mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-19 03:14:05 -05:00
tests: Additional Multiple BSSID IE parsing tests
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
586826d4f5
commit
8d176ae689
@ -1640,3 +1640,191 @@ def test_scan_multi_bssid_4(dev, apdev):
|
|||||||
hapd.disable()
|
hapd.disable()
|
||||||
hapd.set('bssid', bssid)
|
hapd.set('bssid', bssid)
|
||||||
hapd.enable()
|
hapd.enable()
|
||||||
|
|
||||||
|
def test_scan_multi_bssid_check_ie(dev, apdev):
|
||||||
|
"""Scan and check if nontransmitting BSS inherits IE from transmitting BSS"""
|
||||||
|
check_multibss_sta_capa(dev[0])
|
||||||
|
dev[0].flush_scan_cache()
|
||||||
|
|
||||||
|
params = { "ssid": "transmitted" }
|
||||||
|
|
||||||
|
# Duplicated entry for the transmitted BSS (not a normal use case)
|
||||||
|
elems = elem_capab(1) + elem_ssid("transmitted") + elem_bssid_index(0)
|
||||||
|
profile1 = struct.pack('BB', 0, len(elems)) + elems
|
||||||
|
|
||||||
|
elems = elem_capab(1) + elem_ssid("nontransmitted") + elem_bssid_index(1)
|
||||||
|
profile2 = struct.pack('BB', 0, len(elems)) + elems
|
||||||
|
|
||||||
|
profiles = profile1 + profile2
|
||||||
|
params['vendor_elements'] = elem_multibssid(profiles, 2)
|
||||||
|
hostapd.add_ap(apdev[0], params)
|
||||||
|
|
||||||
|
bssid = apdev[0]['bssid']
|
||||||
|
|
||||||
|
for i in range(10):
|
||||||
|
dev[0].request("SCAN TYPE=ONLY freq=2412 passive=1")
|
||||||
|
ev = dev[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout=15)
|
||||||
|
if ev is None:
|
||||||
|
raise Exception("Scan did not complete")
|
||||||
|
if dev[0].get_bss(bssid):
|
||||||
|
break
|
||||||
|
|
||||||
|
for i in range(10):
|
||||||
|
dev[0].scan_for_bss(bssid, freq=2412, force_scan=True)
|
||||||
|
bss = dev[0].get_bss(bssid)
|
||||||
|
if 'beacon_ie' in bss:
|
||||||
|
break
|
||||||
|
|
||||||
|
trans_bss = dev[0].get_bss(bssid)
|
||||||
|
if trans_bss is None:
|
||||||
|
raise Exception("AP " + bssid + " missing from scan results")
|
||||||
|
|
||||||
|
if not trans_bss or 'beacon_ie' not in trans_bss:
|
||||||
|
raise Exception("beacon_ie not present in trans_bss")
|
||||||
|
|
||||||
|
beacon_ie = parse_ie(trans_bss['beacon_ie'])
|
||||||
|
logger.info("trans_bss beacon_ie: " + str(beacon_ie.keys()))
|
||||||
|
|
||||||
|
bssid = bssid[0:16] + '1'
|
||||||
|
nontrans_bss1 = dev[0].get_bss(bssid)
|
||||||
|
if nontrans_bss1 is None:
|
||||||
|
raise Exception("AP " + bssid + " missing from scan results")
|
||||||
|
|
||||||
|
if not trans_bss or 'beacon_ie' not in nontrans_bss1:
|
||||||
|
raise Exception("beacon_ie not present in nontrans_bss1")
|
||||||
|
|
||||||
|
nontx_beacon_ie = parse_ie(nontrans_bss1['beacon_ie'])
|
||||||
|
logger.info("nontrans_bss1 beacon_ie: " + str(nontx_beacon_ie.keys()))
|
||||||
|
|
||||||
|
if 71 in beacon_ie.keys():
|
||||||
|
ie_list = beacon_ie.keys()
|
||||||
|
ie_list.remove(71)
|
||||||
|
if ie_list != nontx_beacon_ie.keys():
|
||||||
|
raise Exception("check IE failed")
|
||||||
|
|
||||||
|
def elem_fms1():
|
||||||
|
# this FMS IE has 1 FMS counter
|
||||||
|
fms_counters = struct.pack('B', 0x39)
|
||||||
|
fms_ids = struct.pack('B', 0x01)
|
||||||
|
return struct.pack('BBB', 86, 3, 1) + fms_counters + fms_ids
|
||||||
|
|
||||||
|
def elem_fms2():
|
||||||
|
# this FMS IE has 2 FMS counters
|
||||||
|
fms_counters = struct.pack('BB', 0x29, 0x32)
|
||||||
|
fms_ids = struct.pack('BB', 0x01, 0x02)
|
||||||
|
return struct.pack('BBB', 86, 5, 2) + fms_counters + fms_ids
|
||||||
|
|
||||||
|
def test_scan_multi_bssid_fms(dev, apdev):
|
||||||
|
"""Non-transmitting BSS has different FMS IE from transmitting BSS"""
|
||||||
|
check_multibss_sta_capa(dev[0])
|
||||||
|
dev[0].flush_scan_cache()
|
||||||
|
|
||||||
|
params = { "ssid": "transmitted" }
|
||||||
|
|
||||||
|
# construct transmitting BSS Beacon with FMS IE
|
||||||
|
elems = elem_capab(1) + elem_ssid("transmitted") + elem_bssid_index(0) + elem_fms1()
|
||||||
|
profile1 = struct.pack('BB', 0, len(elems)) + elems
|
||||||
|
|
||||||
|
elems = elem_capab(1) + elem_ssid("nontransmitted") + elem_bssid_index(1) + elem_fms2()
|
||||||
|
profile2 = struct.pack('BB', 0, len(elems)) + elems
|
||||||
|
|
||||||
|
profiles = profile1 + profile2
|
||||||
|
params['vendor_elements'] = elem_multibssid(profiles, 2) + binascii.hexlify(elem_fms1())
|
||||||
|
hostapd.add_ap(apdev[0], params)
|
||||||
|
|
||||||
|
bssid = apdev[0]['bssid']
|
||||||
|
|
||||||
|
for i in range(10):
|
||||||
|
dev[0].request("SCAN TYPE=ONLY freq=2412 passive=1")
|
||||||
|
ev = dev[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout=15)
|
||||||
|
if ev is None:
|
||||||
|
raise Exception("Scan did not complete")
|
||||||
|
if dev[0].get_bss(bssid):
|
||||||
|
break
|
||||||
|
|
||||||
|
for i in range(10):
|
||||||
|
dev[0].scan_for_bss(bssid, freq=2412, force_scan=True)
|
||||||
|
bss = dev[0].get_bss(bssid)
|
||||||
|
if 'beacon_ie' in bss:
|
||||||
|
break
|
||||||
|
|
||||||
|
trans_bss = dev[0].get_bss(bssid)
|
||||||
|
if trans_bss is None:
|
||||||
|
raise Exception("AP " + bssid + " missing from scan results")
|
||||||
|
|
||||||
|
if not trans_bss or 'beacon_ie' not in trans_bss:
|
||||||
|
raise Exception("beacon_ie not present in trans_bss")
|
||||||
|
|
||||||
|
beacon_ie = parse_ie(trans_bss['beacon_ie'])
|
||||||
|
trans_bss_fms = beacon_ie[86]
|
||||||
|
logger.info("trans_bss fms ie: " + binascii.hexlify(trans_bss_fms))
|
||||||
|
|
||||||
|
bssid = bssid[0:16] + '1'
|
||||||
|
nontrans_bss1 = dev[0].get_bss(bssid)
|
||||||
|
if nontrans_bss1 is None:
|
||||||
|
raise Exception("AP " + bssid + " missing from scan results")
|
||||||
|
|
||||||
|
if not nontrans_bss1 or 'beacon_ie' not in nontrans_bss1:
|
||||||
|
raise Exception("beacon_ie not present in nontrans_bss1")
|
||||||
|
|
||||||
|
nontrans_beacon_ie = parse_ie(nontrans_bss1['beacon_ie'])
|
||||||
|
nontrans_bss_fms = nontrans_beacon_ie[86]
|
||||||
|
logger.info("nontrans_bss fms ie: " + binascii.hexlify(nontrans_bss_fms))
|
||||||
|
|
||||||
|
if binascii.hexlify(trans_bss_fms) == binascii.hexlify(nontrans_bss_fms):
|
||||||
|
raise Exception("Nontrans BSS has the same FMS IE as trans BSS")
|
||||||
|
|
||||||
|
def test_scan_multiple_mbssid_ie(dev, apdev):
|
||||||
|
"""Transmitting BSS has 2 MBSSID IE"""
|
||||||
|
check_multibss_sta_capa(dev[0])
|
||||||
|
dev[0].flush_scan_cache()
|
||||||
|
|
||||||
|
bssid = apdev[0]['bssid']
|
||||||
|
logger.info("bssid: " + bssid);
|
||||||
|
hapd = None
|
||||||
|
|
||||||
|
# construct 2 MBSSID IEs, each MBSSID IE contains 1 profile
|
||||||
|
params = { "ssid": "transmitted",
|
||||||
|
"bssid": bssid }
|
||||||
|
|
||||||
|
elems = elem_capab(1) + elem_ssid("1") + elem_bssid_index(1)
|
||||||
|
profile1 = struct.pack('BB', 0, len(elems)) + elems
|
||||||
|
|
||||||
|
elems = elem_capab(2) + elem_ssid("2") + elem_bssid_index(2)
|
||||||
|
profile2 = struct.pack('BB', 0, len(elems)) + elems
|
||||||
|
|
||||||
|
params['vendor_elements'] = elem_multibssid(profile1, 2) + elem_multibssid(profile2,2)
|
||||||
|
hapd = hostapd.add_ap(apdev[0], params)
|
||||||
|
|
||||||
|
check = [ (bssid, 'transmitted', 0x401),
|
||||||
|
(bssid[0:16] + '1', '1', 0x1),
|
||||||
|
(bssid[0:16] + '2', '2', 0x2) ]
|
||||||
|
run_scans(dev[0], check)
|
||||||
|
|
||||||
|
def test_scan_mbssid_hidden_ssid(dev, apdev):
|
||||||
|
"""Non-transmitting BSS has hidden SSID"""
|
||||||
|
check_multibss_sta_capa(dev[0])
|
||||||
|
dev[0].flush_scan_cache()
|
||||||
|
|
||||||
|
bssid = apdev[0]['bssid']
|
||||||
|
logger.info("bssid: " + bssid);
|
||||||
|
hapd = None
|
||||||
|
|
||||||
|
# construct 2 MBSSID IEs, each MBSSID IE contains 1 profile
|
||||||
|
params = { "ssid": "transmitted",
|
||||||
|
"bssid": bssid }
|
||||||
|
|
||||||
|
elems = elem_capab(1) + elem_ssid("") + elem_bssid_index(1)
|
||||||
|
profile1 = struct.pack('BB', 0, len(elems)) + elems
|
||||||
|
|
||||||
|
elems = elem_capab(2) + elem_ssid("2") + elem_bssid_index(2)
|
||||||
|
profile2 = struct.pack('BB', 0, len(elems)) + elems
|
||||||
|
|
||||||
|
profiles = profile1 + profile2
|
||||||
|
params['vendor_elements'] = elem_multibssid(profiles, 2)
|
||||||
|
hapd = hostapd.add_ap(apdev[0], params)
|
||||||
|
|
||||||
|
check = [ (bssid, 'transmitted', 0x401),
|
||||||
|
(bssid[0:16] + '1', '', 0x1),
|
||||||
|
(bssid[0:16] + '2', '2', 0x2) ]
|
||||||
|
run_scans(dev[0], check)
|
||||||
|
Loading…
Reference in New Issue
Block a user