316 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8318 logger
.debug("Receive WSC/Start from AP")
8319 msg
= get_wsc_msg(hapd
)
8320 if msg
['wsc_opcode'] != WSC_Start
:
8321 raise Exception("Unexpected Op-Code for WSC/Start")
8323 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8325 e_nonce
= 16*b
'\x22'
8326 own_private
, e_pk
= wsc_dh_init()
8328 logger
.debug("Send M1 to AP")
8329 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8331 send_wsc_msg(hapd
, addr
, m1
)
8333 logger
.debug("Receive M2 from AP")
8334 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8335 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8336 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8338 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8340 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8342 logger
.debug("Send M3 to AP")
8343 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8344 attrs
+= build_attr_msg_type(WPS_M3
)
8345 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8346 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8347 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8348 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8349 raw_m3_attrs
= attrs
8350 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8351 send_wsc_msg(hapd
, addr
, m3
)
8353 logger
.debug("Receive M4 from AP")
8354 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8356 logger
.debug("Send M5 to AP")
8357 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8358 attrs
+= build_attr_msg_type(WPS_M5
)
8359 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8360 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
8361 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8362 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8363 raw_m5_attrs
= attrs
8364 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8365 send_wsc_msg(hapd
, addr
, m5
)
8367 logger
.debug("Receive M6 from AP")
8368 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
8370 logger
.debug("Send M7 to AP")
8371 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8372 attrs
+= build_attr_msg_type(WPS_M7
)
8373 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8374 #data = build_wsc_attr(ATTR_E_SNONCE2, e_s2)
8376 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8377 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
8378 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8379 raw_m7_attrs
= attrs
8380 send_wsc_msg(hapd
, addr
, m7
)
8382 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8385 def test_wps_ext_m7_e_snonce2_mismatch(dev
, apdev
):
8386 """WPS proto: M7 E-SNonce2 mismatch"""
8388 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8389 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8390 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8392 logger
.debug("Receive WSC/Start from AP")
8393 msg
= get_wsc_msg(hapd
)
8394 if msg
['wsc_opcode'] != WSC_Start
:
8395 raise Exception("Unexpected Op-Code for WSC/Start")
8397 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8399 e_nonce
= 16*b
'\x22'
8400 own_private
, e_pk
= wsc_dh_init()
8402 logger
.debug("Send M1 to AP")
8403 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8405 send_wsc_msg(hapd
, addr
, m1
)
8407 logger
.debug("Receive M2 from AP")
8408 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8409 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8410 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8412 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8414 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8416 logger
.debug("Send M3 to AP")
8417 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8418 attrs
+= build_attr_msg_type(WPS_M3
)
8419 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8420 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8421 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8422 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8423 raw_m3_attrs
= attrs
8424 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8425 send_wsc_msg(hapd
, addr
, m3
)
8427 logger
.debug("Receive M4 from AP")
8428 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8430 logger
.debug("Send M5 to AP")
8431 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8432 attrs
+= build_attr_msg_type(WPS_M5
)
8433 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8434 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
8435 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8436 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8437 raw_m5_attrs
= attrs
8438 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8439 send_wsc_msg(hapd
, addr
, m5
)
8441 logger
.debug("Receive M6 from AP")
8442 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
8444 logger
.debug("Send M7 to AP")
8445 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8446 attrs
+= build_attr_msg_type(WPS_M7
)
8447 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8448 data
= build_wsc_attr(ATTR_E_SNONCE2
, 16*'\x00')
8449 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8450 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
8451 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8452 raw_m7_attrs
= attrs
8453 send_wsc_msg(hapd
, addr
, m7
)
8455 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8458 def test_wps_ext_m1_pubkey_oom(dev
, apdev
):
8459 """WPS proto: M1 PubKey OOM"""
8461 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8462 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8463 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8465 logger
.debug("Receive WSC/Start from AP")
8466 msg
= get_wsc_msg(hapd
)
8467 if msg
['wsc_opcode'] != WSC_Start
:
8468 raise Exception("Unexpected Op-Code for WSC/Start")
8470 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8473 own_private
, e_pk
= wsc_dh_init()
8475 logger
.debug("Send M1 to AP")
8476 with
alloc_fail(hapd
, 1, "wpabuf_alloc_copy;wps_process_pubkey"):
8477 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8479 send_wsc_msg(hapd
, addr
, m1
)
8480 wps_wait_eap_failure(hapd
, dev
[0])
8482 def wps_wait_eap_failure(hapd
, dev
):
8483 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
8485 raise Exception("EAP-Failure not reported")
8486 dev
.wait_disconnected()
8489 def test_wps_ext_m3_m1(dev
, apdev
):
8490 """WPS proto: M3 replaced with M1"""
8492 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8493 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8494 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8496 logger
.debug("Receive WSC/Start from AP")
8497 msg
= get_wsc_msg(hapd
)
8498 if msg
['wsc_opcode'] != WSC_Start
:
8499 raise Exception("Unexpected Op-Code for WSC/Start")
8501 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8503 e_nonce
= 16*b
'\x22'
8504 own_private
, e_pk
= wsc_dh_init()
8506 logger
.debug("Send M1 to AP")
8507 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8509 send_wsc_msg(hapd
, addr
, m1
)
8511 logger
.debug("Receive M2 from AP")
8512 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8513 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8514 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8516 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8518 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8520 logger
.debug("Send M3(M1) to AP")
8521 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8522 attrs
+= build_attr_msg_type(WPS_M1
)
8523 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8524 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8525 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8526 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8527 raw_m3_attrs
= attrs
8528 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8529 send_wsc_msg(hapd
, addr
, m3
)
8531 wps_wait_eap_failure(hapd
, dev
[0])
8534 def test_wps_ext_m5_m3(dev
, apdev
):
8535 """WPS proto: M5 replaced with M3"""
8537 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8538 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8539 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8541 logger
.debug("Receive WSC/Start from AP")
8542 msg
= get_wsc_msg(hapd
)
8543 if msg
['wsc_opcode'] != WSC_Start
:
8544 raise Exception("Unexpected Op-Code for WSC/Start")
8546 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8548 e_nonce
= 16*b
'\x22'
8549 own_private
, e_pk
= wsc_dh_init()
8551 logger
.debug("Send M1 to AP")
8552 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8554 send_wsc_msg(hapd
, addr
, m1
)
8556 logger
.debug("Receive M2 from AP")
8557 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8558 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8559 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8561 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8563 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8565 logger
.debug("Send M3 to AP")
8566 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8567 attrs
+= build_attr_msg_type(WPS_M3
)
8568 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8569 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8570 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8571 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8572 raw_m3_attrs
= attrs
8573 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8574 send_wsc_msg(hapd
, addr
, m3
)
8576 logger
.debug("Receive M4 from AP")
8577 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8579 logger
.debug("Send M5(M3) to AP")
8580 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8581 attrs
+= build_attr_msg_type(WPS_M3
)
8582 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8583 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
8584 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8585 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8586 raw_m5_attrs
= attrs
8587 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8588 send_wsc_msg(hapd
, addr
, m5
)
8590 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8593 def test_wps_ext_m3_m2(dev
, apdev
):
8594 """WPS proto: M3 replaced with M2"""
8596 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8597 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8598 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8600 logger
.debug("Receive WSC/Start from AP")
8601 msg
= get_wsc_msg(hapd
)
8602 if msg
['wsc_opcode'] != WSC_Start
:
8603 raise Exception("Unexpected Op-Code for WSC/Start")
8605 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8607 e_nonce
= 16*b
'\x22'
8608 own_private
, e_pk
= wsc_dh_init()
8610 logger
.debug("Send M1 to AP")
8611 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8613 send_wsc_msg(hapd
, addr
, m1
)
8615 logger
.debug("Receive M2 from AP")
8616 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8617 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8618 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8620 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8622 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8624 logger
.debug("Send M3(M2) to AP")
8625 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8626 attrs
+= build_attr_msg_type(WPS_M2
)
8627 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8628 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8629 raw_m3_attrs
= attrs
8630 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8631 send_wsc_msg(hapd
, addr
, m3
)
8633 wps_wait_eap_failure(hapd
, dev
[0])
8636 def test_wps_ext_m3_m5(dev
, apdev
):
8637 """WPS proto: M3 replaced with M5"""
8639 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8640 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8641 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8643 logger
.debug("Receive WSC/Start from AP")
8644 msg
= get_wsc_msg(hapd
)
8645 if msg
['wsc_opcode'] != WSC_Start
:
8646 raise Exception("Unexpected Op-Code for WSC/Start")
8648 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8650 e_nonce
= 16*b
'\x22'
8651 own_private
, e_pk
= wsc_dh_init()
8653 logger
.debug("Send M1 to AP")
8654 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8656 send_wsc_msg(hapd
, addr
, m1
)
8658 logger
.debug("Receive M2 from AP")
8659 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8660 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8661 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8663 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8665 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8667 logger
.debug("Send M3(M5) to AP")
8668 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8669 attrs
+= build_attr_msg_type(WPS_M5
)
8670 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8671 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8672 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8673 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8674 raw_m3_attrs
= attrs
8675 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8676 send_wsc_msg(hapd
, addr
, m3
)
8678 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8681 def test_wps_ext_m3_m7(dev
, apdev
):
8682 """WPS proto: M3 replaced with M7"""
8684 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8685 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8686 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8688 logger
.debug("Receive WSC/Start from AP")
8689 msg
= get_wsc_msg(hapd
)
8690 if msg
['wsc_opcode'] != WSC_Start
:
8691 raise Exception("Unexpected Op-Code for WSC/Start")
8693 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8695 e_nonce
= 16*b
'\x22'
8696 own_private
, e_pk
= wsc_dh_init()
8698 logger
.debug("Send M1 to AP")
8699 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8701 send_wsc_msg(hapd
, addr
, m1
)
8703 logger
.debug("Receive M2 from AP")
8704 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8705 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8706 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8708 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8710 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8712 logger
.debug("Send M3(M7) to AP")
8713 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8714 attrs
+= build_attr_msg_type(WPS_M7
)
8715 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8716 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8717 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8718 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8719 raw_m3_attrs
= attrs
8720 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8721 send_wsc_msg(hapd
, addr
, m3
)
8723 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8726 def test_wps_ext_m3_done(dev
, apdev
):
8727 """WPS proto: M3 replaced with WSC_Done"""
8729 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8730 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8731 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8733 logger
.debug("Receive WSC/Start from AP")
8734 msg
= get_wsc_msg(hapd
)
8735 if msg
['wsc_opcode'] != WSC_Start
:
8736 raise Exception("Unexpected Op-Code for WSC/Start")
8738 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8740 e_nonce
= 16*b
'\x22'
8741 own_private
, e_pk
= wsc_dh_init()
8743 logger
.debug("Send M1 to AP")
8744 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8746 send_wsc_msg(hapd
, addr
, m1
)
8748 logger
.debug("Receive M2 from AP")
8749 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8750 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8751 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8753 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8755 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8757 logger
.debug("Send M3(WSC_Done) to AP")
8758 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8759 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
8760 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8761 raw_m3_attrs
= attrs
8762 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
8763 send_wsc_msg(hapd
, addr
, m3
)
8765 wps_wait_eap_failure(hapd
, dev
[0])
8768 def test_wps_ext_m2_nack_invalid(dev
, apdev
):
8769 """WPS proto: M2 followed by invalid NACK"""
8771 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8772 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8773 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8775 logger
.debug("Receive WSC/Start from AP")
8776 msg
= get_wsc_msg(hapd
)
8777 if msg
['wsc_opcode'] != WSC_Start
:
8778 raise Exception("Unexpected Op-Code for WSC/Start")
8780 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8782 e_nonce
= 16*b
'\x22'
8783 own_private
, e_pk
= wsc_dh_init()
8785 logger
.debug("Send M1 to AP")
8786 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8788 send_wsc_msg(hapd
, addr
, m1
)
8790 logger
.debug("Receive M2 from AP")
8791 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8792 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8793 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8795 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8797 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8799 logger
.debug("Send WSC_NACK to AP")
8800 attrs
= b
'\x10\x00\x00'
8801 nack
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_NACK
)
8802 send_wsc_msg(hapd
, addr
, nack
)
8804 wps_wait_eap_failure(hapd
, dev
[0])
8807 def test_wps_ext_m2_nack_no_msg_type(dev
, apdev
):
8808 """WPS proto: M2 followed by NACK without Msg Type"""
8810 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8811 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8812 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8814 logger
.debug("Receive WSC/Start from AP")
8815 msg
= get_wsc_msg(hapd
)
8816 if msg
['wsc_opcode'] != WSC_Start
:
8817 raise Exception("Unexpected Op-Code for WSC/Start")
8819 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8821 e_nonce
= 16*b
'\x22'
8822 own_private
, e_pk
= wsc_dh_init()
8824 logger
.debug("Send M1 to AP")
8825 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8827 send_wsc_msg(hapd
, addr
, m1
)
8829 logger
.debug("Receive M2 from AP")
8830 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8831 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8832 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8834 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8836 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8838 logger
.debug("Send WSC_NACK to AP")
8839 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8840 msg_type
=None, eap_code
=2)
8841 send_wsc_msg(hapd
, addr
, nack
)
8843 wps_wait_eap_failure(hapd
, dev
[0])
8846 def test_wps_ext_m2_nack_invalid_msg_type(dev
, apdev
):
8847 """WPS proto: M2 followed by NACK with invalid Msg Type"""
8849 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8850 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8851 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8853 logger
.debug("Receive WSC/Start from AP")
8854 msg
= get_wsc_msg(hapd
)
8855 if msg
['wsc_opcode'] != WSC_Start
:
8856 raise Exception("Unexpected Op-Code for WSC/Start")
8858 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8860 e_nonce
= 16*b
'\x22'
8861 own_private
, e_pk
= wsc_dh_init()
8863 logger
.debug("Send M1 to AP")
8864 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8866 send_wsc_msg(hapd
, addr
, m1
)
8868 logger
.debug("Receive M2 from AP")
8869 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8870 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8871 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8873 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8875 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8877 logger
.debug("Send WSC_NACK to AP")
8878 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8879 msg_type
=WPS_WSC_ACK
, eap_code
=2)
8880 send_wsc_msg(hapd
, addr
, nack
)
8882 wps_wait_eap_failure(hapd
, dev
[0])
8885 def test_wps_ext_m2_nack_e_nonce_mismatch(dev
, apdev
):
8886 """WPS proto: M2 followed by NACK with e-nonce mismatch"""
8888 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8889 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8890 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8892 logger
.debug("Receive WSC/Start from AP")
8893 msg
= get_wsc_msg(hapd
)
8894 if msg
['wsc_opcode'] != WSC_Start
:
8895 raise Exception("Unexpected Op-Code for WSC/Start")
8897 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8899 e_nonce
= 16*b
'\x22'
8900 own_private
, e_pk
= wsc_dh_init()
8902 logger
.debug("Send M1 to AP")
8903 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8905 send_wsc_msg(hapd
, addr
, m1
)
8907 logger
.debug("Receive M2 from AP")
8908 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8909 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8910 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8912 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8914 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8916 logger
.debug("Send WSC_NACK to AP")
8917 nack
, attrs
= build_nack(msg
['eap_identifier'], 16*b
'\x00', r_nonce
,
8919 send_wsc_msg(hapd
, addr
, nack
)
8921 wps_wait_eap_failure(hapd
, dev
[0])
8924 def test_wps_ext_m2_nack_no_config_error(dev
, apdev
):
8925 """WPS proto: M2 followed by NACK without Config Error"""
8927 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8928 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8929 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8931 logger
.debug("Receive WSC/Start from AP")
8932 msg
= get_wsc_msg(hapd
)
8933 if msg
['wsc_opcode'] != WSC_Start
:
8934 raise Exception("Unexpected Op-Code for WSC/Start")
8936 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8938 e_nonce
= 16*b
'\x22'
8939 own_private
, e_pk
= wsc_dh_init()
8941 logger
.debug("Send M1 to AP")
8942 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8944 send_wsc_msg(hapd
, addr
, m1
)
8946 logger
.debug("Receive M2 from AP")
8947 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8948 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8949 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8951 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8953 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8955 logger
.debug("Send WSC_NACK to AP")
8956 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8957 config_error
=None, eap_code
=2)
8958 send_wsc_msg(hapd
, addr
, nack
)
8960 wps_wait_eap_failure(hapd
, dev
[0])
8963 def test_wps_ext_m2_ack_invalid(dev
, apdev
):
8964 """WPS proto: M2 followed by invalid ACK"""
8966 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8967 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8968 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8970 logger
.debug("Receive WSC/Start from AP")
8971 msg
= get_wsc_msg(hapd
)
8972 if msg
['wsc_opcode'] != WSC_Start
:
8973 raise Exception("Unexpected Op-Code for WSC/Start")
8975 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8977 e_nonce
= 16*b
'\x22'
8978 own_private
, e_pk
= wsc_dh_init()
8980 logger
.debug("Send M1 to AP")
8981 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8983 send_wsc_msg(hapd
, addr
, m1
)
8985 logger
.debug("Receive M2 from AP")
8986 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8987 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8988 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8990 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8992 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8994 logger
.debug("Send WSC_ACK to AP")
8995 attrs
= b
'\x10\x00\x00'
8996 ack
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_ACK
)
8997 send_wsc_msg(hapd
, addr
, ack
)
8999 wps_wait_eap_failure(hapd
, dev
[0])
9002 def test_wps_ext_m2_ack(dev
, apdev
):
9003 """WPS proto: M2 followed by ACK"""
9005 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9006 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9007 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9009 logger
.debug("Receive WSC/Start from AP")
9010 msg
= get_wsc_msg(hapd
)
9011 if msg
['wsc_opcode'] != WSC_Start
:
9012 raise Exception("Unexpected Op-Code for WSC/Start")
9014 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9016 e_nonce
= 16*b
'\x22'
9017 own_private
, e_pk
= wsc_dh_init()
9019 logger
.debug("Send M1 to AP")
9020 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9022 send_wsc_msg(hapd
, addr
, m1
)
9024 logger
.debug("Receive M2 from AP")
9025 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9026 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
9027 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
9029 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9031 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9033 logger
.debug("Send WSC_ACK to AP")
9034 ack
, attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
, eap_code
=2)
9035 send_wsc_msg(hapd
, addr
, ack
)
9037 wps_wait_eap_failure(hapd
, dev
[0])
9040 def test_wps_ext_m2_ack_no_msg_type(dev
, apdev
):
9041 """WPS proto: M2 followed by ACK missing Msg Type"""
9043 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9044 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9045 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9047 logger
.debug("Receive WSC/Start from AP")
9048 msg
= get_wsc_msg(hapd
)
9049 if msg
['wsc_opcode'] != WSC_Start
:
9050 raise Exception("Unexpected Op-Code for WSC/Start")
9052 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9054 e_nonce
= 16*b
'\x22'
9055 own_private
, e_pk
= wsc_dh_init()
9057 logger
.debug("Send M1 to AP")
9058 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9060 send_wsc_msg(hapd
, addr
, m1
)
9062 logger
.debug("Receive M2 from AP")
9063 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9064 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
9065 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
9067 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9069 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9071 logger
.debug("Send WSC_ACK to AP")
9072 ack
, attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
,
9073 msg_type
=None, eap_code
=2)
9074 send_wsc_msg(hapd
, addr
, ack
)
9076 wps_wait_eap_failure(hapd
, dev
[0])
9079 def test_wps_ext_m2_ack_invalid_msg_type(dev
, apdev
):
9080 """WPS proto: M2 followed by ACK with invalid Msg Type"""
9082 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9083 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9084 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9086 logger
.debug("Receive WSC/Start from AP")
9087 msg
= get_wsc_msg(hapd
)
9088 if msg
['wsc_opcode'] != WSC_Start
:
9089 raise Exception("Unexpected Op-Code for WSC/Start")
9091 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9093 e_nonce
= 16*b
'\x22'
9094 own_private
, e_pk
= wsc_dh_init()
9096 logger
.debug("Send M1 to AP")
9097 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9099 send_wsc_msg(hapd
, addr
, m1
)
9101 logger
.debug("Receive M2 from AP")
9102 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9103 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
9104 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
9106 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9108 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9110 logger
.debug("Send WSC_ACK to AP")
9111 ack
, attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
,
9112 msg_type
=WPS_WSC_NACK
, eap_code
=2)
9113 send_wsc_msg(hapd
, addr
, ack
)
9115 wps_wait_eap_failure(hapd
, dev
[0])
9118 def test_wps_ext_m2_ack_e_nonce_mismatch(dev
, apdev
):
9119 """WPS proto: M2 followed by ACK with e-nonce mismatch"""
9121 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9122 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9123 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9125 logger
.debug("Receive WSC/Start from AP")
9126 msg
= get_wsc_msg(hapd
)
9127 if msg
['wsc_opcode'] != WSC_Start
:
9128 raise Exception("Unexpected Op-Code for WSC/Start")
9130 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9132 e_nonce
= 16*b
'\x22'
9133 own_private
, e_pk
= wsc_dh_init()
9135 logger
.debug("Send M1 to AP")
9136 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9138 send_wsc_msg(hapd
, addr
, m1
)
9140 logger
.debug("Receive M2 from AP")
9141 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9142 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
9143 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
9145 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9147 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9149 logger
.debug("Send WSC_ACK to AP")
9150 ack
, attrs
= build_ack(msg
['eap_identifier'], 16*b
'\x00', r_nonce
,
9152 send_wsc_msg(hapd
, addr
, ack
)
9154 wps_wait_eap_failure(hapd
, dev
[0])
9157 def test_wps_ext_m1_invalid(dev
, apdev
):
9158 """WPS proto: M1 failing parsing"""
9160 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9161 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9162 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9164 logger
.debug("Receive WSC/Start from AP")
9165 msg
= get_wsc_msg(hapd
)
9166 if msg
['wsc_opcode'] != WSC_Start
:
9167 raise Exception("Unexpected Op-Code for WSC/Start")
9169 logger
.debug("Send M1 to AP")
9170 attrs
= b
'\x10\x00\x00'
9171 m1
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9172 send_wsc_msg(hapd
, addr
, m1
)
9174 wps_wait_eap_failure(hapd
, dev
[0])
9176 def test_wps_ext_m1_missing_msg_type(dev
, apdev
):
9177 """WPS proto: M1 missing Msg Type"""
9179 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9180 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9181 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9183 logger
.debug("Receive WSC/Start from AP")
9184 msg
= get_wsc_msg(hapd
)
9185 if msg
['wsc_opcode'] != WSC_Start
:
9186 raise Exception("Unexpected Op-Code for WSC/Start")
9188 logger
.debug("Send M1 to AP")
9189 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9190 m1
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9191 send_wsc_msg(hapd
, addr
, m1
)
9193 wps_wait_ap_nack(hapd
, dev
[0], 16*b
'\x00', 16*b
'\x00')
9195 def wps_ext_wsc_done(dev
, apdev
):
9197 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9198 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9199 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9201 logger
.debug("Receive WSC/Start from AP")
9202 msg
= get_wsc_msg(hapd
)
9203 if msg
['wsc_opcode'] != WSC_Start
:
9204 raise Exception("Unexpected Op-Code for WSC/Start")
9206 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9208 e_nonce
= 16*b
'\x22'
9209 own_private
, e_pk
= wsc_dh_init()
9211 logger
.debug("Send M1 to AP")
9212 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9214 send_wsc_msg(hapd
, addr
, m1
)
9216 logger
.debug("Receive M2 from AP")
9217 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9218 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
9219 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
9221 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9223 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9225 logger
.debug("Send M3 to AP")
9226 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9227 attrs
+= build_attr_msg_type(WPS_M3
)
9228 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9229 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
9230 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
9231 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
9232 raw_m3_attrs
= attrs
9233 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9234 send_wsc_msg(hapd
, addr
, m3
)
9236 logger
.debug("Receive M4 from AP")
9237 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
9239 logger
.debug("Send M5 to AP")
9240 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9241 attrs
+= build_attr_msg_type(WPS_M5
)
9242 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9243 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
9244 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
9245 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
9246 raw_m5_attrs
= attrs
9247 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9248 send_wsc_msg(hapd
, addr
, m5
)
9250 logger
.debug("Receive M6 from AP")
9251 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
9253 logger
.debug("Send M7 to AP")
9254 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9255 attrs
+= build_attr_msg_type(WPS_M7
)
9256 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9257 data
= build_wsc_attr(ATTR_E_SNONCE2
, e_s2
)
9258 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
9259 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
9260 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9261 raw_m7_attrs
= attrs
9262 send_wsc_msg(hapd
, addr
, m7
)
9264 logger
.debug("Receive M8 from AP")
9265 msg
, m8_attrs
, raw_m8_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M8
)
9266 return hapd
, msg
, e_nonce
, r_nonce
9269 def test_wps_ext_wsc_done_invalid(dev
, apdev
):
9270 """WPS proto: invalid WSC_Done"""
9271 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9273 logger
.debug("Send WSC_Done to AP")
9274 attrs
= b
'\x10\x00\x00'
9275 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9276 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9278 wps_wait_eap_failure(hapd
, dev
[0])
9281 def test_wps_ext_wsc_done_no_msg_type(dev
, apdev
):
9282 """WPS proto: invalid WSC_Done"""
9283 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9285 logger
.debug("Send WSC_Done to AP")
9286 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9287 #attrs += build_attr_msg_type(WPS_WSC_DONE)
9288 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
9289 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9290 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9291 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9293 wps_wait_eap_failure(hapd
, dev
[0])
9296 def test_wps_ext_wsc_done_wrong_msg_type(dev
, apdev
):
9297 """WPS proto: WSC_Done with wrong Msg Type"""
9298 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9300 logger
.debug("Send WSC_Done to AP")
9301 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9302 attrs
+= build_attr_msg_type(WPS_WSC_ACK
)
9303 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
9304 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9305 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9306 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9308 wps_wait_eap_failure(hapd
, dev
[0])
9311 def test_wps_ext_wsc_done_no_e_nonce(dev
, apdev
):
9312 """WPS proto: WSC_Done without e_nonce"""
9313 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9315 logger
.debug("Send WSC_Done to AP")
9316 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9317 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
9318 #attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
9319 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9320 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9321 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9323 wps_wait_eap_failure(hapd
, dev
[0])
9325 def test_wps_ext_wsc_done_no_r_nonce(dev
, apdev
):
9326 """WPS proto: WSC_Done without r_nonce"""
9327 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9329 logger
.debug("Send WSC_Done to AP")
9330 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9331 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
9332 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
9333 #attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9334 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9335 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9337 wps_wait_eap_failure(hapd
, dev
[0])
9340 def test_wps_ext_m7_no_encr_settings(dev
, apdev
):
9341 """WPS proto: M7 without Encr Settings"""
9343 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9344 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9345 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9347 logger
.debug("Receive WSC/Start from AP")
9348 msg
= get_wsc_msg(hapd
)
9349 if msg
['wsc_opcode'] != WSC_Start
:
9350 raise Exception("Unexpected Op-Code for WSC/Start")
9352 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9354 e_nonce
= 16*b
'\x22'
9355 own_private
, e_pk
= wsc_dh_init()
9357 logger
.debug("Send M1 to AP")
9358 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9360 send_wsc_msg(hapd
, addr
, m1
)
9362 logger
.debug("Receive M2 from AP")
9363 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9364 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
9365 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
9367 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9369 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9371 logger
.debug("Send M3 to AP")
9372 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9373 attrs
+= build_attr_msg_type(WPS_M3
)
9374 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9375 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
9376 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
9377 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
9378 raw_m3_attrs
= attrs
9379 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9380 send_wsc_msg(hapd
, addr
, m3
)
9382 logger
.debug("Receive M4 from AP")
9383 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
9385 logger
.debug("Send M5 to AP")
9386 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9387 attrs
+= build_attr_msg_type(WPS_M5
)
9388 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9389 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
9390 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
9391 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
9392 raw_m5_attrs
= attrs
9393 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9394 send_wsc_msg(hapd
, addr
, m5
)
9396 logger
.debug("Receive M6 from AP")
9397 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
9399 logger
.debug("Send M7 to AP")
9400 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9401 attrs
+= build_attr_msg_type(WPS_M7
)
9402 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9403 #data = build_wsc_attr(ATTR_E_SNONCE2, e_s2)
9404 #attrs += build_attr_encr_settings(authkey, keywrapkey, data)
9405 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
9406 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9407 raw_m7_attrs
= attrs
9408 send_wsc_msg(hapd
, addr
, m7
)
9410 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
9413 def test_wps_ext_m1_workaround(dev
, apdev
):
9414 """WPS proto: M1 Manufacturer/Model workaround"""
9416 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9417 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9418 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9420 logger
.debug("Receive WSC/Start from AP")
9421 msg
= get_wsc_msg(hapd
)
9422 if msg
['wsc_opcode'] != WSC_Start
:
9423 raise Exception("Unexpected Op-Code for WSC/Start")
9425 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9427 e_nonce
= 16*b
'\x22'
9428 own_private
, e_pk
= wsc_dh_init()
9430 logger
.debug("Send M1 to AP")
9431 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9432 e_nonce
, e_pk
, manufacturer
='Apple TEST',
9433 model_name
='AirPort', config_methods
=b
'\xff\xff')
9434 send_wsc_msg(hapd
, addr
, m1
)
9436 logger
.debug("Receive M2 from AP")
9437 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9440 def test_ap_wps_disable_enable(dev
, apdev
):
9441 """WPS and DISABLE/ENABLE AP"""
9442 hapd
= wps_start_ap(apdev
[0])
9445 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
9447 def test_ap_wps_upnp_web_oom(dev
, apdev
, params
):
9448 """hostapd WPS UPnP web OOM"""
9449 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9450 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
9452 location
= ssdp_get_location(ap_uuid
)
9453 url
= urlparse(location
)
9454 urls
= upnp_get_urls(location
)
9455 eventurl
= urlparse(urls
['event_sub_url'])
9456 ctrlurl
= urlparse(urls
['control_url'])
9458 conn
= HTTPConnection(url
.netloc
)
9459 with
alloc_fail(hapd
, 1, "web_connection_parse_get"):
9460 conn
.request("GET", "/wps_device.xml")
9462 resp
= conn
.getresponse()
9466 conn
= HTTPConnection(url
.netloc
)
9467 conn
.request("GET", "/unknown")
9468 resp
= conn
.getresponse()
9469 if resp
.status
!= 404:
9470 raise Exception("Unexpected HTTP result for unknown URL: %d" + resp
.status
)
9472 with
alloc_fail(hapd
, 1, "web_connection_parse_get"):
9473 conn
.request("GET", "/unknown")
9475 resp
= conn
.getresponse()
9480 conn
= HTTPConnection(url
.netloc
)
9481 conn
.request("GET", "/wps_device.xml")
9482 resp
= conn
.getresponse()
9483 if resp
.status
!= 200:
9484 raise Exception("GET /wps_device.xml failed")
9486 conn
= HTTPConnection(url
.netloc
)
9487 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9488 if resp
.status
!= 200:
9489 raise Exception("GetDeviceInfo failed")
9491 with
alloc_fail(hapd
, 1, "web_process_get_device_info"):
9492 conn
= HTTPConnection(url
.netloc
)
9493 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9494 if resp
.status
!= 500:
9495 raise Exception("Internal error not reported from GetDeviceInfo OOM")
9497 with
alloc_fail(hapd
, 1, "wps_build_m1;web_process_get_device_info"):
9498 conn
= HTTPConnection(url
.netloc
)
9499 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9500 if resp
.status
!= 500:
9501 raise Exception("Internal error not reported from GetDeviceInfo OOM")
9503 with
alloc_fail(hapd
, 1, "wpabuf_alloc;web_connection_send_reply"):
9504 conn
= HTTPConnection(url
.netloc
)
9506 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9510 conn
= HTTPConnection(url
.netloc
)
9511 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9512 if resp
.status
!= 200:
9513 raise Exception("GetDeviceInfo failed")
9515 # No NewWLANEventType in PutWLANResponse NewMessage
9516 conn
= HTTPConnection(url
.netloc
)
9517 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse", newmsg
="foo")
9518 if resp
.status
!= 600:
9519 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9521 # No NewWLANEventMAC in PutWLANResponse NewMessage
9522 conn
= HTTPConnection(url
.netloc
)
9523 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9524 newmsg
="foo", neweventtype
="1")
9525 if resp
.status
!= 600:
9526 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9528 # Invalid NewWLANEventMAC in PutWLANResponse NewMessage
9529 conn
= HTTPConnection(url
.netloc
)
9530 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9531 newmsg
="foo", neweventtype
="1",
9533 if resp
.status
!= 600:
9534 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9536 # Workaround for NewWLANEventMAC in PutWLANResponse NewMessage
9537 # Ignored unexpected PutWLANResponse WLANEventType 1
9538 conn
= HTTPConnection(url
.netloc
)
9539 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9540 newmsg
="foo", neweventtype
="1",
9541 neweventmac
="00.11.22.33.44.55")
9542 if resp
.status
!= 500:
9543 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9545 # PutWLANResponse NewMessage with invalid EAP message
9546 conn
= HTTPConnection(url
.netloc
)
9547 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9548 newmsg
="foo", neweventtype
="2",
9549 neweventmac
="00:11:22:33:44:55")
9550 if resp
.status
!= 200:
9551 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9553 with
alloc_fail(hapd
, 1, "web_connection_parse_subscribe"):
9554 conn
= HTTPConnection(url
.netloc
)
9555 headers
= {"callback": '<http://127.0.0.1:12345/event>',
9557 "timeout": "Second-1234"}
9558 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
9560 resp
= conn
.getresponse()
9564 with
alloc_fail(hapd
, 1, "dup_binstr;web_connection_parse_subscribe"):
9565 conn
= HTTPConnection(url
.netloc
)
9566 headers
= {"callback": '<http://127.0.0.1:12345/event>',
9568 "timeout": "Second-1234"}
9569 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
9570 resp
= conn
.getresponse()
9571 if resp
.status
!= 500:
9572 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9574 with
alloc_fail(hapd
, 1, "wpabuf_alloc;web_connection_parse_unsubscribe"):
9575 conn
= HTTPConnection(url
.netloc
)
9576 headers
= {"callback": '<http://127.0.0.1:12345/event>',
9578 "timeout": "Second-1234"}
9579 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
9581 resp
= conn
.getresponse()
9585 with
alloc_fail(hapd
, 1, "web_connection_unimplemented"):
9586 conn
= HTTPConnection(url
.netloc
)
9587 conn
.request("HEAD", "/wps_device.xml")
9589 resp
= conn
.getresponse()
9593 def test_ap_wps_frag_ack_oom(dev
, apdev
):
9594 """WPS and fragment ack OOM"""
9595 dev
[0].request("SET wps_fragment_size 50")
9596 hapd
= wps_start_ap(apdev
[0])
9597 with
alloc_fail(hapd
, 1, "eap_wsc_build_frag_ack"):
9598 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
9600 def wait_scan_stopped(dev
):
9601 dev
.request("ABORT_SCAN")
9603 res
= dev
.get_driver_status_field("scan_state")
9604 if "SCAN_STARTED" not in res
and "SCAN_REQUESTED" not in res
:
9606 logger
.debug("Waiting for scan to complete")
9610 def test_ap_wps_eap_wsc_errors(dev
, apdev
):
9611 """WPS and EAP-WSC error cases"""
9612 ssid
= "test-wps-conf-pin"
9614 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9615 "wpa_passphrase": "12345678", "wpa": "2",
9616 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9617 "fragment_size": "300", "ap_pin": appin
}
9618 hapd
= hostapd
.add_ap(apdev
[0], params
)
9619 bssid
= apdev
[0]['bssid']
9621 pin
= dev
[0].wps_read_pin()
9622 hapd
.request("WPS_PIN any " + pin
)
9623 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
9624 dev
[0].dump_monitor()
9626 dev
[0].wps_reg(bssid
, appin
+ " new_ssid=a", "new ssid", "WPA2PSK", "CCMP",
9627 "new passphrase", no_wait
=True)
9628 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9630 raise Exception("WPS-FAIL not reported")
9631 dev
[0].request("WPS_CANCEL")
9632 dev
[0].wait_disconnected()
9633 wait_scan_stopped(dev
[0])
9634 dev
[0].dump_monitor()
9636 dev
[0].wps_reg(bssid
, appin
, "new ssid", "FOO", "CCMP",
9637 "new passphrase", no_wait
=True)
9638 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9640 raise Exception("WPS-FAIL not reported")
9641 dev
[0].request("WPS_CANCEL")
9642 dev
[0].wait_disconnected()
9643 wait_scan_stopped(dev
[0])
9644 dev
[0].dump_monitor()
9646 dev
[0].wps_reg(bssid
, appin
, "new ssid", "WPA2PSK", "FOO",
9647 "new passphrase", no_wait
=True)
9648 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9650 raise Exception("WPS-FAIL not reported")
9651 dev
[0].request("WPS_CANCEL")
9652 dev
[0].wait_disconnected()
9653 wait_scan_stopped(dev
[0])
9654 dev
[0].dump_monitor()
9656 dev
[0].wps_reg(bssid
, appin
+ "new_key=a", "new ssid", "WPA2PSK", "CCMP",
9657 "new passphrase", no_wait
=True)
9658 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9660 raise Exception("WPS-FAIL not reported")
9661 dev
[0].request("WPS_CANCEL")
9662 dev
[0].wait_disconnected()
9663 wait_scan_stopped(dev
[0])
9664 dev
[0].dump_monitor()
9666 tests
= ["eap_wsc_init",
9667 "eap_msg_alloc;eap_wsc_build_msg",
9668 "wpabuf_alloc;eap_wsc_process_fragment"]
9670 with
alloc_fail(dev
[0], 1, func
):
9671 dev
[0].request("WPS_PIN %s %s" % (bssid
, pin
))
9672 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
9673 dev
[0].request("WPS_CANCEL")
9674 dev
[0].wait_disconnected()
9675 wait_scan_stopped(dev
[0])
9676 dev
[0].dump_monitor()
9678 tests
= [(1, "wps_decrypt_encr_settings"),
9679 (2, "hmac_sha256;wps_derive_psk")]
9680 for count
, func
in tests
:
9681 hapd
.request("WPS_PIN any " + pin
)
9682 with
fail_test(dev
[0], count
, func
):
9683 dev
[0].request("WPS_PIN %s %s" % (bssid
, pin
))
9684 wait_fail_trigger(dev
[0], "GET_FAIL")
9685 dev
[0].request("WPS_CANCEL")
9686 dev
[0].wait_disconnected()
9687 wait_scan_stopped(dev
[0])
9688 dev
[0].dump_monitor()
9690 with
alloc_fail(dev
[0], 1, "eap_msg_alloc;eap_sm_build_expanded_nak"):
9691 dev
[0].wps_reg(bssid
, appin
+ " new_ssid=a", "new ssid", "WPA2PSK",
9692 "CCMP", "new passphrase", no_wait
=True)
9693 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
9694 dev
[0].request("WPS_CANCEL")
9695 dev
[0].wait_disconnected()
9696 wait_scan_stopped(dev
[0])
9697 dev
[0].dump_monitor()
9699 def test_ap_wps_eap_wsc(dev
, apdev
):
9700 """WPS and EAP-WSC in network profile"""
9701 params
= int_eap_server_params()
9702 params
["wps_state"] = "2"
9703 hapd
= hostapd
.add_ap(apdev
[0], params
)
9704 bssid
= apdev
[0]['bssid']
9706 logger
.info("Unexpected identity")
9707 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9708 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-unexpected",
9710 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9712 raise Exception("No EAP-Failure seen")
9713 dev
[0].request("REMOVE_NETWORK all")
9714 dev
[0].wait_disconnected()
9716 logger
.info("No phase1 parameter")
9717 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9718 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9720 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9722 raise Exception("Timeout on EAP method start")
9723 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9725 raise Exception("No EAP-Failure seen")
9726 dev
[0].request("REMOVE_NETWORK all")
9727 dev
[0].wait_disconnected()
9729 logger
.info("No PIN/PBC in phase1")
9730 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9731 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9732 phase1
="foo", wait_connect
=False)
9733 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9735 raise Exception("Timeout on EAP method start")
9736 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9738 raise Exception("No EAP-Failure seen")
9739 dev
[0].request("REMOVE_NETWORK all")
9740 dev
[0].wait_disconnected()
9742 logger
.info("Invalid pkhash in phase1")
9743 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9744 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9745 phase1
="foo pkhash=q pbc=1", wait_connect
=False)
9746 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9748 raise Exception("Timeout on EAP method start")
9749 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9751 raise Exception("No EAP-Failure seen")
9752 dev
[0].request("REMOVE_NETWORK all")
9753 dev
[0].wait_disconnected()
9755 logger
.info("Zero fragment_size")
9756 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9757 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9758 fragment_size
="0", phase1
="pin=12345670", wait_connect
=False)
9759 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9761 raise Exception("Timeout on EAP method start")
9762 ev
= dev
[0].wait_event(["WPS-M2D"], timeout
=5)
9764 raise Exception("No M2D seen")
9765 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9767 raise Exception("No EAP-Failure seen")
9768 dev
[0].request("REMOVE_NETWORK all")
9769 dev
[0].wait_disconnected()
9771 logger
.info("Missing new_auth")
9772 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9773 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9774 phase1
="pin=12345670 new_ssid=aa", wait_connect
=False)
9775 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9777 raise Exception("Timeout on EAP method start")
9778 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9780 raise Exception("No EAP-Failure seen")
9781 dev
[0].request("REMOVE_NETWORK all")
9782 dev
[0].wait_disconnected()
9784 logger
.info("Missing new_encr")
9785 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9786 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9787 phase1
="pin=12345670 new_auth=WPA2PSK new_ssid=aa", wait_connect
=False)
9788 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9790 raise Exception("Timeout on EAP method start")
9791 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9793 raise Exception("No EAP-Failure seen")
9794 dev
[0].request("REMOVE_NETWORK all")
9795 dev
[0].wait_disconnected()
9797 logger
.info("Missing new_key")
9798 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9799 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9800 phase1
="pin=12345670 new_auth=WPA2PSK new_ssid=aa new_encr=CCMP",
9802 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9804 raise Exception("Timeout on EAP method start")
9805 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9807 raise Exception("No EAP-Failure seen")
9808 dev
[0].request("REMOVE_NETWORK all")
9809 dev
[0].wait_disconnected()
9811 def test_ap_wps_and_bss_limit(dev
, apdev
):
9812 """WPS and wpa_supplicant BSS entry limit"""
9814 _test_ap_wps_and_bss_limit(dev
, apdev
)
9816 dev
[0].request("SET bss_max_count 200")
9819 def _test_ap_wps_and_bss_limit(dev
, apdev
):
9820 params
= {"ssid": "test-wps", "eap_server": "1", "wps_state": "2",
9821 "wpa_passphrase": "12345678", "wpa": "2",
9822 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
9823 hapd
= hostapd
.add_ap(apdev
[0], params
)
9825 params
= {"ssid": "test-wps-2", "eap_server": "1", "wps_state": "2",
9826 "wpa_passphrase": "1234567890", "wpa": "2",
9827 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
9828 hapd2
= hostapd
.add_ap(apdev
[1], params
)
9830 id = dev
[1].add_network()
9831 dev
[1].set_network(id, "mode", "2")
9832 dev
[1].set_network_quoted(id, "ssid", "wpas-ap-no-wps")
9833 dev
[1].set_network_quoted(id, "psk", "12345678")
9834 dev
[1].set_network(id, "frequency", "2462")
9835 dev
[1].set_network(id, "scan_freq", "2462")
9836 dev
[1].set_network(id, "wps_disabled", "1")
9837 dev
[1].select_network(id)
9839 id = dev
[2].add_network()
9840 dev
[2].set_network(id, "mode", "2")
9841 dev
[2].set_network_quoted(id, "ssid", "wpas-ap")
9842 dev
[2].set_network_quoted(id, "psk", "12345678")
9843 dev
[2].set_network(id, "frequency", "2437")
9844 dev
[2].set_network(id, "scan_freq", "2437")
9845 dev
[2].select_network(id)
9847 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
9848 wpas
.interface_add("wlan5")
9849 id = wpas
.add_network()
9850 wpas
.set_network(id, "mode", "2")
9851 wpas
.set_network_quoted(id, "ssid", "wpas-ap")
9852 wpas
.set_network_quoted(id, "psk", "12345678")
9853 wpas
.set_network(id, "frequency", "2437")
9854 wpas
.set_network(id, "scan_freq", "2437")
9855 wpas
.select_network(id)
9857 dev
[1].wait_connected()
9858 dev
[2].wait_connected()
9859 wpas
.wait_connected()
9860 wpas
.request("WPS_PIN any 12345670")
9862 hapd
.request("WPS_PBC")
9863 hapd2
.request("WPS_PBC")
9865 dev
[0].request("SET bss_max_count 1")
9867 id = dev
[0].add_network()
9868 dev
[0].set_network_quoted(id, "ssid", "testing")
9870 id = dev
[0].add_network()
9871 dev
[0].set_network_quoted(id, "ssid", "testing")
9872 dev
[0].set_network(id, "key_mgmt", "WPS")
9874 dev
[0].request("WPS_PBC")
9875 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
9876 dev
[0].request("WPS_CANCEL")
9878 id = dev
[0].add_network()
9879 dev
[0].set_network_quoted(id, "ssid", "testing")
9880 dev
[0].set_network(id, "key_mgmt", "WPS")
9882 dev
[0].scan(freq
="2412")
9884 def test_ap_wps_pbc_2ap(dev
, apdev
):
9885 """WPS PBC with two APs advertising same SSID"""
9886 params
= {"ssid": "wps", "eap_server": "1", "wps_state": "2",
9887 "wpa_passphrase": "12345678", "wpa": "2",
9888 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9889 "wps_independent": "1"}
9890 hapd
= hostapd
.add_ap(apdev
[0], params
)
9891 params
= {"ssid": "wps", "eap_server": "1", "wps_state": "2",
9892 "wpa_passphrase": "123456789", "wpa": "2",
9893 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9894 "wps_independent": "1"}
9895 hapd2
= hostapd
.add_ap(apdev
[1], params
)
9896 hapd
.request("WPS_PBC")
9898 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
9899 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
9901 wpas
.flush_scan_cache()
9903 wpas
.scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
9904 wpas
.scan_for_bss(apdev
[1]['bssid'], freq
="2412")
9905 wpas
.request("WPS_PBC")
9906 wpas
.wait_connected()
9907 wpas
.request("DISCONNECT")
9908 hapd
.request("DISABLE")
9909 hapd2
.request("DISABLE")
9910 wpas
.flush_scan_cache()
9912 def test_ap_wps_er_enrollee_to_conf_ap(dev
, apdev
):
9913 """WPS ER enrolling a new device to a configured AP"""
9915 _test_ap_wps_er_enrollee_to_conf_ap(dev
, apdev
)
9917 dev
[0].request("WPS_ER_STOP")
9919 def _test_ap_wps_er_enrollee_to_conf_ap(dev
, apdev
):
9920 ssid
= "wps-er-enrollee-to-conf-ap"
9922 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9923 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9924 "wpa_passphrase": "12345678", "wpa": "2",
9925 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9926 "device_name": "Wireless AP", "manufacturer": "Company",
9927 "model_name": "WAP", "model_number": "123",
9928 "serial_number": "12345", "device_type": "6-0050F204-1",
9929 "os_version": "01020300",
9930 "config_methods": "label push_button",
9931 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
9932 hapd
= hostapd
.add_ap(apdev
[0], params
)
9933 bssid
= hapd
.own_addr()
9935 id = dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
9936 dev
[0].dump_monitor()
9938 dev
[0].request("WPS_ER_START ifname=lo")
9939 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
9941 raise Exception("AP discovery timed out")
9942 if ap_uuid
not in ev
:
9943 raise Exception("Expected AP UUID not found")
9945 pin
= dev
[2].wps_read_pin()
9946 addr2
= dev
[2].own_addr()
9947 dev
[0].dump_monitor()
9948 dev
[2].scan_for_bss(bssid
, freq
=2412)
9949 dev
[2].dump_monitor()
9950 dev
[2].request("WPS_PIN %s %s" % (bssid
, pin
))
9953 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
9955 raise Exception("Enrollee not seen")
9959 raise Exception("Unexpected Enrollee MAC address")
9960 dev
[0].dump_monitor()
9962 dev
[0].request("WPS_ER_SET_CONFIG " + ap_uuid
+ " " + str(id))
9963 dev
[0].request("WPS_ER_PIN " + addr2
+ " " + pin
+ " " + addr2
)
9964 dev
[2].wait_connected(timeout
=30)
9965 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
9967 raise Exception("WPS ER did not report success")
9969 def test_ap_wps_er_enrollee_to_conf_ap2(dev
, apdev
):
9970 """WPS ER enrolling a new device to a configured AP (2)"""
9972 _test_ap_wps_er_enrollee_to_conf_ap2(dev
, apdev
)
9974 dev
[0].request("WPS_ER_STOP")
9976 def _test_ap_wps_er_enrollee_to_conf_ap2(dev
, apdev
):
9977 ssid
= "wps-er-enrollee-to-conf-ap"
9979 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9980 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9981 "wpa_passphrase": "12345678", "wpa": "2",
9982 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9983 "device_name": "Wireless AP", "manufacturer": "Company",
9984 "model_name": "WAP", "model_number": "123",
9985 "serial_number": "12345", "device_type": "6-0050F204-1",
9986 "os_version": "01020300",
9987 "config_methods": "label push_button",
9988 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
9989 hapd
= hostapd
.add_ap(apdev
[0], params
)
9990 bssid
= hapd
.own_addr()
9992 id = dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
9993 dev
[0].dump_monitor()
9995 dev
[0].request("WPS_ER_START ifname=lo")
9996 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
9998 raise Exception("AP discovery timed out")
9999 if ap_uuid
not in ev
:
10000 raise Exception("Expected AP UUID not found")
10002 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
10003 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
10005 raise Exception("AP learn timed out")
10006 if ap_uuid
not in ev
:
10007 raise Exception("Expected AP UUID not in settings")
10008 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
10010 raise Exception("WPS-FAIL after AP learn timed out")
10013 pin
= dev
[1].wps_read_pin()
10014 addr1
= dev
[1].own_addr()
10015 dev
[0].dump_monitor()
10016 dev
[0].request("WPS_ER_PIN any " + pin
)
10018 dev
[1].scan_for_bss(bssid
, freq
=2412)
10019 dev
[1].request("WPS_PIN any %s" % pin
)
10020 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=30)
10022 raise Exception("Enrollee did not report success")
10023 dev
[1].wait_connected(timeout
=15)
10024 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
10026 raise Exception("WPS ER did not report success")
10028 def test_ap_wps_ignore_broadcast_ssid(dev
, apdev
):
10029 """WPS AP trying to ignore broadcast SSID"""
10031 hapd
= hostapd
.add_ap(apdev
[0],
10032 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
10033 "ignore_broadcast_ssid": "1"})
10034 if "FAIL" not in hapd
.request("WPS_PBC"):
10035 raise Exception("WPS unexpectedly enabled")
10037 def test_ap_wps_wep(dev
, apdev
):
10038 """WPS AP trying to enable WEP"""
10040 hapd
= hostapd
.add_ap(apdev
[0],
10041 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
10042 "ieee80211n": "0", "wep_key0": '"hello"'})
10043 if "FAIL" not in hapd
.request("WPS_PBC"):
10044 raise Exception("WPS unexpectedly enabled")
10046 def test_ap_wps_tkip(dev
, apdev
):
10047 """WPS AP trying to enable TKIP"""
10049 hapd
= hostapd
.add_ap(apdev
[0],
10050 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
10051 "ieee80211n": "0", "wpa": '1',
10052 "wpa_key_mgmt": "WPA-PSK",
10053 "wpa_passphrase": "12345678"})
10054 if "FAIL" not in hapd
.request("WPS_PBC"):
10055 raise Exception("WPS unexpectedly enabled")
10057 def test_ap_wps_conf_dummy_cred(dev
, apdev
):
10058 """WPS PIN provisioning with configured AP using dummy cred"""
10059 ssid
= "test-wps-conf"
10060 hapd
= hostapd
.add_ap(apdev
[0],
10061 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10062 "wpa_passphrase": "12345678", "wpa": "2",
10063 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
10064 hapd
.request("WPS_PIN any 12345670")
10065 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
10066 dev
[0].dump_monitor()
10068 hapd
.set("wps_testing_dummy_cred", "1")
10069 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
10070 for i
in range(1, 3):
10071 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=15)
10073 raise Exception("WPS credential %d not received" % i
)
10074 dev
[0].wait_connected(timeout
=30)
10076 hapd
.set("wps_testing_dummy_cred", "0")
10078 def test_ap_wps_rf_bands(dev
, apdev
):
10079 """WPS and wps_rf_bands configuration"""
10080 ssid
= "test-wps-conf"
10081 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10082 "wpa_passphrase": "12345678", "wpa": "2",
10083 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
10084 "wps_rf_bands": "ag"}
10086 hapd
= hostapd
.add_ap(apdev
[0], params
)
10087 bssid
= hapd
.own_addr()
10088 hapd
.request("WPS_PBC")
10089 dev
[0].scan_for_bss(bssid
, freq
="2412")
10090 dev
[0].dump_monitor()
10091 dev
[0].request("WPS_PBC " + bssid
)
10092 dev
[0].wait_connected(timeout
=30)
10093 bss
= dev
[0].get_bss(bssid
)
10094 logger
.info("BSS: " + str(bss
))
10095 if "103c000103" not in bss
['ie']:
10096 raise Exception("RF Bands attribute with expected values not found")
10097 dev
[0].request("DISCONNECT")
10098 dev
[0].wait_disconnected()
10099 hapd
.set("wps_rf_bands", "ad")
10100 hapd
.set("wps_rf_bands", "a")
10101 hapd
.set("wps_rf_bands", "g")
10102 hapd
.set("wps_rf_bands", "b")
10103 hapd
.set("wps_rf_bands", "ga")
10105 dev
[0].dump_monitor()
10106 dev
[0].flush_scan_cache()
10108 def test_ap_wps_pbc_in_m1(dev
, apdev
):
10109 """WPS and pbc_in_m1"""
10110 ssid
= "test-wps-conf"
10111 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10112 "wpa_passphrase": "12345678", "wpa": "2",
10113 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
10114 "config_methods": "virtual_push_button virtual_display",
10117 hapd
= hostapd
.add_ap(apdev
[0], params
)
10118 bssid
= hapd
.own_addr()
10119 hapd
.request("WPS_PBC")
10120 dev
[0].scan_for_bss(bssid
, freq
="2412")
10121 dev
[0].dump_monitor()
10122 dev
[0].request("WPS_PBC " + bssid
)
10123 dev
[0].wait_connected(timeout
=30)
10124 dev
[0].request("DISCONNECT")
10125 dev
[0].wait_disconnected()
10127 dev
[0].dump_monitor()
10128 dev
[0].flush_scan_cache()
10130 def test_ap_wps_pbc_mac_addr_change(dev
, apdev
, params
):
10131 """WPS M1 with MAC address change"""
10132 ssid
= "test-wps-mac-addr-change"
10133 hapd
= hostapd
.add_ap(apdev
[0],
10134 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
10135 hapd
.request("WPS_PBC")
10136 if "PBC Status: Active" not in hapd
.request("WPS_GET_STATUS"):
10137 raise Exception("PBC status not shown correctly")
10138 dev
[0].flush_scan_cache()
10140 test_addr
= '02:11:22:33:44:55'
10141 addr
= dev
[0].get_status_field("address")
10142 if addr
== test_addr
:
10143 raise Exception("Unexpected initial MAC address")
10146 subprocess
.call(['ip', 'link', 'set', 'dev', dev
[0].ifname
, 'down'])
10147 subprocess
.call(['ip', 'link', 'set', 'dev', dev
[0].ifname
, 'address',
10149 subprocess
.call(['ip', 'link', 'set', 'dev', dev
[0].ifname
, 'up'])
10150 addr1
= dev
[0].get_status_field("address")
10151 if addr1
!= test_addr
:
10152 raise Exception("Failed to change MAC address")
10154 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
10155 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
10156 dev
[0].wait_connected(timeout
=30)
10157 status
= dev
[0].get_status()
10158 if status
['wpa_state'] != 'COMPLETED' or \
10159 status
['bssid'] != apdev
[0]['bssid']:
10160 raise Exception("Not fully connected")
10162 out
= run_tshark(os
.path
.join(params
['logdir'], "hwsim0.pcapng"),
10163 "wps.message_type == 0x04",
10164 display
=["wps.mac_address"])
10165 res
= out
.splitlines()
10168 raise Exception("No M1 message with MAC address found")
10169 if res
[0] != addr1
:
10170 raise Exception("Wrong M1 MAC address")
10171 dev
[0].request("DISCONNECT")
10172 dev
[0].wait_disconnected()
10174 dev
[0].dump_monitor()
10175 dev
[0].flush_scan_cache()
10177 # Restore MAC address
10178 subprocess
.call(['ip', 'link', 'set', 'dev', dev
[0].ifname
, 'down'])
10179 subprocess
.call(['ip', 'link', 'set', 'dev', dev
[0].ifname
, 'address',
10181 subprocess
.call(['ip', 'link', 'set', 'dev', dev
[0].ifname
, 'up'])
10183 def test_ap_wps_pin_start_failure(dev
, apdev
):
10184 """WPS_PIN start failure"""
10185 with
alloc_fail(dev
[0], 1, "wpas_wps_start_dev_pw"):
10186 if "FAIL" not in dev
[0].request("WPS_PIN any 12345670"):
10187 raise Exception("WPS_PIN not rejected during OOM")
10188 with
alloc_fail(dev
[0], 1, "wpas_wps_start_dev_pw"):
10189 if "FAIL" not in dev
[0].request("WPS_PIN any"):
10190 raise Exception("WPS_PIN not rejected during OOM")
10192 def test_ap_wps_ap_pin_failure(dev
, apdev
):
10193 """WPS_AP_PIN failure"""
10194 id = dev
[0].add_network()
10195 dev
[0].set_network(id, "mode", "2")
10196 dev
[0].set_network_quoted(id, "ssid", "wpas-ap-wps")
10197 dev
[0].set_network_quoted(id, "psk", "1234567890")
10198 dev
[0].set_network(id, "frequency", "2412")
10199 dev
[0].set_network(id, "scan_freq", "2412")
10200 dev
[0].select_network(id)
10201 dev
[0].wait_connected()
10203 with
fail_test(dev
[0], 1,
10204 "os_get_random;wpa_supplicant_ctrl_iface_wps_ap_pin"):
10205 if "FAIL" not in dev
[0].request("WPS_AP_PIN random"):
10206 raise Exception("WPS_AP_PIN random accepted")
10207 with
alloc_fail(dev
[0], 1, "wpas_wps_ap_pin_set"):
10208 if "FAIL" not in dev
[0].request("WPS_AP_PIN set 12345670"):
10209 raise Exception("WPS_AP_PIN set accepted")
10211 dev
[0].request("DISCONNECT")
10212 dev
[0].wait_disconnected()
10214 def test_ap_wps_random_uuid(dev
, apdev
, params
):
10215 """WPS and random UUID on Enrollee"""
10216 ssid
= "test-wps-conf"
10217 hapd
= hostapd
.add_ap(apdev
[0],
10218 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10219 "wpa_passphrase": "12345678", "wpa": "2",
10220 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
10222 config
= os
.path
.join(params
['logdir'], 'ap_wps_random_uuid.conf')
10223 with
open(config
, "w") as f
:
10224 f
.write("auto_uuid=1\n")
10226 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
10230 wpas
.interface_add("wlan5", config
=config
)
10232 wpas
.scan_for_bss(apdev
[0]['bssid'], freq
="2412")
10233 wpas
.dump_monitor()
10234 wpas
.request("WPS_PBC " + apdev
[0]['bssid'])
10236 ev
= hapd
.wait_event(["WPS-ENROLLEE-SEEN"], timeout
=10)
10238 raise Exception("Enrollee not seen")
10239 uuid
.append(ev
.split(' ')[2])
10240 wpas
.request("WPS_CANCEL")
10241 wpas
.dump_monitor()
10243 wpas
.interface_remove("wlan5")
10245 hapd
.dump_monitor()
10247 logger
.info("Seen UUIDs: " + str(uuid
))
10248 if uuid
[0] == uuid
[1] or uuid
[0] == uuid
[2] or uuid
[1] == uuid
[2]:
10249 raise Exception("Same UUID used multiple times")
10251 def test_ap_wps_conf_pin_gcmp_128(dev
, apdev
):
10252 """WPS PIN provisioning with configured AP using GCMP-128"""
10253 run_ap_wps_conf_pin_cipher(dev
, apdev
, "GCMP")
10255 def test_ap_wps_conf_pin_gcmp_256(dev
, apdev
):
10256 """WPS PIN provisioning with configured AP using GCMP-256"""
10257 run_ap_wps_conf_pin_cipher(dev
, apdev
, "GCMP-256")
10259 def test_ap_wps_conf_pin_ccmp_256(dev
, apdev
):
10260 """WPS PIN provisioning with configured AP using CCMP-256"""
10261 run_ap_wps_conf_pin_cipher(dev
, apdev
, "CCMP-256")
10263 def run_ap_wps_conf_pin_cipher(dev
, apdev
, cipher
):
10264 if cipher
not in dev
[0].get_capability("pairwise"):
10265 raise HwsimSkip("Cipher %s not supported" % cipher
)
10266 ssid
= "test-wps-conf-pin"
10267 hapd
= hostapd
.add_ap(apdev
[0],
10268 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10269 "wpa_passphrase": "12345678", "wpa": "2",
10270 "wpa_key_mgmt": "WPA-PSK",
10271 "rsn_pairwise": cipher
})
10272 logger
.info("WPS provisioning step")
10273 pin
= dev
[0].wps_read_pin()
10274 hapd
.request("WPS_PIN any " + pin
)
10275 dev
[0].flush_scan_cache()
10276 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
10277 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
10278 dev
[0].wait_connected(timeout
=15)
10280 def test_ap_wps_and_sae(dev
, apdev
):
10281 """Initial AP configuration with first WPS Enrollee and adding SAE"""
10283 run_ap_wps_and_sae(dev
, apdev
)
10285 dev
[0].set("wps_cred_add_sae", "0")
10287 def run_ap_wps_and_sae(dev
, apdev
):
10288 check_sae_capab(dev
[0])
10289 ssid
= "test-wps-sae"
10290 hapd
= hostapd
.add_ap(apdev
[0],
10291 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
10292 "wps_cred_add_sae": "1"})
10293 logger
.info("WPS provisioning step")
10294 pin
= dev
[0].wps_read_pin()
10295 hapd
.request("WPS_PIN any " + pin
)
10297 dev
[0].set("wps_cred_add_sae", "1")
10298 dev
[0].request("SET sae_groups ")
10299 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
10300 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " " + pin
)
10301 dev
[0].wait_connected(timeout
=30)
10302 status
= dev
[0].get_status()
10303 if status
['key_mgmt'] != "SAE":
10304 raise Exception("SAE not used")
10305 if 'pmf' not in status
or status
['pmf'] != "1":
10306 raise Exception("PMF not enabled")
10308 pin
= dev
[1].wps_read_pin()
10309 hapd
.request("WPS_PIN any " + pin
)
10310 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
10311 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " " + pin
)
10312 dev
[1].wait_connected(timeout
=30)
10313 status
= dev
[1].get_status()
10314 if status
['key_mgmt'] != "WPA2-PSK":
10315 raise Exception("WPA2-PSK not used")
10316 if 'pmf' in status
:
10317 raise Exception("PMF enabled")
10319 def test_ap_wps_conf_and_sae(dev
, apdev
):
10320 """WPS PBC provisioning with configured AP using PSK+SAE"""
10322 run_ap_wps_conf_and_sae(dev
, apdev
)
10324 dev
[0].set("wps_cred_add_sae", "0")
10326 def run_ap_wps_conf_and_sae(dev
, apdev
):
10327 check_sae_capab(dev
[0])
10328 ssid
= "test-wps-conf-sae"
10329 hapd
= hostapd
.add_ap(apdev
[0],
10330 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10331 "wpa_passphrase": "12345678", "wpa": "2",
10332 "ieee80211w": "1", "sae_require_mfp": "1",
10333 "wpa_key_mgmt": "WPA-PSK SAE",
10334 "rsn_pairwise": "CCMP"})
10336 dev
[0].set("wps_cred_add_sae", "1")
10337 dev
[0].request("SET sae_groups ")
10338 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
10339 pin
= dev
[0].wps_read_pin()
10340 hapd
.request("WPS_PIN any " + pin
)
10341 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " " + pin
)
10342 dev
[0].wait_connected(timeout
=30)
10343 status
= dev
[0].get_status()
10344 if status
['key_mgmt'] != "SAE":
10345 raise Exception("SAE not used")
10346 if 'pmf' not in status
or status
['pmf'] != "1":
10347 raise Exception("PMF not enabled")
10349 dev
[1].connect(ssid
, psk
="12345678", scan_freq
="2412", proto
="WPA2",
10350 key_mgmt
="WPA-PSK", ieee80211w
="0")
10352 def test_ap_wps_reg_config_and_sae(dev
, apdev
):
10353 """WPS registrar configuring an AP using AP PIN and using PSK+SAE"""
10355 run_ap_wps_reg_config_and_sae(dev
, apdev
)
10357 dev
[0].set("wps_cred_add_sae", "0")
10359 def run_ap_wps_reg_config_and_sae(dev
, apdev
):
10360 check_sae_capab(dev
[0])
10361 ssid
= "test-wps-init-ap-pin-sae"
10363 hostapd
.add_ap(apdev
[0],
10364 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10365 "ap_pin": appin
, "wps_cred_add_sae": "1"})
10366 logger
.info("WPS configuration step")
10367 dev
[0].flush_scan_cache()
10368 dev
[0].set("wps_cred_add_sae", "1")
10369 dev
[0].request("SET sae_groups ")
10370 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
10371 dev
[0].dump_monitor()
10372 new_ssid
= "wps-new-ssid"
10373 new_passphrase
= "1234567890"
10374 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
10376 status
= dev
[0].get_status()
10377 if status
['key_mgmt'] != "SAE":
10378 raise Exception("SAE not used")
10379 if 'pmf' not in status
or status
['pmf'] != "1":
10380 raise Exception("PMF not enabled")
10382 dev
[1].connect(new_ssid
, psk
=new_passphrase
, scan_freq
="2412", proto
="WPA2",
10383 key_mgmt
="WPA-PSK", ieee80211w
="0")
10385 def test_ap_wps_appl_ext(dev
, apdev
):
10386 """WPS Application Extension attribute"""
10387 ssid
= "test-wps-conf"
10388 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10389 "wps_application_ext": 16*"11" + 5*"ee",
10390 "wpa_passphrase": "12345678", "wpa": "2",
10391 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
10392 hapd
= hostapd
.add_ap(apdev
[0], params
)
10393 pin
= dev
[0].wps_read_pin()
10394 hapd
.request("WPS_PIN any " + pin
)
10395 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
10396 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
10397 dev
[0].wait_connected(timeout
=30)