Commit graph

6627 commits

Author SHA1 Message Date
Jouni Malinen
8943cc998a RADIUS server: Add support for MAC ACL
"user" MACACL "password" style lines in the eap_user file can now be
used to configured user entries for RADIUS-based MAC ACL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 19:31:56 +02:00
Jouni Malinen
81699e2e6e tests: Unknown Action frame category
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 17:07:22 +02:00
Jouni Malinen
41be44afeb tests: max_num_sta limit
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 17:00:02 +02:00
Jouni Malinen
11a4c910ea tests: max_listen_interval rejecting association
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 16:56:14 +02:00
Jouni Malinen
8abb3d4ea3 tests: OSEN network and invalid association without OSEN IE
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 16:51:44 +02:00
Jouni Malinen
eebad21495 tests: Connection during large packet loss
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 16:48:00 +02:00
Jouni Malinen
fd4709ffe6 tests: SAE anti-clogging with non-SAE STA associated as well
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 16:39:22 +02:00
Jouni Malinen
9645dbe9b2 tests: OLBC state clearing on timeout
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 16:35:54 +02:00
Jouni Malinen
ec36fff79f tests: HT OLBC detection on 5 GHz
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 16:28:00 +02:00
Jouni Malinen
86c1861821 tests: Chargeable-User-Idnetity in Accounting-Request
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 16:16:24 +02:00
Jouni Malinen
9308d0a039 tests: Add initial cfg80211 test
This adds some helper definitions and functions to allow cfg80211 to be
tested with raw nl80211 messages built in the test scripts. The first
test case shows a case where station disassociates instead of
deauthenticates (which is the wpa_supplicant behavior).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 11:02:32 +02:00
Jouni Malinen
fdc02e4caf tests: Require HT/VHT as BSS membership selector in Supp Rates
These are similar to the previous cases, but with supported rate set
limited to allow the BSS membership selector to fit into that element
instead of Ext Supp Rates.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 10:39:32 +02:00
Jouni Malinen
a85bde822e tests: hostapd configuration file error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 10:36:25 +02:00
Jouni Malinen
138ec97ee5 tests: PSK file error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 09:51:54 +02:00
Jouni Malinen
dc87541e1e Clean up debug print for PSK file search
p2p_dev_addr was not NULL, so the all zeros case was printed as well.
Clean this up by printing p2p_dev_addr in debug prints only if it is a
real P2P Device Address.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 09:50:51 +02:00
Jouni Malinen
b0159308b5 tests: ACS for 40 MHz channels, on 5 GHz, and for VHT
The 5 GHz cases are not yet complete due to missing mac80211_hwsim
functionality. The current test cases allow the ACS operation to fail
for those cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 09:24:22 +02:00
Janusz Dziedzic
bbbacbf2f8 DFS: Print CAC info in ctrl_iface STATUS command
Print CAC time and CAC left time in control interface STATUS command.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-03-28 23:02:45 +02:00
Jouni Malinen
095ded5dd5 tests: Verify PBC overlap detection during P2P group formation
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-28 23:02:45 +02:00
Avraham Stern
ace0fbdb69 P2P: Fix segfault when PBC overlap is detected
If a separate P2P group interface is used, PBC overlap during group
formation causes the group interface to be removed, which ends up with
the interface context becoming invalid. Fix this by scheduling a timeout
to process the PBC overlap and interface removal instead of removing the
interface directly before the connection operation has returned.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-03-28 19:31:26 +02:00
Jouni Malinen
cf15b15cc1 Add writing of network block ocsp parameter
This was forgotten from the per-network ocsp parameter addition. The new
parameter needs to be stored to the configuration file similarly to the
other EAP parameters.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-28 16:56:41 +02:00
Maxime Bizon
5c9da160a5 nl80211: Set all BSS interfaces down when tearing down AP in MBSS mode
If the interface was not added by hostapd, it could have been left up
when disabling the AP.

Signed-off-by: Maxime Bizon <mbizon@freebox.fr>
2014-03-27 16:45:25 +02:00
Ilan Peer
f1c4dbf5cd wpa_supplicant: Remove pending sme-connect radio work
If a new connection is attempted while there is a pending sme-connection
radio work, cancel the pending radio work and continue with the new
connection attempt. This is preferable over rejecting the new work and
continuing with the pending one, as it is possible that the previous
work is no longer valid.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2014-03-27 16:45:25 +02:00
Eliad Peller
4f560cdee3 wpa_supplicant: Override HT A-MPDU size if VHT A-MPDU was overridden
According to the standard, if the max A-MPDU VHT cap is <= 3, we
have to adjust the max A-MPDU HT cap to the same value. Otherwise
it should be set to 3.

Take care of it when the max VHT A-MPDU value is overridden.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
2014-03-27 16:45:21 +02:00
Avraham Stern
3ae8b7b7a2 hostapd: Add vendor command support
Add support of vendor command to hostapd ctrl_iface.
Vendor command's format:
VENDOR <vendor id> <sub command id> [<hex formatted data>]

The 3rd argument will be converted to binary data and then passed as
argument to the sub command.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-03-27 15:28:44 +02:00
Ilan Peer
782e2f785e P2P: Do not initiate scan on P2P Device when enabled
Do not start a scan on a P2P Device interface when processing an
interface enabled event.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2014-03-27 15:25:12 +02:00
Pawel Kulakowski
74a1319e50 Fix issue with incorrect secondary_channel in HT40/HT80
When primary and secondary channel were switched and config was
reloaded, secondary channel was incorrectly overwritten.

Proceed as for other settings that should not be changed and don't
allow to overwrite.

Signed-off-by: Pawel Kulakowski <pawel.kulakowski@tieto.com>
2014-03-27 15:22:39 +02:00
Sunil Dutt
96ecea5eb1 Pass TDLS peer capability information in tdls_mgmt
While framing the TDLS Setup Confirmation frame, the driver needs to
know if the TDLS peer is VHT/HT/WMM capable and thus shall construct the
VHT/HT operation / WMM parameter elements accordingly. Supplicant
determines if the TDLS peer is VHT/HT/WMM capable based on the presence
of the respective IEs in the received TDLS Setup Response frame.

The host driver should not need to parse the received TDLS Response
frame and thus, should be able to rely on the supplicant to indicate
the capability of the peer through additional flags while transmitting
the TDLS Setup Confirmation frame through tdls_mgmt operations.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-27 15:18:48 +02:00
Jouni Malinen
78cd7e69de Sync with wireless-testing.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2014-03-25.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-27 14:50:39 +02:00
Maxime Bizon
b36935be1a nl80211: Fix EAPOL frames not being delivered
When hostapd choose to reuse an existing interface, it does not add it
to the set of interfaces from which we accept EAPOL packets.

Make sure we always add it to that set.

Signed-off-by: Maxime Bizon <mbizon@freebox.fr>
2014-03-26 16:37:42 +02:00
Jouni Malinen
6997f8baab nl80211: Set interface address even if using old interface
If an existing interface is allowed to be used, its address better be
updated to match the requested one.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-26 16:33:03 +02:00
Jouni Malinen
9b4d9c8bbc nl80211: Print if_indices list in debug log
This makes it easier to debug dynamic interface addition/removal.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-26 00:42:24 +02:00
Maxime Bizon
762c41ae99 eloop: Add assert() on negative fd when using select() code path
Signed-off-by: Maxime Bizon <mbizon@freebox.fr>
2014-03-26 00:17:07 +02:00
Jouni Malinen
978c673052 Add a note on using 'iw list' to determine multi-BSS support
This adds a pointer to hostapd.conf to using 'iw list' with the current
nl80211 drivers to determine supported interface combinations.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-25 23:58:22 +02:00
Jouni Malinen
e56e286d00 tests: GAS/ANQP query for both IEEE 802.11 and Hotspot 2.0 elements
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 18:33:21 +02:00
Dmitry Shmidt
cf28c66bcb HS 2.0: Extend ANQP_GET to accept Hotspot 2.0 subtypes
This allows a single ANQP query to be used to fetch both IEEE 802.11
defined ANQP elements and Hotspot 2.0 vendor specific elements.

ANQP_GET <addr> <info id>[,<info id>]...
[,hs20:<subtype>][...,hs20:<subtype>]

For example:
ANQP_GET 00:11:22:33:44:55:66 258,268,hs20:3,hs20:4

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2014-03-25 18:33:21 +02:00
Jouni Malinen
163f801ef2 nl80211: Indicate HS 2.0 OSEN AKM in connect/associate command
This allows drivers that build the WPA/RSN IEs internally to use similar
design for building the OSEN IE.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 18:33:21 +02:00
Jouni Malinen
9d1e11725d tests: HS 2.0 OSEN using nl80211 connect command
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 18:33:21 +02:00
Jouni Malinen
f8633c0064 tests: Remove CONFIG_WPS2=y from example configuration files
This build parameter is not used anymore.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 18:33:21 +02:00
Jouni Malinen
c201f93a9e WPS: Enable WSC 2.0 support unconditionally
There is not much point in building devices with WPS 1.0 only supported
nowadays. As such, there is not sufficient justification for maintaining
extra complexity for the CONFIG_WPS2 build option either. Remove this by
enabling WSC 2.0 support unconditionally.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 18:33:21 +02:00
Sunil Dutt Undekari
91364b7f10 P2P: Set a timeout for a persistent reinvoke on a P2P Client
Use P2P group formation timeout to wait for the 4-way handshake to
complete on a persistent reinvocation on a P2P Client.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 15:38:33 +02:00
Rashmi Ramanna
41d5ce9e0b P2P: Optimize scan for GO during persistent group invocation
Scan for GO on the negotiated operating channel for few iterations
before searching on all the supported channels during persistent group
reinvocation. In addition, use the already known SSID of the group in
the scans. These optimizations reduce group formation time.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 15:38:33 +02:00
Jouni Malinen
406739c499 tests: P2P persistent group re-invocation with empty BSS table
This verifies P2P Client scanning behavior during group re-invocation in
a case where old scan results are not available to allow the scan to be
skipped completely.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 15:09:34 +02:00
Jouni Malinen
9905de3129 tests: Optimize scanning in wpa_supplicant-as-AP test case
Wait for the AP to be ready before initiating the scan to avoid
unnecessary five second extra wait. In addition, disconnect the station
to avoid possibility of starting a new scan at the end of the test case.
These remove unnecessary wait time from the test cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 15:09:34 +02:00
Jouni Malinen
4d1e38be9e ACS: Fix number of error path issues
Especially when multiple BSSes are used with ACS, number of the error
paths were not cleaning up driver initialization properly. This could
result in using freed memory and crashing the process if ACS failed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 13:12:29 +02:00
Jouni Malinen
09e38c2fce tests: Add scripts to allow parallel execution of tests in VMs
"parallel-vm.sh <number of VMs> [arguments..]" can now be used to run
multiple VMs in parallel to speed up full test cycle significantly. In
addition, the "--split srv/total" argument used in this design would
also make it possible to split this to multiple servers to speed up
testing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-24 23:37:42 +02:00
Jouni Malinen
0df965e975 tests: Extend OBSS scan coverage
Include another BSS in the scan results and run a test with a 40 MHz
intolerant neighboring BSS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-23 23:57:38 +02:00
Jouni Malinen
31ded52e70 SME: Add more debug prints for OBSS scans and 20/40 MHz co-ex report
This makes it easier to debug wpa_supplicant behavior when reporting
20/40 MHz co-ex information based on OBSS scans.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-23 23:56:50 +02:00
Jouni Malinen
7f8eb34dee SME: Fix OBSS scan result processing for 20/40 MHz co-ex report
The 40 MHz intolerant bit needs to be checked before skipping the BSS
based on the channel already being in the lost (which could have
happened due to another BSS that does not indicate 40 MHz intolerant).
This fixed the 20/40 MHz co-ex report to indicate 20 MHz request
properly if there are both 40 MHz tolerant and intolerant BSSes on the
same channel.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-23 23:54:50 +02:00
Jouni Malinen
b7a8d67f5b Allow hostapd to advertise 40 MHz intolerant HT capability
ht_capab=[40-INTOLERANT] can now be used to advertise that the BSS is 40
MHz intolerant to prevent other 20/40 MHz co-ex compliant APs from using
40 MHz channel bandwidth.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-23 23:50:37 +02:00
Jouni Malinen
145f35bf30 tests: Verify HT/VHT required rejection
Previously, only the case of STA supporting HT/VHT was tested. Now both
cases are verified.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-23 19:49:12 +02:00