Commit graph

16195 commits

Author SHA1 Message Date
Jouni Malinen
78c1cb8868 tests: OWE transition mode BSSID mismatches
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 21:43:41 +03:00
Jouni Malinen
fcef598ea2 Do not try to connect with zero-length SSID
It was possible to find a BSS to local network profile match for a BSS
entry that has no known SSID when going through some of the SSID
wildcard cases. At leas the OWE transition mode case without BSSID match
could result in hitting this. Zero-length SSID (i.e., wildcard SSID) is
not valid in (Re)Association Request frame, so such an association will
fail. Skip such a BSS to avoid known-to-be-failing association attempts.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 21:40:56 +03:00
Jouni Malinen
9a0807ce36 tests: sigma_dut controlled AP using SAE-PK misbehavior
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 20:00:14 +03:00
Jouni Malinen
5a8b366233 tests: Make SAE-PK test cases more robust
Clear scan results explicitly in test cases that check BSS entry flags
to avoid incorrect failures based on results from earlier test cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 17:48:57 +03:00
Jouni Malinen
85aac526af WPS UPnP: Handle HTTP initiation failures for events more properly
While it is appropriate to try to retransmit the event to another
callback URL on a failure to initiate the HTTP client connection, there
is no point in trying the exact same operation multiple times in a row.
Replve the event_retry() calls with event_addr_failure() for these cases
to avoid busy loops trying to repeat the same failing operation.

These potential busy loops would go through eloop callbacks, so the
process is not completely stuck on handling them, but unnecessary CPU
would be used to process the continues retries that will keep failing
for the same reason.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 17:14:45 +03:00
Jouni Malinen
f7d268864a WPS UPnP: Fix event message generation using a long URL path
More than about 700 character URL ended up overflowing the wpabuf used
for building the event notification and this resulted in the wpabuf
buffer overflow checks terminating the hostapd process. Fix this by
allocating the buffer to be large enough to contain the full URL path.
However, since that around 700 character limit has been the practical
limit for more than ten years, start explicitly enforcing that as the
limit or the callback URLs since any longer ones had not worked before
and there is no need to enable them now either.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 17:12:20 +03:00
Jouni Malinen
5b78c8f961 WPS UPnP: Do not allow event subscriptions with URLs to other networks
The UPnP Device Architecture 2.0 specification errata ("UDA errata
16-04-2020.docx") addresses a problem with notifications being allowed
to go out to other domains by disallowing such cases. Do such filtering
for the notification callback URLs to avoid undesired connections to
external networks based on subscriptions that any device in the local
network could request when WPS support for external registrars is
enabled (the upnp_iface parameter in hostapd configuration).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 17:12:20 +03:00
Jouni Malinen
e30dcda3b1 SAE-PK: Fix FILS Public Key element Key Type for ECDSA
Use value 2 to point to RFC 5480 which describes the explicit
indicatiotion of the public key being in compressed form.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 17:11:06 +03:00
Jouni Malinen
4c3fbb2346 SAE-PK: Check minimum password length more accurate
Get the Sec value from the password to check the minimum length based on
the used Sec.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 17:11:06 +03:00
Jouni Malinen
43a191b890 tests: Remove too short SAE-PK passwords
This is in preparation of implementation changes to check SAE-PK
password length more accurately based on the Sec value.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 17:11:06 +03:00
Jouni Malinen
232705e3c4 tests: SAE-PK AP misbehavior
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 15:21:18 +03:00
Jouni Malinen
4ff0df39eb SAE-PK: Testing functionality to allow behavior overrides
The new sae_commit_status and sae_pk_omit configuration parameters and
an extra key at the end of sae_password pk argument can be used to
override SAE-PK behavior for testing purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 15:21:18 +03:00
Jouni Malinen
3a6e674adf tests: sigma_dut controlled AP and transition disabled indication change
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 17:07:57 +03:00
Jouni Malinen
0c4ffce464 Allow transition_disable updates during the lifetime of a BSS
This is mainly for testing purposes to allow more convenient checking of
station behavior when a transition mode is disabled.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 17:06:52 +03:00
Jouni Malinen
6d72833236 tests: SAE-PK mixed deployment
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 16:50:09 +03:00
Jouni Malinen
5f48d36b4a SAE-PK: Select SAE-PK network over SAE without PK
If there is an acceptable BSS with SAE-PK enabled in the same ESS,
select that over a BSS that does not enable SAE-PK when the network
profile uses automatic SAE-PK selection.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 16:49:07 +03:00
Jouni Malinen
d654ca24de Clean up wpa_scan_res_match()
Move the BSS-against-SSID matching into a separate helper function to
make this overly long function a bit more readable and to allow that
helper function to be used for other purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 16:30:32 +03:00
Jouni Malinen
0f2d5867e3 tests: SAE-PK password, but no PK on AP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 12:04:14 +03:00
Jouni Malinen
f179475bf7 tests: Share a single definition of SAE-PK Sec=2 values
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 12:01:52 +03:00
Jouni Malinen
5ee94a997e tests: Replace sae_pk_only with sae_pk to match implementation
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 11:55:16 +03:00
Jouni Malinen
9ad010c290 SAE-PK: Allow automatic SAE-PK to be disabled
This replaces the previously used sae_pk_only configuration parameter
with a more generic sae_pk that can be used to specify how SAE-PK is
negotiated. The default behavior (sae_pk=0) is to automatically
negotiate SAE-PK whenever the AP supports it and the password is in
appropriate format. sae_pk=1 allows only SAE-PK to be used and sae_pk=2
disables SAE-PK completely.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-07 11:55:16 +03:00
Purushottam Kushwaha
85ca13ebcf wpa_cli: Add all_bss command to print all scan results (BSS entries)
The wpa_supplicant control interface returns maximum of 4 kB of response
data and, thus, limits maximum number of scan entries as part of
SCAN_RESULTS to approximately 60. Add a new all_bss command to use a
more robust iteration of the BSS table entries with the BSS command to
to get all scan entries and print them in the same format as the
scan_results command.

Signed-off-by: Purushottam Kushwaha <pkushwah@codeaurora.org>
2020-06-06 17:07:24 +03:00
Jouni Malinen
f38146e559 tests: PMKSA cache control interface for external management (FT)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 16:48:57 +03:00
Jouni Malinen
215b4d8a72 FT: Do not add PMKID to the driver for FT-EAP if caching is disabled
wpa_supplicant disables PMKSA caching with FT-EAP by default due to
known interoperability issues with APs. This is allowed only if the
network profile is explicitly enabling caching with
ft_eap_pmksa_caching=1. However, the PMKID for such PMKSA cache entries
was still being configured to the driver and it was possible for the
driver to build an RSNE with the PMKID for SME-in-driver cases. This
could result in hitting the interop issue with some APs.

Fix this by skipping PMKID configuration to the driver fot FT-EAP AKM if
ft_eap_pmksa_caching=1 is not used in the network profile so that the
driver and wpa_supplicant behavior are in sync for this.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 16:48:57 +03:00
Min Liu
5cf91afeeb QCA vendor attribute for dynamic bandwidth adjustment
Define QCA vendor attribute in SET(GET)_WIFI_CONFIGURATION to
dynamically configure capabilities for dynamic bandwidth adjustment.

Signed-off-by: Min Liu <minliu@codeaurora.org>
2020-06-06 15:18:13 +03:00
Min Liu
1a28589b28 QCA vendor attributes for setting channel width
Define QCA vendor attribute in SET(GET)_WIFI_CONFIGURATION to
dynamically configure capabilities for channel width.

Signed-off-by: Min Liu <minliu@codeaurora.org>
2020-06-06 15:18:13 +03:00
Tanmay Garg
63653307df Add support for indicating missing driver AKM capability flags
Add support for missing driver AKM capability flags from the list of
RSN_AUTH_KEY_MGMT_* flags and make these available through the
'GET_CAPABILITY key_mgmt' control interface command.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Veerendranath Jakkam
18f3f99ac4 Add vendor attributes to configure testing functionality for FT/OCV/SAE
Add new QCA vendor attributes to configure RSNXE Used (FTE), ignore CSA,
and OCI frequency override with QCA vendor command
QCA_NL80211_VENDOR_SUBCMD_WIFI_TEST_CONFIGURATION for STA testbed role.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Min Liu
e53756a64e Fix a typo vendor attribute documentation
Fix a typo in comment of enum qca_wlan_tspec_ack_policy.

Signed-off-by: Min Liu <minliu@codeaurora.org>
2020-06-06 15:18:13 +03:00
Sunil Dutt
960e8e5334 QCA vendor attribute to configure NSS
Defines the attribute in SET(GET)_WIFI_CONFIGURATION to dynamically
configure NSS.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
747c69fa90 tests: SAE-PK transition disable indication
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
8d1cbaaff7 SAE-PK: Transition mode disabled indication processing
Allow AP to disable transition mode for SAE-PK (i.e., prevent SAE
authentication without SAE-PK).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
7937160d24 tests: Verify SAE-PK use more explicitly
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
a752695290 SAE: Add sae_h2e and sae_pk to wpa_supplicant STATUS command
This provides additional information on which options were used during
SAE authentication.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
cc22fb1b86 SAE: Move H2E and PK flags to main sae_data
This maintains knowledge of whether H2E or PK was used as part of the
SAE authentication beyond the removal of temporary state needed during
that authentication. This makes it easier to use information about which
kind of SAE authentication was used at higher layer functionality.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
bc908daace Document more network profile parameters
Some of the recently added wpa_supplicant network profile parameters
were not documented in wpa_supplicant.conf. Add these there based on the
documentation in config_ssid.h.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
4ea4df529d tests: SAE-PK only
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
1c846d647e SAE-PK: Allow SAE authentication without PK to be disabled
The new wpa_supplicant network profile parameter sae_pk_only=1 can now
be used to disable use of SAE authentication without SAE-PK.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
b96a4fa996 tests: Report unknown WpaSupplicant::connect() arguments
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 11:48:09 +03:00
Jouni Malinen
db23b8f95b tests: sigma_dut and SAE-PK
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-05 16:58:25 +03:00
Jouni Malinen
c55a52a85d tests: sigma_dut controlled GTK rekeying
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-05 15:35:44 +03:00
Jouni Malinen
37a5b50de3 tests: Fix sigma_dut ap_get_mac_address result parsing
Get only the actual BSSID part from the response string.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-05 13:41:59 +03:00
Jouni Malinen
cb43c9bfd0 tests: sigma_dut controlled AP using OCV
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-05 13:39:41 +03:00
Jouni Malinen
40240735bd WPS UPnP: Do not update Beacon frames unnecessarily on subscription removal
There is no need to update the WPS IE in Beacon frames when a
subscription is removed if that subscription is not for an actual
selected registrar. For example, this gets rids of unnecessary driver
operations when a subscription request gets rejected when parsing the
callback URLs.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-04 23:53:55 +03:00
Jouni Malinen
c85b39ec50 SAE-PK: Increment the minimum password length to 9
While this is not explicitly defined as the limit, lambda=8 (i.e., 9
characters with the added hyphen) is needed with Sec=5 to reach the
minimum required resistance to preimage attacks, so use this as an
implicit definition of the password length constraint.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-04 23:53:55 +03:00
Jouni Malinen
2c7b5a2c5f tests: Skip too short SAE-PK passwords in positive testing
Lambda >= 12 is needed with Sec = 2, so drop the shorter password
lengths in the sae_pk and module_wpa_supplicant test cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-04 23:53:33 +03:00
Jouni Malinen
d777156e1f SAE-PK: Determine hash algorithm from K_AP group instead of SAE group
While the current implementation forces these groups to be same, that is
not strictly speaking necessary and the correct group to use here is
K_AP, not the SAE authentication group.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-03 17:30:36 +03:00
Jouni Malinen
c3f894ad00 tests: Fix eapol-supp fuzzing tool build
Boolean handling was changed to use "true" instead of "TRUE", but this
location was missed.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-02 23:48:37 +03:00
Jouni Malinen
fca9ef3fee tests: SAE-PK
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-02 23:48:37 +03:00
Jouni Malinen
fb09ec87f2 SAE-PK: A tool for generating SAE-PK Modifier and password
sae_pk_gen can be used to generate Modifier (M) and password for SAE-PK
based on a previously generated EC private key, Sec value (2..5), and
SSID.

For example, these commands can be used to generate the private key and
the needed hostapd configuration parameter options:

make sae_pk_gen
openssl ecparam -genkey -outform DER -out saepk.der -name prime256v1
./sae_pk_gen saepk.der 3 "SAE-PK test"

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-02 23:25:22 +03:00