Commit graph

4335 commits

Author SHA1 Message Date
Jouni Malinen
ce637df76c tests: P2P autonomous GO and interface being removed
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-10-01 15:48:05 +03:00
Jouni Malinen
440a5e235b tests: DPP PFS fallback with SAE enabled
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-09-23 23:09:32 +03:00
Jouni Malinen
db599dbe99 tests: SAE-PK with invalid password on AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-09-11 15:53:56 +03:00
Jouni Malinen
0f84a56219 tests: More explicit TLS version enabling in version tests
This is needed to allow the test cases to work on systems using
secpolicy=2 default (e.g., Ubuntu 20.04).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-09-08 19:32:36 +03:00
Jouni Malinen
255e29fcae tests: DPP Controller in hostapd
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-25 16:11:43 +03:00
Jouni Malinen
29ff74aef0 tests: Additional coverage for OWE PMKSA caching
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-08-22 14:03:30 +03:00
Jouni Malinen
5dedbd582a tests: Fix wnm fuzzer build regression
Addition of MSCS support broke the test tool build due to references to
a functions from a new file. Fix this by bringing in that file to the
fuzzer build as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-08-22 11:12:17 +03:00
Jouni Malinen
f6ddda443d tests: sigma_dut DPP AP as TCP Enrollee/initiator
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-14 17:31:57 +03:00
Jouni Malinen
97e6ead423 tests: GAS/ANQP query without scan
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-13 17:51:12 +03:00
Jouni Malinen
2afc46a0a9 tests: sigma_dut and second DPP reconfiguration
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-13 17:01:32 +03:00
Jouni Malinen
ab676bc1fa tests: DPP over TCP (mutual)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-12 12:08:26 +03:00
Jouni Malinen
57e2e5ed7a tests: DPP over TCP for enterprise provisioning (Controller initiating)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-10 10:42:49 +03:00
Jouni Malinen
b58cd7aa1c tests: DPP reconfiguration retries
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-08 00:14:00 +03:00
Jouni Malinen
ad2119cbc6 tests: DPP reconfiguration connector with different groups
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-07 15:26:15 +03:00
Jouni Malinen
1837648e71 tests: SAE-PK and PSK using invalid password combination
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-07 01:09:06 +03:00
Jouni Malinen
abd950be90 tests: sigma_dut controlled AP using SAE-PK(disabled) and PSK
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-07 00:49:00 +03:00
Jouni Malinen
5e6919fd52 tests: SAE-PK and PSK
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-07 00:49:00 +03:00
Jouni Malinen
0a9d7b169e SAE-PK: Update design for fingerprint encoding into password
Update the SAE-PK implementation to match the changes in the protocol
design:
- allow only Sec values 3 and 5 and encode this as a single bit field
  with multiple copies
- add a checksum character

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-05 22:05:20 +03:00
Jouni Malinen
02f4946172 tests: SAE with OCV and fetching PMK
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-03 15:39:45 +03:00
Jouni Malinen
5579da7d5f tests: sigma_dut and WPA3 frame inject
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-03 11:54:47 +03:00
Jouni Malinen
8c936926f0 tests: SAE-PK with immediate confirm on AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-31 20:34:38 +03:00
Jouni Malinen
9d00efd829 tests: Skip sigma_dut_dpp_qr_resp_11 if dpp-ca.py does not exist
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-31 10:09:33 +03:00
Jouni Malinen
a80ab0ea95 tests: sigma_dut DPP Configurator reporting MUD URL
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-28 16:44:41 +03:00
Jouni Malinen
268433ecd0 tests: DPP Configurator enrolling followed by use of the new Configurator
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-23 18:01:55 +03:00
Jouni Malinen
4df892c781 tests: sigma_dut client privacy
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-26 22:50:13 +03:00
Jouni Malinen
58b384f467 tests: sigma_dut DPP reconfiguration
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-26 21:06:12 +03:00
Jouni Malinen
2f4c6a5bf3 tests: sigma_dut SAE-PK AP with additional SAE_PK_KeyPair values
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-25 01:39:45 +03:00
Jouni Malinen
7700146de0 tests: SAE-PK password minimum length
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-25 01:39:45 +03:00
Jouni Malinen
27ade59524 tests: sigma_dut sta_scan WaitCompletion,1
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-22 23:38:36 +03:00
Jouni Malinen
fc005be6c1 tests: sigma_dut DPP Configurator for dot1x
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-22 21:54:21 +03:00
Jouni Malinen
b649fa4f42 tests: nl80211 control port in AP mode disabled/enabled
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-06-21 18:07:54 +03:00
Jouni Malinen
948bd894f7 tests: EAP-TEAP with client certificate in Phase 1
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-06-20 18:08:12 +03:00
Jouni Malinen
1046145093 tests: Copy subject from CSR to certificate
Instead of overriding the subject field with something arbitrary, use
the value that is included in the CSR now that there is something there.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-19 00:36:44 +03:00
Jouni Malinen
a758a66725 tests: DPP over TCP for enterprise provisioning
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-19 00:13:48 +03:00
Jouni Malinen
725d98a513 tests: DPP and enterprise provisioning and CSR getting rejected
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-17 21:42:35 +03:00
Jouni Malinen
5abf8ad9b2 tests: DPP enterprise provisioning
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-16 18:26:09 +03:00
Brian Norris
1ce2a4fbea tests: Add all-blacklist test
Signed-off-by: Brian Norris <briannorris@chromium.org>
2020-06-10 21:12:44 +03:00
Brian Norris
ddd821365a tests: Skip malformed SAE authentication frames
The parsed 'length' field might pointsbeyond the end of the frame, for
some malformed frames. I haven't figured the source of said packets (I'm
using kernel 4.14.177, FWIW), but we can at least be safer about our
handling of them here.

Signed-off-by: Brian Norris <briannorris@chromium.org>
2020-06-10 21:12:44 +03:00
Johannes Berg
2f9e2f9044 tests: Check for mac80211_hwsim module before loading it
Instead of checking if the kernel allows modules (via the presence of
/proc/modules), check if mac80211_hwsim is already there and load it
only if not. This gets rid of some ugly prints from modprobe in case
code isn't even a module and cannot be found, etc.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-06-10 21:12:44 +03:00
Johannes Berg
4dd712bd36 tests: Use bytes in a few places
With python3 bytes are returned for stdout, so need to use b''
strings instead of normal strings. These are just a few places
I ran into, almost certainly more places need it.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-06-10 21:12:44 +03:00
Johannes Berg
db294952bb tests: Set VHT160 or VHT160-80PLUS80 capability
If we want the test to actually use 160/80+80 we need to explicitly
advertise that we support it ourselves, since the kernel is going to be
a bit more strict about this.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-06-10 21:12:44 +03:00
Jouni Malinen
de36f6b7b3 tests: SAE-PK with group 21
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-10 12:47:07 +03:00
Jouni Malinen
f0704e7273 tests: Clean up SAE-PK parameter use
Use the global variables instead of copies of same values.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-10 12:47:07 +03:00
Jouni Malinen
cad9ae1dc4 tests: SAE-PK with different SAE group combinations
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-10 12:47:07 +03:00
Jouni Malinen
892ac42bdc tests: wpa_supplicant global pmf parameter
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-09 00:59:26 +03:00
Jouni Malinen
78c1cb8868 tests: OWE transition mode BSSID mismatches
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 21:43:41 +03:00
Jouni Malinen
9a0807ce36 tests: sigma_dut controlled AP using SAE-PK misbehavior
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 20:00:14 +03:00
Jouni Malinen
5a8b366233 tests: Make SAE-PK test cases more robust
Clear scan results explicitly in test cases that check BSS entry flags
to avoid incorrect failures based on results from earlier test cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 17:48:57 +03:00
Jouni Malinen
232705e3c4 tests: SAE-PK AP misbehavior
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 15:21:18 +03:00
Jouni Malinen
3a6e674adf tests: sigma_dut controlled AP and transition disabled indication change
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 17:07:57 +03:00
Jouni Malinen
6d72833236 tests: SAE-PK mixed deployment
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 16:50:09 +03:00
Jouni Malinen
0f2d5867e3 tests: SAE-PK password, but no PK on AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 12:04:14 +03:00
Jouni Malinen
f179475bf7 tests: Share a single definition of SAE-PK Sec=2 values
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 12:01:52 +03:00
Jouni Malinen
5ee94a997e tests: Replace sae_pk_only with sae_pk to match implementation
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 11:55:16 +03:00
Jouni Malinen
f38146e559 tests: PMKSA cache control interface for external management (FT)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 16:48:57 +03:00
Jouni Malinen
747c69fa90 tests: SAE-PK transition disable indication
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
7937160d24 tests: Verify SAE-PK use more explicitly
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
4ea4df529d tests: SAE-PK only
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
b96a4fa996 tests: Report unknown WpaSupplicant::connect() arguments
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 11:48:09 +03:00
Jouni Malinen
db23b8f95b tests: sigma_dut and SAE-PK
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-05 16:58:25 +03:00
Jouni Malinen
c55a52a85d tests: sigma_dut controlled GTK rekeying
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-05 15:35:44 +03:00
Jouni Malinen
37a5b50de3 tests: Fix sigma_dut ap_get_mac_address result parsing
Get only the actual BSSID part from the response string.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-05 13:41:59 +03:00
Jouni Malinen
cb43c9bfd0 tests: sigma_dut controlled AP using OCV
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-05 13:39:41 +03:00
Jouni Malinen
2c7b5a2c5f tests: Skip too short SAE-PK passwords in positive testing
Lambda >= 12 is needed with Sec = 2, so drop the shorter password
lengths in the sae_pk and module_wpa_supplicant test cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-04 23:53:33 +03:00
Jouni Malinen
c3f894ad00 tests: Fix eapol-supp fuzzing tool build
Boolean handling was changed to use "true" instead of "TRUE", but this
location was missed.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-02 23:48:37 +03:00
Jouni Malinen
fca9ef3fee tests: SAE-PK
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-02 23:48:37 +03:00
Jouni Malinen
8019033fc5 tests: OCV channel mismatch validation by STA
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-30 00:38:03 +03:00
Jouni Malinen
b50b8f0429 tests: HS 2.0 deauthentication request PMF misbehavior (+HTC)
Verify driver/mac80211 behavior with HT Control field in Public Action
frames.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-29 20:55:18 +03:00
Jouni Malinen
eff431ff38 tests: OWE transition mode with owe_transition_ifname
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-26 16:23:39 +03:00
Jouni Malinen
9818fbe9bc tests: Enforce proper OCV behavior for SA Query Response from STA
Now that there is a pending mac80211 patch ("mac80211: allow SA-QUERY
processing in userspace") to allow wpa_supplicant to take care of SA
Query Request processing, start enforcing correct behavior for this in
ocv_sa_query and wpa2_ocv_sta_override_sa_query_resp.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-26 12:31:16 +03:00
Jouni Malinen
b96a3bd5df tests: sigma_dut controlled STA using OCV
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-25 23:24:55 +03:00
Jouni Malinen
38163b193e tests: OCV and post-CSA SA Query error cases
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-25 21:57:04 +03:00
Jouni Malinen
5071248bd4 tests: OCV with OCI override on STA
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-25 19:11:36 +03:00
Jouni Malinen
bf47f0542f tests: Suite B using PMKSA caching and roaming
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-25 16:20:33 +03:00
Jouni Malinen
0132a72922 tests: Use test-name.* style files more consistently
Use params['prefix'] to build the file names for dynamically generated
files.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 16:03:29 +03:00
Jouni Malinen
78c823de4e tests: Handle unexpected get_driver_status_field() error
If the current country code cannot be fetched, do not try to report the
current value in the log since that will result in TypeError exception.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 13:04:26 +03:00
Jouni Malinen
f382af2c1e tests: Avoid hapd reference before assignment on error cases
Couple of VHT test cases missed explicit setting of hapd to None before
trying to start hostapd. Add those to avoid unexpected exceptions in
case hostapd start fails.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 12:59:53 +03:00
Jouni Malinen
7134b2a548 tests: Add description for test cases that were missing it
All test_*() functions are expected to use __doc__ to provide a short
description of the test case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 01:31:19 +03:00
Jouni Malinen
49d1f9c98e tests: Unify ignore_old_scan_res resetting
Add a decorator that clears ignore_old_scan_res parameter value instead
of doing this with try/finally in large number of test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 01:31:19 +03:00
Johannes Berg
570ae3ef54 tests: Unify IPv6 disabling
Add a decorator that disables IPv6 and requires running
under a VM, rather than open-coding that many times.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-05-17 01:31:19 +03:00
Jouni Malinen
87c8e86da9 tests: Fix ACS freqlist testing
The freqlist parameter uses comma, not space, separated values. Add
another test case for checking freqlist values that do not use the
preferred channel numbers to make sure the frequency list is actually
used as a constraint for selecting the channel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 01:31:19 +03:00
Johannes Berg
34ac7d871a tests: Delayed group rekey retransmit test for IGTK
Add a test for delayed group rekey retransmission that checks that
the IGTK is protected against it by not resetting the IPN replay
counter when reinstalling such a key.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-05-17 01:31:19 +03:00
Johannes Berg
7f508ff968 tests: Reset the correct key's PN for group key handshake testing
While adding support for IGTK and BIGTK here, I tested this without
protections (i.e., with protections removed from both wpa_supplicant and
the driver), and while I got some bad resets on the debugfs values, it
should have failed with "unexpected connectivity".

Fix this to be correct - we need to reset the GTK PN, not the PTK PN in
this test.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-05-17 01:31:19 +03:00
Johannes Berg
889218c14a tests: Extend debugfs key state reading for IGTK/BIGTK
Extend the debugfs read helpers to work with IGTK and BIGTK.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-05-17 01:31:19 +03:00
Johannes Berg
4a0b27c62f tests: Replace gtk boolean by keytype in cipher suite tests
Replace the gtk boolean by a keytype value indicating
GTK or PTK, to be able to extend to other types later.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-05-17 00:02:18 +03:00
Jouni Malinen
f636bc3abc tests: Skip TOD-TOFU/STRICT tests if build does not support this
This functionality is currently available only with OpenSSL and internal
TLS implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-16 21:58:10 +03:00
Thomas Pedersen
692bbd25b4 tests: Flush scan results before checking alloc failure
When run after other tests, It was likely that the target
bss was already present in scan_fail, so the
scan_for_bss() wouldn't trip the allocation failure in
wpa_bss_add(). Flush the scan results before the scan to
ensure wpa_bss_add() is called and consistently pass
scan_fail.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-05-16 17:32:01 +03:00
Thomas Pedersen
0218bf05d6 tests: sigma_dut: set regulatory inside try/except
If sigma_dut is not installed, start_sigma_dut() will
throw an exception. Call start_sigma_dut() inside the
try/except to correctly reset the regulatory domain.

This fixes several seemingly random failures due to
regulatory domain not being reset.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-05-16 17:30:16 +03:00
Jouni Malinen
72e10af9ca tests: Automatic channel selection and RX during ACS
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-16 12:18:42 +03:00
Jouni Malinen
47323a6f50 tests: sigma_dut DPP/QR AP as chirping Enrollee
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-13 17:59:05 +03:00
Jouni Malinen
d5b596996e tests: DPP chirp by an AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-13 17:59:05 +03:00
Jouni Malinen
dff67270b5 tests: iftype parameter with GET_CAPABILITY key_mgmt
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-12 17:33:54 +03:00
Jouni Malinen
644638819a tests: Additional sigma_dut DPP over TCP coverage
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-12 14:48:49 +03:00
Jouni Malinen
b37a1ec24f tests: DPP over TCP (Configurator initiates)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-12 14:48:49 +03:00
Jouni Malinen
217656d098 tests: DPP reconfiguration exchange
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:11 +03:00
Jouni Malinen
3aaf269f67 DPP: Move TCP encapsulation into a separate source code file
This continues splitting dpp.c into smaller pieces.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:11 +03:00
Jouni Malinen
21c612017b DPP: Move configurator backup into a separate source code file
This continues splitting dpp.c into smaller pieces.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:11 +03:00
Jouni Malinen
fdbbb74064 DPP: Move authentication functionality into a separate source code file
This continues splitting dpp.c into smaller pieces.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:11 +03:00
Jouni Malinen
0c043d9de7 DPP2: Reconfig Announcement transmission
Extend DPP chirping mechanism to allow Reconfig Announcement frames to
be transmitted instead of the Presence Announcement frames. Add a new
wpa_supplicant control interface command "DPP_RECONFIG <network id>" to
initiate reconfiguration for a specific network profile.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 16:41:33 +03:00
Jouni Malinen
b227515fae tests: Update dpp_peer_intro_local_failures to match implementation
The memory allocation in dpp_peer_intro() was moved into a helper
function dpp_check_signed_connector(), so update the test case to match.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 16:41:33 +03:00
Jouni Malinen
d4ae12355a DPP: Move PKEX functionality into a separate source code file
This continues splitting dpp.c into smaller pieces.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 16:41:33 +03:00
Jouni Malinen
87b6572616 DPP: Move crypto routines into a separate source code file
This is an initial step in splitting the overly long dpp.c into smaller
pieces.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 12:09:24 +03:00
Jouni Malinen
6eb03715e3 tests: Update dpp_pkex_test_fail to match implementation
dpp_derive_ke() was renamed to dpp_derive_bk_ke().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-10 15:55:30 +03:00
Jouni Malinen
046f2d1fb9 tests: DPP URI version information
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-06 11:59:11 +03:00
Jouni Malinen
6b8dde4ec9 tests: sigma_dut controlled AP doing DPP on offchannel
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-06 01:14:13 +03:00
Jouni Malinen
c32c3bcc6b tests: sigma_dut and DPP MUD URL
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 15:33:03 +03:00
Jouni Malinen
1d4a1a819a tests: sigma_dut DPP chirping
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 15:33:03 +03:00
Jouni Malinen
bb8e191cca tests: Verify Deauthentication frame transmission to STA in PS mode
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:45 +03:00
Jouni Malinen
ccca850898 tests: Disable power saving explicitly for pmksa_cache_ap_expiration
This test case seems to be failing every now and then due to the AP not
getting out the Deauthentication frame after PMKSA expiration if the STA
is in power save mode.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:45 +03:00
Jouni Malinen
8a8001989a tests: Clear power save configuration in ap_open_sta_ps
It looks like this test case was supposed to set power_save off at the
end instead of repeating the same setting twice.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:45 +03:00
Jouni Malinen
1a59ebf2e5 tests: DPP version override
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:45 +03:00
Jouni Malinen
f114156804 tests: Disable PFS in dpp_akm_sha*
These test cases are using externally generated PMKSA cache entry which
does not support use of PFS. This will start failing if the station
claims to support PFS in such cases, so explicitly disable PFS
functionality in these test cases for now.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:44 +03:00
Jouni Malinen
61e22e45c8 tests: DPP PFS and cfg80211 connect command
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:44 +03:00
Jouni Malinen
6c67ad0a52 tests: Check DPP PFS negotiation result
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:44 +03:00
Thomas Pedersen
7ec86f6599 tests: Skip proxyarp tests properly if ebtables rule install fails
Otherwise the test will continue on and fail later due to unexpected
foreign ARP request. The try/except design here did not work properly to
detect this.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-05-03 18:46:34 +03:00
Jouni Malinen
82f2e3ddce tests: Move from 1024 bit private keys to 2048 bit keys
Crypto libraries are starting to refuse to accept the old shorter keys,
so move all test certificates and DH to use 2048 bit (or longer) keys.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-03 18:21:13 +03:00
Jouni Malinen
674758ed59 tests: Provide digestmod to hmac.new() for Python 3.8
Python 3.8 removed the previously used default of MD5 algorithm, so
provide the explicit digestmod=hashlib.md5 parameter to the couple of
places that were missing it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-03 11:58:54 +03:00
Jouni Malinen
83c9b69b01 tests: Wait a bit to get Beacon frames into capture
The ap_beacon_rate_* test cases could end up terminating before the very
first Beacon frame is captured, so wait a bit after the connection to
make sure at least one Beacon frame is going to be in the capture file.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-25 17:23:24 +03:00
Jouni Malinen
c794bdf9c8 tests: Beacon frame protection mismatch
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-24 17:16:51 +03:00
Jouni Malinen
05abebaa06 tests: Fix sigma_dut_sae_h2e_enabled_group_rejected to clear sae_pwe
This test case was using sigma_dut to set sae_pwe=2, but that value was
not cleared in the end. This could result in following SAE test cases
failing due to unexpected behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-24 17:06:50 +03:00
Jouni Malinen
fe319fc7ed tests: DPP QR Code and authentication exchange (rand_mac_addr=1)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-22 17:09:01 +03:00
Jouni Malinen
de3f8d9fd1 tests: Fix new fuzzer builds
$(LIBS) got included twice into the linker command line from $^ and
$(LIBS). The former ended up getting converted based on host CPU rather
than target. Fix that by removing duplication and -lcrypto from $(LIBS).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-22 00:51:13 +03:00
Jouni Malinen
e480ed38eb tests: ap_open_out_of_memory to skip i802_init test if needed
The eloop_register_read_sock() call in i802_init() will be skipped if
the driver supports control port for EAPOL RX, so need to skip this part
of the test case conditionally.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-19 17:42:41 +03:00
Jouni Malinen
533d06340f tests: WPA2-PSK AP with nl80211 control port in AP mode
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-19 16:50:56 +03:00
Jouni Malinen
52ed13b78d tests: Move csa_supported() into utils.py
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-18 11:35:32 +03:00
Jouni Malinen
0b21877185 tests: Move clear_scan_cache() and set_world_reg() to utils.py
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-18 11:35:32 +03:00
Jouni Malinen
1bba048d78 tests: Move vht_supported() into utils.py
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-18 11:35:32 +03:00
Jouni Malinen
31bdd8b7c7 tests: Move check_sae_capa() into utils.py
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-18 11:35:32 +03:00
Jouni Malinen
40341e16a5 tests: Move check_wep_capa() into utils.py
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-18 11:35:32 +03:00
Jouni Malinen
7e88ed8e2d tests: Use function decorator to clean up --long processing
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-18 11:35:32 +03:00
Jouni Malinen
b5bf18768f tests: ap_wps_reg_config_tkip to allow no-TKIP hostapd build
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
7162c6ecf5 tests: Use SAE instead of WPA/TKIP in ap_multi_bss_acs
This makes the test case work with no-TKIP hostapd builds.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
48ac765919 tests: ap_wpa2_eap_assoc_rsn to allow TKIP-disabled hostapd build
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
d0b382fd11 tests: ap_wps_init to allow TKIP-disabled hostapd build
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
7b82d0bd58 tests: Skip test cases where hostapd does not support TKIP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
21cf2c5baf tests: Skip more tests based on missing TKIP support
This makes it more convenient to run tests with builds that disable
TKIP/WPA(v1) support completely.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
de5bf2d199 tests: Do not enable TKIP group cipher for FT tests without need
Change run_roams() default to CCMP-only and enable TKIP only in the test
case that needs this.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-17 23:51:58 +03:00
Jouni Malinen
11bd6ea60e tests: sigma_dut controlled AP with FT and RSNXE Used mismatch
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-16 23:58:36 +03:00
Jouni Malinen
b654552247 tests: FT-SAE AP and unexpected RSNXE Used in ReassocResp
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-16 23:39:57 +03:00
Jouni Malinen
7ad6016e19 tests: sigma_dut controlled FT protocol with RSNXE Used mismatch
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-16 15:44:42 +03:00
Jouni Malinen
6ac48fd9e8 tests: FT-SAE AP and unexpected RSNXE Used in ReassocReq
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-14 16:37:35 +03:00
Jouni Malinen
2012a26d0f tests: AP may discard FT ReassocReq in ap_ft_sae_h2e_downgrade_attack
This is in preparation for a hostapd implementation change on how to
address the unexpected RSNXE Used field value in FTE during FT
reassociation.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-14 16:37:35 +03:00
Jouni Malinen
f8d8b7d92d tests: Enable dumping of key information in test-x509v3
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-05 20:12:59 +03:00
Jouni Malinen
63ccec5433 tests: Remove test-x509
This has been obsoleted by tests/fuzzing/x509.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-05 19:38:41 +03:00
Jouni Malinen
ec182d5e93 tests: SAE/PMF roam
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-04 23:57:18 +03:00
Jouni Malinen
9dd5373122 tests: FT+PMF roaming with skip_prune
Verify hostapd behavior during FT protocol processing when a STA entry
is still present in the AP and that association has PMF negotiated.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-04 23:32:12 +03:00
Jouni Malinen
af23f3a849 tests: New style fuzzing tool for DPP URI parsing
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-04 20:09:30 +03:00
Jouni Malinen
41a1032449 tests: New style fuzzing tool for SAE commit parsing
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-04 19:51:46 +03:00
Thomas Pedersen
fe4c0ea723 tests: Enable MACsec testing by default in the VM kernel
Include support for MACsec testing in the (vm) kernel by default.

Don't include support in the example hostapd or wpa_supplicant configs
yet since that would potentially break the build on older distributions
like Ubuntu 16.04, which is supported until April 2021.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-04-04 17:25:30 +03:00
Jouni Malinen
ca70f36c20 tests: Make ap_vht_csa_vht40_disable more robust
Wait for disconnection and reconnection after CSA since mac80211 does
not support clean CSA to disable VHT.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-03 21:19:18 +03:00
Jouni Malinen
169cf46534 tests: sigma_dut and DPP with NFC
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-03 16:27:57 +03:00
Jouni Malinen
4b9a1ba0ad tests: Use a helper function for starting DPP AP in sigma_dut tests
Remove unnecessary code duplication.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-03 12:59:47 +03:00
Jouni Malinen
f964a54ec2 tests: Remove duplicate definitions of csign/connector in sigma_dut
There is no need to duplicate the definitions of the exact same values
within each test function.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-03 12:54:44 +03:00
Jouni Malinen
62d5616155 tests: DPP netAccessKey for reconfig
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-03 12:45:03 +03:00
Jouni Malinen
a34fb79788 tests: DPP reconfiguration connector
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-02 21:34:49 +03:00
Jouni Malinen
4e9cfc3eb8 tests: DFS channel switch
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-29 21:15:16 +03:00
Jouni Malinen
af6a2b727c tests: Use complete CHAN_SWITCH parameters in ap_vht_csa_vht40_disable
Specify the secondary channel offset and correct center_freq1 value to
make the parameters complete for a 40 MHz channel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-29 21:15:16 +03:00
Thomas Pedersen
34708b4893 tests: Include UML defconfig
Include a defconfig for building kernel as UML. Also update the README
with a few notes related to UML.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-03-29 21:15:16 +03:00
Thomas Pedersen
eedf08f7a9 tests: Convert kernel-config to defconfig
Make the included kernel-config a little more minimal by checking in the
defconfig instead.

Generate the defconfig by checking out a linux at tag wt-2020-03-17,
copy kernel-config to .config, run
'yes "" | make oldconfig && make savedefconfig',
and copy resulting defconfig to kernel-config.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-03-29 21:15:16 +03:00
Johannes Berg
478bc00b5f tests: Assume --long for UML
If we use user-mode-linux, we have time-travel, and then the --long
argument doesn't really make a difference, so just assume that's the
case.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-03-29 21:15:16 +03:00
Jouni Malinen
6f291896b9 tests: FT roaming cases with authorized STA entry remaining
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-29 21:15:16 +03:00
Jouni Malinen
e96d319140 tests: DPP PFS
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-28 17:27:42 +02:00
Jouni Malinen
a3eda98c22 tests: Skip background scans in beacon loss tests
bgscan_learn_beacon_loss was failing quite frequently and it looks like
the background scans were related to those failures. Since those scans
are not really relevant to testing beacon loss, get rid of them in these
test cases to avoid incorrect failures.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 21:05:44 +02:00
Jouni Malinen
ef46f143bc tests: dpp_controller_rx_failure to match implementation changes
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 20:05:25 +02:00
Jouni Malinen
f1732b4d1a tests: DPP chirping
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 20:05:25 +02:00
Jouni Malinen
b766ac488f tests: Use frame injection in monitor_iface_unknown_sta
The previously used normal data TX depends on undefined driver behavior
after all keys have been removed. That may not be available, so do this
more properly with frame injection through a monitor interface.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 17:51:03 +02:00
Jouni Malinen
19e8536d47 tests: sigma_dut controlled AP and transition disabled indication
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 13:01:19 +02:00
Jouni Malinen
f3de8f35bc tests: sigma_dut controlled AP and beacon protection
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 12:50:00 +02:00
Jouni Malinen
14ee49c24b tests: sigma_dut controlled STA and beacon protection
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 11:52:47 +02:00
Jouni Malinen
431e5d5819 tests: Add forgotten step to ap_wpa3_eap_transition_disable
This was supposed to be included, but was forgotten in an editor window
with pending changes..

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 00:57:40 +02:00
Jouni Malinen
5cf5680e5c tests: Transition disable
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 00:22:57 +02:00
Jouni Malinen
634bc4e6df tests: sigma_dut sta_scan ShortSSID
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-24 12:33:31 +02:00
Jouni Malinen
681e8495b4 tests: Extended Key ID
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-23 11:47:31 +02:00
Jouni Malinen
9efac01020 tests: Fix bgscan_learn_beacon_loss with REPORTS_TX_ACK_STATUS
Stopping the AP from beaconing will also stop it from acknowledging
frames and that resulted in bgscan_learn_beacon_loss failing when
mac80211_hwsim is registering REPORTS_TX_ACK_STATUS. Work around this by
moving to using PMF so that the station ignores the unprotected
deauthentiation frames from the AP and also disabling SA Query. This
allows the AP to be stopped and restarted with large enough Beacon
interval to allow the station to detect beacon loss.

This is identical to the earlier design change for
bgscan_simple_beacon_loss (somehow this bgscan_learn_beacon_loss test
case managed to pass at that time).

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-22 19:52:38 +02:00
Jouni Malinen
7fb365893a tests: Wait longer for connection in radius_macacl_unreachable
It looks ike the authentication timeouts may continue a bit longer after
some kernel changes and that could result in temporarily disabling the
network profile. Give this test case more time to complete the
connection to avoid reporting failures unnecessarily.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-21 23:56:19 +02:00
Jouni Malinen
275509ee67 tests: Update prefer_vht40 throughput estimation
Match the updated max_ht40_rate() estimation with VHT.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-21 19:33:38 +02:00
Jouni Malinen
a60a0a43c7 tests: Fix bgscan_simple_beacon_loss with REPORTS_TX_ACK_STATUS
Stopping the AP from beaconing will also stop it from acknowledging
frames and that resulted in bgscan_simple_beacon_loss failing when
mac80211_hwsim is registering REPORTS_TX_ACK_STATUS. Work around this by
moving to using PMF so that the station ignores the unprotected
deauthentiation frames from the AP and also disabling SA Query. This
allows the AP to be stopped and restarted with large enough Beacon
interval to allow the station to detect beacon loss.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-21 18:13:28 +02:00
Jouni Malinen
2af3d99cd3 tests: Additional FT-SAE with RSNXE testing
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-21 00:24:03 +02:00
Jouni Malinen
c557720ef0 tests: sigma_dut AP configuration for different channels
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-16 16:22:32 +02:00
Jouni Malinen
5732e57423 tests: Use hostapd_logdir in sigma_dut_ap_psk_sha256
logdir was prepared for this test case, but it was not actually used.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-16 15:38:27 +02:00
Jouni Malinen
e9d2cd71af tests: Scanning in AP mode
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-15 21:22:47 +02:00
Jouni Malinen
2e22f3e82e tests: Check more details in pmksa_cache_ap_expiration
It looks like this test case can fail if the STA goes to power save mode
and the Deauthentication frame from the AP after session timeout is not
actually sent at all. Check more details to make it clear that this is
indeed the reason behind the failure.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-15 17:07:52 +02:00
Jouni Malinen
60c435493d tests: SAE and RSNE mismatch in EAPOL-Key msg 2/4
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-15 11:16:22 +02:00
Jouni Malinen
2b8f8a4721 tests: FT protocol RSNE/RSNXE mismatch in Reassociation Response frame
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-15 10:39:17 +02:00
Jouni Malinen
55093c8014 tests: Current Operating Class value from STA
Verify Supported Operating Classes element contents from STA in various
HT and VHT cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-11 18:30:51 +02:00
Janusz Dziedzic
60b06d8750 tests: Set device_name for WPS test cases
Set device_name in the test cases instead of relying on the
wpa_supplicant configuration file. This fixes problems when we run WPS
test cases in remote test environment.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-03-08 17:14:48 +02:00
Janusz Dziedzic
fbf877b012 tests: Clear regulatory domain on the correct remote device
In case we run remote tests we need to clear/set regulatory domain on
the correct device.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-03-08 17:13:47 +02:00
Janusz Dziedzic
12a508a11f tests: remote: Allow to run module tests
Add a new command line option -f (--modules) that will run all test
cases from the specified module(s).

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-03-08 17:10:57 +02:00
Jouni Malinen
9bf306f57d tests: Fix sigma_dut_sae_pw_id_pwe_loop to clear sae_pwe setting
Leaving out the special sae_pwe value was causing failures for following
test cases, e.g., in the following sequence:
sigma_dut_sae_pw_id_pwe_loop sae_password_id_only

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-08 16:16:11 +02:00
Jouni Malinen
023441c102 tests: Opportunistic Wireless Encryption transition mode and RSNE mismatch
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-08 16:16:11 +02:00
Jouni Malinen
7e43b6cbcf tests: RSNXE mismatch in EAPOL-Key msg 3/4
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-07 17:06:12 +02:00
Jouni Malinen
9108e396a7 tests: RSNE mismatch in EAPOL-Key msg 3/4
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-07 16:58:29 +02:00
Jouni Malinen
3396a4529c tests: RSNXE missing from EAPOL-Key msg 3/4
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-07 16:42:47 +02:00
Jouni Malinen
20cace9014 tests: WPA2-EAP AP with STA using 4addr mode
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-07 13:59:17 +02:00
Jouni Malinen
bdb2eaf876 tests: sigma_dut with OWE PTK workaround
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-06 21:44:31 +02:00
Jouni Malinen
72c34d23a4 tests: Automatic channel selection with fallback to 20 MHz
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-06 21:44:31 +02:00
Jouni Malinen
2fb59e77b5 tests: HT with 20 MHz channel width doing CSA to 40 MHz
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-06 21:44:31 +02:00
Jouni Malinen
154722e5b1 tests: Make ap_ht_40mhz_intolerant_ap more robust
Some test case sequences seemed to prevent the station from completing
the first OBSS scan (that scan was aborted) and that resulted in failing
the test case because the AP had not received any report in time. Wait
for scan completion and allow additional scans before timing out to
avoid indicating incorrect AP behavior in cases where the report was not
even received.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-06 21:44:31 +02:00
Jouni Malinen
b27c7ac0eb tests: wpa_supplicant SAVE_CONFIG without config file
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-06 11:24:28 +02:00
Jouni Malinen
72fd30c4b9 tests: WPS PBC/PIN timeout on AP
Verify that AuthorizedMACs advertisement is removed when a PBC session
or a PIN times out.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-04 23:28:45 +02:00
Jouni Malinen
dc054892a2 tests: sigma_dut special case for SAE Password Identifier with PWE looping
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-04 21:23:43 +02:00
Jouni Malinen
9c244b542e tests: DFS channel bandwidth downgrade from VHT80 to VHT40
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-03 18:58:08 +02:00
Jouni Malinen
744a2f9846 tests: Specific vs. wildcard SSID in Probe Request frame in BSSID-scan
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-02 20:44:23 +02:00
Jouni Malinen
97de4a0f9b tests: Verify that HE gets fully enabled for mesh
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-02 19:56:27 +02:00
Jouni Malinen
8b077a42e5 tests: wpa_supplicant config file writing with SAE
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-02 11:51:38 +02:00
Jouni Malinen
d9aafb75f1 tests: SAE and PSK with multiple passwords/passphrases
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-01 19:53:16 +02:00
Jouni Malinen
200c7693c9 Make WEP functionality an optional build parameter
WEP should not be used for anything anymore. As a step towards removing
it completely, move all WEP related functionality to be within
CONFIG_WEP blocks. This will be included in builds only if CONFIG_WEP=y
is explicitly set in build configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-29 17:45:25 +02:00
Jouni Malinen
886ee6775f tests: Automatic channel selection with hw_mode=any
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-29 11:23:03 +02:00
Jouni Malinen
9551930f1e tests: Initialize wlantest with passphrase for ap_wpa2_ptk_rekey
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-28 23:19:52 +02:00
Jouni Malinen
54bc5db16e tests: sigma_dut controlled AP with SAE H2E and anti-clogging token
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-28 19:53:45 +02:00
Jouni Malinen
fd1892885b tests: SAE and opportunistic key caching and PMK lifetime
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-28 18:41:24 +02:00
Jouni Malinen
5f11739d58 tests/fuzzing: Update WPA set_key() handler prototype
Update the fizzing test tools to use the new set_key() prototype, i.e.,
add the new key_flag argument, to get rid of compiler warnings.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-25 13:13:06 +02:00
Jouni Malinen
e55dedbf6e tests/fuzzing: Fix build after CONFIG_IEEE80211N=y removal
Commit f3bcd69603 ("Remove CONFIG_IEEE80211N build option") broke
couple of fuzzing test tools due to missing wpa_scan_results_free(). Fix
that by pulling in driver_common.o.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-25 13:08:00 +02:00
Jouni Malinen
ae750570b6 tests: WPS PBC session overlap detection with single BSSID selected
Update grpform_pbc_overlap not to require PBC session overlap to be
detected since in this sequence a single BSSID is specified and other
APs can be ignored while checking for session overlap. Add other test
cases to explicitly check for the PBC session overlap detection in
non-P2P and P2P cases when the BSSID is specified.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-24 20:04:21 +02:00
Jouni Malinen
af9d8c758d tests: Use proper temp files for dynamically created config
Replace the hardcoded /tmp filenames for generated ACL and BSS
configuration files with proper temporary files from tempfile.mkstemp()
to avoid conflicts with existing files or with parallel uses. Remove ACL
files from the local directory at the end of each test case. BSS files
are currently left behind, but can be cleaned up separately if needed
for non-VM testing (VM testing has those on ramdrive so they get dropped
automatically at the end) and for remote devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-23 18:20:50 +02:00
Jouni Malinen
6998ef48c8 tests: Remove unused BSS configuration files
These are now generated dynamically.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-23 17:52:56 +02:00
Jouni Malinen
92f08a3ccd tests: Generate BSS config files in ap_bss_add_remove_during_ht_scan
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-23 17:52:53 +02:00
Jouni Malinen
a066644fcb tests: Generate BSS configuration files in ap_bss_add_out_of_memory
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-23 17:50:44 +02:00
Jouni Malinen
791acc676c tests: Generate BSS configuration files in ap_bss_config_file
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-23 17:50:44 +02:00
Jouni Malinen
387d96f7c5 tests: remove: Fix a typo in a comment
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-23 17:50:44 +02:00
Janusz Dziedzic
bdff1be152 tests: Extend wpas_ctrl_bssid_filter for remote testing
When this test case is ran in remote test environment, there could be
additional APs in scan results after bssid_filter has been disabled.
That breaks the check on SCAN_RESULTS output. Extend this to cover the
remote testing case by using bssid_filter with both known APs listed
instead of full wildcard.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 17:50:44 +02:00
Janusz Dziedzic
e206c93f31 tests: Fix multi_check() for remote testing
Don't use hardcoded BSSID; instead use the real BSSID from the device.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 17:50:44 +02:00
Janusz Dziedzic
ba1ff57ad2 tests: remote: Generate and send BSS configuration files
Instead of hardcoded bss-[1-6]*.conf files, generate them using the
correct BSSID for each AP device and send/install them on the remote
client as well if needed.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 17:50:44 +02:00
Janusz Dziedzic
4d14838421 tests: Generate ACL files
Generate ACL files instead of using files with hardcoded values for the
STA MAC addresses. Send the generated files also to the remote client if
required.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 16:38:23 +02:00
Janusz Dziedzic
16f18b2ca7 tests: remotehost: Add send_file()
Some hostapd test cases use configuration files, e.g., ACLs in BSS
configuration. When executing remote tests (udp), we have to first send
these configuration files to the appropriate remote device. The new
send_file() helper can be used for that.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 15:48:46 +02:00
Janusz Dziedzic
7a934fe72a tests: remote: Handle different ifconfig output formats
We could have different ifconfig output formats on the remote devices,
so make the parser more flexible to handle such cases.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 15:34:06 +02:00
Janusz Dziedzic
f8b26af741 tests: remote: Allow hwsim test cases with more than two arguments
This allows more test cases to be run in remote setup. Previously, we
used to block all test cases that required more than two arguments
(i.e., that needed the params argument).

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 15:21:22 +02:00
Janusz Dziedzic
876785aeba tests: remote: Show dev/apdev for hwsim
In case the hwsim wrapper is used in remote tests, show also which
device will be used as
apdev - hostapd
dev - wpa_supplicant

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 15:18:49 +02:00
Janusz Dziedzic
0de85869a8 tests: remote: Kill correct hostapd/wpa_supplicant process
Kill hostapd and wpa_supplicant based on the configuration parameters.
Previously, we could have killed wrong processes.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 15:13:47 +02:00
Janusz Dziedzic
ec5de19549 tests: remote: Switch to python3
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2020-02-23 15:13:11 +02:00
Alexander Wetzel
5742d12d4a tests: Allow PTK0 rekey for tests
Verify PTK0 rekey blocking is working as intended.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-02-23 13:11:02 +02:00
Jouni Malinen
f3bcd69603 Remove CONFIG_IEEE80211N build option
Hardcoded CONFIG_IEEE80211N to be included to clean up implementation.
More or less all new devices support IEEE 802.11n (HT) and there is not
much need for being able to remove that functionality from the build.
Included this unconditionally to get rid of one more build options and
to keep things simpler.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-22 19:20:44 +02:00
Jouni Malinen
f65da0ca4b tests: Beacon protection
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-21 19:41:36 +02:00
Jouni Malinen
91ea29a79e tests: Remove ap_ht_smps
AP using SMPS mode locally is about to be removed from hostapd, so
remove the test case that was using it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-16 13:48:39 +02:00
Jouni Malinen
dd3d5da3c7 tests: WPS PIN provisioning with per-station PSK preset
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-16 11:54:30 +02:00
Thomas Pedersen
1c67a07603 tests: Add basic power saving tests for ap_open
ap_open_sta_ps checks whether a STA told its hardware to enter power
save after enabling power save.

ap_open_ps_mc_buf checks whether an AP properly buffers and releases
multicast frames when a STA with PS active is associated.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-02-15 18:36:29 +02:00
Thomas Pedersen
1d9d6c2432 tests: Factor out multicast connectivity check
A test may want to check multicast connectivity independent of unicast
or check multicast without exercising unicast first. Factor out the
multicast connectivity check code into its own function.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-02-15 18:36:29 +02:00
Jouni Malinen
91cce45226 tests: Fix exception generation in persistent_group_per_sta_psk
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 18:36:29 +02:00
Jouni Malinen
7e7e32f7e6 tests: Fix a typo in raising an exception
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 18:36:29 +02:00
Jouni Malinen
afd10e880b tests: Require wps=1 tag in ap_wps_per_station_psk
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 18:36:27 +02:00
Jouni Malinen
68e9b8cb16 tests: Prepare ap_wps_per_station_psk for the new wps=1 tag in PSK file
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 17:37:27 +02:00
Jouni Malinen
dd900637b2 tests: Make gas_anqp_extra_elements more robust
Explicitly flush cfg80211 scan cache for this test case since the BSS
entry check might fail if there are multiple results for the same BSSID.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-11 07:54:47 +02:00
Jouni Malinen
d299756e3e tests: DPP QR Code and enrollee initiating with netrole specified
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-11 06:43:02 +02:00
Jouni Malinen
ef39ac497e tests: wifi_generation on 2.4 GHz with subset of VHT
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-11 05:19:16 +02:00
Jouni Malinen
c90822a5c3 tests: SAE Password Identifier with unexpected PWE derivation
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-10 05:13:13 +02:00
Jouni Malinen
d57349d4b8 tests: sigma_dut fetching the current PMK
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-10 03:01:07 +02:00
Jouni Malinen
6478f4375b tests: GET_PMK and PMKSA_GET match
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-10 02:56:40 +02:00
Jouni Malinen
3ecaddd62b tests: SAE anti clogging (forced, H2E + loop)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
daf8491dea tests: WPA2-PSK-FT-SAE AP (AP H2E, STA loop)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
39a757c408 tests: sigma_dut and DPP Configurator provisioning
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
3e4b709fb0 tests: Configurator provisioning test cases to use conf=configurator
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
269a78786e tests: dpp_pkex_alloc_fail to match implementation change
The new dpp_alloc_auth() function addition changed function call
backtraces for memory allocation failure tests.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
7128197862 tests: DPP and duplicated Authentication Confirmation
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
6fb526d457 tests: Fix fuzzing/asn1 build
asn1.c needs wpabuf.c to be included now.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-03 17:45:26 +02:00
Jouni Malinen
6f86f363e6 tests: ACS with both HT40+ and HT40- allowed
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-03 02:03:32 +02:00
Jouni Malinen
e0d9f5fc15 tests: Replace tabs with spaces in python indentation
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-03 02:03:32 +02:00
Jouni Malinen
99fdc0413b tests: WMM IE contents in FCC and ETSI
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-03 02:03:32 +02:00
Johannes Berg
bac54daf32 tests: Remove tabs
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-02-02 21:11:20 +02:00
Jouni Malinen
12cdfb4d7b tests: DPP Configurator provisioning
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-31 23:32:34 +02:00
Jouni Malinen
db1aa8f19f tests: DPP bootstrapping via NFC negotiated handover
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-27 20:36:09 +02:00
Jouni Malinen
2bbe6ad3aa DPP: Helper function for bootstrapping URI generation
The new dpp_gen_uri() helper function can be used to build the
bootstrapping URI from locally stored information. This can be used to
make it easier to update the URI, e.g., for NFC negotiated connection
handover cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-27 20:36:09 +02:00
Jouni Malinen
f5b7b24912 tests: Fix eap_proto_ttls_errors with CONFIG_TLS=internal
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 17:09:50 +02:00
Jouni Malinen
07dd83dd77 tests: Check for domain_suffix_match in HS 2.0 PPS MO testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:56:06 +02:00
Jouni Malinen
362889638b tests: Check for TLS EC support in build
These test cases need to be skipped with CONFIG_TLS=internal.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:54:07 +02:00
Jouni Malinen
0c00679b15 tests: Check for TLS library capabilities in sigma_dut test cases
These test cases cannot be run with CONFIG_TLS=internal.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:50:20 +02:00
Jouni Malinen
31a3d4c234 tests: Recognize more test SKIP reasons
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:03:31 +02:00
Jouni Malinen
5bf51d38b0 tests: Fix DPP capability checking to avoid failures in non-DPP build
"finally" handler should not trigger a new exception when trying to
clear state for non-DPP builds. In addition, couple of checks for DPP
capability in the build were missing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 13:40:56 +02:00
Jouni Malinen
4c0af8ad6c tests: Check SAE capability in build more consistently
Use a helper function for this and add checks for number of test cases
that were missing this. This gets rid of undesired FAIL results
(converts them to SKIP) for test runs where the station do not support
SAE.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 13:40:56 +02:00
Jouni Malinen
f28853fbc4 tests: OWE PTK derivation workarounds
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-24 00:47:41 +02:00
Jouni Malinen
ca10117cd7 tests: Make ap_hs20_connect_no_full_match more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-23 16:54:45 +02:00
Jouni Malinen
2be278696b tests: Allow more time for sigma_dut sta_associate commands
The previously used timeout of two seconds did not allow more than a
single scan attempt and that could fail every now and then. Make these
more robust by increasing the timeout to 10 seconds which allows another
scan attempt to be completed similarly to the most non-sigma_dut test
cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-21 13:22:57 +02:00
Jouni Malinen
6a673d0fb0 tests: Remove mesh SAE Password Identifier test cases for now
IEEE P802.11-REVmd was modified to require H2E to be used whenever
Password Identifier is used with SAE. Since wpa_supplicant and mac80211
do not yet support SAE H2E in mesh, Password Identifier cannot be used
in mesh cases. Remove the test cases that verified this behavior for now
to allow H2E to be required per updated REVmd definition. These test
cases will be restored once H2E is fully functionality in mesh cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-21 13:00:20 +02:00
Jouni Malinen
6ce883de69 tests: SAE anti clogging (forced, H2E)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-20 21:17:46 +02:00
Johannes Berg
f124367afb tests: parallel-vm: allow running without curses
Allow running without curses, in which case the log is simply written to
stdout instead of a file. This is useful for automated (but parallel)
testing. Note that in most cases, you'd want to specify --debug, and so
I added a .rstrip() there on the lines to clean that up a bit.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-01-20 21:17:24 +02:00
Jouni Malinen
961eb08723 tests: Flush scan results in more Hotspot 2.0 test cases
This makes testing of INTERWORKING_CONNECT more robust.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-10 22:55:44 +02:00
Jouni Malinen
447ce4813a tests: Opportunistic Wireless Encryption transition mode disabled on STA
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-10 20:37:41 +02:00
Jouni Malinen
991e6b9e79 tests: Call stop_sigma_dut() in more failure cases
Some of the sigma_dut test cases were not yet using try/finally to
ensure stop_sigma_dut() gets called. That could result in not logging
all failure reasons in the log and getting stuck with being unable to
start new sigma_dut processes after failed test cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-10 00:44:07 +02:00
Jouni Malinen
f0b6b23fe3 tests: Enable sigma_dut debug log for all test cases
There is no point in having to enable this separately for each test case
since the debug details are always useful if something fails.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-10 00:21:15 +02:00
Jouni Malinen
a04c153b9f tests: Verify that sigma_dut is functional after startup
There is no point in continuing the test ase if sigma_dut is not in
functional state.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-10 00:04:43 +02:00
Jouni Malinen
fb0f13fbf8 tests: Log sigma_dut stdout/stderr separately for each command
This makes logs easier to understand and this may also help in running
over buffer space and getting stuck with sigma_dut termination.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-09 23:31:29 +02:00
Alexander Wetzel
e1650a7b0e tests: Set key_flag when using SET_KEY
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-01-09 12:38:36 +02:00
Markus Theil
7a42316374 tests: Fix Python sleep function
Current Python versions have no os.sleep(), use time.sleep() instead.

module 'os' has no attribute 'sleep'
Traceback (most recent call last):
  File "./run-tests.py", line 521, in main
    t(dev, apdev)
  File "/home/mtheil/hostap/tests/hwsim/test_pmksa_cache.py", line 356, in test_pmksa_cache_expiration
    hapd.wait_ptkinitdone(dev[0].own_addr())
  File "/home/mtheil/hostap/tests/hwsim/hostapd.py", line 282, in wait_ptkinitdone
    os.sleep(0.1)

Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
2020-01-09 11:55:53 +02:00
Jouni Malinen
283be365c3 tests: SAE and AP sending Confirm message without waiting STA (2)
This goes through sae_confirm_immediate=2 behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-08 20:58:18 +02:00
Markus Theil
2ffdf32eb8 tests: Add digestmod for Python 3.8
The digestmod argument also exists in earlier Python versions,
version 3.8 does not set a default argument anymore.

Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
2020-01-08 14:57:13 +02:00
Jouni Malinen
09f96acb9d tests: PSK/EAP without nl80211 control port
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-05 21:31:33 +02:00
Jouni Malinen
754cd71bf4 tests: WPS Application Extension attribute
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-04 23:39:40 +02:00
Benjamin Berg
99eb150deb tests: Test p2p_long_listen longer than remain-on-channel
This tests an error, where the p2p_long_listen information from the
wrong device was used internally in wpa_supplicant when using the
separate P2P Device interface.

Signed-off-by: Benjamin Berg <bberg@redhat.com>
2020-01-04 23:07:31 +02:00
Jouni Malinen
e9aa399522 tests: PMF tests with not-protected disconnection using hostapd
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-04 20:41:52 +02:00
Jouni Malinen
e62a1cbaf1 tests: Detect tshark regression in wpas_mesh_gate_forwarding
Skip this test case if the used tshark version has regression in mesh
control field parsing:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15521

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-04 18:08:03 +02:00
Jouni Malinen
dad2f3253c tests: Initial GTK/IGTK RSC setting
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-04 13:07:47 +02:00
Jouni Malinen
c1714ec08c tests: ROAM command failure cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-03 18:09:57 +02:00
Jouni Malinen
ecd54bace4 tests: DFS with RRM
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-03 16:00:02 +02:00
Jouni Malinen
91588eeb69 tests: Remove allow_failure from DFS test cases
This functionality has been available in mac80211_hwsim for years, so
there is no need to maintain this old workaround.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-03 15:41:54 +02:00
Jouni Malinen
696acdf333 tests: Make ap_hs20_roaming_consortiums_match more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-02 22:54:29 +02:00
Jouni Malinen
82e64f9b90 tests: Roam between two APs based on driver signal level override
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-02 20:38:04 +02:00
Jouni Malinen
cd9f5511a3 tests: Make scan_bss_limit more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-02 13:02:56 +02:00
Jouni Malinen
b5a3b80718 tests: External MAC address change for connection
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-02 12:58:58 +02:00
Jouni Malinen
cc7f85ca72 tests: Make ap_wps_conf_pin_* more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-01 16:41:33 +02:00
Jouni Malinen
19d4a5de11 tests: Fix a missing parentheses in an error message
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-01 12:23:25 +02:00
Jouni Malinen
be5dda94e5 tests: Make rrm_beacon_req_table_request more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-31 11:51:25 +02:00
Jouni Malinen
7aa03cfa7b tests: Make ap_hs20_eap_tls more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-30 22:07:27 +02:00
Jouni Malinen
78e931e7f9 tests: Fix sigma_dut_sae_h2e_rsnxe_mismatch to clear sae_pwe
sae_pwe=1 could be left configured when exiting this test case since
sigma_dut does not guarantee the default value to be restored. This
could result in test case failures, e.g., in the following sequence:
sigma_dut_sae_h2e_rsnxe_mismatch sae_pwe_h2e_only_ap_sta_forcing_loop

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-30 19:32:28 +02:00
Jouni Malinen
54c154d2c9 tests: radius_acct_unreachable2 to detect retransmissions earlier
It looks like this test case can start showing failures with a change in
the retransmission limit behavior for a server change. Check for
retransmissions every second instead of only at the end of the four
second wait to avoid this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-30 19:13:51 +02:00
Ilan Peer
7bcb63913a tests: Extend the timeout for some SAE error case tests
Commit 407879b690ba ("mac80211: Adjust SAE authentication timeout") in
the kernel tree increased the SAE authentication timeout. This caused
some error case tests to fail. To fix this, extend the timeout for some
error case tests.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2019-12-30 18:57:40 +02:00
Jouni Malinen
4153243932 tests: Make wps_reg() test cases more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-30 00:22:23 +02:00
Jouni Malinen
0d0baf9f17 tests: RRB wildcard R0KH/R1KH pull with multiple BSSs
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-29 20:32:07 +02:00
Jouni Malinen
deb92a6bf9 tests: Make ap_hs20_gas_while_associated_with_pmf more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 23:38:36 +02:00
Jouni Malinen
94e66da6df tests: ignore_broadcast_ssid and SSID List or Short SSID List mismatch
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 23:21:14 +02:00
Jouni Malinen
d5c39e1488 tests: Scan using SSID List and Short SSID List elements
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 23:14:47 +02:00
Jouni Malinen
44adf014ff tests: Fix he_supported() check with python3
This was making error paths on HE test cases fail with:
TypeError: a bytes-like object is required, not 'str'

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 19:52:47 +02:00
Jouni Malinen
d0cd750435 tests: Make ap_hs20_roaming_consortium more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 19:05:50 +02:00
Jouni Malinen
ece9aa627a tests: Make ap_cipher_mixed_wpa_wpa2 more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 19:03:22 +02:00
Jouni Malinen
53a96146fb tests: Ignore fe80::ff:fe00:300 NS from AP for now in proxyarp tests
This NS seems to go out from the AP interface every now and then and it
makes proxyarp_open_ebtables_ipv6 fails inconveniently often. That frame
should not really be there, but it's not clear what exactly is needed to
stop it going through. It does not come from the test operations
themselves, so ignore it for now to keep test results cleaner.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 17:17:05 +02:00
Jouni Malinen
e5d9f99b3f tests: Make ap_hs20_nai_realms more robust
Explicitly clear cfg80211 scan cache to avoid issues from scan results
from previous test cases interfering with INTERWORKING_CONNECT
operation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 00:34:25 +02:00
Jouni Malinen
4e9bcdebf3 tests: Replace tcpdump with wlantest
This removes dependency on tcpdump by using an already included test
tool for capturing frames with Ethernet headers. There were some issues
in getting tcpdump working on Ubuntu 19.10, so this seems to be a clean
way of addressing that.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 23:43:09 +02:00
Jouni Malinen
4415da686d tests: Make rrm_reassociation more robust
Flush cfg80211 scan cache explicitly when running this test case to
avoid issues with the ROAM command not working due to a scan result from
an earlier test case. This was causing failures in the following test
case sequence:
rrm_beacon_req_active_ap_channels rrm_reassociation

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 22:41:36 +02:00
Jouni Malinen
a6ba5cca45 tests: Allow more VMs to be started in parallel
Check the number of CPUs to determine how many VMs can be started in
parallel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:31:33 +02:00
Jouni Malinen
d07ca835cb tests: Move ocsp-resp-*-signed*.der generation into test case
There is no need to generate these OCSP responses for every single test
session. Generate these more dynamically if a test case that uses these
files is executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
b6bb4cd8c5 tests: Move ocsp-server-cache-{revoked,unknown}.der generation into test case
There is no need to generate these OCSP responses for every single test
session. Generate these more dynamically if a test case that uses these
files is executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
662c2fa01a tests: Use the run_openssl() helper for running openssl
This avoids unnecessary duplication of the same functionality to run
openssl and check result.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
47ccb9ce24 tests: Move ocsp-server-cache-key-id.der generation into test case
There is no need to generate this OCSP response for every single test
session. Generate this more dynamically if the test case that uses the
particular file is executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
b5c28af431 tests: Remove unnecessary copying of ocsp-multi-server-cache.der
This file is not being modified, so the original one from the auth_serv
directory can be used directly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 20:14:02 +02:00
Jouni Malinen
6cd59688b8 tests: Fix thread handling in P2P GO Negotiation test cases
Some of the error paths in go_neg_pbc() and go_neg_pin() did not wait
for the helper thread to complete processing. This could result in
unexpected behavior when the test case could have exited while the
thread was still performing tasks for the GO Negotiation. This could
result in getting stuck in one of the following test cases with
"go_neg_init_pbc thread caught an exception from p2p_go_neg_init: Group
formation timed out" showing up in the log.

This was hit, e.g., with the following test sequence:
no_go_freq p2p_channel_drv_pref_autogo

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 18:14:09 +02:00
Jouni Malinen
c64b6f62cd tests: Use python selector in the parallel-vm.py main loop
This gets rid of the loop that was polling for things to do every 0.25
seconds and instead, reacts to any data from VMs as soon as it becomes
available. This avoids unnecessary operations when no new data is
available and avoids unnecessary waits when new data becomes available
more quickly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 17:12:34 +02:00
Jouni Malinen
0075df74df tests: Make pmksa_cache_expiration more robust
Wait for hostapd to enter the PTKINITDONE state before checking
connectivity. This is needed to avoid a race condition with UML
time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 16:03:50 +02:00
Jouni Malinen
fd0465b85e tests: Print a summary of SKIP reasons
This makes it easier to determine reasons for test cases being skipped.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 16:03:50 +02:00
Jouni Malinen
179279eb34 tests: Move VM starting delay control into parallel-vm.py
This is more efficient since we can now start only the necessary number
of VMs instead of always forcing all VMs to start with one second delay.
This can also control the starting delay by keeping at most two VMs
starting at a time instead of using the hardcoded one second wait for
each consecutive VM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 16:03:50 +02:00
Jouni Malinen
4ee4778676 tests: Move HwsimSkip processing into start_wnm_ap()
There is no need to handle this separately in each OCV test case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 09:38:25 +02:00
Jouni Malinen
743b234902 tests: Speed up wpas_mesh_gate_forwarding tshark operations
For some reason, running tshark in the test cases can take significant
time especially with UML time-travel. Optimize this by reducing the
number of times tshark needs to be executed in the loop.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 00:03:24 +02:00
Jouni Malinen
985718135f tests: Optimize tshark operations for new versions
The wlan_mgt to wlan renaming is already included in most recent tshark
versions, so replace the backwards compatibility option to prefer the
new version so that current versions do not need to take the performance
hit.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-27 00:02:05 +02:00
Jouni Malinen
a48a60ea47 tests: Check operating channel parameter in obss_scan*
It looks like these test cases can fail with the new "Undefined
secondary channel: drop OBSS scan results" case. Add more checks to
determine if something is wrong with the connection.

In addition, force clearing of the cfg80211 scan cache on the main AP
interface so that a scan result from a previous test case cannot prevent
40 MHz channel bandwidth from being used. This could apparently happen
in the following test case sequence:
ap_ht40_scan_conflict obss_scan

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 23:23:05 +02:00
Jouni Malinen
c0d607ec8f tests: Replace hapd_connected() with hapd.wait_sta()
These were doing practically the same thing, so get rid of the external
helper function and standardize on using hapd.wait_sta().

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 19:36:31 +02:00
Jouni Malinen
e2c364e2cd tests: Make wpa2_ocv_ap_group_hs more robust
Wait for hostapd to indicate connection before disconnecting from the
station side. This avoids a race condition especially with UML
time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 19:33:22 +02:00
Jouni Malinen
67e0a5180f tests: SHOW_NEIGHBOR
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 17:59:16 +02:00
Jouni Malinen
0dfa6ea529 tests: Make ap_wpa2_disable_eapol_retry_group more robust
Wait for hostapd to report completion of the connection before going
through the disconnection and reconnection steps to avoid a race
condition especially with UML time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 17:01:02 +02:00
Jouni Malinen
f0825655c4 tests: Make TDLS tests more robust
Wait for hostapd to report connection completion before performing
connectivity test to avoid race conditions especially with UML
time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 11:41:01 +02:00
Jouni Malinen
6883f94408 tests: rrm_neighbor_db and neighbor removal without specifying SSID
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-26 11:05:54 +02:00
Jouni Malinen
07e69dfb05 tests: Secure mesh with BIP-GMAC-128, BIP-GMAC-256, and BIP-CMAC-256
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-25 23:56:16 +02:00
Jouni Malinen
9f47fdb6c3 tests: Make FT PMKSA caching test cases more robust
The RECONNECT command on the station was issued immediately after
wpa_supplicant had processed EAPOL-Key msg 3/4. This could happen before
hostapd has processed EAPOL-Key msg 4/4 and especially with UML
time-travel, this could result in the following FT protocol exchange
going through in a manner that makes the hostapd process EAPOL-Key msg
4/4 from the first association as a postponed EAPOL RX at the beginning
of the second association. Avoid this by waiting hostapd to report
completion of the connection before issuing RECONNECT.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-24 21:16:23 +02:00
Jouni Malinen
c0f3ee475b tests: FT-SAE with PWE default and with H2E
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-24 21:16:23 +02:00
Jouni Malinen
6298673ff3 tests: Prepare rsn_ie_proto_ft_psk_sta for implementation change
This PMKID replacement case is not going to prevent connection after a
change in wpa_insert_pmkid() so remove it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-24 21:16:23 +02:00
Jouni Malinen
ce1598d4c2 tests: New style fuzzing tool for EAP-MSCHAPv2 peer processing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-24 10:59:22 +02:00
Jouni Malinen
2636362717 tests: Make nfc_wps_handover_init more robust
Data connectivity test could have been started in the middle of 4-way
handshake. This test case needs to wait for two STA connections before
starting the connectivity test since the first one is only for the
provisioning step.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-23 20:19:03 +02:00
Jouni Malinen
f94e677d33 tests: DPP exchange when driver uses a separate P2P Device interface
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-23 11:20:17 +02:00
Jouni Malinen
dbdd445d33 tests: Make DPP text cases more robust for DPP-TX event processing
The previous waits were matching both DPP-TX and DPP-TX-STATUS and if
the latter event was received, the test cases would either report
failure or would not really test what was supposed to be verified. Fix
this by waiting explicitly for "DPP-TX " to avoid matching
"DPP-TX-STATUS" prefix.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-22 23:33:21 +02:00
Jouni Malinen
bf97c1a34e tests: FILS SK/ERP and roaming with different AKM
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-22 18:33:43 +02:00
Jouni Malinen
534d36210b tests: Make fils_sk_auth_mismatch more robust
Wait STA connection to be completed in hostapd before testing
connectivity. This avoids a possible race condition that could be hit
especially when testing with UML time-travel.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-22 17:20:33 +02:00
Brian Norris
e6d3aca9cf WPS: Add prefixes to public event_* functions
openssl engines may dynamically load external libraries. Our event_*()
functions happen to be named very generically, such that event_add()
collides with the libevent library (https://libevent.org/). This can
have disastrous effects (esp. when using CONFIG_WPA_TRACE, which enables
partial linking) when our SSL engines call into the WPS event_add()
instead of their intended libevent event_add().

Resolve this by providing a more unique prefix to these functions.

Rename performed via:

  sed -i -E \
    's:\<event_(add|delete_all|send_all_later|send_stop_all)\>:wps_upnp_event_\1:g' \
     $(git grep -l event_)

Tested via (among other things) hwsim '-f ap_wps' module.

Signed-off-by: Brian Norris <briannorris@chromium.org>
2019-12-22 11:24:28 +02:00
Brian Norris
e371d3771c tests: OWE: allow hex integers from tshark
Old versions of tshark would dump these values as hex. Allow parsing as
either decimal or hex.

Signed-off-by: Brian Norris <briannorris@chromium.org>
2019-12-22 11:09:44 +02:00
Jouni Malinen
972edba185 tests: DPP connection status - association rejection
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-20 16:53:26 +02:00
Jouni Malinen
5ae5dd03d5 tests: Automatic channel selection with freqlist set
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-20 13:41:57 +02:00
Jouni Malinen
46cb161a81 tests: Clear IP configuration from sigma_dut explicitly
The 127.0.0.11/24 address that could have been left on the wlan0
interface resulted in some test case sequence failures. Fix this by
explicitly clearing that address when terminating sigma_dut.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-18 17:12:23 +02:00
Jouni Malinen
95337647aa tests: Make FILS+FT test cases more robust
Wait for hostapd to report completion of association before running the
data connectivity check.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-18 16:30:40 +02:00
Jouni Malinen
7327f0fa6f tests: Fix skipping of new sigma_dut test cases
start_sigma_dut() can raise an exception and as such, assigning a
variable to its return value within a try block does not work in this
manner when the result is supposed to be used in the finally statement.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-13 21:19:36 +02:00
Jouni Malinen
06540f232c tests: SAE H2E and RSNXE mismatch in EAPOL-Key msg 2/4 retries
The second round may use PMKSA caching, but AP will need to reject msg
2/4 in that case as well due to RSNXE mismatch.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-13 03:27:25 +02:00
Jouni Malinen
fb3ef06dde tests: sae_rejected_groups with and without sigma_dut
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 23:52:36 +02:00
Jouni Malinen
053ce8bff7 tests: OCE association in open network
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 02:00:26 +02:00
Jouni Malinen
326acce814 tests: sigma_dut controlled SAE association with group negotiation
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 01:59:06 +02:00
Jouni Malinen
2ca63f58b9 tests: sigma_dut controlled SAE H2E AP misbehavior with RSNXE
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 17:46:44 +02:00
Jouni Malinen
63585099d6 tests: SAE H2E and RSNXE mismatch in EAPOL-Key msg 3/4
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 17:46:44 +02:00
Jouni Malinen
49ac2466c3 tests: sigma_dut controlled SAE H2E misbehavior with RSNXE
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 14:00:23 +02:00
Jouni Malinen
250db2ab51 tests: SAE H2E and RSNXE mismatch (AP detecting)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 12:56:19 +02:00
Jouni Malinen
dedd8f336e tests: sigma_dut controlled SAE H2E misbehavior with rejected groups
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 00:51:40 +02:00
Jouni Malinen
90d84bc511 tests: SAE H2E and rejected groups indication (unexpected group)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 00:45:10 +02:00
Jouni Malinen
4d16d7cc8d tests: sigma_dut controlled SAE H2E misbehavior with looping forced
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-06 17:39:46 +02:00
Jouni Malinen
b1905c7d8e tests: SAE PWE derivation with H2E-only AP and STA forcing loop
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-06 17:28:52 +02:00
Jouni Malinen
4a667b01e6 tests: DPP bootstrapping via NFC URI record
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-05 12:37:51 +02:00
Jouni Malinen
2e58926ef3 tests: hostapd global control interface and per-interface events
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-02 16:35:03 +02:00
Jouni Malinen
dd8eb44eef tests: sae_pwe parameter in PSK-only-AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-29 00:13:08 +02:00
Jouni Malinen
ee27567198 tests: Clear sae_pwe at the end of sigma_dut test cases
sigma_dut does not clear sae_pwe value when the command line argument
"-2" is used, so we need to explicitly clear this from wpa_supplicant at
the end of the test case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-29 00:06:50 +02:00
Jouni Malinen
e0cd7172c2 tests: Advertise UTF-8 SSID in DPP-provisioned AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-28 16:39:09 +02:00
Jouni Malinen
ca6a2ac705 tests: DPP ssid_charset/ssid64
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-28 16:39:09 +02:00
Jouni Malinen
5632b07158 tests: sigma_dut control of SAE PWE
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-24 16:58:18 +02:00
Jouni Malinen
e8ccbef251 tests: Remove a multi-line test description
The previous description of wmediumd_scan_only_one used multiple lines
and that resulted in parallel-vm.py miscounting total number of test
cases. Fix that by getting rid of the newlines from the description.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-11-23 17:19:49 +02:00
Jouni Malinen
9dc07a1d55 tests: Fix 'unexpected exit' detection in parallel-vm.py
Now that parallel-vm.py is actually stopping VMs as soon as they are not
needed for retries, it is not really an unexpected exit to see a VM exit
while test cases remain in the queue as long as at least that many VMs
remain running. Get rid of confusing 'unexpected exit' status from the
UI in such cases.

Fixes: 4aaddecdd8 ("tests: Handle test retries through the same queue")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-11-23 17:09:56 +02:00
Jouni Malinen
81121319a9 tests: ap_hs20_cred_and_no_roaming_consortium to match implementation
Now that wpa_supplicant was modified to use NAI realm query even if
roaming_consortium is set, this test case is actually able to find a
match. Update it to avoid cause incorrect test failures.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-17 21:04:42 +02:00
Jouni Malinen
9c7ab4c5df tests: sigma_dut controlled AP and deauth commands
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-11-06 19:55:42 +02:00
Jouni Malinen
cf28cfc12e tests: D-Bus MACAddressRandomizationMask property Get/Set
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-10-27 19:50:22 +02:00
Jouni Malinen
4cab417af0 tests: DPP configuration saving
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-10-27 19:50:22 +02:00
Johannes Berg
dcafde0c32 tests: Add negative scan tests
There was a bug in wmediumd in that it didn't set the
frequency of frames, and thus they were always received
by mac80211_hwsim, regardless of channel it was on.

Add two tests that verify we only find a single instance
of an AP if we only have that one, and run this both with
and without wmediumd.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-10-27 19:50:22 +02:00
Jouni Malinen
f11157604c tests: Make wpas_mesh_pmksa_caching_ext more robust
Avoid race conditions in completing mesh group removal/re-addition steps
and starting connectivity check. It seemed to be possible to get to the
connectivity test in some cases before the mesh STA had rejoined the
mesh and completed key configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-10-27 16:20:19 +02:00
Jouni Malinen
46746fc170 tests: Additional SAE protocol testing
Check behavior with delayed/replayed SAE commit message.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-10-27 15:16:03 +02:00
Jouni Malinen
01b2cd6462 tests: SAE and authentication restarts with H2E/looping
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-25 19:29:53 +03:00
Jouni Malinen
7ab3510dad tests: Remove SAE H2E testing with group 26
This is in preparation of an implementation to to remove the alternative
SSWU path that was needed only for this particular group.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-25 19:29:53 +03:00
Jouni Malinen
71e276f90f tests: Fix copy-paste issues in SAE H2E group tests
These test cases were all using group 21 even though they were supposed
to go through all the possible groups.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-25 19:29:53 +03:00
Pradeep Kumar Chitrapu
0a809529d0 tests: HE AP Functionality
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
2019-10-25 19:29:53 +03:00
Jouni Malinen
360d8d4e3c tests: Make ap_ft_ap_oom4 more robust against compiler optimizations
It looks like the wpa_auth_get_seqnum() function might not always be
visible in the backtrace since the compiler may optimize that wrapper
away. Use the i802_get_seqnum() function instead as a trigger for the
get_seqnum operation failure trigger to avoid this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-10-19 00:45:57 +03:00
Jouni Malinen
30628e0d2d tests: WPA2-PSK-FT-SAE AP (H2E)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-18 15:33:14 +03:00
Jouni Malinen
d3516cad7a Store a copy of Association Request RSNXE in AP mode for later use
This is needed to be able to compare the received RSNXE to a protected
version in EAPOL-Key msg 2/4.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-18 00:20:29 +03:00
Jouni Malinen
3fa701b5ce tests: SAE PWE derivation methods
Verify behavior with sae_pwe configuration values 0..2, i.e., test the
new hash-to-element mechanism for deriving PWE and negotiation for which
method to use.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-15 15:39:22 +03:00
Jouni Malinen
960cfee506 tests: PMF AP sending valid deauth/disassoc without dropping SA
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-11 18:18:43 +03:00
Jouni Malinen
34a9cd8ffa tests: WPA2-PSK PMF AP dropping SA
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-11 17:53:04 +03:00
Jouni Malinen
131c2600f4 tests: sigma_dut DPP TCP Enrollee as initiator
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-11 13:27:49 +03:00
Jouni Malinen
377d5f7cc2 tests: sigma_dut DPP TCP Configurator (Controller) as responder
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-11 13:07:39 +03:00
Jouni Malinen
d905c8f7a7 tests: sigma_dut controlled SAE association with PMKID
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-10 16:21:10 +03:00
Jouni Malinen
4dda07ba98 tests: sigma_dut controlled AP with SAE Confirm immediate
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-10 15:56:01 +03:00
Jouni Malinen
8a9658dbb5 tests: SAE and AP sending Confirm message without waiting STA
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-10 15:42:11 +03:00
Jouni Malinen
656b07c189 tests: sigma_dut DPP/QR responder status query
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-04 17:03:47 +03:00
Jouni Malinen
1743ddce76 tests: sigma_dut DPP AP as Relay to Controller
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-04 16:33:36 +03:00
Jouni Malinen
b472fe2973 tests: Update server and user certificates (2019)
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases. This contains updates from running
tests/hwsim/auth_server/update.sh.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-04 16:03:04 +03:00
Jouni Malinen
cefcbcdba4 tests: sigma_dut with DPPConfIndex 9 and 10
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-10-01 14:21:51 +03:00
Jouni Malinen
be907f7220 tests: SAE in wpa_supplicant AP mode
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-21 16:30:40 +03:00
Jouni Malinen
d0d303ae91 tests: MBO and WPA2 without PMF on misbehaving AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-21 12:56:19 +03:00
Jouni Malinen
c532abb158 tests: Automatic channel selection with invalid chanlist
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-19 12:14:04 +03:00
Jouni Malinen
1f8fc6bebb tests: Fix p2p_stop_find() calls in discovery
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-19 00:21:47 +03:00
Jouni Malinen
a378fe5d45 tests: wpa_supplicant build for EAP-SIM and PC/SC
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-19 00:21:47 +03:00
Jouni Malinen
11bbb7ecb8 tests: DPP MUD URL
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-19 00:21:47 +03:00
Jouni Malinen
91a0703157 tests: Layer 2 Update frame behavior in mac80211
This verifies mac80211 behavior for Layer 2 Update frame use and other
unexpected frames from a not fully authentication station.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-17 12:39:03 +03:00
Jouni Malinen
9840532377 tests: PMF and Data frame injection
Verify driver/mac80211 behavior for unexpected A2 in Data frames.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-17 12:39:01 +03:00
Jouni Malinen
1ccde13b86 tests: Extend ap_pmf_inject_auth coverage for addresses/frames
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-17 12:38:15 +03:00
Jouni Malinen
c404cd8c7d tests: Avoid race conditions in couple of Hotspot 2.0 test cases
Wait hostapd to complete key setup before asking it to send a frame that
may need PMF. This is needed especially with UML time-travel.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-16 18:09:54 +03:00
Jouni Malinen
b256d9393d tests: DPP2 connection status result
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-16 17:25:34 +03:00
Jouni Malinen
530b31ea88 tests: Fix DPP wait_auth_success() check for Configurator success
This looked like a copy-paste error in the event message check and once
that was fixed, couple of test cases needed fixes to expect a success
from the Configurator.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-15 17:01:59 +03:00
Jouni Malinen
018edec9b2 Remove IAPP functionality from hostapd
IEEE Std 802.11F-2003 was withdrawn in 2006 and as such it has not been
maintained nor is there any expectation of the withdrawn trial-use
recommended practice to be maintained in the future. Furthermore,
implementation of IAPP in hostapd was not complete, i.e., only parts of
the recommended practice were included. The main item of some real use
long time ago was the Layer 2 Update frame to update bridges when a STA
roams within an ESS, but that functionality has, in practice, been moved
to kernel drivers to provide better integration with the networking
stack.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-11 13:11:03 +03:00
Jouni Malinen
d2d444deef tests: Remove IAPP test case
This is in preparation for removal of the full IAPP functionality from
hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-11 12:30:28 +03:00
Mikael Kanstrup
97d2d7ac1a tests: WPS MAC address change
Verify that MAC address of WPS M1 message use correct address
after address change.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
2019-09-09 16:56:00 +03:00
Jouni Malinen
b3ba2556e7 tests: wpa_supplicant DPP-only build tests
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-08 18:07:22 +03:00
Jouni Malinen
7d2ed8bae8 Remove CONFIG_IEEE80211W build parameter
Hardcode this to be defined and remove the separate build options for
PMF since this functionality is needed with large number of newer
protocol extensions and is also something that should be enabled in all
WPA2/WPA3 networks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-08 17:33:40 +03:00
Jouni Malinen
70990138ec tests: EAP-TEAP with inner EAP-MSCHAPv2 user and EAP-TLS machine credentials
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-01 17:19:43 +03:00
Jouni Malinen
e0ee87c706 tests: Too many EAP roundtrips (server)
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-01 17:19:35 +03:00
Jouni Malinen
81d0759cba tests: Hotspot 2.0 open OSU association
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-30 15:25:07 +03:00
Jouni Malinen
65e2eb6e74 tests: Make nfc_wps more robust by avoiding race conditions
The hostapd side operations and data connectivity test were executed
without explicitly waiting for hostapd to report connection as having
been completed. This could result in trying to transmit data before
EAPOL-Key msg 4/4 was processed especially when using UML time-travel.
Make this more robust by waiting for hostapd to be ready before the data
test.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-24 22:52:52 +03:00
Jouni Malinen
12de149071 tests: Fix ap_ft_reassoc_replay for case where wlantest has the PSK
This test case was failing if wlantest was able to decrypt the CCMP
protected frames. Fix the tshark filter string to include only the
actually encrypted frames for PN comparison.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-24 19:20:40 +03:00
Jouni Malinen
818ee96d58 tests: EAP-TEAP with user and machine credentials
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-24 17:02:54 +03:00
Jouni Malinen
f380464257 tests: Remove unnecessary "config exists" debug prints from build.sh
This is the common case and these prints do not really help and just
make the output from build.sh less clear.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-24 12:18:40 +03:00
Jouni Malinen
f3c188fa7d tests: Import helper functions directly from utils.py
These were moved from test_sae.py to utils.py, so import them from the
correct location instead of through test_sae.py that imports them from
utils.py.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-24 12:11:53 +03:00
Jouni Malinen
dbddbf1647 tests: Configure wlantest for FT+PMF test cases
It is useful to get the encrypted frames decrypted in the sniffer
capture for these test cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-22 22:13:02 +03:00
Jouni Malinen
4619dc0607 tests: EAP-TEAP with machine username/password credential
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-20 13:24:14 +03:00
Jouni Malinen
0b39274ca3 tests: Update authsrv_oom to match implementation changes
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-20 02:59:06 +03:00
Jouni Malinen
10e105230a tests: EAP-TEAP Identity-Type
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-20 02:13:22 +03:00
Jouni Malinen
d11c41bb75 tests: sigma_dut controlled SAE association and FT-over-DS
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-20 00:15:20 +03:00
Jouni Malinen
5a7af3a32c tests: sigma_dut controlled AP FT-PSK (over-DS)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-19 23:54:29 +03:00
Jouni Malinen
a5ffe45908 tests: Make mbo_cell_capa_update_pmf more robust
Wait for hostapd to report completion of connection so that the WNM
Notification Request frame does not get sent before the AP has processed
EAPOL-Key msg 4/4 and configured the TK. This could result in a race
condition especially when testing using UML with time-travel.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-19 17:22:41 +03:00
Jouni Malinen
35337b448a tests: sigma_dut and initial UOSC with TOD-STRICT/TOFU
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-19 16:57:55 +03:00
Jouni Malinen
e6edadba86 tests: ap_wpa2_eap_too_many_roundtrips to use shorter fragment
This is needed with the increased maximum EAP round limit since the
server side sends out longer messages in this exchange and that prevent
the short message limit from being reached.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-18 17:46:34 +03:00
Jouni Malinen
0bcd9839bf tests: Update authsrv_oom match changed implementation
Need to take into account the additional memory allocation within
radius_server_init().

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-18 17:40:31 +03:00
Jouni Malinen
8315c1ef5b tests: Vendor EAP method in Phase 2
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-17 16:18:33 +03:00
Jouni Malinen
5f2301a6da Replace EapType typedef with enum eap_type
This cleans up coding style of the EAP implementation by avoiding
typedef of an enum hiding the type of the variables.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-17 11:36:20 +03:00
Jouni Malinen
542913943e tests: EAP-TEAP and separate message for Result TLV
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-17 00:08:47 +03:00
Jouni Malinen
263c0cbdc0 tests: sigma_dut with TOD-TOFU
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-16 16:40:36 +03:00
Jouni Malinen
b02f0f88fb tests: TOD-TOFU policy reporting
Also rename the previously added test case to use the TOD-STRICT name
for the earlier policy OID.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-16 16:40:36 +03:00
Jouni Malinen
eec147dccb tests: Update RSA 3k certificates before the previous ones expire
In addition, update the generation script to allow convenient update of
the server and user certificates without having to generate new keys.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-16 16:40:36 +03:00
Jouni Malinen
b1dfe96ae1 tests: Add a server certificate with TOD-TOFU policy
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-16 16:40:36 +03:00
Jouni Malinen
30998360a1 tests: Additional FT with PMF required testing coverage
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-16 13:55:26 +03:00
Jouni Malinen
b6fe6e8b5a tests: SAE and PMKSA caching (PMKID in AssocReq after SAE)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-14 17:51:31 +03:00
Sven Eckelmann
d1fcf34cb5 tests: Fix wlan.mesh.config.cap workaround for test_wpas_mesh_max_peering
The wlan.mesh.config doesn't have to be the last element of beacon. Things
like VHT or HE oper/cap are usually follow the mesh configuration element.

The workaround must first get the position of a correct reference value in
wlan.mesh.config (ps_protocol) and then calculate the correct
wlan.mesh.config.cap offset based on that.

Reported-by: Johannes Berg <johannes@sipsolutions.net>
Fixes: 2cbaf0de22 ("tests: Work around tshark bug in wpas_mesh_max_peering")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
2019-08-13 13:57:50 +03:00
Jouni Malinen
ba2d5f3642 tests: DPP network introduction with expired netaccesskey
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:45:43 +03:00
Jouni Malinen
ed98d4d719 tests: SAE dot11RSNASAESync
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00
Jouni Malinen
4c9376ef7a tests: OCE AP
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00
Jouni Malinen
63a792a7c5 tests: WPS registrar configuring an AP using preconfigured AP password token
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-11 16:37:48 +03:00