Commit graph

16087 commits

Author SHA1 Message Date
Felix Fietkau
d240c74b6a nl80211: Fix regulatory limits for WMM cwmin/cwmax values
The internal WMM AC parameters use just the exponent of the CW value,
while nl80211 reports the full CW value. This led to completely bogus
CWmin/CWmax values in the WMM IE when a regulatory limit was present.
Fix this by converting the value to the exponent before passing it on.

Fixes: 636c02c6e9 ("nl80211: Add regulatory wmm_limit to hostapd_channel_data")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-02-03 02:03:32 +02:00
Felix Fietkau
bc1289b076 nl80211: Fix WMM queue mapping for regulatory limit
nl80211 uses a different queue mapping from hostap, so AC indexes need
to be converted.

Fixes: 636c02c6e9 ("nl80211: Add regulatory wmm_limit to hostapd_channel_data")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-02-03 02:03:32 +02:00
Matthew Wang
fee28410de scan_est_throughput: Use ie_len instead of res->ie_len
Local variable should be used. This fixes an issue where IEs are
available only from a Beacon frame.

Fixes: ad06ac0b0 ("Move throughput estimation into a helper function")
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
2020-02-02 21:55:42 +02:00
Roy Marples
b2b7f8dcfa BSD: Fix the maximum size of a route(4) msg to 2048
The size of a single route(4) message cannot be derived from
either the size of the AF_INET or AF_INET6 routing tables.
Both could be empty or very large.

As such revert back to a buffer size of 2048 which mirrors
other programs which parse the routing socket.

Signed-off-by: Roy Marples <roy@marples.name>
2020-02-02 21:47:03 +02:00
Roy Marples
25c247684f BSD: Remove an outdated comment
With interface matching support, wpa_supplicant can wait for an
interface to appear.

Signed-off-by: Roy Marples <roy@marples.name>
2020-02-02 21:46:57 +02:00
Roy Marples
d807e289db BSD: Don't set or remove IFF_UP
Now that both hostapd and wpa_supplicant react to interface flag
changes, there is no need to set or remove IFF_UP.

It should be an administrative flag only.

Signed-off-by: Roy Marples <roy@marples.name>
2020-02-02 21:46:53 +02:00
Roy Marples
4692e87b25 BSD: Share route(4) processing with hostapd and wpa_supplicant.
There is little point in having both and it brings interface
addition/removal and IFF_UP notifications to hostapd.

Signed-off-by: Roy Marples <roy@marples.name>
2020-02-02 21:44:23 +02:00
Roy Marples
d20b34b439 BSD: Driver does not need to know about both wpa and hostap contexts
It will either be one or the other.
Fold hapd into ctx to match other drivers.

Signed-off-by: Roy Marples <roy@marples.name>
2020-02-02 21:44:23 +02:00
Ouden
aad414e956 nl80211: Fix send_mlme for SAE external auth
When external authentication is used, the station send mlme frame (auth)
to the driver may not be able to get the frequency (bss->freq) after
hostap.git commit b6f8b5a9 ("nl80211: Update freq only when CSA
completes"). Use the assoc_freq to send the MLME frame when SAE external
authentication is used to avoid this issue.

Signed-off-by: Ouden <Ouden.Biz@gmail.com>
2020-02-02 21:38:51 +02:00
Johannes Berg
bac54daf32 tests: Remove tabs
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2020-02-02 21:11:20 +02:00
Sunil Dutt
1a9d270d41 Additional stats through QCA_NL80211_VENDOR_SUBCMD_GET_STA_INFO
This commit introduces additional stats to query through
QCA_NL80211_VENDOR_SUBCMD_UPDATE_STA_INFO.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-31 23:46:01 +02:00
Jouni Malinen
12cdfb4d7b tests: DPP Configurator provisioning
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-31 23:32:34 +02:00
Jouni Malinen
c025c2eb59 DPP: DPPEnvelopedData generation for Configurator backup
This adds support for generating an encrypted backup of the local
Configurator information for the purpose of enrolling a new
Configurator. This includes all ASN.1 construction and data encryption,
but the configuration and connector template values in
dpp_build_conf_params() are not yet complete.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-31 23:32:34 +02:00
Jouni Malinen
7d9e320054 DPP: Received Configurator backup processing
Add local Configurator instance for each received Configurator backup.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-31 23:16:05 +02:00
Jouni Malinen
ea91ddb08a DPP: DPPEnvelopedData parsing for Configurator backup/restore
Process the received DPPEnvelopedData when going through Configurator
provisioning as the Enrollee (the new Configurator). This parses the
message, derives the needed keys, and decrypts the Configurator
parameters. This commit stores the received information in
auth->conf_key_pkg, but the actually use of that information to create a
new Configurator instance will be handled in a separate commit.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-31 23:16:05 +02:00
Jouni Malinen
312eac1d1e DPP: Add ASN.1 support into build
This will be needed in following patches to process DPPEnvelopedData.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-31 23:16:05 +02:00
Jouni Malinen
31b5950d0b ASN.1: Helper functions for building DER encoded data
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-31 23:16:05 +02:00
Jouni Malinen
ce1f477397 ASN.1: More OID definitions
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-31 23:16:05 +02:00
Jouni Malinen
8006742fa3 ASN.1: Add a helper for parsing AlgorithmIdentifier
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-30 15:23:32 +02:00
Jouni Malinen
f7f2843c45 ASN.1: Add a helper for parsing SEQUENCE
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-30 12:12:26 +02:00
Jouni Malinen
3393d94d02 ASN.1: Add a helper for parsing INTEGER
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-30 12:00:21 +02:00
Jouni Malinen
5e98998ec1 DPP2: Add Protocol Version attr to Auth Resp only if peer is R2 or newer
There is no need for the Protocol Version attribute in Authentication
Response if the peer is a DPP R1 device since such device would not know
how to use this attribute. To reduce risk for interoperability issues,
add this new attribute only if the peer included it in Authentication
Request.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-29 01:00:23 +02:00
Krishna Rao
505797b458 Add a vendor attribute for RTPL instance primary frequency
Add an attribute QCA_WLAN_VENDOR_ATTR_RTPLINST_PRIMARY_FREQUENCY for
primary channel center frequency in the definition for Representative
Tx Power List (RTPL) list entry instance. This is required for 6 GHz
support, since the 6 GHz channel numbers overlap with existing 2.4 GHz
and 5 GHz channel numbers thus requiring frequency values to uniquely
identify channels.

Mark QCA_WLAN_VENDOR_ATTR_RTPLINST_PRIMARY as deprecated if both the
driver and user space application support 6 GHz. For backward
compatibility, QCA_WLAN_VENDOR_ATTR_RTPLINST_PRIMARY is still used if
either the driver or user space application or both do not support the
6 GHz band.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-28 20:48:07 +02:00
Jouni Malinen
76162b1828 TLS: Fix bounds checking in certificate policy parser
The recent addition of the X.509v3 certificatePolicies parser had a
copy-paste issue on the inner SEQUENCE parser that ended up using
incorrect length for the remaining buffer. Fix that to calculate the
remaining length properly to avoid reading beyond the end of the buffer
in case of corrupted input data.

Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20363
Fixes: d165b32f38 ("TLS: TOD-STRICT and TOD-TOFU certificate policies")
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-28 14:21:03 +02:00
Jouni Malinen
703c2b6457 DPP: Example script for NFC bootstrapping method
This Python script is an example on how nfcpy can be used to drive an
NFC Device to perform DPP bootstrapping operations over DPP (tag with
NFC URI and negotiated connection handover).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-27 21:58:45 +02:00
Jouni Malinen
db1aa8f19f tests: DPP bootstrapping via NFC negotiated handover
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-27 20:36:09 +02:00
Jouni Malinen
566972fd6f DPP: Show selected negotiation channel in DPP_BOOTSTRAP_INFO
Make the selected channel available for upper layer software to use,
e.g., when starting DPP listen operation during NFC negotiated
connection handover.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-27 20:36:09 +02:00
Jouni Malinen
5e287724ee DPP: NFC negotiated connection handover
Add new control interface commands "DPP_NFC_HANDOVER_REQ own=<id>
uri=<URI>" and "DPP_NFC_HANDOVER_SEL own=<id> uri=<URI>" to support NFC
negotiated connection handover. These commands are used to report a DPP
URI received from a peer NFC Device in Handover Request and Handover
Select messages. The commands return peer bootstrapping information ID
or FAIL on failure. The returned ID is used similarly to any other
bootstrapping information to initiate DPP authentication.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-27 20:36:09 +02:00
Jouni Malinen
2bbe6ad3aa DPP: Helper function for bootstrapping URI generation
The new dpp_gen_uri() helper function can be used to build the
bootstrapping URI from locally stored information. This can be used to
make it easier to update the URI, e.g., for NFC negotiated connection
handover cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-27 20:36:09 +02:00
Jouni Malinen
f5b7b24912 tests: Fix eap_proto_ttls_errors with CONFIG_TLS=internal
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 17:09:50 +02:00
Jouni Malinen
12da39b389 crypto: Allow up to 10 fragments for hmac_sha*_vector()
This increases the limit of how many data fragments can be supported
with the internal HMAC implementation. The previous limit was hit with
some FT use cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 17:04:54 +02:00
Jouni Malinen
07dd83dd77 tests: Check for domain_suffix_match in HS 2.0 PPS MO testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:56:06 +02:00
Jouni Malinen
362889638b tests: Check for TLS EC support in build
These test cases need to be skipped with CONFIG_TLS=internal.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:54:07 +02:00
Jouni Malinen
0c00679b15 tests: Check for TLS library capabilities in sigma_dut test cases
These test cases cannot be run with CONFIG_TLS=internal.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:50:20 +02:00
Jouni Malinen
d165b32f38 TLS: TOD-STRICT and TOD-TOFU certificate policies
Add parsing of certificate policies for TOD-STRICT and TOD-TOFU when
using CONFIG_TLS=internal.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:44:49 +02:00
Jouni Malinen
31a3d4c234 tests: Recognize more test SKIP reasons
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 16:03:31 +02:00
Jouni Malinen
5bf51d38b0 tests: Fix DPP capability checking to avoid failures in non-DPP build
"finally" handler should not trigger a new exception when trying to
clear state for non-DPP builds. In addition, couple of checks for DPP
capability in the build were missing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 13:40:56 +02:00
Jouni Malinen
4c0af8ad6c tests: Check SAE capability in build more consistently
Use a helper function for this and add checks for number of test cases
that were missing this. This gets rid of undesired FAIL results
(converts them to SKIP) for test runs where the station do not support
SAE.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 13:40:56 +02:00
Jouni Malinen
cd66b8295c TLS: Fix a typo in a debug message
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 12:50:44 +02:00
Ashish Kumar Dhanotiya
a629409047 Add vendor interface QCA_NL80211_VENDOR_SUBCMD_REQUEST_SAR_LIMITS_EVENT
This commit introduces the vendor event
QCA_NL80211_VENDOR_SUBCMD_REQUEST_SAR_LIMITS_EVENT.
Host drivers can request user space application to set SAR power
limits with this event.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-24 20:48:14 +02:00
Vamsi Krishna
0ecf735631 Add new QCA vendor attribute to set thermal level
Add a new QCA vendor attribute to set thermal level to the driver from
userspace. The driver/firmware takes actions requested by userspace to
mitigate high temperature such as throttling TX etc. The driver may
choose the level of throttling and other actions for various thermal
levels set by userspace.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-24 20:45:35 +02:00
Jouni Malinen
f28853fbc4 tests: OWE PTK derivation workarounds
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-24 00:47:41 +02:00
Jouni Malinen
8b138d2826 OWE: PTK derivation workaround in STA mode
Initial OWE implementation used SHA256 when deriving the PTK for all OWE
groups. This was supposed to change to SHA384 for group 20 and SHA512
for group 21. The new owe_ptk_workaround=1 network parameter can be used
to enable older behavior mainly for testing purposes. There is no impact
to group 19 behavior, but if enabled, this will make group 20 and 21
cases use SHA256-based PTK derivation which will not work with the
updated OWE implementation on the AP side.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-24 00:47:41 +02:00
Jouni Malinen
65a44e849a OWE: PTK derivation workaround in AP mode
Initial OWE implementation used SHA256 when deriving the PTK for all OWE
groups. This was supposed to change to SHA384 for group 20 and SHA512
for group 21. The new owe_ptk_workaround parameter can be used to enable
workaround for interoperability with stations that use SHA256 with
groups 20 and 21. By default, only the appropriate hash function is
accepted. When workaround is enabled (owe_ptk_workaround=1), the
appropriate hash function is tried first and if that fails, SHA256-based
PTK derivation is attempted. This workaround can result in reduced
security for groups 20 and 21, but is required for interoperability with
older implementations. There is no impact to group 19 behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-24 00:47:41 +02:00
Jouni Malinen
bd50805e40 OWE: Select KDF hash algorithm based on the length of the prime
Previous implementation was hardcoding use of SHA256 PMK-to-PTK
derivation for all groups. Replace that with hash algorithm selection
based on the length of the prime similarly to the way this was done for
other derivation steps in OWE.

This breaks backwards compatibility when using group 20 or 21; group 19
behavior remains same.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-24 00:47:16 +02:00
Jouni Malinen
10bdce692d Fix a typo in an example configuration file comment
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-24 00:08:12 +02:00
Jouni Malinen
0d445cd394 Fix a typo in a comment
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-24 00:08:10 +02:00
Jouni Malinen
ce26f0086c Fix coloc_intf_reporting config param in hostapd in non-OWE builds
This has nothing to do with OWE and parsing of this value was not
supposed to be within an ifdef CONFIG_OWE block.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-24 00:08:10 +02:00
Jouni Malinen
ca10117cd7 tests: Make ap_hs20_connect_no_full_match more robust
Explicitly clear cfg80211 scan cache to avoid issues with old BSS
entries from previous test cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-23 16:54:45 +02:00
Vamsi Krishna
1011c79900 Do not enable HT/VHT for 6 GHz band 20 MHz width channels also
The previous commit had a rebasing issue that ended up covering only the
center_segment0 != 0 case. These were supposed to apply for all 6 GHz
band cases.

Fixes: 0bfc04b8d0 ("Do not enable HT/VHT when operating in 6 GHz band")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-23 16:10:41 +02:00