Add a couple of more channel configuration cases and log the channel
parameters with more details in the test log.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
A number of test cases using 40 MHz or wider channels with the primary
channel 36 were failing when executed after dpp_chirp_ap_5g since that
test case was running an AP on the channel 40 and resulting in need to
swap the primary and the secondary channels in the following test case.
Fix this by clearing the AP scan cache explicitly for such cases.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Flush the scan cache for all test cases that used get_bss() to check for
particular ANQP information. This was already done for one such case
based on commit dd900637b2 ("tests: Make gas_anqp_extra_elements more
robust"), but other test cases need this as well.
This was showing with frequent errors in test cases sequences like this
one:
dfs_radar_no_ht gas_fragment_with_comeback_delay gas_unknown_adv_proto gas_anqp_venue_url
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This is needed to avoid leaving behind a BSS entry with WPS enabled for
the next text case in some cases. In particular, this was causing issues
in the following sequence of test cases:
ap_wps_conf_chan14 ap_wps_cancel ap_wps_pin_request_file
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Now that wpa_supplicant does this internally as a part of the FLUSH
command, there is no need for the test scripts to try to clear the
parameter between test cases.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This test case could fail in some sequences like "sigma_dut_sae
scan_parsing" due to the ignore_old_scan_res parameter accidentally
being left to 1 by the former test case and the simulated scan result
being older than the previous scan trigger. Reduce the age of that scan
entry to make this less likely to happen.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The DPP Enrollee might wait for up to 60 seconds for the configuration,
so use a longer timeout value to be able to cover this negative test
case where the Configurator never sends the response.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This group should not be used with SAE and as such, it could cause
confusing test errors here. Use an acceptable group instead.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
At least for the time being PKEXv2 needs CONFIG_DPP3=y to work in a
testable manner. Couple of the test cases did not cover this correctly
and resulted in failures (instead of skipping the tests) when the
default build configuration was used. Fix that by checking for DPP
version 3.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Before, we could loose some events because of pipe buffering. I saw this
problem when running "ubus listen" or "logread -f" and waiting some
specific events. After disabling buffering this works much better.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
This parameter was added with the commit message indicating the valid
reason code values to be 1-5, but with the implementation allowed only
1. There are five defined reason code values for the Association
Disallowed attribute, so extend the allowed range to cover all those
values.
Fixes: fb9a1c3e28 ("hostapd: Add MBO IE to Beacon, Probe Response, Association Response")
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
Add the "InterworkingSelect" method to the DBus API to trigger an
Interworking scan with ANQP fetches. When a BSS that matches a
configured credential is found, the result is emitted using the signal
"InterworkingAPAdded". Completion of the full InterworkingSelect
operation is indicated with the "InterworkingSelectDone" signal.
Signed-off-by: Damien Dejean <damiendejean@chromium.org>
Add "AddCred", "RemoveCred", and "RemoveAllCreds" methods to the D-Bus
API of the network interface to allow the caller to manipulate a set of
Interworking credentials similarly to the way this was enabled through
the control interface.
Signed-off-by: Damien Dejean <damiendejean@chromium.org>
CONFIG_DPP3=y can now be used to configure hostapd and wpa_supplicant
builds to include DPP version 3 functionality. This functionality is
still under design and the implementation is experimental and not
suitable to be enabled in production uses before the specification has
been finalized.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
When checking DPP capabilities the Brainpool flag was not always set
when needed, leading to run a test with the Brainpool curves not
supported by BoringSSL.
Use a short form for the DER length of EC privateKey with NIST P-521
curve. Indeed BoringSSL returns an error when parsing DER sequence 30 81
50 ... because the length 81 50 could have been encoded as 50 and
according comment in BoringSSL:
ITU-T X.690 section 10.1 (DER length forms) requires encoding the
length with the minimum number of octets.
Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
As BoringSSL version of i2d_PUBKEY() doesn't respect the
POINT_CONVERSION_COMPRESSED flag redefine a specific
crypto_ec_key_get_subject_public_key() version for BoringSSL based on
dpp_bootstrap_key_der().
The only other user of crypto_ec_key_get_subject_public_key() is SAE-PK
for which the public key should also be formatted using compressed
format.
Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
Move code of dpp_get_pubkey_point() to a crypto library specific
function crypto_ec_key_get_pubkey_point().
Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
Add a common well-known regulatory database to the test VMs during runs
to remove one thing to have correct in the host.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
