From 6645ff5094aa631277636c7613f26647a82dbf2d Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sat, 28 Dec 2013 17:47:32 +0200 Subject: [PATCH] tests: Verify WPS AP Setup Locking on AP PIN failures Signed-hostap: Jouni Malinen --- tests/hwsim/test_ap_wps.py | 50 ++++++++++++++++++++++++++++++++++++ tests/hwsim/wpasupplicant.py | 6 ++++- 2 files changed, 55 insertions(+), 1 deletion(-) diff --git a/tests/hwsim/test_ap_wps.py b/tests/hwsim/test_ap_wps.py index 3324f720f..525afb45c 100644 --- a/tests/hwsim/test_ap_wps.py +++ b/tests/hwsim/test_ap_wps.py @@ -174,6 +174,56 @@ def test_ap_wps_reg_config(dev, apdev): if status['key_mgmt'] != 'WPA2-PSK': raise Exception("Unexpected key_mgmt") +def test_ap_wps_setup_locked(dev, apdev): + """WPS registrar locking up AP setup on AP PIN failures""" + ssid = "test-wps-incorrect-ap-pin" + appin = "12345670" + hostapd.add_ap(apdev[0]['ifname'], + { "ssid": ssid, "eap_server": "1", "wps_state": "2", + "wpa_passphrase": "12345678", "wpa": "2", + "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP", + "ap_pin": appin}) + dev[0].request("SET ignore_old_scan_res 1") + new_ssid = "wps-new-ssid-test" + new_passphrase = "1234567890" + + ap_setup_locked=False + for pin in ["55554444", "1234", "12345678", "00000000", "11111111"]: + dev[0].dump_monitor() + logger.info("Try incorrect AP PIN - attempt " + pin) + dev[0].wps_reg(apdev[0]['bssid'], pin, new_ssid, "WPA2PSK", + "CCMP", new_passphrase, no_wait=True) + ev = dev[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"]) + if ev is None: + raise Exception("Timeout on receiving WPS operation failure event") + if "CTRL-EVENT-CONNECTED" in ev: + raise Exception("Unexpected connection") + if "config_error=15" in ev: + logger.info("AP Setup Locked") + ap_setup_locked=True + elif "config_error=18" not in ev: + raise Exception("config_error=18 not reported") + ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"]) + if ev is None: + raise Exception("Timeout on disconnection event") + time.sleep(0.1) + if not ap_setup_locked: + raise Exception("AP setup was not locked") + + time.sleep(0.5) + dev[0].dump_monitor() + logger.info("WPS provisioning step") + pin = dev[0].wps_read_pin() + hapd = hostapd.Hostapd(apdev[0]['ifname']) + hapd.request("WPS_PIN any " + pin) + dev[0].request("WPS_PIN any " + pin) + ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=30) + if ev is None: + raise Exception("WPS success was not reported") + ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30) + if ev is None: + raise Exception("Association with the AP timed out") + def test_ap_wps_pbc_overlap_2ap(dev, apdev): """WPS PBC session overlap with two active APs""" hostapd.add_ap(apdev[0]['ifname'], diff --git a/tests/hwsim/wpasupplicant.py b/tests/hwsim/wpasupplicant.py index bcc143bb4..ad6972573 100644 --- a/tests/hwsim/wpasupplicant.py +++ b/tests/hwsim/wpasupplicant.py @@ -617,15 +617,19 @@ class WpaSupplicant: self.dump_monitor() def wps_reg(self, bssid, pin, new_ssid=None, key_mgmt=None, cipher=None, - new_passphrase=None): + new_passphrase=None, no_wait=False): self.dump_monitor() if new_ssid: self.request("WPS_REG " + bssid + " " + pin + " " + new_ssid.encode("hex") + " " + key_mgmt + " " + cipher + " " + new_passphrase.encode("hex")) + if no_wait: + return ev = self.wait_event(["WPS-SUCCESS"], timeout=15) else: self.request("WPS_REG " + bssid + " " + pin) + if no_wait: + return ev = self.wait_event(["WPS-CRED-RECEIVED"], timeout=15) if ev is None: raise Exception("WPS cred timed out")