www.project-moonshot.org Git - mech

D-Bus: Simplify message building error paths

There is no need to have multiple separate return statements for error
cases in a sequence of operations. In addition, there is not much point
in "converting" boolean return values with "if (!res) return FALSE;
return TRUE;" style constructions.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Fix GroupAdd, Invite, RemovePersistentGroup path validation

net_id_str can be NULL and that must be checked for to avoid NULL
pointer dereference if an invalid persistent_group_object path is used
with these methods.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Fix error message for Listen() failure

DBUS_ERROR_NO_MEMORY does not look like the best option for the failure
reason in case wpas_p2p_listen() fails.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Clean up wpas_dbus_new_decompose_object_path()

None of the new D-Bus interface cases use the bssid_part in
decompose_object_path (while the old interface ones do). As such, this
is dead code and can be removed. In addition, the P2P addition here was
pretty ugly extension. Replace these with a cleaner way of passing the
separating string (e.g., "Networks") from the caller and returning the
requested item.

In addition, there is no need to allocate the returned item separately,
so use a single allocation and a pointer to that allocated memory. This
will make it easier for callers to have to free only a single
allocation. This is also fixing a memory leak in P2P invitation
persistent group case where the caller had missed the need to free the
returned values.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Clean up parse_peer_object_path() uses

This helper function does not modify peer_path, so mark it const. In
addition, there is no point in callers to check separately whether
peer_path is NULL since that is taken care of by this helper function.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Remove useless NULL check from static function

The entry argument cannot be NULL in this static function.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Add debug prints for parsing dict entries

This makes it easier to figure out what happens if there are issues with
processing messages.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Remove useless wpa_s->conf checks

This cannot be NULL when an interface is in use. There is not much point
in couple of functions checking this while large number of other places
do not.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Write Get/Set property name in debug log

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Add more debug prints to cover operations

This adds the message signature to the new D-Bus interface message
handler and similar prints to the old interface messages handlers.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Fix property change timer update

eloop_is_timeout_registered() was called with incorrect context argument
which meant that the pending timeout would have never been found.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus (old): Fix removeNetwork method to not use freed memory

wpa_supplicant_deauthenticate() call needs to happen before
wpa_config_remove_network(). Freed memory could be dereferenced if
removeNetwork method was issued on the currently connected network.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Avoid valgrind warning due to compiler optimization

It looks like both gcc and clang optimize the (entry.type != foo ||
entry.array_type != bar) in a way that ends up evaluating the second
condition even when the first one results in 0. While this is not really
what the C language requirements on short-circuit evaluation require,
the compiler likely assumes this can have no side effects and with both
type and array_type being comparable in a single 64-bit operation, this
can clearly be a bit more efficient. While the code behaves same in both
cases, valgrind does warn about use of uninitialized memory when the
second condition is evaluated (entry.array_type is not initialized if
entry.type != DBUS_TYPE_ARRAY).

To keep valgrind logs cleaner, initialize entry.array_type to
DBUS_TYPE_INVALID so that these compiler optimizations do not result in
reading uninitialized memory.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Avoid compiler warning on sometimes uninitialized variable

The logic in wpas_dbus_signal_p2p_provision_discovery() seemed to imply
that there could be a case where _signal would be used uninitized. While
that is not the case since either (request || !status) or (!request &&
status) would always be true, some compilers do not seem to be clever
enough to figure that out to avoid the warning. Make this easier for
such compilers by removing the (!request && status) condition since it
is identical to !(request || !status).

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Make WPAS_DBUS_TYPE_BINARRAY value less confusing

Commit 911e97e4002019e577bb1086f1fd02daff978544 ('DBus: Refactor array
adding, add binary arrays') introduced WPAS_DBUS_TYPE_BINARRAY as an
internal fake type for array_type. However, it selected this value to be
(DBUS_NUMBER_OF_TYPES + 100) = 116 = 't'. This happens to conflict with
DBUS_TYPE_UINT64 ((int) 't'). While none of the existing array_type use
cases supported UINT64, it is much clearer if WPAS_DBUS_TYPE_BINARRAY
has a value that does not match any existing DBUS_TYPE_* value. Replace
this with '@' (64).

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Fix dict binarray getter to accept empty array of array

This is needed to allow Set(P2PDeviceConfig) to clear the
VendorExtension array (i.e., to remove all configured vendor
extensions). Previously, such an attempt was met with a D-Bus assert and
rejection of the operation.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Fix memory leak on P2PDeviceConfig::VendorExtension

The wps_vendor_ext array can be set using D-Bus Set(P2PDeviceConfig)
with the VendorExtension key in the dictionary. However, there was no
code for freeing the allocated memory when the interface is removed.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Fix GONegotiationSuccess signal passphrase format

Passphrase is a variable length string of (8..63 characters), not a byte
array of fixed 64 octets.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Make wpas_dbus_error_scan_error() static

This function is not used anywhere outside this file.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Fix ServiceDiscoveryResponse to accept int32 dialog_token

The ServiceDiscoveryRequest signal uses int32 for encoding dialog_token
for some reason (even though this is a u8 field).
ServiceDiscoveryResponse is supposed to accept the values from the
signal as-is, so extend that to accept int32 in addition to the
previously used uint32.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Fix memory leaks on AddService/DeleteService error paths

The query and service parameters need to be freed on all paths to avoid
memory leaks in error cases.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Fix .Group Set(WPSVendorExtensions) format

The earlier implementation seemed to require a strange extra
encapsulation with a dictionary for setting the WPSVendorExtensions
property while this was defined to have aay signature and the get
operation did indeed return and array of array of bytes without that
dictionary. Fix this to accept aay format for the setter as well. Keep
support for the old dictionary encapsulation format for backwards
compatibility.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Fix memory leak on P2P GO WPSVendorExtensions

It was possible to add WPS vendor extensions through the D-Bus
WPSVendorExtensions setter, but these extensions were not freed when the
P2P GO was stopped or when replacing previously configured extensions.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Verify that wpa_supplicant clears keys from memory

Check that PMK and PTK and not left in memory (heap or stack)
unnecessarily after they are not needed anymore.

Signed-off-by: Jouni Malinen <j@w1.fi>

SAE: Clear keys from memory on disassociation

There is no need to keep temporary keys in memory beyond the end of the
association, so explicitly clear any SAE buffers that can contain keys
as soon as such keys are not needed.

Signed-off-by: Jouni Malinen <j@w1.fi>

Clear GTK from memory as soon as it is not needed anymore

It was possible for the decrypted EAPOL-Key Key Data field to remain in
heap after the temporary buffer was freed. Explicitly clear that buffer
before freeing it to minimize the time GTK remains in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>

Clear psk_list while freeing config_ssid instances

Previously, the main PSK entry was cleared explicitly, but psk_list
could include PSKs for some P2P use cases, so clear it as well when
freeing config_ssid instances.

Signed-off-by: Jouni Malinen <j@w1.fi>

Explicitly clear the temporary stack-based PSK buffer

There is no need to leave this temporary key in stack memory after
having been configured to the WPA state machine.

Signed-off-by: Jouni Malinen <j@w1.fi>

Explicitly clear the temporary stack-based key for WPA-None

There is no need to leave this temporary key in stack memory after
having been configured to the driver.

Signed-off-by: Jouni Malinen <j@w1.fi>

WPS ER: Explicitly clear PSK from stack after use

There is no need to leave the PSK from temporary Credential structure
that was built in stack after that Credential has been passed to the WPS
module.

Signed-off-by: Jouni Malinen <j@w1.fi>

Clear wpa_psk memory when setting up wpa_supplicant AP mode

This is more of a theoretical case since this part is done only during
setup and the structure is not allocated in practice. Anyway,
maintaining more consistent use of bin_clear_free() for structures that
may contain keys is useful.

Signed-off-by: Jouni Malinen <j@w1.fi>

Clear TK part of PTK after driver key configuration

There is no need for wpa_supplicant to maintain a copy of the TK part of
PTK after this has been configured to the driver, so clear that from
heap memory and only maintain KEK and KCK during association to allow
additional EAPOL-Key handshakes.

Signed-off-by: Jouni Malinen <j@w1.fi>

Clear temporary keys from WPA supplicant state machine when not needed

PMK and PTK are not needed in the supplicant state machine after
disassociation since core wpa_supplicant will reconfigure them for the
next association. As such, clear these from heap in
wpa_sm_notify_disassoc() to reduce time and number of places storing key
material in memory. In addition, clear FT keys in case of
CONFIG_IEEE80211R=y build (sm->xxkey stored a copy of PSK in case of
FT-PSK).

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Filter out extra files from codecov reports

wpa_cli and hostapd_cli are not currently tested for code coverage, so
filter the files specific to those components away from the code
coverage reports. *_module_tests.c are not included in normal builds, so
drop them as well. In addition, drop the system header file (byteswap.h)
that gets somehow unnecessarily included in the reports for couple of
lines.

Signed-off-by: Jouni Malinen <j@w1.fi>

doc: Add D-Bus signals Certification(), EAP(), NetworkRequest()

This documents number of EAP related D-Bus signals and the related
NetworkResponse() method.

Signed-off-by: Jouni Malinen <j@w1.fi>

doc: Add D-Bus FlushBSS() method

Commit 2b65b30da86f550dc8c228cb2c6456e76dbc7978 ('dbus: Add D-Bus
methods to flush the BSS cache') added this, but forgot to update
documentation.

Signed-off-by: Jouni Malinen <j@w1.fi>

doc: Add D-Bus RemoveAllNetworks() method

Commit 7c49fdd0bd214f5fa3af8407d7011930ac150ef1 ('dbus: Add
RemoveAllNetworks to the new D-Bus API') added this, but forgot to
document it.

Signed-off-by: Jouni Malinen <j@w1.fi>

doc: Add D-Bus Reattach() method

Commit 0f44ec8eba8a2b01e9c443308a72a2fd3208f7cf ('Add a reattach command
for fast reassociate-back-to-same-BSS') added Reattach(), but forgot to
document it.

Signed-off-by: Jouni Malinen <j@w1.fi>

doc: Add D-Bus SignalPoll() method

Commit 7a4a93b9593575ffd64ba72739429d98e4b90858 ('dbus: Add SignalPoll()
method to report current signal properties') added this method, but
forgot to document it.

Signed-off-by: Jouni Malinen <j@w1.fi>

doc: Add D-Bus global Capabilities property

This property was added to the fi.w1.wpa_supplicant1 interface in commit
1634ac0654eba8d458640a115efc0a6cde3bac4d ('dbus: Add global capabilities
property'), but documentation was not updated.

Signed-off-by: Jouni Malinen <j@w1.fi>

doc: Fix D-Bus documentation for CreateInterface()

The "Bridge_ifname" parameter had been renamed to "BridgeIfname" and
"ConfigFile" is also available as a parameter.

Signed-off-by: Jouni Malinen <j@w1.fi>

doc: Fix D-Bus page format with newer Doxygen versions

It looks like the space indentation before the HTML command ended up
being converted to HTML tags getting shown as code text rather than
being used to control formatting. Fix this by removing indentation from
the first line of each HTML segment.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus(old): Remove duplicated blob->data check

This was already verified to be non-NULL above and there is no point in
having an extra check after the pointer has already been dereferenced.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus(old): Remove unnecessary wpa_supplicant_state_txt() check

This function cannot return NULL.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus(old): Fix removeNetwork and selectNetwork error handling

wpas_dbus_decompose_object_path() may leave the network part NULL on
unexpected path. This resulted in NULL pointer dereference when
processing an invalid removeNetwork or selectNetwork call. Fix this by
explicitly verifying that the network part was included in the object
path.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus(old): Fix interface to show correct err_msg for blob removal

The "Invalid blob name" string was not shown since the zero-length name
was used regardless of first verifying that it should not be allowed.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus(old): Fix WPS interface to require BSSID for wpsReg

External WPS Registrar operation requires the BSSID to be specified, so
the old D-Bus interface better apply that requirement as well.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus(old): Fix WPS interface for PIN from wpa_supplicant case

dbus_message_append_args() needs char** and &npin ended up being char*
and resulted in segmentation fault.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Fix P2P persistent group removal from non-D-Bus triggers

It is possible for the persistent group object to be added and removed
by non-D-Bus triggers (e.g., ctrl_iface commands). The add part was
already handled, but removal was not. That resulted in memory leaks when
a P2P persistent group was removed without using an explicit D-Bus
command for this even if the object was added without D-Bus involvement.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Fix WPS ConfigMethods getter to handle no value properly

wpas_dbus_simple_property_getter() cannot be used with NULL
DBUS_TYPE_STRING, so replace that with an empty string to handle the
case of no config_methods parameter in the configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>

D-Bus: Fix P2P peer joined/disconnected handlers

It is possible for the peer to be a non-P2P device and as such, for
p2p_dev_addr to be NULL. This resulted in NULL pointer dereference if
D-Bus interface was enabled for the interface when a legacy STA joined a
group.

Signed-off-by: Jouni Malinen <j@w1.fi>

Clear next_scan_freqs on wpa_supplicant FLUSH command

It was possible for old scan state to remain from a previous test case
when an operation like WNM neighbor scan or another-BSS-in-ESS was
started, but stopped at the end of a test case. This could result in
failures, e.g., when running wnm_bss_tm_req followed by scan_setband.

Signed-off-by: Jouni Malinen <j@w1.fi>

wpa_supplicant: Set stdout line-buffered

This makes wpa_supplicant debug output in stdout line-buffered to remain
consistent with hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>

hostapd: Set stdout line-buffered

If hostapd will use stdout for debugging, set stdout to be line
buffered in case its output is redirected to a file. This allows
incremental output to be viewed immediately instead of at the file
buffering interval.

Signed-hostap: Paul Stewart <pstew@chromium.org>

OpenSSL: Do not require a PIN for PKCS#11

It isn't mandatory. If we need one and it's not present, the ENGINE will
try asking for it. Make sure it doesn't actually let an OpenSSL UI loose,
since we don't currently capture those.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

OpenSSL: Automatically enable PKCS#11 engine where it's needed

It needs to be available to ENGINE_by_id(), which in my case means it
needs to be /usr/lib64/openssl/engines/libpkcs11.so. But that's a system
packaging issue. If it isn't there, it will fail gracefully enough with:

ENGINE: engine pkcs11 not available [error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library]
TLS: Failed to set TLS connection parameters
EAP-TLS: Failed to initialize SSL.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

OpenSSL: Load dynamic ENGINE unconditionally

This means that if the PKCS#11 engine is installed in the right place
in the system, it'll automatically be invoked by ENGINE_by_id("pkcs11")
later, and things work without explictly configuring pkcs11_engine_path.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

OpenSSL: Automatically handle PKCS#11 URIs in private_key, ca/client_cert

If these start with "pkcs11:" then they are PKCS#11 URIs. These Just Work
in the normal private_key/ca_cert/client_cert configuration fields when
built with GnuTLS; make it work that way with OpenSSL too.

(Yes, you still need to explicitly set engine=1 and point to the engine,
but I'll work on that next...)

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

OpenSSL: Do not require private key to come from PKCS#11

There's no reason I shouldn't be able to use PKCS#11 for just the CA cert,
or even the client cert, while the private key is still from a file.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

OpenSSL: Allow pkcs11_module_path to be NULL

New versions of engine_pkcs11 will automatically use the system's
p11-kit-proxy.so to make the globally-configured PKCS#11 tokens available
by default. So invoking the engine without an explicit module path is
not an error.

Older engines will fail but gracefully enough, so although it's still an
error in that case there's no need for us to catch it for ourselves.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

tests: Reorder build.sh operations

This leaves the build tree with valid wpa_supplicant object files in the
end and makes it a bit easier to do additional custom builds when
needed.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Use QUIET=1 option to make build.sh output much shorter

Report only fatal errors when building binaries for hwsim testing.

Signed-off-by: Jouni Malinen <j@w1.fi>

Add QUIET=1 option for make

This can be used to reduce verbosity for build messages.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Skip mesh test cases if kernel does have CONFIG_MAC80211_MESH

Previously, these test cases were marked as failures, but it is nicer to
mark as skipped if the kernel does not include support for mesh.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Report missing erp support more nicely in wpas_ctrl_get_capability

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Support older tshark versions

The -Y command line argument may need to be replaced with -R when an
older tshark version is used.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Allow DFS test cases to be skipped

Some of the newer dfs_radar* test cases did not allow hostapd
startup to fail. Since these require relatively recent kernel
support, mark the test cases with skip rather than fail based
on that step failing.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Allow SMPS test case to be skipped

ap_ht_smps needs relatively recern kernel support, so allow it to be
skipped rather than claimed as failure, in case hostapd startup fails.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Fix --codecov cases to find correct wpa_cli/hostapd_cli

It was possible for the separate builds to not include
wpa_cli/hostapd_cli in the default location. Make sure hostapd_cli gets
built for --codecov cases and update both WPACLI and HAPDCLI paths to
match the alternative location.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Verify that hostapd-as-RADIUS-server started

Large number of test cases will fail if hostapd fails to start as the
RADIUS server. To make this more obvious, verify that the RADIUS server
instance is running and do not even start test execution if the setup if
not work properly.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Limit number of failed test cases in the curses output

It was possible for the scr.addstr() operations to fail and terminate
parallel-vm.py if the number of failed test cases increased beyond what
fits on the screen.

Signed-off-by: Jouni Malinen <j@w1.fi>

Avoid -Wshadow warnings from older gcc versions

It looks like gcc 4.8.2 would warn about these with -Wshadow, but 4.6.3
did.

Signed-off-by: Jouni Malinen <j@w1.fi>

Clean up debug prints to use wpa_printf()

This converts most of the remaining perror() and printf() calls from
hostapd and wpa_supplicant to use wpa_printf().

Signed-off-by: Jouni Malinen <j@w1.fi>

Fix CONFIG_OS=none build

Signed-off-by: Jouni Malinen <j@w1.fi>

Fix CONFIG_OS=internal build

Signed-off-by: Jouni Malinen <j@w1.fi>

Support private_key_passwd for GnuTLS (3.1.11+)

It's possible to jump through hoops to support it in older versions too,
but that seems a little unnecessary at this point.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

GnuTLS: Get rid of warnings about deprecated typedef names

'_t' suffix for gnutls_session and gnutls_transport_ptr was added in
GnuTLS 1.1.11 over ten years ago and the more recent versions of GnuTLS
have started forcing compiler warnings from the old names. Move to the
new names and don't bother about backwards compatibility with older
versions taken into account how long ago this change happened in GnuTLS.

Signed-off-by: Jouni Malinen <j@w1.fi>

privsep: Fix compilation due to associate() parameter updates

struct wpa_driver_associate_params moved to using struct
hostapd_freq_params instead of just frequency. Need to update wpa_priv
to do same.

Signed-off-by: Jouni Malinen <j@w1.fi>

P2P: Fix memory leak on GO startup failure path

Some of the struct hostapd_data variables get initialized with allocated
memory in the P2P GO case even before hapd->started has been set to 1.
As such, hostapd_free_hapd_data() needs to free these even if
!hapd->stated.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Clear active PBC mode from cfg80211 BSS table in p2p_channel

This reduces number of test combinations in which PBC session overlap
could have been indicated incorrectly.

Signed-off-by: Jouni Malinen <j@w1.fi>

WPS: Do not indicate PBC overlap for the same BSS

Even if the UUID would have a mismatch, e.g., due to no UUID known for
the target in a new WPS PBC instance, do not indicate PBC session
overlap if the BSSID is same in the two entries. This should not really
happen in normal use cases, but can happen at least in some test
scenarios where the same BSSID is used in consecutive test cases and the
old BSS entry remains in cfg80211 cache.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Make p2p_channel test cases more robust

Wait for a CTRL-EVENT-REGDOM-CHANGE even before returning from
set_country() to avoid issues with test operations being executed before
all components have had chance to update their regulatory domain
information. Some of these test cases could fail under heavy load.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Maintain test result counters through the run

This avoids having to go through the full output buffer from each
VM for each update during a test run.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Process VM stdout output in full lines

Merge partial lines together before processing them in parallel-vm.py.
This avoids issues in cases where the stdout read gets split into pieces
that do not include the full READY/PASS/FAIL/SKIP information. In
addition, strip unnecessary whitespace (mainly, '\r') from the log
lines.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Disable terminal echo for stdin control (-i)

This makes vm-run.sh output cleaner to parse for parallel-vm.py.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Do not print to stdout during test execution

This cleans up vm-run.sh output and makes information more easily
available from the *.log files.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Add debug logging for parallel-vm.py

parallel-vm.log is now written with details of test execution steps and
results. This makes it easier to debug if something goes wrong in VM
monitoring. The --debug option can be used to enable verbose debugging.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Retry failed cases automatically in parallel VM run

parallel-vm.py is now retrying failed cases once at the end of the run.
If all the failed test cases passed on the second attempt, that is noted
in the summary output. Results are also indicated as the exit value from
the run: 0 = all cases passed on first run, 1 = some cases failed once,
but everything passed after one retry, 2 = some cases failed did not
succeed at all.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Add more long duration test cases to parallel-vm.py list

This adds the remaining test cases that took more than 15 seconds to run
into the list of test cases to run at the beginning of the execution to
avoid these being left at the end when only some of the VMs may be
running.

Signed-off-by: Jouni Malinen <j@w1.fi>

nl80211: Check if_indextoname() return value for bridge events

It would be at least theoretically possible for the bridge netdev to
have disappeared at the time hostapd processes the RTM newlink/dellink
message. As such, it is better to verify that if_indextoname() actually
returned success before printing the bridge ifname in debug. In
addition, there is not much point trying to add the bridge ifindex into
the list of own ifindexes in case the interface has already been
removed, so skip that part as well.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Optimize ap_qosmap test cases

Avoid unnecessary DATA_TEST_CONFIG calls and wlantest_cli invocations to
speed up the test cases. This drops ap_qosmap execution time from about
14 seconds to under 3 seconds.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Optimize multi_check() waits in ap_bss_add* and ap_multi_bss*

There is no need to wait for the longer fixed duration for each STA when
an event message or an earlier wait for another STA can be used instead.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Make scan_hidden* more robust

Clear cfg80211 BSS table more carefully after the scan_hidden* test
cases. At least scan_hidden_many could have left behind a hidden SSID
entry that could cause problems for following scan_bss_operations test
case.

Signed-off-by: Jouni Malinen <j@w1.fi>

mesh: Delay Authentication frame process with no_auto_peer

There is a possible race condition between receiving the
NEW_PEER_CANDIDATE event and the Authentication frame from the peer.
Previously, if the Authentication frame RX event was indicated first,
that frame got dropped silently. Now, this frame is still dropped, but a
copy of it is stored and the frame gets processed on the following
NEW_PEER_CANDIDATE event if that is received for the same peer within
two seconds.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Fix mesh no_auto_peer=1 test cases to allow enough time for retry

If the initial Authentication frame was too early for the peer (i.e.,
NEW_PEER_CANDIDATE event arrived only after the Authentication frame),
wpas_mesh_open_no_auto and wpas_mesh_secure_no_auto test cases were
failing since they waited only for 10 seconds for the connection to be
completed while the retry timer was set to 10-20 seconds on the
authenticator side.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Fix wpas_ctrl_data_test with Linux 3.19-rc1

The kernel commit 'packet: make packet_snd fail on len smaller than l2
header' started rejecting <= 14 octet raw packet socket transmission.
This test case was testing with 14 ocets and that is now rejected by the
kernel. While this may be a kernel side issue, use one octet longer test
data for now to avoid undesired FAIL cases in hwsim tests.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Fix ap_ht_40mhz_intolerant_ap

The previous design did not actually break from the wait loop when the
AP changed back to 40 MHz channel and as such, ended up waiting the full
30 second time. Furthermore, the five second delay time for returning
back to 40 MHz was not sufficiently long to test behavior correctly
since the STA did not have any chances of returning the next coex report
before the AP had returned to 40 MHz. Increase the AP wait time to 15
seconds so that the once per 10 seconds OBSS scan from the STA gets in
before changing back to 40 MHz channel (after the 40 MHz intolerant AP
gets disabled).

Signed-off-by: Jouni Malinen <j@w1.fi>

SME: Optimize OBSS scanning

Include only the potentially affected channel range in OBSS scans to
reduce the amount of offchannel time needed for scanning when requested
by the AP.

Signed-off-by: Jouni Malinen <j@w1.fi>

HT: More robust 20/40 coex Action frame parsing

Commit 587d60d2b74190d58ddeb6a30ab338352af1186a ('Add AP mode support
for HT 20/40 co-ex Action frame') added processing of co-ex report, but
did not include proper bounds checking or IE type checking for the
payload. Furthermore, this was not ready for the possible extensibility
of the 20/40 BSS Coexistence element.

Fix these by checking IE ids for both elements and doing more
apprioriate bounds checking for the element lengths to avoid potentially
reading beyond the frame buffer. Though, the event receive buffer in
both libnl and driver_nl80211_monitor.c is sufficiently large to make it
very unlikely that the maximum read of about 260 bytes beyond the end of
the Action frame would really have any chances of hitting the end of the
memory buffer, so the practical effect of missing bounds checking would
have been possibly accepting an invalid report frame and moving to 20
MHz channel unnecessarily.

Signed-off-by: Jouni Malinen <j@w1.fi>

HT: Fix 20/40 coex Action frame parsing

Commit 5ce3ae4c8f2a07c28e0bbae1b68e5524ee034387 tried to clean up
fetching a pointer to the action code field, but it forgot to add
IEEE80211_HDRLEN to the pointer. This resulted in the coex report
elements being read from too early in the frame.

Signed-off-by: Jouni Malinen <j@w1.fi>