Jouni Malinen [Tue, 27 Jan 2015 11:26:01 +0000 (13:26 +0200)]
OpenSSL: Replace internal HMAC-MD5 implementation
Use OpenSSL HMAC_* functions to implement HMAC-MD5 instead of depending
on the src/crypto/md5.c implementation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 26 Jan 2015 15:40:22 +0000 (17:40 +0200)]
Ignore pmf=1 default if driver does not support PMF
Connection with a PMF enabled AP will fail if we try to negotiate PMF
while the local driver does not support this. Since pmf=1 does not
require PMF for a successful connection, it can be ignored in such a
case to avoid connectivity issues with invalid configuration. This makes
it somewhat easier to allow upper layer programs to use pmf=1 default
regardless of driver capabilities.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 26 Jan 2015 23:50:02 +0000 (01:50 +0200)]
nl80211: Fix build with libnl 1.1
Commit
630b3230c86abf1976a39db596c51540e57e31c8 ('nl80211: Increase
netlink receive buffer size') added unconditional use of
nl_socket_set_buffer_size() which was not included in libnl 1.1. Fix use
of that old version by making this conditional on CONFIG_LIBNL20.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 26 Jan 2015 00:25:22 +0000 (02:25 +0200)]
Update copyright notices for the new year 2015
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 25 Jan 2015 11:16:06 +0000 (13:16 +0200)]
tests: Suite B 192-bit profile
This adds a Suite B test case for 192-bit level.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 24 Jan 2015 20:24:10 +0000 (22:24 +0200)]
tests: Complete Suite B 128-bit coverage
Enable BIP-GMAC-128 and enforce Suite B profile for TLS.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 26 Jan 2015 00:07:32 +0000 (02:07 +0200)]
tests: Fix ft_psk_key_lifetime_in_memory with new PTK derivation debug
PTK is not printed out anymore as a single entry, so fetch KCK, KEK, and
TK separately.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 26 Jan 2015 00:00:18 +0000 (02:00 +0200)]
Add Suite B AKMs to key_mgmt capability list
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 25 Jan 2015 21:32:01 +0000 (23:32 +0200)]
Add Suite B 192-bit AKM
WPA-EAP-SUITE-B-192 can now be used to select 192-bit level Suite B into
use as the key management method.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 25 Jan 2015 22:37:18 +0000 (00:37 +0200)]
Add HMAC-SHA384
For now, this is only implemented with OpenSSL.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 25 Jan 2015 14:49:18 +0000 (16:49 +0200)]
Preparations for variable length KCK and KEK
This modifies struct wpa_ptk to allow the length of KCK and KEK to be
stored. This is needed to allow longer keys to be used, e.g., with
Suite B 192-bit level.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 23 Jan 2015 13:58:51 +0000 (15:58 +0200)]
tests: Group management frame cipher suites
This extends testing coverage of PMF group management cipher suites to
include all the cases supported by the driver (existing BIP =
AES-128-CMAC and the new BIP-GMAC-128, BIP-GMAC-256, BIP-CMAC-256).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sat, 24 Jan 2015 10:21:49 +0000 (12:21 +0200)]
wlantest: Extend BIP validation to support GMAC-128 and GMAC-256
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 24 Jan 2015 10:09:04 +0000 (12:09 +0200)]
wlantest: New mgmt_group_cipher values for BSS info and debug log
This adds BIP-GMAC-128, BIP-GMAC-256, and BIP-CMAC-256 to info_bss
command and debug log.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 23 Jan 2015 15:24:24 +0000 (17:24 +0200)]
wlantest: Extend BIP support to cover BIP-CMAC-256
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 23 Jan 2015 14:59:33 +0000 (16:59 +0200)]
Extend AES-CMAC routines to support 256-bit keys
omac1_aes_256() and omac1_aes_vector() can now be used to perform
256-bit CMAC operations similarly to the previously supported 128-bit
cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 23 Jan 2015 14:47:53 +0000 (16:47 +0200)]
nl80211: Fix default group key management index configuration
The correct nl80211 flag for group key management cipher was set only
for BIP (AES-CMAC-128). The same flag needs to be used with the newer
ciphers BIP-CMAC-256, BIP-GMAC-128, and BIP-GMAC-256.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 23 Jan 2015 13:57:05 +0000 (15:57 +0200)]
Show supported group_mgmt capabilities
This extends GET_CAPABILITY command to allow the supported group
management frame cipher suites to be listed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Ben Greear [Mon, 12 Jan 2015 22:15:48 +0000 (14:15 -0800)]
Interworking: More debug messages
And convert some wpa_printf to wpa_msg.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Ben Greear [Mon, 12 Jan 2015 22:15:47 +0000 (14:15 -0800)]
Interworking: Add logging to track nai_realm_find_eap failures
There are lots of reasons we can fail to match an EAP credential, so add
logging to help determine why it is happening in various cases.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Jouni Malinen [Sat, 24 Jan 2015 17:36:55 +0000 (19:36 +0200)]
Interworking: Remove unnecessary NULL check
nai_realm_find_eap() is called only in cases where the cred pointer is
not NULL.
Signed-off-by: Jouni Malinen <j@w1.fi>
Ben Greear [Mon, 12 Jan 2015 22:15:45 +0000 (14:15 -0800)]
hostapd: Debug messages for dodgy RADIUS servers
These were helpful when tracking down why hostapd did not work
properly with a RADIUS server.
Signed-hostap: Ben Greear <greearb@candelatech.com>
Adrian Nowicki [Thu, 15 Jan 2015 16:53:38 +0000 (17:53 +0100)]
wpa_gui: Sort frequency and signal numerically in the scan results dialog
Signal strength was sorted lexically rather than numerically, which
put "-100 dBm" before "-50 dBm" if sorted in descending order.
This change fixes that. It also treats frequency in the same
manner, preparing it for the IEEE 802.11ah.
Signed-off-by: Adrian Nowicki <adinowicki@gmail.com>
Jouni Malinen [Thu, 22 Jan 2015 22:52:56 +0000 (00:52 +0200)]
tests: Make ap_wps_er_pbc_overlap more robust
Reorder scanning in a way that allows the ER behavior to be more
predictable. The first Probe Request report is for a previously received
frame on the AP and this new sequence avoids leaving either of the PBC
test STAs to be that one.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 22 Jan 2015 20:38:38 +0000 (22:38 +0200)]
tests: Make active scans more robust
This makes testing under very heavy load or under extensive kernel
debugging options more robust by allowing number of test cases to scan
multiple times before giving up on active scans. The main reason for
many of the related test failures is in Probe Response frame from
hostapd not getting out quickly enough especially when multiple BSSes
are operating.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 22 Jan 2015 18:53:03 +0000 (20:53 +0200)]
tests: P2P group formation using PBC multiple times in a row
This verifies that PBC session overlap detection does not get indicated
when forming the group with the same peer multiple times.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 22 Jan 2015 18:50:01 +0000 (20:50 +0200)]
Add passive_scan configuration parameter
This new wpa_supplicant configuration parameter can be used to force
passive scanning to be used for most scanning cases at the cost of
increased latency and less reliably scans. This may be of use for both
testing purposes and somewhat increased privacy due to no Probe Request
frames with fixed MAC address being sent out.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 22 Jan 2015 13:55:36 +0000 (15:55 +0200)]
tests: P2P_SERV_DISC_CANCEL_REQ during query
This is a regression test case for a specific sequence that could result
in wpa_supplicant NULL dereference when a SD request is cancelled before
the SD Request TX status callback has been processed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Ola Olsson [Tue, 20 Jan 2015 09:45:52 +0000 (10:45 +0100)]
P2P: Fix NULL pointer dereference with SD query cancellation
A NULL pointer crash was caused by commit
7139cf4a4f1fecfd03d0daff9bb33adb80cc3530 ('P2P: Decrement
sd_pending_bcast_queries when sd returns'). p2p->sd_query can be cleared
to NULL whenever a query is cancelled, even in case the request had
already been transmitted. As such, need to be prepared for the query not
remaining when processing TX status callback for the frame.
Crashes on 2ee98 in following code
2ee90: f7fc f8b6 bl 2b000 <p2p_dbg>
2ee94: e02c b.n 2eef0 <p2p_send_action_cb+0x348>
2ee96: 6c25 ldr r5, [r4, #64] ; 0x40
2ee98: 68ee ldr r6, [r5, #12]
2ee9a: b166 cbz r6, 2eeb6 <p2p_send_action_cb+0x30e>
Signed-off-by: Ola Olsson <ola.olsson@sonymobile.com>
Jouni Malinen [Thu, 22 Jan 2015 11:51:15 +0000 (13:51 +0200)]
nl80211: Increase netlink receive buffer size
libnl uses a pretty small buffer (32 kB that gets converted to 64 kB) by
default. It is possible to hit that limit in some cases where operations
are blocked, e.g., with a burst of Deauthentication frames to hostapd
and STA entry deletion. Try to increase the buffer to make this less
likely to occur.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 19 Jan 2015 23:41:48 +0000 (01:41 +0200)]
tests: ANQP-QUERY-DONE event
Signed-off-by: Jouni Malinen <j@w1.fi>
ASHUTOSH NARAYAN [Mon, 19 Jan 2015 01:45:02 +0000 (20:45 -0500)]
Interworking: Notify the ANQP parsing status
The ANQP verification/parsing is done only after the GAS_DONE indication
is sent over the control interface. This means that in case the ANQP
parsing fails there is no indication to the upper layers. Add an
ANQP-QUERY-DONE event that reports the status of the ANQP parsing.
Signed-off-by: ASHUTOSH NARAYAN <ashutoshx.narayan@intel.com>
ASHUTOSH NARAYAN [Mon, 19 Jan 2015 01:45:01 +0000 (20:45 -0500)]
HS20: Provide appropriate permission to the OSU related files
The icon files and the osu-providers.txt that are generated may not have
proper permission for external programs to access. Set the access
permissions to the same as the permissions for osu_dir.
Signed-off-by: ASHUTOSH NARAYAN <ashutoshx.narayan@intel.com>
ASHUTOSH NARAYAN [Mon, 19 Jan 2015 01:45:00 +0000 (20:45 -0500)]
HS20: Fix TrustRoot path for PolicyUpdate node in PPS MO
Incorrect TrustRoot path "PolicyUpdate/TrustRoot" was used. The
TrustRoot path is required to be "Policy/PolicyUpdate/TrustRoot" as
defined in Section 9.1 of Hotspot 2.0 (Release 2) specification. Fix the
path to "Policy/PolicyUpdate/TrustRoot".
Signed-off-by: ASHUTOSH NARAYAN <ashutoshx.narayan@intel.com>
ASHUTOSH NARAYAN [Mon, 19 Jan 2015 01:44:59 +0000 (20:44 -0500)]
HS20: Return result of cmd_sub_rem in hs20-osu-client
Previously, both failure and success cases used same return value 0.
Indicate failures differently to make hs20-osu-client return value more
useful for subscription remediation cases.
Signed-off-by: ASHUTOSH NARAYAN <ashutoshx.narayan@intel.com>
Haim Dreyfuss [Mon, 19 Jan 2015 01:44:39 +0000 (20:44 -0500)]
WNM: Fix possible memory leak by free buf
Buf is allocated and may not be freed on an error path.
Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
Ben [Mon, 19 Jan 2015 01:44:38 +0000 (20:44 -0500)]
EAP: Fix possible memory leak in eap_ttls_process_decrypted()
In case eap_peer_tls_encrypt() fails in eap_ttls_process_decrypted(),
free resp memory.
Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
Haim Dreyfuss [Mon, 19 Jan 2015 01:44:37 +0000 (20:44 -0500)]
eap_server: Avoid NULL pointer dereference in eap_fast_encrypt_phase2()
If TLS encryption fails, encr may be NULL and that would have resulted
in NULL pointer dereference..
Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
Avraham Stern [Mon, 19 Jan 2015 01:44:36 +0000 (20:44 -0500)]
hostapd: Remove unused variable from hostapd_get_hw_features
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Ilan Peer [Mon, 19 Jan 2015 01:44:35 +0000 (20:44 -0500)]
Fix memory leak in wpa_supplicant global bgscan configuration
Global bgscan configuration parameter was not freed when config was
freed.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Eytan Lifshitz [Mon, 19 Jan 2015 04:57:30 +0000 (23:57 -0500)]
wpa_cli: Fix NULL dereference on printf string argument
In wpa_cli_cmd_interface(), try_connection(), and main(), ctrl_ifname
may be NULL and could be dereferenced depending on the printf()
implementation.
Signed-off-by: Eytan Lifshitz <eytan.lifshitz@intel.com>
Eytan Lifshitz [Mon, 19 Jan 2015 04:56:43 +0000 (23:56 -0500)]
Avoid NULL string in printf on EAP method names in authenticator
In ieee802_1x_decapsulate_radius(), eap_server_get_name() may return
NULL, and it could be dereferenced depending on printf implementation.
Change it to return "unknown" instead for the case of no matching EAP
method found. This makes it easier for the callers to simply print this
in logs (which is the only use for this function).
Signed-off-by: Eytan Lifshitz <eytan.lifshitz@intel.com>
Ilan Peer [Mon, 19 Jan 2015 01:44:12 +0000 (20:44 -0500)]
P2P: Stop p2p_listen/find on wpas_p2p_invite
Stop any ongoing P2P listen/find flow before starting invitation flow.
This was partially handled in p2p_invite() that called p2p_find(), but
this did not cleanly handle cases such as long_listen.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Luciano Coelho [Mon, 19 Jan 2015 01:44:11 +0000 (20:44 -0500)]
nl80211: Fix reading of the extended capabilities mask
We were copying the NL80211_ATTR_EXT_CAPA attribute into the
extended_capa_mask element, which is incorrect. Use
NL80211_ATTR_EXT_CAPA_MASK instead.
Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
Ilan Peer [Mon, 19 Jan 2015 01:44:10 +0000 (20:44 -0500)]
P2P: Use the correct wpa_s interface to handle P2P state flush
A control interface call to flush the current state used the
current wpa_s to clear the P2P state even though it might not
be the interface controlling the P2P state.
Fix it by using the correct interface to flush the P2P state.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Eyal Shapira [Mon, 19 Jan 2015 01:44:09 +0000 (20:44 -0500)]
AP: Enable HT Tx STBC for AP/GO if supported by driver
Publish support for Tx STBC in the HT capabilities of a GO and AP
controlled by wpa_supplicant in case the hardware supports it.
Signed-off-by: Eyal Shapira <eyalx.shapira@intel.com>
Ben Rosenfeld [Mon, 19 Jan 2015 01:44:08 +0000 (20:44 -0500)]
Move external_scan_running to wpa_radio
external_scan_running should be common to all interfaces that share a
radio. This fixes a case where external_scan_running was set on a single
interface, but did not block scan on other interfaces.
Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
Ben [Mon, 19 Jan 2015 01:44:07 +0000 (20:44 -0500)]
Clear reattach flag in fast associate flow
Clear the reattach flags, in case a connection request did not trigger a
scan. This needs to be done to avoid leaving the reattach flag set for
the next scan operation which may not have anything to do with the
specific request that could have been optimized using the single-channel
single-SSID scan.
Signed-off-by: Ben <ben.rosenfeld@intel.com>
David Spinadel [Mon, 19 Jan 2015 01:44:06 +0000 (20:44 -0500)]
NFC: Redirect NFC commands on global control interface
Redirect NFC commands from global control interface to P2P device
interface.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Jouni Malinen [Mon, 19 Jan 2015 23:57:20 +0000 (01:57 +0200)]
tests: P2P NFC invitiation with driver using cfg80211 P2P Device
Signed-off-by: Jouni Malinen <j@w1.fi>
David Spinadel [Mon, 19 Jan 2015 01:44:05 +0000 (20:44 -0500)]
P2P: Fix P2P invitation with NFC
Use interface's own NFC configuration instead of parent's one
to support a P2P device dedicated interface.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Matti Gottlieb [Mon, 19 Jan 2015 01:44:04 +0000 (20:44 -0500)]
WNM: Fix the length of WNM_BSS_QUERY control interface command
The length should be 14 and not 10.
The current situation causes failure during parsing of the command.
Signed-off-by: Matti Gottlieb <matti.gottlieb@intel.com>
Jouni Malinen [Mon, 19 Jan 2015 18:12:38 +0000 (20:12 +0200)]
tests: Error handling for scan trigger failure cases
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 19 Jan 2015 18:10:00 +0000 (20:10 +0200)]
Retry scan-for-connect if driver trigger fails
This restores some of the pre-radio work behavior for scanning by
retrying scan trigger if the driver rejects it (most likely returning
EBUSY in case of nl80211-drivers). Retry is indicated in the
CTRL-EVENT-SCAN-FAILED event with "retry=1".
For manual scans (e.g., triggered through "SCAN" control interface
command), no additional retries are performed. In other words, if upper
layers want to retry, they can do so based on the CTRL-EVENT-SCAN-FAILED
event.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 19 Jan 2015 17:34:00 +0000 (19:34 +0200)]
Add a test framework for various wpa_supplicant failure cases
For CONFIG_TESTING_OPTIONS=y builds, add a new test parameter than can
be used to trigger various error cases within wpa_supplicant operations
to make it easier to test error path processing. "SET test_failure
<val>" is used to set which operation fails. For now, 0 = no failures
and 1 = scan trigger fails with EBUSY. More operations can be added in
the future to extend coverage.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 19 Jan 2015 16:39:13 +0000 (18:39 +0200)]
tests: WPS registrar learning configuration from WPA+WPA2 AP
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 19 Jan 2015 16:35:59 +0000 (18:35 +0200)]
WPS: Re-fix an interoperability issue with mixed mode and AP Settings
Commit
ce7b56afab8e6065e886b9471fa8071c8d2bd66b ('WPS: Fix an
interoperability issue with mixed mode and AP Settings') added code to
filter M7 Authentication/Encryption Type attributes into a single bit
value in mixed mode (WPA+WPA2) cases to work around issues with Windows
7. This workaround was lost in commit
d7a15d5953beb47964526aa17b4dc2e9b2985fc1 ('WPS: Indicate current AP
settings in M7 in unconfigurated state') that fixed unconfigured state
values in AP Settings, but did not take into account the earlier
workaround for mixed mode.
Re-introduce filtering of Authentication/Encryption Type attributes for
M7 based on the current AP configuration. In other words, merge those
two earlier commits together to include both the earlier workaround the
newer fix.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Adrien Decostre [Mon, 12 Jan 2015 07:57:17 +0000 (08:57 +0100)]
ACS: Allow subset of channels to be configured
Add the possibility to define a subset of channels used by the ACS
engine when not operating on DFS channels.
Signed-off-by: Adrien Decostre <ad.decostre@gmail.com>
Janusz Dziedzic [Tue, 13 Jan 2015 08:55:52 +0000 (09:55 +0100)]
nl80211: Allow HT/VHT to be disabled for IBSS
Allow HT/VHT overrides to be used for IBSS.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Masashi Honma [Fri, 16 Jan 2015 09:57:30 +0000 (18:57 +0900)]
mesh: Return negative value on join failed
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Fri, 16 Jan 2015 09:29:17 +0000 (18:29 +0900)]
mesh: Make inactivity timer configurable
Current mesh code uses ap_max_inactivity as inactivity timer. This patch
makes it configurable.
There is another mesh inactivity timer in mac80211. The timer works even
if user_mpm=1. So this patch sets the max value to the timer for
workaround.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Fri, 16 Jan 2015 11:19:23 +0000 (20:19 +0900)]
AP: Expire STA without entry in kernel
If the inactivity check returns that there is no entry remaining for the
STA in the kernel, drop the STA in hostapd as well.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Fri, 16 Jan 2015 11:00:57 +0000 (20:00 +0900)]
AP: Remove redundant condition for STA expiration
This condition is always true because of surrounding if.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Jouni Malinen [Sun, 18 Jan 2015 23:35:00 +0000 (01:35 +0200)]
tests: Increase hostapd out-of-memory loop coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 18 Jan 2015 23:34:07 +0000 (01:34 +0200)]
Fix RADIUS client with out-of-memory and missing shared secret
It was possible for an out-of-memory code path to trigger NULL pointer
dereference when preparing a RADIUS accounting report.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 18 Jan 2015 23:11:36 +0000 (01:11 +0200)]
tests: WPA + WEP configuration getting rejected
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 18 Jan 2015 16:06:47 +0000 (18:06 +0200)]
tests: Add step-by-step guide for setting up test framework
This set of notes provides information on how virtual guess OS can be
used to run the mac80211_hwsim test cases under any host OS. The
specific example here uses Ubuntu 14.04.1 server as the starting point
and lists the additional packages that need to be installed and commands
that can be used to fetch and build the test programs.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 18 Jan 2015 15:13:55 +0000 (17:13 +0200)]
tests: Close wlan5 control interface monitor more explicitly
There were couple of common cases where the control interface for the
dynamic wpa_supplicant instance could have been left in attached state
until Python ends up cleaning up the instance. This could result in
issues if many monitor interface events were queued for that attached
socket. Make this less likely to cause issues by explicitly detaching
and closing control interfaces before moving to the next test case.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 18 Jan 2015 14:23:43 +0000 (16:23 +0200)]
Print in debug log whether attached monitor is for global interface
It is easier to debug issues related to the wpa_supplicant control
interfaces being left behind in attached state when the debug log file
can be used to determine whether a specific monitor socket was a global
or per-interface one.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 18 Jan 2015 13:58:05 +0000 (15:58 +0200)]
tests: Make WNM Sleep Mode tests more robust
It was possible for the Action frame used for entring WNM Sleep Mode to
get dropped on the AP side due to it arriving prior to having processed
EAPOL-Key message 4/4 due to a race condition between Data and
Management frame processing paths. Avoid this by waiting for
AP-STA-CONNECTED event from hostapd prior to trying to enter WNM Sleep
Mode. In addition, make the check for the STA flag change more robust by
allowing the wait to be a bit longer with a loop that terminates as soon
as the flag has changed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 18 Jan 2015 13:47:56 +0000 (15:47 +0200)]
tests: Make PMKSA caching tests more robust
When the STA is forced to disconnect immediately after completion of
4-way handshake, there is a race condition on the AP side between the
reception of EAPOL-Key msg 4/4 and the following Deauthentication frame.
It is possible for the deauthentication notification to be processed
first since that message uses different path from kernel to user space.
If hostapd does not receive EAPOL-Key msg 4/4 prior to deauthentication,
no PMKSA cache entry is added. This race condition was making the test
cases expecting PMKSA caching to work to fail every now and then. Avoid
this issue by waiting for AP-STA-CONNECTED event from hostapd. This
makes sure the PMKSA cache entry gets added on the AP side.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 18 Jan 2015 10:55:49 +0000 (12:55 +0200)]
tests: Add some more time for olbc_ht update in olbc_5ghz
It looks like this test case is failing every now and then, so add some
more time for the olbc_ht value to get updated before reporting a
failure.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 17:39:23 +0000 (19:39 +0200)]
tests: Import gobject in a way that allows failures
It looks like the gobject module does not get installed by default for
Python at least on Ubuntu server, so modify the D-Bus test case files to
import this in a way that allows other test cases to be run even without
gobject module being installed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 16:19:45 +0000 (18:19 +0200)]
tests: Make ap_anqp_sharing more robust
This test case uses get_bss() with a BSSID to find a BSS entry. That can
result in failures if there are multiple BSS entries in wpa_supplicant
BSS table for the same BSSID, e.g., due to an earlier hidden SSID test
case. Explicitly clear the cfg80211 and wpa_supplicant scan caches at
the beginning of this test case to make it less likely for earlier test
cases to trigger a failure here.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 16:09:40 +0000 (18:09 +0200)]
tests: Make ap_mixed_security more robust
This test case uses get_bss() with a BSSID to find a BSS entry. That can
result in failures if there are multiple BSS entries in wpa_supplicant
BSS table for the same BSSID, e.g., due to an earlier hidden SSID test
case. Explicitly clear the cfg80211 and wpa_supplicant scan caches at
the beginning of this test case to make it less likely for earlier test
cases to trigger a failure here.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 15:49:52 +0000 (17:49 +0200)]
tests: Hotspot 2.0 ANQP fetch with hidden SSID BSS entry
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 15:47:32 +0000 (17:47 +0200)]
HS 2.0: Try to use same BSS entry for storing GAS results
Commit
17b8995cf5813d7c027cd7a6884700e791d72392 ('Interworking: Try to
use same BSS entry for storing GAS results') added a mechanism to try to
pair GAS request and response to a single BSS entry to cover cases where
multiple BSS entries may exists for the same BSSID. However, that commit
did not cover the Hotspot 2.0 ANQP elements. Extend this mechanism to
all ANQP elements. This can help in cases where information in the
Hotspot 2.0 specific ANQP elements got lost if a hidden SSID or some
other reason of duplicated BSS entries was present while doing ANQP
fetches.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 15:19:32 +0000 (17:19 +0200)]
tests: Write BSS table to debug log in ap_mixed_security
This makes it easier to debug test failures in BSS entry flags field.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 15:15:42 +0000 (17:15 +0200)]
tests: Mark proxyarp_open as skip if traffic test fails
This step requires kernel changes that are not yet in upstream Linux
tree, so mark this as skip rather than failure for now.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 15:09:46 +0000 (17:09 +0200)]
tests: Clean up ap_wpa2_eap_aka_ext
Use a loop over set of test values instead of duplicated functionality
implemented separately for each case.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 14:59:40 +0000 (16:59 +0200)]
tests: Make ap_wpa2_eap_aka_ext faster and more robust
Use SELECT_NETWORK instead of REASSOCIATE for the first reconnection to
avoid unnecessary long wait for temporary network disabling to be
cleared. In addition, wait for the disconnect event after issuing the
DISCONNECT commands to avoid issues due to any pending events during the
immediately following reconnection attempt.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 14:03:43 +0000 (16:03 +0200)]
tests: ap_hs20_fetch_osu: Print osu-providers.txt in debug log
This makes it easier to figure out what happened if the test case fails
due to not finding all the needed OSU-PROVIDER information.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 13:39:48 +0000 (15:39 +0200)]
Make wpa_supplicant FLUSH command more likely to clear all BSS entries
Move the wpa_bss_flush() call to the end of the function to allow any
pending user of a BSS entry to be cleared before removing the unused
entries. There were number of cases where BSS entries could have been
left in the list and this resulted in some hwsim test failures.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 11:54:16 +0000 (13:54 +0200)]
Write reason for scan only_new_results into debug log
This can be helpful in figuring out why the driver was requested to
flush its scan results prior to starting a new scan.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 11:05:34 +0000 (13:05 +0200)]
tests: Skip some scan tests if iw does not support scan flush
The external cfg80211 scan flushing operation requires a relatively
recent iw version and not all distributions include that. Avoid false
failure reports by marking these test cases skipped if the iw command
fails.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 11:04:11 +0000 (13:04 +0200)]
tests: Fix test skipping for some DFS/VHT cases
Due to a typo and missing hapd variable initialization, some of the DFS
and VHT test cases were marked as failures even though they were
supposed to be marked as skipped in case the kernel and wireless-regdb
did not have sufficient support for these modes.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 10:39:00 +0000 (12:39 +0200)]
tests: Fix dbus_probe_req_reporting_oom if already registered
If dbus_probe_req_reporting was run before dbus_probe_req_reporting_oom,
the SubscribeProbeReq() method succeeded since the memory allocation
that was supposed to fail in the OOM test case was not even tried.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 10:12:33 +0000 (12:12 +0200)]
tests: EAP-TNC fragmentation
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 10:02:11 +0000 (12:02 +0200)]
tests: EAP-MD5 server error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 09:25:46 +0000 (11:25 +0200)]
tests: Add optional -1 argument to parallel-vm.py
This can be used to skip rerunning of failed test cases
(e.g., with "./parallel-vm.py 1 -1 <test case>").
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 17 Jan 2015 00:24:00 +0000 (02:24 +0200)]
eapol_test: Fix cert_cb() function arguments
altsubject[] was added here, but the callback implementation in
eapol_test.c was forgotten from the commit.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 16 Jan 2015 23:48:15 +0000 (01:48 +0200)]
tests: Interworking auto_interworking=1 with mismatching BSS
This is a regression test case to detect a failure that resulted in an
up to five second busy loop through wpa_supplicant_fast_associate() when
interworking_find_network_match() and wpa_supplicant_select_bss() get
different matching results.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 16 Jan 2015 23:43:00 +0000 (01:43 +0200)]
Interworking: Avoid busy loop in scan result mismatch corner cases
It was possible for interworking_find_network_match() to find a possible
BSS match in a case where more thorough checks in
wpa_supplicant_select_bss() reject network. This itself is fine, in
general, but when combined with wpa_supplicant_fast_associate()
optimization and auto_interworking=1, this resulted in a busy loop of up
to five seconds and a possible stack overflow due to recursion in that
loop.
Fix this by limiting the Interworking wpa_supplicant_fast_associate()
call to be used only once per scan iteration, so that new scan
operations can be completed before going through the scan results again.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 16 Jan 2015 23:39:34 +0000 (01:39 +0200)]
Interworking: Start ANQP fetch from eloop callback
Reduce maximum stack use by starting next ANQP fetch operation from an
eloop callback rather than calling interworking_next_anqp_fetch()
directly from interworking_start_fetch_anqp(). This avoids issues that
could potentially make the process run out of stack if long loops of
ANQP operations are executed in cases where automatic Interworking
network selection is used and scan results do not have a full match for
a network.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 16 Jan 2015 14:16:28 +0000 (16:16 +0200)]
tests: Disconnect-Request with no session identification attributes
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 16 Jan 2015 14:14:54 +0000 (16:14 +0200)]
tests: Use a helper function to send and check RADIUS DAS messages
No need to have this same sequence of steps duplicated in multiple
places.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 16 Jan 2015 13:56:38 +0000 (15:56 +0200)]
tests: RADIUS DAS and Disconnect-Request removing PMKSA cache entry
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 16 Jan 2015 13:55:39 +0000 (15:55 +0200)]
RADIUS DAS: Allow PMKSA cache entry to be removed without association
This extends Disconnect-Request processing to check against PMKSA cache
entries if no active session (STA association) match the request.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 16 Jan 2015 11:10:48 +0000 (13:10 +0200)]
tests: RADIUS DAS with Acct-Multi-Session-Id
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 16 Jan 2015 11:09:44 +0000 (13:09 +0200)]
RADIUS DAS: Support Acct-Multi-Session-Id as a session identifier
This extends Disconnect-Request support for an additiona session
identification attribute.
Signed-off-by: Jouni Malinen <j@w1.fi>