Commit graph

15411 commits

Author SHA1 Message Date
Jouni Malinen
9840532377 tests: PMF and Data frame injection
Verify driver/mac80211 behavior for unexpected A2 in Data frames.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-17 12:39:01 +03:00
Jouni Malinen
1ccde13b86 tests: Extend ap_pmf_inject_auth coverage for addresses/frames
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-17 12:38:15 +03:00
Jouni Malinen
3394def5a8 More consistent SA check for unexpected Data frames
Use the same rules for dropping driver notifications for Data frames
from unassociated stations as were added for Management frame reception.
This results in more consistent behavior in sending out Deauthentication
frames with Reason Code 6/7.

This case was already checking for unexpected multicast addresses, so
there was no issue for the PMF protections for unexpected disconnection.
Anyway, better avoid unnecessary Deauthentication frames consistently.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-17 12:38:15 +03:00
Jouni Malinen
c404cd8c7d tests: Avoid race conditions in couple of Hotspot 2.0 test cases
Wait hostapd to complete key setup before asking it to send a frame that
may need PMF. This is needed especially with UML time-travel.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-16 18:09:54 +03:00
Jouni Malinen
b256d9393d tests: DPP2 connection status result
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-16 17:25:34 +03:00
Jouni Malinen
16ef233bf1 DPP2: Connection status result (Enrollee)
Add support for reporting connection status after provisioning if the
Configurator requests this.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-16 17:25:34 +03:00
Jouni Malinen
b10e01a795 DPP2: Connection status result (Configurator)
A new argument to the DPP_AUTH_INIT command (conn_status=1) can now be
used to set Configurator to request a station Enrollee to report
connection result after a successfully completed provisioning step. If
the peer supports this, the DPP-CONF-SENT event indicates this with a
new argument (wait_conn_status=1) and the Configurator remains waiting
for the connection result for up to 16 seconds.

Once the Enrollee reports the result, a new DPP-CONN-STATUS-RESULT event
is generated with arguments result, ssid, and channel_list indicating
what the Enrollee reported. result=0 means success while non-zero codes
are for various error cases as specified in the DPP tech spec. If no
report is received from the Enrollee, the event with "timeout" argument
is generated locally.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-16 17:13:46 +03:00
Jouni Malinen
e501a2eb59 DPP2: Connection status result defines
Add defines for the connection status result mechanism.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-15 17:03:04 +03:00
Jouni Malinen
530b31ea88 tests: Fix DPP wait_auth_success() check for Configurator success
This looked like a copy-paste error in the event message check and once
that was fixed, couple of test cases needed fixes to expect a success
from the Configurator.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-15 17:01:59 +03:00
Jouni Malinen
cc8399528b DPP2: Move dpp_build_conf_result() to be within ifdef block
This is more consistent with the use of CONFIG_DPP2 since the
Configuration Result message is sent only when using version 2 or newer.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-15 16:45:16 +03:00
Jouni Malinen
3a6736fe87 DPP2: Fix a memory leak on error path for Config Result
If only one of the allocations fails, the successful allocation needs to
be freed on the error path.

Fixes: 22f90b32f1 ("DPP2: Configuration Result message generation and processing")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-15 16:30:40 +03:00
Sujay Patwardhan
21dc1627f6 wpa_supplicant: Don't return an error when successfully parsing WMM rules
The config file parser previously would fall through into an error if
CONFIG_AP is defined and it hit a wmm_ac_* rule with a valid value. Add
a return to prevent incorrectly printing an error message and returning
a non-zero exit code.

Signed-off-by: Sujay Patwardhan <sujay@eero.com>
2019-09-13 16:35:16 +03:00
Hu Wang
8214b45ba0 P2P: Use latest BSS entry if multiple P2P Device Addr matches found
If an AP (P2P GO) has changed its operating channel or SSID recently,
the BSS table may have multiple entries for the same BSSID.

Commit 702621e6dd ('WPS: Use latest updated BSS entry if multiple
BSSID matches found') fetches latest updated BSS entry based on
BSSID. Do the same when fetching an entry based on the P2P Device
Address.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-13 16:22:05 +03:00
Alexei Avshalom Lazar
dc6c3be4e2 wpa_supplicant: Add support for 60 GHz band channels 5 and 6
The previous support in the 60 GHz band was for channels 1-4.
Add support for channels 5 and 6.

Signed-off-by: Alexei Avshalom Lazar <ailizaro@codeaurora.org>
2019-09-13 16:14:17 +03:00
Jouni Malinen
018edec9b2 Remove IAPP functionality from hostapd
IEEE Std 802.11F-2003 was withdrawn in 2006 and as such it has not been
maintained nor is there any expectation of the withdrawn trial-use
recommended practice to be maintained in the future. Furthermore,
implementation of IAPP in hostapd was not complete, i.e., only parts of
the recommended practice were included. The main item of some real use
long time ago was the Layer 2 Update frame to update bridges when a STA
roams within an ESS, but that functionality has, in practice, been moved
to kernel drivers to provide better integration with the networking
stack.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-11 13:11:03 +03:00
Jouni Malinen
d2d444deef tests: Remove IAPP test case
This is in preparation for removal of the full IAPP functionality from
hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-11 12:30:28 +03:00
Jouni Malinen
d86d66dc07 AP: Silently ignore management frame from unexpected source address
Do not process any received Management frames with unexpected/invalid SA
so that we do not add any state for unexpected STA addresses or end up
sending out frames to unexpected destination. This prevents unexpected
sequences where an unprotected frame might end up causing the AP to send
out a response to another device and that other device processing the
unexpected response.

In particular, this prevents some potential denial of service cases
where the unexpected response frame from the AP might result in a
connected station dropping its association.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-11 12:28:37 +03:00
John Crispin
a84bf44388 HE: Send the AP's OBSS PD settings to the kernel
This allows us to send the OBSS PD settings to the kernel, such that the
driver can propagate them to the hardware/firmware.

Signed-off-by: John Crispin <john@phrozen.org>
2019-09-10 14:00:14 +03:00
Jouni Malinen
262b71eead Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2019-08-30.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-10 13:42:14 +03:00
Mikael Kanstrup
97d2d7ac1a tests: WPS MAC address change
Verify that MAC address of WPS M1 message use correct address
after address change.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
2019-09-09 16:56:00 +03:00
Mikael Kanstrup
8788a314d7 WPS: Update MAC address on address changes
The WPS component keeps a copy of the network interface MAC address.
When MAC address is changed the WPS copy was not updated so WPS M1
message contained the old address. Some devices check this field
and fail connection attempts.

Update the WPS MAC address on interface MAC address changes.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
2019-09-09 16:49:34 +03:00
Rosen Penev
39042d7f7c os_sleep: Use nanosleep for POSIX versions 2008 and higher
uClibc-ng optionally disabled deprecated POSIX functions like usleep,
causing compilation failures. This switches to nanosleep while retaining
support for older libcs that do not support nanosleep.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-09-09 16:45:40 +03:00
Jouni Malinen
a69742c2f8 wpa_cli: Do not pick p2p-dev-* interfaces by default
These are the driver-specific interface for the non-netdev P2P Device
interface and not something that useful for most use cases. Skip them to
allow the main netdev (e.g., wlan0 over p2p-dev-wlan0) to be selected.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-09 16:37:46 +03:00
Jouni Malinen
b3ba2556e7 tests: wpa_supplicant DPP-only build tests
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-08 18:07:22 +03:00
Jouni Malinen
d842e00bd6 SAE: Return result from confirm CN() operation to the caller
These functions could fail in theory, so report the result to the
caller.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-08 18:02:47 +03:00
Ankita Bajaj
a8bfc6fff2 FILS: Update connect params after sending connection notification
Update connect params will update auth_alg and fils_hlp_req in
wpa_supplicant structure before calling function
wpas_notify_state_changed(). This could have resulted in triggering
inconsistent state change events and messages in the Android framework.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-08 17:50:23 +03:00
Srinivas Dasari
0df82a3daf Correct the type/usage of QCA_ATTR_ROAM_CONTROL_SCAN_FREQ_LIST
Update the documentation of QCA_ATTR_ROAM_CONTROL_SCAN_FREQ_LIST
to make it a nested attribute to carry frequencies of type u32.
This is to be in sync with the nl80211 attribute
NL80211_ATTR_SCAN_FREQUENCIES.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-08 17:48:14 +03:00
Jouni Malinen
6bf6c6feca DPP: Fix hostapd build dependencies for DPP-only build
Fix CONFIG_DPP=y build for cases where the needed dependencies were not
pulled in by other optional build parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-08 17:46:55 +03:00
Jouni Malinen
1eff2e7bf1 DPP2: Fix wpa_supplicant build dependencies for CONFIG_AP=y build
Fix CONFIG_DPP2=y with CONFIG_AP=y build for cases where the needed
dependencies were not pulled in by other optional build parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-08 17:44:07 +03:00
Jouni Malinen
d2bae5763d DPP: Fix wpa_supplicant build dependencies for DPP-only build
Fix CONFIG_DPP=y build for cases where the needed dependencies were not
pulled in by other optional build parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-08 17:39:43 +03:00
Jouni Malinen
7d2ed8bae8 Remove CONFIG_IEEE80211W build parameter
Hardcode this to be defined and remove the separate build options for
PMF since this functionality is needed with large number of newer
protocol extensions and is also something that should be enabled in all
WPA2/WPA3 networks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-08 17:33:40 +03:00
Hu Wang
0229261874 DFS offload: Fix hostapd state and CAC info in STATUS output
With DFS offloaded to the driver, hostapd state and CAC info was not
updated in DFS-CAC-START event, so STATUS output showed wrong info. Fix
this by updating the CAC related state when processing the driver event.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-09-02 12:29:10 +03:00
Jouni Malinen
4d78ba9900 EAP-TEAP peer: Clear Phase 2 EAP method on new Identity exchange
This is needed to allow clean transition from one inner EAP
authentication method to another one if EAP method negotiation is needed
within Phase 2.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-01 17:19:43 +03:00
Jouni Malinen
70990138ec tests: EAP-TEAP with inner EAP-MSCHAPv2 user and EAP-TLS machine credentials
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-01 17:19:43 +03:00
Jouni Malinen
6816182461 EAP-TEAP peer: Add support for machine credentials using certificates
This allows EAP-TLS to be used within an EAP-TEAP tunnel when there is
an explicit request for machine credentials. The network profile
parameters are otherwise same as the Phase 1 parameters, but each one
uses a "machine_" prefix for the parameter name.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-01 17:19:43 +03:00
Jouni Malinen
ebee8232d3 Do not try to include net/ethernet.h in MinGW/Windows builds
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-01 17:19:43 +03:00
Jouni Malinen
bf15b15598 Fix Windows error code definition workaround
ENOTCONN, EOPNOTSUPP, and ECANCELED are defined in a newer version of
MinGW, so make this workaround conditional on what is defined in the
header files.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-01 17:19:43 +03:00
Jouni Malinen
043de65f1c EAP peer config: Move ocsp param to phase1/phase2
OCSP configuration is applicable to each instance of TLS-based
authentication and as such, the configuration might need to be different
for Phase 1 and Phase 2. Move ocsp into struct eap_peer_cert_config and
add a separate ocsp2 network profile parameter to set this for Phase 2.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-01 17:19:35 +03:00
Jouni Malinen
e0ee87c706 tests: Too many EAP roundtrips (server)
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-01 17:19:35 +03:00
Jouni Malinen
8d76e0ad7b EAP server: Configurable maximum number of authentication message rounds
Allow the previously hardcoded maximum numbers of EAP message rounds to
be configured in hostapd EAP server. This can be used, e.g., to increase
the default limits if very large X.509 certificates are used for EAP
authentication.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-01 17:19:35 +03:00
Jouni Malinen
b99c4cadb7 EAP peer: Move certificate configuration params into shared struct
These parameters for certificate authentication are identical for the
Phase 1 (EAP-TLS alone) and Phase 2 (EAP-TLS inside a TLS tunnel).
Furthermore, yet another copy would be needed to support separate
machine credential in Phase 2. Clean this up by moving the shared
parameters into a separate data struct that can then be used for each
need without having to define separate struct members for each use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-09-01 17:19:31 +03:00
Sven Eckelmann
6e711e7ab3 mesh: Do not enable HE on 5 GHz without VHT
The commit ad9a1bfe78 ("nl80211: Share VHT channel configuration for
HE") always enforced that VHT is enabled when HE was enabled. This broke
the mesh functionality on 2.4 GHz with HE because ibss_mesh_setup_freq()
isn't setting up the VHT parameters for 2.4 GHz.

This problem was resolved for 2.4 GHz by commit df4f959988 ("nl80211:
Don't force VHT channel definition with HE"), but it is still possible
to disable VHT during the mesh/IBSS freq setup on 5 GHz - which would
result in the same problem as seen on 2.4 GHz.

The code enabling HE for IBSS/mesh must now make sure that it doesn't
enable HE when VHT could be enforced by the nl80211 driver code but
disabled by the user.

Fixes: 3459c54ac7 ("mesh: Add support for HE mode")
Signed-off-by: Sven Eckelmann <seckelmann@datto.com>
2019-08-30 16:02:23 +03:00
John Crispin
0497e41481 HE: Fix HE Capabilities element size
Set the max value of optional bytes inside the data structure. This
requires us to calculate the actually used size when copying the
HE capabilities and generating the IE.

Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Sven Eckelmann <seckelmann@datto.com>
2019-08-30 15:59:20 +03:00
Krishna Rao
a2e0cc9e09 Add nl80211 vendor ACS trigger reasons related to interference
Add the following ACS trigger reasons to enum
qca_wlan_vendor_acs_select_reason:
1) QCA_WLAN_VENDOR_ACS_SELECT_REASON_GENERIC_INTERFERENCE
       Generic, uncategorized interference found
2) QCA_WLAN_VENDOR_ACS_SELECT_REASON_80211_INTERFERENCE
       Excessive 802.11 interference found
3) QCA_WLAN_VENDOR_ACS_SELECT_REASON_CW_INTERFERENCE
       Continuous Wave (CW) interference found
4) QCA_WLAN_VENDOR_ACS_SELECT_REASON_MWO_INTERFERENCE
       Microwave Oven (MWO) interference found
5) QCA_WLAN_VENDOR_ACS_SELECT_REASON_FHSS_INTERFERENCE
       Frequency-Hopping Spread Spectrum (FHSS) interference found
6) QCA_WLAN_VENDOR_ACS_SELECT_REASON_NON_80211_FHSS_INTERFERENCE
       Non-802.11 Frequency-Hopping Spread Spectrum (FHSS) interference
       found
7) QCA_WLAN_VENDOR_ACS_SELECT_REASON_WB_INTERFERENCE
       Wideband (WB) interference found
8) QCA_WLAN_VENDOR_ACS_SELECT_REASON_NON_80211_WB_INTERFERENCE
       Non-802.11 Wideband (WB) interference found
9) QCA_WLAN_VENDOR_ACS_SELECT_REASON_JAMMER_INTERFERENCE
       Jammer interference found

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-30 15:46:18 +03:00
Jouni Malinen
69e8e7817e HS 2.0: Do not add two copies of OSEN element into Beacon/Probe Resp
OSEN element was getting added both through the Authenticator IEs
(before some non-vendor elements) and separately at the end of the
frames with other vendor elements. Fix this by removing the separate
addition of the OSEN element and by moving the Authenticator IE addition
for OSEN to match the design used with WPA so that the vendor element
gets added in the proper place in the sequence of IEs.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-30 15:41:58 +03:00
Jouni Malinen
81d0759cba tests: Hotspot 2.0 open OSU association
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-30 15:25:07 +03:00
Jouni Malinen
a762ba8b1e HS 2.0 AP: Do not mandate PMF for HS 2.0 Indication in open OSU network
Even though the station is not supposed to include Hotspot 2.0
Indication element in the Association Request frame when connecting to
the open OSU BSS, some station devices seem to do so. With the strict
PMF-required-with-Hotspot-2.0-R2 interpretation, such connection
attempts were rejected. Relax this to only perform the PMF check if the
local AP configuration has PMF enabled, i.e., for the production BSS.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-30 15:22:42 +03:00
Jouni Malinen
65e2eb6e74 tests: Make nfc_wps more robust by avoiding race conditions
The hostapd side operations and data connectivity test were executed
without explicitly waiting for hostapd to report connection as having
been completed. This could result in trying to transmit data before
EAPOL-Key msg 4/4 was processed especially when using UML time-travel.
Make this more robust by waiting for hostapd to be ready before the data
test.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-24 22:52:52 +03:00
Jouni Malinen
12de149071 tests: Fix ap_ft_reassoc_replay for case where wlantest has the PSK
This test case was failing if wlantest was able to decrypt the CCMP
protected frames. Fix the tshark filter string to include only the
actually encrypted frames for PN comparison.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-24 19:20:40 +03:00
Jouni Malinen
e49ce2990f IEEE 802.1X authenticator: Coding style cleanup
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-24 19:15:25 +03:00