Commit 986de33d5c ('Convert remaining SSID
routines from char* to u8*') started using wpa_ssid_txt() to print out
the SSID for the Called-Station-Id attribute in RADIUS messages. This
was further modified by commit 6bc1f95613
('Use printf escaping in SSID-to-printable-string conversion') to use
printf escaping (though, even without this, wpa_ssid_txt() would have
masked characters).
This is not desired for Called-Station-Id attribute. While it is defined
as a "String", RFC 2865 indicates that "a robust implementation SHOULD
support the field as undistinguished octets.".
Copy the SSID as an array of arbitrary octets into Called-Station-Id to
avoid any kind of masking or escaping behavior. This goes a step further
from the initial implementation by allowing even the possible (but
unlikely in practical use cases) 0x00 octet in the middle of an SSID.
Signed-off-by: Jouni Malinen <j@w1.fi>
This extends multi-OCSP support to verify status for intermediate CAs in
the server certificate chain.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
ocsp=3 extends ocsp=2 by require all not-trusted certificates in the
server certificate chain to receive a good OCSP status. This requires
support for ocsp_multi (RFC 6961). This commit is only adding the
configuration value, but all the currently included TLS library wrappers
are rejecting this as unsupported for now.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds a minimal support for using status_request_v2 extension and
ocsp_multi format (OCSPResponseList instead of OCSPResponse) for
CertificateStatus. This commit does not yet extend use of OCSP stapling
to validate the intermediate CA certificates.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows hostapd with the internal TLS server implementation to
support the extended OCSP stapling mechanism with multiple responses
(ocsp_stapling_response_multi).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds a new hostapd configuration parameter
ocsp_stapling_response_multi that can be used similarly to the existing
ocsp_stapling_response, but for the purpose of providing multiple cached
OCSP responses. This commit adds only the configuration parameter, but
does not yet add support for this mechanism with any of the supported
TLS implementations.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds support for hostapd-as-authentication-server to be build with
the internal TLS implementation and OCSP stapling server side support.
This is more or less identical to the design used with OpenSSL, i.e.,
the cached response is read from the ocsp_stapling_response=<file> and
sent as a response if the client requests it during the TLS handshake.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is needed for number of EAP test cases at least when using the
internal TLS server implementation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds support for hostapd-as-authentication-server to be build
against GnuTLS with OCSP stapling server side support. This is more or
less identical to the design used with OpenSSL, i.e., the cached
response is read from the ocsp_stapling_response=<file> and sent as a
response if the client requests it during the TLS handshake.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This message is sent at MSG_INFO level and it is supposed to go out even
even debug messages were to be removed from the build. As such, use
wpa_msg() instead of wpa_dbg() for it.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This error case in own buffer lengths being too short was not handled
properly. While this should not really happen since the wpabuf
allocation is made large for the fixed cases that are currently
supported, better make eap_eke_prot() safer if this functionally ever
gets extended with a longer buffer need.
Signed-off-by: Jouni Malinen <j@w1.fi>
The minimum comeback delay 1 is used to indicate that fragmentation is
needed instead of indicating that the response is going to be available
only after some time. Do not cancel offchannel wait for this case
between the initial and comeback exchanges to avoid delaying the full
operation unnecessarily.
Signed-off-by: Jouni Malinen <j@w1.fi>
Since wpa_supplicant is now retrying GAS comeback failures once, the
gas_anqp_oom_hapd test case started failing. Fix this by updating the
test case to expect success (on the retry).
Signed-off-by: Jouni Malinen <j@w1.fi>
It is possible for a comeback response to get lost especially when going
through a large GAS exchange fragmented to multiple frames in an
environment with interference or other traffic. Make this less likely to
fail the full exchange by trying full GAS query again and using longer
wait time on the GAS comeback exchanges.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is in preparation of a wpa_supplicant change to allow GAS retries
which can result in the previous test case design showing failures due
to "unexpected" management frames (GAS Initial Request from the retry).
Signed-off-by: Jouni Malinen <j@w1.fi>
Previously, the five second timeout was added at the beginning of the
full GAS query and it was not replenished during fragmented exchanges.
This could result in timing out a query if it takes significant time to
go through the possibly multiple fragments and long comeback delay.
Signed-off-by: Jouni Malinen <j@w1.fi>
When exchanging GAS frames with the AP, the initial response from the AP
may take a while to come, since the AP may need to fetch the info from a
server. The next fragments/comeback response frames should take much
less time since the AP already has all of the info, so the wait time
for these frames can be reduced.
In addition, some drivers, e.g., mac80211, try to combine ROC based flows,
to improve medium utilization. For example, if the requested ROC fits
entirely in a previous requested ROC they can be combined. Thus, reducing
the wait time for the next frames can improve medium utilization.
Shorten the duration of GAS comeback to improve medium utilization and
overall GAS exchange times.
Signed-off-by: Matti Gottlieb <matti.gottlieb@intel.com>
Commit 2c0d0ae370 ('GAS: End
remain-on-channel due to delayed GAS comeback request') started ending
the remain-on-channel operation between the initial request and the
following comeback request. However, it did not check or update the
offchannel_tx_started variable. While this alone would not necessarily
be problematic, this makes it more difficult to optimize wait time for
offchannel TX operations, so make sure the internal tracking variable
gets updated.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds some more test coverage for phase1 parameters that had not
previously been included in any of the test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Instead of using default list of methods, reject a configuration with an
unsupported EAP method at the time the main TLS method is being
initialized.
Signed-off-by: Jouni Malinen <j@w1.fi>
Such a pending frame cannot be valid anymore, so drop it instead of
risking of using an unexpected EAPOL frame after association if a
previous association received one at the end and the new association can
happen within 100 ms.
Signed-off-by: Jouni Malinen <j@w1.fi>
These test cases were supposed to clear the cfg80211 and wpa_supplicant
scan caches in the end to avoid causing issues to the following test
cases. This did not work properly after introduction of the support for
aborting a pending scan. Fix this by using the flush_scan_cache()
function and waiting within the test case until the final scan operation
completes.
This issue was triggered by ssid_hidden/ssid_hidden2 followed by
ext_password_interworking (though, not every time).
Signed-off-by: Jouni Malinen <j@w1.fi>
When AES-WRAP was used to protect the EAPOL-Key Key Data field, this was
decrypted using a temporary heap buffer with aes_unwrap(). That buffer
was not explicitly cleared, so it was possible for the group keys to
remain in memory unnecessarily until the allocated area was reused.
Clean this up by clearing the temporary allocation explicitly before
freeing it.
Signed-off-by: Jouni Malinen <j@w1.fi>
IPMK and CMK are derived from TK when using TLS session resumption with
PEAPv0 crypto binding. The EAP-PEAP peer implementation already
supported this, but the server side did not.
Signed-off-by: Jouni Malinen <j@w1.fi>
eap_peap_parse_phase1() returned 0 unconditionally, so there was no need
for that return value or the code path that tried to address the error
case.
Signed-off-by: Jouni Malinen <j@w1.fi>
