Commit graph

17039 commits

Author SHA1 Message Date
Jouni Malinen
2445e18b6f tests: assoc+auth driver event
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-28 13:33:40 +03:00
Jouni Malinen
00bec7b5be tests: IEEE 802.1X and FORCE_UNAUTH state
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-28 12:36:18 +03:00
Lavanya Suresh
e72e322539 hostapd: Enable WMM automatically when HE is configured
If WMM is not set explicitly in the configuration, it can be set based
on HT/HE config. As HE can be used without HT/VHT (which was introduced
as a special behavior for the 6 GHz band), add a similar automatic
enabling of WMM for HE without HT.

Signed-off-by: Lavanya Suresh <lavaks@codeaurora.org>
2021-03-26 00:21:18 +02:00
Jouni Malinen
43a65b40b9 tests: P2P peer table limit
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-26 00:21:18 +02:00
Jouni Malinen
1a47e2ff8f tests: INTERFACE_ADD behavior on driver init failure
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-26 00:21:18 +02:00
Jouni Malinen
8ca330bd70 Flush pending control interface message for an interface to be removed
wpa_supplicant_ctrl_iface_deinit() was executed only if the
per-interface control interface initialization had been completed. This
is not the case if driver initialization fails and that could result in
leaving behind references to the freed wpa_s instance in a corner case
where control interface messages ended up getting queued.

Fix this by calling wpa_supplicant_ctrl_iface_deinit() in all cases to
cancel the potential eloop timeout for wpas_ctrl_msg_queue_timeout with
the reference to the wpa_s pointer. In addition, flush any pending
message from the global queue for this interface since such a message
cannot be of use after this and there is no need to leave them in the
queue until the global control interface gets deinitialized.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-26 00:21:18 +02:00
Jouni Malinen
6bcd4abdc1 tests: FT with beacon protection
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-26 00:21:18 +02:00
Jouni Malinen
df197713c9 tests: OCV testing with AP special functionality set after ENABLE
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-26 00:21:18 +02:00
Jouni Malinen
30f8b912df tests: WPA2-PSK AP and GTK rekey failure
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-26 00:21:18 +02:00
Jouni Malinen
174433fa04 tests: WNM-Sleep Mode exit with PMF and beacon protection
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-26 00:21:18 +02:00
Jouni Malinen
4a841a218b Fix WNM-Sleep Mode exit debug print of BIGTK
Previous debug print used IGTK instead of BIGTK, so fix that to use the
correct key. Actual generation of the BIGTK subelement itself was using
the correct key, though, so this is only needed to fix the debug print.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-26 00:21:18 +02:00
Jouni Malinen
14d31cd978 tests: Re-enable op class 118-120 tests with new regdb
Move from RS to PA country code to allow these test cases to work since
regdb was updated to require DFS for these operating classes in RS.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-26 00:21:06 +02:00
Jouni Malinen
c705d8421a tests: hostapd configuration with op_class
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-24 00:46:57 +02:00
Jouni Malinen
e6510056db tests: DPP PFS error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-24 00:05:05 +02:00
Jouni Malinen
1aa2bc46f7 tests: MSCS
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-23 00:42:06 +02:00
Jouni Malinen
354f87e2e3 MSCS: Fix MSCS Response frame Status field parsing
This is a 2 octet field, so need to use WPA_GET_LE16() here instead of
using only the first octet of the value.

Fixes: bbd3178af4 ("MSCS: Add support to process MSCS Response frames")
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-23 00:42:06 +02:00
Jouni Malinen
b8673baeab Add REGISTER_FRAME hostapd control interface command for testing purposes
This can be used to register reception of new types of Management frames
through nl80211.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-23 00:42:06 +02:00
Jouni Malinen
60974eb3f6 Allow AP mode extended capabilities to be overridden
The new hostapd configuration parameters ext_capa_mask and ext_capa can
now be used to mask out or add extended capability bits. While this is
not without CONFIG_TESTING_OPTIONS, the main use case for this is for
testing purposes.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-22 11:58:21 +02:00
Jouni Malinen
7365eb43ea Make hostapd_config_fill() easier to auto indent
The conditional compilation block with only the opening brace included
in two variants was messing up auto indentation in emacs. Work around
this by defining the maximum value conditionally while leave the if
block outside any conditional building rules.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-22 11:52:51 +02:00
Jouni Malinen
8ca09293ea Simplify extended capability determination in AP mode
There is no need to determine the exact length of the element before
filling in the octets since this function is already capable of
truncated the fields based on what the actual values are.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-22 11:12:39 +02:00
Jouni Malinen
37306a0042 PASN: Use a helper function to free radio work data
This is safer in avoiding memory leaks now that there is a dynamically
allocated member within the data struct.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-21 18:33:17 +02:00
Jouni Malinen
349e9eafbb PASN: Mark pubkey/comeback arguments constant for frame construction
These parameters are only copied to the frame, so mark them as constant.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-21 18:30:52 +02:00
Ilan Peer
93ef7e8c91 tests: Add PASN tests with comeback flow
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-21 18:28:34 +02:00
Ilan Peer
67014b3f74 PASN: Add support for comeback flow to wpa_supplicant
Process the received comeback cookie and retry automatically if the AP
allows this. Otherwise, provide the cookie to upper layers to allow a
later attempt with the cookie.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-21 18:28:34 +02:00
Ilan Peer
ab623ac750 PASN: Add support for comeback flow in AP mode
Reuse the SAE anti-clogging token implementation to support similar
design with the PASN comeback cookie.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-21 18:01:27 +02:00
Jouni Malinen
4871df4bf7 tests: DPP NFC operation failures in hostapd
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-21 16:55:44 +02:00
Jouni Malinen
9c809b2aaa tests: DPP bootstrapping via NFC URI record (hostapd reading tag)
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-21 16:39:46 +02:00
Jouni Malinen
c4b2d6f566 tests: DPP GAS Query error cases with hostapd
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-21 16:33:41 +02:00
Jouni Malinen
4ed10754e8 DPP: Fix GAS client error case handling in hostapd
The GAS client processing of the response callback for DPP did not
properly check for GAS query success. This could result in trying to
check the Advertisement Protocol information in failure cases where that
information is not available and that would have resulted in
dereferencing a NULL pointer. Fix this by checking the GAS query result
before processing with processing of the response.

This is similar to the earlier wpa_supplicant fix in commit 931f7ff656
("DPP: Fix GAS client error case handling").

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-21 11:47:39 +02:00
Jouni Malinen
3ae18d4bd7 EAP-SIM/AKA: Fix check for anonymous decorated identity
eap_sim_anonymous_username() gets called with an argument that is not a
null terminated C string and as such, os_strrchr() and os_strlen()
cannot be used with it. The previous implementation resulted in use of
uninitialized values and a potential read beyond the end of the buffer.

Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32277
Fixes: 73d9891bd7 ("EAP-SIM/AKA peer: Support decorated anonymous identity prefix")
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 16:28:44 +02:00
Jouni Malinen
512d973cc2 DPP: Indicate authentication success on ConfReqRX if needed (hostapd)
It is possible to receive the Configuration Request frame before having
seen TX status for the Authentication Confirm. In that sequence, the
DPP-AUTH-SUCCESS event would not be indicated before processing the
configuration step and that could confuse upper layers that follow the
details of the DPP exchange. As a workaround, indicate DPP-AUTH-SUCCESS
when receiving the Configuration Request since the Enrollee/Responser
has clearly receive the Authentication Confirm even if the TX status for
it has not been received.

This was already done in wpa_supplicant in commit 422e73d623 ("DPP:
Indicate authentication success on ConfReqRX if needed") and matching
changes are now added to hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 16:09:19 +02:00
Jouni Malinen
eff3212763 tests: PMKSA cache add failure
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 13:38:49 +02:00
Jouni Malinen
6c8842f0e0 Fix full EAP authentication after PMKSA cache add failure
Need to get EAP state machine into a state where it is willing to
proceed with a new EAP-Request/Identity if PMKSA cache addition fails
after a successful EAP authentication before the initial 4-way handshake
can be completed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 13:36:55 +02:00
Jouni Malinen
be06fd5b02 tests: hostapd ctrl_iface SET_NEIGHBOR failures
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 13:13:24 +02:00
Jouni Malinen
ed8a5733bd tests: DPP and hostapd as Enrollee with GAS fragmentation/timeout
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 12:55:21 +02:00
Jouni Malinen
9056f918b6 tests: DPP connection status - success with hostapd as Configurator
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 12:19:12 +02:00
Jouni Malinen
6bbbd9729f DPP2: Fix connection status result wait in hostapd
The waiting_conn_status_result flag was not set which made hostapd
discard the Connection Status Result. Fix this to match the
wpa_supplicant implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 12:17:58 +02:00
Jouni Malinen
bcfcb247db tests: hostapd airtime policy configuration
Add minimal testing for airtime policy configuration. mac80211_hwsim
does not actually support this functionality, so this is just for
testing coverage of src/ap/airtime_policy.c.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 12:03:01 +02:00
Jouni Malinen
c0c74f0c6b Testing functionality for airtime policy
Add a new testing parameter to allow airtime policy implementation to be
tested for more coverage even without kernel driver support.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 12:03:01 +02:00
Jouni Malinen
fb9cd650e5 tests: DPP with hostapd as configurator/initiator with v1 enrollee
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 11:57:10 +02:00
Jouni Malinen
68b69d6607 tests: DPP chirp by an AP on 5 GHz
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 11:57:10 +02:00
Jouni Malinen
3d23fe32a5 tests: AP tracking STA taxonomy (5 GHz)
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 11:57:10 +02:00
Jouni Malinen
2f77891496 nl80211: Debug print error from airtime weight configuration
It is better to be able to determine whether the airtime weight
configuration for a STA actually was accepted by the driver or not.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-20 00:15:53 +02:00
Jouni Malinen
8b41ac82e6 tests: HE AP spatial reuse parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-19 23:58:39 +02:00
Jouni Malinen
8c24982e61 tests: Fix error messages for HE config missing
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-19 23:34:58 +02:00
Jouni Malinen
38fa5e6572 More documentation for HE Spatial Reuse Parameter Set configuration
Add a bit more complete documentation on how he_spr_sr_control parameter
is supposed to be used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-19 23:33:16 +02:00
Jouni Malinen
aa6a50849c tests: EAP-SIM with decorated anonymous identity
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-19 21:12:43 +02:00
Hai Shalom
73d9891bd7 EAP-SIM/AKA peer: Support decorated anonymous identity prefix
Support decorated anonymous identity prefix as per RFC 7542,
for SIM-based EAP networks.

Signed-off-by: Hai Shalom <haishalom@google.com>
2021-03-19 21:12:01 +02:00
Mohammad Asaad Akram
7831b10a89 Introduce reason code for TWT teardown due to concurrency
The firmware sends new reason codes to indicate TWT teardown due to
single channel and multi channel concurrency. Update the enum
qca_wlan_vendor_twt_status to represent new reason code.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-19 21:01:36 +02:00
Jouni Malinen
6219d5a5c2 tests: Make FT roaming and data connectivity checks more robust
Dump pending monitor interface messages between each roaming step to
make the test log easier to understand and hostapd wait for the new
connection more robust by ensuring that the processed event if for the
very last reassociation. It looks like at least ap_ft_vlan_over_ds_many
could fail due to the connectivity check being started before the final
roam had been completed on the AP side even though there was an explicit
hapd2ap.wait_sta() wait before the test.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-19 20:54:16 +02:00