Jouni Malinen [Sat, 4 Nov 2023 16:14:41 +0000 (18:14 +0200)]
tests: Fix DPP test case skipping without CONFIG_DPP
dpp_config_legacy_gen_two_conf_psk and dpp_config_legacy_gen_two_conf
tried to set a DPP parameter before having verified that CONFIG_DPP was
used in the build.
Jouni Malinen [Sat, 4 Nov 2023 10:41:02 +0000 (12:41 +0200)]
tests: Wait before initiating DPP from thread in sigma_dut testing
Starting a thread to initiate DPP before starting the responder through
sigma_dut can result in unexpected testing behavior since there may not
be enough time to get the responder enabled before timing out som
initiator actions. Wait a second at the beginning of the initiator
thread in dpp_init_conf() similarly to how this was handled in other
initiator-from-thread cases.
Jouni Malinen [Sat, 4 Nov 2023 09:58:14 +0000 (11:58 +0200)]
DPP: Handle wpas_dpp_connected() processing in eloop callback
wpas_dpp_connected() is called from wpa_supplicant_set_state(), i.e.,
from the middle of processing of the post 4-way handshake steps. Sending
a DPP Public Action frame at that point can delay other operations, so
allow those steps to be completed first before sending out the DPP
connection status result.
Jouni Malinen [Sat, 4 Nov 2023 09:33:15 +0000 (11:33 +0200)]
tests: Avoid race condition in DPP GAS protocol testing
Responder receives Authentication Request and Config Request in a
sequence and it is possible for the Config Request to be received before
MGMT_RX_PROCESS has been processed for Authentication Request in the
cases where the test script is in the middle of RX processing. This can
result in DPP-AUTH-SUCCESS being delivered only after the MGMT-RX event
for Config Reques which means that wait_auth_success() would lose that
MGMT-RX event.
Avoid this issue by caching the "extra" MGMT-RX event within
wait_auth_success() and having the caller verify if the Config Request
(GAS Initial Request) has already been received before waiting to
receive it.
This makes dpp_gas, dpp_gas_comeback_after_failure, and
dpp_gas_timeout_handling more robust.
Jouni Malinen [Sat, 4 Nov 2023 09:11:46 +0000 (11:11 +0200)]
DPP: Start next auth init from driver event to avoid race condition
It looks like mac80211 ROC handling can end up postponing offchannel TX
operation by the previously started and already canceled wait time if
the new NL80211_CMD_FRAME is issued immediately after
NL80211_CMD_FRAME_WAIT_CANCEL. Make this more robust by waiting for the
driver event that indicates completion of the cancel operation (i.e.,
NL80211_CMD_FRAME_WAIT_CANCEL as an event) before issuing
NL80211_CMD_FRAME for another channel. If the driver event is not
received within 10 ms, start the operation anyway to avoid unexpected
behavior if there are drivers that do not end up notifying end of the
wait.
This fixes some issues with authentication initiation for cases where
multiple channels are iterated. This can also significantly speed up
that process.
Jouni Malinen [Sat, 4 Nov 2023 07:53:58 +0000 (09:53 +0200)]
tests: Handle race condition in eap_proto_md5_server
UML time travel allows the deauthentication event to be processed more
quickly than the delivery of EAP-Success to the client through the test
script, so accept either sequence here.
Jouni Malinen [Fri, 3 Nov 2023 20:59:33 +0000 (22:59 +0200)]
tests: Do not dump pending monitor events after connection
connect_network() tried to make test log more readable with a
dump_monitor() call at the end of the function. However, this could end
up practically dropping an event that arrives more or less immediately
after CTRL-EVENT-CONNECTED. This could happen with UML time travel,
e.g., in suite_b_192_pmksa_caching_roam.
Jouni Malinen [Fri, 3 Nov 2023 20:02:18 +0000 (22:02 +0200)]
Use os_reltime_initialized() for Michael MIC failure event
The first event could have theoretically been received with reltime
sec=0, so use the helper function to check whether the reltime value is
actually set so that the usec part is checked as well. This is not going
to have a difference in practice, but it was possible to hit this corner
case with mac80211_hwsim testing (ap_cipher_tkip_countermeasures_sta)
using UML and time travel.
Daniel Gabay [Wed, 24 May 2023 16:07:04 +0000 (19:07 +0300)]
defs: Enclose all structs between the pragmas
Many of the STRUCT_PACKED structs are not within the pragmas resulting
in wrong packing using MSVC. Fix it by moving pragma to EOF to ensure
proper packing.
Signed-off-by: Daniel Gabay <daniel.gabay@intel.com>
Co-developed-by: Bhagavathi Perumal S <quic_bperumal@quicinc.com> Signed-off-by: Bhagavathi Perumal S <quic_bperumal@quicinc.com> Signed-off-by: Vignesh C <quic_vignc@quicinc.com>
wpa_supplicant: Add channel 140 to ht40plus allowed list for mesh/IBSS
When channel 140 is configured in mesh, interface fails to come up due
to channel bond (136,140). Since Channel 136 is not HT40+ capable,
validation for HT channel bonding fails when it checks whether first
channel in the bond (channel 136) is HT40+ capable.
In mesh, during channel setup, secondary channel offset for the
configured channel will be selected as +1 if primary channel is capable
of HT40+. In current code, channel 140 is not allowed as HT40+ and hence
secondary channel offset is selected as -1, which makes 136 as secondary
channel. But channel 136 is not HT40+ supported and fails in channel
bonding validation.
Add 140 to HT40+ allowed list as HT40+ is supported for the channel.
Hu Wang [Thu, 2 Nov 2023 07:11:09 +0000 (00:11 -0700)]
OWE: Fix for entry->ssid possibly NULL dereference
Pointer entry->ssid might be passed to owe_trans_ssid_match() function
as argument 3 with NULL value, and it may be dereferenced there. This
looks like a theoretical case that would not be reached in practice, but
anyway, it is better to check entry->ssid != NULL more consistently.
Sebastian Priebe [Wed, 26 Apr 2023 13:22:02 +0000 (13:22 +0000)]
Only advertise MSCS and SCS in Association Request if supported by AP
Since wpa_supplicant version 2.10 the extended capabilities MSCS and SCS
are advertised in the (Re)Association Request frames.
This causes the association request to be rejected by several access
points. Issue was observed with:
- D-Link DIR600
- TP-Link AC1900
- Synology MR2200ac
To avoid this issue the extended capabilities MSCS and SCS shall only be
added if the bss also supports them. While this may not follow the exact
behavior described in IEEE 802.11, this is a reasonable compromise to
avoid interoperability issues since these capabilities cannot be used
with an AP that does not support them anyway.
Note: The Extended Capabilities element is only included in the
Association Request frames if the AP also sent its extended capabilities
(see wpas_populate_assoc_ies()) as a workaround for misbehaving APs.
This workaround exists since version 2.1.
Signed-off-by: Sebastian Priebe <sebastian.priebe@konplan.com>
Reduce delay between Association Request and Association Response
There is a delay between sending Association Response frame after having
received Association Request frame, due to the fact that between
receiving the request and sending the response the Beacon frame contents
is updated, after analyzing inputs from the STA. There may be several
updates if multiple fields need to change. This can cause issues with
some devices in noisy environments with many BSSs and connected STAs.
Optimize this by updating the beacon only once, even if there are
multiple reasons for updates.
Allen.Ye [Thu, 2 Nov 2023 11:53:11 +0000 (19:53 +0800)]
Check max number of TBTT info when adding Neighbor AP Information field
If the number of TBTT info is greater than RNR_TBTT_INFO_COUNT_MAX, the
new Neighbor AP Information field would need to be added in the RNR
element. However, the condition of adding Neighbor AP Information field
does not consider number of TBTT info. That would cause invalid Neighbor
AP Information field (the while loop will fill data by eid pointer) when
setting RNR element.
Michael-CY Lee [Wed, 1 Nov 2023 09:00:00 +0000 (17:00 +0800)]
hostapd: Avoid unnecessary Beacon frame update for co-location
When it comes to set some BSS's beacon, there are two reasons to
update the beacon of co-located hostapd_iface(s) at the same time:
1. 6 GHz out-of-band discovery
2. MLD operational parameters update
BSS load update is unrelated with the above two reasons, and therefore
is not the case to update beacon for co-location. Moreover, updating
beacon for co-location when BSS load update makes hostapd set beacon too
frequently, which makes hostapd busy setting beacon in a multi-BSS case.
Add a new function to update beacon only for current BSS and use the
function during BSS load update.
Signed-off-by: Michael Lee <michael-cy.lee@mediatek.com> Signed-off-by: Money Wang <money.wang@mediatek.com>
From IEEE 802.11:
The DSSS Parameter Set element is present within Beacon frames
generated by STAs using Clause 15, Clause 16, and Clause 18
PHYs.
The element is present within Beacon frames generated by STAs
using a Clause 19 PHY in the 2.4 GHz band.
Same is applied to the Probe Response frame.
Do not include the DSSS Parameters Set element when operating on other
bands.
Daniel Gabay [Thu, 2 Nov 2023 13:21:52 +0000 (15:21 +0200)]
common: Fix ieee802_11_rsnx_capab()
The function should return bool (0/1) and not int. In some environments
bool may be defined as unsigned char, so bits higher then 7 will be
discarded during the downcast. Fix it.
Signed-off-by: Daniel Gabay <daniel.gabay@intel.com> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Jouni Malinen [Thu, 2 Nov 2023 13:57:39 +0000 (15:57 +0200)]
tests: Work around race condition for TRANSITION-DISABLE processing
This event may be sent before CTRL-EVENT-CONNECTED, so modify the test
cases to wait directly for TRANSITION-DISABLE by skipping the separate
wait for CTRL-EVENT-CONNECTED.
Jouni Malinen [Thu, 2 Nov 2023 13:54:29 +0000 (15:54 +0200)]
tests: Fix sigma_dut interaction with multiple status lines
It is possible for the sigma_dut process to be scheduled in a manner
that ends up combining the status,RUNNING and status,COMPLETE lines into
a single TCP message. This was supposed to be handled in the
sigma_dut_cmd() implementations, but that design had been broken by code
refactoring that changed the indentation level incorrectly.
Fixes: d68946d510e5 ("tests: sigma_dut and DPP push button first on Enrollee") Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Jouni Malinen [Tue, 31 Oct 2023 13:51:30 +0000 (15:51 +0200)]
MBSSID: Fix Non-Inheritance element encoding
The List of Element ID Extensions field is not an optional field, so
include it in the Non-Inheritance element with Length=0 to indicate that
there is no Element ID Extension List.
Matthew Wang [Fri, 2 Jun 2023 22:15:11 +0000 (15:15 -0700)]
Scan 6 GHz channels after change to 6 GHz-allowed regdom
Drivers will often report regdom changes in the middle of a scan if they
detect during that scan that the regulatory domain has changed. If this
happens and we enter a regdom that supports 6 GHz channels when the
previous one didn't (this often happens in 6 GHz-capable regdoms for
devices after suspend/resume), immediately trigger a 6 GHz-only scan if
we were not able to connect to an AP on a legacy band.
This should significantly improve connection time to 6 GHz AP after
regdom has been reset.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Matthew Wang [Fri, 2 Jun 2023 22:15:10 +0000 (15:15 -0700)]
Parse 6 GHz capability from driver capabilities
Store 6 GHz capability on channel list update for wpa_supplicant use.
This will be used in the next commit to extend scanning behavior based
on changes to 6 GHz channel availability.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Matthew Wang [Fri, 2 Jun 2023 22:15:09 +0000 (15:15 -0700)]
nl80211: Fix uses_6ghz flag
Presence of any 6ghz channels indicates nl80211 driver 6 GHz support,
not non-DISABLED channels. This increases the timeout for scan
completion for cases where 6 GHz might get scanned even if all the
channel there are currently DISABLED.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Matthew Wang [Fri, 2 Jun 2023 22:15:08 +0000 (15:15 -0700)]
Use default IEs in wpa_supplicant_trigger_scan()
wpa_supplicant_trigger_scan() previously wouldn't include any of the IEs
generated by wpa_supplicant_extra_ies(). Instruct it to do so in most
cases. This is necessary because MBO STAs are required to include MBO
capabilities in their Probe Request frames.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Jouni Malinen [Tue, 31 Oct 2023 10:00:22 +0000 (12:00 +0200)]
tests: rrm_beacon_req_active_scan_fail to allow implementation change
Use more specific condition for the allocation failure to allow
wpa_supplicant_trigger_scan() implementation to be modified without
making this test case fail.
Jouni Malinen [Tue, 31 Oct 2023 09:54:40 +0000 (11:54 +0200)]
tests: Redesign bgscan_*_scan_failure to work with implementation change
Wait for allocation failure using wait_fail_trigger() instead of waiting
for a scan failure event since that failure event will go away with
implementation change.
Jouni Malinen [Mon, 30 Oct 2023 17:52:06 +0000 (19:52 +0200)]
OKC with Suite B AKMPs in hostapd
To support Opportunistic Key Caching for Suite B key management, KCK
needs to be stored on PMKSA to derive the new PMKID correctly when
processing reassociation from a STA to a new AP.
Vinoth V [Fri, 28 Apr 2023 04:37:39 +0000 (10:07 +0530)]
OKC with Suite B AKMPs in wpa_supplicant
To support Opportunistic Key Caching for Suite B key management, KCK
needs to be stored on PMKSA to derive the new PMKID correctly for the
new roaming AP.
Qiwei Cai [Mon, 29 May 2023 05:11:06 +0000 (13:11 +0800)]
P2P: Pass the known BSSID to the driver to optimize scan time
After GO negotiation is completed, the P2P Client needs to scan the GO
before connecting. Only SSID was specified for this and the driver still
might need to scan all channels which wastes time. wpa_supplicant can
pass the known BSSID in the scan request in additional P2P cases and
this allows the driver sto stop the scan once the specific BSSID is
found. This helps reduce some time for P2P connection.
Hu Wang [Thu, 26 Oct 2023 08:51:38 +0000 (01:51 -0700)]
nl80211: Skip interface down/up when setting MAC address
A driver may not support setting MAC address when interface is UP, so
wpa_supplicant used to always sets the interface down for MAC address
change.
Try to change the address first without setting the interface down and
then fall back to DOWN/set addr/UP if the first attempt failed. This can
reduce the interface setup time for time-critical use cases.
Kaidong Wang [Tue, 10 Oct 2023 19:52:02 +0000 (19:52 +0000)]
dbus: Add NonColoc6GHz and 6GHzOnly flags in wpa_supplicant scan
Handler function for "Scan" method call of a network device doesn't set
non_coloc_6ghz, therefore wpa_supplicant doesn't scan non-PSC channels
on 6GHz band only if a co-located AP was reported on the channel.
Add NonColoc6GHz and 6GHzOnly flags to the wpas_dbus_handler_scan, so
that dBus scan requests can cover non-PSC channels and scan only 6 GHz
channels.
Signed-off-by: Kaidong Wang <kaidong@chromium.org>
SME: MLD: Handle reconfiguration Multi-Link element
Parse the reconfiguration Multi-Link element and:
- Don't select a BSS for connection if it is part of an MLD
and is going to be removed.
- Don't scan for missing links that are to be removed.
- Don't include removed links in association.
Signed-off-by: Ilan Peer <ilan.peer@intel.com> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Add a control interface to trigger ML probes for testing purposes.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com> Signed-off-by: Ilan Peer <ilan.peer@intel.com> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Add support for building and sending ML probe requests. During connect,
try to send an ML probe request if we are going to connect to an MLD AP
and the BSS information for some of the links is missing.
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com> Signed-off-by: Ilan Peer <ilan.peer@intel.com> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Ilan Peer [Mon, 12 Jun 2023 19:59:48 +0000 (22:59 +0300)]
nl80211: Add support for minimal probe request content
Extend 'struct wpa_driver_scan_params' to allow higher layer to indicate
if minimal probe request content should be included by the driver as part
of the scan logic.
Implement this with driver_nl80211, by setting
NL80211_SCAN_FLAG_MIN_PREQ_CONTENT.
Jouni Malinen [Sun, 29 Oct 2023 08:49:43 +0000 (10:49 +0200)]
More consistent use of mesh peer connected/disconnected notification
Use the wpas_notify_mesh_peer_*() functions for sending the control
interface events in addition to the D-Bus events so that these are all
done consistently.
Nicolas Escande [Fri, 7 Jul 2023 13:37:18 +0000 (15:37 +0200)]
Fix MESH-PEER-DISCONNECTED message logic on control iface
When using mesh we have incoherent
MESH-PEER-CONNECTED/MESH-PEER-DISCONNECTED messages when we restart one
of the devices without disconnecting it first. Sometimes we have the
right behavior, a peer disconnect and then a peer connect, sometimes we
only have a a peer connected without a peer disconnected first, and
sometimes we have nothing at all.
As the plink count seem to be correctly tracked and because we only send
the connected event on plink count increase, lets send the peer
disconnected event on plink count decrease.
Signed-off-by: Nicolas Escande <nico.escande@gmail.com>
Nicolas Escande [Wed, 28 Jun 2023 12:17:04 +0000 (14:17 +0200)]
Respect disable_ht40/disable_vht/disable_he in AP/mesh mode
When using wpa_supplicant to connect to a mesh network or to create an
AP, the current code doesn't respect all CONFIG_XXX_OVERRIDES network
parameters, just disable_ht in CONFIG_HT_OVERRIDES.
Add support for some of the others modulation related disable flags:
- disable_ht40 with CONFIG_HT_OVERRIDES
- disable_vht with CONFIG_VHT_OVERRIDES
- disable_he with CONFIG_HE_OVERRIDES
Signed-off-by: Nicolas Escande <nico.escande@gmail.com>
Ben Greear [Thu, 27 Jul 2023 16:02:11 +0000 (09:02 -0700)]
WNM: Choose the best available BSS, not just the first one
This should allow STA to make better choice about which BSS to roam to.
Use estimated throughput as comparison value. Can improve the estimated
throughput calculation to improve this selection criteria if wanted in
the future.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Along with canceling queued scan, abort ongoing scan if any, this
ensures Wi-Fi interface is in usable state after disconnect is issued,
else subsequent scan after disconnect might fail with EBUSY.
Certain internet service providers transmit VLAN 0 priority tagged
EAPOL frames from the ONT towards the residential gateway. VID 0
should be ignored, and the frame processed according to the priority
set in the 802.1P bits and the encapsulated EtherType (i.e., EAPOL).
The pcap filter utilized by l2_packet_* is inadquate for this use case.
Here we modify the pcap filter on FreeBSD to accept both unencapsulated
and encapsulated (with VLAN 0) EAPOL EtherTypes. This preserves the
original filter behavior while also matching on encapsulated EAPOL.
Additional work is required to support this handling on other platforms.
We also modify the rx_receive handler to offset the packet buffer
and length when handling dot1q encapsulated frames so the existing
packet parsing code works as-is.
Signed-off-by: R. Christian McDonald <rcm@rcm.sh>
Sponsored by: Rubicon Communications, LLC ("Netgate")
Po-Hao Huang [Fri, 9 Jun 2023 09:26:43 +0000 (17:26 +0800)]
WNM: Lower rankings of current AP if disassociation imminent bit set
If the current AP advertises disassociation imminent, move it to the
back of the candidate list so we don't select it again while other
candidates are available.
Jouni Malinen [Sat, 28 Oct 2023 14:23:25 +0000 (17:23 +0300)]
P2P: Remove pending p2p-listen radio work on stopping listen
Some kind of race condition seemed to be hit at least in test sequence
"p2p_ext_vendor_elem_invitation pasn_comeback_after_0_sae" where the P2P
invitation response could have been received just after having scheduled
a new p2p-listen radio work, but before that work had been started. In
the case of accepted invitation, this could result in unnecessary extra
delay when that p2p-listen work ended up getting started at the exact
time that the local device was starting GO.
Avoid this race condition by removing the pending p2p-listen radio work
when P2P listen is stopped.
Johannes Berg [Mon, 25 Sep 2023 07:20:55 +0000 (09:20 +0200)]
tests: ap_open_poll_sta_no_ack: Fix mgmt-rx race
We need to wait for the MGMT-RX event before disabling
ext_mgmt_frame_handling again, otherwise we might be disabling it and
hostapd only receives the deauth frame after we already disable it,
defeating the purpose of the test.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 25 Sep 2023 07:20:54 +0000 (09:20 +0200)]
tests: ap_pmf: Wait for STA appropriately
With PMF, we cannot do even deauth unless we wait for the STA to have
fully connected on the AP side, the STA thinking it has isn't sufficient
since it immediately says so after M4. Add wait_sta() before disconnect,
and also before SA_QUERY.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 25 Sep 2023 07:20:53 +0000 (09:20 +0200)]
tests: pmksa_cache: Wait for STA on AP side before query
Before querying the PMKSA cache, wait for the STA to have appeared on
the AP side, otherwise scheduling differences may have us asking when
the STA thinks it's connected but the AP hasn't fully processed that.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 25 Sep 2023 07:20:52 +0000 (09:20 +0200)]
Don't disconnect on scan_freq update from control interface
It doesn't make sense to disconnect on updates to the
network's scan_freq, and in fact doing so causes some
(timing-/scheduling-dependent) test failures.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 25 Sep 2023 07:20:51 +0000 (09:20 +0200)]
tests: ap_tdls: Wait before connectivity checks
All processes need to have a bit of time to mark the kernel STAs
authorized, otherwise traffic may fail. Give them some time, and also
use check_connectivity() in connectivity() since it's the same check,
just different arguments.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 25 Sep 2023 07:20:50 +0000 (09:20 +0200)]
tests: Blocked rekey: Give slightly more time
Due to scheduling changes, we don't always now succeed to reconnect in
exactly 1 second, it might take 1.01. Give it 1.1 for a bit more leeway,
it's not clear why it should be exactly 1 second anyway.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 25 Sep 2023 07:20:48 +0000 (09:20 +0200)]
tests: ap_hs20: Add more wait_sta()
We should always wait_sta() so that we know we can even deauth next,
otherwise the key might not be installed yet by the time we try to
connect to the next AP.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 25 Sep 2023 07:20:46 +0000 (09:20 +0200)]
tests: autogo_legacy: Wait for 4-way handshake
We need to wait for the 4-way handshake to be completed on the GO side,
so the GO will actually have marked the station as authorized and will
forward packets.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 25 Sep 2023 07:20:45 +0000 (09:20 +0200)]
tests: RRM: Wait for AP STA before requests to AP
Before requesting anything about the specific STA from the AP wait for
it to show up, so that things don't fail if the hostapd process didn't
yet get time to process things.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 25 Sep 2023 07:20:44 +0000 (09:20 +0200)]
tests: PASN: Try get_ptksa() from AP a few times
We wait for the PASN auth to complete on the wpas side, but there's no
indication of this on the AP side. So if scheduling ordering is bad, we
can ask the AP for the PTKSA cache before it even received the frame
from the kernel and created the PTKSA entry.
To fix this, try this a few times, to see if it becomes available.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 25 Sep 2023 07:20:42 +0000 (09:20 +0200)]
tests: FT/RRM: Wait for STA before check_beacon_req()
check_beacon_req() will request from hostapd to request a beacon
report from the STA, but that only works if it already knows about
the STA. Due to scheduling issues, it may not know even if wpa_s
reports it has successfully connected, so also wait for the STA to
show up in hostapd before check_beacon_req().
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Mon, 25 Sep 2023 07:20:41 +0000 (09:20 +0200)]
tests: Wait for radio work to start after DPP_LISTEN command
Since DPP listen is a radio work, it doesn't start immediately and
then we can end up missing whatever happens next in the test. Wait
for the radio work to start before continuing the test.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Stefan Schake [Wed, 18 Oct 2023 09:21:38 +0000 (11:21 +0200)]
Ensure WDS is available on combined backhaul and fronthaul APs
It is valid to configure an AP to be both backhaul and
fronthaul (multi_ap=3), so we should not test for a missing
fronthaul flag but instead test directly for backhaul capability.
Signed-off-by: Stefan Schake <stefan.schake@devolo.de>
Jouni Malinen [Sat, 28 Oct 2023 08:31:42 +0000 (11:31 +0300)]
Check the need for SA Query earlier in association processing
The way these checks were done for WPS enabled APs were unnecessarily
complex and missed one of the cases. Simplify this by doing the check
only once and do that earlier in the process to minimize changes to STA
state.
Fixes: a7f55f7f68f1 ("WPS: Enable SA Query checks for WPS AP") Signed-off-by: Jouni Malinen <j@w1.fi>
Xinyue Ling [Thu, 8 Jun 2023 05:45:13 +0000 (13:45 +0800)]
Update correct VHT/HE/EHT mode in channel switch event
Currently if ch_switch_vht_config is present, only ieee80211ac config
will be updated in hostapd_config and ieee80211ax/ieee80211be config may
be wrong. Fix this by adding handlings for ch_switch_he_config and
ch_switch_eht_config as well.
Jouni Malinen [Wed, 25 Oct 2023 10:53:35 +0000 (13:53 +0300)]
tests: Remove exception for SAE MLD testing
hostapd now has support for SAE in MLD cases, so there is no need to
maintain this exception that allowed the test case to pass even if the
connection failed.
SAE: Remove current PMKSA from driver after reauth threshold is passed
wpa_supplicant postpones expired PMKSA deletion untillassociation is
lost for SAE to avoid forced disconnection. But during this time the
driver may use the expired PMKSA for reassociation with the current
connected AP.
Remove the current PMKSA for SAE from the driver after reauth threshold
is passed when the driver takes care of BSS selection.
Double the first group rekey timeout if over 100 associated stations
Increase the first group rekey timeout from 500 ms to 1000 ms when the
number of associated stations is greater than 100. This is to avoid
client disconnections due to group handshake timeout in multiclient
scenarios where it might take more than 500 ms to be able deliver Group
Key msg 1/2 to all associated STAs.
Signed-off-by: Sai Pratyusha Magam <quic_smagam@quicinc.com>
Aloka Dixit [Mon, 24 Jul 2023 23:16:25 +0000 (16:16 -0700)]
FILS: Fix NSS calculation for HE mode
Maximum NSS calculation for HE mode checks if both Tx and Rx support
a given NSS. Modify it to instead check if either of these two support
the given NSS.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Aloka Dixit [Mon, 24 Jul 2023 23:16:24 +0000 (16:16 -0700)]
FILS: Rename local variable to indicate HE mode
Rename the local variable mcs_nss_size to he_mcs_nss_size in
hostapd_fils_discovery_cap() and hostapd_gen_fils_discovery_nss()
to limit its usage to HE mode.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
projects / thirdparty / hostap.git / log
