Add ieee802_1x_kay_get_potential_peer() similarly to the previously used
ieee802_1x_kay_get_live_peer() and use these helper functions more
consistently to avoid multiple implementations of peer lookups.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
This splits the u32 bitfields into u8 variables and using bitfields only
for the cases where under 8-bit fields are used.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Previously, this was initialized in hostapd_setup_bss() which made it
possible for a REMOVE_NEIGHBOR control interface command to be issued
prior to the list head pointers having been set. That resulted in a NULL
pointer dereference. Fix this by initializing the list head at the time
the data structure gets allocated.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Number of hostapd control interface commands (e.g., STATUS-DRIVER) could
result in NULL pointer dereference when issued on not yet enabled BSS.
Fix this by checking that the driver interface has been initialized
before calling the driver_ops function.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
When the RADIUS client has not yet been fully enabled, MIB command was
segfaulting hostapd.
Signed-off-by: Eduardo Abinader <eduardoabinader@gmail.com>
Accoding to the comment of struct wpa_driver_mesh_bss_params, the
max_peer_links parameter should be under that struct.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Various checks should use is_multicast_ether_addr() instead
of hardcoding the equivalent, change it.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Previously, driver_nl80211 sets NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT in
AP mode, to get EAPOL frames out unencrypted when using IEEE 802.1X/WEP.
However, due to the way nl80211/cfg80211 is implemented, this attribute
is ignored by the kernel if NL80211_ATTR_CONTROL_PORT_ETHERTYPE isn't
specified as well. Fix this by including
NL80211_ATTR_CONTROL_PORT_ETHERTYPE set to ETH_P_PAE. This can be done
unconditionally, since the kernel will allow ETH_P_PAE to be set even
when the driver didn't advertise support for arbitrary ethertypes.
Additionally, the params->pairwise_ciphers appear to not be set at
this point, so relax the check and allow them to be zero.
In client mode, this whole thing was missing, so add it. Again, the
pairwise suite can be WPA_CIPHER_NONE, so allow that case as well.
This fixed IEEE 802.1X/WEP EAP reauthentication and rekeying to use
unencrypted EAPOL frames which is the de facto way of implementing this
in wireless networks.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
To be consistent with OpenSSL 1.1.0, the free functions should
internally check for NULL. EVP_MD_CTX_free also was missing an
EVP_MD_CTX_cleanup, so this leaked a little.
OpenSSL 1.1.0 also has given get_rfc3526_prime_1536 a better namespace
with get_rfc3526_prime_1536 as a compatibility-only name. Use that
instead in 1.1.0.
Signed-off-by: David Benjamin <davidben@google.com>
Do not include a NAS-Port attribute in Access-Request and
Accounting-Request packets where the Association ID (AID) is 0, i.e.,
not yet assigned or known.
Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
Previously, the check for mgmt->bssid matching own address (= BSSID)
ended up rejecting the case where Public Action frames are using
Wildcard BSSID in the Address 3 field. This could result in GAS queries
being dropped. Fix this by allowing both the own address (= AP BSSID)
and Wildcard BSSID in Action frame Address 3 field.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit introduces a new vendor sub command
QCA_NL80211_VENDOR_SUBCMD_GET_HW_CAPABILITY and the associated
attributes to get Wi-Fi hardware capabilities.
Signed-off-by: Yingying Tang <yintang@qti.qualcomm.com>
This can be used to mandate the presence of the Message-Authenticator
attribute on CoA/Disconnect-Request packets.
Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
Trying to open file for checking file existence seems to be too much.
Instead use access system call which is meant for the same.
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
body_type, used to index in mka_body_handler, can be any u8 value, but
we have only ARRAY_SIZE(mka_body_handler) elements.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
This uses a more accurate variable type for body_type and makes it
cleaner to compare this to other unsigned values.
Signed-off-by: Jouni Malinen <j@w1.fi>
If the memory allocation in ieee802_1x_kay_init_receive_sc() fails, we
end up in an inconsistent state where the peer is moved to the live
peers list and its sci is setup, but we don't have an rxsc.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
The room we actually use is length. This could also mess up the
receiver, since it will advance by the actual length (as indicated by
the parameter body's length), which could differ from the offset at
which we stored the next item.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
1. The comparison between SCI's of two servers with identical priority
is broken, and would always return TRUE. Just use os_memcmp(), which
provides the ordering we need.
2. If no peer can be key server but this instance can, then become the
key server.
3. The ordering of blocks between peer as key server and ourself as key
server overwrites settings. Simple reordering fixes this.
4. Default to being the key server, so that we advertise our ability in
the MKPDUs we send. That's the only way peers can know we can be key
server. Cleared automatically as soon as we find a better peer.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
There's no need to have a separate variable and open-code a more
complicated version of this, just use is_broadcast_ether_addr().
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
In preparation for adding further command completion support
to hostapd_cli move some cli related utility functions out of
wpa_cli into a new common cli file.
Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
This commit defines QCA vendor subcommand and attributes for IE based
access control, i.e., the specific configured IE (full IE) is matched
with the frames originated by the Wi-Fi STA / AP to accept or deny the
connection. A specific IE can either be a whitelist or blacklist.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
