This allows the FILS KEK and AAD data (nonces) to be configured to the
driver for association so that the driver can encrypt the
(Re)Association Request frame and decrypt the (Re)Association Response
frame.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This implements processing of FILS Authentication frame for FILS shared
key authentication with ERP and PMKSA caching.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
ieee802_1x_encapsulate_radius() and ieee802_1x_alloc_eapol_sm() need to
be called from FILS processing.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If a PMKSA cache entry for the target AP is available, try to use FILS
with PMKSA caching.
If an ERP key for the target AP is available, try to use FILS with
EAP-Initiate/Re-auth added as Wrapper Data element.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This needs to be callable through the EAPOL supplicant wrappers to allow
FILS implementation to use ERP.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This implements Key-Auth derivation for (Re)Association Request frames
(see P802.11ai/D11.0 12.12.2.6.2) and (Re)Association Response frames
(see P802.11ai/D11.0 12.12.2.6.3).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is the PTKSA key derivation used as part of the FILS authentication
exchange. See P802.11ai/D11.0 12.12.2.5.3.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes it cleaner for the FILS implementation to use the same design
for setting Authentication frame elements as was already done with SAE.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add operations to allow low level control over RF sectors in QCA DMG
(11ad) chipsets. Operations include getting/setting the configuration of
a specific sector, as well as getting/setting the selected sector which
the HW uses to communicate with a specific station.
Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
That function does not need the full EAP header -- it only needs to know
which EAP identifier to use in the message. Make this usable for cases
where the previous EAP message may not exist (FILS).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This changes 4-way handshake authenticator processing to decrypt the
EAPOL-Key frames using an AEAD cipher (AES-SIV with FILS AKMs) before
processing the Key Data field. This replaces Key MIC validation for the
cases where AEAD cipher is used.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This changes 4-way handshake authenticator processing to decrypt the
EAPOL-Key frames using an AEAD cipher (AES-SIV with FILS AKMs) before
processing the Key Data field. This replaces Key MIC validation for the
cases where AEAD cipher is used. This needs to move the EAPOL-Key msg
2/4 RSN element processing to happen only after the PTK has been derived
and validated. That is done for all AKMs to avoid extra complexity with
having to maintain two code paths for this.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This modifies wpa_eapol_key_send() to use AEAD cipher (AES-SIV for FILS
AKMs) to provide both integrity protection for the EAPOL-Key frame and
encryption for the Key Data field. It should be noted that this starts
encrypting the Key Data field in EAPOL-Key message 2/4 while it remains
unencrypted (but integrity protected) in non-FILS cases. Similarly, the
empty Key Data field in EAPOL-Key message 4/4 gets encrypted for AEAD
cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This will be needed to be able to implement AEAD cipher support from
FILS that will need to use KEK to protect the frame.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Suite B 192-bit addition from IEEE Std 802.11ac-2013 replaced the
previous fixed length Key MIC field with a variable length field. That
change was addressed with an addition of a new struct defined for the
second MIC length. This is not really scalable and with FILS coming up
with a zero-length MIC case for AEAD, a more thorough change to support
variable length MIC is needed.
Remove the Key MIC and Key Data Length fields from the struct
wpa_eapol_key and find their location based on the MIC length
information (which is determined by the AKMP). This change allows the
separate struct wpa_eapol_key_192 to be removed since struct
wpa_eapol_key will now include only the fixed length fields that are
shared with all EAPOL-Key cases in IEEE Std 802.11.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Calculate the hashed realm from hostapd erp_domain configuration
parameter and add this to the FILS Indication element when ERP is
enabled.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If FILS is enabled, indicate that in Beacon, Probe Response, and
(Re)Association Response frames in the Extended Capabilities element.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds CONFIG_FILS=y build configuration option and new key
management options for FILS authentication.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds definitions for new information elements from P802.11ai/D11.0
and parsing of these IEs.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The previous implementation was hardcoded to use 128-bit AES key
(AEAD_AES_SIV_CMAC_256). Extend this by allowing AEAD_AES_SIV_CMAC_384
and AEAD_AES_SIV_CMAC_512 with 192-bit and 256-bit AES keys.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the CRC-32 routine to be shared for other purposes in
addition to the WEP/TKIP/FCS within wlantest.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Station should be able to connect initially without ft_pmk_cache filled,
so the target AP has the PSK available and thus the same information as
the origin AP. Therefore neither caching nor communication between the
APs with respect to PMK-R0 or PMK-R1 or VLANs is required if the target
AP derives the required PMKs locally.
This patch introduces the generation of the required PMKs locally for
FT-PSK. Additionally, PMK-R0 is not stored (and thus pushed) for FT-PSK.
So for FT-PSK networks, no configuration of inter-AP communication is
needed anymore when using ft_psk_generate_local=1 configuration. The
default behavior (ft_psk_generate_local=0) remains to use the pull/push
protocol.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
This also implements the macsec_get_capability for the macsec_qca
driver to maintain the existing behavior.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
RFC 5931 Section 2.8.5.1 does not list the Prep field as something that
the server validates to match the Request. However, the supplicant side
has to use the same pre-processing mechanism for the password for the
authentication to work, so we may as well as enforce this field to match
the requested value now that wpa_supplicant implementation is fixed to
copy the value from the request.
Signed-off-by: Jouni Malinen <j@w1.fi>
Fix the pre-processing field in the response when EAP_PWD_PREP_MS is
being used. This fixes interoperability with EAP-pwd servers that
validate the Prep field in EAP-pwd-ID/Response when the RFC2759
(PasswordHashHash) pre-processing is used.
Signed-off-by: Brian Candler <B.Candler@pobox.com>
Clean up the driver interface by passing pointers to struct receive_sc
down the stack to the {create,delete}_recevie_sc() ops, instead of
passing the individual properties of the SC.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Clean up the driver interface by passing pointers to struct transmit_sc
down the stack to the {create,delete}_transmit_sc() ops, instead of
passing the individual arguments.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
This basically just follows commit
587b0457e0 ('LibreSSL: Fix build with
LibreSSL') with the same pattern, which was missed here.
Signed-off-by: Julian Ospald <hasufell@hasufell.de>
Due to a missing guard for old OpenSSL code, SSL_library_init() was not
called, which is required for LibreSSL. Likewise for cleanup.
Signed-off-by: Christian Neukirchen <chneukirchen@gmail.com>
Add LibreSSL check to old OpenSSL #ifdef guard as DH_{get0,set0}_key()
is not implemented in LibreSSL.
Signed-off-by: Christian Neukirchen <chneukirchen@gmail.com>
Add attributes for specifing the frequency where FTM/AOA measurement is
done over the air. This allows the user space framework to maintain its
own cache of peers without depending on the kernel scan results cache,
or perform scans less often (since entries in the kernel scan results
cache expire quickly). The change is backward compatible. If the
frequency attribute is not specified, the kernel scan results cache will
be queried, like done today.
Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
Clean up the driver interface by passing pointers to struct receive_sa
down the stack to the {create,enable,disable}_receive_sa() ops, instead
of passing the individual properties of the SA.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Clean up the driver interface by passing pointers to struct transmit_sa
down the stack to the {create,enable,disable}_transmit_sa ops, instead
of passing the individual properties of the SA.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Clean up the driver interface by passing pointers to structs transmit_sa
and receive_sa down the stack to get_receive_lowest_pn(),
get_transmit_next_pn(), and set_transmit_next_pn() ops, instead of
passing the individual arguments.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
These structs will be passed down to macsec drivers in a coming patch to
make the driver interface cleaner, so they need to be shared between the
core MKA implementation and the drivers.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
This makes it easier to copy a subset of definitions without
accidentally getting mismatching values.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This extends ANQP_GET command to support querying MBO cellular
preference also. The cellular preference can be requested along with
neigbor report by appending mbo:1 to the command arguments.
For example:
ANQP_GET <bssid> 272,mbo:1
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The user space app use QCA_NL80211_VENDOR_SUBCMD_GET_CHAIN_RSSI cmd to
get the corresponding antenna rssi value for the specific chain. And the
associcated attributes are added to configure the antenna diversity and
related selftest.
Signed-off-by: Li Feng <lifeng@qti.qualcomm.com>
The reason detail field was removed from non_pref_chan attr in MBO
v0.0_r25 draft. Don't parse for this element to be compliant with the
latest drafr.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
MBO capable APs can set association disallowed in the Beacon/Probe
Response frames. For testing purposes, the STA needs to be configured to
not ignore the association disallowed set by APs and continue to connect
to such AP like non-MBO enabled STA. Add a QCA vendor attribute for
QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION vendor sub command to
configure the driver to ignore association disallowed functionality.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
There is no need to find bss->drv separately for each parameter, so do
this once at the beginning of the function.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add driver parameter command to force capability flag
WPA_DRIVER_FLAGS_BSS_SELECTION even if driver states otherwise. This is
mainly for testing purposes.
Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
Ignore group members for which there is no supported channels
information when calculating common group frequencies.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
This command carries 802.11 header and payload along with key (TK) and
PN for encryption/decryption purpose. Firmware/driver encrypts/decrypts
the given data and sends to userspace as a response to the command. User
space component can validate the data received from the driver to unit
test the hardware's encryption engine.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
A weakness in the initial client taxonomy mechanism is from storing both
the Probe and Associate in struct sta_info. struct sta_info is created
after a client associates (or starts authentication frame exchange),
which means that any Probe Request frames sent prior to association are
not retained. The Associate Request frame has to be seen, and then
another Probe Request frame after association, before we have a
signature for the client.
Most clients send lots of Probe Request frames (lots and lots and lots
of Probes, actually), but a few do not. ChromeOS is notably sparing in
sending Probe Request frames, it can take a long time before a signature
for a ChromeOS device is available.
Store the most recent Probe Request frame in struct hostapd_sta_info
tracking list. When a struct sta_info is created, move the Probe Request
frame information from struct hostapd_sta_info to struct sta_info.
Signed-off-by: dgentry@google.com (Denton Gentry)
Signed-off-by: denny@geekhold.com (Denton Gentry)
Signed-off-by: rofrankel@google.com (Richard Frankel)
Signed-off-by: richard@frankel.tv (Richard Frankel)
Implement the signature mechanism described in the paper
"Passive Taxonomy of Wifi Clients using MLME Frame Contents"
published by Denton Gentry and Avery Pennarun.
http://research.google.com/pubs/pub45429.htmlhttps://arxiv.org/abs/1608.01725
This involves:
1. Add a CONFIG_TAXONOMY compile option. Enabling taxonomy incurs
a memory overhead of up to several kilobytes per associated
station.
2. If enabled, store the Probe Request and (Re)Associate Request frame in
struct sta_info.
3. Implement code to extract the ID of each Information Element,
plus selected fields and bitmasks from certain IEs, into a
descriptive text string. This is done in a new source file,
src/ap/taxonomy.c.
4. Implement a "signature qq:rr:ss:tt:uu:vv" command
in hostapd_cli to retrieve the signature.
Signatures take the form of a text string. For example, a signature
for the Nexus 5X is:
wifi4|probe:0,1,127,45,191,htcap:01ef,htagg:03,htmcs:0000ffff,vhtcap:338061b2,
vhtrxmcs:030cfffa,vhttxmcs:030cfffa,extcap:00000a0201000040|assoc:0,1,48,45,
221(0050f2,2),191,127,htcap:01ef,htagg:03,htmcs:0000ffff,vhtcap:339071b2,
vhtrxmcs:030cfffa,vhttxmcs:030cfffa,extcap:0000000000000040
Signed-off-by: dgentry@google.com (Denton Gentry)
Signed-off-by: denny@geekhold.com (Denton Gentry)
Signed-off-by: rofrankel@google.com (Richard Frankel)
Signed-off-by: richard@frankel.tv (Richard Frankel)
Previously, struct hostapd_iface sta_seen list head was initialized only
when completing interface setup. This left a window for operation that
could potentially iterate through the list before the list head has been
initialized. While the existing code checked iface->num_sta_seen to
avoid this case, it is much cleaner to initialize the list when struct
hostapd_iface is allocated to avoid any accidental missing of the extra
checks before list iteration.
Signed-off-by: Jouni Malinen <j@w1.fi>
Do not generate an unused and invalid Request Authenticator (random
value) when constructing Accounting-Request packets. The correct Request
Authenticator is calculated subsequently in radius_msg_finish_acct()
using MD5(msg + shared secret).
Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
This reverts commit 647862eb60.
The second check of device_ap_sme looks like duplicated, but it isn't
actually. The trick is nl80211_create_monitor_interface may change that
variable value and the second evaluation may give a different result.
This definitely isn't a very clear code, but that change caused a
regression for drivers that:
1) Don't report NL80211_ATTR_DEVICE_AP_SME
2) Don't support monitor mode
3) Don't support subscribing for PROBE_REQ and/or ACTION frames
like brcmfmac. With such drivers hostapd doesn't start anymore.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
The places using drv->use_monitor were already skipping creation of the
monitor interface if drv->device_ap_sme == 0. This means that the
monitor interface operations would not have worked anyway and it is safe
to set drv->use_monitor to zero for all such cases. This fixes an issue
with management frame subscription not happening properly for the case
where the AP SME is in the driver and the driver supports monitor
interfaces (for other purposes).
This commit also removes the check for monitor support and the
previously used workaround that cleared drv->use_monitor in
drv->device_ap_sme == 1 case if monitor interface was not supported
since that condition cannot occur anymore.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Upon receiving FST Setup Request from some peer on some interface,
search is made to see if same peer is connected on other interface with
specific band_id. With multiple peers, bug in
fst_group_does_iface_appear_in_other_mbies() caused wrong peer address
to be returned sometimes.
Fix this with a modified, simplified search algorithm of peer's "other"
connection.
Signed-off-by: Dedy Lansky <qca_dlansky@qca.qualcomm.com>
Fix some mistakes in the previous commit for adding QCA vendor commands
for indoor location.
Note: The renamed enum value does not change the ABI, but the addition
of QCA_WLAN_VENDOR_ATTR_FTM_MEAS_INVALID in the beginning of enum
qca_wlan_vendor_attr_ftm_meas does renumber
QCA_WLAN_VENDOR_ATTR_FTM_MEAS_* values. The previous values were
committed yesterday and have not been used in any released code yet, so
this is a justifiable quick fix.
Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
Assign QCA vendor specific commands, attributes, and events for
supporting indoor location features.
These features include:
1. Fine timing measurement (FTM) - allows measurement of distance
between two stations. Based on IEEE P802.11-REVmc/D7.0, 11.24.6 FTM is
performed between two stations: one is an initiator, typically a client
that wants to measure distance to another AP, and one is a responder,
typically an AP which responds to measurement requests from other
clients. The responder can be configured to report its location, either
in absolute coordinates (LCI) or free-form description (LCR).
2. Angle of arrival (AOA) - allows measurement of azimuth and elevation
between two stations.
The above features can be combined to allow a station to get an accurate
indoor location.
Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
Add configuration options that control publishing of fine timing
measurement (FTM) responder and initiator functionality via bits 70, 71
of Extended Capabilities element. Typically, FTM functionality is
controlled by a location framework outside hostapd. When framework is
activated, it will use hostapd to configure the AP to publish the FTM
functionality. See IEEE P802.11-REVmc/D7.0, 9.4.2.27.
Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
Some deployed stations incorrectly consider nsts capability in
(Re)Association Response frame as required capability instead of maximum
capability and if it is greater than station's capability then beamform
will not happen in uplink traffic.
This commit adds support for an optional workaround to use station's
nsts capability in (Re)Association Response frame if the station's nsts
is less than AP by using the use_sta_nsts=1 configuration parameter.
This configuration is introduced in this commit and it is disabled by
default.
Signed-off-by: Tamizh chelvam <c_traja@qti.qualcomm.com>
Some user space monitor wants to offload link layer statistics to
firmware. A new command QCA_NL80211_VENDOR_SUBCMD_LL_STATS_EXT and
associcated attributes are added. The monitor will use this new command
to configure monitoring paramters and get link layer statistics.
Attributes added in this change:
1. Parameters for FW to trigger the statistics report
2. Peer STA power state
3. TX failure statistics
Signed-off-by: Zhang Qian <zhangq@qti.qualcomm.com>
Assign cs in ieee802_1x_mka_decode_dist_sak_body and reuse it.
Cleanup of key allocation: ieee802_1x_kay_generate_new_sak() and
ieee802_1x_mka_decode_dist_sak_body() both allocate a struct key_conf,
fill it, and ask ieee802_1x_kay_init_data_key() to allocate and set up a
struct data_key. They also allocate multiple key buffers and copy the
same data around. Stop moving data from buffer to buffer, and just
allocate what we really need.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Instead of copying from kay to a temporary struct, and then from the
struct to the sm, just copy from kay to cp.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
This avoids unnecessary typecasting while still being able to compare
the value to CS_TABLE_SIZE without compiler warnings.
Signed-off-by: Jouni Malinen <j@w1.fi>
Share mka deletion implementation in ieee802_1x_participant_timer() for
the cak_life and mka_life expiration cases.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
This takes care of priority comparison followed by MAC address
comparison if the priorities are identical.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
This is a known constant value (CS_ID_LEN, i.e., the length of the EUI64
identifier) and does not need to be provided separately in these
function calls.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
to_use_sak is a Boolean variable, so there is no need for an if
statement to figure out whether to return TRUE or FALSE.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Use for loop to remove unnecessary goto use and similar cleanup to
simplify the loops in ieee802_1x_mka_i_in_peerlist(),
ieee802_1x_mka_decode_live_peer_body(), and
ieee802_1x_kay_decode_mkpdu().
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Each loop iteration resets body_peer in the beginning, so there is no
need to increment this pointer in the end.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Add ieee802_1x_kay_get_potential_peer() similarly to the previously used
ieee802_1x_kay_get_live_peer() and use these helper functions more
consistently to avoid multiple implementations of peer lookups.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
This splits the u32 bitfields into u8 variables and using bitfields only
for the cases where under 8-bit fields are used.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Previously, this was initialized in hostapd_setup_bss() which made it
possible for a REMOVE_NEIGHBOR control interface command to be issued
prior to the list head pointers having been set. That resulted in a NULL
pointer dereference. Fix this by initializing the list head at the time
the data structure gets allocated.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Number of hostapd control interface commands (e.g., STATUS-DRIVER) could
result in NULL pointer dereference when issued on not yet enabled BSS.
Fix this by checking that the driver interface has been initialized
before calling the driver_ops function.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
When the RADIUS client has not yet been fully enabled, MIB command was
segfaulting hostapd.
Signed-off-by: Eduardo Abinader <eduardoabinader@gmail.com>
Accoding to the comment of struct wpa_driver_mesh_bss_params, the
max_peer_links parameter should be under that struct.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Various checks should use is_multicast_ether_addr() instead
of hardcoding the equivalent, change it.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Previously, driver_nl80211 sets NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT in
AP mode, to get EAPOL frames out unencrypted when using IEEE 802.1X/WEP.
However, due to the way nl80211/cfg80211 is implemented, this attribute
is ignored by the kernel if NL80211_ATTR_CONTROL_PORT_ETHERTYPE isn't
specified as well. Fix this by including
NL80211_ATTR_CONTROL_PORT_ETHERTYPE set to ETH_P_PAE. This can be done
unconditionally, since the kernel will allow ETH_P_PAE to be set even
when the driver didn't advertise support for arbitrary ethertypes.
Additionally, the params->pairwise_ciphers appear to not be set at
this point, so relax the check and allow them to be zero.
In client mode, this whole thing was missing, so add it. Again, the
pairwise suite can be WPA_CIPHER_NONE, so allow that case as well.
This fixed IEEE 802.1X/WEP EAP reauthentication and rekeying to use
unencrypted EAPOL frames which is the de facto way of implementing this
in wireless networks.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
To be consistent with OpenSSL 1.1.0, the free functions should
internally check for NULL. EVP_MD_CTX_free also was missing an
EVP_MD_CTX_cleanup, so this leaked a little.
OpenSSL 1.1.0 also has given get_rfc3526_prime_1536 a better namespace
with get_rfc3526_prime_1536 as a compatibility-only name. Use that
instead in 1.1.0.
Signed-off-by: David Benjamin <davidben@google.com>
Do not include a NAS-Port attribute in Access-Request and
Accounting-Request packets where the Association ID (AID) is 0, i.e.,
not yet assigned or known.
Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
Previously, the check for mgmt->bssid matching own address (= BSSID)
ended up rejecting the case where Public Action frames are using
Wildcard BSSID in the Address 3 field. This could result in GAS queries
being dropped. Fix this by allowing both the own address (= AP BSSID)
and Wildcard BSSID in Action frame Address 3 field.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit introduces a new vendor sub command
QCA_NL80211_VENDOR_SUBCMD_GET_HW_CAPABILITY and the associated
attributes to get Wi-Fi hardware capabilities.
Signed-off-by: Yingying Tang <yintang@qti.qualcomm.com>
This can be used to mandate the presence of the Message-Authenticator
attribute on CoA/Disconnect-Request packets.
Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
Trying to open file for checking file existence seems to be too much.
Instead use access system call which is meant for the same.
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
body_type, used to index in mka_body_handler, can be any u8 value, but
we have only ARRAY_SIZE(mka_body_handler) elements.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
This uses a more accurate variable type for body_type and makes it
cleaner to compare this to other unsigned values.
Signed-off-by: Jouni Malinen <j@w1.fi>
If the memory allocation in ieee802_1x_kay_init_receive_sc() fails, we
end up in an inconsistent state where the peer is moved to the live
peers list and its sci is setup, but we don't have an rxsc.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
The room we actually use is length. This could also mess up the
receiver, since it will advance by the actual length (as indicated by
the parameter body's length), which could differ from the offset at
which we stored the next item.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
1. The comparison between SCI's of two servers with identical priority
is broken, and would always return TRUE. Just use os_memcmp(), which
provides the ordering we need.
2. If no peer can be key server but this instance can, then become the
key server.
3. The ordering of blocks between peer as key server and ourself as key
server overwrites settings. Simple reordering fixes this.
4. Default to being the key server, so that we advertise our ability in
the MKPDUs we send. That's the only way peers can know we can be key
server. Cleared automatically as soon as we find a better peer.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
There's no need to have a separate variable and open-code a more
complicated version of this, just use is_broadcast_ether_addr().
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
In preparation for adding further command completion support
to hostapd_cli move some cli related utility functions out of
wpa_cli into a new common cli file.
Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
This commit defines QCA vendor subcommand and attributes for IE based
access control, i.e., the specific configured IE (full IE) is matched
with the frames originated by the Wi-Fi STA / AP to accept or deny the
connection. A specific IE can either be a whitelist or blacklist.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit introduces a new vendor sub command
QCA_NL80211_VENDOR_SUBCMD_GPIO_CONFIG_COMMAND and associated
attributes to configure GPIO pins.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes wpa_supplicant set default scan IEs to the driver (if the
vendor command is supported). The driver can use these IEs in the scan
requests initiated by the driver itself. Also the driver can merge these
IEs into further scan requests that it receives, in case if the scan
request doesn't carry any of the IEs sent in this command.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, HT/VHT state was shown in STATUS based on the configuration
parameter instead of the runtime operational parameters. This could
result in claiming HT/VHT to be enabled even when it was forced to be
disabled due to an incompatible configuration. Clear HT/VHT information
in the STATUS output if HT/VHT has been disabled.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If params->freq is NULL here, it leads to a segfault. Do not initialize
bss->bandwidth if params->freq is NULL.
Signed-off-by: Chaitanya T K <Chaitanya.Mgit@gmail.com>
Previously, HT capability IE and HT information IE were included in
Beacon and Mesh Peering Open/Confirm frames even if HT is disabled with
disable_ht=1. This patch removes these.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
If a peer stops sending adv_service_instance, we should clear the
existing dev->info.p2ps_instance.
This commit fixes the following scenario:
When peer device stops sending adv_service_instance, wpa_supplicant did
not remove old dev->info.p2ps_instance from device's property. This
variable should be updated as per peer behavior and should be cleared
when peer stops sending this information.
Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
Remove the unnecessary os_free() call from p2p_deinit() since
p2p_flush() called just above this takes care of freeing
p2p->after_scan_tx and the second call here ends up being no-op
os_free(NULL) in practice.
Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
Previously, mesh power management functionality works only with kernel
MPM. Because user space MPM did not report mesh peer AID to kernel,
the kernel could not identify the bit in TIM element. So this patch
reports mesh peer AID to kernel.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
This commit introduces a new vendor sub command
QCA_NL80211_VENDOR_SUBCMD_SAP_CONDITIONAL_CHAN_SWITCH and associated
attributes which aim to configure selected frequencies on which the AP
can conditionally switch onto for preferred operation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 49fe2ada20 ('OpenSSL: Support
OpenSSL 1.1.0 DH opacity') started using the new accessor functions, but
used incorrect success check for the DH_set0_key() call. This resulted
in dh5_init_fixed() failures and double-free on error path if the build
was linked against OpenSSL 1.1.0. Fix this by checking DH_set0_key()
return value to be 1 for the success case.
Signed-off-by: Jouni Malinen <j@w1.fi>
These control interface event message are used by external programs, so
define them a bit more formally in the header file.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows P2P Listen to be offloaded to device to enhance power
saving.
To start P2P listen offload, from wpa_cli interface, issue the command:
p2p_lo_start <freq> <period> <interval> <count>
To stop P2P listen offload, issue the command:
p2p_lo_stop
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Provides operating frequency in EVENT_ASSOC when IBSS is joined so that
wpa_s->assoc_freq can be updated when any IBSS network is joined.
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
During the P802.11s draft development, there were separate LISTEN and
IDLE states. However, the current IEEE 802.11 standards uses only the
IDLE state while the implementation called this LISTEN. Rename the state
in the implementation to match the one used in the standard to avoid
confusion. In addition, rename OPEN_{SENT,RCVD} to OPN_{SNT,RCVD} to
match the exact spelling of these states in the standard.
Signed-off-by: Jouni Malinen <j@w1.fi>
OpenSSL 1.1.0 (master branch) apparently ended up modifying the API
after the beta 2 release that was supposed to complete the work. Mark
the variables const to fix the compilation with the modified OpenSSL
API.
Signed-off-by: Jouni Malinen <j@w1.fi>
These elements can be used for pre-standard publication testing of HE
before P802.11ax draft assigns the element ID. The payload of these
vendor specific elements is defined by the latest P802.11ax draft.
Please note that the draft is still work in progress and the element
payload is subject to change.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is now annotated as be16, so use it as such in all cases instead of
first storing host byte order value and then swapping that to big endian
in other instances of the same structure. This gets rid of number of
sparse warnings.
Signed-off-by: Jouni Malinen <j@w1.fi>
driver_wired.c pulls in utils/common.h before net/if.h as a workaround
for NetBSD build. This results in IFNAMSIZ getting redefined and sparse
warning about this. Silence that warning by undefining the IFNAMSIZ
definition from common.h to allow the one from net/if.h being used. In
addition, remove duplicated inclusion of net/if.h.
Signed-off-by: Jouni Malinen <j@w1.fi>
This gets rid of a sparse warning and also allows the compatibility of
the declarations to be verified (a missing const declaration is fixed
here as well).
Signed-off-by: Jouni Malinen <j@w1.fi>
This gets rid of number of sparse warnings and also allows the
compatibility of the declarations to be verified (number of missing
const declarations are fixed here as well).
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows the compiler to check that function prototypes match the
implementation. In addition, this gets rid of sparse warnings.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
These are called through function pointers, so no need to make the
function symbols directly available outside this file.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This converts some of the PAE code to use a design that gets rid
unnecessary warnings from sparse and allows more thorough validation of
byte order operations.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
These are called through function pointers, so no need to make the
function symbols directly available outside this file.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
These little endian fields were not marked properly and the type case in
the get_unaligned_* helper macros were causing warnings from sparse.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Couple of fsts_id and llt fields were not properly swapped from host
byte order to little endian byte order used in the frames. Fix this and
use the le32 type to make this more consistent and verifiable with
sparse.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Since crypto_openssl.c is now implementing couple of functions
internally, pull in the relevant header files md5.h and aes_wrap.h to
make sure the function declaration are consistent.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Freeing memory for subjectAltName in parse_cert(), will give cert_cb
pointers to freed memory zone that may already been overwritten. Memory
for subjectAltName is released in parse_cert_free().
Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
The "Accepting Additional Mesh Peerings bit == 0" means the peer cannot
accept any more peers, so suppress attempt to open a connection to such
a peer.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
This moves pairwise, group, and management group ciphers to various mesh
data structures to avoid having to hardcode cipher in number of places
through the code. While CCMP and BIP are still the hardcoded ciphers,
these are now set only in one location.
Signed-off-by: Jouni Malinen <j@w1.fi>
The AMPE element includes number of optional and variable length fields
and those cannot really be represented by a fixed struct
ieee80211_ampe_ie. Remove the optional fields from the struct and
build/parse these fields separately.
This is also adding support for IGTKdata that was completely missing
from the previous implementation. In addition, Key RSC for MGTK is now
filled in and used when configuring the RX MGTK for a peer.
Signed-off-by: Jouni Malinen <j@w1.fi>
The previous implementation was incorrect in forcing the MGTK to be used
as the IGTK as well. Define new variable for storing IGTK and use that,
if set, to configure IGTK to the driver. This commit does not yet fix
AMPE element parsing to fill in this information.
Signed-off-by: Jouni Malinen <j@w1.fi>
This extends the data structures to allow variable length MGTK to be
stored for RX. This is needed as an initial step towards supporting
different cipher suites.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is initial step in fixing issues in how PMF configuration for RSN
mesh was handled. PMF is an optional capability for mesh and it needs to
be configured consistently in both hostapd structures (to get proper
RSNE) and key configuration (not included in this commit).
Signed-off-by: Jouni Malinen <j@w1.fi>
Commit 0603bcb7fe ('hostapd: Process MAC
ACLs on a station association event (SME in driver)') processes MAC ACL
on a station association event for drivers which use AP SME offload but
does not consider the scenario where the drivers offload ACL. This can
result in station disconnection, though the driver accepts the
connection. Address this by avoiding the hostapd ACL check for the
drivers offloading MAC ACL.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit also introduces a new attribute MANDATORY_FREQUENCY_LIST
which aims for AP operation in a channel that ensures best concurrency
sessions.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
eloop deinit calls could trigger segmentation fault if the early error
path is hit before eloop_init() gets called.
Signed-off-by: Jouni Malinen <j@w1.fi>
Verify that fst_global_init() has been called before deinitializing the
global FST context. This makes it a bit easier to handle failure paths
from initialization.
Signed-off-by: Jouni Malinen <j@w1.fi>
Set max peer links to kernel even when wpa_supplicant MPM is used. This
sets the correct value for the "Accepting Additional Mesh Peerings bit"
in "Mesh Capability field" in "Mesh Configuration element" in the Beacon
frame.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Recent versions of engine_pkcs11 are set up to be autoloaded on demand
with ENGINE_by_id() because they don't need explicit configuration.
But if we *do* want to explicitly configure them with a PKCS#11 module
path, we should still do so.
We can't tell whether it was already initialised, but it's harmless to
repeat the MODULE_PATH command if it was.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Michael Schaller <misch@google.com>
Any data accessible from nla_data() is freed before the
send_and_recv_msgs() function returns, therefore we need to allocate
space for info.flags ourselves.
Signed-off-by: Paul Stewart <pstew@google.com>
gas_address3=1 can now be used to force hostapd to use the IEEE 802.11
standards compliant Address 3 field value (Wildcard BSSID when not
associated) even if the GAS request uses non-compliant address (AP
BSSID).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously all TX status events with wildcard BSSID were ignored. This
did not allow Public Action frame TX status to be processed with the
corrected wildcard BSSID use. Fix this to be allowed. In practice, this
affects only test cases since Action frame TX status was not used for
anything else.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
IEEE Std 802.11-2012, 10.19 (Public Action frame addressing) specifies
that the wildcard BSSID value is used in Public Action frames that are
transmitted to a STA that is not a member of the same BSS. hostapd used
to use the actual BSSID value for all such frames regardless of whether
the destination STA is a member of the BSS.
Fix this by using the wildcard BSSID in cases the destination STA is not
a member of the BSS. Leave group addressed case as-is (i.e., the actual
BSSID), since both values are accepted. No such frames are currently
used, though.
This version is still using the AP BSSID value in the Address 3 field
for GAS response frames when replying to a GAS request with AP BSSID
instead of Wildcard BSSID. This is left as a workaround to avoid
interoperability issues with deployed STA implementations that are still
using the non-compliant address and that might be unable to process the
standard compliant case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds the necessary changes to support extraction and use of the
extended capabilities specified per interface type (a recent
cfg80211/nl80211 extension). If that information is available,
per-interface values will be used to override the global per-radio
value.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add a new "timeout" argument to the event message if the nl80211 message
indicates that the connection failure is not due to an explicit AP
rejection message. This makes it easier for external programs to figure
out why the connection failed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the simplest case of SAE group negotiation to occur by
selecting the next available group if the peer STA indicates the
previous one was not supported. This is not yet sufficient to cover all
cases, e.g., when both STAs need to change their groups, but at least
some cases are no covered.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
hostapd deinit functions were not ready to handle a case where the data
structures were not fully initialized. Make these more robust to allow
wpa_supplicant mesh implementation to use the current deinit design in
OOM error cases without causing NULL pointer dereferences.
Signed-off-by: Jouni Malinen <j@w1.fi>
This avoids internal access of structs and also removes the dependency
on the reimplemented TLS PRF functions when EAP-FAST support is not
enabled. Notably, BoringSSL doesn't support EAP-FAST, so there is no
need to access its internals with openssl_get_keyblock_size().
Signed-Off-By: David Benjamin <davidben@google.com>
Most protocols extracting keys from TLS use RFC 5705 exporters which is
commonly implemented in TLS libraries. This is the mechanism used by
EAP-TLS. (EAP-TLS actually predates RFC 5705, but RFC 5705 was defined
to be compatible with it.)
EAP-FAST, however, uses a legacy mechanism. It reuses the TLS internal
key block derivation and derives key material after the key block. This
is uncommon and a misuse of TLS internals, so not all TLS libraries
support this. Instead, we reimplement the PRF for the OpenSSL backend
and don't support it at all in the GnuTLS one.
Since these two are very different operations, split
tls_connection_prf() in two. tls_connection_export_key() implements the
standard RFC 5705 mechanism that we expect most TLS libraries to
support. tls_connection_get_eap_fast_key() implements the
EAP-FAST-specific legacy mechanism which may not be implemented on all
backends but is only used by EAP-FAST.
Signed-Off-By: David Benjamin <davidben@google.com>
Commit 68ae4773a4 ('OpenSSL: Use library
wrapper functions to access cert store') fixed most of these, but missed
a few.
Signed-Off-By: David Benjamin <davidben@google.com>
This makes changes such that hostapd (and wpa_supplicant AP mode)
registers to kernel for specific Action frames instead of generically
registering for all Action frames. This makes it easier for other
programs to register for some Action frames that hostapd does not handle
today without having to somehow coordinate directly with hostapd.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add P2PS config flag only when config_methods are set. This restores the
pre-P2PS behavioer for the cases where Display or Keypad config method
is specified for a peer (i.e., do not add the new P2PS method in that
case).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This gets rid of a valgrind warning on uninitialized memory read in the
eap_proto_sake_errors test case where the result was used after the
failed eap_sake_compute_mic() call.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This gets rid of a valgrind warning on uninitialized memory read in the
eap_proto_pax_errors test case where the result was used after the
failed eap_pax_mac() call.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This gets rid of a valgrind warning on uninitialized memory read in the
eap_proto_fast_errors test case where the result was used after the
failed sha1_t_prf() call.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This gets rid of a valgrind warning on uninitialized memory read in the
wpas_ctrl_error test case where the result was used after the failed
sha256_vector() call.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This gets rid of a valgrind warning on uninitialized memory read in the
hostapd_oom_wpa2_eap_connect test case where the result is used after
failed md5_vector() call.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This gets rid of a valgrind warning on uninitialized memory read in the
hostapd_oom_wpa2_eap_connect test case where memcmp is used after failed
hmac_md5() call.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This gets rid of a valgrind warning on uninitialized memory read in the
hostapd_oom_wpa2_eap test case where memcmp is used after failed
md5_vector() call.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Check for hmac_sha256() failures and exit from wps_derive_psk() without
printing out the derived keys if anything fails. This removes a valgrind
warning on uninitialized value when running the ap_wps_m3_oom test case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
In some terminal, verified with gtkterm and teraterm, backspace key is
not properly processed. For instance, type 'abc', 3 times of backspace
key press then '123' shows the result of 'abc123' instead of '123'. To
fix this, add a routine to process '\b' character input when using
edit_simple.c instead of edit.c (i.e., without CONFIG_WPA_CLI_EDIT=y).
Signed-off-by: Siwon Kang <kkangshawn@gmail.com>