From: James Prestwood <prestwoj@gmail.com>
To: iwd@lists.linux.dev
Cc: James Prestwood <prestwoj@gmail.com>
Subject: [PATCH 3/3] auto-t: get DPP PKEX test running reliably
Date: Mon, 13 Nov 2023 06:32:55 -0800 [thread overview]
Message-ID: <20231113143255.278191-3-prestwoj@gmail.com> (raw)
In-Reply-To: <20231113143255.278191-1-prestwoj@gmail.com>
Several tests do not pass due to some additional changes that have
not been merged. Remove these cases and add some hardening after
discovering some unfortunate wpa_supplicant behavior.
- Disable p2p in wpa_supplicant. With p2p enabled an extra device
is created which starts receiving DPP frames and printing
confusing messages.
- Remove extra asserts which don't make sense currently. These
will be added back later as future additions to PKEX are
upstreamed.
- Work around wpa_supplicant retransmit limitation. This is
described in detail in the comment in pkex_test.py
---
autotests/testDPP/pkex_test.py | 56 ++++++++++++++++++++++++++++------
autotests/testDPP/wpas.conf | 1 +
2 files changed, 48 insertions(+), 9 deletions(-)
diff --git a/autotests/testDPP/pkex_test.py b/autotests/testDPP/pkex_test.py
index a568e619..6c5cf054 100644
--- a/autotests/testDPP/pkex_test.py
+++ b/autotests/testDPP/pkex_test.py
@@ -21,6 +21,11 @@ class Test(unittest.TestCase):
self.wpas.dpp_configurator_create()
self.wpas.dpp_listen(2437)
+ def stop_wpas_pkex(self):
+ self.wpas.dpp_pkex_remove()
+ self.wpas.dpp_stop_listen()
+ self.wpas.dpp_configurator_remove()
+
def start_iwd_pkex_configurator(self, device, agent=False):
self.hapd.reload()
self.hapd.wait_for_event('AP-ENABLED')
@@ -38,11 +43,51 @@ class Test(unittest.TestCase):
else:
device.dpp_pkex_configure_enrollee('secret123', identifier="test")
+ #
+ # WPA Supplicant has awful handling of retransmissions and no-ACK
+ # conditions. It only handles retransmitting the exchange request when
+ # there is no-ACK, which makes zero sense since its a broadcast...
+ #
+ # So, really, testing against wpa_supplicant is fragile and dependent on
+ # how the scheduling works out. If IWD doesn't ACK due to being on the
+ # next frequency or in between offchannel requests wpa_supplicant gets
+ # into a state where it thinks a PKEX session has been started (having
+ # received the exchange request) but will only accept commit-reveal
+ # frames. IWD is unaware because it never got a response so it keeps
+ # sending exchange requests which are ignored.
+ #
+ # Nevertheless we should still test against wpa_supplicant for
+ # compatibility so attempt to detect this case and restart the
+ # wpa_supplicant configurator.
+ #
+ def restart_wpas_if_needed(self):
+ i = 0
+
+ while i < 10:
+ data = self.wpas.wait_for_event("DPP-RX")
+ self.assertIn("type=7", data)
+
+ data = self.wpas.wait_for_event("DPP-TX")
+ self.assertIn("type=8", data)
+
+ data = self.wpas.wait_for_event("DPP-TX-STATUS")
+ if "result=no-ACK" in data:
+ self.stop_wpas_pkex()
+ self.start_wpas_pkex('secret123', identifier="test")
+ else:
+ return
+
+ i += 1
+
+ raise Exception("wpa_supplicant could not complete PKEX after 10 retries")
+
def test_pkex_iwd_as_enrollee(self):
self.start_wpas_pkex('secret123', identifier="test")
self.device[0].dpp_pkex_enroll('secret123', identifier="test")
+ self.restart_wpas_if_needed()
+
self.wpas.wait_for_event("DPP-AUTH-SUCCESS")
def test_pkex_iwd_as_enrollee_retransmit(self):
@@ -52,6 +97,8 @@ class Test(unittest.TestCase):
self.device[0].dpp_pkex_enroll('secret123', identifier="test")
+ self.restart_wpas_if_needed()
+
self.wpas.wait_for_event("DPP-AUTH-SUCCESS")
def test_pkex_unsupported_version(self):
@@ -121,15 +168,6 @@ class Test(unittest.TestCase):
condition = 'obj.state == DeviceState.connected'
self.wd.wait_for_object_condition(self.device[1], condition)
- self.assertTrue(os.path.exists('/tmp/ns0/ssidCCMP.psk'))
-
- with open('/tmp/ns0/ssidCCMP.psk') as f:
- data = f.read()
-
- self.assertIn("SendHostname", data)
- self.assertIn("SharedCode=secret123", data)
- self.assertIn("ExactConfig=true", data)
-
def test_pkex_configurator_with_agent(self):
self.start_iwd_pkex_configurator(self.device[0], agent=True)
diff --git a/autotests/testDPP/wpas.conf b/autotests/testDPP/wpas.conf
index 521fb29b..19df4350 100644
--- a/autotests/testDPP/wpas.conf
+++ b/autotests/testDPP/wpas.conf
@@ -3,3 +3,4 @@ ctrl_interface=/tmp/rad1-p2p-wpas
update_config=0
pmf=2
dpp_config_processing=2
+p2p_disabled=1
--
2.25.1
next prev parent reply other threads:[~2023-11-13 14:33 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-13 14:32 [PATCH 1/3] auto-t: make test timeout configurable James Prestwood
2023-11-13 14:32 ` [PATCH 2/3] auto-t: add stop APIs and fix some issues wpas.py James Prestwood
2023-11-13 14:32 ` James Prestwood [this message]
2023-11-13 15:48 ` [PATCH 1/3] auto-t: make test timeout configurable Denis Kenzior
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231113143255.278191-3-prestwoj@gmail.com \
--to=prestwoj@gmail.com \
--cc=iwd@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.