Commit graph

7930 commits

Author SHA1 Message Date
Jouni Malinen
994d6f4629 Add a name for an assigned QCA nl80211 vendor subcmd
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-02 23:36:12 +02:00
Jouni Malinen
44177b69e8 Allow a BSS entry with all-zeros BSSID to expire
wpa_bss_in_use() used to determine that a BSS with BSSID of
00:00:00:00:00:00 is in use in almost every case since either
wpa_s->bssid or wpa_s->pending_bssid was likely to be cleared. This
could result in a corner case of a BSS entry remaining in the BSS table
indefinitely if one was added there with a (likely bogus) address of
00:00:00:00:00:00. Fix this by ignore wpa_s->bssid and
wpa_s->pending_bssid if the BSSID in the BSS table entry is
00:00:00:00:00:00.

In theory, that address is a valid BSSID, but it is unlikely to be used
in any production AP, so the potential expiration of a BSS entry with
that address during a connection attempt would not be a concern
(especially when a new scan would be enough to recover from that).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-02 19:46:58 +02:00
Jouni Malinen
e48635cfb0 Rename QCA nl80211 vendor subcmds to match AOSP names
This makes the enum vendor_subcmds definitions more consistent with the
names used in Android.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-02 16:20:35 +02:00
Vivek Natarajan
b685e2aab7 atheros: Cleanup atheros_raw_receive to process all management frames
Signed-off-by: Vivek Natarajan <nataraja@qti.qualcomm.com>
2014-12-02 16:20:35 +02:00
Jouni Malinen
c7f35a9e96 tests: Make scan_for_auth more robust
It was apparently possible for this test case not to do what it was
supposed to do, i.e., get nl80211 Authenticate command failing due to
cfg80211 BS entry missing. With the external radio work blocking fixed,
this can be cleaned up by explicitly waiting for the scan event. In
addition, a less used channel can be selected to avoid finding other BSS
entries.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-01 20:17:08 +02:00
Jouni Malinen
e374522827 Do not start new radio work on scan completion during ext work
Externally triggered scan could result in a new radio work item getting
started even when external radio work was in progress. Delay such start
until the external work is completed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-01 20:17:08 +02:00
Jouni Malinen
243dcc4ae4 tests: Add a helper function for clearing scan cache
This makes it more convenient and consistent to clear the cached scan
results from cfg80211 and wpa_supplicant.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-01 12:20:53 +02:00
Jouni Malinen
92e3c0b14c EAP-PAX: Derive EAP Session-Id
This adds EAP-PAX server and peer method functions for deriving
Session-Id from Method-Id per RFC 4746 and RFC 5247.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-01 01:46:07 +02:00
Jouni Malinen
a7bec9e7b2 EAP-TTLS: Add support for deriving EMSK
This extends EAP-TTLS server and peer implementations to support EMSK
derivation per RFC 5281.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-01 01:28:19 +02:00
Jouni Malinen
9429bee4cc EAP-TLS server: Clear temporary buffer during EMSK derivation
Now that EMSK derivation is taken into use with ERP, it is better to
make sure the temporary MSK + EMSK buffer does not get left in heap
after use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-01 01:28:19 +02:00
Jouni Malinen
d1f89dd732 EAP server: Add getSessionId
This extends EAP server implementation to derive Session-Id similarly to
the existing EAP peer implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
d68f74c5ff EAP peer: Clean up TLS Session-Id derivation function
The comment about library not supporting Session-Id derivation was not
accurate and there is no need to check for master key that is not used
as part of derivation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
6ef319f4ea tests: AddressSanitizer (ASan) build options
Add example build options that can be used to enable ASan for hwsim test
cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
4f9a5ea5cc WPS: Fix current_ssid clearing on duplicate network removal
It was possible for the current network profile to be deleted when
merging duplicated WPS credentials. However, this did not clear
wpa_s->current_ssid and it was possible for something else to end up
dereferencing that pointer to now freed memory. This could be hit, e.g.,
with ap_wps_mixed_cred. Fix this by clearing current_ssid also in this
code path similarly to other cases of network block getting removed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
e4a35f07d9 mesh: Skip fast-association when using connect_without_scan
The mesh group addition was designed to use wpa_s->connect_without_scan
to skip a scan. That path was skipped if wpa_supplicant_fast_associate()
allowed previous scan results to be used. This could result in undesired
double-initialization attempt for the mesh interface. Avoid this by not
using wpa_supplicant_fast_associate() when wpa_s->connect_without_scan
is set.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
608b0ff52a mesh: Check for initialization failures
It is possible that these location ended up getting called before mesh
startup operations had been completed and that could result in
dereferencing NULL pointers. Address those error cases by verifying that
the needed parameters are available before using them.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
faa907389b tests: Stop connection at the end of monitor_iface_unknown_sta
Do not leave the station trying to connect at the end of the test case
since that can have an effect to the following test case. Such sequences
should be tested in test cases that are specifically designed for that
rather than randomly between test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
9a700ff9ef Ignore auth/assoc timeout events in mesh configuration
It was possible for auth/assoc timeout/failure event from the driver to
result in unexpected processing during mesh group setup if that
operation was started before the previously started driver operation to
association/connect had completed. Since those events cannot happen in
mesh cases, ignore them to avoid issues due to this corner case.

For example, monitor_iface_unknown_sta followed by wpas_mesh_secure test
case resulted in failure without this change.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
0a11409c00 Fix omac1_aes_128_vector() not to read beyond addr/len array
Previously, it was possible for the loop through the data components to
increment addr/len index at the last position beyond the declared size.
This resulted in reading beyond those arrays. The read values were not
used and as such, this was unlikely to cause noticeable issues, but
anyway, memory checkers can detect this and the correct behavior is to
stop increments before going beyond the arrays since no more bytes will
be processed after this anyway.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
763041b2e8 mesh: Avoid a false maybe-uninitialized compiler warning
An earlier check of the action_field value above the switch statement
already took care of all other possible cases, but that was apparently
too difficult for the compiler to notice. Bring back the default case to
avoid incorrect warnings about the event variable being maybe
uninitialized.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
ee27f6737b tests: Increase WEXT coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 01:05:44 +02:00
Jouni Malinen
dc4c3dc4a2 tests: Simplify Michael MIC test file writing
Since run-tests.py is now required to run as root, there is no need to
use the somewhat awkward "sudo tee" construction; instead, just write
directly to the file.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 01:05:39 +02:00
Jouni Malinen
ae13ad6413 tests: Make go_neg_with_bss_on_disallowed_chan more robust
Clear scan results to avoid PBC overlap issues caused by earlier test
cases. For example, go_neg_with_bss_connected followed by
go_neg_with_bss_on_disallowed_chan resulted in failure before this
change.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-29 15:22:43 +02:00
Jouni Malinen
8969bad521 tests: Monitor interface with hostapd
This increases testing coverage for nl80211 AP mode with monitor
interface.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-29 13:33:50 +02:00
Jouni Malinen
631739b361 Clear WLAN_STA_ASSOC_REQ_OK on AP-initiated deauthentication
This flag was left in the STA entry for the short duration after the STA
gets deauthenticated. If the STA sends a Class 2 or 3 frame during that
short time, the AP would not have replied with Deauthentication frame
indicating no association is present.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-29 13:31:54 +02:00
Jouni Malinen
0ecff8d7c3 Add hostapd driver_params config parameter
This is mainly for development testing purposes to allow driver_nl80211
behavior to be modified.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-29 13:24:42 +02:00
Jouni Malinen
ebd557288c Remove forgotten driver_test.c variables
hostapd was still providing couple of parameters that were used only in
the already removed driver_test.c framework.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-29 12:49:55 +02:00
Jouni Malinen
73a2f82887 tests: Increase retry limit and timeout for wpas_mesh_open_no_auto
This test case was failing every now and then due to dev1
(no_auto_peer=1) not receiving the new-peer-candidate event in time
before dev0 has already stopped retries on mesh peering open message.
This sounds somewhat expected with the default 4 * 40 ms = 160 ms
retries and 1000 TU beacon interval. Use maximum timeout 16 * 255 ms =
4080 ms to make this test case less likely to fail.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:30 +02:00
Jouni Malinen
d9fee38658 tests: P2P invitation resend on no-common-channels
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:30 +02:00
Jouni Malinen
cff6eed75b tests: Re-enable wext_open
driver_wext.c is again able to configure open network, so re-enable the
test case for it.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:30 +02:00
Jouni Malinen
bd26031b4b wext: Fix non-WPA/WPA2 connection with extra IEs
The associate() handler was not prepared for params->wpa_ie containing
some other IEs than WPA/RSN IE and ended up configuring security policy
incorrectly for open networks if such IEs were present. Fix this by
using wpa_proto parameter instead of IEs to determine security policy
for driver configuration.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:30 +02:00
Johannes Berg
b67cdbc162 tests: Allow wext in configuration
Both the wpa_supplicant and kernel configuration need wext to
run the wext testcase, enable those in the default/example
configurations.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-11-28 23:02:29 +02:00
Johannes Berg
d306df7919 wext: Add very basic status command support
Just to make the test framework happy, it uses the driver
status command to obtain the interface MAC address.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
ee3f9f3837 tests: Optimize autogo test cases by removing unnecessary scans
Keep full channel scans in autogo for test coverage, but use single
channel scan in all other autogo* test cases to remove unnecessary
waiting that does not add any test coverage. This removes more than one
minute from the total test execution time.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
5a631ad2c2 tests: Optimize ap_open_unexpected_assoc_event
Replace fixed sleep with waiting for a disconnection event. In addition,
remove unnecessary use of sudo.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
2005cb87e5 tests: Hide unnecessary wlantest_cli output
Unnecessary and confusing "OK" output from wlantest_cli got sent to
stdout.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
e4d7b5134e tests: Move hessid and access_network_type reset to test case
This removes unnecessary reset() steps from between every test case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
47dcb1186f tests: Move external_sim reset to test cases that change this
This removes unnecessary reset() step from between every test case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
a0559aa5ba tests: Make go_neg_forced_freq_diff_than_bss_freq more robust
It was possible for this test case to fail due to PBC overlap that was
detected based on previous test case having used PBC. Make that false
positive less likely to happen by explicitly clearing the scan cache on
the device.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
6ea5e19898 tests: Fix p2p_channel_random_social_with_op_class_change cleanup
p2p_oper_reg_class and p2p_oper_channel need to be restored to 0, not an
arbitrary 2.4 GHz channel to avoid issues for following test cases. For
example, p2p_channel_random_social_with_op_class_change followed by
p2p_autogo_pref_chan_not_in_regulatory ended up with the latter test
case failing.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
c932b43e56 mesh: Add more debug information to MPM Action frame processing
This makes it easier to figure out why a peering message is dropped.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
4b57af2aaa tests: Remove duplicated connectivity test from mesh
hwsim_utils.test_connectivity() is already bidirectional test, so there
is no need to run it twice with the devices swapped for the second
iteration.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
882f894831 tests: Make hidden SSID test cases more robust
Clear wpa_supplicant and cfg80211 scan results at the end of hidden SSID
test cases to avoid potential issues for following test cases. For
example, ap_hs20_session_info could fail if executed immediately after
ssid_hidden due to the AP configuration change from open to RSN was not
noticed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
a712282bc1 tests: proxyarp with DHCP snooping
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
356a497d39 tests: ProxyARP with DGAF disabled and multicast-to-unicast conversion
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:41:26 +02:00
Jouni Malinen
3c02cfdb3a proxyarp: Do not limit NDISC snoop packet size to 150
The RA, NS, and NA packets may be longer, so do not arbitrarily limit
the packet socket capture size to 150 bytes in the socket filter.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:41:26 +02:00
Jouni Malinen
bcb132e185 proxyarp: Validate IPv4 header total length value in dhcp_snoop
This field needs to be validated in addition to validating the total
length of the received frame to avoid reading beyond the frame buffer.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:41:26 +02:00
Jouni Malinen
8c5043b42c proxyarp: Relax frame length limit for RA and NA
Only the NS frames should be checked to be long enough to cover all the
fields used in the NS data structure. This allows shorter RA and NA
frames to be processed for multicast-to-unicast rules.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:37:05 +02:00
Jouni Malinen
ef3ea80c68 proxyarp: Fix x_snoop multicast-to-unicast debug print
l2_packet_send() returns >= 0 on success, i.e., non-zero value does not
mean failure. Fix this debug print to show up only on negative return
values.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:37:05 +02:00
Jouni Malinen
89052e9952 proxyarp: Add debug log entry on multicast-to-unicast conversion
This makes it easier to debug operations. The debug message is marked
EXCESSIVE, though, to avoid filling the logs with too much information
in default debugging cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:37:05 +02:00