Commit graph

8345 commits

Author SHA1 Message Date
Jouni Malinen
3a322496f9 mesh: Delay Authentication frame process with no_auto_peer
There is a possible race condition between receiving the
NEW_PEER_CANDIDATE event and the Authentication frame from the peer.
Previously, if the Authentication frame RX event was indicated first,
that frame got dropped silently. Now, this frame is still dropped, but a
copy of it is stored and the frame gets processed on the following
NEW_PEER_CANDIDATE event if that is received for the same peer within
two seconds.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-23 13:44:38 +02:00
Jouni Malinen
e0cfd223c0 tests: Fix mesh no_auto_peer=1 test cases to allow enough time for retry
If the initial Authentication frame was too early for the peer (i.e.,
NEW_PEER_CANDIDATE event arrived only after the Authentication frame),
wpas_mesh_open_no_auto and wpas_mesh_secure_no_auto test cases were
failing since they waited only for 10 seconds for the connection to be
completed while the retry timer was set to 10-20 seconds on the
authenticator side.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-23 13:10:22 +02:00
Jouni Malinen
9828b70ebd tests: Fix wpas_ctrl_data_test with Linux 3.19-rc1
The kernel commit 'packet: make packet_snd fail on len smaller than l2
header' started rejecting <= 14 octet raw packet socket transmission.
This test case was testing with 14 ocets and that is now rejected by the
kernel. While this may be a kernel side issue, use one octet longer test
data for now to avoid undesired FAIL cases in hwsim tests.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-23 12:27:14 +02:00
Jouni Malinen
b2eb3fe21c tests: Fix ap_ht_40mhz_intolerant_ap
The previous design did not actually break from the wait loop when the
AP changed back to 40 MHz channel and as such, ended up waiting the full
30 second time. Furthermore, the five second delay time for returning
back to 40 MHz was not sufficiently long to test behavior correctly
since the STA did not have any chances of returning the next coex report
before the AP had returned to 40 MHz. Increase the AP wait time to 15
seconds so that the once per 10 seconds OBSS scan from the STA gets in
before changing back to 40 MHz channel (after the 40 MHz intolerant AP
gets disabled).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 22:07:54 +02:00
Jouni Malinen
d97a3c4885 SME: Optimize OBSS scanning
Include only the potentially affected channel range in OBSS scans to
reduce the amount of offchannel time needed for scanning when requested
by the AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 22:07:03 +02:00
Jouni Malinen
0acc2c809d HT: More robust 20/40 coex Action frame parsing
Commit 587d60d2b7 ('Add AP mode support
for HT 20/40 co-ex Action frame') added processing of co-ex report, but
did not include proper bounds checking or IE type checking for the
payload. Furthermore, this was not ready for the possible extensibility
of the 20/40 BSS Coexistence element.

Fix these by checking IE ids for both elements and doing more
apprioriate bounds checking for the element lengths to avoid potentially
reading beyond the frame buffer. Though, the event receive buffer in
both libnl and driver_nl80211_monitor.c is sufficiently large to make it
very unlikely that the maximum read of about 260 bytes beyond the end of
the Action frame would really have any chances of hitting the end of the
memory buffer, so the practical effect of missing bounds checking would
have been possibly accepting an invalid report frame and moving to 20
MHz channel unnecessarily.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 21:54:11 +02:00
Jouni Malinen
2a32ad66da HT: Fix 20/40 coex Action frame parsing
Commit 5ce3ae4c8f tried to clean up
fetching a pointer to the action code field, but it forgot to add
IEEE80211_HDRLEN to the pointer. This resulted in the coex report
elements being read from too early in the frame.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 20:41:19 +02:00
Jouni Malinen
6ac593ec47 tests: Optimize run-tests.py test case dict iteration
Use a single iteration through the module dictionary rather than
iterating over the keys and separately fetching values to get the
function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 20:08:11 +02:00
Jouni Malinen
4cfe369b98 tests: Optimize stop.sh wait times
There is no need to wait for fixed 0.5 seconds for the processes to
exit.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 19:37:08 +02:00
Jouni Malinen
b350009f8c tests: Optimize start.sh execution time
There is no need to wait for one extra second to chown log files when
running as root which is always the case in VM execution.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 19:22:42 +02:00
Jouni Malinen
ce20a3702c nl80211: Remove practically unused process_drv_event()
This was used in the past, but all the event processing is now either
through process_global_event() or process_bss_event().

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 16:12:11 +02:00
Jouni Malinen
a69d0cdc72 tests: Merge grpform_cred_ready_timeout test cases into a single one
These test cases had a long 120 seconds wait for the GO Negotiation
initiator to time out. This can be done using two devices in parallel to
save two minutes from total test execution time.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 15:54:30 +02:00
Jouni Malinen
267ac3bcd6 Add more debug prints for WPA/RSN selection issues for connection
ap_ft_sae test case managed to hit a somewhat unclear error case which
resulted in "WPA: Failed to select WPA/RSN" print and not enough
information to figure out what exactly had went wrong.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 13:49:52 +02:00
Jouni Malinen
9be2b811d4 tests: Mesh max peering limit
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 11:53:02 +02:00
Jouni Malinen
4b9481bcd8 tests: Remove unnecessary wrap_wpas_mesh_test() complexity
This function did not seem to do anything else apart from making it less
obvious that hwsim_utils.test_connectivity() is called.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 11:52:54 +02:00
Masashi Honma
d5b95325de mesh: Fill Number of Peerings field in Mesh Formation Info
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-21 23:59:40 +02:00
Masashi Honma
46e8d90f6a mesh: Add debug message when peering limit is reached
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-21 23:55:44 +02:00
Masashi Honma
4b4093686b mesh: Make maximum number of peer links configurable
Maximum number of peer links is maximum number of connecting mesh peers
at the same time. This value is 0..255 based on the
dot11MeshNumberOfPeerings range.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-21 23:52:31 +02:00
Jouni Malinen
8b2600329f tests: Mesh beacon_int parameter
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 23:45:29 +02:00
Masashi Honma
9c58c5f72c mesh: Make beacon interval configurable
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-21 23:38:20 +02:00
Masashi Honma
3b797130d7 doc: Remove error on document creation
Unexpected trailing zero causes following error.

wpa_supplicant.sgml:472:53:E: character data is not allowed here

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-21 23:36:55 +02:00
Jouni Malinen
5554fbef46 tests: Make parallel VM start a bit more resource friendly
Wait one second between each kvm start to avoid hitting large number of
processes trying to start in parallel. This allows the VMs to be started
more efficiently for parallel-vm.py runs with large number of VMs.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 22:04:54 +02:00
Jouni Malinen
b3f4134912 tests: Clear cfg80211 BSS table at the end of scan_hidden
It was possible for the hidden SSID entry to leak into following test
cases and result in failures, e.g., in this sequence:

scan_hidden
scan_reqs_with_non_scan_radio_work
radius_auth_unreachable
wep_open_auth

BSS <BSSID> picked incorrect BSS entry within wpa_supplicant due to the
old zero-length SSID showing up from the earlier hidden SSID case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 21:58:47 +02:00
Jouni Malinen
2ffbf34db0 tests: Optimize test case execution order for multiple VMs
Move test cases with long duration to the beginning as an optimization
to avoid last part of the test execution running a long duration test
case on a single VM while all other VMs have already completed their
work.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 18:20:15 +02:00
Jouni Malinen
422ba11e30 Flush WPS registrar state on wpa_supplicant FLUSH command
This helps hwsim test cases by avoiding undesired state from previously
executed test cases affecting following tests.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 17:47:42 +02:00
Jouni Malinen
01c87519a3 tests: Do not mark proxyarp_open failed if ebtables is not available
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 17:14:00 +02:00
Jouni Malinen
f24489d94f tests: Use new scripts for vm-run.sh codecov
Now there is only one set of commands to maintain. The separate reports
for individual components have not been of much use in the past, so they
are dropped for now.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 16:41:59 +02:00
Jouni Malinen
cb0555f7be tests: EAP-IKEv2 protocol tests
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 16:16:26 +02:00
Jouni Malinen
8779ac8a67 EAP-IKEv2: Fix a typo in a debug message
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 13:19:14 +02:00
Jouni Malinen
bb68a6e3cc EAP-IKEv2 peer: Fix fragmentation reassembly
ret->ignore needs to be cleared to FALSE when sending fragment ack
message to avoid ignoring the fragment.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 00:48:24 +02:00
Jouni Malinen
8e5c1ec32f EAP-IKEv2: Add explicit limit for maximum message length
This avoids accepting unnecessarily large memory allocations.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 00:25:16 +02:00
Jouni Malinen
f41f670ea5 tests: ERP with EAP-IKEv2
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 23:48:53 +02:00
Jouni Malinen
f1381f99e4 tests: Mesh ht_mode options
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 21:27:22 +02:00
Jouni Malinen
f86868c253 tests: wdev_id in STATUS-DRIVER
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 21:18:26 +02:00
Jouni Malinen
542452a93d tests: hostapd behavior with interface in different bridge
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 21:01:31 +02:00
Jouni Malinen
5ef8e39fa7 nl80211: Fix interface-in-different-bridge case
The local ifindex list needs to be updated only if the current bridge
interface is the correct one. If hostapd is going to move the interface
to another bridge, the old bridge ifindex must not be added. In
addition, when removing the bridge interface on deinit, it may need to
be set down to allow bridge removal.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 21:00:08 +02:00
Jouni Malinen
a42f88f8e7 tests: bg_scan_period parameter configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 19:44:40 +02:00
Jouni Malinen
6343f24d35 tests: IBSS cfg80211 workarounds
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 19:36:41 +02:00
Jouni Malinen
666e508ccf nl80211: Fix cfg80211 workaround for IBSS join
The interface was incorrectly changed to station mode between the two
IBSS join requests and that made the second attempt fail. Remove that
undesired mode clearing from this special case of IBSS leave sequence.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 19:35:23 +02:00
Jouni Malinen
cece9b7df7 tests: Dynamic BSS add operation reusing existing interface
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 19:04:18 +02:00
Jouni Malinen
8916857da6 tests: TDLS with VHT
This adds some more coverage, but the TDLS setup is not for VHT due to
missing support in mac80211.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 18:44:48 +02:00
Jouni Malinen
4466fe6541 tests: VHT and 40 MHz channel
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 18:44:48 +02:00
Jouni Malinen
d4d80e9a14 tests: SMPS AP configuration options
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 18:44:48 +02:00
Jouni Malinen
598555c7e8 tests: IEEE 802.1X with static WEP
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 18:44:48 +02:00
Jouni Malinen
13a3a20dfe Fix wpa_key_mgmt and wpa_pairwise configuration for non-WPA
These hostapd configuration parameter was left at the default values
(WPA-PSK/TKIP) even for cases where WPA was disabled. While these
parameters are not really used much in non-WPA cases, they do get used
for one corner case in nl80211 configuration to disable encryption of
EAPOL frames in IEEE 802.1X WEP case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 18:44:43 +02:00
Jouni Malinen
533fe09b78 nl80211: Fix no-encrypt for IEEE 802.1X WEP EAPOL
Commit 9f12614b8c ('nl80211: Do not
encrypt IEEE 802.1X WEP EAPOL') tried to use
NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT to disable encryption of EAPOL
frames for WEP IEEE 802.1X. However, it used incorrect key management
suite (IEEE 802.1X with WPA/WPA2 while the non-WPA version is needed
here). Consequently, the no-encrypt flag was never set to the driver
(WPA/WPA2 cases do not meet the WEP as pairwise criteria).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 17:35:03 +02:00
Jouni Malinen
1e7528298a tests: cfg80211 scan-for-auth workaround with WEP keys
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 17:28:53 +02:00
Jouni Malinen
a5687274e1 tests: cfg80211 scan-for-auth workaround failing
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 17:22:18 +02:00
Jouni Malinen
b97a7bf672 tests: Large number of BSS add operations with hostapd
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 17:13:00 +02:00
Jouni Malinen
863a54093d tests: rfkill block prior to wpa_supplicant start
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 16:46:39 +02:00