Commit graph

13569 commits

Author SHA1 Message Date
Jouni Malinen
81f8e7e9fb tests: Increase HTTPConnection timeout in ap_wps_upnp_http_proto
It looks like the previous timeout of 0.1 seconds could be hit under
parallel VM load, so double this to 0.2 second to avoid hitting
unnecessary test failures.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-19 13:45:16 +03:00
Jouni Malinen
001c4bf5b3 tests: D-Bus RemoveClient()
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-19 13:07:03 +03:00
Purushottam Kushwaha
4e7175827e dbus: Add RemoveClient method to remove a client from local GO
This is equivalent to the P2P_REMOVE_CLIENT command on control
interface. This can be used to remove the specified client [as object
path or string format interface address] from all groups (operating and
persistent) from the local GO.

Argument(s): peer[object path] OR iface[string format MAC address]

Signed-off-by: Purushottam Kushwaha <p.kushwaha@samsung.com>
Signed-off-by: Jijo Jacob <jijo.jacob@samsung.com>
2015-06-19 12:55:54 +03:00
Maneesh Jain
f0a79c9403 D-Bus: Fix wpas_dbus_register_peer() documentation
Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>
2015-06-19 12:40:29 +03:00
Maneesh Jain
95d62a6c20 D-Bus: Add missing params in WPS function documentation
This adds missing parameters in all WPS events related function
documentation.

Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>
2015-06-19 12:38:11 +03:00
Maneesh Jain
790429b520 D-Bus: Fix function documentation for wpas_dbus_signal_p2p_go_neg_resp()
Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>
2015-06-19 12:35:40 +03:00
Maneesh Jain
92fe746e19 D-Bus: Add function documentation for wpas_dbus_signal_p2p_go_neg_req()
This is needed to add this function into Doxygen documentation.

Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>
2015-06-19 12:31:28 +03:00
Ben Rosenfeld
2e96aef298 tests: Wait on the global control interface for CTRL-EVENT-REGDOM-CHANGE
The event is not interface specific, so wait for it on the global
control interface socket.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-06-19 11:31:53 +03:00
Avraham Stern
99b83d0abd tests: Fix grpform_wait_peer group removal in P2P Device case
Get the P2P group interface name so it will be used for group removal to
support configurations that use a dedicated P2P Device interface.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-06-19 11:28:20 +03:00
Avraham Stern
c340e0e8f4 tests: Fix p2p_set_discoverability waiting for CTRL-EVENT-CONNECTED
Wait on the group control interface to support configurations that
use a dedicated P2P Device interface.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-06-19 11:27:15 +03:00
Avraham Stern
e1dffa3b2c P2P: Fix PBC overlap detection
PBC overlap detection searches for another BSS with active PBC in the
BSS table. However, when a separate P2P interface is used, scan results
without P2P IE are not saved in the BSS table, so non-P2P BSS's with
active PBC will not be detected.

Fix this by iterating only the WPS AP array instead of the BSS table.
This is also more efficient since only WPS APs may have active PBC. This
also fixes hwsim test "grpform_pbc_overlap" when a dedicated P2P Device
is used.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-06-19 11:25:21 +03:00
Ilan Peer
bab3191718 tests: Fix wifi_display to use the global control interface
This is needed if the configuration is using a dedicated P2P Device
interface.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 11:14:30 +03:00
Ilan Peer
063006328a tests: Fix wifi_display_persistent_group with P2P Device
Use the global control interface to list the P2P Device persistent
networks. Get and parse the P2P-GROUP-STARTED events, so later the
interface names would be available for the connectivity test etc. Both
of these are required when a dedicated P2P Device interface is used.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 11:12:33 +03:00
Ilan Peer
de7b02fd18 P2P: Use the P2P Device interface in wpas_p2p_fallback_to_go_neg()
Previously the wpa_s->parent interface was used, which is not
necessarily the P2P Device management interface.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 11:07:50 +03:00
Ilan Peer
5590d2ecd1 tests: Fix autogo_pbc() waiting for WPS-PBC
Wait on the global control interface to support
configurations that use a dedicated P2P Device interface.

Note that the group interface cannot be used, as the group
interface name is not saved since no group was created.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 10:59:01 +03:00
Ilan Peer
c0b57b241a tests: Use global and group control interface in test_p2p_autogo
This is required when a dedicated P2P Device is used.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 10:46:17 +03:00
Ilan Peer
a2168cf476 tests: Modify reset() to use the global control interface
Change the reset() method to use the global control interface
for resetting P2P state and also add a call to P2P_FLUSH.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 10:38:22 +03:00
Ben Rosenfeld
0208e8329d tests: Use global interface for "P2P_SET"
Setting P2P per_sta_psk should be done using the global control
interface.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-06-19 10:37:08 +03:00
Jouni Malinen
31bd8ea2e9 tests: NFC static handover with invalid contents
This adds test coverage to p2p_procesS_nfc_connection_handover() error
paths. This is also a regression test case for a memory leak on two of
these error paths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-19 01:23:24 +03:00
Ben Rosenfeld
6b5147af53 P2P: Fix memory leak in p2p_process_nfc_connection_handover()
p2p_process_nfc_connection_handover() allocates msg memory in the parser
and might return before memory is released if the received message is
not valid.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-06-19 01:23:24 +03:00
Jouni Malinen
27f2fab021 tests: WPA2-Enterprise connection using EAP-FAST and OOM in PRF
This is a regression test case for a memory leak on a TLS PRF error
path. In addition, this provides more coverage for this error path.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-19 01:23:24 +03:00
Jouni Malinen
33ba27d387 EAP-FAST peer: Stop immediately on key derivation failure
If key derivation fails, there is no point in trying to continue
authentication. In theory, this could happen if memory allocation during
TLS PRF fails.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-19 01:23:24 +03:00
Ben Rosenfeld
144b6a0650 OpenSSL: Fix memory leak on an openssl_tls_prf() error path
Free tmp_out before returning to prevent memory leak in case the second
memory allocation in openssl_tls_prf() fails. This is quite unlikely,
but at least theoretically possible memory leak with EAP-FAST.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-06-19 01:23:24 +03:00
Jouni Malinen
0b5740fdef tests: More RADIUS testing coverage with CUI/User-Name in ACL response
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-19 00:23:49 +03:00
Jouni Malinen
e51c8b2e97 tests: Make ap_wps_ap_scan_2 more robust
The test sequence "scan_and_bss_entry_removed ap_wps_ap_scan_2" resulted
in failure due to an old BSS entry remaining from the first test case to
the second and the WPS_PBC operation on a forced BSSID ending up picking
the incorrect BSS entry. Make this more robust by clearing the scan
results from cfg80211.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-18 22:33:48 +03:00
Jouni Malinen
492c3a9180 tests: Make ap_wps_pbc_overlap_2* less likely to cause issues
Both of these test cases were leaving out BSS entries with active PBC
mode at the end of the test. This could result in the next text case
failing, e.g., in "ap_wps_pbc_overlap_2ap grpform_ext_listen" and
"ap_wps_pbc_overlap_2sta grpform_ext_listen" sequences. Fix this by
flushing the scan results more carefully at the end of the PBC overlap
test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-18 22:29:14 +03:00
Jouni Malinen
9f622398e4 tests: Print a command line to re-run failed test sequence
This makes it easier to test whether a specific test sequence results in
a reproducible test failure.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-18 21:39:24 +03:00
Jouni Malinen
7242b3df37 tests: P2PS with large number of services in Probe Request/Response
This verifies capability to split the response into multiple P2P
elements.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 18:14:04 +03:00
Jouni Malinen
3d7d9f18db tests: Extend P2PS service seek test to cover multiple services
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 18:14:04 +03:00
Max Stepanov
5a2c379736 tests: P2PS wildcard SD probe
Verify that advertiser returns 'org.wi-fi.wfds' wildcard in a Probe
Response frame if at least one P2PS advertisement is present.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
2015-06-18 18:14:04 +03:00
Jouni Malinen
50a9efe713 P2PS: Fix Probe Response frame building in error cases
org.wi-fi.wfds service is not a replacement for non-WFA service matches.
Do not try to replace the results with that if there is not sufficient
room for the response. Instead, reply with all the matching services
that fit into the message. org.wi-fi.wfds is the first entry in the list
(if matching request/service is present), so it won't get overridden by
other services.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 18:14:04 +03:00
Jouni Malinen
509f269bbd P2PS: Fix org.wi-fi.wfds matching when building the response
The service hash for org.wi-fi.wfds is supposed to match only if the
device has a WFA defined org.wi-fi.wfds.* service. Verify that before
adding org.wi-fi.wfds to the response.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 18:14:04 +03:00
Jouni Malinen
5fa5f84324 P2PS: Add more debug prints for service info building
This makes the debug log much more helpful for figuring out results from
service hash matching.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 18:14:04 +03:00
Jouni Malinen
fdde3db6b8 P2PS: Remove unnecessary service hash filtering from p2p_reply_probe()
Probe Response building is already doing service matching and there is
no need to do this in both places, so simplify the p2p_reply_probe()
implementation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 18:14:04 +03:00
Jouni Malinen
f2e0eecf09 P2PS: Do not ignore other hashes if org.wi-fi.wfds hash is included
When doing initial processing of Probe Request frame service hashes, the
previous implementation dropped all other hash values if a hash for
org.wi-fi.wfds was included. This is not correct, since that is not a
full wildcard of all services (it only matches WFA defined
org.wi-fi.wfds.* services).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 17:27:31 +03:00
Jouni Malinen
ebdc32f350 P2PS: Fix service hash matching for org.wi-fi.wfds
This "wildcard" match is for WFA specified org.wi-fi.wfds.* services,
not for all services. Verify that there is a really matching service
being advertised instead of assuming this "wildcard" matches if any
services are advertised.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 17:27:31 +03:00
Jouni Malinen
24533f7e81 P2PS: Fix p2p_find handling to allow "wildcard" with other hash values
The org.wi-fi.wfds "wildcard" is not a full wildcard of all service
names and as such, it must not remove other service name hash values
from the Probe Request frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 17:27:31 +03:00
Jouni Malinen
f33a31b06c P2PS: Verify service name length in P2P_FIND command
p2ps_gen_hash() has a limit on service names based on the temporary
buffer from stack. Verify that the service name from the local P2P_FIND
command is short enough to fix into that buffer.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 17:27:30 +03:00
Jouni Malinen
129b621653 P2PS: Fix P2P_FIND seek parameter parsing
Only the first seek=<service name> parameter was accepted from the
P2P_FIND command. Fix this to go through all seek parameters to
construct the list of service hash values to seek.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 17:27:30 +03:00
Max Stepanov
83e520e473 P2PS: Add a wildcard with other advertised service info
Quoting P2PS specification: "If multiple Service Hash values are
included in the Probe Request frame, then the ASP shall find a match for
each Service Hash, and it shall send a Probe Response frame with the
information listed in this section for all matched Service Hashes." This
commit changes handling of wildcard hash matching by adding a
wildcard 'org.wi-fi.wfds' info together with the other hash matches.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
2015-06-18 15:06:54 +03:00
Max Stepanov
c5d3cadbfb P2PS: Re-factor p2p_buf_add_service_instance function
Add auxiliary functions to write a single advertised service info record
into a wpabuf and to find P2PS wildcard hash in a received hash
attribute. Re-factor p2p_buf_add_service_instance() function to allow
adding new wildcard types in future commits.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
2015-06-18 15:06:48 +03:00
Jouni Malinen
13f6f617ee wpa_cli: Fix process termination in wpa_cli action mode case
Commit 4be9f27595 ('wpa_cli: Use eloop
during connection attempts in interactive mode') did not take into
account the needs for signal processing in action mode. eloop_run() was
not called in this case and the internal select() loop would block eloop
processing anyway and prevent clean shutdown. Fix this by using eloop
for action mode operations.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 13:50:48 +03:00
Jouni Malinen
b4c0f58452 Clear allocated debug message buffers explicitly
When hostapd or wpa_supplicant is run in debug more with key material
prints allowed (-K on the command line), it is possible for passwords
and keying material to show up in debug prints. Since some of the debug
cases end up allocating a temporary buffer from the heap for processing
purposes, a copy of such password may remain in heap. Clear these
temporary buffers explicitly to avoid causing issues for hwsim test
cases that verify contents of memory against unexpected keys.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-17 16:30:34 +03:00
Jouni Malinen
14fd03312c Clear control interface command explicitly from stack
The control interface commands may include passwords or other private
key material, so clear it explicitly from memory as soon as the
temporary buffer is not needed anymore.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-17 16:29:33 +03:00
Jouni Malinen
d95c5994c8 P2P: Fix group interface addition failure properly for concurrent case
It was possible for a P2P group formation failure to result in a
concurrent station mode operation getting disconnected in the specific
error case where group interface addition fails after a successful GO
Negotiation. Fix this by skipping the wpas_p2p_group_delete() call in
this specific case since the group interface does not exists anymore at
the point wpas_group_formation_completed() gets called.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-15 23:43:00 +03:00
Max Stepanov
e12c4004e4 P2PS: Refactor p2p_data::query_hash and p2p_data::query_count use
Avoid using p2p_data::query_hash for both Probe Request frame processing
and for hashes specified by p2p_find. It's resolved by use of local
query_hash and query_count variables in p2p_reply_probe().

Since p2p_data::query_hash is used only for seek hash values rename
p2p_data::query_hash to p2ps_seek_hash.

Delete p2p_data::query_count since it's not needed anymore.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
2015-06-15 17:30:01 +03:00
Jouni Malinen
866eb800e5 tests: VENDOR_ELEM_ADD for various frames
This increases testing coverage for VENDOR_ELEM mechanism by explicitly
verifying that the requested element gets added to each of the supported
frame types.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-15 14:16:30 +03:00
Sunil Dutt
4839da4d4f P2P: Add vendor elements into Invitation Response frames
Commit 86bd36f0d5 ('Add generic mechanism
for adding vendor elements into frames') introduced a mechanism to add
vendor elements into various frames, but missed the addition to the
Invitation Response frame. This commit addresses the same.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-15 14:16:30 +03:00
Max Stepanov
886f583dd7 P2PS: Delete p2ps_svc_found from struct p2p_data
This variable is used locally only in the p2p_reply_probe() function.
The value of this variable is valid only in the context of the single
Probe Request message handling and doesn't make much sense in p2p
context.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
2015-06-14 23:16:55 +03:00
Max Stepanov
3f048aa8d2 P2PS: Add a function to free a PD context
Free a PD context with a function encapsulating both os_free() call and
setting a PD context pointer to NULL.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
2015-06-14 23:16:55 +03:00