Closed Bug 1084230 Opened 8 years ago Closed 8 years ago

[Wifi] Add marionette test for WPA-EAP connection

Categories

(Firefox OS Graveyard :: Wifi, defect)

All
Gonk (Firefox OS)
defect
Not set
normal

Tracking

(firefox40 fixed)

RESOLVED FIXED
2.2 S9 (3apr)
Tracking Status
firefox40 --- fixed

People

(Reporter: chucklee, Assigned: chucklee)

References

Details

Attachments

(1 file, 3 obsolete files)

Try to find a way to test WPA-EAP connection by marionette test on emulator.
PEAP and TTLS are done, TLS still not working.
TLS not working on emulator seems to be we can't listen to keystore socket again fast enought on multiple get command.
But I have no idea how to speed that up.
Hi Thomas,
  As I observed at comment 2, it takes more time(about 30ms in emulator) for unixsocket to disconnect and listen on same unix socket again if client side re-connect to it right away(as wpa_supplicant do while getting certificates from keystore), is there anyway to solve this problem?
Flags: needinfo?(tzimmermann)
Hi Chuck,

30 seconds for connecting is too long, even for the emulator. Can you provide more information on what you're doing and how it's failing?

You're working on Keystore code, and need to call |listen| after see'ing |KeyStore::OnDisconnect|, right? Can you figure out which function call is slow?
Flags: needinfo?(tzimmermann) → needinfo?(chulee)
(In reply to Thomas Zimmermann [:tzimmermann] [:tdz] from comment #4)
> Hi Chuck,
> 
> 30 seconds for connecting is too long, even for the emulator. Can you
> provide more information on what you're doing and how it's failing?

  It's 30 millisecond.

  The flow is wpa_supplicant calls function to read certificate from keystore unix socket in a row [1][2], the actual read function is in [3].
  Based on my debug log, |tls_connection_ca_cert()| is done, and wpa_supplicant calls |tls_connection_client_cert()| right away. befire |KeyStore::onDiscconected()| is called to listen to socket again, so second call fails.
  Following is my debug log:
> 11-03 11:00:11.039 D/wpa_supplicant(  196): ######### tls_connection_ca_cert(openssl)@1413, ca_cert keystore://WIFI_SERVERCERT_client
> 11-03 11:00:11.089 D/Chucklee(   43): ######### KeyStore::OnConnectSuccess()
> 11-03 11:00:11.089 D/Chucklee(   43): ######### KeyStore::ReceiveSocketData(), get WIFI_SERVERCERT_client
> 11-03 11:00:11.180 D/wpa_supplicant(  196): ######### tls_connection_ca_cert(openssl)@1441, ret 0
> 11-03 11:00:11.180 D/wpa_supplicant(  196): ######### tls_connection_client_cert(openssl)@1617, client_cert keystore://WIFI_USERCERT_client
> 11-03 11:00:11.180 D/wpa_supplicant(  196): ######### tls_connection_client_cert(openssl)@1635, ret -1
> 11-03 11:00:11.190 D/Chucklee(   43): ######### KeyStore::OnDisconnect()
> 11-03 11:00:11.190 D/Chucklee(   43): ######### KeyStore::Listen()

[1] https://android.googlesource.com/platform/external/wpa_supplicant_8/+/master/src/crypto/tls_openssl.c#2977, tls_connection_ca_cert()
[2] https://android.googlesource.com/platform/external/wpa_supplicant_8/+/master/src/crypto/tls_openssl.c#2986, tls_connection_client_cert()
[3] https://android.googlesource.com/platform/system/security/+/jb-mr1-dev/keystore/keystore_get.h

> You're working on Keystore code, and need to call |listen| after see'ing
> |KeyStore::OnDisconnect|, right? Can you figure out which function call is
> slow?

Based on the log above, I think it's because OnDisconnect doesn't fast enough to handle such situation.
Maybe it's the limitation of async structure, so I am trying if there's a way to start listen right after socket closes instead of waiting event.
Flags: needinfo?(chulee)
Hi

> > 30 seconds for connecting is too long, even for the emulator. Can you
> > provide more information on what you're doing and how it's failing?
> 
>   It's 30 millisecond.

Oh, mis-read that :D


> Based on the log above, I think it's because OnDisconnect doesn't fast
> enough to handle such situation.
> Maybe it's the limitation of async structure, so I am trying if there's a
> way to start listen right after socket closes instead of waiting event.

Thanks for all the extra information.

That's an inherent race condition and right now, there's no way to handle this reliably. The problem is that we close the listen socket after the first connection has been established; a design choice that was inherited fro the very first versions of the code.

The way to solve this problem is to keep the listen socket open when the first connection is established. I have ideas to implement support for separate listen and stream sockets, but I did not have the time to implement this.
All test cases work fine with new unixcocket structure(bug 1094177), ready for review.
Attachment #8506788 - Attachment is obsolete: true
Attachment #8518761 - Flags: review?(hchang)
Comment on attachment 8518761 [details] [diff] [review]
Marionette test for WPA-EAP connection.

Review of attachment 8518761 [details] [diff] [review]:
-----------------------------------------------------------------

I'm good to the test cases except for the concern mentioned below. Thanks! Besides, does it require any change of hostapd?

::: dom/wifi/test/marionette/head.js
@@ +847,3 @@
>      }
> +
> +    return Promise.all(commands);

I am not sure if the echo commands would be racing. Do you have any idea? I mean the implementation of runEmulatorShellSafe might run the shell commands concurrently. Do you have any idea?
Attachment #8518761 - Flags: review?(hchang) → review+
Make shell commands in writeFile() run in sequence.
Attachment #8518761 - Attachment is obsolete: true
Try test timeout: https://treeherder.mozilla.org/logviewer.html#?job_id=5830540&repo=try
After lookin into log, the cause should be time test cert is expired:
I/hostapd (  396): OpenSSL: openssl_handshake - SSL_connect error:14094415:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate expired

I will update patch with a new test certificate with validation as long as possible.
Update test certificate, now the expiration date is Oct  7 11:28:50 2288 GMT.
Attachment #8520490 - Attachment is obsolete: true
PEAP and TLS passed[1], digging why TTLS can't run successfully on try.

[1] https://treeherder.mozilla.org/logviewer.html#?job_id=6031874&repo=try
Try result shows these tests are not stable: https://treeherder.mozilla.org/#/jobs?repo=try&revision=e30eb0c73f12&exclusion_profile=false

But I never got error running marionette test on my own machine.
So I can't tell it's caused by the test case itself or the try environment, I suggest to land it and keep an eye on it.
Keywords: checkin-needed
https://hg.mozilla.org/integration/b2g-inbound/rev/e99e4351d407

FWIW, I agree that the Mnw results in that Try push are scary-looking. If Mnw were a sheriffed test suite, I wouldn't have been willing to land this patch.
Flags: in-testsuite+
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/e99e4351d407
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → 2.2 S9 (3apr)
Depends on: 1151726
You need to log in before you can comment on or make changes to this bug.