For now, there is no support for passing extended_capa pointers through
the driver_privsep.c interface from wpa_priv. Avoid leaving bogus
pointers by explicitly clearing these on both wpa_priv and
wpa_supplicant sides.
Signed-off-by: Jouni Malinen <j@w1.fi>
DSSS/CCK rate support in 40 MHz has to be set to 0 for 5 GHz band since
this mechanism is designed only for the 2.4 GHz band. Clear
HT_CAP_INFO_DSSS_CCK40MHZ in ht_capab when the configured mode is
neither 11b nor 11g.
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
This adds a new helper function wpa_ctrl_open2() that can be used
instead of wpa_ctrl_open() to override the default client socket
directory. Add optional -s<directory path> argument to hostapd_cli and
wpa_cli to allow the client socket directory to be specified.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
No need to have a common failure handler if it is used from only a
single location and that lcoation does not even need the memory freeing
step.
Signed-off-by: Jouni Malinen <j@w1.fi>
Previously, the EAP-WSC peer state machine ended up just ignoring an
error and waiting for a new message from the AP. This is not going to
recover the exchange, so simply force the connection to terminate
immediately.
Signed-off-by: Jouni Malinen <j@w1.fi>
The hbp pointer is moved to the next space already earlier in this code
path, so the while loop here did not really do anything.
Signed-off-by: Jouni Malinen <j@w1.fi>
It was possible for wpa_auth_sm_event(WPA_DEAUTH) to be called from
wpa_sm_step() iteration in the case the EAPOL authenticator state
machine ended up requesting the station to be disconnected. This
resulted in unnecessary recursive call to wpa_sm_step(). Avoid this by
using the already running call to process the state change.
It was possible to hit this sequence in the hwsim test case
ap_wpa2_eap_eke_server_oom.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Clearing keyRun here is not specified in IEEE Std 802.1X-2004, but it
looks like this would be logical thing to do here since the EAPOL-Key
exchange is not possible in this state. It is possible to get here on
disconnection event without advancing to the AUTHENTICATING state to
clear keyRun before the IEEE 802.11 RSN authenticator state machine runs
and that may advance from AUTHENTICATION2 to INITPMK if keyRun = TRUE
has been left from the last association. This can be avoided by clearing
keyRun here.
It was possible to hit this corner case in the hwsim test case
ap_wpa2_eap_eke_server_oom in the case getKey operation was forced to
fail memory allocation. The following association resulted in the
station getting disconnected when entering INITPMK without going through
EAP authentication.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows an empty nested list (i.e., no MAC addresses) to be included
in the NL80211_CMD_SET_MAC_ACL message unlike with
nla_nest_start()/nla_nest_end() where the current libnl implementation
removes the "empty" attribute and causes cfg80211 to reject the command.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
While the EAPOL-Key MIC derivation was already changed from SHA256 to
SHA384 for the Suite B 192-bit AKM, KDF had not been updated similarly.
Fix this by using HMAC-SHA384 instead of HMAC-SHA256 when deriving PTK
from PMK when using the Suite B 192-bit AKM.
Signed-off-by: Jouni Malinen <j@w1.fi>
Config file is written to a temp file and then it is renamed to the
original config file. However, it is possible that the rename operation
will be commited to storage while file data will be still in cache
causing original config file to be empty or partially written in case of
a system reboot without a clean shutdown. Make this less likely to occur
by forcing the data to be written to the storage device before renaming
the file.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Commit 7da4f4b499 ('WPS: Check maximum
HTTP body length earlier in the process') added too strict check for
body length allocation. The comparison of new_alloc_nbytes against
h->max_bytes did not take into account that HTTPREAD_BODYBUF_DELTA was
added to previous allocation even if that ended up going beyond
h->max_bytes. This ended up rejecting some valid HTTP operations, e.g.,
when checking AP response to WPS ER setting selected registrar.
Fix this by taking HTTPREAD_BODYBUF_DELTA into account.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commit de2a7b796d ('OpenSSL: Use
connection certificate chain with PKCS#12 extra certs') added a new
mechanism for doing this with OpenSSL 1.0.2 and newer. However, it did
not poinr out anything in debug log if SSL_add1_chain_cert() failed. Add
such a debug print and also silence static analyzer warning on res being
stored without being read (since the error case is ignored at least for
now).
Signed-off-by: Jouni Malinen <j@w1.fi>
This can be used to limit TLS session resumption within a TLS library
implementation to apply only for the cases where the same EAP method is
used. While the EAP server method matching will be enforced separately
by EAP server method implementations, this additional steps can optimize
cases by falling back to full authentication instead of having to reject
attempts after having completed session resumption successfully.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new tls_connection_set_success_data(),
tls_connection_set_success_data_resumed(),
tls_connection_get_success_data(), and tls_connection_remove_session()
functions can be used to mark cached sessions valid and to remove
invalid cached sessions. This commit is only adding empty functions. The
actual functionality will be implemented in followup commits.
Signed-off-by: Jouni Malinen <j@w1.fi>
This new hostapd configuration parameter can be used to enable TLS
session resumption. This commit adds the configuration parameter through
the configuration system and RADIUS/EAPOL/EAP server components. The
actual changes to enable session caching will be addressed in followup
commits.
Signed-off-by: Jouni Malinen <j@w1.fi>
The EAP server is not yet capable of using TLS session ticket to resume
a session. Explicitly disable use of TLS session ticket with
EAP-TLS/TTLS/PEAP to avoid wasting resources on generating a session
ticket that cannot be used for anything.
Signed-off-by: Jouni Malinen <j@w1.fi>
BoringSSL does not support 192-bit AES, so these parts of the
wpa_supplicant module tests would fail.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is needed at least with BoringSSL to avoid accepting OCSP-required
configuration with a TLS library that does not support OCSP stapling.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Unlike OpenSSL PKCS12_parse(), the BoringSSL version seems to require
the password pointer to be non-NULL even if no password is present. Map
passwrd == NULL to passwd = "" to avoid a NULL pointer dereference
within BoringSSL.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
BoringSSL commit 533ef7304d9b48aad38805f1997031a0a034d7fe ('Remove
SSL_clear calls in handshake functions.') triggered a regression for
EAP-TLS/TTLS/PEAP session resumption in wpa_supplicant due to the
removed SSL_clear() call in ssl3_connect() going away and wpa_supplicant
not calling SSL_clear() after SSL_shutdown(). Fix this by adding the
SSL_clear() call into wpa_supplicant after SSL_shutdown() when preparing
the ssl instance for another connection.
While OpenSSL is still call SSL_clear() in ssl3_connect(), it looks to
be safe to add this call to wpa_supplicant unconditionally.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This function does not seem to be available in BoringSSL. Since it is
needed for EAP-FAST (which is not currently working with BoringSSL),
address this by commenting out the EAP-FAST specific step from builds
that do not include EAP-FAST support.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It looks like BoringSSL does include that function even though it claims
support for OPENSSL_VERSION_NUMBER where this is available (1.0.2). For
now, comment out that call to fix build.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It looks like BoringSSL has removed the AES_wrap_key(), AES_unwrap_key()
API. This broke wpa_supplicant/hostapd build since those functions from
OpenSSL were used to replace the internal AES key wrap implementation.
Add a new build configuration option
(CONFIG_OPENSSL_INTERNAL_AES_WRAP=y) to allow the internal
implementation to be used with CONFIG_OPENSSL=y build to allow build
against the latest BoringSSL version.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 6959145b86 ('FST: Integration into
hostapd') introduced this duplicated call due to an incorrect merge
conflict resolution in ap_sta_set_authorized(). An earlier commit
61fc90483f ('P2P: Handle improper WPS
termination on GO during group formation') had moved this call to an
earlier location in the function and there is no point in re-introducing
another copy of the call at the end of the function.
Signed-off-by: Jouni Malinen <j@w1.fi>
Couple of the for-each-interface loops used incorrect return value when
skipping over non-WPS interfaces. This could result in skipping some WPS
interfaces in the loop and returning error. Setting AP PIN did not check
for WPS being enabled at all and trigger a NULL pointer dereference if
non-WPS interface was enabled.
Signed-off-by: Jouni Malinen <j@w1.fi>
Incorrect number of bytes was skipped from the beginning of the line
which resulted in the loop skipping spaces doing nothing. However, the
following operation was simply looking for the max-age parameter with
os_strstr(), so this did not have any effect on functionality. Fix the
number of bytes to skip and remove the unneeded loop to skip spaces.
Signed-off-by: Jouni Malinen <j@w1.fi>
It was possible for the Hotspot 2.0 case of OSU user interaction to fail
with wpadebug browser due to permission denial in the "start" command
("java.lang.SecurityException: Permission Denial: startActivity asks to
run as user -2 but is calling from user 0; this requires
android.permission.INTERACT_ACROSS_USERS_FULL"). Avoid this by using
more flexible USER_CURRENT_OR_SELF (-3) value with the --user argument.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
cfg80211 sends TSF information with the attribute NL80211_BSS_BEACON_TSF
if the scan results include information from Beacon frame. Probe
Response frame information is included in NL80211_BSS_TSF. If the device
receives only Beacon frames, NL80211_BSS_TSF might not carry updated
TSF, which results an older TSF being used in wpa_supplicant. Fetch both
possible TSF values (if available) and choose the latest TSF for the BSS
entry.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
When using P2P invitation to re-invoke a persistent P2P group without
specifying the operating channel, query the driver for the preferred
frequency list, and use it to select the operating channel of the group.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen