Commit graph

12322 commits

Author SHA1 Message Date
Michael Braun
eefe863015 FT RRB: Add msg replay and msg delay protection
This adds a counter and adds sequence numbering to FT RRB packets. The
sequence number is checked against r0kh/r1kh sequence number cache.

Special attention is needed in case the remote AP reboots and thus loses
its state. I prefer it to recover automatically even without synchronized
clocks. Therefore an identifier called dom is generated randomly along the
initial sequence number. If the dom transmitted does not match or the
sequence number is not in the range currently expected, the sender is asked
for a fresh confirmation of its currently used sequence numbers. The packet
that triggered this is cached and processed again later.

Additionally, in order to ensure freshness, the remote AP includes an
timestamp with its messages. It is then verified that the received
messages are indeed fresh by comparing it to the older timestamps
received and the time elapsed since then. Therefore FT_RRB_TIMESTAMP is
no longer needed.

This assigns new OUI 00:13:74 vendor-specific subtype 0x0001 subtypes:
4 (SEQ_REQ) and 5 (SEQ_RESP).

This breaks backward compatibility, i.e., hostapd needs to be updated
on all APs at the same time to allow FT to remain functional.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-05-03 22:16:14 +03:00
Jouni Malinen
c95dd8e48b tests: FT using old style key for AP-to-AP protocol
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-03 21:55:29 +03:00
Michael Braun
9441a227ac tests: Update FT test cases for new RRB message format
This updates the AP-to-AP keys to the longer form and OOM test case
functions to match the new implementation.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-05-03 21:55:29 +03:00
Michael Braun
245fc96e5f FT: New RRB message format
Convert FT RRB into a new TLV based format. Use AES-SIV as AEAD cipher
to protect the messages.

This needs at least 32 byte long keys. These can be provided either
by a config file change or letting a KDF derive the 32 byte key used
from the 16 byte key given.

This breaks backward compatibility, i.e., hostapd needs to be updated on
all APs at the same time to allow FT to remain functional.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-05-03 21:55:29 +03:00
Michael Braun
50bd8e0a90 FT: Replace inter-AP protocol with use of OUI Extended Ethertype
Replace the previously used extension of IEEE 802.11 managed Ethertype
89-0d (originally added for Remote Request/Response in IEEE 802.11r)
with Ethertype 88-b7 (OUI Extended EtherType) for FT inter-AP
communication. The new design uses a more properly assigned identifier
for the messages.

This assigns the OUI 00:13:74 vendor-specific subtype 0x0001 for the new
hostapd AP-to-AP communication purposes. Subtypes 1 (PULL), 2 (RESP),
and 3 (PUSH) are also assigned in this commit for the R0KH-R1KH
protocol.

This breaks backward compatibility, i.e., hostapd needs to be updated on
all APs at the same time to allow FT to remain functional.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-05-03 18:30:31 +03:00
Jouni Malinen
0ed5e9467f tests: Validate kernel behavior in wnm_bss_tm_connect_cmd
The cfg80211 connect command extension to allow roaming request from
user space while connect was added to the kernel, so uncomment the
previously commented out TODO item to verify this behavior.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-03 18:30:31 +03:00
Pradeep Reddy Potteti
f2a04874cf MBO: Fix possible NULL pointer dereference on candidate handling
If the driver provides input on MBO transition candidate handling, the
target value in get_mbo_transition_candidate() can be NULL if the driver
provided BSSID is not found in the wpa_supplicant BSS table. And later
it would be dereferenced. Fix this by adding an explicit check before
dereferencing the pointer.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-03 18:30:31 +03:00
Jouni Malinen
01dd2b1054 ERP: Silence static analyzer warning
The check for erp->keyname_nai within eap_erp_get_key() is apparently
too difficult for some static analyzers to notice. Add an explicit check
for os_strchr() return value being non-NULL to avoid false reports.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-01 22:08:16 +03:00
Jouni Malinen
d912953e37 atheros: Get rid of static analyzer warnings on 0-length memcpy
These functions can potentially be called with ie == NULL and ie_len ==
0. Check explitcitly for the ie == NULL case to avoid confusing
memcpy(dst, NULL, 0) calls.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-01 22:08:16 +03:00
Jouni Malinen
470f08b4f6 Enable CONFIG_WNM=y automatically for CONFIG_MBO=y builds
wpa_supplicant build with MBO enabled failed in CONFIG_WNM=y was not
specified explicitly. Add the WNM dependency automatically to avoid
needing explicit addition in build configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-01 17:39:14 +03:00
Jouni Malinen
f541148257 Fix GAS server ifdef block use
Commit 941caed980 ('MBO: Add MBO
ANQP-element processing on AP') changed the design by using the
rx_anqp_vendor_specific() function to process all ANQP vendor specific
elements. However, the caller for this was within ifdef CONFIG_HS20
block. Fix this by calling the function even in CONFIG_HS20=y is not
included in the build. This fixes CONFIG_MBO=y builds without
CONFIG_HS20=y.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-01 17:39:14 +03:00
Jouni Malinen
8b49b530b3 Fix CONFIG_INTERWORKING=y build without CONFIG_HS20=y
Commit 34f2851902 ('MBO: Parse MBO
ANQP-element on STA') started using the type variable outside
CONFIG_HS20 block, but forgot to remove the ifdef from the variable
declaration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-01 17:39:14 +03:00
Jouni Malinen
87ad672108 tests: Make p2p_service_discovery_peer_not_listening a bit more robust
It was apparently possible for the P2P_FIND operation to terminate
before the peer device was found. Increase the timeout to avoid this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-04-29 22:40:01 +03:00
Jouni Malinen
6abde54555 tests: DISABLE_NETWORK during connection and blacklist behavior
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-29 18:00:26 +03:00
Sunil Dutt
0661163eff Do not blacklist the current AP on DISABLE_NETWORK
Disconnection due to DISABLE_NETWORK while being connected was resulting
in the AP getting blacklisted. Avoid this by setting own_disconnect_req
on a disconnect request due to DISABLE_NETWORK similarly to the
SELECT_NETWORK disconnection case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-29 17:46:36 +03:00
Jouni Malinen
61af1e6618 tests: HT40 with both plus and minus allowed
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-29 16:35:23 +03:00
Peng Xu
ec27b04e60 hostapd: Select a valid secondary channel if both enabled
When starting AP in HT40 mode and both HT40+ and HT40- options are
specified in hostapd.conf, select a valid secondary channel for the AP
automatically.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-29 16:35:23 +03:00
Vidyullatha Kanchanapally
da6a28ba60 FILS: Specify if FILS HLP was sent in connect
This adds a string "FILS_HLP_SENT" to connect event when HLP is sent
as part of ASSOC/CONNECT request.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-29 16:35:23 +03:00
Vidyullatha Kanchanapally
a38090b16d FILS: Add HLP to Connect IEs
Add FILS HLP elements to Connect IEs and fragment them if necessary.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-29 16:35:21 +03:00
Vidyullatha Kanchanapally
1e6780bda9 Allocate dynamic memory for connect IEs
This is needed to allow new elements (e.g., FILS HLP request) to be
added.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-29 16:34:48 +03:00
Ranga Ravuri
9f894823fa PAE: Silence static analyzer warning about NULL pointer dereference
ieee802_1x_kay_move_live_peer() did not check
ieee802_1x_kay_get_potential_peer() result explicitly and a static
analyzer reported a warning about the possible NULL result. This cannot
really happen in practice since the only caller of
ieee802_1x_kay_move_live_peer() verifies that the specific peer entry is
available. Anyway, it is easy to silence the false warning by adding an
explicit check here and cover any other potential case if another caller
is added.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-24 11:38:10 +03:00
Ashwini Patil
9a72bfe9a4 Add control interface command to enable/disable roaming
The new "SET roaming <0/1>" command can now be used to control
driver-based roaming.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-24 11:10:44 +03:00
Jeffin Mammen
fa61bff6ae FILS: Handle authentication/association in partial driver AP SME
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-24 01:07:39 +03:00
Jeffin Mammen
5cee22ca47 FILS: Make handle_auth_fils() re-usable for driver-based AP SME
Allow this function to be called from outside ieee802_11.c and with the
final steps replaced through a callback function.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-24 01:07:39 +03:00
Jeffin Mammen
5e5f8c816b FILS: Move authentication response handling into a helper function
This can be reused when splitting handle_auth_fils() to support the
driver-based AP SME case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-24 01:07:36 +03:00
Jeffin Mammen
b8a3453aca FILS: Pass only IE area to handle_auth_fils()
This function does not need the frame header, so pass in only the IE
area to make it easier to share this for driver-based AP SME handling.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 18:24:38 +03:00
Jeffin Mammen
9392859d7b FILS: Move AssocResp construction to a helper function
This can be reused from driver-based AP SME callback.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 18:20:00 +03:00
Jeffin Mammen
bd59935323 FILS: Move Key Confirm element validation to a helper function
This can be reused from driver-based AP SME callback.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:55:35 +03:00
Jeffin Mammen
087631b985 FILS: Move Session element validation to a helper function
This can be reused from driver-based AP SME callback.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:47:15 +03:00
Jeffin Mammen
cc20edc9f1 FILS: Add FILS auth_alg to driver-based AP SME association handling
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:47:15 +03:00
Jeffin Mammen
957bff83c4 FILS: Add driver-AP SME callback to set TK after association
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:47:15 +03:00
Jeffin Mammen
8acbf85fa2 FILS: Add FILS AEAD parameters for sta_auth() calls
This is used with partial AP SME in driver cases to enable FILS
association (AES-SIV) processing.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:47:15 +03:00
Jeffin Mammen
f46c154c59 atheros: Add FILS AAD parameters in sta_auth() handler
This is needed to allow the driver SME to perform the needed AES-SIV
operations during FILS association.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:47:15 +03:00
Jeffin Mammen
6b128fb2af driver: Move sta_auth() arguments to a struct
This makes it easier to add more parameters without having to change the
callback function prototype.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:47:12 +03:00
Jeffin Mammen
d7cff1d871 atheros: Enable raw management frame receive for FILS builds
This is needed to be able to process authentication and association
frames for FILS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-21 19:37:32 +03:00
Jeffin Mammen
2b7a8ec473 atheros: Read driver FILS capability
This will be used to determine what type of operations to use for STA
authentication and association.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-21 19:37:27 +03:00
Jeffin Mammen
d5444aac4c FILS: Add FILS Indication element into Beacon/Probe Response template
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-21 18:44:59 +03:00
Sunil Dutt
8befe8a993 Define a QCA attribute to specify the PCL policy for external ACS
This commit defines an attribute
QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_POLICY to signify the preferred
channel list policy for external ACS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-20 22:49:08 +03:00
Jouni Malinen
2087feb6b5 tests: WPS and random UUID on Enrollee
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-13 21:45:57 +03:00
Jouni Malinen
183d3924cf WPS: Add option for using random UUID
If the uuid configuration parameter is not set, wpa_supplicant generates
an UUID automatically to allow WPS operations to proceed. This was
previously always using an UUID generated from the MAC address. This
commit adds an option to use a random UUID instead. The type of the
automatically generated UUID is set with the auto_uuid parameter: 0 =
based on MAC address (default; old behavior), 1 = random UUID.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-13 17:38:55 +03:00
Jouni Malinen
c27a6c6252 tests: GTK rekeying after FILS authentication
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-10 16:19:26 +03:00
Vidyullatha Kanchanapally
b44d1efd28 FILS: Fix key info in GTK rekey EAPOL-Key msg 2/2
While responding to EAPOL-Key message 1/2 with EAPOL-Key message 2/2
when using FILS AKM suites the ENCRYPTED bit is not set in key info of
2/2 which causes AP to drop 2/2. Fix this by setting the ENCRYPTED bit
since FILS AKM based connection uses AEAD encryption/decryption.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-10 16:18:11 +03:00
Vidyullatha Kanchanapally
04243740c9 FILS: Fix GTK rekey by accepting EAPOL-Key msg 1/2 with FILS AKM
GTK rekeying was rejected if a prior 4-way handshake is not done.
Fix this by allowing GTK rekey to happen in case of a FILS connection
since it does not involve a 4-way handshake.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-10 16:11:41 +03:00
Vidyullatha Kanchanapally
bbe7969d63 FILS: Update cache identifier on association
This is needed when offloading FILS shared key to the drivers.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 18:59:12 +03:00
Vidyullatha Kanchanapally
f705f41b7f FILS: Update PMKSA cache with FILS shared key offload
Add a new PMKSA cache entry within wpa_supplicant if a driver event from
offloaded FILS shared key authentication indicates a new PMKSA entry was
created.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 18:46:13 +03:00
Vidyullatha Kanchanapally
01ef320f19 FILS: Update ERP next sequence number with driver offload
This keeps the internal ERP information within wpa_supplicant in sync
with the driver when offloading FILS shared key authentication.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 18:46:13 +03:00
Vidyullatha Kanchanapally
5538fc9309 FILS: Track completion with FILS shared key authentication offload
Update the internal fils_completed state when offloading FILS shared key
authentication to the driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 18:46:13 +03:00
Vidyullatha Kanchanapally
8b0a6dba87 FILS: Connect request for offloaded FILS shared key authentication
Add FILS/ERP parameters into the driver connect command to support FILS
shared key authentication offload.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 18:46:13 +03:00
Vidyullatha Kanchanapally
79f3121bb4 FILS: Set cache identifier in current PMKSA entry for driver-SME case
This was already done in sme_send_authentication() for the case where
wpa_supplicant SME is used. Similar change is needed for driver-SME to
allow FILS authentication to be offloaded to the driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 18:46:13 +03:00
Jouni Malinen
fcd87103be tests: Update erp_home_realm function name for erp_home_realm_oom
This function got renamed, so need to update the OOM test case to use
the new function name when matching backtrace information.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 18:46:13 +03:00