From: James Prestwood <prestwoj@gmail.com>
To: iwd@lists.linux.dev
Cc: James Prestwood <prestwoj@gmail.com>
Subject: [PATCH 3/3] auto-t: get DPP PKEX test running reliably
Date: Mon, 13 Nov 2023 06:32:55 -0800 [thread overview]
Message-ID: <20231113143255.278191-3-prestwoj@gmail.com> (raw)
In-Reply-To: <20231113143255.278191-1-prestwoj@gmail.com>
Several tests do not pass due to some additional changes that have
not been merged. Remove these cases and add some hardening after
discovering some unfortunate wpa_supplicant behavior.
- Disable p2p in wpa_supplicant. With p2p enabled an extra device
is created which starts receiving DPP frames and printing
confusing messages.
- Remove extra asserts which don't make sense currently. These
will be added back later as future additions to PKEX are
upstreamed.
- Work around wpa_supplicant retransmit limitation. This is
described in detail in the comment in pkex_test.py
---
autotests/testDPP/pkex_test.py | 56 ++++++++++++++++++++++++++++------
autotests/testDPP/wpas.conf | 1 +
2 files changed, 48 insertions(+), 9 deletions(-)
diff --git a/autotests/testDPP/pkex_test.py b/autotests/testDPP/pkex_test.py
index a568e619..6c5cf054 100644
--- a/autotests/testDPP/pkex_test.py
+++ b/autotests/testDPP/pkex_test.py
@@ -21,6 +21,11 @@ class Test(unittest.TestCase):
self.wpas.dpp_configurator_create()
self.wpas.dpp_listen(2437)
+ def stop_wpas_pkex(self):
+ self.wpas.dpp_pkex_remove()
+ self.wpas.dpp_stop_listen()
+ self.wpas.dpp_configurator_remove()
+
def start_iwd_pkex_configurator(self, device, agent=False):
self.hapd.reload()
self.hapd.wait_for_event('AP-ENABLED')
@@ -38,11 +43,51 @@ class Test(unittest.TestCase):
else:
device.dpp_pkex_configure_enrollee('secret123', identifier="test")
+ #
+ # WPA Supplicant has awful handling of retransmissions and no-ACK
+ # conditions. It only handles retransmitting the exchange request when
+ # there is no-ACK, which makes zero sense since its a broadcast...
+ #
+ # So, really, testing against wpa_supplicant is fragile and dependent on
+ # how the scheduling works out. If IWD doesn't ACK due to being on the
+ # next frequency or in between offchannel requests wpa_supplicant gets
+ # into a state where it thinks a PKEX session has been started (having
+ # received the exchange request) but will only accept commit-reveal
+ # frames. IWD is unaware because it never got a response so it keeps
+ # sending exchange requests which are ignored.
+ #
+ # Nevertheless we should still test against wpa_supplicant for
+ # compatibility so attempt to detect this case and restart the
+ # wpa_supplicant configurator.
+ #
+ def restart_wpas_if_needed(self):
+ i = 0
+
+ while i < 10:
+ data = self.wpas.wait_for_event("DPP-RX")
+ self.assertIn("type=7", data)
+
+ data = self.wpas.wait_for_event("DPP-TX")
+ self.assertIn("type=8", data)
+
+ data = self.wpas.wait_for_event("DPP-TX-STATUS")
+ if "result=no-ACK" in data:
+ self.stop_wpas_pkex()
+ self.start_wpas_pkex('secret123', identifier="test")
+ else:
+ return
+
+ i += 1
+
+ raise Exception("wpa_supplicant could not complete PKEX after 10 retries")
+
def test_pkex_iwd_as_enrollee(self):
self.start_wpas_pkex('secret123', identifier="test")
self.device[0].dpp_pkex_enroll('secret123', identifier="test")
+ self.restart_wpas_if_needed()
+
self.wpas.wait_for_event("DPP-AUTH-SUCCESS")
def test_pkex_iwd_as_enrollee_retransmit(self):
@@ -52,6 +97,8 @@ class Test(unittest.TestCase):
self.device[0].dpp_pkex_enroll('secret123', identifier="test")
+ self.restart_wpas_if_needed()
+
self.wpas.wait_for_event("DPP-AUTH-SUCCESS")
def test_pkex_unsupported_version(self):
@@ -121,15 +168,6 @@ class Test(unittest.TestCase):
condition = 'obj.state == DeviceState.connected'
self.wd.wait_for_object_condition(self.device[1], condition)
- self.assertTrue(os.path.exists('/tmp/ns0/ssidCCMP.psk'))
-
- with open('/tmp/ns0/ssidCCMP.psk') as f:
- data = f.read()
-
- self.assertIn("SendHostname", data)
- self.assertIn("SharedCode=secret123", data)
- self.assertIn("ExactConfig=true", data)
-
def test_pkex_configurator_with_agent(self):
self.start_iwd_pkex_configurator(self.device[0], agent=True)
diff --git a/autotests/testDPP/wpas.conf b/autotests/testDPP/wpas.conf
index 521fb29b..19df4350 100644
--- a/autotests/testDPP/wpas.conf
+++ b/autotests/testDPP/wpas.conf
@@ -3,3 +3,4 @@ ctrl_interface=/tmp/rad1-p2p-wpas
update_config=0
pmf=2
dpp_config_processing=2
+p2p_disabled=1
--
2.25.1
next prev parent reply other threads:[~2023-11-13 14:33 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-13 14:32 [PATCH 1/3] auto-t: make test timeout configurable James Prestwood
2023-11-13 14:32 ` [PATCH 2/3] auto-t: add stop APIs and fix some issues wpas.py James Prestwood
2023-11-13 14:32 ` James Prestwood [this message]
2023-11-13 15:48 ` [PATCH 1/3] auto-t: make test timeout configurable Denis Kenzior
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231113143255.278191-3-prestwoj@gmail.com \
--to=prestwoj@gmail.com \
--cc=iwd@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox