Commit graph

9020 commits

Author SHA1 Message Date
Jouni Malinen
b0e669beeb P2P: Fix P2P_CONNECT-auto fallback to GO Neg with group interface
If a separate P2P group interface was used, P2P_CONNECT-auto fallback to
GO Negotiation could result in use of freed memory and segmentation
fault. This happened in cases where the peer GO was found in some old
scans, but not in the first scan triggered by the P2P_CONNECT-auto
command ("P2P: Peer was found running GO in older scan -> try to join
the group" shows up in the debug log). In addition, the GO would still
need to reply to PD Request to allow this code path to be triggered.

When five scans for the GO were completed in this sequence, the P2P
group interface was removed as part of falling back to GO Negotiation.
However, that ended up dereferencing the freed wpa_s instance at the end
of scan event processing. Fix this by reordering code a bit and breaking
out from EVENT_SCAN_RESULTS processing if the interface could have been
removed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-08 13:35:14 +02:00
Jouni Malinen
874057da4e tests: Make wpas_ctrl_many_networks more robust under valgrind
It is possible for a low powered CPU to take excessively long time to
delete 1000 network blocks when running under valgrind. This would have
resulted in the test case failing and the following reset operation
timing out which would then stop the test sequence completely.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-08 13:25:35 +02:00
Jouni Malinen
f77d6d4bd8 tests: Mesh authentication failure events
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-08 13:25:35 +02:00
Masashi Honma
bf51f4f82b mesh: Fix remaining BLOCKED state after SAE auth failure
When SAE authentication fails, wpa_supplicant retries four times. If all
the retries result in failure, SAE state machine enters BLOCKED state.
Once it enters this state, wpa_supplicant doesn't retry connection. This
commit allow connection retries even if the state machine entered
BLOCKED state.

There could be an opinion "Is this patch needed? User could know the SAE
state machine is in the BLOCKED mode by MESH-SAE-AUTH-BLOCKED event.
Then user can retry connection. By user action, SAE state machine can
change the state from BLOCKED to another.". Yes, this is a true at the
joining mesh STA. However, a STA that is already a member of existing
mesh BSS should not retry connection because if the joining mesh STA
used wrong password, all the existing STA should do something from UI to
retry connection.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-02-08 12:43:24 +02:00
Masashi Honma
79ddb2062e mesh: Add a monitor event on SAE authentication getting blocked
Send MESH-SAE-AUTH-BLOCKED event if SAE authentication is blocked. The
BLOCK state will finish when a new peer notification event is sent for
the same MAC address.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-02-07 22:33:23 +02:00
Masashi Honma
dd2cbafc89 mesh: Add a monitor event for SAE authentication failure
SAE authentication fails likely with wrong password. This commit adds a
notification of the failure to the upper application (UI) so that the
application can notify suspection of a wrong password to the user. The
control interface monitor even for this is "MESH-SAE-AUTH-FAILURE
addr=<peer>".

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-02-07 22:23:34 +02:00
Masashi Honma
0cb5f8d945 mesh: Fix inactivity timer for 32 bit system
Commit 5a2a6de6a5 ('mesh: Make inactivity
timer configurable') has a problem on 32 bit systems. Setting
NL80211_MESHCONF_PLINK_TIMEOUT to 0xffffffff causes expiration of STA in
a minute by NL80211_CMD_DEL_STATION event. this is the kernel rule for
STA expiration:

(current jiffies) > (frame Rx jiffies + NL80211_MESHCONF_PLINK_TIMEOUT * 250)

On a 32 bit system, the right side could overflow and be unexpected
small value if NL80211_MESHCONF_PLINK_TIMEOUT is sufficiently large. STA
expiration occurs by this reason.

This patch solves the problem by disabling the STA expiration
functionality in mac80211. However, old kernel does not support
disabling it. If so, this patch sets mac80211 inactivity timer 60
seconds into future from the wpa_supplicant inactivity timer.

And I mis-understood that mesh_max_inactivity=0 disables inactivity
timer in wpa_supplicant. This commit fixes it also.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-02-07 22:20:45 +02:00
Jouni Malinen
a0b3f8e2ff tests: Remove forgottend debug print from p2ps_connect_adv_go_persistent
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-07 16:29:22 +02:00
Jouni Malinen
11e2ddbcd7 mesh: Remove duplicated no_auto_peer update
Commit 07cb45ccb2 ('mesh: Add no_auto_peer
config option') added a new struct wpa_ssid argument and added an
unnecessary parsing and setting of the value in
wpa_supplicant_ctrl_iface_update_network(). This is not needed since
wpa_config_set() takes care of parsing the parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-07 16:19:53 +02:00
Jouni Malinen
1e529832a8 D-Bus: Fix network block type change
It is possible for a network profile to change its type from P2P
persistent group to a normal network and back. The D-Bus interface uses
different types of objects for those, so the object needs to
re-registered in case of type change. This fixes issues in leaving
behind an incorrect type of object and leaking memory when freeing such
a network block that has had its disabled parameter changed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-07 16:19:08 +02:00
Jouni Malinen
c62bd5e44d tests: Remove forgotten debug print from grpform_pbc_overlap
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-07 15:38:29 +02:00
Jouni Malinen
4fada1215d Fix HT40 co-ex scanning issue on hostapd error path
If HT40 co-ex scan fails due to the driver rejecting scan triggers
multiple times, it was possible for the ap_ht40_scan_retry() timeout
being left behind and it getting run after hapd->drv_priv has been
cleared. This would result in NULL pointer dereference in
driver_nl80211_scan.c. Fix this by canceling the timeout when disabling
the interface.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-07 15:37:13 +02:00
Jouni Malinen
23ed011bea Fix Linux packat socket regression work around
Commit e6dd8196e5 ('Work around Linux
packet socket regression') added a mechanism to close the workaround
bridge socket in l2_packet_receive(). However, it did not take into
account the possibility of the l2->rx_callback() closing the l2_packet
socket altogether. This could result in use of freed memory when usin
RSN pre-authentication. Fix this by reordering the calls to clear the
workaround socket before calling the rx_callback.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-07 15:37:13 +02:00
Ilan Peer
d821e2f294 tests: Use the global control interface in test_nfc_p2p.py
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-07 15:37:13 +02:00
David Spinadel
bbcbbd3701 tests: Modify autogo_bridge test to use group interface
1. Add get_group_ifname() to wpasupplicant.py
2. Use the function to get the interface name for the bridge.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2015-02-07 15:37:13 +02:00
Ilan Peer
4ef05faf43 tests: Modify test_p2p_discovery to use global and group interfaces
Modify the tests in test_p2p_discovery to use the global
control interface and group interface.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-07 15:37:13 +02:00
Ilan Peer
da749dc579 tests: Use the group control interface in p2p_channel_avoid
Use the group control interface to wait for P2P-REMOVE-AND-REFORM-GROUP
as the event is a group event.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-07 15:37:13 +02:00
Ilan Peer
d4f2ba749e tests: Use group control interface in autogo
P2P-PRESENCE-RESPONSE is a group event, and thus need
to use the group control interface.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-07 15:37:13 +02:00
Ilan Peer
75826fc6e6 tests: Use global control interface in wpas_ctrl_global
Use the global control interface to set/get the status of the
P2P Device.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-07 15:37:13 +02:00
Jouni Malinen
c4668009d0 tests: Remove unnecessary use of sudo from test cases
run-tests.py is running as root, so sudo does not need to be used
anymore from within each test case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-07 15:37:13 +02:00
Jouni Malinen
b638f70316 tests: Replace subprocess.call for rm with os.remove()
There is no need to use sudo and external rm to remove files now that
run-tests.py is required to run as root.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-07 15:37:13 +02:00
Jouni Malinen
592015c3c1 tests: Fix wpas_config_file after implementation change
The new wpa_supplicant configuration writing design (rename instead of
write to original file) did not fail with the symlink-to-self case, so
replace this with the config file being replaced with a directory. In
addition, get rid of unnecessary use of subprocess since run-tests.py is
running as root nowadays.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-07 15:37:13 +02:00
Vinit Deshpande
663ae2f417 Don't write to wpa_supplicant.conf directly
There is a chance that wpa_supplicant may get killed during
the time it is writing config file. If this happens, user
information like SSIDs and passwords can be lost forever.

This change works around that by writing config to a
temporary file and then renaming the file to the correct name.

Signed-off-by: Vinit Deshpande <vinitd@google.com>
2015-02-07 15:37:13 +02:00
Jouni Malinen
4cfc46934d tests: IBSS with WEP and TKIP
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-06 21:43:50 +02:00
Janusz Dziedzic
d9a9bc04b4 IBSS: Do not enable HT with WEP or TKIP
We should not enable HT if WEP or TKIP is configured.
Without the patch and WEP configuration we will get message:
Association request to the driver failed

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-02-06 21:43:35 +02:00
Jouni Malinen
0d7eb4344f ACS: Accept channel if any (rather than all) survey results are valid
Previously, a channel with even a single scan/survey result missing
information was skipped in ACS. This may not be desirable in cases when
multiple scan iterations are used (which is the case by default in
hostapd). Instead, use all channels that provided at least one complete
set of results. Calculate the average interference factor as an average
of the iterations that did provide complete values.

This seems to help with some cases, e.g., when ath9k may not be able to
report the noise floor for all channels from the first scan iteration
immediately after the driver has been loaded, but then returns it for
all other scan iterations.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-06 21:26:32 +02:00
Jouni Malinen
65013c9331 tests: ACS with acs_chan_bias parameter
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-06 18:02:33 +02:00
Jouni Malinen
68fa00c341 ACS: Allow specific channels to be preferred
The new acs_chan_bias configuration parameter is a space-separated list
of <channel>:<bias> pairs. It can be used to increase (or decrease) the
likelihood of a specific channel to be selected by the ACS algorithm.
The total interference factor for each channel gets multiplied by the
specified bias value before finding the channel with the lowest value.
In other words, values between 0.0 and 1.0 can be used to make a channel
more likely to be picked while values larger than 1.0 make the specified
channel less likely to be picked. This can be used, e.g., to prefer the
commonly used 2.4 GHz band channels 1, 6, and 11 (which is the default
behavior on 2.4 GHz band if no acs_chan_bias parameter is specified).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-06 17:59:57 +02:00
Jouni Malinen
6f41a25805 ACS: Use weighted average for 2.4 GHz adjacent channel interference
The interference factors for adjacent 2.4 GHz channels were summed
together without doing any kind of weighted average on them. This
resulted in the channels at the band edges getting undue preference due
to only including interference factors from three channels vs. five for
the channels in the middle of the band.

While it is somewhat unclear whether the design here was supposed to
count overlapping channels together in this way or whether that is
already covered in channel survey results, it is clear that this summing
of three to five values together and then comparing the sum rather than
average of some kind gives too much preference to the channels at the
edges of the band by assuming that there is no interference whatsoever
outside the band.

Use weighted average of the interference factors rather than a sum from
different number of values. For now, the adjacent 2.4 GHz channels get
weight of 0.85 (1.0 for the main channel itself) and the neighboring
channels to those adjacent ones get 0.55 weight. Band-edge channels are
handled in a way that takes average over the channels that were actually
considered instead of assuming zero interference from neighboring bands.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-06 17:21:17 +02:00
Ilan Peer
1cb3ad7362 tests: Use global control interface in test_p2p_concurrency
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-05 13:48:40 +02:00
Ilan Peer
2a9eb1494c tests: Use global control interface in test_p2p_service
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-05 13:48:40 +02:00
Ilan Peer
e9986d8b0b tests: Modify test_p2p_discovery to use global control interface
1. Modify discovery_stop to use global control interface when calling
   P2P_FLUSH.
2. Modify p2p_listen_and_offchannel_tx to use the global control
   interface when waiting for P2P PD event.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-05 13:48:40 +02:00
Eliad Peller
a918e48af1 tests: Add printk tracer to trace-cmd
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
2015-02-05 13:48:40 +02:00
Ben
d715738578 tests: Modify tests in test_ap_pmf to use own_addr()
Some of the tests used p2p_dev_addr() that can be different from
own_addr() if a dedicated P2P Device interface is used.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-02-05 13:48:40 +02:00
Ben
3d8c7953e3 tests: Modify tests in test_hapd_ctrl to use own_addr()
Some of the tests used p2p_dev_addr() that can be different from
own_addr() if a dedicated P2P Device interface is used.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-02-05 13:48:40 +02:00
Ben
1d21a5bee5 tests: Fix ap_wps_per_station_psk to use own_addr()
The test used p2p_dev_addr() that can be different from own_addr()
if a dedicated P2P Device interface is used.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-02-05 13:48:40 +02:00
Ben
18945a8c8e tests: Fix ap_wpa2_psk_file to use own_addr
The test used p2p_dev_addr() that can be different from own_addr()
if a dedicated P2P Device interface is used.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-02-05 13:48:40 +02:00
Matti Gottlieb
83e1bab022 tests: Fix destination address in ap_hs20_remediation_required_ctrl
Fix the destination address that is sent in the WNM-Notification to be
the BSS address opposed to the P2P address.

Signed-off-by: Matti Gottlieb <matti.gottlieb@intel.com>
2015-02-05 13:48:40 +02:00
Ilan Peer
36f2818784 tests: Use get_bss() with ifname in autogo
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-05 13:48:40 +02:00
Ilan Peer
fb9cf82eb3 tests: Add option to specify ifname to get_bss()
This is needed for cases that the group interface differs from the main
interface, i.e., when a dedicated P2P Device interface is used.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-05 13:48:40 +02:00
Ilan Peer
5270b2fbb7 tests: Use the global control interface in test_p2p_grpform
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-05 13:48:35 +02:00
Ilan Peer
c282b9b40e tests: Use global_request for SET commands in test_p2p_grpform
When the 'SET' command is used to configure parameters related to P2P
operation use the global control interface and not the per interface one
as otherwise the setting will only have effect on the interface and will
work if a dedicated P2P_DEVICE is used.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-05 13:38:10 +02:00
Ilan Peer
cef63d6b2f tests: Update group ifname in p2p_go_invite_auth
Once the connection is established need to call group_form_result() on
the invited device, as otherwise the group interface name is not updated
and the connectivity test is done with the main interface instead of the
group interface.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-05 13:38:10 +02:00
Ilan Peer
098a687ffb tests: Use global control interface in discovery_dev_id
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-05 13:38:10 +02:00
Ilan Peer
acd620258d tests: Modify autogo_legacy to use the group interface
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-05 13:38:10 +02:00
Ilan Peer
b0d697be91 tests: Use global control interface in wait_go_ending_session()
P2P_EVENT_GROUP_REMOVED is a global event, so use
wait_global_event() instead of wait_event().

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-05 12:50:44 +02:00
Jouni Malinen
644b24c6bb tests: Verify SD TX callback processing after P2P find is stopped
These are far from perfect since timing is quite difficult to match for
the case that behaved incorrectly. Anyway, it looks loke
p2p_service_discovery_peer_not_listening was able to hit the error now
and then, so this should be sufficient as a regression test case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-04 20:47:14 +02:00
Krishna Vamsi
2c0efd9e49 P2P: Fix stopping on search after SD callback
If p2p_find_timeout triggers after starting SD but before getting TX
status for send action, unwanted search could get triggered again when
TX status arrives though p2p_find_timeout moved the state to P2P_IDLE by
then. p2p_continue_find() would then move the state to P2P_SEARCH again.
Do not trigger the find operation from this context if state is
P2P_IDLE to avoid this.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-04 20:46:47 +02:00
Jouni Malinen
db3168d414 OpenSSL: Use SSL_cache_hit() when available
This is going to be required for OpenSSL 1.1.0 which makes the SSL
structure opaque. Older versions starting from OpenSSL 1.0.1 include
this function, so start using it now based on OPENSSL_VERSION_NUMBER.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-04 02:04:35 +02:00
Jouni Malinen
68ae4773a4 OpenSSL: Use library wrapper functions to access cert store
OpenSSL 0.9.8 and newer includes SSL_CTX_get_cert_store() and
SSL_CTX_set_cert_store() helper functions, so there is no need to
dereference the SSL_CTX pointer to cert ssl_ctx->cert_store. This helps
in working with the future OpenSSL 1.1.0 release that makes the SSL_CTX
structure opaque.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-04 01:58:37 +02:00