Allow option (command line argument -e) to capture Ethernet headers
instead of IEEE 802.11 so that wlantest can be used as a replacement for
tcpdump/dumpcap for capturing.
Signed-off-by: Jouni Malinen <j@w1.fi>
Flush cfg80211 scan cache explicitly when running this test case to
avoid issues with the ROAM command not working due to a scan result from
an earlier test case. This was causing failures in the following test
case sequence:
rrm_beacon_req_active_ap_channels rrm_reassociation
Signed-off-by: Jouni Malinen <j@w1.fi>
Field wpa_s->sme.ht_sec_chan keeps secondary channel for the 40 MHz
band. This field is used to prepare a list of channels for the STA OBSS
scan. Initially, the secondary channel is set to HT_SEC_CHAN_UNKNOWN.
Later on, in function wpa_obss_scan_freq_list() it is obtained from the
current BSS HT operation IE. However, the secondary channel information
is not updated after channel switch, which may lead to an incorrect list
of channels prepared for the STA OBSS scan.
Update ht_sec_chan according to the channel switch event data to fix
this.
Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
There is no need to generate these OCSP responses for every single test
session. Generate these more dynamically if a test case that uses these
files is executed.
Signed-off-by: Jouni Malinen <j@w1.fi>
There is no need to generate these OCSP responses for every single test
session. Generate these more dynamically if a test case that uses these
files is executed.
Signed-off-by: Jouni Malinen <j@w1.fi>
There is no need to generate this OCSP response for every single test
session. Generate this more dynamically if the test case that uses the
particular file is executed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Some of the error paths in go_neg_pbc() and go_neg_pin() did not wait
for the helper thread to complete processing. This could result in
unexpected behavior when the test case could have exited while the
thread was still performing tasks for the GO Negotiation. This could
result in getting stuck in one of the following test cases with
"go_neg_init_pbc thread caught an exception from p2p_go_neg_init: Group
formation timed out" showing up in the log.
This was hit, e.g., with the following test sequence:
no_go_freq p2p_channel_drv_pref_autogo
Signed-off-by: Jouni Malinen <j@w1.fi>
This gets rid of the loop that was polling for things to do every 0.25
seconds and instead, reacts to any data from VMs as soon as it becomes
available. This avoids unnecessary operations when no new data is
available and avoids unnecessary waits when new data becomes available
more quickly.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for hostapd to enter the PTKINITDONE state before checking
connectivity. This is needed to avoid a race condition with UML
time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is more efficient since we can now start only the necessary number
of VMs instead of always forcing all VMs to start with one second delay.
This can also control the starting delay by keeping at most two VMs
starting at a time instead of using the hardcoded one second wait for
each consecutive VM.
Signed-off-by: Jouni Malinen <j@w1.fi>
For some reason, running tshark in the test cases can take significant
time especially with UML time-travel. Optimize this by reducing the
number of times tshark needs to be executed in the loop.
Signed-off-by: Jouni Malinen <j@w1.fi>
The wlan_mgt to wlan renaming is already included in most recent tshark
versions, so replace the backwards compatibility option to prefer the
new version so that current versions do not need to take the performance
hit.
Signed-off-by: Jouni Malinen <j@w1.fi>
It looks like these test cases can fail with the new "Undefined
secondary channel: drop OBSS scan results" case. Add more checks to
determine if something is wrong with the connection.
In addition, force clearing of the cfg80211 scan cache on the main AP
interface so that a scan result from a previous test case cannot prevent
40 MHz channel bandwidth from being used. This could apparently happen
in the following test case sequence:
ap_ht40_scan_conflict obss_scan
Signed-off-by: Jouni Malinen <j@w1.fi>
These were doing practically the same thing, so get rid of the external
helper function and standardize on using hapd.wait_sta().
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for hostapd to indicate connection before disconnecting from the
station side. This avoids a race condition especially with UML
time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
This lets one know the current neighbor list, and could be used
to populate the neighbor list of other hostapd processes.
For instance:
$ hostapd_cli -i vap0001 show_neighbor
04:f0:21:1e:ae:b0 ssid=04f0211eaeb0af190000802809 nr=04f0211eaeb0af1900008028090603022a00
$ hostapd_cli -i vap0000 set_neighbor 04:f0:21:1e:ae:b0 ssid=04f0211eaeb0af190000802809 nr=04f0211eaeb0af1900008028090603022a00
OK
$ hostapd_cli -i vap0000 show_neighbor
04:f0:21:1e:ae:b0 ssid=04f0211eaeb0af190000802809 nr=04f0211eaeb0af1900008028090603022a00
04:f0:21:c3:b2:b0 ssid=04f021c3b2b0af190000802809 nr=04f021c3b2b0af1900008028090603022a00
Signed-off-by: Ben Greear <greearb@candelatech.com>
Wait for hostapd to report completion of the connection before going
through the disconnection and reconnection steps to avoid a race
condition especially with UML time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for hostapd to report connection completion before performing
connectivity test to avoid race conditions especially with UML
time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
In the previous implementation connected STA performs OBSS scan
according to requests from its 20/40 MHz AP. However STA checks only 40
MHz intolerance subfield from HT Capabilities element in scan results.
Meanwhile, as per IEEE Std 802.11-2016, 11.16.12, STA should check
overlapping BSSs as well.
Note that all the required code to check overlapping BSSs did already
exist for AP mode since AP does those checks properly before operating
as 20/40 MHz BSS in the 2.4 GHz band. Use that existing code by replace
existing 40 MHz intolerance check in sme_proc_obss_scan() with the new
shared helper function check_bss_coex_40mhz().
Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
Move this implementation from check_40mhz_2g4() into a new helper
function check_bss_coex_40mhz function() so that it can be used in the
station mode case as well as the previously used AP mode case.
Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
Let users delete a neighbor by BSSID alone if they prefer. The
underlying code already properly handled a NULL SSID, so just relax the
control interface command calling restrictions.
Signed-off-by: Ben Greear <greearb@candelatech.com>
This gives us the network device name in logging messages, which can be
helpful when having one wpa_supplicant process handle multiple devices.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Support for dynamic VLANs depends on the Linux bridge ioctls.
Add this dependency explicitely to drivers make files.
This fixes build for minimal hostapd configs such as:
CONFIG_DRIVER_WIRED=y
CONFIG_FULL_DYNAMIC_VLAN=y
Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
This allows BIP-GMAC-128, BIP-GMAC-256, or BIP-CMAC-256 to be used
instead of the previously hardcoded AES-128-CMAC as the group management
cipher when using mesh with PMF. For now, this can be configured by
setting a single group_mgmt value in the network block and doing that
consistently through all the STAs in the mesh.
Signed-off-by: Jouni Malinen <j@w1.fi>
The previous calculation of the buffer length did not take into account
the possibility of 32-octet GTK and IGTK values and it was also missing
something to cover the 16 octet keys that are supported now. Other
buffer elements were likely sufficient to cover all these cases, but
anyway, it is better to allocate sufficient size specifically for AMPE
to avoid issues in the future.
Signed-off-by: Jouni Malinen <j@w1.fi>
WPS_EVENT_CANCEL is added to indicate cancellation of a WPS operation
for any reason in hostapd/wpa_supplicant.
WPS_EVENT_PIN_ACTIVE is added to indicate when a PIN operation is
triggered in wpa_supplicant.
Signed-off-by: Veli Demirel <veli.demirel@airties.com>
Signed-off-by: Bilal Hatipoglu <bilal.hatipoglu@airties.com>
When the newly added "-r" parameter is used, both clis will try to
reconnect forever on connection lost until signalled (ctrl+c) or
terminated. This is useful only when used with -a to take action to
retrieve events or get status and the cli process stays even if
hostapd/wpa_supplicant daemons restart for some reason (e.g.,
configuration change).
Signed-off-by: Veli Demirel <veli.demirel@airties.com>
Signed-off-by: Bilal Hatipoglu <bilal.hatipoglu@airties.com>
This array had not been updated for years (since it was initially added)
and it was missing new network profile parameters that were not quoted
strings (but also not integers that could be set as integer types). Add
those missing non-quoted-strings to allow them to be set through the
DBus interface.
Signed-off-by: Jouni Malinen <j@w1.fi>
These parameters are global parameters, not network profile parameters,
and as such, do not below in dont_quote[] which is used to determine
whether a network profile parameter needs to be quoted.
Signed-off-by: Jouni Malinen <j@w1.fi>
These properties were in the wpas_dbus_bss_properties array when they
should have been in the wpas_dbus_interface_properties array. Move them
to the right place. This is the logical location for these properties
and it matches both the other parts of the implementation (e.g., being
in enum wpas_dbus_prop, not in enum wpas_dbus_bss_prop) and what
was originally documented for the interface in dbus.doxygen.
Fixes: 2bbad1c7c9 ("dbus: Export roam time, roam complete, and session length")
Fixes: 80d06d0ca9 ("dbus: Export BSS Transition Management status")
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Normally nl80211 driver will attempt to strictly control what bridge
given interface is put in. It'll attempt to remove it from an existing
bridge if it doesn't match the configured one. If it's not in a bridge
it'll try to put it into one. If any of this fails then hostapd will
bail out and not set up the BSS at all.
Arguably that's reasonable since it allows to set the BSS up coherently
with regard to EAPOL handling as well as allows extra interactions with
things like FDB. However, not all hostapd drivers interact with bridge=
the same way. One example is atheros. Therefore it's not clear what the
desired behavior should be if consistency across drivers is considered.
There's a case where one might want to use a non-native Linux bridge,
e.g., openvswitch, in which case regular ioctls won't work to put an
interface into a bridge, or figure out what bridge an interface is in.
The underlying wireless driver can still be an ordinary nl80211 driver.
This change relaxes the bridge setup failure so that hostapd still
starts even if it fails to add an interface into a configured bridge
name. It still sets up all the necessary sockets (including the
configured bridge=) so EAPOL handling should work fine. This then leaves
it to the system integrator to manage wireless interface as bridge ports
and possibly fdb hints too.
Signed-off-by: Michal Kazior <michal@plume.com>
In repeater configuration, both AP and STA wireless interfaces may be
included into the same bridge. In this case the following race condition
may occur: wpa_supplicant and hostapd are started, then hostapd clients
are connected before wpa_supplicant connects to remote AP. EAPOL packets
between hostapd and its clients are detected by wpa_supplicant on bridge
interface, prematurely disabling the workaround.
One possible option to fix this issue is to check EAPOL destination MAC
in wpa_supplicant and disable workaround only if EAPOL packet on bridge
interface is indeed intended for wpa_supplicant.
Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
The RECONNECT command on the station was issued immediately after
wpa_supplicant had processed EAPOL-Key msg 3/4. This could happen before
hostapd has processed EAPOL-Key msg 4/4 and especially with UML
time-travel, this could result in the following FT protocol exchange
going through in a manner that makes the hostapd process EAPOL-Key msg
4/4 from the first association as a postponed EAPOL RX at the beginning
of the second association. Avoid this by waiting hostapd to report
completion of the connection before issuing RECONNECT.
Signed-off-by: Jouni Malinen <j@w1.fi>
This buffer was getting corrupted, so add more details to make it
clearer what causes the corruption should this type of regression show
up again.
Signed-off-by: Jouni Malinen <j@w1.fi>
The case where the old RSNE included one or more PMKIDs and that RSNE
was followed by another IE was handled incorrectly since the
os_memmove() to move the end of the buffer when removing old PMKIDs was
stopping copying at the end of the RSNE, not the end of the IE buffer.
This could result in corrupting the IE that followed the RSNE. In
practice, this broke FT-SAE with H2E by corrupting the RSNXE that is in
the buffer after the RSNE.
Fix this by copying the full end of the buffer (i.e., including the
following RSNXE in the visible error case) when removing the old PMKIDs.
Signed-off-by: Jouni Malinen <j@w1.fi>
This PMKID replacement case is not going to prevent connection after a
change in wpa_insert_pmkid() so remove it.
Signed-off-by: Jouni Malinen <j@w1.fi>
The stdout of wpa_passphrase is often piped directly into the
wpa_supplicant config file. In case of errors these will be written to
the file and possibly not noticed by the user.
Use fprintf to print errors to stderr.
Signed-off-by: Sam Tygier <samtygier@yahoo.co.uk>
EAP-SIM full authentication starts with one or more SIM/Start rounds, so
reject an unexpected SIM/Challenge round without any preceeding
SIM/Start rounds to avoid unexpected behavior. In practice, an attempt
to start with SIM/Challenge would have resulted in different MK being
derived and the Challenge message getting rejected due to mismatching
AT_MAC unless the misbehaving server has access to valid Kc, so the end
result is identical, but it is cleaner to reject the unexpected message
explicitly to avoid any risk of trying to proceed without NONCE_MT.
Signed-off-by: Jouni Malinen <j@w1.fi>
Data connectivity test could have been started in the middle of 4-way
handshake. This test case needs to wait for two STA connections before
starting the connectivity test since the first one is only for the
provisioning step.
Signed-off-by: Jouni Malinen <j@w1.fi>
These ciphers do not use a separate MAC algorithm, so digest nid will be
NID_undef. In addition, the fixed_iv_length needs to be set to 4 which
is the implicit part of the IV from PRF. This is needed to fix EAP-FAST
key derivation for cases where GCM/CCM ciphers are used for TLS.
Signed-off-by: Jouni Malinen <j@w1.fi>