def test_ap_wep_to_wpa(dev, apdev): """WEP to WPA2-PSK configuration change in hostapd""" check_wep_capa(dev[0]) hapd = hostapd.add_ap(apdev[0], { "ssid": "wep-to-wpa", "wep_key0": '"hello"' }) dev[0].flush_scan_cache() dev[0].connect("wep-to-wpa", key_mgmt="NONE", wep_key0='"hello"', scan_freq="2412") hwsim_utils.test_connectivity(dev[0], hapd) dev[0].request("DISCONNECT") dev[0].wait_disconnected() hapd.disable() hapd.set("wep_key0", "") hapd.set("wpa_passphrase", "12345678") hapd.set("wpa", "2") hapd.set("wpa_key_mgmt", "WPA-PSK") hapd.set("rsn_pairwise", "CCMP") hapd.enable() dev[0].connect("wep-to-wpa", psk="12345678", scan_freq="2412") hwsim_utils.test_connectivity(dev[0], hapd)
def test_connect_cmd_wep_shared(dev, apdev): """WEP Shared key using cfg80211 connect command""" wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') wpas.interface_add("wlan5", drv_params="force_connect_cmd=1") check_wep_capa(wpas) params = { "ssid": "sta-connect-wep", "wep_key0": '"hello"', "auth_algs": "2" } hapd = hostapd.add_ap(apdev[0], params) id = wpas.connect("sta-connect-wep", key_mgmt="NONE", scan_freq="2412", auth_alg="SHARED", wep_key0='"hello"') wpas.dump_monitor() hwsim_utils.test_connectivity(wpas, hapd) wpas.request("DISCONNECT") wpas.remove_network(id) wpas.connect("sta-connect-wep", key_mgmt="NONE", scan_freq="2412", auth_alg="OPEN SHARED", wep_key0='"hello"') wpas.dump_monitor() hwsim_utils.test_connectivity(wpas, hapd) wpas.request("DISCONNECT") wpas.wait_disconnected() wpas.dump_monitor()
def test_ieee8021x_reauth_wep(dev, apdev, params): """IEEE 802.1X and EAPOL_REAUTH request with WEP""" check_wep_capa(dev[0]) logdir = params['logdir'] params = hostapd.radius_params() params["ssid"] = "ieee8021x-open" params["ieee8021x"] = "1" params["wep_key_len_broadcast"] = "13" params["wep_key_len_unicast"] = "13" hapd = hostapd.add_ap(apdev[0], params) dev[0].connect("ieee8021x-open", key_mgmt="IEEE8021X", eap="PSK", identity="*****@*****.**", password_hex="0123456789abcdef0123456789abcdef", scan_freq="2412") hwsim_utils.test_connectivity(dev[0], hapd) hapd.request("EAPOL_REAUTH " + dev[0].own_addr()) ev = dev[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout=5) if ev is None: raise Exception("EAP authentication did not start") ev = dev[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout=5) if ev is None: raise Exception("EAP authentication did not succeed") time.sleep(0.1) hwsim_utils.test_connectivity(dev[0], hapd) out = run_tshark(os.path.join(logdir, "hwsim0.pcapng"), "llc.type == 0x888e", ["eapol.type", "eap.code"]) if out is None: raise Exception("Could not find EAPOL frames in capture") num_eapol_key = 0 num_eap_req = 0 num_eap_resp = 0 for line in out.splitlines(): vals = line.split() if vals[0] == '3': num_eapol_key += 1 if vals[0] == '0' and len(vals) == 2: if vals[1] == '1': num_eap_req += 1 elif vals[1] == '2': num_eap_resp += 1 logger.info("num_eapol_key: %d" % num_eapol_key) logger.info("num_eap_req: %d" % num_eap_req) logger.info("num_eap_resp: %d" % num_eap_resp) if num_eapol_key < 4: raise Exception("Did not see four unencrypted EAPOL-Key frames") if num_eap_req < 6: raise Exception("Did not see six unencrypted EAP-Request frames") if num_eap_resp < 6: raise Exception("Did not see six unencrypted EAP-Response frames")
def test_ap_wep_tdls(dev, apdev): """WEP AP and two stations using TDLS""" check_wep_capa(dev[0]) check_wep_capa(dev[1]) hapd = hostapd.add_ap(apdev[0], {"ssid": "test-wep", "wep_key0": '"hello"'}) wlantest_setup(hapd) connect_2sta_wep(dev, hapd) setup_tdls(dev[0], dev[1], hapd) teardown_tdls(dev[0], dev[1], hapd) setup_tdls(dev[1], dev[0], hapd)
def test_ibss_wep(dev): """IBSS with WEP""" check_wep_capa(dev[0]) check_wep_capa(dev[1]) ssid = "ibss-wep" id = add_ibss(dev[0], ssid, key_mgmt="NONE", wep_key0='"hello"') connect_ibss_cmd(dev[0], id) bssid0 = wait_ibss_connection(dev[0]) id = add_ibss(dev[1], ssid, key_mgmt="NONE", wep_key0='"hello"') connect_ibss_cmd(dev[1], id) bssid1 = wait_ibss_connection(dev[1])
def test_wext_wep_open_auth(dev, apdev): """WEP Open System authentication""" wpas = get_wext_interface() check_wep_capa(wpas) hapd = hostapd.add_ap(apdev[0], { "ssid": "wep-open", "wep_key0": '"hello"' }) wpas.connect("wep-open", key_mgmt="NONE", wep_key0='"hello"', scan_freq="2412") hwsim_utils.test_connectivity(wpas, hapd) if "[WEP]" not in wpas.request("SCAN_RESULTS"): raise Exception("WEP flag not indicated in scan results")
def test_ieee8021x_eapol_key(dev, apdev): """IEEE 802.1X connection and EAPOL-Key protocol tests""" check_wep_capa(dev[0]) skip_with_fips(dev[0]) params = hostapd.radius_params() params["ssid"] = "ieee8021x-wep" params["ieee8021x"] = "1" params["wep_key_len_broadcast"] = "5" params["wep_key_len_unicast"] = "5" hapd = hostapd.add_ap(apdev[0], params) bssid = apdev[0]['bssid'] dev[0].connect("ieee8021x-wep", key_mgmt="IEEE8021X", eap="VENDOR-TEST", identity="vendor-test", scan_freq="2412") # Hardcoded MSK from VENDOR-TEST encrkey = "1111111111111111111111111111111111111111111111111111111111111111" signkey = "2222222222222222222222222222222222222222222222222222222222222222" # EAPOL-Key replay counter does not increase send_eapol_key( dev[0], bssid, signkey, "02030031" + "010005" + "0000000000000000" + "056c22d109f29d4d9fb9b9ccbad33283" + "02", "1c636a30a4") # EAPOL-Key too large Key Length field value send_eapol_key( dev[0], bssid, signkey, "02030031" + "010021" + "ffffffffffffffff" + "056c22d109f29d4d9fb9b9ccbad33283" + "02", "1c636a30a4") # EAPOL-Key too much key data send_eapol_key( dev[0], bssid, signkey, "0203004d" + "010005" + "ffffffffffffffff" + "056c22d109f29d4d9fb9b9ccbad33283" + "02", 33 * "ff") # EAPOL-Key too little key data send_eapol_key( dev[0], bssid, signkey, "02030030" + "010005" + "ffffffffffffffff" + "056c22d109f29d4d9fb9b9ccbad33283" + "02", "1c636a30") # EAPOL-Key with no key data and too long WEP key length send_eapol_key( dev[0], bssid, signkey, "0203002c" + "010020" + "ffffffffffffffff" + "056c22d109f29d4d9fb9b9ccbad33283" + "02", "")
def run_static_wep(dev, apdev, key): check_wep_capa(dev[0]) params = hostapd.radius_params() params["ssid"] = "ieee8021x-wep" params["ieee8021x"] = "1" params["wep_key0"] = key hapd = hostapd.add_ap(apdev[0], params) dev[0].connect("ieee8021x-wep", key_mgmt="IEEE8021X", eap="PSK", identity="*****@*****.**", password_hex="0123456789abcdef0123456789abcdef", wep_key0=key, eapol_flags="0", scan_freq="2412") hwsim_utils.test_connectivity(dev[0], hapd)
def test_connect_cmd_wep(dev, apdev): """WEP Open System using cfg80211 connect command""" wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5') wpas.interface_add("wlan5", drv_params="force_connect_cmd=1") check_wep_capa(wpas) params = {"ssid": "sta-connect-wep", "wep_key0": '"hello"'} hapd = hostapd.add_ap(apdev[0], params) wpas.connect("sta-connect-wep", key_mgmt="NONE", scan_freq="2412", wep_key0='"hello"') wpas.dump_monitor() hwsim_utils.test_connectivity(wpas, hapd) wpas.request("DISCONNECT") wpas.wait_disconnected() wpas.dump_monitor()
def test_ieee8021x_wep_index_workaround(dev, apdev): """IEEE 802.1X and EAPOL-Key index workaround""" check_wep_capa(dev[0]) skip_with_fips(dev[0]) params = hostapd.radius_params() params["ssid"] = "ieee8021x-wep" params["ieee8021x"] = "1" params["wep_key_len_broadcast"] = "5" params["eapol_key_index_workaround"] = "1" hapd = hostapd.add_ap(apdev[0], params) dev[0].connect("ieee8021x-wep", key_mgmt="IEEE8021X", eapol_flags="1", eap="PSK", identity="*****@*****.**", password_hex="0123456789abcdef0123456789abcdef", scan_freq="2412")
def test_ieee8021x_and_wpa_enabled(dev, apdev): """IEEE 802.1X connection using dynamic WEP104 when WPA enabled""" check_wep_capa(dev[0]) skip_with_fips(dev[0]) params = hostapd.radius_params() params["ssid"] = "ieee8021x-wep" params["ieee8021x"] = "1" params["wep_key_len_broadcast"] = "13" params["wep_key_len_unicast"] = "13" hapd = hostapd.add_ap(apdev[0], params) dev[0].connect("ieee8021x-wep", key_mgmt="IEEE8021X WPA-EAP", eap="PSK", identity="*****@*****.**", password_hex="0123456789abcdef0123456789abcdef", scan_freq="2412") hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_wds_sta_wep(dev, apdev): """WEP AP with STA using 4addr mode""" check_wep_capa(dev[0]) ssid = "test-wds-wep" params = {} params['ssid'] = ssid params["ieee80211n"] = "0" params['wep_key0'] = '"hello"' params['wds_sta'] = "1" params['wds_bridge'] = "wds-br0" hapd = hostapd.add_ap(apdev[0], params) try: dev[0].cmd_execute(['brctl', 'addbr', 'wds-br0']) dev[0].cmd_execute(['brctl', 'setfd', 'wds-br0', '0']) dev[0].cmd_execute(['ip', 'link', 'set', 'dev', 'wds-br0', 'up']) dev[0].cmd_execute(['iw', dev[0].ifname, 'set', '4addr', 'on']) dev[0].connect(ssid, key_mgmt="NONE", wep_key0='"hello"', scan_freq="2412") hwsim_utils.test_connectivity_iface(dev[0], hapd, "wds-br0", max_tries=15) dev[0].request("REATTACH") dev[0].wait_connected() hwsim_utils.test_connectivity_iface(dev[0], hapd, "wds-br0", max_tries=15) dev[0].request("SET reassoc_same_bss_optim 1") dev[0].request("REATTACH") dev[0].wait_connected() hwsim_utils.test_connectivity_iface(dev[0], hapd, "wds-br0", max_tries=5, timeout=1) finally: dev[0].request("SET reassoc_same_bss_optim 0") dev[0].cmd_execute(['iw', dev[0].ifname, 'set', '4addr', 'off']) dev[0].cmd_execute(['ip', 'link', 'set', 'dev', 'wds-br0', 'down']) dev[0].cmd_execute(['brctl', 'delbr', 'wds-br0'])
def test_wpas_ap_wep(dev): """wpa_supplicant AP mode - WEP""" check_wep_capa(dev[0]) id = dev[0].add_network() dev[0].set_network(id, "mode", "2") dev[0].set_network_quoted(id, "ssid", "wpas-ap-wep") dev[0].set_network(id, "key_mgmt", "NONE") dev[0].set_network(id, "frequency", "2412") dev[0].set_network(id, "scan_freq", "2412") dev[0].set_network_quoted(id, "wep_key0", "hello") dev[0].select_network(id) wait_ap_ready(dev[0]) dev[1].connect("wpas-ap-wep", key_mgmt="NONE", wep_key0='"hello"', scan_freq="2412") hwsim_utils.test_connectivity(dev[0], dev[1]) dev[1].request("DISCONNECT")
def test_wext_wep_shared_key_auth(dev, apdev): """WEP Shared Key authentication""" wpas = get_wext_interface() check_wep_capa(wpas) hapd = hostapd.add_ap(apdev[0], { "ssid": "wep-shared-key", "wep_key0": '"hello12345678"', "auth_algs": "2" }) wpas.connect("wep-shared-key", key_mgmt="NONE", auth_alg="SHARED", wep_key0='"hello12345678"', scan_freq="2412") hwsim_utils.test_connectivity(wpas, hapd) wpas.request("REMOVE_NETWORK all") wpas.wait_disconnected(timeout=5) wpas.connect("wep-shared-key", key_mgmt="NONE", auth_alg="OPEN SHARED", wep_key0='"hello12345678"', scan_freq="2412")