Commit graph

8314 commits

Author SHA1 Message Date
Jouni Malinen
afa2ffb413 SAE: Check Status Code in Authentication frames
While other authentication algorithms mark Status Code as being Reserved
in the case of the transaction number 1, SAE does not. Check that the
Status Code indicates success before creating SAE state. In addition,
fix the mesh anti-clogging token request parsing on big endian CPUs.

Transaction number 2 (confirm) can also have non-zero Status Code to
report an error. Those should be processed, but not replied to with yet
another error message. This could happen in mesh case. Avoid a loop of
error messages by dropping the non-success case without additional
response.

In addition, don't reply to unknown transaction numbers if the status
code is non-zero. This avoids a loop of error messages if an invalid
frame where to be injected (or unlikely corruption were to occur).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-15 00:06:56 +02:00
Jouni Malinen
d48b64ba6c tests: Use helper function for adding open mesh network
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 23:34:43 +02:00
Jouni Malinen
7e3614df5c tests: Mesh with dynamic interface
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 23:28:36 +02:00
Masashi Honma
5b78493f3b mesh: Add mesh interface creation command for mesh gate
The mesh gate is used to bridge (or route) between mesh network and
another network. For example, mesh gate acts as router between mesh
network and IEEE 802.11 BSS network.

This command makes a virtual mesh interface to be used for mesh gate.

This command expects to be used like this.

wpa_cli -i wlan0 MESH_INTERFACE_ADD ifname=mesh0
wpa_cli -i mesh0 add_network
wpa_cli -i mesh0 set_network 0 ssid '"commell_2X_mmm"'
wpa_cli -i mesh0 set_network 0 mode 5
wpa_cli -i mesh0 set_network 0 frequency 2412
wpa_cli -i mesh0 set_network 0 key_mgmt SAE
wpa_cli -i mesh0 set_network 0 psk '"01234567"'
wpa_cli -i mesh0 mesh_group_add 0
wpa_cli -i wlan0 mesh_group_remove mesh0

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-14 23:27:43 +02:00
Jouni Malinen
bd0b620371 SAE: Add sae_group to AP/mesh mode STA ctrl_iface data
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 20:14:33 +02:00
Jouni Malinen
e77007132e Extend wpa_supplicant STA* ctrl_iface commands for mesh
Since mesh functionality uses struct hostapd_data to maintain peer
state, the existing STA* control interface commands can be used to
display information about the peers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 20:14:30 +02:00
Jouni Malinen
5881873b86 tests: Make pmksa_cache_opportunistic_connect more robust
Use scan_for_bss() instead of scan(freq) to avoid false positives due to
active scan failing under heavy load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 19:15:48 +02:00
Jouni Malinen
7781da6b2b Remove unused find_first_bit()
This was used only for the VHT capability checks for determining bit
offset for right shift. That was replaced with a constant defines since
there is no need to calculate this at runtime.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 19:01:25 +02:00
Jouni Malinen
9ae52e7034 Clean up VHT configuration validation
There is no need to use runtime call to find_first_bit() to determine
shift amount for a constant integer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 19:00:38 +02:00
Jouni Malinen
b0f33467a5 Clean up VHT override max A-MPDU override calculation
There is no need to use runtime call to find_first_bit() to determine
shift amount for a constant integer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 18:48:59 +02:00
Led
2797486c4f Fix bashisms in wps-ap-cli script
Option '-p' of 'read' command may be unsupported in some POSIX-complete
shells. So replace 'read -p' with 'echo -n'/'read' pair.

Signed-off-by: Oleksandr Chumachenko <ledest@gmail.com>
2014-12-14 18:27:54 +02:00
Jörg Krause
33c7eb810a wext: Fix musl build error
Building wpa_supplicant with the musl C library fails since musl does
not define type names such as '__uint32_t'. To support building
wpa_supplicant with the musl C library use the integer types declared in
the ISO C standard header file <stdint.h>.

Signed-off-by: Jörg Krause <jkrause@posteo.de>
2014-12-14 18:05:32 +02:00
Rafał Miłecki
7c4027f604 nl80211: Report new station / assoc event for the correct BSS
drv->ctx always points to the first BSS and we should report event using
BSS related to the interface we got NL80211_CMD_NEW_STATION from.
This fixes STA association for drivers using NL80211_CMD_NEW_STATION and
multiple virtual interfaces.

Before:
nl80211: Drv Event 19 (NL80211_CMD_NEW_STATION) received for wlan0-1 (ifindex:7)
nl80211: New station 02:00:00:00:01:00
wlan0: STA 02:00:00:00:01:00 IEEE 802.11: associated

After:
nl80211: Drv Event 19 (NL80211_CMD_NEW_STATION) received for wlan0-1 (ifindex:7)
nl80211: New station 02:00:00:00:01:00
wlan0-1: STA 02:00:00:00:01:00 IEEE 802.11: associated

This is not applicable to the cases where authentication (AP SME & MLME)
is in hostapd and hostapd_assoc_cb() instead of hostapd_notif_assoc()
handles BSS selection.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2014-12-14 17:29:26 +02:00
Arkadiusz (Arkq) Bokowy
7b244d577a wpa_gui: Quiet mode - disable tray icon messages
If tray icon messages are perceived as disturbing, one can pass `-q`
parameter on the command line to disable them permanently.

Signed-off-by: Arkadiusz Bokowy <arkadiusz.bokowy@gmail.com>
2014-12-14 17:26:42 +02:00
Arkadiusz (Arkq) Bokowy
2087b64fef wpa_gui: More informative tray icon tool tip message
Show associated network SSID in the tool tip message of the
application's tray icon. When network is not associated, then simple
"(not-associated)" message is shown.

Signed-off-by: Arkadiusz Bokowy <arkadiusz.bokowy@gmail.com>
2014-12-14 17:23:43 +02:00
Jouni Malinen
acb63c753b tests: SAE with missing password
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 17:09:14 +02:00
Jouni Malinen
81648d0041 SAE: Report connection failure if SME cannot build auth frame
Instead of just stopping connection process and network discovery,
report SAE failures to build Authentication frames (e.g., due to missing
password) as a connection failure to get the normal retry mechanism into
use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 16:48:38 +02:00
Jouni Malinen
0e40d7daa4 tests: ERP when server has dropped the keys
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
ce460118a8 ERP: Drop ERP keys on failure on the peer
This allows recovery through fallback to full EAP authentication if the
server rejects us, e.g., due to having dropped ERP state.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
2c6411edd0 ERP: Add ERP_FLUSH for hostapd
This can be used to drop any pending ERP key from both the internal AP
authentication server and RADIUS server use of hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
777bbe7a3c tests: P2P_PRESENCE_REQ on group interface
This ends up using the special offchannel.c code path where a different
interface is selected for TX. In addition, the P2P-PRESENCE-RESPONSE
event is verified to be delivered on the group interface.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
8e3afd7f6c offchannel: Use wpas_get_tx_interface() src parameter more consistently
Both the wpa_s->pending_action_src and src argument to
wpas_get_tx_interface() were used somewhat randomly. Make this more
consistent since these values are pointing to the same address and the
implementation is easier to understand when it is obvious that there is
only one address being used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
11ace2ed1f tests: Mesh and missing SAE password
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
fba65f7240 tests: Mesh BSS data
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 12:55:43 +02:00
Jouni Malinen
54cacef5eb tests: Mesh sae_groups configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 12:55:40 +02:00
Jouni Malinen
e9026725f7 tests: Extra coverage for command line arguments
The results for these are not currently verified, but this allows
--codecov runs to get more coverage for the command line argument
parsers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 12:24:15 +02:00
Jouni Malinen
e869f812d3 tests: DEAUTHENTICATE/DISASSCIATE/CHAN_SWITCH error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
69f9912310 tests: Additional FETCH_OSU and CANCEL_FETCH_OSU coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
568475b70b HS 2.0: Allow CANCEL_FETCH_OSU to stop at scan completion
There is no need to start the GAS/ANQP fetch if the FETCH_OSU operation
has already been canceled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
ea27f66292 tests: STOP_FETCH_ANQP
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
1eaeb7fbaa tests: P2P_UNAUTHORIZE to unauthorize a peer
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
909f13cc52 tests: Move 'SET pmf 0' from reset() to test cases
This avoids one more cleanup step between most test cases by clearing
the default PMF behavior change only in case it was actually modified
during a test.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
be9f156200 tests: Move WPS_ER_STOP from reset() to test cases
This avoids one more cleanup step between most test cases by stopping ER
only in case it was actually used during a test.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
d6b916c9db tests: WPS_ER_PBC error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
8f8c2fe8b2 tests: WPS ER restart and stop
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
f77cedc11a WPS ER: Remove unnecessary return value
wps_er_deinit() cannot fail and it does not return anything, so neither
should wpas_wps_er_stop().

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
b37dac50a2 tests: wpa_supplicant AP mode and PBC session overlap
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:02 +02:00
Jouni Malinen
6eae42f98f tests: Additional coverage for miscellaneous ctrl_iface commands
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:02 +02:00
Jouni Malinen
5407c69d15 Remove unnecessary STA_AUTOCONNECT handler function
This function could not fail and it can be replaced with a single
line variable update that takes less code than the function call.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-13 19:27:41 +02:00
Jouni Malinen
a1144000cd Remove unnecessary return value
wpa_bss_flush*() cannot fail and as such, there is no need for
wpa_supplicant_ctrl_iface_bss_flush() to return a value either.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-13 19:22:23 +02:00
Jouni Malinen
5ac73acf12 Simplify eapol_sm_get_mib() result handling
This function cannot return negative value, so no need to check for
that. If there is not enough room in the buffer or if something
unexpected happens, 0 is returned.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-13 19:15:38 +02:00
Jouni Malinen
70d29ec946 tests: Extend RRM neighbor request testing
This uses a new testing mode in hostapd to allow RRM neighbor request
transmittion to be tested. For the second part of the test case to be
executed, mac80211_hwsim needs to be modified to claim support for the
required RRM capabilities (that change is not yet in Linux kernel).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-12 21:09:32 +02:00
Jouni Malinen
a0a34d536e nl80211: Add rrm_flags to STATUS-DRIVER
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-12 21:09:11 +02:00
Jouni Malinen
0629eeb490 RRM: Add AP mode minimal advertisement support for testing
The new hostapd.conf radio_measurements parameter can now be used to
configure a test build to advertise support for radio measurements with
neighbor report enabled. There is no real functionality that would
actually process the request, i.e., this only for the purpose of minimal
STA side testing for now.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-12 20:45:31 +02:00
Jouni Malinen
357edd386f tests: Additional VENDOR_ELEM coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-12 20:12:24 +02:00
Jouni Malinen
d655bbc797 tests: DATA_TEST_* error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-12 19:33:54 +02:00
Jouni Malinen
b854d3c85d tests: EAPOL_RX failure cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-12 19:16:34 +02:00
Jouni Malinen
f157078c13 tests: DRIVER_EVENT failure case
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-12 19:08:24 +02:00
Jouni Malinen
3d9848967a tests: Additional MGMT_TX coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-12 19:05:00 +02:00
Jouni Malinen
cbdfff0a73 tests: A single BSS with multiple key management options
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-12 14:05:43 +02:00