Commit graph

17094 commits

Author SHA1 Message Date
Jouni Malinen
08704cd885 hostapd: Verify availability of random data when using WPA/WPA2
On Linux, verify that the kernel entropy pool is capable of providing
strong random data before allowing WPA/WPA2 connection to be
established. If 20 bytes of data cannot be read from /dev/random,
force first two 4-way handshakes to fail while collecting entropy
into the internal pool in hostapd. After that, give up on /dev/random
and allow the AP to function based on the combination of /dev/urandom
and whatever data has been collected into the internal entropy pool.
2010-11-24 13:08:03 +02:00
Masashi Honma
dbb6ed7e75 Fix memory leak on EAPOL Authenticator error path
wlan0: RADIUS No authentication server configured
MEMLEAK[0x999feb8]: len 1040
WPA_TRACE: memleak - START
[3]: ./hostapd(radius_msg_new+0x33) [0x8074f43]
     radius_msg_new() ../src/radius/radius.c:117
[4]: ./hostapd() [0x806095e]
     ieee802_1x_encapsulate_radius() ../src/ap/ieee802_1x.c:439
     ieee802_1x_aaa_send() ../src/ap/ieee802_1x.c:1496

For example, this error occured when I used WPS hostapd without
"eap_server=1" definition in configuration file.
2010-11-24 01:42:50 +02:00
Jouni Malinen
bbb921daaa Maintain internal entropy pool for augmenting random number generation
By default, make hostapd and wpa_supplicant maintain an internal
entropy pool that is fed with following information:

hostapd:
- Probe Request frames (timing, RSSI)
- Association events (timing)
- SNonce from Supplicants

wpa_supplicant:
- Scan results (timing, signal/noise)
- Association events (timing)

The internal pool is used to augment the random numbers generated
with the OS mechanism (os_get_random()). While the internal
implementation is not expected to be very strong due to limited
amount of generic (non-platform specific) information to feed the
pool, this may strengthen key derivation on some devices that are
not configured to provide strong random numbers through
os_get_random() (e.g., /dev/urandom on Linux/BSD).

This new mechanism is not supposed to replace proper OS provided
random number generation mechanism. The OS mechanism needs to be
initialized properly (e.g., hw random number generator,
maintaining entropy pool over reboots, etc.) for any of the
security assumptions to hold.

If the os_get_random() is known to provide strong ramdom data (e.g., on
Linux/BSD, the board in question is known to have reliable source of
random data from /dev/urandom), the internal hostapd random pool can be
disabled. This will save some in binary size and CPU use. However, this
should only be considered for builds that are known to be used on
devices that meet the requirements described above. The internal pool
is disabled by adding CONFIG_NO_RANDOM_POOL=y to the .config file.
2010-11-24 01:29:40 +02:00
Jouni Malinen
e5851439e3 Fix hlr_auc_gw build with CONFIG_WPA_TRACE=y 2010-11-24 01:10:48 +02:00
Jouni Malinen
3642c4313a Annotate places depending on strong random numbers
This commit adds a new wrapper, random_get_bytes(), that is currently
defined to use os_get_random() as is. The places using
random_get_bytes() depend on the returned value being strong random
number, i.e., something that is infeasible for external device to
figure out. These values are used either directly as a key or as
nonces/challenges that are used as input for key derivation or
authentication.

The remaining direct uses of os_get_random() do not need as strong
random numbers to function correctly.
2010-11-24 01:05:20 +02:00
Jouni Malinen
1bdb7ab3af Re-initialize GMK and Key Counter on first station connection
This adds more time for the system entropy pool to be filled before
requesting random data for generating the WPA/WPA2 encryption keys.
This can be helpful especially on embedded devices that do not have
hardware random number generator and may lack good sources of
randomness especially early in the bootup sequence when hostapd is
likely to be started.

GMK and Key Counter are still initialized once in the beginning to
match the RSN Authenticator state machine behavior and to make sure
that the driver does not transmit broadcast frames unencrypted.
However, both GMK (and GTK derived from it) and Key Counter will be
re-initialized when the first station connects and is about to
enter 4-way handshake.
2010-11-24 00:52:46 +02:00
Jouni Malinen
38484f69f9 wlantest: Update STA State based on broadcast Deauth/Disassoc 2010-11-23 14:37:21 +02:00
Jouni Malinen
a912dd16c5 wlantest: Implement IEEE 802.11 duplicate detection
This cleans up debug logs by avoiding incorrect entries on TKIP/CCMP
replays and some state changes.
2010-11-23 14:27:28 +02:00
Jouni Malinen
107ad4e323 wlantest: Show broadcast Deauth/Disassoc info in debug 2010-11-23 13:16:23 +02:00
Jouni Malinen
f665867bd1 wlantest: Check STA State when validating need for CCMP for mgmt
If the STA is in State 1 or 2, Deauth/Disassoc frames are not
protected, so no need to complain about them being sent without CCMP.
2010-11-23 13:15:25 +02:00
Jouni Malinen
3c7302c219 Report errors from key derivation/configuration
Eventually, these should be acted on, so at least get the return
values passed one layer up.
2010-11-23 01:05:26 +02:00
Jouni Malinen
5cb9d5c3d1 Mix in more data to GTK/IGTK derivation
The example GMK-to-GTK derivation described in the IEEE 802.11 standard
is marked informative and there is no protocol reason for following it
since this derivation is done only on the AP/Authenticator and does not
need to match with the Supplicant. Mix in more data into the derivation
process to get more separation from GMK.
2010-11-23 00:57:14 +02:00
Jouni Malinen
783a082ccc wlantest: Add per-BSS counters for BIP deauth/disassoc 2010-11-21 21:50:28 +02:00
Jouni Malinen
cdd71e307e wlantest: Add per-STA counter for (Re)AssocResp comeback frames 2010-11-21 21:24:20 +02:00
Jouni Malinen
fc686b1994 wlantest: Use helper functions to parse BSS/STA parameters 2010-11-21 18:18:01 +02:00
Jouni Malinen
2fc0cd54db wlantest: Add functionality for fetching STA/BSS information 2010-11-21 18:01:18 +02:00
Jouni Malinen
221519dea3 wlantest: Derive PMK to existing BSSes when a new passphrase is added 2010-11-21 13:19:43 +02:00
Jouni Malinen
81d5989176 wlantest: Fix CCMP header generation to include reserved field 2010-11-21 13:18:57 +02:00
Jouni Malinen
0778c8f5ed wlantest: Add more debugging details for PMK selection 2010-11-21 13:18:02 +02:00
Jouni Malinen
902621e2b0 wlantest: Show encrypted version on injected frame in debug 2010-11-21 13:17:35 +02:00
Jouni Malinen
b21e2c84f1 Include own MAC address in status info even in non-P2P builds 2010-11-21 12:35:49 +02:00
Jouni Malinen
13b9f3a1f9 wlantest: Add history file for wlantest_cli 2010-11-21 12:09:27 +02:00
Jouni Malinen
e3acc8f1c8 edit: Clear edit line on deinit 2010-11-21 12:07:29 +02:00
Jouni Malinen
566aef60ab edit: Limit maximum number of history entries to 100 2010-11-21 12:04:44 +02:00
Jouni Malinen
70de7d56fe edit: Implement history file read/write 2010-11-21 12:01:50 +02:00
Jouni Malinen
19ec1f262e edit: Fix history prev selection 2010-11-21 11:49:36 +02:00
Jouni Malinen
8953e9681a edit: Move history save file specification to caller 2010-11-21 11:43:09 +02:00
Jouni Malinen
ec9aac9468 edit: Use struct dl_list for history buffer 2010-11-21 11:25:34 +02:00
Jouni Malinen
31e1206baa edit: Fix delete_word when not in the end of line 2010-11-20 23:05:12 +02:00
Jouni Malinen
ee3b84beb3 wlantest: Parse ICMP echo packet and record STA ping success 2010-11-20 22:34:42 +02:00
Jouni Malinen
aebe76594b wlantest: Ignore built files in git status 2010-11-20 21:43:49 +02:00
Jouni Malinen
161d0339c6 wlantest: Move RX EAPOL processing into its own file 2010-11-20 21:40:04 +02:00
Jouni Malinen
464144a43b edit: Add history buffer search
Ctrl-R can now be used to start history search mode.
2010-11-20 17:55:35 +02:00
Jouni Malinen
42034d6f60 edit: Clean up escape code parser 2010-11-20 16:59:55 +02:00
Jouni Malinen
0bee81352f edit: Split escape code parsing into a separate function
This makes edit_read_char() simpler and easier to extend since it
does not need to know anything about the escape codes anymore.
2010-11-20 15:55:51 +02:00
Jouni Malinen
0954399c90 wlantest: Use proper cmd length in fetching STA list 2010-11-20 12:43:16 +02:00
Jouni Malinen
ef6ee3e5a3 edit: Sort completion list 2010-11-20 12:41:15 +02:00
Jouni Malinen
79a670cbf7 wlantest: Add pre-command completion functions
This allows the parameters to each command to be completed.
2010-11-20 12:35:11 +02:00
Jouni Malinen
9364990ace edit: Really fix the completion of last character
The previous commit broke completion in various places. The proper
way of handling the completion of full word is to verify whether
there are more than one possible match at that point.
2010-11-20 12:27:06 +02:00
Jouni Malinen
414780027a edit: Fix completion at the last character
Completion needs to be done even if the full word has been entered.
In addition, fix the space-after-full-word to properly allocate room
for the extra character when completion is used in the middle of the
string.
2010-11-20 11:59:04 +02:00
Jouni Malinen
89eb6b774d edit: Fix delete word to update current position 2010-11-20 11:48:00 +02:00
Jouni Malinen
e4f13f9256 edit: Fix completion of arguments other than the first one 2010-11-20 11:45:42 +02:00
Jouni Malinen
73669f1b03 edit: Fix Home/End escape codes 2010-11-20 11:20:48 +02:00
Jouni Malinen
ef49bb80a9 wlantest: Add interactive mode to wlantest_cli 2010-11-20 10:48:32 +02:00
Jouni Malinen
7302a35ed4 edit: Add string completion support on tab 2010-11-20 00:42:02 +02:00
Jouni Malinen
57f7d03f91 wlantest: Do not add new BSS/STA entries based on ctrl commands
Introduce bss_find()/sta_find() as an alternative bss_get()/sta_get()
command that do not allocate new BSS/STA entry if no existing entry
is found.
2010-11-19 22:00:10 +02:00
Jouni Malinen
fbdd21327e wlantest: Add add_passphrase command
This can be used to add a new known passphrase without having to
restart wlantest.
2010-11-19 19:31:55 +02:00
Jouni Malinen
a16c859034 wlantest: Add command for fetching wlantest version 2010-11-19 17:45:19 +02:00
Jouni Malinen
990153b4dd wlantest: Add support for injecting (Re)Association Request frames 2010-11-19 17:09:02 +02:00
Jouni Malinen
2e4c34691b wlantest: Add support for protecting injected broadcast frames 2010-11-19 16:48:33 +02:00