test_ap_wps.py 69 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673
  1. # WPS tests
  2. # Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
  3. #
  4. # This software may be distributed under the terms of the BSD license.
  5. # See README for more details.
  6. import os
  7. import time
  8. import subprocess
  9. import logging
  10. logger = logging.getLogger()
  11. import re
  12. import socket
  13. import httplib
  14. import urlparse
  15. import urllib
  16. import xml.etree.ElementTree as ET
  17. import StringIO
  18. import hwsim_utils
  19. import hostapd
  20. def test_ap_wps_init(dev, apdev):
  21. """Initial AP configuration with first WPS Enrollee"""
  22. ssid = "test-wps"
  23. hostapd.add_ap(apdev[0]['ifname'],
  24. { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
  25. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  26. logger.info("WPS provisioning step")
  27. hapd.request("WPS_PBC")
  28. if "PBC Status: Active" not in hapd.request("WPS_GET_STATUS"):
  29. raise Exception("PBC status not shown correctly")
  30. dev[0].dump_monitor()
  31. dev[0].request("WPS_PBC")
  32. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  33. if ev is None:
  34. raise Exception("Association with the AP timed out")
  35. status = dev[0].get_status()
  36. if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
  37. raise Exception("Not fully connected")
  38. if status['ssid'] != ssid:
  39. raise Exception("Unexpected SSID")
  40. if status['pairwise_cipher'] != 'CCMP':
  41. raise Exception("Unexpected encryption configuration")
  42. if status['key_mgmt'] != 'WPA2-PSK':
  43. raise Exception("Unexpected key_mgmt")
  44. status = hapd.request("WPS_GET_STATUS")
  45. if "PBC Status: Disabled" not in status:
  46. raise Exception("PBC status not shown correctly")
  47. if "Last WPS result: Success" not in status:
  48. raise Exception("Last WPS result not shown correctly")
  49. if "Peer Address: " + dev[0].p2p_interface_addr() not in status:
  50. raise Exception("Peer address not shown correctly")
  51. conf = hapd.request("GET_CONFIG")
  52. if "wps_state=configured" not in conf:
  53. raise Exception("AP not in WPS configured state")
  54. if "rsn_pairwise_cipher=CCMP TKIP" not in conf:
  55. raise Exception("Unexpected rsn_pairwise_cipher")
  56. if "wpa_pairwise_cipher=CCMP TKIP" not in conf:
  57. raise Exception("Unexpected wpa_pairwise_cipher")
  58. if "group_cipher=TKIP" not in conf:
  59. raise Exception("Unexpected group_cipher")
  60. def test_ap_wps_init_2ap_pbc(dev, apdev):
  61. """Initial two-radio AP configuration with first WPS PBC Enrollee"""
  62. ssid = "test-wps"
  63. params = { "ssid": ssid, "eap_server": "1", "wps_state": "1" }
  64. hostapd.add_ap(apdev[0]['ifname'], params)
  65. hostapd.add_ap(apdev[1]['ifname'], params)
  66. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  67. logger.info("WPS provisioning step")
  68. hapd.request("WPS_PBC")
  69. dev[0].scan(freq="2412")
  70. bss = dev[0].get_bss(apdev[0]['bssid'])
  71. if "[WPS-PBC]" not in bss['flags']:
  72. raise Exception("WPS-PBC flag missing from AP1")
  73. bss = dev[0].get_bss(apdev[1]['bssid'])
  74. if "[WPS-PBC]" not in bss['flags']:
  75. raise Exception("WPS-PBC flag missing from AP2")
  76. dev[0].dump_monitor()
  77. dev[0].request("WPS_PBC")
  78. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  79. if ev is None:
  80. raise Exception("Association with the AP timed out")
  81. dev[1].scan(freq="2412")
  82. bss = dev[1].get_bss(apdev[0]['bssid'])
  83. if "[WPS-PBC]" in bss['flags']:
  84. raise Exception("WPS-PBC flag not cleared from AP1")
  85. bss = dev[1].get_bss(apdev[1]['bssid'])
  86. if "[WPS-PBC]" in bss['flags']:
  87. raise Exception("WPS-PBC flag bit ckeared from AP2")
  88. def test_ap_wps_init_2ap_pin(dev, apdev):
  89. """Initial two-radio AP configuration with first WPS PIN Enrollee"""
  90. ssid = "test-wps"
  91. params = { "ssid": ssid, "eap_server": "1", "wps_state": "1" }
  92. hostapd.add_ap(apdev[0]['ifname'], params)
  93. hostapd.add_ap(apdev[1]['ifname'], params)
  94. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  95. logger.info("WPS provisioning step")
  96. pin = dev[0].wps_read_pin()
  97. hapd.request("WPS_PIN any " + pin)
  98. dev[0].scan(freq="2412")
  99. bss = dev[0].get_bss(apdev[0]['bssid'])
  100. if "[WPS-AUTH]" not in bss['flags']:
  101. raise Exception("WPS-AUTH flag missing from AP1")
  102. bss = dev[0].get_bss(apdev[1]['bssid'])
  103. if "[WPS-AUTH]" not in bss['flags']:
  104. raise Exception("WPS-AUTH flag missing from AP2")
  105. dev[0].dump_monitor()
  106. dev[0].request("WPS_PIN any " + pin)
  107. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  108. if ev is None:
  109. raise Exception("Association with the AP timed out")
  110. dev[1].scan(freq="2412")
  111. bss = dev[1].get_bss(apdev[0]['bssid'])
  112. if "[WPS-AUTH]" in bss['flags']:
  113. raise Exception("WPS-AUTH flag not cleared from AP1")
  114. bss = dev[1].get_bss(apdev[1]['bssid'])
  115. if "[WPS-AUTH]" in bss['flags']:
  116. raise Exception("WPS-AUTH flag bit ckeared from AP2")
  117. def test_ap_wps_init_through_wps_config(dev, apdev):
  118. """Initial AP configuration using wps_config command"""
  119. ssid = "test-wps-init-config"
  120. hostapd.add_ap(apdev[0]['ifname'],
  121. { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
  122. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  123. if "FAIL" in hapd.request("WPS_CONFIG " + ssid.encode("hex") + " WPA2PSK CCMP " + "12345678".encode("hex")):
  124. raise Exception("WPS_CONFIG command failed")
  125. ev = hapd.wait_event(["WPS-NEW-AP-SETTINGS"], timeout=5)
  126. if ev is None:
  127. raise Exception("Timeout on WPS-NEW-AP-SETTINGS events")
  128. # It takes some time for the AP to update Beacon and Probe Response frames,
  129. # so wait here before requesting the scan to be started to avoid adding
  130. # extra five second wait to the test due to fetching obsolete scan results.
  131. hapd.ping()
  132. time.sleep(0.2)
  133. dev[0].connect(ssid, psk="12345678", scan_freq="2412", proto="WPA2",
  134. pairwise="CCMP", group="CCMP")
  135. def test_ap_wps_conf(dev, apdev):
  136. """WPS PBC provisioning with configured AP"""
  137. ssid = "test-wps-conf"
  138. hostapd.add_ap(apdev[0]['ifname'],
  139. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  140. "wpa_passphrase": "12345678", "wpa": "2",
  141. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
  142. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  143. logger.info("WPS provisioning step")
  144. hapd.request("WPS_PBC")
  145. dev[0].dump_monitor()
  146. dev[0].request("WPS_PBC")
  147. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  148. if ev is None:
  149. raise Exception("Association with the AP timed out")
  150. status = dev[0].get_status()
  151. if status['wpa_state'] != 'COMPLETED':
  152. raise Exception("Not fully connected")
  153. if status['bssid'] != apdev[0]['bssid']:
  154. raise Exception("Unexpected BSSID")
  155. if status['ssid'] != ssid:
  156. raise Exception("Unexpected SSID")
  157. if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
  158. raise Exception("Unexpected encryption configuration")
  159. if status['key_mgmt'] != 'WPA2-PSK':
  160. raise Exception("Unexpected key_mgmt")
  161. sta = hapd.get_sta(dev[0].p2p_interface_addr())
  162. if 'wpsDeviceName' not in sta or sta['wpsDeviceName'] != "Device A":
  163. raise Exception("Device name not available in STA command")
  164. def test_ap_wps_twice(dev, apdev):
  165. """WPS provisioning with twice to change passphrase"""
  166. ssid = "test-wps-twice"
  167. params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  168. "wpa_passphrase": "12345678", "wpa": "2",
  169. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }
  170. hostapd.add_ap(apdev[0]['ifname'], params)
  171. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  172. logger.info("WPS provisioning step")
  173. hapd.request("WPS_PBC")
  174. dev[0].dump_monitor()
  175. dev[0].request("WPS_PBC")
  176. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  177. if ev is None:
  178. raise Exception("Association with the AP timed out")
  179. dev[0].request("DISCONNECT")
  180. logger.info("Restart AP with different passphrase and re-run WPS")
  181. hapd_global = hostapd.HostapdGlobal()
  182. hapd_global.remove(apdev[0]['ifname'])
  183. params['wpa_passphrase'] = 'another passphrase'
  184. hostapd.add_ap(apdev[0]['ifname'], params)
  185. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  186. logger.info("WPS provisioning step")
  187. hapd.request("WPS_PBC")
  188. dev[0].dump_monitor()
  189. dev[0].request("WPS_PBC")
  190. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  191. if ev is None:
  192. raise Exception("Association with the AP timed out")
  193. networks = dev[0].list_networks()
  194. if len(networks) > 1:
  195. raise Exception("Unexpected duplicated network block present")
  196. def test_ap_wps_incorrect_pin(dev, apdev):
  197. """WPS PIN provisioning with incorrect PIN"""
  198. ssid = "test-wps-incorrect-pin"
  199. hostapd.add_ap(apdev[0]['ifname'],
  200. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  201. "wpa_passphrase": "12345678", "wpa": "2",
  202. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
  203. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  204. logger.info("WPS provisioning attempt 1")
  205. hapd.request("WPS_PIN any 12345670")
  206. dev[0].dump_monitor()
  207. dev[0].request("WPS_PIN any 55554444")
  208. ev = dev[0].wait_event(["WPS-FAIL"], timeout=30)
  209. if ev is None:
  210. raise Exception("WPS operation timed out")
  211. if "config_error=18" not in ev:
  212. raise Exception("Incorrect config_error reported")
  213. if "msg=8" not in ev:
  214. raise Exception("PIN error detected on incorrect message")
  215. ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
  216. if ev is None:
  217. raise Exception("Timeout on disconnection event")
  218. dev[0].request("WPS_CANCEL")
  219. # if a scan was in progress, wait for it to complete before trying WPS again
  220. ev = dev[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
  221. status = hapd.request("WPS_GET_STATUS")
  222. if "Last WPS result: Failed" not in status:
  223. raise Exception("WPS failure result not shown correctly")
  224. logger.info("WPS provisioning attempt 2")
  225. hapd.request("WPS_PIN any 12345670")
  226. dev[0].dump_monitor()
  227. dev[0].request("WPS_PIN any 12344444")
  228. ev = dev[0].wait_event(["WPS-FAIL"], timeout=30)
  229. if ev is None:
  230. raise Exception("WPS operation timed out")
  231. if "config_error=18" not in ev:
  232. raise Exception("Incorrect config_error reported")
  233. if "msg=10" not in ev:
  234. raise Exception("PIN error detected on incorrect message")
  235. ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
  236. if ev is None:
  237. raise Exception("Timeout on disconnection event")
  238. def test_ap_wps_conf_pin(dev, apdev):
  239. """WPS PIN provisioning with configured AP"""
  240. ssid = "test-wps-conf-pin"
  241. hostapd.add_ap(apdev[0]['ifname'],
  242. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  243. "wpa_passphrase": "12345678", "wpa": "2",
  244. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
  245. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  246. logger.info("WPS provisioning step")
  247. pin = dev[0].wps_read_pin()
  248. hapd.request("WPS_PIN any " + pin)
  249. dev[0].dump_monitor()
  250. dev[0].request("WPS_PIN any " + pin)
  251. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  252. if ev is None:
  253. raise Exception("Association with the AP timed out")
  254. status = dev[0].get_status()
  255. if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
  256. raise Exception("Not fully connected")
  257. if status['ssid'] != ssid:
  258. raise Exception("Unexpected SSID")
  259. if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
  260. raise Exception("Unexpected encryption configuration")
  261. if status['key_mgmt'] != 'WPA2-PSK':
  262. raise Exception("Unexpected key_mgmt")
  263. dev[1].scan(freq="2412")
  264. bss = dev[1].get_bss(apdev[0]['bssid'])
  265. if "[WPS-AUTH]" in bss['flags']:
  266. raise Exception("WPS-AUTH flag not cleared")
  267. logger.info("Try to connect from another station using the same PIN")
  268. dev[1].request("WPS_PIN any " + pin)
  269. ev = dev[1].wait_event(["WPS-M2D","CTRL-EVENT-CONNECTED"], timeout=30)
  270. if ev is None:
  271. raise Exception("Operation timed out")
  272. if "WPS-M2D" not in ev:
  273. raise Exception("Unexpected WPS operation started")
  274. def test_ap_wps_conf_pin_2sta(dev, apdev):
  275. """Two stations trying to use WPS PIN at the same time"""
  276. ssid = "test-wps-conf-pin2"
  277. hostapd.add_ap(apdev[0]['ifname'],
  278. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  279. "wpa_passphrase": "12345678", "wpa": "2",
  280. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
  281. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  282. logger.info("WPS provisioning step")
  283. pin = "12345670"
  284. pin2 = "55554444"
  285. hapd.request("WPS_PIN " + dev[0].get_status_field("uuid") + " " + pin)
  286. hapd.request("WPS_PIN " + dev[1].get_status_field("uuid") + " " + pin)
  287. dev[0].dump_monitor()
  288. dev[1].dump_monitor()
  289. dev[0].request("WPS_PIN any " + pin)
  290. dev[1].request("WPS_PIN any " + pin)
  291. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  292. if ev is None:
  293. raise Exception("Association with the AP timed out")
  294. ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  295. if ev is None:
  296. raise Exception("Association with the AP timed out")
  297. def test_ap_wps_reg_connect(dev, apdev):
  298. """WPS registrar using AP PIN to connect"""
  299. ssid = "test-wps-reg-ap-pin"
  300. appin = "12345670"
  301. hostapd.add_ap(apdev[0]['ifname'],
  302. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  303. "wpa_passphrase": "12345678", "wpa": "2",
  304. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
  305. "ap_pin": appin})
  306. logger.info("WPS provisioning step")
  307. dev[0].dump_monitor()
  308. dev[0].wps_reg(apdev[0]['bssid'], appin)
  309. status = dev[0].get_status()
  310. if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
  311. raise Exception("Not fully connected")
  312. if status['ssid'] != ssid:
  313. raise Exception("Unexpected SSID")
  314. if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
  315. raise Exception("Unexpected encryption configuration")
  316. if status['key_mgmt'] != 'WPA2-PSK':
  317. raise Exception("Unexpected key_mgmt")
  318. def check_wps_reg_failure(dev, ap, appin):
  319. dev.request("WPS_REG " + ap['bssid'] + " " + appin)
  320. ev = dev.wait_event(["WPS-SUCCESS", "WPS-FAIL"], timeout=15)
  321. if ev is None:
  322. raise Exception("WPS operation timed out")
  323. if "WPS-SUCCESS" in ev:
  324. raise Exception("WPS operation succeeded unexpectedly")
  325. if "config_error=15" not in ev:
  326. raise Exception("WPS setup locked state was not reported correctly")
  327. def test_ap_wps_random_ap_pin(dev, apdev):
  328. """WPS registrar using random AP PIN"""
  329. ssid = "test-wps-reg-random-ap-pin"
  330. ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
  331. hostapd.add_ap(apdev[0]['ifname'],
  332. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  333. "wpa_passphrase": "12345678", "wpa": "2",
  334. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
  335. "device_name": "Wireless AP", "manufacturer": "Company",
  336. "model_name": "WAP", "model_number": "123",
  337. "serial_number": "12345", "device_type": "6-0050F204-1",
  338. "os_version": "01020300",
  339. "config_methods": "label push_button",
  340. "uuid": ap_uuid, "upnp_iface": "lo" })
  341. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  342. appin = hapd.request("WPS_AP_PIN random")
  343. if "FAIL" in appin:
  344. raise Exception("Could not generate random AP PIN")
  345. if appin not in hapd.request("WPS_AP_PIN get"):
  346. raise Exception("Could not fetch current AP PIN")
  347. logger.info("WPS provisioning step")
  348. dev[0].wps_reg(apdev[0]['bssid'], appin)
  349. hapd.request("WPS_AP_PIN disable")
  350. logger.info("WPS provisioning step with AP PIN disabled")
  351. check_wps_reg_failure(dev[1], apdev[0], appin)
  352. logger.info("WPS provisioning step with AP PIN reset")
  353. appin = "12345670"
  354. hapd.request("WPS_AP_PIN set " + appin)
  355. dev[1].wps_reg(apdev[0]['bssid'], appin)
  356. dev[0].request("REMOVE_NETWORK all")
  357. dev[1].request("REMOVE_NETWORK all")
  358. dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
  359. dev[1].wait_event(["CTRL-EVENT-DISCONNECTED"])
  360. logger.info("WPS provisioning step after AP PIN timeout")
  361. hapd.request("WPS_AP_PIN disable")
  362. appin = hapd.request("WPS_AP_PIN random 1")
  363. time.sleep(1.1)
  364. if "FAIL" not in hapd.request("WPS_AP_PIN get"):
  365. raise Exception("AP PIN unexpectedly still enabled")
  366. check_wps_reg_failure(dev[0], apdev[0], appin)
  367. logger.info("WPS provisioning step after AP PIN timeout(2)")
  368. hapd.request("WPS_AP_PIN disable")
  369. appin = "12345670"
  370. hapd.request("WPS_AP_PIN set " + appin + " 1")
  371. time.sleep(1.1)
  372. if "FAIL" not in hapd.request("WPS_AP_PIN get"):
  373. raise Exception("AP PIN unexpectedly still enabled")
  374. check_wps_reg_failure(dev[1], apdev[0], appin)
  375. def test_ap_wps_reg_config(dev, apdev):
  376. """WPS registrar configuring and AP using AP PIN"""
  377. ssid = "test-wps-init-ap-pin"
  378. appin = "12345670"
  379. hostapd.add_ap(apdev[0]['ifname'],
  380. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  381. "ap_pin": appin})
  382. logger.info("WPS configuration step")
  383. dev[0].dump_monitor()
  384. new_ssid = "wps-new-ssid"
  385. new_passphrase = "1234567890"
  386. dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPA2PSK", "CCMP",
  387. new_passphrase)
  388. status = dev[0].get_status()
  389. if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
  390. raise Exception("Not fully connected")
  391. if status['ssid'] != new_ssid:
  392. raise Exception("Unexpected SSID")
  393. if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
  394. raise Exception("Unexpected encryption configuration")
  395. if status['key_mgmt'] != 'WPA2-PSK':
  396. raise Exception("Unexpected key_mgmt")
  397. def test_ap_wps_reg_config_tkip(dev, apdev):
  398. """WPS registrar configuring AP to use TKIP and AP upgrading to TKIP+CCMP"""
  399. ssid = "test-wps-init-ap"
  400. appin = "12345670"
  401. hostapd.add_ap(apdev[0]['ifname'],
  402. { "ssid": ssid, "eap_server": "1", "wps_state": "1",
  403. "ap_pin": appin})
  404. logger.info("WPS configuration step")
  405. dev[0].request("SET wps_version_number 0x10")
  406. dev[0].dump_monitor()
  407. new_ssid = "wps-new-ssid-with-tkip"
  408. new_passphrase = "1234567890"
  409. dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPAPSK", "TKIP",
  410. new_passphrase)
  411. logger.info("Re-connect to verify WPA2 mixed mode")
  412. dev[0].request("DISCONNECT")
  413. id = 0
  414. dev[0].set_network(id, "pairwise", "CCMP")
  415. dev[0].set_network(id, "proto", "RSN")
  416. dev[0].connect_network(id)
  417. status = dev[0].get_status()
  418. if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
  419. raise Exception("Not fully connected")
  420. if status['ssid'] != new_ssid:
  421. raise Exception("Unexpected SSID")
  422. if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP':
  423. raise Exception("Unexpected encryption configuration")
  424. if status['key_mgmt'] != 'WPA2-PSK':
  425. raise Exception("Unexpected key_mgmt")
  426. def test_ap_wps_setup_locked(dev, apdev):
  427. """WPS registrar locking up AP setup on AP PIN failures"""
  428. ssid = "test-wps-incorrect-ap-pin"
  429. appin = "12345670"
  430. hostapd.add_ap(apdev[0]['ifname'],
  431. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  432. "wpa_passphrase": "12345678", "wpa": "2",
  433. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
  434. "ap_pin": appin})
  435. new_ssid = "wps-new-ssid-test"
  436. new_passphrase = "1234567890"
  437. ap_setup_locked=False
  438. for pin in ["55554444", "1234", "12345678", "00000000", "11111111"]:
  439. dev[0].dump_monitor()
  440. logger.info("Try incorrect AP PIN - attempt " + pin)
  441. dev[0].wps_reg(apdev[0]['bssid'], pin, new_ssid, "WPA2PSK",
  442. "CCMP", new_passphrase, no_wait=True)
  443. ev = dev[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
  444. if ev is None:
  445. raise Exception("Timeout on receiving WPS operation failure event")
  446. if "CTRL-EVENT-CONNECTED" in ev:
  447. raise Exception("Unexpected connection")
  448. if "config_error=15" in ev:
  449. logger.info("AP Setup Locked")
  450. ap_setup_locked=True
  451. elif "config_error=18" not in ev:
  452. raise Exception("config_error=18 not reported")
  453. ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
  454. if ev is None:
  455. raise Exception("Timeout on disconnection event")
  456. time.sleep(0.1)
  457. if not ap_setup_locked:
  458. raise Exception("AP setup was not locked")
  459. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  460. status = hapd.request("WPS_GET_STATUS")
  461. if "Last WPS result: Failed" not in status:
  462. raise Exception("WPS failure result not shown correctly")
  463. if "Peer Address: " + dev[0].p2p_interface_addr() not in status:
  464. raise Exception("Peer address not shown correctly")
  465. time.sleep(0.5)
  466. dev[0].dump_monitor()
  467. logger.info("WPS provisioning step")
  468. pin = dev[0].wps_read_pin()
  469. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  470. hapd.request("WPS_PIN any " + pin)
  471. dev[0].request("WPS_PIN any " + pin)
  472. ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=30)
  473. if ev is None:
  474. raise Exception("WPS success was not reported")
  475. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  476. if ev is None:
  477. raise Exception("Association with the AP timed out")
  478. def test_ap_wps_pbc_overlap_2ap(dev, apdev):
  479. """WPS PBC session overlap with two active APs"""
  480. hostapd.add_ap(apdev[0]['ifname'],
  481. { "ssid": "wps1", "eap_server": "1", "wps_state": "2",
  482. "wpa_passphrase": "12345678", "wpa": "2",
  483. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
  484. "wps_independent": "1"})
  485. hostapd.add_ap(apdev[1]['ifname'],
  486. { "ssid": "wps2", "eap_server": "1", "wps_state": "2",
  487. "wpa_passphrase": "123456789", "wpa": "2",
  488. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
  489. "wps_independent": "1"})
  490. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  491. hapd.request("WPS_PBC")
  492. hapd2 = hostapd.Hostapd(apdev[1]['ifname'])
  493. hapd2.request("WPS_PBC")
  494. logger.info("WPS provisioning step")
  495. dev[0].dump_monitor()
  496. dev[0].request("WPS_PBC")
  497. ev = dev[0].wait_event(["WPS-OVERLAP-DETECTED"], timeout=15)
  498. if ev is None:
  499. raise Exception("PBC session overlap not detected")
  500. def test_ap_wps_pbc_overlap_2sta(dev, apdev):
  501. """WPS PBC session overlap with two active STAs"""
  502. ssid = "test-wps-pbc-overlap"
  503. hostapd.add_ap(apdev[0]['ifname'],
  504. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  505. "wpa_passphrase": "12345678", "wpa": "2",
  506. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
  507. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  508. logger.info("WPS provisioning step")
  509. hapd.request("WPS_PBC")
  510. dev[0].dump_monitor()
  511. dev[1].dump_monitor()
  512. dev[0].request("WPS_PBC")
  513. dev[1].request("WPS_PBC")
  514. ev = dev[0].wait_event(["WPS-M2D"], timeout=15)
  515. if ev is None:
  516. raise Exception("PBC session overlap not detected (dev0)")
  517. if "config_error=12" not in ev:
  518. raise Exception("PBC session overlap not correctly reported (dev0)")
  519. ev = dev[1].wait_event(["WPS-M2D"], timeout=15)
  520. if ev is None:
  521. raise Exception("PBC session overlap not detected (dev1)")
  522. if "config_error=12" not in ev:
  523. raise Exception("PBC session overlap not correctly reported (dev1)")
  524. hapd.request("WPS_CANCEL")
  525. ret = hapd.request("WPS_PBC")
  526. if "FAIL" not in ret:
  527. raise Exception("PBC mode allowed to be started while PBC overlap still active")
  528. def test_ap_wps_cancel(dev, apdev):
  529. """WPS AP cancelling enabled config method"""
  530. ssid = "test-wps-ap-cancel"
  531. hostapd.add_ap(apdev[0]['ifname'],
  532. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  533. "wpa_passphrase": "12345678", "wpa": "2",
  534. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
  535. bssid = apdev[0]['bssid']
  536. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  537. logger.info("Verify PBC enable/cancel")
  538. hapd.request("WPS_PBC")
  539. dev[0].scan(freq="2412")
  540. bss = dev[0].get_bss(apdev[0]['bssid'])
  541. if "[WPS-PBC]" not in bss['flags']:
  542. raise Exception("WPS-PBC flag missing")
  543. if "FAIL" in hapd.request("WPS_CANCEL"):
  544. raise Exception("WPS_CANCEL failed")
  545. dev[0].scan(freq="2412")
  546. bss = dev[0].get_bss(apdev[0]['bssid'])
  547. if "[WPS-PBC]" in bss['flags']:
  548. raise Exception("WPS-PBC flag not cleared")
  549. logger.info("Verify PIN enable/cancel")
  550. hapd.request("WPS_PIN any 12345670")
  551. dev[0].scan(freq="2412")
  552. bss = dev[0].get_bss(apdev[0]['bssid'])
  553. if "[WPS-AUTH]" not in bss['flags']:
  554. raise Exception("WPS-AUTH flag missing")
  555. if "FAIL" in hapd.request("WPS_CANCEL"):
  556. raise Exception("WPS_CANCEL failed")
  557. dev[0].scan(freq="2412")
  558. bss = dev[0].get_bss(apdev[0]['bssid'])
  559. if "[WPS-AUTH]" in bss['flags']:
  560. raise Exception("WPS-AUTH flag not cleared")
  561. def test_ap_wps_er_add_enrollee(dev, apdev):
  562. """WPS ER configuring AP and adding a new enrollee using PIN"""
  563. ssid = "wps-er-add-enrollee"
  564. ap_pin = "12345670"
  565. ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
  566. hostapd.add_ap(apdev[0]['ifname'],
  567. { "ssid": ssid, "eap_server": "1", "wps_state": "1",
  568. "device_name": "Wireless AP", "manufacturer": "Company",
  569. "model_name": "WAP", "model_number": "123",
  570. "serial_number": "12345", "device_type": "6-0050F204-1",
  571. "os_version": "01020300",
  572. "config_methods": "label push_button",
  573. "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
  574. logger.info("WPS configuration step")
  575. new_passphrase = "1234567890"
  576. dev[0].dump_monitor()
  577. dev[0].wps_reg(apdev[0]['bssid'], ap_pin, ssid, "WPA2PSK", "CCMP",
  578. new_passphrase)
  579. status = dev[0].get_status()
  580. if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
  581. raise Exception("Not fully connected")
  582. if status['ssid'] != ssid:
  583. raise Exception("Unexpected SSID")
  584. if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
  585. raise Exception("Unexpected encryption configuration")
  586. if status['key_mgmt'] != 'WPA2-PSK':
  587. raise Exception("Unexpected key_mgmt")
  588. logger.info("Start ER")
  589. dev[0].request("WPS_ER_START ifname=lo")
  590. ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
  591. if ev is None:
  592. raise Exception("AP discovery timed out")
  593. if ap_uuid not in ev:
  594. raise Exception("Expected AP UUID not found")
  595. logger.info("Learn AP configuration through UPnP")
  596. dev[0].dump_monitor()
  597. dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
  598. ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15)
  599. if ev is None:
  600. raise Exception("AP learn timed out")
  601. if ap_uuid not in ev:
  602. raise Exception("Expected AP UUID not in settings")
  603. if "ssid=" + ssid not in ev:
  604. raise Exception("Expected SSID not in settings")
  605. if "key=" + new_passphrase not in ev:
  606. raise Exception("Expected passphrase not in settings")
  607. logger.info("Add Enrollee using ER")
  608. pin = dev[1].wps_read_pin()
  609. dev[0].dump_monitor()
  610. dev[0].request("WPS_ER_PIN any " + pin + " " + dev[1].p2p_interface_addr())
  611. dev[1].dump_monitor()
  612. dev[1].request("WPS_PIN any " + pin)
  613. ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=30)
  614. if ev is None:
  615. raise Exception("Enrollee did not report success")
  616. ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
  617. if ev is None:
  618. raise Exception("Association with the AP timed out")
  619. ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
  620. if ev is None:
  621. raise Exception("WPS ER did not report success")
  622. hwsim_utils.test_connectivity_sta(dev[0], dev[1])
  623. logger.info("Add a specific Enrollee using ER")
  624. pin = dev[2].wps_read_pin()
  625. addr2 = dev[2].p2p_interface_addr()
  626. dev[0].dump_monitor()
  627. dev[2].dump_monitor()
  628. dev[2].request("WPS_PIN any " + pin)
  629. ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=10)
  630. if ev is None:
  631. raise Exception("Enrollee not seen")
  632. if addr2 not in ev:
  633. raise Exception("Unexpected Enrollee MAC address")
  634. dev[0].request("WPS_ER_PIN " + addr2 + " " + pin + " " + addr2)
  635. ev = dev[2].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
  636. if ev is None:
  637. raise Exception("Association with the AP timed out")
  638. ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
  639. if ev is None:
  640. raise Exception("WPS ER did not report success")
  641. logger.info("Verify registrar selection behavior")
  642. dev[0].request("WPS_ER_PIN any " + pin + " " + dev[1].p2p_interface_addr())
  643. dev[1].request("DISCONNECT")
  644. dev[1].wait_event(["CTRL-EVENT-DISCONNECTED"])
  645. dev[1].scan(freq="2412")
  646. bss = dev[1].get_bss(apdev[0]['bssid'])
  647. if "[WPS-AUTH]" not in bss['flags']:
  648. raise Exception("WPS-AUTH flag missing")
  649. logger.info("Stop ER")
  650. dev[0].dump_monitor()
  651. dev[0].request("WPS_ER_STOP")
  652. ev = dev[0].wait_event(["WPS-ER-AP-REMOVE"])
  653. if ev is None:
  654. raise Exception("WPS ER unsubscription timed out")
  655. # It takes some time for the UPnP UNSUBSCRIBE command to go through, so wait
  656. # a bit before verifying that the scan results have change.
  657. time.sleep(0.2)
  658. dev[1].scan(freq="2412")
  659. bss = dev[1].get_bss(apdev[0]['bssid'])
  660. if "[WPS-AUTH]" in bss['flags']:
  661. raise Exception("WPS-AUTH flag not removed")
  662. def test_ap_wps_er_add_enrollee_pbc(dev, apdev):
  663. """WPS ER connected to AP and adding a new enrollee using PBC"""
  664. ssid = "wps-er-add-enrollee-pbc"
  665. ap_pin = "12345670"
  666. ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
  667. hostapd.add_ap(apdev[0]['ifname'],
  668. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  669. "wpa_passphrase": "12345678", "wpa": "2",
  670. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
  671. "device_name": "Wireless AP", "manufacturer": "Company",
  672. "model_name": "WAP", "model_number": "123",
  673. "serial_number": "12345", "device_type": "6-0050F204-1",
  674. "os_version": "01020300",
  675. "config_methods": "label push_button",
  676. "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
  677. logger.info("Learn AP configuration")
  678. dev[0].dump_monitor()
  679. dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
  680. status = dev[0].get_status()
  681. if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
  682. raise Exception("Not fully connected")
  683. logger.info("Start ER")
  684. dev[0].request("WPS_ER_START ifname=lo")
  685. ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
  686. if ev is None:
  687. raise Exception("AP discovery timed out")
  688. if ap_uuid not in ev:
  689. raise Exception("Expected AP UUID not found")
  690. logger.info("Use learned network configuration on ER")
  691. dev[0].request("WPS_ER_SET_CONFIG " + ap_uuid + " 0")
  692. logger.info("Add Enrollee using ER and PBC")
  693. dev[0].dump_monitor()
  694. enrollee = dev[1].p2p_interface_addr()
  695. dev[1].dump_monitor()
  696. dev[1].request("WPS_PBC")
  697. for i in range(0, 2):
  698. ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=15)
  699. if ev is None:
  700. raise Exception("Enrollee discovery timed out")
  701. if enrollee in ev:
  702. break
  703. if i == 1:
  704. raise Exception("Expected Enrollee not found")
  705. dev[0].request("WPS_ER_PBC " + enrollee)
  706. ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=15)
  707. if ev is None:
  708. raise Exception("Enrollee did not report success")
  709. ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
  710. if ev is None:
  711. raise Exception("Association with the AP timed out")
  712. ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
  713. if ev is None:
  714. raise Exception("WPS ER did not report success")
  715. hwsim_utils.test_connectivity_sta(dev[0], dev[1])
  716. # verify BSSID selection of the AP instead of UUID
  717. if "FAIL" in dev[0].request("WPS_ER_SET_CONFIG " + apdev[0]['bssid'] + " 0"):
  718. raise Exception("Could not select AP based on BSSID")
  719. def test_ap_wps_er_v10_add_enrollee_pin(dev, apdev):
  720. """WPS v1.0 ER connected to AP and adding a new enrollee using PIN"""
  721. ssid = "wps-er-add-enrollee-pbc"
  722. ap_pin = "12345670"
  723. ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
  724. hostapd.add_ap(apdev[0]['ifname'],
  725. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  726. "wpa_passphrase": "12345678", "wpa": "2",
  727. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
  728. "device_name": "Wireless AP", "manufacturer": "Company",
  729. "model_name": "WAP", "model_number": "123",
  730. "serial_number": "12345", "device_type": "6-0050F204-1",
  731. "os_version": "01020300",
  732. "config_methods": "label push_button",
  733. "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
  734. logger.info("Learn AP configuration")
  735. dev[0].request("SET wps_version_number 0x10")
  736. dev[0].dump_monitor()
  737. dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
  738. status = dev[0].get_status()
  739. if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
  740. raise Exception("Not fully connected")
  741. logger.info("Start ER")
  742. dev[0].request("WPS_ER_START ifname=lo")
  743. ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
  744. if ev is None:
  745. raise Exception("AP discovery timed out")
  746. if ap_uuid not in ev:
  747. raise Exception("Expected AP UUID not found")
  748. logger.info("Use learned network configuration on ER")
  749. dev[0].request("WPS_ER_SET_CONFIG " + ap_uuid + " 0")
  750. logger.info("Add Enrollee using ER and PIN")
  751. enrollee = dev[1].p2p_interface_addr()
  752. pin = dev[1].wps_read_pin()
  753. dev[0].dump_monitor()
  754. dev[0].request("WPS_ER_PIN any " + pin + " " + enrollee)
  755. dev[1].dump_monitor()
  756. dev[1].request("WPS_PIN any " + pin)
  757. ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
  758. if ev is None:
  759. raise Exception("Association with the AP timed out")
  760. ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
  761. if ev is None:
  762. raise Exception("WPS ER did not report success")
  763. def test_ap_wps_er_config_ap(dev, apdev):
  764. """WPS ER configuring AP over UPnP"""
  765. ssid = "wps-er-ap-config"
  766. ap_pin = "12345670"
  767. ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
  768. hostapd.add_ap(apdev[0]['ifname'],
  769. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  770. "wpa_passphrase": "12345678", "wpa": "2",
  771. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
  772. "device_name": "Wireless AP", "manufacturer": "Company",
  773. "model_name": "WAP", "model_number": "123",
  774. "serial_number": "12345", "device_type": "6-0050F204-1",
  775. "os_version": "01020300",
  776. "config_methods": "label push_button",
  777. "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
  778. logger.info("Connect ER to the AP")
  779. dev[0].connect(ssid, psk="12345678", scan_freq="2412")
  780. logger.info("WPS configuration step")
  781. dev[0].request("WPS_ER_START ifname=lo")
  782. ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
  783. if ev is None:
  784. raise Exception("AP discovery timed out")
  785. if ap_uuid not in ev:
  786. raise Exception("Expected AP UUID not found")
  787. new_passphrase = "1234567890"
  788. dev[0].request("WPS_ER_CONFIG " + apdev[0]['bssid'] + " " + ap_pin + " " +
  789. ssid.encode("hex") + " WPA2PSK CCMP " +
  790. new_passphrase.encode("hex"))
  791. ev = dev[0].wait_event(["WPS-SUCCESS"])
  792. if ev is None:
  793. raise Exception("WPS ER configuration operation timed out")
  794. dev[1].wait_event(["CTRL-EVENT-DISCONNECTED"])
  795. dev[0].connect(ssid, psk="1234567890", scan_freq="2412")
  796. def test_ap_wps_fragmentation(dev, apdev):
  797. """WPS with fragmentation in EAP-WSC and mixed mode WPA+WPA2"""
  798. ssid = "test-wps-fragmentation"
  799. hostapd.add_ap(apdev[0]['ifname'],
  800. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  801. "wpa_passphrase": "12345678", "wpa": "3",
  802. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
  803. "wpa_pairwise": "TKIP",
  804. "fragment_size": "50" })
  805. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  806. logger.info("WPS provisioning step")
  807. hapd.request("WPS_PBC")
  808. dev[0].dump_monitor()
  809. dev[0].request("SET wps_fragment_size 50")
  810. dev[0].request("WPS_PBC")
  811. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  812. if ev is None:
  813. raise Exception("Association with the AP timed out")
  814. status = dev[0].get_status()
  815. if status['wpa_state'] != 'COMPLETED':
  816. raise Exception("Not fully connected")
  817. if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP':
  818. raise Exception("Unexpected encryption configuration")
  819. if status['key_mgmt'] != 'WPA2-PSK':
  820. raise Exception("Unexpected key_mgmt")
  821. def test_ap_wps_new_version_sta(dev, apdev):
  822. """WPS compatibility with new version number on the station"""
  823. ssid = "test-wps-ver"
  824. hostapd.add_ap(apdev[0]['ifname'],
  825. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  826. "wpa_passphrase": "12345678", "wpa": "2",
  827. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
  828. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  829. logger.info("WPS provisioning step")
  830. hapd.request("WPS_PBC")
  831. dev[0].dump_monitor()
  832. dev[0].request("SET wps_version_number 0x43")
  833. dev[0].request("SET wps_vendor_ext_m1 000137100100020001")
  834. dev[0].request("WPS_PBC")
  835. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  836. if ev is None:
  837. raise Exception("Association with the AP timed out")
  838. def test_ap_wps_new_version_ap(dev, apdev):
  839. """WPS compatibility with new version number on the AP"""
  840. ssid = "test-wps-ver"
  841. hostapd.add_ap(apdev[0]['ifname'],
  842. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  843. "wpa_passphrase": "12345678", "wpa": "2",
  844. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
  845. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  846. logger.info("WPS provisioning step")
  847. if "FAIL" in hapd.request("SET wps_version_number 0x43"):
  848. raise Exception("Failed to enable test functionality")
  849. hapd.request("WPS_PBC")
  850. dev[0].dump_monitor()
  851. dev[0].request("WPS_PBC")
  852. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  853. hapd.request("SET wps_version_number 0x20")
  854. if ev is None:
  855. raise Exception("Association with the AP timed out")
  856. def test_ap_wps_check_pin(dev, apdev):
  857. """Verify PIN checking through control interface"""
  858. hostapd.add_ap(apdev[0]['ifname'],
  859. { "ssid": "wps", "eap_server": "1", "wps_state": "2",
  860. "wpa_passphrase": "12345678", "wpa": "2",
  861. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" })
  862. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  863. for t in [ ("12345670", "12345670"),
  864. ("12345678", "FAIL-CHECKSUM"),
  865. ("1234-5670", "12345670"),
  866. ("1234 5670", "12345670"),
  867. ("1-2.3:4 5670", "12345670") ]:
  868. res = hapd.request("WPS_CHECK_PIN " + t[0]).rstrip('\n')
  869. res2 = dev[0].request("WPS_CHECK_PIN " + t[0]).rstrip('\n')
  870. if res != res2:
  871. raise Exception("Unexpected difference in WPS_CHECK_PIN responses")
  872. if res != t[1]:
  873. raise Exception("Incorrect WPS_CHECK_PIN response {} (expected {})".format(res, t[1]))
  874. def test_ap_wps_wep_config(dev, apdev):
  875. """WPS 2.0 AP rejecting WEP configuration"""
  876. ssid = "test-wps-config"
  877. appin = "12345670"
  878. hostapd.add_ap(apdev[0]['ifname'],
  879. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  880. "ap_pin": appin})
  881. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  882. dev[0].wps_reg(apdev[0]['bssid'], appin, "wps-new-ssid-wep", "OPEN", "WEP",
  883. "hello", no_wait=True)
  884. ev = hapd.wait_event(["WPS-FAIL"], timeout=15)
  885. if ev is None:
  886. raise Exception("WPS-FAIL timed out")
  887. if "reason=2" not in ev:
  888. raise Exception("Unexpected reason code in WPS-FAIL")
  889. status = hapd.request("WPS_GET_STATUS")
  890. if "Last WPS result: Failed" not in status:
  891. raise Exception("WPS failure result not shown correctly")
  892. if "Failure Reason: WEP Prohibited" not in status:
  893. raise Exception("Failure reason not reported correctly")
  894. if "Peer Address: " + dev[0].p2p_interface_addr() not in status:
  895. raise Exception("Peer address not shown correctly")
  896. def test_ap_wps_wep_enroll(dev, apdev):
  897. """WPS 2.0 STA rejecting WEP configuration"""
  898. ssid = "test-wps-wep"
  899. hostapd.add_ap(apdev[0]['ifname'],
  900. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  901. "skip_cred_build": "1", "extra_cred": "wps-wep-cred" })
  902. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  903. hapd.request("WPS_PBC")
  904. dev[0].request("WPS_PBC")
  905. ev = dev[0].wait_event(["WPS-FAIL"], timeout=15)
  906. if ev is None:
  907. raise Exception("WPS-FAIL event timed out")
  908. if "msg=12" not in ev or "reason=2 (WEP Prohibited)" not in ev:
  909. raise Exception("Unexpected WPS-FAIL event: " + ev)
  910. def test_ap_wps_ie_fragmentation(dev, apdev):
  911. """WPS AP using fragmented WPS IE"""
  912. ssid = "test-wps-ie-fragmentation"
  913. params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  914. "wpa_passphrase": "12345678", "wpa": "2",
  915. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
  916. "device_name": "1234567890abcdef1234567890abcdef",
  917. "manufacturer": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
  918. "model_name": "1234567890abcdef1234567890abcdef",
  919. "model_number": "1234567890abcdef1234567890abcdef",
  920. "serial_number": "1234567890abcdef1234567890abcdef" }
  921. hostapd.add_ap(apdev[0]['ifname'], params)
  922. hapd = hostapd.Hostapd(apdev[0]['ifname'])
  923. hapd.request("WPS_PBC")
  924. dev[0].request("WPS_PBC")
  925. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
  926. if ev is None:
  927. raise Exception("Association with the AP timed out")
  928. bss = dev[0].get_bss(apdev[0]['bssid'])
  929. if "wps_device_name" not in bss or bss['wps_device_name'] != "1234567890abcdef1234567890abcdef":
  930. raise Exception("Device Name not received correctly")
  931. if len(re.findall("dd..0050f204", bss['ie'])) != 2:
  932. raise Exception("Unexpected number of WPS IEs")
  933. def get_psk(pskfile):
  934. psks = {}
  935. with open(pskfile, "r") as f:
  936. lines = f.read().splitlines()
  937. for l in lines:
  938. if l == "# WPA PSKs":
  939. continue
  940. (addr,psk) = l.split(' ')
  941. psks[addr] = psk
  942. return psks
  943. def test_ap_wps_per_station_psk(dev, apdev):
  944. """WPS PBC provisioning with per-station PSK"""
  945. addr0 = dev[0].p2p_dev_addr()
  946. addr1 = dev[1].p2p_dev_addr()
  947. addr2 = dev[2].p2p_dev_addr()
  948. ssid = "wps"
  949. appin = "12345670"
  950. pskfile = "/tmp/ap_wps_per_enrollee_psk.psk_file"
  951. try:
  952. os.remove(pskfile)
  953. except:
  954. pass
  955. try:
  956. with open(pskfile, "w") as f:
  957. f.write("# WPA PSKs\n")
  958. params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  959. "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
  960. "rsn_pairwise": "CCMP", "ap_pin": appin,
  961. "wpa_psk_file": pskfile }
  962. hapd = hostapd.add_ap(apdev[0]['ifname'], params)
  963. logger.info("First enrollee")
  964. hapd.request("WPS_PBC")
  965. dev[0].request("WPS_PBC")
  966. ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"])
  967. if ev is None:
  968. raise Exception("Association with the AP timed out (1)")
  969. logger.info("Second enrollee")
  970. hapd.request("WPS_PBC")
  971. dev[1].request("WPS_PBC")
  972. ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"])
  973. if ev is None:
  974. raise Exception("Association with the AP timed out (2)")
  975. logger.info("External registrar")
  976. dev[2].wps_reg(apdev[0]['bssid'], appin)
  977. logger.info("Verifying PSK results")
  978. psks = get_psk(pskfile)
  979. if addr0 not in psks:
  980. raise Exception("No PSK recorded for sta0")
  981. if addr1 not in psks:
  982. raise Exception("No PSK recorded for sta1")
  983. if addr2 not in psks:
  984. raise Exception("No PSK recorded for sta2")
  985. if psks[addr0] == psks[addr1]:
  986. raise Exception("Same PSK recorded for sta0 and sta1")
  987. if psks[addr0] == psks[addr2]:
  988. raise Exception("Same PSK recorded for sta0 and sta2")
  989. if psks[addr1] == psks[addr2]:
  990. raise Exception("Same PSK recorded for sta1 and sta2")
  991. dev[0].request("REMOVE_NETWORK all")
  992. logger.info("Second external registrar")
  993. dev[0].wps_reg(apdev[0]['bssid'], appin)
  994. psks2 = get_psk(pskfile)
  995. if addr0 not in psks2:
  996. raise Exception("No PSK recorded for sta0(reg)")
  997. if psks[addr0] == psks2[addr0]:
  998. raise Exception("Same PSK recorded for sta0(enrollee) and sta0(reg)")
  999. finally:
  1000. os.remove(pskfile)
  1001. def add_ssdp_ap(ifname, ap_uuid):
  1002. ssid = "wps-ssdp"
  1003. ap_pin = "12345670"
  1004. hostapd.add_ap(ifname,
  1005. { "ssid": ssid, "eap_server": "1", "wps_state": "2",
  1006. "wpa_passphrase": "12345678", "wpa": "2",
  1007. "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
  1008. "device_name": "Wireless AP", "manufacturer": "Company",
  1009. "model_name": "WAP", "model_number": "123",
  1010. "serial_number": "12345", "device_type": "6-0050F204-1",
  1011. "os_version": "01020300",
  1012. "config_methods": "label push_button",
  1013. "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo",
  1014. "friendly_name": "WPS Access Point",
  1015. "manufacturer_url": "http://www.example.com/",
  1016. "model_description": "Wireless Access Point",
  1017. "model_url": "http://www.example.com/model/",
  1018. "upc": "123456789012" })
  1019. def ssdp_send(msg, no_recv=False):
  1020. socket.setdefaulttimeout(1)
  1021. sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
  1022. sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
  1023. sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 2)
  1024. sock.bind(("127.0.0.1", 0))
  1025. sock.sendto(msg, ("239.255.255.250", 1900))
  1026. if no_recv:
  1027. return None
  1028. return sock.recv(1000)
  1029. def ssdp_send_msearch(st):
  1030. msg = '\r\n'.join([
  1031. 'M-SEARCH * HTTP/1.1',
  1032. 'HOST: 239.255.255.250:1900',
  1033. 'MX: 1',
  1034. 'MAN: "ssdp:discover"',
  1035. 'ST: ' + st,
  1036. '', ''])
  1037. return ssdp_send(msg)
  1038. def test_ap_wps_ssdp_msearch(dev, apdev):
  1039. """WPS AP and SSDP M-SEARCH messages"""
  1040. ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
  1041. add_ssdp_ap(apdev[0]['ifname'], ap_uuid)
  1042. msg = '\r\n'.join([
  1043. 'M-SEARCH * HTTP/1.1',
  1044. 'Host: 239.255.255.250:1900',
  1045. 'Mx: 1',
  1046. 'Man: "ssdp:discover"',
  1047. 'St: urn:schemas-wifialliance-org:device:WFADevice:1',
  1048. '', ''])
  1049. ssdp_send(msg)
  1050. msg = '\r\n'.join([
  1051. 'M-SEARCH * HTTP/1.1',
  1052. 'host:\t239.255.255.250:1900\t\t\t\t \t\t',
  1053. 'mx: \t1\t\t ',
  1054. 'man: \t \t "ssdp:discover" ',
  1055. 'st: urn:schemas-wifialliance-org:device:WFADevice:1\t\t',
  1056. '', ''])
  1057. ssdp_send(msg)
  1058. ssdp_send_msearch("ssdp:all")
  1059. ssdp_send_msearch("upnp:rootdevice")
  1060. ssdp_send_msearch("uuid:" + ap_uuid)
  1061. ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1")
  1062. ssdp_send_msearch("urn:schemas-wifialliance-org:device:WFADevice:1");
  1063. msg = '\r\n'.join([
  1064. 'M-SEARCH * HTTP/1.1',
  1065. 'HOST:\t239.255.255.250:1900',
  1066. 'MAN: "ssdp:discover"',
  1067. 'MX: 130',
  1068. 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
  1069. '', ''])
  1070. ssdp_send(msg, no_recv=True)
  1071. def test_ap_wps_ssdp_invalid_msearch(dev, apdev):
  1072. """WPS AP and invalid SSDP M-SEARCH messages"""
  1073. ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
  1074. add_ssdp_ap(apdev[0]['ifname'], ap_uuid)
  1075. socket.setdefaulttimeout(1)
  1076. sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
  1077. sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
  1078. sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 2)
  1079. sock.bind(("127.0.0.1", 0))
  1080. logger.debug("Missing MX")
  1081. msg = '\r\n'.join([
  1082. 'M-SEARCH * HTTP/1.1',
  1083. 'HOST: 239.255.255.250:1900',
  1084. 'MAN: "ssdp:discover"',
  1085. 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
  1086. '', ''])
  1087. sock.sendto(msg, ("239.255.255.250", 1900))
  1088. logger.debug("Negative MX")
  1089. msg = '\r\n'.join([
  1090. 'M-SEARCH * HTTP/1.1',
  1091. 'HOST: 239.255.255.250:1900',
  1092. 'MX: -1',
  1093. 'MAN: "ssdp:discover"',
  1094. 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
  1095. '', ''])
  1096. sock.sendto(msg, ("239.255.255.250", 1900))
  1097. logger.debug("Invalid MX")
  1098. msg = '\r\n'.join([
  1099. 'M-SEARCH * HTTP/1.1',
  1100. 'HOST: 239.255.255.250:1900',
  1101. 'MX; 1',
  1102. 'MAN: "ssdp:discover"',
  1103. 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
  1104. '', ''])
  1105. sock.sendto(msg, ("239.255.255.250", 1900))
  1106. logger.debug("Missing MAN")
  1107. msg = '\r\n'.join([
  1108. 'M-SEARCH * HTTP/1.1',
  1109. 'HOST: 239.255.255.250:1900',
  1110. 'MX: 1',
  1111. 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
  1112. '', ''])
  1113. sock.sendto(msg, ("239.255.255.250", 1900))
  1114. logger.debug("Invalid MAN")
  1115. msg = '\r\n'.join([
  1116. 'M-SEARCH * HTTP/1.1',
  1117. 'HOST: 239.255.255.250:1900',
  1118. 'MX: 1',
  1119. 'MAN: foo',
  1120. 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
  1121. '', ''])
  1122. sock.sendto(msg, ("239.255.255.250", 1900))
  1123. msg = '\r\n'.join([
  1124. 'M-SEARCH * HTTP/1.1',
  1125. 'HOST: 239.255.255.250:1900',
  1126. 'MX: 1',
  1127. 'MAN; "ssdp:discover"',
  1128. 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
  1129. '', ''])
  1130. sock.sendto(msg, ("239.255.255.250", 1900))
  1131. logger.debug("Missing HOST")
  1132. msg = '\r\n'.join([
  1133. 'M-SEARCH * HTTP/1.1',
  1134. 'MAN: "ssdp:discover"',
  1135. 'MX: 1',
  1136. 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
  1137. '', ''])
  1138. sock.sendto(msg, ("239.255.255.250", 1900))
  1139. logger.debug("Missing ST")
  1140. msg = '\r\n'.join([
  1141. 'M-SEARCH * HTTP/1.1',
  1142. 'HOST: 239.255.255.250:1900',
  1143. 'MAN: "ssdp:discover"',
  1144. 'MX: 1',
  1145. '', ''])
  1146. sock.sendto(msg, ("239.255.255.250", 1900))
  1147. logger.debug("Mismatching ST")
  1148. msg = '\r\n'.join([
  1149. 'M-SEARCH * HTTP/1.1',
  1150. 'HOST: 239.255.255.250:1900',
  1151. 'MAN: "ssdp:discover"',
  1152. 'MX: 1',
  1153. 'ST: uuid:16d5f8a9-4ee4-4f5e-81f9-cc6e2f47f42d',
  1154. '', ''])
  1155. sock.sendto(msg, ("239.255.255.250", 1900))
  1156. msg = '\r\n'.join([
  1157. 'M-SEARCH * HTTP/1.1',
  1158. 'HOST: 239.255.255.250:1900',
  1159. 'MAN: "ssdp:discover"',
  1160. 'MX: 1',
  1161. 'ST: foo:bar',
  1162. '', ''])
  1163. sock.sendto(msg, ("239.255.255.250", 1900))
  1164. msg = '\r\n'.join([
  1165. 'M-SEARCH * HTTP/1.1',
  1166. 'HOST: 239.255.255.250:1900',
  1167. 'MAN: "ssdp:discover"',
  1168. 'MX: 1',
  1169. 'ST: foobar',
  1170. '', ''])
  1171. sock.sendto(msg, ("239.255.255.250", 1900))
  1172. logger.debug("Invalid ST")
  1173. msg = '\r\n'.join([
  1174. 'M-SEARCH * HTTP/1.1',
  1175. 'HOST: 239.255.255.250:1900',
  1176. 'MAN: "ssdp:discover"',
  1177. 'MX: 1',
  1178. 'ST; urn:schemas-wifialliance-org:device:WFADevice:1',
  1179. '', ''])
  1180. sock.sendto(msg, ("239.255.255.250", 1900))
  1181. logger.debug("Invalid M-SEARCH")
  1182. msg = '\r\n'.join([
  1183. 'M+SEARCH * HTTP/1.1',
  1184. 'HOST: 239.255.255.250:1900',
  1185. 'MAN: "ssdp:discover"',
  1186. 'MX: 1',
  1187. 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
  1188. '', ''])
  1189. sock.sendto(msg, ("239.255.255.250", 1900))
  1190. msg = '\r\n'.join([
  1191. 'M-SEARCH-* HTTP/1.1',
  1192. 'HOST: 239.255.255.250:1900',
  1193. 'MAN: "ssdp:discover"',
  1194. 'MX: 1',
  1195. 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
  1196. '', ''])
  1197. sock.sendto(msg, ("239.255.255.250", 1900))
  1198. logger.debug("Invalid message format")
  1199. sock.sendto("NOTIFY * HTTP/1.1", ("239.255.255.250", 1900))
  1200. msg = '\r'.join([
  1201. 'M-SEARCH * HTTP/1.1',
  1202. 'HOST: 239.255.255.250:1900',
  1203. 'MAN: "ssdp:discover"',
  1204. 'MX: 1',
  1205. 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
  1206. '', ''])
  1207. sock.sendto(msg, ("239.255.255.250", 1900))
  1208. try:
  1209. r = sock.recv(1000)
  1210. raise Exception("Unexpected M-SEARCH response: " + r)
  1211. except socket.timeout:
  1212. pass
  1213. logger.debug("Valid M-SEARCH")
  1214. msg = '\r\n'.join([
  1215. 'M-SEARCH * HTTP/1.1',
  1216. 'HOST: 239.255.255.250:1900',
  1217. 'MAN: "ssdp:discover"',
  1218. 'MX: 1',
  1219. 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
  1220. '', ''])
  1221. sock.sendto(msg, ("239.255.255.250", 1900))
  1222. try:
  1223. r = sock.recv(1000)
  1224. pass
  1225. except socket.timeout:
  1226. raise Exception("No SSDP response")
  1227. def test_ap_wps_ssdp_burst(dev, apdev):
  1228. """WPS AP and SSDP burst"""
  1229. ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
  1230. add_ssdp_ap(apdev[0]['ifname'], ap_uuid)
  1231. msg = '\r\n'.join([
  1232. 'M-SEARCH * HTTP/1.1',
  1233. 'HOST: 239.255.255.250:1900',
  1234. 'MAN: "ssdp:discover"',
  1235. 'MX: 1',
  1236. 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
  1237. '', ''])
  1238. socket.setdefaulttimeout(1)
  1239. sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
  1240. sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
  1241. sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 2)
  1242. sock.bind(("127.0.0.1", 0))
  1243. for i in range(0, 25):
  1244. sock.sendto(msg, ("239.255.255.250", 1900))
  1245. resp = 0
  1246. while True:
  1247. try:
  1248. r = sock.recv(1000)
  1249. if not r.startswith("HTTP/1.1 200 OK\r\n"):
  1250. raise Exception("Unexpected message: " + r)
  1251. resp += 1
  1252. except socket.timeout:
  1253. break
  1254. if resp < 20:
  1255. raise Exception("Too few SSDP responses")
  1256. sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
  1257. sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
  1258. sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 2)
  1259. sock.bind(("127.0.0.1", 0))
  1260. for i in range(0, 25):
  1261. sock.sendto(msg, ("239.255.255.250", 1900))
  1262. while True:
  1263. try:
  1264. r = sock.recv(1000)
  1265. if ap_uuid in r:
  1266. break
  1267. except socket.timeout:
  1268. raise Exception("No SSDP response")
  1269. def ssdp_get_location(uuid):
  1270. res = ssdp_send_msearch("uuid:" + uuid)
  1271. location = None
  1272. for l in res.splitlines():
  1273. if l.lower().startswith("location:"):
  1274. location = l.split(':', 1)[1].strip()
  1275. break
  1276. if location is None:
  1277. raise Exception("No UPnP location found")
  1278. return location
  1279. def upnp_get_urls(location):
  1280. conn = urllib.urlopen(location)
  1281. tree = ET.parse(conn)
  1282. root = tree.getroot()
  1283. urn = '{urn:schemas-upnp-org:device-1-0}'
  1284. service = root.find("./" + urn + "device/" + urn + "serviceList/" + urn + "service")
  1285. res = {}
  1286. res['scpd_url'] = urlparse.urljoin(location, service.find(urn + 'SCPDURL').text)
  1287. res['control_url'] = urlparse.urljoin(location, service.find(urn + 'controlURL').text)
  1288. res['event_sub_url'] = urlparse.urljoin(location, service.find(urn + 'eventSubURL').text)
  1289. return res
  1290. def upnp_soap_action(conn, path, action, include_soap_action=True, soap_action_override=None):
  1291. soapns = 'http://schemas.xmlsoap.org/soap/envelope/'
  1292. wpsns = 'urn:schemas-wifialliance-org:service:WFAWLANConfig:1'
  1293. ET.register_namespace('soapenv', soapns)
  1294. ET.register_namespace('wfa', wpsns)
  1295. attrib = {}
  1296. attrib['{%s}encodingStyle' % soapns] = 'http://schemas.xmlsoap.org/soap/encoding/'
  1297. root = ET.Element("{%s}Envelope" % soapns, attrib=attrib)
  1298. body = ET.SubElement(root, "{%s}Body" % soapns)
  1299. act = ET.SubElement(body, "{%s}%s" % (wpsns, action))
  1300. tree = ET.ElementTree(root)
  1301. soap = StringIO.StringIO()
  1302. tree.write(soap, xml_declaration=True, encoding='utf-8')
  1303. headers = { "Content-type": 'text/xml; charset="utf-8"' }
  1304. if include_soap_action:
  1305. headers["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % action
  1306. elif soap_action_override:
  1307. headers["SOAPAction"] = soap_action_override
  1308. conn.request("POST", path, soap.getvalue(), headers)
  1309. return conn.getresponse()
  1310. def test_ap_wps_upnp(dev, apdev):
  1311. """WPS AP and UPnP operations"""
  1312. ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
  1313. add_ssdp_ap(apdev[0]['ifname'], ap_uuid)
  1314. location = ssdp_get_location(ap_uuid)
  1315. urls = upnp_get_urls(location)
  1316. conn = urllib.urlopen(urls['scpd_url'])
  1317. scpd = conn.read()
  1318. conn = urllib.urlopen(urlparse.urljoin(location, "unknown.html"))
  1319. if conn.getcode() != 404:
  1320. raise Exception("Unexpected HTTP response to GET unknown URL")
  1321. url = urlparse.urlparse(location)
  1322. conn = httplib.HTTPConnection(url.netloc)
  1323. #conn.set_debuglevel(1)
  1324. headers = { "Content-type": 'text/xml; charset="utf-8"',
  1325. "SOAPAction": '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#GetDeviceInfo"' }
  1326. conn.request("POST", "hello", "\r\n\r\n", headers)
  1327. resp = conn.getresponse()
  1328. if resp.status != 404:
  1329. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1330. conn.request("UNKNOWN", "hello", "\r\n\r\n", headers)
  1331. resp = conn.getresponse()
  1332. if resp.status != 501:
  1333. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1334. headers = { "Content-type": 'text/xml; charset="utf-8"',
  1335. "SOAPAction": '"urn:some-unknown-action#GetDeviceInfo"' }
  1336. ctrlurl = urlparse.urlparse(urls['control_url'])
  1337. conn.request("POST", ctrlurl.path, "\r\n\r\n", headers)
  1338. resp = conn.getresponse()
  1339. if resp.status != 401:
  1340. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1341. logger.debug("GetDeviceInfo without SOAPAction header")
  1342. resp = upnp_soap_action(conn, ctrlurl.path, "GetDeviceInfo",
  1343. include_soap_action=False)
  1344. if resp.status != 401:
  1345. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1346. logger.debug("GetDeviceInfo with invalid SOAPAction header")
  1347. for act in [ "foo",
  1348. "urn:schemas-wifialliance-org:service:WFAWLANConfig:1#GetDeviceInfo",
  1349. '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1"',
  1350. '"urn:schemas-wifialliance-org:service:WFAWLANConfig:123#GetDevice']:
  1351. resp = upnp_soap_action(conn, ctrlurl.path, "GetDeviceInfo",
  1352. include_soap_action=False,
  1353. soap_action_override=act)
  1354. if resp.status != 401:
  1355. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1356. resp = upnp_soap_action(conn, ctrlurl.path, "GetDeviceInfo")
  1357. if resp.status != 200:
  1358. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1359. dev = resp.read()
  1360. if "NewDeviceInfo" not in dev:
  1361. raise Exception("Unexpected GetDeviceInfo response")
  1362. logger.debug("PutMessage without required parameters")
  1363. resp = upnp_soap_action(conn, ctrlurl.path, "PutMessage")
  1364. if resp.status != 600:
  1365. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1366. logger.debug("PutWLANResponse without required parameters")
  1367. resp = upnp_soap_action(conn, ctrlurl.path, "PutWLANResponse")
  1368. if resp.status != 600:
  1369. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1370. logger.debug("SetSelectedRegistrar from unregistered ER")
  1371. resp = upnp_soap_action(conn, ctrlurl.path, "SetSelectedRegistrar")
  1372. if resp.status != 501:
  1373. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1374. logger.debug("Unknown action")
  1375. resp = upnp_soap_action(conn, ctrlurl.path, "Unknown")
  1376. if resp.status != 401:
  1377. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1378. def test_ap_wps_upnp_subscribe(dev, apdev):
  1379. """WPS AP and UPnP event subscription"""
  1380. ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
  1381. add_ssdp_ap(apdev[0]['ifname'], ap_uuid)
  1382. location = ssdp_get_location(ap_uuid)
  1383. urls = upnp_get_urls(location)
  1384. eventurl = urlparse.urlparse(urls['event_sub_url'])
  1385. url = urlparse.urlparse(location)
  1386. conn = httplib.HTTPConnection(url.netloc)
  1387. #conn.set_debuglevel(1)
  1388. headers = { "callback": '<http://127.0.0.1:12345/event>',
  1389. "timeout": "Second-1234" }
  1390. conn.request("SUBSCRIBE", "hello", "\r\n\r\n", headers)
  1391. resp = conn.getresponse()
  1392. if resp.status != 412:
  1393. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1394. conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1395. resp = conn.getresponse()
  1396. if resp.status != 412:
  1397. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1398. headers = { "NT": "upnp:event",
  1399. "timeout": "Second-1234" }
  1400. conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1401. resp = conn.getresponse()
  1402. if resp.status != 412:
  1403. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1404. headers = { "callback": '<http://127.0.0.1:12345/event>',
  1405. "NT": "upnp:foobar",
  1406. "timeout": "Second-1234" }
  1407. conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1408. resp = conn.getresponse()
  1409. if resp.status != 400:
  1410. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1411. logger.debug("Valid subscription")
  1412. headers = { "callback": '<http://127.0.0.1:12345/event>',
  1413. "NT": "upnp:event",
  1414. "timeout": "Second-1234" }
  1415. conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1416. resp = conn.getresponse()
  1417. if resp.status != 200:
  1418. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1419. sid = resp.getheader("sid")
  1420. logger.debug("Subscription SID " + sid)
  1421. logger.debug("Invalid re-subscription")
  1422. headers = { "NT": "upnp:event",
  1423. "sid": "123456734567854",
  1424. "timeout": "Second-1234" }
  1425. conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1426. resp = conn.getresponse()
  1427. if resp.status != 400:
  1428. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1429. logger.debug("Invalid re-subscription")
  1430. headers = { "NT": "upnp:event",
  1431. "sid": "uuid:123456734567854",
  1432. "timeout": "Second-1234" }
  1433. conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1434. resp = conn.getresponse()
  1435. if resp.status != 400:
  1436. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1437. logger.debug("Invalid re-subscription")
  1438. headers = { "callback": '<http://127.0.0.1:12345/event>',
  1439. "NT": "upnp:event",
  1440. "sid": sid,
  1441. "timeout": "Second-1234" }
  1442. conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1443. resp = conn.getresponse()
  1444. if resp.status != 400:
  1445. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1446. logger.debug("SID mismatch in re-subscription")
  1447. headers = { "NT": "upnp:event",
  1448. "sid": "uuid:4c2bca79-1ff4-4e43-85d4-952a2b8a51fb",
  1449. "timeout": "Second-1234" }
  1450. conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1451. resp = conn.getresponse()
  1452. if resp.status != 412:
  1453. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1454. logger.debug("Valid re-subscription")
  1455. headers = { "NT": "upnp:event",
  1456. "sid": sid,
  1457. "timeout": "Second-1234" }
  1458. conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1459. resp = conn.getresponse()
  1460. if resp.status != 200:
  1461. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1462. sid2 = resp.getheader("sid")
  1463. logger.debug("Subscription SID " + sid2)
  1464. if sid != sid2:
  1465. raise Exception("Unexpected SID change")
  1466. logger.debug("Valid re-subscription")
  1467. headers = { "NT": "upnp:event",
  1468. "sid": "uuid: \t \t" + sid.split(':')[1],
  1469. "timeout": "Second-1234" }
  1470. conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1471. resp = conn.getresponse()
  1472. if resp.status != 200:
  1473. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1474. logger.debug("Invalid unsubscription")
  1475. headers = { "sid": sid }
  1476. conn.request("UNSUBSCRIBE", "/hello", "\r\n\r\n", headers)
  1477. resp = conn.getresponse()
  1478. if resp.status != 412:
  1479. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1480. headers = { "foo": "bar" }
  1481. conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1482. resp = conn.getresponse()
  1483. if resp.status != 412:
  1484. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1485. logger.debug("Valid unsubscription")
  1486. headers = { "sid": sid }
  1487. conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1488. resp = conn.getresponse()
  1489. if resp.status != 200:
  1490. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1491. logger.debug("Unsubscription for not existing SID")
  1492. headers = { "sid": sid }
  1493. conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1494. resp = conn.getresponse()
  1495. if resp.status != 412:
  1496. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1497. logger.debug("Invalid unsubscription")
  1498. headers = { "sid": " \t \tfoo" }
  1499. conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1500. resp = conn.getresponse()
  1501. if resp.status != 400:
  1502. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1503. logger.debug("Invalid unsubscription")
  1504. headers = { "sid": "uuid:\t \tfoo" }
  1505. conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1506. resp = conn.getresponse()
  1507. if resp.status != 400:
  1508. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1509. logger.debug("Invalid unsubscription")
  1510. headers = { "NT": "upnp:event",
  1511. "sid": sid }
  1512. conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1513. resp = conn.getresponse()
  1514. if resp.status != 400:
  1515. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1516. headers = { "callback": '<http://127.0.0.1:12345/event>',
  1517. "sid": sid }
  1518. conn.request("UNSUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1519. resp = conn.getresponse()
  1520. if resp.status != 400:
  1521. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1522. logger.debug("Valid subscription with multiple callbacks")
  1523. headers = { "callback": '<http://127.0.0.1:12345/event> <http://127.0.0.1:12345/event>\t<http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event>',
  1524. "NT": "upnp:event",
  1525. "timeout": "Second-1234" }
  1526. conn.request("SUBSCRIBE", eventurl.path, "\r\n\r\n", headers)
  1527. resp = conn.getresponse()
  1528. if resp.status != 200:
  1529. raise Exception("Unexpected HTTP response: %s" % resp.status)
  1530. sid = resp.getheader("sid")
  1531. logger.debug("Subscription SID " + sid)