aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* tests: sigma_dut controlled SAE H2E AP misbehavior with RSNXEHEADpendingmasterJouni Malinen23 hours1-0/+35
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: SAE H2E and RSNXE mismatch in EAPOL-Key msg 3/4Jouni Malinen23 hours1-0/+33
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE H2E: RSNXE override in EAPOL-Key msg 3/4Jouni Malinen23 hours6-11/+54
| | | | | | | | This new hostapd configuration parameter rsnxe_override_eapol=<hexdump> can be used to override RSNXE value in EAPOL-Key msg 3/4 for testing purposes. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: sigma_dut controlled SAE H2E misbehavior with RSNXEJouni Malinen27 hours1-0/+30
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: SAE H2E and RSNXE mismatch (AP detecting)Jouni Malinen28 hours1-0/+57
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE H2E: RSNXE override for testing purposesJouni Malinen28 hours5-0/+55
| | | | | | | | "SET rsnxe_override_{assoc,eapol} <hexdump>" can now be used to override RSNXE in (Re)Association Request frames and EAPOL-Key msg 2/4 for testing purposes. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: sigma_dut controlled SAE H2E misbehavior with rejected groupsJouni Malinen40 hours1-0/+30
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: SAE H2E and rejected groups indication (unexpected group)Jouni Malinen40 hours1-0/+24
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE: Reject invalid rejected group report in SAE commit explicitly (AP)Jouni Malinen40 hours1-1/+1
| | | | | | | | | Previously, this case was ignored silently in AP mode. While that could be a reasonable approach for an unexpected condition, it would be fine to reject this case explicitly as well. This makes it somewhat easier to test unexpected SAE H2E vs. looping behavior. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE H2E: Fix validation of rejected groups listJouni Malinen40 hours2-2/+2
| | | | | | | check_sae_rejected_groups() returns 1, not -1, in case an enabled group is rejected. The previous check for < 0 could not have ever triggered. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE H2E: Testing option to report extra rejected groupsJouni Malinen40 hours3-8/+51
| | | | | | | | "SET extra_sae_rejected_groups <groups>" can now be used to enable test mode in which wpa_supplicant will report additional groups (configured as space separated integers) when using SAE H2E. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: sigma_dut controlled SAE H2E misbehavior with looping forcedJouni Malinen47 hours1-0/+29
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: SAE PWE derivation with H2E-only AP and STA forcing loopJouni Malinen47 hours1-0/+11
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE: Reject unexpected Status Code in SAE commit explicitly (AP)Jouni Malinen47 hours1-2/+4
| | | | | | | | | Previously, this case was ignored silently in AP mode. While that could be a reasonable approach for an unexpected condition, it would be fine to reject this case explicitly as well. This makes it somewhat easier to test unexpected SAE H2E vs. looping behavior. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE: Testing option to ignore H2E requirement mismatchJouni Malinen47 hours3-0/+11
| | | | | | | | | "SET ignore_sae_h2e_only 1" can now be used to configurate wpa_supplicant to a test mode where it ignores AP's H2E-required advertisement and try to connect with hunt-and-pecking loop instead. This is used only for testing AP behavior with unexpected STA behavior. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Fix memory leak in ACS offload operationAnkita Bajaj3 days1-0/+1
| | | | | | | freq_list is built in allocated heap memory and it needs to be freed before returning from this function. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* ACS: Remove redundant ch_list parameters from do_acs interfaceAnkita Bajaj3 days3-18/+46
| | | | | | | | | | | | Clean up do_acs interface to not pass ch_list to drivers as the same information is available in freq_list. The channel numbers are duplicated between 2.4 GHz and 5 GHz bands and the 6 GHz band. So, use the QCA_WLAN_VENDOR_ATTR_ACS_CH_LIST to populate only 2.4 GHz and 5 GHz channels to ensure backwards compatibility with old drivers which do not have support to decode the newer QCA_WLAN_VENDOR_ATTR_ACS_FREQ_LIST attribute. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DFS: Don't handle DFS ops for 6 GHz channelsAnkita Bajaj3 days1-0/+3
| | | | | | | Skip DFS checks and CAC operation for 6 GHz channels. AFC checks will be added for 6 GHz channels later. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* 6 GHz: Do not check for HT capability on 6 GHz channelsAnkita Bajaj3 days1-0/+3
| | | | | | | HT capability check is not required when starting AP on 6 GHz band as only HE operation mode is allowed in the 6 GHz band. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: DPP bootstrapping via NFC URI recordJouni Malinen3 days2-2/+29
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP: Bootstrapping via NFC URI RecordJouni Malinen3 days8-13/+88
| | | | | | | | | | | | | | | | | | | | | This extends hostapd and wpa_supplicant DPP implementation to allow the bootstrapping URI to be generated for and parsed from an NFC Tag with an NFC URI Record. This is similar to the way the bootstrapping URI is used with QR Code for unidirectional authentication. The DPP_BOOTSTRAP_GEN command uses "type=nfc-uri" to request the URI to be assigned for NFC URI Record. In practice, the URI is generated identically to the QR Code case, but the internal entry maintains the NFC-URI type. A new command "DPP_NFC_URI <uri>" can now be used to parse the URI read from an NFC Tag with the NFC URI Record. This is similar to the DPP_QR_CODE command. Other commands (mainly, DPP_LISTEN and DPP_AUTH_INIT) are used for NFC URI in the same way as they are used for QR Code. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Sync with mac80211-next.git include/uapi/linux/nl80211.hJouni Malinen3 days1-0/+34
| | | | | | This brings in nl80211 definitions as of 2019-11-08. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: hostapd global control interface and per-interface eventsJouni Malinen6 days1-0/+11
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Extend hostapd to support setband to driver via QCA vendor commandHu Wang6 days2-0/+37
| | | | | | | | | Commit 844dfeb804af ("QCA vendor command support to set band to driver") added a vendor command to pass 'SET setband' command information to the driver in wpa_supplicant. Add similar changes to hostapd control interface. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* hostapd: Register wpa_msg callback even if only global ctrl_iface is usedVeerendranath Jakkam6 days1-0/+4
| | | | | | | | | | | | Previously, wpa_msg_register_cb() was called only from successful completion of per-interface control interface initialization. This would leave the callback unregistered in case only the global control interface is used which would result in not delivering control interface events on the global interface. Fix this by registering the callback handler also from successful initialization of the global control interface. Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
* hostapd: Extend global control interface notificationsVeerendranath Jakkam6 days1-32/+58
| | | | | | | | | | | | | | Previously, hostapd sent only WPA_MSG_ONLY_GLOBAL type notifications to the global control interface and all other notifications to per-interface control interface. Extend this by making it similar to wpa_supplicant global control interface notifications handling. With this hostapd now sends all notifications except WPA_MSG_NO_GLOBAL to the global control interface. In addition, WPA_MSG_PER_INTERFACE type messages will be prefixed with "IFNAME=<interface name> " while sending to the global control interface to indicate that the message is interface specific. Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
* tests: sae_pwe parameter in PSK-only-APJouni Malinen10 days1-0/+8
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE H2E: Do not use sae_h2e param in AP mode if SAE is disabledJouni Malinen10 days3-5/+11
| | | | | | | | | | | Previously, nonzero sae_h2e parameter values were used to perform SAE H2E specific operations (deriving PT, adding RSNXE, adding H2E-only BSS membership selector) in AP mode even if SAE was not enabled for the network. This could result in unexpected behavior if sae_pwe=1 or sae_pwe=2 were set in the configuration. Fix this by making the SAE operations conditional on SAE being actually enabled. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: Clear sae_pwe at the end of sigma_dut test casesJouni Malinen10 days1-0/+3
| | | | | | | | sigma_dut does not clear sae_pwe value when the command line argument "-2" is used, so we need to explicitly clear this from wpa_supplicant at the end of the test case. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: Advertise UTF-8 SSID in DPP-provisioned APJouni Malinen10 days1-0/+1
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: DPP ssid_charset/ssid64Jouni Malinen10 days2-1/+20
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP2: Report received ssid_charset as DPP-CONFOBJ-SSID-CHARSET eventJouni Malinen10 days2-0/+4
| | | | | | | This provides the SSID character set, if specified, to upper layers on station Enrollee. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP2: ssid64/ssid_charset in ConfiguratorJouni Malinen10 days2-2/+21
| | | | | | | This allows Configurator to be configured to use the ssid64 option in the discovery object for a station Enrollee. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP2: Add parsing of ssid64/ssid_charset in Config ObjectJouni Malinen10 days2-14/+41
| | | | | | | The discovery object is now allowed to use either the UTF-8 encoded string ssid or base64url encoded ssid64. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP: Use JSON token builder helpersJouni Malinen10 days1-96/+108
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* JSON: Add helper functions for building tokensJouni Malinen10 days2-0/+87
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Clean up base64_{encode,decode} pointer typesJouni Malinen10 days19-77/+65
| | | | | | | | Allow any pointer to be used as source for encoding and use char * as the return value from encoding and input value for decoding to reduce number of type casts needed in the callers. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Clean up base64_url_{encode,decode} pointer typesJouni Malinen11 days4-38/+26
| | | | | | | | Allow any pointer to be used as source for encoding and use char * as the return value from encoding and input value for decoding to reduce number of type casts needed in the callers. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Simplify base64_url_encode() prototypeJouni Malinen11 days3-11/+11
| | | | | | | | There is no use case for adding padding into the base64url encoded strings, so remove the unneeded add_pad argument that was hardcoded to 0 in all callers. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* DPP2: Replace connectionStatus object ssid with ssid64Jouni Malinen11 days1-11/+14
| | | | | | | The UTF-8 encoded ssid string was replaced with base64url encoded ssid64 string, so update the implementation to match. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: sigma_dut control of SAE PWEJouni Malinen14 days1-1/+197
| | | | Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* tests: Update SAE H2E test case to match SSWU parameter z changeJouni Malinen2019-11-231-58/+58
| | | | | | | Update the test vector based on 11-19-1817-02-000m-hash-to-curve-changes.docx Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* SAE H2E: Update SSWU curve-specific parameter z valuesJouni Malinen2019-11-231-4/+10
| | | | | | | Update the values based on 11-19-1817-02-000m-hash-to-curve-changes.docx Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* WMM: Do not modify input TSPEC buffer during processingJouni Malinen2019-11-231-3/+5
| | | | | | | | | | | | | | | | | The WMM TSPEC processor used the input buffer for processing the request and building the response. This was fine for the FT case, but for the WMM Action frame case, the input buffer is marked const, so it should not really be modified. This modification could not really cause any noticeable harm, but it can result in error reports from fuzzing and potentially even from some static analyzers. Fix this by marking the input arguments const more consistently (the parsed IE was able to drop the const) and copy the const input data to a temporary buffer for processing and modification instead of allowing the input data to be modified. Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19050 Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Remove a multi-line test descriptionJouni Malinen2019-11-231-4/+1
| | | | | | | | The previous description of wmediumd_scan_only_one used multiple lines and that resulted in parallel-vm.py miscounting total number of test cases. Fix that by getting rid of the newlines from the description. Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: Fix 'unexpected exit' detection in parallel-vm.pyJouni Malinen2019-11-231-3/+8
| | | | | | | | | | | Now that parallel-vm.py is actually stopping VMs as soon as they are not needed for retries, it is not really an unexpected exit to see a VM exit while test cases remain in the queue as long as at least that many VMs remain running. Get rid of confusing 'unexpected exit' status from the UI in such cases. Fixes: 4aaddecdd85a ("tests: Handle test retries through the same queue") Signed-off-by: Jouni Malinen <j@w1.fi>
* tests: ap_hs20_cred_and_no_roaming_consortium to match implementationJouni Malinen2019-11-171-1/+1
| | | | | | | | Now that wpa_supplicant was modified to use NAI realm query even if roaming_consortium is set, this test case is actually able to find a match. Update it to avoid cause incorrect test failures. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* HS2.0: Skip check for roaming_consortium for NAI realm queryPurushottam Kushwaha2019-11-171-1/+1
| | | | | | | | | | | | | | | | | | Previously ANQP fetch considered NAI realm query only when cred block did not specify roaming_consortium to optimize ANQP operations (NAI realm list can have a very long value). In certain cases, both NAI realm and roaming_consortium are configured in credential block and this resulted in ANQP fetch for NAI realm not being initiated. That could result in not being able to select the highest priority available credential/network. Remove roaming_consortium check for NAI realm query inclusion in ANQP request so that we will request NAI realm information whenever it can result in matching additional networks. This makes the ANQP queries more costly in some cases, but the additional information is needed for correct behavior in network selection. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* P2P: Fix listen state machine getting stuck in send_action() scheduled caseHu Wang2019-11-131-0/+1
| | | | | | | | | | | | | | | | | | | | | | | Commit 947b5a1532f9 ("P2P: Stop listen state if Action frame TX is needed on another channel") added an optimization for P2P response transmission in certain concurrent operation cases. However, it did not take into account possibility of the driver not being in listen state (p2p->drv_in_listen == 0) and could end up getting stuck with the P2P state machine in a manner that made the device not listen for following messages. This showed up in following manner in the debug log: P2P: Starting short listen state (state=SEARCH) P2P: Driver ended Listen state (freq=2437) process received frame and send a response P2P: Stop listen on 0 MHz to allow a frame to be sent immediately on 2437 MHz P2P: Clear timeout (state=SEARCH) --> state machine stuck Fix this by adding drv_in_listen > 0 condition for the optimization to stop the listen operation in send_action() resulting in scheduled TX. Fixes: 947b5a1532f9 ("P2P: Stop listen state if Action frame TX is needed on another channel") Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* hostapd: Update DFS status in VHT80+80 modeLei Wang2019-11-101-0/+11
| | | | | | | | | | | Update center frequency and center frequency2's DFS channel status in VHT80+80 mode. Otherwise it will cause AP failed to start on a DFS channel. Tested: qca9984 with firmware ver 10.4-3.10-00047 Signed-off-by: Rick Wu <rwu@codeaurora.org> Signed-off-by: Lei Wang <leiwa@codeaurora.org>