From patchwork Tue Feb 27 18:33:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13574275 Received: from mail-qt1-f175.google.com (mail-qt1-f175.google.com [209.85.160.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A4277339BC for ; Tue, 27 Feb 2024 18:34:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.175 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058865; cv=none; b=IqoCzwAKt8tJyjy86jQ5w0hvsLzreYG+tUB26w/YdSD5twySzmLJRlQt7vLo46B26gzEqSYCjukjXvJ9q3Sl5dQXLWF7VR/9aTsZC0UVSxbNI6lPKyF6+xYOxPh7ZvWEL/CPaUSJpL5uJ90YkQ9hOgP5O2flY8yicPoL+34F3rc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058865; c=relaxed/simple; bh=hxuOAU7yZ4d/QaaxY5YH52JxNDXskqN1t1jBqT4UNss=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version; b=h9F8SWm+u0vYQS1IXCROntJAB/wMReFZYr3BPP8dsoFar8spD8JYKWA4P42PZEUxiIUtU39+XSa19CozDJT+yEOrcDploabpsohShGPlwpNI13hzirCRlFr1B6b82qm5lpywO0rksGq9v0OYGPEQCmGDX/zH168FK32lg5iJa40= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=EbMmubah; arc=none smtp.client-ip=209.85.160.175 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="EbMmubah" Received: by mail-qt1-f175.google.com with SMTP id d75a77b69052e-42e8758fd52so11535321cf.1 for ; Tue, 27 Feb 2024 10:34:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709058862; x=1709663662; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=8e+d9Q0M78PZG4a7n45cz1GrVJxFpOQPG69Nd2dcQS8=; b=EbMmubahux1M9s9d7cjoYjvtjDaUwbtnX1LYHWCWApGXfsKe5vFJgZ+msIeXKqkN5e 8cJIjciJX4UqBrXPjl8WJ859tVuzymkUyVq12syY8gPaJGRzP0s5pTp+VYvjP6US7W1m Kw/L4AKlMLJZNLnmj9u9Z6DH1fBCpiN6IzFGpZBaTjuvoysCCW5wFkrK3eaoTIN5uJ6B SFZkMUjrEIUx6xdTNT1iUspoRtn0wrzCYaTU6UdNokJu6JRq9I17IU8pzo26PzZL/aPf MuCM8N5s7oiChDcbYTWdlSAEwg32jSmV3r4mn9P34dltF67BuJOZscdnw3zf5FXYMaGg GbQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709058862; x=1709663662; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=8e+d9Q0M78PZG4a7n45cz1GrVJxFpOQPG69Nd2dcQS8=; b=kExbZMyyb7fW2XLVCrlsy+rICIeHl4UpjO/aTEUMh7Nm7Yi+cwc2XreTwlo5Kw681s 7ctA9rh3kekF9aexuyJf32Jv1yeyEIwGN9wJob313k/Wk/Mq9mJdg7VgiB79LZaW1sx2 r/vCW6xKMBu9INIRIUjgZ363EpUOU4t+x6f8ATlgHfY/rDsdndZ2W7QMpphmgVq15BuG 7i80tWF0bj7fRMpfWrluBviOdkm4760AEQGKo/j21fbMiajsuuRsrduUfexX1ScukTX0 YhkjAGIYS+r5hit0SdjGI9/StpAAqQIfrhgYBdmKy0j1ZW1ryG7MGU1eaGGtpdY1j5u+ lhpA== X-Gm-Message-State: AOJu0YxbryOi5FlnSfU/wzuHC5XpVN6K+B5Iw0P/U8owsxjkXRwg7e3a KB+XHhgcXS6mqqg8Wp26xXcR52oPa+7NW2+FyMCD8MJqmDfbDw0ykz78bFbf X-Google-Smtp-Source: AGHT+IHIDDiUGUUtEj2K99vKj15j8H6E9LUjJQZdf+bKGdyBItUSjqRj1oy0RJHmxw5wMSGEz82T/w== X-Received: by 2002:ac8:5c4c:0:b0:42e:a842:d9dc with SMTP id j12-20020ac85c4c000000b0042ea842d9dcmr448191qtj.65.1709058862112; Tue, 27 Feb 2024 10:34:22 -0800 (PST) Received: from LOCLAP699.rst-02.locus ([208.195.13.130]) by smtp.gmail.com with ESMTPSA id jy2-20020a05622a818200b0042e3468a98csm3819617qtb.4.2024.02.27.10.34.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 10:34:21 -0800 (PST) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 01/11] doc: Document UseDefaultEccGroup Date: Tue, 27 Feb 2024 10:33:55 -0800 Message-Id: <20240227183405.257206-1-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.1 Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- src/iwd.network.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/iwd.network.rst b/src/iwd.network.rst index 734dcfa1..b178c20c 100644 --- a/src/iwd.network.rst +++ b/src/iwd.network.rst @@ -174,6 +174,13 @@ The group ``[Settings]`` contains general settings. Properly configured Access Points will typically update this setting appropriately via Transition Disable indications. User customization of this value is thus typically not required. + * - UseDefaultEccGroup + - Values: true, false + + Forces the use of the default ECC group (19) for protocols using ECC + (WPA3 and OWE) if set true. If unset IWD will learn the capabilities of + the network based on its initial association and retain that setting for + the duration of its process lifetime. Network Authentication Settings ------------------------------- From patchwork Tue Feb 27 18:33:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13574276 Received: from mail-ot1-f41.google.com (mail-ot1-f41.google.com [209.85.210.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B1BAD347A2 for ; Tue, 27 Feb 2024 18:34:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058866; cv=none; b=U0tVPJsUaThPITVI/YQF5f4FrFInGmdUVsaMPSYmjR49c17L/W4DFdi4eoVG4FdOOUwgqyBnGfQp8cwWaTLpOlpBtHJigICLVIZJvwIdgw/e9gs57OtNm0h7zEmO6YEbbWTFdrUANLPj1ErwEVhs45eM4BMUNOaxvpq46iVZ5zw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058866; c=relaxed/simple; bh=o2WNaPzck4pqs87X6Vtb2X56M1AZculVkJcBK6c0/Bg=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=hucE+1pYfE24vTBzkgKsm4B4LUlBuBG/RssSHl6FMVOG3mc+hJKnddGMjuo7EXGAEP5YR0Whs+KElLkwRzIqd1GrEMkEaiSWMgABsu53xgJRbpD6KxmjneS1272CwxhH55IW8+J8ZaJUsOcWW/iAbYmHoAhJxUg4HVXW3wkp2aQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=iMnRpGaA; arc=none smtp.client-ip=209.85.210.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="iMnRpGaA" Received: by mail-ot1-f41.google.com with SMTP id 46e09a7af769-6e4a0e80d14so1590424a34.1 for ; Tue, 27 Feb 2024 10:34:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709058863; x=1709663663; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lbHRKyzdYm5SvdYRcF/nKX9DPDQckGXqLXSOZ+K1s5c=; b=iMnRpGaAigr2SFjmYzb4MH7qTQ40bUjAJ0w2/G/nP9wRV1X5jF0DbwdwyMEDFk552T NuOC228rlVBwJvuF90tVuf1vjsCEnG0wQcLQmEKaYReI5KbLamUQIPeVIHW27gsH91Cp w8KTeIyYFM7+A+GkB7aayYZQLq8YvxE9GDpDgQWJ2bQCRrq8ND2ujWH1Hvt3q61GlwXS 79KFnra3hC4KFCfT24PGb907WBDpfZ/1ZIxh8LTVvRCMqw7oLGDOH6KlV4RTjXOzAaD4 CKTIkgzVgmYbjhD52z+J8I4J0XYXoOa0m40jyePMHai7xfXVFSsx3yUfZs8LY06QPalM SQlQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709058863; x=1709663663; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lbHRKyzdYm5SvdYRcF/nKX9DPDQckGXqLXSOZ+K1s5c=; b=xCLdFKJhjhyMMo2pHSKl3a2TC6j0W3EKrfMy+R4LuXWY9dd/VD0NkJC68BSvgBYnJM bC6wuihi4f0XzLZHE4SE78FsgQ0w+299CgkE7Ew6s/aMcWnC54mP1YxLMJkQL9RNPYQX YwTS9OijTma3Bi+/dmU7V95WBtJ2j07yyxIZ1thJl2zqHTQw/8zDnDimuJibGSOUsrh7 kAL3VIv+61Yi4YJ0gBVCoDOt0vC5NPX9+cGElsU4lhVWBAP/h7y/LeBLkyf5JnHc9IlD nDyoKxrz5WKlRC92gbCTquWymyguPZDDOn+fcIb8uw2h+N/ARYXgCsF3GTupZiHjM3Ue nDog== X-Gm-Message-State: AOJu0Yw0b14AujgqJQFd937yb4CIHUJub3CVc9U9/cjoHZFxGikBOeom uXZebN90FD0s3UGjcnss33Zer8Woy4Aw5h+TSFmcmBSSOFawFpkhhKUZAktJ X-Google-Smtp-Source: AGHT+IEH5eB24UCzLvFO2iDvxDDg441kZLb7/B/dDEJ4NYFkEe6ApB8tSj5sNnD00sxjvtZaQmtKww== X-Received: by 2002:a9d:6c43:0:b0:6e1:13a2:3948 with SMTP id g3-20020a9d6c43000000b006e113a23948mr11089154otq.5.1709058863383; Tue, 27 Feb 2024 10:34:23 -0800 (PST) Received: from LOCLAP699.rst-02.locus ([208.195.13.130]) by smtp.gmail.com with ESMTPSA id jy2-20020a05622a818200b0042e3468a98csm3819617qtb.4.2024.02.27.10.34.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 10:34:22 -0800 (PST) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 02/11] knownnetworks: add option to force a default ECC group Date: Tue, 27 Feb 2024 10:33:56 -0800 Message-Id: <20240227183405.257206-2-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240227183405.257206-1-prestwoj@gmail.com> References: <20240227183405.257206-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 This adds the option [Settings].UseDefaultEccGroup which allows a network profile to specify the behavior when using an ECC-based protocol. If unset (default) IWD will learn the behavior of the network for the lifetime of its process. Many APs do not support group 20 which IWD tries first by default. This leads to an initial failure followed by a retry using group 19. This option will allow the user to configure IWD to use group 19 first or learn the network capabilities, if the authentication fails with group 20 IWD will always use group 19 for the process lifetime. --- src/knownnetworks.c | 11 +++++++++++ src/knownnetworks.h | 8 ++++++++ 2 files changed, 19 insertions(+) diff --git a/src/knownnetworks.c b/src/knownnetworks.c index fc810057..6f65d2b3 100644 --- a/src/knownnetworks.c +++ b/src/knownnetworks.c @@ -123,6 +123,17 @@ void __network_config_parse(const struct l_settings *settings, l_strfreev(modes); } + + if (l_settings_has_key(settings, NET_USE_DEFAULT_ECC_GROUP)) { + if (l_settings_get_bool(settings, + NET_USE_DEFAULT_ECC_GROUP, &b)) { + config->ecc_group = b ? KNOWN_NETWORK_ECC_GROUP_DEFAULT + : KNOWN_NETWORK_ECC_GROUP_MOST_SECURE; + } else + l_warn("[%s].%s is not a boolean value", + NET_USE_DEFAULT_ECC_GROUP); + } else + config->ecc_group = KNOWN_NETWORK_ECC_GROUP_AUTO; } void __network_info_init(struct network_info *info, diff --git a/src/knownnetworks.h b/src/knownnetworks.h index 741d42ed..c81bd9aa 100644 --- a/src/knownnetworks.h +++ b/src/knownnetworks.h @@ -27,6 +27,7 @@ #define NET_ADDRESS_OVERRIDE SETTINGS, "AddressOverride" #define NET_TRANSITION_DISABLE SETTINGS, "TransitionDisable" #define NET_TRANSITION_DISABLE_MODES SETTINGS, "DisabledTransitionModes" +#define NET_USE_DEFAULT_ECC_GROUP SETTINGS, "UseDefaultEccGroup" enum security; struct scan_freq_set; @@ -38,6 +39,12 @@ enum known_networks_event { KNOWN_NETWORKS_EVENT_UPDATED, }; +enum known_network_ecc_group { + KNOWN_NETWORK_ECC_GROUP_AUTO = 0, + KNOWN_NETWORK_ECC_GROUP_DEFAULT, + KNOWN_NETWORK_ECC_GROUP_MOST_SECURE, +}; + struct network_info_ops { struct l_settings *(*open)(struct network_info *info); int (*touch)(struct network_info *info); @@ -72,6 +79,7 @@ struct network_config { uint8_t sta_addr[6]; bool have_transition_disable : 1; uint8_t transition_disable; + enum known_network_ecc_group ecc_group; }; struct network_info { From patchwork Tue Feb 27 18:33:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13574277 Received: from mail-qt1-f170.google.com (mail-qt1-f170.google.com [209.85.160.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0A4AF3C099 for ; Tue, 27 Feb 2024 18:34:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.170 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058867; cv=none; b=Lg/KJbTTH4L/GLbNmylW5PUwXxCl9D4VKvWSelwnaRcEtccdqJu3LV6xW/Nx95yxADFMikEqVu96QtCUG6KgEhM+/flhmnHzj0j33k9t8UJqd9qwwmltA0QwPupiH+ys+k+XBvnOAVwt6adZO8zsQYufS5n/cPlWlbXTyiPy9mc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058867; c=relaxed/simple; bh=AaVfMNKyR+s1giFbgO5pAWXl7LBq/1L5RzICdGECOoQ=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=S6+AP2Ad7fR7CbyQPrmvg8SID3PH0oN6n3SZnG60ZjsXG30pWKHRJNUX67qt+SJQQ0IH8XjLYqTPldyKkUUN4WescKx8Yz4rcezTCI5gifEIAPl/uagddnhYaNRyIlHrpoZlUGHT4oNj5xOfqD9cWDkcZKLITTDWdFwo7PGoJCs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=jEVJuxXi; arc=none smtp.client-ip=209.85.160.170 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="jEVJuxXi" Received: by mail-qt1-f170.google.com with SMTP id d75a77b69052e-42a029c8e62so38180241cf.1 for ; Tue, 27 Feb 2024 10:34:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709058865; x=1709663665; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=1SjwUwRTCIfwybhBNg6EVCAHTsl8oY/SqeIVyBvpxtc=; b=jEVJuxXixRrgkX8P8GmHeNW4VNyQdI2S087zSePSm5lEnIJMqDqOKIcIvtwdPh39Fq feevULx0Vbcih9wF7/anCMF1ZTRDgbed+mI94qcgtWvsDbIU7DgoltwvL1W1g00oOmV/ DenXuaUqWrE8ZPOZ7fZPmEZzO6/+Z1oCpeFDZ3QvTzvM0vsQZmh56r/XiNMl0yjzsX7+ 4wgdDYqDBH/T/pTl5e3YqZmjr7V97txa9u2ns7xkybVdgA34ZBa+UOLBR3An9Lo+UFx/ A9naNP6jvxYbYD61VMJ+/jjT1zksW823e4R41xS2gPf0tgOKNnMzN+GiJVzd9KUx5dkn 8fYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709058865; x=1709663665; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1SjwUwRTCIfwybhBNg6EVCAHTsl8oY/SqeIVyBvpxtc=; b=LiG9T9LnRlTeddsg9769li8DwqMvNe77v3/lMlyOF91PQm32DC/jzEdp+iwizZEBa3 BZ0abz1E/tAR5smDRB8lm74gd/800d0n1MxdAMk7layA28Z1mhTr0l1iWgyQXo7GrCnL RvjdKdpyX6vbiQFEcz0KPrkfpHD8l/r68F8SuD0e5LPdxdsfdZTcFf/rnxA/sNo01ygL l3EluRzHKIlJfJJLwMzZyLL1Wm9pVyCdlwEspwWiFnoY3fL+nATLDQhZWxh18a+/QFTc nQQHpuEIBVBfqnvSLcHC3lHPsboIZ9/PDTxctkGgfe17v+yKjsbllZsCP8WqkgRiEE3M riSQ== X-Gm-Message-State: AOJu0YzuaGaGNgAohjWcXnu65vHaRetNfK+CuPqhqTVL2UAmhw2dIPfy sNViCRH1jKMIn9GxgrtOOjyz8vaoIVmxB2mQ7jXXC9oHIaHSsUkjxnc2+Bjp X-Google-Smtp-Source: AGHT+IGVc2datESiwDsDtHHIqBjdejxcYgtlbpg4aOwoAGcBaGAuR/GAP39FQEzTZD+REm0yT0r38w== X-Received: by 2002:a05:622a:216:b0:42e:7fd7:c68b with SMTP id b22-20020a05622a021600b0042e7fd7c68bmr8482965qtx.44.1709058864621; Tue, 27 Feb 2024 10:34:24 -0800 (PST) Received: from LOCLAP699.rst-02.locus ([208.195.13.130]) by smtp.gmail.com with ESMTPSA id jy2-20020a05622a818200b0042e3468a98csm3819617qtb.4.2024.02.27.10.34.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 10:34:24 -0800 (PST) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 03/11] network: retain default ECC group for OWE after setting Date: Tue, 27 Feb 2024 10:33:57 -0800 Message-Id: <20240227183405.257206-3-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240227183405.257206-1-prestwoj@gmail.com> References: <20240227183405.257206-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 There is special handling for buggy OWE APs which set a network flag to use the default OWE group. Utilize the more persistent setting within known-networks as well as the network object (in case there is no profile). This also renames the get/set APIs to be generic to ECC groups rather than only OWE. --- src/network.c | 38 +++++++++++++++++++++++++++++++------- src/network.h | 4 ++-- src/station.c | 4 ++-- 3 files changed, 35 insertions(+), 11 deletions(-) diff --git a/src/network.c b/src/network.c index 287e2be0..a0a89e63 100644 --- a/src/network.c +++ b/src/network.c @@ -89,7 +89,7 @@ struct network { bool provisioning_hidden:1; uint8_t transition_disable; /* Temporary cache until info is set */ bool have_transition_disable:1; - bool force_default_owe_group:1; + bool force_default_ecc_group:1; int rank; /* Holds DBus Connect() message if it comes in before ANQP finishes */ struct l_dbus_message *connect_after_anqp; @@ -271,8 +271,12 @@ struct network *network_create(struct station *station, const char *ssid, network->security = security; network->info = known_networks_find(ssid, security); - if (network->info) + if (network->info) { network->info->seen_count++; + if (network->info->config.ecc_group == + KNOWN_NETWORK_ECC_GROUP_DEFAULT) + network->force_default_ecc_group = true; + } network->bss_list = l_queue_new(); network->blacklist = l_queue_new(); @@ -553,7 +557,7 @@ int network_handshake_setup(struct network *network, struct scan_bss *bss, } if (hs->akm_suite == IE_RSN_AKM_SUITE_OWE) - hs->force_default_owe_group = network->force_default_owe_group; + hs->force_default_owe_group = network->force_default_ecc_group; /* * The randomization options in the provisioning file are dependent on @@ -818,14 +822,34 @@ void network_set_info(struct network *network, struct network_info *info) IWD_NETWORK_INTERFACE, "KnownNetwork"); } -void network_set_force_default_owe_group(struct network *network) +void network_set_force_default_ecc_group(struct network *network) { - network->force_default_owe_group = true; + /* No network info, likely a failed OWE connection */ + if (!network->info) { + network->force_default_ecc_group = true; + return; + } + + /* Profile explicitly wants to try the most secure group */ + if (network->info->config.ecc_group == + KNOWN_NETWORK_ECC_GROUP_MOST_SECURE) + return; + + l_debug("Forcing default group for %s", network->ssid); + + network->force_default_ecc_group = true; + network->info->config.ecc_group = KNOWN_NETWORK_ECC_GROUP_DEFAULT; } -bool network_get_force_default_owe_group(struct network *network) +bool network_get_force_default_ecc_group(struct network *network) { - return network->force_default_owe_group; + if (!network->info) + return network->force_default_ecc_group; + + if (network->info->config.ecc_group == KNOWN_NETWORK_ECC_GROUP_DEFAULT) + return true; + + return false; } int network_can_connect_bss(struct network *network, const struct scan_bss *bss) diff --git a/src/network.h b/src/network.h index ea619f3f..17dfcca8 100644 --- a/src/network.h +++ b/src/network.h @@ -58,8 +58,8 @@ void network_sync_settings(struct network *network); const struct network_info *network_get_info(const struct network *network); void network_set_info(struct network *network, struct network_info *info); -void network_set_force_default_owe_group(struct network *network); -bool network_get_force_default_owe_group(struct network *network); +void network_set_force_default_ecc_group(struct network *network); +bool network_get_force_default_ecc_group(struct network *network); bool network_update_known_frequencies(struct network *network); diff --git a/src/station.c b/src/station.c index 8817637b..3712d5bb 100644 --- a/src/station.c +++ b/src/station.c @@ -3152,7 +3152,7 @@ static bool station_retry_owe_default_group(struct station *station) return false; /* If we already forced group 19, allow the BSS to be blacklisted */ - if (network_get_force_default_owe_group(station->connected_network)) + if (network_get_force_default_ecc_group(station->connected_network)) return false; l_warn("Failed to connect to OWE BSS "MAC" possibly because the AP is " @@ -3160,7 +3160,7 @@ static bool station_retry_owe_default_group(struct station *station) "Retrying with group 19 as a workaround", MAC_STR(station->connected_bss->addr)); - network_set_force_default_owe_group(station->connected_network); + network_set_force_default_ecc_group(station->connected_network); return true; } From patchwork Tue Feb 27 18:33:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13574278 Received: from mail-ot1-f50.google.com (mail-ot1-f50.google.com [209.85.210.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0EEA03CF73 for ; Tue, 27 Feb 2024 18:34:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.50 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058869; cv=none; b=uRjkodtO5Umee2VTS8qy84BlMpD12nSR8uPUHbgm7KS4HWO1VQLy8s3c6z2T8H8mV2CcgFytJMYzBu0XMV2ich/B0lv+RDWhlYx2GndWphV90D15GhWQd3OecFqEhypm0Tz1zFYLgKAD47iN1VwU0KnHnZt2IyahRMi6jgcj3Mg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058869; c=relaxed/simple; bh=LV4M4HAcZdA6HhvR9ceK+6/A9nIt4xmWHOsqGHEyJRE=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=d9Uz+knafAXUhg7u3VzoJ0pyLL4HdLj55CIrZLmnZDoCUIczKBTkagpUPTEuxosDnN5e0nGhduewAcN70ftIe46tWc/gR+1BdwvFJC/qYcoOshNRU0t7GNuObpzIVwOV+j03WdGMzuyqbu95XN26hfROD0X0P0hRiR1wnv46vW0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=U2y7v2sh; arc=none smtp.client-ip=209.85.210.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="U2y7v2sh" Received: by mail-ot1-f50.google.com with SMTP id 46e09a7af769-6e432514155so2332524a34.1 for ; Tue, 27 Feb 2024 10:34:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709058866; x=1709663666; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=E1duKVV3ZbiVOJfU5/FnxOv1snNtcaqSo5TzchCaViw=; b=U2y7v2sh5Tq+uJxMMEL+r5mFZa0Qjrvy4U6yAAuUKqFyq98rowDllyTaqBH5uutDKr MwPJ0phUicCP3UxRRBdj7pYvCpypyVo1Y1HSvZlli16FwmXZWt0WKJnm5oENeZ0CWHqI eo2STzlLT8uEEoPHbCWVATjVeXbZd2vChRXf8OzKcbk/4ZkMR3IYioZ1auntAvCHZFLj 9lN6dS9i08y3bmYH7m8Kc1AHB0dG8qAgnINBGX8a96H4VsPhpxCJjRf6YECU5+cpLGOj o9Ne40HJmQX8dNe+NUFWrNUm7Y/0OOm/oWzhBtFbsqguqfl8SQBLuUZiErvC5TtPaM/c /TLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709058866; x=1709663666; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=E1duKVV3ZbiVOJfU5/FnxOv1snNtcaqSo5TzchCaViw=; b=tDN3/9jd5d0T5XoNzcac0+RTX3QCX+YvY3JUB/MRLO8gWg7UUvS0OdNAS09vlAZM0B whEWSRbdoc8YmLMicRz5KiUEKM1QnX/WHDDkaSVDDsZrZ9DL3WA2fMW+Wu900orl+OpY jwuuVRpnKG+Ic/+qPS538rv6lrlmJtbCKHVRI3YW24/+0vCl25P1xCKNzD9xD0hZRrWG 7SYslNke8pzdckxI9Pks/dpPSuYIYInTBDjaYYuCcMVBE9CfvbE7KnIvZaLhW/C1zYPu WgLnmVNoG7Nh2OFZ0UoQHWACHrEEJiDubFYNGf1bSp4N2JFHZN58hSpEXy4yjLvp6scH o48w== X-Gm-Message-State: AOJu0YxgbERrpjmOKHVYF8BAKP1V5F3+Od0JNKIbneEVdpHWTROmfj/D xklSdllNNpcjC6PQLhazo+wsWLau7WOxQgjYJzMS1H/A5kxWPNtwrX4BSCSe X-Google-Smtp-Source: AGHT+IE1I/akg6Tcf2KYy9llI2B/BFaFJvA2La1xRkuzoXDbBIWQSXfRZ7ln2RHERKAlIpC5k2+YCw== X-Received: by 2002:a9d:73d5:0:b0:6e2:bf19:194e with SMTP id m21-20020a9d73d5000000b006e2bf19194emr11734072otk.19.1709058865926; Tue, 27 Feb 2024 10:34:25 -0800 (PST) Received: from LOCLAP699.rst-02.locus ([208.195.13.130]) by smtp.gmail.com with ESMTPSA id jy2-20020a05622a818200b0042e3468a98csm3819617qtb.4.2024.02.27.10.34.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 10:34:25 -0800 (PST) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 04/11] network: set use default ECC group in handshake setup Date: Tue, 27 Feb 2024 10:33:58 -0800 Message-Id: <20240227183405.257206-4-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240227183405.257206-1-prestwoj@gmail.com> References: <20240227183405.257206-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 If either the settings specify it, or the scan_bss is flagged, set the use_default_ecc_group flag in the handshake. This also renames the flag to cover both OWE and SAE --- src/handshake.h | 2 +- src/network.c | 4 ++-- src/owe.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/handshake.h b/src/handshake.h index 6c58e4d2..62118fe2 100644 --- a/src/handshake.h +++ b/src/handshake.h @@ -140,7 +140,7 @@ struct handshake_state { bool authenticator_ocvc : 1; bool supplicant_ocvc : 1; bool ext_key_id_capable : 1; - bool force_default_owe_group : 1; + bool force_default_ecc_group : 1; uint8_t ssid[32]; size_t ssid_len; char *passphrase; diff --git a/src/network.c b/src/network.c index a0a89e63..7b996f51 100644 --- a/src/network.c +++ b/src/network.c @@ -556,8 +556,8 @@ int network_handshake_setup(struct network *network, struct scan_bss *bss, handshake_state_set_protocol_version(hs, eapol_proto_version); } - if (hs->akm_suite == IE_RSN_AKM_SUITE_OWE) - hs->force_default_owe_group = network->force_default_ecc_group; + hs->force_default_ecc_group = network->force_default_ecc_group || + bss->force_default_sae_group; /* * The randomization options in the provisioning file are dependent on diff --git a/src/owe.c b/src/owe.c index faa4e17d..da1d643b 100644 --- a/src/owe.c +++ b/src/owe.c @@ -45,7 +45,7 @@ struct owe_sm { static bool owe_reset(struct owe_sm *owe) { - if (owe->hs->force_default_owe_group) { + if (owe->hs->force_default_ecc_group) { if (owe->retry != 0) { l_warn("Forced default OWE group but was rejected!"); return false; From patchwork Tue Feb 27 18:33:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13574279 Received: from mail-qt1-f180.google.com (mail-qt1-f180.google.com [209.85.160.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5A3103C099 for ; Tue, 27 Feb 2024 18:34:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058869; cv=none; b=uqCiJ3D8z+O6MNlXes443GLqOHoVFrjv6MFjxOdIIwqJz3UHQX4a1P8JDu6WorzZi1AHtqbDNDLX1sMtgbzqioPSkp66N8+el/1YJeUoIn5TWhHO0ZVfu0vu+yrzmuFtVQi6yxUijayVpC5Y4FwD/Q/3oG3HH85uLSRWGDqAxnw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058869; c=relaxed/simple; bh=b9v04I3UJlbA75DuUVjSm53RIvGqH9JCoBAR6+C1g44=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=MHJVN3E4vKc69beKKXEDlKzrFUqpH99ane5A1PTF1eFYgAH7u+Xjv3/pEt3rkTihoMq/A6kXSPqdTSBEgbLgsGHsKiCcVnAUqstgrZNamEEX49A/zd9Z9mjC5QhNCekDLgx/bmKEnqi2i9RlBKn6GuhFLtn2xonRkuEHepHbtp0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Qk7Z3jD4; arc=none smtp.client-ip=209.85.160.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Qk7Z3jD4" Received: by mail-qt1-f180.google.com with SMTP id d75a77b69052e-42e67ee5b48so18891191cf.1 for ; Tue, 27 Feb 2024 10:34:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709058867; x=1709663667; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=KcDX9X5I466bQE2GWJxS89Sx30t9cTiszCnW3wMRqeg=; b=Qk7Z3jD49NJn4BSW3Lb/UjRuekHQEd8WPUUxU5K8d3RNsZWZjyyW6wBANTCPnA6wUW 22A1nmTNItbZTut0/qmFu+GCwf8AY6U7GqRX/4VtxxAAM+Ni3tVXlTziTYqdKSTrF1TW LsMat4a2wvJoHJjT2o9+LY9BuA17tq+APdBELPzlvb6o3bulGy6bcZTh60R+MeQA+MfP vmACs7keEp4gH7ZjrylfBga2jl2CjmUQUr6FT+V6tC3GLBROOo3EL8LboWrsJ8KWJrGj Iowua3jHo/DiikVadiYjYPrRKpLdzRHqUUdMAycBxqvTKlkJHWe6lN6oF8c8NIAKoCwb CaOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709058867; x=1709663667; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KcDX9X5I466bQE2GWJxS89Sx30t9cTiszCnW3wMRqeg=; b=rnnyykAcXGYvled6/3cF4LvNyF84qZC5Ey/vVpc6x4QQI/mBPc1dxPqX504cKMvT2F yOXr7h79fVlLuZz2qjh70xdr9Zza7ydsgucWLfa+Iy4lOP8p9JZA65jBJ3HmOp7swrPo 17kTcLxkaAdBRIkvxonyYTE5XN8YAboKhja36yRw7f7iGOBhioWZb+8sHVSIWnApR9MJ br1tAGVLwFa/a+NuD/MNNIs+B0JwR4Z54CKRqGjY1xJo2GTtqpHJU3Bw0qWvHQK0qq7A jjb8uNWyu+XfbfaZk8flhbdTiMjWqzosJLfjP89M7PQpSaz8oz7ZTCQv1A5GytRx1J6V u1Bg== X-Gm-Message-State: AOJu0YyXuJl7jSm8PXH4Sit+4xMTsZnSS+4XVM22f+Rk7R0uIgM/K2Xg P2abW33ie/Chtwf0YnQZtcj1he+aNsbxau5cLrsGinMAI74UN6ipT4SLy8bG X-Google-Smtp-Source: AGHT+IEmsiaHZOikfRqyR2aOyYWs1Us10elg7Ktr4p4xys/icnAwcE/KJsa2G1iCyKC94ThwTGH0Kg== X-Received: by 2002:ac8:7e94:0:b0:42e:81ab:6111 with SMTP id w20-20020ac87e94000000b0042e81ab6111mr7227152qtj.52.1709058867033; Tue, 27 Feb 2024 10:34:27 -0800 (PST) Received: from LOCLAP699.rst-02.locus ([208.195.13.130]) by smtp.gmail.com with ESMTPSA id jy2-20020a05622a818200b0042e3468a98csm3819617qtb.4.2024.02.27.10.34.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 10:34:26 -0800 (PST) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 05/11] sae: remove sae_sm_set_force_group_19, use handshake Date: Tue, 27 Feb 2024 10:33:59 -0800 Message-Id: <20240227183405.257206-5-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240227183405.257206-1-prestwoj@gmail.com> References: <20240227183405.257206-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Use the flag set into the handshake to force the default ECC group --- src/netdev.c | 3 --- src/sae.c | 8 +------- src/sae.h | 2 -- 3 files changed, 1 insertion(+), 12 deletions(-) diff --git a/src/netdev.c b/src/netdev.c index 8a7ff092..d80ce10f 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -3834,9 +3834,6 @@ static void netdev_connect_common(struct netdev *netdev, } } - if (bss->force_default_sae_group) - sae_sm_set_force_group_19(netdev->ap); - break; case IE_RSN_AKM_SUITE_OWE: netdev->owe_sm = owe_sm_new(hs); diff --git a/src/sae.c b/src/sae.c index 9a10292e..bf9fb0ff 100644 --- a/src/sae.c +++ b/src/sae.c @@ -1459,13 +1459,6 @@ bool sae_sm_is_h2e(struct auth_proto *ap) return sm->sae_type != CRYPTO_SAE_LOOPING; } -void sae_sm_set_force_group_19(struct auth_proto *ap) -{ - struct sae_sm *sm = l_container_of(ap, struct sae_sm, ap); - - sm->force_default_group = true; -} - static void sae_free(struct auth_proto *ap) { struct sae_sm *sm = l_container_of(ap, struct sae_sm, ap); @@ -1501,6 +1494,7 @@ struct auth_proto *sae_sm_new(struct handshake_state *hs, sm->user_data = user_data; sm->handshake = hs; sm->state = SAE_STATE_NOTHING; + sm->force_default_group = hs->force_default_ecc_group; sm->ap.start = sae_start; sm->ap.free = sae_free; diff --git a/src/sae.h b/src/sae.h index ec29e624..668d084f 100644 --- a/src/sae.h +++ b/src/sae.h @@ -30,8 +30,6 @@ typedef void (*sae_tx_associate_func_t)(void *user_data); bool sae_sm_is_h2e(struct auth_proto *ap); -void sae_sm_set_force_group_19(struct auth_proto *ap); - struct auth_proto *sae_sm_new(struct handshake_state *hs, sae_tx_authenticate_func_t tx_auth, sae_tx_associate_func_t tx_assoc, From patchwork Tue Feb 27 18:34:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13574280 Received: from mail-qt1-f180.google.com (mail-qt1-f180.google.com [209.85.160.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 840FD2E64B for ; Tue, 27 Feb 2024 18:34:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058871; cv=none; b=Iv+8femTWOlEP0CeB5zU1vGx7oFLdb1mU7L/FijHHTsGmhNZHx62tYI7ICd+FRP5kX8sVfdEPf/9v+IqUIbqsWscEKklBmiuLU3P5eOBQCHcTQoV8L843W6m06CWxK7jUuI2lyW1Vmg1D5WJmgVraGX13HJjm4wj2qNc4259qR8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058871; c=relaxed/simple; bh=CWIGXxX+IBehVy8ckQWj/WuUqwLmaB7WKAdr5N7/XLI=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=D4X+iP+kdaBovX+HHp5Haypql6ucGeRjHjzxjZV36o0VDWdgKcnqnVHKZ9beuS+DKslvWyrwaLtNgu6nu/tjoD1mvnJF4xqZmUjK4qkMZ4fA5fCk4aA2AVuW0Klq9NhYjgw4d+bMhIRMj89lbqbBSKkzZ82VxXjD1mme0hJOZQ0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=e4uOeQSm; arc=none smtp.client-ip=209.85.160.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="e4uOeQSm" Received: by mail-qt1-f180.google.com with SMTP id d75a77b69052e-42a0ba5098bso27706351cf.0 for ; Tue, 27 Feb 2024 10:34:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709058868; x=1709663668; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Tf/+0KJKf8yc88ghGME20zNh8tArqlH3uLGTPsrzi5c=; b=e4uOeQSmnM5dfqEVds+mlPpKJS7ChDwZerrWIK2uPtf0xwFEc21fOUIeS04eUpgTTg nJRaWMyYmlkmTdsoDUHjWtpdGHNSTkvu5hxWzL3tXIwqigM1fhbC6bxtXqA4+8B19g8t Y4yVNkLJUsxaep0Qi4BNvcs4BV4DinOouBk54ypcC+tx//4rTT4mHxKGD3joMlGi2GLg CzMg3eCl254vBRDHBXE2+8E1XCmV0jhIu8r1Jj2OlyVlmlnUVvSwCOnq4e3EzYRc0e8z nGudHC3qvBKqg8Yxz7stn2Lv49esTj9zS3pwlKaaHULkMI47RA9xwubKGd6lpfOgpOJE KFcQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709058868; x=1709663668; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Tf/+0KJKf8yc88ghGME20zNh8tArqlH3uLGTPsrzi5c=; b=ceZtf00vdVNngOHAG8EMHdGUhYgzG6dks0aknjo+33oHPzY8sCFNLWDXFPKqMNjXTY M+jbLHgEeDEu6mrA610YL60hHzJsjvdFaSPuEFGR6v+x3O+HpCzWTZrJJD/ZF+7w0jGm DzJBAq5DPP+8oc8I1Rvk553ebrRAkcnA1k1yZPupUBoMhX5yGumti6JlYXvtnwOOhDEF k7NIiEqXG+vGf1S1v/3rVPLAX3xR6mRQdCgmbdUXV6vphzo7wYg7KOQyYOFAsrkIcS0l GRRNOT2+XkNnjI5gdeoH63c+Z3znY9ny01Qx9Uaz9t322N/BEx/Thy4w8sto0C0HMFyk N/kA== X-Gm-Message-State: AOJu0YyzYi9En3MkOwLioLHtiHMWVgJWhBZcfJiRTnQeuCfx2CknLQtE FfAZADuAJfdh7j3PtZn7T5FAppUTZ7rEdvo4VzEYPT6JeQ3tjU11ohf8ridm X-Google-Smtp-Source: AGHT+IGAfq2b7ByrdGhxg5ONGJiZ67c7BTArP0H44HGqXwEzD7qOhJEg6FNvalhQ27MOoM98Q8OIcQ== X-Received: by 2002:ac8:5d51:0:b0:42e:8e36:63a1 with SMTP id g17-20020ac85d51000000b0042e8e3663a1mr5577432qtx.6.1709058868281; Tue, 27 Feb 2024 10:34:28 -0800 (PST) Received: from LOCLAP699.rst-02.locus ([208.195.13.130]) by smtp.gmail.com with ESMTPSA id jy2-20020a05622a818200b0042e3468a98csm3819617qtb.4.2024.02.27.10.34.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 10:34:27 -0800 (PST) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 06/11] netdev: add NETDEV_EVENT_ECC_GROUP_RETRY, handle in station Date: Tue, 27 Feb 2024 10:34:00 -0800 Message-Id: <20240227183405.257206-6-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240227183405.257206-1-prestwoj@gmail.com> References: <20240227183405.257206-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 In order to complete the learned default group behavior station needs to be aware of when an SAE/OWE connection retried. This is all handled within netdev/sae so add a new netdev event so station can set the appropriate network flags to prevent trying the non-default group again. --- src/netdev.c | 15 +++++++++++++++ src/netdev.h | 1 + src/station.c | 15 +++++++++++++++ 3 files changed, 31 insertions(+) diff --git a/src/netdev.c b/src/netdev.c index d80ce10f..09fac959 100644 --- a/src/netdev.c +++ b/src/netdev.c @@ -2559,6 +2559,10 @@ static bool netdev_retry_owe(struct netdev *netdev) if (!owe_next_group(netdev->owe_sm)) return false; + if (netdev->event_filter) + netdev->event_filter(netdev, NETDEV_EVENT_ECC_GROUP_RETRY, + NULL, netdev->user_data); + connect_cmd = netdev_build_cmd_connect(netdev, netdev->handshake, NULL); netdev->connect_cmd_id = l_genl_family_send(nl80211, connect_cmd, @@ -2966,6 +2970,17 @@ static void netdev_authenticate_event(struct l_genl_msg *msg, ret = auth_proto_rx_authenticate(netdev->ap, frame, frame_len); + /* + * Allows station to persist settings so it does not retry + * the higher order ECC group again + */ + if (status_code == + MMPDU_STATUS_CODE_UNSUPP_FINITE_CYCLIC_GROUP && + netdev->event_filter) + netdev->event_filter(netdev, + NETDEV_EVENT_ECC_GROUP_RETRY, + NULL, netdev->user_data); + /* We have sent another CMD_AUTHENTICATE / CMD_ASSOCIATE */ if (ret == 0 || ret == -EAGAIN) return; diff --git a/src/netdev.h b/src/netdev.h index d87f09f4..671d0d40 100644 --- a/src/netdev.h +++ b/src/netdev.h @@ -51,6 +51,7 @@ enum netdev_event { NETDEV_EVENT_RSSI_LEVEL_NOTIFY, NETDEV_EVENT_PACKET_LOSS_NOTIFY, NETDEV_EVENT_BEACON_LOSS_NOTIFY, + NETDEV_EVENT_ECC_GROUP_RETRY, }; enum netdev_watch_event { diff --git a/src/station.c b/src/station.c index 3712d5bb..77d4a547 100644 --- a/src/station.c +++ b/src/station.c @@ -3456,6 +3456,18 @@ static void station_event_roaming(struct station *station) station_enter_state(station, STATION_STATE_FW_ROAMING); } +static void station_ecc_group_retry(struct station *station) +{ + struct network *network = station_get_connected_network(station); + + if (L_WARN_ON(!network)) + return; + + station_debug_event(station, "ecc-group-rejected"); + + network_set_force_default_ecc_group(network); +} + static void station_netdev_event(struct netdev *netdev, enum netdev_event event, void *event_data, void *user_data) { @@ -3497,6 +3509,9 @@ static void station_netdev_event(struct netdev *netdev, enum netdev_event event, case NETDEV_EVENT_BEACON_LOSS_NOTIFY: station_beacon_lost(station); break; + case NETDEV_EVENT_ECC_GROUP_RETRY: + station_ecc_group_retry(station); + break; } } From patchwork Tue Feb 27 18:34:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13574281 Received: from mail-qt1-f171.google.com (mail-qt1-f171.google.com [209.85.160.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CABFC3C099 for ; Tue, 27 Feb 2024 18:34:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.171 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058872; cv=none; b=LYVFyLpx8t15XApG3S97IBcDiT152s3TQCX8UYghaIvk8uAWEaaJ3Nm8QzPlzu+cDuYCgbEgvFBfeoLNOhjDKAUo0//LVCG1C+eRTANdEzkyZMEj1PZeNrJ3WEHgm7jAFKOxOZ1+JkNDVqLoeHHPign6CS5EmYFc8POjnf9j+qE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058872; c=relaxed/simple; bh=mJmGkX3XmuU37+W9ehiyLI/blKnA1DZVAj5STrBg3rY=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Ln+xpytfYm/M9Zb1YsdI04z6B/TDnFGFXdB+cagu+tXYMNHPQUwoLBx1kyg5Qd+ioS07doTdPhOwbU0D7T2O4z6PZnprzqUFEAfr2pIckLfJsdsQ6yLSix6PWt5f/+aeSgesq/hUOrcLehfqznlYDw0y5oFV4GfOphJGnP6JC5k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=mvVWuiWp; arc=none smtp.client-ip=209.85.160.171 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="mvVWuiWp" Received: by mail-qt1-f171.google.com with SMTP id d75a77b69052e-42e7ed64b5fso10564301cf.1 for ; Tue, 27 Feb 2024 10:34:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709058869; x=1709663669; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=usvbDD5mOV6zAsHcYk7el9/xXUOzKSCHTYVwgCdesQg=; b=mvVWuiWpfLbAdMJmKnspmGeszWAhHkN5cefhoUilrZSE5brsPFith8fn31OgFiJ0ZH CKZgc25FiMmzlGXlghztg+piu805buEfz3Xd2q+cl+Zl3dGM7BQHrtSrJDvfoot7C5eH z2QN1x8JOVnDtjHelfHscj88TFl3E35j8isGtGLx+7K7IyHN9PsV9eb0SH+7tLLUjff1 J6b0mYt362YlgPvME8bn/BmuhH6DMcuh8lL1ZErEesbh4CAKDPcDnXpfyCJ6X2kyVSi/ Q25A42cINLirf3pIfuIqc8TlQlkQkN00TPISd85t5gsJ9NmKrPctzNaw8vvdd8u9nBlQ h5UA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709058869; x=1709663669; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=usvbDD5mOV6zAsHcYk7el9/xXUOzKSCHTYVwgCdesQg=; b=kUAMkqqD5A34ceCsElyi7j3VYOjoo39/nB8EOC4L8Tq8Kh7DqTf8WCKYkcCZHOJB5K +DE+8ljxkqwqrDXxY4UiP9SZoBRuhIwRtdMFO5o44Ig09llEHWVu4WC0gLoEtqzM7sIP mAvXf+kcMoNGnMlodAPXmYpO8YDuLcoCFvTDE//HDBn/pad3Q6xFZ0P6PP85j/TBI+Vp u0U2UBR1128Yp9zpU/bL50cyaZIhfg76yvDywQdN8aiRsrq7rCbm+I6Tqws3iAFCwwmZ H4ueRzxGXB0s86MajHyu+UZZSO0U+c5wA1PVho4rpyMNMpjij6iaq7ce0NF6/0/fDWWP trGQ== X-Gm-Message-State: AOJu0YxH6fZSMQIWQS7bqxv1cvxqGuLmmLQg2gpz91mK1pDy0YW4IVZV QZJla3wY9KoU+dOHH5/hYr0iSc8I6pupXTXWhbWctBJIXj8BJL15YuARABEr X-Google-Smtp-Source: AGHT+IFEL4SplN2O73lJUJ/vdq5WlxmDnmUIE8ZK0emPHbT+qoNRs6UqZ0hrJqrRlPT1pOmRg7DXJQ== X-Received: by 2002:ac8:5914:0:b0:42e:79e7:9110 with SMTP id 20-20020ac85914000000b0042e79e79110mr10405592qty.2.1709058869544; Tue, 27 Feb 2024 10:34:29 -0800 (PST) Received: from LOCLAP699.rst-02.locus ([208.195.13.130]) by smtp.gmail.com with ESMTPSA id jy2-20020a05622a818200b0042e3468a98csm3819617qtb.4.2024.02.27.10.34.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 10:34:29 -0800 (PST) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 07/11] auto-t: add Device.event_ocurred Date: Tue, 27 Feb 2024 10:34:01 -0800 Message-Id: <20240227183405.257206-7-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240227183405.257206-1-prestwoj@gmail.com> References: <20240227183405.257206-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Checks that an event happened previously, and consumes events. This is useful for checking that an event did not happen after some testing operations. --- autotests/util/iwd.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/autotests/util/iwd.py b/autotests/util/iwd.py index 52c35e3d..511fb3a5 100755 --- a/autotests/util/iwd.py +++ b/autotests/util/iwd.py @@ -303,6 +303,9 @@ class StationDebug(IWDDBusAbstract): return ctx.non_block_wait(self._poll_event, timeout, event, exception=TimeoutError("waiting for event")) + def event_ocurred(self, event): + return self._poll_event(event) + class DeviceProvisioning(IWDDBusAbstract): ''' Class represents net.connman.iwd.DeviceProvisioning @@ -856,6 +859,9 @@ class Device(IWDDBusAbstract): def wait_for_event(self, event, timeout=10): self._station_debug.wait_for_event(event, timeout) + def event_ocurred(self, event): + return self._station_debug.event_ocurred(event) + def dpp_start_enrollee(self): ret = self._device_provisioning.start_enrollee() From patchwork Tue Feb 27 18:34:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13574282 Received: from mail-il1-f174.google.com (mail-il1-f174.google.com [209.85.166.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EAE882E64B for ; Tue, 27 Feb 2024 18:34:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.174 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058873; cv=none; b=BFaK4jn+C08IHVm2lnAkZj4jxmFEPYqU/V2SJT/D5UhsrSFvwtTblsiIGvk5oPhRrp23ABlzvtPGt3TabIFpYlw7FrET23RvXdEriprFfHC9ozrMYNkZ/D+D3z5eiHsKKpL842qGqVSCkknX19T+ANyuetjP6MMXLQ68J40fdC0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058873; c=relaxed/simple; bh=FgAUUyV1MDvZkTz7JnnyYFwbSqhWi5NqZwiEXYYaS7I=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=s3Jqcv+rX0Y2szbzQZ3Stn9/btgAzNIF6IACDm/JQuK1CBZNHK8s7qjflgd7OjaItjaaM+PznEdv3oeRSWpxnVwt1scCy8bK56N4o6+8xYIBmt0IDk/DUrsdnDY/t04d53gh0APrgo40ScRJ6PsyFNDsoid3sAcPrRoX3VlgXEY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=eB2s1MlK; arc=none smtp.client-ip=209.85.166.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="eB2s1MlK" Received: by mail-il1-f174.google.com with SMTP id e9e14a558f8ab-365ab9e9e31so3141815ab.1 for ; Tue, 27 Feb 2024 10:34:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709058870; x=1709663670; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=umW6ITmvhnDwygddF7KsD8tUJ2f4ZMQky8Xm+flAW6A=; b=eB2s1MlKcS+in/cmGubX9vWQANcCX6ZXhglpO1kkcFENL9SUz76Uw1PJ1YS6r26EMu q2lEJENg5Or4qFENM24Y0h6E5jxnx6d6dOOqzHNdciEMrtcRvVbbhrvTvEXyXp4bER6a Mr8meLl0Bo7DU3QQxY1NQD1r7IH2IHqXcYpGrJZH8vk8TYPZ7LcfHYsNLCsE92CKr5IH ZsLRFC1lGywjQNbils3yA9mmBNoZZipmylOx6gFl34QMpdC4/5IH8Z00gTKNqBrQVnq4 MIET9XgM7+OFdwOoep3UzaWjut5YM3LNWaxBI3NWH2rlXGSSLrsZsD6S5AuA/4Kg8SZS awMA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709058870; x=1709663670; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=umW6ITmvhnDwygddF7KsD8tUJ2f4ZMQky8Xm+flAW6A=; b=fsX2zu/K37OL+L66QV1R057CYvNStnGG9qsXvH2PmeO4TY2aQ7vTnV10gHtjGtLuG6 aQyKGYFEWuh7OeNEnjGZ4rivo5J5MaeezqQui8GvWUZcvqPT4fBXPEUnVWxhLUxgWVU2 k2Fo8cwW3tZAQ4nn3uvFXvhfCTfBUrqCz8phZPRzLqst2xlOVj1HWrplAe9y9jK2UhiX ix+XAnzcfOo9+QoCGDpdf7WqGm3hELuFhvqn+LxqHJqWlCgo1xMX8fGSqO3j0yO+mq39 fs+jujX20Lke5U2yM92WbALW+zXYrhvUczEUnI/88kLyBNCffCsZyBjTKWgR/EHainqp SP1A== X-Gm-Message-State: AOJu0Yx9cTTPpqkO2ITGyTtwZuxghrj8J4xwXFzCjf0vg+4ztu6gAcxW W1AjYB0riCBg0i5YZawiqTrc4U7R145/C0IAd23ENu7/q7ogvcevlHVEd26S X-Google-Smtp-Source: AGHT+IHBL33Q/hMV2wBSI+E2uPBN7l8lEIetcruMlBg0f0g62tbWjfDjbH+WN3yiV5cPmfS3P5qSfg== X-Received: by 2002:a05:6e02:13e3:b0:363:d8dc:2a31 with SMTP id w3-20020a056e0213e300b00363d8dc2a31mr10766508ilj.14.1709058870706; Tue, 27 Feb 2024 10:34:30 -0800 (PST) Received: from LOCLAP699.rst-02.locus ([208.195.13.130]) by smtp.gmail.com with ESMTPSA id jy2-20020a05622a818200b0042e3468a98csm3819617qtb.4.2024.02.27.10.34.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 10:34:30 -0800 (PST) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 08/11] auto-t: add HostapdCLI.sta_status Date: Tue, 27 Feb 2024 10:34:02 -0800 Message-Id: <20240227183405.257206-8-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240227183405.257206-1-prestwoj@gmail.com> References: <20240227183405.257206-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Gets information about a specific STA hostapd is tracking. This object will contain detailed information such as the SAE group number used. --- autotests/util/hostapd.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/autotests/util/hostapd.py b/autotests/util/hostapd.py index cee08092..2f92e330 100644 --- a/autotests/util/hostapd.py +++ b/autotests/util/hostapd.py @@ -306,6 +306,22 @@ class HostapdCLI(object): return ret + def sta_status(self, address): + ret = {} + + cmd = self.cmdline + ['sta', address] + proc = ctx.start_process(cmd) + proc.wait() + status = proc.out.strip().split('\n') + + # Pop address + status.pop(0) + for kv in status: + k, v = kv.split('=', 1) + ret[k] = v + + return ret + @property def bssid(self): return self._get_status()['bssid[0]'] From patchwork Tue Feb 27 18:34:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13574283 Received: from mail-qt1-f174.google.com (mail-qt1-f174.google.com [209.85.160.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 70E4E3D387 for ; Tue, 27 Feb 2024 18:34:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.174 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058875; cv=none; b=kV1gq0WdBu1BjlBgCZxFCKtKYbYgxYm37u9CklBy1mLlwld8uQlGL+Ly0B7XjkJVvTEsvWOYM/ATPryttpii8kzZFzUV5wmegb7WW7IrSOwdMn7MeoSneTTsYMZdjmQsXJjU4C+g3kXPmPgV7VImelFf4MJdzCkSGtFnXHpcnu8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058875; c=relaxed/simple; bh=C2oBGYtyMPypzP4YY1YfmK0cdVDHw3CoOx8CnrtSnuk=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=qK1st3nkdioSzrh0kzzPhVwf5yegaer5EhqO2WkJGeIiAhXavDx+ty2B0s9SNBv07+16ok2i8KDkv2D/MIbBtNqdDTcgDIApOl2FIim6Qvax4a01E67MBfnGDAswYNZ2YlnGcurrkwH7HMVfK8ia+qnlgt57Go0AW0IQc/+lQuI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=ndG3tnsu; arc=none smtp.client-ip=209.85.160.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ndG3tnsu" Received: by mail-qt1-f174.google.com with SMTP id d75a77b69052e-42e64e45214so21991581cf.1 for ; Tue, 27 Feb 2024 10:34:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709058872; x=1709663672; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ViijEWyRzRx0rjKZYc/CiH+U1ZvPILB8ubaiG80GX2g=; b=ndG3tnsuJ+8+m2mRIAqkCUoWSaOKpUaAwnZ1UrrtxKfSmlwdkvvr0pC0cR0Sz6Rm0Y c8tQNDsJG/uHS159fFqwed8Zv0F3AQmdOw8G//9U/lXG0KplVI2/90X1/PX+iGy1iYkj wMUvUi6EmeWmYDwP5DUJKimbwJuPmehs4AnWth5SxSS+taJMlDeiFG56WhiMKn/ayyuu PM8nvhBfTZhZN+h9w9xTJBU3fNPeWMiPWKAUXOG9Q77WiBlCThbuHrtHbp55+swngBGW OkJUiR6Y/etI7spXZIHgPBx3vKS6tvYjRyLRMHp909aVINkqO0TzNvdMSnABcRS0MsHA wHVA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709058872; x=1709663672; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ViijEWyRzRx0rjKZYc/CiH+U1ZvPILB8ubaiG80GX2g=; b=W6lXJzAxrj32BgD2Qr2LYq5QZ5h9hehUJNkooCgQte6eihvEbsHXSywGADv4k4BIfV iRNR38lVm2/57o9iR9/AOGde72B2hhcnNMbbb7RTTLlu5itkvQ80YfU2jbsSqvWp1SWk 1pa0EV8k7tF7FE82Bb7K/NrnIirSJxNunM4jiAYKDv1cvsbk+oG/sNWEqwDF8eoOSjSi sc5NTuetcOJxYlx7Rh1Zc5B5fMM/ov40dGmxtOItUrSw4ap1Bwuwy4XpckRosBZtUXfk y2tP2PoBVm22ZpSGxdl4YFp7zXl0mrHp/BWnV7a3UOTSz86sGEbRXFY0u/A2txYUtzUZ GbTA== X-Gm-Message-State: AOJu0Yxp+POTOcMd5o6KnJC4D+Lucaut0ayql6/RIpIUjQx7BB1qMyET 4tGKT0ew1XouhqWcgKC+IthXBQ17X3b0YdWHcyb9LcAl3lvwOHUccfuyj/wh X-Google-Smtp-Source: AGHT+IGTh0m97EHtRyBcx202UhyUHRVzf4gpyPMDQFDKrWotl92K9F/pXCNYF+Ec/JXCbEAgTT1Y4A== X-Received: by 2002:a05:622a:28f:b0:42e:8f31:9172 with SMTP id z15-20020a05622a028f00b0042e8f319172mr5114133qtw.45.1709058872054; Tue, 27 Feb 2024 10:34:32 -0800 (PST) Received: from LOCLAP699.rst-02.locus ([208.195.13.130]) by smtp.gmail.com with ESMTPSA id jy2-20020a05622a818200b0042e3468a98csm3819617qtb.4.2024.02.27.10.34.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 10:34:31 -0800 (PST) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 09/11] auto-t: refactor/fix testSAE Date: Tue, 27 Feb 2024 10:34:03 -0800 Message-Id: <20240227183405.257206-9-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240227183405.257206-1-prestwoj@gmail.com> References: <20240227183405.257206-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The SAE test made some assumptions on certain conditions due to there being no way of checking if those conditions were met Mainly the use of H2E/hunt-and-peck. We assumed that when we told hostapd to use H2E or hunt/peck it would but in reality it was not. Hostapd is apparently not very good at swapping between the two with a simple "reload" command. Once H2E is enabled it appears that it cannot be undone. Similarly the vendor elements seem to carry over from test to test, and sometimes not which causes unintended behavior. To fix this create separate APs for the specific scenario being tested: - Hunt and peck - H2E - Special vendor_element simulating buggy APs Another issue found was that if password identifies are used hostapd automatically chooses H2E which was not intented, at least based on the test names (in reality it wasn't causing any problems). The tests have also been improved to use hostapds "sta_status" command which contains the group number used when authenticating, so now that at least can be verified. --- autotests/testSAE/autoconnect_test.py | 32 +++++++------- autotests/testSAE/connection_test.py | 42 +++++++++---------- autotests/testSAE/hw.conf | 3 +- .../ssidSAE-H2E.psk.default} | 0 .../testSAE/profiles/ssidSAE.psk.default | 2 + .../{ => profiles}/ssidSAE.psk.identifier | 0 autotests/testSAE/ssidSAE-H2E.conf | 12 ++++++ autotests/testSAE/ssidSAE.conf | 1 - 8 files changed, 52 insertions(+), 40 deletions(-) rename autotests/testSAE/{ssidSAE.psk.default => profiles/ssidSAE-H2E.psk.default} (100%) create mode 100644 autotests/testSAE/profiles/ssidSAE.psk.default rename autotests/testSAE/{ => profiles}/ssidSAE.psk.identifier (100%) create mode 100644 autotests/testSAE/ssidSAE-H2E.conf diff --git a/autotests/testSAE/autoconnect_test.py b/autotests/testSAE/autoconnect_test.py index 4ce3b845..605de14d 100644 --- a/autotests/testSAE/autoconnect_test.py +++ b/autotests/testSAE/autoconnect_test.py @@ -12,8 +12,7 @@ from hostapd import HostapdCLI class Test(unittest.TestCase): - def validate_connection(self, wd): - + def validate_connection(self, wd, ssid): devices = wd.list_devices(1) self.assertIsNotNone(devices) device = devices[0] @@ -25,7 +24,7 @@ class Test(unittest.TestCase): condition = 'obj.connected_network is not None' wd.wait_for_object_condition(device, condition) - ordered_network = device.get_ordered_network('ssidSAE') + ordered_network = device.get_ordered_network(ssid) self.assertTrue(ordered_network.network_object.connected) @@ -35,29 +34,27 @@ class Test(unittest.TestCase): wd.wait_for_object_condition(ordered_network.network_object, condition) def test_SAE(self): - IWD.copy_to_storage("ssidSAE.psk.default", name="ssidSAE.psk") + IWD.copy_to_storage("profiles/ssidSAE.psk.default", name="ssidSAE.psk") self.hostapd.wait_for_event("AP-ENABLED") wd = IWD(True) - self.validate_connection(wd) + self.validate_connection(wd, "ssidSAE") def test_SAE_H2E(self): - IWD.copy_to_storage("ssidSAE.psk.default", name="ssidSAE.psk") - self.hostapd.set_value('sae_pwe', '1') - self.hostapd.set_value('sae_groups', '20') - self.hostapd.reload() - self.hostapd.wait_for_event("AP-ENABLED") + IWD.copy_to_storage("profiles/ssidSAE.psk.default", name="ssidSAE-H2E.psk") + self.hostapd_h2e.set_value('sae_groups', '20') + self.hostapd_h2e.reload() + self.hostapd_h2e.wait_for_event("AP-ENABLED") wd = IWD(True) - self.validate_connection(wd) + self.validate_connection(wd, "ssidSAE-H2E") def test_SAE_H2E_password_identifier(self): - IWD.copy_to_storage("ssidSAE.psk.identifier", name="ssidSAE.psk") - self.hostapd.set_value('sae_pwe', '1') - self.hostapd.set_value('sae_groups', '20') - self.hostapd.reload() - self.hostapd.wait_for_event("AP-ENABLED") + IWD.copy_to_storage("profiles/ssidSAE.psk.identifier", name="ssidSAE-H2E.psk") + self.hostapd_h2e.set_value('sae_groups', '20') + self.hostapd_h2e.reload() + self.hostapd_h2e.wait_for_event("AP-ENABLED") wd = IWD(True) - self.validate_connection(wd) + self.validate_connection(wd, "ssidSAE-H2E") def setUp(self): self.hostapd.default() @@ -68,6 +65,7 @@ class Test(unittest.TestCase): @classmethod def setUpClass(cls): cls.hostapd = HostapdCLI(config='ssidSAE.conf') + cls.hostapd_h2e = HostapdCLI(config='ssidSAE-H2E.conf') if __name__ == '__main__': unittest.main(exit=True) diff --git a/autotests/testSAE/connection_test.py b/autotests/testSAE/connection_test.py index ecb464e2..f7776385 100644 --- a/autotests/testSAE/connection_test.py +++ b/autotests/testSAE/connection_test.py @@ -13,7 +13,7 @@ import testutil class Test(unittest.TestCase): - def validate_connection(self, wd): + def validate_connection(self, wd, ssid, hostapd, expected_group): psk_agent = PSKAgent("secret123") wd.register_psk_agent(psk_agent) @@ -23,11 +23,11 @@ class Test(unittest.TestCase): device.disconnect() - network = device.get_ordered_network('ssidSAE', full_scan=True) + network = device.get_ordered_network(ssid, full_scan=True) self.assertEqual(network.type, NetworkType.psk) - network.network_object.connect() + network.network_object.connect(wait=False) condition = 'obj.state == DeviceState.connected' wd.wait_for_object_condition(device, condition) @@ -35,7 +35,11 @@ class Test(unittest.TestCase): wd.wait(2) testutil.test_iface_operstate(intf=device.name) - testutil.test_ifaces_connected(if0=device.name, if1=self.hostapd.ifname) + testutil.test_ifaces_connected(if0=device.name, if1=hostapd.ifname) + + sta_status = hostapd.sta_status(device.address) + + self.assertEqual(int(sta_status["sae_group"]), expected_group) device.disconnect() @@ -46,37 +50,31 @@ class Test(unittest.TestCase): def test_SAE(self): self.hostapd.wait_for_event("AP-ENABLED") - self.validate_connection(self.wd) + self.validate_connection(self.wd, "ssidSAE", self.hostapd, 19) def test_SAE_force_group_19(self): # Vendor data from APs which require group 19 be used first - # TODO: (for all tests) verify the expected group was used - self.hostapd.set_value('vendor_elements', 'dd0cf4f5e8050500000000000000') self.hostapd.reload() self.hostapd.wait_for_event("AP-ENABLED") - self.validate_connection(self.wd) + self.validate_connection(self.wd, "ssidSAE-default-group", self.hostapd_defgroup, 19) def test_SAE_Group20(self): self.hostapd.set_value('sae_groups', '20') - self.hostapd.set_value('vendor_elements', '') self.hostapd.reload() self.hostapd.wait_for_event("AP-ENABLED") - self.validate_connection(self.wd) + self.validate_connection(self.wd, "ssidSAE", self.hostapd, 20) def test_SAE_H2E(self): - self.hostapd.set_value('sae_pwe', '1') - self.hostapd.set_value('vendor_elements', '') - self.hostapd.reload() - self.hostapd.wait_for_event("AP-ENABLED") - self.validate_connection(self.wd) + self.hostapd_h2e.set_value('sae_groups', '19') + self.hostapd_h2e.reload() + self.hostapd_h2e.wait_for_event("AP-ENABLED") + self.validate_connection(self.wd, "ssidSAE-H2E", self.hostapd_h2e, 19) def test_SAE_H2E_Group20(self): - self.hostapd.set_value('sae_pwe', '1') - self.hostapd.set_value('sae_groups', '20') - self.hostapd.set_value('vendor_elements', '') - self.hostapd.reload() - self.hostapd.wait_for_event("AP-ENABLED") - self.validate_connection(self.wd) + self.hostapd_h2e.set_value('sae_groups', '20') + self.hostapd_h2e.reload() + self.hostapd_h2e.wait_for_event("AP-ENABLED") + self.validate_connection(self.wd, "ssidSAE-H2E", self.hostapd_h2e, 20) def setUp(self): self.hostapd.default() @@ -89,6 +87,8 @@ class Test(unittest.TestCase): @classmethod def setUpClass(cls): cls.hostapd = HostapdCLI(config='ssidSAE.conf') + cls.hostapd_h2e = HostapdCLI(config='ssidSAE-H2E.conf') + cls.hostapd_defgroup = HostapdCLI(config='ssidSAE-default-group.conf') @classmethod def tearDownClass(cls): diff --git a/autotests/testSAE/hw.conf b/autotests/testSAE/hw.conf index 72b161b8..cc0836b7 100644 --- a/autotests/testSAE/hw.conf +++ b/autotests/testSAE/hw.conf @@ -1,7 +1,8 @@ [SETUP] -num_radios=2 +num_radios=3 start_iwd=0 hwsim_medium=yes [HOSTAPD] rad0=ssidSAE.conf +rad1=ssidSAE-H2E.conf diff --git a/autotests/testSAE/ssidSAE.psk.default b/autotests/testSAE/profiles/ssidSAE-H2E.psk.default similarity index 100% rename from autotests/testSAE/ssidSAE.psk.default rename to autotests/testSAE/profiles/ssidSAE-H2E.psk.default diff --git a/autotests/testSAE/profiles/ssidSAE.psk.default b/autotests/testSAE/profiles/ssidSAE.psk.default new file mode 100644 index 00000000..abafdb66 --- /dev/null +++ b/autotests/testSAE/profiles/ssidSAE.psk.default @@ -0,0 +1,2 @@ +[Security] +Passphrase=secret123 diff --git a/autotests/testSAE/ssidSAE.psk.identifier b/autotests/testSAE/profiles/ssidSAE.psk.identifier similarity index 100% rename from autotests/testSAE/ssidSAE.psk.identifier rename to autotests/testSAE/profiles/ssidSAE.psk.identifier diff --git a/autotests/testSAE/ssidSAE-H2E.conf b/autotests/testSAE/ssidSAE-H2E.conf new file mode 100644 index 00000000..ea963135 --- /dev/null +++ b/autotests/testSAE/ssidSAE-H2E.conf @@ -0,0 +1,12 @@ +hw_mode=g +channel=1 +ssid=ssidSAE-H2E + +wpa=2 +wpa_key_mgmt=SAE +wpa_pairwise=CCMP +sae_password=secret123 +sae_password=withidentifier|id=myidentifier +sae_groups=19 +ieee80211w=2 +sae_pwe=1 diff --git a/autotests/testSAE/ssidSAE.conf b/autotests/testSAE/ssidSAE.conf index f5ce537d..4ec254aa 100644 --- a/autotests/testSAE/ssidSAE.conf +++ b/autotests/testSAE/ssidSAE.conf @@ -6,7 +6,6 @@ wpa=2 wpa_key_mgmt=SAE wpa_pairwise=CCMP sae_password=secret123 -sae_password=withidentifier|id=myidentifier sae_groups=19 ieee80211w=2 sae_pwe=0 From patchwork Tue Feb 27 18:34:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13574284 Received: from mail-qt1-f174.google.com (mail-qt1-f174.google.com [209.85.160.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 566A73C490 for ; Tue, 27 Feb 2024 18:34:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.174 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058877; cv=none; b=LpNaOpNArkFX6CUXUNl+Sott0MwwffgMbKx/zkeusq9kpf6PUfBR/6mS2nYmBBYAvmGaAmuW3mli0Ry+5YNxmFNaVG7X4qFFievAMiyMAxUwoP1OkMDlvbDha92QUkPoKnnb9ngtzEPNYq3sI21Xx9opY7IXZOVkh2JPTgDdbPo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058877; c=relaxed/simple; bh=66w25IuOndLJgdyv7iLH9fM1hlzmZNanlT7adaklcwg=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Xz+4WTBf2PegTOPG8/swVu4xywt+LSO3Buh267/NzYVthKnuoOG+4gpN8BmdGs7pir47pBKFY1R6faTMxuK7gjvJLZwFnDgx0E05hH/TjgRdIjZJYFxYS+/lJSXok7tC2rq2Jz0uFy4gXsaqI1792JVEixADOmCxqXDMmxlw2+4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Ewz8l8aQ; arc=none smtp.client-ip=209.85.160.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Ewz8l8aQ" Received: by mail-qt1-f174.google.com with SMTP id d75a77b69052e-42e86f37a0eso16783291cf.0 for ; Tue, 27 Feb 2024 10:34:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709058874; x=1709663674; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=OCExoPFDaT1PolX168XrZ+APvd2AQKpbGCE4am2tuHw=; b=Ewz8l8aQS53RnJoNRrMtK8N6tc50bMQcPjag/htYiIJG+L0pLznZ3v25pjeEpPFEOo ibpyEVF4W8UbBDeiU/tWvgkMVUlyTqDgHrdzUvvCPt4EpVROML/7lG21Xtawku5zjb4m mZ5VZIUZw3qd3rmAds0Ol1VatlzVDjxSJVwDdD3mGWuRDOgvWo4Vcd6rSjfwZSmG4c89 0RPvIRKFOu1kDKgV36STJU9wIKiZi/yJ3msyYLLLA6qUVqyKDL3/nG9B7VPQSwQQmn85 jA6k3n1uO5yojc99njLiFunxmQ0OG7oipjSqT1EirsqVbVnu8/h9WlAffPOk4D4It2Yg iU3w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709058874; x=1709663674; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=OCExoPFDaT1PolX168XrZ+APvd2AQKpbGCE4am2tuHw=; b=Cb3d9hfkBdbnS4ug67BhuWu2M0PvolfEJSEeroaCTljzSCNTF3xBOg5ikjIEgySZsR NwUcdnHVR9OOn3sJvPxJQ5/PawD9Kz7ip40hZZ6FlgaPbcVAqMYiLvhAmYl6LNZBdnM/ 9kmdLHGPuGY7lstupYY+I2sZGMjp1dx3JN3XmCvhHEQp8W4QmzhcA7lWGjr3C/2ctVnX OWNevYIE0qLkWIjF4RAr6FA1yWyQxvO4T2cfNdhesPT4QdeKEARRzq9g9P/Z6JamOH6u BFTH3qTeEgzvxe8c9+J+TAzGRL0olpkxLqAwDSq9PNONTq2Cjz2HybERGUJBtKL+bsMy O+jA== X-Gm-Message-State: AOJu0YxTix8eRS36e68A3D6P6vOW88cq3iMzBM2yEx6DxDSFinHnU8TI boVFk8A62WZ26WDTXgMnGKZaKWqFyyHSBJHFq+oSkBV98J89SguQl+3Cjfms X-Google-Smtp-Source: AGHT+IFkigVeWUCLZOkMe0hFtkLckbLBD+k6DAyohMev94Oj1dzozMi6ivNNOxRNxqbf9Atl1oMW6w== X-Received: by 2002:ac8:5c16:0:b0:42e:68ad:d095 with SMTP id i22-20020ac85c16000000b0042e68add095mr13328259qti.0.1709058874169; Tue, 27 Feb 2024 10:34:34 -0800 (PST) Received: from LOCLAP699.rst-02.locus ([208.195.13.130]) by smtp.gmail.com with ESMTPSA id jy2-20020a05622a818200b0042e3468a98csm3819617qtb.4.2024.02.27.10.34.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 10:34:32 -0800 (PST) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 10/11] auto-t: Add test for new SAE default group behavior Date: Tue, 27 Feb 2024 10:34:04 -0800 Message-Id: <20240227183405.257206-10-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240227183405.257206-1-prestwoj@gmail.com> References: <20240227183405.257206-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Tests the 3 possible options to UseDefaultEccGroup behave as expected: - When not provided use the "auto" behavior. - When false, always use higher order groups - When true, always use default group --- autotests/testSAE/default_group_test.py | 96 +++++++++++++++++++ autotests/testSAE/hw.conf | 3 +- .../profiles/ssidSAE.psk.default_group | 5 + .../testSAE/profiles/ssidSAE.psk.most_secure | 5 + autotests/testSAE/ssidSAE-default-group.conf | 12 +++ 5 files changed, 120 insertions(+), 1 deletion(-) create mode 100644 autotests/testSAE/default_group_test.py create mode 100644 autotests/testSAE/profiles/ssidSAE.psk.default_group create mode 100644 autotests/testSAE/profiles/ssidSAE.psk.most_secure create mode 100644 autotests/testSAE/ssidSAE-default-group.conf diff --git a/autotests/testSAE/default_group_test.py b/autotests/testSAE/default_group_test.py new file mode 100644 index 00000000..d72c96ca --- /dev/null +++ b/autotests/testSAE/default_group_test.py @@ -0,0 +1,96 @@ +#!/usr/bin/python3 + +import unittest +import sys +import os +sys.path.append('../util') +import iwd +from iwd import IWD +from iwd import PSKAgent +from iwd import NetworkType +from hostapd import HostapdCLI +import testutil + +class Test(unittest.TestCase): + + def validate_connection(self, wd, rejected=False): + devices = wd.list_devices(1) + self.assertIsNotNone(devices) + device = devices[0] + + device.autoconnect = True + + if rejected: + device.wait_for_event("ecc-group-rejected", timeout=60) + + condition = 'obj.state == DeviceState.connected' + wd.wait_for_object_condition(device, condition) + + wd.wait(2) + + testutil.test_iface_operstate(intf=device.name) + testutil.test_ifaces_connected(if0=device.name, if1=self.hostapd.ifname) + + if not rejected: + self.assertEqual(device.event_ocurred("ecc-group-rejected"), False) + + print(self.hostapd._get_status()) + + sta_status = self.hostapd.sta_status(device.address) + + print(sta_status) + + self.assertEqual(int(sta_status["sae_group"]), 19) + + device.disconnect() + + # IWD should: + # - Connect, fail with group 20 + # - Retry, succeed with group 19 + # - Disconnect + # - Connect, try only group 19 + def test_auto_selection(self): + IWD.copy_to_storage("profiles/ssidSAE.psk.default", name="ssidSAE.psk") + self.validate_connection(self.wd, rejected=True) + + self.validate_connection(self.wd, rejected=False) + + # Try group 19 first + def test_default_group_enabled(self): + IWD.copy_to_storage("profiles/ssidSAE.psk.default_group", name="ssidSAE.psk") + self.validate_connection(self.wd) + + # Same as auto-selection but won't retain the default group setting + def test_default_group_disabled(self): + IWD.copy_to_storage("profiles/ssidSAE.psk.most_secure", name="ssidSAE.psk") + self.validate_connection(self.wd, rejected=True) + + # IWD should then retry but use only group 19 + self.validate_connection(self.wd, rejected=True) + + def setUp(self): + self.hostapd.default() + self.hostapd.set_value('sae_groups', '19') + self.hostapd.set_value('sae_pwe', '0') + self.hostapd.reload() + self.hostapd.wait_for_event("AP-ENABLED") + self.wd = IWD(True) + + self.wd.clear_storage() + os.system("ls /tmp/iwd") + + def tearDown(self): + self.wd.clear_storage() + self.wd = None + + @classmethod + def setUpClass(cls): + cls.hostapd = HostapdCLI(config='ssidSAE.conf') + cls.hostapd.default() + + @classmethod + def tearDownClass(cls): + pass + +if __name__ == '__main__': + unittest.main(exit=True) diff --git a/autotests/testSAE/hw.conf b/autotests/testSAE/hw.conf index cc0836b7..127bbb31 100644 --- a/autotests/testSAE/hw.conf +++ b/autotests/testSAE/hw.conf @@ -1,8 +1,9 @@ [SETUP] -num_radios=3 +num_radios=4 start_iwd=0 hwsim_medium=yes [HOSTAPD] rad0=ssidSAE.conf rad1=ssidSAE-H2E.conf +rad2=ssidSAE-default-group.conf diff --git a/autotests/testSAE/profiles/ssidSAE.psk.default_group b/autotests/testSAE/profiles/ssidSAE.psk.default_group new file mode 100644 index 00000000..2a016107 --- /dev/null +++ b/autotests/testSAE/profiles/ssidSAE.psk.default_group @@ -0,0 +1,5 @@ +[Security] +Passphrase=secret123 + +[Settings] +UseDefaultEccGroup=true diff --git a/autotests/testSAE/profiles/ssidSAE.psk.most_secure b/autotests/testSAE/profiles/ssidSAE.psk.most_secure new file mode 100644 index 00000000..3a511991 --- /dev/null +++ b/autotests/testSAE/profiles/ssidSAE.psk.most_secure @@ -0,0 +1,5 @@ +[Security] +Passphrase=secret123 + +[Settings] +UseDefaultEccGroup=false \ No newline at end of file diff --git a/autotests/testSAE/ssidSAE-default-group.conf b/autotests/testSAE/ssidSAE-default-group.conf new file mode 100644 index 00000000..752e9c7b --- /dev/null +++ b/autotests/testSAE/ssidSAE-default-group.conf @@ -0,0 +1,12 @@ +hw_mode=g +channel=1 +ssid=ssidSAE-default-group + +wpa=2 +wpa_key_mgmt=SAE +wpa_pairwise=CCMP +sae_password=secret123 +sae_groups=19 +ieee80211w=2 +sae_pwe=0 +vendor_elements=dd0cf4f5e8050500000000000000 From patchwork Tue Feb 27 18:34:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13574285 Received: from mail-qt1-f174.google.com (mail-qt1-f174.google.com [209.85.160.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A83233D387 for ; Tue, 27 Feb 2024 18:34:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.160.174 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058878; cv=none; b=u5fL/3y2CnF4R6RvqOisooFh5Hg8Cs6hGnDatqnGgb0L/pzsg6/a9uFno165TvlavsQ0oPljfyF+nAaifPqDNiukTjDo6mTENyX67LEB7oPyOyIiOa5chj0DtT3CD66UnKnck/6QUilgrkQClZ8ao99SN0oQyLabgaxXeVDQuFY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709058878; c=relaxed/simple; bh=u4/CapjLYiKQXd7+rGdv+iSe17B8CmqHvNF5qDElwMM=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=CZ2K786zQC58cwI2Oyf0wKOWvbUumPGjw6KXZ52/azL58pQfIbmdbzWXIbUdQCcFOC0mF0Ygxh0XE0RrLWT8zuEYN278aNavobZXorPXMnnIXRKNhSgdSG8KfAY16i3crWOvQfSNjz5Yc9lWWVqyyD4CqdzP4Mxf79d6ldiN1NI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=LnvfNYKR; arc=none smtp.client-ip=209.85.160.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="LnvfNYKR" Received: by mail-qt1-f174.google.com with SMTP id d75a77b69052e-429de32dad9so30311211cf.2 for ; Tue, 27 Feb 2024 10:34:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709058875; x=1709663675; darn=lists.linux.dev; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Rg2PNCZPcwjXqnwYpcqy+L+PMJ8eAB5YOS7ZXv6a7Ys=; b=LnvfNYKRhRV5U0UGEkCoygyoDQ4qm1fBqxjthHT0pIDXyMX3PrWaez+i5+rIaGU2a/ ouTYL8Wgb7lHnt51u0ihbJVfdieMuOKds91rgShsOsuExRBe8xbkXkMwfFgJnjwtNPtA 57vpW2WiHF3A2P9lR1BoJcDl1jbOVoQck/8kDgmgVtazbG2p/AwHRlKSHNCBaRL4fiLD RrmaxlUxKo6haX4TBjZM27+6j29Xvds1GODwhAOolopPxOlekP+XjyffFD4bCe1ukgOL nILbxBPdhByVIG5qPOmph99LWMwwSDDvt3bhXCsoR9dYLArfZNc7cu1PJmtHPcENw2G2 oHVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709058875; x=1709663675; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Rg2PNCZPcwjXqnwYpcqy+L+PMJ8eAB5YOS7ZXv6a7Ys=; b=Eby7HAJx9w6O34pidqmh2Z+b8s0zx3IDP66lsZJB4JO0MhKSENvFpgl3AgDIc2xW0l 4QZFNwlPNwQ25BKn+NkYAJjNIv+WzYZUnnwwPHtviBa71pLPZaA4AlPkcIOTYJ0Gmeme 0jxbn2noT0vAcuiDuW2/4QMqTDhNQ79Jk2g9vZv7ZEXe1FE5/Y73ltXHdR0eN4hwQlMw q8cL4OkZ0akvThKZXIC45dCdCjAztmiEh6s9rMmLY2WpwGfkgbU+fcyKShoGufCUV9PK jCP0a+fXMgHJ0sfQyw3U84S+HpiPUBJ+uYd1mJxWdZu5hGSa7W/JihFjjwo0iO+1g8dm CKoQ== X-Gm-Message-State: AOJu0Yycw5yM2eqK/hvT4gR9Mzf3yedDYKa8j+LIYExdhhTid//OS4ks KvDqj2tas47ThmsPZiiaOWGbOZxBdoSVWAZTHljHgURYwlx2WVJtxOIxV7RH X-Google-Smtp-Source: AGHT+IHP4b9lUB6zmZ7BsffWpou7BEK3o/FkoVHEdiphX0ct+7g+TOG5wUoh9ArUty5GAg6vDQHzKQ== X-Received: by 2002:ac8:5f11:0:b0:42e:5f6d:8f2d with SMTP id x17-20020ac85f11000000b0042e5f6d8f2dmr11956245qta.54.1709058875441; Tue, 27 Feb 2024 10:34:35 -0800 (PST) Received: from LOCLAP699.rst-02.locus ([208.195.13.130]) by smtp.gmail.com with ESMTPSA id jy2-20020a05622a818200b0042e3468a98csm3819617qtb.4.2024.02.27.10.34.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 10:34:35 -0800 (PST) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH 11/11] auto-t: add OWE test for auto default group Date: Tue, 27 Feb 2024 10:34:05 -0800 Message-Id: <20240227183405.257206-11-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240227183405.257206-1-prestwoj@gmail.com> References: <20240227183405.257206-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- autotests/testOWE/connection_test.py | 33 ++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/autotests/testOWE/connection_test.py b/autotests/testOWE/connection_test.py index 1fdc990a..58e6560f 100644 --- a/autotests/testOWE/connection_test.py +++ b/autotests/testOWE/connection_test.py @@ -64,6 +64,39 @@ class Test(unittest.TestCase): self.assertRaises(Exception, testutil.test_ifaces_connected, (hapd0.ifname, device.name, True, True)) + def test_auto_default_group(self): + wd = IWD() + hapd = HostapdCLI(config='ssidOWE-1.conf') + + devices = wd.list_devices(1) + device = devices[0] + + device.get_ordered_network('ssidOWE') + + device.connect_bssid(hapd.bssid) + + condition = 'obj.state == DeviceState.connected' + wd.wait_for_object_condition(device, condition) + + # Should have rejected group 20, but still connected on 19 + self.assertEqual(device.event_ocurred("ecc-group-rejected"), True) + + testutil.test_iface_operstate() + testutil.test_ifaces_connected(device.name, hapd.ifname) + + device.disconnect() + + device.connect_bssid(hapd.bssid) + + condition = 'obj.state == DeviceState.connected' + wd.wait_for_object_condition(device, condition) + + # IWD should have used the default group, no rejection + self.assertEqual(device.event_ocurred("ecc-group-rejected"), False) + + testutil.test_iface_operstate() + testutil.test_ifaces_connected(device.name, hapd.ifname) + @classmethod def setUpClass(cls): pass