mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 18:28:23 -05:00
tests: PMF and Authentication frame injection
Verify that AP does not break PMF-enabled connection due to injected Authentication frame. This is a regression test for NL80211_FEATURE_FULL_AP_CLIENT_STATE changes resulting in dropping the key in such a case. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
47d74bf010
commit
86f938ddea
@ -469,3 +469,30 @@ def test_ap_pmf_required_sta_no_pmf(dev, apdev):
|
||||
if "CTRL-EVENT-ASSOC-REJECT" in ev:
|
||||
raise Exception("Tried to connect to PMF required AP without PMF enabled")
|
||||
dev[0].request("REMOVE_NETWORK all")
|
||||
|
||||
def test_ap_pmf_inject_auth(dev, apdev):
|
||||
"""WPA2-PSK AP with PMF and Authentication frame injection"""
|
||||
ssid = "test-pmf"
|
||||
params = hostapd.wpa2_params(ssid=ssid, passphrase="12345678")
|
||||
params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
|
||||
params["ieee80211w"] = "2"
|
||||
hapd = hostapd.add_ap(apdev[0], params)
|
||||
dev[0].connect(ssid, psk="12345678", ieee80211w="2",
|
||||
key_mgmt="WPA-PSK-SHA256", proto="WPA2",
|
||||
scan_freq="2412")
|
||||
hwsim_utils.test_connectivity(dev[0], hapd)
|
||||
|
||||
bssid = hapd.own_addr().replace(':', '')
|
||||
addr = dev[0].own_addr().replace(':', '')
|
||||
|
||||
# Inject an unprotected Authentication frame claiming to be from the
|
||||
# associated STA.
|
||||
auth = "b0003a01" + bssid + addr + bssid + '1000000001000000'
|
||||
hapd.request("SET ext_mgmt_frame_handling 1")
|
||||
res = hapd.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=%s" % auth)
|
||||
hapd.request("SET ext_mgmt_frame_handling 0")
|
||||
if "OK" not in res:
|
||||
raise Exception("MGMT_RX_PROCESS failed")
|
||||
|
||||
# Verify that original association is still functional.
|
||||
hwsim_utils.test_connectivity(dev[0], hapd)
|
||||
|
Loading…
Reference in New Issue
Block a user