External tool is not needed anymore to run the data connectivity tests
since hostapd test mode now allows the possible bridge or VLAN interface
to be specified.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It was possible for some of the SAE test cases (e.g., ap_ft_sae) to fail
if they were run after the sae_groups test case that left the SAE group
configuration to a value that is not enabled by default. Fix this by
clearing sae_groups setting in the couple of test cases that were not
yet doing this.
Signed-off-by: Jouni Malinen <j@w1.fi>
except_ack() was supposed to be verifying that the frame was ACK'ed,
i.e., it was really supposed to be called expect_ack().
Signed-off-by: Jouni Malinen <j@w1.fi>
The implementation of WNM BSS transition management was extended to be
able to return a reject status code based on whether a matching entry is
found. The test case wnm_bss_tm_req was trying to enforce a different
status code to be used here based on old implementation.
Signed-off-by: Jouni Malinen <j@w1.fi>
This implements minimal RSN 4-way handshake Supplicant in Python and
uses that to test hostapd Authenticator implementation in various
possible protocol sequencies.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Change the mesh tests to check for the presence of HT in the scan
results.
[original implementation by Chun-Yeow Yeoh <yeohchunyeow@gmail.com>]
[some fixes by Masashi Honma <masashi.honma@gmail.com>]
Signed-off-by: Ashok Nagarajan <ashok.dragon@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
This wpa_supplicant tests include basic tests for:
- Mesh scan
- Mesh group add/remove
- Mesh peer connected/disconnected
- Add/Set/Remove to test mesh mode network
- Open mesh connectivity test
- Secure mesh connectivity test
- no_auto_peer
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
[no_auto_peer test by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Javier Lopez <jlopex@gmail.com>
The previous changes to enable stdin control broke the previous case of
showing the total number of test cases in the START lines. Fix that by
using a separate variable for the total number of test casess instead of
using length of the list of remaining test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows all VMs to be used at the end of a test sequence by
assigning test cases to VMs based on which VM is available for a new
test case rather than splitting the full task at the beginning and
potentially getting stuck with the last VM running long test cases for
significantly longer than another VM that gets shorter duration tests
assigned to it.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new -i command line argument can be used to control test case
execution from stdin to run-tests.py and vm-run.sh. This can be used,
e.g., to run multiple repeated test sequences in a virtual machine
without havign to restart the VM between each iteration.
Signed-off-by: Jouni Malinen <j@w1.fi>
Some of the paths in run-tests.py are hardcoded and could not handle
tests/hwsim/vm as the working directory. Modify the design enough to
allow ../run-tests.py -L to be used from the vm directory.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows a list of matching test cases to be produced without having
to run the test cases. Previously, -L output included all defined test
cases regardless of what else was included on the command line.
Signed-off-by: Jouni Malinen <j@w1.fi>
Previously, it was possible for a kernel panic to be missed since the
only sign of it in stdout was reduced number of passed test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
This avoids possible mismatches in directory and log file timestamps if
the UNIX timestamp (seconds) changes during the startup sequence.
Signed-off-by: Jouni Malinen <j@w1.fi>
This parameter was used in some of the NFC test cases to make scanning
more robust in case of changing AP configuration. However, the parameter
was not cleared anywhere, so it could have been left in use for other
test cases as well. To get more consistent behavior, clear the value
back to its default between test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
This was currently breaking parallel-run.*, as it was passing
--split num/num parameters (intended for rnu-tests.py)
to vm-run.sh which broke the --codecov and --timewrap options.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Update the code coverage documentation to also specify the
source base directory for the code coverage generation.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Add an option --build to run-all.sh to build before starting to run all
the tests. In addition, add an option --codecov to extract the code
coverage data at the end of the run.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
This verifies that station mode interface SCAN command gets executed if
P2P Device instance is running p2p_find.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
grpform_cred_ready_timeout2 is similar to the grpform_cred_ready_timeout
test case with the difference being in initiating a P2P_FIND operation
during the wait.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The issue in mac80211 was identified and proposed fix is now available,
so remove the workaround here and start reporting failures from
unexpected disconnection during CSA.
Signed-off-by: Jouni Malinen <j@w1.fi>
This verifies that last_scan_res and connect work pointers to BSS
entries get updated when scan result update ends up removing or
reallocating a BSS entry.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is needed in preparation for WPS AES being mapped to enabling both
CCMP and GCMP if the driver supports both ciphers.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The new run-tests.py argument "-l <file>" can now be used to specify the
test modules using a text file.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
"./build.sh --force-config" can be used to force copying configuration
files before building. This will overwrite any changes in .config files.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
"./build.sh --codecov" can now be used to request CONFIG_CODE_COVERAGE=y
to be added to hostapd and wpa_supplicant .config files.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
It looks like cfg80211 can trigger disconnection even without disabling
HT, so the same issue may be hit with both of the channel switches in
these test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
ap_ht40_csa and ap_ht40_csa3 seem to show a cfg80211/mac80211 issue
where a CSA from HT40+ to HT40- channel results in HT getting disabled
due to cfg80211_chandef_compatible() check on c1->width == c2->width
claiming that the new channel is not compatible. For now, comment out
the FAIL case for these known issues to avoid constant failure for cases
that are not wpa_supplicant/hostapd issues. Once the kernel side design
has been reviewed, these error cases can be enabled here.
Signed-off-by: Jouni Malinen <j@w1.fi>
It was possible for the not-pre-authorized GO Negotiation case to end up
starting new GO Negotiation before the GO Negotiation Response frame
with status=1 was transmitted. While this works for group formation, it
could reduce test coverage for the common case where that response is
received. At a small sleep to make it less likely for this unexpected
sequence to happen during testing.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
When loading the hwsim module, disable support_p2p_device by default.
This will also become the default in the kernel, but until then it
makes sure it's not turned on by default.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Use dynamic radios for P2P_DEVICE tests to be able to test
support when the default in hwsim is to not support it.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This will be needed to be able to control dynamic mac80211_hwsim
operations like adding and removing a phy. In the past, it has been
possible to start the main programs as root and then use non-root
account for run-tests.py. However, there is already a large number of
cases within the test scripts where sudo is needed. Moving that
requirement to execution of run-tests.py allows those to be simplified
as well.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new HWSimRadio context manager allows the following
syntax to create (and appropriately destroy) a new radio:
with HWSimRadio([...]) as (radio_id, iface_name):
[...]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
For testing P2P-Device support properly, allow dynamically
creating radios with support for it in hwsim.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Instead of hardcoding reset_devs() to remove wlan5, remove all wlan*
interfaces renaming in the wpa_supplicant process to support the case of
dynamically added hwsim phy.
Signed-off-by: Jouni Malinen <j@w1.fi>
This replaces use of the external hwsim_test tool for most data
connectivity test cases. Only the cases where a special interface
(bridge/VLAN) is used are still executed through hwsim_test.
The internal DATA_TEST_* functionality makes it easier to extend the
connectivity test cases through an external device with real WLAN
hardware instead of the hwsim test setup. In addition, the error reports
from this code can be made more informative.
Signed-off-by: Jouni Malinen <j@w1.fi>
This makes it easier to use instances of control interfaces in common
code without having to separately address hostapd and wpa_supplicant
behavior differences.
Signed-off-by: Jouni Malinen <j@w1.fi>
This makes it easier to replace data connectivity testing to use
something else than local hwsim_test binary on the controller device.
Signed-off-by: Jouni Malinen <j@w1.fi>
Signed-hostap: Luciano Coelho <luciano.coelho@intel.com>
Skip CSA tests if the driver doesn't support this in AP mode.
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
This adds a test which attempts to use the control interface for the
P2P group to remove the P2P group.
Signed-off-by: Toby Gray <toby.gray@realvnc.com>
This is a more advanced version of the simple parallel-vm.sh script.
Status of each VM is printed out during the test and results are
provided in more convenient format in the end.
Signed-off-by: Jouni Malinen <j@w1.fi>
Use scan_for_bss() instead of scan() to avoid errors if the active scan
fails, e.g., due to heavy load under parallel-vm.sh test run.
Signed-off-by: Jouni Malinen <j@w1.fi>
This verifies that GO is able to complete group formation even if the
P2P Client does not send WSC_Done message (or that message is dropped
for any reason) in case the P2P Client completes 4-way handshake
successfully.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It looks like mac80211 scan-while-associated can now take over 10
seconds with the current wireless-regdb rules for world roaming due to
number of additional DFS channel having been enabled for passive
scanning. This resulted in ap_hs20_session_info failing due to the wait
for the scan result event timing out. That is not really a real failure,
so increase the timeout to avoid reporting this incorrectly.
Signed-off-by: Jouni Malinen <j@w1.fi>
This uses mac80211_hwsim dfs_simulate_radar to get the real kernel side
CAC operation executed and aborted due to radar detection. This allows
another channel to be selected properly through another CAC run.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Simulate a radar detection event to verify that hostapd switches
channels properly and the station follows the AP to the new channel.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It looks like association with DFS works fine with the current kernel
version, so re-enable this part of the DFS test cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Since this requires a recent CRDA version and updated wireless-regdb, do
not report failures yet (i.e., indicate that the test case was skipped
if AP startup fails).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the aes_wrap() and aes_unwrap() implementation to be
verified against KW_{AE,AD}_{128,192,256}.txt test vectors from
http://csrc.nist.gov/groups/STM/cavp/documents/mac/kwtestvectors.zip
For example:
./test-aes NIST-KW-AE kwtestvectors/KW_AE_128.txt
./test-aes NIST-KW-AE kwtestvectors/KW_AE_192.txt
./test-aes NIST-KW-AE kwtestvectors/KW_AE_256.txt
./test-aes NIST-KW-AD kwtestvectors/KW_AD_128.txt
./test-aes NIST-KW-AD kwtestvectors/KW_AD_192.txt
./test-aes NIST-KW-AD kwtestvectors/KW_AD_256.txt
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds kek_len argument to aes_wrap() and aes_unwrap() functions and
allows AES to be initialized with 192 and 256 bit KEK in addition to
the previously supported 128 bit KEK.
The test vectors in test-aes.c are extended to cover all the test
vectors from RFC 3394.
Signed-off-by: Jouni Malinen <j@w1.fi>
This verifies that hostapd uses Session-Timeout value from Access-Accept
as the lifetime for the PMKSA cache entries and expires entries both
while the station is disconnected and during an association.
Signed-off-by: Jouni Malinen <j@w1.fi>
This reverts commit bf700cc3d2. The
concurrent initialization test case is now expected to work again with
the STA entry added early enough to avoid the recently added mac80211
validation step failure.
Signed-off-by: Jouni Malinen <j@w1.fi>
Older mac80211 implementations did not set the link identifier
appropriately, resulting in an incorrect teardown packet being sent the
peer. wpa_supplicant adds the FTE containing the MIC field calculated
using the correct link-identifier. This causes a MIC failure on the
other side and the teardown is discarded. Verify this case is fixed by
newer kernel and wpa_supplicant code.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Remove and re-start the persistent group manually to increase test
coverage to include the case of re-configuring the PSK list entries from
a stored persistent group.
Signed-off-by: Jouni Malinen <j@w1.fi>
If the previuous test case used a non-RSN AP and that was left in
cfg80211 scan results, it was possible for ap_hs20_random_mac_addr to
pick that old AP from the previous test and reject to connect through
Hotspot 2.0 mechanisms. Work around this test issue by requesting new
set of scan result at the beginning of the test.
Signed-off-by: Jouni Malinen <j@w1.fi>
The scan for WPS-AUTH validation may miss a Probe Response frame if the
hostapd process gets blocked under load, e.g., when testing with
parallel-vm.sh.
Signed-off-by: Jouni Malinen <j@w1.fi>
Previously, periodic autoscan could have been left running and that
could result in the following test cases failing in some cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Some of the test cases where using INTERWORKING_SELECT internally
without using scan_for_bss like the helper functions did. Add explicit
scan_for_bss calls to make the test cases less likely to fail due to
missing BSSes in scan results. This could cause false failure reports
when runnign under heavy load with parallel-vm.sh.
Signed-off-by: Jouni Malinen <j@w1.fi>
This avoids unexpected connection attempts in cases a matching network
is enabled and there is no existing connection (e.g., when testing with
ENABLE_NETWORK no-connect option).
Signed-off-by: Jouni Malinen <j@w1.fi>
A mac80211 TDLS validation change ended up breaking test functionality
that was needed for this test case. Instead of reporting this known
issue as a FAIL every time, mark the test as SKIP since the issues is
known and there are no plans of "fixing" it.
Signed-off-by: Jouni Malinen <j@w1.fi>
Verify that EAP fast session resumption is skipped if the connection
uses a different network configuration than the last EAP connection.
Signed-off-by: Jouni Malinen <j@w1.fi>
This test case for enforcing the incorrect init=DRIVER instead of
init=CORE for the event due to bug in the event message.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It was possible for this test case to fail due to PBC overlap that was
detected based on previous test case having used PBC. Make that false
positive less likely to happen by explicitly clearing the scan cache on
dev[1].
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Verify that when all configured preferred channels are disallowed,
the GO is instantiated on a random channel.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Verify that a standalone GO selects a random channel from the social
channels in case no other preference is set.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Verify that when trying to form a P2P group but each peer forces a
different frequency, the group formation fails.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Verify that when setting frequency as no_go_freq and setting up
autonomous GO, the GO is instantiated on a different frequency, but
when forming a P2P group and becoming a client this frequency can be
used.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Verify that when setting up autonomous GO with configured preferred
channel and a station interface is connected on a channel that is
disallowed for P2P, the GO is instantiated on the preferred channel.
Requires MCC.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Verify that when setting up an autonomous GO with configured preferred
channel and a station interface is on another channel, the GO is
instantiated on the same channel as the station interface and not on the
configured preferred channel.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Verify that when a station interface is on one frequency, and GO
negotiation is started in which both sides force a different frequency,
the P2P group is formed on the forced frequency (both as GO and client).
Requires MCC.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
After station interface is connected on a specific channel, create
autonomous GO with forced different channel.
Requires MCC.
Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
Verify that when P2P group is formed and a station interface is
connected on a channel that is disallowed for P2P, the group is formed
on a different channel than the BSS (both as GO and client).
Requires MCC.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Verify that when setting up an autonomous GO and station interface is
connected on a channel that is disallowed for P2P uses, the GO is
instantiated on a different channel than the station mode connection.
Requires MCC.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Verify that when station interface is connected and GO negotiation is
initiated, the P2P group is formed on the same channel as the station
connection.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
This test verifies that if a GO is instantiated after a connection of a
station interface, the chosen operating channel is that of the station
interface.
Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
Add an option to run-all.sh and start.sh to get as an argument the
number of concurrent channels that mac80211_hwsim will be loaded with.
To start mac80211_hwsim with more than one channel, the following
parameter should be added to command line: channels=<num_channels>
The default is one channel (no concurrent channels).
The driver should be loaded with multi channel support in order to run
some tests.
Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
This test case shows an example case where an uncancelled offchannel TX
frame command seems to end up getting following CMD_FRAME TX operations
transmitting on incorrect channel.
Signed-off-by: Jouni Malinen <j@w1.fi>
This introduces a minimal RADIUS authentication server using pyrad to
allow simple EAP handler functions to be used for writing protocol tests
for EAP peer methods. This initial commit includes test cases for
EAP-SAKE.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is a regression test for printf_encode() bounds checking issues
that can now be caught under valgrind.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, only hostapd-AP and wpa_supplicant processed were run under
valgrind when valgrind testing was enabled. Extend this to include
hostapd as authentication server.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This was still present in hostapd example configuration even though the
test driver wrapper is not used anywhere in the hwsim testing and there
are no plans of using it either.
Signed-off-by: Jouni Malinen <j@w1.fi>
These are similar to the existing test cases where PTK rekey was
triggered by the station, but here a timer on the AP is used as the
trigger.
Signed-off-by: Jouni Malinen <j@w1.fi>
This brings in a minimal pyrad-based RADIUS server to allow various
protocol tests to be run. For now, the server is not adding
Message-Authenticator, so that error case is checked. Additional tests
can be added in the future.
Signed-off-by: Jouni Malinen <j@w1.fi>
This used to result in a segmentation fault due to use of freed memory
(mismatch in pointer lifetime between hostapd.c and driver_nl80211.c).
Signed-off-by: Jouni Malinen <j@w1.fi>
This is a regression test for an issue where scanning sequence could be
terminated if interworking_find_network_match() finds a matching
network, but wpa_s->auto_select is not set. This could stop connection
attempts when auto_interworking=1 is used and the scan results have a
partially matching network and no cred match.
Signed-off-by: Jouni Malinen <j@w1.fi>
radius_{auth,acct}_unreachable tested some parts of RADIUS client code
error handling. However, they did not test everything since the send()
calls for unreachable port on localhost did not return an error (that
error was reported on receive side). Extend this with similar test cases
using unreachable IP address to get send() error returns covered as
well.
Signed-off-by: Jouni Malinen <j@w1.fi>
ap_cipher_tkip_countermeasures_{ap,sta} printed out the MAC addresses in
stdout which resulted in the debug log not starting the PASS/FAIL
information at the beginning of the line. Hide these unnecessary prints
to avoid that.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The example IMV and IMC used for TNC testing has references to
wpa_printf and other functions from hostapd/wpa_supplicant. Link the
binaries in a way that allows these symbols to be resolved while loading
the libraries at run time.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the SHA-1 implementation to be validated against the
SHA1ShortMsg.rsp and SHA1LongMsg.rsp test vectors from
http://csrc.nist.gov/groups/STM/cavp/documents/shs/shabytetestvectors.zip.
Similarly, the SHA-256 can be validated against the SHA256ShortMsg.rsp
and SHA256LongMsg.rsp.
Signed-off-by: Jouni Malinen <j@w1.fi>
Incorrect password was already tested with TTLS/MSCHAPv2, but the other
non-EAP inner methods in TTLS use their own implementation of password
validation, so check each and also verify the case of no matching EAP
user entry for the specific method.
Signed-off-by: Jouni Malinen <j@w1.fi>
This documents some more steps needed during initial test setup
configuration to make it easier to get this running even without
thorough knowledge of the network setup used by the operating system.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Scan explicitly for the specific AP to work around issues where under
heavy CPU load, the single active scan round may miss the delayed Probe
Response from the AP. In addition, verify that ANQP_GET commands succeed
to make error cases clearer in the log.
Signed-off-by: Jouni Malinen <j@w1.fi>
This verifies that the wait for peer to be ready for GO Negotiation is
timed out properly at no less than 120 seconds. Since this is a long
test case, it is disabled by default without the --long option.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Allow three P2P_FIND attempts for discovering the GO on a non-social
channels since the single Probe Response frame can be missed easily
under heavy CPU load.
Signed-off-by: Jouni Malinen <j@w1.fi>
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
Instead of checking for multiple EAP starts (which can occur if
EAPOL-Start from supplicant goes out quickly enough, e.g., due to CPU
load), look for the explicit message indicating that TTLS method
initialization failed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP. In addition, check for ROAM/FT_DS failures to be
able to report errors more clearly.
Signed-off-by: Jouni Malinen <j@w1.fi>
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
These can fail during heavy CPU load due to active scan dwell time not
being long enough to catch the delayed Probe Response frame from the AP.
Work around this by allowing multiple scan attempts to see the response.
Signed-off-by: Jouni Malinen <j@w1.fi>
There was a bug in this code path that resulted in the
skip-scan-to-start-GO case to not actually skip the scan. It looks like
this could be hit at least when autoscan was enabled, but it is possible
that some other sequences could hit this as well.
Signed-off-by: Jouni Malinen <j@w1.fi>
Since P2P Client scan case is now optimzied to use a specific SSID, the
WPS AP will not reply to that and the scan after GO Negotiation can
quite likely miss the AP due to dwell time being short enoguh to miss
the Beaco frame. This has made the test case somewhat pointless, but
keep it here for now with an additional scan to confirm that PBC
detection works if there is a BSS entry for a overlapping AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
The single channel scan while associated to another AP and immediately
after starting the second AP can miss the Probe Response frame
especially under heavy CPU load. Avoid false error reports by allowing
multiple scan rounds to be performed. wpas_ctrl_bssid_filter is also
modified to take into account different get_bss() behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds a test case for the server fragmenting an EAP-IKEv2 message.
In addition, the fragmentation threshold is made shorter to trigger
fragmentation for all messages.
Signed-off-by: Jouni Malinen <j@w1.fi>
The BSS id numbers were assumed to start from 0 at the beginning of this
test case, but that is only the case if this is run as the first test
after starting wpa_supplicant. Fix the test case to figure out the id
values dynamically to avoid false errors.
Signed-off-by: Jouni Malinen <j@w1.fi>
Extend EAP-SIM/AKA/AKA' test coverage by setting up another
authentication server instance to store dynamic SIM/AKA/AKA' information
into an SQLite database. This allows the stored reauth/pseudonym data to
be modified on the server side and by doing so, allows testing fallback
from reauth to pseudonym/permanent identity.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows control interface issues to be caught in a bit more readable
way in the debug logs. In addition, dump pending monitor socket
information more frequently and within each test case in the log files
to make the output clearer and less likely to go over the socket buffer
limit.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It is possible for the scan to miss a Probe Response frame especially
under heavy load, so try again to avoid reporting invalid failures.
Signed-off-by: Jouni Malinen <j@w1.fi>
It is possible for a scan to fail to see Probe Response or Beacon frame
under heavy load (e.g., during a parallel-vm.sh test run) since the
dwell time on a chanenl is quite short. Make the test cases using
INTERWORKING_SELECT more robust by trying again if the first attempt
does not find a matching BSS.
Signed-off-by: Jouni Malinen <j@w1.fi>
It is possible for the final step of the test case to fail under load
(e.g., when using parallel-vm.sh with large number of VMs), so run
through additional scan iterations if the WPS-AUTH flag does not get
removed immediately.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Verify that AP acts on 40 MHz intolerant STA association/disassociation
and on 20/40 co-ex report indicating 40 MHz intolerant AP showed up and
removed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It turned out that the initial test case found the GO based on the
initial full scan instead of the progressive search part. Fix this by
started the GO only after the initial full scan.
Signed-off-by: Jouni Malinen <j@w1.fi>
This can fail if Probe Response frame is missed and Beacon frame was
used to fill in the BSS entry. This can happen, e.g., during heavy load
every now and then and is not really an error, so try to workaround by
runnign another scan.
Signed-off-by: Jouni Malinen <j@w1.fi>
It seems like it is possible for a CTRL-EVENT-REGDOM-CHANGE event from a
previous test case to "leak" through to the execution of this test case.
That can result in the validation steps here failing, so wait a bit and clear the pending events before starting the test.
Signed-off-by: Jouni Malinen <j@w1.fi>
ap_multi_bss_acs test case was failing if it was executed immediately
after a test case that used 5 GHz band since the current mac80211_hwsim
channel survey implementation is very limited and reports only a single
channel. For this test case, that channel has to be from the 2.4 GHz
band.
Signed-off-by: Jouni Malinen <j@w1.fi>
run-tests.py now takes an optional --long parameter that can be used to
enable running of test cases that take a long time (multiple minutes).
By default, such test cases are skipped to avoid making the normal test
run take excessive amounts of time.
As an initial long test case, verify WPS PBC walk time expiration (two
minutes).
Signed-off-by: Jouni Malinen <j@w1.fi>
Do not report missing PBC overlap detection as an issue in this test
case since the sequence can miss the overlap due to per-SSID scan used
during group formation. In addition, increase AP beaconing frequency to
make it more likely for a Beacon frame to be seen during the optimized
scan.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds some helper definitions and functions to allow cfg80211 to be
tested with raw nl80211 messages built in the test scripts. The first
test case shows a case where station disassociates instead of
deauthenticates (which is the wpa_supplicant behavior).
Signed-off-by: Jouni Malinen <j@w1.fi>
These are similar to the previous cases, but with supported rate set
limited to allow the BSS membership selector to fit into that element
instead of Ext Supp Rates.
Signed-off-by: Jouni Malinen <j@w1.fi>
The 5 GHz cases are not yet complete due to missing mac80211_hwsim
functionality. The current test cases allow the ACS operation to fail
for those cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
This verifies P2P Client scanning behavior during group re-invocation in
a case where old scan results are not available to allow the scan to be
skipped completely.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Wait for the AP to be ready before initiating the scan to avoid
unnecessary five second extra wait. In addition, disconnect the station
to avoid possibility of starting a new scan at the end of the test case.
These remove unnecessary wait time from the test cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
"parallel-vm.sh <number of VMs> [arguments..]" can now be used to run
multiple VMs in parallel to speed up full test cycle significantly. In
addition, the "--split srv/total" argument used in this design would
also make it possible to split this to multiple servers to speed up
testing.
Signed-off-by: Jouni Malinen <j@w1.fi>
The optional third argument to the test case functions can now be used
to receive additional parameters from run-tests.py. As the initial
parameter, logdir value is provided so that test cases can use it to
review the debug logs from the test run.
Signed-off-by: Jouni Malinen <j@w1.fi>
Previusly, the responding device was left in p2p_find state as a
consequence of using discover_peer() if the peer was not already known.
This was not the sequence that was supposed to be used here. Go to
listen-only state when waiting for the peer to initiate a previously
authorized GO Negotiation.
Signed-off-by: Jouni Malinen <j@w1.fi>
This was found through a mac80211 bug which didn't correctly accept a
center segment 0 value of zero, so the test will fail until the mac80211
bug is fixed.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This allows a critical error to be noticed more quickly and reported
more clearly in the test log.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Some kernel debugging options (especially
CONFIG_DEBUG_KOBJECT_RELEASE=y) can add significant blocking time to
interface removal with NL80211_CMD_DEL_INTERFACE and
SIOCGIFBR(BRCTL_DEL_BRIDGE) block for 1-8 seconds. This could result in
the VLAN test cases failing due to a wpaspy timeout on the REMOVE
command even though the issue was only in the kernel debugging code
making the operations significantly slower. Work around this by using a
longer timeout for that control interface command to allow this type of
debug kernel to be used.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If trace-cmd command does not exist, run-tests.py could end up hanging
in a loop waiting for input. Fix this simply by checking whether the
trace-cmd command can be executed sucessfully and exiting the script if
not.
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
Both the output file path and the current working directory included the
log directory and this failed if log directory was not absolute (e.g.,
when using the default logs/current in the case a VM is not used).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The return value was lost and GCMP, CCMP-256, and GCMP-256 test cases
were reporting PASS instead of SKIP.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Verify that session information is stored from Access-Accept and sent to
the station at the requested timeout. Verify that station processes this
notification.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This verifies that hostapd can add extra RADIUS attributes using
radius_auth_req_attr and radius_acct_req_attr.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Fix updating of the current symbolic link when LOGDIR is already set.
The current symbolic link was only set, if LOGDIR has not been
previously defined. If the user had chosen to cancel the running test
iteration and run it again by running start.sh again, the current
symbolic link was not updated.
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
This commit includes number of test frames for attribute parsing.
Invitation Request and Provision Discovery processing is also covered.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is the older design that some drivers may still use if they do not
support offloaded offchannel TX operations.
Signed-off-by: Jouni Malinen <j@w1.fi>
A bit different code path is used to match the first three different
locations of roaming consortium OI within Beacon frame.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait a bit between WPS_CONFIG command and the first scan. This can avoid
an extra five second wait due to having to scan again if the initial
scan operations happens to be quick enough to happen before the AP has
updated its configuration.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This verifies that 'INTERWORKING_SELECT auto' is able to pick the
correct network based on priority configuration when connected to a
lower priority network.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
test_ap_hs20_multi_cred_sp_prio verifies that two credentials
provisioned by a single SP are selected properly based on sp_priority
when a single BSS matches both credentials.
test_ap_hs20_multi_cred_sp_prio2 does the same when there a separate BSS
for each credential.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This verifies that 'INTERWORKING_SELECT auto' is able to roam to a
higher priority network when executed while connected to a lower
priority network.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add a new option to set the use_chanctx flag when creating a radio.
While at it, refactor the arguments parsing code to use argparse.
Signed-hostap: Luciano Coelho <luciano.coelho@intel.com>
This seems to be needed in some cases to avoid issues in test cases that
assume there are no other ERs running.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes the script check the environment for the current python
interpreter in use instead of assuming that the python executable points
to a python 2 interpreter.
Signed-off-by: Roger Zanoni <roger.zanoni@openbossa.org>
Only run-tests.py is actually executed, so there is no need to specify
the interpreter in all the helper files and test script files.
Signed-off-by: Jouni Malinen <j@w1.fi>
CONFIG_MODULE_TESTS=y build option can now be used to build in module
tests into hostapd and wpa_supplicant binaries. These test cases will be
used to get better testing coverage for various details that are
difficult to test otherwise through the control interface control. A
single control interface command is used to executed these tests within
the hwsim test framework. This commit adds just the new mechanism, but no
module tests are yet integrated into this mechanism.
Signed-off-by: Jouni Malinen <j@w1.fi>
Verify cases both with multiple peers (one of which not advertising any
services) and with multiple SD queries.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It looks like some of the discovery_* test cases have been failing every
now and then on the virtual server and the one second timeout could have
been a bit too short to cover some possible timing cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Enable hostapd control interface for the RADIUS server instance and
verify that the RADIUS server MIB counters are incremented.
Signed-off-by: Jouni Malinen <j@w1.fi>
This improves accuracy of the code coverage reports with hostapd-as-AS
and hlr_auc_gw getting analyzed separately.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds a password that uses one, two, and three octet encoding
for UTF-8 characters. The value is tested against a pre-configured
hash to verify that utf8_to_ucs2() function works correctly.
Signed-off-by: Jouni Malinen <j@w1.fi>
It looks like get_status() has failed in some test runs because of a
STATUS command returning an line without '=' on it. Instead of stopping
there on exception, report the unexpected line in the log and ignore it
to allow test to continue.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This verifies that NFC connection handover can be used in a case where
hostapd has an enabled password token.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Verify that PD Request followed by GO Negotiation Request is enough to
learn the Listen frequency of the peer.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
To test the code under the influence of time jumps, add the option
(--timewarp) to the VM tests to reset the clock all the time, which
makes the wall clock time jump speed up 20x, causing gettimeofday()
to be unreliable for timeout calculations.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Since wlantest is a separate process that is not synchronized with rest
of the test components, there can be some latency in it having the STA
entries and counters updated. There is a race condition between this
happening and then test script clearing or fetching data. Make this race
condition less likely to cause bogus test failures by adding some wait
between these operations.
Signed-hostap: Jouni Malinen <j@w1.fi>
In addition to running the FLUSH command again, the pending monitor
interface events need be cleared in case the driver was running a scan
when reset() is called. This avoids issues, e.g., with discovery_dev_id
failing due to an unexpected P2P-DEVICE-FOUND event that was generated
by the pending scan operation that had not yet complete when the first
dump_monitor() call in reset() happened.
Signed-hostap: Jouni Malinen <j@w1.fi>
The vm-config in the subdirectory is less useful as it
will get removed by "git clean" and similar, so read a
config file from ~/.wpas-vm-config in addition.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
It looks like slow virtual machines may have issues to complete some EAP
authentication cases (e.g., EAP-EKE in ap_ft_eap) within the 10 second
timeout under load. Double the timeout to avoid incorrect test failures.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
It was possible for the previous test case to leave unexpected BSS or
P2P peer table entries if a scan was in progress when the FLUSH command
was used. This could result in test failures, e.g., when running
discovery_dev_type_go followed by discovery_group_client where a P2P
peer was discovered on another channel at the end of the former test
case from a scan that was running durign the FLUSH operation that was
supposed to remove all P2P peers. This could result in
discovery_group_client failing due to dev[2] trying to send the
discoverability frame on incorrect channel (the one learned in the
previous test case) since discover_peer() skipped a new device
discovery. Fix this by running FLUSH operation again if a pending scan
operation is detected during the first FLUSH operation.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
In addition, add the earlier tests in the new test_ssid.py file that was
forgotten from the previous commit
d78f33030d.
Signed-hostap: Jouni Malinen <j@w1.fi>
WPS-ER-AP-REMOVE event from the ER is sent before HTTP UNSUBSCRIBE has
been completed. As such, it was possible for the following scan
validation step to be started before the AP has had a chance to react to
the ER status change. Makes this less likely to fail by waiting 200 ms
before starting the last scan.
Signed-hostap: Jouni Malinen <j@w1.fi>
It was possible for the AP to report two enrollees in this test case
(i.e., both the expected wlan1 device and also the ER device on wlan0).
The previous test script would fail if the wlan0 device is reported
first. Fix this by allowed the expected target to be found in either the
first or the second WPS-ER-ENROLLEE-ADD event.
Signed-hostap: Jouni Malinen <j@w1.fi>
It was possible for this test case to fail if P2P_FLUSH was issued
during a search scan and that scan adding back the peer. Avoid this by
forcing p2p_find to be started regardless of the current P2P peer table
contents for each round of service discovery.
Signed-hostap: Jouni Malinen <j@w1.fi>
With the extra latencies removed from run-tests.py operations, it was
possible to hit race conditions in pairwise cipher configuration at the
end of the 4-way handshake. In some cases, the EAPOL-Start frame from
the station was not received by the AP and that could result in these
test cases failing. Since there are not really trying to test the race
condition, wait for the AP side to complete key configuration prior to
initiating the reauthentication sequence.
Signed-hostap: Jouni Malinen <j@w1.fi>
When a thread is used to follow P2P group formation progress, it is
better to return a clear failure indication from the thread instead of
allowing an exception to be thrown from the thread.
Signed-hostap: Jouni Malinen <j@w1.fi>
Leave couple of cases to use full scan for better test coverage, but
change all other places to use a single channel scan with
INTERWORKING_SELECT to reduce the time it takes to execute the tests.
Signed-hostap: Jouni Malinen <j@w1.fi>
It is possible that wlantest has not yet created the BSS entry in all
cases, so interpret failures (no BSS entry being the most likely cause)
as zero counters. Similarly, ignore clear_bss_counters errors since they
are most likely reporting that the BSS was not found and as such, there
was no need to clear the counters anyway.
Signed-hostap: Jouni Malinen <j@w1.fi>
The FLUSH command clears disallow_aps, p2p_disabled, and
p2p_per_sta_psk, so there is no need to clear them separately.
Signed-hostap: Jouni Malinen <j@w1.fi>
Replace the fixed 100 ms waits with a select()-based wait and timeout
for full wait based on monotonic time to optimize wait_event().
Signed-hostap: Jouni Malinen <j@w1.fi>
Do not run a full scan in gas_generic since this is not really needed.
Dump pending event messages after long wait to make logs clearer.
Signed-hostap: Jouni Malinen <j@w1.fi>
This makes it easier to build a web page for analyzing failures without
having to fetch the log files themselves from the test server.
Signed-hostap: Jouni Malinen <j@w1.fi>
No need to run a full scan as the first step since it only needs to find
the AP from a known channel for the GAS operation.
Signed-hostap: Jouni Malinen <j@w1.fi>
Now that wpa_supplicant requests the driver (cfg80211) to clear its scan
cache automatically after each BSS_FLUSH/FLUSH command, the previously
used ignore_old_scan_res workaround should not be needed for the hwsim
test cases anymore.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is not really perfect, but something to get a bit more testing
coverage.. For proper discoverability mechanism validation, the P2P
client would need to go to sleep to avoid acknowledging the GO
Negotiation Request frame. Offchannel Listen mode operation on the P2P
Client with mac80211_hwsim is apparently not enough to avoid the
acknowledgement on the operating channel, so need to disconnect from the
group which removes the GO-to-P2P Client part of the discoverability
exchange in practice.
Signed-hostap: Jouni Malinen <j@w1.fi>
These were somewhat more hidden to avoid direct use, but there are now
numerous places where these are needed and more justification to make
the extern int declarations available from wpa_debug.h. In addition,
this avoids some warnings from sparse.
Signed-hostap: Jouni Malinen <j@w1.fi>
It did not look like open mode association completed with WEXT.. I'm
commenting that test case out for now since WPA2-PSK worked. If you care
about WEXT, feel free to fix it and submit a patch to remove the
"REMOVED_" prefix here..
Signed-hostap: Jouni Malinen <j@w1.fi>
Add test cases to use connect command instead of auth+assoc commands and
AP mode operations using the old monitor interface design.
Signed-hostap: Jouni Malinen <j@w1.fi>
The actual data connection does not seem to work with mac80211_hwsim, so
the hwsim_test results are ignored for now.
Signed-hostap: Jouni Malinen <j@w1.fi>
NOTE: Actual use of the direct link (DLS) is not supported in
mac80211_hwsim, so this operation fails at setting the keys after
successfully completed 4-way handshake. This test case does allow the
key negotiation part to be tested for coverage, though.
Signed-hostap: Jouni Malinen <j@w1.fi>
It was previously not obvious from the <test case>.log file that a test
case was marked failed based on kernel issues. Make this very clear to
avoid wasting time on figuring out what caused the failure.
Signed-hostap: Jouni Malinen <j@w1.fi>
Use a more robust design for collecting the gcov logs from the case
where test cases are run within a virtual machine. This generates a
writable-from-vm build tree for each component separately so that the
lcov and gcov can easily find the matching source code and data files.
In addition, prepare the reports automatically at the end of the
vm-run.sh --codecov execution.
Signed-hostap: Jouni Malinen <j@w1.fi>
It takes some time for hostapd to complete AP startup. In some cases,
this could potentially result in station starting a scan before the AP
is beaconing or ready to reply to probes. To avoid such race conditions,
wait for AP-ENABLED before going ahead with the test cases.
Signed-hostap: Jouni Malinen <j@w1.fi>
This makes it easier to enable various testing parameters and
functionality in build configuration.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This adds number of test cases to go through various possible EAP
configurations for Interworking network selection.
Signed-hostap: Jouni Malinen <j@w1.fi>
Since the venue information in the Interworking element is optional,
include both the cases of it included and not included in the test
cases.
Signed-hostap: Jouni Malinen <j@w1.fi>
This verifies that IP packets with various DSCP values are mapped to the
correct TID both with default mapping and with custom QoS mappings.
Signed-hostap: Jouni Malinen <j@w1.fi>
In order to handle regulatory domain requests, crda needs to be
installed on the host, but we also need to install a uevent helper in
the VM so that it gets executed (since we don't run udev).
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
This verifies that QoS Map configuration and update can be completed.
Actual QoS mapping for Data frames within mac80211/cfg80211 is not yet
verified.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If there's code coverage analysis data, copy it out of the VM
to be able to analyse it later. Also add a description to the
README file about how to use it.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
These were not really used in practice and better quality test cases for
concurrent P2P operations are now available in tests_p2p_concurrency.py
using the standard test framework design. Remove the special concurrent
option for start.sh and the run-all.sh concurrent and
concurrent-valgrind operations to clean up scripts.
Signed-hostap: Jouni Malinen <j@w1.fi>
This extends P2P test coverage to include the case of separate group
interface use with autonomous GO and group formation through GO
negotiation.
Signed-hostap: Jouni Malinen <j@w1.fi>
Lockdep complaints are never good, so check for them in the
kernel messages, not just for warnings and bugs.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
There's no reason to format the failed tests as a python
list, just print a (space-separated) list of test names.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
This allows the build.sh script to be used to rebuild binaries based on
existing configuration in addition to the initial case of preparing
suitable build configuration.
Signed-hostap: Jouni Malinen <j@w1.fi>
LOGDIR directory is created automatically if LOGDIR variable was not
set. If the variable is set, that directory is expected to exist.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_supplicant configuration files had a hardcoded GROUP=admin. The
start.sh script failed on a system without admin group (some systems
have it named adm).
Generate configuration files with appropriate GROUP in the log dir
and use them.
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
Add a CHANNELS configuration to the script running the VM
that can be added to the vm-config file to allow running
the tests with hwsim devices supporting more than a single
channel.
Eventually, with the (hopefully) upcoming dynamic work in
mac80211_hwsim, this might go away entirely, but for now
this allows testing more code paths.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
These verify that hostapd is able to remove a BSS while the radio is
still in the progress of the initial channel parameter determination.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Since removal of the primary BSS is now going to remove all the BSSs
for a radio, these two test cases need changes to not trigger false
failures.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Catch exceptions from operations that try to remove hostapd interface
and rename the log file. If these operations fail due to socket
connection issues, hostapd has likely died or gotten stuck somewhere.
Report the test case as a failure and stop test run cleanly.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
These are still disabled by default since they require mac80211_hwsim
changes that are not yet in the upstream kernel and because the test
cases do not fully work yet. Anyway, they are quite convenient for
development use, so good to have them available in the main repository.
Signed-hostap: Jouni Malinen <j@w1.fi>
This extends the Hostapd class to support monitor interface events and
STATUS command similarly to the WpaSupplicant class so that internal
hostapd state can be verified in more detail.
Signed-hostap: Jouni Malinen <j@w1.fi>
Verify that a single configuration file can be used to initiate multiple
BSSes in hostapd and that these BSSes can then be dynamically removed.
Signed-hostap: Jouni Malinen <j@w1.fi>
This fixes the user.key file (incorrect key was copied previously) and
adds a test case for EAP-TLS with WPA2-Enterprise.
Signed-hostap: Jouni Malinen <j@w1.fi>
This increases EAP method coverage for WPA2-Enterprise to include
EAP-pwd, EAP-GPSK, EAP-SAKE, EAP-EKE, EAP-IKEv2, EAP-PAX, and EAP-PSK.
Signed-hostap: Jouni Malinen <j@w1.fi>
This can be used to request the previously used default behavior where
the devices are not stopped at the end of a test case if a single test
case is run.
Signed-hostap: Jouni Malinen <j@w1.fi>
Verify that hostapd handles ENABLE command on invalid configuration
correctly and allows the configuration to be fixed or the interface to
be removed.
Signed-hostap: Jouni Malinen <j@w1.fi>
Remove the -l command like option from run-tests.py and always enable
writing of debug level logs to files. The stdout debug verbosity is
controlled independently of the debug log files.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is needed to avoid invalid PBC session overlap detection when
the previous test case used active PBC mode and the old BSS entry
in cfg80211 may still be valid when starting the next test case.
Signed-hostap: Jouni Malinen <j@w1.fi>
A full scan in these specific test cases does not add anything to the
coverage, so use a single channel scan for the station connection to
remove undesired extra time needed for a full scan.
Signed-hostap: Jouni Malinen <j@w1.fi>
This optional argument can be used to randomize the order in which the
test cases are run. This can provide more coverage on testing
interactions of common use cases in various different sequences. Such
issues have already been found even with the fixed order of test cases,
but being able to reorder the tests makes this more efficient.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is easier than to copy/paste from the README. We may
want to extend it later to change the .config for some
common differences between systems (e.g., libnl/libbfd).
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
In some cases, e.g., with the VM tests if the VM crashes, it
can be useful to know which tests should have run but didn't
(or didn't finish). In order to catch these more easily, add
an option to prefill the database with all tests at the very
beginning of the testing (in a new NOTRUN state) and use the
option in the VM tests.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Create a results.db in the output directory when running
the tests in a VM. To make that easier, create the tables
in the python script if they don't exist.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Refactor the test reporting to treat the different results
(success/skip/failure) identically. This makes the timing
seem a bit longer, but cleans up the code which will allow
for adding more checks (e.g., on the captured data files)
later.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Rather than just having KERNELDIR, allow setting KERNEL directly.
Also remove the -s option that prevents running multiple machines
at the same time, but add a KVMARGS= variable that can be used to
restore that if needed.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
test_ap_bss_add_remove verifies hostapd behavior when BSSes are
added/removed in multi-BSS configuration.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows run-tests.py to use the same logs/<date> default logdir as
start.sh which is quite convenient for manual test runs.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The run-tests.py -l argument does not take an argument value anymore.
Instead, debug output is directed to a separate file <test>.log for each
test case.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This is unnecessary extra complexity for user, so use the 'test_' prefix
only internally within the python scripts and file names.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This is unnecessary extra complexity for user and reports, so use the
'test_' prefix only internally within the python scripts.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
There is no need to run a separate tcpdump process to capture frames
from hwsim0 since wlantest is already doing that can write the results
to a file.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This file was used for adding debug info into the buildbot logs. The new
sqlite database-based design will replace that, so there is no need to
create last-debug and getting rid of it will make it easier to split the
run log into per-test case files.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 781b65cfbb ended up accidentally
changing this from an integer to a string. Fix this by not converting
the variable into a string.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Instead of running on the host, it can be useful to run in a
VM, particularly to test kernel rather than userspace changes,
so add a few scripts that allow doing so easily.
The basic idea is that the VM kernel is the same architecture
as the host kernel, so the host's root filesystem can be used
(in read-only mode) to run everything. Only a log filesystem
is mounted read-write and will get all the test output.
The kernel console output is collected to a special 'console'
file in the logs directory and kernel crashes are detected.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
If running in a VM with the logs going to a host filesystem
chown isn't actually possible, silence any warnings from it.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Resetting at the beginning causes the reset logging/tracing
data to leak from the previous test into the next, and the
last one being missed at all - reset at the end of each run
instead. Also reset before all tests just in case running a
test actually crashed the python script.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
In addition to tracing, allow collecting dmesg. There's no
provision for actually looking at it and finding problems
in it yet though.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Instead of passing the log directory for each option
(-l, -r, -e, and -T) pass it once and make the other
options just take the filename (optionally, even).
This will also make it easier to extend later.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Instead of logging many files called "<timestamp>-*", log into
a new "<timestamp>/*" in the logs/ subdirectory and only put
the last-debug file into logs/. If a LOGDIR is specified in the
environment, instead just put everything into that directory
(so the caller should make sure to give it a timestamp or so)
and skip the creation of last-debug entirely.
Also clean up a bit and pass the LOGDIR from run-all.sh to
start.sh rather than having start.sh create the timestamp and
run-all.sh detect the latest one when having run start.sh.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
In order to get tracing per test, allow run-tests.py to start
and stop tracing per test case. This is implemented using a
python 'with' context so it starts/stops automatically at the
right spots.
Instead of starting global tracing, also use it from run-all.sh
and put the trace files into the log dir.
Note that this only works right if you use a separate log dir
for all test runs as the trace files aren't timestamped.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Just like wpa_supplicant, give hostapd the -T option to
send all debug messages into the Linux tracing buffer.
Enable this option for hwsim test builds by default.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Allow run-all to pass on extra arguments from the command
line that aren't built by the script itself.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Reuse the code rather than duplicating the implementation
of starting the tests. To make that easier, allow passing
multiple modules with -f to run-tests.py.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Instead of hard-coding four different cases, use variables
(and printf) to reduce the duplication.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Instead of re-implementing a command-line parser, use the
argparse module.
The only real change (I hope) is that the test module must
now be given to the -f option without the .py suffix.
Also, --help now works, and if a test module/test name is
given that doesn't exist, the valid list is printed.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Instead of hardcoding logs/, allow putting LOGDIR into
the environment. This helps run tests in a VM where the
rootfs might be mounted read-only.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
test_ap_change_ssid verifies that the SET and RELOAD control interface
commands can be used to change the SSID of a hostapd-controlled WPA2-PSK
AP, i.e., for a case where the PSK needs to be derived again after the
SSID change.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The test_ap_hs20_username* test cases verify that a username/password
credential can be used for Hotspot 2.0 connection and that the network
type is reported correctly.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
test_ap_hs20_ext_sim_roaming is otherwise identical with
test_ap_hs20_ext_sim, but the network is operated by a roaming partner.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This verifies that the network type (home/roaming/unknown) is available
and set properly in the test_ap_hs20_ext_sim test case.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Since the scripts must be run from the source directory to
find the tests to run, they can use a relative path to the
wpaspy module instead of requiring it to be installed.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
"run-tests.py -S <db file> -L" can now be used to update a database
table with the current set of test cases and their descriptions.
Signed-hostap: Jouni Malinen <j@w1.fi>
cfg80211 may keep some state (e.g., regulatory domain), so make sure
this gets cleared between each full testing cycle.
Signed-hostap: Jouni Malinen <j@w1.fi>
test_p2p_go_invite_auth is similar to test_p2p_go_invite with the main
difference being in the peer device pre-authorizing the invitation
instead of processing invitation at upper layers after having received
it.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
There is no point trying to go through a test case if the NOTE command
to write TEST-START entry does not succeed. This avoids some excessive
waits on buildbot trying to forcefully kill the programs on its timeout
if wpa_supplicant gets stuck waiting for something (like the current
issue with libnl events and commands having a chance of hitting a
blocking wait on netlink messages).
Signed-hostap: Jouni Malinen <j@w1.fi>
This adds more coverage to testing by forcing the GO to be found with an
older entry in the BSS table and with that entry having a different
operating channel. Such a case has found issues with PD retries and
scanning if incorrect frequency and SSID is selected for the group.
Instead of relying on the old BSS entry with different operating channel
to happen based on a specific test case sequence, force this to happen
for this test case every time.
Signed-hostap: Jouni Malinen <j@w1.fi>
This verifies network selection using 3GPP Network Information and
connection using EAP-SIM with GSM authentication handled by an external
program.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is in preparation for supporting multiple domain values after which
setting the domain value does not replace the old value, but adds a new
one.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If a test run is terminated forcefully, hlr_auc_gw could have been left
running and/or some of the control interface files could still remain.
This could result in hlr_auc_gw not starting again for the next test
run.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Do not fail the EAP-SIM/AKA/AKA' test cases if hlr_auc_gw is not
available since hlr_auc_gw is not considered required part for the test
setup.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Some older systems used admin group, but adm group seems to be more
common nowadays, so detect this automatically rather than assume admin
group is used.
Signed-hostap: Jouni Malinen <j@w1.fi>
This can be used by test cases that depend on some external component
that may not always be available to indicate clearly that a test case
was skipped rather than passed or failed.
Signed-hostap: Jouni Malinen <j@w1.fi>
There is no point trying to go through the tests if hostapd and
wpa_supplicant processes cannot be started properly.
Signed-hostap: Jouni Malinen <j@w1.fi>
cfg80211/mac80211 seems to getting stuck with scans every now and then.
Check for this special state and delay return from reset() until the
driver has stopped the scan operation. This reduces likelihood of
failing multiple test cases in a row because of a single error.
Signed-hostap: Jouni Malinen <j@w1.fi>
test_p2p_go_invite verifies that GO can invite a peer in a case where
the operating channel and peer's listen channel are different.
Signed-hostap: Jouni Malinen <j@w1.fi>
run-all.sh and start.sh scripts can now take 'trace' command line
argument to request Linux tracing information from mac80211, cfg80211,
and wpa_supplicant to be recorded.
Signed-hostap: Jouni Malinen <j@w1.fi>
This avoids some issues with the global control interface socket
getting stuck with send buffer limit reached if test cases did not
use wait_global_event().
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Some test runs have resulted in wpa_supplicant being unresponsive or
very slow on the control interface. Check for that type of issues as
part of the reset sequence that is done between each test case.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
test_persistent_group_invite_removed_client verifies that a client
that is removed from a group can rejoin based on new invitation.
Signed-hostap: Jouni Malinen <j@w1.fi>
Use test_autogo to verify that P2P client is able to notice explicit
group session termination message from the GO. This would have caught
the regression in processing P2P deauthentication notifications.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is another one of the test cases that can time out frequently
under valgrind during WPS exchange. Increase the timeout to make
false error reports less likely to occur.
Signed-hostap: Jouni Malinen <j@w1.fi>
Number of crypto operations seem to take very long time in the valgrind
tests (about five seconds for public key generation for M1 and M2 on a
virtual server) and this is enough to push the test runs to hit the
timeout frequently even when there is no real error. Make this less
frequent by increasing WPS test case timeout from 15 to 30 seconds to
avoid issues based on the test scripts.
Signed-hostap: Jouni Malinen <j@w1.fi>
Number of crypto operations seem to take very long time in the valgrind
tests (about five seconds for passphrase to PSK mapping and for public
key generation for M1 and M2 on a virtual server) and this is enough to
push the test runs to hit the timeout frequently even when there is no
real error. Make this less frequent by increasing group formation
timeout from 15 to 20 seconds to avoid issues based on the test scripts
(15 + config time seconds timeout in the protocol may still kick in,
though).
Signed-hostap: Jouni Malinen <j@w1.fi>
Wait a bit longer for wpa_supplicant/hostapd to exit and clear control
interface files separately if either any of the cleanup steps fail to do
so.
Signed-hostap: Jouni Malinen <j@w1.fi>
Instead of waiting for a fixed duration, poll hostapd/wpa_supplicant
through the control interface until they are ready to reply in order to
avoid starting test case execution too early. This is like commit
b76579e0c0 but for the concurrent P2P test
cases that were forgotten from that commit.
Signed-hostap: Jouni Malinen <j@w1.fi>
It looks like mac80211 does not always manage to join the same IBSS and
this can result in test_ibss_rsn failures. Detect this case and try to
get the IBSSes to merge by running a scan prior to continuing with the
test case.
Signed-hostap: Jouni Malinen <j@w1.fi>
The handshake between STA2 and STA1 was not tracked previously. For
completeness, include that in the list of handshakes that are explicitly
waited for to complete prior to starting the connectivity tests. Since
all key setup should be done at this point, remove the extra wait before
the last connectivity test between STA1 and STA2.
Signed-hostap: Jouni Malinen <j@w1.fi>
It looks like there may not be enough time to complete this test case in
15 seconds under valgrind on a virtual host every time, so increase the
timeout to 30 seconds to get more consistent test results.
Signed-hostap: Jouni Malinen <j@w1.fi>
Instead of waiting for a fixed duration, poll hostapd/wpa_supplicant
through the control interface until they are ready to reply in order to
avoid starting test case execution too early.
Signed-hostap: Jouni Malinen <j@w1.fi>
Try to make sure new testing can be started by forcing
hostapd/wpa_supplicant to be killed with SIGKILL if needed. In addition,
wait a bit longer when killing the processes to avoid issues with the
next test run starting before the old one has been fully terminated.
Signed-hostap: Jouni Malinen <j@w1.fi>
The previous design of having to provide valgrind parameter to
stop-wifi.sh did not work since the new test setup may no match the
previous one. Instead of trying to figure out what needs to be stopped
based on previous run, stop all wpa_supplicant/hostapd processes running
under valgrind unconditionally to avoid cases where new set of processes
cannot be started due to existing processed.
Signed-hostap: Jouni Malinen <j@w1.fi>
test_ibss_rsn has been failing pretty frequently due to various issues
in getting all connections up. Try to address this initially by avoiding
concurrent operations and explicitly waiting for 4-way handshake
completion before testing data connection. Once this test case is
workign more robustly, a more difficult case with concurrent operations
can be added as a separate test case.
Signed-hostap: Jouni Malinen <j@w1.fi>
This makes it easier to figure out what failed and allows builbot to
integrate multiple logs and state information about the test cases.
Signed-hostap: Jouni Malinen <j@w1.fi>
It looks like some virtual host setups are too slow to get
wpa_supplicant initialized under valgrind and this was triggering test
failures. Work around this by using even a longer wait before test case
execution.
Signed-hostap: Jouni Malinen <j@w1.fi>
It looks like valgrind could not under buildbot with the default file
mode. Fix this by making wpa_supplicant and hostapd binaries readable
and executable by everyone.
Signed-hostap: Jouni Malinen <j@w1.fi>
./run-all.sh can now take an optional argument to select whether to run
all test cases as before (default), to run these under valgrind
("valgrind"), to run P2P test cases with concurrent station interface
("concurrent"), or the concurrent P2P test cases under valgrind
("concurrent-valgrind").
valgrind cases report errors if a test case fails or valgrind reports an
error.
Signed-hostap: Jouni Malinen <j@w1.fi>
print and logger.info() were directing output to different locations
(stdout and stderr, respectively) which resulted in buildbot showing
reordered entries. Use logger consistently to avoid that.
Signed-hostap: Jouni Malinen <j@w1.fi>
It looks like the NOTE commands can time out in some cases. Avoid
stopping the test run in such a case to get more coverage if this is a
temporary issue.
Signed-hostap: Jouni Malinen <j@w1.fi>
The design for launching AP mode interfaces was changed, but
start-p2p-concurrent.sh was not updated with matching changes.
Signed-hostap: Jouni Malinen <j@w1.fi>
Make sure the connection between each STA and the AP is in working state
between each TDLS setup/teardown operation.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows more consistent interface to be used regardless of which
P2P driver design is used (especially for P2P management operations
over netdev vs. dedicated P2P_DEVICE).
Signed-hostap: Jouni Malinen <j@w1.fi>
The scan results from old test cases showing different SSID on the AP
can result in false failures, so avoid those by ignoring old scan
results from cfg80211.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Stopping the AP first was not ideal for the test cases since it could
result in wpa_supplicant trying to connect back and start a scan at the
end of a test case and cause problems for the following test case that
tried to scan in the beginning while the previously started scan was
still in progress.
Signed-hostap: Jouni Malinen <j@w1.fi>
Do not print the potentially long list of passed test cases. In case of
failure(s), make sure the failed test list is the last item in the
report.
Signed-hostap: Jouni Malinen <j@w1.fi>
The WPS tests are more prone to fail if scan results from the previous
test cases are allowed to remain in the wpa_supplicant BSS table during
the consecutive test since the test setup uses the same BSSID for the
test APs that change their configuration. Avoid these mostly bogus
issues by enforcing wpa_supplicant to drop and ignore old scan results
during the WPS test cases.
Signed-hostap: Jouni Malinen <j@w1.fi>
This removes the unnecessary separation of P2P (no hostapd) and AP
tests. The same scripts can be used to prepare for these tests and to
execute the tests.
Signed-hostap: Jouni Malinen <j@w1.fi>
P2P_PROV_DISC fails if the peer is not fully discovered and the previous
version of the test cases did not force this (i.e., it could have
started PD just based on having seen a Probe Request frame from the
peer).
Signed-hostap: Jouni Malinen <j@w1.fi>
buildbot seems to be running with more limited umask by default and that
prevented the hostapd per-interface socket from being accessed.
Signed-hostap: Jouni Malinen <j@w1.fi>
A virtual station interface in scanning state can change the P2P
operations quite a bit, so running all the P2P tests also in such
setup can increase testing coverage quite a bit.
Signed-hostap: Jouni Malinen <j@w1.fi>
The discovery and group formation test cases do not need to run the full
scan as the first step, so get rid of it to make the tests complete more
quickly.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This is the most common sequence for initiating GO Negotiation, so
include a test case that uses threads to follow both peers at the
same time to allow GO Negotiation to be re-initiated.
Signed-hostap: Jouni Malinen <j@w1.fi>
Command line parameter to run-p2p-tests.py can now be used to select
which test case is run instead of always running all test cases.
Signed-hostap: Jouni Malinen <j@w1.fi>
run-p2p-tests.py can now be used to run all P2P test cases. The
actual test cases are defined in test_p2p_*.py files.
Signed-hostap: Jouni Malinen <j@w1.fi>
This will hopefully grow over time to become a much more complete
testing mechanism that uses mac80211_hwsim to verify various
wpa_supplicant and hostapd functions automatically.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is otherwise identical to aes_gcm_ae() but does not use the
plain/crypt pointers since no data is encrypted.
Signed-hostap: Jouni Malinen <j@w1.fi>
This adds 192-bit and 256-bit key support to the internal AES
implementation and extends the AES-GCM functions to accept key length to
enable longer AES key use.
Signed-hostap: Jouni Malinen <j@w1.fi>
This can be used to build ASCII strings from binary data that is
more likely to use ASCII (i.e., text format is more natural
option than hexdump, but there is possibility of some non-ASCII
characters).
Signed-hostap: Jouni Malinen <j@w1.fi>
Prepare for multiple TLS PRF functions by renaming the SHA1+MD5 based
TLS PRF function to more specific name and add tls_prf() within the
internal TLS implementation as a wrapper for this for now.
Signed-hostap: Jouni Malinen <j@w1.fi>
The test with very large iterations count is commented out since it
takes quite long to derive (it does pass, though). In addition, the
last test vector is commented out since pbkdf2_sha1() does not support
arbitrary binary passphrases (\0 inside the string).
src/crypto/libcrypto.a and src/tls/libtls.a have circular references
and will need special handling with the linker at least for the time
being. This could be cleaned up eventually, but for now, provide a
mechanism to get the programs linked.
The new test-asn1 and test-x509 tools are built using libraries
from src/{utils,crypto,tls}. Currently, cross dependencies between
crypto and tls are still preventing the test-x509 from being linked
properly.