[PATCH] supplicant: Allow configuring percentage for ignore_auth_resp

greearb at candelatech.com greearb at candelatech.com
Tue Jan 24 12:23:31 PST 2017 

From: Ben Greear <greearb at candelatech.com>

This lets one configure a station to drop a percentage
(including 0 and 100%) of the RX management frames to
aid testing applications.

The value is moved to the config section so that it can be
defined in a supplicant config file.  There is a functional
change in that before you could reset a station through
wpa_cli and it would clear the ignore_auth_resp value,
and now you would have to explicitly clear it since it is
a configuration.

To enable the feature, you must compile with CONFIG_TESTING_OPTIONS
enabled.

Signed-off-by: Ben Greear <greearb at candelatech.com>
---
 tests/hwsim/test_ap_roam.py        |  4 ++--
 wpa_supplicant/config.c            |  6 ++++++
 wpa_supplicant/config.h            |  8 ++++++++
 wpa_supplicant/ctrl_iface.c        |  3 +--
 wpa_supplicant/defconfig           |  4 ++++
 wpa_supplicant/events.c            | 23 +++++++++++++++++------
 wpa_supplicant/wpa_supplicant.c    |  5 +++--
 wpa_supplicant/wpa_supplicant.conf |  7 +++++++
 wpa_supplicant/wpa_supplicant_i.h  |  5 ++++-
 9 files changed, 52 insertions(+), 13 deletions(-)

diff --git a/tests/hwsim/test_ap_roam.py b/tests/hwsim/test_ap_roam.py
index 6f8b8d9..e98642b 100644
--- a/tests/hwsim/test_ap_roam.py
+++ b/tests/hwsim/test_ap_roam.py
@@ -85,7 +85,7 @@ def test_ap_reconnect_auth_timeout(dev, apdev, params):
 
     wpas.scan_for_bss(bssid1, freq=2412)
     wpas.request("DISCONNECT")
-    if "OK" not in wpas.request("SET ignore_auth_resp 1"):
+    if "OK" not in wpas.request("SET ignore_auth_resp 65535"):
         raise Exception("SET ignore_auth_resp failed")
     if "OK" not in wpas.request("ENABLE_NETWORK " + str(id)):
         raise Exception("ENABLE_NETWORK failed")
@@ -123,7 +123,7 @@ def test_ap_roam_with_reassoc_auth_timeout(dev, apdev, params):
 
     if "OK" not in wpas.request("SET_NETWORK " + str(id) + " bssid " + bssid1):
         raise Exception("SET_NETWORK failed")
-    if "OK" not in wpas.request("SET ignore_auth_resp 1"):
+    if "OK" not in wpas.request("SET ignore_auth_resp 65535"):
         raise Exception("SET ignore_auth_resp failed")
     if "OK" not in wpas.request("REASSOCIATE"):
         raise Exception("REASSOCIATE failed")
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index 31f0d16..9a1cc36 100644
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -3831,6 +3831,9 @@ struct wpa_config * wpa_config_alloc_empty(const char *ctrl_interface,
 #endif
 	config->concurrent_assoc_ok = DEFAULT_CONCURRENT_ASSOC_OK;
 	config->accept_external_scan_results = DEFAULT_ACCEPT_EXTERNAL_SCAN_RESULTS;
+#if CONFIG_TESTING_OPTIONS
+	config->ignore_auth_resp = DEFAULT_IGNORE_AUTH_RESP;
+#endif
 
 	return config;
 }
@@ -4548,6 +4551,9 @@ static const struct global_parse_data global_fields[] = {
 	{ INT(disable_ess_roaming), 0 },
 #endif
 	{ INT(concurrent_assoc_ok), 0 },
+#if CONFIG_TESTING_OPTIONS
+	{ INT(ignore_auth_resp), 0 },
+#endif
 	{ INT(accept_external_scan_results), 0 },
 	{ STR(wowlan_triggers), 0 },
 	{ INT(p2p_search_delay), 0},
diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h
index d160458..3600f1f 100644
--- a/wpa_supplicant/config.h
+++ b/wpa_supplicant/config.h
@@ -47,6 +47,7 @@
 #define DEFAULT_WPA_RSC_RELAXATION 1
 #define DEFAULT_MBO_CELL_CAPA MBO_CELL_CAPA_NOT_SUPPORTED
 #define DEFAULT_CHAN_WIDTH 0
+#define DEFAULT_IGNORE_AUTH_RESP 0
 
 #include "config_ssid.h"
 #include "wps/wps.h"
@@ -880,6 +881,13 @@ struct wpa_config {
 	 */
 	int accept_external_scan_results;
 
+#if CONFIG_TESTING_OPTIONS
+	/* Allow users to configure supplicant to drop a percentage of management frames.
+	 * 0 == never, 65535 == always
+	 */
+	unsigned short ignore_auth_resp;
+#endif
+
 	/**
 	 * disassoc_low_ack - Disassocicate stations with massive packet loss
 	 */
diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index a49fdd0..45ba550 100644
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -512,7 +512,7 @@ static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s,
 	} else if (os_strcasecmp(cmd, "p2p_go_csa_on_inv") == 0) {
 		wpa_s->p2p_go_csa_on_inv = !!atoi(value);
 	} else if (os_strcasecmp(cmd, "ignore_auth_resp") == 0) {
-		wpa_s->ignore_auth_resp = !!atoi(value);
+		wpa_s->conf->ignore_auth_resp = atoi(value);
 	} else if (os_strcasecmp(cmd, "ignore_assoc_disallow") == 0) {
 		wpa_s->ignore_assoc_disallow = !!atoi(value);
 	} else if (os_strcasecmp(cmd, "reject_btm_req_reason") == 0) {
@@ -7438,7 +7438,6 @@ static void wpa_supplicant_ctrl_iface_flush(struct wpa_supplicant *wpa_s)
 	wpa_s->extra_roc_dur = 0;
 	wpa_s->test_failure = WPAS_TEST_FAILURE_NONE;
 	wpa_s->p2p_go_csa_on_inv = 0;
-	wpa_s->ignore_auth_resp = 0;
 	wpa_s->ignore_assoc_disallow = 0;
 	wpa_s->reject_btm_req_reason = 0;
 	wpa_sm_set_test_assoc_ie(wpa_s->wpa, NULL);
diff --git a/wpa_supplicant/defconfig b/wpa_supplicant/defconfig
index 3540a62..450f3a4 100644
--- a/wpa_supplicant/defconfig
+++ b/wpa_supplicant/defconfig
@@ -575,3 +575,7 @@ CONFIG_PEERKEY=y
 
 # Mesh Networking (IEEE 802.11s)
 #CONFIG_MESH=y
+
+
+# Enable some testing options code?  Not intended for production code.
+#CONFIG_TESTING_OPTIONS=y
diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
index f93c085..828019f 100644
--- a/wpa_supplicant/events.c
+++ b/wpa_supplicant/events.c
@@ -1223,6 +1223,15 @@ struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s,
 	return NULL;
 }
 
+#ifdef CONFIG_TESTING_OPTIONS
+/** Return value that is 0 to (65535-1). */
+unsigned short os_random_16()
+{
+	int rnd = os_random();
+	unsigned short rv = rnd % 65535;
+	return rv;
+}
+#endif
 
 static struct wpa_bss *
 wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s,
@@ -3716,9 +3725,10 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
 		break;
 	case EVENT_ASSOC:
 #ifdef CONFIG_TESTING_OPTIONS
-		if (wpa_s->ignore_auth_resp) {
-			wpa_printf(MSG_INFO,
-				   "EVENT_ASSOC - ignore_auth_resp active!");
+		if (wpa_s->conf->ignore_auth_resp &&
+		    (os_random_16() < wpa_s->conf->ignore_auth_resp)) {
+			wpa_dbg(wpa_s, MSG_INFO,
+				"EVENT_ASSOC - ignore_auth_resp active!");
 			break;
 		}
 #endif /* CONFIG_TESTING_OPTIONS */
@@ -3737,9 +3747,10 @@ void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
 		break;
 	case EVENT_DEAUTH:
 #ifdef CONFIG_TESTING_OPTIONS
-		if (wpa_s->ignore_auth_resp) {
-			wpa_printf(MSG_INFO,
-				   "EVENT_DEAUTH - ignore_auth_resp active!");
+		if (wpa_s->conf->ignore_auth_resp &&
+		    (os_random_16() < wpa_s->conf->ignore_auth_resp)) {
+			wpa_dbg(wpa_s, MSG_INFO,
+				"EVENT_DEAUTH - ignore_auth_resp active!");
 			break;
 		}
 #endif /* CONFIG_TESTING_OPTIONS */
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index d8e23c9..19a2710 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -3507,8 +3507,9 @@ void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
 	wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
 
 #ifdef CONFIG_TESTING_OPTIONS
-	if (wpa_s->ignore_auth_resp) {
-		wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
+	if (wpa_s->conf->ignore_auth_resp &&
+	    (os_random_16() < wpa_s->conf->ignore_auth_resp)) {
+		wpa_dbg(wpa_s, MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
 		return;
 	}
 #endif /* CONFIG_TESTING_OPTIONS */
diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf
index f0e0a9e..fbe9b25 100644
--- a/wpa_supplicant/wpa_supplicant.conf
+++ b/wpa_supplicant/wpa_supplicant.conf
@@ -1364,6 +1364,13 @@ fast_reauth=1
 # Transitioning between states).
 #fst_llt=100
 
+# Testing logic, not for use in production systems.
+# Value is 0-65535, where 0 means never ignore, 65535 means always
+# ignore, and the range between is a percentage chance.
+# You must enable CONFIG_TESTING_OPTIONS when compiling to enable this.
+#ignore_auth_resp=1000
+
+
 # Example blocks:
 
 # Simple case: WPA-PSK, PSK as an ASCII passphrase, allow all valid ciphers
diff --git a/wpa_supplicant/wpa_supplicant_i.h b/wpa_supplicant/wpa_supplicant_i.h
index fa61f92..b41626a 100644
--- a/wpa_supplicant/wpa_supplicant_i.h
+++ b/wpa_supplicant/wpa_supplicant_i.h
@@ -1050,7 +1050,6 @@ struct wpa_supplicant {
 	enum wpa_supplicant_test_failure test_failure;
 	unsigned int reject_btm_req_reason;
 	unsigned int p2p_go_csa_on_inv:1;
-	unsigned int ignore_auth_resp:1;
 	unsigned int ignore_assoc_disallow:1;
 #endif /* CONFIG_TESTING_OPTIONS */
 
@@ -1117,6 +1116,10 @@ struct wpa_supplicant {
 	struct os_reltime beacon_rep_scan;
 };
 
+#ifdef CONFIG_TESTING_OPTIONS
+/** Return value that is 0 to (65535-1). */
+unsigned short os_random_16();
+#endif
 
 /* wpa_supplicant.c */
 void wpa_supplicant_apply_ht_overrides(
-- 
1.9.3

More information about the Hostap mailing list