It was possible for ap_wps_per_station_psk_failure to leave behind scan
entries with active PBC mode if cfg80211 BSS table. This could result in
a following test case failing due PBC overlap. Fix this by clearing the
cfg80211 BSS table explicitly.
This was found with the following test case sequence:
ap_wps_per_station_psk_failure autogo_pbc
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 2d6a526ac3 ('tests: Make
ap_wps_er_http_proto more robust') tried to work around the timeouts
here, but that was not really the best approach since the one second
timeout that was used here for connect() ended up being very close to
the limit even before the kernel change. The longer connect() time is
caused by a sequence where the listen() backlog ignores the connection
instead of accept() followed by close() within the wpa_supplicant ER
HTTP connection handling. The time to retransmit the SYN changed a bit
in the kernel from 1.0 sec to about 1.03 sec. This was enough to push
that over the one second timeout.
Fix this by using a sufficiently long timeout (10 sec) to allow SYN
retransmission to occur to recover from the listen() backlog case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It looks like connect() for a TCP socket can time out at least with a
recent kernel. Handle that case more gracefully by ignoring that socket
while allowing the test to continue.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
After successfully passing the 525 tests on a remote setup mark the
tests as remote compatible.
Signed-off-by: Jonathan Afek <jonathanx.afek@intel.com>
Some environments define default system wide HTTP proxy. Using default
system configuration may result in a failure to open some HTTP URLs. Fix
this by ensuring that no proxies are used.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Pass apdev param to hostapd.add_bss(). Kill hardcoded phy param and get
phy base on apdev. These are needed to support operation with a remote
test host.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Pass the full apdev to the add_ap() function instead of just ifname.
This allows us to handle also remote hosts while we can check
apdev['hostname'], apdev['port'].
This step (4) converts the cases that call hostapd.add_ap() from a
helper function that got apdev[i] as an argument.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Pass the full apdev to the add_ap() function instead of just ifname.
This allows us to handle also remote hosts while we can check
apdev['hostname'], apdev['port'].
This step (2) converts the cases that use the add_ssdp_ap() helper
function.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Pass the full apdev to the add_ap() function instead of just ifname.
This allows us to handle also remote hosts while we can check
apdev['hostname'], apdev['port'].
This step (1) converts the cases where apdev[#]['ifname'] was used as
the argument to hostapd.add_ap().
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
This is needed to avoid reporting failures after a change to remove the
fallback path in PIN generation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It was possible to hit a race condition between WPS_CANCEL and
immediately following WPS_PIN command. Wait for a disconnection event to
avoid that. This was seen with the following test case sequence:
ap_wpa2_psk_supp_proto_wrong_group_key_len ap_wps_probe_req_ie_oom
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Only one of the ERs was stopped at the end of the test case and this
could result in the following test case failing, e.g., when executing
this test case sequence: ap_wps_er_multi_add_enrollee ap_wps_upnp.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes it more likely for the two ERs to go through WPS UPnP
exchange in parallel. This was already happening every now and then and
resulted in failures. However, now that there is support for multiple
concurrent exchanges, it is useful to have this test case hit that
possibility more frequently.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
gcc 4.8 vs 5.2 seem to compile eloop_register_sock() differently. With
5.2, that function name does not show up in the backtrace since
eloop_sock_table_add_sock() is used without a separate function call.
This broke the memory allocation failure checking in this test case. Fix
this by matching against the eloop_sock_table_add_sock() function which
shows up in the backtrace for both gcc versions.
Signed-off-by: Jouni Malinen <j@w1.fi>
It was possible for the WPS PBC state to get cached through to the
following test cases and that would trigger false failures. Fix this by
explicitly clearing the scan cache at the end of ap_wps_per_station_psk.
This issue was triggered with the following test case sequence:
ap_wps_per_station_psk autogo_pbc
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Number of test cases did not read all control interface socket events
from the dynamically added wlan5 interface. This could result in hitting
maximum socket TX queue length and failures in the following test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is a regression test case for the issue fixed by the previous
commit (hapd->num_probereq_cb not getting cleared on deinit).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds a Python-based minimal WSC protocol implementation to allow
more testing coverage to be reached for various error cases in protected
attributes. The wps_ext test case completes successful exchange in both
the Enrollee and Registrar roles acting in the middle of AP and STA. The
other test cases cover error cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
This extends ap_wps_pbc_timeout to cover another long WPS timeout:
ER-initiated SetSelectedRegistrar timeout on AP. Using the same test
case for this avoids the need for another 120 second test case.
Signed-off-by: Jouni Malinen <j@w1.fi>
Pass absolute path to the daemonized wpa_cli process and add read
privileges for everyone on the action script to make this test case work
better when run without a VM.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It looks like the previous timeout of 0.1 seconds could be hit under
parallel VM load, so double this to 0.2 second to avoid hitting
unnecessary test failures.
Signed-off-by: Jouni Malinen <j@w1.fi>
The test sequence "scan_and_bss_entry_removed ap_wps_ap_scan_2" resulted
in failure due to an old BSS entry remaining from the first test case to
the second and the WPS_PBC operation on a forced BSSID ending up picking
the incorrect BSS entry. Make this more robust by clearing the scan
results from cfg80211.
Signed-off-by: Jouni Malinen <j@w1.fi>
Both of these test cases were leaving out BSS entries with active PBC
mode at the end of the test. This could result in the next text case
failing, e.g., in "ap_wps_pbc_overlap_2ap grpform_ext_listen" and
"ap_wps_pbc_overlap_2sta grpform_ext_listen" sequences. Fix this by
flushing the scan results more carefully at the end of the PBC overlap
test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
run-tests.py is running as root, so sudo does not need to be used
anymore from within each test case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
There is no need to use sudo and external rm to remove files now that
run-tests.py is required to run as root.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The test used p2p_dev_addr() that can be different from own_addr()
if a dedicated P2P Device interface is used.
Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
Reorder scanning in a way that allows the ER behavior to be more
predictable. The first Probe Request report is for a previously received
frame on the AP and this new sequence avoids leaving either of the PBC
test STAs to be that one.
Signed-off-by: Jouni Malinen <j@w1.fi>
Instead of returning "skip" from the test function, raise the new
HwsimSkip exception to indicate a test case was skipped.
Signed-off-by: Jouni Malinen <j@w1.fi>
It was possible for regulatory domain changes to "leak" into following
test cases in number of cases where the cfg80211 BSS table remained
after regulatory domain had been restored to world roaming. Try to make
this less likely to occur by explicitly clearing BSS table at the end of
test cases that use different regulatory domain. This makes P2P test
cases that verify channel selection based on world roaming rules more
robust.
Signed-off-by: Jouni Malinen <j@w1.fi>
This avoids one more cleanup step between most test cases by stopping ER
only in case it was actually used during a test.
Signed-off-by: Jouni Malinen <j@w1.fi>
A single channel scan just before WPS_REG, WPS_PBC, and WPS_PIN commands
can be used to avoid having to run a full scan. This saves significant
amount of time in the WPS test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
This makes it more convenient and consistent to clear the cached scan
results from cfg80211 and wpa_supplicant.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The "Not fully connected" report did not clearly identify what went
wrong, so make this more verbose in hope of being able to determine what
happened should this test case fail again.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It was possible to hit the 10 second timeout in some test cases under
heavy load (e.g., with large number of VMs running tests in parallel).
These timeouts are not really indicating any real error, so make them
less likely to show up in reports by increasing the connection timeout
to 30 seconds.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is needed in preparation for WPS AES being mapped to enabling both
CCMP and GCMP if the driver supports both ciphers.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The scan for WPS-AUTH validation may miss a Probe Response frame if the
hostapd process gets blocked under load, e.g., when testing with
parallel-vm.sh.
Signed-off-by: Jouni Malinen <j@w1.fi>
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
It is possible for the scan to miss a Probe Response frame especially
under heavy load, so try again to avoid reporting invalid failures.
Signed-off-by: Jouni Malinen <j@w1.fi>
It is possible for the final step of the test case to fail under load
(e.g., when using parallel-vm.sh with large number of VMs), so run
through additional scan iterations if the WPS-AUTH flag does not get
removed immediately.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This can fail if Probe Response frame is missed and Beacon frame was
used to fill in the BSS entry. This can happen, e.g., during heavy load
every now and then and is not really an error, so try to workaround by
runnign another scan.
Signed-off-by: Jouni Malinen <j@w1.fi>