Commit graph

5478 commits

Author SHA1 Message Date
Jouni Malinen
66f4dd1550 hostapd: Fix couple of deinit path cases to clear pointers
This fixes some issues where dynamic interface enable/disable cycles
could end up trying to free resources twice and crash the process while
doing so.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 18:14:13 +03:00
Jouni Malinen
f18b7817ec nl80211: Print more debug info on management frame RX information
This can be useful in figuring out how drv->last_mgmt_freq gets set
to debug issues with P2P frames being sent on incorrect channel.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 17:42:00 +03:00
Jouni Malinen
9d507452dd tests: Clear global monitor interface on dump_monitor()
This avoids some issues with the global control interface socket
getting stuck with send buffer limit reached if test cases did not
use wait_global_event().

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 16:45:45 +03:00
Jouni Malinen
89286e91bf Re-open ctrl_iface socket on some failure cases as a workaround
If wpa_supplicant ctrl_iface clients are misbehaving and refusing to
read replies or event messages from wpa_supplicant, the single socket
used in wpa_supplicant to send messages can reach the maximum send
buffer limit. When that happens, no more responses to any client can be
sent. Work around this by closed and reopening the socket in case such a
failure state is detected. This is obviously not desirable since it
breaks existing connected sockets, but is needed to avoid leaving
wpa_supplicant completely unable to respond to any client. Cleaner fix
for this may require more considerable changes in the ctrl_iface design
to move to connection oriented design to allow each client to be handled
separately and unreachability to be detected more reliably.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 16:23:11 +03:00
Kyeyoon Park
3ca96df596 atheros: Compile fix for driver code not defining IEEE80211_APPIE_FRAME_WNM
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 14:44:16 +03:00
Jouni Malinen
762c92a444 OpenSSL: Split OCSP peer_cert/peer_issuer debug output into parts
This makes it clearer which certificate was missing.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 14:43:58 +03:00
Kyeyoon Park
f224cf05ab HS 2.0: Allow printf format parsing with language:name strings
This allows Hotspot 2.0 and Interworking strings that use language:name
string (e.g., venue_name) to be encoded using printf format to enter
special characters like newline.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 14:43:40 +03:00
Kyeyoon Park
913c19c6e5 Fix wpa_config_parse_string() to null terminate printf decoded values
printf_decode() fills in a binary buffer and returns the length of
the written data. This did not use null termination since initial
use cases used the output as a binary value. However, Hotspot 2.0
cred block values are also using this for parsing strings. Those
cases could end up without proper null termination depending on what
os_malloc() ends up getting as the memory buffer. Fix these and make
printf_decode() more convenient by forcing the output buffer to be
null terminated.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 14:43:24 +03:00
Jouni Malinen
04e533e249 Fix language string length validation in parse_lang_string()
The language string length needs to be validated to hit into the
three-octet lang field in struct hostapd_lang_string before copying
this. Invalid configuration entries in hostapd.conf could have resulted
in buffer overflow.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 14:42:39 +03:00
Jouni Malinen
742e715b31 Simplify ctrl_iface sendto() use
Prepare reply buffer first for all cases and then use a single sendto()
call instead of three calls depending on reply type. This allows simpler
error handling for control interface send operations.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-23 17:52:10 +03:00
Jouni Malinen
6668efda58 Clear frequency list on empty value
Allow current frequency list of be cleared with an empty string value.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-23 16:22:16 +03:00
Masashi Honma
1a9f24714e Make scan_freq field to be saved by save_config
Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2013-09-23 16:06:06 +03:00
Hardik Kantilal Patel
7ae1439a56 P2P: Prefer 20 MHz operating channels on 5 GHz band over 2.4 GHz
When no other user preference is specified, opt to use an operating
channel that allows 5 GHz band to be used rather than 2.4 GHz.
Previously, this was already done in practice for HT40 channels since no
such channel is enabled for P2P on 2.4 GHz. This commit extends this to
apply 5 GHz preference for 20 MHz channels as well.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-16 08:36:39 -07:00
Sunil Dutt
aa78cd338f Drop EAP packet with code 10 before EAPOL state machine processing
H3C WA2620i-AGN AP may send an EAP packet with an undefined EAP code
10 after successful EAP authentication which restarts the EAPOL
state machine. Drop such frames with this unrecognized code without
advancing the EAPOL supplicant or EAP peer state machines to avoid
interoperability issues with the AP.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-15 22:42:33 -07:00
Kamath Vinayak
3cc247a78f Use configured sched_scan interval for the PNO scan
The interval for the PNO scan did not use the configured sched_scan
interval. This commit addresses the same by using the configured value
or the default of 10 seconds if configuration parameter is not used.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-15 15:21:42 -07:00
Sunil Dutt
1380fcbd9f TDLS: Do not modify RNonce for an TPK M1 frame with same INonce
There is no point in updating the RNonce for every obtained TPK M1 frame
(e.g., retransmission due to timeout) with the same INonce (SNonce in
FTIE). Update RNonce only if a TPK M1 is received with a different
INonce (new TDLS session) to avoid issues with two setup exchanges
getting mixed and exchange failing due to mismatching nonces ("TDLS:
FTIE ANonce in TPK M3 does not match with FTIE ANonce used in TPK M2").

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-15 12:09:40 -07:00
Sunil Dutt
8a658f2bdf TDLS: Disable the created link on a failed TDLS handshake
Clear the peer information and disable the created link on a
failed TDLS setup negotiation. This is needed to avoid leaving
TDLS setup pending and to return to the AP path in case anything
goes wrong during the setup attempt.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-15 11:51:00 -07:00
Jouni Malinen
d047ae6278 WPS: Ignore PBC-to-PIN change from M1 to M2 as a workaround
Some APs may incorrectly change Device Password ID from PBC in M1 to
Default PIN in M2 even when they are ready to continue with PBC. This
behavior used to work with earlier implementation in wpa_supplicant, but
commit b4a17a6ea7 started validating this
as part of a change that is needed to support NFC configuration method.

While this kind of AP behavior is against the WSC specification and
there could be potential use cases for moving from PBC to PIN, e.g., in
case of PBC session overlap, it is justifiable to work around this issue
to avoid interoperability issues with deployed APs. There are no known
implementations of PBC-to-PIN change from M1 to M2, so this should not
reduce available functionality in practice.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-14 12:02:33 -07:00
Jouni Malinen
79986bf69e Print ctrl_iface sendto() failures into debug log
This makes it easier to debug issues with control interface operations
failing.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-14 11:25:31 -07:00
Jouni Malinen
eab2b50dc8 P2P: Cancel group formation timeout on client connection
It was possiblle for the group formation timeout to be left running even
after the P2P Client connected to the group if the WPS provisioning step
was not completed cleanly (e.g., due to WSC_Done not getting received
from the client). There is no need to remove the group in such case due
to the initial group formation timeout, so work around this by removing
that timeout on data connection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-14 11:25:10 -07:00
Jouni Malinen
00eb299396 P2P: Fix operation channel configuration update
There was already a CFG_CHANGED_P2P_OPER_CHANNEL handler function, but
this flag was not set when the p2p_oper_reg_class or p2p_oper_channel
parameters were changed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-14 11:24:56 -07:00
Vinay Krishna Eranna
b2b688d18d P2P: Fix crash when failed to create GO interface
wpa_supplicant crashes if driver configuration for AP mode interface
configuration fails after group negotiation. This is because of a
regression from commit 1075b29571 that
ends up freeing the wpa_s instance from within
wpa_supplicant_create_ap() without the caller knowing.

Fix this by using an eloop timeout to free remove the P2P group so that
wpa_supplicant_create_ap() and especially wpa_supplicant_associate()
callers do not need to know about interface getting possibly removed. In
addition, move the P2P specific code into p2p_supplicant.c where it
really belongs. This allows the already existing group formation timeout
to be used by reducing the timeout to zero.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-03 12:43:12 +03:00
Jouni Malinen
ea0e92eef5 tests: Check wpa_supplicant connection after reset
Some test runs have resulted in wpa_supplicant being unresponsive or
very slow on the control interface. Check for that type of issues as
part of the reset sequence that is done between each test case.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-03 12:13:25 +03:00
Jouni Malinen
61971697bb WPS NFC: Fix build without CONFIG_AP=y
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-03 11:27:24 +03:00
Jouni Malinen
e1ae5d743f SAE: Fix build without CONFIG_AP=y
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-03 11:25:29 +03:00
Jouni Malinen
813e7b364f P2P: Remove group from timeout on PSK failure
Avoid potential issues with removing a P2P group on PSK failure directly
from the wpa_supplicant_event() call since the caller (in driver_*.c)
may not be prepared for the interface disappearing at that point in
time.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-02 16:33:42 +03:00
Jouni Malinen
18b12b56c1 tests: Add a test case for invitation after client removal
test_persistent_group_invite_removed_client verifies that a client
that is removed from a group can rejoin based on new invitation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:53:03 +03:00
Jouni Malinen
2c914e2464 tests: Use a helper function for waiting session termination
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
451afb4fd3 tests: Add test cases for persistent P2P groups
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
672f3a72e4 tests: Extend test_autogo_2cli to test client removal
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
b162675fd9 tests: Add test cases for per-STA PSK in P2P group
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
5bf9a6c859 P2P: Add event messages for possible PSK failures on P2P groups
It is possible for the GO of a persistent group to change the PSK or
remove a client when per-client PSKs are used and this can happen
without the SSID changing (i.e., the group is still valid, but just not
for a specific client). If the client side of such persistent group ends
up trying to use an invalidated persistent group information, the
connection will fail in 4-way handshake. A new WPS provisioning step is
needed to recover from this.

Detect this type of case based on two 4-way handshake failures when
acting as a P2P client in a persistent group. A new
"P2P-PERSISTENT-PSK-FAIL id=<persistent group id>" event is used to
indicate when this happens. This makes it easier for upper layers to
remove the persistent group information with "REMOVE_NETWORK <persistent
group id>" if desired (e.g., based on user confirmation).

In addition to indicating the error cases for persistent groups, all
this type of PSK failures end up in the client removing the group with
the new reason=PSK_FAILURE information in the P2P-GROUP-REMOVED event.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
eac8dab87c P2P: Document per-client keys and p2p_remove_client
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
43c693c21a P2P: Do not store duplicate PSK entries for the same device
If a client joins a P2P group multiple times, replace the previous
per-client PSK entry instead of adding a new entry each time.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
f2c566027e P2P: Add a command for removing a client from all groups
The new control interface command P2P_REMOVE_CLIENT <P2P Device
Address|iface=Address> can now be used to remove the specified client
from all groups (ongoing and persistent) in which the local device is a
GO. This will remove any per-client PSK entries and deauthenticate the
device.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
01a57fe420 P2P: Maintain list of per-client PSKs for persistent groups
Record all generated per-client PSKs in the persistent group network
block and configure these for the GO Authenticator whenever re-starting
the persistent group. This completes per-client PSK support for
persistent groups.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
759fd76b7f P2P: Select PSK based on Device Address instead of Interface Address
When using per-device PSKs, select the PSK based on the P2P Device
Address of the connecting client if that client is a P2P Device. This
allows the P2P Interface Address to be changed between P2P group
connections which may happen especially when using persistent groups.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 11:30:26 +03:00
Jouni Malinen
94ddef3e72 P2P: Make peer's P2P Device Address available to authenticator
This can be used to implement per-device PSK selection based on the
peer's P2P Device Address instead of P2P Interface Address.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 11:05:19 +03:00
Jouni Malinen
52177fbb70 P2P: Store P2P Device Address in per-device PSK records
This makes the P2P Device Address of the Enrollee available with the PSK
records to allow P2P Device Address instead of P2P Interface Address to
be used for finding the correct PSK.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 10:47:34 +03:00
Jouni Malinen
05766ed8de P2P: Allow per-device PSK to be assigned
"wpa_cli p2p_set per_sta_psk <0/1>" can now be used to disable/enable
use of per-device PSKs in P2P groups. This is disabled by default.
When enabled, a default passphrase is still generated by the GO for
legacy stations, but all P2P and non-P2P devices using WPS will get
a unique PSK.

This gives more protection for the P2P group by preventing clients from
being able to derive the unicast keys used by other clients. This is
also a step towards allowing specific clients to be removed from a group
reliably without having to tear down the full group to do so.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 10:14:29 +03:00
Jouni Malinen
698e921b9e wpa_cli: Add tab completion for p2p_set field values
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-31 20:58:35 +03:00
Syed Asifful Dayyan Rafiuddeen
0b5fb86a24 P2P: Stop listen state when listen-only duration is over
Even after listen duration is over, P2P module remained in
P2P_LISTEN_ONLY state, which is blocking station mode scans. Fix this by
stopping P2P listen explicitly to update p2p_state to IDLE when listen
duration expires.

Signed-hostap: Syed Asifful Dayyan <syedd@broadcom.com>
2013-08-31 18:09:15 +03:00
Jouni Malinen
dd850f4a11 tests: Make test_autogo validate group removal event on client
Use test_autogo to verify that P2P client is able to notice explicit
group session termination message from the GO. This would have caught
the regression in processing P2P deauthentication notifications.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-31 17:59:16 +03:00
Jouni Malinen
02a3e5c0d1 wpa_cli: Allow first DISCONNECTED event to be reported
wpa_cli filters out extra DISCONNECTED events from action scripts. This
ended up filtering out the first real DISCONNECT event in case wpa_cli
was started when wpa_supplicant was in connected state. Change wpa_cli
to allow the first disconnection event to be reported to the action
script in such case.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-31 17:27:20 +03:00
Jouni Malinen
cdf8bfa434 Disallow WEP configuration in WPA network
Some drivers fail to work if WEP keys are configured in a WPA network.
To avoid potentially confusing error cases, reject hostapd configuration
that enables WPA and includes parameters that would imply that WEP keys
would be set.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-31 17:18:45 +03:00
Jouni Malinen
731ef436d1 D-Bus: Fix per-iface object unregistration on not existing objects
If the private data for an object is not found, do not try to unregister
that object to avoid D-Bus errors.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-31 16:46:24 +03:00
Jouni Malinen
447969e034 D-Bus: Do not send network notification for all P2P groups
Previously, network added event was skipping during group formation.
However, this did not necessarily catch all cases of temporary P2P
network blocks. Check ssid->p2p_group to make this behavior more
consistent by avoiding all P2P groups.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-31 16:44:42 +03:00
Masashi Honma
eb32460029 Fix switching from EAP-SIM to EAP-AKA/AKA'
Switching EAP method from EAP-SIM to EAP-AKA fails.
wpa_cli commands are below.

------------------
sudo wpa_cli add_network
sudo wpa_cli set_network 0 ssid '"eap-sim"'
sudo wpa_cli set_network 0 key_mgmt WPA-EAP
sudo wpa_cli set_network 0 eap SIM
sudo wpa_cli set_network 0 pin '"1234"'
sudo wpa_cli set_network 0 pcsc '""'
sudo wpa_cli select_network 0

sudo wpa_cli disable_network 0
sudo wpa_cli disconnect
sudo wpa_cli remove_network 0

sudo wpa_cli add_network
sudo wpa_cli set_network 0 ssid '"eap-sim"'
sudo wpa_cli set_network 0 key_mgmt WPA-EAP
sudo wpa_cli set_network 0 eap AKA
sudo wpa_cli set_network 0 pin '"1234"'
sudo wpa_cli set_network 0 pcsc '""'
sudo wpa_cli select_network 0
------------------

Then EAP-AKA connection resulted in fail.
wpa_supplicant log is below.

------------------
wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 23 (AKA) selected
SCARD: Non-USIM card - cannot do UMTS auth
EAP-AKA: UMTS authentication failed (AUTN)
wlan0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
------------------

This occurs because on the first EAP-SIM authentication, the SIM/USIM
card in the device was recognized as SIM card even if it is USIM card.

So this patch changes it to recognize as USIM card even if EAP-SIM
authentication was required.

I have tested these switching cases.
EAP-SIM -> EAP-AKA
EAP-SIM -> EAP-AKA'
EAP-AKA -> EAP-SIM
EAP-AKA -> EAP-AKA'
EAP-AKA' -> EAP-SIM
EAP-AKA' -> EAP-AKA

Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2013-08-31 16:11:48 +03:00
Sreenath Sharma
f2b3f4de49 P2P: Allow P2P functionality to be disabled per interface
By default, P2P is initialized for all driver interfaces and this makes
P2P getting initialized for non-P2P station interface if the supplicant
is started first on this interface. If an interface is dedicated for
non-P2P station mode, it is now possible to disable P2P initialization
by adding 'p2p_disabled=1' in the configuration file of non-P2P station
interface, irrespective of the order in which supplicant is started.

Signed-hostap: Sreenath Sharma <sreenats@broadcom.com>
2013-08-31 11:59:05 +03:00
Jouni Malinen
846be88975 tests: Use longer timeout in test_ap_wps_er_add_enrollee
This is another one of the test cases that can time out frequently
under valgrind during WPS exchange. Increase the timeout to make
false error reports less likely to occur.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-31 11:54:23 +03:00