Commit graph

16819 commits

Author SHA1 Message Date
Anusha Datar
8f248d1aca Check for message truncation in RADIUS client
The RADIUS client currently determines if a radius message is longer
than the supported maximum length by checking whether the size of the
received buffer and the length of the buffer (as returned by recv()) is
equal. This method fails to detect if the buffer has actually been
truncated. This change modifies the RADIUS client to instead use the
recvmsg() call and then check the message header flags to determine
whether or not the received message has been truncated and drop the
message if that is the case.

Signed-off-by: Anusha Datar <anusha@meter.com>
Reviewed-by: Steve deRosier <derosier@cal-sierra.com>
Reviewed-by: Julian Squires <julian@cipht.net>
2021-02-20 00:15:15 +02:00
Anusha Datar
5cb25307e4 Set RADIUS message length to reflect RFC 2865
The current RADIUS server message maximum length limits the length of
each RADIUS message to 3000 bytes. As specified in RFC 2865 section 3
("Packet Format"), the RADIUS standard's maximum message size is 4096
bytes, so this change increases the RADIUS server's maximum message
size from 3000 to 4096 to match the standard.

Signed-off-by: Anusha Datar <anusha@meter.com>
Reviewed-by: Steve deRosier <derosier@cal-sierra.com>
Reviewed-by: Julian Squires <julian@cipht.net>
2021-02-20 00:11:17 +02:00
Anusha Datar
7df089b567 Create RADIUS_MAX_MSG_LEN param in the shared radius.h
The RADIUS client currently uses a hardcoded value of 3000 for the
maximum length of a RADIUS message, and the RADIUS server currently
defines a constant value for the maximum length of the RADIUS message
within its source. The client and the server should use the same
maximum length value, so this change creates a shared parameter
RADIUS_MAX_MSG_LEN within the header file radius.h and modifies
both the client and the server to use that parameter instead of
a locally set value.

Signed-off-by: Anusha Datar <anusha@meter.com>
Reviewed-by: Steve deRosier <derosier@cal-sierra.com>
Reviewed-by: Julian Squires <julian@cipht.net>
2021-02-20 00:08:17 +02:00
Jouni Malinen
3811645e99 tests: P2P device discovery with invalid group client info
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-02-19 23:34:11 +02:00
Sachin Ahuja
98a52b09ca Add new attributes in get_sta_info QCA vendor command
Add additional attributes for the QCA vendor command
QCA_NL80211_VENDOR_SUBCMD_GET_STA_INFO to get finer details on roaming
behavior, TSF out of sync count, and the latest TX rate, Rate Index used
for the transmission.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-02-16 00:47:43 +02:00
Veerendranath Jakkam
8f204f69ac Show OCV and beacon protection capabilities in control interface
Indicate local support for Operating Channel Validation (OCV) and beacon
protection.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2021-02-16 00:47:43 +02:00
Veerendranath Jakkam
6f92f81dac AP: Check driver's capability to enable OCV when driver SME is used
When the driver SME is used, offloaded handshakes which need Operating
Channel Validation (OCV) such as SA Query procedure, etc. would fail if
hostapd enables OCV based on configuration but the driver doesn't
support OCV. To avoid this when driver SME is used, enable OCV from
hostapd only when the driver indicates support for OCV.

This commit also adds a capability flag to indicate whether driver SME
is used in AP mode.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2021-02-16 00:47:43 +02:00
Veerendranath Jakkam
73ebd58fc8 STA: Check driver capability to enable OCV when driver SME is used
When the driver SME is used, offloaded RSN handshakes like SA Query, GTK
rekeying, FT authentication, etc. would fail if wpa_supplicant enables
OCV in initial connection based on configuration but the driver doesn't
support OCV. To avoid such failures check the driver's capability for
enabling OCV when the driver SME used.

This commit also adds a capability flag for indicating OCV support
by the driver.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2021-02-16 00:47:43 +02:00
Jouni Malinen
f3dfe42c7e Clean up RSN parameter setting for PASN
Set conf.force_kdk_derivation within the same if block as all the other
parameters. This is used only if ssid is not NULL, so no need to have
any special handling for this parameter.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-02-16 00:47:43 +02:00
Veerendranath Jakkam
d36d4209fd Enable beacon protection only when driver indicates support
Enabling beacon protection will cause STA connection/AP setup failures
if the driver doesn't support beacon protection. To avoid this, check
the driver capability before enabling beacon protection.

This commit also adds a capability flag to indicate beacon protection
support in client mode only.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2021-02-16 00:47:43 +02:00
Hu Keping
9d99814e22 Update sgml to generate reproducible manpages
Prior to this patch, we failed to recreate bit-by-bit identical
copies of wpa_supplicant because it doesn't generate reproducible manpages.

Since the latest version(0.6.14-3 or new) of docbook-utils have already
support getting the date from sgml file [1], it is possible to make some
progress on the "reproducible builds" effort [2].

[1]: https://sources.debian.org/patches/docbook-utils/0.6.14-3
[2]: https://reproducible-builds.org

Signed-off-by: Hu Keping <hukeping@huawei.com>
2021-02-16 00:47:43 +02:00
Jouni Malinen
7eb222aa89 tests: EXT PW file backend
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-02-16 00:47:43 +02:00
Patrick Steinhardt
e680a51e94 ext_password: Implement new file-based backend
It was not easily possible to separate configuration of an interface and
credentials when using the configuration file instead of the control
interface or D-Bus interface for setting up the network profiles. This
makes it hard to distribute configuration across a set of nodes which
use wpa_supplicant without also having to store credentials in the same
file. While this can be solved via scripting, having a native way to
achieve this would be preferable.

Turns out there already is a framework to have external password
storages. It only had a single "test" backend though, which is kind of
an in-memory store which gets initialized with all passwords up front
and is mainly for testing purposes. This isn't really suitable for the
above use case: the backend cannot be initialized as part of the central
configuration given that it needs the credentials, and we want to avoid
scripting.

This commit thus extends the infrastructure to implement a new backend,
which instead uses a simple configuration file containing key-value
pairs. The file follows the format which wpa_supplicant.conf(5) uses:
empty lines and comments are ignored, while passwords can be specified
with simple `password-name=password-value` assignments.

With this new backend, splitting up credentials and configuration
becomes trivial:

    # /etc/wpa_supplicant/wpa_supplicant.conf
    ext_password_backend=file:/etc/wpa_supplicant/psk.conf

    network={
        ssid="foobar"
        psk=ext:foobar
    }

    # /etc/wpa_supplicant/psk.conf
    foobar=ecdabff9c80632ec6fcffc4a8875e95d45cf93376d3b99da6881298853dc686b

Alternative approaches would be to support including other configuration
files in the main configuration, such that common configuration and
network declarations including credentials are split up into separate
files. But the implementation would probably have been more complex
compared to reusing the already-existing framework for external password
backends.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
2021-02-16 00:47:43 +02:00
Patrick Steinhardt
e9f449ba59 wpa_supplicant: Move wpa_config_get_line() into utils
The function wpa_config_get_line() is used by the wpa_supplicant config
file parser to retrieve the next non-comment non-blank line. We'll need
the same kind of functionality to implement the file-based external
password backend, so as a preparatory step this commit extracts the
function into its own standalone file in the utils package.

No functional changes are expected from this commit.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
2021-02-16 00:47:43 +02:00
Jouni Malinen
fd78ab8270 tests: ACS for HE 40 MHz channel in 2.4 GHz
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-02-15 18:27:10 +02:00
Jouni Malinen
b1c23d3f25 HE: Fall back to 20 MHz on 2.4 GHz if 40 MHz is not supported
At least the ACS case of an attempt to pick a 40 MHz channel on the 2.4
GHz band could fail if HE was enabled and the driver did not include
support for 40 MHz channel bandwidth on the 2.4 GHz band in HE
capabilities. This resulted in "40 MHz channel width is not supported in
2.4 GHz" message when trying to configure the channel and failure to
start the AP.

Avoid this by automatically falling back to using 20 MHz bandwidth as
part of channel parameter determination at the end of the ACS procedure.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-02-15 18:27:10 +02:00
Aloka Dixit
f1c6c9d3eb ACS: Allow downgrading to 20 MHz based on OBSS results
When auto channel selection (ACS) is used for HE 40 MHz in the 2.4 GHz
band, AP sets center frequency after finding a 40 MHz channel and then
runs a scan for overlapping BSSes in neighboring channels. Upon OBSS
detection, AP should downgrade to 20 MHz bandwidth.

This was broken because allowed_ht40_channel_pair() returns true in this
case and the steps to reset center frequency are not executed causing
failure to bring interface up.

Fix the condition to allow rollback to 20 MHz.

Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
2021-02-15 18:16:33 +02:00
Jouni Malinen
9bb2f75298 Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2021-02-12.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-15 17:36:20 +02:00
Aloka Dixit
cfc45a98d2 nl80211: Unsolicited broadcast Probe Response configuration
Unsolicited broadcast Probe Response transmission is used for in-band
discovery in the 6 GHz band (IEEE P802.11ax/D8.0 26.17.2.3.2, AP
behavior for fast passive scanning). Add support for configuring the
parameters for such frames.

Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
2021-02-14 23:04:26 +02:00
Aloka Dixit
024b4b2a29 AP: Unsolicited broadcast Probe Response configuration
Add hostapd configuration options for unsolicited broadcast
Probe Response transmission for in-band discovery in 6 GHz.
Maximum allowed packet interval is 20 TUs (IEEE P802.11ax/D8.0
26.17.2.3.2, AP behavior for fast passive scanning).
Setting value to 0 disables the transmission.

Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
2021-02-14 23:04:26 +02:00
Jouni Malinen
11736a1a78 tests: Make ap_sae_tdls more robust
Need to clear sae_groups parameter before using SAE in this test case to
avoid issues if previous test cases have left a specific group
configured.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-14 20:16:18 +02:00
Jouni Malinen
2c98cbecb4 tests: Make multi_ap_backhaul_roam_with_bridge more robust
Clear the scan cache and make sure the new AP gets discovered before
issuing the ROAM command.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-14 20:12:48 +02:00
Jouni Malinen
6fb6264129 P2P: Clear unexpected HT40 configuration on 2.4 GHz band
Number of the P2P+NFC test cases have been failing every now and then
and those failures seemed to be because of having somehow managed to
select the GO's operating channel as HT40+ on the channel 11 in the 2.4
GHz band, i.e., something that is clearly incorrect. The P2P check for
HT40 secondary channel is supported only on the 5 GHz band, so drop HT40
configuration if it shows up unexpectedly on the 2.4 GHz band to avoid
issues in GO being able to start.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-14 19:32:23 +02:00
Jouni Malinen
6b59e63f0e Include secondary channel config in no-hw-channel-found message
This makes the error message easier to understand if the AP mode setup
failure is caused by invalid secondary channel configuration while the
primary channel is valid.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-14 19:31:14 +02:00
Jouni Malinen
7a7e45ae68 tests: FILS Discovery frame generation
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-14 18:20:49 +02:00
Aloka Dixit
d76ba2b316 nl80211: Add FILS Discovery frame configuration
Add support for setting the parameters for FILS Discovery frame
transmission.

Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
2021-02-14 18:18:18 +02:00
Aloka Dixit
9c02a0f5a6 FILS: Add generation of FILS Discovery frame template
Add hostapd configuration parameters for FILS Discovery frame
transmission interval and prepare a template for FILS Discovery frame
for the driver interface. The actual driver interface changes are not
included in this commit.

Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
2021-02-14 18:03:49 +02:00
Jouni Malinen
c4c529e9cb Add a helper function for determining RSN capabilities field value
This information is needed in more than one place, so add a helper
function to avoid need to duplicate this code.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-14 18:03:38 +02:00
Aloka Dixit
272466518f Define FILS Discovery frame subfields
Add definitions from IEEE Std 802.11ai-2016, 9.6.8.36 FILS discovery
frame format and extensions for the 6 GHz band from IEEE P802.11ax/D8.0.

Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
2021-02-14 11:13:20 +02:00
Jouni Malinen
3eb5f7128e Do not include VHT elements in Beacon frames on the 6 GHz band
A similar change was previously done for Probe Response frames, but the
Beacon frame case was missed. Fix this to remove the VHT elements also
from Beacon frames on the 6 GHz since the relevant information is
included only in the HE elements on that band.

Fixes: 49e95ee1ee ("AP: Publish only HE capabilities and operation IEs on 6 GHz band")
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-14 00:33:08 +02:00
Shay Bar
2c2b6d265b Add Transmit Power Envelope also for 6 GHz HE AP
According to IEEE P802.11ax/D8.0, add Transmit Power Envelope element
into Beacon and Probe Response frames when operating HE AP on the 6 GHz
band.

Signed-off-by: Shay Bar <shay.bar@celeno.com>
2021-02-14 00:29:31 +02:00
Shay Bar
6c2b729de0 Use hostapd_get_oper_chwidth() when build Transmit Power Envelope element
hostapd_get_oper_chwidth(iconf) instead of direct access to
iface->conf->vht_oper_chwidth is needed here to be able to use this with
HE in cases where VHT is not enabled.

Signed-off-by: Shay Bar <shay.bar@celeno.com>
2021-02-14 00:24:53 +02:00
Shay Bar
5d3c4496fb Make VHT Transmit Power Envelope element helper more generic
According to latest IEEE 802.11 standard, Transmit Power Envelope
element is also relevant to IEEE 802.11ax and is no longer called VHT
Transmit Power Envelope. Remove the VHT naming from the element and move
hostapd_eid_txpower_envelope() from ieee802_11_vht.c to ieee802_11.c in
preparation of using it with HE.

Signed-off-by: Shay Bar <shay.bar@celeno.com>
2021-02-14 00:22:52 +02:00
Jouni Malinen
a000710835 tests: Multi-AP backhaul BSS reassociation to another BSS with bridge
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-14 00:01:29 +02:00
Jouni Malinen
58bbbb5981 nl80211: Ignore 4addr mode enabling error if it was already enabled
nl80211_set_4addr_mode() could fail when trying to enable 4addr mode on
an interface that is in a bridge and has 4addr mode already enabled.
This operation would not have been necessary in the first place and this
failure results in disconnecting, e.g., when roaming from one backhaul
BSS to another BSS with Multi AP.

Avoid this issue by ignoring the nl80211 command failure in the case
where 4addr mode is being enabled while it has already been enabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-13 23:59:28 +02:00
Michal Kazior
1b45b8d3f6 wpa_supplicant: Don't exit scanning state on config reload
There's a chance that prior to config reload being requested a scan work
was started. As such forcing wpa_supplicant to WPA_DISCONNECTED was
removing any hints that the actual driver is busy with work. That led to
wpa_supplicant reporting "Failed to initialize AP scan" over and over
again for a few seconds (depending on driver/capabilities) until the
untracked scan finished.

Cancelling a scan isn't really a solution because there's a bunch of
scanning state bits sprinkled across wpa_supplicant structure and they
get updated as driver events actually flow in in async manner.

As far as I can tell this is only preventing unnecessary warning
messages. This doesn't seem like it was crippling any logic per se.

Signed-off-by: Michal Kazior <michal@plume.com>
2021-02-13 23:12:38 +02:00
Michal Kazior
581df2d524 DPP2: Defer chirp scan if other scan is queued up
The chirp scan could override the scan_res_handler. This could lead to
wpa_supplicant getting stuck in a scanning state while not scanning at
all until forced to, e.g., via an explicit SCAN control command.

The condition for trigerring this problem in my testing was when
(interface_count % 3) == 2. This introduced a two second delay before
actual scan was triggered after starting the wpa_supplicant instance up.
If DPP chirping was requested fast enough, in between the queueing and
triggering, it would punt the scan request, never to be resumed again.
Chirp scan handler wouldn't resume it leaving wpa_supplicant
inadvertently idle.

Signed-off-by: Michal Kazior <michal@plume.com>
2021-02-13 23:12:07 +02:00
Brian Norris
1e537a2756 wlantest: Avoid unaligned iphdr pointers
Buffers passed to rx_data_ip() may not be naturally-aligned, and so we
get unpredictable behavior when we cast that to an IP header. In
particular, this code may crash on ARM.

Signed-off-by: Brian Norris <briannorris@chromium.org>
2021-02-13 23:07:34 +02:00
Pradeep Kumar Chitrapu
35756c02ea mesh: Assign channel in frequency params in all bands
Previously, the channel number was set in hostapd_freq_params only with
the presence of HT capabilities. Set the channel number before the check
for HT mode to accommodate the 6 GHz band cases.

Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
2021-02-10 00:25:36 +02:00
Pradeep Kumar Chitrapu
b1c3e4d071 nl80211: Send HE 6 GHz capability parameters to the driver
The HE 6 GHz capability was not being sent to the kernel causing 6 GHz
support being unidentifiable in the kernel driver for added stations.

Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
2021-02-10 00:06:21 +02:00
Juliusz Sosinowicz
8d10831dcf wolfSSL: wolfSSL_use_PrivateKey_* correct return codes
The wolfSSL_use_PrivateKey_* APIs return 1 on success. 0 is also an
error.

Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
2021-02-09 20:54:34 +02:00
Michal Kazior
7e823d4df2 DPP: Expose config object PSK/passphrase in wpa_supplicant
hostapd was already exposing this. There's no reason not to expose it in
wpa_supplicant. This allows 3rd party apps interacting with the control
interface to handle DPP events to get configs instead of needing to
dance around with update_config=1 and SAVE_CONFIG.

Signed-off-by: Michal Kazior <michal@plume.com>
2021-02-09 20:46:36 +02:00
Michal Kazior
1029f16a9f DPP: Expose config object AKM in wpa_supplicant control interface
hostapd was already exposing this. There's no reason not to expose it in
wpa_supplicant. This allows 3rd party apps interacting with the control
interface to handle DPP events to get configs instead of needing to
dance around with update_config=1 and SAVE_CONFIG.

Signed-off-by: Michal Kazior <michal@plume.com>
2021-02-09 20:45:15 +02:00
Jouni Malinen
ffcca901e7 tests: DPP Authentication Request destination address in chirp case
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-02-09 20:43:33 +02:00
Jouni Malinen
ad59639ed8 DPP2: Fix Authentication Request destination in the chirping case
The Authentication Request frames triggered by the reception of a
Presence Announcement frame were sent to the broadcast address. This is
not correct behavior since the source MAC address of the Presence
Announcement frame was supposed to override the Responder MAC address.
Fix this by using that source MAC address to avoid unnecessary use of
broadcast frames.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-02-09 20:41:08 +02:00
Aloka Dixit
598f671321 SAE: Avoid driver STA entry removal unnecessarily when using H2E/PK
The new status code values for SAE H2E and PK resulted in the
sta->added_unassoc cases incorrectly removing the STA entry after
successful SAE commit messages. Fix this by using sae_status_success()
instead of direct check for WLAN_STATUS_SUCCESS when processing SAE
commit messages before removing station entry.

Signed-off-by: Aloka Dixit <alokad@codeaurora.org>
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
2021-02-08 23:56:59 +02:00
Ilan Peer
99cd453720 hw_feature: Correctly select mode in case of the 6 GHz band
There are 2 HW modes with IEEE80211_MODE_A: one for the 5 GHz channels
and one for 6 GHz channels. Since hw_get_chan() checks all the
compatible hw modes, eventually, an incorrect hw mode is selected.

To fix this, add a function that checks if a specific mode supports
the requested frequency and if so use it as the current mode.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2021-02-08 00:54:10 +02:00
Jouni Malinen
cc96f45f4f tests: New HE configuration parameters
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-08 00:45:42 +02:00
Rajkumar Manoharan
f728c867e3 AP: Extend Spatial Reuse Parameter Set
Extend SPR element to support following fields and pass all
information to kernel for driver use.
 * Non-SRG OBSS PD Max Offset
 * SRG BSS Color Bitmap
 * SRG Partial BSSID Bitmap

Signed-off-by: Rajkumar Manoharan <rmanohar@codeaurora.org>
2021-02-08 00:41:52 +02:00
Rajkumar Manoharan
9f9d3d3625 Allow HE MCS rate selection for Beacon frames
Allow HE MCS rate to be used for beacon transmission when the driver
advertises the support. The rate is specified with a new beacon_rate
option "he:<HE MCS>" in hostapd configuration.

Signed-off-by: Rajkumar Manoharan <rmanohar@codeaurora.org>
2021-02-08 00:26:38 +02:00