3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-05 03:29:24 +01:00
Commit Graph

666 Commits

Author SHA1 Message Date
Andrew Zaborowski
e28243a584 autotests: Test ACD failure during connect
Previously we had an ACD failure scenario where a new client forces its
IP to create an IP conflict and an already-connected client detects the
conflict and reacts.  Now first test a scenario where a newly connecting
IWD client runs ACD before setting its statically configured IP, detects
a conflict and refuses to continue, then run the second scenario where
the newly connecting DHCP-configured client ignores the conflict and
starts ACD in defend-indefinitely mode and the older client in
defent-once mode gives up its IP.
2022-08-23 15:47:06 -05:00
Andrew Zaborowski
818ec70549 autotests: Fix class variables that should be object vars
Due to those variables being global (IWD class variables) calling either
unregister_psk_agent or del on one IWD class instance would unregister
all agents on all instances.  Move .psk_agents and two other class
variables to the object.  They were already referenced using "self."
as if they were object variables throughout the class.
2022-08-23 15:47:06 -05:00
Andrew Zaborowski
f6a890f5cb autotests: Fix testNetconfig ACD test
Part of static_test.py starts a second IWD instance and tries to make
it connect to the AP with the same IP address as the first IWD instance
which is already connected, to produce an IP conflict.  For this, the
second instance uses DHCP and the test expects the DHCP server to offer
the address 192.168.1.10 to it.  However in the current setup the DHCP
server manages to detect that 192.168.1.10 is in use and offers .11
instead.  Break the DHCP server's conflict detection by disabling ICMP
ping replies in order to fix the test.

Previously this has worked because the AP's and the DHCP server's
network interface is in the same network namespace as the first IWD
instance's network interface meaning that pings between the two
interfaces shouldn't work (a known Linux kernel routing quirk...).
I am not sure why those pings currently do work but take no chances and
disable ICMP pings.
2022-08-23 15:47:06 -05:00
James Prestwood
950624761c auto-t: remove bringing up lo interface
Several tests were setting lo up which is already done by
test-runner.
2022-08-22 12:53:16 -05:00
James Prestwood
4545f80e58 auto-t: update tests to use set_address/group_neighbors
This reduces the big blocks of copied code with a few function calls.
2022-08-22 12:53:16 -05:00
James Prestwood
3439d09817 auto-t: hostapd: add set_address/group_neighbors
This adds a few utilities for setting up an FT environment. All the
roaming tests basically copy/paste the same code for setting up the
hostapd instances and this can cause problems if not done correctly.

set_address() sets the MAC address on the device, and restarts hostapd
group_neighbors() takes a list of HostapdCLI objects and makes each a
    neighbor to the others.

The neighbor report element requires the operating class which isn't
advertised by hostapd. For this we assume operating class 81 but this
can be set explicitly if it differs. Currently no roaming tests use
5/6GHz frequencies, and just in case an exception will be thrown if
the channel is greater than 14 and the op_class didn't change.
2022-08-22 12:53:16 -05:00
James Prestwood
41ce56bf0d auto-t: fix unreliable behavior in testPSK-roam
The packet loss test had a few problems. First being that the RSSI for
the original BSS was not low enough to change the rank. This meant any
roam was just lucky that the intended BSS was first in the results.

The second problem is timing related, and only happens on UML. Disabling
the rules after the roaming condition sometimes allows IWD to fully
roam and connect before the next state change checks.
2022-08-22 12:53:16 -05:00
James Prestwood
fb76a4ef13 auto-t: add packet loss test to testPSK-roam
A new test which blocks all data frames once connected, then tries
to send 100 packets. This should result in the kernel sending a
packet loss event to userspace, which IWD should react to and roam.
2022-08-16 15:30:03 -05:00
James Prestwood
1e1a6d6754 auto-t: add generic tx_packet function
This sends data over the raw sockets similar to test_ifaces_connected
2022-08-16 15:29:59 -05:00
James Prestwood
7d6a38de93 auto-t: iwd.py: let IWD class specify developer mode 2022-07-26 13:11:39 -05:00
Andrew Zaborowski
d58e754344 autotests: Also validate correct hostname sent over DHCPv4 2022-07-12 12:47:09 -05:00
Andrew Zaborowski
187706c348 autotests: DHCPv4 renewal/resend test in testNetconfig
Test that the DHCPv4 lease got renewed after the T1 timer runs out.
Then also simulate the DHCPREQUEST during renew being lost and
retransmitted and the lease eventually getting renewed T1 + 60s later.

The main downside is that this test will inevitably take a while if
running in Qemu without the time travel ability.

Update the test and some utility code to run hostapd in an isolated net
namespace for connection_test.py.  We now need a second hostapd
instance though because in static_test.py we test ACD and we need to
produce an IP conflict.  Moving the hostapd instance unexpectedly fixes
dhcpd's internal mechanism to avoid IP conflicts and it would no longer
assign 192.168.1.10 to the second client, it'd notice that address was
already in use and assign the next free address, or fail if there was
none.  So add a second hostapd instance that runs in the main namespace
together with the statically-configured client, it turns out the test
relies on the kernel being unable to deliver IP traffic to interfaces on
the same system.
2022-07-12 12:47:09 -05:00
James Prestwood
ac8e9f53f2 auto-t: add client test to testAP
Tests iwctl functionality with ap commands
2022-06-30 13:38:02 -05:00
James Prestwood
d1c5e42ae2 auto-t: refactor testAP to reuse code
All the AP tests were basically doing the same validation. Refactor
this code into validation.py and import that into the tests.
2022-06-30 13:38:02 -05:00
James Prestwood
0d953f22e4 auto-t: add client test to testDPP
Tests iwctl functionality with dpp commands
2022-06-30 13:38:02 -05:00
James Prestwood
d6c129a30b auto-t: add client test to testAdHoc
Tests iwctl functionality with ad-hoc commands
2022-06-30 13:38:02 -05:00
James Prestwood
ac2aee288f auto-t: add client test to testEAP-WPS
Tests iwctl functionality with wsc commands
2022-06-30 13:38:02 -05:00
James Prestwood
d127c5b997 auto-t: add client test to testKnownNetworks
Tests iwctl functionality with known-networks command
2022-06-30 13:38:02 -05:00
James Prestwood
de1f078897 auto-t: iwd.py: add DPP properties 2022-06-30 13:38:02 -05:00
James Prestwood
5b58390b8d auto-t: fix unpredictability/pointless test from testAgent
testAgent had a few tests which weren't reliable, and one was not
actually testing anything, or at least not what the name implied it
should be testing.

The first issue was using iwctl in the first place. There is not a
reliable way to know when iwctl has registered its agent so relying on
that with a sleep, or waiting for the service to become available isn't
100% fool proof. To fix this use the updated PSKAgent which allows
multiple to be registered. This ensures the agent is ready for requests.
This test was also renamed to be consistent with what its actually
testing: that IWD uses the first agent registered.

This removes test_connection_with_other_agent as well because this test
case is covered by the client test itself. There is no need to re-test
iwctl's agent functionality here.
2022-06-29 13:18:29 -05:00
James Prestwood
01ae1a9d88 auto-t: allow multiple PSKAgent's to be registered
By creating a new bus connection for each agent we can register multiple
with IWD. This did mean the agent interface needs to be unique for each
agent (removing _agent_manager_if) as well as tracking multiple agents
in a list.
2022-06-29 13:18:00 -05:00
Andrew Zaborowski
b878be31ae autotests: In testNetconfig verify routes from RIOs
Verify that IWD with NetworkConfigurationEnabled creates the off-link
routes for Route Information Options in the Router Advertisements.
2022-06-27 13:11:28 -05:00
James Prestwood
cfb782cfff auto-t: remove sleep in testAgent
The test here is verifying that a DBus Connect() call will still
work with 'other' agents registered. In this case it uses iwctl to
set a password, then call Connect() manually.

The problem here is that we have no way of knowing when iwctl fully
starts and registers its agent. There was a sleep in there but that
is unreliable and we occationally were still getting past that without
iwctl having started fully.

To fix this properly we need to wait for iwctl's agent service to appear
on the bus. Since the bus name is unknown we must first find all names,
then cross reference their PID's against the iwctl PID. This is done
using ListNames, and GetConnectionUnixProcessID APIs.
2022-06-24 18:11:49 -05:00
James Prestwood
267feb94b0 auto-t: fix rekey/reauth logic in a few ways
The rekey/reauth logic was broken in a few different ways.

For rekeys the event list was not being reset so any past 4-way
handshake would allow the call to pass. This actually removes
the need for the sleep in the extended key ID test because the
actual handshake event is waited for correctly.

For both rekeys and reauths, just waiting for the EAP/handshake
events was not enough. Without checking if the client got
disconnected we essentially allow a full disconnect and reconnect,
meaning the rekey/reauth failed.

Now a 'disallow' array can be passed to wait_for_event which will
throw an exception if any events in that array are encountered
while waiting for the target event.
2022-06-24 18:11:33 -05:00
James Prestwood
53e8bf4cb0 auto-t: fix testEncryptedProfiles mtime check
Yet another weird UML quirk. The intent of this tests was to ensure
the profile gets encrypted, and to check this both the mtime and
contents of the profile were checked.

But under UML the profile is copied, IWD started, and the profile
is encrypted all without any time passing. The (same) mtime was
then updated without any changes which fails the mtime check.

This puts a sleep after copying the profile to ensure the system
time differs once IWD encrypts the profile.
2022-06-24 18:11:15 -05:00
James Prestwood
1ecadc3952 test-runner: fix UML blocking on wait_for_socket/service
In UML if any process dies while test-runner is waiting for the DBus
service or some socket to be available it will block forever. This
is due to the way the non_block_wait works.

Its not optimal but it essentially polls over some input function
until the conditions are met. And, depending on the input function,
this can cause UML to hang since it never has a chance to go idle
and advance the time clock.

This can be fixed, at least for services/sockets, by sleeping in
the input function allowing time to pass. This will then allow
test-runner to bail out with an exception.

This patch adds a new wait_for_service function which handles this
automatically, and wait_for_socket was refactored to behave
similarly.
2022-06-24 18:11:10 -05:00
James Prestwood
d7136483c3 auto-t: fix timing issue in testEncryptedProfiles
test_decryption_failure is quite simple and only verifies that a known
network exists after starting. This causes the test to end before IWD can
fully start up leaving the DBus utilities in limbo having not fully
initialized.

Then, on the next test, stale InterfaceAdded signals arrive (for Station
and P2P) which throw exceptions when trying to get the bus (since IWD is
long gone). In addition the next IWD instance has started so any paths
included in the InterfaceAdded signals are bogus and cause additional
exceptions.

At the end of this test we can call list_devices() which will wait for
the InterfaceAdded signal, and cleanly exit afterwards.
2022-06-22 18:42:40 -05:00
James Prestwood
f4279ebf53 auto-t: fix hardcoded 'wlan1' in testNetconfig
This works, if testNetconfig is the only test. Otherwise it will always
fail since the interface naming increments for each test.
2022-06-22 18:37:15 -05:00
James Prestwood
72fac7f1b8 auto-t: rename testHiddenNetwork's test class
This was copy pasted from the autoconnect test, and depending on
how the python module cache is ordered can incorrectly use the
wrong test class. This should nothappen because we insert
the paths to the head of the list but for consistency the class
should be named something that reflects what the test is doing.
2022-06-22 18:37:15 -05:00
Andrew Zaborowski
2c0bb06d1a auto-t: Verify DNS entries added from DHCP/static
Add a fake resolvconf executable to verify that the right nameserver
addresses were actually committed by iwd.  Again use unique nameserver
addresses to reduce the possibility that the test succeeds by pure luck.
2022-06-22 15:57:36 -05:00
Andrew Zaborowski
c4fe900a71 auto-t: In testNetconfig verify routes created
Check that the right set of routes is being added for IPv4 and IPv6.
Chane gateway addresses to differ from the AP or dhcpd addresses.
2022-06-22 15:57:22 -05:00
Andrew Zaborowski
c65b2ec317 auto-t: In testNetconfig add static IPv6, add comments
In static_test.py add IPv6.  Add comments on what we're actually testing
since it wasn't very clear.  After the expected ACD conflict detection,
succeed if either the lost address was removed or the client disconnected
from the AP since this seems like a correct action for netconfig to
implement.
2022-06-22 15:57:09 -05:00
Andrew Zaborowski
a46707a595 auto-t: Ensure storage_dir exists, clean up
In iwd.py make sure all the static methods that touch IWD storage take the
storage_dir parameter instead of hardcoding IWD_STORAGE_DIR, and make
sure that parameter is actually used.

Create the directory if it doesn't exist before copying files into it.
This fixes a problem in testNetconfig where

`IWD.copy_to_storage('ssidTKIP.psk', '/tmp/storage')`

would result in /tmp/storage being created as a file, rather than a
directory containing a file, and resulting in IWD failing to start with:

`Failed to create /tmp/storage`

runner.py creates /tmp/iwd but that doesn't account for IWD sessions
with a custom storage dir path.
2022-06-22 15:56:57 -05:00
Andrew Zaborowski
57888632a3 auto-t: Validate netmasks in testNetconfig, add utility
Extend test_ip_address_match to support IPv6 and to test the
netmask/prefix length while it reads the local address since those are
retrieved using the same API.

Modify testNetconfig to validate the prefix lengths, change the prefix
lengths to be less common values (not 24 bits for IPv4 or 64 for IPv6),
minor cleanup.
2022-06-22 15:56:35 -05:00
Andrew Zaborowski
8237264848 autotests: Drop unused file+directory 2022-06-17 14:13:33 -05:00
Andrew Zaborowski
cb6289b622 auto-t: Work around wpa_s config issue in testP2P
Since commit 922fa099721903b106a7bc1ccd1ffe8c4a7bce69 in hostap, our
setting of config_methods on P2P-client interface was ignored.  Work
around that commit, in addition to the previous workaround we have in
this test, to again ensure the correct config_methods value is used.
2022-06-06 10:39:00 -05:00
James Prestwood
0545dbcf24 auto-t: remove ifconfig call from testScan
ifconfig isn't available by default in several linux distros
so instead use 'ip' which seems to be much more widespread.
2022-06-03 11:59:07 -05:00
James Prestwood
df46776046 auto-t: allow skipping tests is wpa_supplicant is not found
Similarly to ofono/phonesim allow tests to be skipped if wpa_supplicant
is not found on the system.

This required some changes to DPP/P2P where Wpas() should be called first
since this can now throw a SkipTest exception.

The Wpas class was also made to allow __del__ to be called without
throwing additional exceptions in case wpa_supplicant was not found.
2022-06-02 16:47:02 -05:00
James Prestwood
1296e4eacb auto-t: allow wildcard phase1 for EAP tests
This allows the EAP tests to pass, but the fix really needs to be in
hostapd itself. Hostapd currently tries to lookup the EAP session
immediately after receiving EAPOL_REAUTH. This uses the identity
it has stored which, in the case of PEAP/TTLS, will always be a phase2
identity. During this initial lookup hostapd hard codes the identity
to be phase1 which is not true for PEAP/TTLS, and the lookup fails.
2022-06-01 11:02:01 -05:00
James Prestwood
e2aca6e917 auto-t: correctly import Mapping from collections
The current way this was being done was to import collections and
use collections.Mapping. This has been deprecated since python 3.3
but has worked up until python 3.10. After python 3.10 this will
no longer work, and Mapping must be imported from collections.abc.
2022-06-01 11:01:50 -05:00
James Prestwood
7290989e15 auto-t: add EAP reauth to testEAP 2022-05-26 11:24:56 -05:00
James Prestwood
a18c6e10a7 auto-t: fix eapol_reauth utility
This was passing IFNAME= along with EAPOL_REAUTH which does not work
in the context of a hostapd socket where the iface is already implied.
This fixes that issue as well as resets the events array and actually
waits for the required events afterwards.
2022-05-26 11:24:52 -05:00
James Prestwood
0e77e33a4d auto-t: fix testRSSIAgent after signal agent changes
The signal agent notifications were changed which breaks this test.
Specifically commit ce227e7b94 sends a notification when connected
which breaks the 'agent.calls' check. Since this check is done both
after connecting and once already connected the initial value may
be 1 or 0. Because of this that check was removed entirely.
2022-05-25 15:00:06 -05:00
James Prestwood
e000eff492 auto-t: use copy_to_storage in address randomization test
This test was just piping the PSK files into /tmp/iwd/ssidCCMP.psk
which is a bit fragile if the storage dir was ever to change. Instead
use copy_to_storage and the 'name' keyword to copy the file.
2022-05-25 15:00:06 -05:00
Denis Kenzior
503ce2e488 auto-t: Use NameResolvingService=none
Since this test isn't actually running name resolving service of any
kind, use NameResolvingService=none to quiet down the logs.
2022-05-20 10:15:17 -05:00
Denis Kenzior
f3c633e222 auto-t: Add EAPoL spoofing test
Make sure that unencrypted EAPoL packets received after the initial
handshake is complete do not break the connection.
2022-05-11 17:23:54 -05:00
Denis Kenzior
e44ccf3daa auto-t: Rework spoofing code
Use scapy library which allows one to easily construct and fudge various
network packets.  This makes constructing spoofed packets much easier
and more readable compared to hex-encoded, hand-crafted frames.
2022-05-11 17:20:30 -05:00
Denis Kenzior
2019823443 auto-t: Fix TA/BSSID addresses of spoofed disassoc
The TA/BSSID addresses of spoofed disassociate frames were set
incorrectly.  They should be using the 02:00:00:XX:XX:XX address, but
instead were being converted over to 42:00:00:XX:XX:XX address
2022-05-11 14:05:51 -05:00
James Prestwood
5caeb82d61 auto-t: disable update_config for testDPP
update_config=1 lets wpa_supplicant write config changes
to the config file. In the real world this is what you want
so your DPP credentials are persistant. But for testing this
is not correct since multiple tests use the same config file
and expect it to be pristine.

Occationally wpa_supplicant was connecting to the AP without
running DPP because the config already had the network
credentials.
2022-04-15 12:17:29 -05:00
James Prestwood
1a903001f9 auto-t: cleanup the few uses of is_verbose
These were used outside of run-tests in a couple places. Replace
these with Process.is_verbose()
2022-04-06 14:47:32 -05:00