tests: Verify WPS AP Setup Locking on AP PIN failures

Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2013-12-28 17:47:32 +02:00
parent 10ea684830
commit 6645ff5094
2 changed files with 55 additions and 1 deletions

View file

@ -174,6 +174,56 @@ def test_ap_wps_reg_config(dev, apdev):
if status['key_mgmt'] != 'WPA2-PSK': if status['key_mgmt'] != 'WPA2-PSK':
raise Exception("Unexpected key_mgmt") raise Exception("Unexpected key_mgmt")
def test_ap_wps_setup_locked(dev, apdev):
"""WPS registrar locking up AP setup on AP PIN failures"""
ssid = "test-wps-incorrect-ap-pin"
appin = "12345670"
hostapd.add_ap(apdev[0]['ifname'],
{ "ssid": ssid, "eap_server": "1", "wps_state": "2",
"wpa_passphrase": "12345678", "wpa": "2",
"wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
"ap_pin": appin})
dev[0].request("SET ignore_old_scan_res 1")
new_ssid = "wps-new-ssid-test"
new_passphrase = "1234567890"
ap_setup_locked=False
for pin in ["55554444", "1234", "12345678", "00000000", "11111111"]:
dev[0].dump_monitor()
logger.info("Try incorrect AP PIN - attempt " + pin)
dev[0].wps_reg(apdev[0]['bssid'], pin, new_ssid, "WPA2PSK",
"CCMP", new_passphrase, no_wait=True)
ev = dev[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
if ev is None:
raise Exception("Timeout on receiving WPS operation failure event")
if "CTRL-EVENT-CONNECTED" in ev:
raise Exception("Unexpected connection")
if "config_error=15" in ev:
logger.info("AP Setup Locked")
ap_setup_locked=True
elif "config_error=18" not in ev:
raise Exception("config_error=18 not reported")
ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"])
if ev is None:
raise Exception("Timeout on disconnection event")
time.sleep(0.1)
if not ap_setup_locked:
raise Exception("AP setup was not locked")
time.sleep(0.5)
dev[0].dump_monitor()
logger.info("WPS provisioning step")
pin = dev[0].wps_read_pin()
hapd = hostapd.Hostapd(apdev[0]['ifname'])
hapd.request("WPS_PIN any " + pin)
dev[0].request("WPS_PIN any " + pin)
ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=30)
if ev is None:
raise Exception("WPS success was not reported")
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
if ev is None:
raise Exception("Association with the AP timed out")
def test_ap_wps_pbc_overlap_2ap(dev, apdev): def test_ap_wps_pbc_overlap_2ap(dev, apdev):
"""WPS PBC session overlap with two active APs""" """WPS PBC session overlap with two active APs"""
hostapd.add_ap(apdev[0]['ifname'], hostapd.add_ap(apdev[0]['ifname'],

View file

@ -617,15 +617,19 @@ class WpaSupplicant:
self.dump_monitor() self.dump_monitor()
def wps_reg(self, bssid, pin, new_ssid=None, key_mgmt=None, cipher=None, def wps_reg(self, bssid, pin, new_ssid=None, key_mgmt=None, cipher=None,
new_passphrase=None): new_passphrase=None, no_wait=False):
self.dump_monitor() self.dump_monitor()
if new_ssid: if new_ssid:
self.request("WPS_REG " + bssid + " " + pin + " " + self.request("WPS_REG " + bssid + " " + pin + " " +
new_ssid.encode("hex") + " " + key_mgmt + " " + new_ssid.encode("hex") + " " + key_mgmt + " " +
cipher + " " + new_passphrase.encode("hex")) cipher + " " + new_passphrase.encode("hex"))
if no_wait:
return
ev = self.wait_event(["WPS-SUCCESS"], timeout=15) ev = self.wait_event(["WPS-SUCCESS"], timeout=15)
else: else:
self.request("WPS_REG " + bssid + " " + pin) self.request("WPS_REG " + bssid + " " + pin)
if no_wait:
return
ev = self.wait_event(["WPS-CRED-RECEIVED"], timeout=15) ev = self.wait_event(["WPS-CRED-RECEIVED"], timeout=15)
if ev is None: if ev is None:
raise Exception("WPS cred timed out") raise Exception("WPS cred timed out")