Commit graph

3056 commits

Author SHA1 Message Date
Jouni Malinen
524b963c6c tests: Mark OSU BSS explicitly in sigma_dut_ap_hs20
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-09 18:10:28 +02:00
Jouni Malinen
db368b2e13 tests: ap_hs20_osen to test group cipher selection in SME case
Go through the group cipher selection in both the wpa_supplicant and
driver SME cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-09 18:09:34 +02:00
Jouni Malinen
b583907b53 tests: Use more correct OSU_METHOD value in sigma_dut_ap_hs20
The OSU Providers List includes two providers, so there should be two
OSU_METHOD values listed just like there was two OSU_SERVER_URI URLs.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-06 02:04:09 +02:00
Jouni Malinen
4902eb04b1 tests: Use bridge in sigma_dut_ap_eap_osen
This is needed to allow sigma_dut to enable ap_isolate=1. In addition,
verify that the two associated STAs with RSN(EAP) and OSEN cannot
exchange frames between them.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-06 00:46:23 +02:00
Jouni Malinen
e7869a664a tests: sigma_dut AP configuration for Hotspot 2.0
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-01 17:10:40 +02:00
Jouni Malinen
21895884ea tests: WNM Collocated Interference Reporting
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-30 14:07:51 +02:00
Andrei Otcheretianski
1d914d01d8 tests: Make autogo_interworking test more robust
P2P related configuration should be done on a global control interface.
This way this test can be reused also when a dedicated P2P device
interface is used.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2018-10-20 11:33:07 +03:00
Jouni Malinen
c3da381526 tests: AP Channel Switch and DISABLE command before completion
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-19 21:26:03 +03:00
Jouni Malinen
2cbaf0de22 tests: Work around tshark bug in wpas_mesh_max_peering
It looks like tshark parser was broken at some point for
wlan.mesh.config.cap which is now (tshark 2.6.3) pointing to incorrect
field (same as wlan.mesh.config.ps_protocol). This used to work with
tshark 2.2.6.

For now, assume the capability field ends up being the last octet of the
frame.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-17 12:33:11 +03:00
Jouni Malinen
e384b156dc tests: Update tshark wlan_mgmt compatibility code for new version
It looks like at least tshark 2.6.3 uses a different error message for
unknown display filter fields:
tshark: Neither "wlan_mgt.fixed.category_code" nor "4" are field or protocol names.
and a different status exit code (2 instead of 1).

Add a new handler for this combination to allow automatic wlan_mgt to
wlan conversion to happen.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-10-16 18:21:07 +03:00
Andrei Otcheretianski
16b5413f2b tests: Make ap_reconnect_auth_timeout test more robust
This test starts two identical APs and assumes a connection to the first
one, though it is not necessary true. Fix that by starting the second AP
only after the connection is established.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2018-10-16 12:49:11 +03:00
Jouni Malinen
ad369d77ba tests: ap_vht_csa_vht40 to check for unexpected disconnection
This test case had an error that hit an unexpected disconnection. Add an
explicit check to verify that this does not happen anymore.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-10-16 12:44:48 +03:00
Andrei Otcheretianski
7b1adf2cba tests: Fix ap_vht_csa_vht40 test
The channel configuration in CHAN_SWITCH command was incorrect. This
resulted in switching to HT40+ channel, while announcing HT40- in the
secondary channel IE. This caused a disconnection after the channel
switch. Fix that.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2018-10-16 12:44:32 +03:00
Jouni Malinen
02342a2a2a tests: WMM advertisement parameter change
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-10-16 12:30:57 +03:00
Jouni Malinen
182a0b4dae tests: EAP-pwd local error case in eap_pwd_perform_confirm_exchange()
This is a regression test case for a memory leak on these error paths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-10-16 12:22:58 +03:00
Jouni Malinen
30a67736dc tests: VHT with 80 MHz channel width reconfigured to 2.4 GHz HT
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-16 00:51:21 +03:00
Jouni Malinen
349c49bac4 tests: OWE group negotiation with PMF
Verify that PMF does not end up reporting unexpected status code 30
(temporary rejection; SA Query).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-16 00:33:20 +03:00
Jouni Malinen
97e27300f4 tests: Maximum number of cred roaming_consortiums
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-10-14 20:48:32 +03:00
Jouni Malinen
c481e1cbb7 tests: SAE and MFP enabled without sae_require_mfp
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-10-14 20:14:30 +03:00
Jouni Malinen
4816bd3b22 tests: OWE transition mode and need for multiple scans
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-12 19:59:26 +03:00
Jouni Malinen
44fa13b17f tests: SSID with 32 octets with nul at the end
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-11 12:12:30 +03:00
Jouni Malinen
6bf62f7fc4 tests: OSU Providers NAI List ANQP-element
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-05 20:54:40 +03:00
Jouni Malinen
1dd66fc103 tests: Update server and user certificates (2018)
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-10-04 01:16:55 +03:00
Jouni Malinen
953f689391 tests: Test connectivity within each step of FILS+FT
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-04 00:31:48 +03:00
Jouni Malinen
0fa415a835 tests: Suite B and PMKSA caching multiple times
This verifies that wpa_supplicant and hostapd behave consistently with
PMKSA caching when Suite B AKMs end up deriving a new PMKID from each
4-way handshake.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-27 11:43:58 +03:00
Jouni Malinen
f1e2d38166 tests: DPP_CONFIGURATOR_ADD error path
This is a regression test case for a memory leak on DPP_CONFIGURATOR_ADD
error path in dpp_keygen_configurator() when an unsupported curve is
specified.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-21 21:39:34 +03:00
Jouni Malinen
d7e35c4e29 tests: Enable Suite B test cases with OpenSSL 1.1.1
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-17 17:52:38 +03:00
Jouni Malinen
31157568f2 tests: sigma_dut controlled Hotspot 2.0 connection
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-15 05:17:54 +03:00
Jouni Malinen
dc60d5643a tests: sigma_dut controlled Venue URL fetch
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-15 05:17:54 +03:00
Jouni Malinen
bb2c25d0dc tests: Venue URL ANQP-element with PMF
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-15 05:17:54 +03:00
Jouni Malinen
40d514ec64 tests: Hotspot 2.0 OSU provider and single SSID
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-12 03:49:16 +03:00
Jouni Malinen
0beb6c2f50 tests: sigma_dut controlled AP with OSEN
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-12 02:26:11 +03:00
Jouni Malinen
2697e85ea9 tests: DPP group_id parameter
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-30 23:34:37 +03:00
Jouni Malinen
add3c2a1bf tests: FILS SK ERP and ERP flush on server, but not on peer
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-24 16:27:34 +03:00
Jouni Malinen
1d9babdaa0 tests: HT40 disabling
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-21 19:07:53 +03:00
Jouni Malinen
307324bf79 tests: AP with WEP and external ifconfig down
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-21 18:50:55 +03:00
Jouni Malinen
c773c7d5dd tests: WPA2-PSK/TKIP and MIC=0 in msg 3/4
Verify that unauthenticated EAPOL-Key message does not get decrypted.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-08-08 16:51:35 +03:00
Jouni Malinen
2133a7cd7d tests: Check both FT and non-FT connections in ap_hs20_ft
Verify that the automatically generated network profile is able to
connect to a non-FT network automatically after having used FT for the
first connection.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-03 00:40:51 +03:00
Jouni Malinen
0a3742950e tests: Extend eap_proto_aka_prime to cover additional AT_KDF cases
Verify that EAP-AKA' client rejects Challenge with an appended AT_KDF
and a modified AT_KDF value during KDF negotiation.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-02 15:36:24 +03:00
Jouni Malinen
63add34eb0 tests: sigma_dut with various AP KeyMgnt values
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-01 18:45:53 +03:00
Jouni Malinen
f5dd150aac tests: OSEN with two group ciphers allowed on client side
This verifies the new default behavior for OSEN in Single SSID capable
devices.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-07-31 00:33:08 +03:00
Jouni Malinen
686ca5c45b tests: Verify T&C Server URL generation result
Check that the @1@ macro gets replaced correctly both when in the middle
and when in the end of the URL template.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-07-31 00:21:59 +03:00
Jouni Malinen
6ccab679c2 tests: ap_hs20_terms_and_conditions_sql to test DAC_REQUEST
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-22 19:37:18 +03:00
Jouni Malinen
d7b60f7a9e tests: Check current_sessions in ap_hs20_terms_and_conditions_sql
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-22 19:37:10 +03:00
Jouni Malinen
ed83029c29 tests: Move hs20_t_c_server_url parameter from AP to AS
This is needed with the modified hostapd implementation to fix the
ap_hs20_terms_and_conditions* test cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-21 20:52:54 +03:00
Jouni Malinen
e6f8042d17 tests: hs20-osu-client testing for PPS MO parsing
This adds a mechanism to allow hs20-osu-client set_pps command to be
tested with PPS MO files.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-21 19:18:54 +03:00
Jouni Malinen
db856f47ef tests: Fix mbo_supp_oper_classes with new regdb
Change country code KZ to SY for the 2.4 GHz only case since 5 GHz rules
were added for KZ.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-20 15:23:50 +03:00
Jouni Malinen
e96fa19753 tests: Add more details on sae_bignum_failure logs
It is easier to understand the hostapd debug log here if each step is
noted there before starting the wpa_supplicant operation. In addition,
it looks safer to process all pending event messages between each step
to avoid running out of any buffer limits.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-20 13:07:38 +03:00
Jouni Malinen
b1e1187744 tests: sigma_dut controlled AP with EAP+OSEN
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-19 00:39:42 +03:00
Jouni Malinen
2403edb8fd tests: P2P and avoid frequencies driver event on 5 GHz
This test case verifies that wpa_supplicant is able to perform CSA to a
VHT80 channel when having to move the GO due to an avoid-frequencies
driver event.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-18 20:11:52 +03:00
Jouni Malinen
25bd4e7beb tests: Associated STA indicating 40 MHz intolerant and hostapd deinit
This is a regression test for a forgotten ap_ht2040_timeout() eloop
timer callback on AP interface removal.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-12 21:47:43 +03:00
Jouni Malinen
fe102801f6 tests: SAE reauthentication
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-06 23:59:46 +03:00
Jouni Malinen
ffcaca68d3 tests: FT with different BIP algorithms
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 21:50:36 +03:00
Jouni Malinen
2842987879 tests: FILS+FT with SHA384
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 21:50:36 +03:00
Jouni Malinen
c52626489a tests: Split ap_ft_ap_oom7 into separate test cases
The implementation changes in hostapd FT error path handling in the
follow commit would result in ap_ft_ap_oom7 test case failing. This is
triggered partially by PMF protections and SA Query attempts, so it
looks like it is easier to split each failure case into a separate test
case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 21:50:01 +03:00
Jouni Malinen
55b3cda775 tests: FT-EAP-SHA384
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 20:16:37 +03:00
Jouni Malinen
925584689b tests: ERP enabled on RADIUS server and peer using EAP-TLS v1.3
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-01 17:53:10 +03:00
Jouni Malinen
13f69792b0 tests: Update mesh_oom to match implementation change
The initial direct allocation within wpa_supplicant_mesh_init() was
removed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-31 16:14:28 +03:00
Jouni Malinen
5fb016a219 tests: WNM Time Advertisement without time zone configuration
This is a regression test for a segfault in hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-31 12:55:49 +03:00
Jouni Malinen
64224d5871 tests: Hotspot 2.0 OSEN-single-SSID connection
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-29 23:34:22 +03:00
Jouni Malinen
5e597ed9f0 tests: EAP-pwd with salted passwords
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-28 22:15:20 +03:00
Jouni Malinen
b30639b77e tests: Adjust eap_proto_pwd_errors to match implementation changes
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-28 22:09:20 +03:00
Jouni Malinen
62566bc23d tests: WPA2-EAP-FT AP changing from 802.1X-only to FT-only
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-21 22:24:36 +03:00
Jouni Malinen
9a0ae89d62 tests: SAE with Password Identifier
This verifies SAE Password Identifier functionality in both the
infrastructure and mesh BSS cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-19 17:30:29 +03:00
Jouni Malinen
6bf7a54754 tests: Brainpool curves in ap_wpa2_eap_pwd_groups with OpenSSL 1.1.x
The OpenSSL version check should not have been limited to 1.0.2 only.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-17 22:03:25 +03:00
Jouni Malinen
27fa11615b tests: Additional VHT channel switch testing
Enable/disable VHT with CHAN_SWITCH.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-16 01:16:54 +03:00
Jouni Malinen
79467d74fd tests: Fix dbus_tdls_channel_switch with missing kernel support
Check driver capabilities in the D-Bus TDLS case similarly to the
non-D-Bus cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-15 00:38:13 +03:00
Jouni Malinen
23c024b9c1 tests: Do not fail if driver supports power saving
Couple of "invalid value" tests started to fail now that mac80211_hwsim
actually accepts power save configuration. Fix these by running the same
command for more code coverage, but in a way that ignores the result of
the operation (succeeds with older kernel versions and fails with
newer).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-04 23:56:32 +03:00
Jouni Malinen
f98fdc4e4b tests: wpa_supplicant STATUS output and ieee80211ac=1
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-04 20:19:17 +03:00
Jouni Malinen
585e728a5c tests: Skip OCSP tests with wolfSSL
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-02 13:32:51 +03:00
Sean Parkinson
f08362e9ce tests: Use same certificates as used for GnuTLS with wolfSSL
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 00:37:57 +03:00
Sean Parkinson
7d5df79f2d tests: Use a valid key exchange value in eap_proto_ikev2
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 00:37:38 +03:00
Jouni Malinen
832b736fb2 tests: Add TLS v1.3 into ap_wpa2_eap_tls_versions
When running with OpenSSL 1.1.1, verify that EAP-TLS can be used with
TLS v1.3.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 22:13:38 +03:00
Jouni Malinen
1150d0756a tests: Enable TLS v1.3 explicitly in the authentication server
For testing purposes, enable TLS v1.3 in the authentication server so
that the protocol version can be controlled from wpa_supplicant side
more easily.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 22:13:38 +03:00
Jouni Malinen
0d34c13a72 tests: Ignore openssl_cipher_suite_config_hapd failure (OpenSSL 1.1.1)
It looks like OpenSSL 1.1.1 accepted the openssl_ciphers=FOO test
configuration or well, at least does not reject it like previous
versions did. For now, ignore this failure.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 22:13:38 +03:00
Jouni Malinen
a61ee84d0c tests: Fix ap_wpa2_eap_fast_cipher_suites with OpenSSL 1.1.1
RC4-SHA cipher case ended up allowing the handshake to be started just
to fail with "no ciphers available" when trying to generate ClientHello.
Fix this by handling an EAP failure case for the RC4-SHA test step with
OpenSSL 1.1.*.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 13:23:25 +03:00
Jouni Malinen
edc4374ef5 tests: pending_tc table check for HS 2.0 Terms and Conditions
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-30 20:19:32 +03:00
Jouni Malinen
6444b08cea tests: Hotspot 2.0 Terms and Conditions using SQLite for user DB
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-26 17:56:22 +03:00
Jouni Malinen
045c7c6817 tests: Hotspot 2.0 Terms and Conditions signaling - CoA
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-25 12:57:46 +03:00
Jouni Malinen
0f7fc6b98d tests: Hotspot 2.0 Terms and Conditions signaling
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-24 00:35:47 +03:00
Jouni Malinen
c3d45e130a tests: WDS STA interface events and STA command output
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-24 00:35:47 +03:00
Jouni Malinen
24b5b786e6 tests: WPA2-PSK/GCMP/CCMP ciphers
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-24 00:35:47 +03:00
Andrei Otcheretianski
440e9f0bbe tests: Async. AP setup failure with wpa_supplicant
Verify that the AP initialization failure is reported back to
wpa_supplicant also when the initialization is complete in a callback.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2018-04-20 00:50:25 +03:00
Jouni Malinen
ad5704631a tests: roaming_consortium_selection
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-18 01:12:23 +03:00
Jouni Malinen
ce952ebda0 tests: Hotspot 2.0 connection based on roaming_consortiums match
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-17 17:26:56 +03:00
Jouni Malinen
53fa04e197 tests: wpa_supplicant cred roaming_consortiums parsing/writing
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-17 16:40:47 +03:00
Jouni Malinen
be5acc3884 tests: Hotspot 2.0 operator icons
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-17 16:40:47 +03:00
Jouni Malinen
f75ed521a5 tests: wpa_supplicant secure mesh using sae_password
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-04-13 12:09:33 +03:00
Jouni Malinen
e5b0b58bfa tests: DPP and SAE AKMs
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-12 21:14:33 +03:00
Jouni Malinen
3dfccf7c09 tests: sigma_dut DPP/QR initiator as Enrollee (SAE)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-10 21:41:58 +03:00
Jouni Malinen
fa617ee6a0 tests: SAE and PSK enabled in wpa_supplicant network profile
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-04-09 19:34:44 +03:00
Jouni Malinen
9a0c472feb tests: Extend hostapd reload config test to cover wmm_enabled behavior
This is a regression test for default behavior for wmm_enabled on the
config reload path.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-06 23:32:31 +03:00
Michael Braun
d269740a3e tests: FT with CUI
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:09:16 +03:00
Michael Braun
473e51762d tests: FT-PSK with VLAN
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:01:16 +03:00
Michael Braun
e03822913d tests: Add a small sleep in FT run_roams()
time.sleep() in run_roams() is required because the target AP sets the
key once the station was associated. There are races, when the station
processes the (Re)Association Response frame AND the test suite starts
FT_DS before the AP processes its local confirmation and thus
wpa_auth_sm_event(ASSOC_FT). Therefore, the ActionFrame will be lost, as
the AP driver is missing the key.

Since this is this speed is highly synthetic, wait a few milliseconds
before roaming back.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:01:16 +03:00
Michael Braun
9c50a6d3a3 tests: FT-EAP with VLAN
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:01:16 +03:00
Jouni Malinen
20daa57b92 tests: RESEND_M3 and RESEND_GROUP_M1 with PMF in use
This covers an additional code path that has a bug in IGTK PN clearing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-04-01 21:42:49 +03:00
Jouni Malinen
5a30fcf573 tests: EAP-ERROR-CODE
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-03-31 12:02:25 +03:00
Jouni Malinen
c9aba19bd3 tests: WPA2-Enterprise connection using EAP-PSK after MAC address change
This is a regression test for a sequence where wpa_supplicant interface
MAC address is changed externally and the ifdown-ifup sequence is
processed only after the interface has already been set UP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-03-30 12:16:49 +03:00
Jouni Malinen
4ae39c121f tests: sigma_dut DPP protocol testing - Stop at TX on Initiator/Enrollee
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-30 10:44:38 +03:00
Jouni Malinen
f68caa35e3 tests: GAS/ANQP and Venue URL (hostapd venue_url)
Test the hostapd venue_url configuration parameter. In addition, fix the
previous defined gas_anqp_venue_url test case to use correct encoding of
the Venue URL ANQP-element payload (URLs were missing and Venue Number
was off-by-one).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-26 16:11:54 +03:00
Jouni Malinen
bf001e42bf tests: FILS SK using ERP and FT initial mobility domain association
Verify use of KCK2/KEK2 and new FTE MIC calculation with FT-FILS-SHA256.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-26 12:31:04 +03:00
Jouni Malinen
80da433507 tests: Overlapping BSS scan report handling no overlap
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-21 22:15:29 +02:00
Jouni Malinen
0c061630ad tests: DPP Configurator reconfiguration
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-16 20:56:05 +02:00
Jouni Malinen
c63e69c379 tests: DPP protocol testing - stop when transmitting Auth Conf
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-13 01:04:03 +02:00
Sean Parkinson
d8003dcba2 tests: Add support for wolfSSL cryptographic library
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-03-03 11:52:40 +02:00
Sean Parkinson
ff7affcc77 tests: Check PKCS#12 support in additional test cases
These test cases use PKCS#12, so skip them if the build does not include
support for it.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-03-03 11:52:40 +02:00
Sean Parkinson
ead550b9dd tests: Verify MSCHAPV2 support in eap_peap_session_resumption
This test case uses EAP-MSCHAPv2 within the PEAP tunnel, so verify that
the build includes support for that before running the test.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-03-03 11:52:40 +02:00
Jouni Malinen
adc5e37a02 tests: Suite B tests with BoringSSL
Enable appropriate Suite B test cases with BoringSSL. Currently, this
means enabling only the 192-bit level ECDSA and ECDHE-RSA since
BoringSSL has removed support for DHE and there is no need to support
128-bit level ECDSA anymore.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-19 17:38:40 +02:00
Jouni Malinen
007bf37e4b tests: Processing of truncated RSNE fields
Verify that truncated RSN Capabilities field and PMKIDCount field get
ignored.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-19 12:26:26 +02:00
Masashi Honma
ede4f68e0a tests: Fix Permission denied on Fedora
On Fedora 26, start.sh fails with these error messages.

Failed to connect to wpa_supplicant global interface: /tmp/wpas-wlan0  error: Permission denied
Failed to connect to wpa_supplicant global interface: /tmp/wpas-wlan0  error: Permission denied
...

This is because Fedora 26 uses "wheel" group as administrative group.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2018-02-17 18:56:38 +02:00
Vasyl Vavrychuk
2494bcef24 tests: Add option --dbus for logging D-Bus messages
Signed-off-by: Vasyl Vavrychuk <vvavrychuk@gmail.com>
2018-02-17 18:21:47 +02:00
Vasyl Vavrychuk
2e4707a0a7 tests: Document building of hostapd_cli for hwsim builds
This is used in the tests, too, and was already covered by the build.sh
script, but not this README file.

Signed-off-by: Vasyl Vavrychuk <vvavrychuk@gmail.com>
2018-02-17 18:15:31 +02:00
Jouni Malinen
57dc90e386 tests: wpa_supplicant AP mode - open network with client isolation
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-17 17:57:45 +02:00
Jouni Malinen
e51e49fccc tests: Fix dbus_set_global_properties failure if run twice
Clear the model_name parameter back to the default (empty string) at the
beginning and the end of dbus_set_global_properties to avoid failures if
the test case is run multiple times.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-17 17:41:57 +02:00
Jouni Malinen
50d7cdedae tests: Make dbus_p2p_discovery more robust
Ignore any unexpected deviceLost event before the peer devices has been
discovered. This works around issues where the previous test case
terminates before the D-Bus events have been fully delivered. This could
happen, e.g., when running dbus_p2p_discovery twice in a row.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-17 17:21:05 +02:00
Jouni Malinen
a8ec0b8ccc tests: sigma_dut controlled STA as DPP PKEX responder and error case
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-13 00:24:50 +02:00
Jouni Malinen
8f7a50a63e tests: MAC ACL accept/deny management
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-07 19:45:32 +02:00
Jouni Malinen
27a8d93b07 tests: Make dpp_qr_code_curve_select more robust
Wait for the configuration exchange to complete before issuing the
DPP_STOP_LISTEN command to avoid confusing sequence of operation between
the ongoing and immediately following DPP exchanges.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-07 17:09:20 +02:00
Jouni Malinen
4370ffc0c4 tests: DPP and PKEX on 5 GHz
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-07 16:58:52 +02:00
Jouni Malinen
fc031b7ea7 tests: Make owe_transition_mode_multi_bss more robust
Fix bssid2 value to make scanning more reliable for the second OWE BSS.
In addition, reorder the STA status checks to happen before the data
connectivity check to get more accurate failure reason into the log if
the test case fails.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-07 13:45:48 +02:00
Jouni Malinen
e129e6bd27 tests: sigma_dut DPP roles incompatible
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-06 22:08:21 +02:00
Jouni Malinen
3e3d634fa7 tests: Enable PMF in sigma_dut DPP tests
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-06 22:08:21 +02:00
Jouni Malinen
2fec710ac5 tests: Use PMF in DPP with legacy PSK/SAE cases
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-06 20:52:44 +02:00
Jouni Malinen
05e5c0e554 tests: Run owe test with PMF required
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-06 18:55:18 +02:00
Jouni Malinen
0dc3c5f2ee tests: WPA2-PSK-FT AP with PSK from a file
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-04 12:40:03 +02:00
Adiel Aloni
946ed13c98 tests: Enable device PS before sending PS-Poll
Linux kernel commit c9491367b759 ("mac80211: always update the PM state
of a peer on MGMT / DATA frames") enforces the AP to check only
mgmt/data frames PM bit, and to update station's power save accordingly.
When sending only a PS-Poll (control frame) the AP will ignore the PM
bit. As the result, the partial virtual bitmap will not be updated, and
the test ap_open_disconnect_in_ps will fail on tshark check. Since the
test needs only the TIM to be updated, setting PS enabled will send NDP
that will signal that the station is sleeping. Sending PS-Poll to enable
power save is not correct, according to the following standard
statement: "A PS-Poll frame exchange does not necessarily result in an
Ack frame from the AP, so a non-AP STA cannot change power management
mode using a PS-Poll frame."

Signed-off-by: Adiel Aloni <adiel.aloni@intel.com>
2018-02-04 12:06:11 +02:00
Jouni Malinen
3382224082 tests: SAE with connect command
This does not really work with mac80211_hwsim due to missing offload
support, but at least some minimal extra code coverage can be achieved.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-02 20:21:46 +02:00
Jouni Malinen
8f9d2b171f tests: Update DPP PKEX test vector parameters to match new tech spec
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-30 18:28:24 +02:00
Jouni Malinen
2d7aa8d575 tests: Make dpp_pkex_test_vector parameters clearer
This makes it a bit clearer to see which parameters need to be modified
if the test vector needs to be recreated based on new values.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-30 18:21:37 +02:00
Jouni Malinen
35818d3e07 tests: DPP using externally generated bootstrapping keys
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-29 13:23:19 +02:00
Jouni Malinen
af0c6e09e6 tests: OWE with PMF required and with open network selection
Verify that PMF can be marked required OWE networks and verify that a
station in transition mode can connect to an open network.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-21 11:13:01 +02:00
Jouni Malinen
b70a3fc169 tests: Add the EC root CA private keys to repository
These were forgotten from the initial commit adding the EC PKI.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 22:42:23 +02:00
Jouni Malinen
7fd583d62c tests: Suite B 192-bit RSA validation with 2048-bit client cert
Verify that unexpected 2048-bit RSA client certificate gets rejected by
the RADIUS server if the server is configured to use Suite B at 192-bit
level.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 22:40:55 +02:00
Jouni Malinen
9ec824b9c1 tests: Suite B 192-bit validation with p256 client cert
Verify that unexpected p256 client certificate gets rejected if the
server is configured to use Suite B at 192-bit level.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 20:30:07 +02:00
Jouni Malinen
80ad068001 tests: Update ap_wpa2_eap_assoc_rsn to match implementation change
This covers the new status code for group management cipher mismatch.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 02:08:39 +02:00
Jouni Malinen
6f90cfd780 tests: sigma_dut Suite B tests to not explicitly set PMF
PMF is supposed to be enabled automatically in sigma_dut, so remove
the explicit argument to do so from the commands.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
fe4af86c16 tests: WPA2-PSK AP and association request RSN IE with PMKID
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
6333cb812b tests: Use longer timeout in sigma_dut_dpp_proto_initiator
This is needed to be ready for a sigma_dut change to wait for an extra
frame RX event.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
7e526fa735 tests: sigma_dut sta_scan_bss
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
c5238c483f tests: sigma_dut with alternative OWE transition mode configuration
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
23c45cd0ff tests: sigma_dut and new DPP config index values
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
c8b19de245 tests: DPP QR Code and hostapd as initiator (offchannel)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-08 05:21:49 +02:00
Jouni Malinen
7b498ecafb tests: Enable and require PMF in SAE and OWE test cases with sigma_dut
All SAE and OWE associations are expected to require PMF to be
negotiated, so enable or require PMF in AP and STA configurations
accordingly to match the new sigma_dut behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-06 19:52:12 +02:00
Jouni Malinen
b4635f0a61 tests: GnuTLS configuration of intermediate CA certificate
GnuTLS seems to require the intermediate CA certificate to be included
both in the ca_cert and client_cert file for the cases of server and
client certificates using different intermediate CA certificates. Use
the user_and_ica.pem file with GnuTLS builds and reorder the
certificates in that file to make this work with GnuTLS.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-29 12:01:22 +02:00
Jouni Malinen
9acd0bebab tests: Enable Suite B test cases with GnuTLS
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
0039b972af tests: Speed up suite_b_192_rsa_insufficient_dh in failure case
Check for unexpected connection to avoid timeout on TLS alert event if
the implementation does not check DH key size at all.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
2d9ad634c8 tests: Skip eap_tls_pkcs8_pkcs5_v15 with GnuTLS
It looks like this private key format is not supported in GnuTLS (tested
with version 3.4.10).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
dc2a3cec66 tests: Fix wpas_config_file with non-mesh and non-SAE builds
Check wpa_supplicant capabilities before testing mesh and SAE
parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
de5ca36e37 tests: Fix gas_anqp_overrides with non-FILS builds
Need to ignore missing RX-ANQP event for the FILS Realm Info if
wpa_supplicant build does not include FILS support.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00