Commit graph

8180 commits

Author SHA1 Message Date
Jouni Malinen
e69ae5ff31 Reject new SCAN commands if there is a pending request
FAIL-BUSY was already returned for the case where a scan had been
started, but with the radio work design, it would have been possible to
schedule multiple scan requests if a non-scan radio work was in
progress. Multiple back-to-back scans are not usually very helpful, so
reject this type of cases where the SCAN command would be used to build
such a sequence.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-19 15:14:38 +02:00
Prashanth Bhatta
9108ea09f2 hostapd: Make install path configurable
Makefile always installs to /usr/local/bin and on some platforms,
/usr/local/bin is not in default search path. Modify the Makefile such
that bin path can be configurable so that build system can pass
appropriate path for installation. If bin path is not specified then by
default binaries are installed in /usr/local/bin.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-19 12:32:50 +02:00
Jouni Malinen
7c5c1ba7b4 tests: P2P_LISTEN behavior with offchannel TX
This verifies that offchannel TX (PD in this specific case) does not
stop ongoing long P2P_LISTEN operation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jithu Jance
49e1e9ca88 P2P: Avoid truncation of long listen operation due to offchan tx
On receiving the cancel remain on channel event, the pending_tx
is scheduled immediately and returned. This was preventing
the wpas_p2p_listen_start function from execution thereby resulting
in termination of the long listen operation.

Signed-off-by: Jithu Jance <jithu@broadcom.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
89cd4355bb tests: Fix proxyarp_open IPv4-from-bridge
There were couple of typos in the IP addresses and there was no coverage
for the normal unicast ARP response from the bridge (since non-wireless
device does not get proxied by the AP). In addition, it is better to
change the IP address used here to be unique to make the sniffer logs
easier to interpret.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-18 16:41:40 +02:00
Jouni Malinen
6d5332948c tests: Use send_ns() helper for the earlier proxyarp_open NS packets
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
40e4c9c8b0 tests: Add traffic test to proxyarp_open
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
5a3ce80265 tests: ProxyARP behavior with IPv6 frames
This adds transmission of number of NS/NA frames to test ProxyARP
behavior. The actual validation of the AP behavior is still manual,
i.e., a separate inspectation of the capture files is needed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
19cbe06238 tests: Add ebtables rules for ProxyARP
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
a95c6973aa tests: Use non-promiscuous mode and packet-buffered tcpdump capture
This helps in avoiding truncated capture files in the proxyarp_open test
case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
1d0b5a04e6 tests: Dump monitor messages before hwsim_utils test
This may be needed in some corner cases where broadcast frames with two
associated stations are received by both devices.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
db1d66d879 tests: Fix wifi_display_persistent_group event checks
The final invitation case in this test was verified incorrectly. The GO
was already operatign in that case, so there was not supposed to be a
new P2P-GROUP-STARTED message from GO. That happened to be show up in
the pending event messages from the last instance, but that was just by
accident and any additional dump_monitor() operation added here would
cause this test to fail. Fix this by handling the final invitation
separately and verifying that only the client side indicates
P2P-GROUP-STARTED.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
c8836a4f03 tests: Allow dump_monitor() to be used without global monitor interface
It is possible for WpaSupplicant instance to be used without the global
control socket, so allow dump_monitor() to handle this case cleanly.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-18 16:01:41 +02:00
Jouni Malinen
9d7fdac5b3 tests: Try to clear scan results after regulatory domain changes
It was possible for regulatory domain changes to "leak" into following
test cases in number of cases where the cfg80211 BSS table remained
after regulatory domain had been restored to world roaming. Try to make
this less likely to occur by explicitly clearing BSS table at the end of
test cases that use different regulatory domain. This makes P2P test
cases that verify channel selection based on world roaming rules more
robust.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-15 01:32:01 +02:00
Jouni Malinen
970a23f665 tests: Make flush_scan_cache() more robust
It was possible for BSS entries on the scanned channel (2412 MHz) to be
left behind after flush_scan_cache() call. Use a less likely channel
2417 MHz as the default channel to scan. This will hopefully get rid of
most problematic BSS entries from previous test cases. For example,
ap_hs20_oen followed by ap_hs20_random_mac could fail due to
INTERWORKING_CONNECT seeing non-RSN scan result from the previous test
case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-15 01:13:03 +02:00
Jouni Malinen
0855e2e188 Do not allow network block scan_freq override SCAN command frequencies
The manual scan operations with the SCAN command are supposed to have
independent set of scan frequencies, so do not allow scan_freq
parameters to override scanned frequencies for scans that were triggered
with a SCAN command.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-15 00:55:56 +02:00
Jouni Malinen
afa2ffb413 SAE: Check Status Code in Authentication frames
While other authentication algorithms mark Status Code as being Reserved
in the case of the transaction number 1, SAE does not. Check that the
Status Code indicates success before creating SAE state. In addition,
fix the mesh anti-clogging token request parsing on big endian CPUs.

Transaction number 2 (confirm) can also have non-zero Status Code to
report an error. Those should be processed, but not replied to with yet
another error message. This could happen in mesh case. Avoid a loop of
error messages by dropping the non-success case without additional
response.

In addition, don't reply to unknown transaction numbers if the status
code is non-zero. This avoids a loop of error messages if an invalid
frame where to be injected (or unlikely corruption were to occur).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-15 00:06:56 +02:00
Jouni Malinen
d48b64ba6c tests: Use helper function for adding open mesh network
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 23:34:43 +02:00
Jouni Malinen
7e3614df5c tests: Mesh with dynamic interface
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 23:28:36 +02:00
Masashi Honma
5b78493f3b mesh: Add mesh interface creation command for mesh gate
The mesh gate is used to bridge (or route) between mesh network and
another network. For example, mesh gate acts as router between mesh
network and IEEE 802.11 BSS network.

This command makes a virtual mesh interface to be used for mesh gate.

This command expects to be used like this.

wpa_cli -i wlan0 MESH_INTERFACE_ADD ifname=mesh0
wpa_cli -i mesh0 add_network
wpa_cli -i mesh0 set_network 0 ssid '"commell_2X_mmm"'
wpa_cli -i mesh0 set_network 0 mode 5
wpa_cli -i mesh0 set_network 0 frequency 2412
wpa_cli -i mesh0 set_network 0 key_mgmt SAE
wpa_cli -i mesh0 set_network 0 psk '"01234567"'
wpa_cli -i mesh0 mesh_group_add 0
wpa_cli -i wlan0 mesh_group_remove mesh0

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-14 23:27:43 +02:00
Jouni Malinen
bd0b620371 SAE: Add sae_group to AP/mesh mode STA ctrl_iface data
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 20:14:33 +02:00
Jouni Malinen
e77007132e Extend wpa_supplicant STA* ctrl_iface commands for mesh
Since mesh functionality uses struct hostapd_data to maintain peer
state, the existing STA* control interface commands can be used to
display information about the peers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 20:14:30 +02:00
Jouni Malinen
5881873b86 tests: Make pmksa_cache_opportunistic_connect more robust
Use scan_for_bss() instead of scan(freq) to avoid false positives due to
active scan failing under heavy load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 19:15:48 +02:00
Jouni Malinen
7781da6b2b Remove unused find_first_bit()
This was used only for the VHT capability checks for determining bit
offset for right shift. That was replaced with a constant defines since
there is no need to calculate this at runtime.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 19:01:25 +02:00
Jouni Malinen
9ae52e7034 Clean up VHT configuration validation
There is no need to use runtime call to find_first_bit() to determine
shift amount for a constant integer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 19:00:38 +02:00
Jouni Malinen
b0f33467a5 Clean up VHT override max A-MPDU override calculation
There is no need to use runtime call to find_first_bit() to determine
shift amount for a constant integer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 18:48:59 +02:00
Led
2797486c4f Fix bashisms in wps-ap-cli script
Option '-p' of 'read' command may be unsupported in some POSIX-complete
shells. So replace 'read -p' with 'echo -n'/'read' pair.

Signed-off-by: Oleksandr Chumachenko <ledest@gmail.com>
2014-12-14 18:27:54 +02:00
Jörg Krause
33c7eb810a wext: Fix musl build error
Building wpa_supplicant with the musl C library fails since musl does
not define type names such as '__uint32_t'. To support building
wpa_supplicant with the musl C library use the integer types declared in
the ISO C standard header file <stdint.h>.

Signed-off-by: Jörg Krause <jkrause@posteo.de>
2014-12-14 18:05:32 +02:00
Rafał Miłecki
7c4027f604 nl80211: Report new station / assoc event for the correct BSS
drv->ctx always points to the first BSS and we should report event using
BSS related to the interface we got NL80211_CMD_NEW_STATION from.
This fixes STA association for drivers using NL80211_CMD_NEW_STATION and
multiple virtual interfaces.

Before:
nl80211: Drv Event 19 (NL80211_CMD_NEW_STATION) received for wlan0-1 (ifindex:7)
nl80211: New station 02:00:00:00:01:00
wlan0: STA 02:00:00:00:01:00 IEEE 802.11: associated

After:
nl80211: Drv Event 19 (NL80211_CMD_NEW_STATION) received for wlan0-1 (ifindex:7)
nl80211: New station 02:00:00:00:01:00
wlan0-1: STA 02:00:00:00:01:00 IEEE 802.11: associated

This is not applicable to the cases where authentication (AP SME & MLME)
is in hostapd and hostapd_assoc_cb() instead of hostapd_notif_assoc()
handles BSS selection.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2014-12-14 17:29:26 +02:00
Arkadiusz (Arkq) Bokowy
7b244d577a wpa_gui: Quiet mode - disable tray icon messages
If tray icon messages are perceived as disturbing, one can pass `-q`
parameter on the command line to disable them permanently.

Signed-off-by: Arkadiusz Bokowy <arkadiusz.bokowy@gmail.com>
2014-12-14 17:26:42 +02:00
Arkadiusz (Arkq) Bokowy
2087b64fef wpa_gui: More informative tray icon tool tip message
Show associated network SSID in the tool tip message of the
application's tray icon. When network is not associated, then simple
"(not-associated)" message is shown.

Signed-off-by: Arkadiusz Bokowy <arkadiusz.bokowy@gmail.com>
2014-12-14 17:23:43 +02:00
Jouni Malinen
acb63c753b tests: SAE with missing password
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 17:09:14 +02:00
Jouni Malinen
81648d0041 SAE: Report connection failure if SME cannot build auth frame
Instead of just stopping connection process and network discovery,
report SAE failures to build Authentication frames (e.g., due to missing
password) as a connection failure to get the normal retry mechanism into
use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 16:48:38 +02:00
Jouni Malinen
0e40d7daa4 tests: ERP when server has dropped the keys
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
ce460118a8 ERP: Drop ERP keys on failure on the peer
This allows recovery through fallback to full EAP authentication if the
server rejects us, e.g., due to having dropped ERP state.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
2c6411edd0 ERP: Add ERP_FLUSH for hostapd
This can be used to drop any pending ERP key from both the internal AP
authentication server and RADIUS server use of hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
777bbe7a3c tests: P2P_PRESENCE_REQ on group interface
This ends up using the special offchannel.c code path where a different
interface is selected for TX. In addition, the P2P-PRESENCE-RESPONSE
event is verified to be delivered on the group interface.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
8e3afd7f6c offchannel: Use wpas_get_tx_interface() src parameter more consistently
Both the wpa_s->pending_action_src and src argument to
wpas_get_tx_interface() were used somewhat randomly. Make this more
consistent since these values are pointing to the same address and the
implementation is easier to understand when it is obvious that there is
only one address being used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
11ace2ed1f tests: Mesh and missing SAE password
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
fba65f7240 tests: Mesh BSS data
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 12:55:43 +02:00
Jouni Malinen
54cacef5eb tests: Mesh sae_groups configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 12:55:40 +02:00
Jouni Malinen
e9026725f7 tests: Extra coverage for command line arguments
The results for these are not currently verified, but this allows
--codecov runs to get more coverage for the command line argument
parsers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 12:24:15 +02:00
Jouni Malinen
e869f812d3 tests: DEAUTHENTICATE/DISASSCIATE/CHAN_SWITCH error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
69f9912310 tests: Additional FETCH_OSU and CANCEL_FETCH_OSU coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
568475b70b HS 2.0: Allow CANCEL_FETCH_OSU to stop at scan completion
There is no need to start the GAS/ANQP fetch if the FETCH_OSU operation
has already been canceled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
ea27f66292 tests: STOP_FETCH_ANQP
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
1eaeb7fbaa tests: P2P_UNAUTHORIZE to unauthorize a peer
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
909f13cc52 tests: Move 'SET pmf 0' from reset() to test cases
This avoids one more cleanup step between most test cases by clearing
the default PMF behavior change only in case it was actually modified
during a test.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
be9f156200 tests: Move WPS_ER_STOP from reset() to test cases
This avoids one more cleanup step between most test cases by stopping ER
only in case it was actually used during a test.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
d6b916c9db tests: WPS_ER_PBC error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00