Commit graph

3241 commits

Author SHA1 Message Date
Jouni Malinen
421d658a67 tests: Fix ECDSA signature generation
Parsing of the DER encoded signature was unable to handle results that
were shorter than the prime. These need to be zero padded from left to
generate the correct value.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-17 16:53:05 +02:00
Jouni Malinen
3a88b7e6e9 tests: Split event wait in grpform_cred_ready_timeout
The long wait for the monitor socket events resulted in another socket
running out of TX buffer space. Split the wait into smaller segments and
clear the other socket in each iteration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-17 16:08:53 +02:00
Jouni Malinen
e4b4e1748a tests: Clear monitor socket queue in ap_hs20_interworking_oom
Do not leave all the event messages pending in the socket queue for the
full duration of the test case to avoid hitting the TX socket queue
limit.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-17 16:08:31 +02:00
Jouni Malinen
b21540e682 tests: Close wpa_supplicant control interface more robustly
Some of the test cases left behind attached control interface monitor
sockets that could result in hitting the wpa_supplicant socket TX queue
limit. Try to be a bit more careful about detaching and closing the
sockets to avoid this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-17 16:08:30 +02:00
Jouni Malinen
4d916a7f3e tests: Fix dump_monitor() without monitor attached
Do not try to dump pending event messages if the monitor socket has not
been attached.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-17 12:22:23 +02:00
Jouni Malinen
fab49f6145 tests: Python coding style cleanup (pylint3 bad-whitespace)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-16 18:52:09 +02:00
Jouni Malinen
009b54bedd tests: DPP and provisoning DPP and legacy AKMs
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-16 18:52:09 +02:00
Jouni Malinen
3e1cfead0b tests: Use matching prefix for the ProxyARP IPv6 log files
The "_ipv6" part of the file name was missing and this resulted in file
names that conflicted with the IPv4 test cases and could overwrite logs
for those.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 23:57:44 +02:00
Jouni Malinen
39139d7ead tests: Decode brctl showmacs output for the debug log
This is needed with python3 to make the debug log more readable.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 23:57:44 +02:00
Jouni Malinen
649038e117 tests: Remove unnecessary second wait from connect_cmd_reject_assoc
It does not look like there would be two CTRL-EVENT-ASSOC-REJECT events
here, so only check the first one instead of requiring both to be
received with status_code=27. This test case could fail based on the
second connection attempt (due to that extra event wait) timing out.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 23:57:44 +02:00
Jouni Malinen
a2d300765b tests: Make parallel-vm.py log easier to use for debugging failures
Print a list of full paths to log files from failed test cases both the
parallel.log and stdout so that they can be easily opened for analysis.
In addition, renumber the VM lines in the <timestamp>-parallel.log to
match the i+1 numbering used in the log directories and UI that is
tracking test execution.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 21:10:00 +02:00
Jouni Malinen
8cfc758827 tests: Make ap_wpa2_eap_peap_params more robust
One of the steps that expected failure due to PMKID mismatch did not
stop connection attempts. This could result in the following test step
failing due to the previous profile with peaplabel=1 getting used to
derive the MSK incorrectly.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 13:51:55 +02:00
Jouni Malinen
043a29ecc4 tests: Clear pending monitor events before starting scan
The wait_event() call for scan completion could have processed a
previously received event from a prior scan instead of the newly started
one. This could result in flush_scan_cache() assuming there are still
results in the cache even though the scan request to clear the cache had
not even be started yet.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 13:51:55 +02:00
Jouni Malinen
4131ba5c55 tests: External radio work and DISCONNECT clearing connection attempt
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 13:03:31 +02:00
Jouni Malinen
a8b8da1132 tests: Python coding style cleanup (pylint3 unneeded-not)
Use more readable "foo not in bar" construction for the couple of places
that did "not foo in bar".

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 11:34:32 +02:00
Jouni Malinen
2f22ed4fab tests: Fix run-tests.py module file (-l) handling
Prior cleanup broke the indentation here and made the addition of test
cases unreachable.

Fixes: 0663ae22ff ("tests: Do not use tabs for indentation")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 11:18:20 +02:00
Jouni Malinen
3507968fd2 tests: SAE anti-clogging request with mesh BSS
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 00:31:09 +02:00
Jouni Malinen
8ad1009e50 tests: DPP and Enrollee rejecting Config Object
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 00:31:09 +02:00
Jouni Malinen
8b6c834ff9 tests: DPP test cases to handle new behavior due to config result
The new DPP Configuration Result message can result in a bit different
behavior at the end of the configuration exchange and some of the test
cases need more flexibility to work with that DPP2 behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 00:31:09 +02:00
Jouni Malinen
f77d106294 tests: Fix dpp_qr_code_auth_initiator_enrollee to clear gas_address3
gas_address3 was set to 1 in this test case, but it was never cleared.
That can result in unexpected behavior in other test cases that dpeends
on gas_address3 being in its default value 0. Clear the parameter
explicitly to avoid this.

This resulted in an error in the following test sequence:
dpp_qr_code_auth_initiator_enrollee gas_anqp_address3_ap_forced

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-14 00:13:35 +02:00
Jouni Malinen
86db4e63d3 tests: Make WNM test case scan clearing more robust
There was a race condition on starting the flush_scan_cache() operations
if a scan happened to be in progress when the test case ended since the
ABORT_SCAN success case did not wait for the pending scan operation to
be completed. Wait for the scan completion event in addition to the
disconnection event if the ABORT_SCAN command is accepted.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 23:33:41 +02:00
Jouni Malinen
64766a7783 tests: Make TDLS test case scan clearing more robust
There was a race condition on starting the flush_scan_cache() operations
if a scan happened to be in progress when the test case ended since the
ABORT_SCAN success case did not wait for the pending scan operation to
be completed. Wait for the scan completion event in addition to the
disconnection event if the ABORT_SCAN command is accepted.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 23:33:21 +02:00
Jouni Malinen
32e4ad4433 tests: Decode station dump output to restore pre-python3 behavior
These TDLS test cases missed Popen() result decode() calls in the
earlier python3 compatibility changes. Add those to make debug log more
readable.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 20:40:31 +02:00
Jouni Malinen
3d5cfa0f6d tests: Make DPP protocol failure testing more robust
Wait explicitly for the DPP-NOT-COMPATIBLE event when going through
protocol testing with local failures instead of just waiting for a fixed
0.1 second duration. This prevents a test failure at least in
dppauth_resp_status_failure in a case where the failing operation may be
delayed under heavy CPU load.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 19:44:50 +02:00
Jouni Malinen
8b944cf779 tests: Clear scan results from dev5 in WPS testing
Test case sequence "ap_wps_ap_scan_2 ap_wps_pbc_2ap" resulted in a
failure due to a scan entry being left behind from the first test case
and the second one ending up using that obsolete result during WPS_PBC
processing. Fix this by clearing the scan results explicitly on dev5.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 19:27:21 +02:00
Jouni Malinen
ba6ce9c657 tests: DPP and duplicated Authentication Response
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 13:22:40 +02:00
Jouni Malinen
a1983aa72c tests: Make sae_anti_clogging_during_attack more robust
Accept a smaller number of token responses in second round to avoid
failing this test case as frequently.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-12 17:31:40 +02:00
Jouni Malinen
53b4f0fe6a tests: Disable fragm/rts_threshold after testing it
The configurated fragmentation/RTS threshold value survives AP mode
interface restarts, so these values need to be explicitly cleared back
to default (disabled). This fixes an issue where some test cases could
not work correctly if fragmentation on the interface was enabled. For
example, this combination used to fail:
ap_fragmentation_open ap_hs20_fetch_osu

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-12 17:18:38 +02:00
Jouni Malinen
abaa0893f0 tests: Fix scan_specific_bssid in case Beacon frame is seen
The first scan for the unknown BSSID could have been timed in a manner
that allows passive scanning to find the real AP even if that AP's
beacon interval was 1000 (e.g., heavy CPU load changed timing so that
the AP beaconing started at suitable time). The check for BSS result
entry not including Probe Response frame was comparing incorrect BSS
entries (bss2 vs. bss1) which resulted in the test case claiming failure
even when there was no unexpected Probe Response frame.

Fix this by comparing the beacon_ie and ie parameters from the same BSS
entry (bss1).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-12 16:36:46 +02:00
Jouni Malinen
9efd3447c7 tests: Make AP discovery more robust in eap_proto test cases
Number of these test cases start connection attempt in wpa_supplicant
and then expected a specific failure to happen relatively quickly. This
could result in timeouts if the first scanning round missed to find the
AP (e.g., due to CPU load pushing out the Probe Response frame long
enough for the station having left the channel) and wpa_supplicant then
waiting five seconds before starting a new scan.

Make this more robust by scanning explicitly for the specific BSSID
before starting the connection attempt.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-12 16:24:15 +02:00
Jouni Malinen
914d8ecac7 tests: SAE group negotiation (no match)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-12 00:25:48 +02:00
Jouni Malinen
f4f17e9aa1 tests: check_cert_subject
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-11 14:09:45 +02:00
Lubomir Rintel
192d061add tests: Drop testing of the old D-Bus interface
This old interface has been obsoleted and should not have been used
since 2010, so remove testing for it in preparation to dropping the
interface completely from wpa_supplicant.

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
2019-03-09 18:23:09 +02:00
Jouni Malinen
a5387062e5 tests: Use a helper function for DPP_BOOTSTRAP_GEN commands
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-09 18:13:10 +02:00
Jouni Malinen
0422d06b54 tests: Use a helper function for DPP_QR_CODE commands
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-09 16:55:54 +02:00
Jouni Malinen
7010f4bed5 tests: DPP provisioning updating wpa_supplicant configuration file
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-09 16:23:04 +02:00
Jouni Malinen
0defc42a49 tests: Add wlantest description for ap_ft_pmf_*_over_ds
This is convenient to allow easier examination of the FT Action frames.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-09 11:37:02 +02:00
Jouni Malinen
0c481b7866 tests: Use run_ap_ft_pmf_bip_over_ds() for ap_ft_pmf_over_ds
No need to duplicate this functionality when all the ap_ft_pmf_*_over_ds
test cases are doing practically the same thing and the
no-specific-cipher-configuration case can be addressed easily with the
same helper function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-09 11:33:49 +02:00
Jouni Malinen
46b8ea2105 tests: Fix ap_ft_pmf_over_ds
The main step of the test case was accidentally removed when adding the
cipher specific versions.

Fixes: ffcaca68d3 ("tests: FT with different BIP algorithms")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-09 11:26:38 +02:00
Jouni Malinen
9ebbdd0aa3 tests: Report authentication server memory leaks more visible
It was too easy to miss memory leaks in the hostapd-as-AS log.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-08 16:52:52 +02:00
Jouni Malinen
dc0f727c99 tests: WPS with PSK+SAE
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-06 21:52:49 +02:00
Jouni Malinen
e43352ff41 tests: SAE anti clogging during an attack
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-06 13:07:25 +02:00
Jouni Malinen
a053ab9590 tests: More complete group list for sae_groups
Add group 1 for completeness sake and also and Brainpool groups with
OpenSSL 1.1.*.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-06 13:05:23 +02:00
Jouni Malinen
c097f12c8f tests: Enable needed SAE groups explicitly in sae_oom_wpas
Configure the sae_groups parameter for hostapd explicitly in preparation
for the default value change in the implementation.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-05 17:14:05 +02:00
Jouni Malinen
656f4a3edd tests: Enable needed SAE groups explicitly in sigma_dut_sae
Configure the sae_groups parameter for hostapd explicitly in preparation
for the default value change in the implementation.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-05 17:12:44 +02:00
Jouni Malinen
3d5b88b5a0 tests: FT-SAE with Password Identifier
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-26 20:40:32 +02:00
Jouni Malinen
05103c400b tests: More robust connect command testing
Avoid an invalid failure case due to scan results being left behind from
connect_cmd_bssid_hint when executing connect_cmd_reject_assoc by
explicitly clearing the scan results from dev5. This fixes an error case
that happened with the following test case sequence:
connect_cmd_bssid_hint connect_cmd_reject_assoc

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 21:58:28 +02:00
Jouni Malinen
fe5400dda2 tests: Make MACsec test cases clear monitor socket more thoroughly
The wpas (dev5) control interface socket did not always get cleared in
the MACsec test cases and this could result in issues with following
test cases if the dev5 message queue hit the maximum limit.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 21:40:23 +02:00
Lubomir Rintel
5644f0ce3a tests: Remove CONFIG_PEERKEY
The functionality has been removed in commit a0bf1b68c0 ('Remove all
PeerKey functionality').

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
2019-02-25 19:48:49 +02:00
Jouni Malinen
f3e671591e tests: libFuzzer integration for test-json and test-x509
Allow these test tools to be used with libFuzzer in addition to
afl-fuzz.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00