Commit graph

11942 commits

Author SHA1 Message Date
Ahmad Kholaif
c13578c339 DFS offload: Add main DFS handler for offloaded case
Add handling logic for DFS offloaded case, and add a helper function
that takes the frequency (MHz) as a param and returns 1 if given channel
requires DFS, or 0 otherwise.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-05 17:21:30 +02:00
Ahmad Kholaif
5de81d7a7a DFS offload: Skip user space processing for CAC operations
If DFS is offloaded to the driver, hostapd should not be performing
these operations. Send the relevant control interface events to provide
information to upper layer software that may use such events to track
DFS/CAC state. This makes the offloaded DFS implementation more
consistent with the DFS-in-hostapd behavior.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-05 16:24:39 +02:00
Jouni Malinen
192ad3d730 Interworking: Clear SCANNING state if no match found
Previously, it was possible for wpa_state to be left at SCANNING if
INTERWORKING_SELECT command failed to find any match. Now the state is
set to DISCONNECTED if the operation terminates because of no matching
networks.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-03 17:03:25 +02:00
Jouni Malinen
19ec6070ff tests: Fix workaround for limited channel survey in mac80211_hwsim
The way the current channel survey is implemented in mac80211_hwsim
requires for the ACS test cases to be run immediately after the same
radio has been on the expected operating band. This was worked around in
one of the test cases and errors ignored in couple. Extend this
workaround to cover all the test cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-03 16:01:52 +02:00
Jouni Malinen
9416e47f47 tests: Fix ap_vlan_wpa2_radius_id_change exception
This was supposed to be Exception("string") not "string".

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-03 15:40:19 +02:00
Johannes Berg
cba262e39b tests: Fix python typo
Clearly that should spell Exception.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2015-03-03 15:38:01 +02:00
Jouni Malinen
00c35673fd tests: Allow --shuffle-tests to be used with parallel-vm.py
This can be used to get more random sequence of test case execution
into use when running multiple VMs.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-03 09:47:25 +02:00
Jouni Malinen
fb7e0998b0 tests: P2P GO start with only 5 GHz band allowed
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-02 17:01:15 +02:00
Krishna Vamsi
95d7b863ec P2P: Consider 5 GHz channels also for auto GO
When there is no channel preference mentioned by user, auto GO
can be started on any of the 5 GHz channels supported for P2P.
Consider operating classes 115 and 124 which do not require DFS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-02 17:01:15 +02:00
Jouni Malinen
a51c40aa35 P2P: Fix regression in start-GO/AP through a "fake" scan
Commit 3f9ebc439c ('P2P: Allow AP/GO
interface to be started while P2P-in-progress') moved the
wpa_s->connect_without_scan and wpa_s->last_scan_req checks to an
earlier place within the wpa_supplicant_scan() function without
adjusting wpa_s->last_scan_req. This variable was set between the old
and new location, so the new location needs to use wpa_s->scan_req.

This fixes an issue where AP/GO operations were not properly started in
some operation sequence. Instead, a station mode scan was executed. This
issue could be triggered, e.g., by running the no_go_freq test case
followed by autogo_random_channel.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-02 16:45:51 +02:00
Jouni Malinen
96cbb7b561 tests: Skip radius_acct_unreachable3 when not running under VM
It looks like the IP routing table changes used here to trigger
unreachability and following reachability of the server do not work very
well with full IP routing configuration, so run this test case only when
executed under vm-run.sh.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-02 16:30:13 +02:00
Sunil Dutt
dd5c155e2e eap_proxy: Callback to notify any updates from eap_proxy
This commit introduces a callback to notify any configuration updates
from the eap_proxy layer. This is used to trigger re-reading of IMSI and
MNC length.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-02 12:47:20 +02:00
Vivek Natarajan
9a05d98bf9 atheros: Add a new flag for OSEN support
Signed-off-by: Vivek Natarajan <nataraja@qti.qualcomm.com>
2015-03-02 12:40:41 +02:00
Jouni Malinen
9feadba141 Remove unnecessary NULL check to make function more consistent
Static analyzers may warn about dereference before NULL check in
wpas_network_disabled() due to the new code added to check
wpa_s->p2p_mgmt. wpa_s cannot be NULL here, so remove the unneeded check
for it later in the function. (CID 106124)

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:53 +02:00
Jouni Malinen
bfc048b48f tests: P2P autonomous GO with large number of GO instances
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:53 +02:00
Jouni Malinen
1772d348ea P2P: Fix interface deinit for failed group interface initialization
wpa_supplicant_deinit_iface() ends up removing all P2P groups if the
removed interface is the parent interface. This is correct behavior in
general, but this resulted in issues in the new group interface
initialization error path since wpa_s->parent was not assigned before
hitting this check. Fix this by assigning wpa_s->parent as part of
wpa_supplicant_add_iface().

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:53 +02:00
Jouni Malinen
3f9ebc439c P2P: Allow AP/GO interface to be started while P2P-in-progress
Do not delay the "station mode scan" that is not really a scan, but a
request to start AP/GO mode operation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:52 +02:00
Jouni Malinen
58980654af tests: RADIUS server failure cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:52 +02:00
Jouni Malinen
5d695df5d1 tests: hostapd and get_station in multi-BSS configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:52 +02:00
Jouni Malinen
5ff53fd6dd tests: RADIUS failover and failed attempt to return to primary server
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:52 +02:00
Jouni Malinen
b4a9292cfb RADIUS client: Fix server failover on return-to-primary on error case
If a connection with the primary server cannot be established, restore
connection to the previously used server.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:52 +02:00
Jouni Malinen
7c5658c661 tests: RADIUS client address specified
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:52 +02:00
Jouni Malinen
9836cb5387 Add option to force a specific RADIUS client address to be used
The new hostapd.conf parameter radius_client_addr can now be used to
select a specific local IP address to be used as the RADIUS client
address.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:52 +02:00
Jouni Malinen
1b5664f0fb tests: RADIUS Accounting server unreachable and multiple STAs
This verifies behavior on reaching RADIUS_CLIENT_MAX_ENTRIES.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:52 +02:00
Jouni Malinen
48d9065f7d tests: RADIUS Accounting server initially unreachable, but then available
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:52 +02:00
Jouni Malinen
1a7ed38670 RADIUS client: Fix a copy-paste error in accounting server failover
Commit 347c55e216 ('RADIUS client: Re-try
connection if socket is closed on retransmit') added a new option for
initialing RADIUS server failover from radius_client_retransmit(), but
ended up trying to change authentication servers when accounting server
was supposed to be changed due to a copy-paste issue.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:52 +02:00
Jouni Malinen
ec1c483de0 tests: Not ready for GO Negotiation (listen/search)
These test cases verify that P2P_FIND and P2P_LISTEN operation continues
after having replied to GO Negotiation Request frame for which we are
not yet ready (i.e., GO Negotiation Response with status=1).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:52 +02:00
Jouni Malinen
de7c06ee17 P2P: Continue find in GO-Neg-Resp-fail status corner cases
It was possible for the GO Negotiation Response (failure) TX status to
be processed at a point where there is no P2P timeout to continue
search. Avoid stopping the ongoing search operation by explicitly
restarting it from this callback.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:52 +02:00
Jouni Malinen
7041c16d5a tests: Open mode connection and SELECT_NETWORK to change network
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 15:56:11 +02:00
Jouni Malinen
c28059091a Do not add blacklist entries based on normal disconnect request cases
There are number of cases where wpa_supplicant requests the current
connection to be disconnected before starting a new operation. Such
cases do not really indicate that there was an error in connecting or a
disconnection initiated by the AP, so do not add a temporary blacklist
entry in such sequences.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 15:54:24 +02:00
Jouni Malinen
6acca70536 tests: cfg80211 P2P Device and P2P_* command on incorrect interface
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 12:07:23 +02:00
Jouni Malinen
bdf0518bb9 P2P: Direct P2P_CONNECT command to proper interface
It is possible for the P2P_CONNECT control interface command to be
issued on an incorrect interface. While the upper layer component should
really use global control interface for this, make this work by
redirecting the command to the correct context if needed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 11:54:39 +02:00
Jouni Malinen
5de945fcc0 tests: cfg80211 P2P Device misuses
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 11:24:41 +02:00
Jouni Malinen
44b9ea5bb2 P2P: Do not allow scan or normal association on cfg80211 P2P Device
The dedicated P2P management instance (wpas->p2p_mgmt == 1) using
cfg80211 P2P Device cannot be used for non-P2P uses or connection (there
is no netdev). Reject or ignore such operations to avoid unexpected
operations if enabled network blocks are configured in the
wpa_supplicant instance used to control this interface.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 11:23:09 +02:00
Jouni Malinen
6d0b447464 tests: P2P_FIND with freq parameter to scan a single channel
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 22:06:24 +02:00
Jouni Malinen
9542f21f3a Clean up p2p_find command parsing and execution
There is no need to maintain three almost identical copies of the
wpas_p2p_find() call.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 21:58:38 +02:00
Daisuke Niwa
fa9f381f20 P2P: Allow a specific channel to be specified in P2P_FIND
The optional freq=<MHz> can now be used with the P2P_FIND command to
specify a single channel to scan during the first round of P2P search.
For example, this can be used to replace the full initial scan with a
single channel scan of a known operation channel.

Signed-off-by: Daichi Ueura <daichi.ueura@sonymobile.com>
2015-02-28 21:52:56 +02:00
Daichi Ueura
eb78a8d5e3 P2P: Restore P2P_SCAN_SPECIFIC
This reverts commit 3df2f4fe99 ('P2P:
Remove unused P2P_SCAN_SPECIFIC') with a modification to fit the current
code base.

Signed-off-by: Daichi Ueura <daichi.ueura@sonymobile.com>
2015-02-28 21:41:38 +02:00
Rajkumar Manoharan
d988ff76bf hostapd: Disable VHT caps for STAs when no valid VHT MCS found
Disable VHT caps for STAs for which there is not even a single
allowed MCS in any supported number of streams. i.e STA is
advertising 3 (not supported) as VHT MCS rates for all supported
streams.

Signed-off-by: Rajkumar Manoharan <rmanohar@qti.qualcomm.com>
2015-02-28 21:00:00 +02:00
Jouni Malinen
70fd8287eb RADIUS client: Fix previous failover change
Commit 347c55e216 ('RADIUS client: Re-try
connection if socket is closed on retransmit') added a possibility of
executing RADIUS server failover change within
radius_client_retransmit() without taking into account that this
operation may end up freeing the pending message that is being
processed. This could result in use of freed memory. Avoid this by
checking whether any pending messages have been removed and if so, do
not try to retransmit the potentially freed message.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 20:52:08 +02:00
Jouni Malinen
dcd378ed2e tests: Make grpform_no_wsc_done more robust
It was possible for this test case to start a new group formation on
dev[1] while the first round was still going through the process of
processing group termination indication. That could result in the second
round failing unexpectedly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 16:57:03 +02:00
Janusz Dziedzic
c3dabf5a00 Fix merge issue with IBSS VHT support
Commit 563ee1832b ('IBSS: Add support for
VHT80 configuration') got merged in incorrectly with one i/j swap
missed.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-02-28 16:48:22 +02:00
Jouni Malinen
8b2b718da9 Fix minor issue in HT40 max rate determination
Commit a1b790eb9d ('Select AP based on
estimated maximum throughput') had a copy-paste bug than ended up
leaving one of the max_ht40_rate() cases unreachable. (CID 106087)

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 16:40:58 +02:00
Jouni Malinen
347c55e216 RADIUS client: Re-try connection if socket is closed on retransmit
Previously, send() was called with invalid fd = -1 in some error cases
for retransmission and this could even result in a loop of multiple such
attempts. This is obviously not going to work, so drop such attempts and
instead, try to reconnect a socket to the server if the current socket
is not valid.

In addition, initiate server failover immediately if the current socket
is not valid instead of waiting for a timeout.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 16:40:58 +02:00
Jouni Malinen
abeea374a4 tests: RADIUS server connect() failing during startup
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 15:45:17 +02:00
Jouni Malinen
94b39e5927 RADIUS client: Fix server connection recovery after initial failure
If the initial attempt at opening the socket connection to the RADIUS
server failed due to missing IP connectivity during startup, e.g., with
"connect[radius]: Network is unreachable", hostapd did not try to
reconnect when RADIUS messages were sent. Instead, it only reported "No
authentication server configured" even if the configuration did have a
server entry.

This was broken by commit 9ed4076673
('RADIUS client: Do not try to send message without socket') for the
initial case and the more recent fixes in RADIUS server failover cases
did not cover the initial failure case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 15:45:17 +02:00
Jouni Malinen
bbee36e316 Allow RADIUS server address to be replaced
The new hostapd parameters auth_server_addr_replace and
acct_server_addr_replace can now be used to replace the configured IP
address instead of adding a new RADIUS server. This is mainly useful for
testing purposes where the address can be changed over control interface
during AP operation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 15:45:16 +02:00
Jouni Malinen
efb40081ab TLS: Remove placeholders for SIGN_ALG_DSA support
It does not look likely that the old DSA design would be added into the
internal TLS implement, so remove this otherwise dead code.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 15:45:16 +02:00
Jouni Malinen
2eb64ea437 tests: Module tests for common.c
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 12:20:56 +02:00
Jouni Malinen
56a1180153 tests: Increase bitfield module test coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 11:46:29 +02:00