This is needed to allow sigma_dut to enable ap_isolate=1. In addition,
verify that the two associated STAs with RSN(EAP) and OSEN cannot
exchange frames between them.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
P2P related configuration should be done on a global control interface.
This way this test can be reused also when a dedicated P2P device
interface is used.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
It looks like tshark parser was broken at some point for
wlan.mesh.config.cap which is now (tshark 2.6.3) pointing to incorrect
field (same as wlan.mesh.config.ps_protocol). This used to work with
tshark 2.2.6.
For now, assume the capability field ends up being the last octet of the
frame.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
It looks like at least tshark 2.6.3 uses a different error message for
unknown display filter fields:
tshark: Neither "wlan_mgt.fixed.category_code" nor "4" are field or protocol names.
and a different status exit code (2 instead of 1).
Add a new handler for this combination to allow automatic wlan_mgt to
wlan conversion to happen.
Signed-off-by: Jouni Malinen <j@w1.fi>
This test starts two identical APs and assumes a connection to the first
one, though it is not necessary true. Fix that by starting the second AP
only after the connection is established.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
This test case had an error that hit an unexpected disconnection. Add an
explicit check to verify that this does not happen anymore.
Signed-off-by: Jouni Malinen <j@w1.fi>
The channel configuration in CHAN_SWITCH command was incorrect. This
resulted in switching to HT40+ channel, while announcing HT40- in the
secondary channel IE. This caused a disconnection after the channel
switch. Fix that.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Verify that PMF does not end up reporting unexpected status code 30
(temporary rejection; SA Query).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This verifies that wpa_supplicant and hostapd behave consistently with
PMKSA caching when Suite B AKMs end up deriving a new PMKID from each
4-way handshake.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This is a regression test case for a memory leak on DPP_CONFIGURATOR_ADD
error path in dpp_keygen_configurator() when an unsupported curve is
specified.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Verify that the automatically generated network profile is able to
connect to a non-FT network automatically after having used FT for the
first connection.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Verify that EAP-AKA' client rejects Challenge with an appended AT_KDF
and a modified AT_KDF value during KDF negotiation.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Check that the @1@ macro gets replaced correctly both when in the middle
and when in the end of the URL template.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This is needed with the modified hostapd implementation to fix the
ap_hs20_terms_and_conditions* test cases.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
It is easier to understand the hostapd debug log here if each step is
noted there before starting the wpa_supplicant operation. In addition,
it looks safer to process all pending event messages between each step
to avoid running out of any buffer limits.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This test case verifies that wpa_supplicant is able to perform CSA to a
VHT80 channel when having to move the GO due to an avoid-frequencies
driver event.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The implementation changes in hostapd FT error path handling in the
follow commit would result in ap_ft_ap_oom7 test case failing. This is
triggered partially by PMF protections and SA Query attempts, so it
looks like it is easier to split each failure case into a separate test
case.
Signed-off-by: Jouni Malinen <j@w1.fi>
Couple of "invalid value" tests started to fail now that mac80211_hwsim
actually accepts power save configuration. Fix these by running the same
command for more code coverage, but in a way that ignores the result of
the operation (succeeds with older kernel versions and fails with
newer).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
For testing purposes, enable TLS v1.3 in the authentication server so
that the protocol version can be controlled from wpa_supplicant side
more easily.
Signed-off-by: Jouni Malinen <j@w1.fi>
It looks like OpenSSL 1.1.1 accepted the openssl_ciphers=FOO test
configuration or well, at least does not reject it like previous
versions did. For now, ignore this failure.
Signed-off-by: Jouni Malinen <j@w1.fi>
RC4-SHA cipher case ended up allowing the handshake to be started just
to fail with "no ciphers available" when trying to generate ClientHello.
Fix this by handling an EAP failure case for the RC4-SHA test step with
OpenSSL 1.1.*.
Signed-off-by: Jouni Malinen <j@w1.fi>
Verify that the AP initialization failure is reported back to
wpa_supplicant also when the initialization is complete in a callback.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
time.sleep() in run_roams() is required because the target AP sets the
key once the station was associated. There are races, when the station
processes the (Re)Association Response frame AND the test suite starts
FT_DS before the AP processes its local confirmation and thus
wpa_auth_sm_event(ASSOC_FT). Therefore, the ActionFrame will be lost, as
the AP driver is missing the key.
Since this is this speed is highly synthetic, wait a few milliseconds
before roaming back.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
This is a regression test for a sequence where wpa_supplicant interface
MAC address is changed externally and the ifdown-ifup sequence is
processed only after the interface has already been set UP.
Signed-off-by: Jouni Malinen <j@w1.fi>
Test the hostapd venue_url configuration parameter. In addition, fix the
previous defined gas_anqp_venue_url test case to use correct encoding of
the Venue URL ANQP-element payload (URLs were missing and Venue Number
was off-by-one).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>