Extend the set of supported cipher suites to include CCMP-256, GCMP,
GCMP-256, CMAC-256, GMAC, and GMAC-256 when ATH_GCM_SUPPORT=y is set in
the build configuration.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This introduces a minimal RADIUS authentication server using pyrad to
allow simple EAP handler functions to be used for writing protocol tests
for EAP peer methods. This initial commit includes test cases for
EAP-SAKE.
Signed-off-by: Jouni Malinen <j@w1.fi>
It does not look like there is going to be any additional use for this
old build option that could be used to build the EAP-IKEv2 peer
implementation in a way that interoperates with the eap-ikev2.ccns.pl
project. Remove the workarounds that matches incorrect implementation in
that project to clean up implementation.
Signed-off-by: Jouni Malinen <j@w1.fi>
While it does not look like that eapol_sm_get_key() would ever be called
with sm == NULL, the current implementation is inconsistent on whether
that is allowed or not. Check sm != NULL consistently to avoid warnings
from static analyzers.
Signed-off-by: Jouni Malinen <j@w1.fi>
The following kde.rsn_ie_len != peer->rsnie_i_len was already taking
care of enforcing the length to be within the target buffer length.
Anyway, this explicit check makes this clearer and matches the design in
TPK M1 processing.
Signed-off-by: Jouni Malinen <j@w1.fi>
wpa_supplicant_event() is required to include the event data for AP mode
events. In theory, a non-AP mode event could be sent here from the
driver wrapper, so reject such event.
Signed-off-by: Jouni Malinen <j@w1.fi>
In theory, gmtime() could return NULL if the year value would not fit
into an integer. However, that cannot really happen with the current
time() value in practice. Anyway, clean up static analyzer reports by
checking for this corner case.
Signed-off-by: Jouni Malinen <j@w1.fi>
Must check that UDN was present before trying to parse it. Avoid a NULL
pointer dereference by checking the result before using os_strstr() when
parsing device description from an AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
Prepare for new extended capabilities bits by checking that the local
buffer is large enough to contain all the bits the driver requests. The
existing buffers are large enough to include anything defined until now,
but it would be possible to add more definitions in the future, so
increase them a bit as well to make this more future proof.
Signed-off-by: Jouni Malinen <j@w1.fi>
Instead of allowing the connection attempt to occur with an unsupported
inner method, check for that explicitly at the time the network block is
added and drop the network if the identified inner method is not
supported.
Signed-off-by: Jouni Malinen <j@w1.fi>
This cannot really be NULL in practice since cred->eap_method would
point to a valid EAP method. Anyway, to avoid false positive from
analyzers, check the pointer explicitly before printing it.
Signed-off-by: Jouni Malinen <j@w1.fi>
prev cannot be NULL here in the hostapd_eid_country_add() call since
prev is set whenever start becomes non-NULL. That seems to be a bit too
difficult for some static analyzers, so check the prev pointer
explicitly to avoid false warnings.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is mainly to keep static analyzers silent since it does not look
like this code path can be reached in practice due to the way
association events are handled and current_ssid is either set before
resched here or the association is rejected. Anyway, if this could be
reached, the wpa_supplicant_set_wpa_none_key() call would end up
dereferencing a NULL pointer, so add an explicit check to make sure that
does not happen.
Signed-off-by: Jouni Malinen <j@w1.fi>
The 0.9.9 branch was for development purposes only, so no one should be
using that in production and there is not much point in maintaining the
obsolete patch here either. Similarly, the old 0.9.8 versions are
obsolete at this point in time and taken into account the recent OpenSSL
vulnerabilities, anything older than 0.9.8za should not really be used.
Prepare an updated version of the TLS session ticket patch based on the
current OpenSSL 0.9.8za release and remove all the older TLS extension
patches.
Signed-off-by: Jouni Malinen <j@w1.fi>
If the offchannel TX frame command was offloaded to the driver in
offchannel_send_action(), we must not send another copy of the frame if
a remain-on-channel event happens to be delivered between this TX
command and the matching TX status event. It was possible for the
duplicated frame to cause problems, e.g., with P2P invitation exchange
if the same Invitation Request frame got sent twice and only the first
one getting accepted by the peer.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This fixes an issue where a driver using the deprecated set_ieee8021x()
callback did not include rsn_pairwise bits in the driver configuration
even if mixed WPA+WPA2 configuration was used. This could result, e.g.,
in CCMP not being enabled properly when wpa_pairwise=TKIP and
rsn_pairwise=CCMP was used in the configuration. Fix this by using
bitwise OR of the wpa_pairwise and rsn_pairwise values to allow the
driver to enable all pairwise ciphers.
In addition, make the newer set_ap() driver_ops use the same bitwise OR
design instead of picking between rsn_pairwise and wpa_pairwise. This
makes the code paths consistent and can also fix issues with mixed mode
configuration with set_ap().
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is a regression test for printf_encode() bounds checking issues
that can now be caught under valgrind.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If the peer provides a username with large part of it being non-ASCII
characters, the previously used buffers may not have been long enough to
include the full string in debug logs and database search due to forced
truncation of the string by printf_encode(). Avoid this by increasing
the buffer sizes to fit in the maximum result.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The off-by-one error in printf_encode() bounds checking could have
allowed buffer overflow with 0x00 being written to the memory position
following the last octet of the target buffer. Since this output is used
as \0-terminated string, the following operation would likely read past
the buffer as well. Either of these operations can result in the process
dying either due to buffer overflow protection or by a read from
unallowed address.
This has been seen to cause wpa_supplicant crash on OpenBSD when control
interface client attaches (debug print shows the client socket address).
Similarly, it may be possible to trigger the issue in RADIUS/EAP server
implementation within hostapd with a suitable constructed user name.
Signed-off-by: Stuart Henderson <sthen@openbsd.org>
If PMF was enabled, the validation step for EAPOL-Key descriptor version
ended up rejecting the message if GCMP had been negotiated as the
pairwise cipher. Fix this by making the GCMP check skipped similarly to
the CCMP case if a SHA256-based AKM is used.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, only hostapd-AP and wpa_supplicant processed were run under
valgrind when valgrind testing was enabled. Extend this to include
hostapd as authentication server.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This was still present in hostapd example configuration even though the
test driver wrapper is not used anywhere in the hwsim testing and there
are no plans of using it either.
Signed-off-by: Jouni Malinen <j@w1.fi>
Move to PTKINITDONE state and mark PTK valid after successful completion
of FT protocol. This allows the AP/Authenticator to start GTK rekeying
when FT protocol is used. Previously, the station using FT protocol did
not get the new GTK which would break delivery of group addressed
frames.
Signed-off-by: Jouni Malinen <j@w1.fi>
These are similar to the existing test cases where PTK rekey was
triggered by the station, but here a timer on the AP is used as the
trigger.
Signed-off-by: Jouni Malinen <j@w1.fi>
I got the below prints on a particular Android platform:
I/wpa_supplicant( 2637): nl80211: send_and_recv->nl_recvmsgs failed: 20
I/wpa_supplicant( 2637): nl80211: send_and_recv->nl_recvmsgs failed: 20
In JellyBean libnl_2 code, I see that the nl_recvmsgs returns postive values
too. In some cases, nl_recvmgs return the output of nl_recv function. nl_recv
function can return Number of bytes read, 0 or a negative error code.
Looks like this positive return value for nl_recvmsgs may be specific to
Android. While this is not how the API is supposed to work, this does no
harm with upstream libnl which returns only 0 or -1 from the function.
Signed-off-by: Jithu Jance <jithu@broadcom.com>
This brings in a minimal pyrad-based RADIUS server to allow various
protocol tests to be run. For now, the server is not adding
Message-Authenticator, so that error case is checked. Additional tests
can be added in the future.
Signed-off-by: Jouni Malinen <j@w1.fi>
The dev_found() callback from NFC connection handover message processing
ended up using the p2p_dev_addr pointer that points to the parsed
message. However, that parsed data was freed just before the call. Fix
this by reordering the calls.
Signed-off-by: Jouni Malinen <j@w1.fi>
The dynamically allocated struct wpa_external_work contains the name of
the radio work in the type field and this is used in a debug print
within radio_work_done(). Re-order radio_work_done() and os_free() calls
on couple of paths where the memory was freed before that final user of
the buffer.
Signed-off-by: Jouni Malinen <j@w1.fi>
If the randomly generated bignum does not meet the validation steps, the
iteration loop in sae_get_rand() did not free the data properly. Fix the
memory leak by freeing the temporary bignum before starting the next
attempt at generating the value.
Signed-off-by: Jouni Malinen <j@w1.fi>
This used to result in a segmentation fault due to use of freed memory
(mismatch in pointer lifetime between hostapd.c and driver_nl80211.c).
Signed-off-by: Jouni Malinen <j@w1.fi>
Couple of code paths in hostapd.c could have left hapd->drv_priv
pointing to memory that was freed in driver_nl80211.c when a secondary
BSS interface is removed. This could result in use of freed memory and
segfault when the next driver operation (likely during interface
deinit/removal). Fix this by clearing hapd->drv_priv when there is
reason to believe that the old value is not valid within the driver
wrapper anymore.
Signed-off-by: Jouni Malinen <j@w1.fi>