This is a regression test for printf_encode() bounds checking issues
that can now be caught under valgrind.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, only hostapd-AP and wpa_supplicant processed were run under
valgrind when valgrind testing was enabled. Extend this to include
hostapd as authentication server.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This was still present in hostapd example configuration even though the
test driver wrapper is not used anywhere in the hwsim testing and there
are no plans of using it either.
Signed-off-by: Jouni Malinen <j@w1.fi>
These are similar to the existing test cases where PTK rekey was
triggered by the station, but here a timer on the AP is used as the
trigger.
Signed-off-by: Jouni Malinen <j@w1.fi>
This brings in a minimal pyrad-based RADIUS server to allow various
protocol tests to be run. For now, the server is not adding
Message-Authenticator, so that error case is checked. Additional tests
can be added in the future.
Signed-off-by: Jouni Malinen <j@w1.fi>
This used to result in a segmentation fault due to use of freed memory
(mismatch in pointer lifetime between hostapd.c and driver_nl80211.c).
Signed-off-by: Jouni Malinen <j@w1.fi>
This is a regression test for an issue where scanning sequence could be
terminated if interworking_find_network_match() finds a matching
network, but wpa_s->auto_select is not set. This could stop connection
attempts when auto_interworking=1 is used and the scan results have a
partially matching network and no cred match.
Signed-off-by: Jouni Malinen <j@w1.fi>
radius_{auth,acct}_unreachable tested some parts of RADIUS client code
error handling. However, they did not test everything since the send()
calls for unreachable port on localhost did not return an error (that
error was reported on receive side). Extend this with similar test cases
using unreachable IP address to get send() error returns covered as
well.
Signed-off-by: Jouni Malinen <j@w1.fi>
ap_cipher_tkip_countermeasures_{ap,sta} printed out the MAC addresses in
stdout which resulted in the debug log not starting the PASS/FAIL
information at the beginning of the line. Hide these unnecessary prints
to avoid that.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The example IMV and IMC used for TNC testing has references to
wpa_printf and other functions from hostapd/wpa_supplicant. Link the
binaries in a way that allows these symbols to be resolved while loading
the libraries at run time.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Incorrect password was already tested with TTLS/MSCHAPv2, but the other
non-EAP inner methods in TTLS use their own implementation of password
validation, so check each and also verify the case of no matching EAP
user entry for the specific method.
Signed-off-by: Jouni Malinen <j@w1.fi>
This documents some more steps needed during initial test setup
configuration to make it easier to get this running even without
thorough knowledge of the network setup used by the operating system.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Scan explicitly for the specific AP to work around issues where under
heavy CPU load, the single active scan round may miss the delayed Probe
Response from the AP. In addition, verify that ANQP_GET commands succeed
to make error cases clearer in the log.
Signed-off-by: Jouni Malinen <j@w1.fi>
This verifies that the wait for peer to be ready for GO Negotiation is
timed out properly at no less than 120 seconds. Since this is a long
test case, it is disabled by default without the --long option.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Allow three P2P_FIND attempts for discovering the GO on a non-social
channels since the single Probe Response frame can be missed easily
under heavy CPU load.
Signed-off-by: Jouni Malinen <j@w1.fi>
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
Instead of checking for multiple EAP starts (which can occur if
EAPOL-Start from supplicant goes out quickly enough, e.g., due to CPU
load), look for the explicit message indicating that TTLS method
initialization failed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP. In addition, check for ROAM/FT_DS failures to be
able to report errors more clearly.
Signed-off-by: Jouni Malinen <j@w1.fi>
Scan explicitly for the AP that may be started during the test case
execution. This is needed to work around issues where under heavy CPU
load, the single active scan round may miss the delayed Probe Response
from the second AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
These can fail during heavy CPU load due to active scan dwell time not
being long enough to catch the delayed Probe Response frame from the AP.
Work around this by allowing multiple scan attempts to see the response.
Signed-off-by: Jouni Malinen <j@w1.fi>
There was a bug in this code path that resulted in the
skip-scan-to-start-GO case to not actually skip the scan. It looks like
this could be hit at least when autoscan was enabled, but it is possible
that some other sequences could hit this as well.
Signed-off-by: Jouni Malinen <j@w1.fi>
Since P2P Client scan case is now optimzied to use a specific SSID, the
WPS AP will not reply to that and the scan after GO Negotiation can
quite likely miss the AP due to dwell time being short enoguh to miss
the Beaco frame. This has made the test case somewhat pointless, but
keep it here for now with an additional scan to confirm that PBC
detection works if there is a BSS entry for a overlapping AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
The single channel scan while associated to another AP and immediately
after starting the second AP can miss the Probe Response frame
especially under heavy CPU load. Avoid false error reports by allowing
multiple scan rounds to be performed. wpas_ctrl_bssid_filter is also
modified to take into account different get_bss() behavior.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds a test case for the server fragmenting an EAP-IKEv2 message.
In addition, the fragmentation threshold is made shorter to trigger
fragmentation for all messages.
Signed-off-by: Jouni Malinen <j@w1.fi>
The BSS id numbers were assumed to start from 0 at the beginning of this
test case, but that is only the case if this is run as the first test
after starting wpa_supplicant. Fix the test case to figure out the id
values dynamically to avoid false errors.
Signed-off-by: Jouni Malinen <j@w1.fi>
Extend EAP-SIM/AKA/AKA' test coverage by setting up another
authentication server instance to store dynamic SIM/AKA/AKA' information
into an SQLite database. This allows the stored reauth/pseudonym data to
be modified on the server side and by doing so, allows testing fallback
from reauth to pseudonym/permanent identity.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows control interface issues to be caught in a bit more readable
way in the debug logs. In addition, dump pending monitor socket
information more frequently and within each test case in the log files
to make the output clearer and less likely to go over the socket buffer
limit.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It is possible for the scan to miss a Probe Response frame especially
under heavy load, so try again to avoid reporting invalid failures.
Signed-off-by: Jouni Malinen <j@w1.fi>
It is possible for a scan to fail to see Probe Response or Beacon frame
under heavy load (e.g., during a parallel-vm.sh test run) since the
dwell time on a chanenl is quite short. Make the test cases using
INTERWORKING_SELECT more robust by trying again if the first attempt
does not find a matching BSS.
Signed-off-by: Jouni Malinen <j@w1.fi>
It is possible for the final step of the test case to fail under load
(e.g., when using parallel-vm.sh with large number of VMs), so run
through additional scan iterations if the WPS-AUTH flag does not get
removed immediately.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Verify that AP acts on 40 MHz intolerant STA association/disassociation
and on 20/40 co-ex report indicating 40 MHz intolerant AP showed up and
removed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It turned out that the initial test case found the GO based on the
initial full scan instead of the progressive search part. Fix this by
started the GO only after the initial full scan.
Signed-off-by: Jouni Malinen <j@w1.fi>
This can fail if Probe Response frame is missed and Beacon frame was
used to fill in the BSS entry. This can happen, e.g., during heavy load
every now and then and is not really an error, so try to workaround by
runnign another scan.
Signed-off-by: Jouni Malinen <j@w1.fi>
It seems like it is possible for a CTRL-EVENT-REGDOM-CHANGE event from a
previous test case to "leak" through to the execution of this test case.
That can result in the validation steps here failing, so wait a bit and clear the pending events before starting the test.
Signed-off-by: Jouni Malinen <j@w1.fi>
ap_multi_bss_acs test case was failing if it was executed immediately
after a test case that used 5 GHz band since the current mac80211_hwsim
channel survey implementation is very limited and reports only a single
channel. For this test case, that channel has to be from the 2.4 GHz
band.
Signed-off-by: Jouni Malinen <j@w1.fi>
run-tests.py now takes an optional --long parameter that can be used to
enable running of test cases that take a long time (multiple minutes).
By default, such test cases are skipped to avoid making the normal test
run take excessive amounts of time.
As an initial long test case, verify WPS PBC walk time expiration (two
minutes).
Signed-off-by: Jouni Malinen <j@w1.fi>
Do not report missing PBC overlap detection as an issue in this test
case since the sequence can miss the overlap due to per-SSID scan used
during group formation. In addition, increase AP beaconing frequency to
make it more likely for a Beacon frame to be seen during the optimized
scan.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds some helper definitions and functions to allow cfg80211 to be
tested with raw nl80211 messages built in the test scripts. The first
test case shows a case where station disassociates instead of
deauthenticates (which is the wpa_supplicant behavior).
Signed-off-by: Jouni Malinen <j@w1.fi>
These are similar to the previous cases, but with supported rate set
limited to allow the BSS membership selector to fit into that element
instead of Ext Supp Rates.
Signed-off-by: Jouni Malinen <j@w1.fi>
The 5 GHz cases are not yet complete due to missing mac80211_hwsim
functionality. The current test cases allow the ACS operation to fail
for those cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
This verifies P2P Client scanning behavior during group re-invocation in
a case where old scan results are not available to allow the scan to be
skipped completely.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Wait for the AP to be ready before initiating the scan to avoid
unnecessary five second extra wait. In addition, disconnect the station
to avoid possibility of starting a new scan at the end of the test case.
These remove unnecessary wait time from the test cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
"parallel-vm.sh <number of VMs> [arguments..]" can now be used to run
multiple VMs in parallel to speed up full test cycle significantly. In
addition, the "--split srv/total" argument used in this design would
also make it possible to split this to multiple servers to speed up
testing.
Signed-off-by: Jouni Malinen <j@w1.fi>
The optional third argument to the test case functions can now be used
to receive additional parameters from run-tests.py. As the initial
parameter, logdir value is provided so that test cases can use it to
review the debug logs from the test run.
Signed-off-by: Jouni Malinen <j@w1.fi>
Previusly, the responding device was left in p2p_find state as a
consequence of using discover_peer() if the peer was not already known.
This was not the sequence that was supposed to be used here. Go to
listen-only state when waiting for the peer to initiate a previously
authorized GO Negotiation.
Signed-off-by: Jouni Malinen <j@w1.fi>
This was found through a mac80211 bug which didn't correctly accept a
center segment 0 value of zero, so the test will fail until the mac80211
bug is fixed.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This allows a critical error to be noticed more quickly and reported
more clearly in the test log.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Some kernel debugging options (especially
CONFIG_DEBUG_KOBJECT_RELEASE=y) can add significant blocking time to
interface removal with NL80211_CMD_DEL_INTERFACE and
SIOCGIFBR(BRCTL_DEL_BRIDGE) block for 1-8 seconds. This could result in
the VLAN test cases failing due to a wpaspy timeout on the REMOVE
command even though the issue was only in the kernel debugging code
making the operations significantly slower. Work around this by using a
longer timeout for that control interface command to allow this type of
debug kernel to be used.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If trace-cmd command does not exist, run-tests.py could end up hanging
in a loop waiting for input. Fix this simply by checking whether the
trace-cmd command can be executed sucessfully and exiting the script if
not.
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
Both the output file path and the current working directory included the
log directory and this failed if log directory was not absolute (e.g.,
when using the default logs/current in the case a VM is not used).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The return value was lost and GCMP, CCMP-256, and GCMP-256 test cases
were reporting PASS instead of SKIP.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Verify that session information is stored from Access-Accept and sent to
the station at the requested timeout. Verify that station processes this
notification.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This verifies that hostapd can add extra RADIUS attributes using
radius_auth_req_attr and radius_acct_req_attr.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Fix updating of the current symbolic link when LOGDIR is already set.
The current symbolic link was only set, if LOGDIR has not been
previously defined. If the user had chosen to cancel the running test
iteration and run it again by running start.sh again, the current
symbolic link was not updated.
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
This commit includes number of test frames for attribute parsing.
Invitation Request and Provision Discovery processing is also covered.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is the older design that some drivers may still use if they do not
support offloaded offchannel TX operations.
Signed-off-by: Jouni Malinen <j@w1.fi>
A bit different code path is used to match the first three different
locations of roaming consortium OI within Beacon frame.
Signed-off-by: Jouni Malinen <j@w1.fi>
Wait a bit between WPS_CONFIG command and the first scan. This can avoid
an extra five second wait due to having to scan again if the initial
scan operations happens to be quick enough to happen before the AP has
updated its configuration.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This verifies that 'INTERWORKING_SELECT auto' is able to pick the
correct network based on priority configuration when connected to a
lower priority network.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
test_ap_hs20_multi_cred_sp_prio verifies that two credentials
provisioned by a single SP are selected properly based on sp_priority
when a single BSS matches both credentials.
test_ap_hs20_multi_cred_sp_prio2 does the same when there a separate BSS
for each credential.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This verifies that 'INTERWORKING_SELECT auto' is able to roam to a
higher priority network when executed while connected to a lower
priority network.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add a new option to set the use_chanctx flag when creating a radio.
While at it, refactor the arguments parsing code to use argparse.
Signed-hostap: Luciano Coelho <luciano.coelho@intel.com>
This seems to be needed in some cases to avoid issues in test cases that
assume there are no other ERs running.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes the script check the environment for the current python
interpreter in use instead of assuming that the python executable points
to a python 2 interpreter.
Signed-off-by: Roger Zanoni <roger.zanoni@openbossa.org>
Only run-tests.py is actually executed, so there is no need to specify
the interpreter in all the helper files and test script files.
Signed-off-by: Jouni Malinen <j@w1.fi>
CONFIG_MODULE_TESTS=y build option can now be used to build in module
tests into hostapd and wpa_supplicant binaries. These test cases will be
used to get better testing coverage for various details that are
difficult to test otherwise through the control interface control. A
single control interface command is used to executed these tests within
the hwsim test framework. This commit adds just the new mechanism, but no
module tests are yet integrated into this mechanism.
Signed-off-by: Jouni Malinen <j@w1.fi>
Verify cases both with multiple peers (one of which not advertising any
services) and with multiple SD queries.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It looks like some of the discovery_* test cases have been failing every
now and then on the virtual server and the one second timeout could have
been a bit too short to cover some possible timing cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Enable hostapd control interface for the RADIUS server instance and
verify that the RADIUS server MIB counters are incremented.
Signed-off-by: Jouni Malinen <j@w1.fi>
This improves accuracy of the code coverage reports with hostapd-as-AS
and hlr_auc_gw getting analyzed separately.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds a password that uses one, two, and three octet encoding
for UTF-8 characters. The value is tested against a pre-configured
hash to verify that utf8_to_ucs2() function works correctly.
Signed-off-by: Jouni Malinen <j@w1.fi>
It looks like get_status() has failed in some test runs because of a
STATUS command returning an line without '=' on it. Instead of stopping
there on exception, report the unexpected line in the log and ignore it
to allow test to continue.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This verifies that NFC connection handover can be used in a case where
hostapd has an enabled password token.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Verify that PD Request followed by GO Negotiation Request is enough to
learn the Listen frequency of the peer.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
To test the code under the influence of time jumps, add the option
(--timewarp) to the VM tests to reset the clock all the time, which
makes the wall clock time jump speed up 20x, causing gettimeofday()
to be unreliable for timeout calculations.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Since wlantest is a separate process that is not synchronized with rest
of the test components, there can be some latency in it having the STA
entries and counters updated. There is a race condition between this
happening and then test script clearing or fetching data. Make this race
condition less likely to cause bogus test failures by adding some wait
between these operations.
Signed-hostap: Jouni Malinen <j@w1.fi>
In addition to running the FLUSH command again, the pending monitor
interface events need be cleared in case the driver was running a scan
when reset() is called. This avoids issues, e.g., with discovery_dev_id
failing due to an unexpected P2P-DEVICE-FOUND event that was generated
by the pending scan operation that had not yet complete when the first
dump_monitor() call in reset() happened.
Signed-hostap: Jouni Malinen <j@w1.fi>
The vm-config in the subdirectory is less useful as it
will get removed by "git clean" and similar, so read a
config file from ~/.wpas-vm-config in addition.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
It looks like slow virtual machines may have issues to complete some EAP
authentication cases (e.g., EAP-EKE in ap_ft_eap) within the 10 second
timeout under load. Double the timeout to avoid incorrect test failures.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
It was possible for the previous test case to leave unexpected BSS or
P2P peer table entries if a scan was in progress when the FLUSH command
was used. This could result in test failures, e.g., when running
discovery_dev_type_go followed by discovery_group_client where a P2P
peer was discovered on another channel at the end of the former test
case from a scan that was running durign the FLUSH operation that was
supposed to remove all P2P peers. This could result in
discovery_group_client failing due to dev[2] trying to send the
discoverability frame on incorrect channel (the one learned in the
previous test case) since discover_peer() skipped a new device
discovery. Fix this by running FLUSH operation again if a pending scan
operation is detected during the first FLUSH operation.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
In addition, add the earlier tests in the new test_ssid.py file that was
forgotten from the previous commit
d78f33030d.
Signed-hostap: Jouni Malinen <j@w1.fi>
WPS-ER-AP-REMOVE event from the ER is sent before HTTP UNSUBSCRIBE has
been completed. As such, it was possible for the following scan
validation step to be started before the AP has had a chance to react to
the ER status change. Makes this less likely to fail by waiting 200 ms
before starting the last scan.
Signed-hostap: Jouni Malinen <j@w1.fi>
It was possible for the AP to report two enrollees in this test case
(i.e., both the expected wlan1 device and also the ER device on wlan0).
The previous test script would fail if the wlan0 device is reported
first. Fix this by allowed the expected target to be found in either the
first or the second WPS-ER-ENROLLEE-ADD event.
Signed-hostap: Jouni Malinen <j@w1.fi>
It was possible for this test case to fail if P2P_FLUSH was issued
during a search scan and that scan adding back the peer. Avoid this by
forcing p2p_find to be started regardless of the current P2P peer table
contents for each round of service discovery.
Signed-hostap: Jouni Malinen <j@w1.fi>
With the extra latencies removed from run-tests.py operations, it was
possible to hit race conditions in pairwise cipher configuration at the
end of the 4-way handshake. In some cases, the EAPOL-Start frame from
the station was not received by the AP and that could result in these
test cases failing. Since there are not really trying to test the race
condition, wait for the AP side to complete key configuration prior to
initiating the reauthentication sequence.
Signed-hostap: Jouni Malinen <j@w1.fi>
When a thread is used to follow P2P group formation progress, it is
better to return a clear failure indication from the thread instead of
allowing an exception to be thrown from the thread.
Signed-hostap: Jouni Malinen <j@w1.fi>
Leave couple of cases to use full scan for better test coverage, but
change all other places to use a single channel scan with
INTERWORKING_SELECT to reduce the time it takes to execute the tests.
Signed-hostap: Jouni Malinen <j@w1.fi>
It is possible that wlantest has not yet created the BSS entry in all
cases, so interpret failures (no BSS entry being the most likely cause)
as zero counters. Similarly, ignore clear_bss_counters errors since they
are most likely reporting that the BSS was not found and as such, there
was no need to clear the counters anyway.
Signed-hostap: Jouni Malinen <j@w1.fi>
The FLUSH command clears disallow_aps, p2p_disabled, and
p2p_per_sta_psk, so there is no need to clear them separately.
Signed-hostap: Jouni Malinen <j@w1.fi>
Replace the fixed 100 ms waits with a select()-based wait and timeout
for full wait based on monotonic time to optimize wait_event().
Signed-hostap: Jouni Malinen <j@w1.fi>
Do not run a full scan in gas_generic since this is not really needed.
Dump pending event messages after long wait to make logs clearer.
Signed-hostap: Jouni Malinen <j@w1.fi>
This makes it easier to build a web page for analyzing failures without
having to fetch the log files themselves from the test server.
Signed-hostap: Jouni Malinen <j@w1.fi>
No need to run a full scan as the first step since it only needs to find
the AP from a known channel for the GAS operation.
Signed-hostap: Jouni Malinen <j@w1.fi>
Now that wpa_supplicant requests the driver (cfg80211) to clear its scan
cache automatically after each BSS_FLUSH/FLUSH command, the previously
used ignore_old_scan_res workaround should not be needed for the hwsim
test cases anymore.
Signed-hostap: Jouni Malinen <j@w1.fi>