In addition, replace some of the CHAP cases with PAP since that enables
more coverage without breaking the main test focus.
Signed-off-by: Jouni Malinen <j@w1.fi>
The PKCS12 file with default openssl options cannot be used with OpenSSL
1.0.1 in FIPS mode. Replace this with -descert version as a workaround.
Signed-off-by: Jouni Malinen <j@w1.fi>
This makes it easier to build wpa_supplicant for OpenSSL FIPS mode
testing. wpa_supplicant/.config needs following type of configuration
for this:
CONFIG_FIPS=y
CFLAGS += -I/usr/local/ssl/include
LIBS += -L/usr/local/ssl/lib
CC=/usr/local/ssl/fips-2.0/bin/fipsld
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows driver-based preference list to override default operating
channel selection mechanism by using a non-social P2P find if needed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, this was assumed to be the case due to default channel
selection behavior. However, that may not be the case with driver-based
preference list processing. Enforce a social channel to be used as the
operating channel here since dev[2] uses social channel only device
discovery and needs to find the GO.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The openssl_ciphers="EXPORT" case may result in locally generated
disconnection event if the OpenSSL version used in the build rejects
export ciphers in default configuration (which is what OpenSSL 1.1.0
will likely do). Don't report a test case failure in such a case.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add adv_cpt and seeker_cpt parameters to p2ps_provision() function.
The seeker_cpt is used in P2P_ASP_PROVISION command by a seeker, the
adv_cpt parameter is in P2P_ASP_PROVISION_RESP by an advertiser.
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Add an optional parameter to p2ps_advertise() function allowing to
specify CPT priority values.
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Add an optional CPT parameter to asp_provision() method of
WpaSupplicant.
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Add p2ps_connect_pd() helper method which strictly validates the PD
results and establishes the connection between peers accordingly.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Add generic provision method. This method receives a seeker and an
advertiser devices, advertisement id, method, and a flag which indicates
whether deferred flow is expected. The method returns P2PS-PROV-DONE
events and the pin (if keypad or display method is used).
This method is needed to simplify the P2PS provision flows in the tests.
This method complies to the P2PS specification regarding the expected
order of the show and display PIN events.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
Add asp_provision method which issues either P2PS PD Request or, if the
status is provided, continues the deferred flow by sending follow on
PD Request.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
This test case could fail if there were old BSS entries remaining in
cfg80211 scan results. That happened, e.g., when running test cases in
the following sequence: "discovery_social_plus_one discovery_auto".
Signed-off-by: Jouni Malinen <j@w1.fi>
This removes quite a bit of duplicated code. In addition, this starts
using different FST group names to get additional coverage.
Signed-off-by: Jouni Malinen <j@w1.fi>
Without this, the run-tests.py socket could have been left in attached
to receive all hostapd global events during a test case. This could hit
the limit of pending messages on the socket since there is nothing
clearing this socket during the execution of a test case. Fix this by
explicitly closing the socket after having completed the RELOG command.
Signed-off-by: Jouni Malinen <j@w1.fi>
This verifies FST group dialog_token wrap-around and behavior with large
number of session setups and teardowns.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds a test case that goes through session initialization through
separate commands that can be modified more easily for special case. The
first such special case is using special FST Setup Request frames with
non-standard MBIE contents to hit different code paths for finding the
interface.
Signed-off-by: Jouni Malinen <j@w1.fi>
Pass absolute path to the daemonized wpa_cli process and add read
privileges for everyone on the action script to make this test case work
better when run without a VM.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Try to use the special build for --codecov purposes, if present, instead
of hardcoding the hostapd/wpa_supplicant binary to the default location.
This is needed to collect code coverage correctly.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commit 53606b105c ('tests: Wait for scan
to complete on all interfaces in reset()') added option of passing
ifname to get_driver_status(). This could result in FAIL-NO-IFNAME-MATCH
returns that get printed out in "Ignore unexpected status-driver line"
messages if the interface is not found. Check for this case to avoid
that unnecessary print.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Remove unused variables and replace split(" ") with just split().
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
When WpaSupplicant executes reset() it waits until all the ongoing scans
are completed. However, it checks the status of the wlanX interface
only. If a dedicated P2P device interface is used, scan may be still
running on the P2P Device interface, e.g., due to P2P_FIND. This might
affect subsequent tests.
Fix this by waiting until the scan is done both on wlanX and P2P
Device interfaces.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
This allows hostapd and wpa_supplicant to be built for hwsim test cases
with ubsan functinality from the recent gcc/clang compiler versions.
Signed-off-by: Jouni Malinen <j@w1.fi>
This changes the sae_groups test case design to try with every group and
skip triggering test failure for the heavier ones that are likely to
fail in some VM setups under load. This provides more testing coverage
by not limiting the test based on lowest common setup.
Signed-off-by: Jouni Malinen <j@w1.fi>
This verifies a case where the neighboring BSS is at the other end of
the band and has its PRI channel further away.
Signed-off-by: Jouni Malinen <j@w1.fi>
Flush the cfg80211 scan cache explicitly to avoid false failure reports
if a BSS entry from an earlier test case remain. Such a failure could be
hit, e.g., with the following test case sequence:
wpas_mesh_mode_scan p2p_channel_random_social dbus_old_wps_pbc
Signed-off-by: Jouni Malinen <j@w1.fi>
It looks like the previous timeout of 0.1 seconds could be hit under
parallel VM load, so double this to 0.2 second to avoid hitting
unnecessary test failures.
Signed-off-by: Jouni Malinen <j@w1.fi>
Get the P2P group interface name so it will be used for group removal to
support configurations that use a dedicated P2P Device interface.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Wait on the group control interface to support configurations that
use a dedicated P2P Device interface.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Use the global control interface to list the P2P Device persistent
networks. Get and parse the P2P-GROUP-STARTED events, so later the
interface names would be available for the connectivity test etc. Both
of these are required when a dedicated P2P Device interface is used.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Wait on the global control interface to support
configurations that use a dedicated P2P Device interface.
Note that the group interface cannot be used, as the group
interface name is not saved since no group was created.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Change the reset() method to use the global control interface
for resetting P2P state and also add a call to P2P_FLUSH.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
This adds test coverage to p2p_procesS_nfc_connection_handover() error
paths. This is also a regression test case for a memory leak on two of
these error paths.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is a regression test case for a memory leak on a TLS PRF error
path. In addition, this provides more coverage for this error path.
Signed-off-by: Jouni Malinen <j@w1.fi>
The test sequence "scan_and_bss_entry_removed ap_wps_ap_scan_2" resulted
in failure due to an old BSS entry remaining from the first test case to
the second and the WPS_PBC operation on a forced BSSID ending up picking
the incorrect BSS entry. Make this more robust by clearing the scan
results from cfg80211.
Signed-off-by: Jouni Malinen <j@w1.fi>
Both of these test cases were leaving out BSS entries with active PBC
mode at the end of the test. This could result in the next text case
failing, e.g., in "ap_wps_pbc_overlap_2ap grpform_ext_listen" and
"ap_wps_pbc_overlap_2sta grpform_ext_listen" sequences. Fix this by
flushing the scan results more carefully at the end of the PBC overlap
test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Verify that advertiser returns 'org.wi-fi.wfds' wildcard in a Probe
Response frame if at least one P2PS advertisement is present.
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
This increases testing coverage for VENDOR_ELEM mechanism by explicitly
verifying that the requested element gets added to each of the supported
frame types.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Test P2PS GO and CLI discoverability on group operating channel.
In order to implement these tests, refactor p2ps_connect_p2ps_method
and test_p2ps_connect_adv_go_pin_method to reuse the code for
connection establishment. Also change p2ps_exact_seek so it will
allow getting Probe Response frames from several peers.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
test_p2ps_connect_adv_go_pin_method() expects that
p2ps_provision_keypad_method() returns P2PS-PROV-DONE with details
needed for a connection. However, this event was overridden which
resulted in an incorrect test flow skipping the connection
establishement. The test would pass, however, without really trying to
connect. Fix this by returning the correct event.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
This adds hwsim test ap_vlan_iface_cleanup_multibss. It connects two
stations in different BSS but the same hostapd process. First both
stations are in VLAN 1, then they get reauthenticated into VLAN 2. Due
to the ordering of the stations moving around, this test checks that
bridge and tagged interface referencing counting is done globally, such
that the tagged interface is not removed too early and no bridge is
left over.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
There seem to be cases where flush_scan_cache() was unable to clear all
BSS entries due to a hidden SSID BSS (SSID length 0) showing up again
from cfg80211 BSS table. Check for this and run the flush operation
again if any entries remain.
This fixes an issue where the following hwsim test case sequence
resulted in the last test case failing due to the old BSS entry from the
first test case being in place and showing unexpected flags information:
ap_hs20_min_bandwidth_home_hidden_ssid_in_scan_res
ap_hs20_remediation_required
ap_mixed_security
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>