Commit message (Collapse)AuthorAgeFilesLines
* tests: Flush scan results in more Hotspot 2.0 test casespendingJouni Malinen9 days1-0/+1
| | | | | | This makes testing of INTERWORKING_CONNECT more robust. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: Opportunistic Wireless Encryption transition mode disabled on STAJouni Malinen9 days2-1/+31
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* EAP-SIM/AKA peer: Add support for EAP Method prefixHEADmasterHai Shalom9 days1-0/+4
| | | | | | | | | Add support for EAP method prefix in the anonymous identity used during EAP-SIM/AKA/AKA' authentication when encrypted IMSI is used. The prefix is a single character that indicates which EAP method is required by the client. Signed-off-by: Hai Shalom <haishalom@google.com>
* tests: Call stop_sigma_dut() in more failure casesJouni Malinen10 days1-310/+329
| | | | | | | | | Some of the sigma_dut test cases were not yet using try/finally to ensure stop_sigma_dut() gets called. That could result in not logging all failure reasons in the log and getting stuck with being unable to start new sigma_dut processes after failed test cases. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: Enable sigma_dut debug log for all test casesJouni Malinen10 days1-37/+31
| | | | | | | There is no point in having to enable this separately for each test case since the debug details are always useful if something fails. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: Verify that sigma_dut is functional after startupJouni Malinen10 days1-0/+3
| | | | | | | There is no point in continuing the test ase if sigma_dut is not in functional state. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: Log sigma_dut stdout/stderr separately for each commandJouni Malinen10 days1-0/+34
| | | | | | | This makes logs easier to understand and this may also help in running over buffer space and getting stuck with sigma_dut termination. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* ACS: Populate channel config from external ACS per documented behaviorVamsi Krishna10 days1-12/+13
| | | | | | | | | | | | | | | | | | | | | | Based on the now documented seg0/seg1 values from offloaded ACS, there is a mismatch between the driver interface and internal hostapd use. The value of segment0 field in ACS results is the index of the channel center frequency for 20 MHz, 40 MHz, and 80M Hz channels. The value is the center frequency index of the primary 80 MHz segment for 160 MHz and 80+80 MHz channels. The value of segment1 field in ACS results is zero for 20 MHz, 40 MHz, and 80 MHz channels. The value is the index of the channel center frequency for 160 MHz channels and the center frequency index of the secondary 80 MHz segment for 80+80 MHz channels. However, in struct hostapd_config, for 160 MHz channels, the value of the segment0 field is the index of the channel center frequency of 160 MHz channel and the value of the segment1 field is zero. Map the values from ACS event into hostapd_config fields accordingly. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* ACS: Update documentation of external ACS results event parametersVamsi Krishna10 days2-2/+15
| | | | | | | | | | | | | | Update the documentation with values to be sent for seg0 and seg1 fields in external ACS result event for 20 MHz, 40 MHz, 80 MHz, 160 MHz, and 80+80 MHz channels. These values match the changes done to definitions of seg0 and seg1 fields in the IEEE 802.11 standard. This vendor command had not previously been documented in this level of detail and had not actually been used for the only case that could have two different interpretation (160 MHz) based on which version of IEEE 802.11 standard is used. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* 6 GHz: Fix Channel Width value for 80+80 in 6 GHZ Operation Info fieldVamsi Krishna10 days1-4/+12
| | | | | | | | | | | | | | | | | | | The Channel Width field value is 0 for 20 MHz, 1 for 40 MHz, 2 for 80 MHz, and 3 for both 160 MHz and 80+80 MHz channels. The 80+80 MHz case was not addressed previously correctly since it cannot be derived from seg0 only. The Channel Center Frequency Segment 0 field value is the index of channel center frequency for 20 MHz, 40 MHz, and 80 MHz channels. The value is the center frequency index of the primary 80 MHz segment for 160 MHz and 80+80 MHz channels. The Channel Center Frequency Segment 1 field value is zero for 20 MHz, 40 MHz, and 80 MHz channels. The value is the index of the channel center frequency for 160 MHz channel and the center frequency index of the secondary 80 MHz segment for 80+80 MHz channels. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Silence compiler warning in no-NEED_AP_MLME buildsJouni Malinen10 days1-1/+1
| | | | | | | Make the dummy hostapd_hw_mode_txt() wrapper return "UNKNOWN" instead of NULL to avoid a warning from a debug printf using %s with NULL. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Silence compiler warning with CONFIG_NO_ROAMING=yJouni Malinen10 days1-0/+4
| | | | | | Comment out unused static functions if CONFIG_NO_ROAMING is defined. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: Set key_flag when using SET_KEYAlexander Wetzel10 days2-4/+21
| | | | Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
* Introduce and add key_flagAlexander Wetzel10 days25-83/+205
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the new set_key() parameter "key_flag" to provide more specific description of what type of a key is being configured. This is needed to be able to add support for "Extended Key ID for Individually Addressed Frames" from IEEE Std 802.11-2016. In addition, this may be used to replace the set_tx boolean eventually once all the driver wrappers have moved to using the new key_flag. The following flag are defined: KEY_FLAG_MODIFY Set when an already installed key must be updated. So far the only use-case is changing RX/TX status of installed keys. Must not be set when deleting a key. KEY_FLAG_DEFAULT Set when the key is also a default key. Must not be set when deleting a key. (This is the replacement for set_tx.) KEY_FLAG_RX The key is valid for RX. Must not be set when deleting a key. KEY_FLAG_TX The key is valid for TX. Must not be set when deleting a key. KEY_FLAG_GROUP The key is a broadcast or group key. KEY_FLAG_PAIRWISE The key is a pairwise key. KEY_FLAG_PMK The key is a Pairwise Master Key (PMK). Predefined and needed flag combinations so far are: KEY_FLAG_GROUP_RX_TX WEP key not used as default key (yet). KEY_FLAG_GROUP_RX_TX_DEFAULT Default WEP or WPA-NONE key. KEY_FLAG_GROUP_RX GTK key valid for RX only. KEY_FLAG_GROUP_TX_DEFAULT GTK key valid for TX only, immediately taking over TX. KEY_FLAG_PAIRWISE_RX_TX Pairwise key immediately becoming the active pairwise key. KEY_FLAG_PAIRWISE_RX Pairwise key not yet valid for TX. (Only usable with Extended Key ID support.) KEY_FLAG_PAIRWISE_RX_TX_MODIFY Enable TX for a pairwise key installed with KEY_FLAG_PAIRWISE_RX. KEY_FLAG_RX_TX Not a valid standalone key type and can only used in combination with other flags to mark a key for RX/TX. This commit is not changing any functionality. It just adds the new key_flag to all hostapd/wpa_supplicant set_key() functions without using it, yet. Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
* tests: Fix Python sleep functionMarkus Theil10 days1-1/+1
| | | | | | | | | | | | | | | Current Python versions have no os.sleep(), use time.sleep() instead. module 'os' has no attribute 'sleep' Traceback (most recent call last): File "./run-tests.py", line 521, in main t(dev, apdev) File "/home/mtheil/hostap/tests/hwsim/test_pmksa_cache.py", line 356, in test_pmksa_cache_expiration hapd.wait_ptkinitdone(dev[0].own_addr()) File "/home/mtheil/hostap/tests/hwsim/hostapd.py", line 282, in wait_ptkinitdone os.sleep(0.1) Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
* nl80211: Pass set_key() parameter struct to wpa_driver_nl80211_set_key()Jouni Malinen11 days1-23/+22
| | | | | | | | This is the function that actually uses the parameters, so pass the full parameter struct to it instead of hiding the struct from it in the simple wrapper. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* hostapd: Support VLAN offload to the driverGurumoorthi Gnanasambandhan11 days2-17/+28
| | | | | | | If the driver supports VLAN offload mechanism with a single netdev, use that instead of separate per-VLAN netdevs. Signed-off-by: Gurumoorthi Gnanasambandhan <gguru@codeaurora.org>
* nl80211: VLAN offload supportGurumoorthi Gnanasambandhan11 days3-3/+26
| | | | | | | Add indication for driver VLAN offload capability and configuration of the VLAN ID to the driver. Signed-off-by: Gurumoorthi Gnanasambandhan <gguru@codeaurora.org>
* Add vlan_id to driver set_key() operationGurumoorthi Gnanasambandhan11 days8-30/+36
| | | | | | | | This is in preparation for adding support to use a single WLAN netdev with VLAN operations offloaded to the driver. No functional changes are included in this commit. Signed-off-by: Gurumoorthi Gnanasambandhan <gguru@codeaurora.org>
* driver: Move set_key() parameters into a structJouni Malinen11 days13-97/+184
| | | | | | | | This makes it more convenient to add, remove, and modify the parameters without always having to update every single driver_*.c implementation of this callback function. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: SAE and AP sending Confirm message without waiting STA (2)Jouni Malinen11 days1-0/+12
| | | | | | This goes through sae_confirm_immediate=2 behavior. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE: A bit optimized sae_confirm_immediate=2 for testing purposesJouni Malinen11 days3-9/+47
| | | | | | | | | | | | | sae_confirm_immediate=2 can now be used in CONFIG_TESTING_OPTIONS=y builds to minimize the latency between SAE Commit and SAE Confirm by postponing transmission of SAE Commit until the SAE Confirm frame is generated. This does not have significant impact, but can get the frames tiny bit closer to each other over the air to increase testing coverage. The only difference between sae_confirm_immediate 1 and 2 is in the former deriving KCK, PMK, PMKID, and CN between transmission of the frames (i.e., a small number of hash operations). Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Do not select APs found on disabled channels for connectionVamsi Krishna11 days1-0/+28
| | | | | | | | | | | | | | | | If a channel list changed event is received after a scan and before selecting a BSS for connection, a BSS found on a now disabled channel may get selected for connection. The connect request issued with the BSS found on a disabled channel is rejected by cfg80211. Filter out the BSSs found on disabled channels and select from the other BSSs found on enabled channels to avoid unnecessary connection attempts that are bound to fail. The channel list information will be updated by the driver in cases like country code update, disabling/enabling specific bands, etc. which can occur between the scan and connection attempt. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
| | | | | | | | | Correct the check for presence of QCA_WLAN_VENDOR_ATTR_ACS_VHT_SEG1_CENTER_CHANNEL attribute before using it while processing acs_result event. Fixes: 857d94225a94 ("Extend offloaded ACS QCA vendor command to support VHT") Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: Add digestmod for Python 3.8Markus Theil11 days1-1/+1
| | | | | | | The digestmod argument also exists in earlier Python versions, version 3.8 does not set a default argument anymore. Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
* tests: Fix undefined behavior in module testsMarkus Theil11 days1-2/+2
| | | | | | | Test: wpa_supplicant module tests ../src/utils/utils_module_tests.c:933:7: runtime error: left shift of 1 by 31 places cannot be represented in type 'int' Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
* OpenSSL: Fix memory leak in TOD policy validationJouni Malinen12 days1-0/+1
| | | | | | | Returned policies from X509_get_ext_d2i() need to be freed. Fixes: 21f1a1e66c39 ("Report TOD policy") Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* RSN IBSS: Fix EAPOL TX using control portMarkus Theil13 days1-0/+4
| | | | | | | This was previously done only in supplicant role, but a similar change is needed for the authenticator role. Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
* tests: PSK/EAP without nl80211 control portJouni Malinen14 days2-0/+41
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* nl80211: Allow control port to be disabled with a driver paramJouni Malinen14 days1-0/+3
| | | | | | | | | This is mainly for testing purposes to allow wpa_supplicant and hostapd functionality to be tested both with and without using the nl80211 control port which is by default used whenever supported by the driver. control_port=0 driver parameter will prevent that from happening. Signed-off-by: Jouni Malinen <j@w1.fi>
* nl80211: Use control port TX for AP modeMarkus Theil14 days1-0/+4
| | | | Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
* nl80211: Report control port RX eventsMarkus Theil14 days1-0/+15
| | | | | | | | | This allows EAPOL frames to be received over the separate controlled port once rest of the driver interface is ready for this. By itself, this commit does not actually change behavior since cfg80211 will not be delivering these events without them being explicitly requested. Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
* Add no_encrypt flag for control port TXMarkus Theil14 days7-13/+36
| | | | | | | | In order to correctly encrypt rekeying frames, wpa_supplicant now checks if a PTK is currently installed and sets the corresponding encrypt option for tx_control_port(). Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
* wpa_supplicant: Send EAPOL frames over nl80211 where availableBrendan Jackman14 days2-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Linux kernel v4.17 added the ability to request sending control port frames via nl80211 instead of a normal network socket. Doing this provides the device driver with ordering information between the control port frames and the installation of keys. This empowers it to avoid race conditions between, for example, PTK replacement and the sending of frame 4 of the 4-way rekeying handshake in an RSNA. The key difference between a TX_CONTROL_PORT and normal socket send is that the device driver will certainly get any EAPOL frames comprising a 4-way handshake before it gets the key installation call for the derived key. By flushing its TX buffers it can then ensure that no pending EAPOL frames are inadvertently encrypted with a key that the peer will not yet have installed. Update the RSN supplicant system to use this new operation for sending EAPOL-Key frames when the driver reports that this capability is available; otherwise, fall back to a normal Ethernet TX. I have tested this on DMG (11ad/ay) devices with an out-of-tree Linux driver that does not use mac80211. Without this patch I consistently see PTK rekeying fail if message 4/4 shares a stream with other in-flight traffic. With this patch, and the driver updated to flush the relevant TX queue before overwriting a PTK (knowing, now, that if there was a message 4/4 related to the key installation, it has already entered the driver queue), rekeying is reliable. There is still data loss surrounding key installation - this problem is alluded to in IEEE Std 802.11-2016, 12.6.21, where extended Key ID support is described as the eventual solution. This patch aims to at least prevent rekeying from totally breaking the association, in a way that works on kernels as far back as 4.17 (as per Alexander Wetzel extended Key ID support should be possible on 5.2). See http://lists.infradead.org/pipermail/hostap/2019-May/040089.html for a little more context. Signed-off-by: Brendan Jackman <brendan.jackman@bluwireless.co.uk>
* nl80211: Control port over nl80211 helpersBrendan Jackman14 days4-0/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | | Linux kernel v4.17 added the ability to request sending controlled port frames (e.g., IEEE 802.1X controlled port EAPOL frames) via nl80211 instead of a normal network socket. Doing this provides the device driver with ordering information between the control port frames and the installation of keys. This empowers it to avoid race conditions between, for example, PTK replacement and the sending of frame 4 of the 4-way rekeying handshake in an RSNA. The key difference between the specific control port and normal socket send is that the device driver will certainly get any EAPOL frames comprising a 4-way handshake before it gets the key installation call for the derived key. By flushing its TX buffers it can then ensure that no pending EAPOL frames are inadvertently encrypted with a key that the peer will not yet have installed. Add a CONTROL_PORT flag to the hostap driver API to report driver capability for using a separate control port for EAPOL frames. This operation is exactly like an Ethernet send except for the extra ordering information it provides for device drivers. The nl80211 driver is updated to support this operation when the device reports support for NL80211_EXT_FEATURE_CONTROL_PORT_OVER_NL80211. Also add a driver op tx_control_port() for request a frame to be sent over the controlled port. Signed-off-by: Brendan Jackman <brendan.jackman@bluwireless.co.uk>
* driver: Remove unused send_ether() driver opJouni Malinen2020-01-053-28/+1
| | | | | | | | This was used only for FT RRB sending with driver_test.c and driver_test.c was removed more than five years ago, so there is no point in continuing to maintain this driver op. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: WPS Application Extension attributeJouni Malinen2020-01-041-0/+14
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Add application extension data to WPS IEBilal Hatipoglu2020-01-049-3/+53
| | | | | | | | | | | | | | Application Extension attribute is defined in WSC tech spec v2.07 page 104. Allow hostapd to be configured to add this extension into WPS IE in Beacon and Probe Response frames. The implementation is very similar to vendor extension. A new optional entry called "wps_application_ext" is added to hostapd config file to configure this. It enodes the payload of the Application Extension attribute in hexdump format. Signed-off-by: Veli Demirel <veli.demirel@airties.com> Signed-off-by: Bilal Hatipoglu <bilal.hatipoglu@airties.com>
* P2P: Move p2p_long_listen into struct wpa_globalJouni Malinen2020-01-043-18/+18
| | | | | | | | | | This variable is not specific to any P2P group interface and since it was already used through global->p2p_init_wpa_s, it is cleaner to simply move this to the global structure so that there is a single variable instead of per-interface variables and need to pick the correct interface. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Test p2p_long_listen longer than remain-on-channelBenjamin Berg2020-01-041-0/+16
| | | | | | | | This tests an error, where the p2p_long_listen information from the wrong device was used internally in wpa_supplicant when using the separate P2P Device interface. Signed-off-by: Benjamin Berg <bberg@redhat.com>
* P2P: Always use global p2p_long_listenBenjamin Berg2020-01-041-9/+10
| | | | | | | | | | | | | | | | The p2p_long_listen value was set on the control wpa_s struct while in a lot of cases it operated on the p2p struct. Explicitly use the global p2p_init_wpa_s struct in cases where we might not be operating on it already. Without this, simply starting a p2p_listen operation (e.g., using wpa_cli) will not work properly. As the p2p_long_listen is set on the controlling interface and wpas_p2p_cancel_remain_on_channel_cb() uses p2p_init_wpa_s, it would not actually work. This results in wpa_supplicant stopping listening after the maximum remain-on-channel time passes when using a separate P2P Device interface. Signed-off-by: Benjamin Berg <bberg@redhat.com>
* tests: PMF tests with not-protected disconnection using hostapdJouni Malinen2020-01-042-2/+127
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* nl80211: Use monitor interface for sending no-encrypt test framesJouni Malinen2020-01-042-0/+16
| | | | | | | | | | | | | | | Since NL80211_CMD_FRAME does not allow encryption to be disabled for the frame, add a monitor interface temporarily for cases where this type of no-encrypt frames are to be sent. The temporary monitor interface is removed immediately after sending the frame. This is testing functionality (only in CONFIG_TESTING_OPTIONS=y builds) that is used for PMF testing where the AP can use this to inject an unprotected Robust Management frame (mainly, Deauthentication or Disassociation frame) even in cases where PMF has been negotiated for the association. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Detect tshark regression in wpas_mesh_gate_forwardingJouni Malinen2020-01-041-0/+7
| | | | | | | | Skip this test case if the used tshark version has regression in mesh control field parsing: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15521 Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Initial GTK/IGTK RSC settingJouni Malinen2020-01-041-0/+101
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* Allow testing override for GTK/IGTK RSC from AP to STAJouni Malinen2020-01-046-1/+55
| | | | | | | | | | | | | The new hostapd gtk_rsc_override and igtk_rsc_override configuration parameters can be used to set an override value for the RSC that the AP advertises for STAs for GTK/IGTK. The contents of those parameters is a hexdump of the RSC in little endian byte order. This functionality is available only in CONFIG_TESTING_OPTIONS=y builds. This can be used to verify that stations implement initial RSC configuration correctly for GTK/ and IGTK. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: ROAM command failure casesJouni Malinen2020-01-031-0/+48
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* SME: Postpone current BSSID clearing until IEs are preparedJouni Malinen2020-01-031-6/+6
| | | | | | | | | | | | | sme_send_authentication() could fail before actually requesting the driver to authenticate with a new AP. This could happen after wpa_s->bssid got cleared even though in such a case, the old association is maintained and still valid. This can result in unexpected behavior since wpa_s->bssid would not match the current BSSID anymore. Fix this by postponing clearing of wpa_s->bssid until the IE preparation has been completed successfully. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: DFS with RRMJouni Malinen2020-01-031-1/+32
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* nl80211: Don't set offchan-OK flag if doing on-channel frame in AP modeBen Greear2020-01-031-4/+8
| | | | | | | | | | | | | | I saw a case where the kernel's cfg80211 rejected hostapd's attempt to send a neighbor report response because nl80211 flagged the frame as offchannel-OK, but kernel rejects because channel was 100 (DFS) and so kernel failed thinking it was constrained by DFS/CAC requirements that do not allow the operating channel to be left (at least in FCC). Don't set the packet as off-channel OK if we are transmitting on the current operating channel of an AP to avoid such issues with transmission of Action frames. Signed-off-by: Ben Greear <greearb@candelatech.com>