Commit graph

15010 commits

Author SHA1 Message Date
Jouni Malinen
876c5eaa6d dragonfly: Disable use of groups using Brainpool curves
Disable groups that use Brainpool curves for now since they leak more
timing information due to the prime not being close to a power of two.
This removes use of groups 28, 29, and 30 from SAE and EAP-pwd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-27 23:36:27 +03:00
Jouni Malinen
14b408c04c tests: Remove testing of EAP-pwd with Brainpool curves
This is in preparation of marking groups using Brainpool curves disabled
for SAE and EAP-pwd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-27 23:36:27 +03:00
Jouni Malinen
4aaddecdd8 tests: Handle test retries through the same queue
This removes the separate rerun step from the parallel-vm.py processing
and instead, simply requeues the failed test cases into the same queue
that is used for the initial run. This is simpler and more efficient
since reruns start as soon as any VM is ready for processing them
instead of having to wait for all VMs to complete the first round.
Furthermore, this allows VMs to be stopped sooner when no more test
cases remain and that is helpful especially with the time travel patches
that make the wait-for-next-test step in the VM use all available CPU.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-27 20:19:28 +03:00
Sunil Dutt
968520da8f nl80211: Add WMM parameters while updating TDLS peer entry
The AP mode fix for removing NL80211_ATTR_STA_WME from
NL80211_CMD_SET_STATION did not consider the TDLS case and that resulted
in incorrectly removing WMM parameters from TDLS STA entry updates. Fix
this by considering the WPA_STA_TDLS_PEER flag similarly to the other
update parameters.

Fixes: 6d14b98fc6 ("nl80211: Do not add WMM parameters when updating an existing STA entry")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-26 15:42:22 +03:00
Disha Das
5a511924b1 wpa_cli: Add support to process DPP action events in action script
Signed-off-by: Disha Das <dishad@codeaurora.org>
2019-07-24 20:16:02 +03:00
Jouni Malinen
64e37be945 Avoid nested enum wpas_mode declaration to allow C++ compilation
Move enum wpas_mode declaration to the global scope to avoid issues with
the recently added inline function wpas_mode_to_ieee80211_mode() using
it as an argument. This fixes C++ compilation issues with cases that
include wpa_supplicant_i.h.

Fixes: 3459c54ac7 ("mesh: Add support for HE mode")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-24 19:49:24 +03:00
Jouni Malinen
fe2e1edf43 EAP-SIM server: Avoid void pointer arithmetic
This is a compiler specific extension and not compliant with the C
standard.

Fixes: 1c16b257a0 ("EAP-SIM: Add Session-Id derivation during fast-reauth")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-24 19:35:14 +03:00
Jouni Malinen
cfc9ebea03 EAP-AKA server: Avoid void pointer arithmetic
This is a compiler specific extension and not compliant with the C
standard.

Fixes: 5eefa8115b ("EAP-AKA: Add Session-Id derivation during fast-reauth")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-24 19:34:11 +03:00
Jouni Malinen
bd04140435 trace: Avoid void pointer arithmetic
This is a compiler specific extension and not compliant with the C
standard.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-24 19:33:06 +03:00
Jouni Malinen
fc03ea2c1f DPP: Avoid void pointer arithmetic
This is a compiler specific extension and not compliant with the C
standard.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-24 19:32:52 +03:00
Jouni Malinen
61ec2353f8 tests: AKM suite selector reporting
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-24 12:59:45 +03:00
Jouni Malinen
d1b1f9fa9a Report WPA/RSN protocol and AKM suite selector in STA MIB
The new "wpa" and "AKMSuiteSelector" entries in hostapd "STA <addr>"
control interface output can be used to determine the negotiated WPA/RSN
protocol and AKM suite of an associated station.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-24 12:58:49 +03:00
Jouni Malinen
43aafef8df Add missed wpa_akm_to_suite() selectors
These SAE, OWE, DPP, and OSEN AKM suite selectors were covered in the
reverse conversion in rsn_key_mgmt_to_bitfield(), but were missing from
wpa_akm_to_suite(). Add them to make AKM suite selector reporting more
accurate in RADIUS Accounting messages (and future users of this
function).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-24 12:48:44 +03:00
Jouni Malinen
bfb6a482f6 dragonfly: SAE/EAP-pwd min PWE derivation iteration count to shared code
Use a shared function to determine the k parameter, i.e., the minimum
number of iterations of the PWE derivation loop, for SAE and EAP-pwd.
This makes it easier to fine-tune the parameter based on the negotiated
group, if desired.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-23 21:21:30 +03:00
Jouni Malinen
036fc6bdbd tests: Disabled EAP-pwd group
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-23 13:31:50 +03:00
Jouni Malinen
226da33d75 EAP-pwd peer: Configurable set of groups with reduced default
Make the EAP-pwd peer use same default set of allowed groups as the SAE
implementation in wpa_supplicant uses, i.e., the groups 19-21 using NIST
curves P-256, P-384, and P-521. Previously, all groups that were
supported by the crypto library were allowed. In practice, this change
disables use of the Brainpool curves (groups 28-30) with recent OpenSSL
versions.

The default set of groups can be overridden with a new phase1 network
profile parameter, eap_pwd_groups=<list of allowed ranges>. For example,
phase1="eap_pwd_groups=0-65535" would restore previous behavior of
allowing all implemented groups to be used while eap_pwd_groups=19,20
would enable only the groups using NIST curves P-256 and P-384 to be
used.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-23 13:16:59 +03:00
Jouni Malinen
1c63a1c4c6 tests: Prepare EAP-pwd test cases for allowed group configuration
Enable all supported groups in the existing ap_wpa2_eap_pwd_groups and
ap_wpa2_eap_pwd_invalid_group test cases to maintain current testing
functionality once wpa_supplicant is modified to use a different default
for the enabled groups.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-23 13:15:23 +03:00
Paul Zhang
6a4406c015 Add QCA vendor attributes for ELNA bypass
Add attributes QCA_WLAN_VENDOR_ATTR_CONFIG_ELNA_BYPASS under
the enum qca_wlan_vendor_attr_config to support set and get
the ELNA bypass.

Signed-off-by: Paul Zhang <paulz@codeaurora.org>
2019-07-22 20:48:43 +03:00
Srinivas Dasari
176c133e91 Add a vendor attribute to configure disconnect IEs
Add a new vendor attribute QCA_WLAN_VENDOR_ATTR_DISCONNECT_IES
to configure disconnect IEs to the driver. Driver shall fill
these IEs in disassoc/deauth frame.
These IEs are expected to be considered only for the next
immediate disconnection (disassoc/deauth frame) originated by
the DUT, irrespective of the entity (user space/driver/firmware)
triggering the disconnection.
The host drivers are not expected to use the IEs set through
this interface for further disconnections after the first immediate
disconnection initiated post the configuration.
If the IEs are also updated through cfg80211 interface (after the
enhancement to cfg80211_disconnect), host driver is expected to
take the union of IEs from both of these interfaces and send in
further disassoc/deauth frames.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-07-19 14:49:14 +03:00
Paul Zhang
123895228d Add QCA vendor command to support OEM data
Add a QCA vendor sub command QCA_NL80211_VENDOR_SUBCMD_OEM_DATA
with attributes qca_wlan_vendor_attr_oem_data_params to support
OEM data. It is used to send OEM data binary blobs from
application/service to firmware. The attributes defined in enum
qca_wlan_vendor_attr_oem_data_params are used to deliver the
parameters.

Signed-off-by: Paul Zhang <paulz@codeaurora.org>
2019-07-19 14:47:18 +03:00
Jouni Malinen
b8491ae5ac OpenSSL: Fix build with LibreSSL and BoringSSL
The new certificate chain debug dumps used functions that are not
available with LibreSSL or BoringSSL.

Fixes: 857edf4bf4 ("OpenSSL: More debug prints of configured ciphers and certificates")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-13 22:49:46 +03:00
Jouni Malinen
7456cf57d3 OpenSSL: Fix TLS_CONN_TEAP_ANON_DH build with some library versions
The OPENSSL_VERSION_NUMBER ifdef block left out the local variable that
is needed with all versions. In addition, SSL_set_security_level() is
not available with LibreSSL or BoringSSL.

Fixes: 3ec65a8e38 ("OpenSSL: Allow anon-DH cipher suites to be added for TEAP")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-13 22:49:22 +03:00
Jouni Malinen
20f1cfc5b2 OpenSSL: Fix build with OpenSSL 1.0.2 and 1.1.0 and LibreSSL
The tls_connection_get_cipher_suite() implementation used
SSL_CIPHER_get_protocol_id which was added in OpenSSL 1.1.1. Need to use
compatibility code with older versions.

Fixes: 94714ec341 ("OpenSSL: Add tls_connection_get_cipher_suite()")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-13 22:49:08 +03:00
Jouni Malinen
36ec588165 EAP-TLS server: Add application data to indicate end of v1.3 handshake
This adds an encrypted version of a one octet application data payload
to the end of the handshake when TLS v1.3 is used to indicate explicit
termination of the handshake (either after Finished message or after the
optional NewSessionTicket message). The current
draft-ietf-emu-eap-tls13-05 defines this to be a zero length payload,
but since that is not allowed by OpenSSL, use a one octet payload
instead for now with hopes of getting the draft specification updated
instead of having to modify OpenSSL for this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-13 16:29:39 +03:00
Jouni Malinen
4e2e1eeb5f EAP-TLS peer: Handle possible application data at the end
EAP-TLS with TLS 1.3 uses an empty application data record from the
server to indicate end of the exchange, so EAP-TLS peer will need to
check for this special case and finish the exchange with an empty
EAP-TLS (ACK) so that the server can send out EAP-Success.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-12 23:38:05 +03:00
Jouni Malinen
0ef509f15e OpenSSL: Parse msg_callback inner content type into debug messages
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-12 22:42:13 +03:00
Jouni Malinen
8b57a37808 OpenSSL: disable TLS 1.3 middlebox compatibility
This will hopefully not be needed for EAP-TLS use cases since there
should not really be a middlebox that looks at the TLS layer details in
case of EAP authentication.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-12 22:29:33 +03:00
Jouni Malinen
4ff0b909a9 tests: EAP-TLS and both RSA and EC sertificates certificates
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-12 18:13:10 +03:00
Jouni Malinen
e2722bf81d OpenSSL: Allow two server certificates/keys to be configured on server
hostapd EAP server can now be configured with two separate server
certificates/keys to enable parallel operations using both RSA and ECC
public keys. The server will pick which one to use based on the client
preferences for the cipher suite (in the TLS ClientHello message). It
should be noted that number of deployed EAP peer implementations do not
filter out the cipher suite list based on their local configuration and
as such, configuration of alternative types of certificates on the
server may result in interoperability issues.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-12 18:13:10 +03:00
Jouni Malinen
857edf4bf4 OpenSSL: More debug prints of configured ciphers and certificates
This adds TLS server mode debug prints to make it easier to see what
exactly has been configured in OpenSSL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-11 22:40:08 +03:00
Jouni Malinen
f185715c59 tests: EAP-TLS and TLS 1.3 (EC certificates)
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-11 16:10:43 +03:00
Ervin Oro
7ad9e36d4a Add Type-Code context to EAP-TLS 1.3 exported Key_Material and Method-Id
Change to require the Type-Code in context for Key_Material and
Method-Id has now been published as draft-ietf-emu-eap-tls13-04.
https://tools.ietf.org/html/draft-ietf-emu-eap-tls13-04#section-2.3

Signed-off-by: Ervin Oro <ervin.oro@aalto.fi>
2019-07-11 13:11:59 +03:00
Jouni Malinen
90270e15cb tests: EAP-TEAP
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-09 16:56:02 +03:00
Jouni Malinen
0ed57c5ea8 EAP-TEAP server and peer implementation (RFC 7170)
This adds support for a new EAP method: EAP-TEAP (Tunnel Extensible
Authentication Protocol). This should be considered experimental since
RFC 7170 has number of conflicting statements and missing details to
allow unambiguous interpretation. As such, there may be interoperability
issues with other implementations and this version should not be
deployed for production purposes until those unclear areas are resolved.

This does not yet support use of NewSessionTicket message to deliver a
new PAC (either in the server or peer implementation). In other words,
only the in-tunnel distribution of PAC-Opaque is supported for now. Use
of the NewSessionTicket mechanism would require TLS library support to
allow arbitrary data to be specified as the contents of the message.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-09 16:56:02 +03:00
Jouni Malinen
7c6f1c5e4a Remove obsolete defconfig notes regarding EAP-FAST support in OpenSSL
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-09 16:43:36 +03:00
Jouni Malinen
fd7778b5ed Return success/failure result from tls_prf_sha256()
The hash functions used within this function could fail in theory, so
provide the result to the caller.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-09 16:38:32 +03:00
Jouni Malinen
3ec65a8e38 OpenSSL: Allow anon-DH cipher suites to be added for TEAP
Add a new TLS_CONN_* flag to provide a higher level mechanism for adding
(instead of fully replacing) allowed list of TLS ciphersuites for TEAP
provisioning purposes.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-09 16:38:32 +03:00
Jouni Malinen
94714ec341 OpenSSL: Add tls_connection_get_cipher_suite()
This can be used to fetch the 16-bit TLS cipher suite identifier.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-09 16:10:44 +03:00
Jouni Malinen
063d28ec83 OpenSSL: Reject empty cipher list in tls_connection_set_cipher_list()
Previously, this invalid call would have resulted in printing out a
string from uninitialized memory

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-09 16:10:44 +03:00
Jouni Malinen
3af37ece19 Add tls_get_tls_unique() to fetch "tls-unique" for channel binding
This implements "tls-unique" derivation per RFC 5929, Section 3. This
will be needed for channel binding, e.g., with EAP-TEAP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-09 16:10:44 +03:00
Jouni Malinen
88b6c6e244 tests: Allow test selection with prefix wildcards
Test names can now use wildcard in the end (e.g., ap_wpa2_psk*) to match
all test cases with the specified prefix.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-09 16:10:44 +03:00
Jouni Malinen
4eab36595e Silence static analyzer warning about null termination of a string
The buf[] array is initialized to zeros, so it was already null
terminated since the read() call did not allow the last character of the
buffer to be overwritten. Since that was apparently not enough to make
some static analyzers understand the design, use explicit null
termination after a successful read() call.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-07 10:07:10 +03:00
Jouni Malinen
d3a035169b Remove useless NULL comparison for an array
Now that the TLS peer_cert information is provided as a full struct to
handler functions, the altsubject pointer shows up as an array and
causes static analyzers to warn about unnecessary NULL comparison. Get
rid of that comparison now that it is clearly not needed anymore.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-07 10:00:49 +03:00
Jouni Malinen
cd803299ca EAP-pwd: Run through prf result processing even if it >= prime
This reduces differences in timing and memory access within the
hunting-and-pecking loop for ECC groups that have a prime that is not
close to a power of two (e.g., Brainpool curves).

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-02 22:19:38 +03:00
Jouni Malinen
147bf7b88a SAE: Run through prf result processing even if it >= prime
This reduces differences in timing and memory access within the
hunting-and-pecking loop for ECC groups that have a prime that is not
close to a power of two (e.g., Brainpool curves).

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-07-02 22:19:27 +03:00
Eric Caruso
91b6eba773 Move MAC address randomization enable/disable to helper functions
This makes it easier to share this for D-Bus implementation.

Signed-off-by: Eric Caruso <ejcaruso@chromium.org>
2019-06-26 20:56:01 +03:00
Masashi Honma
9a1046a7a1 tests: Fix scan_dfs false negative by using common finalizer
scan_dfs fails with this message.

---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------

This patch fixes the issue.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-06-26 20:42:20 +03:00
Masashi Honma
08d3b3df99 tests: Fix p2p_go_move_scm_peer_does_not_support false negative by using common finalizer
p2p_go_move_scm_peer_does_not_support fails with this message.

---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------

This patch fixes the issue.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-06-26 20:42:20 +03:00
Masashi Honma
c40b2638ed tests: Fix p2p_channel_5ghz_165_169_us false negative by using common finalizer
p2p_channel_5ghz_165_169_us fails with this message.

---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------

This patch fixes the issue.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-06-26 20:42:20 +03:00
Masashi Honma
645a16f186 tests: Fix p2p_channel_5ghz_only false negative by using common finalizer
p2p_channel_5ghz_only fails with this message.

---------------
wlan0: Country code not reset back to 00: is US
wlan0: Country code cleared back to 00
---------------

This patch fixes the issue.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-06-26 20:42:20 +03:00