Commit graph

17230 commits

Author SHA1 Message Date
Jouni Malinen
e90ededb4b wlantest: Skip Mesh Control field from the beginning of payload
This allows correct processing of Data frames with Mesh Control field by
finding the LLC/SNAP header after that field.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-09 20:20:24 +02:00
Jouni Malinen
503901e72d wlantest: Check all configured TKs if no matching GTK is known
This allows group-addressed frames to be decrypted by listing all
possible GTKs in the PTK file.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-09 17:29:48 +02:00
Jouni Malinen
9216929ab6 tests: HE and TWT
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 22:08:52 +02:00
Ben Greear
7fd2f24962 TWT: Support sending TWT Setup and Teardown Action frames
This adds new control interface commands TWT_SETUP and TWT_TEARDOWN. For
now, these are only for testing purposes to be able to trigger
transmission of the TWT Action frames without configuring any local
behavior for TWT in the driver.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2021-03-07 22:07:37 +02:00
Jouni Malinen
edbaffc4f6 wpabuf: Add helper functions for writing 64-bit integers
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 21:31:41 +02:00
Jouni Malinen
cf47a43335 tests: EAP-SIM DB error cases (SQLite)
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 17:58:14 +02:00
Jouni Malinen
ac2dddf7d1 tests: DPP NFC with hostapd
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 17:38:27 +02:00
Jouni Malinen
96279a5c51 tests: DPP chirp with an AP as a standalone Configurator
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 13:18:01 +02:00
Jouni Malinen
fd13693cac tests: DPP PKEX errors with hostapd
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 13:12:37 +02:00
Jouni Malinen
d28c2de249 tests: DPP chirp errors in hostapd
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 13:02:59 +02:00
Jouni Malinen
692ff6f002 tests: DPP Controller management in hostapd
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 12:57:25 +02:00
Jouni Malinen
39ff1a67ad tests: Invalid DAC_REQUEST values
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 12:46:38 +02:00
Jouni Malinen
ea82abc18a tests: hostapd ATTACH errors
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 12:41:16 +02:00
Jouni Malinen
234761082a tests: hostapd PMKSA_ADD failures
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 12:34:32 +02:00
Jouni Malinen
17d85158cf Fix hostapd PMKSA_ADD with Authenticator disabled
This function can get called with hapd->wpa_auth == NULL from the
control interface handler, so explicitly check for that.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 12:33:30 +02:00
Jouni Malinen
e6dae30ce1 tests: EAPOL/key config test command failures
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 12:25:38 +02:00
Jouni Malinen
261dbf7341 tests: hostapd GET_CAPABILITY
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 12:14:54 +02:00
Jouni Malinen
b385b4765d tests: ADD_MAC/DEL_MAC special cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 12:11:56 +02:00
Jouni Malinen
b0ded7d273 tests: Additional invalid SET_NEIGHBOR coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 12:08:02 +02:00
Jouni Malinen
924c17aad5 tests: hostapd ctrl_iface SHOW_NEIGHBOR while neighbor report disabled
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 12:05:09 +02:00
Jouni Malinen
8e6a56b6e0 tests: Additional invalid REQ_BEACON cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 12:02:46 +02:00
Jouni Malinen
9c47624fc8 tests: VENDOR command
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 11:51:54 +02:00
Jouni Malinen
0a549776ce tests: VHT CSA with VHT80+80 getting enabled
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 01:42:48 +02:00
Jouni Malinen
147d6d3727 Update VHT capabilities info on channel switch event
This is needed to be able to move from 80 MHz or lower bandwidth to 160
or 80+80 MHz bandwidth (and back) properly without leaving the Beacon
frame VHT elements showing incorrect information.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 01:35:25 +02:00
Jouni Malinen
dc587c479c nl80211: Determine secondary channel offset for CS to 80+80 MHz
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 01:21:12 +02:00
Jouni Malinen
0a8095d729 nl80211: Debug print for channel switch request parameters
These can be helpful for debugging channel switch issues.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 01:11:18 +02:00
Jouni Malinen
a20ace3a1e nl80211: Add command-to-string mapping for previously missed commands
In addition, make the compiler warn if a new enum value is added without
defining the matching mapping to a string.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 01:06:00 +02:00
Jouni Malinen
0f37b8142b More specific set_freq_params debug prints for 80/80+80 MHz errors
It is more convenient to see the exact error in the debug log instead of
getting noted that something was invalid.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-07 00:54:36 +02:00
Jouni Malinen
3c5ea9fd9f tests: VHT CSA with invalid parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-06 17:02:38 +02:00
Jouni Malinen
0922519091 tests: Additional GET_PMK coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-06 16:33:03 +02:00
Avraham Stern
ab89291928 nl80211: Use process_bss_event() for the nl_connect handler
The nl_connect is initialized with the process_bss_event() handler.
However, it is used several times with the default valid handler. As a
result, if a message that is only valid for process_bss_event() is
received while the default handler is used, it will be dropped.

This has been observed in a case where during the 4-way handshake, a
Beacon frame is received on the AP side, which triggers a beacon update,
just before receiving the next EAPOL. When send_and_recv_msgs_owner() is
called for sending the NL80211_CMD_SET_BEACON command, the
NL80211_CMD_CONTROL_PORT_FRAME event is already pending. As a result, it
is received with the default handler, which drops it. Since the EAPOL
frame is dropped, the connection attempt fails.

Fix it by using the process_bss_event() handler when the nl_connect
handler is used.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2021-03-06 13:36:20 +02:00
Jouni Malinen
f7835ac163 tests: IGTK and BIGTK replay protection
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-06 13:17:55 +02:00
Jouni Malinen
5a7e806b69 tests: Invalid MGMT_TX_STATUS_PROCESS
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-06 13:17:55 +02:00
Jouni Malinen
f5439acf6a tests: RELOAD_WPA_PSK failure
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-06 13:17:55 +02:00
Jouni Malinen
7c5442e744 DPP: Clear hapd->gas pointer on deinit
While it does not look like the stale pointer could have been
dereferenced in practice, it is better not to leave the stale pointer to
freed memory in place to avoid accidental uses.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-06 11:56:00 +02:00
Jouni Malinen
b54410127d tests: hapd->tmp_eap_user clearing on interface deinit/reinit
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-06 11:45:48 +02:00
Jouni Malinen
076e0abddb SQLite: Fix temporary eap_user data freeing on interface restart
hapd->tmp_eap_user needs to be cleared on interface deinit to avoid
leaving stale pointers to freed memory.

Fixes: ee431d77a5 ("Add preliminary support for using SQLite for eap_user database")
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-06 11:44:38 +02:00
Jouni Malinen
3e735adf0b tests: WNM time advertisement and interface restart
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-06 11:38:18 +02:00
Michael Braun
2da3105ac1 Fix use after free with hapd->time_adv on interface restart
When an interface is disabled, e.g. due to radar detected,
hapd->time_adv is freed by hostapd_free_hapd_data(), but later
used by ieee802_11_build_ap_params() calling hostapd_eid_time_adv().

Thus hapd->time_adv needs to be cleared as well.

Fixes: 39b97072b2 ("Add support for Time Advertisement")
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2021-03-06 11:37:26 +02:00
Jouni Malinen
48e2725f5a Add a link to Patchwork for a list of pending patches
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-06 11:26:20 +02:00
Jouni Malinen
fa4cd46c37 tests: Roam command during a scan operation
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-06 11:11:21 +02:00
Matthew Wang
5ac977758d Reject authentication start during explicit roam requests
The roam D-Bus and ROAM control itnerface commands flip the reassociate
bit before calling wpa_supplicant_connect(). wpa_supplicant connect
eventually aborts ongoing scans (if any), which causes scan results to
be reported. Since the reassociate bit is set, this will trigger a
connection attempt based on the aborted scan's scan results and cancel
the initial connetion request. This often causes wpa_supplicant to
reassociate to the same AP it is currently associated to instead of the
explicitly requested roaming target.

Add a roam_in_progress flag to indicate that we're currently attempting
to roam via an explicitly request to a specific BSS so that we don't
initiate another connection attempt based on the possibly received scan
results from a scan that was in progress at the time the roam command
was received.

Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
2021-03-06 10:59:05 +02:00
Kiran Kumar Lokere
800fb69970 QCA vendor attribute to allow 6 GHz connection with all security types
Add a QCA vendor attribute to configure the driver to allow the 6 GHz
connection with all security types. This attribute is used for testing
purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-04 18:05:06 +02:00
Kiran Kumar Lokere
1a60099f26 QCA vendor attribute to ignore SAE H2E requirement mismatch
Add a QCA vendor attribute to ignore SAE H2E requirement mismatch for 6
GHz connection. This attribute is used for testing purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-04 18:04:07 +02:00
Jouni Malinen
ed14b29f38 wpaspy: Do not mark not-existing UNIX domain socket as UDP
os.stat(path) failure is an ambigious indication of the control
interface "path" type (UDP hostname vs. UNIX domain socket path). The
path may be a valid UNIX domain socket path, but that socket could have
been removed just before reaching here. At least the hwsim test case
concurrent_p2pcli managed to hit the "connect exception" print below
from UDP handling even when using a UNIX domain socket.

Work around incorrect determination of control interface socket type by
assuming anything starting with '/' is a UNIX domain socket and not a
hostname.

Fixes: a2c88a8025 ("wpaspy: Add support for UDP connection")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-01 12:51:20 +02:00
Jouni Malinen
8d80aa3fca tests: Fix openssl_systemwide_policy cleanup
Need to close the WpaSupplicant instance on the extra radio before
returning from this test case since that interface is going to be
removed and WpaSupplicant.__del__() can time out on trying to detach the
monitor connection after that.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-01 12:34:05 +02:00
Nikolas Nyby
e9d598d8a8 Update old link to ACS wiki documentation
The old links here were broken.

Signed-off-by: Nikolas Nyby <nikolas@gnu.org>
2021-03-01 11:14:46 +02:00
Jouni Malinen
024fcb22ca tests: hostapd RELOAD with invalid configuration
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-01 11:13:46 +02:00
Jouni Malinen
ff6a305ced tests: OCV override in FT Reassociation Response
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-28 23:50:50 +02:00
Jouni Malinen
b5e3d92ee4 OCV: Fix OCV-FAILURE event address for FT Reassociation Response frame
sm->bssid is still the BSSID of the previous AP at this point in the FT
protocol, so need to show the target AP's BSSID instead in the failure
message.

Fixes: 8c1f61e820 ("OCV: Report OCI validation failures with OCV-FAILURE messages (STA)")
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-28 23:50:50 +02:00