Commit graph

3998 commits

Author SHA1 Message Date
Jouni Malinen
f114156804 tests: Disable PFS in dpp_akm_sha*
These test cases are using externally generated PMKSA cache entry which
does not support use of PFS. This will start failing if the station
claims to support PFS in such cases, so explicitly disable PFS
functionality in these test cases for now.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:44 +03:00
Jouni Malinen
61e22e45c8 tests: DPP PFS and cfg80211 connect command
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:44 +03:00
Jouni Malinen
6c67ad0a52 tests: Check DPP PFS negotiation result
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:44 +03:00
Thomas Pedersen
7ec86f6599 tests: Skip proxyarp tests properly if ebtables rule install fails
Otherwise the test will continue on and fail later due to unexpected
foreign ARP request. The try/except design here did not work properly to
detect this.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-05-03 18:46:34 +03:00
Jouni Malinen
82f2e3ddce tests: Move from 1024 bit private keys to 2048 bit keys
Crypto libraries are starting to refuse to accept the old shorter keys,
so move all test certificates and DH to use 2048 bit (or longer) keys.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-03 18:21:13 +03:00
Jouni Malinen
674758ed59 tests: Provide digestmod to hmac.new() for Python 3.8
Python 3.8 removed the previously used default of MD5 algorithm, so
provide the explicit digestmod=hashlib.md5 parameter to the couple of
places that were missing it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-03 11:58:54 +03:00
Jouni Malinen
83c9b69b01 tests: Wait a bit to get Beacon frames into capture
The ap_beacon_rate_* test cases could end up terminating before the very
first Beacon frame is captured, so wait a bit after the connection to
make sure at least one Beacon frame is going to be in the capture file.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-25 17:23:24 +03:00
Jouni Malinen
c794bdf9c8 tests: Beacon frame protection mismatch
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-24 17:16:51 +03:00
Jouni Malinen
05abebaa06 tests: Fix sigma_dut_sae_h2e_enabled_group_rejected to clear sae_pwe
This test case was using sigma_dut to set sae_pwe=2, but that value was
not cleared in the end. This could result in following SAE test cases
failing due to unexpected behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-24 17:06:50 +03:00
Jouni Malinen
fe319fc7ed tests: DPP QR Code and authentication exchange (rand_mac_addr=1)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-22 17:09:01 +03:00
Jouni Malinen
e480ed38eb tests: ap_open_out_of_memory to skip i802_init test if needed
The eloop_register_read_sock() call in i802_init() will be skipped if
the driver supports control port for EAPOL RX, so need to skip this part
of the test case conditionally.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-19 17:42:41 +03:00
Jouni Malinen
533d06340f tests: WPA2-PSK AP with nl80211 control port in AP mode
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-19 16:50:56 +03:00
Jouni Malinen
52ed13b78d tests: Move csa_supported() into utils.py
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-18 11:35:32 +03:00
Jouni Malinen
0b21877185 tests: Move clear_scan_cache() and set_world_reg() to utils.py
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-18 11:35:32 +03:00
Jouni Malinen
1bba048d78 tests: Move vht_supported() into utils.py
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-18 11:35:32 +03:00
Jouni Malinen
31bdd8b7c7 tests: Move check_sae_capa() into utils.py
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-18 11:35:32 +03:00
Jouni Malinen
40341e16a5 tests: Move check_wep_capa() into utils.py
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-18 11:35:32 +03:00
Jouni Malinen
7e88ed8e2d tests: Use function decorator to clean up --long processing
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-18 11:35:32 +03:00
Jouni Malinen
b5bf18768f tests: ap_wps_reg_config_tkip to allow no-TKIP hostapd build
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
7162c6ecf5 tests: Use SAE instead of WPA/TKIP in ap_multi_bss_acs
This makes the test case work with no-TKIP hostapd builds.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
48ac765919 tests: ap_wpa2_eap_assoc_rsn to allow TKIP-disabled hostapd build
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
d0b382fd11 tests: ap_wps_init to allow TKIP-disabled hostapd build
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
7b82d0bd58 tests: Skip test cases where hostapd does not support TKIP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
21cf2c5baf tests: Skip more tests based on missing TKIP support
This makes it more convenient to run tests with builds that disable
TKIP/WPA(v1) support completely.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
de5bf2d199 tests: Do not enable TKIP group cipher for FT tests without need
Change run_roams() default to CCMP-only and enable TKIP only in the test
case that needs this.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
11bd6ea60e tests: sigma_dut controlled AP with FT and RSNXE Used mismatch
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-16 23:58:36 +03:00
Jouni Malinen
b654552247 tests: FT-SAE AP and unexpected RSNXE Used in ReassocResp
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-16 23:39:57 +03:00
Jouni Malinen
7ad6016e19 tests: sigma_dut controlled FT protocol with RSNXE Used mismatch
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-16 15:44:42 +03:00
Jouni Malinen
6ac48fd9e8 tests: FT-SAE AP and unexpected RSNXE Used in ReassocReq
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-14 16:37:35 +03:00
Jouni Malinen
2012a26d0f tests: AP may discard FT ReassocReq in ap_ft_sae_h2e_downgrade_attack
This is in preparation for a hostapd implementation change on how to
address the unexpected RSNXE Used field value in FTE during FT
reassociation.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-14 16:37:35 +03:00
Jouni Malinen
ec182d5e93 tests: SAE/PMF roam
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-04 23:57:18 +03:00
Jouni Malinen
9dd5373122 tests: FT+PMF roaming with skip_prune
Verify hostapd behavior during FT protocol processing when a STA entry
is still present in the AP and that association has PMF negotiated.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-04 23:32:12 +03:00
Thomas Pedersen
fe4c0ea723 tests: Enable MACsec testing by default in the VM kernel
Include support for MACsec testing in the (vm) kernel by default.

Don't include support in the example hostapd or wpa_supplicant configs
yet since that would potentially break the build on older distributions
like Ubuntu 16.04, which is supported until April 2021.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-04-04 17:25:30 +03:00
Jouni Malinen
ca70f36c20 tests: Make ap_vht_csa_vht40_disable more robust
Wait for disconnection and reconnection after CSA since mac80211 does
not support clean CSA to disable VHT.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-03 21:19:18 +03:00
Jouni Malinen
169cf46534 tests: sigma_dut and DPP with NFC
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-03 16:27:57 +03:00
Jouni Malinen
4b9a1ba0ad tests: Use a helper function for starting DPP AP in sigma_dut tests
Remove unnecessary code duplication.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-03 12:59:47 +03:00
Jouni Malinen
f964a54ec2 tests: Remove duplicate definitions of csign/connector in sigma_dut
There is no need to duplicate the definitions of the exact same values
within each test function.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-03 12:54:44 +03:00
Jouni Malinen
62d5616155 tests: DPP netAccessKey for reconfig
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-03 12:45:03 +03:00
Jouni Malinen
a34fb79788 tests: DPP reconfiguration connector
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-02 21:34:49 +03:00
Jouni Malinen
4e9cfc3eb8 tests: DFS channel switch
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-29 21:15:16 +03:00
Jouni Malinen
af6a2b727c tests: Use complete CHAN_SWITCH parameters in ap_vht_csa_vht40_disable
Specify the secondary channel offset and correct center_freq1 value to
make the parameters complete for a 40 MHz channel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-29 21:15:16 +03:00
Thomas Pedersen
34708b4893 tests: Include UML defconfig
Include a defconfig for building kernel as UML. Also update the README
with a few notes related to UML.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-03-29 21:15:16 +03:00
Thomas Pedersen
eedf08f7a9 tests: Convert kernel-config to defconfig
Make the included kernel-config a little more minimal by checking in the
defconfig instead.

Generate the defconfig by checking out a linux at tag wt-2020-03-17,
copy kernel-config to .config, run
'yes "" | make oldconfig && make savedefconfig',
and copy resulting defconfig to kernel-config.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-03-29 21:15:16 +03:00
Johannes Berg
478bc00b5f tests: Assume --long for UML
If we use user-mode-linux, we have time-travel, and then the --long
argument doesn't really make a difference, so just assume that's the
case.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-03-29 21:15:16 +03:00
Jouni Malinen
6f291896b9 tests: FT roaming cases with authorized STA entry remaining
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-29 21:15:16 +03:00
Jouni Malinen
e96d319140 tests: DPP PFS
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-28 17:27:42 +02:00
Jouni Malinen
a3eda98c22 tests: Skip background scans in beacon loss tests
bgscan_learn_beacon_loss was failing quite frequently and it looks like
the background scans were related to those failures. Since those scans
are not really relevant to testing beacon loss, get rid of them in these
test cases to avoid incorrect failures.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 21:05:44 +02:00
Jouni Malinen
ef46f143bc tests: dpp_controller_rx_failure to match implementation changes
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 20:05:25 +02:00
Jouni Malinen
f1732b4d1a tests: DPP chirping
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 20:05:25 +02:00
Jouni Malinen
b766ac488f tests: Use frame injection in monitor_iface_unknown_sta
The previously used normal data TX depends on undefined driver behavior
after all keys have been removed. That may not be available, so do this
more properly with frame injection through a monitor interface.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 17:51:03 +02:00
Jouni Malinen
19e8536d47 tests: sigma_dut controlled AP and transition disabled indication
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 13:01:19 +02:00
Jouni Malinen
f3de8f35bc tests: sigma_dut controlled AP and beacon protection
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 12:50:00 +02:00
Jouni Malinen
14ee49c24b tests: sigma_dut controlled STA and beacon protection
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 11:52:47 +02:00
Jouni Malinen
431e5d5819 tests: Add forgotten step to ap_wpa3_eap_transition_disable
This was supposed to be included, but was forgotten in an editor window
with pending changes..

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 00:57:40 +02:00
Jouni Malinen
5cf5680e5c tests: Transition disable
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 00:22:57 +02:00
Jouni Malinen
634bc4e6df tests: sigma_dut sta_scan ShortSSID
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-24 12:33:31 +02:00
Jouni Malinen
681e8495b4 tests: Extended Key ID
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-23 11:47:31 +02:00
Jouni Malinen
9efac01020 tests: Fix bgscan_learn_beacon_loss with REPORTS_TX_ACK_STATUS
Stopping the AP from beaconing will also stop it from acknowledging
frames and that resulted in bgscan_learn_beacon_loss failing when
mac80211_hwsim is registering REPORTS_TX_ACK_STATUS. Work around this by
moving to using PMF so that the station ignores the unprotected
deauthentiation frames from the AP and also disabling SA Query. This
allows the AP to be stopped and restarted with large enough Beacon
interval to allow the station to detect beacon loss.

This is identical to the earlier design change for
bgscan_simple_beacon_loss (somehow this bgscan_learn_beacon_loss test
case managed to pass at that time).

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-22 19:52:38 +02:00
Jouni Malinen
7fb365893a tests: Wait longer for connection in radius_macacl_unreachable
It looks ike the authentication timeouts may continue a bit longer after
some kernel changes and that could result in temporarily disabling the
network profile. Give this test case more time to complete the
connection to avoid reporting failures unnecessarily.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-21 23:56:19 +02:00
Jouni Malinen
275509ee67 tests: Update prefer_vht40 throughput estimation
Match the updated max_ht40_rate() estimation with VHT.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-21 19:33:38 +02:00
Jouni Malinen
a60a0a43c7 tests: Fix bgscan_simple_beacon_loss with REPORTS_TX_ACK_STATUS
Stopping the AP from beaconing will also stop it from acknowledging
frames and that resulted in bgscan_simple_beacon_loss failing when
mac80211_hwsim is registering REPORTS_TX_ACK_STATUS. Work around this by
moving to using PMF so that the station ignores the unprotected
deauthentiation frames from the AP and also disabling SA Query. This
allows the AP to be stopped and restarted with large enough Beacon
interval to allow the station to detect beacon loss.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-21 18:13:28 +02:00
Jouni Malinen
2af3d99cd3 tests: Additional FT-SAE with RSNXE testing
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-21 00:24:03 +02:00
Jouni Malinen
c557720ef0 tests: sigma_dut AP configuration for different channels
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-16 16:22:32 +02:00
Jouni Malinen
5732e57423 tests: Use hostapd_logdir in sigma_dut_ap_psk_sha256
logdir was prepared for this test case, but it was not actually used.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-16 15:38:27 +02:00
Jouni Malinen
e9d2cd71af tests: Scanning in AP mode
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-15 21:22:47 +02:00
Jouni Malinen
2e22f3e82e tests: Check more details in pmksa_cache_ap_expiration
It looks like this test case can fail if the STA goes to power save mode
and the Deauthentication frame from the AP after session timeout is not
actually sent at all. Check more details to make it clear that this is
indeed the reason behind the failure.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-15 17:07:52 +02:00
Jouni Malinen
60c435493d tests: SAE and RSNE mismatch in EAPOL-Key msg 2/4
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-15 11:16:22 +02:00
Jouni Malinen
2b8f8a4721 tests: FT protocol RSNE/RSNXE mismatch in Reassociation Response frame
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-15 10:39:17 +02:00
Jouni Malinen
55093c8014 tests: Current Operating Class value from STA
Verify Supported Operating Classes element contents from STA in various
HT and VHT cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-11 18:30:51 +02:00
Janusz Dziedzic
60b06d8750 tests: Set device_name for WPS test cases
Set device_name in the test cases instead of relying on the
wpa_supplicant configuration file. This fixes problems when we run WPS
test cases in remote test environment.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-03-08 17:14:48 +02:00
Janusz Dziedzic
fbf877b012 tests: Clear regulatory domain on the correct remote device
In case we run remote tests we need to clear/set regulatory domain on
the correct device.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-03-08 17:13:47 +02:00
Jouni Malinen
9bf306f57d tests: Fix sigma_dut_sae_pw_id_pwe_loop to clear sae_pwe setting
Leaving out the special sae_pwe value was causing failures for following
test cases, e.g., in the following sequence:
sigma_dut_sae_pw_id_pwe_loop sae_password_id_only

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-08 16:16:11 +02:00
Jouni Malinen
023441c102 tests: Opportunistic Wireless Encryption transition mode and RSNE mismatch
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-08 16:16:11 +02:00
Jouni Malinen
7e43b6cbcf tests: RSNXE mismatch in EAPOL-Key msg 3/4
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-07 17:06:12 +02:00
Jouni Malinen
9108e396a7 tests: RSNE mismatch in EAPOL-Key msg 3/4
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-07 16:58:29 +02:00
Jouni Malinen
3396a4529c tests: RSNXE missing from EAPOL-Key msg 3/4
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-07 16:42:47 +02:00
Jouni Malinen
20cace9014 tests: WPA2-EAP AP with STA using 4addr mode
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-07 13:59:17 +02:00
Jouni Malinen
bdb2eaf876 tests: sigma_dut with OWE PTK workaround
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-06 21:44:31 +02:00
Jouni Malinen
72c34d23a4 tests: Automatic channel selection with fallback to 20 MHz
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-06 21:44:31 +02:00
Jouni Malinen
2fb59e77b5 tests: HT with 20 MHz channel width doing CSA to 40 MHz
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-06 21:44:31 +02:00
Jouni Malinen
154722e5b1 tests: Make ap_ht_40mhz_intolerant_ap more robust
Some test case sequences seemed to prevent the station from completing
the first OBSS scan (that scan was aborted) and that resulted in failing
the test case because the AP had not received any report in time. Wait
for scan completion and allow additional scans before timing out to
avoid indicating incorrect AP behavior in cases where the report was not
even received.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-06 21:44:31 +02:00
Jouni Malinen
b27c7ac0eb tests: wpa_supplicant SAVE_CONFIG without config file
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-06 11:24:28 +02:00
Jouni Malinen
72fd30c4b9 tests: WPS PBC/PIN timeout on AP
Verify that AuthorizedMACs advertisement is removed when a PBC session
or a PIN times out.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-04 23:28:45 +02:00
Jouni Malinen
dc054892a2 tests: sigma_dut special case for SAE Password Identifier with PWE looping
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-04 21:23:43 +02:00
Jouni Malinen
9c244b542e tests: DFS channel bandwidth downgrade from VHT80 to VHT40
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-03 18:58:08 +02:00
Jouni Malinen
744a2f9846 tests: Specific vs. wildcard SSID in Probe Request frame in BSSID-scan
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-02 20:44:23 +02:00
Jouni Malinen
97de4a0f9b tests: Verify that HE gets fully enabled for mesh
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-02 19:56:27 +02:00
Jouni Malinen
8b077a42e5 tests: wpa_supplicant config file writing with SAE
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-02 11:51:38 +02:00
Jouni Malinen
d9aafb75f1 tests: SAE and PSK with multiple passwords/passphrases
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-01 19:53:16 +02:00
Jouni Malinen
200c7693c9 Make WEP functionality an optional build parameter
WEP should not be used for anything anymore. As a step towards removing
it completely, move all WEP related functionality to be within
CONFIG_WEP blocks. This will be included in builds only if CONFIG_WEP=y
is explicitly set in build configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-29 17:45:25 +02:00
Jouni Malinen
886ee6775f tests: Automatic channel selection with hw_mode=any
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-29 11:23:03 +02:00
Jouni Malinen
9551930f1e tests: Initialize wlantest with passphrase for ap_wpa2_ptk_rekey
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-28 23:19:52 +02:00
Jouni Malinen
54bc5db16e tests: sigma_dut controlled AP with SAE H2E and anti-clogging token
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-28 19:53:45 +02:00
Jouni Malinen
fd1892885b tests: SAE and opportunistic key caching and PMK lifetime
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-28 18:41:24 +02:00
Jouni Malinen
ae750570b6 tests: WPS PBC session overlap detection with single BSSID selected
Update grpform_pbc_overlap not to require PBC session overlap to be
detected since in this sequence a single BSSID is specified and other
APs can be ignored while checking for session overlap. Add other test
cases to explicitly check for the PBC session overlap detection in
non-P2P and P2P cases when the BSSID is specified.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-24 20:04:21 +02:00
Jouni Malinen
af9d8c758d tests: Use proper temp files for dynamically created config
Replace the hardcoded /tmp filenames for generated ACL and BSS
configuration files with proper temporary files from tempfile.mkstemp()
to avoid conflicts with existing files or with parallel uses. Remove ACL
files from the local directory at the end of each test case. BSS files
are currently left behind, but can be cleaned up separately if needed
for non-VM testing (VM testing has those on ramdrive so they get dropped
automatically at the end) and for remote devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-23 18:20:50 +02:00
Jouni Malinen
6998ef48c8 tests: Remove unused BSS configuration files
These are now generated dynamically.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-23 17:52:56 +02:00
Jouni Malinen
92f08a3ccd tests: Generate BSS config files in ap_bss_add_remove_during_ht_scan
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-23 17:52:53 +02:00
Jouni Malinen
a066644fcb tests: Generate BSS configuration files in ap_bss_add_out_of_memory
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-23 17:50:44 +02:00
Jouni Malinen
791acc676c tests: Generate BSS configuration files in ap_bss_config_file
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-23 17:50:44 +02:00
Janusz Dziedzic
bdff1be152 tests: Extend wpas_ctrl_bssid_filter for remote testing
When this test case is ran in remote test environment, there could be
additional APs in scan results after bssid_filter has been disabled.
That breaks the check on SCAN_RESULTS output. Extend this to cover the
remote testing case by using bssid_filter with both known APs listed
instead of full wildcard.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 17:50:44 +02:00
Janusz Dziedzic
e206c93f31 tests: Fix multi_check() for remote testing
Don't use hardcoded BSSID; instead use the real BSSID from the device.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 17:50:44 +02:00
Janusz Dziedzic
ba1ff57ad2 tests: remote: Generate and send BSS configuration files
Instead of hardcoded bss-[1-6]*.conf files, generate them using the
correct BSSID for each AP device and send/install them on the remote
client as well if needed.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 17:50:44 +02:00
Janusz Dziedzic
4d14838421 tests: Generate ACL files
Generate ACL files instead of using files with hardcoded values for the
STA MAC addresses. Send the generated files also to the remote client if
required.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 16:38:23 +02:00
Janusz Dziedzic
16f18b2ca7 tests: remotehost: Add send_file()
Some hostapd test cases use configuration files, e.g., ACLs in BSS
configuration. When executing remote tests (udp), we have to first send
these configuration files to the appropriate remote device. The new
send_file() helper can be used for that.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 15:48:46 +02:00
Alexander Wetzel
5742d12d4a tests: Allow PTK0 rekey for tests
Verify PTK0 rekey blocking is working as intended.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-02-23 13:11:02 +02:00
Jouni Malinen
f3bcd69603 Remove CONFIG_IEEE80211N build option
Hardcoded CONFIG_IEEE80211N to be included to clean up implementation.
More or less all new devices support IEEE 802.11n (HT) and there is not
much need for being able to remove that functionality from the build.
Included this unconditionally to get rid of one more build options and
to keep things simpler.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-22 19:20:44 +02:00
Jouni Malinen
f65da0ca4b tests: Beacon protection
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-21 19:41:36 +02:00
Jouni Malinen
91ea29a79e tests: Remove ap_ht_smps
AP using SMPS mode locally is about to be removed from hostapd, so
remove the test case that was using it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-16 13:48:39 +02:00
Jouni Malinen
dd3d5da3c7 tests: WPS PIN provisioning with per-station PSK preset
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-16 11:54:30 +02:00
Thomas Pedersen
1c67a07603 tests: Add basic power saving tests for ap_open
ap_open_sta_ps checks whether a STA told its hardware to enter power
save after enabling power save.

ap_open_ps_mc_buf checks whether an AP properly buffers and releases
multicast frames when a STA with PS active is associated.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-02-15 18:36:29 +02:00
Thomas Pedersen
1d9d6c2432 tests: Factor out multicast connectivity check
A test may want to check multicast connectivity independent of unicast
or check multicast without exercising unicast first. Factor out the
multicast connectivity check code into its own function.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-02-15 18:36:29 +02:00
Jouni Malinen
91cce45226 tests: Fix exception generation in persistent_group_per_sta_psk
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 18:36:29 +02:00
Jouni Malinen
afd10e880b tests: Require wps=1 tag in ap_wps_per_station_psk
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 18:36:27 +02:00
Jouni Malinen
68e9b8cb16 tests: Prepare ap_wps_per_station_psk for the new wps=1 tag in PSK file
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 17:37:27 +02:00
Jouni Malinen
dd900637b2 tests: Make gas_anqp_extra_elements more robust
Explicitly flush cfg80211 scan cache for this test case since the BSS
entry check might fail if there are multiple results for the same BSSID.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-11 07:54:47 +02:00
Jouni Malinen
d299756e3e tests: DPP QR Code and enrollee initiating with netrole specified
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-11 06:43:02 +02:00
Jouni Malinen
ef39ac497e tests: wifi_generation on 2.4 GHz with subset of VHT
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-11 05:19:16 +02:00
Jouni Malinen
c90822a5c3 tests: SAE Password Identifier with unexpected PWE derivation
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-10 05:13:13 +02:00
Jouni Malinen
d57349d4b8 tests: sigma_dut fetching the current PMK
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-10 03:01:07 +02:00
Jouni Malinen
6478f4375b tests: GET_PMK and PMKSA_GET match
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-10 02:56:40 +02:00
Jouni Malinen
3ecaddd62b tests: SAE anti clogging (forced, H2E + loop)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
daf8491dea tests: WPA2-PSK-FT-SAE AP (AP H2E, STA loop)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
39a757c408 tests: sigma_dut and DPP Configurator provisioning
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
3e4b709fb0 tests: Configurator provisioning test cases to use conf=configurator
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
269a78786e tests: dpp_pkex_alloc_fail to match implementation change
The new dpp_alloc_auth() function addition changed function call
backtraces for memory allocation failure tests.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
7128197862 tests: DPP and duplicated Authentication Confirmation
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
6f86f363e6 tests: ACS with both HT40+ and HT40- allowed
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-03 02:03:32 +02:00
Jouni Malinen
e0d9f5fc15 tests: Replace tabs with spaces in python indentation
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-03 02:03:32 +02:00
Jouni Malinen
99fdc0413b tests: WMM IE contents in FCC and ETSI
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-03 02:03:32 +02:00
Johannes Berg
bac54daf32 tests: Remove tabs
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-02-02 21:11:20 +02:00
Jouni Malinen
12cdfb4d7b tests: DPP Configurator provisioning
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-31 23:32:34 +02:00
Jouni Malinen
db1aa8f19f tests: DPP bootstrapping via NFC negotiated handover
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-27 20:36:09 +02:00
Jouni Malinen
2bbe6ad3aa DPP: Helper function for bootstrapping URI generation
The new dpp_gen_uri() helper function can be used to build the
bootstrapping URI from locally stored information. This can be used to
make it easier to update the URI, e.g., for NFC negotiated connection
handover cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-27 20:36:09 +02:00
Jouni Malinen
f5b7b24912 tests: Fix eap_proto_ttls_errors with CONFIG_TLS=internal
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 17:09:50 +02:00
Jouni Malinen
07dd83dd77 tests: Check for domain_suffix_match in HS 2.0 PPS MO testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:56:06 +02:00
Jouni Malinen
362889638b tests: Check for TLS EC support in build
These test cases need to be skipped with CONFIG_TLS=internal.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:54:07 +02:00
Jouni Malinen
0c00679b15 tests: Check for TLS library capabilities in sigma_dut test cases
These test cases cannot be run with CONFIG_TLS=internal.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:50:20 +02:00
Jouni Malinen
31a3d4c234 tests: Recognize more test SKIP reasons
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:03:31 +02:00
Jouni Malinen
5bf51d38b0 tests: Fix DPP capability checking to avoid failures in non-DPP build
"finally" handler should not trigger a new exception when trying to
clear state for non-DPP builds. In addition, couple of checks for DPP
capability in the build were missing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 13:40:56 +02:00
Jouni Malinen
4c0af8ad6c tests: Check SAE capability in build more consistently
Use a helper function for this and add checks for number of test cases
that were missing this. This gets rid of undesired FAIL results
(converts them to SKIP) for test runs where the station do not support
SAE.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 13:40:56 +02:00
Jouni Malinen
f28853fbc4 tests: OWE PTK derivation workarounds
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-24 00:47:41 +02:00
Jouni Malinen
ca10117cd7 tests: Make ap_hs20_connect_no_full_match more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-23 16:54:45 +02:00
Jouni Malinen
2be278696b tests: Allow more time for sigma_dut sta_associate commands
The previously used timeout of two seconds did not allow more than a
single scan attempt and that could fail every now and then. Make these
more robust by increasing the timeout to 10 seconds which allows another
scan attempt to be completed similarly to the most non-sigma_dut test
cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-21 13:22:57 +02:00
Jouni Malinen
6a673d0fb0 tests: Remove mesh SAE Password Identifier test cases for now
IEEE P802.11-REVmd was modified to require H2E to be used whenever
Password Identifier is used with SAE. Since wpa_supplicant and mac80211
do not yet support SAE H2E in mesh, Password Identifier cannot be used
in mesh cases. Remove the test cases that verified this behavior for now
to allow H2E to be required per updated REVmd definition. These test
cases will be restored once H2E is fully functionality in mesh cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-21 13:00:20 +02:00
Jouni Malinen
6ce883de69 tests: SAE anti clogging (forced, H2E)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-20 21:17:46 +02:00
Johannes Berg
f124367afb tests: parallel-vm: allow running without curses
Allow running without curses, in which case the log is simply written to
stdout instead of a file. This is useful for automated (but parallel)
testing. Note that in most cases, you'd want to specify --debug, and so
I added a .rstrip() there on the lines to clean that up a bit.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-01-20 21:17:24 +02:00
Jouni Malinen
961eb08723 tests: Flush scan results in more Hotspot 2.0 test cases
This makes testing of INTERWORKING_CONNECT more robust.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-10 22:55:44 +02:00
Jouni Malinen
447ce4813a tests: Opportunistic Wireless Encryption transition mode disabled on STA
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-10 20:37:41 +02:00
Jouni Malinen
991e6b9e79 tests: Call stop_sigma_dut() in more failure cases
Some of the sigma_dut test cases were not yet using try/finally to
ensure stop_sigma_dut() gets called. That could result in not logging
all failure reasons in the log and getting stuck with being unable to
start new sigma_dut processes after failed test cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-10 00:44:07 +02:00
Jouni Malinen
f0b6b23fe3 tests: Enable sigma_dut debug log for all test cases
There is no point in having to enable this separately for each test case
since the debug details are always useful if something fails.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-10 00:21:15 +02:00
Jouni Malinen
a04c153b9f tests: Verify that sigma_dut is functional after startup
There is no point in continuing the test ase if sigma_dut is not in
functional state.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-10 00:04:43 +02:00
Jouni Malinen
fb0f13fbf8 tests: Log sigma_dut stdout/stderr separately for each command
This makes logs easier to understand and this may also help in running
over buffer space and getting stuck with sigma_dut termination.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-09 23:31:29 +02:00
Alexander Wetzel
e1650a7b0e tests: Set key_flag when using SET_KEY
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-01-09 12:38:36 +02:00
Markus Theil
7a42316374 tests: Fix Python sleep function
Current Python versions have no os.sleep(), use time.sleep() instead.

module 'os' has no attribute 'sleep'
Traceback (most recent call last):
  File "./run-tests.py", line 521, in main
    t(dev, apdev)
  File "/home/mtheil/hostap/tests/hwsim/test_pmksa_cache.py", line 356, in test_pmksa_cache_expiration
    hapd.wait_ptkinitdone(dev[0].own_addr())
  File "/home/mtheil/hostap/tests/hwsim/hostapd.py", line 282, in wait_ptkinitdone
    os.sleep(0.1)

Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
2020-01-09 11:55:53 +02:00
Jouni Malinen
283be365c3 tests: SAE and AP sending Confirm message without waiting STA (2)
This goes through sae_confirm_immediate=2 behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-08 20:58:18 +02:00
Markus Theil
2ffdf32eb8 tests: Add digestmod for Python 3.8
The digestmod argument also exists in earlier Python versions,
version 3.8 does not set a default argument anymore.

Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
2020-01-08 14:57:13 +02:00
Jouni Malinen
09f96acb9d tests: PSK/EAP without nl80211 control port
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-05 21:31:33 +02:00
Jouni Malinen
754cd71bf4 tests: WPS Application Extension attribute
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-04 23:39:40 +02:00
Benjamin Berg
99eb150deb tests: Test p2p_long_listen longer than remain-on-channel
This tests an error, where the p2p_long_listen information from the
wrong device was used internally in wpa_supplicant when using the
separate P2P Device interface.

Signed-off-by: Benjamin Berg <bberg@redhat.com>
2020-01-04 23:07:31 +02:00
Jouni Malinen
e9aa399522 tests: PMF tests with not-protected disconnection using hostapd
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-04 20:41:52 +02:00
Jouni Malinen
e62a1cbaf1 tests: Detect tshark regression in wpas_mesh_gate_forwarding
Skip this test case if the used tshark version has regression in mesh
control field parsing:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15521

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-04 18:08:03 +02:00
Jouni Malinen
dad2f3253c tests: Initial GTK/IGTK RSC setting
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-04 13:07:47 +02:00
Jouni Malinen
c1714ec08c tests: ROAM command failure cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-03 18:09:57 +02:00
Jouni Malinen
ecd54bace4 tests: DFS with RRM
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-03 16:00:02 +02:00
Jouni Malinen
91588eeb69 tests: Remove allow_failure from DFS test cases
This functionality has been available in mac80211_hwsim for years, so
there is no need to maintain this old workaround.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-03 15:41:54 +02:00
Jouni Malinen
696acdf333 tests: Make ap_hs20_roaming_consortiums_match more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-02 22:54:29 +02:00
Jouni Malinen
82e64f9b90 tests: Roam between two APs based on driver signal level override
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-02 20:38:04 +02:00
Jouni Malinen
cd9f5511a3 tests: Make scan_bss_limit more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-02 13:02:56 +02:00
Jouni Malinen
b5a3b80718 tests: External MAC address change for connection
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-02 12:58:58 +02:00
Jouni Malinen
cc7f85ca72 tests: Make ap_wps_conf_pin_* more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-01 16:41:33 +02:00
Jouni Malinen
19d4a5de11 tests: Fix a missing parentheses in an error message
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-01 12:23:25 +02:00
Jouni Malinen
be5dda94e5 tests: Make rrm_beacon_req_table_request more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-31 11:51:25 +02:00
Jouni Malinen
7aa03cfa7b tests: Make ap_hs20_eap_tls more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-30 22:07:27 +02:00
Jouni Malinen
78e931e7f9 tests: Fix sigma_dut_sae_h2e_rsnxe_mismatch to clear sae_pwe
sae_pwe=1 could be left configured when exiting this test case since
sigma_dut does not guarantee the default value to be restored. This
could result in test case failures, e.g., in the following sequence:
sigma_dut_sae_h2e_rsnxe_mismatch sae_pwe_h2e_only_ap_sta_forcing_loop

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-30 19:32:28 +02:00
Jouni Malinen
54c154d2c9 tests: radius_acct_unreachable2 to detect retransmissions earlier
It looks like this test case can start showing failures with a change in
the retransmission limit behavior for a server change. Check for
retransmissions every second instead of only at the end of the four
second wait to avoid this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-30 19:13:51 +02:00
Ilan Peer
7bcb63913a tests: Extend the timeout for some SAE error case tests
Commit 407879b690ba ("mac80211: Adjust SAE authentication timeout") in
the kernel tree increased the SAE authentication timeout. This caused
some error case tests to fail. To fix this, extend the timeout for some
error case tests.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2019-12-30 18:57:40 +02:00
Jouni Malinen
4153243932 tests: Make wps_reg() test cases more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-30 00:22:23 +02:00
Jouni Malinen
0d0baf9f17 tests: RRB wildcard R0KH/R1KH pull with multiple BSSs
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-29 20:32:07 +02:00
Jouni Malinen
deb92a6bf9 tests: Make ap_hs20_gas_while_associated_with_pmf more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 23:38:36 +02:00
Jouni Malinen
94e66da6df tests: ignore_broadcast_ssid and SSID List or Short SSID List mismatch
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 23:21:14 +02:00
Jouni Malinen
d5c39e1488 tests: Scan using SSID List and Short SSID List elements
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 23:14:47 +02:00
Jouni Malinen
44adf014ff tests: Fix he_supported() check with python3
This was making error paths on HE test cases fail with:
TypeError: a bytes-like object is required, not 'str'

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 19:52:47 +02:00
Jouni Malinen
d0cd750435 tests: Make ap_hs20_roaming_consortium more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 19:05:50 +02:00
Jouni Malinen
ece9aa627a tests: Make ap_cipher_mixed_wpa_wpa2 more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 19:03:22 +02:00
Jouni Malinen
53a96146fb tests: Ignore fe80::ff:fe00:300 NS from AP for now in proxyarp tests
This NS seems to go out from the AP interface every now and then and it
makes proxyarp_open_ebtables_ipv6 fails inconveniently often. That frame
should not really be there, but it's not clear what exactly is needed to
stop it going through. It does not come from the test operations
themselves, so ignore it for now to keep test results cleaner.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 17:17:05 +02:00
Jouni Malinen
e5d9f99b3f tests: Make ap_hs20_nai_realms more robust
Explicitly clear cfg80211 scan cache to avoid issues from scan results
from previous test cases interfering with INTERWORKING_CONNECT
operation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 00:34:25 +02:00
Jouni Malinen
4e9bcdebf3 tests: Replace tcpdump with wlantest
This removes dependency on tcpdump by using an already included test
tool for capturing frames with Ethernet headers. There were some issues
in getting tcpdump working on Ubuntu 19.10, so this seems to be a clean
way of addressing that.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 23:43:09 +02:00
Jouni Malinen
4415da686d tests: Make rrm_reassociation more robust
Flush cfg80211 scan cache explicitly when running this test case to
avoid issues with the ROAM command not working due to a scan result from
an earlier test case. This was causing failures in the following test
case sequence:
rrm_beacon_req_active_ap_channels rrm_reassociation

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 22:41:36 +02:00
Jouni Malinen
a6ba5cca45 tests: Allow more VMs to be started in parallel
Check the number of CPUs to determine how many VMs can be started in
parallel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:31:33 +02:00
Jouni Malinen
d07ca835cb tests: Move ocsp-resp-*-signed*.der generation into test case
There is no need to generate these OCSP responses for every single test
session. Generate these more dynamically if a test case that uses these
files is executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
b6bb4cd8c5 tests: Move ocsp-server-cache-{revoked,unknown}.der generation into test case
There is no need to generate these OCSP responses for every single test
session. Generate these more dynamically if a test case that uses these
files is executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
662c2fa01a tests: Use the run_openssl() helper for running openssl
This avoids unnecessary duplication of the same functionality to run
openssl and check result.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
47ccb9ce24 tests: Move ocsp-server-cache-key-id.der generation into test case
There is no need to generate this OCSP response for every single test
session. Generate this more dynamically if the test case that uses the
particular file is executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
b5c28af431 tests: Remove unnecessary copying of ocsp-multi-server-cache.der
This file is not being modified, so the original one from the auth_serv
directory can be used directly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
6cd59688b8 tests: Fix thread handling in P2P GO Negotiation test cases
Some of the error paths in go_neg_pbc() and go_neg_pin() did not wait
for the helper thread to complete processing. This could result in
unexpected behavior when the test case could have exited while the
thread was still performing tasks for the GO Negotiation. This could
result in getting stuck in one of the following test cases with
"go_neg_init_pbc thread caught an exception from p2p_go_neg_init: Group
formation timed out" showing up in the log.

This was hit, e.g., with the following test sequence:
no_go_freq p2p_channel_drv_pref_autogo

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 18:14:09 +02:00
Jouni Malinen
c64b6f62cd tests: Use python selector in the parallel-vm.py main loop
This gets rid of the loop that was polling for things to do every 0.25
seconds and instead, reacts to any data from VMs as soon as it becomes
available. This avoids unnecessary operations when no new data is
available and avoids unnecessary waits when new data becomes available
more quickly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 17:12:34 +02:00
Jouni Malinen
0075df74df tests: Make pmksa_cache_expiration more robust
Wait for hostapd to enter the PTKINITDONE state before checking
connectivity. This is needed to avoid a race condition with UML
time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 16:03:50 +02:00
Jouni Malinen
fd0465b85e tests: Print a summary of SKIP reasons
This makes it easier to determine reasons for test cases being skipped.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 16:03:50 +02:00
Jouni Malinen
179279eb34 tests: Move VM starting delay control into parallel-vm.py
This is more efficient since we can now start only the necessary number
of VMs instead of always forcing all VMs to start with one second delay.
This can also control the starting delay by keeping at most two VMs
starting at a time instead of using the hardcoded one second wait for
each consecutive VM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 16:03:50 +02:00
Jouni Malinen
4ee4778676 tests: Move HwsimSkip processing into start_wnm_ap()
There is no need to handle this separately in each OCV test case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 09:38:25 +02:00
Jouni Malinen
743b234902 tests: Speed up wpas_mesh_gate_forwarding tshark operations
For some reason, running tshark in the test cases can take significant
time especially with UML time-travel. Optimize this by reducing the
number of times tshark needs to be executed in the loop.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 00:03:24 +02:00
Jouni Malinen
985718135f tests: Optimize tshark operations for new versions
The wlan_mgt to wlan renaming is already included in most recent tshark
versions, so replace the backwards compatibility option to prefer the
new version so that current versions do not need to take the performance
hit.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 00:02:05 +02:00
Jouni Malinen
a48a60ea47 tests: Check operating channel parameter in obss_scan*
It looks like these test cases can fail with the new "Undefined
secondary channel: drop OBSS scan results" case. Add more checks to
determine if something is wrong with the connection.

In addition, force clearing of the cfg80211 scan cache on the main AP
interface so that a scan result from a previous test case cannot prevent
40 MHz channel bandwidth from being used. This could apparently happen
in the following test case sequence:
ap_ht40_scan_conflict obss_scan

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 23:23:05 +02:00
Jouni Malinen
c0d607ec8f tests: Replace hapd_connected() with hapd.wait_sta()
These were doing practically the same thing, so get rid of the external
helper function and standardize on using hapd.wait_sta().

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 19:36:31 +02:00
Jouni Malinen
e2c364e2cd tests: Make wpa2_ocv_ap_group_hs more robust
Wait for hostapd to indicate connection before disconnecting from the
station side. This avoids a race condition especially with UML
time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 19:33:22 +02:00
Jouni Malinen
67e0a5180f tests: SHOW_NEIGHBOR
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 17:59:16 +02:00
Jouni Malinen
0dfa6ea529 tests: Make ap_wpa2_disable_eapol_retry_group more robust
Wait for hostapd to report completion of the connection before going
through the disconnection and reconnection steps to avoid a race
condition especially with UML time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 17:01:02 +02:00
Jouni Malinen
f0825655c4 tests: Make TDLS tests more robust
Wait for hostapd to report connection completion before performing
connectivity test to avoid race conditions especially with UML
time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 11:41:01 +02:00
Jouni Malinen
6883f94408 tests: rrm_neighbor_db and neighbor removal without specifying SSID
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 11:05:54 +02:00
Jouni Malinen
07e69dfb05 tests: Secure mesh with BIP-GMAC-128, BIP-GMAC-256, and BIP-CMAC-256
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-25 23:56:16 +02:00
Jouni Malinen
9f47fdb6c3 tests: Make FT PMKSA caching test cases more robust
The RECONNECT command on the station was issued immediately after
wpa_supplicant had processed EAPOL-Key msg 3/4. This could happen before
hostapd has processed EAPOL-Key msg 4/4 and especially with UML
time-travel, this could result in the following FT protocol exchange
going through in a manner that makes the hostapd process EAPOL-Key msg
4/4 from the first association as a postponed EAPOL RX at the beginning
of the second association. Avoid this by waiting hostapd to report
completion of the connection before issuing RECONNECT.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-24 21:16:23 +02:00
Jouni Malinen
c0f3ee475b tests: FT-SAE with PWE default and with H2E
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-24 21:16:23 +02:00
Jouni Malinen
6298673ff3 tests: Prepare rsn_ie_proto_ft_psk_sta for implementation change
This PMKID replacement case is not going to prevent connection after a
change in wpa_insert_pmkid() so remove it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-24 21:16:23 +02:00
Jouni Malinen
2636362717 tests: Make nfc_wps_handover_init more robust
Data connectivity test could have been started in the middle of 4-way
handshake. This test case needs to wait for two STA connections before
starting the connectivity test since the first one is only for the
provisioning step.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-23 20:19:03 +02:00
Jouni Malinen
f94e677d33 tests: DPP exchange when driver uses a separate P2P Device interface
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-23 11:20:17 +02:00
Jouni Malinen
dbdd445d33 tests: Make DPP text cases more robust for DPP-TX event processing
The previous waits were matching both DPP-TX and DPP-TX-STATUS and if
the latter event was received, the test cases would either report
failure or would not really test what was supposed to be verified. Fix
this by waiting explicitly for "DPP-TX " to avoid matching
"DPP-TX-STATUS" prefix.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-22 23:33:21 +02:00
Jouni Malinen
bf97c1a34e tests: FILS SK/ERP and roaming with different AKM
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-22 18:33:43 +02:00
Jouni Malinen
534d36210b tests: Make fils_sk_auth_mismatch more robust
Wait STA connection to be completed in hostapd before testing
connectivity. This avoids a possible race condition that could be hit
especially when testing with UML time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-22 17:20:33 +02:00
Brian Norris
e6d3aca9cf WPS: Add prefixes to public event_* functions
openssl engines may dynamically load external libraries. Our event_*()
functions happen to be named very generically, such that event_add()
collides with the libevent library (https://libevent.org/). This can
have disastrous effects (esp. when using CONFIG_WPA_TRACE, which enables
partial linking) when our SSL engines call into the WPS event_add()
instead of their intended libevent event_add().

Resolve this by providing a more unique prefix to these functions.

Rename performed via:

  sed -i -E \
    's:\<event_(add|delete_all|send_all_later|send_stop_all)\>:wps_upnp_event_\1:g' \
     $(git grep -l event_)

Tested via (among other things) hwsim '-f ap_wps' module.

Signed-off-by: Brian Norris <briannorris@chromium.org>
2019-12-22 11:24:28 +02:00
Brian Norris
e371d3771c tests: OWE: allow hex integers from tshark
Old versions of tshark would dump these values as hex. Allow parsing as
either decimal or hex.

Signed-off-by: Brian Norris <briannorris@chromium.org>
2019-12-22 11:09:44 +02:00
Jouni Malinen
972edba185 tests: DPP connection status - association rejection
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-20 16:53:26 +02:00
Jouni Malinen
5ae5dd03d5 tests: Automatic channel selection with freqlist set
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-20 13:41:57 +02:00
Jouni Malinen
46cb161a81 tests: Clear IP configuration from sigma_dut explicitly
The 127.0.0.11/24 address that could have been left on the wlan0
interface resulted in some test case sequence failures. Fix this by
explicitly clearing that address when terminating sigma_dut.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-18 17:12:23 +02:00
Jouni Malinen
95337647aa tests: Make FILS+FT test cases more robust
Wait for hostapd to report completion of association before running the
data connectivity check.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-18 16:30:40 +02:00
Jouni Malinen
7327f0fa6f tests: Fix skipping of new sigma_dut test cases
start_sigma_dut() can raise an exception and as such, assigning a
variable to its return value within a try block does not work in this
manner when the result is supposed to be used in the finally statement.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-13 21:19:36 +02:00
Jouni Malinen
06540f232c tests: SAE H2E and RSNXE mismatch in EAPOL-Key msg 2/4 retries
The second round may use PMKSA caching, but AP will need to reject msg
2/4 in that case as well due to RSNXE mismatch.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-13 03:27:25 +02:00
Jouni Malinen
fb3ef06dde tests: sae_rejected_groups with and without sigma_dut
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 23:52:36 +02:00
Jouni Malinen
053ce8bff7 tests: OCE association in open network
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 02:00:26 +02:00
Jouni Malinen
326acce814 tests: sigma_dut controlled SAE association with group negotiation
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 01:59:06 +02:00
Jouni Malinen
2ca63f58b9 tests: sigma_dut controlled SAE H2E AP misbehavior with RSNXE
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 17:46:44 +02:00
Jouni Malinen
63585099d6 tests: SAE H2E and RSNXE mismatch in EAPOL-Key msg 3/4
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 17:46:44 +02:00
Jouni Malinen
49ac2466c3 tests: sigma_dut controlled SAE H2E misbehavior with RSNXE
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 14:00:23 +02:00
Jouni Malinen
250db2ab51 tests: SAE H2E and RSNXE mismatch (AP detecting)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 12:56:19 +02:00
Jouni Malinen
dedd8f336e tests: sigma_dut controlled SAE H2E misbehavior with rejected groups
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 00:51:40 +02:00
Jouni Malinen
90d84bc511 tests: SAE H2E and rejected groups indication (unexpected group)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 00:45:10 +02:00
Jouni Malinen
4d16d7cc8d tests: sigma_dut controlled SAE H2E misbehavior with looping forced
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-06 17:39:46 +02:00
Jouni Malinen
b1905c7d8e tests: SAE PWE derivation with H2E-only AP and STA forcing loop
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-06 17:28:52 +02:00
Jouni Malinen
4a667b01e6 tests: DPP bootstrapping via NFC URI record
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-05 12:37:51 +02:00
Jouni Malinen
2e58926ef3 tests: hostapd global control interface and per-interface events
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-02 16:35:03 +02:00
Jouni Malinen
dd8eb44eef tests: sae_pwe parameter in PSK-only-AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-29 00:13:08 +02:00
Jouni Malinen
ee27567198 tests: Clear sae_pwe at the end of sigma_dut test cases
sigma_dut does not clear sae_pwe value when the command line argument
"-2" is used, so we need to explicitly clear this from wpa_supplicant at
the end of the test case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-29 00:06:50 +02:00
Jouni Malinen
e0cd7172c2 tests: Advertise UTF-8 SSID in DPP-provisioned AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-28 16:39:09 +02:00
Jouni Malinen
ca6a2ac705 tests: DPP ssid_charset/ssid64
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-28 16:39:09 +02:00
Jouni Malinen
5632b07158 tests: sigma_dut control of SAE PWE
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-24 16:58:18 +02:00
Jouni Malinen
e8ccbef251 tests: Remove a multi-line test description
The previous description of wmediumd_scan_only_one used multiple lines
and that resulted in parallel-vm.py miscounting total number of test
cases. Fix that by getting rid of the newlines from the description.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-11-23 17:19:49 +02:00
Jouni Malinen
9dc07a1d55 tests: Fix 'unexpected exit' detection in parallel-vm.py
Now that parallel-vm.py is actually stopping VMs as soon as they are not
needed for retries, it is not really an unexpected exit to see a VM exit
while test cases remain in the queue as long as at least that many VMs
remain running. Get rid of confusing 'unexpected exit' status from the
UI in such cases.

Fixes: 4aaddecdd8 ("tests: Handle test retries through the same queue")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-11-23 17:09:56 +02:00
Jouni Malinen
81121319a9 tests: ap_hs20_cred_and_no_roaming_consortium to match implementation
Now that wpa_supplicant was modified to use NAI realm query even if
roaming_consortium is set, this test case is actually able to find a
match. Update it to avoid cause incorrect test failures.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-17 21:04:42 +02:00
Jouni Malinen
9c7ab4c5df tests: sigma_dut controlled AP and deauth commands
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-06 19:55:42 +02:00
Jouni Malinen
cf28cfc12e tests: D-Bus MACAddressRandomizationMask property Get/Set
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-10-27 19:50:22 +02:00
Jouni Malinen
4cab417af0 tests: DPP configuration saving
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-10-27 19:50:22 +02:00
Johannes Berg
dcafde0c32 tests: Add negative scan tests
There was a bug in wmediumd in that it didn't set the
frequency of frames, and thus they were always received
by mac80211_hwsim, regardless of channel it was on.

Add two tests that verify we only find a single instance
of an AP if we only have that one, and run this both with
and without wmediumd.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-10-27 19:50:22 +02:00
Jouni Malinen
f11157604c tests: Make wpas_mesh_pmksa_caching_ext more robust
Avoid race conditions in completing mesh group removal/re-addition steps
and starting connectivity check. It seemed to be possible to get to the
connectivity test in some cases before the mesh STA had rejoined the
mesh and completed key configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-10-27 16:20:19 +02:00
Jouni Malinen
46746fc170 tests: Additional SAE protocol testing
Check behavior with delayed/replayed SAE commit message.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-10-27 15:16:03 +02:00
Jouni Malinen
01b2cd6462 tests: SAE and authentication restarts with H2E/looping
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-25 19:29:53 +03:00
Jouni Malinen
7ab3510dad tests: Remove SAE H2E testing with group 26
This is in preparation of an implementation to to remove the alternative
SSWU path that was needed only for this particular group.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-25 19:29:53 +03:00
Jouni Malinen
71e276f90f tests: Fix copy-paste issues in SAE H2E group tests
These test cases were all using group 21 even though they were supposed
to go through all the possible groups.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-25 19:29:53 +03:00
Pradeep Kumar Chitrapu
0a809529d0 tests: HE AP Functionality
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
2019-10-25 19:29:53 +03:00
Jouni Malinen
360d8d4e3c tests: Make ap_ft_ap_oom4 more robust against compiler optimizations
It looks like the wpa_auth_get_seqnum() function might not always be
visible in the backtrace since the compiler may optimize that wrapper
away. Use the i802_get_seqnum() function instead as a trigger for the
get_seqnum operation failure trigger to avoid this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-10-19 00:45:57 +03:00
Jouni Malinen
30628e0d2d tests: WPA2-PSK-FT-SAE AP (H2E)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-18 15:33:14 +03:00
Jouni Malinen
3fa701b5ce tests: SAE PWE derivation methods
Verify behavior with sae_pwe configuration values 0..2, i.e., test the
new hash-to-element mechanism for deriving PWE and negotiation for which
method to use.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-15 15:39:22 +03:00
Jouni Malinen
960cfee506 tests: PMF AP sending valid deauth/disassoc without dropping SA
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-11 18:18:43 +03:00
Jouni Malinen
34a9cd8ffa tests: WPA2-PSK PMF AP dropping SA
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-11 17:53:04 +03:00
Jouni Malinen
131c2600f4 tests: sigma_dut DPP TCP Enrollee as initiator
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-11 13:27:49 +03:00
Jouni Malinen
377d5f7cc2 tests: sigma_dut DPP TCP Configurator (Controller) as responder
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-11 13:07:39 +03:00
Jouni Malinen
d905c8f7a7 tests: sigma_dut controlled SAE association with PMKID
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-10 16:21:10 +03:00
Jouni Malinen
4dda07ba98 tests: sigma_dut controlled AP with SAE Confirm immediate
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-10 15:56:01 +03:00
Jouni Malinen
8a9658dbb5 tests: SAE and AP sending Confirm message without waiting STA
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-10 15:42:11 +03:00
Jouni Malinen
656b07c189 tests: sigma_dut DPP/QR responder status query
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-04 17:03:47 +03:00
Jouni Malinen
1743ddce76 tests: sigma_dut DPP AP as Relay to Controller
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-04 16:33:36 +03:00
Jouni Malinen
b472fe2973 tests: Update server and user certificates (2019)
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases. This contains updates from running
tests/hwsim/auth_server/update.sh.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-04 16:03:04 +03:00
Jouni Malinen
cefcbcdba4 tests: sigma_dut with DPPConfIndex 9 and 10
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-01 14:21:51 +03:00
Jouni Malinen
be907f7220 tests: SAE in wpa_supplicant AP mode
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-21 16:30:40 +03:00
Jouni Malinen
d0d303ae91 tests: MBO and WPA2 without PMF on misbehaving AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-21 12:56:19 +03:00
Jouni Malinen
c532abb158 tests: Automatic channel selection with invalid chanlist
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-19 12:14:04 +03:00
Jouni Malinen
1f8fc6bebb tests: Fix p2p_stop_find() calls in discovery
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-19 00:21:47 +03:00
Jouni Malinen
11bbb7ecb8 tests: DPP MUD URL
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-19 00:21:47 +03:00
Jouni Malinen
91a0703157 tests: Layer 2 Update frame behavior in mac80211
This verifies mac80211 behavior for Layer 2 Update frame use and other
unexpected frames from a not fully authentication station.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-17 12:39:03 +03:00
Jouni Malinen
9840532377 tests: PMF and Data frame injection
Verify driver/mac80211 behavior for unexpected A2 in Data frames.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-17 12:39:01 +03:00
Jouni Malinen
1ccde13b86 tests: Extend ap_pmf_inject_auth coverage for addresses/frames
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-17 12:38:15 +03:00
Jouni Malinen
c404cd8c7d tests: Avoid race conditions in couple of Hotspot 2.0 test cases
Wait hostapd to complete key setup before asking it to send a frame that
may need PMF. This is needed especially with UML time-travel.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-16 18:09:54 +03:00
Jouni Malinen
b256d9393d tests: DPP2 connection status result
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-16 17:25:34 +03:00
Jouni Malinen
530b31ea88 tests: Fix DPP wait_auth_success() check for Configurator success
This looked like a copy-paste error in the event message check and once
that was fixed, couple of test cases needed fixes to expect a success
from the Configurator.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-15 17:01:59 +03:00
Jouni Malinen
018edec9b2 Remove IAPP functionality from hostapd
IEEE Std 802.11F-2003 was withdrawn in 2006 and as such it has not been
maintained nor is there any expectation of the withdrawn trial-use
recommended practice to be maintained in the future. Furthermore,
implementation of IAPP in hostapd was not complete, i.e., only parts of
the recommended practice were included. The main item of some real use
long time ago was the Layer 2 Update frame to update bridges when a STA
roams within an ESS, but that functionality has, in practice, been moved
to kernel drivers to provide better integration with the networking
stack.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-11 13:11:03 +03:00
Jouni Malinen
d2d444deef tests: Remove IAPP test case
This is in preparation for removal of the full IAPP functionality from
hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-11 12:30:28 +03:00
Mikael Kanstrup
97d2d7ac1a tests: WPS MAC address change
Verify that MAC address of WPS M1 message use correct address
after address change.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
2019-09-09 16:56:00 +03:00
Jouni Malinen
7d2ed8bae8 Remove CONFIG_IEEE80211W build parameter
Hardcode this to be defined and remove the separate build options for
PMF since this functionality is needed with large number of newer
protocol extensions and is also something that should be enabled in all
WPA2/WPA3 networks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-08 17:33:40 +03:00
Jouni Malinen
70990138ec tests: EAP-TEAP with inner EAP-MSCHAPv2 user and EAP-TLS machine credentials
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-01 17:19:43 +03:00
Jouni Malinen
e0ee87c706 tests: Too many EAP roundtrips (server)
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-01 17:19:35 +03:00
Jouni Malinen
81d0759cba tests: Hotspot 2.0 open OSU association
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-30 15:25:07 +03:00
Jouni Malinen
65e2eb6e74 tests: Make nfc_wps more robust by avoiding race conditions
The hostapd side operations and data connectivity test were executed
without explicitly waiting for hostapd to report connection as having
been completed. This could result in trying to transmit data before
EAPOL-Key msg 4/4 was processed especially when using UML time-travel.
Make this more robust by waiting for hostapd to be ready before the data
test.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-24 22:52:52 +03:00
Jouni Malinen
12de149071 tests: Fix ap_ft_reassoc_replay for case where wlantest has the PSK
This test case was failing if wlantest was able to decrypt the CCMP
protected frames. Fix the tshark filter string to include only the
actually encrypted frames for PN comparison.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-24 19:20:40 +03:00
Jouni Malinen
818ee96d58 tests: EAP-TEAP with user and machine credentials
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-24 17:02:54 +03:00
Jouni Malinen
f380464257 tests: Remove unnecessary "config exists" debug prints from build.sh
This is the common case and these prints do not really help and just
make the output from build.sh less clear.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-24 12:18:40 +03:00
Jouni Malinen
f3c188fa7d tests: Import helper functions directly from utils.py
These were moved from test_sae.py to utils.py, so import them from the
correct location instead of through test_sae.py that imports them from
utils.py.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-24 12:11:53 +03:00
Jouni Malinen
dbddbf1647 tests: Configure wlantest for FT+PMF test cases
It is useful to get the encrypted frames decrypted in the sniffer
capture for these test cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-22 22:13:02 +03:00
Jouni Malinen
4619dc0607 tests: EAP-TEAP with machine username/password credential
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-20 13:24:14 +03:00
Jouni Malinen
0b39274ca3 tests: Update authsrv_oom to match implementation changes
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-20 02:59:06 +03:00
Jouni Malinen
10e105230a tests: EAP-TEAP Identity-Type
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-20 02:13:22 +03:00
Jouni Malinen
d11c41bb75 tests: sigma_dut controlled SAE association and FT-over-DS
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-20 00:15:20 +03:00
Jouni Malinen
5a7af3a32c tests: sigma_dut controlled AP FT-PSK (over-DS)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-19 23:54:29 +03:00
Jouni Malinen
a5ffe45908 tests: Make mbo_cell_capa_update_pmf more robust
Wait for hostapd to report completion of connection so that the WNM
Notification Request frame does not get sent before the AP has processed
EAPOL-Key msg 4/4 and configured the TK. This could result in a race
condition especially when testing using UML with time-travel.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-19 17:22:41 +03:00
Jouni Malinen
35337b448a tests: sigma_dut and initial UOSC with TOD-STRICT/TOFU
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-19 16:57:55 +03:00
Jouni Malinen
e6edadba86 tests: ap_wpa2_eap_too_many_roundtrips to use shorter fragment
This is needed with the increased maximum EAP round limit since the
server side sends out longer messages in this exchange and that prevent
the short message limit from being reached.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-18 17:46:34 +03:00
Jouni Malinen
0bcd9839bf tests: Update authsrv_oom match changed implementation
Need to take into account the additional memory allocation within
radius_server_init().

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-18 17:40:31 +03:00
Jouni Malinen
8315c1ef5b tests: Vendor EAP method in Phase 2
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-17 16:18:33 +03:00
Jouni Malinen
542913943e tests: EAP-TEAP and separate message for Result TLV
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-17 00:08:47 +03:00
Jouni Malinen
263c0cbdc0 tests: sigma_dut with TOD-TOFU
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-16 16:40:36 +03:00
Jouni Malinen
b02f0f88fb tests: TOD-TOFU policy reporting
Also rename the previously added test case to use the TOD-STRICT name
for the earlier policy OID.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-16 16:40:36 +03:00
Jouni Malinen
eec147dccb tests: Update RSA 3k certificates before the previous ones expire
In addition, update the generation script to allow convenient update of
the server and user certificates without having to generate new keys.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-16 16:40:36 +03:00
Jouni Malinen
b1dfe96ae1 tests: Add a server certificate with TOD-TOFU policy
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-16 16:40:36 +03:00
Jouni Malinen
30998360a1 tests: Additional FT with PMF required testing coverage
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-16 13:55:26 +03:00
Jouni Malinen
b6fe6e8b5a tests: SAE and PMKSA caching (PMKID in AssocReq after SAE)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-14 17:51:31 +03:00
Sven Eckelmann
d1fcf34cb5 tests: Fix wlan.mesh.config.cap workaround for test_wpas_mesh_max_peering
The wlan.mesh.config doesn't have to be the last element of beacon. Things
like VHT or HE oper/cap are usually follow the mesh configuration element.

The workaround must first get the position of a correct reference value in
wlan.mesh.config (ps_protocol) and then calculate the correct
wlan.mesh.config.cap offset based on that.

Reported-by: Johannes Berg <johannes@sipsolutions.net>
Fixes: 2cbaf0de22 ("tests: Work around tshark bug in wpas_mesh_max_peering")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2019-08-13 13:57:50 +03:00
Jouni Malinen
ba2d5f3642 tests: DPP network introduction with expired netaccesskey
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:45:43 +03:00
Jouni Malinen
ed98d4d719 tests: SAE dot11RSNASAESync
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00
Jouni Malinen
4c9376ef7a tests: OCE AP
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00
Jouni Malinen
63a792a7c5 tests: WPS registrar configuring an AP using preconfigured AP password token
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00
Jouni Malinen
a14e266dff tests: HE AP parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00
Jouni Malinen
d23362a679 tests: OCV on 2.4 GHz with PMF getting enabled automatically
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00
Jouni Malinen
2d53b0c3d2 tests: acs_exclude_dfs=1
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00
Jouni Malinen
c6ab7b55a6 tests: FT RKH parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00
Jouni Malinen
5916637cf2 tests: FT PMK-R0/R1 expiration
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00
Jouni Malinen
6379bd6acf tests: Server checking CRL with check_crl_strict=0
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00
Jouni Malinen
ce30a79a14 tests: private_key_passwd2 in hostapd configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00
Jouni Malinen
09839cab75 tests: Additional hostapd configuration parser coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00
Jouni Malinen
aa8ea7abc9 tests: Additional dpp_controller parsing coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-10 18:45:37 +03:00
Jouni Malinen
161f1d5d7c tests: Additional sae_password parsing coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-10 18:37:54 +03:00
Jouni Malinen
3bfa7f798b tests: Additional tls_flags coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-10 17:22:32 +03:00
Jouni Malinen
8d231c5e3b tests: Additional operator_icon parsing coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-10 17:06:40 +03:00
Jouni Malinen
a32f4c226d tests: Additional osu_nai2 parsing coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-10 17:04:27 +03:00
Jouni Malinen
c805a7aeb7 tests: Additional venue_url parsing coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-10 17:02:10 +03:00
Jouni Malinen
95b493dc40 tests: Additional eap_user_file parsing coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-10 16:35:11 +03:00
Jouni Malinen
3d276ba530 tests: Additional vlan_file parsing coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-10 16:16:29 +03:00
Jouni Malinen
d1fb06c947 tests: Check wait_event argument type
It was clearly too easy to get unexpected behavior by accidentially
passing in a string instead of a list of strings to these functions, so
enforce the correct type to notice such issues automatically.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-07 12:57:22 +03:00
Jouni Malinen
12c5c2404e tests: Fix ap_vht_csa_vht40 to use list of events with wait_event()
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-07 12:57:22 +03:00
Jouni Malinen
0e2605b948 tests: Fix concurrent_autogo_crossconnect to use list of events with wait_event()
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-07 12:57:22 +03:00
Jouni Malinen
79b44113ec tests: Fix ap_vht_csa_vht40_disable to use list of events with wait_event()
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-07 12:57:22 +03:00
Jouni Malinen
d371f0cbbf tests: Fix eap_proto_otp to use list of events with wait_event()
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-07 12:57:22 +03:00
Jouni Malinen
c4a9610e8f tests: Fix hostapd.wait_sta()
wait_event() expects a list of events instead of a single event name.
The previous implementation of wait_sta() did not really wait for
AP-STA-CONNECT; instead, it returned the next event from hostapd
regardless of what that event was.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-07 12:36:36 +03:00
Jouni Malinen
aeb7ab8edb tests: Additional EAP-TEAP coverage
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-07 01:19:00 +03:00
Jouni Malinen
9b2b99c550 tests: Additional EAP-SAKE local error case coverage
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-07 00:10:26 +03:00
Jouni Malinen
3948417305 tests: Additional EAP-GPSK local error case coverage
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-07 00:04:45 +03:00
Jouni Malinen
83d5e334b1 tests: Additional EAP-EKE local error case coverage
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-06 23:59:06 +03:00
Jouni Malinen
b4928ff9cb tests: DPP Controller RX error cases
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-06 21:02:12 +03:00
Jouni Malinen
161490906a tests: DPP TCP failure cases
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-06 20:22:44 +03:00
Jouni Malinen
d137275131 tests: Remove openssl header files from code coverage report
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-06 13:21:56 +03:00
Jouni Malinen
d22f090245 tests: Wait after rekeying a bit before running connectivity test
The AP side may not have had enough time to configure the new TK into
the driver if the connectivity test is started immediately after the
station side event.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-05 13:49:15 +03:00
Jouni Malinen
f13de00b89 tests: Wait for AP side connection event before disconnecting
This makes the test cases more robust especially when testing with UML
time travel.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-05 13:47:08 +03:00
Jouni Malinen
938c6e7b3d tests: Wait for AP-STA-CONNECT before running connectivity test
When going through 4-way handshake, the station side reports
CTRL-EVENT-CONNECTED after having sent out EAPOL-Key msg 4/4. The AP
side reports AP-STA-CONNECT after having completed processing of this
frame. Especially when using UML with time travel, it is possible for
the connectivity test to be started before the AP side has configured
the pairwise TK if the test is triggered based on CTRL-EVENT-CONNECTED
instead of AP-STA-CONNECT.

Add explicit wait for AP-STA-CONNECT in some of these cases to reduce
likelihood of reporting failures for test cases that are actually
behaving as expected. This shows up with "dev1->dev2 unicast data
delivery failed" in the test log.

Do the same before requesting reauthentication from the station side
since that has a similar issue with the EAPOL-Start frame getting
encrypted before the AP is ready for it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-05 00:10:32 +03:00