mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-17 18:34:03 -05:00
tests: Increase WEXT coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
dc4c3dc4a2
commit
ee27f6737b
@ -1,5 +1,5 @@
|
||||
# Deprecated WEXT driver interface in wpa_supplicant
|
||||
# Copyright (c) 2013, Jouni Malinen <j@w1.fi>
|
||||
# Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
|
||||
#
|
||||
# This software may be distributed under the terms of the BSD license.
|
||||
# See README for more details.
|
||||
@ -7,45 +7,272 @@
|
||||
import logging
|
||||
logger = logging.getLogger()
|
||||
import os
|
||||
import subprocess
|
||||
|
||||
import hostapd
|
||||
import hwsim_utils
|
||||
from wpasupplicant import WpaSupplicant
|
||||
from test_rfkill import get_rfkill_id
|
||||
|
||||
def test_wext_open(dev, apdev):
|
||||
"""WEXT driver interface with open network"""
|
||||
def get_wext_interface():
|
||||
if not os.path.exists("/proc/net/wireless"):
|
||||
logger.info("WEXT support not included in the kernel")
|
||||
return "skip"
|
||||
|
||||
params = { "ssid": "wext-open" }
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
return
|
||||
|
||||
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
|
||||
try:
|
||||
wpas.interface_add("wlan5", driver="wext")
|
||||
except Exception, e:
|
||||
logger.info("WEXT driver support not included in wpa_supplicant")
|
||||
return
|
||||
return wpas
|
||||
|
||||
def test_wext_open(dev, apdev):
|
||||
"""WEXT driver interface with open network"""
|
||||
wpas = get_wext_interface()
|
||||
if not wpas:
|
||||
return "skip"
|
||||
|
||||
params = { "ssid": "wext-open" }
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
|
||||
wpas.connect("wext-open", key_mgmt="NONE")
|
||||
hwsim_utils.test_connectivity(wpas, hapd)
|
||||
|
||||
def test_wext_wpa2_psk(dev, apdev):
|
||||
"""WEXT driver interface with WPA2-PSK"""
|
||||
if not os.path.exists("/proc/net/wireless"):
|
||||
logger.info("WEXT support not included in the kernel")
|
||||
wpas = get_wext_interface()
|
||||
if not wpas:
|
||||
return "skip"
|
||||
|
||||
params = hostapd.wpa2_params(ssid="wext-wpa2-psk", passphrase="12345678")
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
|
||||
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
|
||||
try:
|
||||
wpas.interface_add("wlan5", driver="wext")
|
||||
except Exception, e:
|
||||
logger.info("WEXT driver support not included in wpa_supplicant")
|
||||
return "skip"
|
||||
|
||||
wpas.connect("wext-wpa2-psk", psk="12345678")
|
||||
hwsim_utils.test_connectivity(wpas, hapd)
|
||||
if "RSSI=" not in wpas.request("SIGNAL_POLL"):
|
||||
raise Exception("Missing RSSI from SIGNAL_POLL")
|
||||
|
||||
wpas.dump_monitor()
|
||||
hapd.request("DEAUTHENTICATE " + wpas.p2p_interface_addr())
|
||||
ev = wpas.wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=15)
|
||||
if ev is None:
|
||||
raise Exception("Timeout on disconnection event")
|
||||
|
||||
def test_wext_wpa_psk(dev, apdev):
|
||||
"""WEXT driver interface with WPA-PSK"""
|
||||
wpas = get_wext_interface()
|
||||
if not wpas:
|
||||
return "skip"
|
||||
|
||||
params = hostapd.wpa_params(ssid="wext-wpa-psk", passphrase="12345678")
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
testfile = "/sys/kernel/debug/ieee80211/%s/netdev:%s/tkip_mic_test" % (hapd.get_driver_status_field("phyname"), apdev[0]['ifname'])
|
||||
if not os.path.exists(testfile):
|
||||
return "skip"
|
||||
|
||||
wpas.connect("wext-wpa-psk", psk="12345678")
|
||||
hwsim_utils.test_connectivity(wpas, hapd)
|
||||
|
||||
with open(testfile, "w") as f:
|
||||
f.write(wpas.p2p_interface_addr())
|
||||
ev = wpas.wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=1)
|
||||
if ev is not None:
|
||||
raise Exception("Unexpected disconnection on first Michael MIC failure")
|
||||
|
||||
with open(testfile, "w") as f:
|
||||
f.write("ff:ff:ff:ff:ff:ff")
|
||||
ev = wpas.wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=10)
|
||||
if ev is None:
|
||||
raise Exception("No disconnection after two Michael MIC failures")
|
||||
if "reason=14 locally_generated=1" not in ev:
|
||||
raise Exception("Unexpected disconnection reason: " + ev)
|
||||
|
||||
def test_wext_pmksa_cache(dev, apdev):
|
||||
"""PMKSA caching with WEXT"""
|
||||
wpas = get_wext_interface()
|
||||
if not wpas:
|
||||
return "skip"
|
||||
|
||||
params = hostapd.wpa2_eap_params(ssid="test-pmksa-cache")
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
bssid = apdev[0]['bssid']
|
||||
wpas.connect("test-pmksa-cache", proto="RSN", key_mgmt="WPA-EAP",
|
||||
eap="GPSK", identity="gpsk user",
|
||||
password="abcdefghijklmnop0123456789abcdef",
|
||||
scan_freq="2412")
|
||||
pmksa = wpas.get_pmksa(bssid)
|
||||
if pmksa is None:
|
||||
raise Exception("No PMKSA cache entry created")
|
||||
if pmksa['opportunistic'] != '0':
|
||||
raise Exception("Unexpected opportunistic PMKSA cache entry")
|
||||
|
||||
hostapd.add_ap(apdev[1]['ifname'], params)
|
||||
bssid2 = apdev[1]['bssid']
|
||||
|
||||
wpas.dump_monitor()
|
||||
logger.info("Roam to AP2")
|
||||
# It can take some time for the second AP to become ready to reply to Probe
|
||||
# Request frames especially under heavy CPU load, so allow couple of rounds
|
||||
# of scanning to avoid reporting errors incorrectly just because of scans
|
||||
# not having seen the target AP.
|
||||
for i in range(3):
|
||||
wpas.scan()
|
||||
if wpas.get_bss(bssid2) is not None:
|
||||
break
|
||||
logger.info("Scan again to find target AP")
|
||||
wpas.request("ROAM " + bssid2)
|
||||
ev = wpas.wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout=10)
|
||||
if ev is None:
|
||||
raise Exception("EAP success timed out")
|
||||
ev = wpas.wait_event(["CTRL-EVENT-CONNECTED"], timeout=10)
|
||||
if ev is None:
|
||||
raise Exception("Roaming with the AP timed out")
|
||||
pmksa2 = wpas.get_pmksa(bssid2)
|
||||
if pmksa2 is None:
|
||||
raise Exception("No PMKSA cache entry found")
|
||||
if pmksa2['opportunistic'] != '0':
|
||||
raise Exception("Unexpected opportunistic PMKSA cache entry")
|
||||
|
||||
wpas.dump_monitor()
|
||||
logger.info("Roam back to AP1")
|
||||
wpas.scan()
|
||||
wpas.request("ROAM " + bssid)
|
||||
ev = wpas.wait_event(["CTRL-EVENT-EAP-STARTED",
|
||||
"CTRL-EVENT-CONNECTED"], timeout=15)
|
||||
if ev is None:
|
||||
raise Exception("Roaming with the AP timed out")
|
||||
if "CTRL-EVENT-EAP-STARTED" in ev:
|
||||
raise Exception("Unexpected EAP exchange")
|
||||
pmksa1b = wpas.get_pmksa(bssid)
|
||||
if pmksa1b is None:
|
||||
raise Exception("No PMKSA cache entry found")
|
||||
if pmksa['pmkid'] != pmksa1b['pmkid']:
|
||||
raise Exception("Unexpected PMKID change for AP1")
|
||||
|
||||
wpas.dump_monitor()
|
||||
if "FAIL" in wpas.request("PMKSA_FLUSH"):
|
||||
raise Exception("PMKSA_FLUSH failed")
|
||||
if wpas.get_pmksa(bssid) is not None or wpas.get_pmksa(bssid2) is not None:
|
||||
raise Exception("PMKSA_FLUSH did not remove PMKSA entries")
|
||||
ev = wpas.wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=5)
|
||||
if ev is None:
|
||||
raise Exception("Disconnection event timed out")
|
||||
ev = wpas.wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
|
||||
if ev is None:
|
||||
raise Exception("Reconnection timed out")
|
||||
|
||||
def test_wext_wep_open_auth(dev, apdev):
|
||||
"""WEP Open System authentication"""
|
||||
wpas = get_wext_interface()
|
||||
if not wpas:
|
||||
return "skip"
|
||||
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'],
|
||||
{ "ssid": "wep-open",
|
||||
"wep_key0": '"hello"' })
|
||||
wpas.connect("wep-open", key_mgmt="NONE", wep_key0='"hello"',
|
||||
scan_freq="2412")
|
||||
hwsim_utils.test_connectivity(wpas, hapd)
|
||||
if "[WEP]" not in wpas.request("SCAN_RESULTS"):
|
||||
raise Exception("WEP flag not indicated in scan results")
|
||||
|
||||
def test_wext_wep_shared_key_auth(dev, apdev):
|
||||
"""WEP Shared Key authentication"""
|
||||
wpas = get_wext_interface()
|
||||
if not wpas:
|
||||
return "skip"
|
||||
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'],
|
||||
{ "ssid": "wep-shared-key",
|
||||
"wep_key0": '"hello12345678"',
|
||||
"auth_algs": "2" })
|
||||
wpas.connect("wep-shared-key", key_mgmt="NONE", auth_alg="SHARED",
|
||||
wep_key0='"hello12345678"', scan_freq="2412")
|
||||
hwsim_utils.test_connectivity(wpas, hapd)
|
||||
wpas.request("REMOVE_NETWORK all")
|
||||
ev = wpas.wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=5)
|
||||
if ev is None:
|
||||
raise Exception("Disconnection event timed out")
|
||||
wpas.connect("wep-shared-key", key_mgmt="NONE", auth_alg="OPEN SHARED",
|
||||
wep_key0='"hello12345678"', scan_freq="2412")
|
||||
|
||||
def test_wext_pmf(dev, apdev):
|
||||
"""WEXT driver interface with WPA2-PSK and PMF"""
|
||||
wpas = get_wext_interface()
|
||||
if not wpas:
|
||||
return "skip"
|
||||
|
||||
params = hostapd.wpa2_params(ssid="wext-wpa2-psk", passphrase="12345678")
|
||||
params["wpa_key_mgmt"] = "WPA-PSK-SHA256";
|
||||
params["ieee80211w"] = "2";
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
|
||||
wpas.connect("wext-wpa2-psk", psk="12345678", ieee80211w="1",
|
||||
key_mgmt="WPA-PSK WPA-PSK-SHA256", proto="WPA2",
|
||||
scan_freq="2412")
|
||||
hwsim_utils.test_connectivity(wpas, hapd)
|
||||
|
||||
addr = wpas.p2p_interface_addr()
|
||||
hapd.request("DEAUTHENTICATE " + addr)
|
||||
ev = wpas.wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=5)
|
||||
if ev is None:
|
||||
raise Exception("No disconnection")
|
||||
|
||||
def test_wext_scan_hidden(dev, apdev):
|
||||
"""WEXT with hidden SSID"""
|
||||
wpas = get_wext_interface()
|
||||
if not wpas:
|
||||
return "skip"
|
||||
|
||||
hostapd.add_ap(apdev[0]['ifname'], { "ssid": "test-scan",
|
||||
"ignore_broadcast_ssid": "1" })
|
||||
hostapd.add_ap(apdev[1]['ifname'], { "ssid": "test-scan2",
|
||||
"ignore_broadcast_ssid": "1" })
|
||||
|
||||
id1 = wpas.connect("test-scan", key_mgmt="NONE", scan_ssid="1",
|
||||
only_add_network=True)
|
||||
|
||||
wpas.request("SCAN scan_id=%d" % id1)
|
||||
|
||||
ev = wpas.wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout=15)
|
||||
if ev is None:
|
||||
raise Exception("Scan did not complete")
|
||||
|
||||
if "test-scan" not in wpas.request("SCAN_RESULTS"):
|
||||
raise Exception("Did not find hidden SSID in scan")
|
||||
|
||||
id = wpas.connect("test-scan2", key_mgmt="NONE", scan_ssid="1",
|
||||
only_add_network=True)
|
||||
wpas.connect_network(id, timeout=30)
|
||||
|
||||
def test_wext_rfkill(dev, apdev):
|
||||
"""WEXT and rfkill block/unblock"""
|
||||
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
|
||||
wpas.interface_add("wlan5")
|
||||
id = get_rfkill_id(wpas)
|
||||
if id is None:
|
||||
return "skip"
|
||||
wpas.interface_remove("wlan5")
|
||||
|
||||
wpas = get_wext_interface()
|
||||
if not wpas:
|
||||
return "skip"
|
||||
|
||||
hapd = hostapd.add_ap(apdev[0]['ifname'], { "ssid": "open" })
|
||||
wpas.connect("open", key_mgmt="NONE", scan_freq="2412")
|
||||
try:
|
||||
logger.info("rfkill block")
|
||||
subprocess.call(['rfkill', 'block', id])
|
||||
ev = wpas.wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=10)
|
||||
if ev is None:
|
||||
raise Exception("Missing disconnection event on rfkill block")
|
||||
|
||||
logger.info("rfkill unblock")
|
||||
subprocess.call(['rfkill', 'unblock', id])
|
||||
ev = wpas.wait_event(["CTRL-EVENT-CONNECTED"], timeout=20)
|
||||
if ev is None:
|
||||
raise Exception("Missing connection event on rfkill unblock")
|
||||
hwsim_utils.test_connectivity(wpas, hapd)
|
||||
finally:
|
||||
subprocess.call(['rfkill', 'unblock', id])
|
||||
|
Loading…
Reference in New Issue
Block a user