Commit graph

13927 commits

Author SHA1 Message Date
Jouni Malinen
cc9c4feccc OpenSSL: Allow systemwide policies to be overridden
Some distributions (e.g., Debian) have started introducting systemwide
OpenSSL policies to disable older protocol versions and ciphers
throughout all programs using OpenSSL. This can result in significant
number of interoperability issues with deployed EAP implementations.

Allow explicit wpa_supplicant (EAP peer) and hostapd (EAP server)
parameters to be used to request systemwide policies to be overridden if
older versions are needed to be able to interoperate with devices that
cannot be updated to support the newer protocol versions or keys. The
default behavior is not changed here, i.e., the systemwide policies will
be followed if no explicit override configuration is used. The overrides
should be used only if really needed since they can result in reduced
security.

In wpa_supplicant, tls_disable_tlsv1_?=0 value in the phase1 network
profile parameter can be used to explicitly enable TLS versions that are
disabled in the systemwide configuration. For example,
phase1="tls_disable_tlsv1_0=0 tls_disable_tlsv1_1=0" would request TLS
v1.0 and TLS v1.1 to be enabled even if the systemwide policy enforces
TLS v1.2 as the minimum version. Similarly, openssl_ciphers parameter
can be used to override systemwide policy, e.g., with
openssl_ciphers="DEFAULT@SECLEVEL=1" to drop from security level 2 to 1
in Debian to allow shorter keys to be used.

In hostapd, tls_flags parameter can be used to configure similar
options. E.g., tls_flags=[ENABLE-TLSv1.0][ENABLE-TLSv1.1]

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-05 17:14:26 +02:00
Jouni Malinen
e3afbd796c OSEN: Disable TLS v1.3 by default
TLS v1.3 was already disabled by default for EAP-FAST, EAP-TTLS,
EAP-PEAP, and EAP-TLS, but the unauthenticated client cases of EAP-TLS
-like functionality (e.g., the one used in OSEN) were missed. Address
those EAP types as well in the same way of disabling TLS v1.3 by default
for now to avoid functionality issues with TLS libraries that enable TLS
v1.3 by default.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-05 16:52:05 +02:00
Jouni Malinen
568e890e76 OpenSSL: Fix build with OpenSSL 1.0.2
SSL_use_certificate_chain_file() was added in OpenSSL 1.1.0, so need to
maintain the old version using SSL_use_certificate_file() for backwards
compatibility.

Fixes: 658c39809b ("OpenSSL: Load chain certificates from client_cert file")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-05 11:33:40 +02:00
Jouni Malinen
cc0a04ac86 tests: Split mbo_supp_oper_classes into multiple test cases
In addition, add even more workarounds for cfg80211 regulatory state
clearing since this test case seems to be the most likely one to fail
due to country=98 issues.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-05 00:21:41 +02:00
Jouni Malinen
02a4ac0feb tests: WPA2-PSK-FT AP over DS and separate hostapd process
This is a regression test case for FT-over-DS that got broken on
mac80211-based drivers when the extra key reinstallation checks were
added.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-04 23:22:46 +02:00
Jouni Malinen
4cf5efece3 FT: Allow STA entry to be removed/re-added with FT-over-the-DS
FT-over-the-DS has a special case where the STA entry (and as such, the
TK) has not yet been configured to the driver depending on which driver
interface is used. For that case, allow add-STA operation to be used
(instead of set-STA). This is needed to allow mac80211-based drivers to
accept the STA parameter configuration. Since this is after a new
FT-over-DS exchange, a new TK has been derived after the last STA entry
was added to the driver, so key reinstallation is not a concern for this
case.

Fixes: 0e3bd7ac68 ("hostapd: Avoid key reinstallation in FT handshake")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-04 23:22:46 +02:00
Jouni Malinen
f808bd59e8 FT: Do not try to use FT-over-air if reassociation cannot be used
There is no point in going through FT authentication if the next step
would have to use association exchange which will be rejected by the AP
for FT, so only allow FT-over-air if previous BSSID is set, i.e., if
reassociation can be used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-04 23:22:46 +02:00
Jouni Malinen
63a7683b2d tests: Split ap_ft_oom into separate test cases
ap_ft_oom seemed to depend on undesired wpa_supplicant behavior of
trying to do FT protocol even without being ready for reassociation.
This is going to be fixed in wpa_supplicant which would make this test
case fail, so split it into separate test cases for each failure item to
be able to avoid incorrect test failures.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-04 23:22:04 +02:00
Jouni Malinen
04e17e5024 tests: Verify that roaming attempts do not get rejected
The previous roam() and roam_over_ds() checks would have ignored failing
association rejection if a consecutive attempt to connect succeeds
within the initial time limit. This can miss incorrect behavior, so
check explicitly for association rejection.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-04 20:27:40 +02:00
Jouni Malinen
de027ef595 tests: P2PS stale group removal
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-04 13:19:20 +02:00
Jouni Malinen
19c3a9a88d P2PS: Notify D-Bus about removal of a stale/empty persistent group
During P2PS PD Request processing wpa_supplicant removes stale and empty
persistent groups, but it did not notify D-Bus to unregister object. Fix
this by adding the missing notifications.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-04 13:19:20 +02:00
Amit Khatri
69dc9cabcc P2PS: Notify D-Bus about removal of a stale persistent group
During P2PS PD Request processing wpa_supplicant removes stale
persistent groups, but it did not notify D-Bus to unregister object.
This can result in leaving behind objects pointing to freed memory and
memory leaks. Sometime it can cause a crash in wpa_config_get_all()
function and DBUS_ERROR_OBJECT_PATH_IN_USE errors.

Fix this by adding the missed notification to D-Bus code to unregister
the object.

Signed-off-by: Amit Khatri <amit7861234@gmail.com>
2019-01-04 13:19:12 +02:00
Jouni Malinen
ebf25480bb tests: Fix P2P-GROUP-STARTED event parsing for persistent groups
Do not set the 'ip_addr' value from the "[PERSISTENT]" flag.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-04 11:44:48 +02:00
Peter Oh
0332c27e32 mesh: Consider mesh interface on DFS event handler
Once mesh starts supporting DFS channels, it has to handle DFS related
events from drivers, hence add mesh interface to the check list.

Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-03 13:31:55 +02:00
Peter Oh
fed51174d6 mesh: Reflect country setting to mesh configuration for DFS
wpa_supplicant configuration has country parameter that is supposed to
be used in AP mode to indicate supporting IEEE 802.11h and 802.11d.
Reflect this configuration to Mesh also since Mesh is required to
support 802.11h and 802.11d to use DFS channels.

Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
2019-01-03 13:26:47 +02:00
Peter Oh
2564184440 mesh: Apply channel attributes before setup interface
This helps mesh interface initialization with correct channel
parameters.

Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
2019-01-03 13:13:07 +02:00
Peter Oh
3ba4a25e5d mesh: Set interface type to mesh before setting interface
Correct interface type is required to start DFS CAC that can be
triggered during interface setup.

Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
2019-01-03 13:02:56 +02:00
Peter Oh
c95619c211 mesh: Set mesh VHT center frequency
VHT center frequency value is required to compose the correct channel
info.

Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
2019-01-03 12:59:25 +02:00
Peter Oh
4b5453cedd mesh: Relocate RSN initialization
RSN initialization should work together with mesh join when it's used.
Since mesh join could be called at a different stage if DFS channel is
used, relocate the RSN initialization call to mesh join. It is still the
same call flow of mesh join before this if non-DFS channels are used,
hence no significant side effect will occur.

Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
2019-01-03 12:36:34 +02:00
Peter Oh
0daa7b75fa mesh: Factor out mesh join function
Mesh join function consists of two parts which are preparing
configurations and sending join event to the driver. Since physical mesh
join event could happen either right after mesh configuration is done or
after CAC is done in case of DFS channel is used, factor out the
function into two parts to reduce redundant calls.

Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
2019-01-03 12:35:56 +02:00
Peter Oh
03d9019811 tests: Update mesh_oom to match implementation change
The number of direct allocation within wpa_supplicant_mesh_init()
has been reduced due to RSN init function is factored out.

Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
2019-01-03 12:07:17 +02:00
Peter Oh
1877842904 mesh: Factor out RSN initialization
RSN initialization can be used in different phases if mesh
initialization and mesh join don't happen in sequence such as DFS CAC is
done in between, hence factor it out to help convering the case. This
can also get rid of unnecessary indentation by handling the
mconf->security != MESH_CONF_SEC_NONE functionality in a helper
function.

Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
2019-01-03 12:04:23 +02:00
Hagai Moshe
b9eb717f85 wpa_cli: Add command for setting PSK_PASSPHRASE
Setting mem_only_psk=1 in the wpa_supplicant configuration prevents the
passphrase from being stored in the configuration file. wpa_supplicant
will request the PSK passphrase over the control interface in such case
and this new wpa_cli command can be used to set the psk_passphrase.

usage:
psk_passphrase <network id> <psk_passphrase>

Signed-off-by: Hagai Moshe <hagai.moshe@tandemg.com>
Signed-off-by: Simon Dinkin <simon.dinkin@tandemg.com>
2019-01-03 00:52:51 +02:00
Alex Khouderchah
38b405c8f0 dbus: Expose authentication status to D-Bus
wpa_supplicant currently logs CTRL-EVENT-AUTH-FAILED errors when
authentication fails, but doesn't expose any property to the D-Bus
interface related to this.

This change adds the "AuthStatusCode" property to the interface, which
contains the IEEE 802.11 status code of the last authentication.

Signed-off-by: Alex Khouderchah <akhouderchah@chromium.org>
2019-01-03 00:39:12 +02:00
Matthew Wang
80d06d0ca9 dbus: Export BSS Transition Management status
Add new Interface properties "BSSTMStatus", which carries the status of
the most recent BSS Transition Management request. This property will be
logged in UMA to measure 802.11v success.

Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
2019-01-03 00:27:01 +02:00
Matthew Wang
2bbad1c7c9 dbus: Export roam time, roam complete, and session length
Add new Interface properties "RoamTime", "RoamComplete", and
"SessionLength". "RoamTime" carries the roam time of the most recent
roam in milliseconds. "RoamComplete" carries True or False corresponding
to the success status of the most recent roam. "SessionLength" carries
the number of milliseconds corresponding to how long the connection to
the last AP was before a roam or disconnect happened.

Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
2019-01-03 00:20:34 +02:00
Jouni Malinen
fef133e99c tests: AP VLAN with WPA2-Enterprise and local file setting VLAN IDs
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 23:50:35 +02:00
Nils Nieuwejaar
ba4f3224ae Allow remote RADIUS authentication with local VLAN management
The documentation in the hostapd.conf file says that the dynamic_vlan
variable is used to control whether VLAN assignments are accepted from a
RADIUS server. The implication seems to be that a static VLAN assignment
will come from the accept_mac_file if dynamic_vlan is set to 0, and a
dynamic assignment will come from the RADIUS server if dynamic_vlan is
set to 1. Instead, I'm seeing that the static settings from the
accept_mac_file are ignored if dynamic_vlan is set to 0, but used if
dynamic_vlan is set to 1. If dynamic_vlan is set to 1 and the RADIUS
server does not provide a VLAN, then the accept_mac_file assignment is
overridden and the STA is assigned to the default non-VLANed interface.

If my understanding of the expected behavior is correct, then I believe
the problem is in ap_sta_set_vlan(). That routine checks the
dynamic_vlan setting, but has no way of determining whether the incoming
vlan_desc is static (i.e., from accept_mac_file) or dynamic (i.e., from
a RADIUS server).

I've attached a patch that gets hostapd working as I believe it's meant
to, and updates the documentation to make the implicit behavior
explicit.

The functional changes are:

- hostapd_allowed_address() will always extract the vlan_id from the
  accept_macs file. It will not update the vlan_id from the RADIUS cache
  if dynamic_vlan is DISABLED.

- hostapd_acl_recv_radius() will not update the cached vlan_id if
  dynamic_vlan is DISABLED.

- ieee802_1x_receive_auth() will not update the vlan_id if dynamic_vlan
  is DISABLED.

More cosmetic:

Most of the delta is just moving code out of ieee802_1x_receive_auth()
into a new ieee802_1x_update_vlan() routine. While I initially did this
because the new DISABLED check introduced excessive indentation, it has
the added advantage of eliminating the vlan_description allocation and
os_memset() call for all DYNAMIC_VLAN_DISABLED configs.

I've done a couple rounds of review offline with Michael Braun (who has
done much of the work in this part of the code) and incorporated his
feedback.

If dynamic_vlan=0 (disabled), vlan assignments will be managed using the
local accept_mac_file ACL file, even if a RADIUS server is being used
for user authentication. This allows us to manage users and devices
independently.

Signed-off-by: Nils Nieuwejaar <nils.nieuwejaar@gmail.com>
2019-01-02 23:27:49 +02:00
Jouni Malinen
ed87f6a80e Use a helper function for checking Extended Capabilities field
The new ieee802_11_ext_capab() and wpa_bss_ext_capab() functions can be
used to check whether a specific extended capability bit is set instead
of having to implement bit parsing separately for each need.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 18:13:19 +02:00
Jouni Malinen
2e2f0f45de tests: [UTF-8] flag in scan results
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 17:58:42 +02:00
Jouni Malinen
e6b0898da3 Add [FST] and [UTF-8] flags to BSS command output
These flags were used in SCAN_RESULTS command output, but not BSS. Make
these consistent by adding the flags to BSS as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 17:58:31 +02:00
Jouke Witteveen
1f2c42cc7f Show [UTF-8] flag if the SSID is reported as UTF-8
Signed-off-by: Jouke Witteveen <j.witteveen@gmail.com>
2019-01-02 17:58:05 +02:00
Mikael Kanstrup
e5904cf464 crypto internal: Make MD4 PADDING array const
The PADDING array used when adding padding bits in MD4 never change
so can be made const. Making it const puts the array in .rodata
section and can save a few bytes of RAM for systems running without
virtual memory.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
2019-01-02 17:26:57 +02:00
Markus Theil
6ca4949ae1 RRM: Update own neighbor report on channel switch
After performing a successful channel switch, the AP should update its
own neighbor report element, so do this from src/ap/drv_callbacks.c
after a successful switch.

Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
2019-01-02 16:47:12 +02:00
Markus Theil
0998d9bd41 RRM: Move neighbor report functions
Move functions corresponding to neighbor report elements to
src/ap/neighbor_db.[c,h] in preparation to using them after channel
switch from src/ap/drv_callbacks.c.

Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
2019-01-02 16:47:09 +02:00
Jouni Malinen
dc67982381 hostapd: Fix a typo in function name
This was supposed to use "hostapd_" prefix.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 16:40:34 +02:00
Ilan Peer
6ec02d77d6 crypto: Reduce the size of sha512_compress() stack frame
The function sha512_compress() has a local variable that consumes 640
bytes. This is very heavy for embedded devices that have limited stack
resources. Handle this by replacing the static allocation with a dynamic
one.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2019-01-02 16:31:19 +02:00
Avraham Stern
d6e7d4dede hostapd_cli: Add option to send beacon report request
This new 'req_beacon' command is useful for testing.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2019-01-02 16:26:11 +02:00
Avraham Stern
8d09cf52a5 tests: Beacon report last frame indication
Verify that the beacon report contains the last beacon report
indication subelement when requested in the beacon request.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2019-01-02 16:26:11 +02:00
Avraham Stern
ecef0687dc RRM: Support for Last Beacon Report Indication subelement
IEEE P802.11-REVmd/D2.0, 9.4.2.20.7 (Beacon request) and 9.4.2.21.7
(Beacon report) add the Last Beacon Report Indication subelement to
Beacon Request and Beacon Report elements.

Add the Last Beacon Report Indication subelement to all Beacon Report
elements if the Beacon Request indicated that this subelement is
requested.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2019-01-02 16:26:11 +02:00
Avraham Stern
ec5b899040 tests: Beacon report frame body fragmentation
Verify that when the frame body subelement causes the
measurement report element to exceed the maximum element size,
the beacon report is fragmented and the frame body fragment ID
subelement is added with the correct fragment number.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2019-01-02 16:26:11 +02:00
Jouni Malinen
aa7386e92a tests: Update rrm_beacon_req_table_rsne to expect full RSNE
Now that wpa_supplicant is sending out full RSNE instead of the
fragmented one, update this test case to match.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 16:26:11 +02:00
Avraham Stern
3ec118780a RRM: Add support for beacon report fragmentation
When the frame body subelement would cause the measurement report
element to exceed the maximum element size, the frame body subelement
used to be truncated. In addition, some elements were always truncated
in order to keep the reported frame body short (e.g. RSN IE).

Alternatively, IEEE P802.11-REVmd/D2.0, 9.4.2.21.7 extension to Beacon
reporting can be used: The frame body subelement is fragmented across
multiple beacon report elements, and the reported frame body fragment ID
subelement is added.

Use beacon report fragmentation instead of truncating the frame body
as this method gives the AP a more complete information about the
reported APs.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2019-01-02 15:54:55 +02:00
Jouni Malinen
6a94fdf21a tests: D-Bus P2P peer information - VSIE
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 13:00:57 +02:00
Nishant Chaprana
46efa3dae0 dbus: Add vendor specific information element in peer properties
Make vendor specific information elements (VSIE) available in peer
properties, so that VSIE of a specific peer can be retrieved using
peer's object path.

Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
2019-01-02 13:00:57 +02:00
Jouni Malinen
e3523cece4 tests: Fix p2p_ext_discovery_go to write to logger, not stdout
The error case debug print should go to logger.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 13:00:57 +02:00
Jouni Malinen
720a2e7906 tests: Data connectivity after REAUTHENTICATE
Verify that not updating GTK (i.e., only update PTK) in the driver does
not break connectivity. This case is different after the check for
"already in-use GTK" and rejection of GTK reinstallation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 12:28:16 +02:00
Jouni Malinen
7814838f92 eloop: Fix kqueue event deletion filter
EV_SET() for EV_ADD used a specific filter type, but that same filter
type was not provided to the matching EV_DELETE case. This resulted in
the kernel rejecting the deletion with "Invalid argument". Fix this by
setting the same filter type for both operations.

Fixes: f9982b3212 ("Implement kqueue(2) support via CONFIG_ELOOP_KQUEUE")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 12:11:52 +02:00
Jouni Malinen
7153bd4674 eloop: Fix fd_table allocation for epoll and kqueue
The previous implementation did not work if the first registered socket
had fd > 16 or if the fd was more than double the largest value used in
previous registrations. Those cases could result in too small a memory
allocation being used and writes/reads beyond the end of that buffer.

This fix is applicable to CONFIG_ELOOP_EPOLL=y and CONFIG_ELOOP_KQUEUE=y
builds.

Fixes: f0356ec85c ("eloop: Add epoll option for better performance")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 11:57:00 +02:00
Lubomir Rintel
89a7cdd690 crypto: Add option to use getrandom()
According to random(4) manual, /dev/random is essentially deprecated on
Linux for quite some time:

"The /dev/random interface is considered a legacy interface, and
/dev/urandom is preferred and sufficient in all use cases, with the
exception of applications which require randomness during early boot
time; for these applications, getrandom(2) must be used instead, because
it will block until the entropy pool is initialized."

An attempt to use it would cause unnecessary blocking on machines
without a good hwrng even when it shouldn't be needed. Since Linux 3.17,
a getrandom(2) call is available that will block only until the
randomness pool has been seeded.

It is probably not a good default yet as it requires a fairly recent
kernel and glibc (3.17 and 2.25 respectively).

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
2019-01-02 01:24:18 +02:00