Commit Graph

11971 Commits

Author SHA1 Message Date
Jouni Malinen
0f6fb05d91 tests: Make hostapd_oom_wpa2_psk catch cases more robustly
For some reason, a potential OOM in hostapd_config_read_wpa_psk() and
hostapd_derive_psk() were missed in --codecov runs during the main
iteration loop. Cover these specific cases with separate instances to
avoid missing coverage.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 18:24:05 +02:00
Jouni Malinen
34e29dfd4b Remove unnecessary NULL check from hostapd_config_read_wpa_psk() call
This function is already checking the fname argument against NULL, so
use that check on its own instead of duplicating the check in the only
caller.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 17:42:41 +02:00
Jouni Malinen
9ec3debf24 tests: FILS SK authentication with SHA384
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 14:50:28 +02:00
Jouni Malinen
946315f172 tests: More ieee802_11_vendor_ie_concat() coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 14:44:44 +02:00
Jouni Malinen
b6437fa54b tests: VHT with 160 MHz channel width and HT40 disabled
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 14:30:50 +02:00
Jouni Malinen
90bef2c9c3 tests: VHT 160 MHz tests with all different HT primary channels
This extends previous ap_vht160_no_dfs test case coverage by running the
same test case with each of the possible HT primary channel
alternatives.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 14:30:50 +02:00
Jouni Malinen
7a92dbd792 tests: SAE protocol testing with hostapd
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 14:30:50 +02:00
Jouni Malinen
e4b5f889b4 tests: Remove src/common/cli.c from code coverage report
This file is used only by hostapd_cli and wpa_cli and neither of those
are currently included in code coverage reporting. Avoid dropping the
coverage numbers by code that cannot be reached due to not being
included in the programs that are covered.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 14:30:50 +02:00
Jouni Malinen
901e6fabcb tests: More ieee802_11_parse_elems() coverage for new elements
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 14:30:50 +02:00
Jouni Malinen
09af451bd0 tests: Operating classes with HT20 and HT40 channels
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 00:17:05 +02:00
Badrish Adiga H R
65dfa87286 mka: Make MKA actor priority configurable
This adds a new wpa_supplicant network profile parameter
mka_priority=0..255 to set the priority of the MKA Actor.

Signed-off-by: Badrish Adiga H R <badrish.adigahr@gmail.com>
2016-12-25 11:41:46 +02:00
Jouni Malinen
1106833537 tests: Fix p2p_autogo_pref_chan_not_in_regulatory with new regdb
5745 MHz was added as an allowed short range device range in
wireless-regdb for DE which made this test case fail. Fix it for now by
using SE instead of DE for the second part of the test case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-25 01:09:06 +02:00
Jouni Malinen
963041c3cb tests: Fix mesh_open_vht_160 skipping
It is possible for wireless-regdb to include a 160 MHz channel, but with
DFS required. This test case need the regulatory information to allow
160 MHz channel without DFS. Fix false failures by skipping the test if
this exact combination is not found.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-25 00:47:01 +02:00
Jouni Malinen
2db07d16bf tests: Fix peerkey_sniffer_check with newer Wireshark version
Wireshark renamed eapol.keydes.key_info to
wlan_rsna_eapol.keydes.key_info and that broke this test case when
upgrading Wireshark. Fix this by trying to use both the new and the old
name.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-25 00:38:52 +02:00
Jouni Malinen
6219943d57 tests: Fix eap_fast_tlv_nak_oom and eap_fast_proto_phase2
Something broke eap_fast_tlv_nak_oom when moving from Ubuntu 14.04 to
16.04. OpenSSL.SSL.Connection() state_string() returns None in these
cases and the debug log prints for that were causing the case to fail.
For now, work around this by checking whether the state string is None
before trying to print it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-25 00:19:26 +02:00
Jouni Malinen
fabce22df6 tests: Clear monitor socket within p2p_msg_unexpected_go_neg_resp
This makes the debug log easier to understand and avoids leaving large
number of pending messages into the wpa_supplicant control interface
sockets.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-24 13:09:23 +02:00
Jouni Malinen
9bcfd5be86 Document new D-Bus WPS properties
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-24 00:16:25 +02:00
Jouni Malinen
4e6bd66744 tests: Additional D-Bus WPS Get/Set properties
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-23 21:28:43 +02:00
Jouni Malinen
77fcbf7ff1 D-Bus: Use a helper function to get possibly NULL strings
This type of check is used in quite a few getter functions, so add a
helper function to take care of it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-23 21:28:43 +02:00
Avichal Agarwal
dbf524946b D-Bus: Add DeviceType in WPS property
Signed-off-by: Avichal Agarwal <avichal.a@samsung.com>
2016-12-23 21:28:43 +02:00
Avichal Agarwal
266097fdad D-Bus: Add device serial number in WPS property
Signed-off-by: Avichal Agarwal <avichal.a@samsung.com>
Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
2016-12-23 11:02:43 +02:00
Avichal Agarwal
3ee6a3ab35 D-Bus: Add model number in WPS property
Signed-off-by: Avichal Agarwal <avichal.a@samsung.com>
Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
2016-12-23 10:59:53 +02:00
Avichal Agarwal
ae66822cd8 D-Bus: Add WPS model name as property
Signed-off-by: Avichal Agarwal <avichal.a@samsung.com>
Signed-off-by: Kyeong-Chae Lim <kcya.lim@samsung.com>
2016-12-23 10:59:53 +02:00
Avichal Agarwal
318d4b5beb D-Bus: Add WPS manufacturer as property
Signed-off-by: Avichal Agarwal <avichal.a@samsung.com>
Signed-off-by: Kyeong-Chae Lim <kcya.lim@samsung.com>
Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
2016-12-23 10:59:50 +02:00
Avichal Agarwal
b20f031c68 D-Bus: Add WPS device name as property
Signed-off-by: Avichal Agarwal <avichal.a@samsung.com>
Signed-off-by: Kyeong-Chae Lim <kcya.lim@samsung.com>
Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
2016-12-23 10:51:09 +02:00
Jouni Malinen
f05a893eda tests: Check MESH flag in BSS output in wpas_mesh_mode_scan
In addition, use a single channel scan to make the test case run faster.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-22 14:17:48 +02:00
Sunil Dutt
4a45dc1921 mesh: Show [MESH] flag in print_bss_info()
This was previously done for SCAN_RESULTS, but the BSS control interface
command did not show a similar flag. In addition, change "WPA2" to "RSN"
for mesh BSS to be consistent with the SCAN_RESULTS output.

Commit 638d945679 ('mesh: Show [MESH] flag
in scan results') did similar changes for SCAN_RESULTS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-22 14:11:02 +02:00
Mikael Kanstrup
c04a67deb0 hostapd_cli: Add completion for get command
Add command completion support for get command.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
2016-12-21 12:59:08 +02:00
Mikael Kanstrup
bf4167b9d5 hostapd_cli: Add completion for set command
Add command completion support for set command.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
2016-12-21 12:57:54 +02:00
Mikael Kanstrup
86adff09e9 hostapd_cli: Completion for further commands with STA parameter
Yet some more commands take STA address as the only parameter. Add
command completion support for the following commands:

signature, sa_query, send_qos_map_conf and req_lci

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
2016-12-21 12:55:36 +02:00
Mikael Kanstrup
4f59ad0699 hostapd_cli: Use common completion for commands that use stations
More than one command takes STA address as the only parameter. Make use
of a common completion routine.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
2016-12-21 12:54:24 +02:00
Mikael Kanstrup
62b95eb67e hostapd_cli: Add missing command help descriptions
Some commands are missing help description making them not show up in
the list of supported commands. Add command help description for all
missing commands.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
2016-12-21 12:53:53 +02:00
Joel Cunningham
04f02faac4 Fix wpa_cipher_to_alg() return type
wpa_cipher_to_alg() returns enumerated values from enum wpa_alg and all
uses of the return value treat it as enum wpa_alg (by either assigning
it to a variable of type enum wpa_alg or passing to a function that
expects enum wpa_alg).

This commit updates the return value to match the expected usage
(enum  wpa_alg) rather than int. This ensures the return value is
of the proper type and eliminates the following compiler warnings:

ARM RVCT (2.2):
  'Warning: #188-D: enumerated type mixed with another type'

Signed-off-by: Joel Cunningham <joel.cunningham@me.com>
2016-12-21 12:48:16 +02:00
Jouni Malinen
0c8d7b085c tests: wpa_supplicant BSS CURRENT command
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-21 12:46:14 +02:00
Joel Cunningham
9187b13adb wpa_supplicant: Add BSS CURRENT control interface command
This commit extends the BSS commands to include "BSS CURRENT" as a way
to get the current BSS without having to walk the BSS list matching
against BSSID+SSID returned from the STATUS command.

This returns the BSS stored in wpa_s->current_bss.

Signed-off-by: Joel Cunningham <joel.cunningham@me.com>
2016-12-21 12:42:20 +02:00
Jouni Malinen
969e525091 tests: Skip eap_tls_pkcs8_pkcs5_v15 with BoringSSL
It does not look like BoringSSL allows pbeWithMD5AndDES-CBC to be used
to protect the local private key, so skip this test case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-21 12:31:20 +02:00
Jouni Malinen
d7f12e4eb9 OpenSSL: Make sure local certificate auto chaining is enabled
Number of deployed use cases assume the default OpenSSL behavior of auto
chaining the local certificate is in use. BoringSSL removed this
functionality by default, so we need to restore it here to avoid
breaking existing use cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-21 12:23:15 +02:00
Jouni Malinen
4be02b71bb OpenSSL: Remove SSL_{CTX_,}_clear_options ifdefs
This simplifies the implementation since the SSL_clear_options() and
SSL_CTX_clear_options() are available in all supported versions of
OpenSSL. These were previously needed with older (now obsolete) versions
of OpenSSL, but the ifdefs were missed when removing the more explicit
version macro based backwards compatibility sections.

In practice, this reverts commit
d53d2596e4.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-21 12:06:21 +02:00
Jouni Malinen
e297cc0d23 tests: P2P service discovery restarted immediately
This test case verifies that SD Response frame does not block the
following remain-on-channel operation unnecessarily long.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-21 00:21:37 +02:00
Jouni Malinen
7655bd7388 P2P: Do not use wait_time for SD Response TX without fragmentation
The full SD Response frame is not going to be followed by another Action
frame from the peer, so remove the 200 ms wait time from the offchannel
TX command in that case. This avoids leaving a 200 ms lock on the radio
to remain on the channel unnecessarily.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-21 00:18:03 +02:00
Jouni Malinen
1f0fdaf0e4 Fix race condition between AssocResp callback and 4addr event
It is apparently possible for the NL80211_CMD_UNEXPECTED_4ADDR_FRAME
event to be delivered to hostapd before the NL80211_CMD_FRAME_TX_STATUS
event for (Re)Association Response frame. This resulted in the 4-address
WDS mode not getting enabled for a STA. This could occur in particular
when operating under heavy load and the STA is reconnecting to the same
AP in a sequence where Deauthentication frame is followed immediately by
Authentication frame and the driver event processing gets delayed due to
removal of the previous netdev taking time in the middle of this
sequence.

Fix this by recording a pending item for 4-address WDS enabling if the
NL80211_CMD_UNEXPECTED_4ADDR_FRAME event would have been dropped due to
incompleted association and then process this pending item if the TX
status for the (Re)Association Response frame is received and it shows
that the frame was acknowledged.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-20 01:30:09 +02:00
Jouni Malinen
ad02e79d12 tests: Disable HT in ap_wds_sta_wep
HT cannot be used with WEP-only network, so don't try to do that here.
This get rids of some unnecessary Beacon frame updates during
disassociation/association and can make the test case a bit more robust.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-19 22:47:07 +02:00
Purushottam Kushwaha
a6f3761f7d eap_proxy: Add support for SIM state change indication from eap_proxy
This registers a new callback to indicate change in SIM state. This
helps to do some clean up (more specifically pmksa_flush) based on the
state change of the SIM. Without this, the reconnection using the cached
PMKSA could happen though the SIM is changed.

Currently eap_proxy_sim_state corresponds to only SIM_STATE_ERROR. This
can be further extended.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-19 22:21:07 +02:00
Jouni Malinen
79a54ab9f6 eap_proxy: Fix eap_proxy_init() prototype to use const eapol_cb
The eapol_cb structure was made const and that change resulted in a
compilation warning/error if CONFIG_EAP_PROXY=<name> is enabled in the
wpa_supplicant build configuration. Fix this by updating the function
prototype to match the change.

Note: This results in a change needed to external eap_proxy_*.c
implementations to match the change.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-19 22:14:07 +02:00
Jouni Malinen
aed9e23ae5 tests: WPS ER enrolling a new device to a configured AP
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-19 17:44:51 +02:00
Jouni Malinen
6c44d97b04 tests: D-Bus P2P discovery on a specific non-social channel
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-19 13:18:05 +02:00
Amit Purwar
4e118c847b D-Bus: Add 'freq' option to P2P Find method to specify starting channel
This allows user to start P2P Find/Scan on a particular frequency and
then move to scanning social channels. This support is already present
on control socket.

Signed-off-by: Amit Purwar <amit.purwar@samsung.com>
2016-12-19 13:09:31 +02:00
Jouni Malinen
74d29544f1 tests: RSN AP and PeerKey between two STAs with sniffer check
The previous PeerKey test cases did not actually verify in any way that
the SMK and STK exchanges were completed since mac80211 does not support
setting the key from STK. Use a sniffer check to confirm that the
exchanges complete to avoid PeerKey regressions like the ones fixed in
the last couple of commits.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-18 20:28:10 +02:00
Jouni Malinen
e414f4f021 PeerKey: Fix STK 4-way handshake regression
Commit c93b7e1888 ('RSN: Check result of
EAPOL-Key frame send request') forgot to update two PeerKey users of
EAPOL-Key TX functions. That resulted in STK handshake failing since
message 2/4 and 4/4 TX calls were assumed to have failed when the return
value was changed from 0 to a positive value for success case. This
resulted in not updating nonce information properly and hitting
following error when processing STK 4-way handshake message 3/4:

RSN: INonce from message 1 of STK 4-Way Handshake differs from 3 of STK
4-Way Handshake - drop packet (src=<addr>)

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-18 19:56:05 +02:00
Jouni Malinen
28fb9bb195 PeerKey: Fix EAPOL-Key processing
Commit 6d014ffc6e ('Make struct
wpa_eapol_key easier to use with variable length MIC') forgot to update
number of EAPOL-Key processing steps for SMK and STK exchanges and broke
PeerKey. Fix this by updating the Key Data field pointers to match the
new style with variable length Key MIC field.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-18 19:07:29 +02:00