Commit graph

11034 commits

Author SHA1 Message Date
Jouni Malinen
cc27c8e680 hostapd: Fix early init failure path
eloop deinit calls could trigger segmentation fault if the early error
path is hit before eloop_init() gets called.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-13 00:37:23 +03:00
Jouni Malinen
976dfb3237 FST: Make fst_global_deinit() more robust
Verify that fst_global_init() has been called before deinitializing the
global FST context. This makes it a bit easier to handle failure paths
from initialization.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-13 00:37:14 +03:00
Jouni Malinen
0b1b2044cc tests: Add sniffer check to wpas_mesh_max_peering
This verifies that the Accepting Additional Mesh Peerings field is being
cleared properly when the maximum peer links count is reached.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-13 00:04:47 +03:00
Masashi Honma
7a69fad7ad mesh: Sync max peer links with kernel
Set max peer links to kernel even when wpa_supplicant MPM is used. This
sets the correct value for the "Accepting Additional Mesh Peerings bit"
in "Mesh Capability field" in "Mesh Configuration element" in the Beacon
frame.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-06-12 21:49:05 +03:00
Jouni Malinen
a3bd53273e tests: Additional coverage in mesh_sae_groups_invalid
Additional coverage in mesh_rsn_sae_group() with non-zero
wpa_s->mesh_rsn->sae_group_index.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-12 17:56:02 +03:00
David Woodhouse
f7cb6e9f24 Update PKCS#11 references in template wpa_supplicant.conf
Ditch the legacy syntax and manual engine mangling and just give an
example using simple PKCS#11 URIs that'll work with both GnuTLS and
OpenSSL.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2016-06-11 12:21:47 +03:00
David Woodhouse
c3d7fb7e27 OpenSSL: Initialise PKCS#11 engine even if found with ENGINE_by_id()
Recent versions of engine_pkcs11 are set up to be autoloaded on demand
with ENGINE_by_id() because they don't need explicit configuration.

But if we *do* want to explicitly configure them with a PKCS#11 module
path, we should still do so.

We can't tell whether it was already initialised, but it's harmless to
repeat the MODULE_PATH command if it was.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Michael Schaller <misch@google.com>
2016-06-11 12:21:08 +03:00
Paul Stewart
fdc1188a85 nl80211: Fix use-after-free in qca_nl80211_get_features()
Any data accessible from nla_data() is freed before the
send_and_recv_msgs() function returns, therefore we need to allocate
space for info.flags ourselves.

Signed-off-by: Paul Stewart <pstew@google.com>
2016-06-11 12:12:23 +03:00
Jouni Malinen
61854f16ec tests: GAS/ANQP query and Address 3 value selection
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-10 22:30:29 +03:00
Jouni Malinen
8359472589 hostapd Make GAS Address3 field selection behavior configurable
gas_address3=1 can now be used to force hostapd to use the IEEE 802.11
standards compliant Address 3 field value (Wildcard BSSID when not
associated) even if the GAS request uses non-compliant address (AP
BSSID).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-10 22:13:37 +03:00
Jouni Malinen
6996ff7b6d hostapd: Fix Public Action frame TX status processing for wildcard BSSID
Previously all TX status events with wildcard BSSID were ignored. This
did not allow Public Action frame TX status to be processed with the
corrected wildcard BSSID use. Fix this to be allowed. In practice, this
affects only test cases since Action frame TX status was not used for
anything else.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-10 21:44:49 +03:00
Jouni Malinen
78a3632765 hostapd: Fix Public Action frame addressing (BSSID field)
IEEE Std 802.11-2012, 10.19 (Public Action frame addressing) specifies
that the wildcard BSSID value is used in Public Action frames that are
transmitted to a STA that is not a member of the same BSS. hostapd used
to use the actual BSSID value for all such frames regardless of whether
the destination STA is a member of the BSS.

Fix this by using the wildcard BSSID in cases the destination STA is not
a member of the BSS. Leave group addressed case as-is (i.e., the actual
BSSID), since both values are accepted. No such frames are currently
used, though.

This version is still using the AP BSSID value in the Address 3 field
for GAS response frames when replying to a GAS request with AP BSSID
instead of Wildcard BSSID. This is left as a workaround to avoid
interoperability issues with deployed STA implementations that are still
using the non-compliant address and that might be unable to process the
standard compliant case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-10 21:44:49 +03:00
Jouni Malinen
c86bef2913 wpa_supplicant: Make GAS Address3 field selection behavior configurable
IEEE Std 802.11-2012, 10.19 (Public Action frame addressing) specifies
that the wildcard BSSID value is used in Public Action frames that are
transmitted to a STA that is not a member of the same BSS.
wpa_supplicant used to use the actual BSSID value for all such frames
regardless of whether the destination STA is a member of the BSS.

P2P does not follow this rule, so P2P Public Action frame construction
must not be changed. However, the cases using GAS/ANQP for non-P2P
purposes should follow the standard requirements.

Unfortunately, there are deployed AP implementations that do not reply
to a GAS request sent using the wildcard BSSID value. The previously
used behavior (Address3 = AP BSSID even when not associated) continues
to be the default, but the IEEE 802.11 standard compliant addressing
behavior can now be configured with gas_address3=1.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-10 21:44:49 +03:00
Jouni Malinen
739fd20cc3 tests: Mesh peering management protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-05 11:43:37 +03:00
Jouni Malinen
81d6e230e3 tests: Secure mesh network and PMKID mismatch
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-05 11:17:00 +03:00
Jouni Malinen
66bb7d97dd tests: Secure mesh network and missing MIC
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-05 01:20:28 +03:00
Jouni Malinen
98628b7f07 tests: Mesh and failure to derive random nonce
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-05 00:24:47 +03:00
Jouni Malinen
044d739bdd tests: Secure mesh network and PMKSA caching failing due to OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-05 00:20:06 +03:00
Jouni Malinen
e8739be842 tests: Mesh scan element parse error
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-05 00:13:40 +03:00
Jouni Malinen
699074d30c tests: Mesh network setup failing due to driver command failure
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-05 00:13:40 +03:00
Jouni Malinen
a5a187b0f4 nl80211: Add TEST_FAIL() to command generation and set_mode
This makes it easier to test error paths for failing driver command
cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-05 00:13:32 +03:00
Jouni Malinen
ee854ff679 mesh: Remove extra newline from the end of an error message
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-04 22:00:30 +03:00
Jouni Malinen
521a98a8f6 tests: Mesh and default beacon interval
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-04 21:47:22 +03:00
Jouni Malinen
ec87430ba1 tests: Extend coverage for mesh OOM testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-04 21:44:19 +03:00
Jouni Malinen
56d62fc3dd tests: Open mesh network on VHT 160 MHz channel
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-04 21:31:51 +03:00
Jouni Malinen
331f07742f mesh: Allow 160 MHz channel to be configured
This allows minimal testing with 160 MHz channel with country code ZA
that happens to be the only one with a non-DFS 160 MHz frequency. DFS
with mesh is not yet supported.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-04 21:30:51 +03:00
Jouni Malinen
92a515b869 nl80211: Update drv->assoc_freq on mesh join
This is needed to provide the correct frequency in SIGNAL_POLL command.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-04 21:30:18 +03:00
Jouni Malinen
2cf6341e64 tests: Mesh and invalid frequency configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-04 20:59:39 +03:00
Jouni Malinen
d2cc8bbbf6 mesh: Remove unreachable code
ssid->frequency cannot be 0 in wpa_supplicant_mesh_init() since
wpas_supplicant_join_mesh() rejects such a configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-04 20:59:25 +03:00
Jouni Malinen
a64476403d tests: Mesh and local failures
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-04 00:40:38 +03:00
Jouni Malinen
b0ec3d772a tests: Mesh and local SAE failures
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-04 00:30:49 +03:00
Jouni Malinen
f0ee4535d2 tests: Mesh with invalid SAE group configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-04 00:08:16 +03:00
Kanchanapally, Vidyullatha
cc9a2575ca nl80211: Use extended capabilities per interface type
This adds the necessary changes to support extraction and use of the
extended capabilities specified per interface type (a recent
cfg80211/nl80211 extension). If that information is available,
per-interface values will be used to override the global per-radio
value.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-31 21:35:54 +03:00
Jouni Malinen
c6edea0df6 Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2016-05-31.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-31 18:49:05 +03:00
Jouni Malinen
9a5160f5fb Report connection timeouts in CTRL-EVENT-ASSOC-REJECT
Add a new "timeout" argument to the event message if the nl80211 message
indicates that the connection failure is not due to an explicit AP
rejection message. This makes it easier for external programs to figure
out why the connection failed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-31 00:11:42 +03:00
Jouni Malinen
9ec916e9f4 tests: wpa_supplicant secure MESH and SAE group negotiation
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-30 21:15:30 +03:00
Jouni Malinen
dad0129227 mesh: Support simple SAE group negotiation case
This allows the simplest case of SAE group negotiation to occur by
selecting the next available group if the peer STA indicates the
previous one was not supported. This is not yet sufficient to cover all
cases, e.g., when both STAs need to change their groups, but at least
some cases are no covered.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-30 21:14:08 +03:00
Jouni Malinen
582841689f tests: Secure mesh network setup local failure
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-30 21:10:58 +03:00
Jouni Malinen
b4c738ec86 mesh: Fix error path handling for RSN (MGTK init)
wpa_deinit() got called twice if the random_get_bytes() fails to
generate the MGTK. This resulted in double-freeing the rsn->auth
pointer. Fix this by allowing mesh_rsn_auth_init() handle freeing for
all error cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-30 20:15:16 +03:00
Jouni Malinen
4d4cdc3bb2 tests: wpa_supplicant mesh scan results and OOM
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-30 20:03:32 +03:00
Jonathan Afek
d28cfc2a25 tests: Support P2P group interfaces in hwsim remote tests
Start using the wpa_supplicant remote UDP interface for the control and
monitor sockets for P2P group interfaces so that P2P tests would work on
real hardware. Also have the group requests and events show in the test
log with the hostname and the interface name of the group interface.

Signed-off-by: Jonathan Afek <jonathanx.afek@intel.com>
2016-05-30 17:56:43 +03:00
Jouni Malinen
f4b4ddfdd9 D-Bus: Remove unused wpas_dbus_signal_p2p_group_started() parameter
The ssid pointer was not used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-30 17:56:41 +03:00
Nishant Chaprana
4fe50bbc8e D-Bus: Indicate whether created group is persistent or not
This adds an extra parameter in GroupStarted signal to indicate whether
the created group is Persistent or not. It is similar to the
[PERSISTENT] tag which comes in P2P-GROUP-STARTED over the control
interface.

Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
2016-05-30 17:56:16 +03:00
Jouni Malinen
aa59370b34 tests: wpa_supplicant mesh with dynamic interface addition failing
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-30 01:50:09 +03:00
Jouni Malinen
62fc8e6a40 mesh: Fix MESH_INTERFACE_ADD error path cleanup
If wpa_supplicant_add_iface() fails, we need to remove the added netdev,
not the existing wpa_s instance.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-30 01:49:22 +03:00
Jouni Malinen
b15acadcfd tests: Mesh network setup failing due to OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-30 01:05:16 +03:00
Jouni Malinen
9c10be3f71 mesh: Fix error path handling in init OOM cases
hostapd deinit functions were not ready to handle a case where the data
structures were not fully initialized. Make these more robust to allow
wpa_supplicant mesh implementation to use the current deinit design in
OOM error cases without causing NULL pointer dereferences.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-30 01:05:16 +03:00
Jouni Malinen
8f5abdb874 tests: More coverage in ap_reassociation_to_same_bss
The extra wait forces the special reattach-scan case to be reached in
wpa_supplicant_scan().

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-28 23:28:15 +03:00
Jouni Malinen
3d53cd50ab tests: More coverage in wpas_ctrl_sched_scan_plans
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-28 23:00:42 +03:00
Jouni Malinen
7012e2589f Remove dead code from wpas_sched_scan_plans_set()
scan_plan->interval was checked against 0 twice; the latter case cannot
happen.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-28 22:54:00 +03:00