The previous versions expired, so need to re-sign these to fix number of
the EAP test cases. In addition, add a shell script (update.sh) and the
needed CA files to automate this full update process.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new wpa_supplicant network parameter group_mgmt can be used to
specify which group management ciphers (AES-128-CMAC, BIP-GMAC-128,
BIP-GMAC-256, BIP-CMAC-256) are allowed for the network. If not
specified, the current behavior is maintained (i.e., follow what the AP
advertises). The parameter can list multiple space separate ciphers.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
There was a race condition on the sequence where iface.AbortScan() is
immediately followed by iface.Scan(). If the driver event
(NL80211_CMD_SCAN_ABORTED) arrived after the following new scan request,
the D-Bus operation failed. This is not what this test case is trying to
check, so wait for an indication of the previous scan having terminated
properly before issuing the next scan.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The STA can get disconnected event before the AP processed the
deauthentication frame, resulting in GET_FAIL command being sent too
early. Fix this by waiting for AP-STA-DISCONNECTED on AP side, too.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Import vht_supported from test_ap_vht to fix the following issue:
rrm_beacon_req_table_vht run failed: global name 'vht_supported' is not defined
Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
This makes it easier to post-process frame capture files if frames need
to be decrypted in test cases that do not configure wlantest with the
PMK directly (i.e., mainly the cases when a RADIUS server is used).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Wait for the configuration step to complete before forcefully
terminating DPP listen. Previous version was causing failures for this
test case sequence:
dpp_qr_code_auth_initiator_enrollee dpp_pkex_config2
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
On slow machines or inside VM it may take some time for "DISCONNECTED"
event to arrive. Since the retry delay counter is started already, it
may result in less than 5 seconds time between "DISCONNECTED" and
"CONNECTED" events.
Fix the test by taking more accurate timestamps between the events.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Previously p2p_channel_drv_pref_* tests would fail
if dedicated P2P device is used, since the SET commands
were sent to incorrect interface.
Fix this by using a global control interface instead.
Signed-off-by: Adiel Aloni <adiel.aloni@intel.com>
We capture the dmesg that contains everything, but if a test
causes a kernel crash we will miss all logging at higher levels
like debug. Change the printk level to catch all of that too.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Lockdep no longer prints "INFO:" but now prints "WARNING:".
Also add the "*** DEADLOCK ***" string it usually prints so
if it changes again we can keep finding that string.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This test case verifies that both wpa_supplicant and hostapd are adding
a PMKSA cache entry based on FILS shared key authentication using ERP.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
sigma_dut can end up setting ignore_old_scan_res=1 and that can result
in some of the consecutive test cases failing. Fix this by explicitly
clearing ignore_old_scan_res after sigma_dut cases that may have ended
up setting the parameter.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is now needed from the control interface since the hardcoded
default value has been removed from the implementation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Introduction of the new base64 helper function changed the backtraces
for these OOM test cases and resulted in test failures. Update the test
scripts to work with the new implementation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It was possible for the BTM Request with no matching BSSIDs to cause
wpa_supplicant-initated roam to a better BSS (5 GHz band preferred) when
finding the second AP in a scan started by that BTM Request. This could
make the following step in the test case fail. Fix this by asking
another channel to be scanned to postpone discovery of the other AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
This makes it easier to synchronize log entries in the kernel log
(seconds from boot) and wpa_supplicant/hostapd (UNIX timestamp).
Signed-off-by: Jouni Malinen <j@w1.fi>
These test cases depend on ERP processing to reach the get_emsk handler
function. Since ERP really needs the realm to derive a proper
keyName-NAI, modify these test cases to pass the realm part in the
identity to allow error checking to be introduced for rejecting ERP
cases where the realm is not available.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The previous fix to the OCSP request construction ended up finally
moving from SHA-1 -based hash to SHA-256 for OCSP test cases. To
maintain coverage for SHA-1, add cloned versions of the two test cases
so that both SHA-256 and SHA-1 cases get covered.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Fix the openssl ocsp command line and check if it returns an error - so
that instead of having something unusable later we error out
immediately. Moving the -sha256 argument earlier fixes hash function use
for the OCSP request generation (the old version used SHA-1).
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This updates the AP-to-AP keys to the longer form and OOM test case
functions to match the new implementation.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
The cfg80211 connect command extension to allow roaming request from
user space while connect was added to the kernel, so uncomment the
previously commented out TODO item to verify this behavior.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It was apparently possible for the P2P_FIND operation to terminate
before the peer device was found. Increase the timeout to avoid this.
Signed-off-by: Jouni Malinen <j@w1.fi>