Commit graph

9201 commits

Author SHA1 Message Date
Jouni Malinen
13a3a20dfe Fix wpa_key_mgmt and wpa_pairwise configuration for non-WPA
These hostapd configuration parameter was left at the default values
(WPA-PSK/TKIP) even for cases where WPA was disabled. While these
parameters are not really used much in non-WPA cases, they do get used
for one corner case in nl80211 configuration to disable encryption of
EAPOL frames in IEEE 802.1X WEP case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 18:44:43 +02:00
Jouni Malinen
533fe09b78 nl80211: Fix no-encrypt for IEEE 802.1X WEP EAPOL
Commit 9f12614b8c ('nl80211: Do not
encrypt IEEE 802.1X WEP EAPOL') tried to use
NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT to disable encryption of EAPOL
frames for WEP IEEE 802.1X. However, it used incorrect key management
suite (IEEE 802.1X with WPA/WPA2 while the non-WPA version is needed
here). Consequently, the no-encrypt flag was never set to the driver
(WPA/WPA2 cases do not meet the WEP as pairwise criteria).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 17:35:03 +02:00
Jouni Malinen
1e7528298a tests: cfg80211 scan-for-auth workaround with WEP keys
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 17:28:53 +02:00
Jouni Malinen
a5687274e1 tests: cfg80211 scan-for-auth workaround failing
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 17:22:18 +02:00
Jouni Malinen
b97a7bf672 tests: Large number of BSS add operations with hostapd
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 17:13:00 +02:00
Jouni Malinen
863a54093d tests: rfkill block prior to wpa_supplicant start
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 16:46:39 +02:00
Jouni Malinen
1033315fbe nl80211: Remove send_and_recv_msgs_global() wrapper
There was only a single user for this and calling send_and_recv()
directly is as simple as using this wrapper.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 15:45:28 +02:00
Jouni Malinen
bdf5ccb264 nl80211: Remove unnecessary function declarations
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 15:37:16 +02:00
Jouni Malinen
d92da8a23e tests: Radar detection on non-HT and on HT40- channels
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 13:50:19 +02:00
Jouni Malinen
cac5526390 tests: Report ROAM failure in pmksa_cache_opportunistic_multiple_sta
There is no need to wait for the timeout if the ROAM command itself
failed. This could happen if an earlier test case had left hidden SSIDs
in the cfg80211 BSS table.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 13:37:08 +02:00
Jouni Malinen
1264b68355 tests: Clear cfg80211 scan results after wext_hidden
Leaving hidden SSIDs in the cfg80211 BSS table can result in errors in
the following test cases, so use special care to clear all BSS entries
at the end of the wext_hidden test case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 13:36:01 +02:00
Jouni Malinen
5f35a5e27f tests: Add wait_connected() and wait_disconnected() helpers
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 13:10:09 +02:00
Jouni Malinen
e0cccf26a4 tests: Add --codecov support to parallel-vm.py
This allows code coverage report to be generated must faster with the
help of parallel VMs executing test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 01:24:28 +02:00
Jouni Malinen
42ce1a27e0 tests: Connection with large number of scan_ssid=1 network blocks
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-19 23:30:58 +02:00
Jouni Malinen
ed930f064c tests: P2P_LISTEN and scan
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-19 23:17:06 +02:00
Jouni Malinen
558ac77c58 tests: setband and scans
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-19 23:08:10 +02:00
Jouni Malinen
209702d4c9 Add possibility to set the setband parameter
Commit faf9a8585d added mechanism for
selecting 2.4 or 5 GHz band for scan operation. However, no mechanism
for setting the setband value was added at that time. This commit adds a
new SET ctrl_iface parameter to allow the setband functionality to be
used. "SET setband <AUTO/5G/2G>" can be used to select all bands, 5 GHz
band only, or 2.4 GHz band only.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-19 22:56:41 +02:00
Jouni Malinen
7749b1c982 tests: Additional coverage for filter_ssids=1
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-19 20:26:07 +02:00
Jouni Malinen
91cc6f918a tests: AP_SCAN 2 operation
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-19 20:08:58 +02:00
Sunil Dutt
ee82e33d6a Do not trigger the scan during initialization on Android platforms
Android framework maintains a state to process the scan results after
the scan is issued. If wpa_supplicant issues the scan during the
initialization, the one issued by the framework may fail (with EBUSY) if
the host driver is already processing the scan. Thus, the scan results
returned for the first scan triggered by wpa_supplicant are not
processed for getting displayed resulting in delay for the display of
the first scan results after the Wi-Fi subsystem initialization. Thus,
trigger the scan only based on the framework request on Android.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-19 15:24:33 +02:00
Jouni Malinen
83e80d32f1 tests: SCAN requests while in non-scan radio work
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-19 15:23:07 +02:00
Jouni Malinen
e69ae5ff31 Reject new SCAN commands if there is a pending request
FAIL-BUSY was already returned for the case where a scan had been
started, but with the radio work design, it would have been possible to
schedule multiple scan requests if a non-scan radio work was in
progress. Multiple back-to-back scans are not usually very helpful, so
reject this type of cases where the SCAN command would be used to build
such a sequence.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-19 15:14:38 +02:00
Prashanth Bhatta
9108ea09f2 hostapd: Make install path configurable
Makefile always installs to /usr/local/bin and on some platforms,
/usr/local/bin is not in default search path. Modify the Makefile such
that bin path can be configurable so that build system can pass
appropriate path for installation. If bin path is not specified then by
default binaries are installed in /usr/local/bin.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-19 12:32:50 +02:00
Jouni Malinen
7c5c1ba7b4 tests: P2P_LISTEN behavior with offchannel TX
This verifies that offchannel TX (PD in this specific case) does not
stop ongoing long P2P_LISTEN operation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jithu Jance
49e1e9ca88 P2P: Avoid truncation of long listen operation due to offchan tx
On receiving the cancel remain on channel event, the pending_tx
is scheduled immediately and returned. This was preventing
the wpas_p2p_listen_start function from execution thereby resulting
in termination of the long listen operation.

Signed-off-by: Jithu Jance <jithu@broadcom.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
89cd4355bb tests: Fix proxyarp_open IPv4-from-bridge
There were couple of typos in the IP addresses and there was no coverage
for the normal unicast ARP response from the bridge (since non-wireless
device does not get proxied by the AP). In addition, it is better to
change the IP address used here to be unique to make the sniffer logs
easier to interpret.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-18 16:41:40 +02:00
Jouni Malinen
6d5332948c tests: Use send_ns() helper for the earlier proxyarp_open NS packets
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
40e4c9c8b0 tests: Add traffic test to proxyarp_open
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
5a3ce80265 tests: ProxyARP behavior with IPv6 frames
This adds transmission of number of NS/NA frames to test ProxyARP
behavior. The actual validation of the AP behavior is still manual,
i.e., a separate inspectation of the capture files is needed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
19cbe06238 tests: Add ebtables rules for ProxyARP
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
a95c6973aa tests: Use non-promiscuous mode and packet-buffered tcpdump capture
This helps in avoiding truncated capture files in the proxyarp_open test
case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
1d0b5a04e6 tests: Dump monitor messages before hwsim_utils test
This may be needed in some corner cases where broadcast frames with two
associated stations are received by both devices.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
db1d66d879 tests: Fix wifi_display_persistent_group event checks
The final invitation case in this test was verified incorrectly. The GO
was already operatign in that case, so there was not supposed to be a
new P2P-GROUP-STARTED message from GO. That happened to be show up in
the pending event messages from the last instance, but that was just by
accident and any additional dump_monitor() operation added here would
cause this test to fail. Fix this by handling the final invitation
separately and verifying that only the client side indicates
P2P-GROUP-STARTED.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
c8836a4f03 tests: Allow dump_monitor() to be used without global monitor interface
It is possible for WpaSupplicant instance to be used without the global
control socket, so allow dump_monitor() to handle this case cleanly.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:01:41 +02:00
Jouni Malinen
9d7fdac5b3 tests: Try to clear scan results after regulatory domain changes
It was possible for regulatory domain changes to "leak" into following
test cases in number of cases where the cfg80211 BSS table remained
after regulatory domain had been restored to world roaming. Try to make
this less likely to occur by explicitly clearing BSS table at the end of
test cases that use different regulatory domain. This makes P2P test
cases that verify channel selection based on world roaming rules more
robust.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-15 01:32:01 +02:00
Jouni Malinen
970a23f665 tests: Make flush_scan_cache() more robust
It was possible for BSS entries on the scanned channel (2412 MHz) to be
left behind after flush_scan_cache() call. Use a less likely channel
2417 MHz as the default channel to scan. This will hopefully get rid of
most problematic BSS entries from previous test cases. For example,
ap_hs20_oen followed by ap_hs20_random_mac could fail due to
INTERWORKING_CONNECT seeing non-RSN scan result from the previous test
case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-15 01:13:03 +02:00
Jouni Malinen
0855e2e188 Do not allow network block scan_freq override SCAN command frequencies
The manual scan operations with the SCAN command are supposed to have
independent set of scan frequencies, so do not allow scan_freq
parameters to override scanned frequencies for scans that were triggered
with a SCAN command.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-15 00:55:56 +02:00
Jouni Malinen
afa2ffb413 SAE: Check Status Code in Authentication frames
While other authentication algorithms mark Status Code as being Reserved
in the case of the transaction number 1, SAE does not. Check that the
Status Code indicates success before creating SAE state. In addition,
fix the mesh anti-clogging token request parsing on big endian CPUs.

Transaction number 2 (confirm) can also have non-zero Status Code to
report an error. Those should be processed, but not replied to with yet
another error message. This could happen in mesh case. Avoid a loop of
error messages by dropping the non-success case without additional
response.

In addition, don't reply to unknown transaction numbers if the status
code is non-zero. This avoids a loop of error messages if an invalid
frame where to be injected (or unlikely corruption were to occur).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-15 00:06:56 +02:00
Jouni Malinen
d48b64ba6c tests: Use helper function for adding open mesh network
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 23:34:43 +02:00
Jouni Malinen
7e3614df5c tests: Mesh with dynamic interface
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 23:28:36 +02:00
Masashi Honma
5b78493f3b mesh: Add mesh interface creation command for mesh gate
The mesh gate is used to bridge (or route) between mesh network and
another network. For example, mesh gate acts as router between mesh
network and IEEE 802.11 BSS network.

This command makes a virtual mesh interface to be used for mesh gate.

This command expects to be used like this.

wpa_cli -i wlan0 MESH_INTERFACE_ADD ifname=mesh0
wpa_cli -i mesh0 add_network
wpa_cli -i mesh0 set_network 0 ssid '"commell_2X_mmm"'
wpa_cli -i mesh0 set_network 0 mode 5
wpa_cli -i mesh0 set_network 0 frequency 2412
wpa_cli -i mesh0 set_network 0 key_mgmt SAE
wpa_cli -i mesh0 set_network 0 psk '"01234567"'
wpa_cli -i mesh0 mesh_group_add 0
wpa_cli -i wlan0 mesh_group_remove mesh0

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-14 23:27:43 +02:00
Jouni Malinen
bd0b620371 SAE: Add sae_group to AP/mesh mode STA ctrl_iface data
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 20:14:33 +02:00
Jouni Malinen
e77007132e Extend wpa_supplicant STA* ctrl_iface commands for mesh
Since mesh functionality uses struct hostapd_data to maintain peer
state, the existing STA* control interface commands can be used to
display information about the peers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 20:14:30 +02:00
Jouni Malinen
5881873b86 tests: Make pmksa_cache_opportunistic_connect more robust
Use scan_for_bss() instead of scan(freq) to avoid false positives due to
active scan failing under heavy load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 19:15:48 +02:00
Jouni Malinen
7781da6b2b Remove unused find_first_bit()
This was used only for the VHT capability checks for determining bit
offset for right shift. That was replaced with a constant defines since
there is no need to calculate this at runtime.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 19:01:25 +02:00
Jouni Malinen
9ae52e7034 Clean up VHT configuration validation
There is no need to use runtime call to find_first_bit() to determine
shift amount for a constant integer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 19:00:38 +02:00
Jouni Malinen
b0f33467a5 Clean up VHT override max A-MPDU override calculation
There is no need to use runtime call to find_first_bit() to determine
shift amount for a constant integer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 18:48:59 +02:00
Led
2797486c4f Fix bashisms in wps-ap-cli script
Option '-p' of 'read' command may be unsupported in some POSIX-complete
shells. So replace 'read -p' with 'echo -n'/'read' pair.

Signed-off-by: Oleksandr Chumachenko <ledest@gmail.com>
2014-12-14 18:27:54 +02:00
Jörg Krause
33c7eb810a wext: Fix musl build error
Building wpa_supplicant with the musl C library fails since musl does
not define type names such as '__uint32_t'. To support building
wpa_supplicant with the musl C library use the integer types declared in
the ISO C standard header file <stdint.h>.

Signed-off-by: Jörg Krause <jkrause@posteo.de>
2014-12-14 18:05:32 +02:00
Rafał Miłecki
7c4027f604 nl80211: Report new station / assoc event for the correct BSS
drv->ctx always points to the first BSS and we should report event using
BSS related to the interface we got NL80211_CMD_NEW_STATION from.
This fixes STA association for drivers using NL80211_CMD_NEW_STATION and
multiple virtual interfaces.

Before:
nl80211: Drv Event 19 (NL80211_CMD_NEW_STATION) received for wlan0-1 (ifindex:7)
nl80211: New station 02:00:00:00:01:00
wlan0: STA 02:00:00:00:01:00 IEEE 802.11: associated

After:
nl80211: Drv Event 19 (NL80211_CMD_NEW_STATION) received for wlan0-1 (ifindex:7)
nl80211: New station 02:00:00:00:01:00
wlan0-1: STA 02:00:00:00:01:00 IEEE 802.11: associated

This is not applicable to the cases where authentication (AP SME & MLME)
is in hostapd and hostapd_assoc_cb() instead of hostapd_notif_assoc()
handles BSS selection.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2014-12-14 17:29:26 +02:00