Commit graph

7931 commits

Author SHA1 Message Date
Simon Baatz
c70c37500b SCARD: Fix GSM authentication on USIM
scard_gsm_auth() used SIM_CMD_GET_RESPONSE for both SIM and USIM. Convert
the command into USIM_CMD_GET_RESPONSE for USIM.

Since commit eb32460029 ("Fix switching from EAP-SIM to EAP-AKA/AKA'")
EAP-SIM is using the USIM if available. This triggers a probably ancient
bug in scard_gsm_auth(), which results in sending the wrong get response
command to the USIM. Thus, EAP-SIM stopped to work after this change on
USIMs that expect the proper command.

Signed-off-by: Simon Baatz <gmbnomis@gmail.com>
2014-05-16 01:01:25 +03:00
Jouni Malinen
d352c407e3 tests: Verify that WPS operation report failure if WPS is disabled
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-16 00:58:48 +03:00
Petar Koretic
c78c6b73fa WPS: Fix return value when context is not valid
If WPS isn't enabled, hostapd_cli returns 'OK' even though WPS doesn't
get activated because WPS context is not valid:

$ hostapd_cli wps_pbc
Selected interface 'wlan0'
OK

$ hostapd_cli wps_cancel
Selected interface 'wlan0'
OK

Fix this by returning appropriate error when WPS fails to activate:

$ hostapd_cli wps_pbc
Selected interface 'wlan0'
FAIL

$ hostapd_cli wps_cancel
Selected interface 'wlan0'
FAIL

Signed-off-by: Petar Koretic <petar.koretic@sartura.hr>
CC: Luka Perkov <luka.perkov@sartura.hr>
2014-05-16 00:58:48 +03:00
Jouni Malinen
4ef7053119 tests: Make GAS test cases more robust
Scan explicitly for the specific AP to work around issues where under
heavy CPU load, the single active scan round may miss the delayed Probe
Response from the AP. In addition, verify that ANQP_GET commands succeed
to make error cases clearer in the log.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-16 00:30:40 +03:00
Jouni Malinen
3051c9866b tests: Verify P2P GO Negotiation wait-for-ready timeout
This verifies that the wait for peer to be ready for GO Negotiation is
timed out properly at no less than 120 seconds. Since this is a long
test case, it is disabled by default without the --long option.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 23:58:10 +03:00
Rashmi Ramanna
388444e8d6 P2P: Modify the timeout for GO Negotiation on no concurrent session
Peer should handle a GO Negotiation exchange correctly when the
responding device does not have WSC credentials available at the
time of receiving the GO Negotiation Request. WSC Credentials
(e.g., Pushbutton) can be entered within the 120 second timeout.

Presently, if concurrent session is not active, the peer would wait for
GO Negotiation Request frame from the other device for approximately one
minute due to the earlier optimization change in commit
a2d6365760. To meet the two minute
requirement, replace this design based on number of iterations with a
more appropriate wait for the required number of seconds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 23:57:00 +03:00
Jouni Malinen
7e68be38e4 P2P: Refrain from performing extended listen during PD
Extend the previous commit 0f1034e388 to
skip extended listen also based on ongoing provision discovery operation
(which does not show up as a separate P2P module state and as such, was
not coveraged by the previous commit).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 22:19:37 +03:00
Jouni Malinen
33714def3a tests: Verify P2P_FIND operation when interface gets disabled
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 21:35:09 +03:00
Jouni Malinen
e9eb648e0e P2P: Reject P2P_FIND and P2P_LISTEN on disabled interface
This makes the P2P operations behave more consistently with the SCAN
command.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 21:34:32 +03:00
Jouni Malinen
c71c241674 P2P: Clear P2P state if active interface is disabled
The radio works for the interface get removed if interface is disabled.
This could have left P2P module in invalid state if the interface got
disabled during a p2p_find or p2p_listen operation. Clear the state in
such a case to avoid blocking following operations due to P2P module
assuming it is still in progress of doing something.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 21:32:54 +03:00
Jouni Malinen
23a6d4d8df tests: Verify scan behavior when interface gets disabled
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 21:10:52 +03:00
Jouni Malinen
ad12f2f422 Add DRIVER_EVENT ctrl_iface command for testing purposes
This new command can be used to simulate driver events without having to
go through the driver wrapper or kernel code for this. This enables more
testing coverage with hwsim.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 21:09:48 +03:00
Jouni Malinen
76f999b01d tests: Show number of remaining parallel VMs
Make the parallel-vm.sh output a bit more helpful by showing a count of
running VMs.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
7e49399b6f tests: Make ap_acl_accept and ap_acl_deny more robust
Use scan_for_bss() to make sure the AP is seen even under heavy CPU
load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
487a31f355 tests: Make wpas_ctrl_bssid_filter more robust
Use scan_for_bss() to make sure the AP is seen even under heavy CPU
load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
54c20c9b43 tests: Make discovery_group_client more robust
Allow three P2P_FIND attempts for discovering the GO on a non-social
channels since the single Probe Response frame can be missed easily
under heavy CPU load.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 18:38:11 +03:00
Jouni Malinen
f6ff5160f0 wlantest: Add support for OSEN
This allows Hotspot 2.0 OSEN connection to be analyzed more
conveniently. The frames from an OSEN association can now be decrypted
using an MSK file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-15 16:56:59 +03:00
Jouni Malinen
84a4084177 tests: Make WPS test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
cbb85a0380 tests: Make ap_wpa2_eap_ttls_server_cert_hash_invalid more robust
Instead of checking for multiple EAP starts (which can occur if
EAPOL-Start from supplicant goes out quickly enough, e.g., due to CPU
load), look for the explicit message indicating that TTLS method
initialization failed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
655bc8bfd6 tests: Make FT test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP. In addition, check for ROAM/FT_DS failures to be
able to report errors more clearly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:59 +03:00
Jouni Malinen
841bed04de tests: Make HS 2.0 test cases more robust
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
814f7ac85c tests: Make scan and scan_only more robust
These can fail during heavy CPU load due to active scan dwell time not
being long enough to catch the delayed Probe Response frame from the AP.
Work around this by allowing multiple scan attempts to see the response.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
4221679233 tests: Verify P2P GO start when scan_req = MANUAL_SCAN_REQ
There was a bug in this code path that resulted in the
skip-scan-to-start-GO case to not actually skip the scan. It looks like
this could be hit at least when autoscan was enabled, but it is possible
that some other sequences could hit this as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
3e66f78914 P2P: Make sure GO start does not miss connect_without_scan
It looks like there was a possible sequence for wpa_s->scan_req to be
MANUAL_SCAN_REQ at the moment a GO is to be started. This could result
in the "Request scan (that will be skipped) to start GO" to actually not
skip the scan and end up stuck waiting for something external to trigger
a scan before the GO could be started. Fix this by clearing
wpa_s->scan_req when deciding to start the GO.

This issue could be hit at least by first enabling autoscan and then
issuing P2P_GROUP_ADD. Other sequences that set wpa_s->scan_req to
MANUAL_SCAN_REQ without going through wpa_supplicant_scan() to clear it
immediately could also have similar effect (and there is even a small
window for the wpa_supplicant_scan() call to happen only after the
P2P_GROUP_ADD command is processed, so this could potentially have
happened even with SCAN + P2P_GROUP_ADD).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
16dffef1e6 tests: Work around grpform_pbc_overlap robustness issues
Since P2P Client scan case is now optimzied to use a specific SSID, the
WPS AP will not reply to that and the scan after GO Negotiation can
quite likely miss the AP due to dwell time being short enoguh to miss
the Beaco frame. This has made the test case somewhat pointless, but
keep it here for now with an additional scan to confirm that PBC
detection works if there is a BSS entry for a overlapping AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
c7caac56b7 nl80211: Fix send_frame freq for IBSS
bss->freq was not updated for IBSS, so whatever old value was stored
from a previous AP mode operation could end up having been used as the
channel when trying to send Authentication frames in an RSN IBSS. This
resulted in the frame not sent (cfg80211 rejects it) and potentially not
being able to re-establish connection due to 4-way handshake failing
with replay counter mismatches. Fix this by learning the operating
channel of the IBSS both when join event is received and when a
management frame is being transmitted since the IBSS may have changed
channels due to merges.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:49 +03:00
Jouni Malinen
c126cb4d1c tests: Make pmksa_cache_on_roam_back more robust
The single channel scan while associated to another AP and immediately
after starting the second AP can miss the Probe Response frame
especially under heavy CPU load. Avoid false error reports by allowing
multiple scan rounds to be performed. wpas_ctrl_bssid_filter is also
modified to take into account different get_bss() behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-15 16:56:45 +03:00
Rashmi Ramanna
28fa4eb2b2 P2P: Fix scan optimization for GO during persistent group invocation
Commit 41d5ce9e0b was intended to scan for
GO on the negotiated channel for few iterations, but it did not work
correctly due to incorrect operator being used. Fix this by requiring
both conditions to be met for the single channel scan.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-13 15:49:06 +03:00
Edhar, Mahesh Kumar
7b42862ac8 P2P: Validate GO operating channel on channel list changes
On receiving CHANNEL_LIST_CHANGED event from driver, verify that local
GO (if any) is operating in valid frequency. If not, we should remove
the group and reform on valid frequency. Indicate this similarly to the
avoid-frequency notification (i.e., a control interface message for
upper layers to react to this for now; potentially CSA later).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-12 19:43:59 +03:00
Alexandru Costache
fb2ac53df1 Remove leftover timeouts on cleanup
Signed-off-by: Alexandru Costache <alexandru.costache.100@gmail.com>
2014-05-12 19:43:59 +03:00
Jouni Malinen
4162db59ae tests: DUP_NETWORK
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-05-12 19:43:59 +03:00
Dmitry Shmidt
1c330a2fdc Add 'dup_network <id_s> <id_d> <name>' command
This command allows to copy network variable from one network to
another, e.g., to clone the psk field without having to extract it from
wpa_supplicant.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2014-05-12 19:43:56 +03:00
Hannu Mallat
316f92cd33 dbus: Reorder deauthentication and cleanup calls when removing a network
Valgrind indicates reference to already freed memory if function
wpa_config_remove_network() is called prior to calling
wpa_supplicant_deauthenticate(), and this can lead to a crash.
Inverting the call order fixes the problem.

Signed-off-by: Hannu Mallat <hannu.mallat@jollamobile.com>
2014-05-12 18:05:38 +03:00
Jouni Malinen
0878241778 tests: Clear cfg80211 scan results before HT coex tests
This is needed to avoid incorrect failures based on neighboring BSSes
from earlier test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 23:01:10 +03:00
Jouni Malinen
5a0c15174b tests: UNAUTH-TLS
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
8ba89e0a32 tests: EAP-pwd with server fragmenting messages
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
f4626235de EAP-pwd server: Allow fragment_size to be configured
Previously, the fragment_size parameter was ignored and the default
value of 1020 was hardcoded.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
47a74ad81a tests: EAP-IKEv2 fragmentation
This adds a test case for the server fragmenting an EAP-IKEv2 message.
In addition, the fragmentation threshold is made shorter to trigger
fragmentation for all messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
c876dcd70f EAP-IKEv2: Allow frag ack without integrity checksum
RFC 5106 is not exactly clear on the requirements for the "no data"
packet that is used to acknowledge a fragmented message. Allow it to be
processed without the integrity checksum data field since it is possible
to interpret the RFC as this not being included. This fixes reassembly
of fragmented frames after keys have been derived.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
46e094bd6f tests: EAP-FAST and missing PAC configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
c6ab1cdbc5 tests: EAP-FAST using binary PAC file format
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 22:47:25 +03:00
Jouni Malinen
4b2d209824 tests: EAP-pwd with invalid group
This could result in wpa_supplicant segmentation fault prior to the
EAP-pwd fix for error case handling.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
0f73c642cc EAP-pwd: Fix processing of group setup failure
If invalid group was negotiated, compute_password_element() left some of
the data->grp pointer uninitialized and this could result in
segmentation fault when deinitializing the EAP method. Fix this by
explicitly clearing all the pointer with eap_zalloc(). In addition,
speed up EAP failure reporting in this type of error case by indicating
that the EAP method execution cannot continue anymore on the peer side
instead of waiting for a timeout.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
cb4ac38b15 tests: Fix scan_bss_operations
The BSS id numbers were assumed to start from 0 at the beginning of this
test case, but that is only the case if this is run as the first test
after starting wpa_supplicant. Fix the test case to figure out the id
values dynamically to avoid false errors.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
e2a90a4c79 tests: EAP-SIM/AKA configuration parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:24:05 +03:00
Jouni Malinen
13e2574f7d EAP-pwd peer: Export Session-Id through getSessionId callback
EAP-pwd was already deriving the EAP Session-Id, but it was not yet
exposed through the EAP method API.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:22:55 +03:00
Jouni Malinen
cfdb32e88f eapol_test: Check EAP-Key-Name
The new command line argument -e can be used to request the server to
send EAP-Key-Name in Access-Accept. If both the local EAP peer
implementation and server provide the EAP Session-Id, compare those
values and indicate in debug log whether a match was seen.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:22:37 +03:00
Jouni Malinen
251c53e084 RADIUS: Define EAP-Key-Name
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 21:10:03 +03:00
Jouni Malinen
5b1aaf6cfb tests: EAP-SIM/AKA/AKA' with SQLite
Extend EAP-SIM/AKA/AKA' test coverage by setting up another
authentication server instance to store dynamic SIM/AKA/AKA' information
into an SQLite database. This allows the stored reauth/pseudonym data to
be modified on the server side and by doing so, allows testing fallback
from reauth to pseudonym/permanent identity.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 17:57:28 +03:00
Jouni Malinen
04cad507e1 EAP-SIM peer: Fix counter-too-small message building
The extra data (nonce_s) used in this message was pointing to the
parsed, decrypted data and that buffer was previously freed just before
building the new message. This resulted in use of freed data and
possibly incorrect extra data value that caused the authentication
attempt to fail. Fix this by reordering the code to free the decrypted
data only after the new message has been generated. This was already the
case for EAP-AKA/AKA', but somehow missing from EAP-SIM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-11 17:57:28 +03:00