X509_get_subject_name() in OpenSSL 1.0.2 does not mark its argument as a
const pointer, so need to type cast this to avoid a build warning.
Fixes: 841205a1ce ("OpenSSL: Add 'check_cert_subject' support for TLS server")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The queue_len * 50 ms wait time was too large with the retransmission
timeouts used in the mesh case for SAE. The maximum wait of 750 ms was
enough to prevent successful completion of authentication after having
hit the maximum queue length. While the previous commit is enough to
allow this to complete successfully in couple of retries, it looks like
a smaller wait time should be used here even if it means potentially
using more CPU.
Drop the processing wait time to queue_len * 10 ms so that the maximum
wait time is 150 ms if the queue is full.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The previous design of simply queuing all SAE commit messages was not
exactly good at allowing recovery from a flooding state if the valid
peer used frequent retransmissions of the SAE message. This could
happen, e.g., with mesh BSSs using SAE. The frequent retransmissions and
restarts of SAE authentication combined with SAE confirm messages
bypassing the queue ended up in not being able to finish SAE exchange
successfully.
Fix this by modifying the queuing policy to queue SAE confirm messages
if there is a queued SAE commit message from the same peer so that the
messages within the same exchange do not get reordered. In addition,
replace queued SAE commit/confirm message if a new matching message is
received from the same peer STA. This is useful for the case where the
peer restarts SAE more quickly than the local end has time to process
the queued messages.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Use this new message from Enrollee to Configurator to indicate result of
the config object provisioning if both devices support protocol version
2 or newer.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The new DPP Configuration Result message can result in a bit different
behavior at the end of the configuration exchange and some of the test
cases need more flexibility to work with that DPP2 behavior.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
"GET_CAPABILITY dpp" can now be used to determine which version number
of DPP is supported in the build.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
gas_address3 was set to 1 in this test case, but it was never cleared.
That can result in unexpected behavior in other test cases that dpeends
on gas_address3 being in its default value 0. Clear the parameter
explicitly to avoid this.
This resulted in an error in the following test sequence:
dpp_qr_code_auth_initiator_enrollee gas_anqp_address3_ap_forced
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
There was a race condition on starting the flush_scan_cache() operations
if a scan happened to be in progress when the test case ended since the
ABORT_SCAN success case did not wait for the pending scan operation to
be completed. Wait for the scan completion event in addition to the
disconnection event if the ABORT_SCAN command is accepted.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Do not set sm->timer_tick_enabled if the eloop_register_timeout() call
fails so that the next attempt to enable the timer in
eapol_enable_timer_tick() can try to recover from unexpected eloop
failures. This should not really be needed in practical use cases, but
certain out-of-memory test cases can trigger allocation failure in
eloop_register_timeout() and if that happens, the previous EAPOL
supplicant state machine implementation got pretty much completely stuck
for any operation needing the timer.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
There was a race condition on starting the flush_scan_cache() operations
if a scan happened to be in progress when the test case ended since the
ABORT_SCAN success case did not wait for the pending scan operation to
be completed. Wait for the scan completion event in addition to the
disconnection event if the ABORT_SCAN command is accepted.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
These TDLS test cases missed Popen() result decode() calls in the
earlier python3 compatibility changes. Add those to make debug log more
readable.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Wait explicitly for the DPP-NOT-COMPATIBLE event when going through
protocol testing with local failures instead of just waiting for a fixed
0.1 second duration. This prevents a test failure at least in
dppauth_resp_status_failure in a case where the failing operation may be
delayed under heavy CPU load.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Test case sequence "ap_wps_ap_scan_2 ap_wps_pbc_2ap" resulted in a
failure due to a scan entry being left behind from the first test case
and the second one ending up using that obsolete result during WPS_PBC
processing. Fix this by clearing the scan results explicitly on dev5.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Verify that the AP uses matching PMKR1Name in (Re)Association Response
frame when going through FT initial mobility domain association using
FILS. Thise step was missing from the initial implementation, but is
needed to match the IEEE 802.11ai requirements for explicit confirmation
of the FT key hierarchy (similarly to what is done in FT 4-way handshake
when FILS is not used).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Derive PMKR1Name during the FILS authentication step, verify that the
station uses matching PMKR1Name in (Re)Association Request frame, and
add RSNE[PMKR1Name] into (Re)Association Response frame when going
through FT initial mobility domain association using FILS. These steps
were missed from the initial implementation, but are needed to match the
IEEE 802.11ai requirements for explicit confirmation of the FT key
hierarchy (similarly to what is done in FT 4-way handshake when FILS is
not used).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This gets rid of a confusing error message "FILS: Failed to add PMKSA
cache entry based on ERP" for cases where PMKSA caching is disabled in
hostapd (disable_pmksa_caching=1). Functionality remains unchanged,
i.e., no cache entry was added before this change either.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
NL80211_CMD_GET_KEY response may return the actual key in addition to
the last used sequence number that we need. That might result in a key
being left in unused heap memory after the buffer is freed.
Explicitly clear the message payload with the possibly included key
material from heap memory before returning from the handler function
(and having libnl free the nlmsg) when key information is obtained from
the driver using the NL80211_CMD_GET_KEY command.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
wpa_s->p2p_go_do_acs was not cleared during P2P group deletion and that
resulted in the case of no separate group interface continuing to assume
ACS was to be used for consecutive GO starts even if they tried to
specify a frequency. Fix this by explicitly clearing
wpa_s->p2p_go_do_acs during P2P group deletion and also clear this when
processing the P2P_GROUP_ADD if the parameters do not request ACS to be
used.
Fixes: 37ed3254de ("P2P: ACS offload for the autonomous GO")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a check in nl80211 driver layer to not include PMK while sending
NL80211_CMD_DEL_PMKSA explicitly. Though it is taken care already in
supplicant layer by setting the pmk_len to zero, it would be good
to have a check in nl80211 layer in order to avoid future accidental
inclusions of keying material in commands that do not need them.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Send out the new Protocol Version attribute in Authentication
Request/Response messages and determine the peer version based on this
attribute.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The new CONFIG_DPP2=y build option for hostapd and wpa_supplicant is
used to control whether new functionality defined after the DPP
specification v1.0 is included. All such functionality are considered
experimental and subject to change without notice and as such, not
suitable for production use.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Accept a smaller number of token responses in second round to avoid
failing this test case as frequently.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The configurated fragmentation/RTS threshold value survives AP mode
interface restarts, so these values need to be explicitly cleared back
to default (disabled). This fixes an issue where some test cases could
not work correctly if fragmentation on the interface was enabled. For
example, this combination used to fail:
ap_fragmentation_open ap_hs20_fetch_osu
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
hostapd configuration parameters fragm_threshold and rts_threshold were
documented to disable the threshold with value -1 and not change driver
configuration if the parameter is not included. However, -1 was mapped
into not changing the driver value, so the explicit disabling part did
not work.
Replace the default values for these to be -2 so that explicitly set
configuration value -1 can be distinguished from the case of not
including the parameter. Map the -1 value to a driver request to disable
the threshold. Ignore any error from this operation just in case to
avoid breaking functionality should some drivers not accept the (u32) -1
value as a threshold value request to disable the mechanism.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The first scan for the unknown BSSID could have been timed in a manner
that allows passive scanning to find the real AP even if that AP's
beacon interval was 1000 (e.g., heavy CPU load changed timing so that
the AP beaconing started at suitable time). The check for BSS result
entry not including Probe Response frame was comparing incorrect BSS
entries (bss2 vs. bss1) which resulted in the test case claiming failure
even when there was no unexpected Probe Response frame.
Fix this by comparing the beacon_ie and ie parameters from the same BSS
entry (bss1).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Number of these test cases start connection attempt in wpa_supplicant
and then expected a specific failure to happen relatively quickly. This
could result in timeouts if the first scanning round missed to find the
AP (e.g., due to CPU load pushing out the Probe Response frame long
enough for the station having left the channel) and wpa_supplicant then
waiting five seconds before starting a new scan.
Make this more robust by scanning explicitly for the specific BSSID
before starting the connection attempt.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This subcommand is used to update Zigbee state and specified WLAN
durations to enhance success ratio of Zigbee joining network. The
attributes defined in enum qca_mpta_helper_vendor_attr are used to
deliver these parameters to the driver.
Signed-off-by: stonez <stonez@codeaurora.org>
Peer rate statistics is per-peer cached data in the driver. These
statistics needs to be flushed to a user space application on
synchronous/asynchronous events. This command is used as an event from
the driver to flush per-peer cached statistics to the application.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This patch added 'check_cert_subject' support to match the value of
every field against the DN of the subject in the client certificate. If
the values do not match, the certificate verification will fail and will
reject the user.
This option allows hostapd to match every individual field in the right
order, also allow '*' character as a wildcard (e.g OU=Development*).
Note: hostapd will match string up to 'wildcard' against the DN of the
subject in the client certificate for every individual field.
Signed-off-by: Paresh Chaudhary <paresh.chaudhary@rockwellcollins.com>
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Jouni Malinen <j@w1.fi>
These parameters were using the u8*/len style types even though they
were used as char* strings without an explicit length field. Make this
char* instead of u8* to avoid confusion and unnecessary type casting.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This gets rid of some static analyzer warnings about uninitialized
variables being used in comparisons or write operations.
Signed-off-by: Jouni Malinen <j@w1.fi>
mesh_rsn_auth_sae_sta() might fail, so verify that sta->sae got
allocated before dereferencing it for a PMKID check.
Signed-off-by: Jouni Malinen <j@w1.fi>
Acquire the new name, along with introspection. This is generally useful
for other daemons to integrate with wpa_supplicant, notably
NetworkManager.
Debian and Fedora (and likely any other distro that configured wireless
via NetworkManager) enable this.
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
This drops support for the fi.epitest.hostap.WPASupplicant D-Bus name
along with the associated CONFIG_CTRL_IFACE_DBUS option. Nothing should
really be using this since 2010.
This is a just a straightforward removal. Perhaps the dbus_common.c and
dbus_new.c can be merged now. Also, the "_NEW" suffix of the config
option seems to make even less sense than it used to.
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
This old interface has been obsoleted and should not have been used
since 2010, so remove testing for it in preparation to dropping the
interface completely from wpa_supplicant.
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
WPS was already doing this if update_config=1 was set and DPP should be
consistent with that behavior. Update the configuration file if
update_config=1 and dpp_config_processing is set to 1 or 2.
Signed-off-by: Jouni Malinen <j@w1.fi>
Include only one of hostapd_mgmt_rx() and hostapd_action_rx() functions
in the build. Previously, NEED_AP_MLME builds (i.e., cases where hostapd
AP MLME implementation is included) included both of these functions and
both were tried in sequence. In addition to being difficult to
understand, that could result in unexpected behavior if
hostapd_mgmt_rx() rejected a frame and return 0 to allow
hostapd_action_rx() to attempt to process the frame.
All the operations included in hostapd_action_rx() are supposed to be
available through the hostapd_mgmt_rx() call in handle_action() and
those should result in the exact same Category/Action-based handler
function to be called in the end. As such, this should not result in
different behavior. And if there is a difference, that would be pointing
at a hidden bug that would need to be fixed anyway. Furthermore, builds
without NEED_AP_MLME would not have any difference in behavior or
contents of the binary either.
Signed-off-by: Jouni Malinen <j@w1.fi>
There is no need to go through the following handler calls in
hostapd_action_rx() after having found the matching WLAN_ACTION_WNM
handler.
Signed-off-by: Jouni Malinen <j@w1.fi>