If none of the supported name attributes are present, the name string
was nul terminated only at the end. Add an explicit nul termination at
the end of the last written (or beginning of the buffer, if nothing is
written) to avoid writing uninitialized data to debug log.
Signed-off-by: Jouni Malinen <j@w1.fi>
Explicitly check the remaining buffer length before trying to read the
ASN.1 header values. Attempt to parse an ASN.1 header when there was not
enough buffer room for it would have started by reading one or two
octets beyond the end of the buffer before reporting invalid data at the
following explicit check for buffer room.
Signed-off-by: Jouni Malinen <j@w1.fi>
tlsv1_record_receive() did not return error here and as such, &alert was
not set and must not be used. Report internal error instead to avoid use
of uninitialized memory.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add test-tls program that can be used for fuzzing the internal TLS
client and server implementations. This tool can write client or server
messages into a file as an initialization step and for the fuzzing step,
that file (with potential modifications) can be used to replace the
internally generated message contents.
The TEST_FUZZ=y build parameter is used to make a special build where a
hardcoded random number generator and hardcoded timestamp are used to
force deterministic behavior for the TLS operations.
Signed-off-by: Jouni Malinen <j@w1.fi>
conn->cred might be NULL here, so check for that explicitly before
checking whether conn->cred->cert_probe is set. This fixes a potential
NULL pointer dereference when going through peer certificates with
event_cb functionality enabled.
Signed-off-by: Jouni Malinen <j@w1.fi>
Print the SSID with printf escaping instead of wpa_hexdump_ascii()
format to clean up the debug log a bit. This was already done for number
of SSID debug prints.
Signed-off-by: Jouni Malinen <j@w1.fi>
p2p->find_start timer was updated on each p2p_find call irrespective of
p2p_find being successful/failed/rejected. For cases where p2p_find was
in progress/pending, another call to p2p_find would be rejected but
p2p->find_start timer would still be updated.
p2p->find_start is maintained in wpa_supplicant to reject the kernel
scan entries before the p2p->find_start time. In above scenario, some of
the scan entries could be discarded even if the Probe Respons frame(s)
were received during the last scan/p2p_find.
This commit changes this to update the p2p->find_start timer only when
call to p2p_find is successful, i.e., a new scan is actually started.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Do not use a separate enum for MBO WNM-Notification Request frame
subtype values since these share the same number space with the Hotspot
2.0 ones.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The previously used value 2 was already assigned for another purpose
(MBO non-preferred channel report), so the newer T&C Acceptable
definition needs to be updated with a unique value.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This command has now been extended to include PMK for offload needs, so
the message buffer needs to be cleared explicitly after use to avoid
leaving such material in heap memory unnecessarily.
Fixes: 061a3d3d53 ("nl80211: Add support for FILS Cache Identifier in add/remove_pmkid()")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This command can include keys (WEP or PSK for offload), so the message
buffer needs to be cleared explicitly after use to avoid leaving such
material in heap memory unnecessarily.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
We do not need such payload in the acknowledgment, so adding it uses
resources unnecessarily. Furthermore, the original request can include
key material (e.g., NL80211_ATTR_PMK). libnl does not explicitly clear
this received message buffer and it would be inconvenient for
wpa_supplicant/hostapd to try to clear it with the current libnl design
where a duplicated buffer is actually passed to the callback. This means
that keys might be left unnecessarily in heap memory. Avoid this by
requesting the kernel not to copy back the request payload.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
These buffers in TLS-based EAP methods might contain keys or password
(e.g., when using TTLS-PAP or PEAP-GTC), so clear them explicitly to
avoid leaving such material into heap memory unnecessarily.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The case of PEAPv0 with crypto binding did not clear some of the
temporary keys from stack/heap when those keys were not needed anymore.
Clear those explicitly to avoid unnecessary caching of keying material.
Signed-off-by: Jouni Malinen <j@w1.fi>
Derive EMSK when using EAP-PEAP to enable ERP. In addition, change the
MSK derivation for EAP-PEAP to always derive 128 octets of key material
instead of the 64 octets to cover just the MSK. This is needed with the
PRF used in TLS 1.3 since the output length is mixed into the PRF
context.
Signed-off-by: Jouni Malinen <j@w1.fi>
The avoid channels are notified through
QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY allow minimal traffic, so
enhance the P2P behavior accordingly by considering these avoid
frequencies for P2P discovery/negotiation as long as they are not in
disallowed frequencies list.
Additionally, do not return failure when none of social channels are
available as operation channel, rather, mark the op_channel/op_reg_class
to 0 as this would anyway get selected during the group formation in
p2p_prepare_channel.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
ieee802_11_rx_wnmsleep_req() might have been called for a short frame
that has no more payload after the Public Action field, i.e., with len
== 0. The bounds checking for the payload length was done only for the
information elements while the one octet Dialog Token field was read
unconditionally. In the original implementation, this could have
resulted in reading one octet beyond the end of the received frame data.
This case has not been reachable after the commit e0785ebbbd ("Use
more consistent Action frame RX handling in both AP mode paths"), but it
is better to address the specific issue in ieee802_11_rx_wnmsleep_req()
as well for additional protection against accidential removal of the
check and also to have something that can be merged into an older
version (pre-v2.7) if desired. The comments below apply for such older
versions where the case could have been reachable.
Depending on driver interface specific mechanism used for fetching the
frame, this could result in reading one octet beyond the end of a
stack/hash buffer or reading an uninitialized octet from within a
buffer. The actual value that was read as the Dialog Token field is not
used since the function returns immediately after having read this value
when there is no information elements following the field.
This issue was initially added in commit d32d94dbf4 ("WNM: Add
WNM-Sleep Mode implementation for AP") (with CONFIG_IEEE80211V=y build
option) and it remained in place during number of cleanup and fix
changes in this area and renaming of the build parameter to
CONFIG_WNM=y. The impacted function was not included in any default
build without one of the these optional build options being explicitly
enabled. CONFIG_WNM=y is still documented as "experimental and not
complete implementation" in hostapd/defconfig. In addition, commit
114f2830d2 ("WNM: Ignore WNM-Sleep Mode Request in wnm_sleep_mode=0
case") made this function exit before the impact read if WNM-Sleep Mode
support was not explicitly enabled in runtime configuration
(wnm_sleep_mode=1 in hostapd.conf). Commit e0785ebbbd ("Use more
consistent Action frame RX handling in both AP mode paths") made this
code unreachable in practice.
Add an explicit check that the frame has enough payload before reading
the Dialog Token field in ieee802_11_rx_wnmsleep_req().
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This patch adds a new flag 'crl_reload_interval' to reload CRL
periodically. This can be used to reload ca_cert file and the included
CRL information on every new TLS session if difference between the last
reload and the current time in seconds is greater than
crl_reload_interval.
This reloading is used for cases where check_crl is 1 or 2 and the CRL
is included in the ca_file.
Signed-off-by: Paresh Chaudhary <paresh.chaudhary@rockwellcollins.com>
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
It is now possible to optionally specify keyid for
each wpa_psk_file entry:
keyid=something 00:00:00:00:00:00 secretpassphrase
When station connects and the passphrase it used
has an associated keyid it will be appended to the
AP-STA-CONNECTED event string:
wlan0: AP-STA-CONNECTED 00:36:76:21:dc:7b keyid=something
It's also possible to retrieve it through the control interface:
$ hostapd_cli all_sta
Selected interface 'ap0'
00:36:76:21:dc:7b
...
keyid=something
New hostapd is able to read old wpa_psk_file. However, old hostapd will
not be able to read the new wpa_psk_file if it includes keyids.
Signed-off-by: Michal Kazior <michal@plume.com>
This doesn't change any behavior on its own. It's going to be used to
expose per-station keyids and allow reloading passphrases in runtime.
Signed-off-by: Michal Kazior <michal@plume.com>
Support the new Extended Capabilities field bits 81 and 82 to indicate
whether SAe Password Identifiers are in use.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This new QCA vendor attribute indicates the EVM value in netlink.
Signed-off-by: stonez <stonez@codeaurora.org>
:100644 100644 ad5dac2... ede4fc8... M src/common/qca-vendor.h
When using LibreSSL build fails with:
../src/crypto/tls_openssl.o: in function `tls_connection_client_cert':
../src/crypto/tls_openssl.c:2817: undefined reference to `SSL_use_certificate_chain_file'
collect2: error: ld returned 1 exit status
make: *** [Makefile:1901: wpa_supplicant] Error 1
There is no such function in LibreSSL.
Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com>
An optional parameter "he" is added to p2p_connect, p2p_group_add, and
p2p_invite to enable 11ax HE support. The new p2p_go_he=1 configuration
parameter can be used to request this to be enabled by default.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The vendor command QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY was defined
to carry the list of avoid frequencies that aim to avoid any
interference with other coexistencies. This recommendation was followed
strictly by trying to prevent WLAN traffic on the impacted channels.
This commit refines the expectation of the interface by defining this
avoid channel list to allow minimal traffic but not heavier one. For
example, P2P may still be able to use avoid list frequencies for P2P
discovery and GO negotiation if the actual group can be set up on a not
impact channel.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add support for configuring parameters for the MU EDCA Parameter Set
element per IEEE P802.11ax/D3.0.
Signed-off-by: Siva Mullati <siva.mullati@intel.com>
If the libnl version is not specified explicitly with CONFIG_LIBNL*, try
to check for the most likely case today with pkg-config.
Signed-off-by: Jouni Malinen <j@w1.fi>
Fix compilation issue if we want to build wpa_supplicant without any
wireless connectivity but only with MACSec support via Linux kernel
driver.
Signed-off-by: Andrey Kartashev <a.s.kartashev@gmail.com>
Two recent changes to MKA create a situation where a new MI is generated
every time a SAK Use parameter set is decoded. The first change moved
invalid key detection from ieee802_1x_decode_basic_body() to
ieee802_1x_kay_decode_mpkdu():
commit db9ca18bbf ("mka: Do not ignore MKPDU parameter set decoding failures")
The second change forces the KaY to generate a new MI when an invalid
key is detected:
commit a8aeaf41df ("mka: Change MI if key invalid")
The fix is to move generation of a new MI from the old invalid key
detection location to the new location.
Fixes: a8aeaf41df ("mka: Change MI if key invalid")
Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
Upon issuing a connect request we need to indicate that we want the
driver to offload the 802.1X 4-way handshake for us. Indicate it if
the driver capability supports the offload.
Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com>
Allow drivers to indicate support for offloading 4-way handshake for
either IEEE 802.1X (WPA2-Enterprise; EAP) and/or WPA/WPA2-PSK
(WPA2-Personal) by splitting the WPA_DRIVER_FLAGS_4WAY_HANDSHAKE flag
into two separate flags.
Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com>
When an interface is re-enabled after it was disabled during CAC, it
won't ever get active since hostapd is waiting for a CAC_FINISHED while
kernel side is waiting for a CMD_RADAR_DETECT to start a CAC.
This commit checks for a pending CAC when an interface is enabled and if
so restarts its DFS processing.
Signed-off-by: Zefir Kurtisi <zefir.kurtisi@neratec.com>
In the previous RADIUS client implementation, when there are multiple
RADIUS servers, we kept trying the next server when the current message
can not be acked. It leads to endless retry when all the RADIUS servers
are down.
Fix this by keeping a counter for the accumulated retransmit attempts
for the message, and guarantee that after all the servers failover
RADIUS_CLIENT_MAX_FAILOVER times the message will be dropped.
Another issue with the previous code was that the decision regarding
whether the server should fail over was made immediately after we send
out the message. This patch guarantees we consider whether a server
needs failover after pending ack times out.
Signed-off-by: Bo Chen<bochen@meraki.com>
Define QCA vendor command attributes to configure HE +HTC support and
HE operating mode control transmission. This is used to configure the
testbed device.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
These are not allowed in ISO C++ (and well, not really in ISO C either,
but that does not result in compiler warning without pedantic
compilation).
Since ieee802_11_common.h may end up getting pulled into C++ code for
some external interfaces, it is more convenient to keep it free of these
cases. Pull in ieee802_11_defs.h to get enum phy_type defined and move
enum chan_width to common/defs.h (which was already pulled in into
src/drivers/driver.h and src/common/ieee802_11_common.h).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
While the AP is configured to enable both FT-PSK and WPA-PSK, an HP
printer request both AKMs (copied from AP?) in Association Request
frame, but don't add MDIE and don't use FT. This results in the
connection failing.
Next in logs we see:
RSN: Trying to use FT, but MDIE not included
IE - hexdump(len=26): 30 18 01 00 00 0f ac 04 01 00 00 0f ac 04
02 00 00 0f ac 02 00 0f ac 04 00 00
This is seen with some HP and Epson printers. Work around this by
stripping FT AKM(s) when MDE is not present and there is still a non-FT
AKM available.
Signed-off-by: Janusz Dziedzic <janusz@plumewifi.com>
The Android-specific chmod and chown operations on the client socket
(for communication with wpa_supplicant) did not protect against file
replacement between the bind() and chmod()/chown() calls. If the
directory in which the client socket is created (depends a bit on the
version and platform, but /data/misc/wifi/sockets is commonly used)
allows write access to processes that are different (less privileged)
compared to the process calling wpa_ctrl_open2(), it might be possible
to delete the socket file and replace it with something else (mainly, a
symlink) before the chmod/chown operations occur. This could have
resulted in the owner or permissions of the target of that symlink being
modified.
In general, it would be safest to use a directory which has more limited
write privileges (/data/misc/wifi/sockets normally has 'wifi' group
(AID_WIFI) with write access), but if that cannot be easily changed due
to other constraints, it is better to make wpa_ctrl_open2() less likely
to enable this type of race condition between the operations.
Replace chown() with lchown() (i.e., a version that does not dereference
symlinks) and chmod() with fchmod() on the socket before the bind() call
which is also not going to dereference a symlink (whereas chmod()
would). lchown() is a standard operation, but the fchmod() on the socket
is less so (unspecified behavior in some systems). However, it seems to
work on Linux and in particular, on Android, where this code is
executed.
Signed-off-by: Jouni Malinen <j@w1.fi>
While selecting a new channel as a reaction to radar event we need to
take into account supported bandwidth for each channel provided via
nl80211. Without this modification hostapd might select an unsupported
channel that would fail during AP startup.
Signed-off-by: Dmitry Lebed <dlebed@quantenna.com>
While doing automatic channel selection we need to take into account
supported bandwidth for each channel provided via nl80211. Without this
modification hostapd might select an unsupported channel which would
fail during AP startup.
Signed-off-by: Dmitry Lebed <dlebed@quantenna.com>
This adds checks to common code to verify supported bandwidth options
for each channel using nl80211-provided info. No support of additional
modes is added, just additional checks. Such checks are needed because
driver/hardware can declare more strict limitations than declared in the
IEEE 802.11 standard. Without this patch hostapd might select
unsupported channel and that will fail because Linux kernel does check
channel bandwidth limitations.
Signed-off-by: Dmitry Lebed <dlebed@quantenna.com>
Add NL80211_FREQUENCY_ATTR_NO_* channel attributes parsing. This is
needed for correct checking if channel is available in a particular
bandwidth.
Signed-off-by: Dmitry Lebed <dlebed@quantenna.com>
Add support for 160 MHz BW channels to automatic channel selection
algorithm. Only 36 and 100 channels are supported as 160 MHz channels.
Signed-off-by: Dmitry Lebed <lebed.dmitry@gmail.com>
