This describes how various wpa_supplicant/hostapd extensions can be used
to test IEEE 802.11 functionality in other devices.
Signed-off-by: Jouni Malinen <j@w1.fi>
These test cases do not really verify any specific DUT behavior
automatically, i.e., these are here to generate sniffer captures for
manual analysis.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The previous designed worked since wpa_supplicant did not track pending
request state. With such tracking added, this test case needs to make
sure there is a pending operation when injecting the invalid response.
Signed-off-by: Jouni Malinen <j@w1.fi>
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases. In addition, add a shell script (update.sh) and the
needed CA files to automate this full update process.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new wpa_supplicant network parameter group_mgmt can be used to
specify which group management ciphers (AES-128-CMAC, BIP-GMAC-128,
BIP-GMAC-256, BIP-CMAC-256) are allowed for the network. If not
specified, the current behavior is maintained (i.e., follow what the AP
advertises). The parameter can list multiple space separate ciphers.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
There was a race condition on the sequence where iface.AbortScan() is
immediately followed by iface.Scan(). If the driver event
(NL80211_CMD_SCAN_ABORTED) arrived after the following new scan request,
the D-Bus operation failed. This is not what this test case is trying to
check, so wait for an indication of the previous scan having terminated
properly before issuing the next scan.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The STA can get disconnected event before the AP processed the
deauthentication frame, resulting in GET_FAIL command being sent too
early. Fix this by waiting for AP-STA-DISCONNECTED on AP side, too.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Import vht_supported from test_ap_vht to fix the following issue:
rrm_beacon_req_table_vht run failed: global name 'vht_supported' is not defined
Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
This makes it easier to post-process frame capture files if frames need
to be decrypted in test cases that do not configure wlantest with the
PMK directly (i.e., mainly the cases when a RADIUS server is used).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Wait for the configuration step to complete before forcefully
terminating DPP listen. Previous version was causing failures for this
test case sequence:
dpp_qr_code_auth_initiator_enrollee dpp_pkex_config2
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
On slow machines or inside VM it may take some time for "DISCONNECTED"
event to arrive. Since the retry delay counter is started already, it
may result in less than 5 seconds time between "DISCONNECTED" and
"CONNECTED" events.
Fix the test by taking more accurate timestamps between the events.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Previously p2p_channel_drv_pref_* tests would fail
if dedicated P2P device is used, since the SET commands
were sent to incorrect interface.
Fix this by using a global control interface instead.
Signed-off-by: Adiel Aloni <adiel.aloni@intel.com>
We capture the dmesg that contains everything, but if a test
causes a kernel crash we will miss all logging at higher levels
like debug. Change the printk level to catch all of that too.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Lockdep no longer prints "INFO:" but now prints "WARNING:".
Also add the "*** DEADLOCK ***" string it usually prints so
if it changes again we can keep finding that string.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This test case verifies that both wpa_supplicant and hostapd are adding
a PMKSA cache entry based on FILS shared key authentication using ERP.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
sigma_dut can end up setting ignore_old_scan_res=1 and that can result
in some of the consecutive test cases failing. Fix this by explicitly
clearing ignore_old_scan_res after sigma_dut cases that may have ended
up setting the parameter.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is now needed from the control interface since the hardcoded
default value has been removed from the implementation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Introduction of the new base64 helper function changed the backtraces
for these OOM test cases and resulted in test failures. Update the test
scripts to work with the new implementation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It was possible for the BTM Request with no matching BSSIDs to cause
wpa_supplicant-initated roam to a better BSS (5 GHz band preferred) when
finding the second AP in a scan started by that BTM Request. This could
make the following step in the test case fail. Fix this by asking
another channel to be scanned to postpone discovery of the other AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
This makes it easier to synchronize log entries in the kernel log
(seconds from boot) and wpa_supplicant/hostapd (UNIX timestamp).
Signed-off-by: Jouni Malinen <j@w1.fi>
These test cases depend on ERP processing to reach the get_emsk handler
function. Since ERP really needs the realm to derive a proper
keyName-NAI, modify these test cases to pass the realm part in the
identity to allow error checking to be introduced for rejecting ERP
cases where the realm is not available.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The previous fix to the OCSP request construction ended up finally
moving from SHA-1 -based hash to SHA-256 for OCSP test cases. To
maintain coverage for SHA-1, add cloned versions of the two test cases
so that both SHA-256 and SHA-1 cases get covered.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Fix the openssl ocsp command line and check if it returns an error - so
that instead of having something unusable later we error out
immediately. Moving the -sha256 argument earlier fixes hash function use
for the OCSP request generation (the old version used SHA-1).
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This updates the AP-to-AP keys to the longer form and OOM test case
functions to match the new implementation.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
The cfg80211 connect command extension to allow roaming request from
user space while connect was added to the kernel, so uncomment the
previously commented out TODO item to verify this behavior.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It was apparently possible for the P2P_FIND operation to terminate
before the peer device was found. Increase the timeout to avoid this.
Signed-off-by: Jouni Malinen <j@w1.fi>
This function got renamed, so need to update the OOM test case to use
the new function name when matching backtrace information.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It was possible for the cfg80211 regulatory code to get confused if the
disconnection and user hint to set country code to 00 happened
immediately after the BTM-initiated roam. The country IE update seemed
to be performed just before the 00 user hint and that resulted in
cfg80211 intersecting the regulatory domains instead of clearing to 00.
This resulted in the following test cases being unable to set the
country code.
This happened with the following test case sequence:
wnm_bss_tm_scan_needed_e4 wnm_bss_tm_scan_not_needed
Signed-off-by: Jouni Malinen <j@w1.fi>
This is a test for a RANN functionality defined in IEEE Std 802.11-2016
14.10.12 Root announcement (RANN) mechanism.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
If wmediumd changes its SNR model, these tests need to be modified (ex.
previously SNR = 0 means disconnection, on the new model, SNR should be
-10 for disconnection). So use error probability model not to be
influenced by SNR model change.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Some wmediumd test cases requires new wmediumd features (mdified SNR
table, location-based config, and log levels). The wmediumd 0.2 does not
have these features, so skip such test cases with versions below 0.3.1.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Add success_expected argument to test_connectivity because the function
is expected to fail in some test cases.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
This test case verifies that the specified channel is included in the
consecutive p2p_find scan iterations.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add a test for the configuration knobs exposed in the previous
patch; more precisely, add a test that creates an 80 MHz VHT
network through wpa_supplicant (without P2P).
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Verify that the AP responds to a BSS transition management query that
includes candidates unknown to the AP.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
The cellular data preference ANQP element subtype is now 2, so
fix the command to query the MBO cellular data preference.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Use a non-existing directory in the path to avoid SQLite from being able
to create a new database file. The previous design worked in the VM case
due to the host file system being read-only, but a bit more is needed
for the case when this is running on the host.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Use the new hostapd.add_ap() API (i.e., pass the ap device as a
parameter instead of the interface name) in beacon report tests to
make them remote compatible, and mark them appropriately.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Use a local variable for the STA address instead of fetching it
separately for each operation. Dump control interface monitor events
between each test message to avoid increasing the socket output queue
unnecessarily.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The second AP is not really needed in this test case that verifies
parsing of various different BSs Transition Management Request frame
payloads.
Signed-off-by: Beni Lev <beni.lev@intel.com>
wnm_bss_tm_global uses an unknown country code to use Table E-4. Extend
that with otherwise identical test case wnm_bss_tm_global4, but with the
country string explicitly indicating use of Table E-4 while using a
known country code.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
OpenSSL.SSL.Connection.state_string() was replaced with
get_state_string() in pyopenssl. Add workaround code to be able to use
either of these names.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The send_eapol() calls for delivering frames to wpa_supplicant had a
copy-paste bug from the earlier hostapd cases. These were supposed to
use the BSSID, not the address of the station, as the source address.
The local address worked for most cases since it was practically
ignored, but this could prevent the race condition workaround for
association event from working. Fix this by using the correct source
address (BSSID).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This verifies both the internal and external GSM authentication
operation when EAP-SIM is tunneled within EAP-TTLS/PEAP/FAST.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The test step for concurrent HTTP connections seems to be failing quite
frequently when running in a virtual machine with run-tests.py (but not
that much with kvm and vm-run.sh). The failures are due to only 8 or 9
sockets getting a response from the HTTP server. This is sufficient for
testing purposes, to drop the pass criterium from 10 to 8 concurrent
connections. This avoids unnecessary test failures and also allows the
rest of the test case to be performed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes proxyarp_open_ebtables and proxyarp_open_ebtables_ipv6 return
SKIP cleanly if the ebtables binary is not installed or does not work.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Wait one more second to make the test case less likely to fail while
still being able to verify that interim updates are performed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This test case was mistakenly leaving the country code FI configured at
the end which could result in issues with the following test cases. Fix
this by explicitly clearing the country code back to world roaming 00 at
the end of wpas_config_file.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Try the initial scan on the operating channel twice before claiming a
test failure. It is possible for an active scan to fail to see the GO
especially if running the test under heavy load.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
There is now one fewer direct allocation call in this function, so the
counters need to be updated to avoid test failures.
Signed-off-by: Jouni Malinen <j@w1.fi>
This verifies that the temporary STA entry timeout limit does not end up
breaking comeback_delay tests with values larger than five seconds.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This test case was triggering false failures with hostapd build that did
not include TEST_* commands.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is a regression test case for SIGSEGV in
wpa_supplicant_remove_iface() if the main interface is removed while a
separate mesh interface is in use.
Signed-off-by: Jouni Malinen <j@w1.fi>
The flush_scan_cache() operations in the finally part of these test
cases ended up getting called when the mesh group was still operating.
This could result in unexpected behavior due to offchannel scan being
performed before the device becomes idle. Clean this up by explicitly
removing the mesh group before cleaning up.
Signed-off-by: Jouni Malinen <j@w1.fi>
This kernel debugging option adds multiple seconds of extra latency to
interface removal operations. While this can be worked around by
increasing timeouts in number of test cases, there does not seem to be
any clean way of working around this for PMKSA cacheching test with
per-STA VIFs (e.g., pmksa_cache_preauth_vlan_used_per_sta_vif).
To avoid unnecessary test failures, remove CONFIG_DEBUG_KOBJECT_RELEASE
from the default config. If someone wants to test with this kernel debug
option, it can be enabled for custom kernel builds while understanding
that it can result in false failure reports and significantly extended
time needed to complete full testing run.
Signed-off-by: Jouni Malinen <j@w1.fi>
If the kernel is built with CONFIG_DEBUG_KOBJECT_RELEASE=y, the cleanup
steps were taking so long that these test cases could fail.
Fix this by increasing the timeout to avoid reporting failures.
Signed-off-by: Jouni Malinen <j@w1.fi>
If the kernel is built with CONFIG_DEBUG_KOBJECT_RELEASE=y, the hostapd
termination event for the wlan3 interface may be delayed beyond the
previous five second timeout. This could result in the test case failing
and the following test case failing as well due to the separate hostapd
process being still in the process of cleaning up.
Fix this by increasing the timeout to avoid forcing test termination in
such cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is useful for now since the IPv6 support for proxyarp is not yet
included in the upstream kernel. This allows the IPv4 test cases to pass
with the current upstream kernel while allowing the IPv6 test cases to
report SKIP instead of FAIL.
Signed-off-by: Jouni Malinen <j@w1.fi>
This describes example steps on how to get the VM testing setup with
parallel VMs configured with Ubuntu Server 16.04.1.
Signed-off-by: Jouni Malinen <j@w1.fi>
rrm_link_measurement and rrm_link_measurement_oom test cases were
causing incorrect failures when executed with a kernel version that does
not modify mac80211_hwsim to support TX power insertion. Fix this by
checking for that capability and skipping the test cases if the kernel
does not support this.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is a regression test for comeback delay values larger than
GAS_QUERY_TIMEOUT_PERIOD causing timeouts for the query.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
When fixing the TK clearing on Authentication frame RX, an issue in
getting unicast frames through after re-joining the IBSS was hit. It is
not exactly clear why this happens, but the unicast frame from the STA
that re-joined the network gets lost in the frame reorder buffer of the
STA that remains in the network.
For now, this disables HT to avoid a strange issue with mac80211
frame reordering during the final test_connectivity() call. Once that is
figured out, these disable_ht=1 calls should be removed from the test
case.
Signed-off-by: Jouni Malinen <j@w1.fi>
It looks like the previous mechanism for catching older tshark versions
for EAPOL-Key key info field was not sufficient. Fix that to cover the
version used in Ubuntu 14.04.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add a new test that tests connectivity between two stations that
can't reach each other directly in the mesh, but need forwarding
on another station to talk to each other.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
The request from the AP was encoded incorrectly for this test case and
an active scan was requested instead of the passive one that was
supposed to be used here.
Signed-off-by: Jouni Malinen <j@w1.fi>
Replace the TEST_ALLOC function wpas_beacon_rep_no_results with an
earlier function in the backtrace and wpabuf_resize() in preparation to
a code change that allows the compiler to optimize out
wpas_beacon_rep_no_results().
Signed-off-by: Jouni Malinen <j@w1.fi>
The channel switch command is intended for the GO interface, but
it was not sent on the group control interface. For configurations
that use a separate interface for P2P groups, this will fail the test.
Fix this by sending the channel switch command on the group control
interface and waiting for the channel switch event on the group
control interface.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
For some reason, a potential OOM in hostapd_config_read_wpa_psk() and
hostapd_derive_psk() were missed in --codecov runs during the main
iteration loop. Cover these specific cases with separate instances to
avoid missing coverage.
Signed-off-by: Jouni Malinen <j@w1.fi>
This extends previous ap_vht160_no_dfs test case coverage by running the
same test case with each of the possible HT primary channel
alternatives.
Signed-off-by: Jouni Malinen <j@w1.fi>
This file is used only by hostapd_cli and wpa_cli and neither of those
are currently included in code coverage reporting. Avoid dropping the
coverage numbers by code that cannot be reached due to not being
included in the programs that are covered.
Signed-off-by: Jouni Malinen <j@w1.fi>
5745 MHz was added as an allowed short range device range in
wireless-regdb for DE which made this test case fail. Fix it for now by
using SE instead of DE for the second part of the test case.
Signed-off-by: Jouni Malinen <j@w1.fi>
It is possible for wireless-regdb to include a 160 MHz channel, but with
DFS required. This test case need the regulatory information to allow
160 MHz channel without DFS. Fix false failures by skipping the test if
this exact combination is not found.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wireshark renamed eapol.keydes.key_info to
wlan_rsna_eapol.keydes.key_info and that broke this test case when
upgrading Wireshark. Fix this by trying to use both the new and the old
name.
Signed-off-by: Jouni Malinen <j@w1.fi>
Something broke eap_fast_tlv_nak_oom when moving from Ubuntu 14.04 to
16.04. OpenSSL.SSL.Connection() state_string() returns None in these
cases and the debug log prints for that were causing the case to fail.
For now, work around this by checking whether the state string is None
before trying to print it.
Signed-off-by: Jouni Malinen <j@w1.fi>
This makes the debug log easier to understand and avoids leaving large
number of pending messages into the wpa_supplicant control interface
sockets.
Signed-off-by: Jouni Malinen <j@w1.fi>
It does not look like BoringSSL allows pbeWithMD5AndDES-CBC to be used
to protect the local private key, so skip this test case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This test case verifies that SD Response frame does not block the
following remain-on-channel operation unnecessarily long.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
HT cannot be used with WEP-only network, so don't try to do that here.
This get rids of some unnecessary Beacon frame updates during
disassociation/association and can make the test case a bit more robust.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The previous PeerKey test cases did not actually verify in any way that
the SMK and STK exchanges were completed since mac80211 does not support
setting the key from STK. Use a sniffer check to confirm that the
exchanges complete to avoid PeerKey regressions like the ones fixed in
the last couple of commits.
Signed-off-by: Jouni Malinen <j@w1.fi>
The FILS ANQP-element changes made couple of the generic ANQP test steps
fail. Update this to ignore the special FILS cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
The sta2.scan() calls were performing full scan of all channels and
reporting only the BSS entry that happened to be the first one in the
wpa_supplicant list. This is problematic since it is possible that the
target AP was not found and incorrect BSS was selected and used for
setting scan_freq which made the connection fail. Furthermore, there is
no need to use full scan for these test cases, so use a single channel
scan instead.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Use P2P listen mode on dev[1] to speed up GO Negotiation and explicitly
wait for successfully completed GO Negotiation to make the failure cases
clearer. Previously, it was possible for the GO Negotiation to fail and
execution to go to the tshark check even when no GO Negotiation Confirm
frame was sent.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
There is no need to attach the monitor interface was events when issuing
only a single INTERFACES command.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It is possible for the P2P-GROUP-STARTED event to get delayed more than
one second especially when the GO Negotiation responder becomes the P2P
Client and the system is heavily loaded. Increase the default timeout
for the expected success case from 1 to 5 seconds to avoid failing test
cases that would have succeeded if given a bit more time to complete the
exchange.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It was apparently possible to get a propertiesChanged event from an
earlier test case with an empty Groups property. That ended up this case
exiting immediately before running through the steps and consequently,
failing due to missed operations. Make this less likely to happen by
accepting the Groups property emptying event only after a group has been
added for a peer first.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Check whether the unexpected BSS entry is based on having received a
Beacon frame instead of Probe Response frame. While this test case is
using a huge beacon_int value, it is still possible for mac80211_hwsim
timing to work in a way that a Beacon frame is sent. That made this test
case fail in some rare cases. Fix this by ignoring the BSS entry if it
is based on Beacon frame instead of Probe Response frame.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Local key generation for FT-PSK does not use the AP-to-AP protocol and
as such, setting pmk_r1_push=1 is a bit confusing here since it gets
ignored in practice. Remove it to keep the test case easier to
understand.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It was possible for ap_wps_per_station_psk_failure to leave behind scan
entries with active PBC mode if cfg80211 BSS table. This could result in
a following test case failing due PBC overlap. Fix this by clearing the
cfg80211 BSS table explicitly.
This was found with the following test case sequence:
ap_wps_per_station_psk_failure autogo_pbc
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Work around the mac80211_hwsim limitation on channel survey by forcing
the last connection to be on 2.4 GHz band. Without this, wpas_ap_acs
would have failed to start the AP if the previous test case used the 5
GHz band.
Signed-off-by: Jouni Malinen <j@w1.fi>
There has been number of failures from this test case due to the
MESH-SAE-AUTH-FAILURE event from dev[0] and dev[1] arriving couple of
seconds after the one second timeout after the dev[2] events. This does
not look like a real issue, so increase the timeout to five seconds to
make this less likely to show false failures during testing.
Signed-off-by: Jouni Malinen <j@w1.fi>
If wpa_state is left to SCANNING by a previously executed test case,
scan_trigger_failure will fail. Instead of waiting for that failure,
check for wpa_state at the beginning of the test case and report a more
helpful error message if the test case would fail due to a previously
executed test case.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add two tests that check if the kernel BSS leak (when we get a deauth or
otherwise abandon an association attempt) is present in the kernel. This
is for a long-standing cfg80211/mac80211 issue that got fixed with the
kernel commit 'cfg80211/mac80211: fix BSS leaks when abandoning assoc
attempts'.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
The final check in this test case was issuing a new P2P_FIND command
immediately after the P2P_SERVICE_DEL command on the peer. It looked
like it was possible for the scan timing to go in a sequence that made
the new P2P_FIND operation eventually accept a cfg80211 BSS entry from
the very end of the previous P2P_FIND. This resulted in unexpected
P2P-DEVICE-FOUND event even though there was no new Probe Response frame
from the peer at that point in time.
Make this less likely to show unrelated failures by waiting a bit before
starting a new P2P_FIND operation after having changes peer
configuration.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
These test cases verify that there is no duplicate processing of P2P
Action frames while operating in a P2P group.
Signed-off-by: Jouni Malinen <j@w1.fi>
This extends the ap_wds_sta test case to cover post-reassociation case
(both with and without Authentication frame exchange) and add similar
test cases to cover open and WEP cases in addition to this existing
WPA2-PSK test case.
These cover functionality testing for the previous fix in
reassociation-without-new-authentication case. In addition, these find a
new mac80211 issue for the WEP + 4addr combination.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Verify that AP does not break PMF-enabled connection due to injected
Authentication frame. This is a regression test for
NL80211_FEATURE_FULL_AP_CLIENT_STATE changes resulting in dropping the
key in such a case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The optional "-m <multi.dat>" command line option can now be used to
specify a data file that can include multiple management frames with
each one prefixed with a 16-bit big endian length field. This allows a
single fuzzer run to be used to go through multi-frame exchanges. The
multi.dat file shows an example of this with Probe Request frame,
Authentication frame, Association Request frame, and an Action frame.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It was possible for the first wt.clear_bss_counters(bssid) call to fail
the test if timing worked out in a way that the wlantest process had not
received any Beacon frames from the first AP. Run a directed scan for
both of the BSSs before starting the test validation steps to make sure
such a case cannot fail this test case.
Signed-off-by: Jouni Malinen <j@w1.fi>
The kernel commit 'mac80211: filter multicast data packets on AP /
AP_VLAN' started filtering out the test frame used in
ap_vlan_without_station and that resulted in false failures. For now,
ignore that "error" case to avoid claiming failures when the kernel is
doing what it is expected to do.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the new FILS test cases to be executed automatically when a
recent enough kernel version is used.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The extension of aes_128_ctr_encrypt() to allow AES-192 and AES-256 to
be used in addition to AES-128 for CTR mode encryption resulted in the
backtrace for the function calls changing. Update the test cases that
started failing due to that change.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This test case did not clear sched_scan_plans if alloc_fail() resulted
in skipping the test case. This would result in the following
autoscan_exponential and autoscan_periodic test cases failing.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
In case that a dedicated P2P Device interface is used, a new interface
must be create for a P2P group. Thus, in order to send mgmt
frames, attach a new WpaSupplicant object to the newly created group
and use this object for sending the frames.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Use the global control interface to remove P2P networks in
persistent_group_peer_dropped3 to support configurations that use a
dedicated P2P Device interface.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
For configurations that use a dedicated P2P Device interface, which
mandates that a separate interface is used for the P2P group, vendor
specific IE's must be added to the VENDOR_ELEM_P2P_* frame types in
order to be used by the P2P group interface. The VENDOR_ELEM_ASSOC_REQ
(13) parameter would need to be issued on the group interface which
would be challenging to do due to timing in case a separate group
interface gets used.
In case a dedicated P2P Device interface is used, don't include a test
for VENDOR_ELEM_ASSOC_REQ to avoid failing this part of the test case.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
This test case could have ended with the station devices still in US
regulatory domain and that could make a following test case fail in some
sequences. For example, "ap_track_taxonomy ibss_5ghz" sequence made
ibss_5ghz fail to see the regdom change event since there was not one
due to the US country code already being in use at the beginning of the
test case. Fix this by clearing the country code at the end of
ap_track_taxonomy.
Signed-off-by: Jouni Malinen <j@w1.fi>
The reason_detail field was removed from the implementation, so the test
cases need matching changes.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add testcase to verify a failed reconnect attempt due to authentication
timeout blacklists the correct AP. Driver capabilities are forced to
non-SME and driver roaming (BSS selection) mode.
Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
Add testcase to verify failed roaming attempt due to authentication
timeout blacklists the correct AP. Roaming attempt is performed
with the reassociate command and bssid_set=1. Driver capabilities
are forced to non-SME and driver roaming (BSS selection) mode.
Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
Clear wpa_supplicant scan cache before starting these test cases since
the ROAM command depends on the correct BSS entry being found.
scan_for_bss() does not enforce that correct entry to be present if
there was an earlier BSS entry with the same BSSID.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This moves the wpa_supplicant debug entries from the end of a test case
using a dynamically added wlan5 interface to the correct test case,
i.e., the test case that added the interface instead of whatever test
case happens to follow this.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Some tests call the check_qos_map() function more than once. Make sure
each test sets up wlantest only once before the first time the function
is called.
The wlantest setup sets the channel for the wlantest interface and
executes the wlantest executable. It is more efficient to do that only
once for each test.
Signed-off-by: Jonathan Afek <jonathanx.afek@intel.com>
Some operations take longer time on real hardware than on hwsim. This
commit increases two timeouts so that the tests will pass on real
hardware, too.
Signed-off-by: Jonathan Afek <jonathanx.afek@intel.com>
Use increased timeouts for connect and disconnect since these operations
take a longer time on real harware than they do on hwsim.
Signed-off-by: Jonathan Afek <jonathanx.afek@intel.com>
It looks like the attempt to read the process id from a PID file can
return empty data. This resulted in kill_pid() failing to kill the
process and all the following FST test cases using the extra interface
failing. While the PID file is really supposed to have a valid PID value
when we get this far, it is better to try multiple times to avoid
failing large number of test cases.
The current os_daemonize() implementation ends up calling daemon() first
and then writing the PID file from the remaining process that is running
in the background. This leaves a short race condition where an external
process that started hostapd/wpa_supplicant could end up trying to read
the PID file before it has been written.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 2d6a526ac3 ('tests: Make
ap_wps_er_http_proto more robust') tried to work around the timeouts
here, but that was not really the best approach since the one second
timeout that was used here for connect() ended up being very close to
the limit even before the kernel change. The longer connect() time is
caused by a sequence where the listen() backlog ignores the connection
instead of accept() followed by close() within the wpa_supplicant ER
HTTP connection handling. The time to retransmit the SYN changed a bit
in the kernel from 1.0 sec to about 1.03 sec. This was enough to push
that over the one second timeout.
Fix this by using a sufficiently long timeout (10 sec) to allow SYN
retransmission to occur to recover from the listen() backlog case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It looks like connect() for a TCP socket can time out at least with a
recent kernel. Handle that case more gracefully by ignoring that socket
while allowing the test to continue.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It looks like it is possible for the separate started wpa_supplicant
process to remain running after a test case like fst_sta_config_default.
This would result in failures to run any following test case that uses
the wlan5 interface. Try to kill the process more thoroughly by waiting
for the PID file to show up and write more details into the logs to make
it easier to debug issues in this area.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Use a smaller fragment_size to force the roundtrip limit to be reached
with OpenSSL 1.1.0 which seemed to result in a bit shorter TLS messages
being used and being able to complete the authentication successfully
with the previously used fragment_size value.
Signed-off-by: Jouni Malinen <j@w1.fi>
The bssid argument was missing from couple of test cases. While this is
clearly incorrect, it looks like the error did not really cause any
significant issues to the test case. Anyway, better provide the correct
set of arguments to the call.
Signed-off-by: Jouni Malinen <j@w1.fi>