Commit graph

3736 commits

Author SHA1 Message Date
Jouni Malinen
b50b8f0429 tests: HS 2.0 deauthentication request PMF misbehavior (+HTC)
Verify driver/mac80211 behavior with HT Control field in Public Action
frames.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-29 20:55:18 +03:00
Jouni Malinen
eff431ff38 tests: OWE transition mode with owe_transition_ifname
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-26 16:23:39 +03:00
Jouni Malinen
9818fbe9bc tests: Enforce proper OCV behavior for SA Query Response from STA
Now that there is a pending mac80211 patch ("mac80211: allow SA-QUERY
processing in userspace") to allow wpa_supplicant to take care of SA
Query Request processing, start enforcing correct behavior for this in
ocv_sa_query and wpa2_ocv_sta_override_sa_query_resp.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-26 12:31:16 +03:00
Jouni Malinen
b96a3bd5df tests: sigma_dut controlled STA using OCV
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-25 23:24:55 +03:00
Jouni Malinen
38163b193e tests: OCV and post-CSA SA Query error cases
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-25 21:57:04 +03:00
Jouni Malinen
5071248bd4 tests: OCV with OCI override on STA
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-25 19:11:36 +03:00
Jouni Malinen
bf47f0542f tests: Suite B using PMKSA caching and roaming
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-25 16:20:33 +03:00
Jouni Malinen
0132a72922 tests: Use test-name.* style files more consistently
Use params['prefix'] to build the file names for dynamically generated
files.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 16:03:29 +03:00
Jouni Malinen
78c823de4e tests: Handle unexpected get_driver_status_field() error
If the current country code cannot be fetched, do not try to report the
current value in the log since that will result in TypeError exception.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 13:04:26 +03:00
Jouni Malinen
f382af2c1e tests: Avoid hapd reference before assignment on error cases
Couple of VHT test cases missed explicit setting of hapd to None before
trying to start hostapd. Add those to avoid unexpected exceptions in
case hostapd start fails.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 12:59:53 +03:00
Jouni Malinen
7134b2a548 tests: Add description for test cases that were missing it
All test_*() functions are expected to use __doc__ to provide a short
description of the test case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 01:31:19 +03:00
Jouni Malinen
49d1f9c98e tests: Unify ignore_old_scan_res resetting
Add a decorator that clears ignore_old_scan_res parameter value instead
of doing this with try/finally in large number of test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 01:31:19 +03:00
Johannes Berg
570ae3ef54 tests: Unify IPv6 disabling
Add a decorator that disables IPv6 and requires running
under a VM, rather than open-coding that many times.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-05-17 01:31:19 +03:00
Jouni Malinen
87c8e86da9 tests: Fix ACS freqlist testing
The freqlist parameter uses comma, not space, separated values. Add
another test case for checking freqlist values that do not use the
preferred channel numbers to make sure the frequency list is actually
used as a constraint for selecting the channel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 01:31:19 +03:00
Johannes Berg
34ac7d871a tests: Delayed group rekey retransmit test for IGTK
Add a test for delayed group rekey retransmission that checks that
the IGTK is protected against it by not resetting the IPN replay
counter when reinstalling such a key.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-05-17 01:31:19 +03:00
Johannes Berg
7f508ff968 tests: Reset the correct key's PN for group key handshake testing
While adding support for IGTK and BIGTK here, I tested this without
protections (i.e., with protections removed from both wpa_supplicant and
the driver), and while I got some bad resets on the debugfs values, it
should have failed with "unexpected connectivity".

Fix this to be correct - we need to reset the GTK PN, not the PTK PN in
this test.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-05-17 01:31:19 +03:00
Johannes Berg
889218c14a tests: Extend debugfs key state reading for IGTK/BIGTK
Extend the debugfs read helpers to work with IGTK and BIGTK.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-05-17 01:31:19 +03:00
Johannes Berg
4a0b27c62f tests: Replace gtk boolean by keytype in cipher suite tests
Replace the gtk boolean by a keytype value indicating
GTK or PTK, to be able to extend to other types later.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-05-17 00:02:18 +03:00
Jouni Malinen
f636bc3abc tests: Skip TOD-TOFU/STRICT tests if build does not support this
This functionality is currently available only with OpenSSL and internal
TLS implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-16 21:58:10 +03:00
Thomas Pedersen
692bbd25b4 tests: Flush scan results before checking alloc failure
When run after other tests, It was likely that the target
bss was already present in scan_fail, so the
scan_for_bss() wouldn't trip the allocation failure in
wpa_bss_add(). Flush the scan results before the scan to
ensure wpa_bss_add() is called and consistently pass
scan_fail.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-05-16 17:32:01 +03:00
Thomas Pedersen
0218bf05d6 tests: sigma_dut: set regulatory inside try/except
If sigma_dut is not installed, start_sigma_dut() will
throw an exception. Call start_sigma_dut() inside the
try/except to correctly reset the regulatory domain.

This fixes several seemingly random failures due to
regulatory domain not being reset.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-05-16 17:30:16 +03:00
Jouni Malinen
72e10af9ca tests: Automatic channel selection and RX during ACS
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-16 12:18:42 +03:00
Jouni Malinen
47323a6f50 tests: sigma_dut DPP/QR AP as chirping Enrollee
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-13 17:59:05 +03:00
Jouni Malinen
d5b596996e tests: DPP chirp by an AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-13 17:59:05 +03:00
Jouni Malinen
dff67270b5 tests: iftype parameter with GET_CAPABILITY key_mgmt
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-12 17:33:54 +03:00
Jouni Malinen
644638819a tests: Additional sigma_dut DPP over TCP coverage
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-12 14:48:49 +03:00
Jouni Malinen
b37a1ec24f tests: DPP over TCP (Configurator initiates)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-12 14:48:49 +03:00
Jouni Malinen
217656d098 tests: DPP reconfiguration exchange
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:11 +03:00
Jouni Malinen
b227515fae tests: Update dpp_peer_intro_local_failures to match implementation
The memory allocation in dpp_peer_intro() was moved into a helper
function dpp_check_signed_connector(), so update the test case to match.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 16:41:33 +03:00
Jouni Malinen
6eb03715e3 tests: Update dpp_pkex_test_fail to match implementation
dpp_derive_ke() was renamed to dpp_derive_bk_ke().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-10 15:55:30 +03:00
Jouni Malinen
046f2d1fb9 tests: DPP URI version information
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-06 11:59:11 +03:00
Jouni Malinen
6b8dde4ec9 tests: sigma_dut controlled AP doing DPP on offchannel
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-06 01:14:13 +03:00
Jouni Malinen
c32c3bcc6b tests: sigma_dut and DPP MUD URL
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 15:33:03 +03:00
Jouni Malinen
1d4a1a819a tests: sigma_dut DPP chirping
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 15:33:03 +03:00
Jouni Malinen
bb8e191cca tests: Verify Deauthentication frame transmission to STA in PS mode
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:45 +03:00
Jouni Malinen
ccca850898 tests: Disable power saving explicitly for pmksa_cache_ap_expiration
This test case seems to be failing every now and then due to the AP not
getting out the Deauthentication frame after PMKSA expiration if the STA
is in power save mode.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:45 +03:00
Jouni Malinen
8a8001989a tests: Clear power save configuration in ap_open_sta_ps
It looks like this test case was supposed to set power_save off at the
end instead of repeating the same setting twice.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:45 +03:00
Jouni Malinen
1a59ebf2e5 tests: DPP version override
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:45 +03:00
Jouni Malinen
f114156804 tests: Disable PFS in dpp_akm_sha*
These test cases are using externally generated PMKSA cache entry which
does not support use of PFS. This will start failing if the station
claims to support PFS in such cases, so explicitly disable PFS
functionality in these test cases for now.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:44 +03:00
Jouni Malinen
61e22e45c8 tests: DPP PFS and cfg80211 connect command
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:44 +03:00
Jouni Malinen
6c67ad0a52 tests: Check DPP PFS negotiation result
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:44 +03:00
Thomas Pedersen
7ec86f6599 tests: Skip proxyarp tests properly if ebtables rule install fails
Otherwise the test will continue on and fail later due to unexpected
foreign ARP request. The try/except design here did not work properly to
detect this.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-05-03 18:46:34 +03:00
Jouni Malinen
82f2e3ddce tests: Move from 1024 bit private keys to 2048 bit keys
Crypto libraries are starting to refuse to accept the old shorter keys,
so move all test certificates and DH to use 2048 bit (or longer) keys.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-03 18:21:13 +03:00
Jouni Malinen
674758ed59 tests: Provide digestmod to hmac.new() for Python 3.8
Python 3.8 removed the previously used default of MD5 algorithm, so
provide the explicit digestmod=hashlib.md5 parameter to the couple of
places that were missing it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-03 11:58:54 +03:00
Jouni Malinen
83c9b69b01 tests: Wait a bit to get Beacon frames into capture
The ap_beacon_rate_* test cases could end up terminating before the very
first Beacon frame is captured, so wait a bit after the connection to
make sure at least one Beacon frame is going to be in the capture file.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-25 17:23:24 +03:00
Jouni Malinen
c794bdf9c8 tests: Beacon frame protection mismatch
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-24 17:16:51 +03:00
Jouni Malinen
05abebaa06 tests: Fix sigma_dut_sae_h2e_enabled_group_rejected to clear sae_pwe
This test case was using sigma_dut to set sae_pwe=2, but that value was
not cleared in the end. This could result in following SAE test cases
failing due to unexpected behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-24 17:06:50 +03:00
Jouni Malinen
fe319fc7ed tests: DPP QR Code and authentication exchange (rand_mac_addr=1)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-22 17:09:01 +03:00
Jouni Malinen
e480ed38eb tests: ap_open_out_of_memory to skip i802_init test if needed
The eloop_register_read_sock() call in i802_init() will be skipped if
the driver supports control port for EAPOL RX, so need to skip this part
of the test case conditionally.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-19 17:42:41 +03:00
Jouni Malinen
533d06340f tests: WPA2-PSK AP with nl80211 control port in AP mode
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-19 16:50:56 +03:00