Commit graph

4512 commits

Author SHA1 Message Date
Jouni Malinen
7f7bfba919 Add an option allow canned EAP-Success for wired IEEE 802.1X
For wired IEEE 802.1X authentication, phase1="allow_canned_success=1"
can now be used to configure a mode that allows EAP-Success (and
EAP-Failure) without going through authentication step. Some switches
use such sequence when forcing the port to be authorized/unauthorized or
as a fallback option if the authentication server is unreachable. By
default, wpa_supplicant discards such frames to protect against
potential attacks by rogue devices, but this option can be used to
disable that protection for cases where the server/authenticator does
not need to be authenticated.

When enabled, this mode allows EAP-Success/EAP-Failure as an immediate
response to EAPOL-Start (or even without EAPOL-Start) and EAP-Success is
also allowed immediately after EAP-Identity exchange (fallback case for
authenticator not being able to connect to authentication server).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-01 19:22:54 +02:00
Jouni Malinen
49fcc32e91 EAP-MSCHAPv2 peer: Add option to disable password retry query
wpa_supplicant used to request user to re-enter username/password if the
server indicated that EAP-MSCHAPv2 (e.g., in PEAP Phase 2)
authentication failed (E=691), but retry is allowed (R=1). This is a
reasonable default behavior, but there may be cases where it is more
convenient to close the authentication session immediately rather than
wait for user to do something.

Add a new "mschapv2_retry=0" option to the phase2 field to allow the
retry behavior to be disabled. This will make wpa_supplicant abort
authentication attempt on E=691 regardless of whether the server allows
retry.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-01 17:45:19 +02:00
Helmut Schaa
66bc6830d5 hostapd: Simplify vlan_add_dynamic error paths
Preparation for upcoming changes.
No functional changes.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
2015-02-01 11:06:24 +02:00
Jouni Malinen
e6dd8196e5 Work around Linux packet socket regression
Linux kernel commit 576eb62598f10c8c7fd75703fe89010cdcfff596 ('bridge:
respect RFC2863 operational state') from 2012 introduced a regression
for using wpa_supplicant with EAPOL frames and a station interface in a
bridge. Since it does not look like this regression is going to get
fixed any time soon (it is already two years from that commit and over
1.5 from a discussion pointing out the regression), add a workaround in
wpa_supplicant to avoid this issue.

The wpa_supplicant workaround uses a secondary packet socket to capture
all frames (ETH_P_ALL) from the netdev that is in a bridge. This is
needed to avoid the kernel regression. However, this comes at the price
of more CPU load. Some of this is avoided with use of Linux socket
filter, but still, this is less efficient than a packet socket bound to
the specific EAPOL ethertype. The workaround gets disabled
automatically, if the main packet socket interface on the bridge
interface turns out to be working for RX (e.g., due to an old kernel
version being used or a new kernel version having a fix for the
regression). In addition, this workaround is only taken into use for the
special case of running wpa_supplicant with an interface in a bridge.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-31 17:21:58 +02:00
Jouni Malinen
7650f9e7d8 Fix resource leaks on rsn_preauth_init() error paths
The l2_packet instances were not freed on some of the rsn_preauth_init()
error paths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-31 13:44:48 +02:00
Jouni Malinen
a565e03086 dhcp_snoop: Make IPv4 addresses human readable in debug log
Use standard numbers-and-dots format for IPv4 in debug logs instead
of hexdump in two different byte orders.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-30 18:55:22 +02:00
Jouni Malinen
2dd4f3aede Fix STA re-bind to another VLAN on reauthentication
Previously, the old VLAN ID could have been deleted before the STA was
bound to the new VLAN in case the RADIUS server changed the VLAN ID
during an association. This did not exactly work well with mac80211, so
reorder the operations in a way that first binds the STA to the new VLAN
ID and only after that, removes the old VLAN interface if no STAs remain
in it.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-30 01:09:51 +02:00
Jouni Malinen
1180dd66a9 WPA auth: Disconnect STA if MSK cannot be fetched
Previously, it was possible for some corner cases to leave the WPA
authenticator state machine running if PMK could not be derived. Change
this to forcefully disconnect the STA to get more consistent behavior
and faster notification of the error.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-29 22:31:41 +02:00
Jouni Malinen
40aaa64f9f WPA auth: Clear temporary MSK storage from stack explicitly
This reduces the duration of time a key may remain unnecessarily in
memory.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-29 22:24:27 +02:00
Jouni Malinen
01b481aff3 Convert couple of remaining printf to wpa_printf in ap_list
This type of error reporting cases should use wpa_printf() to get
consistent debug logging behavior.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-29 21:12:51 +02:00
Jouni Malinen
bfaefd5174 EAP-PEAP server: Fix Phase 2 TLV length in error case
The payload length in a Phase 2 TLV message reporting error was not set
correctly. Fix this to not include the TLVs that are included only in
success case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-28 16:15:58 +02:00
Jouni Malinen
467775c5ac tests: Pending EAP peer processing with VENDOR-TEST
This extends the VENDOR-TEST EAP method peer implementation to allow
pending processing case to be selected at run time. The
ap_wpa2_eap_vendor_test test case is similarly extended to include this
option as the second case for full coverage.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-28 13:09:31 +02:00
Jouni Malinen
ba4226130e Simplify eapol_sm_notify_pmkid_attempt()
Drop the unneeded 'attempt' argument. This was originally used for
indicating an aborted PMKID caching attempt, but a fix in 2006 removed
the only such user and since that time, only attempt == 1 has been used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-28 13:09:31 +02:00
Jouni Malinen
993a865407 Add eap_session_id to wpa_supplicant STATUS output
This makes the current EAP Session-Id available for external programs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-28 13:09:31 +02:00
Jouni Malinen
f19c907822 OpenSSL: Implement aes_wrap() and aes_unwrap()
This replaces the implementation in aes-wrap.c and aes-unwrap.c with
OpenSSL AES_wrap_key() and AES_unwrap_key() functions when building
hostapd or wpa_supplicant with OpenSSL.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-28 13:09:31 +02:00
Jouni Malinen
fee31f76cd OpenSSL: Remove support for versions older than 0.9.8
These have reached out-of-life status in the OpenSSL project and there
is no need to maintain support for them in hostapd/wpa_supplicant
either.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-28 13:09:31 +02:00
Jouni Malinen
8bf3030af6 OpenSSL: Use a common helper function for HMAC
There is no need to duplicate this construction for each hash algorithm.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-28 13:09:31 +02:00
Jouni Malinen
983c6a606b OpenSSL: Replace internal HMAC-MD5 implementation
Use OpenSSL HMAC_* functions to implement HMAC-MD5 instead of depending
on the src/crypto/md5.c implementation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-28 13:09:31 +02:00
Jouni Malinen
fa38860c5e nl80211: Fix build with libnl 1.1
Commit 630b3230c8 ('nl80211: Increase
netlink receive buffer size') added unconditional use of
nl_socket_set_buffer_size() which was not included in libnl 1.1. Fix use
of that old version by making this conditional on CONFIG_LIBNL20.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-27 01:50:02 +02:00
Jouni Malinen
399e61353a Add Suite B AKMs to key_mgmt capability list
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-27 01:43:55 +02:00
Jouni Malinen
5e3b5197cc Add Suite B 192-bit AKM
WPA-EAP-SUITE-B-192 can now be used to select 192-bit level Suite B into
use as the key management method.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-27 01:43:52 +02:00
Jouni Malinen
97ae35a848 Add HMAC-SHA384
For now, this is only implemented with OpenSSL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-27 01:26:51 +02:00
Jouni Malinen
98cd3d1c3b Preparations for variable length KCK and KEK
This modifies struct wpa_ptk to allow the length of KCK and KEK to be
stored. This is needed to allow longer keys to be used, e.g., with
Suite B 192-bit level.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-27 01:26:49 +02:00
Jouni Malinen
30bff1d0f4 Extend AES-CMAC routines to support 256-bit keys
omac1_aes_256() and omac1_aes_vector() can now be used to perform
256-bit CMAC operations similarly to the previously supported 128-bit
cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-24 19:37:42 +02:00
Jouni Malinen
86f9b1c706 nl80211: Fix default group key management index configuration
The correct nl80211 flag for group key management cipher was set only
for BIP (AES-CMAC-128). The same flag needs to be used with the newer
ciphers BIP-CMAC-256, BIP-GMAC-128, and BIP-GMAC-256.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-24 19:37:42 +02:00
Ben Greear
400de9b1fe hostapd: Debug messages for dodgy RADIUS servers
These were helpful when tracking down why hostapd did not work
properly with a RADIUS server.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2015-01-23 01:48:27 +02:00
Ola Olsson
bff162ac76 P2P: Fix NULL pointer dereference with SD query cancellation
A NULL pointer crash was caused by commit
7139cf4a4f ('P2P: Decrement
sd_pending_bcast_queries when sd returns'). p2p->sd_query can be cleared
to NULL whenever a query is cancelled, even in case the request had
already been transmitted. As such, need to be prepared for the query not
remaining when processing TX status callback for the frame.

Crashes on 2ee98 in following code
2ee90:       f7fc f8b6       bl      2b000 <p2p_dbg>
2ee94:       e02c            b.n     2eef0 <p2p_send_action_cb+0x348>
2ee96:       6c25            ldr     r5, [r4, #64]   ; 0x40
2ee98:       68ee            ldr     r6, [r5, #12]
2ee9a:       b166            cbz     r6, 2eeb6 <p2p_send_action_cb+0x30e>

Signed-off-by: Ola Olsson <ola.olsson@sonymobile.com>
2015-01-22 15:49:37 +02:00
Jouni Malinen
630b3230c8 nl80211: Increase netlink receive buffer size
libnl uses a pretty small buffer (32 kB that gets converted to 64 kB) by
default. It is possible to hit that limit in some cases where operations
are blocked, e.g., with a burst of Deauthentication frames to hostapd
and STA entry deletion. Try to increase the buffer to make this less
likely to occur.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-22 13:51:15 +02:00
ASHUTOSH NARAYAN
fb09ed3389 Interworking: Notify the ANQP parsing status
The ANQP verification/parsing is done only after the GAS_DONE indication
is sent over the control interface. This means that in case the ANQP
parsing fails there is no indication to the upper layers. Add an
ANQP-QUERY-DONE event that reports the status of the ANQP parsing.

Signed-off-by: ASHUTOSH NARAYAN <ashutoshx.narayan@intel.com>
2015-01-20 02:26:21 +02:00
Haim Dreyfuss
b62b0cb78a WNM: Fix possible memory leak by free buf
Buf is allocated and may not be freed on an error path.

Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
2015-01-20 02:14:19 +02:00
Ben
9bd0273931 EAP: Fix possible memory leak in eap_ttls_process_decrypted()
In case eap_peer_tls_encrypt() fails in eap_ttls_process_decrypted(),
free resp memory.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-01-20 02:13:15 +02:00
Haim Dreyfuss
b760e64276 eap_server: Avoid NULL pointer dereference in eap_fast_encrypt_phase2()
If TLS encryption fails, encr may be NULL and that would have resulted
in NULL pointer dereference..

Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
2015-01-20 02:11:59 +02:00
Avraham Stern
948d3a8731 hostapd: Remove unused variable from hostapd_get_hw_features
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-01-20 02:10:33 +02:00
Eytan Lifshitz
414f23d8b9 Avoid NULL string in printf on EAP method names in authenticator
In ieee802_1x_decapsulate_radius(), eap_server_get_name() may return
NULL, and it could be dereferenced depending on printf implementation.
Change it to return "unknown" instead for the case of no matching EAP
method found. This makes it easier for the callers to simply print this
in logs (which is the only use for this function).

Signed-off-by: Eytan Lifshitz <eytan.lifshitz@intel.com>
2015-01-20 02:07:22 +02:00
Luciano Coelho
7b7b4449a9 nl80211: Fix reading of the extended capabilities mask
We were copying the NL80211_ATTR_EXT_CAPA attribute into the
extended_capa_mask element, which is incorrect. Use
NL80211_ATTR_EXT_CAPA_MASK instead.

Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
2015-01-20 01:57:59 +02:00
Jouni Malinen
6b46bfa751 WPS: Re-fix an interoperability issue with mixed mode and AP Settings
Commit ce7b56afab ('WPS: Fix an
interoperability issue with mixed mode and AP Settings') added code to
filter M7 Authentication/Encryption Type attributes into a single bit
value in mixed mode (WPA+WPA2) cases to work around issues with Windows
7. This workaround was lost in commit
d7a15d5953 ('WPS: Indicate current AP
settings in M7 in unconfigurated state') that fixed unconfigured state
values in AP Settings, but did not take into account the earlier
workaround for mixed mode.

Re-introduce filtering of Authentication/Encryption Type attributes for
M7 based on the current AP configuration. In other words, merge those
two earlier commits together to include both the earlier workaround the
newer fix.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-19 18:35:59 +02:00
Adrien Decostre
1648cc6427 ACS: Allow subset of channels to be configured
Add the possibility to define a subset of channels used by the ACS
engine when not operating on DFS channels.

Signed-off-by: Adrien Decostre <ad.decostre@gmail.com>
2015-01-19 02:35:43 +02:00
Janusz Dziedzic
95ff306988 nl80211: Allow HT/VHT to be disabled for IBSS
Allow HT/VHT overrides to be used for IBSS.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-19 02:35:43 +02:00
Masashi Honma
7451a217be mesh: Return negative value on join failed
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-01-19 02:35:43 +02:00
Masashi Honma
5a2a6de6a5 mesh: Make inactivity timer configurable
Current mesh code uses ap_max_inactivity as inactivity timer. This patch
makes it configurable.

There is another mesh inactivity timer in mac80211. The timer works even
if user_mpm=1. So this patch sets the max value to the timer for
workaround.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-01-19 02:35:43 +02:00
Masashi Honma
b9749bac81 AP: Expire STA without entry in kernel
If the inactivity check returns that there is no entry remaining for the
STA in the kernel, drop the STA in hostapd as well.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-01-19 02:35:43 +02:00
Masashi Honma
a114c7235a AP: Remove redundant condition for STA expiration
This condition is always true because of surrounding if.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-01-19 02:35:43 +02:00
Jouni Malinen
0d787f0242 Fix RADIUS client with out-of-memory and missing shared secret
It was possible for an out-of-memory code path to trigger NULL pointer
dereference when preparing a RADIUS accounting report.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-19 02:35:43 +02:00
Jouni Malinen
cbc210de09 RADIUS DAS: Allow PMKSA cache entry to be removed without association
This extends Disconnect-Request processing to check against PMKSA cache
entries if no active session (STA association) match the request.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-16 15:55:39 +02:00
Jouni Malinen
4e871ed1c3 RADIUS DAS: Support Acct-Multi-Session-Id as a session identifier
This extends Disconnect-Request support for an additiona session
identification attribute.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-16 13:09:44 +02:00
Jouni Malinen
b52c0d453f Add authMultiSessionId into hostapd STA info
dot1xAuthSessionId was previously used to make Acct-Session-Id available
through the control interface. While there is no IEEE 802.1X MIB
variable for Acct-Multi-Session-Id, it is useful to make this value
available as well.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-16 13:07:14 +02:00
Jouni Malinen
861beb7269 RADIUS DAS: Check for single session match for Disconnect-Request
Previously, the first matching STA was picked. That is not really the
design in RFC 5176, so extend this matching code to go through all
specified session identification attributes and verify that all of them
match. In addition, check for a possible case of multiple sessions
matching. If such a case is detected, return with Disconnect-NAK and
Error-Code 508 (multiple session selection not supported).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-16 12:50:16 +02:00
Jouni Malinen
1fef85c7c5 nl80211: Fix AP-scan-in-STA-mode error path behavior
If a second scan trigger attempt fails in STA mode, the error path was
supposed to restore the old mode that was in use before changing to STA
mode. However, wpa_driver_nl80211_set_mode() changes drv->nlmode on
success, so the recovery path needs to use the saved old_mode value
instead.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-15 00:59:14 +02:00
Jouni Malinen
cebee30f31 Add domain_match network profile parameter
This is similar with domain_suffix_match, but required a full match of
the domain name rather than allowing suffix match (subdomains) or
wildcard certificates.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-14 15:45:18 +02:00
Jouni Malinen
d07d3fbda2 Add peer certificate alt subject name information to EAP events
A new "CTRL-EVENT-EAP-PEER-ALT depth=<i> <alt name>" event is now used
to provide information about server certificate chain alternative
subject names for upper layers, e.g., to make it easier to configure
constraints on the server certificate. For example:
CTRL-EVENT-EAP-PEER-ALT depth=0 DNS:server.example.com

Currently, this includes DNS, EMAIL, and URI components from the
certificates. Similar information is priovided to D-Bus Certification
signal in the new altsubject argument which is a string array of these
items.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-14 15:45:18 +02:00
Jouni Malinen
dd5f902584 Get rid of a compiler warning
Commit e7d0e97bdb ('hostapd: Add vendor
specific VHT extension for the 2.4 GHz band') resulted in a compiler
warning regarding comparison between signed and unsigned integers at
least for 32-bit builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-14 01:38:26 +02:00
Jouni Malinen
d29fa3a767 Extend VENDOR_ELEM parameters to cover non-P2P Association Request
The new VENDOR_ELEM value 13 can now be used to add a vendor element
into all (Re)Association Request frames, not just for P2P use cases like
the previous item was for.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-14 01:12:56 +02:00
Yanbo Li
e7d0e97bdb hostapd: Add vendor specific VHT extension for the 2.4 GHz band
This allows vendor specific information element to be used to advertise
support for VHT on 2.4 GHz band. In practice, this is used to enable use
of 256 QAM rates (VHT-MCS 8 and 9) on 2.4 GHz band.

This functionality is disabled by default, but can be enabled with
vendor_vht=1 parameter in hostapd.conf if the driver advertises support
for VHT on either 2.4 or 5 GHz bands.

Signed-off-by: Yanbo Li <yanbol@qti.qualcomm.com>
2015-01-14 00:59:22 +02:00
Jouni Malinen
3e7f1c7980 GnuTLS: Add TLS event callbacks for chain success/failure and peer cert
This makes GnuTLS events match the ones provided when OpenSSL is used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
0eb2ed067f GnuTLS: Add support for OCSP stapling as a client
This allows ocsp=2 to be used with wpa_supplicant when built with GnuTLS
to request TLS status extension (OCSP stapling) to be used to validate
server certificate validity.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
0e1bb94b91 GnuTLS: Verify that server certificate EKU is valid for a server
The server certificate will be rejected if it includes any EKU and none
of the listed EKUs is either TLS Web Server Authentication or ANY.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
d4d1f5cb33 GnuTLS: Fix tls_disable_time_checks=1 processing
Certificate expiration is checked both within GnuTLS and in the
tls_gnutls.c implementation. The former was configured to use the
request to ignore time checks while the latter was not. Complete support
for this parameter by ignoring the internal expiration checks if
requested.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
594d1fc084 GnuTLS: Add support for private_key and client_cert as blobs
This allows private key and client certificate to be configured using
wpa_supplicant blobs instead of external files.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
79b1dd9aad GnuTLS: Fix DER encoding certificate parsing
It looks like GnuTLS may return success on
gnutls_certificate_set_x509_*() functions with GNUTLS_X509_FMT_PEM even
when trying to read DER encoded information. Reverse the order of
parsing attempts so that we start with DER and then move to PEM if
GnuTLS reports failure on DER parsing. This seems to be more reliable
way of getting errors reported and both cases can now be handled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
1068bdb90c tests: Fix crypto module test build without EAP-FAST
Skip the EAP-FAST specific test cases if wpa_supplicant build is
configured not to include EAP-FAST support.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
a16514516b Add "GET tls_library" to provide information on TLS library and version
This new wpa_supplicant and hostapd control interface command can be
used to determine which TLS library is used in the build and what is the
version of that library.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
c3bb84b415 GnuTLS: Add event callbacks
This allows wpa_supplicant to provide more information about peer
certificate validation results to upper layers similarly to the
mechanism used with OpenSSL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
8ddcd6b9d4 GnuTLS: Add support for domain_suffix_match
This implementation uses GnuTLS function
gnutls_x509_crt_check_hostname(). It has a bit different rules regarding
matching (allows wildcards in some cases, but does not use suffix
matching) compared to the internal implementation used with OpenSSL.
However, these rules are sufficiently close to each other to be of
reasonable use for most cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
4bc13bf709 GnuTLS: Check for any unknown verification failure
After having checked all known GNUTLS_CERT_* error cases that we care
about, check that no other errors have been indicated by
gnutls_certificate_verify_peers2() as a reason to reject negotiation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
e0d431a515 GnuTLS: Add more debug prints for version and session status
Make the debug output more useful for determining whuch version of
GnuTLS was used and what was negotiated for the session.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
65ec7f4c12 GnuTLS: Move peer certificate validation into callback function
GnuTLS 2.10.0 added gnutls_certificate_set_verify_function() that can be
used to move peer certificate validation to an earlier point in the
handshake. Use that to get similar validation behavior to what was done
with OpenSSL, i.e., reject the handshake immediately after receiving the
peer certificate rather than at the completion of handshake.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:20 +02:00
Jouni Malinen
7c8245798f GnuTLS: Remove support for versions older than 2.12.x
GnuTLS project has marked 2.12.x obsolete since January 2014. There is
not much need for maintaining support for obsolete versions of the
library, so drop all #if/#endif blocks targeting 2.x.y versions. In
practice, none of these were requiring 2.12.x version with x greater
than 0, so 2.12.x remains supported for now.

In addition, add newer version (GnuTLS 3.0.18 and newer) to fetch client
and server random from the session since the old method is not supported
by new GnuTLS versions and as such, gets removed with rest of the old
ifdef blocks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:18:57 +02:00
Jouni Malinen
e1d63f6aea GnuTLS: Remove old version number checks for 1.3.2
No one should be using GnuTLS versions older than 1.3.2 from 2006
anymore, so remove these unnecessary #if/#endif checks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 11:13:20 +02:00
Jouni Malinen
ae0a23a0ca GnuTLS: Remove GNUTLS_INTERNAL_STRUCTURE_HACK
This was needed with very old GnuTLS versions, but has not been needed,
or used, since GnuTLS 1.3.2 which was released in 2006. As such, there
is no need to maintain this code anymore and it is better to just clean
the source code by removing all the related code.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 11:11:03 +02:00
Jouni Malinen
db4cf40b92 GnuTLS: Add support for ca_cert as a blob
This allows GnuTLS to be used with trusted CA certificate from
wpa_supplicant blob rather than an external certificate file.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 01:49:09 +02:00
Jouni Malinen
224104ddf6 TLS: Reject openssl_ciphers parameter in non-OpenSSL cases
This TLS configuration parameter is explicitly for OpenSSL. Instead of
ignoring it silently, reject any configuration trying to use it in
builds that use other options for TLS implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 01:35:54 +02:00
Jouni Malinen
6dbbef9603 Define host_to_le32() for Windows builds
This define had been forgotten at some point in time and wpa_supplicant
compilation for Windows failed with some recently added code that
depended on this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:58:10 +02:00
Jouni Malinen
7d28e46a6c Fix os_win32 build
Addition of os_memcmp_const() in commit
afc3c8b07f had forgotten to include
common.h into os_win32.c to get u8 defined.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:58:10 +02:00
Jouni Malinen
0b402479bf Remove Network Security Service (NSS) support
NSS as a TLS/crypto library alternative was never completed and this
barely functional code does not even build with the current NSS version.
Taken into account that there has not been much interest in working on
this crypto wrapper over the years, it is better to just remove this
code rather than try to get it into somewhat more functional state.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:58:10 +02:00
Jouni Malinen
d16694761a schannel: Reject subject_match, altsubject_match, suffix_match
Validation of these parameters has not been implemented with schannel.
Instead of ignoring them silently, reject the configuration to avoid
giving incorrect impression of the parameters being used if
wpa_supplicant is built with schannel instead of the default OpenSSL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:58:10 +02:00
Jouni Malinen
59051f8ecf TLS: Reject subject_match, altsubject_match, suffix_match
Validation of these parameters has not been implemented in the internal
TLS implementation. Instead of ignoring them silently, reject the
configuration to avoid giving incorrect impression of the parameters
being used if wpa_supplicant is built with the internal TLS
implementation instead of the default OpenSSL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:37:21 +02:00
Jouni Malinen
f8717ac8b3 GnuTLS: Reject subject_match, altsubject_match, suffix_match
Validation of these parameters has not been implemented with GnuTLS.
Instead of ignoring them silently, reject the configuration to avoid
giving incorrect impression of the parameters being used if
wpa_supplicant is built with GnuTLS instead of the default OpenSSL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:33:48 +02:00
Jouni Malinen
e24aef10cf Fix a typo in domain_suffix_match documentation
Spell SubjectName correctly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:27:01 +02:00
Jouni Malinen
394b54732e Improve subject_match and domain_suffix_match documentation
These were already covered in both README-HS20 for credentials and in
header files for developers' documentation, but the copy in
wpa_supplicant.conf did not include all the details. In addition, add a
clearer note pointing at subject_match not being suitable for suffix
matching domain names; domain_suffix_match must be used for that.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:27:01 +02:00
Jouni Malinen
8a42a076aa trace: Fix out-of-memory testing logic
data.function needs to be set for the return value to be of any use and
strcmp won't work with NULL pointer either. (CID 99907)

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-10 17:35:53 +02:00
Stefan Tomanek
79cd993a62 Add address masks to BSSID lists
In many applications it is useful not just to enumerate a group of well
known access points, but to use a address/mask notation to match an
entire set of addresses (ca:ff:ee:00:00:00/ff:ff:ff:00:00:00).

This change expands the data structures used by MAC lists to include a
mask indicating the significant (non-masked) portions of an address and
extends the list parser to recognize mask suffixes.

Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
2015-01-10 17:35:53 +02:00
Jouni Malinen
21c74e8462 nl80211: Use a helper function to put mesh_id
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-10 17:35:53 +02:00
Jouni Malinen
85e1fad8a5 nl80211: Use a helper function for putting beacon interval
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-10 17:35:53 +02:00
Jouni Malinen
6dfc55723d Remove mesh_ht_mode network block parameter
There should not be a mesh-specific mechanism for setting up channel
parameters since that will just result in duplicated code. IBSS, mesh,
and AP mode can use the same data structures and parameters for setting
up such parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-10 17:35:53 +02:00
Jouni Malinen
f7e889fa2d mesh: Convert channel configuration to use common routines
Use struct hostapd_freq_params just like other modes do instead of
mesh-specific freq and ht_mode.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-10 17:35:53 +02:00
Jouni Malinen
1fc4ab2367 nl80211: Move debug prints into nl80211_put_freq_params()
This way all callers can get the benefit of the same debug prints.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-10 17:35:53 +02:00
Jouni Malinen
cae87abd13 nl80211: Add a helper function for putting basic rates
There is no need for maintaining two more or less identical copies of
this functionality.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-10 17:35:53 +02:00
Janusz Dziedzic
a828f626af Make check_40mhz_2g4 common
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-10 17:35:53 +02:00
Janusz Dziedzic
fdd989d17a Make check_20mhz_bss common
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-10 17:35:53 +02:00
Janusz Dziedzic
0e550fe496 Make check_40mhz_5g common
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-10 17:35:53 +02:00
Janusz Dziedzic
6d5d098f77 Make get_pri_sec_chan() common
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-10 17:35:53 +02:00
Janusz Dziedzic
514427437a Introduce common allowed_ht40_channel_pair()
This can be used from hostapd/wpa_supplicant.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-10 17:35:53 +02:00
Janusz Dziedzic
5f10b7f498 Use common hw_get_freq/hw_get_chan helpers in hostapd
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-10 17:35:53 +02:00
Janusz Dziedzic
269dfe232b Introduce common hw features
Introduce wpa_supplicant/hostapd hw features.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-10 17:35:53 +02:00
Janusz Dziedzic
1830817ece IBSS: Add WPA_DRIVER_FLAGS_HT_IBSS
Add WPA_DRIVER_FLAGS_HT_IBSS driver feature flag. Some drivers could not
set this feature and next could fail when we will enable HT support for
IBSS with error message: nl80211: Join IBSS failed: ret=-22 (Invalid
argument).

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-10 17:35:53 +02:00
Bob Copeland
f3b8ad4d78 SAE: Implement retransmission timer
Add the t0 retransmission timer as specified by IEEE Std 802.11-2012,
11.3.8.4. This makes SAE much more likely to succeed in the case of lost
frames.

Signed-off-by: Bob Copeland <me@bobcopeland.com>
2015-01-10 17:35:52 +02:00
Bob Copeland
a206e2a175 SAE: Centralize function for sending initial COMMIT
When performing SAE authentication in mesh, one station may
initiate authentication by sending a COMMIT as soon as a peer
candidate is discovered. Previously we did this in mesh_rsn.c,
but this left some of the state initialization in a different
part of the code from the rest of the state machine, and we may
need to add other initializations here in the future, so move
that to a more central function.

Signed-off-by: Bob Copeland <me@bobcopeland.com>
2015-01-10 11:43:29 +02:00
Imre Vadasz
28c91ee124 bsd: Fix parsing of ieee80211req_scan_result on FreeBSD and DragonFly
On FreeBSD and DragonFly BSD, we additionally need to skip the
isr_meshid_len bytes of the MESH ID, to get the correct address for
copying the IE data.

The isr_meshid_len field was added in the FreeBSD svn revision r195618
in 2009, so I don't think we need to check the FreeBSD version here.

Signed-off-by: Imre Vadász <imre@vdsz.com>
2015-01-10 11:43:29 +02:00
Jouni Malinen
27d9701dea Fix a memory leak on WPA authenticator error path
wpa_auth->group needs to be freed if PMK cache setup fails.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-08 02:34:08 +02:00
Jouni Malinen
c1c07dcb70 Fix hostapd interface addition error path
The local conf pointer needs to be cleared once it gets assigned to
hapd_iface to avoid double-free of the configuration data on error path.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-08 02:34:08 +02:00
Jouni Malinen
a156ffda61 Add support for testing memory allocation failures
The new control interface command TEST_ALLOC_FAIL and GET_ALLOC_FAIL can
now be used to trigger memory allocation failures for testing purposes.
TEST_ALLOC_FAIL sets a failure conditions with
<count>:func[;func][;func]... string and GET_ALLOC_FAIL returns the
current state using the same format. Whenever an allocation is made with
a matching backtrace of calling functions, the count is decremented by
one and once zero is reached, the allocation is forced to fail.

Function names can be prefixed with either '=' or '?' to get different
matching behavior. '=' requires this specific function to be the next
one in the backtrace (i.e., do not skip any other functions in the list
which is the default behavior). '?' allows the function to be optionally
present in the backtrace.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:43 +02:00
Jouni Malinen
52a80583ba TDLS: Fix an interface addition error path
It is possible for wpa_tdls_teardown_peers() to be called with sm ==
NULL in case interface addition fails before the WPA state machine is
initialized.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:00 +02:00
Jouni Malinen
3d2e2d5d63 trace: Fix compiler warning on 32-bit builds with bfd support
With CONFIG_WPA_TRACE_BFD, the type cast from void* to integer was
generating a compiler warning due to the target integer being larger in
size in case of 32-bit builds. Type case to bfd_hostptr_t instead of
directly to bfd_vma to avoid this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-06 18:30:20 +02:00
Jouni Malinen
b9f6560f38 eloop: Fix WPA_TRACE tracking in case of realloc failure
The socket reference tracking entries need to be restored in case
os_realloc_array() fails when adding a new eloop socket.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-06 18:30:20 +02:00
Jouni Malinen
e10422c025 Fix memory leak on hostapd BSS addition error path
The per-BSS configuration information needs to be freed if hostapd fails
to add a new interface for a BSS added with "ADD bss_config=..."
command.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-06 18:30:20 +02:00
Jouni Malinen
2801659268 Fix hostapd initialization error path on allocation failure
If hostapd_alloc_bss_data() failed to allocate the struct hostapd_data
instance, dynamic interface addition path ended up trying to dereference
freed memory due to incorrect cleanup steps. Fix this by decrementing
the interface count when the newly added interface is removed. In
addition, make the setup more robust by clearing all changes within
hostapd_data_alloc() if any of the allocations fails.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-06 18:30:20 +02:00
Jouni Malinen
d58ade2121 nl80211: Fix compilation with libnl 1.1 and 2.0
Unfortunately, libnl 3.0 has changed the API in a way that is not
backwards compatible by renaming nlmsg_len() to nlmsg_datalen() without
leaving the older nlmsg_len() defined. As such, there does not seem to
be any clean way of using this function without breaking the build with
some libnl versions. For now, replace this call with direct calculation
of the data length since it can be done with a simple one-liner that
compiles with all libnl versions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-06 18:30:20 +02:00
Jouni Malinen
51f3427019 crypto: Clear temporary stack buffers after use
This reduces possibility of exposure of private keys should something
get access to stack memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-06 02:49:13 +02:00
Jouni Malinen
77a2c3941e crypto: Clear temporary heap allocations before freeing
This reduces the time private keys may remain in heap memory after use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-06 02:49:13 +02:00
Jouni Malinen
a15a7fcf69 DH: Clear memory explicitly on private key deinit
Remove any DH private key from heap memory after use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 18:03:40 +02:00
Jouni Malinen
77c45e2b35 Add wpabuf_clear_free() to allow clearing of freed memory
This can be useful when a wpabuf is used to store private data that
should not be left in heap after use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 18:02:04 +02:00
Jouni Malinen
59be78ef93 tests: Move SHA256 test cases into hwsim framework
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 17:34:20 +02:00
Jouni Malinen
4b462a0226 tests: Move SHA1 test cases into hwsim framework
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 17:29:00 +02:00
Jouni Malinen
a90c7d91a0 OpenSSL: Fix pbkdf2_sha1() wrapper
This was supposed to use the iterations parameter from the caller
instead of the hardcoded 4096. In practice, this did not have problems
for normal uses since that 4096 value was used in all cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 17:27:08 +02:00
Jouni Malinen
896e1b836f tests: Move MD5 test cases into hwsim framework
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 17:12:27 +02:00
Jouni Malinen
88fc0dca98 tests: Move ms_funcs test cases into hwsim framework
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 17:05:42 +02:00
Jouni Malinen
5c0ff9f9a3 tests: Add some of the AES ECB mode test cases from CAVS 11.1
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 16:57:57 +02:00
Jouni Malinen
1244408401 tests: Move AES key wrap/unwrap test cases into hwsim framework
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 16:35:59 +02:00
Jouni Malinen
477f83131f tests: Move AES-CBC test cases into hwsim framework
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 16:28:46 +02:00
Jouni Malinen
e438fb0d3a tests: Move AES-128 EAX mode test cases into hwsim framework
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 16:24:42 +02:00
Jouni Malinen
6c33962dd1 tests: Additional OMAC1-AES module test coverage
This verifies couple of corner cases with short vector entries in the
OMAC1-AES implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 16:15:23 +02:00
Jouni Malinen
304d40e904 tests: Move OMAC1-AES test cases into hwsim module tests
This makes sure the test cases are executed automatically with rest of
the hwsim tests.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 16:02:08 +02:00
Jouni Malinen
942b75468d tests: Add module tests for AES-SIV
This moves the AES-SIV test case from tests/test-aes.c to be part of
wpa_supplicant module testing framework with a new
src/crypto/crypto_module_tests.c component. In addition, the second test
vector from RFC 5297 is also included for additional coverage.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 15:50:53 +02:00
Jouni Malinen
f6ebbcf62a AES-SIV: Make aes_s2v() static
This function is not used outside aes-siv.c. In addition, include the
aes_siv.h header to make sure that functions get declared consistently.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 15:22:36 +02:00
Jouni Malinen
dcf8fbc058 nl80211: Simplify event processing error paths
These are practically unreachable code since cfg80211 fills in the
required attributes or does not send the event. Keep the checks in
place, but minimize the extra code in wpa_supplicant/hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 13:40:07 +02:00
Jouni Malinen
38751d8bd5 nl80211: Remove cfg80211 state mismatch workaround for authentication
cfg80211 dropped support for tracking BSS authentication state and
setting NL80211_BSS_STATUS_AUTHENTICATED in 'cfg80211: stop tracking
authenticated state' three years ago (starting in Linux 3.4). As such,
this workaround code in wpa_supplicant cannot be reached anymore. There
is no real need for maintaining it for older kernels either, since there
are other ways of detecting and working around state mismatches with the
actual authentication operations failing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 12:21:12 +02:00
Jouni Malinen
64ae244763 nl80211: Check support for rekey offload on first use
While there is no explicit driver capability advertisement for this in
nl80211, the EOPNOTSUPP response can be interpreted as a clear
indication of NL80211_CMD_SET_REKEY_OFFLOAD not being supported. Check
for that and don't try to offload keys again if the driver has not use
for them.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 12:00:09 +02:00
Ilan Peer
86056fea63 nl80211: Handle MAC address randomization in scan/sched_scan
1. Process supported driver capabilities.
2. Populate scan request with MAC address randomization data

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-01-04 23:06:31 +02:00
Ilan Peer
ff23ed221d driver: Add definitions for MAC address randomization in scan
1. Add parameters to the scan command to allow MAC address
   randomization during scan and scheduled scan.
2. Add capability bits to publish MAC address randomization support
   in scan and scheduled scan.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-01-04 21:46:38 +02:00
Arik Nemtsov
72b2605f15 nl80211: Pass TDLS channel-switch start/stop params to kernel
The kernel-driver/firmware are responsible for performing periodic
switches to the target channel with the given peer. Propagate all TDLS
channel switching related information to kernel.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2015-01-04 21:46:37 +02:00
Arik Nemtsov
6b90deae4d TDLS: Propagate enable/disable channel-switch commands to driver
The supplicant code does not try to control the actual channel of the
radio at any point. It simply passes the target peer and channel
parameters to the driver. It's the driver's responsibility to
periodically initiate TDLS channel-switch operations when TDLS
channel-switching is enabled.

Allow enable/disable operations to be invoked via the control interface.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2015-01-04 20:30:11 +02:00
Arik Nemtsov
d9d3b78c67 TDLS: Track TDLS channel switch prohibition in BSS
Mark an appropriate sm flag when TDLS switch is prohibited by the AP.
Populate the flag upon association with the AP.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2015-01-04 18:59:31 +02:00
Arik Nemtsov
4daa572925 TDLS: Add channel-switch capability flag
Propagate a driver TDLS channel-switch support bit from nl80211 to
TDLS code.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2015-01-04 18:59:31 +02:00
Jouni Malinen
ca16586afe Sync with wireless-testing.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2014-11-26.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-04 18:59:31 +02:00
Avraham Stern
730a0d16bf nl80211: Always register management frames handler
If registering WMM-AC ADDTS response action frame or WMM-AC DELTS
action frame fails, the management frame handler is not being
registered. This results with a segmentation fault when trying to
unsubscribe the handler when the interface is removed.
Fix it by always registering the handler and just returning a negative
value to note that the action frame could not be registered.

This fixes an issue introduced in the commit
dfa8787833 ('nl80211: Implement
add_ts/del_ts ops').

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-01-04 18:28:03 +02:00
Jouni Malinen
4e8f31e2ef doc: Extend driver.h documentation
This documents some more parts of the driver wrapper interface.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-03 18:24:20 +02:00
Jouni Malinen
bbd89bfca0 nl80211: Clear nlmsg payload with keys before freeing
This reduces the time possible keys could remain in heap memory. Couple
of the nl80211 messages include keys (TK for normal ciphers and
KCK/KEK/PMK for various offloading cases).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-03 01:15:34 +02:00
Jouni Malinen
f2535da879 nl80211: Note linux_set_iface_flags() failure in debug log
There was one final remaining linux_set_iface_flags() call that did not
check the result. This specific one does not really matter much, but
anyway, be more consistent by checking the result and log any error in
debug log. (CID 74146)

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:56:04 +02:00
Jouni Malinen
8509fb5cce D-Bus: Fix memory leak on P2P GO WPSVendorExtensions
It was possible to add WPS vendor extensions through the D-Bus
WPSVendorExtensions setter, but these extensions were not freed when the
P2P GO was stopped or when replacing previously configured extensions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-30 22:22:39 +02:00
Jouni Malinen
4e70bbf1c6 SAE: Clear keys from memory on disassociation
There is no need to keep temporary keys in memory beyond the end of the
association, so explicitly clear any SAE buffers that can contain keys
as soon as such keys are not needed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 20:00:02 +02:00
Jouni Malinen
fbfc974c6c Clear GTK from memory as soon as it is not needed anymore
It was possible for the decrypted EAPOL-Key Key Data field to remain in
heap after the temporary buffer was freed. Explicitly clear that buffer
before freeing it to minimize the time GTK remains in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Jouni Malinen
7d711541dc Clear TK part of PTK after driver key configuration
There is no need for wpa_supplicant to maintain a copy of the TK part of
PTK after this has been configured to the driver, so clear that from
heap memory and only maintain KEK and KCK during association to allow
additional EAPOL-Key handshakes.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Jouni Malinen
7193254456 Clear temporary keys from WPA supplicant state machine when not needed
PMK and PTK are not needed in the supplicant state machine after
disassociation since core wpa_supplicant will reconfigure them for the
next association. As such, clear these from heap in
wpa_sm_notify_disassoc() to reduce time and number of places storing key
material in memory. In addition, clear FT keys in case of
CONFIG_IEEE80211R=y build (sm->xxkey stored a copy of PSK in case of
FT-PSK).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Paul Stewart
de27bc7673 hostapd: Set stdout line-buffered
If hostapd will use stdout for debugging, set stdout to be line
buffered in case its output is redirected to a file. This allows
incremental output to be viewed immediately instead of at the file
buffering interval.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2014-12-29 15:49:05 +02:00
David Woodhouse
a642a52b17 OpenSSL: Do not require a PIN for PKCS#11
It isn't mandatory. If we need one and it's not present, the ENGINE will
try asking for it. Make sure it doesn't actually let an OpenSSL UI loose,
since we don't currently capture those.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2014-12-29 15:49:05 +02:00
David Woodhouse
96955192b3 OpenSSL: Automatically enable PKCS#11 engine where it's needed
It needs to be available to ENGINE_by_id(), which in my case means it
needs to be /usr/lib64/openssl/engines/libpkcs11.so. But that's a system
packaging issue. If it isn't there, it will fail gracefully enough with:

ENGINE: engine pkcs11 not available [error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library]
TLS: Failed to set TLS connection parameters
EAP-TLS: Failed to initialize SSL.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2014-12-29 15:49:05 +02:00
David Woodhouse
ddda627618 OpenSSL: Load dynamic ENGINE unconditionally
This means that if the PKCS#11 engine is installed in the right place
in the system, it'll automatically be invoked by ENGINE_by_id("pkcs11")
later, and things work without explictly configuring pkcs11_engine_path.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2014-12-29 15:49:05 +02:00
David Woodhouse
01b0d1d5c1 OpenSSL: Automatically handle PKCS#11 URIs in private_key, ca/client_cert
If these start with "pkcs11:" then they are PKCS#11 URIs. These Just Work
in the normal private_key/ca_cert/client_cert configuration fields when
built with GnuTLS; make it work that way with OpenSSL too.

(Yes, you still need to explicitly set engine=1 and point to the engine,
but I'll work on that next...)

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2014-12-29 15:49:05 +02:00
David Woodhouse
3d268b8d19 OpenSSL: Do not require private key to come from PKCS#11
There's no reason I shouldn't be able to use PKCS#11 for just the CA cert,
or even the client cert, while the private key is still from a file.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2014-12-29 15:49:05 +02:00
David Woodhouse
5c8ab0d49c OpenSSL: Allow pkcs11_module_path to be NULL
New versions of engine_pkcs11 will automatically use the system's
p11-kit-proxy.so to make the globally-configured PKCS#11 tokens available
by default. So invoking the engine without an explicit module path is
not an error.

Older engines will fail but gracefully enough, so although it's still an
error in that case there's no need for us to catch it for ourselves.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2014-12-29 15:49:05 +02:00
Jouni Malinen
010fa245bd Add QUIET=1 option for make
This can be used to reduce verbosity for build messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
49e3eea8d9 Avoid -Wshadow warnings from older gcc versions
It looks like gcc 4.8.2 would warn about these with -Wshadow, but 4.6.3
did.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-26 13:21:00 +02:00
Jouni Malinen
a193231dfb Clean up debug prints to use wpa_printf()
This converts most of the remaining perror() and printf() calls from
hostapd and wpa_supplicant to use wpa_printf().

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-26 13:20:57 +02:00
Jouni Malinen
cad9b88be2 Fix CONFIG_OS=none build
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-25 16:37:12 +02:00
Jouni Malinen
ff013b94ca Fix CONFIG_OS=internal build
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-25 16:37:12 +02:00
David Woodhouse
7d9286d3e7 Support private_key_passwd for GnuTLS (3.1.11+)
It's possible to jump through hoops to support it in older versions too,
but that seems a little unnecessary at this point.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2014-12-25 16:37:12 +02:00
Jouni Malinen
cbe23ffd6d GnuTLS: Get rid of warnings about deprecated typedef names
'_t' suffix for gnutls_session and gnutls_transport_ptr was added in
GnuTLS 1.1.11 over ten years ago and the more recent versions of GnuTLS
have started forcing compiler warnings from the old names. Move to the
new names and don't bother about backwards compatibility with older
versions taken into account how long ago this change happened in GnuTLS.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-25 16:37:12 +02:00
Jouni Malinen
36f0cf3774 privsep: Fix compilation due to associate() parameter updates
struct wpa_driver_associate_params moved to using struct
hostapd_freq_params instead of just frequency. Need to update wpa_priv
to do same.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-25 16:37:12 +02:00
Jouni Malinen
eae3df7ee4 P2P: Fix memory leak on GO startup failure path
Some of the struct hostapd_data variables get initialized with allocated
memory in the P2P GO case even before hapd->started has been set to 1.
As such, hostapd_free_hapd_data() needs to free these even if
!hapd->stated.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-25 16:37:12 +02:00
Jouni Malinen
40e7639600 nl80211: Check if_indextoname() return value for bridge events
It would be at least theoretically possible for the bridge netdev to
have disappeared at the time hostapd processes the RTM newlink/dellink
message. As such, it is better to verify that if_indextoname() actually
returned success before printing the bridge ifname in debug. In
addition, there is not much point trying to add the bridge ifindex into
the list of own ifindexes in case the interface has already been
removed, so skip that part as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-23 19:43:24 +02:00
Jouni Malinen
3a322496f9 mesh: Delay Authentication frame process with no_auto_peer
There is a possible race condition between receiving the
NEW_PEER_CANDIDATE event and the Authentication frame from the peer.
Previously, if the Authentication frame RX event was indicated first,
that frame got dropped silently. Now, this frame is still dropped, but a
copy of it is stored and the frame gets processed on the following
NEW_PEER_CANDIDATE event if that is received for the same peer within
two seconds.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-23 13:44:38 +02:00
Jouni Malinen
0acc2c809d HT: More robust 20/40 coex Action frame parsing
Commit 587d60d2b7 ('Add AP mode support
for HT 20/40 co-ex Action frame') added processing of co-ex report, but
did not include proper bounds checking or IE type checking for the
payload. Furthermore, this was not ready for the possible extensibility
of the 20/40 BSS Coexistence element.

Fix these by checking IE ids for both elements and doing more
apprioriate bounds checking for the element lengths to avoid potentially
reading beyond the frame buffer. Though, the event receive buffer in
both libnl and driver_nl80211_monitor.c is sufficiently large to make it
very unlikely that the maximum read of about 260 bytes beyond the end of
the Action frame would really have any chances of hitting the end of the
memory buffer, so the practical effect of missing bounds checking would
have been possibly accepting an invalid report frame and moving to 20
MHz channel unnecessarily.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 21:54:11 +02:00
Jouni Malinen
2a32ad66da HT: Fix 20/40 coex Action frame parsing
Commit 5ce3ae4c8f tried to clean up
fetching a pointer to the action code field, but it forgot to add
IEEE80211_HDRLEN to the pointer. This resulted in the coex report
elements being read from too early in the frame.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 20:41:19 +02:00
Jouni Malinen
ce20a3702c nl80211: Remove practically unused process_drv_event()
This was used in the past, but all the event processing is now either
through process_global_event() or process_bss_event().

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 16:12:11 +02:00
Masashi Honma
4b4093686b mesh: Make maximum number of peer links configurable
Maximum number of peer links is maximum number of connecting mesh peers
at the same time. This value is 0..255 based on the
dot11MeshNumberOfPeerings range.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-21 23:52:31 +02:00
Masashi Honma
9c58c5f72c mesh: Make beacon interval configurable
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-21 23:38:20 +02:00
Jouni Malinen
422ba11e30 Flush WPS registrar state on wpa_supplicant FLUSH command
This helps hwsim test cases by avoiding undesired state from previously
executed test cases affecting following tests.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 17:47:42 +02:00
Jouni Malinen
8779ac8a67 EAP-IKEv2: Fix a typo in a debug message
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 13:19:14 +02:00
Jouni Malinen
bb68a6e3cc EAP-IKEv2 peer: Fix fragmentation reassembly
ret->ignore needs to be cleared to FALSE when sending fragment ack
message to avoid ignoring the fragment.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 00:48:24 +02:00
Jouni Malinen
8e5c1ec32f EAP-IKEv2: Add explicit limit for maximum message length
This avoids accepting unnecessarily large memory allocations.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 00:25:16 +02:00
Jouni Malinen
5ef8e39fa7 nl80211: Fix interface-in-different-bridge case
The local ifindex list needs to be updated only if the current bridge
interface is the correct one. If hostapd is going to move the interface
to another bridge, the old bridge ifindex must not be added. In
addition, when removing the bridge interface on deinit, it may need to
be set down to allow bridge removal.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 21:00:08 +02:00
Jouni Malinen
666e508ccf nl80211: Fix cfg80211 workaround for IBSS join
The interface was incorrectly changed to station mode between the two
IBSS join requests and that made the second attempt fail. Remove that
undesired mode clearing from this special case of IBSS leave sequence.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 19:35:23 +02:00
Jouni Malinen
13a3a20dfe Fix wpa_key_mgmt and wpa_pairwise configuration for non-WPA
These hostapd configuration parameter was left at the default values
(WPA-PSK/TKIP) even for cases where WPA was disabled. While these
parameters are not really used much in non-WPA cases, they do get used
for one corner case in nl80211 configuration to disable encryption of
EAPOL frames in IEEE 802.1X WEP case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 18:44:43 +02:00
Jouni Malinen
533fe09b78 nl80211: Fix no-encrypt for IEEE 802.1X WEP EAPOL
Commit 9f12614b8c ('nl80211: Do not
encrypt IEEE 802.1X WEP EAPOL') tried to use
NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT to disable encryption of EAPOL
frames for WEP IEEE 802.1X. However, it used incorrect key management
suite (IEEE 802.1X with WPA/WPA2 while the non-WPA version is needed
here). Consequently, the no-encrypt flag was never set to the driver
(WPA/WPA2 cases do not meet the WEP as pairwise criteria).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 17:35:03 +02:00
Jouni Malinen
1033315fbe nl80211: Remove send_and_recv_msgs_global() wrapper
There was only a single user for this and calling send_and_recv()
directly is as simple as using this wrapper.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 15:45:28 +02:00
Jouni Malinen
bdf5ccb264 nl80211: Remove unnecessary function declarations
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-20 15:37:16 +02:00
Jouni Malinen
afa2ffb413 SAE: Check Status Code in Authentication frames
While other authentication algorithms mark Status Code as being Reserved
in the case of the transaction number 1, SAE does not. Check that the
Status Code indicates success before creating SAE state. In addition,
fix the mesh anti-clogging token request parsing on big endian CPUs.

Transaction number 2 (confirm) can also have non-zero Status Code to
report an error. Those should be processed, but not replied to with yet
another error message. This could happen in mesh case. Avoid a loop of
error messages by dropping the non-success case without additional
response.

In addition, don't reply to unknown transaction numbers if the status
code is non-zero. This avoids a loop of error messages if an invalid
frame where to be injected (or unlikely corruption were to occur).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-15 00:06:56 +02:00
Masashi Honma
5b78493f3b mesh: Add mesh interface creation command for mesh gate
The mesh gate is used to bridge (or route) between mesh network and
another network. For example, mesh gate acts as router between mesh
network and IEEE 802.11 BSS network.

This command makes a virtual mesh interface to be used for mesh gate.

This command expects to be used like this.

wpa_cli -i wlan0 MESH_INTERFACE_ADD ifname=mesh0
wpa_cli -i mesh0 add_network
wpa_cli -i mesh0 set_network 0 ssid '"commell_2X_mmm"'
wpa_cli -i mesh0 set_network 0 mode 5
wpa_cli -i mesh0 set_network 0 frequency 2412
wpa_cli -i mesh0 set_network 0 key_mgmt SAE
wpa_cli -i mesh0 set_network 0 psk '"01234567"'
wpa_cli -i mesh0 mesh_group_add 0
wpa_cli -i wlan0 mesh_group_remove mesh0

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-14 23:27:43 +02:00
Jouni Malinen
bd0b620371 SAE: Add sae_group to AP/mesh mode STA ctrl_iface data
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 20:14:33 +02:00
Jouni Malinen
7781da6b2b Remove unused find_first_bit()
This was used only for the VHT capability checks for determining bit
offset for right shift. That was replaced with a constant defines since
there is no need to calculate this at runtime.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 19:01:25 +02:00
Jouni Malinen
9ae52e7034 Clean up VHT configuration validation
There is no need to use runtime call to find_first_bit() to determine
shift amount for a constant integer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 19:00:38 +02:00
Jouni Malinen
b0f33467a5 Clean up VHT override max A-MPDU override calculation
There is no need to use runtime call to find_first_bit() to determine
shift amount for a constant integer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 18:48:59 +02:00
Jörg Krause
33c7eb810a wext: Fix musl build error
Building wpa_supplicant with the musl C library fails since musl does
not define type names such as '__uint32_t'. To support building
wpa_supplicant with the musl C library use the integer types declared in
the ISO C standard header file <stdint.h>.

Signed-off-by: Jörg Krause <jkrause@posteo.de>
2014-12-14 18:05:32 +02:00
Rafał Miłecki
7c4027f604 nl80211: Report new station / assoc event for the correct BSS
drv->ctx always points to the first BSS and we should report event using
BSS related to the interface we got NL80211_CMD_NEW_STATION from.
This fixes STA association for drivers using NL80211_CMD_NEW_STATION and
multiple virtual interfaces.

Before:
nl80211: Drv Event 19 (NL80211_CMD_NEW_STATION) received for wlan0-1 (ifindex:7)
nl80211: New station 02:00:00:00:01:00
wlan0: STA 02:00:00:00:01:00 IEEE 802.11: associated

After:
nl80211: Drv Event 19 (NL80211_CMD_NEW_STATION) received for wlan0-1 (ifindex:7)
nl80211: New station 02:00:00:00:01:00
wlan0-1: STA 02:00:00:00:01:00 IEEE 802.11: associated

This is not applicable to the cases where authentication (AP SME & MLME)
is in hostapd and hostapd_assoc_cb() instead of hostapd_notif_assoc()
handles BSS selection.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2014-12-14 17:29:26 +02:00
Jouni Malinen
ce460118a8 ERP: Drop ERP keys on failure on the peer
This allows recovery through fallback to full EAP authentication if the
server rejects us, e.g., due to having dropped ERP state.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
2c6411edd0 ERP: Add ERP_FLUSH for hostapd
This can be used to drop any pending ERP key from both the internal AP
authentication server and RADIUS server use of hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
a0a34d536e nl80211: Add rrm_flags to STATUS-DRIVER
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-12 21:09:11 +02:00
Jouni Malinen
0629eeb490 RRM: Add AP mode minimal advertisement support for testing
The new hostapd.conf radio_measurements parameter can now be used to
configure a test build to advertise support for radio measurements with
neighbor report enabled. There is no real functionality that would
actually process the request, i.e., this only for the purpose of minimal
STA side testing for now.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-12 20:45:31 +02:00
Jouni Malinen
774d414513 Fix AP IE in EAPOL-Key 3/4 for WPA + FT combination
Previously, only WPA + WPA2 was covered. If FT is enabled in addition to
WPA, MDIE is included in the buffer between RSN and WPA elements. The
previous version ended up leaving only the MDIE after having skipped RSN
element. Fix this to skip MDIE as well to leave only WPA IE regardless
of whether FT is enabled in AP configuration.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-12 14:03:36 +02:00
Jouni Malinen
72c5c289fb Add text names for number of the key_mgmt values
This completes STATUS command key_mgmt output for the missing values,
like SAE.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-12 13:40:07 +02:00
Jouni Malinen
2961bfa8e1 Remove unused send_eapol() driver op
The send_eapol() callback was used by driver_test.c, but with that
removed, there is no remaining users of the alternative EAPOL frame
transmitting mechanism in wpa_supplicant, i.e., all remaining driver
interfaces use l2_packet instead. Remove the send_eapol() to get rid of
unused code.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-11 15:40:07 +02:00
Jouni Malinen
6a31a31da1 OpenSSL: Simplify EAP-FAST peer workaround
Commit d4913c585e ('OpenSSL: Fix EAP-FAST
peer regression') introduced a workaround to use a new SSL_CTX instance
set for TLSv1_method() when using EAP-FAST. While that works, it is
unnecessarily complex since there is not really a need to use a separate
SSL_CTX to be able to do that. Instead, simply use SSL_set_ssl_method()
to update the ssl_method for the SSL instance. In practice, this commit
reverts most of the tls_openssl.c changes from that earlier commit and
adds that single call into tls_connection_set_params() based on EAP-FAST
flag.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-09 23:55:41 +02:00
Jouni Malinen
b90d064f1a Add tls_session_reused=<0/1> into EAP peer TLS status
This can be used to determine whether the last TLS-based EAP
authentication instance re-used a previous session (e.g., TLS session
resumption or EAP-FAST session ticket).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-09 23:41:09 +02:00
Chet Lanctot
15badebd47 nl80211: Add QCA vendor specific query of device/driver features
This commit introduces a QCA vendor command that allows interrogation of
the vendor-specific features supported by the device/driver. Currently
the only defined feature is the ability to offload key management.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-09 21:08:21 +02:00
Jouni Malinen
d4913c585e OpenSSL: Fix EAP-FAST peer regression
Commit 35efa2479f ('OpenSSL: Allow TLS
v1.1 and v1.2 to be negotiated by default') changed from using
TLSv1_method() to SSLv23_method() to allow negotiation of TLS v1.0,
v1.1, and v1.2.

Unfortunately, it looks like EAP-FAST does not work with this due to
OpenSSL not allowing ClientHello extensions to be configured with
SSL_set_session_ticket_ext() when SSLv23_method() is used. Work around
this regression by initiating a separate SSL_CTX instance for EAP-FAST
phase 1 needs with TLSv1_method() while leaving all other EAP cases
using TLS to work with the new default that allows v1.1 and v1.2 to be
negotiated. This is not ideal and will hopefully get fixed in the future
with a new OpenSSL method, but until that time, this can be used allow
other methods use newer TLS versions while still allowing EAP-FAST to be
used even if it remains to be constraint to TLS v1.0 only.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-09 16:57:05 +02:00
Jouni Malinen
c1f5bcb96f TLS: Add new cipher suites to tls_get_cipher()
This fixes EAP-FAST server side issues for anonymous provisioning when
using the internal TLS implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-09 16:57:05 +02:00
Jouni Malinen
c25addb156 OpenSSL: Remove support for the old EAP-FAST interface
Commit f5fa824e9a ('Update OpenSSL 0.9.8
patch for EAP-FAST support') changed the OpenSSL 0.9.8 patch to support
the new API that was introduced in OpenSSL 1.0.0 for EAP-FAST. As such,
there should be no valid users of the old API anymore and tls_openssl.c
can be cleaned up to use only the new API.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-09 16:57:05 +02:00
Xiaofei Shen
f68e86a4d6 MACsec: Update protect frames and replay on reauthentication
Some cases like ifconfig down/up may require MACsec restart. To make
sure the appropriate protect frames and replay parameters get configured
in cases where the interface was down, set these parameters from KaY
configuration to the driver before creating a new transmit SC. This
allows MACsec functionality to recover automatically on such restart.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-09 16:56:10 +02:00
Sunil Dutt
36b5c3335a P2P: Check Invitation Response dialog token match for resend case
Commit ac330cfd87 ('P2P: Reinvite with
social operation channel if no common channels') introduced a mechamisn
to reinvite a peer during a persistent group reinvocation from a GO with
a different operating channel proposal. This mechanism can fail if the
inviting device (GO) ends up getting a retransmitted, duplicated
Invitation Response frame processed second time while waiting for the
response to the retried Invitation Request (using one of the social
channels as the operating channel). IEEE 802.11 duplicate frame
detection mechanisms are supposed to prevent this type of sequence, but
not all drivers support those rules properly for pre-association frames,
including P2P Public Action frames.

Work around this issue by checking that the dialog token in the
Invitation Response frame matches the one from the last Invitation
Request if the special invitation retry mechanism is used. This is safer
to do now than to enable dialog token matching for all invitation cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-09 16:26:47 +02:00
Jouni Malinen
1f90dfd2cd nl80211: Add frame control and sequence control field in RX frame debug
This makes it easier to debug issues related to duplicated management
frames on receive path.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-09 01:19:20 +02:00
Jouni Malinen
4bd7195466 nl80211: Try to unmask 11b rates again on next connection request
It is possible for unmasking of 11b rates to fail if a P2P group is
terminated while the netdev is down (e.g., due to rfkill block). This
could result in the 11b TX rates being left masked for non-P2P
operations. This would be particularly unfortunate for channel 14 use
since OFDM rates are not allowed on channel 14 and only OFDM rates were
configured P2P. This issue showed up, e.g., when running hwsim test case
rfkill_autogo followed by ap_wps_conf_chan14.

It may be possible to allow the failed operation in cfg80211/mac80211,
but it looks better to work around this on wpa_supplicant side as well.
Try to unmask the 11b rates again on the next connection request if the
rate unmasking operation had failed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-08 16:10:46 +02:00
Jouni Malinen
3e208481b5 nl80211: Add more debug prints for 11b rate disabling and re-enabling
This makes it easier to debug issues related to TX rate masking for P2P
use cases (and unmasking for non-P2P).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-08 16:01:51 +02:00
Jouni Malinen
aaadd72733 Check os_snprintf() result more consistently - more checks
Add more os_snprintf() result validation checks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
1f102d3bb0 Check os_snprintf() result more consistently - manual
This converts os_snprintf() result validation cases to use
os_snprintf_error() for cases that were note covered by spatch and
semantic patches.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
7bdd8981f7 Check os_snprintf() result more consistently - automatic 2
This converts os_snprintf() result validation cases to use
os_snprintf_error() where the comparison was 'res > size' instead of
'res >= size'. These changes were done automatically with spatch using
the following semantic patch:

@@
identifier E1;
expression E2,E3,E4,E5,E6;
statement S1;
@@

(
  E1 = os_snprintf(E2, E3, ...);
|
  int E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else if (E6)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = 0;
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else if (E6) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	E1 = os_snprintf(E2, E3, ...);
  }
)
? os_free(E4);
- if (E1 < 0 || \( E1 > E3 \| (size_t) E1 > E3 \| E1 > (int) E3 \))
+ if (os_snprintf_error(E3, E1))
(
  S1
|
{ ... }
)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
d85e1fc8a5 Check os_snprintf() result more consistently - automatic 1
This converts os_snprintf() result validation cases to use
os_snprintf_error() where the exact rule used in os_snprintf_error() was
used. These changes were done automatically with spatch using the
following semantic patch:

@@
identifier E1;
expression E2,E3,E4,E5,E6;
statement S1;
@@

(
  E1 = os_snprintf(E2, E3, ...);
|
  int E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else if (E6)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = 0;
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else if (E6) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	E1 = os_snprintf(E2, E3, ...);
  }
)
? os_free(E4);
- if (E1 < 0 || \( E1 >= E3 \| (size_t) E1 >= E3 \| (unsigned int) E1 >= E3 \| E1 >= (int) E3 \))
+ if (os_snprintf_error(E3, E1))
(
  S1
|
{ ... }
)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
a80ba67a26 Check os_snprintf() result more consistently - success case
This converts os_snprintf() result validation cases to use
os_snprintf_error() in cases where success condition was used to execute
a step. These changes were done automatically with spatch using the
following semantic patch:

@@
expression E1,E2,E3;
statement S1;
@@

  E1 = os_snprintf(E2, E3, ...);
- if (\( E1 >= 0 \| E1 > 0 \) && \( (size_t) E1 < E3 \| E1 < (int) E3 \| E1 < E3 \))
+ if (!os_snprintf_error(E3, E1))
  S1

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
a9aaacbb50 Check os_snprintf() result more consistently - maximum length
This adds verification of os_snprintf() result against the maximum
buffer length. These changes were done automatically with spatch
using the following semantic patch:

@@
expression E1,E2,E3;
statement S1;
@@

  E1 = os_snprintf(E2, E3, ...);
- if (\( E1 < 0 \| E1 <= 0 \))
+ if (os_snprintf_error(E3, E1))
(
  S1
|
{ ... }
)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
0047306bc9 Add os_snprintf_error() helper
This can be used to check os_snprintf() return value more consistently.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
89b48f7b95 Use os_zalloc() instead of os_malloc() and os_memset()
Automatically updated with spatch and the following semantic patch:

@@
expression X;
expression E1;
statement S;
@@

- X = os_malloc(E1);
+ X = os_zalloc(E1);
(
  if (X == NULL) {
	...
  }
- os_memset(X, 0, E1);
|
  if (X == NULL)
	S
- os_memset(X, 0, E1);
)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
faebdeaa9e Use os_calloc() instead of os_zalloc()
Automatic changes with spatch using the following semantic patch:

@@
constant C;
type T;
@@

- os_zalloc(C*sizeof(T))
+ os_calloc(C,sizeof(T))

@@
expression E;
type T;
@@

- os_zalloc((E)*sizeof(T))
+ os_calloc(E,sizeof(T))

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
80d5a3db9a WPS: Start EAPOL immediately even without WPA on WPS association
Previously, the immediate EAPOL authenticator startup was scheduled
without having received EAPOL-Start only for the case where WPA/WPA2 was
enabled. This can be extended to speed up non-WPA/WPA2 cases as well if
the STA includes WPS IE in Association Request frame.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
ff1dd3e9a1 base64: Try to avoid static analyzer warning (part 2)
Shift right on unsigned char limits the value to 0..63 which is within
bounds for base64_table[]. Anyway, some static analyzers do not seem to
understand that. See if an otherwise unnecessary masking gets rid of
false warnings. (CID 62858)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:07:56 +02:00
Jouni Malinen
cdbc0baac6 base64: Try to avoid static analyzer warning
Shift right on unsigned char limits the value to 0..63 which is within
bounds for base64_table[]. Anyway, some static analyzers do not seem to
understand that. See if an otherwise unnecessary masking gets rid of
false warnings. (CID 62858)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 19:26:56 +02:00
Jouni Malinen
7d04364104 TLS: Reorder length bounds checking to avoid static analyzer warning
For some reason, "pos + len > end" is not clear enough, but "len > end -
pos" is recognized. Use that to get rid of a false positive from a
static analyzer (CID 72697).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 18:36:02 +02:00
Jouni Malinen
41f480005f EAP-SIM DB: Make recv() null termination easier for static analyzers
For some reason, the previous version was not understood to be null
terminating the buffer from recv(). It was doing this fine, though. Try
to use a bit more simpler design in hopes of getting static analyzers to
understand this. (CID 72702)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 18:35:53 +02:00
Jouni Malinen
8105821b39 Replace send_ft_action() driver_op with send_action()
This reduced number of unnecessarily duplicated driver interface
callback functions for sending Action frames by using the more generic
send_action() instead of FT specific send_ft_action().

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 18:13:29 +02:00
Jouni Malinen
477af8f869 nl80211: Move scanning related functionality to a separate file
This helps in making the still overly large driver_nl80211.c somewhat
more manageable.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 17:59:26 +02:00
Jouni Malinen
71f1d1e54d hostapd: Fix memory leak on dynamic add-BSS error path
If "ADD bss_config=" command failed in driver_init() or
hostapd_setup_interface(), some of the allocated resources were not
freed properly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 17:42:23 +02:00
Jouni Malinen
3f63614f18 nl80211: Clean up nl80211_scan_common() to use nl80211_cmd_msg()
This helper function had not used the nl80211_set_iface_id() helper, but
there is no reason why it couldn't re-use the same helper as other
places using nl80211_cmd_msg().

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 17:18:51 +02:00
Jouni Malinen
95376e1a99 nl80211: Use nl80211_iface_msg() helper
Use the helper function to replace places that use nlmsg_alloc(),
nl80211_cmd(), and ifindex.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 17:18:51 +02:00
Jouni Malinen
13f83980f0 nl80211: Use nl80211_bss_msg() helper
Use the helper function to replace places that use nlmsg_alloc(),
nl80211_cmd(), and either bss->ifindex or if_nametoindex(bss->ifname).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 17:18:46 +02:00
Jouni Malinen
a3249fdfb8 nl80211: Use nl80211_cmd_msg() for P2P Device operations
bss->wdev_id_set is set for the non-detdev P2P Device, so
nl80211_cmd_msg() can be used as-is for these cases as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 17:17:19 +02:00
Jouni Malinen
9725b78421 nl80211: Use nl80211_drv_msg() helper
Use the helper function to replace places that use nlmsg_alloc(),
nl80211_cmd(), and drv->ifindex.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 17:17:12 +02:00
Jouni Malinen
350acc354d nl80211: Move nl80211_set_iface_id() next its only remaining user
This function was in a bit strange location between struct family_data
and family_handler() definitions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 16:41:26 +02:00
Jouni Malinen
56f77852e5 nl80211: Use the new nl80211_cmd_msg() helper
This removes duplicated code for building nl80211 commands for a BSS.
This commit handles the functions that were already using
nl80211_set_iface_id().

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 16:41:25 +02:00
Jouni Malinen
07c7757cb1 nl80211: Add nl80211_*_msg() helpers
These new functions can be used to both allocate and build a header for
most nl80211 commands.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 16:41:01 +02:00
Jouni Malinen
a862e4a38f nl80211: Continue getting rid of NLA_PUT* macro use
This gets rid of more NLA_PUT* macro uses in nl80211 to reduce the
number of functions that depend on the hidden behavior of jumping to the
nla_put_failure label.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 12:50:15 +02:00
Jouni Malinen
9589a91e0e nl80211: Get rid of NLA_PUT* macro use in capability checking
This gets rid of NLA_PUT* macro use in checking nl80211 capabilities to
reduce the number of functions that depend on the hidden behavior of
jumping to the nla_put_failure label.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 12:18:38 +02:00
Jouni Malinen
f27f1644a8 PCSC: Make AID copying easier for static analyzers
Use a separate pointer and length field instead of trying to copy from a
struct field that has only part of the full buffer available.
(CID 68115)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 12:16:32 +02:00
Jouni Malinen
c397eff828 Make GTK length validation easier to analyze
Bounds checking for gd->gtk_len in wpa_supplicant_check_group_cipher()
was apparently too complex for some static analyzers. Use a local
variable and a more explicit validation step to avoid false report.
(CID 62864)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 12:16:32 +02:00
Jouni Malinen
369d07afc1 FT: Make aes_wrap() call easier to analyze
Using aes_wrap() to initialize a data structure seemed to be too much
for some static analyzers to understand. Make it obvious that the target
is not just the single struct member. (CID 68111)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 12:16:32 +02:00
Jouni Malinen
7696760388 FT: Make aes_unwrap() calls easier to analyze
Using aes_unwrap() to initialize a data structure seemed to be too much
for some static analyzers to understand. Make it obvious that the target
is initialized and that the target is not just the single struct member.
In addition, clean up the design to avoid removal of const with a
typecast. (CID 68112, CID 68134, CID 68135, CID 68136)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 12:16:32 +02:00
Jouni Malinen
a6306bcc92 P2P: Split p2p_channels_union() into two functions
The separate p2p_channels_union_inplace() makes the function easier for
static analyzers to see that the result buffer is always initialized.
(CID 74494)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 12:16:32 +02:00
Jouni Malinen
5085ffb8f8 hostapd: Fix HT40 determination for ACS offload
Commit 16689c7cfc ('hostapd: Allow ACS to
be offloaded to the driver') used incorrect operator to determine
whether HT40 was configured. Fix that to mask the ht_capab bit
correctly. (CID 77286)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-05 01:08:40 +02:00
Jouni Malinen
56b352ec58 ERP: Avoid a static analyzer warning on uninitialized emsk_len
This was not really a real issue since bin_clear_free() would not use
the emsk_len argument when emsk is NULL as it would be on the path where
emsk_len has not been initilized. Anyway, it is better to get rid of the
warning.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-05 00:33:31 +02:00
Jouni Malinen
65d9a5e254 ERP: Add wpa_supplicant ERP_FLUSH ctrl_iface command
This can be used to flush all the ERP keys.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-04 12:16:29 +02:00
Jouni Malinen
02a8d45ace ERP: Add support for ERP on EAP peer
Derive rRK and rIK on EAP peer if ERP is enabled. The new wpa_supplicant
network configuration parameter erp=1 can now be used to configure the
EAP peer to derive EMSK, rRK, and rIK at the successful completion of an
EAP authentication method. This functionality is not included in the
default build and can be enabled with CONFIG_ERP=y.

If EAP authenticator indicates support for re-authentication protocol,
initiate this with EAP-Initiate/Re-auth and complete protocol when
receiving EAP-Finish/Re-auth.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-04 12:16:29 +02:00
Jouni Malinen
d3bddd8b84 ERP: Add support for ERP on EAP server and authenticator
Derive rRK and rIK on EAP server if ERP is enabled and use these keys to
allow EAP re-authentication to be used and to derive rMSK.

The new hostapd configuration parameter eap_server_erp=1 can now be used
to configure the integrated EAP server to derive EMSK, rRK, and rIK at
the successful completion of an EAP authentication method. This
functionality is not included in the default build and can be enabled
with CONFIG_ERP=y.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-04 12:16:27 +02:00
Jouni Malinen
e2ee327b19 ERP: Add TV/TLV parser
This is needed for ERP implementation on both the server/authenticator
and peer side.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-04 12:08:59 +02:00
Jouni Malinen
0087061de7 ERP: Add HMAC-SHA256 KDF (RFC 5295)
This is needed for ERP key derivation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-04 12:08:59 +02:00
Jouni Malinen
2a5156a66c ERP: Add optional EAP-Initiate/Re-auth-Start transmission
hostapd can now be configured to transmit EAP-Initiate/Re-auth-Start
before EAP-Request/Identity to try to initiate ERP. This is disabled by
default and can be enabled with erp_send_reauth_start=1 and optional
erp_reauth_start_domain=<domain>.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-04 12:08:56 +02:00
Jouni Malinen
19e2b3b6ba ERP: Add defines for EAP Re-Authentication Protocol
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-04 00:58:14 +02:00
Jithu Jance
0d4e3d1d13 nl80211: Ignore Connect failure for the previous association
Suppose there are two APs (AP1 & AP2) and user attempted to connect to
AP2 before the previous connection with AP1 could succeed. Now, if the
connection event comes for the older AP with failed status, we should
just ignore it as the wpa_supplicant state has moved to "ASSOCIATING"
with the new AP (AP2).

This is a similar to the case where a disconnection event is ignored for
a case where local disconnect request can cause the extra event to show
up during the next association process following that command.

Signed-off-by: Jithu Jance <jithu@broadcom.com>
2014-12-04 00:34:08 +02:00
Peng Xu
16689c7cfc hostapd: Allow ACS to be offloaded to the driver
Using QCA vendor command, allow ACS function to be offloaded to the
driver. Once channels are selected, hostapd is notified to perform OBSS
operation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-03 22:31:53 +02:00
Jouni Malinen
994d6f4629 Add a name for an assigned QCA nl80211 vendor subcmd
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-02 23:36:12 +02:00
Jouni Malinen
e48635cfb0 Rename QCA nl80211 vendor subcmds to match AOSP names
This makes the enum vendor_subcmds definitions more consistent with the
names used in Android.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-02 16:20:35 +02:00
Vivek Natarajan
b685e2aab7 atheros: Cleanup atheros_raw_receive to process all management frames
Signed-off-by: Vivek Natarajan <nataraja@qti.qualcomm.com>
2014-12-02 16:20:35 +02:00
Jouni Malinen
92e3c0b14c EAP-PAX: Derive EAP Session-Id
This adds EAP-PAX server and peer method functions for deriving
Session-Id from Method-Id per RFC 4746 and RFC 5247.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-01 01:46:07 +02:00
Jouni Malinen
a7bec9e7b2 EAP-TTLS: Add support for deriving EMSK
This extends EAP-TTLS server and peer implementations to support EMSK
derivation per RFC 5281.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-01 01:28:19 +02:00
Jouni Malinen
9429bee4cc EAP-TLS server: Clear temporary buffer during EMSK derivation
Now that EMSK derivation is taken into use with ERP, it is better to
make sure the temporary MSK + EMSK buffer does not get left in heap
after use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-01 01:28:19 +02:00
Jouni Malinen
d1f89dd732 EAP server: Add getSessionId
This extends EAP server implementation to derive Session-Id similarly to
the existing EAP peer implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
d68f74c5ff EAP peer: Clean up TLS Session-Id derivation function
The comment about library not supporting Session-Id derivation was not
accurate and there is no need to check for master key that is not used
as part of derivation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
0a11409c00 Fix omac1_aes_128_vector() not to read beyond addr/len array
Previously, it was possible for the loop through the data components to
increment addr/len index at the last position beyond the declared size.
This resulted in reading beyond those arrays. The read values were not
used and as such, this was unlikely to cause noticeable issues, but
anyway, memory checkers can detect this and the correct behavior is to
stop increments before going beyond the arrays since no more bytes will
be processed after this anyway.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-30 15:53:11 +02:00
Jouni Malinen
631739b361 Clear WLAN_STA_ASSOC_REQ_OK on AP-initiated deauthentication
This flag was left in the STA entry for the short duration after the STA
gets deauthenticated. If the STA sends a Class 2 or 3 frame during that
short time, the AP would not have replied with Deauthentication frame
indicating no association is present.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-29 13:31:54 +02:00
Jouni Malinen
0ecff8d7c3 Add hostapd driver_params config parameter
This is mainly for development testing purposes to allow driver_nl80211
behavior to be modified.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-29 13:24:42 +02:00
Jouni Malinen
ebd557288c Remove forgotten driver_test.c variables
hostapd was still providing couple of parameters that were used only in
the already removed driver_test.c framework.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-29 12:49:55 +02:00
Jouni Malinen
bd26031b4b wext: Fix non-WPA/WPA2 connection with extra IEs
The associate() handler was not prepared for params->wpa_ie containing
some other IEs than WPA/RSN IE and ended up configuring security policy
incorrectly for open networks if such IEs were present. Fix this by
using wpa_proto parameter instead of IEs to determine security policy
for driver configuration.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 23:02:30 +02:00
Johannes Berg
d306df7919 wext: Add very basic status command support
Just to make the test framework happy, it uses the driver
status command to obtain the interface MAC address.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-11-28 23:02:29 +02:00
Jouni Malinen
3c02cfdb3a proxyarp: Do not limit NDISC snoop packet size to 150
The RA, NS, and NA packets may be longer, so do not arbitrarily limit
the packet socket capture size to 150 bytes in the socket filter.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:41:26 +02:00
Jouni Malinen
bcb132e185 proxyarp: Validate IPv4 header total length value in dhcp_snoop
This field needs to be validated in addition to validating the total
length of the received frame to avoid reading beyond the frame buffer.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:41:26 +02:00
Jouni Malinen
8c5043b42c proxyarp: Relax frame length limit for RA and NA
Only the NS frames should be checked to be long enough to cover all the
fields used in the NS data structure. This allows shorter RA and NA
frames to be processed for multicast-to-unicast rules.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:37:05 +02:00
Jouni Malinen
ef3ea80c68 proxyarp: Fix x_snoop multicast-to-unicast debug print
l2_packet_send() returns >= 0 on success, i.e., non-zero value does not
mean failure. Fix this debug print to show up only on negative return
values.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:37:05 +02:00
Jouni Malinen
89052e9952 proxyarp: Add debug log entry on multicast-to-unicast conversion
This makes it easier to debug operations. The debug message is marked
EXCESSIVE, though, to avoid filling the logs with too much information
in default debugging cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:37:05 +02:00
Jouni Malinen
df131d4597 proxyarp: Try multicast-to-unicast conversion only for authorized STAs
There is no point in trying to send the unicast converted version to a
STA that is not in authorized state since the driver would be expected
to drop normal TX Data frames in such state.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:36:56 +02:00
Rashmi Ramanna
ac330cfd87 P2P: Reinvite with social operation channel if no common channels
If invitation to reinvoke a persistent group from the GO fails with the
peer indicating that there are no common channels, there is no defined
means for the peer to indicate which channel could have worked. Since
this type of issue with available channels changing over time can
happen, try to work around this by retrying invitation using one of the
social channels as the operating channel unless a specific operating
channel was forced for the group.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-27 17:55:54 +02:00
Jouni Malinen
f33c82d23e nl80211: Change iftype to station on leaving mesh
This is needed to make following operations behave as expected since
mesh iftypes may prevent various operations (e.g., registering Probe
Request frame RX). Use same design as leave_ibss does to handle this
consistently.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-27 17:12:47 +02:00
Jouni Malinen
7a94120ea9 nl80211: Clear ignore_if_down_event if interface is up
It was possible for the ignore_if_down_event flag to remain set in some
cases where interface mode change required the interface to be set down
temporarily. If that happened, the following rfkill interface down could
have been ignored and device could have been left trying to scan or
connect (which would all fail due to the interface beign down). Clean
this up by clearing the ignore_if_down_event flag on the interface down
event regardless of whether the interface is up at the time this event
is processed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-27 14:59:28 +02:00
Jouni Malinen
8997613c90 nl80211: Fix br_ifindex storing when hostapd creates the bridge
Commit 6c6678e7a4 ('nl80211: Make
br_ifindex available in i802_bss') did not cover the case where
i802_check_bridge() ends up creating the bridge interface. That left
bss->br_ifindex zero and prevented neighbor addition. Extend that
functionality to update br_ifindex once the bridge netdev has been
added.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-26 01:16:35 +02:00
Jouni Malinen
a6b4ee217a proxyarp: Print learned IPv6 address in debug log
This makes it easier to debug issues related to IPv6 address snooping.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-26 01:09:54 +02:00
Jouni Malinen
a7fb5ea463 proxyarp: Fix DHCP and ND message structures
These need to be marked packed to avoid issues with compilers
potentially adding padding between the fields (e.g., gcc on 64-bit
seemed to make struct icmpv6_ndmsg two octets too long which broke IPv6
address discovery).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-26 01:09:54 +02:00
Jouni Malinen
a437378f98 proxyarp: Use C library header files and CONFIG_IPV6
This replaces the use of Linux kernel header files (linux/ip.h,
linux/udp.h, linux/ipv6.h, and linux/icmpv6.h) with equivalent header
files from C library. In addition, ndisc_snoop.c is now built
conditionally on CONFIG_IPV6=y so that it is easier to handle hostapd
builds with toolchains that do not support IPv6 even if Hotspot 2.0 is
enabled in the build.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-25 16:58:21 +02:00
Masashi Honma
a959a3b69d SAE: Fix Anti-Clogging Token request frame format
This commit inserts Finite Cyclic Group to Anti-Clogging Token request
frame because IEEE Std 802.11-2012, Table 8-29 says "Finite Cyclic Group
is present if Status is zero or 76".

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-11-25 16:08:53 +02:00
Masashi Honma
872b754512 mesh: Fix SAE anti-clogging functionality for mesh
The mesh anti-clogging functionality is implemented partially. This
patch fixes to parse anti-clogging request frame and use anti-clogging
token.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-11-25 15:33:04 +02:00
Jouni Malinen
649c0a6974 WPA: Use more explicit WPA/RSN selector count validation
Some static analyzers had problems understanding "left < count * len"
(CID 62855, CID 62856), so convert this to equivalent "count > left /
len" (len here is fixed to 4, so this can be done efficiently).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 21:08:13 +02:00
Jouni Malinen
adf96fb66b WPS: Add explicit message length limit of 50000 bytes
Previously, this was implicitly limited by the 16-bit length field to
65535. This resulted in unhelpful static analyzer warnings (CID 62868).
Add an explicit (but pretty arbitrary) limit of 50000 bytes to avoid
this. The actual WSC messages are significantly shorter in practice, but
there is no specific protocol limit, so 50000 is as good as any limit to
use here.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 21:03:40 +02:00
Jouni Malinen
5c6787a6ca PeerKey: Clean up EAPOL-Key Key Data processing on AP
This extends the earlier PeerKey station side design to be used on the
AP side as well by passing pointer and already validated length from the
caller rather than parsing the length again from the frame buffer. This
avoids false warnings from static analyzer (CID 62870, CID 62871,
CID 62872).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 21:03:40 +02:00
Jouni Malinen
d36f416926 EAP-IKEv2: Make proposal_len validation clearer
Some static analyzers seem to have issues understanding "pos +
proposal_len > end" style validation, so convert this to "proposal_len >
end - pos" to make this more obvious to be bounds checking for
proposal_len. (CID 62874)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 21:03:40 +02:00
Jouni Malinen
c4de71cec5 EAP-FAST: Make PAC file A_ID parser easier to analyze
Some static analyzers seem to have issues with "pos + len > end"
validation (CID 62875), so convert this to "len > end - pos" to make it
more obvious that len is validated against its bounds.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 21:03:40 +02:00
Jouni Malinen
364182a80f EAP-FAST: Clean up binary PAC file parser validation steps
This was too difficult for some static analyzers (CID 62876). In
addition, the pac_info_len assignment should really have explicitly
validated that there is room for the two octet length field instead of
trusting the following validation step to handle both this and the
actual pac_info_len bounds checking.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 21:03:40 +02:00
Jouni Malinen
002a2495be radiotap: Initialize all members in ieee80211_radiotap_iterator_init()
_next_ns_data could look like it would be used uninitialized in
ieee80211_radiotap_iterator_next() to static analyzers. Avoid
unnecessary reports by explicitly initializing all variables in struct
ieee80211_radiotap_iterator. (CID 62878)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 21:03:40 +02:00
Jouni Malinen
3e94937fa4 P2P: Make p2p_parse_p2p_ie() validation steps easier to analyze
Validation was fine, but a bit too complex for some static analyzers to
understand. (CID 68125)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 21:03:40 +02:00
Jouni Malinen
46a0352589 Use more explicit num_pmkid validation in RSN IE parsing
Static analyzers may not have understood the bounds checking on
data->num_pmkid. Use a local, temporary variable and validate that that
value is within length limits before assining this to data->num_pmkid to
make this clearer. (CID 62857, CID 68126)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 21:03:29 +02:00
Jouni Malinen
e7306bcb59 PCSC: Use clearer file TLV length validation step
This makes it easier for static analyzer to confirm that the length
field bounds are checked. WPA_GET_BE16() is also used instead of
explicit byte-swapping operations in this file. (CID 68129)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 18:37:10 +02:00
Jouni Malinen
76874379d3 TLS client: Check DH parameters using a local variable
Use a temporary, local variable to check the DH parameters received from
the server before assigning the length to the struct tlsv1_client
variables. This will hopefully make it easier for static analyzers to
figure out that there is bounds checking for the value. (CID 72699)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 17:48:34 +02:00
Jouni Malinen
b81e274cdf RADIUS client: Print a clear debug log entry if socket is not available
It could have been possible to select a socket that is not open
(sel_sock == -1) and try to use that in socket operations. This would
fail with potentially confusing error messages. Make this clearer by
printing a clear debug log entry on socket not being available.
(CID 72696)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 17:41:13 +02:00
Jouni Malinen
f931374f30 IKEv2: Use a bit clearer payload header validation step
It looks like the "pos + plen > end" case was not clear enough for a
static analyzer to figure out that plen was being verified to not go
beyond the buffer. (CID 72687)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 16:37:16 +02:00
Andrei Otcheretianski
70d1e72849 wpa_supplicant: Handle link measurement requests
Send link measurement response when a request is received. Advertise
only RCPI, computing it from the RSSI of the request. The TX power field
is left to be filled by the driver. All other fields are not published.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2014-11-22 21:45:07 +02:00
Andrei Otcheretianski
7dc0338806 nl80211: Register Link Measurement Request Action frame
Add link measurement request to registration of Action frames to be
handled by wpa_supplicant if the driver supports TX power value
insertation.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2014-11-22 21:38:30 +02:00
Assaf Krauss
f4b8bfae15 wpa_supplicant: Add NEIGHBOR_REP_REQUEST command to the control interface
Add NEIGHBOR_REP_REQUEST command to the wpa_supplicant ctrl_iface.
This command triggers the sending of a Neighbor Report Request to the
associated AP.

Signed-off-by: Assaf Krauss <assaf.krauss@intel.com>
2014-11-22 21:28:52 +02:00
Assaf Krauss
d89c0701db wpa_supplicant: Add support for Neighbor Report
Add the ability to send a Neighbor Report Request (part of
RRM). Requester is then notified once the report arrives.

Signed-off-by: Assaf Krauss <assaf.krauss@intel.com>
2014-11-22 21:23:14 +02:00
Assaf Krauss
2526ccd95a nl80211: Register Neighbor Report Response Action frame
Add Neighbor Report Response Action frame to registration of Action
frames to be handled by wpa_supplicant.

Signed-off-by: Assaf Krauss <assaf.krauss@intel.com>
2014-11-22 21:16:25 +02:00
Assaf Krauss
b361d580ec SME: Add RRM support to association request
In case the AP we are associating with advertises support for RRM,
advertise our own RRM support in the (Re)Association Request frame. This
is done by adding an RRM Capabilities IE. The underlying driver is
expected to further add a Power Capabilities IE to the request, and set
the Radio Measurement flag in the Capability Info field. At this point
the RRM Capabilities IE advertises no measurement support.

Signed-off-by: Assaf Krauss <assaf.krauss@intel.com>
2014-11-22 21:13:45 +02:00
Assaf Krauss
58162adf06 nl80211: Populate RRM flags in nl80211 driver
Set the RRM capability flags, based on the capabilities reported
by the underlying driver.

In addition, upon connection, notify the underlying driver regarding
RRM support.

Signed-off-by: Assaf Krauss <assaf.krauss@intel.com>
2014-11-22 21:06:32 +02:00
Assaf Krauss
0dc957b93d driver: Add RRM-related definitions to driver interface
Add definitions for RRM (Radio Resource Measurement) support:
1. Flags that specify the RRM capabilities of the underlying driver
2. Flag for RRM in Capability Info field in Management frames
3. Indication in association parameters regarding an RRM connection

Signed-off-by: Assaf Krauss <assaf.krauss@intel.com>
2014-11-22 21:05:55 +02:00
Jouni Malinen
533630625d Add generic operating class and channel to frequency function
ieee80211_chan_to_freq() is a generic function that replaces and extends
the previous P2P-specific p2p_channel_to_freq(). The new function
supports both the global operating class table as well as the additional
US, EU, JP, and CN operating class tables.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-22 20:17:47 +02:00
Jouni Malinen
5351480047 Add BSS-TM-RESP ctrl_iface event
This event allows external monitors to track STA response to BSS
Transition Management Request.

BSS-TM-RESP <STA addr> status_code=<#> bss_termination_delay=<#>
[target_bssid=<BSSID>]

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-22 16:34:34 +02:00
Jouni Malinen
a30dff07fb Add BSS_TM_REQ command to send BSS Transition Management Request
hostapd control interface can now be used to request transmission of a
BSS Transition Management Request frame to a specified station.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-22 16:34:34 +02:00
Jouni Malinen
37df6a87dd Add names for assigned QCA nl80211 vendor subcmds
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-21 21:46:01 +02:00
Jouni Malinen
f23c5b17e1 AP: Extend EAPOL-Key msg 1/4 retry workaround for changing SNonce
If the 4-way handshake ends up having to retransmit the EAPOL-Key
message 1/4 due to a timeout on waiting for the response, it is possible
for the Supplicant to change SNonce between the first and second
EAPOL-Key message 2/4. This is not really desirable due to extra
complexities it causes on the Authenticator side, but some deployed
stations are doing this.

This message sequence looks like this:
AP->STA: EAPOL-Key 1/4 (replay counter 1, ANonce)
AP->STA: EAPOL-Key 1/4 (replay counter 2, ANonce)
STA->AP: EAPOL-Key 2/4 (replay counter 1, SNonce 1)
AP->STA: EAPOL-Key 3/4 (replay counter 3, ANonce)
STA->AP: EAPOL-Key 2/4 (replay counter 2, SNonce 2)
followed by either:
STA->AP: EAPOL-Key 4/4 (replay counter 3 using PTK from SNonce 1)
or:
AP->STA: EAPOL-Key 3/4 (replay counter 4, ANonce)
STA->AP: EAPOL-Key 4/4 (replay counter 4, using PTK from SNonce 2)

Previously, Authenticator implementation was able to handle the cases
where SNonce 1 and SNonce 2 were identifical (i.e., Supplicant did not
update SNonce which is the wpa_supplicant behavior) and where PTK
derived using SNonce 2 was used in EAPOL-Key 4/4. However, the case of
using PTK from SNonce 1 was rejected ("WPA: received EAPOL-Key 4/4
Pairwise with unexpected replay counter" since EAPOL-Key 3/4 TX and
following second EAPOL-Key 2/4 invalidated the Replay Counter that was
used previously with the first SNonce).

This commit extends the AP/Authenticator workaround to keep both SNonce
values in memory if two EAPOL-Key 2/4 messages are received with
different SNonce values. The following EAPOL-Key 4/4 message is then
accepted whether the MIC has been calculated with the latest SNonce (the
previously existing behavior) or with the earlier SNonce (the new
extension). This makes 4-way handshake more robust with stations that
update SNonce for each transmitted EAPOL-Key 2/4 message in cases where
EAPOL-Key message 1/4 needs to be retransmitted.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-21 17:02:00 +02:00