Commit graph

15460 commits

Author SHA1 Message Date
Jouni Malinen
95337647aa tests: Make FILS+FT test cases more robust
Wait for hostapd to report completion of association before running the
data connectivity check.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-18 16:30:40 +02:00
Jouni Malinen
5a563a3d34 Avoid compiler warning on shadowing a local variable
Fixes: 7fde39fb1a ("Add sae_rejected_groups to hostapd STA control interface command")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-18 13:46:59 +02:00
Jouni Malinen
7327f0fa6f tests: Fix skipping of new sigma_dut test cases
start_sigma_dut() can raise an exception and as such, assigning a
variable to its return value within a try block does not work in this
manner when the result is supposed to be used in the finally statement.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-13 21:19:36 +02:00
Jouni Malinen
06540f232c tests: SAE H2E and RSNXE mismatch in EAPOL-Key msg 2/4 retries
The second round may use PMKSA caching, but AP will need to reject msg
2/4 in that case as well due to RSNXE mismatch.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-13 03:27:25 +02:00
Jouni Malinen
e3c476bd8c SAE H2E: Fix RSNXE override in EAPOL-Key msg 2/4 for testing purposes
The previous implementation missed the case where EAPOL-Key frame may be
reported as having been received before the association event is
processed. This would have resulted in not using the RSNXE override for
EAPOL-Key msg 2/4 when the pending EAPOL-Key frame gets processed
immediately after processing the association event. Fix this by moving
the override case to be handled before that.

Fixes: 1325655397 ("SAE H2E: RSNXE override for testing purposes")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-13 03:08:27 +02:00
Jouni Malinen
fb3ef06dde tests: sae_rejected_groups with and without sigma_dut
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 23:52:36 +02:00
Jouni Malinen
7fde39fb1a Add sae_rejected_groups to hostapd STA control interface command
This is mainly for testing purposes to be able to check which groups
a STA reports as having been rejected when using SAE H2E.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 23:52:36 +02:00
Jouni Malinen
5661ebd774 DPP: Configurator netRole for Enrollee
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 02:33:00 +02:00
Jouni Malinen
7404574458 DPP: Replace ap boolean with netRole enum in Configurator params
The netRole enum is more generic and can be extended to include new
roles (e.g., Configurator) more easily.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 02:33:00 +02:00
Jouni Malinen
053ce8bff7 tests: OCE association in open network
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 02:00:26 +02:00
Jouni Malinen
326acce814 tests: sigma_dut controlled SAE association with group negotiation
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 01:59:06 +02:00
Jouni Malinen
2ca63f58b9 tests: sigma_dut controlled SAE H2E AP misbehavior with RSNXE
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 17:46:44 +02:00
Jouni Malinen
63585099d6 tests: SAE H2E and RSNXE mismatch in EAPOL-Key msg 3/4
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 17:46:44 +02:00
Jouni Malinen
f2c4b44b40 SAE H2E: RSNXE override in EAPOL-Key msg 3/4
This new hostapd configuration parameter rsnxe_override_eapol=<hexdump>
can be used to override RSNXE value in EAPOL-Key msg 3/4 for testing
purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 17:32:17 +02:00
Jouni Malinen
49ac2466c3 tests: sigma_dut controlled SAE H2E misbehavior with RSNXE
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 14:00:23 +02:00
Jouni Malinen
250db2ab51 tests: SAE H2E and RSNXE mismatch (AP detecting)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 12:56:19 +02:00
Jouni Malinen
1325655397 SAE H2E: RSNXE override for testing purposes
"SET rsnxe_override_{assoc,eapol} <hexdump>" can now be used to override
RSNXE in (Re)Association Request frames and EAPOL-Key msg 2/4 for
testing purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 12:54:54 +02:00
Jouni Malinen
dedd8f336e tests: sigma_dut controlled SAE H2E misbehavior with rejected groups
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 00:51:40 +02:00
Jouni Malinen
90d84bc511 tests: SAE H2E and rejected groups indication (unexpected group)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 00:45:10 +02:00
Jouni Malinen
a889e9a70c SAE: Reject invalid rejected group report in SAE commit explicitly (AP)
Previously, this case was ignored silently in AP mode. While that could
be a reasonable approach for an unexpected condition, it would be fine
to reject this case explicitly as well. This makes it somewhat easier to
test unexpected SAE H2E vs. looping behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 00:39:46 +02:00
Jouni Malinen
c88e01e1b6 SAE H2E: Fix validation of rejected groups list
check_sae_rejected_groups() returns 1, not -1, in case an enabled group
is rejected. The previous check for < 0 could not have ever triggered.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 00:28:13 +02:00
Jouni Malinen
b834e97003 SAE H2E: Testing option to report extra rejected groups
"SET extra_sae_rejected_groups <groups>" can now be used to enable test
mode in which wpa_supplicant will report additional groups (configured
as space separated integers) when using SAE H2E.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 00:26:13 +02:00
Jouni Malinen
4d16d7cc8d tests: sigma_dut controlled SAE H2E misbehavior with looping forced
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-06 17:39:46 +02:00
Jouni Malinen
b1905c7d8e tests: SAE PWE derivation with H2E-only AP and STA forcing loop
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-06 17:28:52 +02:00
Jouni Malinen
918df2227e SAE: Reject unexpected Status Code in SAE commit explicitly (AP)
Previously, this case was ignored silently in AP mode. While that could
be a reasonable approach for an unexpected condition, it would be fine
to reject this case explicitly as well. This makes it somewhat easier to
test unexpected SAE H2E vs. looping behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-06 17:26:57 +02:00
Jouni Malinen
405946d76a SAE: Testing option to ignore H2E requirement mismatch
"SET ignore_sae_h2e_only 1" can now be used to configurate
wpa_supplicant to a test mode where it ignores AP's H2E-required
advertisement and try to connect with hunt-and-pecking loop instead.
This is used only for testing AP behavior with unexpected STA behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-06 17:13:59 +02:00
Ankita Bajaj
23acdd9f33 Fix memory leak in ACS offload operation
freq_list is built in allocated heap memory and it needs to be freed
before returning from this function.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-05 18:02:46 +02:00
Ankita Bajaj
e86ba912aa ACS: Remove redundant ch_list parameters from do_acs interface
Clean up do_acs interface to not pass ch_list to drivers as the same
information is available in freq_list. The channel numbers are
duplicated between 2.4 GHz and 5 GHz bands and the 6 GHz band. So, use
the QCA_WLAN_VENDOR_ATTR_ACS_CH_LIST to populate only 2.4 GHz and 5 GHz
channels to ensure backwards compatibility with old drivers which do not
have support to decode the newer QCA_WLAN_VENDOR_ATTR_ACS_FREQ_LIST
attribute.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-05 18:02:34 +02:00
Ankita Bajaj
3cf360b8e2 DFS: Don't handle DFS ops for 6 GHz channels
Skip DFS checks and CAC operation for 6 GHz channels. AFC checks
will be added for 6 GHz channels later.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-05 17:12:27 +02:00
Ankita Bajaj
ee0030e814 6 GHz: Do not check for HT capability on 6 GHz channels
HT capability check is not required when starting AP on 6 GHz band as
only HE operation mode is allowed in the 6 GHz band.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-05 17:12:27 +02:00
Jouni Malinen
4a667b01e6 tests: DPP bootstrapping via NFC URI record
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-05 12:37:51 +02:00
Jouni Malinen
e780b4bf20 DPP: Bootstrapping via NFC URI Record
This extends hostapd and wpa_supplicant DPP implementation to allow the
bootstrapping URI to be generated for and parsed from an NFC Tag with an
NFC URI Record. This is similar to the way the bootstrapping URI is used
with QR Code for unidirectional authentication.

The DPP_BOOTSTRAP_GEN command uses "type=nfc-uri" to request the URI to
be assigned for NFC URI Record. In practice, the URI is generated
identically to the QR Code case, but the internal entry maintains the
NFC-URI type.

A new command "DPP_NFC_URI <uri>" can now be used to parse the URI read
from an NFC Tag with the NFC URI Record. This is similar to the
DPP_QR_CODE command.

Other commands (mainly, DPP_LISTEN and DPP_AUTH_INIT) are used for NFC
URI in the same way as they are used for QR Code.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-05 12:37:51 +02:00
Jouni Malinen
3c0d6eb8a9 Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2019-11-08.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-05 12:36:09 +02:00
Jouni Malinen
2e58926ef3 tests: hostapd global control interface and per-interface events
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-02 16:35:03 +02:00
Hu Wang
38203148e9 Extend hostapd to support setband to driver via QCA vendor command
Commit 844dfeb804 ("QCA vendor command support to set band to driver")
added a vendor command to pass 'SET setband' command information to the
driver in wpa_supplicant. Add similar changes to hostapd control
interface.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-02 15:55:43 +02:00
Veerendranath Jakkam
3c13af5573 hostapd: Register wpa_msg callback even if only global ctrl_iface is used
Previously, wpa_msg_register_cb() was called only from successful
completion of per-interface control interface initialization. This would
leave the callback unregistered in case only the global control
interface is used which would result in not delivering control interface
events on the global interface. Fix this by registering the callback
handler also from successful initialization of the global control
interface.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2019-12-02 15:46:32 +02:00
Veerendranath Jakkam
e920805685 hostapd: Extend global control interface notifications
Previously, hostapd sent only WPA_MSG_ONLY_GLOBAL type notifications to
the global control interface and all other notifications to
per-interface control interface. Extend this by making it similar to
wpa_supplicant global control interface notifications handling. With
this hostapd now sends all notifications except WPA_MSG_NO_GLOBAL to the
global control interface. In addition, WPA_MSG_PER_INTERFACE type
messages will be prefixed with "IFNAME=<interface name> " while sending
to the global control interface to indicate that the message is
interface specific.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2019-12-02 15:44:52 +02:00
Jouni Malinen
dd8eb44eef tests: sae_pwe parameter in PSK-only-AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-29 00:13:08 +02:00
Jouni Malinen
9f50538e13 SAE H2E: Do not use sae_h2e param in AP mode if SAE is disabled
Previously, nonzero sae_h2e parameter values were used to perform SAE
H2E specific operations (deriving PT, adding RSNXE, adding H2E-only BSS
membership selector) in AP mode even if SAE was not enabled for the
network. This could result in unexpected behavior if sae_pwe=1 or
sae_pwe=2 were set in the configuration. Fix this by making the SAE
operations conditional on SAE being actually enabled.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-29 00:07:57 +02:00
Jouni Malinen
ee27567198 tests: Clear sae_pwe at the end of sigma_dut test cases
sigma_dut does not clear sae_pwe value when the command line argument
"-2" is used, so we need to explicitly clear this from wpa_supplicant at
the end of the test case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-29 00:06:50 +02:00
Jouni Malinen
e0cd7172c2 tests: Advertise UTF-8 SSID in DPP-provisioned AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-28 16:39:09 +02:00
Jouni Malinen
ca6a2ac705 tests: DPP ssid_charset/ssid64
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-28 16:39:09 +02:00
Jouni Malinen
181bf93363 DPP2: Report received ssid_charset as DPP-CONFOBJ-SSID-CHARSET event
This provides the SSID character set, if specified, to upper layers on
station Enrollee.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-28 16:39:09 +02:00
Jouni Malinen
71e2848eab DPP2: ssid64/ssid_charset in Configurator
This allows Configurator to be configured to use the ssid64 option in
the discovery object for a station Enrollee.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-28 16:39:09 +02:00
Jouni Malinen
57a63b1318 DPP2: Add parsing of ssid64/ssid_charset in Config Object
The discovery object is now allowed to use either the UTF-8 encoded
string ssid or base64url encoded ssid64.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-28 16:39:09 +02:00
Jouni Malinen
590bc64d65 DPP: Use JSON token builder helpers
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-28 16:39:09 +02:00
Jouni Malinen
e75ab53222 JSON: Add helper functions for building tokens
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-28 16:39:09 +02:00
Jouni Malinen
8e5e36a184 Clean up base64_{encode,decode} pointer types
Allow any pointer to be used as source for encoding and use char * as
the return value from encoding and input value for decoding to reduce
number of type casts needed in the callers.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-28 16:39:09 +02:00
Jouni Malinen
b22608423b Clean up base64_url_{encode,decode} pointer types
Allow any pointer to be used as source for encoding and use char * as
the return value from encoding and input value for decoding to reduce
number of type casts needed in the callers.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-27 16:09:35 +02:00
Jouni Malinen
a4255a207b Simplify base64_url_encode() prototype
There is no use case for adding padding into the base64url encoded
strings, so remove the unneeded add_pad argument that was hardcoded to 0
in all callers.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-27 15:35:19 +02:00