Commit graph

9883 commits

Author SHA1 Message Date
Jouni Malinen
ce8963fc9f Remove WEP40/WEP104 cipher suite support for WPA/WPA2
As far as IEEE 802.11 standard is concerned, WEP is deprecated, but at
least in theory, allowed as a group cipher. This option is unlikely to
be deployed anywhere and to clean up the implementation, we might as
well remove all support for this combination.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-20 23:04:31 +03:00
Jouni Malinen
664093b55b tests: WPA2-PSK-FT AP and invalid response IEs
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-20 18:04:50 +03:00
Jouni Malinen
ee140ef98f FT: Stop association attempt if Auth response processing fails (SME)
Call the FT processing function directly instead of going through
wpa_supplicant_event() to process FT Authentication frame in SME case.
This allows parsing error to be used to trigger immediate failure for
the connection instead of trying to proceed to reassociation step that
cannot succeed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-20 17:36:58 +03:00
Jouni Malinen
50a19b0107 tests: HT40 co-ex scan finding an AP advertising 40 MHz intolerant
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-20 16:16:11 +03:00
Jouni Malinen
1887be4fa7 Make check_20mhz_bss() static
This is not used outside this file anymore, so there is no need to
export the symbol either.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-20 16:05:54 +03:00
Jouni Malinen
f0b347b615 tests: HT40 co-ex scan conflict with HT 20 MHz AP
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-20 16:02:53 +03:00
Jouni Malinen
97e4688b2f tests: HT40 on 5 GHz with invalid channel pair
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-20 15:51:41 +03:00
Jouni Malinen
5ce2a9ac50 tests: Make dbus_old_wps_pbc more robust
Flush the cfg80211 scan cache explicitly to avoid false failure reports
if a BSS entry from an earlier test case remain. Such a failure could be
hit, e.g., with the following test case sequence:
wpas_mesh_mode_scan p2p_channel_random_social dbus_old_wps_pbc

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-20 15:35:52 +03:00
Ilan Peer
f43c1ae798 P2P: Handle P2P Device dedicated interface parent removal
In case of a network interface removal, check if the interface
was also the parent interface of the P2P Device dedicated interface.
If this is the case, then stop the P2P Device functionality, and
remove the P2P Device dedicated interface.

In case that the interface is added again and P2P Device
functionality can be enabled again, add a new P2P Device dedicated
interface and allow further P2P Device functionality.

In case that the P2P Device dedicated interface is re-created, the
original P2P Device configuration file is needed, so store it in
the global params (instead in the wpa_interface configuration).

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 16:22:26 +03:00
Ilan Peer
1ac977bdd5 nl8021: Allow sending wowlan configuration on any interface
Sending a wowlan configuration command can be done on any wireless
interface (not only netdev), as it is a device configuration and not
interface configuration specific. Fix the code to allow it to be
sent on any interface.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 16:17:04 +03:00
Ilan Peer
489970270b nl80211: Remove android_genl_ctrl_resolve()
Android libnl_2 implementation added support for "nl80211" name in
commit 'libnl_2: Extend genl_ctrl_resolve() to support "nl80211" name'
in July 2012 which got included in Android 4.2. It is fine to drop this
old Android ICS workaround from wpa_supplicant now.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 16:06:28 +03:00
Eliad Peller
38dcc86cb7 P2P: Consider ht/vht on P2P_GROUP_ADD command (with no params)
p2p_ctrl_group_add() takes care of various configuration options (such
as ht/vht) before calling wpas_p2p_group_add(), so use it (just like
when P2P_GROUP_ADD is called with additional params).

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
2015-06-19 15:57:16 +03:00
Eliad Peller
29292d53ee ctrl_iface: Make p2p_ctrl_group_add() more robust
Parse each parameter individually and combine all the function calls.
This will allow further patch to call it with no parameters (currently
this might result in failure).

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
2015-06-19 15:56:54 +03:00
Eliad Peller
e4a80d89bd P2P: Fix secondary channel selection for HT40
wpas_p2p_get_ht40_mode() used blacklist approach (bw != BW20) to find
the relevant op_class, but didn't take into account other non-BW40
cases, like BW80, that had been added to the bw enum after the initial
implementation. Fix this by looking for the specific BW40 bw cases.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
2015-06-19 15:50:40 +03:00
Jouni Malinen
81f8e7e9fb tests: Increase HTTPConnection timeout in ap_wps_upnp_http_proto
It looks like the previous timeout of 0.1 seconds could be hit under
parallel VM load, so double this to 0.2 second to avoid hitting
unnecessary test failures.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-19 13:45:16 +03:00
Jouni Malinen
001c4bf5b3 tests: D-Bus RemoveClient()
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-19 13:07:03 +03:00
Purushottam Kushwaha
4e7175827e dbus: Add RemoveClient method to remove a client from local GO
This is equivalent to the P2P_REMOVE_CLIENT command on control
interface. This can be used to remove the specified client [as object
path or string format interface address] from all groups (operating and
persistent) from the local GO.

Argument(s): peer[object path] OR iface[string format MAC address]

Signed-off-by: Purushottam Kushwaha <p.kushwaha@samsung.com>
Signed-off-by: Jijo Jacob <jijo.jacob@samsung.com>
2015-06-19 12:55:54 +03:00
Maneesh Jain
f0a79c9403 D-Bus: Fix wpas_dbus_register_peer() documentation
Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>
2015-06-19 12:40:29 +03:00
Maneesh Jain
95d62a6c20 D-Bus: Add missing params in WPS function documentation
This adds missing parameters in all WPS events related function
documentation.

Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>
2015-06-19 12:38:11 +03:00
Maneesh Jain
790429b520 D-Bus: Fix function documentation for wpas_dbus_signal_p2p_go_neg_resp()
Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>
2015-06-19 12:35:40 +03:00
Maneesh Jain
92fe746e19 D-Bus: Add function documentation for wpas_dbus_signal_p2p_go_neg_req()
This is needed to add this function into Doxygen documentation.

Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>
2015-06-19 12:31:28 +03:00
Ben Rosenfeld
2e96aef298 tests: Wait on the global control interface for CTRL-EVENT-REGDOM-CHANGE
The event is not interface specific, so wait for it on the global
control interface socket.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-06-19 11:31:53 +03:00
Avraham Stern
99b83d0abd tests: Fix grpform_wait_peer group removal in P2P Device case
Get the P2P group interface name so it will be used for group removal to
support configurations that use a dedicated P2P Device interface.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-06-19 11:28:20 +03:00
Avraham Stern
c340e0e8f4 tests: Fix p2p_set_discoverability waiting for CTRL-EVENT-CONNECTED
Wait on the group control interface to support configurations that
use a dedicated P2P Device interface.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-06-19 11:27:15 +03:00
Avraham Stern
e1dffa3b2c P2P: Fix PBC overlap detection
PBC overlap detection searches for another BSS with active PBC in the
BSS table. However, when a separate P2P interface is used, scan results
without P2P IE are not saved in the BSS table, so non-P2P BSS's with
active PBC will not be detected.

Fix this by iterating only the WPS AP array instead of the BSS table.
This is also more efficient since only WPS APs may have active PBC. This
also fixes hwsim test "grpform_pbc_overlap" when a dedicated P2P Device
is used.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-06-19 11:25:21 +03:00
Ilan Peer
bab3191718 tests: Fix wifi_display to use the global control interface
This is needed if the configuration is using a dedicated P2P Device
interface.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 11:14:30 +03:00
Ilan Peer
063006328a tests: Fix wifi_display_persistent_group with P2P Device
Use the global control interface to list the P2P Device persistent
networks. Get and parse the P2P-GROUP-STARTED events, so later the
interface names would be available for the connectivity test etc. Both
of these are required when a dedicated P2P Device interface is used.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 11:12:33 +03:00
Ilan Peer
de7b02fd18 P2P: Use the P2P Device interface in wpas_p2p_fallback_to_go_neg()
Previously the wpa_s->parent interface was used, which is not
necessarily the P2P Device management interface.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 11:07:50 +03:00
Ilan Peer
5590d2ecd1 tests: Fix autogo_pbc() waiting for WPS-PBC
Wait on the global control interface to support
configurations that use a dedicated P2P Device interface.

Note that the group interface cannot be used, as the group
interface name is not saved since no group was created.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 10:59:01 +03:00
Ilan Peer
c0b57b241a tests: Use global and group control interface in test_p2p_autogo
This is required when a dedicated P2P Device is used.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 10:46:17 +03:00
Ilan Peer
a2168cf476 tests: Modify reset() to use the global control interface
Change the reset() method to use the global control interface
for resetting P2P state and also add a call to P2P_FLUSH.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-06-19 10:38:22 +03:00
Ben Rosenfeld
0208e8329d tests: Use global interface for "P2P_SET"
Setting P2P per_sta_psk should be done using the global control
interface.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-06-19 10:37:08 +03:00
Jouni Malinen
31bd8ea2e9 tests: NFC static handover with invalid contents
This adds test coverage to p2p_procesS_nfc_connection_handover() error
paths. This is also a regression test case for a memory leak on two of
these error paths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-19 01:23:24 +03:00
Ben Rosenfeld
6b5147af53 P2P: Fix memory leak in p2p_process_nfc_connection_handover()
p2p_process_nfc_connection_handover() allocates msg memory in the parser
and might return before memory is released if the received message is
not valid.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-06-19 01:23:24 +03:00
Jouni Malinen
27f2fab021 tests: WPA2-Enterprise connection using EAP-FAST and OOM in PRF
This is a regression test case for a memory leak on a TLS PRF error
path. In addition, this provides more coverage for this error path.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-19 01:23:24 +03:00
Jouni Malinen
33ba27d387 EAP-FAST peer: Stop immediately on key derivation failure
If key derivation fails, there is no point in trying to continue
authentication. In theory, this could happen if memory allocation during
TLS PRF fails.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-19 01:23:24 +03:00
Ben Rosenfeld
144b6a0650 OpenSSL: Fix memory leak on an openssl_tls_prf() error path
Free tmp_out before returning to prevent memory leak in case the second
memory allocation in openssl_tls_prf() fails. This is quite unlikely,
but at least theoretically possible memory leak with EAP-FAST.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-06-19 01:23:24 +03:00
Jouni Malinen
0b5740fdef tests: More RADIUS testing coverage with CUI/User-Name in ACL response
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-19 00:23:49 +03:00
Jouni Malinen
e51c8b2e97 tests: Make ap_wps_ap_scan_2 more robust
The test sequence "scan_and_bss_entry_removed ap_wps_ap_scan_2" resulted
in failure due to an old BSS entry remaining from the first test case to
the second and the WPS_PBC operation on a forced BSSID ending up picking
the incorrect BSS entry. Make this more robust by clearing the scan
results from cfg80211.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-18 22:33:48 +03:00
Jouni Malinen
492c3a9180 tests: Make ap_wps_pbc_overlap_2* less likely to cause issues
Both of these test cases were leaving out BSS entries with active PBC
mode at the end of the test. This could result in the next text case
failing, e.g., in "ap_wps_pbc_overlap_2ap grpform_ext_listen" and
"ap_wps_pbc_overlap_2sta grpform_ext_listen" sequences. Fix this by
flushing the scan results more carefully at the end of the PBC overlap
test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-18 22:29:14 +03:00
Jouni Malinen
9f622398e4 tests: Print a command line to re-run failed test sequence
This makes it easier to test whether a specific test sequence results in
a reproducible test failure.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-18 21:39:24 +03:00
Jouni Malinen
7242b3df37 tests: P2PS with large number of services in Probe Request/Response
This verifies capability to split the response into multiple P2P
elements.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 18:14:04 +03:00
Jouni Malinen
3d7d9f18db tests: Extend P2PS service seek test to cover multiple services
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 18:14:04 +03:00
Max Stepanov
5a2c379736 tests: P2PS wildcard SD probe
Verify that advertiser returns 'org.wi-fi.wfds' wildcard in a Probe
Response frame if at least one P2PS advertisement is present.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
2015-06-18 18:14:04 +03:00
Jouni Malinen
50a9efe713 P2PS: Fix Probe Response frame building in error cases
org.wi-fi.wfds service is not a replacement for non-WFA service matches.
Do not try to replace the results with that if there is not sufficient
room for the response. Instead, reply with all the matching services
that fit into the message. org.wi-fi.wfds is the first entry in the list
(if matching request/service is present), so it won't get overridden by
other services.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 18:14:04 +03:00
Jouni Malinen
509f269bbd P2PS: Fix org.wi-fi.wfds matching when building the response
The service hash for org.wi-fi.wfds is supposed to match only if the
device has a WFA defined org.wi-fi.wfds.* service. Verify that before
adding org.wi-fi.wfds to the response.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 18:14:04 +03:00
Jouni Malinen
5fa5f84324 P2PS: Add more debug prints for service info building
This makes the debug log much more helpful for figuring out results from
service hash matching.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 18:14:04 +03:00
Jouni Malinen
fdde3db6b8 P2PS: Remove unnecessary service hash filtering from p2p_reply_probe()
Probe Response building is already doing service matching and there is
no need to do this in both places, so simplify the p2p_reply_probe()
implementation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 18:14:04 +03:00
Jouni Malinen
f2e0eecf09 P2PS: Do not ignore other hashes if org.wi-fi.wfds hash is included
When doing initial processing of Probe Request frame service hashes, the
previous implementation dropped all other hash values if a hash for
org.wi-fi.wfds was included. This is not correct, since that is not a
full wildcard of all services (it only matches WFA defined
org.wi-fi.wfds.* services).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 17:27:31 +03:00
Jouni Malinen
ebdc32f350 P2PS: Fix service hash matching for org.wi-fi.wfds
This "wildcard" match is for WFA specified org.wi-fi.wfds.* services,
not for all services. Verify that there is a really matching service
being advertised instead of assuming this "wildcard" matches if any
services are advertised.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-06-18 17:27:31 +03:00