This allows unexpected cases to terminate parallel-vm.py without being
hidden by the exception handler.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Some of the WNM implementation expects configuration to be available
(e.g., ieee802_!1_rx_wnm_coloc_intf_req() dereferences wpa_s->conf), so
add a dummy configuration to allow the fuzzer tool to be used.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add test-eapol program that can be used for fuzzing the EAPOL-Key
Supplicant and Authenticator implementations. This tool can write
Supplicant or Authenticator messages into a file as an initialization
step and for the fuzzing step, that file (with potential modifications)
can be used to replace the internally generated message contents.
The TEST_FUZZ=y build parameter is used to make a special build where a
hardcoded random number generator and hardcoded timestamp are used to
force deterministic behavior for the EAPOL-Key operations. This will
also make the implementation ignore Key MIC and AES keywrap errors to
allow processing of modified messages to continue further.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add test-tls program that can be used for fuzzing the internal TLS
client and server implementations. This tool can write client or server
messages into a file as an initialization step and for the fuzzing step,
that file (with potential modifications) can be used to replace the
internally generated message contents.
The TEST_FUZZ=y build parameter is used to make a special build where a
hardcoded random number generator and hardcoded timestamp are used to
force deterministic behavior for the TLS operations.
Signed-off-by: Jouni Malinen <j@w1.fi>
The result of reading non blocked empty stream is different between
python2 and 3. The python2 sends "[Errno 11] Resource temporarily
unavailable" exception. The python3 could read "None" without
exception, so handle this "None" case as well.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
In recent Debian versions, ebtables is an alias managed by
the alternatives(8) mechanism. This means /usr/sbin/ebtables
is a symlink to /etc/alternatives/ebtables, which in turn
links to the real binary.
As we mount a tmpfs over /etc, we cannot access this.
Fix this by bind-mounting the real /etc to /tmp/etc and
adding a symlink from /etc/alternatives to this.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Evidently this file must exist when running the sigma_dut
dependent tests, add it to .gitignore so it's not seen as
making the tree "unclean" when it is added manually.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
For tests, build the HS 2.0 OSU client (without browser to avoid
having webkit/curl dependencies).
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Add a test that drops the authentication frame, so that
hostapd thinks the station is unknown, and then sends one
by itself, so the station thinks it's associated. This
tests mostly the kernel's capability to recover from this
scenario.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
If telnetd is installed and --telnet <port> is passed on the
vm-run.sh command line, start a telnet server (directly connected
to bash, no login) inside the VM(s) to be able to look into them
when something is wrong. Use a user network in qemu with a single
host forward from the specified port for this, listening only on
'localhost'.
Please note that this provides unauthenticated access to the guest
system from anything that can open a TCP connection on the host system.
The guess system does have access to reading all files on the host that
the user account running kvm has access to (and even write access if the
default ROTAG ,readonly parameter is cleared). In other words, this
option should not be used on any multiuser systems where kvm is run
under user accounts that are not dedicated for testing purposes (i.e.,
do not have access to any files that should not be readable to
everyone).
This needs CONFIG_VIRTIO_NET=y in the guest kernel.
For parallel-vm.py, the --telnet argument specifies the base port
and each VM index (0, 1, ...) is added to it.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Recently, qemu/seabios grew an annoying console/terminal reset,
which also causes my terminal to be left in a state where long
lines don't work well and less gets confused because of this.
Suppress this by suppressing all output from qemu before a new
magic string printed from inside.sh.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Instead of relying on existing configuration (which may conflict
with other tests) and skipping otherwise, create a new radio with
two channels in this test and use it.
Signed-off-by: Jouni Malinen <j@w1.fi>
Instead of relying on existing configuration (which may conflict
with other tests) and skipping otherwise, create a new radio with
two channels in this test and use it.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This is needed to fix issues with dict iteration resulting in different
order of attributes when trying to calculate Message-Authenticator
externally to pyrad.
Signed-off-by: Jouni Malinen <j@w1.fi>
All other test cases seem to work, but radius_das_disconnect_time_window
is still failing due to incorrect authenticator or Message-Authenticator
in Disconnect-Request.
Signed-off-by: Jouni Malinen <j@w1.fi>
Sending UTF-8 encoded data to logger file is currently not working
properly, so create a separate binary file with a copy of
sigma_dut-ap.conf instead to work with both python2 and python3.
Signed-off-by: Jouni Malinen <j@w1.fi>
Use struct.unpack() to get a list of int and then generate a list of
hexstr octets from it for ':'.join() to get consistent behavior for both
python2 and python3.
Signed-off-by: Jouni Malinen <j@w1.fi>
WPSAPHTTPServer class needs to explicitly decode the read value from
a bytes object to a str object.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Use ET.tostring() to avoid implicit bytes/str conversion issues within
ET implementation. Add XML declaration separately to match previous
behavior.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
This is needed for python3 since the two argument version of
str.translate() is not available for unicode. Furthermore, these cases
of delete colons from the string are simple enough for replace.
Signed-off-by: Jouni Malinen <j@w1.fi>
Only python3 warns to this bug.
TypeError: '>' not supported between instances of 'type' and 'int'
Exception: '>' not supported between instances of 'type' and 'int'
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Need to do this to avoid issues with following operations that assume
the output to be a str object.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Avoid implicit conversion errors when constructing bytes objects or
passing a str object to a function that needs a bytes object.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Signed-off-by: Jouni Malinen <j@w1.fi>
The wpas_config_file_key_mgmt fails with this error if wpa_supplicant is
built without CONFIG_SUITEB192=y:
Exception: SET_NETWORK failed
Exception: SET_NETWORK failed
Skip the WPA-EAP-SUITE-B-192 case if it is not supported in
wpa_supplicant so that the rest of the key_mgmt test coverage is
included.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
This is needed in cases the hexlify() output is used to concatenate with
a string or used in string comparisons.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Signed-off-by: Jouni Malinen <j@w1.fi>
This patch is made by using 2to3 command with some modifications.
$ find . -name *.py | xargs 2to3 -f imports -w -n
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
These were not used at all and caused unnecessary operations and in some
cases, compatibility issues with python3.
Signed-off-by: Jouni Malinen <j@w1.fi>
This code is identical to the wait_event() code, except for the
mon/global_mon instance. Create a _wait_event() function that
encapsulates this, and use it for both.
While at it, fix the bug in wait_global_event() where in the case
of not having a global_mon it always returns None.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This is useful when running a test multiple times, looking at
log output etc. to not have to pick out the right directory
each and every time.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
The wnm_sleep_mode_proto test case was already covering number of
invalid WNM-Sleep Mode Request frame cases, but it was missing the
shortest possible case with a missing Dialog Token field. Add that as a
regression test case for bounds checking in
ieee802_11_rx_wnmsleep_req().
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Since 3bdc651a62, start.sh creates the logs/current symlink even if
LOGDIR was set in the environment, as is the case when using run-all.sh.
However, run-all.sh and start.sh use a separate 'date' invocation so the
resulting string may be different. Usually it is the same because the
two invocations immediately follow each other, *except* if run-all.sh
also does a build. In addition, if the user sets LOGDIR to something
else, the symlink is completely bogus.
Fix this by not relying on the 'date' invocation for creating the
symlink. Instead, use the basename of LOGDIR. To keep things consistent
with current behavior, only create the symlink if LOGDIR points to a
subdirectory of DIR/logs.
The following use cases now work reliably:
* run-all.sh with or without the -B option;
* manually calling start.sh followed by run-tests.py without setting
LOGDIR.
* manually calling start.sh with LOGDIR set to a subdirectory of logs
and calling run-tests.py without --logdir option (which makes it
default to logs/current).
* run-all.sh with LOGDIR set to a subdirectory of logs.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This is in preparation for an implementation change that results in this
unreachable server case not incrementing radiusAuthClientAccessRequests.
Signed-off-by: Jouni Malinen <j@w1.fi>
These checks were repeated in almost every test case, so use helper
functions to get rid of duplicated (copy-pasted) code.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add even more workarounds for cfg80211 regulatory state clearing since
these DFS test cases seem to be the most likely ones to fail due to
country=98 issues.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add even more workarounds for cfg80211 regulatory state clearing since
these DFS test cases seem to be the most likely ones to fail due to
country=98 issues.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add even more workarounds for cfg80211 regulatory state clearing since
these WNM test cases seem to be the most likely ones to fail due to
country=98 issues.
Signed-off-by: Jouni Malinen <j@w1.fi>
In addition, add even more workarounds for cfg80211 regulatory state
clearing since this test case seems to be the most likely one to fail
due to country=98 issues.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is a regression test case for FT-over-DS that got broken on
mac80211-based drivers when the extra key reinstallation checks were
added.
Signed-off-by: Jouni Malinen <j@w1.fi>
ap_ft_oom seemed to depend on undesired wpa_supplicant behavior of
trying to do FT protocol even without being ready for reassociation.
This is going to be fixed in wpa_supplicant which would make this test
case fail, so split it into separate test cases for each failure item to
be able to avoid incorrect test failures.
Signed-off-by: Jouni Malinen <j@w1.fi>
The previous roam() and roam_over_ds() checks would have ignored failing
association rejection if a consecutive attempt to connect succeeds
within the initial time limit. This can miss incorrect behavior, so
check explicitly for association rejection.
Signed-off-by: Jouni Malinen <j@w1.fi>
The number of direct allocation within wpa_supplicant_mesh_init()
has been reduced due to RSN init function is factored out.
Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
Verify that the beacon report contains the last beacon report
indication subelement when requested in the beacon request.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Verify that when the frame body subelement causes the
measurement report element to exceed the maximum element size,
the beacon report is fragmented and the frame body fragment ID
subelement is added with the correct fragment number.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Verify that not updating GTK (i.e., only update PTK) in the driver does
not break connectivity. This case is different after the check for
"already in-use GTK" and rejection of GTK reinstallation.
Signed-off-by: Jouni Malinen <j@w1.fi>
Use of country=00 (world roaming) seemed to not work anymore with the
current cfg80211 regulatory implementation since the existing channel is
left enabled when moving to country=00. Use a specific country code that
does enforce the selected channel from being used anymore to make this
test case pass again.
The change in cfg80211 behavior is from the kernel commit 113f3aaa81bd
("cfg80211: Prevent regulatory restore during STA disconnect in
concurrent interfaces").
Signed-off-by: Jouni Malinen <j@w1.fi>
With this command, RSSI signal can be controlled. Due to restrictions in
kernel, only values in the range of [-30, -50] can be used. The command
is implemented by changing the TX power.
Signed-off-by: Beni Lev <beni.lev@intel.com>
It was possible for the 5 GHz PKEX channels to be enabled, e.g., when
running "ap_ht40_csa2 dpp_pkex_no_responder" test sequence, and that
resulted in a failure in dpp_pkex_no_responder due to the unexpectedly
long wait needed for the DPP-FAIL event. Increase the wait time to allow
for 5 GHz PKEX channels to be probed.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows more accurate logging of failures related to the cfg80211
country=98 (intersection) case. This version is trying to give some more
time to allow the country code to clear, but that does not seem to be
sufficient with the current cfg80211 implementation for country=98 (but
might be for other cases).
The additional check for country=98 at the beginning of each test case
is an attempt to force cfg80211 to restore world roaming state with a
new association and disconnection at the station side detected after the
AP side has already stopped. This is needed after the Linux kernel
commit 113f3aaa81bd ("cfg80211: Prevent regulatory restore during STA
disconnect in concurrent interfaces").
Signed-off-by: Jouni Malinen <j@w1.fi>
This is needed to avoid leaving unexpected cfg80211 regulatory country
code in place at the point when a test case terminates.
Signed-off-by: Jouni Malinen <j@w1.fi>
Previously, the special value 0 was used to indicate no UDP checksum.
Replace that with the calculated checksum for more like use case.
Signed-off-by: Jouni Malinen <j@w1.fi>
The ap_open_tdls_vht* test cases could leave some pending regulatory
Beacon hints waiting to be cleared during the following test case. This
would result in a failure if the following test case expected specific
regdom event behavior. For example, this caused "ap_open_tdls_vht160
dbus_country" sequence to result in failure in dbus_country. Fix this by
using more robust sequence in clearing regdom state at the end of the
TDLS test cases that have the AP advertising a country code.
Signed-off-by: Jouni Malinen <j@w1.fi>
Not all driver interfaces provide driver status information with the
local address, so skip the override step if the field is not available.
This is needed, e.g., with macsec_linux.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add a new test to check that the AP won't send frames to the client if
it tries to talk to itself.
Note that this fails until the relevant mac80211 patch is merged.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
These test cases seemed to have copy-paste errors where
wait_enabled=False was forgotten even though there was no additional
steps checking the AP mode startup results. This did not break the
tests, but could have resulted in slowing them down if the STAs did not
find the AP in the first scan.
Signed-off-by: Jouni Malinen <j@w1.fi>
The Linux kernel commit 113f3aaa81bd ("cfg80211: Prevent regulatory
restore during STA disconnect in concurrent interfaces") broke the
regulatory clearing attempt in many test cases since
cfg80211_is_all_idle() is now returning false due to the AP interface
being up and that results in the Country IE -based regulatory
information not getting cleared back to defaults.
Work around this by stopping the AP interface first so that when the
station interface receives the disconnection, there are no other active
interfaces in the system. In addition, wait for REGDOM event for the
Country IE hint after association to avoid disconnection before the
regulatory events have been fully processed.
Signed-off-by: Jouni Malinen <j@w1.fi>
The Linux kernel commit 113f3aaa81bd ("cfg80211: Prevent regulatory
restore during STA disconnect in concurrent interfaces") broke the
regulatory clearing attempt in this test case since
cfg80211_is_all_idle() is now returning false due to the AP interface
being up and that results in the Country IE -based regulatory
information not getting cleared back to defaults.
Work around this by stopping the AP interface first so that when the
station interface receives the disconnection, there are no other active
interfaces in the system. In addition, wait for REGDOM event for the
Country IE hint after association to avoid disconnection before the
regulatory events have been fully processed.
Signed-off-by: Jouni Malinen <j@w1.fi>
cfg80211 regulatory code gets into pretty inconvenient state if it needs
to intersect regulatory domain information from multiple regulations
(country=98). The existing mechanisms in the hwsim test cases are not
able to clear that up for the following test case and this can result in
large number of failures.
It looks like country=98 case is hit frequently in WNM test cases where
a station associates with an AP that advertises a specific country code
and that station is then asked to disconnect before the REGDOM events
have been received. Avoid this by waiting for the REGDOM events for the
init=COUNTRY_IE case before disconnecting.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This adds some minimal testing for Multi-BSS connection attempts. The
part for nontransmitted BSS is limited since hostapd/mac80211 does not
yet have sufficient support for Multi-BSS in AP mode.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Perform detailed tests with OCV enabled, for both the 4-way and group
key handshakes. These tests include establishing a working connection
with OCV enabled, assuring that a STA without OCV enabled can still
connect to a STA with OCV enabled (and vice versa), verifying that
invalid OCI elements get silently ignored, verifying that missing OCI
elements are reported, and so on.
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
parallel-vm.py has obsoleted this a long time ago and there is no need
to maintain two scripts for doing more or less the same thing.
Signed-off-by: Jouni Malinen <j@w1.fi>
Now that hostapd starts mandating PMF for Hotspot 2.0 Release 2
association, this test case needs some more tweaks to work. Hardcode
Hotspot 2.0 Release 1 to be used and disable PMF explicitly.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The Beacon loss event was not reported anymore, so remove that as an
unnecessary step in the test case. In addition, check the key_mgmt
values explicitly.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This is needed to meet the Hotspot 2.0 Release 2 requirement for the
third station that is actually using RSN.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Match the implementation change to fix the test cases that verified a
specific Hotspot 2.0 release number indication.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This is a regression test case for a potential NULL pointer
dereferencing fixed in the previous commit.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This verifies that radio measurement capabilities are negotiated
correctly for the reassociation cases with and without FT.
Signed-off-by: Jouni Malinen <j@w1.fi>
There is no point in building this tarball in /tmp that is on the
ramdisk of the VM since it will go away when the VM exits.
Signed-off-by: Jouni Malinen <j@w1.fi>