Commit graph

4300 commits

Author SHA1 Message Date
Johannes Berg
4f4923bb08 tests: PASN: Try get_ptksa() from AP a few times
We wait for the PASN auth to complete on the wpas side, but there's no
indication of this on the AP side. So if scheduling ordering is bad, we
can ask the AP for the PTKSA cache before it even received the frame
from the kernel and created the PTKSA entry.

To fix this, try this a few times, to see if it becomes available.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:09:26 +03:00
Johannes Berg
376bead963 tests: persistent_go_client_list: Ignore client order
Clients could connect in a different order depending on
timing differences, don't check for the order here.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:08:20 +03:00
Johannes Berg
434d557bc3 tests: FT/RRM: Wait for STA before check_beacon_req()
check_beacon_req() will request from hostapd to request a beacon
report from the STA, but that only works if it already knows about
the STA. Due to scheduling issues, it may not know even if wpa_s
reports it has successfully connected, so also wait for the STA to
show up in hostapd before check_beacon_req().

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:06:59 +03:00
Johannes Berg
257ba3afae tests: Wait for radio work to start after DPP_LISTEN command
Since DPP listen is a radio work, it doesn't start immediately and
then we can end up missing whatever happens next in the test. Wait
for the radio work to start before continuing the test.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2023-10-28 12:06:29 +03:00
Stefan Schake
1d7ce8e2d7 tests: Multi-AP backhaul to backhaul+fronthaul BSS
Signed-off-by: Stefan Schake <stefan.schake@devolo.de>
2023-10-28 11:51:19 +03:00
Jouni Malinen
aaeeb631e0 tests: More thorough testing of PMF and need for association comeback
Signed-off-by: Jouni Malinen <j@w1.fi>
2023-10-28 11:34:35 +03:00
Jouni Malinen
3d8215affe tests: wpa_supplicant AP with all possible 20 MHz PRI for 80 MHz channel
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-10-27 13:49:48 +03:00
Jouni Malinen
97b6cc6e58 tests: VHT80 and channel 161
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-10-26 13:52:54 +03:00
Jouni Malinen
7df76a4dd5 tests: EHT+MLO AP with SAE and transition mode
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-10-25 14:06:23 +03:00
Jouni Malinen
6affbf1fb0 tests: Remove exception for SAE MLD testing
hostapd now has support for SAE in MLD cases, so there is no need to
maintain this exception that allowed the test case to pass even if the
connection failed.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-10-25 13:53:35 +03:00
Jouni Malinen
71b26a7675 tests: Adding EAP-SIM/AKA coverage for ID selection
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-09-21 11:55:49 +03:00
Jouni Malinen
b46c4b9a91 tests: Beacon protection and reconnection
Regression test case for the issue fixed in the previous commit.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-09-05 20:38:47 +03:00
Jouni Malinen
07d3c1177b tests: Make sae_proto_hostapd_status_* more robust
The first MGMT-TX-STATUS event might be for the initial broadcast
Deauthentication frame instead of the SAE Authentication frame. Skip the
first event and try to process TX status for the first Authentication
frame instead.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-08-22 19:46:44 +03:00
Jouni Malinen
f91d10c0e6 tests: Update RSA 3k certificates
The previous ones expired and caused test failures.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-08-22 17:00:37 +03:00
Jouni Malinen
d606efe054 tests: Beacon rate configuration for 54 Mbps
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-08-18 21:16:04 +03:00
Jouni Malinen
884125ab7d tests: P2P autonomous GO and clearing of networking information
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-08-18 20:33:29 +03:00
Jouni Malinen
011775af94 tests: Check for beacon loss when using beacon protection
This extends testing coverage to detect an issue that was fixed in
commit bf9cbb462f ("Fix writing of BIGTK in FT protocol").

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-08-10 21:28:14 +03:00
Jouni Malinen
faee8b99e9 tests: Fix eht_mld_sae_legacy_client to restore sae_pwe
Changing sae_pwe and leaving the modified value for the following test
cases can result in failures.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-07-21 20:17:53 +03:00
Jouni Malinen
b2a1e7fe7a tests: PEAP and TTLS phase2_auth behavior
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-07-17 21:25:06 +03:00
Jouni Malinen
19b6a1513f tests: Additional EHT MLD AP coverage
Verify behavior in SAE/PSK transition mode and PTK rekeying.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-06-15 17:34:02 +03:00
Andrei Otcheretianski
f5592e2d5e tests: Add basic MLD hwsim tests
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-06-15 17:34:02 +03:00
Jouni Malinen
829f3cd2b2 tests: Fix the previous update of the regulatory database to VMs
The last update of the wireless-regdb database to the wireless-regdb.git
version of 2023-02-13 in commit c4034a69fe ("tests: Update regulatory
database to VMs") forgot to update regulatory.db.p7s. Update it as well.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-06-06 20:11:06 +03:00
Jouni Malinen
95c3f0d1e4 tests: PASN with pasn_noauth=0
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-05-25 22:59:00 +03:00
Jouni Malinen
3e9fe727e5 tests: WPA2-EAP AP with PMF required and EAPOL-Logoff
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-05-04 11:10:16 +03:00
Jouni Malinen
230ca559cb tests: Additional 6 GHz band ACS coverage
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-04-26 23:10:03 +03:00
Jouni Malinen
c4034a69fe tests: Update regulatory database to VMs
Update the wireless-regdb database to the wireless-regdb.git version of
2023-02-13.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-04-26 23:10:03 +03:00
Jouni Malinen
a2d4d4c98e tests: HE with ACS on 6 GHz using a 40 MHz channel
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-04-25 17:31:13 +03:00
Jouni Malinen
566ab39a72 tests: KDK derivation based on Secure LTF capability
This adds more production-like testing coverage for KDK derivation. Both
SAE and OWE transition mode are covered. The latter has some corner
cases that did not work correctly previously.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-04-25 12:08:12 +03:00
Jouni Malinen
9bad3c975d tests: Update server and user certificates (2023)
At least some of the previous versions have expired, so need to re-sign
these to avoid EAP test case failures. This contains updates from
running tests/hwsim/auth_server/update.sh.

Signed-off-by: Jouni Malinen <j@w1.fi>
2023-04-18 11:40:10 +03:00
Jouni Malinen
07a7bcd7ea WMM: Advertise support for 16 PTKSA replay counters for non-AP STA
In theory, each device that supports WMM (or the IEEE 802.11 QoS for
that matter) is expected to advertise how many replay counters it
supports and the peer device is supposed to use that information to
restrict the total number of different MSDU priorities (AC/UP) that
might be used. In practice, this is not really done in deployed devices
and instead, it is just assumed that everyone supports the eight
different replay counters so that there is no need to restrict which
MSDU priorities can be used.

hostapd implementation of WMM has advertised support for 16 PTKSA replay
counters from the beginning while wpa_supplicant has not had any code
for setting the supported replay counter fields in RSNE, i.e., has left
the value to 0 which implies that only a single replay counter is
supported. While this does not really result in any real issues with
deployed devices, this is not really correct behavior based on the
current IEEE 802.11 standard and the WMM specification.

Update wpa_supplicant to use similar design to the hostapd RSNE
generation by setting the number of supported PTKSA replay counters to
16 whenever WMM is enabled. For now, this is done based on the
association being for HT/VHT/HE/EHT and also based on the AP supporting
WMM since it is much more likely for the local device to support WMM and
eight replay counters (which can be indicated only with the value that
implies support for 16 counters since there is no separate value for 8).

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-04-18 11:40:10 +03:00
Jouni Malinen
22c453ae3c tests: Suite B 192-bit RSA with TLS 1.3
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-03-23 00:00:10 +02:00
Avraham Stern
23ddb3ffee tests: Remove dynamically added hostapd interfaces
When an in interface is added dynamically to hostapd with
HWSimRadio, it's not removed during device reset.
This requires to manually remove it, otherwise subsequent tests may
fail. Better do it during device reset.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2023-03-07 23:55:00 +02:00
Andrei Otcheretianski
fa4d7be5bf tests: Clear sae_groups in eht_sae test
Otherwise subsequent tests may fail.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2023-03-07 23:55:00 +02:00
Jouni Malinen
f0979c4ac9 tests: Fix python3 processing of Popen output reading
Need to decode cmd.stdout.read() output before using it as a string.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-22 21:34:53 +02:00
Jouni Malinen
f3c4d2db1f tests: DPP Configurator and @CONF-OBJ-SEP@
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-22 17:08:57 +02:00
Jouni Malinen
596d602de8 tests: P2P persistent group re-invocation (go_bssid) with cfg80211 P2P Device
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-22 14:12:58 +02:00
Jouni Malinen
f710eba172 tests: Make PASN checks for PTKSA_CACHE_LIST a bit more robust
It was apparently possible for the test script to fetch the
PTKSA_CACHE_LIST information from hostapd before the PASN message 3 had
been processed since only the event from wpa_supplicant related to
sending of that frame was explicitly waited for. Add a small wait to try
to avoid this race condition with UML time-travel.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-21 19:46:17 +02:00
Jouni Malinen
6d7a9a890d tests: Country information in hostapd STATUS
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-21 17:36:28 +02:00
Jouni Malinen
eb6f8dab12 tests: PASN/KDK derivation with FT
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-21 17:28:15 +02:00
Jouni Malinen
1cde2549ec tests: WPA2-PSK and STA using 4addr mode
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-21 00:12:34 +02:00
Jouni Malinen
217d5e4796 tests: WNM event report
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-20 22:00:16 +02:00
Jouni Malinen
351761e994 tests: Ignore dpp-ca.py in git status
Some of the test cases can use dpp-ca.py symlink to sigma-dut.git. That
symlink is not in the repository, so ignore it explicitly in git status.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-17 16:25:33 +02:00
Jouni Malinen
1bc93b7fe3 tests: Clear SAE groups for dpp_ap_config_sae
This is needed to avoid failures due to previously executed test cases.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-17 16:20:20 +02:00
Jouni Malinen
9f5f066d27 tests: Clear SAE groups before the HE 6 GHz test cases
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-14 13:55:36 +02:00
Jouni Malinen
641f2868de tests: FT and VLAN in wpa_psk file
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-14 11:47:25 +02:00
Jouni Malinen
e4d1000cac tests: Verify hostapd STA vlan_id value
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-13 23:22:10 +02:00
Jouni Malinen
eff82f93af tests: Make pmksa_cache_and_cui more robust
Make sure hostapd has had time to complete 4-way handshake processing
before initiating reauthentication from wpa_supplicant. There is a small
window for race condition here when testing with UML and time travel.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-10 13:11:54 +02:00
Jouni Malinen
2d3afc273d tests: MACsec with EAP-PSK
This verifies use of a shorter than 65 octet EAP Session-Id.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-10 12:41:03 +02:00
Jouni Malinen
047da5fe3a tests: wpa_supplicant config file parsing of an invalid network
This is a regression test for a NULL pointer dereferencing from commit
d8d2b3a338 ("Implement read-only mode for SSIDs from the additional
config (-I)") .

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-02-01 18:26:35 +02:00
Jouni Malinen
825a545279 tests: Clear sae_groups in radius_sae_password
This is needed to avoid failures caused by previous test cases having
left behind constraints on the allowed groups.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-01-31 12:00:18 +02:00