Commit graph

5140 commits

Author SHA1 Message Date
Veerendranath Jakkam
57536a5678 P2P: Fix P2P interface remuval through wpa_supplicant_remove_iface()
wpa_supplicant_remove_iface() removes the P2P management interface from
the global interfaces list before calling wpa_supplicant_deinit_iface().
When wpas_p2p_group_remove() is called from
wpa_supplicant_deinit_iface(), the P2P group created on the calling
wpa_s was not getting cleared as the calling wpa_s is not in the list of
global->ifaces. This results in the P2P management interface being
removed without disconnecting the p2p_group created on it. This could
result in an illegal access of freed memory, e.g., when a pending eloop
task wpas_p2p_reconsider_moving_go() was triggered with the leftover ctx
pointer to the removed P2P interface instance.

Fix this by disconnecting the P2P group created on interface to be
deinitialized before deinitializing the interface.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2020-10-01 15:48:05 +03:00
Sreeramya Soratkal
760d10cdea P2P: Include channels 149 to 161 for operating classes 128 and 130
With the configuration defined in the global_op_class array, the
channels starting from 149 in the operating classes 128 and 130 were not
considered for P2P channel setup due to the non-continuous
incrementation of channel indexes. The other channels in these operating
classes were considered. Handle the channels from 149 to 161 in the
operating classes 128 and 130 for P2P channel setup by handling this
jump in the channel number incrementation.

Signed-off-by: Sreeramya Soratkal <ssramya@codeaurora.org>
2020-10-01 15:47:56 +03:00
Jouni Malinen
e8a1e6a4a1 P2P: Fix a typo in a comment
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-09-30 10:14:33 +03:00
Jouni Malinen
90e478aa0a DPP2: Use the PFS fallback if multiple key_mgmt values are enabled
Previously this fallback from PFS enabled to disabled (and back to
enabled) was used only if the local network profile used key_mgmt=DPP,
i.e., did not enable another other AKM. That leaves out some valid cases
since the local network profile could actually enable both DPP and SAE.
Extend this check to accept cases DPP AKM is enabled and it was selected
for the connection even if there other enabled AKMs.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-09-23 23:06:55 +03:00
Veerendranath Jakkam
5ecb45a41c OCV: Use more granular error codes for OCI validation failures
Enhance the return values of ocv_verify_tx_params with enum to indicate
different OCI verification failures to caller.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2020-09-11 15:23:28 +03:00
Veerendranath Jakkam
93a73ce028 MSCS: Fix issues due to incorrect usage of wpa_hexdump_buf()
Previously wpabuf_head() of the buffer is passed to wpa_hexdump_buf()
instead of the wpabuf struct itself and it was causing wpa_supplicant to
crash. Fix this by using the correct pointer in the debug prints.

Fixes: a118047245 ("MSCS: Add support to send MSCS Request frames")
Fixes: c504ff5398 ("MSCS: Add support to populate MSCS Descriptor IE in (Re)AssocReq")
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2020-09-08 19:38:35 +03:00
Jouni Malinen
c043b1e000 DPP: Remove unnecessary dpp_global_config parameters
These were not really used anymore since the AP/Relay case did not set
msg_ctx or process_conf_obj in the global DPP context. Get the
appropriate pointers more directly from the more specific data
structures instead and remove these global values.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-25 16:02:29 +03:00
Jouni Malinen
4ecb6dd16b DPP2: Controller support in hostapd
Extend hostapd support for DPP Controller to cover the DPP_CONTROLLER_*
cases that were previously implemented only in wpa_supplicant. This
allows hostapd/AP to be provisioned using DPP over TCP.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-25 15:53:08 +03:00
Jouni Malinen
ba3081f1dc dpp-nfc: Start listen operation more completely for NFC Tag write cases
Share the same setup steps from the negotiated connection handover to
fix issues with NFC Tag write cases in AP mode. This addresses issues in
the AP mode DPP listen operation not actually receiving anything when
the write-a-tag code path was used.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-24 23:41:13 +03:00
Jouni Malinen
9bc8811538 DPP2: Fix build without IEEE8021X_EAPOL
The local network profile parameters for EAP are not available without
IEEE8021X_EAPOL, so do not try to set these in builds that do not
include any EAP support.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-08-22 12:49:05 +03:00
Jouni Malinen
55a366d7a8 dpp-nfc: Fix recv_octets() regression
The updated socket.poll() loop did not terminate properly in cases where
no response is available. Fix that to check for both False and None.

Fixes: 1733e356e4 ("dpp-nfc: Fix handover client wait for receiving handover select")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-15 00:26:21 +03:00
Jouni Malinen
c6a760b9c4 DPP: Add process_conf_obj into TCP connection data struct
This is needed to avoid issues with hostapd not having set this function
pointer in dpp_global.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-14 17:31:51 +03:00
Jouni Malinen
7f366fcbdc DPP: Add msg_ctx into TCP connection data struct
This is needed to avoid issues with hostapd not having set msg_ctx in
dpp_global.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-14 17:26:32 +03:00
Jouni Malinen
6aa7aa8089 DPP2: hostapd/AP as Enrollee/Initiator over TCP
Extend DPP support in hostapd to allow AP Enrollee role when initiating
the exchange using TCP.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-14 16:44:38 +03:00
Vinita S. Maloo
d21dde9dac MSCS: Send MSCS change/remove frames only if MSCS setup exists
Allow MSCS change/remove request to be sent only after an initial setup,
i.e., after an add request has been accepted.

Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
2020-08-14 11:53:37 +03:00
Vinita S. Maloo
af8ab3208d MSCS: Parse result of MSCS setup in (Re)Association Response frames
Add support to parse the (Re)Association Response frames to check if the
AP has accepted/declined the MSCS request in response to the
corresponding (Re)Association Request frame. AP indicates the result by
setting it in the optional MSCS Status subelement of MSCS Descriptor
element in (Re)Association Response frame.

This MSCS Status subelement is defined in the process of being added
into P802.11-REVmd/D4.0 (11-20-0516-17-000m-cr-mscs-and-cid4158).

Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
2020-08-14 11:53:37 +03:00
Vinita S. Maloo
c504ff5398 MSCS: Add support to populate MSCS Descriptor IE in (Re)AssocReq
Include the MSCS Descriptor IE in the (Re)Association Request frames to
setup MSCS between the AP and the STA during association.

Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
2020-08-14 11:53:37 +03:00
Vinita S. Maloo
bbd3178af4 MSCS: Add support to process MSCS Response frames
Add support to receive and process MSCS Response frames from the AP and
indicate the status to upper layers.

Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
2020-08-14 11:53:37 +03:00
Vinita S. Maloo
a118047245 MSCS: Add support to send MSCS Request frames
Add support to send MSCS add/change/remove types of Action frames
to the connected AP.

Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
2020-08-14 11:53:35 +03:00
Jouni Malinen
1733e356e4 dpp-nfc: Fix handover client wait for receiving handover select
This was supposed to wait for up to 3.0 seconds for the handover select,
but the incorrect loop terminated ended up limiting this to a single
iteration of 0.1 second wait. This was too fast for some cases like the
AP mode operation where it may take significant time to enable the radio
for listening to DPP authentication messages.

Fix the loop to allow that full three second wait for the response to be
used. In addition, report the amount of time it takes to receive the
response.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-14 00:11:44 +03:00
Veerendranath Jakkam
596d99567a SME: Process channel switch event in SME only when supplicant's SME is used
Do not process channel switch event in wpa_supplicant's SME when SME is
offloaded to the driver/firmware to avoid SA Query initiation from both
wpa_supplicant and the driver/firmware for the OCV case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-13 21:39:49 +03:00
Veerendranath Jakkam
170775232d ANQP: Add support to specify frequency in ANQP_GET command
Previously, wpa_supplicant fetched BSS channel info from scan results to
send ANQP Query frames. If the scan results for the specified BSS are
not available, the ANQP_GET command request was getting rejected.

Add support to send ANQP Query frame on the specified frequency without
requiring the scan results to be available.

The control interface command format:
- ANQP_GET <dst_addr> [freq=<freq in MHz>] <Query ID1>[,<Query ID2>,..]

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2020-08-13 17:51:00 +03:00
Veerendranath Jakkam
43106e122b GAS: Update source MAC address on preassoc_mac_addr randomization
The GAS query source MAC address was not getting updated correctly when
preassoc_mac_addr is enabled. Fix this by copying the current MAC
address to the GAS query source address.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2020-08-13 17:34:43 +03:00
Veerendranath Jakkam
1289ecf4cc GAS: Ignore preassoc_mac_addr when gas_rand_mac_addr enabled
Skip unnecessary random MAC generation due to preassoc_mac_addr
parameter when gas_rand_mac_addr parameter is enabled.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2020-08-13 17:33:27 +03:00
Veerendranath Jakkam
dbe485a35a SAE-PK: Check psk param also to look for SAE-PK acceptable BSS
SAE-PK password can be set using psk parameter also in case of mixed
SAE+PSK networks, so look for acceptable SAE-PK BSS when SAE password
not set and psk parameter meets SAE-PK password criteria.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2020-08-13 17:31:38 +03:00
Jouni Malinen
3adc1c623e DPP2: Disconnect before starting reconfiguration
The offchannel operations (scan, Public Action frame TX/RX) have
significantly more latency when performed while connected, so disconnect
when requested to initiate DPP reconfiguration to avoid this. The old
network profile (i.e., likely the current connection) is going to be
replaced in practice and as such, there is no need to try continue that
association any further.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-13 17:05:49 +03:00
Jouni Malinen
fc3efe0834 DPP2: Support mutual auth with QR in scan-during-auth-exchange case
Extend DPP authentication session search for the DPP_QR_CODE command to
cover the ongoing exchanges in Controller/Responder.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-12 12:04:25 +03:00
Jouni Malinen
e4e95aabbf DPP2: Allow Controller to be configured to require QR mutual auth
Extend the DPP_CONTROLLER_START command to accept the optional qr=mutual
parameter similarly to the DPP_LISTEN case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-12 11:41:52 +03:00
Jouni Malinen
86fd6755cb dpp-nfc: Use --altchan value in handover server
Use the alternative channel list in the handover server role when
processing an alternative proposal. This was previously done only in the
handover client role, but with the updated design, both roles act in a
similar manner for the case where the alternative channel list is
specified.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-11 23:44:48 +03:00
Jouni Malinen
315422196a dpp-nfc: Update listen channel based on channel list when writing a tag
Do not use the hardcoded channel 1 (2412 MHz) with DPP_LISTEN if a
channel list is specified when writing an NFC Tag. Instead, pick the
first channel from that list as the listen channel.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-10 23:52:11 +03:00
Jouni Malinen
9304d1b3c3 DPP2: Regenerate Reconfig Announcement for each transmission
This is needed to generate a new unique A-NONCE and E'-id values.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-08 00:14:00 +03:00
Jouni Malinen
6d0217119e DPP2: Allow iteration count to be configured for DPP_RECONFIG
Add an optional iter=# parameter to DPP_RECONFIG similarly to the way
this was handled with DPP_CHIRP.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-07 23:22:31 +03:00
Jouni Malinen
c6d0e5a93d DPP2: Add E-id in Reconfig Announcement
Add an encrypted Enrollee identifier into Reconfig Announcement frames
and decrypt that on the Configurator side. The actual E-id value is
currently not used for anything, but it can be used in the future to
provide better control over reconfiguration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-07 22:54:53 +03:00
Jouni Malinen
e5be6e68c8 DPP2: Add Enrollee netAccessKey group into Reconfig Announcement
This was added to the protocol design to support cases where the
C-sign-key uses a different group than the netAccessKey. The Enrollee
now indicates its netAccessKey group in Reconfig Announcement and the
Configurator builds it own reconfig Connector using that group instead
of the group used for the C-sign-key.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-07 15:25:10 +03:00
Jouni Malinen
2a58968d39 SAE-PK: Allow SAE-PK password to be set using the psk parameter
Only the sae_password parameter was previously accepted for SAE-PK use.
That is not sufficient for covering mixed SAE+PSK cases. Extend this by
allowing the psk parameter to be used as well just like it can be used
for SAE without SAE-PK.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-08-07 00:49:00 +03:00
Veerendranath Jakkam
b28b9dfcbf OCV: OCI channel override support for testing (STA)
Add override parameters to use the specified channel while populating
OCI element in EAPOL-Key group msg 2/2, FT reassoc request, FILS assoc
request and WNM sleep request frames.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2020-08-03 11:02:13 +03:00
Jouni Malinen
38ef655eb5 dpp-nfc: Report negotiated connection handover result
Print out a summary of the result in yellow text.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-31 01:23:39 +03:00
Jouni Malinen
4d54618424 dpp-nfc: Stop only_one run after failed handover attempt
Do not require connection handover to succeed before stopping the loop
in the only_one case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-31 01:09:31 +03:00
Jouni Malinen
f7b5a1d347 dpp-nfc: Do not indicate no initial HS as failure if alt HR will be sent
Do not use red color for the "No response receive" message in case
another HR will be sent after this.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-31 01:00:11 +03:00
Jouni Malinen
475b34665c dpp-nfc: Improved version of HandoverServer::serve()
Fix processing of the case where no handover select is sent out and add
automatic (delayed) termination of the link on completing the handover
successfully.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-31 01:00:11 +03:00
Jouni Malinen
dc0795e4ff dpp-nfc: Stop process after successful handover client completion
terminate_now was not being set in the only_one case with connection
handover. Set it for that case as well as the tag cases to automatically
close down the link once it is not needed anymore.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-31 00:44:49 +03:00
Jouni Malinen
b00bbbfe54 dpp-nfc: Optimize HandoverClient message receiving for alternative HR case
Use a shorter polling interval in recv_octets() to be able to send out
the alternative HR more quickly when using a single thread and handover
client. In addition, fix recv_records() to handle normal exception cases
like not receiving anything.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-31 00:44:47 +03:00
Jouni Malinen
bbfb7b9feb dpp-nfc: Use a single handover client thread
Avoid extra complexity from use a separate thread to send out the
alternative proposal.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-31 00:44:12 +03:00
Jouni Malinen
aaa8638ed2 dpp-nfc: Add a class for maintaining connection handover state
This cleans up the shared state between the handover server and client.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-30 21:34:37 +03:00
Jouni Malinen
66d74626ba dpp-nfc: Reuse the same handover client for alternative URI
Postpone closing of the handover client to allow the same client to be
used for sending both handover request messages if an alternative URI
needs to be tried.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-30 20:43:26 +03:00
Jouni Malinen
6e904441c8 dpp-nfc: Add peer URI into the HS in testing mode
This makes it easier to confirm that the correct pair of the HR and the
HS were used.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-30 20:43:26 +03:00
Jouni Malinen
3021b14c49 dpp-nfc: Enable more verbose nfcpy debugging
Set logging level to various upper layer nfcpy modules to enable more
detailed debugging of the actual NFC operations when requested (-d on
the command line).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-30 16:49:40 +03:00
Jouni Malinen
1d3e16d0b0 dpp-nfc: Skip P2P management interfaces
Do not try to perform DPP operations on the P2P management interface
when no specific interface has been identified.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-30 12:51:56 +03:00
Jouni Malinen
e9c192ffc7 dpp-nfc: Ignore (no) response to initial handover request
If an alternative proposal (second handover request) is sent, the
response (or lack of it) to the initial handover request should be
ignored.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-24 12:46:20 +03:00
Jouni Malinen
7d27bcb8e7 dpp-nfc: Do not allow more than one alternative channel proposal
This avoids potential loops of endless alternative URI exchanges over
NFC negotiated connection handover. Only allow one such alternative
proposal and declarare the handover as a failure if another alternative
were needed.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-24 12:27:06 +03:00
Jouni Malinen
6eaee933d7 dpp-nfc: Add test mode for negotiated connection handover
Allow all actual DPP processing steps in wpa_supplicant to be skipped by
specifying hardcoded URI values. Also allow a hardcoded crn to be
specified to force specific handover requestor/selector roles.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-24 12:27:06 +03:00
Jouni Malinen
f4877083ec Rename driver op for temporarily disallowed BSSIDs
Use the "tmp_disallow" name more consistently so that both the core
wpa_supplicant functionality (struct wpa_bss_tmp_disallowed) and the
wpa_driver_ops callback have more similar names.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-24 12:26:09 +03:00
Jouni Malinen
15018d4f4a DPP2: Fix auth termination after receiving Configurator backup
remove_on_tx_status needs to be set in this case even if
dpp_config_processing=2 is used since there will be no connection
attempt when receiving a Configurator backup instead of station config
object.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-23 18:01:55 +03:00
Jouni Malinen
74cd38ac69 dpp-nfc: Return failure status if operation fails
For now, this is done only for the case where the NFC Device is not
usable and if writing a single tag fails.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-23 12:26:46 +03:00
Jouni Malinen
7e2edfbc1a dpp-nfc: Add color and details for interactive operations
Make the debug output easier to read when performing interactive NFC
operations on a device that has a terminal showing the log.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-23 12:10:26 +03:00
Jouni Malinen
09c22bb782 dpp-nfc: Fix regression in NFC Tag writing
The change to checking DPP_LISTEN return value ended up overwriting the
actual URI information from wpas_get_nfc_uri().

Fixes: 288c0ffaaa ("dpp-nfc: Do not hardcode netrole for NFC Tag writing cases")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-23 11:32:21 +03:00
Jouni Malinen
1e4a42c745 dpp-nfc: Detect a non-NDEF tag when trying to write
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-23 11:27:27 +03:00
Jouni Malinen
288c0ffaaa dpp-nfc: Do not hardcode netrole for NFC Tag writing cases
Allow netrole to be specified for NFC Tag writing cases. Previously,
this was hardcoded to use netrole=configurator when starting the listen
operation. Now the netrole parameter is not included by default, but any
netrole value can be specified with the new --netrole command line
argument.

In addition, fix the listening frequency for the case where a channel is
picked.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-07-23 01:30:30 +03:00
Yu Wang
885097125c mesh: Fix peer link counting when removing a mesh peer
When removing a mesh peer with control interface commands (ACCEPT_ACL
DEL_MAC/DENY_ACL ADD_MAC/MESH_PEER_REMOVE) the plink count was not
decreased from its last connection. This resulted in peer link count
leakage and wpa_supplicant rejecting the connections after reaching
max_peer_links (default: 99).

Fix this by decreasing the plink count when removing a mesh peer which
is in PLINK_ESTAB state.

Signed-off-by: Yu Wang <yyuwang@codeaurora.org>
2020-07-15 12:00:35 +03:00
Jouni Malinen
8632dea4ae DPP2: Make sure dpp_auth gets cleared with external config processing
wpa_s->dpp_auth did not get cleaner if dpp_config_processing=1 is used.
Clear this after having received TX status for Configuration Result to
avoid leaving behind the completed provisioning instance.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-26 20:50:23 +03:00
Jouni Malinen
a7ae422961 DPP2: Do not allow reconfiguration to be started with pending auth
The pending authentication exchange will make us ignore Reconfig
Authentication Request, so do not allow reconfiguration to be started in
that state.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-26 20:40:40 +03:00
Jouni Malinen
d93df9989f DPP2: Debug print reason for rejecting reconfiguration
This makes it easier to understand why Reconfig Authentication Request
gets ignored.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-26 20:37:30 +03:00
Jouni Malinen
c9dc075fcd dpp-nfc: Fix connection handover renegotiation
The use of the alternative channel list did not work properly for the
case were both ends were trying to initiate the negotiated connection
handover. Fix this by always starting a new connection handover client
thread for sending the alternative proposal and ignoring peer messages
(likely something from the first attempt) during this modified attempt.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-24 22:37:52 +03:00
Vinita S. Maloo
d0819a11cc FILS: Use FILS auth alg when connecting using PMKSA caching
When a PMKSA cache entry is available and used for connection with FILS
key management suite, use FILS authentication algorithm for connection
even if ERP keys are not available. This scenario may happen when
applications using wpa_supplicant cache persistently only PMKSA but not
ERP keys and reconfigures wpa_supplicant with PMKSA cache after
restarting wpa_supplicant.

The previous implementation correctly handles SME-in-wpa_supplicant
cases. However, SME-in-driver cases, complete FILS authentication
without PMKSA caching is performed.

Fix SME-in-driver behavior by setting authentication algorithm to
WPA_AUTH_ALG_FILS when connecting to a FILS AP using PMKSA caching.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-24 00:29:58 +03:00
Wu Gao
52a3257621 6 GHz: Change 6 GHz channels per IEEE P802.11ax/D6.1
The channel numbering/center frequencies was changed in IEEE
P802.11ax/D6.1. The center frequencies of the channels were shifted by
10 MHz. Also, a new operating class 136 was defined with a single
channel 2. Add required support to change the channelization as per IEEE
P802.11ax/D6.1.

Signed-off-by: Wu Gao<wugao@codeaurora.org>
Signed-off-by: Vamsi Krishna <vamsin@codeaurora.org>
2020-06-24 00:29:37 +03:00
Jouni Malinen
5908fedc10 dpp-nfc: Support channel list negotiation
If the peer's channel list in negotiated handover does not have any
common channels and the local end is configured with an alternative
channel list, try to initiate another negotiation handover with the
alternative channels.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-23 13:24:38 +03:00
Jouni Malinen
eddf22e1f2 dpp-nfc: Update debug print for tag-read-only operation
Be clearer about only a tag read being allowed when dpp-nfc is
configured to not allow connection handover.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-23 00:57:18 +03:00
Jouni Malinen
b62e46f690 DPP2: Fix DPP_CA_SET processing with authentication not having peer BI
Need to check for auth->peer_bi being set before using it here.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-22 21:45:10 +03:00
Jouni Malinen
4f4a52c3cc DPP: Clear bootstrap entries only after clearing authentication state
This fixes an issue where the pending authentication might have held a
reference to auth->tmp_peer_bi and dpp_auth_deinit() would try to free
that bootstrapping entry. This needs to happen before the call to
dpp_global_clear() to avoid double-removal of the bootstrapping entry
from the list.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-22 20:00:31 +03:00
Jouni Malinen
b5dab03a13 Convert int to bool for throughput estimate tables
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-06-19 18:34:26 +03:00
Matthew Wang
b97aa038b7 Add WPA_EVENT_{DO,SKIP}_ROAM events
Add events for within-ESS reassociation. This allows us to monitor roam
events, both skipped and allowed, in tests.

Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
2020-06-19 18:34:26 +03:00
Matthew Wang
d6b450e890 Refactor wpa_supplicant_need_to_roam()
Pull all the within-ESS roam code out of wpa_supplicant_need_to_roam()
and into its own function, wpa_supplicant_need_to_roam_within_ess().
This way, we avoid interleaving several #ifndef's in the original
function and wrap the new function in one big #ifndef. This also
modularizes the within-ESS roam code and makes it easier to test.

Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
2020-06-19 18:30:08 +03:00
Matthew Wang
2ff5a1fdb1 Use lookup-table instead of macro for TX rate estimates
Change INTERPOLATE_RATE() macro to a lookup-table instead for the sake
of readability.

Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
2020-06-19 16:59:13 +03:00
Jouni Malinen
fa09b85c4e DPP2: Remove forgetten development time debug prints
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-19 00:37:40 +03:00
Jouni Malinen
8f88dcf050 DPP2: Add an automatic peer_bi entry for CSR matching if needed
This allows the DPP_CA_SET command to be targeting a specific DPP-CST
event in cases where the Configurator did not receive the bootstrapping
information for the peer.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-19 00:13:48 +03:00
Jouni Malinen
b25ddfe9d3 DPP2: Add Enrollee name into CSR as the commonName
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-19 00:13:48 +03:00
Jouni Malinen
697fa0c4bd DPP2: Do not try to proceed with GAS client if CSR building fails
This error path was supposed to stop instead of continuing to
wpas_dpp_start_gas_client().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-18 12:09:00 +03:00
Jouni Malinen
3a3eded0dc DPP2: Allow CSR processing by CA/RA to reject configuration
"DPP_CA_SET name=status value=<int>" can now be used to explicitly
indicate that CSR was rejected by CA/RA.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-17 21:39:47 +03:00
Jouni Malinen
ace3723d98 DPP2: Enterprise provisioning (Enrollee)
Add initial Enrollee functionality for provisioning enterprise (EAP-TLS)
configuration object. This commit is handling only the most basic case
and a number of TODO items remains to handle more complete CSR
generation and config object processing.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-16 18:26:06 +03:00
Jouni Malinen
6568e5d203 DPP2: Enterprise provisioning (Configurator)
Add Configurator functionality for provisioning enterprise (EAP-TLS)
configuration object.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-16 18:24:23 +03:00
Jouni Malinen
68ac45d53c GAS server: Support comeback delay from the request handler
Allow GAS request handler function to request comeback delay before
providing the response.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-15 23:56:06 +03:00
Jouni Malinen
518be614f1 SAE-PK: Advertise RSNXE capability bit in STA mode
Set the SAE-PK capability bit in RSNXE when sending out (Re)Association
Request frame for a network profile that allows use of SAE-PK.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-10 12:47:07 +03:00
Jouni Malinen
cc2d03601b HS 2.0: Use global pmf=2 for the created network block
Previously, PMF support was enabled in optional mode (ieee80211w=1) for
Hotspot 2.0 network blocks automatically. This did not consider the
global PMF parameter and unconditionally changed that value to optional.
Since the newly added network block had an explicit ieee80211w
parameter, this overrode the global parameter. To make this less
surprising, use the global pmf parameter value to select whether to add
network blocks for Hotspot 2.0 with PMF being optionally enabled (pmf=0
or pmf=1) or required (pmf=2).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-09 00:55:13 +03:00
Subrat Dash
790026c3da Allow TX queue parameters to be configured for wpa_supplicant AP/P2P GO
Allow user to configure the TX queue parameters through the
wpa_supplicant configuration file similarly to the way these can be set
in hostapd.

Parse the tx_queue_* parameters in the wpa_supplicant configuration file
and update the TX queue configuration to the AP/P2P GO interface in the
function wpa_supplicant_create_ap().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-09 00:29:42 +03:00
Jouni Malinen
fcef598ea2 Do not try to connect with zero-length SSID
It was possible to find a BSS to local network profile match for a BSS
entry that has no known SSID when going through some of the SSID
wildcard cases. At leas the OWE transition mode case without BSSID match
could result in hitting this. Zero-length SSID (i.e., wildcard SSID) is
not valid in (Re)Association Request frame, so such an association will
fail. Skip such a BSS to avoid known-to-be-failing association attempts.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 21:40:56 +03:00
Jouni Malinen
5f48d36b4a SAE-PK: Select SAE-PK network over SAE without PK
If there is an acceptable BSS with SAE-PK enabled in the same ESS,
select that over a BSS that does not enable SAE-PK when the network
profile uses automatic SAE-PK selection.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 16:49:07 +03:00
Jouni Malinen
d654ca24de Clean up wpa_scan_res_match()
Move the BSS-against-SSID matching into a separate helper function to
make this overly long function a bit more readable and to allow that
helper function to be used for other purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 16:30:32 +03:00
Jouni Malinen
9ad010c290 SAE-PK: Allow automatic SAE-PK to be disabled
This replaces the previously used sae_pk_only configuration parameter
with a more generic sae_pk that can be used to specify how SAE-PK is
negotiated. The default behavior (sae_pk=0) is to automatically
negotiate SAE-PK whenever the AP supports it and the password is in
appropriate format. sae_pk=1 allows only SAE-PK to be used and sae_pk=2
disables SAE-PK completely.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 11:55:16 +03:00
Purushottam Kushwaha
85ca13ebcf wpa_cli: Add all_bss command to print all scan results (BSS entries)
The wpa_supplicant control interface returns maximum of 4 kB of response
data and, thus, limits maximum number of scan entries as part of
SCAN_RESULTS to approximately 60. Add a new all_bss command to use a
more robust iteration of the BSS table entries with the BSS command to
to get all scan entries and print them in the same format as the
scan_results command.

Signed-off-by: Purushottam Kushwaha <pkushwah@codeaurora.org>
2020-06-06 17:07:24 +03:00
Jouni Malinen
215b4d8a72 FT: Do not add PMKID to the driver for FT-EAP if caching is disabled
wpa_supplicant disables PMKSA caching with FT-EAP by default due to
known interoperability issues with APs. This is allowed only if the
network profile is explicitly enabling caching with
ft_eap_pmksa_caching=1. However, the PMKID for such PMKSA cache entries
was still being configured to the driver and it was possible for the
driver to build an RSNE with the PMKID for SME-in-driver cases. This
could result in hitting the interop issue with some APs.

Fix this by skipping PMKID configuration to the driver fot FT-EAP AKM if
ft_eap_pmksa_caching=1 is not used in the network profile so that the
driver and wpa_supplicant behavior are in sync for this.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 16:48:57 +03:00
Tanmay Garg
63653307df Add support for indicating missing driver AKM capability flags
Add support for missing driver AKM capability flags from the list of
RSN_AUTH_KEY_MGMT_* flags and make these available through the
'GET_CAPABILITY key_mgmt' control interface command.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
8d1cbaaff7 SAE-PK: Transition mode disabled indication processing
Allow AP to disable transition mode for SAE-PK (i.e., prevent SAE
authentication without SAE-PK).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
a752695290 SAE: Add sae_h2e and sae_pk to wpa_supplicant STATUS command
This provides additional information on which options were used during
SAE authentication.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
cc22fb1b86 SAE: Move H2E and PK flags to main sae_data
This maintains knowledge of whether H2E or PK was used as part of the
SAE authentication beyond the removal of temporary state needed during
that authentication. This makes it easier to use information about which
kind of SAE authentication was used at higher layer functionality.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
bc908daace Document more network profile parameters
Some of the recently added wpa_supplicant network profile parameters
were not documented in wpa_supplicant.conf. Add these there based on the
documentation in config_ssid.h.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
1c846d647e SAE-PK: Allow SAE authentication without PK to be disabled
The new wpa_supplicant network profile parameter sae_pk_only=1 can now
be used to disable use of SAE authentication without SAE-PK.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
b6bcd74e53 Show SAE capabilities in control interface
Indicate local support for SAE H2E and SAE-PK.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-02 23:25:22 +03:00
Jouni Malinen
9bf576870e Show SAE flags in scan results
Indicate AP support for SAE H2E and SAE-PK in scan results.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-02 23:25:22 +03:00
Jouni Malinen
e7aeb6d8ac SAE-PK: STA functionality
This adds STA side functionality for SAE-PK. This version enables SAE-PK
automatically based on the configured SAE password value if the selected
AP advertises support for SAE-PK.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-02 23:25:22 +03:00
Jouni Malinen
6b9e99e571 SAE-PK: Extend SAE functionality for AP validation
This adds core SAE functionality for a new mode of using SAE with a
specially constructed password that contains a fingerprint for an AP
public key and that public key being used to validate an additional
signature in SAE confirm from the AP.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-02 23:25:22 +03:00