This NS seems to go out from the AP interface every now and then and it
makes proxyarp_open_ebtables_ipv6 fails inconveniently often. That frame
should not really be there, but it's not clear what exactly is needed to
stop it going through. It does not come from the test operations
themselves, so ignore it for now to keep test results cleaner.
Signed-off-by: Jouni Malinen <j@w1.fi>
Explicitly clear cfg80211 scan cache to avoid issues from scan results
from previous test cases interfering with INTERWORKING_CONNECT
operation.
Signed-off-by: Jouni Malinen <j@w1.fi>
This removes dependency on tcpdump by using an already included test
tool for capturing frames with Ethernet headers. There were some issues
in getting tcpdump working on Ubuntu 19.10, so this seems to be a clean
way of addressing that.
Signed-off-by: Jouni Malinen <j@w1.fi>
Flush cfg80211 scan cache explicitly when running this test case to
avoid issues with the ROAM command not working due to a scan result from
an earlier test case. This was causing failures in the following test
case sequence:
rrm_beacon_req_active_ap_channels rrm_reassociation
Signed-off-by: Jouni Malinen <j@w1.fi>
There is no need to generate these OCSP responses for every single test
session. Generate these more dynamically if a test case that uses these
files is executed.
Signed-off-by: Jouni Malinen <j@w1.fi>
There is no need to generate these OCSP responses for every single test
session. Generate these more dynamically if a test case that uses these
files is executed.
Signed-off-by: Jouni Malinen <j@w1.fi>
There is no need to generate this OCSP response for every single test
session. Generate this more dynamically if the test case that uses the
particular file is executed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Some of the error paths in go_neg_pbc() and go_neg_pin() did not wait
for the helper thread to complete processing. This could result in
unexpected behavior when the test case could have exited while the
thread was still performing tasks for the GO Negotiation. This could
result in getting stuck in one of the following test cases with
"go_neg_init_pbc thread caught an exception from p2p_go_neg_init: Group
formation timed out" showing up in the log.
This was hit, e.g., with the following test sequence:
no_go_freq p2p_channel_drv_pref_autogo
Signed-off-by: Jouni Malinen <j@w1.fi>
This gets rid of the loop that was polling for things to do every 0.25
seconds and instead, reacts to any data from VMs as soon as it becomes
available. This avoids unnecessary operations when no new data is
available and avoids unnecessary waits when new data becomes available
more quickly.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for hostapd to enter the PTKINITDONE state before checking
connectivity. This is needed to avoid a race condition with UML
time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is more efficient since we can now start only the necessary number
of VMs instead of always forcing all VMs to start with one second delay.
This can also control the starting delay by keeping at most two VMs
starting at a time instead of using the hardcoded one second wait for
each consecutive VM.
Signed-off-by: Jouni Malinen <j@w1.fi>
For some reason, running tshark in the test cases can take significant
time especially with UML time-travel. Optimize this by reducing the
number of times tshark needs to be executed in the loop.
Signed-off-by: Jouni Malinen <j@w1.fi>
The wlan_mgt to wlan renaming is already included in most recent tshark
versions, so replace the backwards compatibility option to prefer the
new version so that current versions do not need to take the performance
hit.
Signed-off-by: Jouni Malinen <j@w1.fi>
It looks like these test cases can fail with the new "Undefined
secondary channel: drop OBSS scan results" case. Add more checks to
determine if something is wrong with the connection.
In addition, force clearing of the cfg80211 scan cache on the main AP
interface so that a scan result from a previous test case cannot prevent
40 MHz channel bandwidth from being used. This could apparently happen
in the following test case sequence:
ap_ht40_scan_conflict obss_scan
Signed-off-by: Jouni Malinen <j@w1.fi>
These were doing practically the same thing, so get rid of the external
helper function and standardize on using hapd.wait_sta().
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for hostapd to indicate connection before disconnecting from the
station side. This avoids a race condition especially with UML
time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for hostapd to report completion of the connection before going
through the disconnection and reconnection steps to avoid a race
condition especially with UML time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for hostapd to report connection completion before performing
connectivity test to avoid race conditions especially with UML
time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
The RECONNECT command on the station was issued immediately after
wpa_supplicant had processed EAPOL-Key msg 3/4. This could happen before
hostapd has processed EAPOL-Key msg 4/4 and especially with UML
time-travel, this could result in the following FT protocol exchange
going through in a manner that makes the hostapd process EAPOL-Key msg
4/4 from the first association as a postponed EAPOL RX at the beginning
of the second association. Avoid this by waiting hostapd to report
completion of the connection before issuing RECONNECT.
Signed-off-by: Jouni Malinen <j@w1.fi>
This PMKID replacement case is not going to prevent connection after a
change in wpa_insert_pmkid() so remove it.
Signed-off-by: Jouni Malinen <j@w1.fi>
Data connectivity test could have been started in the middle of 4-way
handshake. This test case needs to wait for two STA connections before
starting the connectivity test since the first one is only for the
provisioning step.
Signed-off-by: Jouni Malinen <j@w1.fi>
The previous waits were matching both DPP-TX and DPP-TX-STATUS and if
the latter event was received, the test cases would either report
failure or would not really test what was supposed to be verified. Fix
this by waiting explicitly for "DPP-TX " to avoid matching
"DPP-TX-STATUS" prefix.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait STA connection to be completed in hostapd before testing
connectivity. This avoids a possible race condition that could be hit
especially when testing with UML time-travel.
Signed-off-by: Jouni Malinen <j@w1.fi>
openssl engines may dynamically load external libraries. Our event_*()
functions happen to be named very generically, such that event_add()
collides with the libevent library (https://libevent.org/). This can
have disastrous effects (esp. when using CONFIG_WPA_TRACE, which enables
partial linking) when our SSL engines call into the WPS event_add()
instead of their intended libevent event_add().
Resolve this by providing a more unique prefix to these functions.
Rename performed via:
sed -i -E \
's:\<event_(add|delete_all|send_all_later|send_stop_all)\>:wps_upnp_event_\1:g' \
$(git grep -l event_)
Tested via (among other things) hwsim '-f ap_wps' module.
Signed-off-by: Brian Norris <briannorris@chromium.org>
The 127.0.0.11/24 address that could have been left on the wlan0
interface resulted in some test case sequence failures. Fix this by
explicitly clearing that address when terminating sigma_dut.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
start_sigma_dut() can raise an exception and as such, assigning a
variable to its return value within a try block does not work in this
manner when the result is supposed to be used in the finally statement.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The second round may use PMKSA caching, but AP will need to reject msg
2/4 in that case as well due to RSNXE mismatch.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
sigma_dut does not clear sae_pwe value when the command line argument
"-2" is used, so we need to explicitly clear this from wpa_supplicant at
the end of the test case.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The previous description of wmediumd_scan_only_one used multiple lines
and that resulted in parallel-vm.py miscounting total number of test
cases. Fix that by getting rid of the newlines from the description.
Signed-off-by: Jouni Malinen <j@w1.fi>
Now that parallel-vm.py is actually stopping VMs as soon as they are not
needed for retries, it is not really an unexpected exit to see a VM exit
while test cases remain in the queue as long as at least that many VMs
remain running. Get rid of confusing 'unexpected exit' status from the
UI in such cases.
Fixes: 4aaddecdd8 ("tests: Handle test retries through the same queue")
Signed-off-by: Jouni Malinen <j@w1.fi>
Now that wpa_supplicant was modified to use NAI realm query even if
roaming_consortium is set, this test case is actually able to find a
match. Update it to avoid cause incorrect test failures.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
There was a bug in wmediumd in that it didn't set the
frequency of frames, and thus they were always received
by mac80211_hwsim, regardless of channel it was on.
Add two tests that verify we only find a single instance
of an AP if we only have that one, and run this both with
and without wmediumd.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Avoid race conditions in completing mesh group removal/re-addition steps
and starting connectivity check. It seemed to be possible to get to the
connectivity test in some cases before the mesh STA had rejoined the
mesh and completed key configuration.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is in preparation of an implementation to to remove the alternative
SSWU path that was needed only for this particular group.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
These test cases were all using group 21 even though they were supposed
to go through all the possible groups.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
It looks like the wpa_auth_get_seqnum() function might not always be
visible in the backtrace since the compiler may optimize that wrapper
away. Use the i802_get_seqnum() function instead as a trigger for the
get_seqnum operation failure trigger to avoid this.
Signed-off-by: Jouni Malinen <j@w1.fi>
Verify behavior with sae_pwe configuration values 0..2, i.e., test the
new hash-to-element mechanism for deriving PWE and negotiation for which
method to use.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases. This contains updates from running
tests/hwsim/auth_server/update.sh.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This verifies mac80211 behavior for Layer 2 Update frame use and other
unexpected frames from a not fully authentication station.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait hostapd to complete key setup before asking it to send a frame that
may need PMF. This is needed especially with UML time-travel.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This looked like a copy-paste error in the event message check and once
that was fixed, couple of test cases needed fixes to expect a success
from the Configurator.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
IEEE Std 802.11F-2003 was withdrawn in 2006 and as such it has not been
maintained nor is there any expectation of the withdrawn trial-use
recommended practice to be maintained in the future. Furthermore,
implementation of IAPP in hostapd was not complete, i.e., only parts of
the recommended practice were included. The main item of some real use
long time ago was the Layer 2 Update frame to update bridges when a STA
roams within an ESS, but that functionality has, in practice, been moved
to kernel drivers to provide better integration with the networking
stack.
Signed-off-by: Jouni Malinen <j@w1.fi>
Hardcode this to be defined and remove the separate build options for
PMF since this functionality is needed with large number of newer
protocol extensions and is also something that should be enabled in all
WPA2/WPA3 networks.
Signed-off-by: Jouni Malinen <j@w1.fi>
The hostapd side operations and data connectivity test were executed
without explicitly waiting for hostapd to report connection as having
been completed. This could result in trying to transmit data before
EAPOL-Key msg 4/4 was processed especially when using UML time-travel.
Make this more robust by waiting for hostapd to be ready before the data
test.
Signed-off-by: Jouni Malinen <j@w1.fi>
This test case was failing if wlantest was able to decrypt the CCMP
protected frames. Fix the tshark filter string to include only the
actually encrypted frames for PN comparison.
Signed-off-by: Jouni Malinen <j@w1.fi>
These were moved from test_sae.py to utils.py, so import them from the
correct location instead of through test_sae.py that imports them from
utils.py.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait for hostapd to report completion of connection so that the WNM
Notification Request frame does not get sent before the AP has processed
EAPOL-Key msg 4/4 and configured the TK. This could result in a race
condition especially when testing using UML with time-travel.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This is needed with the increased maximum EAP round limit since the
server side sends out longer messages in this exchange and that prevent
the short message limit from being reached.
Signed-off-by: Jouni Malinen <j@w1.fi>
In addition, update the generation script to allow convenient update of
the server and user certificates without having to generate new keys.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The wlan.mesh.config doesn't have to be the last element of beacon. Things
like VHT or HE oper/cap are usually follow the mesh configuration element.
The workaround must first get the position of a correct reference value in
wlan.mesh.config (ps_protocol) and then calculate the correct
wlan.mesh.config.cap offset based on that.
Reported-by: Johannes Berg <johannes@sipsolutions.net>
Fixes: 2cbaf0de22 ("tests: Work around tshark bug in wpas_mesh_max_peering")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
It was clearly too easy to get unexpected behavior by accidentially
passing in a string instead of a list of strings to these functions, so
enforce the correct type to notice such issues automatically.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
wait_event() expects a list of events instead of a single event name.
The previous implementation of wait_sta() did not really wait for
AP-STA-CONNECT; instead, it returned the next event from hostapd
regardless of what that event was.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The AP side may not have had enough time to configure the new TK into
the driver if the connectivity test is started immediately after the
station side event.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
When going through 4-way handshake, the station side reports
CTRL-EVENT-CONNECTED after having sent out EAPOL-Key msg 4/4. The AP
side reports AP-STA-CONNECT after having completed processing of this
frame. Especially when using UML with time travel, it is possible for
the connectivity test to be started before the AP side has configured
the pairwise TK if the test is triggered based on CTRL-EVENT-CONNECTED
instead of AP-STA-CONNECT.
Add explicit wait for AP-STA-CONNECT in some of these cases to reduce
likelihood of reporting failures for test cases that are actually
behaving as expected. This shows up with "dev1->dev2 unicast data
delivery failed" in the test log.
Do the same before requesting reauthentication from the station side
since that has a similar issue with the EAPOL-Start frame getting
encrypted before the AP is ready for it.
Signed-off-by: Jouni Malinen <j@w1.fi>
This helps in avoiding issues with another test case trying to bind to
the same UDP port and failing due to the previous use by pyrad still
being open. This showed up with failures in radius_ipv6 when it followed
a test case like eap_proto_tls with suitable set of test cases between
them.
Signed-off-by: Jouni Malinen <j@w1.fi>
Test case sequence "persistent_group_channel scan_bss_expiration_count"
was failing with UML when using time travel. This seemed to be because
there was no explicit wait to confirm that the AP has been fully
disabled before running the next scan. Work around this by verifying
that hostapd has terminated the BSS and waiting a bit after that before
proceeding.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
ap_vht160_no_dfs fails with this message:
---------------
wlan0: Country code not reset back to 00: is ZA
wlan0: Country code cleared back to 00
---------------
hostap commit 91b6eba773
'Move MAC address randomization enable/disable to helper functions'.
wireless-testing commit 66c112cbd1d44d05322bb4eef908c82a68adbb5e
tag: wt-2019-06-26.
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
wep_ht_vht fails with this message:
---------------
wlan0: Country code not reset back to 00: is SE
wlan0: Country code cleared back to 00
---------------
hostap commit 91b6eba773
'Move MAC address randomization enable/disable to helper functions'.
wireless-testing commit 66c112cbd1d44d05322bb4eef908c82a68adbb5e
tag: wt-2019-06-26.
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_wps_conf_5ghz fails with this message:
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
hostap commit 91b6eba773
'Move MAC address randomization enable/disable to helper functions'.
wireless-testing commit 66c112cbd1d44d05322bb4eef908c82a68adbb5e
tag: wt-2019-06-26.
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_acs_vht160 fails with this message:
---------------
wlan0: Country code not reset back to 00: is ZA
wlan0: Country code cleared back to 00
---------------
hostap commit 91b6eba773
'Move MAC address randomization enable/disable to helper functions'.
wireless-testing commit 66c112cbd1d44d05322bb4eef908c82a68adbb5e
tag: wt-2019-06-26.
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_acs_vht40 fails with this message:
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
hostap commit 91b6eba773
'Move MAC address randomization enable/disable to helper functions'.
wireless-testing commit 66c112cbd1d44d05322bb4eef908c82a68adbb5e
tag: wt-2019-06-26.
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_acs_vht fails with this message:
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
hostap commit 91b6eba773
'Move MAC address randomization enable/disable to helper functions'.
wireless-testing commit 66c112cbd1d44d05322bb4eef908c82a68adbb5e
tag: wt-2019-06-26.
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_acs_5ghz_40mhz fails with this message:
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
hostap commit 91b6eba773
'Move MAC address randomization enable/disable to helper functions'.
wireless-testing commit 66c112cbd1d44d05322bb4eef908c82a68adbb5e
tag: wt-2019-06-26.
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_acs_5ghz fails with this message:
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
hostap commit 91b6eba773
'Move MAC address randomization enable/disable to helper functions'.
wireless-testing commit 66c112cbd1d44d05322bb4eef908c82a68adbb5e
tag: wt-2019-06-26.
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
rrm_beacon_req_passive_scan_vht fails with this message:
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
hostap commit 91b6eba773
'Move MAC address randomization enable/disable to helper functions'.
wireless-testing commit 66c112cbd1d44d05322bb4eef908c82a68adbb5e
tag: wt-2019-06-26.
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
This removes the separate rerun step from the parallel-vm.py processing
and instead, simply requeues the failed test cases into the same queue
that is used for the initial run. This is simpler and more efficient
since reruns start as soon as any VM is ready for processing them
instead of having to wait for all VMs to complete the first round.
Furthermore, this allows VMs to be stopped sooner when no more test
cases remain and that is helpful especially with the time travel patches
that make the wait-for-next-test step in the VM use all available CPU.
Signed-off-by: Jouni Malinen <j@w1.fi>
Enable all supported groups in the existing ap_wpa2_eap_pwd_groups and
ap_wpa2_eap_pwd_invalid_group test cases to maintain current testing
functionality once wpa_supplicant is modified to use a different default
for the enabled groups.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Test names can now use wildcard in the end (e.g., ap_wpa2_psk*) to match
all test cases with the specified prefix.
Signed-off-by: Jouni Malinen <j@w1.fi>
scan_dfs fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
p2p_go_move_scm_peer_does_not_support fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
p2p_channel_5ghz_165_169_us fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
p2p_channel_5ghz_only fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
autogo_ht_vht fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
p2p_autogo_pref_chan_not_in_regulatory fails with this message.
---------------
wlan0: Country code not reset back to 00: is SE
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht80_to_24g_ht fails with this message.
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht_40_fallback_to_20 fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht_tkip fails with this message.
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
prefer_vht40 fails with this message.
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht80_csa fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht80plus80_invalid fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht160_no_ht40 fails with this message.
---------------
wlan0: Country code not reset back to 00: is ZA
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht_40 fails with this message.
---------------
wlan0: Country code not reset back to 00: is DE
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht_20 fails with this message.
---------------
wlan0: Country code not reset back to 00: is DE
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht80_invalid2 fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht80_invalid fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht_wifi_generation fails with this message.
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht80 fails with this message.
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_wps_conf_chan14 fails with this message.
---------------
wlan0: Country code not reset back to 00: is JP
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_acs_vht160_scan_disable fails with this message.
---------------
wlan0: Country code not reset back to 00: is ZA
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
rrm_beacon_req_passive_scan_vht160 fails with this message.
---------------
wlan0: Country code not reset back to 00: is ZA
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
rrm_beacon_req_table_vht fails with this message.
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_ht40_5ghz_disabled_sec fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_ht40_5ghz_invalid_pair fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_track_sta_force_2ghz fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_track_sta_force_5ghz fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_track_sta_no_auth_passive fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_track_sta_no_auth fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_track_sta_no_probe_resp fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_track_sta fails with this message.
---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
nfc_wps_handover_chan14 fails with this message.
---------------
wlan0: Country code not reset back to 00: is JP
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht_use_sta_nsts fails with this message.
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht_capab_not_supported fails with this message.
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
ap_vht80c/d fails with this message.
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
dfs_radar2 fails with this message.
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Matching with roaming_consortium requires EAP type to be specified to
work for the connection. This test case was not really testing the
connection part, so this has not been much of an issue in the past, but
in preparation for the matching rules to start filtering out invalid
credential configurations from selection, the EAP type needs to be
explicitly set here.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Looks like the previous fix for a newer OpenSSL versions broke
functionality with older versions that did not seem to like @SECLEVEL=0
in the cipher list. Make that addition conditional on OpenSSL version to
work with both versions.
Fixes: e87e6f609b ("tests: Fix EAP-FAST protocol testing with newer OpenSSL and pyOpenSSL")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
wpas_ap_async_fail fails with this message.
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
nfc_wps_handover_5ghz fails with this message.
---------------
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
---------------
This patch fixes the issue.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
dfs_cac_restart_on_enable fails with this message.
---------------
START dfs_cac_restart_on_enable 1/1
wlan0: Country code not reset back to 00: is FI
wlan0: Country code cleared back to 00
FAIL dfs_cac_restart_on_enable 3.037694 2019-05-28 01:35:07.548390
failed tests: dfs_cac_restart_on_enable
---------------
This patch fixes the false negative.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
It looks like the previously used sleep time was not sufficient to allow
capturing the frames from wlan0/wlan1/wlan2 to start and complete so
that all the necessary frames can be checked. This was the case
especially with UML time-travel=inf-cpu.
Signed-off-by: Jouni Malinen <j@w1.fi>
Recent regdb enabled UNII 3 in Finland. Change the
mbo_supp_oper_classes_fi test accordingly to accept either the previous
or the current value to be reported.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
It is fine for the station to associate with either AP in this test
case, so do not force AP side connection check with apdev[0].
Signed-off-by: Jouni Malinen <j@w1.fi>
When the serial ports are set into raw mode on stdio (fd:0,fd:1)
then Ctrl-C is sort of passed through, but not effective. Request
non-raw mode to avoid that and let us cancel test execution with
Ctrl-C properly (both in parallel-vm.py and vm-run.sh cases).
Note that this requires a currently out-of-tree patch, but so
does the virtual time. If the patch is not applied, the command
line argument is ignored.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
time-travel=inf-cpu needs bit more wait before being able to fetch the
STATUS* items after initial connection request.
Signed-off-by: Jouni Malinen <j@w1.fi>
Waiting for exactly one second for a one second timeout with
time-travel=inf-cpu is not exactly robust, so increase that wait to be
able to see the last EAPOL-Key TX attempt from hostapd.
Signed-off-by: Jouni Malinen <j@w1.fi>
Busy loop for waiting is not going to work with time-travel=inf-cpu, so
need to something a bit more explicit to wait for the wpa_supplicant
process to proceed while not fully breaking the idea of this test case
to iteration through large number of STATUS-VERBOSE commands to hit
different states.
Signed-off-by: Jouni Malinen <j@w1.fi>
The sae_groups parameter needs to be cleared before attempt a SAE
connection in a test case to avoid issues with this parameter having
been left to something else than the default one by a previous test
case. This was found with the following sequence:
sae_pwe_failure dpp_auto_connect_legacy_psk_sae_1
Signed-off-by: Jouni Malinen <j@w1.fi>
The earlier change from using apdev[1] to using a no-interface
ifname=as-erp in the ERP related test cases ended up leaving the
separate authentication server interface running after the end of the
test case. This left UDP port 18128 open and any consecutive test case
needing this port failed to start another authentication server.
This can be reproduced with following test case sequence:
fils_auth_gtk_rekey authsrv_unknown_user
Fixes: e374def207 ("tests: Start ERP authentication server without AP")
Signed-off-by: Jouni Malinen <j@w1.fi>
There is no actual need for running the authentication server with
driver=nl80211, so simplify this by using driver=none instead. This
frees up apdev[1] for actual AP needs in the test cases.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This speeds up test execution significantly by removing unnecessary
waiting for things to happen since the kernel log is allowed to jump
forward whenever there is nothing to do.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This test case was failing frequently due to the station not being able
to connect back to the AP if the interrupted channel switch ended up
moving the AP to the new channel anyway on restart. Scan both possible
channels to allow the AP to be found in either case.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows UML builds to be used in running user mode without having to
run the full x86 kernel in virtual machine.
Signed-off-by: Jouni Malinen <j@w1.fi>
The change to use a shared dragonfly_generate_scalar() helper function
resulted in failures in sae_no_random and sae_bignum_failure test cases
due to renamed functions and removed uses.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The change to use shared dragonfly_get_random_qr_qnr() and
dragonfly_get_rand_1_to_p_1() helper functions resulted in failures in
sae_no_random and sae_bignum_failure test cases due to renamed functions
and removed uses.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
dbus_p2p_go_neg_init, dbus_p2p_group_idle_timeout, and
dbus_p2p_group_termination_by_go could end up print a "DETACH failed"
exception as a warning from WpaSupplicant.__del__ for the dev1 instance
used within the TestDbusP2p class. This did not cause the test cases to
fail, but the output is a bit confusing, so clean this up be explicitly
closing the control interface monitor sockets and furthermore by
ignoring the "DETACH failed" exception within __del__.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This is in preparation of disallowing all use of these groups. Negative
test case for the groups will be added in a separate commit after the
implementation has been changed.
Signed-off-by: Jouni Malinen <j@w1.fi>
It looks like the scan operation could end up reverting regdom back to
the previously configured one, so configure 00 country before starting
the disconnect-and-stop-scan operation to give some more time for the
regdom to be cleared.
Signed-off-by: Jouni Malinen <j@w1.fi>
The last beacon report indication was set in all the beacon report
elements in the last frame of the beacon report, while it should be set
only in the last beacon report element of the last frame. This is now
fixed in wpa_supplicant, so update the test case expectation to match
the fixed behavior.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
The change to python3 broke trace-cmd recording, two
strings need to be bytes instead. Fix that.
Also add a flush() that seems to be needed now.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This makes it easier to test various X.509 certificate validation steps
with the server certificate being generated and signed using pyOpenSSL
dynamically.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
cfg80211 was modified to allow the Multiple BSSID Index element to be
included in the IEs for a nontransmitted BSS. Update the validation step
in this test case to allow that different with the IEs in the Beacon
frame (transmitted BSS).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Reduce testing dependency on the unsuitable groups so that a test case
against a production build would not fail the test case unnecessarily.
This is in preparation of making production builds
(CONFIG_TESTING_OPTIONS not defined) of wpa_supplicant hostapd disable
all DH groups that have been indicated as being unsuitable.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
FLUSH should be done on P2P device interface, otherwise the networks are
not removed. Fix that.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
The separate dpp_bootstrap_gen() functions were merged into a single
one, so the test case needs a matching change to avoid failures.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Increase testing coverage by going through all six possible curves with
full provisioning of AP and STA and connection (which includes PFS with
DPP2).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This test case did not clear a possibly modified sae_groups value from a
prior test case for adev[2] and could fail if the previously set group
was not supported by the AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
These test cases did not clear a possibly modified sae_groups value from
a prior test case and could fail if the previously set group was not
supported by the AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
This test case did not clear a possibly modified sae_groups value from a
prior test case and could fail if the previously set group was not
supported by the AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
Use a helper function to perform this common sequence to disconnect and
stop any possibly started reconnection attempt.
Signed-off-by: Jouni Malinen <j@w1.fi>
If the ABORT_SCAN command succeeds, CTRL-EVENT-SCAN-RESULTS event is
delivered for the aborted scan. Following this with an immediate
flush_scan_cache() call can result in the first scan interpreting that
pending event as the completion and that results in trying to start
another scan while the first scan is still in progress.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is needed to avoid leaving behind a ROC operation at the end of the
test case. This was found with the following test sequence:
p2p_ext_vendor_elem_invitation wifi_display_r2
Signed-off-by: Jouni Malinen <j@w1.fi>
Parsing of the DER encoded signature was unable to handle results that
were shorter than the prime. These need to be zero padded from left to
generate the correct value.
Signed-off-by: Jouni Malinen <j@w1.fi>
The long wait for the monitor socket events resulted in another socket
running out of TX buffer space. Split the wait into smaller segments and
clear the other socket in each iteration.
Signed-off-by: Jouni Malinen <j@w1.fi>
Do not leave all the event messages pending in the socket queue for the
full duration of the test case to avoid hitting the TX socket queue
limit.
Signed-off-by: Jouni Malinen <j@w1.fi>
Some of the test cases left behind attached control interface monitor
sockets that could result in hitting the wpa_supplicant socket TX queue
limit. Try to be a bit more careful about detaching and closing the
sockets to avoid this.
Signed-off-by: Jouni Malinen <j@w1.fi>
The "_ipv6" part of the file name was missing and this resulted in file
names that conflicted with the IPv4 test cases and could overwrite logs
for those.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
It does not look like there would be two CTRL-EVENT-ASSOC-REJECT events
here, so only check the first one instead of requiring both to be
received with status_code=27. This test case could fail based on the
second connection attempt (due to that extra event wait) timing out.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Print a list of full paths to log files from failed test cases both the
parallel.log and stdout so that they can be easily opened for analysis.
In addition, renumber the VM lines in the <timestamp>-parallel.log to
match the i+1 numbering used in the log directories and UI that is
tracking test execution.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
One of the steps that expected failure due to PMKID mismatch did not
stop connection attempts. This could result in the following test step
failing due to the previous profile with peaplabel=1 getting used to
derive the MSK incorrectly.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The wait_event() call for scan completion could have processed a
previously received event from a prior scan instead of the newly started
one. This could result in flush_scan_cache() assuming there are still
results in the cache even though the scan request to clear the cache had
not even be started yet.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Use more readable "foo not in bar" construction for the couple of places
that did "not foo in bar".
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Prior cleanup broke the indentation here and made the addition of test
cases unreachable.
Fixes: 0663ae22ff ("tests: Do not use tabs for indentation")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The new DPP Configuration Result message can result in a bit different
behavior at the end of the configuration exchange and some of the test
cases need more flexibility to work with that DPP2 behavior.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
gas_address3 was set to 1 in this test case, but it was never cleared.
That can result in unexpected behavior in other test cases that dpeends
on gas_address3 being in its default value 0. Clear the parameter
explicitly to avoid this.
This resulted in an error in the following test sequence:
dpp_qr_code_auth_initiator_enrollee gas_anqp_address3_ap_forced
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
There was a race condition on starting the flush_scan_cache() operations
if a scan happened to be in progress when the test case ended since the
ABORT_SCAN success case did not wait for the pending scan operation to
be completed. Wait for the scan completion event in addition to the
disconnection event if the ABORT_SCAN command is accepted.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
There was a race condition on starting the flush_scan_cache() operations
if a scan happened to be in progress when the test case ended since the
ABORT_SCAN success case did not wait for the pending scan operation to
be completed. Wait for the scan completion event in addition to the
disconnection event if the ABORT_SCAN command is accepted.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
These TDLS test cases missed Popen() result decode() calls in the
earlier python3 compatibility changes. Add those to make debug log more
readable.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Wait explicitly for the DPP-NOT-COMPATIBLE event when going through
protocol testing with local failures instead of just waiting for a fixed
0.1 second duration. This prevents a test failure at least in
dppauth_resp_status_failure in a case where the failing operation may be
delayed under heavy CPU load.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Test case sequence "ap_wps_ap_scan_2 ap_wps_pbc_2ap" resulted in a
failure due to a scan entry being left behind from the first test case
and the second one ending up using that obsolete result during WPS_PBC
processing. Fix this by clearing the scan results explicitly on dev5.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Accept a smaller number of token responses in second round to avoid
failing this test case as frequently.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The configurated fragmentation/RTS threshold value survives AP mode
interface restarts, so these values need to be explicitly cleared back
to default (disabled). This fixes an issue where some test cases could
not work correctly if fragmentation on the interface was enabled. For
example, this combination used to fail:
ap_fragmentation_open ap_hs20_fetch_osu
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The first scan for the unknown BSSID could have been timed in a manner
that allows passive scanning to find the real AP even if that AP's
beacon interval was 1000 (e.g., heavy CPU load changed timing so that
the AP beaconing started at suitable time). The check for BSS result
entry not including Probe Response frame was comparing incorrect BSS
entries (bss2 vs. bss1) which resulted in the test case claiming failure
even when there was no unexpected Probe Response frame.
Fix this by comparing the beacon_ie and ie parameters from the same BSS
entry (bss1).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Number of these test cases start connection attempt in wpa_supplicant
and then expected a specific failure to happen relatively quickly. This
could result in timeouts if the first scanning round missed to find the
AP (e.g., due to CPU load pushing out the Probe Response frame long
enough for the station having left the channel) and wpa_supplicant then
waiting five seconds before starting a new scan.
Make this more robust by scanning explicitly for the specific BSSID
before starting the connection attempt.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This old interface has been obsoleted and should not have been used
since 2010, so remove testing for it in preparation to dropping the
interface completely from wpa_supplicant.
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
No need to duplicate this functionality when all the ap_ft_pmf_*_over_ds
test cases are doing practically the same thing and the
no-specific-cipher-configuration case can be addressed easily with the
same helper function.
Signed-off-by: Jouni Malinen <j@w1.fi>