Commit graph

15290 commits

Author SHA1 Message Date
Sergey Matyukevich
078217a2d7 STA OBSS: Update secondary channel info after CSA
Field wpa_s->sme.ht_sec_chan keeps secondary channel for the 40 MHz
band. This field is used to prepare a list of channels for the STA OBSS
scan. Initially, the secondary channel is set to HT_SEC_CHAN_UNKNOWN.
Later on, in function wpa_obss_scan_freq_list() it is obtained from the
current BSS HT operation IE. However, the secondary channel information
is not updated after channel switch, which may lead to an incorrect list
of channels prepared for the STA OBSS scan.

Update ht_sec_chan according to the channel switch event data to fix
this.

Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
2019-12-27 21:04:57 +02:00
Jouni Malinen
a6ba5cca45 tests: Allow more VMs to be started in parallel
Check the number of CPUs to determine how many VMs can be started in
parallel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:31:33 +02:00
Jouni Malinen
d07ca835cb tests: Move ocsp-resp-*-signed*.der generation into test case
There is no need to generate these OCSP responses for every single test
session. Generate these more dynamically if a test case that uses these
files is executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
b6bb4cd8c5 tests: Move ocsp-server-cache-{revoked,unknown}.der generation into test case
There is no need to generate these OCSP responses for every single test
session. Generate these more dynamically if a test case that uses these
files is executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
662c2fa01a tests: Use the run_openssl() helper for running openssl
This avoids unnecessary duplication of the same functionality to run
openssl and check result.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
47ccb9ce24 tests: Move ocsp-server-cache-key-id.der generation into test case
There is no need to generate this OCSP response for every single test
session. Generate this more dynamically if the test case that uses the
particular file is executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
b5c28af431 tests: Remove unnecessary copying of ocsp-multi-server-cache.der
This file is not being modified, so the original one from the auth_serv
directory can be used directly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
6cd59688b8 tests: Fix thread handling in P2P GO Negotiation test cases
Some of the error paths in go_neg_pbc() and go_neg_pin() did not wait
for the helper thread to complete processing. This could result in
unexpected behavior when the test case could have exited while the
thread was still performing tasks for the GO Negotiation. This could
result in getting stuck in one of the following test cases with
"go_neg_init_pbc thread caught an exception from p2p_go_neg_init: Group
formation timed out" showing up in the log.

This was hit, e.g., with the following test sequence:
no_go_freq p2p_channel_drv_pref_autogo

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 18:14:09 +02:00
Jouni Malinen
c64b6f62cd tests: Use python selector in the parallel-vm.py main loop
This gets rid of the loop that was polling for things to do every 0.25
seconds and instead, reacts to any data from VMs as soon as it becomes
available. This avoids unnecessary operations when no new data is
available and avoids unnecessary waits when new data becomes available
more quickly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 17:12:34 +02:00
Jouni Malinen
0075df74df tests: Make pmksa_cache_expiration more robust
Wait for hostapd to enter the PTKINITDONE state before checking
connectivity. This is needed to avoid a race condition with UML
time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 16:03:50 +02:00
Jouni Malinen
fd0465b85e tests: Print a summary of SKIP reasons
This makes it easier to determine reasons for test cases being skipped.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 16:03:50 +02:00
Jouni Malinen
179279eb34 tests: Move VM starting delay control into parallel-vm.py
This is more efficient since we can now start only the necessary number
of VMs instead of always forcing all VMs to start with one second delay.
This can also control the starting delay by keeping at most two VMs
starting at a time instead of using the hardcoded one second wait for
each consecutive VM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 16:03:50 +02:00
Jouni Malinen
4ee4778676 tests: Move HwsimSkip processing into start_wnm_ap()
There is no need to handle this separately in each OCV test case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 09:38:25 +02:00
Jouni Malinen
743b234902 tests: Speed up wpas_mesh_gate_forwarding tshark operations
For some reason, running tshark in the test cases can take significant
time especially with UML time-travel. Optimize this by reducing the
number of times tshark needs to be executed in the loop.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 00:03:24 +02:00
Jouni Malinen
985718135f tests: Optimize tshark operations for new versions
The wlan_mgt to wlan renaming is already included in most recent tshark
versions, so replace the backwards compatibility option to prefer the
new version so that current versions do not need to take the performance
hit.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 00:02:05 +02:00
Jouni Malinen
a48a60ea47 tests: Check operating channel parameter in obss_scan*
It looks like these test cases can fail with the new "Undefined
secondary channel: drop OBSS scan results" case. Add more checks to
determine if something is wrong with the connection.

In addition, force clearing of the cfg80211 scan cache on the main AP
interface so that a scan result from a previous test case cannot prevent
40 MHz channel bandwidth from being used. This could apparently happen
in the following test case sequence:
ap_ht40_scan_conflict obss_scan

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 23:23:05 +02:00
Jouni Malinen
c0d607ec8f tests: Replace hapd_connected() with hapd.wait_sta()
These were doing practically the same thing, so get rid of the external
helper function and standardize on using hapd.wait_sta().

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 19:36:31 +02:00
Jouni Malinen
e2c364e2cd tests: Make wpa2_ocv_ap_group_hs more robust
Wait for hostapd to indicate connection before disconnecting from the
station side. This avoids a race condition especially with UML
time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 19:33:22 +02:00
Jouni Malinen
67e0a5180f tests: SHOW_NEIGHBOR
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 17:59:16 +02:00
Ben Greear
ee48f48ba1 hostapd: Support showing neighbor list through hostapd_cli
This lets one know the current neighbor list, and could be used
to populate the neighbor list of other hostapd processes.

For instance:

$ hostapd_cli -i vap0001 show_neighbor
04:f0:21:1e:ae:b0 ssid=04f0211eaeb0af190000802809 nr=04f0211eaeb0af1900008028090603022a00
$ hostapd_cli -i vap0000 set_neighbor 04:f0:21:1e:ae:b0 ssid=04f0211eaeb0af190000802809 nr=04f0211eaeb0af1900008028090603022a00
OK
$ hostapd_cli -i vap0000 show_neighbor
04:f0:21:1e:ae:b0 ssid=04f0211eaeb0af190000802809 nr=04f0211eaeb0af1900008028090603022a00
04:f0:21:c3:b2:b0 ssid=04f021c3b2b0af190000802809 nr=04f021c3b2b0af1900008028090603022a00

Signed-off-by: Ben Greear <greearb@candelatech.com>
2019-12-26 17:59:03 +02:00
Jouni Malinen
0dfa6ea529 tests: Make ap_wpa2_disable_eapol_retry_group more robust
Wait for hostapd to report completion of the connection before going
through the disconnection and reconnection steps to avoid a race
condition especially with UML time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 17:01:02 +02:00
Jouni Malinen
f0825655c4 tests: Make TDLS tests more robust
Wait for hostapd to report connection completion before performing
connectivity test to avoid race conditions especially with UML
time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 11:41:01 +02:00
Sergey Matyukevich
3204795d7a STA OBSS: Add check for overlapping BSSs
In the previous implementation connected STA performs OBSS scan
according to requests from its 20/40 MHz AP. However STA checks only 40
MHz intolerance subfield from HT Capabilities element in scan results.
Meanwhile, as per IEEE Std 802.11-2016, 11.16.12, STA should check
overlapping BSSs as well.

Note that all the required code to check overlapping BSSs did already
exist for AP mode since AP does those checks properly before operating
as 20/40 MHz BSS in the 2.4 GHz band. Use that existing code by replace
existing 40 MHz intolerance check in sme_proc_obss_scan() with the new
shared helper function check_bss_coex_40mhz().

Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
2019-12-26 11:41:01 +02:00
Sergey Matyukevich
3af78a4e04 Extract BSS coex 40 MHz check into a separate function
Move this implementation from check_40mhz_2g4() into a new helper
function check_bss_coex_40mhz function() so that it can be used in the
station mode case as well as the previously used AP mode case.

Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
2019-12-26 11:41:01 +02:00
Jouni Malinen
6883f94408 tests: rrm_neighbor_db and neighbor removal without specifying SSID
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 11:05:54 +02:00
Ben Greear
70755e6587 Allow removing neighbor DB entries by BSSID alone
Let users delete a neighbor by BSSID alone if they prefer. The
underlying code already properly handled a NULL SSID, so just relax the
control interface command calling restrictions.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2019-12-26 11:01:37 +02:00
Ben Greear
bf3ab50f4f Change some RRM debug messages from wpa_printf() to wpa_dbg()
This gives us the network device name in logging messages, which can be
helpful when having one wpa_supplicant process handle multiple devices.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2019-12-26 09:41:58 +02:00
Sergey Matyukevich
a737e40b56 drivers: Support of dynamic VLAN requires Linux ioctls
Support for dynamic VLANs depends on the Linux bridge ioctls.
Add this dependency explicitely to drivers make files.

This fixes build for minimal hostapd configs such as:
CONFIG_DRIVER_WIRED=y
CONFIG_FULL_DYNAMIC_VLAN=y

Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
2019-12-26 00:00:36 +02:00
Jouni Malinen
07e69dfb05 tests: Secure mesh with BIP-GMAC-128, BIP-GMAC-256, and BIP-CMAC-256
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-25 23:56:16 +02:00
Jouni Malinen
9b391715cb mesh: Allow group management cipher to be configured
This allows BIP-GMAC-128, BIP-GMAC-256, or BIP-CMAC-256 to be used
instead of the previously hardcoded AES-128-CMAC as the group management
cipher when using mesh with PMF. For now, this can be configured by
setting a single group_mgmt value in the network block and doing that
consistently through all the STAs in the mesh.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-25 23:43:35 +02:00
Jouni Malinen
65d0b67c22 mesh: Increase plink action frame AMPY buffer length for max GTK/IGTK
The previous calculation of the buffer length did not take into account
the possibility of 32-octet GTK and IGTK values and it was also missing
something to cover the 16 octet keys that are supported now. Other
buffer elements were likely sufficient to cover all these cases, but
anyway, it is better to allocate sufficient size specifically for AMPE
to avoid issues in the future.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-25 23:35:40 +02:00
Bilal Hatipoglu
b1b62a1364 WPS: Add WPS-PIN-ACTIVE and WPS-CANCEL events
WPS_EVENT_CANCEL is added to indicate cancellation of a WPS operation
for any reason in hostapd/wpa_supplicant.

WPS_EVENT_PIN_ACTIVE is added to indicate when a PIN operation is
triggered in wpa_supplicant.

Signed-off-by: Veli Demirel <veli.demirel@airties.com>
Signed-off-by: Bilal Hatipoglu <bilal.hatipoglu@airties.com>
2019-12-25 20:58:52 +02:00
Bilal Hatipoglu
0b1839405e Add "reconnect" cmdline argument to hostapd_cli/wpa_cli
When the newly added "-r" parameter is used, both clis will try to
reconnect forever on connection lost until signalled (ctrl+c) or
terminated. This is useful only when used with -a to take action to
retrieve events or get status and the cli process stays even if
hostapd/wpa_supplicant daemons restart for some reason (e.g.,
configuration change).

Signed-off-by: Veli Demirel <veli.demirel@airties.com>
Signed-off-by: Bilal Hatipoglu <bilal.hatipoglu@airties.com>
2019-12-25 20:54:44 +02:00
Jouni Malinen
4318a635a9 DBus: Update dont_quote[] with new network profile parameters
This array had not been updated for years (since it was initially added)
and it was missing new network profile parameters that were not quoted
strings (but also not integers that could be set as integer types). Add
those missing non-quoted-strings to allow them to be set through the
DBus interface.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-25 12:45:44 +02:00
Jouni Malinen
26a00ba8bd DBus: Remove not existing network profile params from dont_quote[]
These parameters are global parameters, not network profile parameters,
and as such, do not below in dont_quote[] which is used to determine
whether a network profile parameter needs to be quoted.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-25 12:26:33 +02:00
Matthew Wang
23d87687c2 dbus: Move roam metrics to the correct interface
These properties were in the wpas_dbus_bss_properties array when they
should have been in the wpas_dbus_interface_properties array. Move them
to the right place. This is the logical location for these properties
and it matches both the other parts of the implementation (e.g., being
in enum wpas_dbus_prop, not in enum wpas_dbus_bss_prop) and what
was originally documented for the interface in dbus.doxygen.

Fixes: 2bbad1c7c9 ("dbus: Export roam time, roam complete, and session length")
Fixes: 80d06d0ca9 ("dbus: Export BSS Transition Management status")
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
2019-12-24 21:16:23 +02:00
Michal Kazior
8e111157e7 nl80211: Relax bridge setup
Normally nl80211 driver will attempt to strictly control what bridge
given interface is put in. It'll attempt to remove it from an existing
bridge if it doesn't match the configured one. If it's not in a bridge
it'll try to put it into one. If any of this fails then hostapd will
bail out and not set up the BSS at all.

Arguably that's reasonable since it allows to set the BSS up coherently
with regard to EAPOL handling as well as allows extra interactions with
things like FDB. However, not all hostapd drivers interact with bridge=
the same way. One example is atheros. Therefore it's not clear what the
desired behavior should be if consistency across drivers is considered.

There's a case where one might want to use a non-native Linux bridge,
e.g., openvswitch, in which case regular ioctls won't work to put an
interface into a bridge, or figure out what bridge an interface is in.
The underlying wireless driver can still be an ordinary nl80211 driver.

This change relaxes the bridge setup failure so that hostapd still
starts even if it fails to add an interface into a configured bridge
name. It still sets up all the necessary sockets (including the
configured bridge=) so EAPOL handling should work fine. This then leaves
it to the system integrator to manage wireless interface as bridge ports
and possibly fdb hints too.

Signed-off-by: Michal Kazior <michal@plume.com>
2019-12-24 21:16:23 +02:00
Sergey Matyukevich
3626e72c8d l2_packet: Fix bridge workaround for repeater configuration
In repeater configuration, both AP and STA wireless interfaces may be
included into the same bridge. In this case the following race condition
may occur: wpa_supplicant and hostapd are started, then hostapd clients
are connected before wpa_supplicant connects to remote AP. EAPOL packets
between hostapd and its clients are detected by wpa_supplicant on bridge
interface, prematurely disabling the workaround.

One possible option to fix this issue is to check EAPOL destination MAC
in wpa_supplicant and disable workaround only if EAPOL packet on bridge
interface is indeed intended for wpa_supplicant.

Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
2019-12-24 21:16:23 +02:00
Jouni Malinen
9f47fdb6c3 tests: Make FT PMKSA caching test cases more robust
The RECONNECT command on the station was issued immediately after
wpa_supplicant had processed EAPOL-Key msg 3/4. This could happen before
hostapd has processed EAPOL-Key msg 4/4 and especially with UML
time-travel, this could result in the following FT protocol exchange
going through in a manner that makes the hostapd process EAPOL-Key msg
4/4 from the first association as a postponed EAPOL RX at the beginning
of the second association. Avoid this by waiting hostapd to report
completion of the connection before issuing RECONNECT.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-24 21:16:23 +02:00
Jouni Malinen
c0f3ee475b tests: FT-SAE with PWE default and with H2E
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-24 21:16:23 +02:00
Jouni Malinen
84972999ba FT: More debug prints for RSNE modification for EAPOL-Key msg 2/4
This buffer was getting corrupted, so add more details to make it
clearer what causes the corruption should this type of regression show
up again.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-24 21:16:23 +02:00
Jouni Malinen
4cfa8b92ba Fix wpa_insert_pmkid() when buffer includes extra IEs
The case where the old RSNE included one or more PMKIDs and that RSNE
was followed by another IE was handled incorrectly since the
os_memmove() to move the end of the buffer when removing old PMKIDs was
stopping copying at the end of the RSNE, not the end of the IE buffer.
This could result in corrupting the IE that followed the RSNE. In
practice, this broke FT-SAE with H2E by corrupting the RSNXE that is in
the buffer after the RSNE.

Fix this by copying the full end of the buffer (i.e., including the
following RSNXE in the visible error case) when removing the old PMKIDs.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-24 21:16:23 +02:00
Jouni Malinen
6298673ff3 tests: Prepare rsn_ie_proto_ft_psk_sta for implementation change
This PMKID replacement case is not going to prevent connection after a
change in wpa_insert_pmkid() so remove it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-24 21:16:23 +02:00
Sam Tygier
32289112c4 wpa_passphrase: Output errors to stderr
The stdout of wpa_passphrase is often piped directly into the
wpa_supplicant config file. In case of errors these will be written to
the file and possibly not noticed by the user.

Use fprintf to print errors to stderr.

Signed-off-by: Sam Tygier <samtygier@yahoo.co.uk>
2019-12-24 11:14:27 +02:00
Jouni Malinen
ce1598d4c2 tests: New style fuzzing tool for EAP-MSCHAPv2 peer processing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-24 10:59:22 +02:00
Jouni Malinen
07fe134d9c EAP-SIM peer: Do not accept SIM/Challenge without SIM/Start
EAP-SIM full authentication starts with one or more SIM/Start rounds, so
reject an unexpected SIM/Challenge round without any preceeding
SIM/Start rounds to avoid unexpected behavior. In practice, an attempt
to start with SIM/Challenge would have resulted in different MK being
derived and the Challenge message getting rejected due to mismatching
AT_MAC unless the misbehaving server has access to valid Kc, so the end
result is identical, but it is cleaner to reject the unexpected message
explicitly to avoid any risk of trying to proceed without NONCE_MT.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-23 23:59:16 +02:00
Jouni Malinen
2636362717 tests: Make nfc_wps_handover_init more robust
Data connectivity test could have been started in the middle of 4-way
handshake. This test case needs to wait for two STA connections before
starting the connectivity test since the first one is only for the
provisioning step.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-23 20:19:03 +02:00
Jouni Malinen
b2e2a8588d OpenSSL: Extend key_block size determination to support GCM/CCM ciphers
These ciphers do not use a separate MAC algorithm, so digest nid will be
NID_undef. In addition, the fixed_iv_length needs to be set to 4 which
is the implicit part of the IV from PRF. This is needed to fix EAP-FAST
key derivation for cases where GCM/CCM ciphers are used for TLS.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-23 20:02:45 +02:00
Jouni Malinen
f94e677d33 tests: DPP exchange when driver uses a separate P2P Device interface
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-23 11:20:17 +02:00
Jouni Malinen
efaa6256e2 More detailed documentation on ieee80211w configuration parameter
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-23 10:48:09 +02:00