Commit graph

10235 commits

Author SHA1 Message Date
Nick Kralevich
d447cd596f Updates for stricter automatic memcpy bounds checking
Both Android's libc and glibc support _FORTIFY_SOURCE, a compiler
and libc feature which inserts automatic bounds checking into
common C functions such as memcpy() and strcpy(). If a buffer
overflow occurs when calling a hardened libc function, the
automatic bounds checking will safely shutdown the program and
prevent memory corruption.

Android is experimenting with _FORTIFY_SOURCE=3, a new fortify
level which enhances memcpy() to prevent overflowing an element
of a struct. Under the enhancements, code such as

  struct foo {
    char empty[0];
    char one[1];
    char a[10];
    char b[10];
  };

  int main() {
    foo myfoo;
    int n = atoi("11");
    memcpy(myfoo.a, "01234567890123456789", n);
    return 0;
  }

will cleanly crash when the memcpy() call is made.

Fixup hostap code to support the new level. Specifically:

* Fixup sha1_transform so it works with the enhanced bounds checking.
The old memcpy() code was attempting to write to context.h0, but that
structure element is too small and the write was extending (by design)
into h1, h2, h3, and h4. Use explicit assignments instead of
overflowing the struct element.

* Modify most of the structures in ieee802_11_defs.h to use ISO C99
flexible array members (https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html)
instead of a zero length array. Zero length arrays have zero length,
and any attempt to call memcpy() on such elements will always overflow.
Flexible array members have no such limitation. The only element not
adjusted is probe_req, since doing so will generate a compile time error,
and it's not obvious to me how to fix it.

Signed-off-by: Nick Kralevich <nnk@google.com>
2015-04-13 14:01:40 +03:00
Jouni Malinen
60eb9e173e AP: Enable multicast snooping on bridge if ProxyARP IPv6 is in use
This is needed to allow correct ProxyARP behavior for IPv6.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-13 14:00:32 +03:00
Jouni Malinen
b79911853f Fix CONFIG_AP=y build without CONFIG_CTRL_IFACE
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-04 11:56:53 +03:00
Jouni Malinen
954f03aab2 Fix compilation issues with CONFIG_NO_CONFIG_WRITE=y
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-04 11:52:03 +03:00
Jouni Malinen
138bf11852 tests: INTERFACE_ADD/REMOVE with vif without creation/removal
This is also a regression test for INTERFACE_ADD parsing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-04 11:02:22 +03:00
Ben Greear
da3db6812d Fix INTERFACE_ADD parsing
This fixes a regression caused by commit
efa232f915 ('Add support for virtual
interface creation/deletion') for the case where an empty extra argument
is included.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-04-04 11:02:04 +03:00
Jouni Malinen
6812782462 hlr_auc_gw: Allow Milenage RES length to be reduced
Some USIM use shorter RES length than the 64-bit default from Milenage.
Such cases did not interoperate with the hlr_auc_gw implementation. Make
it possible to configure the RES length 4..8 octets, i.e., 32 to 64
bits) to support such USIM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-03 12:44:03 +03:00
Ola Olsson
4839f7c768 wpa_cli: Fix a typo in usage text
Signed-off-by: Ola Olsson <ola.olsson@sonymobile.com>
2015-04-03 11:34:51 +03:00
Jason Abele
a20a3616cd wpa_supplicant: Clear blacklist on connect
It has been noticed that the band steering/load balancing of some
multi-AP networks will lead to an ever-growing list of blacklisted
BSSIDs. This eventually leads to a connection drop when the connection
is pushed to a distant AP.

Fix this issue by clearing the blacklist upon successful connect.

Signed-off-by: Jason Abele <jason@aether.com>
2015-04-03 10:51:36 +03:00
Mark Salyzyn
0144ecb8c8 Android: wpa_ctrl missing include for sys/stat.h
wpa_ctrl.c gets sys/stat.h inherited from
private/android_filesystem_config.h it should
not rely on this in the future. The intent is
to move fs_config function into libcutils and
thus deprecate any need for sys/stat.h in this
include file.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2015-04-03 10:47:36 +03:00
Ben Greear
0bb20efcd0 HS 2.0R2: Allow user to specify spp.xsd file location
Allow user to specify the path to the spp.xsd file for hs20-osu-client
instead of requiring this to be spp.xsd in the current working
directory.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-04-01 20:33:28 +03:00
Ben Greear
97c9991c5b HS 2.0R2: Add more debugging messages to hs20-osu-client
Helps to figure out why some errors happen.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-04-01 20:33:25 +03:00
Ben Greear
93c2e60b36 HS 2.0R2 CA: Improve setup.sh and .conf for more flexibility
This gives more flexibility when generating keys so that users do not
have to edit files to generate their own specific keys.

Update HS 2.0 OSU server notes as well.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-04-01 20:33:23 +03:00
Dmitry Shmidt
02e122a995 Reschedule scan from wpas_stop_pno if it was postponed
This reschedules the postponed scan request (if such a request is
pending) from EVENT_SCHED_SCAN_STOPPED event handler to speed up
scanning after PNO/sched_scan stop has been requested.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2015-04-01 18:21:36 +03:00
Jouni Malinen
80fd9c3576 EAP-PEAP server: Add support for negotiating vendor for Phase 2
This is a step towards enabling support of expanded EAP header in Phase
2.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-01 12:57:11 +03:00
Jouni Malinen
a867082cb8 EAP peer: Use 32-bit EAP method type for Phase 2 processing
This is a step towards enabling expanded EAP header within Phase 2 EAP
methods.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-01 12:57:11 +03:00
Jouni Malinen
febf575200 tests: EAP-TTLS with TLS session ticket enabled
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-01 12:57:11 +03:00
Jouni Malinen
56dfc4939d Fix a typo in configuration parameter documentation
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-01 12:57:11 +03:00
Jouni Malinen
c4b45c60ad TLS: Fix memory leaks on tls_connection_set_params() error paths
The internal TLS implementation started rejecting number of unsupported
configuration parameters recently, but those new error paths did not
free the allocated tlsv1_credentials buffer.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-01 12:57:11 +03:00
Jouni Malinen
af851914f8 Make tls_connection_get_keyblock_size() internal to tls_*.c
This function exposes internal state of the TLS negotiated parameters
for the sole purpose of being able to implement PRF for EAP-FAST. Since
tls_connection_prf() is now taking care of all TLS-based key derivation
cases, it is cleaner to keep this detail internal to each tls_*.c
wrapper implementation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-01 12:56:54 +03:00
Jouni Malinen
94f1fe6f63 Remove master key extraction from tls_connection_get_keys()
This is not needed anymore with the tls_connection_prf() being used to
handle all key derivation needs. tls_connection_get_keys() is a bit
misnamed for now, but it is only used to fetch the client and server
random for Session-Id derivation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-31 15:52:40 +03:00
Jouni Malinen
fa0e715100 Use tls_connection_prf() for all EAP TLS-based key derivation
tls_openssl.c is the only remaining TLS/crypto wrapper that needs the
internal PRF implementation for EAP-FAST (since
SSL_export_keying_material() is not available in older versions and does
not support server-random-before-client case). As such, it is cleaner to
assume that TLS libraries support tls_connection_prf() and move the
additional support code for the otherwise unsupported cases into
tls_openssl.c.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-31 15:47:32 +03:00
Jouni Malinen
df8191d0b8 Rename HT 20/40 coex variable to be more descriptive
is_ht_allowed is a confusing name since this variable is used to track
whether 40 MHz channel bandwidth is allowed instead of whether HT is
allowed in general.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-30 12:59:43 +03:00
Jouni Malinen
1d0f42a073 EAP server: Add debug prints to help asleap testing
This adds hexdumps of MSCHAP/MSCHAPv2 Challenge and Response in format
used by asleap. This is only enabled for CONFIG_TESTING_OPTIONS=y
builds.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 22:49:16 +03:00
Jouni Malinen
2c1cf90376 Add wpa_snprintf_hex_sep()
This can be used to print a hexdump with the specified separator between
octets.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 22:27:43 +03:00
Jouni Malinen
5955cfaacd ms_funcs: Make challenge_hash() non-static
This function can be of use outside ms_funcs.c.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 22:27:00 +03:00
Jouni Malinen
0d33f5040f tests: EAP-PEAP/MSCHAPv2 with domain name
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 22:06:06 +03:00
Avraham Stern
989e784601 P2P: Optimize scan frequencies list when re-joining a persistent group
When starting a P2P client to re-join a persistent group
(P2P_GROUP_ADD persistent=<id>), it is possible that the P2P GO was
already found in previous scans. Try to get the P2P GO operating
frequency from the scan results list so wpa_supplicant will initially
scan only the P2P GO known operating frequency.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-03-29 20:52:09 +03:00
Eliad Peller
154a1d5f7f hostapd: Fix some compilation errors
If NEED_AP_MLME=y is not defined, compilation might
fail under some configurations:

src/ap/drv_callbacks.c:594:2: warning: implicit declaration of
function ‘hostapd_acs_completed’ [-Wimplicit-function-declaration]

src/ap/sta_info.c:253: undefined reference to `sae_clear_retransmit_timer'

Fix these errors by adding the missing hostapd_acs_completed() stub,
and defining NEED_AP_MLME in case of CONFIG_SAE.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2015-03-29 20:51:14 +03:00
Lauri Hintsala
ce18c10773 Add support for CONFIG_NO_ROAMING to Makefile
Commit e9af53ad39 introduced new
CONFIG_NO_ROAMING configuration parameter but unfortunately it was added
only to Android.mk. Enabling this parameter didn't have any effect when
Makefile was used to build wpa_supplicant. This commit fixes that problem
and cleans "unused variable" compiler warning.

Signed-off-by: Lauri Hintsala <lauri.hintsala@silabs.com>
2015-03-29 20:37:39 +03:00
Jouni Malinen
65a7b21f5e OpenSSL: Implement AES-128 CBC using EVP API
This replaces the internal CBC mode implementation in
aes_128_cbc_encrypt() and aes_128_cbc_decrypt() with the OpenSSL
implementation for CONFIG_TLS=openssl builds.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 20:30:58 +03:00
Jouni Malinen
22ba05c09e Explicitly clear temporary stack buffers in tls_prf_sha1_md5()
The local buffers may contain information used to generate parts of the
derived key, so clear these explicitly to minimize amount of unnecessary
private key-related material in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 16:43:03 +03:00
Jouni Malinen
940a4dbf66 Explicitly clear temporary stack buffer in sha1_t_prf()
The local hash[] buffer may contain parts of the derived key, so clear
it explicitly to minimize number of unnecessary copies of key material
in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 16:40:55 +03:00
Jouni Malinen
eccca102bf Explicitly clear temporary stack buffer in hmac_sha256_kdf()
The local T[] buffer may contain parts of the derived key, so clear it
explicitly to minimize number of unnecessary copies of key material in
memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 16:38:37 +03:00
Jouni Malinen
e8e365def6 wext: Add support for renamed Host AP driver ifname
Previous workaround for WEXT events from the Host AP driver required
wlan# and wifi# interfaces to have fixed names with the same number.
While that used to be the common case ten years ago, it is less common
nowadays. Extend this to use sysfs (if available) to figure out the
wifi# interface name if the specified interface is detected to be using
the Host AP driver.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 11:42:02 +03:00
Ben Greear
fc48d33b0d Improve error messages related to EAP DB
Add SQLite error message and DB name to the DB related errors. Add
enough tracing so that users can know exactly where users are failing to
be found.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-03-28 13:16:26 +02:00
Ben Greear
c469d6228d Error out if user configures SQLite DB without CONFIG_SQLITE
This should make it more obvious to users that they have a fatal
configuration problem in hostapd authentication server.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-03-28 13:11:05 +02:00
Ben Greear
270427ea3f HS 2.0R2: Add more logging for hs20-osu-client icon matching
Add some more verbose logging, and make sure logging
messages are unique for easier debugging.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-03-28 13:07:37 +02:00
Ben Greear
8e31cd2cf6 OSU server: Improve logging for SPP schema validation failures
Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-03-28 11:25:32 +02:00
Ben Greear
23dd15a992 http-curl: Improve log messages
Helps to track down why some problems relating to certs can happen.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-03-28 11:23:16 +02:00
Ben Greear
e7d285ca5c OSU server: Print out signup ID if there is some problem with it
Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-03-28 11:15:47 +02:00
Ben Greear
1b4500670f HS 2.0R2: Remove unused argument identifier from hs20-osu-client
The command line option 'i' is not handled, so I assume it should
not be in the short-options list.

Fix missing word in error message as well.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-03-28 11:13:47 +02:00
Ben Greear
2e7a228878 HS 2.0R2: Allow custom libcurl linkage for hs20-osu-client
In case someone is compiling their own libcurl and wants to link it
statically, for instance, the new CUST_CURL_LINKAGE parameter can be
used to override the default -lcurl argument.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-03-28 11:11:33 +02:00
Jouni Malinen
53f4ed68ee tests: WPA2-PSK AP with passphrase only in memory
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-28 11:08:31 +02:00
Jouni Malinen
a52410c29f Allow PSK/passphrase to be set only when needed
The new network profile parameter mem_only_psk=1 can be used to specify
that the PSK/passphrase for that network is requested over the control
interface (ctrl_iface or D-Bus) similarly to the EAP network parameter
requests. The PSK/passphrase can then be configured temporarily in a way
that prevents it from getting stored to the configuration file.

For example:

Event:
CTRL-REQ-PSK_PASSPHRASE-0:PSK or passphrase needed for SSID test-wpa2-psk

Response:
CTRL-RSP-PSK_PASSPHRASE-0:"qwertyuiop"

Note: The response value uses the same encoding as the psk network
profile parameter, i.e., passphrase is within double quotation marks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-28 11:05:13 +02:00
Jouni Malinen
b898a6ee72 tests: WPA2-Enterprise connection using EAP-pwd and NTHash
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-28 09:45:25 +02:00
Jouni Malinen
3e808b831c EAP-pwd peer: Add support for hashed password
This extends EAP-pwd peer support to allow NtHash version of password
storage in addition to full plaintext password. In addition, this allows
the server to request hashed version even if the plaintext password is
available on the client. Furthermore, unsupported password preparation
requests are now rejected rather than allowing the authentication
attempt to continue.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-28 09:43:33 +02:00
Jouni Malinen
e4840b381c EAP-pwd server: Add support for hashed password
This extends EAP-pwd server support to allow NtHash version of password
storage in addition to full plaintext password.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-28 09:42:31 +02:00
Jouni Malinen
2bd2ed2006 EAP-pwd: Mark helper function arguments const when appropriate
These variables are not modified during PWE or key computation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-28 09:34:30 +02:00
Mikael Kanstrup
9ccc10f56e wpa_cli: Use tab as only word separator for networks
White space is a valid SSID character so completion routine for
networks should only use tab as word separator.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
2015-03-27 15:31:38 +02:00