Commit graph

8281 commits

Author SHA1 Message Date
Arun Kumar Khandavalli
d939a8cb49 Add a vendor attribute for specifying ethernet protocol type
This new QCA vendor attribute adds provision to specify the
ethernet protocol id from userspace to the packets which are
offloaded to the driver/firmware (e.g., IPv4, IPv6).

Signed-off-by: Arun Kumar Khandavalli <akhandav@codeaurora.org>
2019-02-21 12:18:19 +02:00
Davina Lu
66819b07b5 hostapd: Support Multi-AP backhaul STA onboarding with WPS
The Wi-Fi Alliance Multi-AP Specification v1.0 allows onboarding of a
backhaul STA through WPS. To enable this, the WPS Registrar offers a
different set of credentials (backhaul credentials instead of fronthaul
credentials) when the Multi-AP subelement is present in the WFA vendor
extension element of the WSC M1 message.

Add new configuration options to specify the backhaul credentials for
the hostapd internal registrar: multi_ap_backhaul_ssid,
multi_ap_backhaul_wpa_psk, multi_ap_backhaul_wpa_passphrase. These are
only relevant for a fronthaul SSID, i.e., where multi_ap is set to 2 or
3. When these options are set, pass the backhaul credentials instead of
the normal credentials when the Multi-AP subelement is present.

Ignore the Multi-AP subelement if the backhaul config options are not
set. Note that for an SSID which is fronthaul and backhaul at the same
time (i.e., multi_ap == 3), this results in the correct credentials
being sent anyway.

The security to be used for the backaul BSS is fixed to WPA2PSK. The
Multi-AP Specification only allows Open and WPA2PSK networks to be
configured. Although not stated explicitly, the backhaul link is
intended to be always encrypted, hence WPA2PSK.

To build the credentials, the credential-building code is essentially
copied and simplified. Indeed, the backhaul credentials are always
WPA2PSK and never use per-device PSK. All the options set for the
fronthaul BSS WPS are simply ignored.

Signed-off-by: Davina Lu <ylu@quantenna.com>
Signed-off-by: Igor Mitsyanko <igor.mitsyanko.os@quantenna.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Marianna Carrera <marianna.carrera.so@quantenna.com>
2019-02-18 22:35:41 +02:00
Davina Lu
83ebf55865 wpa_supplicant: Support Multi-AP backhaul STA onboarding with WPS
The Wi-Fi Alliance Multi-AP Specification v1.0 allows onboarding of a
backhaul STA through WPS. To enable this, the backhaul STA needs to add
a Multi-AP IE to the WFA vendor extension element in the WSC M1 message
that indicates it supports the Multi-AP backhaul STA role. The Registrar
(if it support Multi-AP onboarding) will respond to that with a WSC M8
message that also contains the Multi-AP IE, and that contains the
credentials for the backhaul SSID (which may be different from the SSID
on which WPS is performed).

Introduce a new parameter to wpas_wps_start_pbc() and allow it to be
set via control interface's new multi_ap=1 parameter of WPS_PBC call.
multi_ap_backhaul_sta is set to 1 in the automatically created SSID.
Thus, if the AP does not support Multi-AP, association will fail and
WPS will be terminated.

Only wps_pbc is supported.

This commit adds the multi_ap argument only to the control socket
interface, not to the D-Bus interface.

Since WPS associates with the fronthaul BSS instead of the backhaul BSS,
we should not drop association if the AP announces fronthaul-only BSS.
Still, we should only do that in the specific case of WPS. Therefore,
add a check to multi_ap_process_assoc_resp() to allow association with a
fronthaul-only BSS if and only if key_mgmt contains WPS.

Signed-off-by: Davina Lu <ylu@quantenna.com>
Signed-off-by: Igor Mitsyanko <igor.mitsyanko.os@quantenna.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Cc: Marianna Carrera <marianna.carrera.so@quantenna.com>
2019-02-18 22:35:41 +02:00
Arnout Vandecappelle (Essensium/Mind)
56a2d788f9 WPS: Add multi_ap_subelem to wps_build_wfa_ext()
The Multi-AP specification adds a new subelement to the WFA extension
element in the WPS exchange. Add an additional parameter to
wps_build_wfa_ext() to add this subelement. The subelement is only added
if the parameter is nonzero. Note that we don't reuse the existing
MULTI_AP_SUB_ELEM_TYPE definition here, but rather define a new
WFA_ELEM_MULTI_AP, to make sure the enum of WFA subelement types for WPS
vendor extension remains complete.

For now, all callers set the multi_ap_subelem parameter to 0.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-02-18 20:30:26 +02:00
Arnout Vandecappelle (Essensium/Mind)
bfcdac1c8b Multi-AP: Don't reject backhaul STA on fronthaul BSS
The Multi-AP specification only specifies that information elements have
to be added to the Association Request and Association Response frame;
it doesn't specify anything about what should be done in case they are
missing. Previously, we rejected non-backhaul associations on a
backhaul-only BSS, and non-fronthaul associations on a fronthaul-only
BSS.

However, this makes WPS fail when fronthaul and backhaul are separate
SSIDs. Indeed, WPS for the backhaul link is performed on the *fronthaul*
SSID. Thus, the Association Request frmae used for WPS *will* contain
the Multi-AP IE indicating a backhaul STA. Rejecting that association
makes WPS fail.

Therefore, accept a multi-AP backhaul STA Association Request frame on a
fronthaul-only BSS. Still issue a warning about it, but only at level
DEBUG intead of INFO. Also change the condition checking to make it
clearer.

While we're at it, also fix the handling of unexpected bits in the
Multi-AP IE. 4 bits are reserved in the specification, so these
certainly have to be ignored. The specification also doesn't say that
setting one of the other bits is not allowed. Therefore, only report
unexpected values in the Multi-AP IE, don't reject because of it. Note
that a malformed IE (containing more than one byte) still triggers a
rejection.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-02-18 20:21:01 +02:00
Jouni Malinen
2fae58fdc1 Fix wpa_psk_file parser error case handling
str_token() can return NULL for the name if the remaining token contains
only the delimiter. Fix this to avoid NULL pointer dereference with a
corner case of an invalid value used in the configuration.

Fixes: ec5c39a557 ("AP: Allow identifying which passphrase station used with wpa_psk_file")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-18 18:41:32 +02:00
Jouni Malinen
b0e91e3877 SAE: VLAN assignment based on SAE Password Identifier
The new sae_password parameter [|vlanid=<VLAN ID>] can now be used to
assign stations to a specific VLAN based on which SAE Password
Identifier they use. This is similar to the WPA2-Enterprise case where
the RADIUS server can assign stations to different VLANs and the
WPA2-Personal case where vlanid parameter in wpa_psk_file is used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-17 17:24:23 +02:00
Jouni Malinen
947b5a1532 P2P: Stop listen state if Action frame TX is needed on another channel
This speeds up P2P responses to frames received on an operating channel
in case there is an ongoing P2P listen operation on another channel.
This is applicable to drivers that support multiple channels in
concurrently.

This addresses an issue showing up in the
p2ps_channel_active_go_and_station_different_mcc test case where the
Provision Discovery Request frame can be received on the operating
channel of a group instead of the Listen channel. The response was
delayed until the listen operation timed out and this took too long time
for the peer to receive the response.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-17 16:53:03 +02:00
Jouni Malinen
b3e8ca65a6 P2P: Fix a typo in a debug message
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-17 16:24:34 +02:00
Qun Zhang
31ee2992c7 Add QCA vendor subcmd/attribute to check wlan firmware state
Allow user space applications to check whether wlan firmware is alive
through an nl80211 vendor command.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-15 02:09:41 +02:00
Jouni Malinen
ccaf774767 Add HE Capabilities into ieee802_11_parse_elems()
This is needed to determine whether an association negotiated use of HE.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-15 02:09:41 +02:00
Jouni Malinen
5d68c0acd2 nl80211: (Re)Association Request frame IEs from association event
Process NL80211_ATTR_REQ_IE from the NL80211_CMD_ASSOCIATE event to
allow request IEs to be made available for the SME-in-wpa_supplicant
case similarly to how this is done with SME-in-driver with
NL80211_CMD_CONNECT.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-15 02:09:41 +02:00
Jouni Malinen
dbfa691df4 VLAN assignment based on used WPA/WPA2 passphrase/PSK
Extend wpa_psk_file to allow an optional VLAN ID to be specified with
"vlanid=<VLAN ID>" prefix on the line. If VLAN ID is specified and the
particular wpa_psk_file entry is used for a station, that station is
bound to the specified VLAN. This can be used to operate a single
WPA2-Personal BSS with multiple VLANs based on the used passphrase/PSK.
This is similar to the WPA2-Enterprise case where the RADIUS server can
assign stations to different VLANs.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-14 13:36:54 +02:00
Jouni Malinen
f3a841bbff Do not disassociate not-associated STA on timeout
If the ap_handle_timer() timeout is reached for a not-associated STA, do
not default to disassociating that STA first since Disassociation frame
is not really appropriate to send to a STA that is not in associated
state. Instead, skip directly to deauthentication and STA entry removal.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-11 17:42:53 +02:00
Jouni Malinen
91205c8eb4 OpenSSL: Fix uninitialized variable in CRL reloading corner case
The flags variable needs to be initialized to 0 if check_crl is 0 in
the updated configuration.

Fixes: 159a7fbdea ("crl_reload_interval: Add CRL reloading support")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 14:02:17 +02:00
Jouni Malinen
092a19222b Use for_each_element() in ieee802_11_parse_elems()
Use the new iteration macro to simplify the impelmentation and make it
more consistent with other IE parsers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 13:51:11 +02:00
Johannes Berg
b50a638965 common: Use for_each_element_id/_extid for get_ie/get_ie_ext/get_vendor_ie
Simplifications based on the new iteration macros.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-11 13:37:22 +02:00
Johannes Berg
b644797429 common: Use for_each_element_id() in mb_ies_info_by_ies()
The change is bigger because here we need to catch the error
condition if the last element doesn't fit.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-11 13:37:22 +02:00
Johannes Berg
9008048f0f common: Use for_each_element_id() in ieee802_11_vendor_ie_concat()
Simple cleanup using the new iteration helper macro.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-11 13:37:22 +02:00
Johannes Berg
eb84238df6 common: Use for_each_element() in ieee802_11_ie_count()
Simple cleanup using the new macros.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-11 13:37:22 +02:00
Johannes Berg
0e0c31bdc5 common: Add strongly typed element iteration macros
Rather than always iterating elements from frames with pure
u8 pointers, add a type "struct element" that encapsulates
the id/datalen/data format of them.

Then, add the element iteration macros
 * for_each_element
 * for_each_element_id
 * for_each_element_extid

which take, as their first 'argument', such a structure and
iterate through a given u8 array interpreting it as elements.

While at it also add
 * for_each_subelement
 * for_each_subelement_id
 * for_each_subelement_extid

which instead of taking data/length just take an outer element
and use its data/datalen.

Also add for_each_element_completed() to determine if any of
the loops above completed, i.e., it was able to parse all of
the elements successfully and no data remained.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-11 13:37:22 +02:00
Jouni Malinen
525923b1d7 tests: EAPOL-Key fuzzing tool
Add test-eapol program that can be used for fuzzing the EAPOL-Key
Supplicant and Authenticator implementations. This tool can write
Supplicant or Authenticator messages into a file as an initialization
step and for the fuzzing step, that file (with potential modifications)
can be used to replace the internally generated message contents.

The TEST_FUZZ=y build parameter is used to make a special build where a
hardcoded random number generator and hardcoded timestamp are used to
force deterministic behavior for the EAPOL-Key operations. This will
also make the implementation ignore Key MIC and AES keywrap errors to
allow processing of modified messages to continue further.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
02a0a23939 RSN: Do not start preauthentication timer without candidates
There is no need to schedule the postponed RSN preauthentication start
if there are no candidates. Avoid wasting eloop resources for this.

This is most useful for fuzz testing of the 4-way handshake
implementation to avoid getting stuck waiting for this unnecessary one
second time when using eloop to coordinate the Authenticator and
Supplicant state machines.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
1e5506588d JSON: Fix string parsing when \\ escape is at the end of buffer
This would have resulted in reading one octet past the end of the buffer
before rejecting the string.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
0dedcb3154 JSON: Fix parsing of a number from the end of the buffer
Avoid reading one octet past the end of the buffer when parsing a number
that is at the very end of the buffer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
79fa1b4530 tests: JSON parser fuzzer
test-json can be used for fuzz testing the JSON parser implementation in
src/utils/json.c.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
62269c8d8d TLS: Fix X.509 certificate name conversion into empty string
If none of the supported name attributes are present, the name string
was nul terminated only at the end. Add an explicit nul termination at
the end of the last written (or beginning of the buffer, if nothing is
written) to avoid writing uninitialized data to debug log.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
3eae9766b7 TLS: Fix ASN.1 parsing with no room for the header
Explicitly check the remaining buffer length before trying to read the
ASN.1 header values. Attempt to parse an ASN.1 header when there was not
enough buffer room for it would have started by reading one or two
octets beyond the end of the buffer before reporting invalid data at the
following explicit check for buffer room.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
fbc2123a14 TLS: Fix AlertDescription for missing partial processing case
tlsv1_record_receive() did not return error here and as such, &alert was
not set and must not be used. Report internal error instead to avoid use
of uninitialized memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
1ac9c020b5 tests: TLS fuzzing tool
Add test-tls program that can be used for fuzzing the internal TLS
client and server implementations. This tool can write client or server
messages into a file as an initialization step and for the fuzzing step,
that file (with potential modifications) can be used to replace the
internally generated message contents.

The TEST_FUZZ=y build parameter is used to make a special build where a
hardcoded random number generator and hardcoded timestamp are used to
force deterministic behavior for the TLS operations.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
f3cca8b1ea TLS server: Check credentials have been configured before using them
Allow ServerHello to be built without local credential configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Jouni Malinen
19dd7a736e TLS server: Local failure information on verify_data mismatch
Mark connection state FAILED in this case even though TLS Alert is not
sent.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Jouni Malinen
f08ab18bf9 TLS server: Add internal callbacks get_failed, get_*_alerts
These can be used to implement cleaner termination of the handshake in
case of failures.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Jouni Malinen
b642ab4062 TLS server: More complete logging of ClientHello decode errors
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Jouni Malinen
fdd8a2f0b8 TLS client: Fix peer certificate event checking for probing
conn->cred might be NULL here, so check for that explicitly before
checking whether conn->cred->cert_probe is set. This fixes a potential
NULL pointer dereference when going through peer certificates with
event_cb functionality enabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Jouni Malinen
e5bffe1aa9 OpenSSL: Add more handshake message names to debug
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Jouni Malinen
21cd8f8319 nl80211: Use wpa_ssid_txt() for debug messages more consistently
Print the SSID with printf escaping instead of wpa_hexdump_ascii()
format to clean up the debug log a bit. This was already done for number
of SSID debug prints.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Purushottam Kushwaha
f2a6ac63ee P2P: Update find_start timer only when p2p_scan is started.
p2p->find_start timer was updated on each p2p_find call irrespective of
p2p_find being successful/failed/rejected. For cases where p2p_find was
in progress/pending, another call to p2p_find would be rejected but
p2p->find_start timer would still be updated.

p2p->find_start is maintained in wpa_supplicant to reject the kernel
scan entries before the p2p->find_start time. In above scenario, some of
the scan entries could be discarded even if the Probe Respons frame(s)
were received during the last scan/p2p_find.

This commit changes this to update the p2p->find_start timer only when
call to p2p_find is successful, i.e., a new scan is actually started.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-07 11:56:35 +02:00
Jouni Malinen
c4e90da6d0 MBO: Move the WNM-Notification subtype definitions to common location
Do not use a separate enum for MBO WNM-Notification Request frame
subtype values since these share the same number space with the Hotspot
2.0 ones.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-06 19:10:17 +02:00
Jouni Malinen
105b14f54b HS 2.0: Update the T&C Acceptance subtype value
The previously used value 2 was already assigned for another purpose
(MBO non-preferred channel report), so the newer T&C Acceptable
definition needs to be updated with a unique value.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-06 19:10:17 +02:00
Jouni Malinen
6110753b18 nl80211: Clear PMKID add command message buffer
This command has now been extended to include PMK for offload needs, so
the message buffer needs to be cleared explicitly after use to avoid
leaving such material in heap memory unnecessarily.

Fixes: 061a3d3d53 ("nl80211: Add support for FILS Cache Identifier in add/remove_pmkid()")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-05 23:34:30 +02:00
Jouni Malinen
0fa33e05b4 nl80211: Clear connect command message buffer
This command can include keys (WEP or PSK for offload), so the message
buffer needs to be cleared explicitly after use to avoid leaving such
material in heap memory unnecessarily.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-05 23:34:30 +02:00
Jouni Malinen
b14e8ea1d2 nl80211: Request kernel to trim off payload of netlink requests from acks
We do not need such payload in the acknowledgment, so adding it uses
resources unnecessarily. Furthermore, the original request can include
key material (e.g., NL80211_ATTR_PMK). libnl does not explicitly clear
this received message buffer and it would be inconvenient for
wpa_supplicant/hostapd to try to clear it with the current libnl design
where a duplicated buffer is actually passed to the callback. This means
that keys might be left unnecessarily in heap memory. Avoid this by
requesting the kernel not to copy back the request payload.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-05 23:34:30 +02:00
Jouni Malinen
789b48bb48 EAP peer: Clear temporary message buffers before freeing
These buffers in TLS-based EAP methods might contain keys or password
(e.g., when using TTLS-PAP or PEAP-GTC), so clear them explicitly to
avoid leaving such material into heap memory unnecessarily.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-05 23:34:30 +02:00
Jouni Malinen
d05dda61d8 PEAP: Explicitly clear temporary keys from memory when using CMK
The case of PEAPv0 with crypto binding did not clear some of the
temporary keys from stack/heap when those keys were not needed anymore.
Clear those explicitly to avoid unnecessary caching of keying material.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-02 00:01:29 +02:00
Jouni Malinen
4e1cd3468e EAP-PEAP: Derive EMSK and use 128-octet derivation for MSK
Derive EMSK when using EAP-PEAP to enable ERP. In addition, change the
MSK derivation for EAP-PEAP to always derive 128 octets of key material
instead of the 64 octets to cover just the MSK. This is needed with the
PRF used in TLS 1.3 since the output length is mixed into the PRF
context.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-01 23:52:28 +02:00
Purushottam Kushwaha
59fa205388 P2P: Allow the avoid channels for P2P discovery/negotiation
The avoid channels are notified through
QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY allow minimal traffic, so
enhance the P2P behavior accordingly by considering these avoid
frequencies for P2P discovery/negotiation as long as they are not in
disallowed frequencies list.

Additionally, do not return failure when none of social channels are
available as operation channel, rather, mark the op_channel/op_reg_class
to 0 as this would anyway get selected during the group formation in
p2p_prepare_channel.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-30 12:15:19 +02:00
Jouni Malinen
e34cd9f06e WNM: Fix WNM-Sleep Mode Request bounds checking
ieee802_11_rx_wnmsleep_req() might have been called for a short frame
that has no more payload after the Public Action field, i.e., with len
== 0. The bounds checking for the payload length was done only for the
information elements while the one octet Dialog Token field was read
unconditionally. In the original implementation, this could have
resulted in reading one octet beyond the end of the received frame data.

This case has not been reachable after the commit e0785ebbbd ("Use
more consistent Action frame RX handling in both AP mode paths"), but it
is better to address the specific issue in ieee802_11_rx_wnmsleep_req()
as well for additional protection against accidential removal of the
check and also to have something that can be merged into an older
version (pre-v2.7) if desired. The comments below apply for such older
versions where the case could have been reachable.

Depending on driver interface specific mechanism used for fetching the
frame, this could result in reading one octet beyond the end of a
stack/hash buffer or reading an uninitialized octet from within a
buffer. The actual value that was read as the Dialog Token field is not
used since the function returns immediately after having read this value
when there is no information elements following the field.

This issue was initially added in commit d32d94dbf4 ("WNM: Add
WNM-Sleep Mode implementation for AP") (with CONFIG_IEEE80211V=y build
option) and it remained in place during number of cleanup and fix
changes in this area and renaming of the build parameter to
CONFIG_WNM=y. The impacted function was not included in any default
build without one of the these optional build options being explicitly
enabled. CONFIG_WNM=y is still documented as "experimental and not
complete implementation" in hostapd/defconfig. In addition, commit
114f2830d2 ("WNM: Ignore WNM-Sleep Mode Request in wnm_sleep_mode=0
case") made this function exit before the impact read if WNM-Sleep Mode
support was not explicitly enabled in runtime configuration
(wnm_sleep_mode=1 in hostapd.conf). Commit e0785ebbbd ("Use more
consistent Action frame RX handling in both AP mode paths") made this
code unreachable in practice.

Add an explicit check that the frame has enough payload before reading
the Dialog Token field in ieee802_11_rx_wnmsleep_req().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-28 14:58:17 +02:00
Jared Bents
159a7fbdea crl_reload_interval: Add CRL reloading support
This patch adds a new flag 'crl_reload_interval' to reload CRL
periodically. This can be used to reload ca_cert file and the included
CRL information on every new TLS session if difference between the last
reload and the current time in seconds is greater than
crl_reload_interval.

This reloading is used for cases where check_crl is 1 or 2 and the CRL
is included in the ca_file.

Signed-off-by: Paresh Chaudhary <paresh.chaudhary@rockwellcollins.com>
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
2019-01-27 18:45:07 +02:00
Michal Kazior
ec5c39a557 AP: Allow identifying which passphrase station used with wpa_psk_file
It is now possible to optionally specify keyid for
each wpa_psk_file entry:

 keyid=something 00:00:00:00:00:00 secretpassphrase

When station connects and the passphrase it used
has an associated keyid it will be appended to the
AP-STA-CONNECTED event string:

 wlan0: AP-STA-CONNECTED 00:36:76:21:dc:7b keyid=something

It's also possible to retrieve it through the control interface:

 $ hostapd_cli all_sta
 Selected interface 'ap0'
 00:36:76:21:dc:7b
 ...
 keyid=something

New hostapd is able to read old wpa_psk_file. However, old hostapd will
not be able to read the new wpa_psk_file if it includes keyids.

Signed-off-by: Michal Kazior <michal@plume.com>
2019-01-26 17:52:04 +02:00
Michal Kazior
b08c9ad0c7 AP: Expose PMK outside of wpa_auth module
This doesn't change any behavior on its own. It's going to be used to
expose per-station keyids and allow reloading passphrases in runtime.

Signed-off-by: Michal Kazior <michal@plume.com>
2019-01-26 17:52:04 +02:00
Jouni Malinen
42d308635f SAE: Advertise Password Identifier use
Support the new Extended Capabilities field bits 81 and 82 to indicate
whether SAe Password Identifiers are in use.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-24 00:20:49 +02:00
stonez
fff8da8ace Add a vendor attribution to transfer EVM information
This new QCA vendor attribute indicates the EVM value in netlink.

Signed-off-by: stonez <stonez@codeaurora.org>

:100644 100644 ad5dac2... ede4fc8... M	src/common/qca-vendor.h
2019-01-21 12:28:05 +02:00
Stefan Strogin
67d35396cb Fix build with LibreSSL
When using LibreSSL build fails with:

../src/crypto/tls_openssl.o: in function `tls_connection_client_cert':
../src/crypto/tls_openssl.c:2817: undefined reference to `SSL_use_certificate_chain_file'
collect2: error: ld returned 1 exit status
make: *** [Makefile:1901: wpa_supplicant] Error 1

There is no such function in LibreSSL.

Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com>
2019-01-12 15:26:07 +02:00
Peng Xu
5a3319ab1b P2P: Add 802.11ax support for P2P GO
An optional parameter "he" is added to p2p_connect, p2p_group_add, and
p2p_invite to enable 11ax HE support. The new p2p_go_he=1 configuration
parameter can be used to request this to be enabled by default.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-12 13:09:39 +02:00
Sunil Dutt
9da1641a4c Clarify documentation of avoid channels expectations
The vendor command QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY was defined
to carry the list of avoid frequencies that aim to avoid any
interference with other coexistencies. This recommendation was followed
strictly by trying to prevent WLAN traffic on the impacted channels.

This commit refines the expectation of the interface by defining this
avoid channel list to allow minimal traffic but not heavier one. For
example, P2P may still be able to use avoid list frequencies for P2P
discovery and GO negotiation if the actual group can be set up on a not
impact channel.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-12 12:39:36 +02:00
Siva Mullati
11ce7a1bc3 HE: Add MU EDCA Parameter Set element (AP)
Add support for configuring parameters for the MU EDCA Parameter Set
element per IEEE P802.11ax/D3.0.

Signed-off-by: Siva Mullati <siva.mullati@intel.com>
2019-01-08 17:22:43 +02:00
Jouni Malinen
6bcbda4082 drivers: Set CONFIG_LIBNL32=y automatically based on pkg-config
If the libnl version is not specified explicitly with CONFIG_LIBNL*, try
to check for the most likely case today with pkg-config.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-08 13:31:55 +02:00
Andrey Kartashev
41b747522e drivers: Move libnl related build flags to separate ifdef block
Fix compilation issue if we want to build wpa_supplicant without any
wireless connectivity but only with MACSec support via Linux kernel
driver.

Signed-off-by: Andrey Kartashev <a.s.kartashev@gmail.com>
2019-01-08 13:24:22 +02:00
Mike Siedzik
a07b8a70b5 mka: New MI should only be generated when peer's key is invalid
Two recent changes to MKA create a situation where a new MI is generated
every time a SAK Use parameter set is decoded.  The first change moved
invalid key detection from ieee802_1x_decode_basic_body() to
ieee802_1x_kay_decode_mpkdu():

  commit db9ca18bbf ("mka: Do not ignore MKPDU parameter set decoding failures")

The second change forces the KaY to generate a new MI when an invalid
key is detected:

  commit a8aeaf41df ("mka: Change MI if key invalid")

The fix is to move generation of a new MI from the old invalid key
detection location to the new location.

Fixes: a8aeaf41df ("mka: Change MI if key invalid")
Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2019-01-08 01:12:02 +02:00
Arend van Spriel
d896874f86 nl80211: Indicate 802.1X 4-way handshake offload in connect
Upon issuing a connect request we need to indicate that we want the
driver to offload the 802.1X 4-way handshake for us. Indicate it if
the driver capability supports the offload.

Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com>
2019-01-08 01:12:02 +02:00
Arend van Spriel
436ee2fd93 drivers: Add separate driver flags for 802.1X and PSK 4-way HS offloads
Allow drivers to indicate support for offloading 4-way handshake for
either IEEE 802.1X (WPA2-Enterprise; EAP) and/or WPA/WPA2-PSK
(WPA2-Personal) by splitting the WPA_DRIVER_FLAGS_4WAY_HANDSHAKE flag
into two separate flags.

Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com>
2019-01-08 01:12:02 +02:00
Zefir Kurtisi
10de40c0c8 DFS: Restart pending CAC on interface enable
When an interface is re-enabled after it was disabled during CAC, it
won't ever get active since hostapd is waiting for a CAC_FINISHED while
kernel side is waiting for a CMD_RADAR_DETECT to start a CAC.

This commit checks for a pending CAC when an interface is enabled and if
so restarts its DFS processing.

Signed-off-by: Zefir Kurtisi <zefir.kurtisi@neratec.com>
2019-01-08 01:11:56 +02:00
Bo Chen
27ebadccfb RADIUS client: Cease endless retry for message for multiple servers
In the previous RADIUS client implementation, when there are multiple
RADIUS servers, we kept trying the next server when the current message
can not be acked. It leads to endless retry when all the RADIUS servers
are down.

Fix this by keeping a counter for the accumulated retransmit attempts
for the message, and guarantee that after all the servers failover
RADIUS_CLIENT_MAX_FAILOVER times the message will be dropped.

Another issue with the previous code was that the decision regarding
whether the server should fail over was made immediately after we send
out the message. This patch guarantees we consider whether a server
needs failover after pending ack times out.

Signed-off-by: Bo Chen<bochen@meraki.com>
2019-01-07 23:38:18 +02:00
Kiran Kumar Lokere
166ab0b780 QCA vendor commands to configure HE +HTC capability and OM control Tx
Define QCA vendor command attributes to configure HE +HTC support and
HE operating mode control transmission. This is used to configure the
testbed device.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-07 22:55:20 +02:00
Jouni Malinen
89d79150ac Avoid forward references to enum types in ieee802_11_common.h
These are not allowed in ISO C++ (and well, not really in ISO C either,
but that does not result in compiler warning without pedantic
compilation).

Since ieee802_11_common.h may end up getting pulled into C++ code for
some external interfaces, it is more convenient to keep it free of these
cases. Pull in ieee802_11_defs.h to get enum phy_type defined and move
enum chan_width to common/defs.h (which was already pulled in into
src/drivers/driver.h and src/common/ieee802_11_common.h).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-07 17:26:40 +02:00
Janusz Dziedzic
bb35e2d214 hostapd: Work around an interop connection issue in FT-PSK + WPA-PSK
While the AP is configured to enable both FT-PSK and WPA-PSK, an HP
printer request both AKMs (copied from AP?) in Association Request
frame, but don't add MDIE and don't use FT. This results in the
connection failing.

Next in logs we see:

RSN: Trying to use FT, but MDIE not included
IE - hexdump(len=26): 30 18 01 00 00 0f ac 04 01 00 00 0f ac 04
                      02 00 00 0f ac 02 00 0f ac 04 00 00

This is seen with some HP and Epson printers. Work around this by
stripping FT AKM(s) when MDE is not present and there is still a non-FT
AKM available.

Signed-off-by: Janusz Dziedzic <janusz@plumewifi.com>
2019-01-06 21:10:08 +02:00
Jouni Malinen
b686745c76 Android: Harden wpa_ctrl_open2() against potential race conditions
The Android-specific chmod and chown operations on the client socket
(for communication with wpa_supplicant) did not protect against file
replacement between the bind() and chmod()/chown() calls. If the
directory in which the client socket is created (depends a bit on the
version and platform, but /data/misc/wifi/sockets is commonly used)
allows write access to processes that are different (less privileged)
compared to the process calling wpa_ctrl_open2(), it might be possible
to delete the socket file and replace it with something else (mainly, a
symlink) before the chmod/chown operations occur. This could have
resulted in the owner or permissions of the target of that symlink being
modified.

In general, it would be safest to use a directory which has more limited
write privileges (/data/misc/wifi/sockets normally has 'wifi' group
(AID_WIFI) with write access), but if that cannot be easily changed due
to other constraints, it is better to make wpa_ctrl_open2() less likely
to enable this type of race condition between the operations.

Replace chown() with lchown() (i.e., a version that does not dereference
symlinks) and chmod() with fchmod() on the socket before the bind() call
which is also not going to dereference a symlink (whereas chmod()
would). lchown() is a standard operation, but the fchmod() on the socket
is less so (unspecified behavior in some systems). However, it seems to
work on Linux and in particular, on Android, where this code is
executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-06 20:20:20 +02:00
Dmitry Lebed
59bf0f9713 DFS: Add supported channel bandwidth checking
While selecting a new channel as a reaction to radar event we need to
take into account supported bandwidth for each channel provided via
nl80211. Without this modification hostapd might select an unsupported
channel that would fail during AP startup.

Signed-off-by: Dmitry Lebed <dlebed@quantenna.com>
2019-01-06 12:09:21 +02:00
Dmitry Lebed
75ce63e063 ACS: Add supported channel bandwidth checking
While doing automatic channel selection we need to take into account
supported bandwidth for each channel provided via nl80211. Without this
modification hostapd might select an unsupported channel which would
fail during AP startup.

Signed-off-by: Dmitry Lebed <dlebed@quantenna.com>
2019-01-06 12:04:15 +02:00
Dmitry Lebed
ce6d9ce15b hostapd: Add supported channel bandwidth checking infrastructure
This adds checks to common code to verify supported bandwidth options
for each channel using nl80211-provided info. No support of additional
modes is added, just additional checks. Such checks are needed because
driver/hardware can declare more strict limitations than declared in the
IEEE 802.11 standard. Without this patch hostapd might select
unsupported channel and that will fail because Linux kernel does check
channel bandwidth limitations.

Signed-off-by: Dmitry Lebed <dlebed@quantenna.com>
2019-01-06 11:54:34 +02:00
Dmitry Lebed
4299ad826d nl80211: Add supported bandwidth parsing
Add NL80211_FREQUENCY_ATTR_NO_* channel attributes parsing. This is
needed for correct checking if channel is available in a particular
bandwidth.

Signed-off-by: Dmitry Lebed <dlebed@quantenna.com>
2019-01-06 11:35:31 +02:00
Dmitry Lebed
22dcafc20c ACS: Add support for 160 MHz bandwidth
Add support for 160 MHz BW channels to automatic channel selection
algorithm. Only 36 and 100 channels are supported as 160 MHz channels.

Signed-off-by: Dmitry Lebed <lebed.dmitry@gmail.com>
2019-01-06 01:44:06 +02:00
Jouni Malinen
aae0eece5f EAP-TLS: Update Session-Id derivation with TLS v1.3
Move to the version used in draft-ietf-emu-eap-tls13-03.txt, i.e.,
include the 0x0D prefix and use a different TLS-Exporter() label string.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-05 18:00:26 +02:00
Jouni Malinen
cc9c4feccc OpenSSL: Allow systemwide policies to be overridden
Some distributions (e.g., Debian) have started introducting systemwide
OpenSSL policies to disable older protocol versions and ciphers
throughout all programs using OpenSSL. This can result in significant
number of interoperability issues with deployed EAP implementations.

Allow explicit wpa_supplicant (EAP peer) and hostapd (EAP server)
parameters to be used to request systemwide policies to be overridden if
older versions are needed to be able to interoperate with devices that
cannot be updated to support the newer protocol versions or keys. The
default behavior is not changed here, i.e., the systemwide policies will
be followed if no explicit override configuration is used. The overrides
should be used only if really needed since they can result in reduced
security.

In wpa_supplicant, tls_disable_tlsv1_?=0 value in the phase1 network
profile parameter can be used to explicitly enable TLS versions that are
disabled in the systemwide configuration. For example,
phase1="tls_disable_tlsv1_0=0 tls_disable_tlsv1_1=0" would request TLS
v1.0 and TLS v1.1 to be enabled even if the systemwide policy enforces
TLS v1.2 as the minimum version. Similarly, openssl_ciphers parameter
can be used to override systemwide policy, e.g., with
openssl_ciphers="DEFAULT@SECLEVEL=1" to drop from security level 2 to 1
in Debian to allow shorter keys to be used.

In hostapd, tls_flags parameter can be used to configure similar
options. E.g., tls_flags=[ENABLE-TLSv1.0][ENABLE-TLSv1.1]

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-05 17:14:26 +02:00
Jouni Malinen
e3afbd796c OSEN: Disable TLS v1.3 by default
TLS v1.3 was already disabled by default for EAP-FAST, EAP-TTLS,
EAP-PEAP, and EAP-TLS, but the unauthenticated client cases of EAP-TLS
-like functionality (e.g., the one used in OSEN) were missed. Address
those EAP types as well in the same way of disabling TLS v1.3 by default
for now to avoid functionality issues with TLS libraries that enable TLS
v1.3 by default.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-05 16:52:05 +02:00
Jouni Malinen
568e890e76 OpenSSL: Fix build with OpenSSL 1.0.2
SSL_use_certificate_chain_file() was added in OpenSSL 1.1.0, so need to
maintain the old version using SSL_use_certificate_file() for backwards
compatibility.

Fixes: 658c39809b ("OpenSSL: Load chain certificates from client_cert file")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-05 11:33:40 +02:00
Jouni Malinen
4cf5efece3 FT: Allow STA entry to be removed/re-added with FT-over-the-DS
FT-over-the-DS has a special case where the STA entry (and as such, the
TK) has not yet been configured to the driver depending on which driver
interface is used. For that case, allow add-STA operation to be used
(instead of set-STA). This is needed to allow mac80211-based drivers to
accept the STA parameter configuration. Since this is after a new
FT-over-DS exchange, a new TK has been derived after the last STA entry
was added to the driver, so key reinstallation is not a concern for this
case.

Fixes: 0e3bd7ac68 ("hostapd: Avoid key reinstallation in FT handshake")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-04 23:22:46 +02:00
Nils Nieuwejaar
ba4f3224ae Allow remote RADIUS authentication with local VLAN management
The documentation in the hostapd.conf file says that the dynamic_vlan
variable is used to control whether VLAN assignments are accepted from a
RADIUS server. The implication seems to be that a static VLAN assignment
will come from the accept_mac_file if dynamic_vlan is set to 0, and a
dynamic assignment will come from the RADIUS server if dynamic_vlan is
set to 1. Instead, I'm seeing that the static settings from the
accept_mac_file are ignored if dynamic_vlan is set to 0, but used if
dynamic_vlan is set to 1. If dynamic_vlan is set to 1 and the RADIUS
server does not provide a VLAN, then the accept_mac_file assignment is
overridden and the STA is assigned to the default non-VLANed interface.

If my understanding of the expected behavior is correct, then I believe
the problem is in ap_sta_set_vlan(). That routine checks the
dynamic_vlan setting, but has no way of determining whether the incoming
vlan_desc is static (i.e., from accept_mac_file) or dynamic (i.e., from
a RADIUS server).

I've attached a patch that gets hostapd working as I believe it's meant
to, and updates the documentation to make the implicit behavior
explicit.

The functional changes are:

- hostapd_allowed_address() will always extract the vlan_id from the
  accept_macs file. It will not update the vlan_id from the RADIUS cache
  if dynamic_vlan is DISABLED.

- hostapd_acl_recv_radius() will not update the cached vlan_id if
  dynamic_vlan is DISABLED.

- ieee802_1x_receive_auth() will not update the vlan_id if dynamic_vlan
  is DISABLED.

More cosmetic:

Most of the delta is just moving code out of ieee802_1x_receive_auth()
into a new ieee802_1x_update_vlan() routine. While I initially did this
because the new DISABLED check introduced excessive indentation, it has
the added advantage of eliminating the vlan_description allocation and
os_memset() call for all DYNAMIC_VLAN_DISABLED configs.

I've done a couple rounds of review offline with Michael Braun (who has
done much of the work in this part of the code) and incorporated his
feedback.

If dynamic_vlan=0 (disabled), vlan assignments will be managed using the
local accept_mac_file ACL file, even if a RADIUS server is being used
for user authentication. This allows us to manage users and devices
independently.

Signed-off-by: Nils Nieuwejaar <nils.nieuwejaar@gmail.com>
2019-01-02 23:27:49 +02:00
Jouni Malinen
ed87f6a80e Use a helper function for checking Extended Capabilities field
The new ieee802_11_ext_capab() and wpa_bss_ext_capab() functions can be
used to check whether a specific extended capability bit is set instead
of having to implement bit parsing separately for each need.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 18:13:19 +02:00
Mikael Kanstrup
e5904cf464 crypto internal: Make MD4 PADDING array const
The PADDING array used when adding padding bits in MD4 never change
so can be made const. Making it const puts the array in .rodata
section and can save a few bytes of RAM for systems running without
virtual memory.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
2019-01-02 17:26:57 +02:00
Markus Theil
6ca4949ae1 RRM: Update own neighbor report on channel switch
After performing a successful channel switch, the AP should update its
own neighbor report element, so do this from src/ap/drv_callbacks.c
after a successful switch.

Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
2019-01-02 16:47:12 +02:00
Markus Theil
0998d9bd41 RRM: Move neighbor report functions
Move functions corresponding to neighbor report elements to
src/ap/neighbor_db.[c,h] in preparation to using them after channel
switch from src/ap/drv_callbacks.c.

Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
2019-01-02 16:47:09 +02:00
Jouni Malinen
dc67982381 hostapd: Fix a typo in function name
This was supposed to use "hostapd_" prefix.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 16:40:34 +02:00
Ilan Peer
6ec02d77d6 crypto: Reduce the size of sha512_compress() stack frame
The function sha512_compress() has a local variable that consumes 640
bytes. This is very heavy for embedded devices that have limited stack
resources. Handle this by replacing the static allocation with a dynamic
one.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2019-01-02 16:31:19 +02:00
Avraham Stern
ecef0687dc RRM: Support for Last Beacon Report Indication subelement
IEEE P802.11-REVmd/D2.0, 9.4.2.20.7 (Beacon request) and 9.4.2.21.7
(Beacon report) add the Last Beacon Report Indication subelement to
Beacon Request and Beacon Report elements.

Add the Last Beacon Report Indication subelement to all Beacon Report
elements if the Beacon Request indicated that this subelement is
requested.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2019-01-02 16:26:11 +02:00
Avraham Stern
3ec118780a RRM: Add support for beacon report fragmentation
When the frame body subelement would cause the measurement report
element to exceed the maximum element size, the frame body subelement
used to be truncated. In addition, some elements were always truncated
in order to keep the reported frame body short (e.g. RSN IE).

Alternatively, IEEE P802.11-REVmd/D2.0, 9.4.2.21.7 extension to Beacon
reporting can be used: The frame body subelement is fragmented across
multiple beacon report elements, and the reported frame body fragment ID
subelement is added.

Use beacon report fragmentation instead of truncating the frame body
as this method gives the AP a more complete information about the
reported APs.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2019-01-02 15:54:55 +02:00
Jouni Malinen
7814838f92 eloop: Fix kqueue event deletion filter
EV_SET() for EV_ADD used a specific filter type, but that same filter
type was not provided to the matching EV_DELETE case. This resulted in
the kernel rejecting the deletion with "Invalid argument". Fix this by
setting the same filter type for both operations.

Fixes: f9982b3212 ("Implement kqueue(2) support via CONFIG_ELOOP_KQUEUE")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 12:11:52 +02:00
Jouni Malinen
7153bd4674 eloop: Fix fd_table allocation for epoll and kqueue
The previous implementation did not work if the first registered socket
had fd > 16 or if the fd was more than double the largest value used in
previous registrations. Those cases could result in too small a memory
allocation being used and writes/reads beyond the end of that buffer.

This fix is applicable to CONFIG_ELOOP_EPOLL=y and CONFIG_ELOOP_KQUEUE=y
builds.

Fixes: f0356ec85c ("eloop: Add epoll option for better performance")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-02 11:57:00 +02:00
Lubomir Rintel
89a7cdd690 crypto: Add option to use getrandom()
According to random(4) manual, /dev/random is essentially deprecated on
Linux for quite some time:

"The /dev/random interface is considered a legacy interface, and
/dev/urandom is preferred and sufficient in all use cases, with the
exception of applications which require randomness during early boot
time; for these applications, getrandom(2) must be used instead, because
it will block until the entropy pool is initialized."

An attempt to use it would cause unnecessary blocking on machines
without a good hwrng even when it shouldn't be needed. Since Linux 3.17,
a getrandom(2) call is available that will block only until the
randomness pool has been seeded.

It is probably not a good default yet as it requires a fairly recent
kernel and glibc (3.17 and 2.25 respectively).

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
2019-01-02 01:24:18 +02:00
Ben Greear
2a54979695 wpa_ctrl: Make wpa_cli ping/pong work more reliably
In 2013 or so, IFNAME=foo was prepended to at least the Unix socket
communication from wpa_supplicant to wpa_cli. This broke the (fragile)
logic that made ping/pong work more often when wpa_supplicant is busy
sending logging info to wpa_cli.

Adding check for IFNAME=foo makes this work better.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2019-01-02 00:45:59 +02:00
Isaac Boukris
658c39809b OpenSSL: Load chain certificates from client_cert file
This helps the server to build the chain to trusted CA when PEM encoding
of client_cert is used with multiple listed certificates. This was
already done for the server certificate configuration, but the client
certificate was limited to using only the first certificate in the file.

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
2019-01-02 00:43:26 +02:00
Sergey Matyukevich
fb60dbdcec vlan: Use new bridge ioctl()
Legacy ioctl() through SIOCDEVPRIVATE are deprecated. Follow the
approach taken by bridge-utils and make use of new bridge ioctl's
whenever possible.

For example, using legacy ioctl() breaks dynamic VLAN mode on 32-bit
Linux systems running 64-bit kernels.

Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
2019-01-02 00:23:43 +02:00
Jouni Malinen
28ab9344b5 Use internal EAP server identity as dot1xAuthSessionUserName
If the internal EAP server is used instead of an external RADIUS server,
sm->identity does not get set. Use the identity from the internal EAP
server in such case to get the dot1xAuthSessionUserName value in STA MIB
information.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-01 21:27:54 +02:00
Jouni Malinen
a139ddb6cd browser: Replace deprecated gtk_window_set_wmclass()
Use gtk_window_set_role() instead of the deprecated
gtk_window_set_wmclass().

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-01 20:36:42 +02:00
Jouni Malinen
4b970ee572 HTTP (curl): Replace deprecated ASN1_STRING_data()
Use ASN1_STRING_get0_data() instead of the older ASN1_STRING_data() that
got deprecated in OpenSSL 1.1.0.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-01 20:29:34 +02:00
Ben Greear
22d1b2ecdb HTTP (curl): Fix build with newer OpenSSL versions
The SSL_METHOD patching hack to get proper OCSP validation for Hotspot
2.0 OSU needs cannot be used with OpenSSL 1.1.0 and newer since the
SSL_METHOD structure is not exposed anymore. Fall back to using the
incomplete CURLOPT_SSL_VERIFYSTATUS design to fix the build.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2019-01-01 20:24:07 +02:00
Ben Greear
37f487bb41 HTTP (curl): Use DEFINE_STACK_OF() with newer OpenSSL versions
SKM_sk_num() is not available anymore, so use DEFINE_STACK_OF() to get
the appropriate accessor functions.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2019-01-01 20:14:53 +02:00
Ben Greear
9805bb1bdb HTTP (curl): Use SSL_get_SSL_CTX() helper
The direct ssl->ctx access are not allowed anymore in newer OpenSSL
versions, so use the SSL_get_SSL_CTX() helper for this.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2019-01-01 20:07:19 +02:00
Jouni Malinen
b2f1e5458b hostap: Silence compiler warnings about IFNAMSIZ buffers
Report interface name truncation and reject such cases in Host AP driver
initialization of the AP interface.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-01 19:38:58 +02:00
Jouni Malinen
2ea1fce3d6 OCE: RSSI-based rejection to consider Authentication frames (AP)
Try to make RSSI-based rejection of associating stations a bit less
likely to trigger false rejections by considering RSSI from the last
received Authentication frame. Association is rejected only if both the
Authentication and (Re)Association Request frames are below the RSSI
threshold.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-01 18:18:53 +02:00
Beni Lev
076f1ea1d9 OCE: Add RSSI based association rejection support (AP)
An AP might reject a STA association request due to low RSSI. In such
case, the AP informs the STA the desired RSSI improvement and a retry
timeout. The STA might retry to associate even if the RSSI hasn't
improved if the retry timeout expired.

Signed-off-by: Beni Lev <beni.lev@intel.com>
2019-01-01 18:18:50 +02:00
Beni Lev
19677b77c3 OCE: Add RSSI based association rejection support (STA)
An AP might refuse to connect a STA if it has a low RSSI. In such case,
the AP informs the STA with the desired RSSI delta and a retry timeout.
Any subsequent association attempt with that AP (BSS) should be avoided,
unless the RSSI level improved by the desired delta or the timeout has
expired.

Defined in Wi-Fi Alliance Optimized Connectivity Experience technical
specification v1.0, section 3.14 (RSSI-based association rejection
information).

Signed-off-by: Beni Lev <beni.lev@intel.com>
2019-01-01 17:56:25 +02:00
Jouni Malinen
d8dda601f0 nl80211: Debug print channel list
This makes it a bit easier to figure out how channel list update from
the kernel is taken into use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-01 15:51:10 +02:00
Jouni Malinen
fea49f8f93 nl82011: Make wiphy-specific country (alpha2) available in STATUS-DRIVER
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-31 16:41:24 +02:00
Jouni Malinen
02d53ac351 nl80211: Debug print details from the beacon hint events
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-31 16:29:16 +02:00
Sam Voss
dd5d325b0a hostapd: Add configuration option check_crl_strict
Add the ability to ignore time-based CRL errors from OpenSSL by
specifying a new configuration parameter, check_crl_strict=0.

This causes the following:

- This setting does nothing when CRL checking is not enabled.

- When CRL is enabled, "strict mode" will cause CRL time errors to not
  be ignored and will continue behaving as it currently does.

- When CRL is enabled, disabling strict mode will cause CRL time
  errors to be ignored and will allow connections.

By default, check_crl_strict is set to 1, or strict mode, to keep
current functionality.

Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
2018-12-31 12:51:51 +02:00
Jouni Malinen
52e78198b7 Add internal HMAC-SHA512 implementation to fix NEED_SHA512 builds
Build configurations with CONFIG_TLS=internal and NEED_SHA512 failed due
to missing sha512.c file. Add that file even though this is not really
used in the currently available configuration combinations since DPP and
OWE are the only users of it and the internal crypto implementation
supports neither.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-31 11:57:37 +02:00
Jouni Malinen
a1417c7f96 mka: Log MI update failure in debug log
One of the reset_participant_mi() callers did not log the error. Make
this more consistent with the other callers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-31 01:09:02 +02:00
Jouni Malinen
f9052d6ea5 nl80211: Note interface-removal-from-bridge errors in debug log
One of the linux_br_del_if() calls did not log nl80211-specific entry.
Make this more consistent with the other cases even though
linux_br_add_if() function itself is logging an error in the ioctl()
failure case (but not in the interface not found case).

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-31 01:05:23 +02:00
Hristo Venev
d01203cafc hostapd: Add openssl_ecdh_curves configuration parameter
This makes it possible to use ECDSA certificates with EAP-TLS/TTLS/etc.
It should be noted that when using Suite B, different mechanism is used
to specify the allowed ECDH curves and this new parameter must not be
used in such cases.

Signed-off-by: Hristo Venev <hristo@venev.name>
2018-12-30 17:27:34 +02:00
Hristo Venev
0521c6ebb3 OpenSSL: Add openssl_ecdh_curves parameter
Some versions of OpenSSL need server support for ECDH to be explicitly
enabled, so provide a new parameter for doing so and all
SSL_{,CTX_}set_ecdh_auto() for versions that need it to enable automatic
selection.

Signed-off-by: Hristo Venev <hristo@venev.name>
2018-12-30 17:21:55 +02:00
Jouni Malinen
b98933eafc HS 2.0: DHCP broadcast-to-unicast conversion before address learning
handle_dhcp() was first trying to learn the IP address of an associated
STA before doing broadcast-to-unicast conversion. This could result in
not converting some DHCPACK messages since the address learning part
aborts processing by returning from the function in various cases.

Reorder these operations to allow broadcast-to-unicast conversion to
happen even if an associated STA entry is not updated based on a
DHCPACK.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-30 01:05:18 +02:00
Jaap Keuter
23693c9dac mka: Make ICV Indicator dependant on ICV length
IEEE Std 802.1X-2010, 11.11 describes that the ICV is separate from the
parameter sets before it. Due to its convenient layout the ICV Indicator
'body part' is used to encode the ICV as well.

IEEE Std 802.1X-2010, 11.11.3 describes the encoding of MKPDUs. In
bullet e) is desribed that the ICV Indicator itself is encoded when the
ICV is not 16 octets in length. IEEE Std 802.1Xbx-2014, Table 11-7 note
e) states that it will not be encoded unless the Algorithm Agility
parameter specifies the use of an ICV that is not 16 octets in length.

Therefore the length calculation for the ICV indicator body part must
take into account if the ICV Indicator is to be encoded or not. The
actual encoder of the ICV body already takes care of the rest.

In practice, this change will remove the ICV Indicator parameter set (4
octets before the ICV value itself) since the only defined algorithm
agility value uses an ICV of 16 octets. IEEE Std 802.1X-2010 MKPDU
validation and decoding rules in 11.11.2 and 11.11.4 require the
receipient to handle both cases of ICV Indicator being included or not.

Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
2018-12-30 01:03:30 +02:00
Jouni Malinen
948ba8c294 mka: MIB information
Provide MKA information through the wpa_supplicant control interface MIB
command.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-29 16:52:31 +02:00
Jouni Malinen
8c652ecfbe mka: Provide more status information over control interface
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-29 11:05:39 +02:00
Jouni Malinen
626bc1fac2 mka: Stop trying to generate and distribute new SAK when not key server
It was possible for a participant to first be elected as a key server
and schedule a new SAK to be generated and distributed just to be
followed by another participant being elected as the key server. That
did not stop the participant that disabled key server functionality to
stop generating the new SAK and then trying to distribute it. That is
not correct behavior, so make these steps conditional on the participant
still being a key server when going through the timer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-29 11:05:39 +02:00
Jouni Malinen
4060cb272b mka: Add more debug print details
This makes it a bit easier to try to figure out what is going on with
KaY operations and MKA setup.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-29 11:05:39 +02:00
Jouni Malinen
27859f5203 mka: Fix deleteSAs clearing of principal->new_key
This pointer needs to be cleared when the matching SAK is being removed
from the SAK list. The previous implementation was doing something
pretty strange in the loop by clearing the pointer for any non-matching
key that happened to be iterated through before finding the matching
key. This could probably result in incorrect behavior, but not clearing
the pointer for the matching key could do more harm by causing freed
memory to be referenced.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-29 11:05:39 +02:00
Jouni Malinen
4d91d4a7cc mka: Derive MACsec cipher suite and MKA algorithm table index
Instead of using a specifically set index value from table definition,
use the actual real index of the table entry. This removes need for
maintaining these index values separately. Furthermore, the
mka_alg_tbl[] index was already off-by-one (but not used anywhere).

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-29 11:05:39 +02:00
Jaap Keuter
a0bec739f1 mka: Clean up KaY log output
When running wpa_supplicant (with logging for testing) the log output is
somewhat disorganized for KaY related items. E.g., items are not
aligned, inconsistent type handling, wrong wording, missing labels, etc.
This change tries to clean up the log output, so it is somewhat more
accessible.

Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
2018-12-27 16:03:46 +02:00
Jouni Malinen
1cb5082567 mka: Do not force entry into INIT state on CP state machine creation
Go through the SM_STEP_RUN() global transition to get into the INIT
state to follow the state machine design more closely.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-27 11:33:46 +02:00
Jouni Malinen
785b219abd mka: Remove unused authorization data from CP
While IEEE Std 802.1X-2010 talks about arbitrary authorization data that
could be passed to the CP from sources like RADIUS server, there is not
much point in trying to implement this as an arbitrary memory buffer in
wpa_supplicant. Should such data be supported in the future, it would
much more likely use more detailed data structures that encode the
received data in easier to use form.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-27 11:26:27 +02:00
Jouni Malinen
7251f0badc mka: Extend CAK/CKN-from-EAP-MSK API to pass in MSK length
This can be used to allow 256-bit key hierarchy to be derived from
EAP-based authentication. For now, the MSK length is hardcoded to 128
bits, so the previous behavior is maintained.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-26 16:44:58 +02:00
Jouni Malinen
7a29984888 mka: Allow CAK length 32 (256-bit) to be initialized
The CAK length is not hardcoded in the algorithm agility parameter, so
remove that from the table. Instead, allow both 16 (128-bit) and 32
(256-bit) CAK to be used so that the following key derivations use
appropriate key lengths based on the configured/derived CAK.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-26 16:44:58 +02:00
Jouni Malinen
73111a63cc mka: Determine KCK/ICK length from CAK length
The ICK and KEK are derived from a CAK and the length of the CAK
determines the length of the KCK/ICK. Remove the separate ICK/KEK length
parameters from the algorithm agility table.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-26 16:44:58 +02:00
Jouni Malinen
b452a76e54 mka: ICV calculation using 256-bit ICK
Add support for using AES-CMAC with 256-bit key (ICK) to calculate ICV.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-26 16:44:58 +02:00
Jouni Malinen
7c3d1cc040 mka: Support 256-bit ICK derivation
Support derivation of a 256-bit ICK and use of a 256-bit CAK in ICK
derivation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-26 16:44:58 +02:00
Jouni Malinen
175ebc1f7a mka: Support 256-bit KEK derivation
Support derivation of a 256-bit KEK and use of a 256-bit CAK in KEK
derivation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-26 16:44:58 +02:00
Jouni Malinen
9b4a266694 mka: Support 256-bit CAK in SAK derivation
Pass the configured CAK length to SAK derivation instead of using
hardcoded 128-bit length.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-26 16:42:26 +02:00
Jouni Malinen
9dd701c12e mka: AES-CMAC-256 -based KDF
Extend the previously implemented KDF (IEEE Std 802.1X-2010, 6.2.1) to
support 256-bit input key and AES-CMAC-256. This does not change any
actual key derivation functionality yet, but is needed as a step towards
supporting 256-bit CAK.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-26 16:42:26 +02:00
Andrey Kartashev
a8aeaf41df mka: Change MI if key invalid
It is possible to get a situation where a peer removes the Key Server
from its live peers list but the server still thinks that the peer is
alive (e.g., high packet loss in one direction). In such a case, the Key
Server will continue to advertise Last Key but this peer will not be
able to set up SA as it has already deleted its key.

Change the peer MI which will force the Key Server to distribute a new
SAK.

Signed-off-by: Andrey Kartashev <andrey.kartashev@afconsult.com>
2018-12-26 16:42:26 +02:00
Andrey Kartashev
c20cc5833e mka: Speed up processing of duplicated SCI
Decrease timeout for a peer with duplicated SCI to speed up process in
case it is a valid peer after MI change.

Signed-off-by: Andrey Kartashev <andrey.kartashev@afconsult.com>
2018-12-26 16:42:25 +02:00
Andrey Kartashev
c1576d44a8 mka: Support for 256-bit SAK generation
There is already partial support of GCM-AES-256. It is possible to
enable this mode by setting 'kay->macsec_csindex = 1;' in
ieee802_1x_kay_init() function, but the generated key contained only 128
bits of data while other 128 bits are in 0.

Enables KaY to generate full 256-bit SAK from the same 128-bit CAK. Note
that this does not support 256-bit CAK or AES-CMAC-256 -based KDF.

Signed-off-by: Andrey Kartashev <andrey.kartashev@afconsult.com>
2018-12-26 16:42:25 +02:00
Andrey Kartashev
c9c93e7a24 mka: Remember LowestPN for each key server
According IEEE Std 802.1X-2010, 9.8 each participant shall record the
values of NextPN for last SAK accepted from each Key Server to use it in
case of a switch from one Key Server to another and back. Add LPN
recording and set saved value as the initial PN for the created channel.

Signed-off-by: Andrey Kartashev <andrey.kartashev@afconsult.com>
2018-12-26 16:42:25 +02:00
Andrey Kartashev
54c6a69952 mka: Check for errors on create Secure Channel
It is possible that the driver fails to create Secure Channel (due to
hardware limitations for example). Add checks of create_*_sc() result
codes and abort procedure in case of failure.

Signed-off-by: Andrey Kartashev <andrey.kartashev@afconsult.com>
2018-12-26 16:42:25 +02:00
Andrey Kartashev
52171e18c9 mka: Fix a memory leak on error path
Fix a minor memory leak in ieee802_1x_kay_create_mka() in
case of KEK/ICK derivation failure.

Signed-off-by: Andrey Kartashev <andrey.kartashev@afconsult.com>
2018-12-26 16:42:25 +02:00
Andrey Kartashev
a6cd1be957 mka: Debug output cleanup/fix
Make debug output more consistent, fix several errors.

Signed-off-by: Andrey Kartashev <andrey.kartashev@afconsult.com>
2018-12-26 16:42:25 +02:00
Andrey Kartashev
e49b78c0d5 mka: Allow configuration of MACsec replay protection
Add new configuration parameters macsec_replay_protect and
macsec_replay_window to allow user to set up MACsec replay protection
feature. Note that according to IEEE Std 802.1X-2010 replay protection
and delay protection are different features: replay protection is
related only to SecY and does not appear on MKA level while delay
protection is something that KaY can use to manage SecY state.

Signed-off-by: Andrey Kartashev <andrey.kartashev@afconsult.com>
2018-12-26 16:42:25 +02:00
Andrey Kartashev
e47c5227bd wpa_debug: Support wpa_hexdump_ascii() outputting into syslog
When syslog logging is used output from wpa_hexdump_ascii() was silently
discarded. This patch enables wpa_hexdump_ascii() to print data to
syslog but without ASCII decoding.

Signed-off-by: Andrey Kartashev <andrey.kartashev@afconsult.com>
2018-12-26 16:42:25 +02:00
Mike Siedzik
302bbad5ac mka: Do not update potential peer liveness timer
To prevent a remote peer from getting stuck in a perpetual 'potential
peer' state, only update the peer liveness timer 'peer->expire' for live
peers and not for potential peers.

Per IEEE Std 802.1X-2010, 9.4.3 (Determining liveness), potential peers
need to show liveness by including our MI/MN in their transmitted MKPDU
(within potential or live parameter sets).

When a potential peer does include our MI/MN in an MKPDU, we respond by
moving the peer from 'potential_peers' to 'live_peers'.

If a potential peer does not include our MI/MN in an MKPDU within
MKPDU_LIFE_TIME, let the peer expire to facilitate getting back in sync
with the remote peer.

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-12-26 16:42:25 +02:00
Mike Siedzik
e4ae284bba mka: Consider missing MKPDU parameter sets a failure
The previous commit introduced parameter set error checking. This commit
extends upon that by considering missing parameter sets a failure.

Two checks are added by this commit. First, verify that live peers start
encoding MKA_SAK_USE within a reasonable amount of time after going live
(10 MKPDUs). Second, verify that once a live peer starts encoding
MKA_SAK_USE it continues to do so indefinitely.

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-12-26 16:42:25 +02:00
Mike Siedzik
db9ca18bbf mka: Do not ignore MKPDU parameter set decoding failures
The status values returned by mka_param_body_handler.body_rx functions
are currently ignored by ieee802_1x_kay_decode_mkpdu(). If a failure is
detected the KaY should (a) stop processing the MKDPU and (b) do not
update the associated peer's liveliness.

IEEE Std 802.1X-2010, Table 11-7 (MKPDU parameter sets) and 11.11.3
(Encoding MKPDUs) dictate that MKA_SAK_USE (set type 3) will always be
encoded before MKA_DISTRIBUTED_SAK (set type 4) in MKPDUs. Due to
implementation of mka_param_body_handler, the code will always decode
MKA_SAK_USE before MKA_DISTRIBUTED_SAK. When MKA_DISTRUBUTED_SAK
contains a new SAK the code should decode MKA_DISTRUBUTED_SAK first so
that the latest SAK is in known before decoding MKA_SAK_USE.

The ideal solution would be to make two passes at MKDPU decoding: the
first pass decodes MKA_DISTRIBUTED_SAK, the second pass decodes all
other parameter sets.

A simpler and less risky solution is presented here: ignore MKA_SAK_USE
failures if MKA_DISTRIBUTED_SAK is also present. The new SAK will be
saved so that the next MKPDU's MKA_SAK_USE can be properly decoded. This
is basically what the code prior to this commit was doing (by ignoring
all errors).

Also, the only real recourse the KaY has when detecting any bad
parameter set is to ignore the MKPDU by not updating the corresponding
peer's liveliness timer, 'peer->expire'.

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-12-26 16:42:25 +02:00
Mike Siedzik
bab1d0d359 mka: Fix resource leak when detecting duplicated SCI
If a live peer ever changes its Member Identifier (MI), the KaY
correctly detects a "duplicated SCI" but then proceeds to delete the
peer without deleting the peer's resources (i.e., RxSC, RxSAs, TxSAs).

Note that a remote peer's MI will change if and when an
ieee8021XPaePortInitialize is executed on the remote port.

The solution here is to ignore all MKPDUs containing the new MI until
after the peer (that corresponds to the old MI) expires and cleans up
its resources. After the old peer is removed reception of the next MKPDU
containing the new MI will result in the creation of a new peer with the
new MI.

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-12-26 16:42:25 +02:00
Mike Siedzik
1cb0f63b0e mka: Fix READY to TRANSMIT logic in CP state machine
Per IEEE Std 802.1X-2010, Figure 12-2 (CP state machine), READY to
TRANSMIT transition includes !controlledPortEnabled condition.

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-12-26 16:42:25 +02:00
Mike Siedzik
8ae29b4e9c mka: Fix READY to ABANDON logic in CP state machine
Per IEEE Std 802.1X-2010, Figure 12-2 (CP state machine), READY should
move to ABANDON (not RECEIVE) when new_sak or changed_connect is true.

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-12-26 16:42:25 +02:00
Mike Siedzik
3dce43ba5f mka: Fix RECEIVING to TRANSMIT logic in CP state machine
Per IEEE Std 802.1X-2010, Figure 12-2 (CP state machine), RECEIVING to
TRANSMIT transition includes !controlledPortEnabled condition.

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-12-26 16:42:25 +02:00
Mike Siedzik
06e06a8df7 mka: Fix RETIRE state deletion of SAs
Per IEEE Std 802.1X-2010, Figure 12-2 (CP state machine), deleteSAs(oki)
is used upon entering RETIRE. Do that in addition to freeing sm->oki.

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-12-26 16:42:25 +02:00
Mike Siedzik
2fc0675683 mka: Fix lowest acceptable Packet Number (LPN) calculation and use
The purpose of the Lowest Acceptable PN (lpn) parameters in the MACsec
SAK Use parameter set is to enforce delay protection. Per IEEE Std
802.1X-2010, Clause 9, "Each SecY uses MKA to communicate the lowest PN
used for transmission with the SAK within the last two seconds, allowing
receivers to bound transmission delays."

When encoding the SAK Use parameter set the KaY should set llpn and olpn
to the lowest PN transmitted by the latest SAK and oldest SAK (if
active) within the last two seconds. Because MKPDUs are transmitted
every 2 seconds (MKA_HELLO_TIME), the solution implemented here
calculates lpn based on the txsc->next_pn read during the previous MKPDU
transmit.

Upon receiving and decoding a SAK Use parameter set with delay
protection enabled, the KaY will update the SecY's lpn if the delay
protect lpn is greater than the SecY's current lpn (which is a product
of last PN received and replay protection and window size).

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-12-26 16:42:25 +02:00
Mike Siedzik
d9a0a72229 mka: Fix MKPDU SAK Use Body's Delay Protect bit setting
Delay Protect and Replay Protect are two separate and distinct features
of MKA. Per IEEE Std 802.1X-2010, 9.10.1 "Delay Protect, TRUE if LPNs
are being reported sufficiently frequently to allow the recipient to
provide data delay protection. If FALSE, the LPN can be reported as
zero", and per 9.10 "NOTE--Enforcement of bounded received delay
necessitates transmission of MKPDUs at frequent (0.5 s) intervals, to
meet a maximum data delay of 2 s while minimizing connectivity
interruption due to the possibility of lost or delayed MKPDUs."

This means struct ieee802_1x_mka_sak_use_body::delay_protect should only
be set TRUE when MKPDUs are being transmitted every 0.5 s (or faster).
By default the KaY sends MKPDUs every MKA_HELLO_TIME (2.0 s), so by
default delay_protect should be FALSE.

Add a new 'u32 mka_hello_time' parameter to struct ieee802_1x_kay. If
delay protection is desired, the KaY initialization code should set
kay->mka_hello_time to MKA_BOUNDED_HELLO_TIME (500 ms).

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-12-26 16:42:25 +02:00
Mike Siedzik
5864545492 mka: Fix conf_offset value in MKPDU when in policy mode SHOULD_SECURE
Commit 7b4d546e ("wpa_supplicant: Add macsec_integ_only setting for
MKA") introduced policy setting SHOULD_ENCRYPT (MACsec provides
integrity+confidentiality) in addition to SHOULD_SECURE (MACsec provides
integrity only). In both cases the KaY is populating the
"Confidentiality Offset" parameter within the "Distributed SAK parameter
set" with CONFIDENTIALITY_OFFSET_0=1. In the case of SHOULD_SECURE the
parameter should be populated with CONFIDENTIALITY_NONE=0.

IEEE Std 802.1X-2010, Table 11-6 and Figure 11-11 define how the two
Confidentiality Offset bits in the "Distributed SAK parameter set" must
be set: "0 if confidentiality not used" and "1 if confidentiality with
no offset". When policy is SHOULD_SECURE KaY should to send the former,
and when policy is SHOULD_ENCRYPT KaY should send the latter.

Fixes: 7b4d546e3d ("wpa_supplicant: Add macsec_integ_only setting for MKA")
Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-12-26 16:42:25 +02:00
Michael Braun
61127f162a MKA: Handle unaligned CKN length
IEEE Std 802.1X-2010, Figure 11-7 explains that "Parameter set body
length" is exclusive of the suffix padding.

Fix variable length encoding and decoding when CKN length is not a
multiple of 4 bytes.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-12-25 17:29:15 +02:00
Jouni Malinen
f1ac2b8e6a MKA: Mark frame structs packed
Mark the data structures used in construction/parsing frames packed to
prevent compiler from being able to pad them.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-25 17:29:15 +02:00
Jouni Malinen
91ad2f441a macsec_linux: Add driver status information
wpa_supplicant STATUS-DRIVER control interface command can now be used
to fetch the macsec_linux driver status information like parent
interface name.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-25 00:54:51 +02:00
Jouni Malinen
d0dde0808d driver: Fix a typo in a comment
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-25 00:54:51 +02:00
Jouni Malinen
7c6acc757b macsec_linux: More detailed debug logs for driver interaction
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-24 21:12:18 +02:00
Jouni Malinen
5759bd36aa WPS: Fix wps_validate_credential() argument type
Newer gcc complained about the mismatching len[] argument type. Silence
that by using the correct type.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-24 11:12:53 +02:00
Jouni Malinen
e422a819d0 Check snprintf result to avoid compiler warnings
These do not really get truncated in practice, but it looks like some
newer compilers warn about the prints, so silence those by checking the
result and do something a bit more useful if the output would actually
get truncated.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-24 11:09:22 +02:00
Veerendranath Jakkam
8ec7c99ee4 nl80211: Fetch supported AKM list from the driver
Try to fetch the list of supported AKM suite selectors from the driver
through the vendor interface
QCA_NL80211_VENDOR_SUBCMD_GET_SUPPORTED_AKMS. If that command is
available and succeeds, use the returned list to populate the
wpa_driver_capa key_mgmt information instead of assuming all
cfg80211-based drivers support all AKMs. If the driver does not support
this command, the previous behavior is maintained.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-21 21:49:02 +02:00
Veerendranath Jakkam
dbe7f6da77 Vendor command to query the supported AKMs from the driver
This new QCA vendor command is used to query the supported AKM suite
selectors from the driver. There has been no such capability indication
from the driver and thus the current user space has to assume the driver
to support all the AKMs. This may be the case with some drivers (e.g.,
mac80211-based ones) but there are cfg80211-based drivers that implement
SME and have constraints on which AKMs can be supported (e.g., such
drivers may need an update to support SAE AKM using
NL80211_CMD_EXTERNAL_AUTH). Allow such drivers to specify the exact set
of supported AKMs so that user space tools can determine what network
profile options should be allowed to be configured. This command returns
the list of supported AKM suite selectors in the attribute
NL80211_ATTR_AKM_SUITES.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-21 21:09:48 +02:00
Jouni Malinen
5bcddb9302 DPP: Fix build with LibreSSL 2.8.3
Looks like LibreSSL 2.8 pulled in the OpenSSL API change to mark the
first argument to X509_ALGOR_get0() const.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-21 12:21:03 +02:00
Andrey Utkin
837e36583a Fix build with LibreSSL
When using LibreSSL instead of OpenSSL, linkage of hostapd executable
fails with the following error when using some LibreSSL versions

    ../src/crypto/tls_openssl.o: In function `tls_verify_cb':
    tls_openssl.c:(.text+0x1273): undefined reference to `ASN1_STRING_get0_data'
    ../src/crypto/tls_openssl.o: In function `tls_connection_peer_serial_num':
    tls_openssl.c:(.text+0x3023): undefined reference to `ASN1_STRING_get0_data'
    collect2: error: ld returned 1 exit status
    make: *** [Makefile:1278: hostapd] Error 1

ASN1_STRING_get0_data is present in recent OpenSSL, but absent in some
versions of LibreSSL (confirmed for version 2.6.5), so fallback needs to
be defined in this case, just like for old OpenSSL.

This patch was inspired by similar patches to other projects, such as
spice-gtk, pjsip.

Link: https://bugs.gentoo.org/672834
Signed-off-by: Andrey Utkin <andrey_utkin@gentoo.org>
2018-12-21 12:09:11 +02:00
Felix Fietkau
4d663233e6 hostapd: Support for overriding the bridge name per VLAN via vlan_file
This makes it easier to integrate dynamic VLANs in custom network
configurations. The bridge name is added after the interface name in the
vlan_file line, also separated by whitespace.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-12-21 12:02:57 +02:00
Johannes Berg
5b82cdbe8b nl80211: Add support for starting FTM responder
Add support for starting FTM responder when in AP mode. This just sends
the appropriate NEW/SET_BEACON command to the driver with the LCI/civic
location data.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2018-12-21 11:22:35 +02:00
Andrei Otcheretianski
d2c4d1ee11 AP: Configure FTM responder parameters
Enable FTM responder and configure LCI and civic if ftm_responder
configuration option is set. Since ftm_responder configuration existed
before and was used to set extended capability bits, don't fail AP setup
flow if ftm_responder is set, but the driver doesn't advertise FTM
responder support.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2018-12-21 11:19:25 +02:00
Andrei Otcheretianski
4cb618cf2d driver: Add FTM responder configuration APIs
Add configuration options to enable FTM responder and configure LCI and
civic parameters. In addition, introduce WPA_DRIVER_FLAGS_FTM_RESPONDER
flag, which can be used to indicate FTM responder support in AP mode.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2018-12-21 11:18:00 +02:00
Jouni Malinen
6a24adee9c Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2018-12-15.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-21 11:12:39 +02:00
Venkateswara Naralasetty
5abc7823bd wpa_supplicant: Add Multi-AP backhaul STA support
Advertise vendor specific Multi-AP IE in (Re)Association Request frames
and process Multi-AP IE from (Re)Association Response frames if the user
enables Multi-AP fuctionality. If the (Re)Association Response frame
does not contain the Multi-AP IE, disassociate.

This adds a new configuration parameter 'multi_ap_backhaul_sta' to
enable/disable Multi-AP functionality.

Enable 4-address mode after association (if the Association Response
frame contains the Multi-AP IE). Also enable the bridge in that case.
This is necessary because wpa_supplicant only enables the bridge in
wpa_drv_if_add(), which only gets called when an interface is added
through the control interface, not when it is configured from the
command line.

Signed-off-by: Venkateswara Naralasetty <vnaralas@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2018-12-20 12:10:31 +02:00
Venkateswara Naralasetty
9c06f0f6ae hostapd: Add Multi-AP protocol support
The purpose of Multi-AP specification is to enable inter-operability
across Wi-Fi access points (APs) from different vendors.

This patch introduces one new configuration parameter 'multi_ap' to
enable Multi-AP functionality and to configure the BSS as a backhaul
and/or fronthaul BSS.

Advertise vendor specific Multi-AP capabilities in (Re)Association
Response frame, if Multi-AP functionality is enabled through the
configuration parameter.

A backhaul AP must support receiving both 3addr and 4addr frames from a
backhaul STA, so create a VLAN for it just like is done for WDS, i.e.,
by calling hostapd_set_wds_sta(). Since Multi-AP requires WPA2 (never
WEP), we can safely call hostapd_set_wds_encryption() as well and we can
reuse the entire WDS condition.

To parse the Multi-AP Extension subelement, we use get_ie(): even though
that function is meant for parsing IEs, it works for subelements.

Signed-off-by: Venkateswara Naralasetty <vnaralas@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2018-12-20 01:04:14 +02:00
Mathy Vanhoef
fa97981265 OCV: Include and verify OCI in WNM-Sleep Exit frames
Include and verify the OCI element in WNM-Sleep Exit Request and
Response frames. In case verification fails, the frame is silently
ignored.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 15:50:12 +02:00
Mathy Vanhoef
716ed96e8d OCV: Pass ocv parameter to mesh configuration
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 15:50:12 +02:00
Mathy Vanhoef
99621dc16c OCV: Include and verify OCI in the FILS handshake
Include and verify the OCI element in FILS (Re)Association Request and
Response frames.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 15:50:12 +02:00
Mathy Vanhoef
f91e68e903 OCV: Perform an SA Query after a channel switch
After the network changed to a new channel, perform an SA Query with the
AP after a random delay if OCV was negotiated for the association. This
is used to confirm that we are still operating on the real operating
channel of the network. This commit is adding only the station side
functionality for this, i.e., the AP behavior is not changed to
disconnect stations with OCV that do not go through SA Query.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 15:50:12 +02:00
Mathy Vanhoef
f9da7505bf OCV: Include and verify OCI in SA Query frames
Include an OCI element in SA Query Request and Response frames if OCV
has been negotiated.

On Linux, a kernel patch is needed to let clients correctly handle SA
Query Requests that contain an OCI element. Without this patch, the
kernel will reply to the SA Query Request itself, without verifying the
included OCI. Additionally, the SA Query Response sent by the kernel
will not include an OCI element. The correct operation of the AP does
not require a kernel patch.

Without the corresponding kernel patch, SA Query Requests sent by the
client are still valid, meaning they do include an OCI element.
Note that an AP does not require any kernel patches. In other words, SA
Query frames sent and received by the AP are properly handled, even
without a kernel patch.

As a result, the kernel patch is only required to make the client properly
process and respond to a SA Query Request from the AP. Without this
patch, the client will send a SA Query Response without an OCI element,
causing the AP to silently ignore the response and eventually disconnect
the client from the network if OCV has been negotiated to be used.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 15:42:23 +02:00
Mathy Vanhoef
dd8df6af0b OCV: Include and verify OCI in the FT handshake
Include and verify the the OCI element in (Re)Association Request and
Response frames of the FT handshake. In case verification fails, the
handshake message is silently ignored.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 15:42:23 +02:00
Mathy Vanhoef
aed61c4efa OCV: Verify OCI in 4-way and group key handshake
Verify the received OCI element in the 4-way and group key handshakes.
If verification fails, the handshake message is silently dropped.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 15:42:23 +02:00
Mathy Vanhoef
1034f67bf1 OCV: Add function to derive Tx parameters to a specific STA
Use the information elements that were present in the (Re)Association
Request frame to derive the maximum bandwidth the AP will use to
transmit frames to a specific STA. By using this approach, we don't need
to query the kernel for this information, and avoid having to add a
driver API for that.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 15:42:19 +02:00
Mathy Vanhoef
697652085f OCV: Add function to verify a received OCI element
ocv_verify_tx_params() verifies that the receive OCI element includes
field values that are compatible with the local channel configuration.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 00:02:14 +02:00
Mathy Vanhoef
f53aeff415 OCV: Parse all types of OCI information elements
Add functionality to parse all variations of the OCI element.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 00:02:14 +02:00
Mathy Vanhoef
17c2559caf OCV: Insert OCI in 4-way and group key handshake
If Operating Channel Verification is negotiated, include the OCI KDE
element in EAPOL-Key msg 2/4 and 3/4 of the 4-way handshake and both
messages of the group key handshake.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 00:02:14 +02:00
Mathy Vanhoef
6ab73efa72 OCV: Add utility functions to insert OCI elements
This commit adds utility functions to insert various encoding of the OCI
element.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 00:02:14 +02:00
Mathy Vanhoef
55c12f5d37 OCV: Advertise OCV capability in RSN capabilities (STA)
Set the OCV bit in RSN capabilities (RSNE) based on station mode
configuration.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-16 20:49:27 +02:00
Mathy Vanhoef
1e93e4239f OCV: Track STA OCV capability in AP mode
Check and store OCV capability indication for each STA.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-16 20:49:13 +02:00
Mathy Vanhoef
875ab60d73 OCV: Advertise OCV capability in RSN capabilities (AP)
Set the OCV bit in RSN capabilities (RSNE) based on AP mode
configuration. Do the same for OSEN since it follows the RSNE field
definitions.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-16 20:48:48 +02:00
Mathy Vanhoef
9c55fdb023 OCV: Add hostapd config parameter
Add hostapd.conf parameter ocv to disable or enable Operating Channel
Verification (OCV) support.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-16 20:31:21 +02:00
Mathy Vanhoef
b1d05aee8b OCV: Protocol definitions
Define protocol identifiers for Operating Channel Verification (OCV)
based on IEEE P802.11-REVmd/D2.0.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-16 20:31:21 +02:00
Mathy Vanhoef
ad20a1367f Store the VHT Operation element of an associated STA
APs and mesh peers use the VHT Operation element to advertise certain
channel properties (e.g., the bandwidth of the channel). Save this
information element so we can later access this information.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-16 18:35:30 +02:00
Mathy Vanhoef
d706e0d7a3 Add functions to convert channel bandwidth to an integer
This adds two utility functions to convert both operating classes and
and the chan_width enum to an integer representing the channel
bandwidth. This can then be used to compare bandwidth parameters in an
uniform manner.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-16 18:35:30 +02:00
Mathy Vanhoef
dbe473fd22 Add utility function to derive operating class and channel
This function can be used to easily convert the parameters returned
by the channel_info driver API, into their corresponding operating
class and channel number.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-16 18:35:30 +02:00
Mathy Vanhoef
bef4d07a28 Make channel_info available to authenticator
This adds the necessary functions and callbacks to make the channel_info
driver API available to the authenticator state machine that implements
the 4-way and group key handshake. This is needed for OCV.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-16 18:35:30 +02:00
Mathy Vanhoef
4b62b52e5e Make channel_info available to the supplicant state machine
This adds the necessary functions and callbacks to make the channel_info
driver API available to the supplicant state machine that implements the
4-way and group key handshake. This is needed for OCV.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-16 18:35:30 +02:00
Mathy Vanhoef
7f00dc6e15 Add driver API to get current channel parameters
This adds driver API functions to get the current operating channel
parameters. This encompasses the center frequency, channel bandwidth,
frequency segment 1 index (for 80+80 channels), and so on.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-16 18:35:30 +02:00
Jouni Malinen
7bd8c76a4f HS 2.0 server: RADIUS server support for SIM provisioning
This adds support for hostapd-as-RADIUS-authentication-server to request
subscription remediation for SIM-based credentials. The new hostapd.conf
parameter hs20_sim_provisioning_url is used to set the URL prefix for
the remediation server for SIM provisioning. The random
hotspot2dot0-mobile-identifier-hash value will be added to the end of
this URL prefix and the same value is stored in a new SQLite database
table sim_provisioning for the subscription server implementation to
use.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-15 18:01:38 +02:00
Jouni Malinen
79fec6a92d EAP: Make method and IMSI available from server structures
Expose EAP method and IMSI from the completed (or ongoing) EAP
authentication session. These are needed for implementing Hotspot 2.0
SIM provisioning.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-14 15:56:16 +02:00
Jouni Malinen
f3784a6b94 HS 2.0: Reject Hotspot 2.0 Rel 2 or newer association without PMF
Hotspot 2.0 Rel 2 requires PMF to be enabled.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-08 14:06:58 +02:00
Jouni Malinen
2205ca0dfe HS 2.0: Update supported release number to 3
Release 3 functionality is included, so start advertising support for
that release.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-08 14:06:58 +02:00
Jouni Malinen
6ae04d7b34 HS 2.0: Allow Hotspot 2.0 release number to be configured
The new hostapd configuration parameter hs20_release can be used to
configure the AP to advertise a specific Hotspot 2.0 release number
instead of the latest supported release. This is mainly for testing
purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-08 14:06:54 +02:00
Jouni Malinen
17adac9ef9 FILS: Do not process FILS HLP request again while previous one is pending
It is better not to process a new (most likely repeated) FILS HLP
request if a station retransmits (Re)Association Request frame before
the previous HLP response has either been received or timed out. The
previous implementation ended up doing this and also ended up
rescheduling the fils_hlp_timeout timer in a manner that prevented the
initial timeout from being reached if the STA continued retransmitting
the frame. This could result in failed association due to a timeout on
the station side.

Make this more robust by processing (and relaying to the server) the HLP
request once and then ignoring any new HLP request while the response
for the relayed request is still pending. The new (Re)Association
Request frames are otherwise processed, but they do not result in actual
state change on the AP side before the HLP process from the first
pending request is completed.

This fixes hwsim test case fils_sk_hlp_oom failures with unmodified
mac80211 implementation (i.e., with a relatively short retransmission
timeout for (Re)Association Request frame).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-07 16:03:40 +02:00
Peng Xu
891e1668c0 hostapd: Update HE Capabilities and Operation element definition
Update HE Capabilities/Operation element definition based on IEEE
P802.11ax/D3.0.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-07 15:17:02 +02:00
Jouni Malinen
678d8410af Move send_probe_response parameter to BSS specific items
This can be more convenient for testing Multiple BSSID functionality.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-07 15:03:11 +02:00
Edayilliam Jayadev
4c02242d04 Define spectral scaling parameters as QCA vendor specific attributes
Add spectral scaling parameters as vendor attributes to the
QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_CAP_INFO vendor subcommand.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-04 20:57:32 +02:00
Yu Ouyang
f81e65510c WPS NFC: Fix potential NULL pointer dereference on an error path
The NFC connection handover specific case of WPS public key generation
did not verify whether the two wpabuf_dup() calls succeed. Those may
return NULL due to an allocation failure and that would result in a NULL
pointer dereference in dh5_init_fixed().

Fix this by checking memory allocation results explicitly. If either of
the allocations fail, do not try to initialize wps->dh_ctx and instead,
report the failure through the existing error case handler below.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org
2018-12-04 20:52:34 +02:00
Jouni Malinen
11adf76a71 EAP-TLS server: Update user information based on serial number
This allows EAP user database entries for "cert-<serial number>" to be
used for client certificate based parameters when using EAP-TLS. This
commit addresses only the full authentication case and TLS session
resumption is not yet covered.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-03 23:29:56 +02:00
Jouni Malinen
9da196adf9 VLAN: Warn about interface name truncation
Add more snprintf checks to make it clearer if some of the ifname
constructions would end up being too long.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-03 12:44:11 +02:00
Jouni Malinen
368c9dc0bd The master branch is now used for v2.8 development
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-02 22:55:28 +02:00
Jouni Malinen
c2c6c01bb8 Update version to v2.7 and copyright years to include 2018
Also add the ChangeLog entries for both hostapd and wpa_supplicant to
describe main changes between v2.6 and v2.7.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-02 21:34:59 +02:00
Jouni Malinen
8fc6d88465 OWE: Fix association rejection behavior
If association failed for any non-OWE specific reason, the previous
implementation tried to add the OWE related IEs into the (Re)Association
Response frame. This is not needed and could actually result in
dereferencing a NULL pointer. Fix this by adding those OWE related IEs
only for successful association and only if the RSN state machine has
been initialized.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-02 20:21:21 +02:00
Jouni Malinen
bd51246924 nl80211: Debug print TX queue parameter values and result
Some mac80211_hwsim test cases have failed with mysterious sequence
where mac80211 has claimed the parameters are invalid ("wlan3: invalid
CW_min/CW_max: 9484/40"). Those values look strange since they are not
from hostapd configuration or default values.. hostapd is seeing TX
queue parameter set failing for queues 0, 1, and 3 (but not 2) for these
cases. Add debug prints to hostapd to get more details on what exactly
is happening if such error cases can be reproduced.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-02 19:50:59 +02:00
Jouni Malinen
4a450ba201 DPP: Do not reply to PKEX request with identifier if no local identifier
The reverse case (local identifier configured but no identifier
received) was already covered, but PKEX is not going to complete
successfully if there is any difference in identifier configuration, so
ignore this other case as well. This avoids unnecessary responses to
PKEX requests with identifier from a device that is ready for PKEX in
general, but not for that particular request.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-02 12:30:11 +02:00
Jouni Malinen
e22c23382f DPP: Apply testing configuration option to signing of own config
Previous implementation had missed this case of setting configurator
parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-02 00:26:21 +02:00
Jouni Malinen
e0785ebbbd Use more consistent Action frame RX handling in both AP mode paths
Both handle_action() and hostapd_action_rx() are used for processing
received Action frames depending on what type of driver architecture is
used (MLME in hostapd vs. driver) and which build options were used to
build hostapd. These functions had a bit different sequence for checking
the frame and printing debug prints. Make those more consistent by
checking that the frame includes the category-specific action field and
some payload. Add a debug print for both functions to make it easier to
see which path various Action frames use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-01 20:30:09 +02:00
Jouni Malinen
ff50101139 FT: Check session_timeout pointer consistently
Avoid smatch warning on this even thought the only caller of the
function uses a non-NULL pointer in all cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-30 21:28:19 +02:00
Jouni Malinen
0227028444 EAP DB: Use NULL to clear a pointer
Avoid a sparse warning from use of a plain integer.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-30 21:28:19 +02:00
Jouni Malinen
810bedf23f DPP: Check own_bi/peer_bi pointers more consistently
This gets rid of smatch warnings about a dereference before check.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-30 21:28:19 +02:00
Jouni Malinen
3d1d469195 Fix indentation level
This gets rid of smatch warnings about inconsistent indenting.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-30 21:28:19 +02:00
Jouni Malinen
3337fc2a12 OpenSSL: Include sha512.h to match function prototypes
This gets rid of sparse warnings.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-30 21:28:06 +02:00
Jouni Malinen
b3f99d45d5 macsec_linux: Make create_transmit_sc() handler use matching arguments
The currently unused conf_offset parameter used a mismatching type (enum
vs. unsigned int) compared to the prototype.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-30 21:28:01 +02:00
Jouni Malinen
b82fcf06f2 macsec_linux: Use NULL to clear a pointer
Avoid a sparse warning from use of a plain integer.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-30 17:32:35 +02:00
Jouni Malinen
ff7f339cff macsec_qca: Mark macsec_qca_set_transmit_next_pn() static
This function is not used outside this C file. Mark it static to avoid a
warning from sparse.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-30 17:32:09 +02:00
Jouni Malinen
a00d65e79f DPP: Reject invalid no-psk/pass legacy configurator parameters
Instead of going through the configuration exchange, reject invalid
legacy configurator parameters explicitly. Previously, configuring
legacy (psk/sae) parameters without psk/pass resulted in a config object
that used a zero length passphrase. With this change, that config object
is not sent and instead, either the initialization attempts is rejected
or the incoming initialization attempt is ignored.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-30 17:14:49 +02:00
Jouni Malinen
04924b28b5 OWE: Fix a compiler warning in non-testing build
The new conf variable was used only within the CONFIG_TESTING_OPTIONS
block and as such, added a warning about unused variable into
non-testing builds. Fix that by using that variable outside the
conditional block as well.

Fixes: a22e235fd0 ("OWE: Add testing RSNE for OWE assoc response with driver SME/MLME")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-27 20:49:53 +02:00
Jouni Malinen
89b6d8a2f0 DPP: Fix no-Status protocol testing in Auth Resp error case
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-27 17:20:41 +02:00
Sunil Dutt
acecac4c79 Define QCA_NL80211_VENDOR_SUBCMD_LINK_PROPERTIES also as an event
This commit enhances QCA_NL80211_VENDOR_SUBCMD_LINK_PROPERTIES to
also be an event, aimed to notify the link status (EX: connected
stations status on an AP link).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-27 00:27:18 +02:00
Cedric Izoard
10d32e2c8d nl80211: Use netlink connect socket for disconnect (ext auth)
When external authentication is used, a specific netlink socket is used
to send the connect command. If the same socket is not used for
disconnect command, cfg80211 will discard the command. This constraint
was added into the kernel in commit bad292973363 ("nl80211: Reject
disconnect commands except from conn_owner"). That requires an update
for the hostap.git commit 40a68f3384 ("nl80211: Create a netlink
socket handle for the Connect interface").

Add a new flag into struct i802_bss to indicate if the special
nl_connect socket was used for the connect command. When sending
disconnect command this flag is tested to select the correct socket.

Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
2018-11-26 19:24:31 +02:00
Emmanuel Grumbach
941807f6b6 drivers: Document struct wpa_signal_info
Add documentation to the wpa_signal_info structure.
Add a define for an invalid noise value.

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
2018-11-26 00:57:50 +02:00
Jouni Malinen
6e7b4c45fa Fix hostapd config file reloading with BSS addition/removal
BSS additional/removal cases were not considered at all in the previous
implementation of hostapd configuration file reloading on SIGHUP. Such
changes resulted in num_bss values getting out of sync in runtime data
and configuration data and likely dereferencing of freed memory (e.g.,
when removing a BSS).

Fix this by forcing a full disable/enable sequence for the interface if
any BSS entry is added/removed or if an interface name changes between
the old and the new configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-11-26 00:51:38 +02:00
Jouni Malinen
06e62e11c7 DPP: Fix a debug print to use quotation marks consistently
The "DPP: Unexpected JWK kty" debug print missed one of the quotation
marks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-11-25 17:31:49 +02:00
Jouni Malinen
11f07f027a DPP: Fix error path handling for GAS Comeback Response building
A local memory allocation failuring during GAS Comeback Response frame
generation could result in freeing the response context without removing
it from the list. This would result in dereferencing freed memory when
processing the next comeback request.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-11-25 13:51:26 +02:00
Jouni Malinen
c7896ef9c6 DPP: Fix memory leaks in GAS server error path handling
If local memory allocation for the GAS response failed, couple of error
paths ended up leaking some memory maintaining the state for the
exchange. Fix that by freeing the context properly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-11-25 13:49:44 +02:00
Johannes Berg
babdd8d0d9 nl80211: Use correct u8 size for NL80211_ATTR_SMPS_MODE
Back in December 2017, Jouni fixed the output side since that was
causing a kernel message to be printed, but the input side should
also be fixed, otherwise it will not work correctly on big-endian
platforms.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2018-11-22 15:53:30 +02:00
Jouni Malinen
adbce7443d HS 2.0: Update HS2.0 AP version RADIUS attribute Version field
Use HS20_VERSION macro to determine if R3 should be indicated instead of
R2.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-09 23:38:31 +02:00
Jouni Malinen
dc673aec46 HS 2.0: Generate AssocReq OSEN IE based on AP advertisement
Parse the OSEN IE from the AP to determine values used in the AssocReq
instead of using hardcoded cipher suites. This is needed to be able to
set the group cipher based on AP advertisement now that two possible
options exists for this (GTK_NOT_USED in separate OSEN BSS; CCMP or
GTK_NOT_USED in shared BSS case). Furthermore, this is a step towards
allowing other ciphers than CCMP to be used with OSEN.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-09 18:07:16 +02:00
Sachin Ahuja
d554402140 Define new QCA vendor command for coex priority config
Add QCA_NL80211_VENDOR_SUBCMD_COEX_CONFIG vendor command
to set the priorities among different types of traffic of
WLAN/BT/Zigbee during coex scenarios.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-09 00:20:09 +02:00
vamsi krishna
a626fb1070 Add QCA vendor event to indicate throughput changes
Add interface for drivers to report changes in TX/RX throughput
dynamically to user space. This information can be used by userspace
tools to tune kernel's TCP parameters in order to achieve peak
throughput. The driver may optionally provide guidance on which TCP
parameters to be configured for optimal performance along with the
values to be configured.

The TCP parameters that need to be tuned for peak performance are not
interface specific. Based on the guidance from the driver and
considering the other interfaces that may be affected with the new
configurations, a userspace tool has to choose the values to be
configured for these parameters to achieve optimal performance across
interfaces.

The throughput levels informed by the driver with this event are only
for providing guidance on TCP parameter tuning from userspace. The
driver may change the thresholds used to decide low or medium or high
throughput levels based on several parameters based on the PHY layer
capacity in the current connection, the number of packets being
dispatched per second, or the number of packets pending in queues, etc.
The throughput levels may not be consistent with the actual throughput
of the link.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-08 21:56:58 +02:00
Kiran Kumar Lokere
5d332a13f7 Add test config QCA vendor attribute for action frame Tx in TB PPDU
Add a new wifi test config QCA vendor attribute to configure action
frame transmission in HE trigger based PPDU.
This is used for testbed configuration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-02 12:10:18 +02:00
Kiran Kumar Lokere
a94aab6ddd Define test config QCA vendor attribute for HE SU PPDU Tx config
Add a new wifi test config QCA vendor attribute to configure HE
single user PPDU transmission.
This is used for testbed configuration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-02 12:09:38 +02:00
Kiran Kumar Lokere
292bce08b3 Define test config QCA vendor attribute for HE OM control config
Add a new wifi test config QCA vendor attributes to configure HE
operating mode control field bandwidth, number of spatial streams, and
UL MU disable configuration. Define a new attribute to clear the
previously set HE OM control field configuration. This is used for
testbed configuration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-11-02 12:09:22 +02:00
Jouni Malinen
ab3ab50757 HS 2.0: Fix Terms and Conditions URL handling
Do not try to determine the length of the T&C Server URL before checking
that the URL is available. This got broken in a change to move the
handling to the AS. hostapd could potentially have hit a NULL pointer
dereference if the authentication server sent an unconsistent set of T&C
information.

Fixes: d4e39c51f8 ("HS 2.0: Move Terms and Conditions Server URL generation from AP to AS")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-30 19:15:11 +02:00
Ankita Bajaj
0f0aa2a640 OCE: Move OCE checks to IE formation from hostapd initialization
Earlier, the OCE flags were checked during hostapd initialization. This
doesn't address few cases like for example when the interface is added
from control interface. Move the OCE flag checks to the functions that
are forming the MBO/OCE IEs to cover all the different paths for
enabling a BSS. Also use macros as appropriate for readability.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-30 15:43:01 +02:00
Jouni Malinen
d514b50265 WNM: Collocated Interference Reporting
Add support for negotiating WNM Collocated Interference Reporting. This
allows hostapd to request associated STAs to report their collocated
interference information and wpa_supplicant to process such request and
reporting. The actual values (Collocated Interference Report Elements)
are out of scope of hostapd and wpa_supplicant, i.e., external
components are expected to generated and process these.

For hostapd/AP, this mechanism is enabled by setting
coloc_intf_reporting=1 in configuration. STAs are requested to perform
reporting with "COLOC_INTF_REQ <addr> <Automatic Report Enabled> <Report
Timeout>" control interface command. The received reports are indicated
as control interface events "COLOC-INTF-REPORT <addr> <dialog token>
<hexdump of report elements>".

For wpa_supplicant/STA, this mechanism is enabled by setting
coloc_intf_reporting=1 in configuration and setting Collocated
Interference Report Elements as a hexdump with "SET coloc_intf_elems
<hexdump>" control interface command. The hexdump can contain one or
more Collocated Interference Report Elements (each including the
information element header). For additional testing purposes, received
requests are reported with "COLOC-INTF-REQ <dialog token> <automatic
report enabled> <report timeout>" control interface events and
unsolicited reports can be sent with "COLOC_INTF_REPORT <hexdump>".

This commit adds support for reporting changes in the collocated
interference (Automatic Report Enabled == 1 and partial 3), but not for
periodic reports (2 and other part of 3).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-30 14:07:51 +02:00
Peng Xu
224eddb03b nl80211: Read reg-domain information from a specific wiphy
If driver supports self-managed regulatory domain, read reg-domain
information for that specific wiphy interface instead the global
information which may be different which such drivers. This fixes issues
where a regulatory update with a self-managed regulatory domain driver
ended up building incorrect list of supported channels for upper layer
hostapd/wpa_supplicant operations.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-24 18:36:34 +03:00
Peng Xu
8aa4d5521c nl80211: Add support for self-managed regulatory device
Add a flag indicating if the device has the self-managed regulatory
support. Set the flag if NL80211_ATTR_WIPHY_SELF_MANAGED_REG attribute
is set when reading wiphy info.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-24 18:34:31 +03:00
Karol Babioch
ac1f591567 Enable the close-on-exec flag for the debug log file descriptor
On Linux this flag will make sure that no file descriptor is
accidentally leaked into potential child processes. While this is not a
problem right now, it is considered to be good practice these days when
dealing with file descriptors on Linux.

Signed-off-by: Karol Babioch <karol@babioch.de>
2018-10-20 19:26:03 +03:00
Karol Babioch
1737eb3982 Create debug log file with more sane file permissions
Previously the file permissions for the debug log file were not
explicitly set. Instead it was implicitly relying on a secure umask,
which in most cases would result in a file that is world-readable. This
is a violation of good practices, since not every user should have
access to sensitive information that might be contained in the debug log
file.

Explicitly set sane default file permissions in case the file is newly
created.

Unfortunately the fopen(3) function does not provide such a facility, so
the approach needs to be changed in the following way:

1) The file descriptor needs to be created manually using the open(3)
function with the correct flags and the desired mode set.

2) fdopen(3) can then be used on the file descriptor to associate a file
stream with it.

Note: This modification will not change the file permissions of any
already existing debug log files, and only applies to newly created
ones.

Signed-off-by: Karol Babioch <karol@babioch.de>
2018-10-20 19:15:54 +03:00
Ilan Peer
f13aaf33fb AP: Place the WPA IE in the correct order
In case the protocol used for the BSS is WPA, the WPA vendor IE should
be placed after all the non vendor IEs. Fix this for Beacon and Probe
Response frames.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2018-10-20 11:28:29 +03:00
Sriram R
7b2ca5cf0d hostapd: Reset channel switch parameters on interface disable
Previously, when an AP interface was disabled through a control
interface DISABLE command during a channel switch window, the interface
could not be reenabled due to beacon setup failure (which validates if
CSA is in progress).

Fix this by clearing channel switch parameters while disabling the
hostapd interface.

Signed-off-by: Sriram R <srirrama@codeaurora.org>
2018-10-19 21:26:03 +03:00
Peng Xu
2f186d598a Define vendor specific NDP attribute for peer NDPE support
Add NAN NDP attribute QCA_WLAN_VENDOR_ATTR_PEER_NDPE_SUPPORT which
indicates if NDP remote peer supports NDPE attribute or not.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-19 20:44:44 +03:00
Andrei Otcheretianski
68500d8159 AP: Warn about VLAN interface name truncations
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2018-10-16 12:56:04 +03:00
Andrei Otcheretianski
d577f7f3d5 nl80211: Warn about interface name truncations
This is something useful to know and also eliminates format truncation
warnings.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2018-10-16 12:53:15 +03:00
Johannes Berg
94919da24d RSN: Use COMPACT_MACSTR to match MAC2STR
We shouldn't open-code the %02x... when we have COMPACT_MACSTR.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2018-10-16 12:33:22 +03:00
Nishant Chaprana
391d922bcf EAP-pwd peer: Fix memory leak in eap_pwd_perform_confirm_exchange()
hash variable is allocated memory using eap_pwd_h_init(), but there are
couple of error case code paths which skips deallocation of hash. The
memory of hash is deallocated using eap_pwd_h_final(). Fix this by
calling eap_pwd_h_final() at the end of the function if execution got
there through one of those error cases.

Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
2018-10-16 12:11:32 +03:00
Sathishkumar Muruganandam
72a09d43fe Fix 5 GHz to 2.4 GHz channel switch with hostapd through DISABLE/ENABLE
When moving a 5 GHz VHT AP to 2.4 GHz band with VHT disabled through the
hostapd control interface DISABLE/reconfig/ENABLE commands, enabling of
the AP on 2.4 GHz failed due to the previously configured VHT capability
being compared with hardware VHT capability on 2.4 GHz band:

hw vht capab: 0x0, conf vht capab: 0x33800132
Configured VHT capability [VHT_CAP_MAX_MPDU_LENGTH_MASK] exceeds max value supported by the driver (2 > 0)
ap: interface state DISABLED->DISABLED

Since VHT (ieee80211ac) config is already disabled for the 2.4 GHz band,
add fix this by validating vht_capab only when VHT is enabled.

Fixes: c781eb8428 ("hostapd: Verify VHT capabilities are supported by driver")
Signed-off-by: Sathishkumar Muruganandam <murugana@codeaurora.org>
2018-10-16 00:50:40 +03:00
Ashok Kumar
edb28006c4 PMF: Do not start SA Query procedure if there is no association
Previous implementation ended up triggering PMF check for previous
association and SA Query procedure incorrectly in cases where there is a
STA entry in hostapd, but that STA is not in associated state. This
resulted in undesired temporary rejection of the association with status
code 30.

This ended up breaking OWE group negotiation when PMF is in use since
the check for the OWE group would have happened only after this earlier
PMF check and rejection (i.e., the station got status code 30 instead of
the expected 77).

For example, when the AP is configured with OWE group 21 and a station
tries groups 19, 20, and 21 (in this sequence), the first two
Association Request frames should be rejected with status code 77.
However, only the first one got that status code while the second one
got status code 30 due to that issue with PMF existing association
check.

Furthermore, hostapd was continuing with SA Query procedure with
unencrypted Action frames in this type of case even though there was no
existing association (and obviously, not an encryption key either).

Fix this by checking that the STA entry is in associated state before
initiating SA Query procedure based on the PMF rules.

Signed-off-by: Ashok Kumar <aponnaia@codeaurora.org>
2018-10-16 00:33:20 +03:00
Johannes Berg
40432e6eb3 nl80211: Implement netlink extended ACK support
Implement netlink extended ACK support to print out the error
message (if any).

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2018-10-14 20:20:11 +03:00
Hauke Mehrtens
74eebe93d0 SAE: Do not ignore option sae_require_mfp
Without this patch sae_require_mfp is always activate, when ieee80211w
is set to optional all stations negotiating SAEs are being rejected when
they do not support PMF. With this patch hostapd only rejects these
stations in case sae_require_mfp is set to some value and not null.

Fixes ba3d435fe4 ("SAE: Add option to require MFP for SAE associations")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-10-14 20:13:16 +03:00
Jouni Malinen
dc1b1c8db7 Drop logging priority for handle_auth_cb no-STA-match messages
This message was printed and MSG_INFO level which would be more
reasonable for error cases where hostapd has accepted authentication.
However, this is not really an error case for the cases where
authentication was rejected (e.g., due to MAC ACL). Drop this to use
MSG_DEBUG level.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-10-14 20:03:55 +03:00
Jouni Malinen
6588f71222 Reduce undesired logging of ACL rejection events from AP mode
When Probe Request frame handling was extended to use MAC ACL through
ieee802_11_allowed_address(), the MSG_INFO level log print ("Station
<addr> not allowed to authenticate") from that function ended up getting
printed even for Probe Request frames. That was not by design and it can
result in excessive logging and MSG_INFO level if MAC ACL is used.

Fix this by printing this log entry only for authentication and
association frames. In addition, drop the priority of that log entry to
MSG_DEBUG since this is not really an unexpected behavior in most MAC
ACL use cases.

Fixes: 92eb00aec2 ("Extend ACL check for Probe Request frames")
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-10-14 19:57:22 +03:00
Purushottam Kushwaha
e8581183f9 HS 2.0: Use execve() with custom env PATH to launch browser using 'am'
With new restriction in Android, if PATH env variable doesn't have
correct path of 'am' binary, execv() fails to launch wpadebug browser
(am starts, but something seems to fail within its internal processing).

This commit is a workaround to use execve() with custom environment PATH
which includes "/system/bin;/vendor/bin" to handle the cases where
hs20-osu-client fails to launch wpadebug browser through /system/bin/am.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-12 15:51:05 +03:00
Visweswara Tanuku
77fcd74753 QCA vendor subcommand and attributes to configure capture of CFR data
Add a subcommand for Channel Frequency Response (CFG) Capture
Configuration and define attributes for configuring CFR capture
parameters per peer and enabling/disabling CFR capture.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-11 12:12:30 +03:00
Jouni Malinen
7770a9dd6a RADIUS: Support last_msk with EAP-TLS
This extends the last_msk testing functionality in the RADIUS server to
work with EAP-TLS based on "cert-<serial_num>" form user names in the
database.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-11 12:12:30 +03:00
Jouni Malinen
063cbb87a6 EAP server: Add eap_get_serial_num()
This can be used to fetch the serial number of the peer certificate
during TLS-based EAP session.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-11 12:12:30 +03:00
Jouni Malinen
0ec3e77a13 TLS: Add tls_connection_peer_serial_num()
This can be used to fetch the serial number of the peer certificate in
the EAP server. For now, this is implemented only with OpenSSL.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-11 12:12:30 +03:00
Jouni Malinen
18003b315b AS: Add an event_cb() callback handler
This provides debug log information on TLS events on the server side.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-11 12:12:30 +03:00
Jouni Malinen
2ff952a5dd OpenSSL: Make serial number of peer certificate available in event_cb
Add serial number to the event_cb() information for the peer certificate
chain.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-11 12:12:30 +03:00
Jouni Malinen
cad810a98f HS 2.0: OSU Provider NAI List advertisement
Extend hostapd to allow the new OSU Provider NAI List ANQP-element to be
advertised in addition to the previously used OSU Providers list
ANQP-element. The new osu_nai2 configurator parameter option is used to
specify the OSU_NAI value for the shared BSS (Single SSID) case while
osu_nai remains to be used for the separate OSU BSS.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-05 20:49:42 +03:00
vamsi krishna
edb509d49f Add QCA vendor event to report roam scan events
Driver/firmware does roam scan when it finds the need to roam to a
different BSS. Add a QCA vendor event to indicate such roam scan events
from driver/firmware to user space.

Please note that some drivers may not send these events in few cases,
e.g., if the host processor is sleeping when this event is generated in
firmware to avoid undesired wakeups.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-10-04 00:31:45 +03:00
Jouni Malinen
17d4b77472 RSN: Do not replace existing Suite B PMKSA on 4-way handshake
PMKID derivation with the Suite B AKMs is a special case compared to
other AKMs since that derivation uses KCK instead of PMK as an input.
This means that the PMKSA cache entry can be added only after KCK has
been derived during 4-way handshake. This also means that PMKID would
change every time 4-way handshake is repeated even when maintaining the
same PMK (i.e., during PTK rekeying and new associations even if they
use PMKSA caching).

wpa_supplicant was previously replacing the PMKSA cache entry whenever a
new PMKID was derived. This did not match hostapd expectations on the AP
side since hostapd did not update the PMKSA cache entry after it was
created. Consequently, PMKSA caching could be used only once (assuming
no PTK rekeying happened before that). Fix this by making wpa_supplicant
behave consistently with hostapd, i.e., by adding the Suite B PMKSA
cache entries with the PMKID from the very first 4-way handshake
following PMK derivation and then not updating the PMKID.

IEEE Std 802.11-2016 is somewhat vague in this area and it seems to
allow both cases to be used (initial PMKID or any consecutive PMKID
derived from the same PMK). While both cases could be supported that
would result in significantly more complex implementation and need to
store multiple PMKID values. It looks better to clarify the standard to
explicitly note that only the first PMKID derived after PMK derivation
is used (i.e., match the existing hostapd implementation).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-27 11:37:19 +03:00
Srikanth Marepalli
bd88ed60fa eap_proxy: Fix memory leaks when using eap_peer_erp_init()
The external session_id and emsk from eap_proxy_get_eap_session_id() and
eap_proxy_get_emsk() need to be freed consistently in all code paths
within eap_peer_erp_init() and outside it in the case ERP is not
initialized.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-21 21:34:08 +03:00
Ankita Bajaj
820ea0ba93 DPP: Fix a memory leak on Configurator keygen error path
The allocated configuration structure needs to be freed if the specified
curve is not supported.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-21 21:22:42 +03:00
Ankita Bajaj
5a052f92eb DPP: Fix a memory leak in L derivation
The temporary EC_POINT 'sum' needs to be freed at the end of the
function with the other OpenSSL allocations.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-21 21:21:14 +03:00
Ankita Bajaj
bae282e3e8 DPP: Fix an error path memory leak in URI public key parsing
The allocated buffer from base64_decode() needs to be freed on the
sha256_vector() error path.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-21 21:20:06 +03:00
Srikanth Marepalli
e662260162 Free dh_ctx on failure in wps_nfc_gen_dh()
This is needed to avoid a memory leak on an error path.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-20 17:18:16 +03:00
Varun Reddy Yeturu
60377efcc1 QCA vendor command support for TWT test configuration
Define new QCA vendor specific test config attributes to configure TWT.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-18 13:03:02 +03:00
Jouni Malinen
2b92c4f3c0 DPP: Fix test functionality for invalid keys with OpenSSL 1.1.0
It looks like at least OpenSSL 1.1.0i includes the extra checks in
EC_POINT_set_affine_coordinates_GFp() that break the previously used
mechanism for generating invalid keys. Fix this by using the alternative
design that was used with OpenSSL 1.1.1 and BoringSSL.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-17 17:23:10 +03:00
Jouni Malinen
3ecb8a5203 ANQP: Parse and report Venue URL information
Parse the Venue URL ANQP-element payload and report it with the new
RX-VENUE-URL event messages if the query was done using PMF.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-15 05:17:49 +03:00
Jouni Malinen
ad4e4f60a0 RADIUS server: Add testing support for authentication result
CONFIG_RADIUS_TEST builds can now update the user SQLite database based
on authentication result from the last attempt. If the database has a
last_msk column, that will be set to the hexdump of the MSK whenever
authentication succeeds and to "FAIL" whenever authentication fails.
This can be used for testing purposes by having an external program
track authentication status per user.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-11 04:02:36 +03:00
Jouni Malinen
02eec9954c XML: Do not add empty Value node for nodes with child nodes in TNDS
This fixes some validation issues against DM_ddf DTD that were caused by
the conversion from the internal tree structure to TNDS. Only the leaf
nodes are supposed to have the Value node.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-10 21:43:43 +03:00
Kiran Kumar Lokere
13dd13fc01 Define test config attribute to configure OM control support
Define a new QCA vendor specific test config attribute to configure the
support for receiving the MPDU with operating mode control subfield.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-09-06 00:01:57 +03:00
Roee Zamir
d6801b0545 nl80211: Support OCE features (driver capability and scan params)
Check if the device supports specific mandatory features and set the the
relevant WPA_DRIVER_FLAGS_OCE_STA flag. Send the relevant scan
parameters for OCE scans.

Signed-off-by: Roee Zamir <roee.zamir@intel.com>
2018-09-02 17:59:01 +03:00
Roee Zamir
938dd97a84 driver: Add OCE scan parameters
Add a flag to scan parameters that enables OCE scan features. If this
flag is set the device should enable the following features as defined
in the Optimized Connectivity Experience Technical Specification v1.0:
- Overwrite FILS request Max Channel Time with actual value (clause 3.8)
- Send Probe Request frame in high rate (at least 5.5 Mbps) (clause 3.12)
- Probe Request frame Transmission Deferral and Suppression (clause 3.5)
- Accept broadcast Probe Response frame (clause 3.6)

Signed-off-by: Roee Zamir <roee.zamir@intel.com>
2018-09-02 17:53:32 +03:00
Jouni Malinen
830eacf9d0 Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2018-08-29.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-09-02 17:45:27 +03:00
Johannes Berg
2543b19e46 random: Remove write-only variable random_entropy_file_read
This variable is never read, so it's not needed. Remove it.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2018-09-02 12:51:06 +03:00
Andreas Tobler
b5ebe5dd5b hostapd: Send an event before throwing a station on re-authentication
If you modify the WLAN-STA-AUTHORIZED bit in sta->flags, you have to
call the ap_sta_set_authorized() function to make sure the corresponding
event is sent over the control interface. Otherwise we leak entries in
the event history.

Signed-off-by: Andreas Tobler <andreas.tobler@cloudguard.ch>
2018-09-02 12:48:32 +03:00
Jouni Malinen
57151ae984 atheros: Fix atheros_send_mgmt() dependency on CONFIG_FILS
This fixes a CONFIG_FILS=y build without CONFIG_IEEE80211W=y.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-09-02 12:42:28 +03:00
Chaitanya T K
410e2dd1d6 OWE: Fix build error in AP code without CONFIG_IEEE80211W=y
When CONFIG_OWE is enabled but none of 11R/11W/FILS are enabled hostapd
(and wpa_supplicant with AP mode support) build failed. Fix this by
adding OWE to the list of conditions for including the local variables.

Signed-off-by: Chaitanya T K <chaitanya.mgit@gmail.com>
2018-09-02 12:38:16 +03:00
Hu Wang
b898b65582 nl80211: Do not ignore disconnect event in case of !drv->associated
Commit 3f53c006c7 ('nl80211: Ignore
disconnect event in case of locally generated request') made
wpa_supplicant ignore the next received disconnect event for cases where
wpa_supplicant itself requested a disconnection. This can result in
ignoring a disconnection notification in some cases.

Considering a P2P Client receiving disconnect event from the kernel
after a P2P group is started, drv->ignore_next_local_disconnect is
cleared to 0, then wpa_driver_nl80211_disconnect() will be called during
the removal of the group, in which drv->ignore_next_local_disconnect is
set to 1 by mistake.

Do not allow ignore_next_local_{disconnect,deauth} to be set to 1 if the
driver is not in associated state (drv->associated is 0) to avoid this
type of cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-31 12:01:33 +03:00
Purushottam Kushwaha
20f612d998 DPP: Set group id through DPP_AUTH_INIT or dpp_configurator_params
This enhances DPP_AUTH_INIT, DPP_CONFIGURATOR_SIGN, and SET
dpp_configurator_params to allow optional setting of the DPP groupId
string for a Connector. If the value is not set, the previously wildcard
value ("*") is used by default.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-30 23:34:00 +03:00
Nachiket Kukade
495aebd39f Add new QCA vendor command and attributes to enhance NAN
The payload used for the existing NAN vendor command,
QCA_NL80211_VENDOR_SUBCMD_NAN is a binary blob of data. This
command is not extendable to send additional information. Hence
define a new vendor command QCA_NL80211_VENDOR_SUBCMD_NAN_EXT,
that can carry the binary blob encapsulated within an attribute
and can carry additional attributes to enhance the NAN command
interface. Define additional 3 new attributes for conveying
type of NAN subcmd and channel information.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-30 22:55:19 +03:00
Nachiket Kukade
28c7f77a85 Correct the documentation of NAN vendor command
Present implementation of NAN vendor command does not use
attribute encapsulation for sending the command from userspace
to the driver, payload is directly sent as is. Attribute
QCA_WLAN_VENDOR_ATTR_NAN is used only for receiving vendor
events in the userspace from the driver. Update the doc as per
this implementation.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-30 22:50:17 +03:00
xiaofeis
b3f24b06e3 mka: Fix confidentiality offset issue in macsec_qca driver interface
Confidentiality offset from MKA should be configured to the
driver/hardware when creating SA.

Signed-off-by: xiaofeis <xiaofeis@codeaurora.org>
2018-08-24 16:27:34 +03:00
xiaofeis
bed30e8d3b mka: Fix sci port mask issue in macsec_qca driver interface
Need to use full 8-bit mask here when swapping byte order.

Signed-off-by: xiaofeis <xiaofeis@codeaurora.org>
2018-08-24 16:27:34 +03:00
Kiran Kumar Lokere
1bac151eaf Change the ADDBA buffer size attribute type to U16 from U8
The max supported ADDBA buffer size value is 256, so change
the buffer size attribute type to U16 to configure the testbed
device to use the 256 buffer size in ADDBA negotiation in 11ax
testing.

This attribute is used only to configure a testbed device and the old
definition of this attribute was not used in any deployed implementation
hence it is still justifiable to change the definition.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-24 16:27:34 +03:00
Srinivas Dasari
d35003e501 Vendor attribute to get max blacklist BSSIDs capability
Add a QCA vendor attribute
QCA_WLAN_VENDOR_ATTR_GSCAN_MAX_BLACKLIST_BSSID to get maximum
blacklist BSSIDs capability from the driver for gscan.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-24 16:27:34 +03:00
Bhagavathi Perumal S
8bfbb295df nl80211: Fix sending of WDS STA event to the correct BSS context
The WDS-STA-INTERFACE-ADDED/WDS-STA-INTERFACE-REMOVED events were always
sent to the first BSS instead of the specific BSS that the STA was
connected to in multi-BSS cases. Fix this by using the BSS specific
context pointer.

Fixes: 1952b626ba ("hostapd: Add ctrl iface indications for WDS STA interface")
Signed-off-by: Bhagavathi Perumal S <bperumal@codeaurora.org>
2018-08-24 16:27:34 +03:00
xiaofeis
1ff8605775 mka: Support GCM-AES-256
GCM-AES-256 cipher suite is defined in IEEE Std 802.1AEbn-2011.

If authenticator configured as GCM-AES-256, the distributed SAK will be
256 bits indicated by the GCM-AES-256 ID in the MKA packet.

This patch will make AES Key Unwrap to 32 bytes of SAK when identify the
ID.

Signed-off-by: xiaofeis <xiaofeis@codeaurora.org>
2018-08-21 19:28:20 +03:00
Hu Wang
567df5501c Re-configure WEP keys on hostapd interface re-enable
This allows WEP mode AP to be re-enabled automatically after external
ifconfig down + up on netdev used by hostapd.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-21 18:50:12 +03:00
Rosen Penev
373c796948 OpenSSL: Fix compile with OpenSSL 1.1.0 and deprecated APIs
SSL_session_reused() is the same as the deprecated SSL_cache_hit(). The
engine load stuff is now handled by OPENSSL_init().

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-08-12 16:26:31 +03:00
Jouni Malinen
c6e1a9a0b3 Clarify the TODO comment regarding PMKID KDE in EAPOL-Key msg 1/4
Make it clear that the consideration should be only for the IBSS case
and in infrastructure BSS case, PMKID KDE should not be added due to
risks involved with exposing this to stations that do not know the
passphrase.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-10 13:51:04 +03:00
Mathy Vanhoef
3e34cfdff6 WPA: Ignore unauthenticated encrypted EAPOL-Key data
Ignore unauthenticated encrypted EAPOL-Key data in supplicant
processing. When using WPA2, these are frames that have the Encrypted
flag set, but not the MIC flag.

When using WPA2, EAPOL-Key frames that had the Encrypted flag set but
not the MIC flag, had their data field decrypted without first verifying
the MIC. In case the data field was encrypted using RC4 (i.e., when
negotiating TKIP as the pairwise cipher), this meant that
unauthenticated but decrypted data would then be processed. An adversary
could abuse this as a decryption oracle to recover sensitive information
in the data field of EAPOL-Key messages (e.g., the group key).
(CVE-2018-14526)

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-08-08 16:51:35 +03:00
Kiran Kumar Lokere
cbdf5a49c8 Define test config vendor attribute to override MU EDCA
Add a new test config QCA vendor attribute to override the MU EDCA
parameters to default values in the driver for test configuration. This
is used for configuring the testbed device.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-01 17:38:47 +03:00
Jouni Malinen
5ca1196577 HS 2.0: Fix Terms and Conditions Server URL macro replacement
The last character of the STA MAC address got replaced with 0x00 due to
truncation if the @1@ macro was used at the end of the URL. Fix this
case by allocating larger buffer for the URL.

Fixes: d4e39c51f8 ("HS 2.0: Move Terms and Conditions Server URL generation from AP to AS")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-07-31 00:07:36 +03:00
Kiran Kumar Lokere
420b5dd814 Define test config QCA vendor attribute for HE MAC padding duration
Add a new wifi test config QCA vendor attribute to configure HE
trigger frame MAC padding duration value in the driver.
This is used for testbed configuration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-07-06 21:27:01 +03:00
Hu Wang
8a9950f7b6 nl80211: Indicate interface up only for the main netdev
ifname is checked for interface down event in commit
106fa1e97e ("nl80211: Indicate
interface-down event only for the main netdev"). Do the same for
interface up event to avoid unexpected notifications when the master
interface (e.g., a bridge interface) is set up while then WLAN interface
remains down.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-07-05 13:41:46 +03:00
Sathishkumar Muruganandam
c809756f9f nl80211: Allocate nl_sock for NETLINK_ROUTE when already_in_bridge
When we start hostapd having Hotspot 2.0 configuration with interface
already added to bridge interface, addition and deletion of new neighbor
to bridge ip neighbor table fails.

This is since 'bss->added_if_into_bridge' is not set which only allows
'drv->rtnl_sk' (nl_sock for NETLINK_ROUTE) allocation needed for bridge
ip neighbor table.

Add a new bit 'already_in_bridge' and set it when interface is already
added to bridge by some external component. Check this bit in addition
to 'bss->added_if_into_bridge' for 'drv->rtnl_sk' allocation done in
i802_init().

Now 'drv->rtnl_sk' is closed in wpa_driver_nl80211_deinit() regardless of
'bss->added_if_into_bridge' since when we have 'bss->already_in_bridge'
case too, this need to be removed.

brctl show

bridge name     bridge id               STP enabled     interfaces
br0             8000.8efdf006b050       no              ap

hostapd_cli raw STATUS-DRIVER

Selected interface 'ap'
ifindex=15
ifname=ap
brname=br0
addr=8e:fd:f0:06:b0:50
freq=5180
beacon_set=1
already_in_bridge=1
..

Signed-off-by: Sathishkumar Muruganandam <murugana@codeaurora.org>
2018-07-05 13:36:27 +03:00
Peng Xu
946e35eace nl80211: Skip vendor specific DFS offload if upstream mechanism is used
Since the generic DFS offload support flag is added as
NL80211_EXT_FEATURE_DFS_OFFLOAD, only use the vendor command to check
DFS capablity if the flag is not already set.

Signed-off-by: Peng Xu <pxu@codeaurora.org>
2018-07-05 13:18:28 +03:00
Kiran Kumar Lokere
7bf86e4416 Define test config QCA vendor attribute for HE MU EDCA params
Add a new wifi test config QCA vendor attributes to configure
HE MU EDCA parameters value in the driver.
This is used for testbed configuration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-07-03 18:12:44 +03:00
Kiran Kumar Lokere
6cc77193c6 Define test config QCA vendor attribute for Tx beamformee NSTS
Add a new wifi test config QCA vendor attribute to configure Tx
beamformee number of space-time streams value in the driver.
This is used for testbed configuration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-28 18:37:01 +03:00
Jouni Malinen
abed6136ae RADIUS: Add DAC implementation in hostapd(AS)
The new DAC_REQUEST control interface command can now be used to request
hostapd to send out Disconnect-Request and CoA-Request packets for an
existing session.

DAC_REQUEST <disconnect|coa> <MAC Address> [t_c_clear]

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-22 19:37:18 +03:00
Jouni Malinen
72aad113c2 RADIUS: Allow 0.0.0.0 to be used as wildard radius_das_client
This allows hostapd DAS to be configured to allow any DAC (with the
matching shared secret) to send Disconnect-Request and CoA-Request
packets.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-22 19:37:18 +03:00
Jouni Malinen
2122fc83aa RADIUS server: Add current_sessions SQLite table
This can be used to track active sessions, e.g., for the purpose of
issuing RADIUS DAS commands (Disconnect-Request or CoA-Request).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-22 19:37:03 +03:00
Jouni Malinen
d4e39c51f8 HS 2.0: Move Terms and Conditions Server URL generation from AP to AS
This makes it more convenient to generate the URL in a way that
interoperates between different vendors. The AP is simply copying the
already constructed URL as-is from Access-Accept to WNM-Notification.
This means that the HO AAA can generate the URL in a manner that works
for the associated T&C Server without having to coordinate with each AP.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-21 20:50:54 +03:00
Jouni Malinen
3a8dd390c9 SAE: Allow authentication restart on AP
In the infrastructure BSS case, the AP needs to clear pending SAE state
if a new Commit message is received when already in Committed state.
This allows the non-AP STA to negotiate a new group if it ends up trying
to go through SAE authentication again before the AP side has removed
the previous STA entry.

This fixes an issue where a kernel update changed something in SAE
timing or authentication sequence and started failing the
sae_bignum_failure hwsim test case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-20 13:04:31 +03:00
Jouni Malinen
a10f5714cc HS 2.0: Allow Hotspot 2.0 version number to be overridden for build
This can be used for testing and development purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-18 20:11:52 +03:00
Jouni Malinen
c6f01fbf26 nl80211: Add more command/event names to debug prints
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-15 21:40:08 +03:00
Martin Willi
4a0e011560 AP: Fix HT 20/40 co-ex transition timer cancellation on iface removal
When removing an interface, hostapd_bss_deinit() frees all associated
STAs. If any of the stations is 40MHz intolerant, the cleanup invokes
ht40_intolerant_remove(), that in turn registers a 20->40MHz transition
timer for the last station (ap_ht2040_timeout() function). That timer is
never canceled; once it executes, the interface is gone, most likely
resulting in a segfault when referencing it.

While hostapd_interface_deinit() cancels the transition timer, it does
so before cleaning up STAs. Move the cancellation after STA cleanup to
cancel any timer that was registered during that operation.

Signed-off-by: Martin Willi <martin@strongswan.org>
2018-06-12 21:45:10 +03:00
Peng Xu
b915f2cdf2 nl80211: Handle NL80211_CMD_WIPHY_REG_CHANGE event
Handle NL80211_CMD_WIPHY_REG_CHANGE the same way as the
NL80211_CMD_REG_CHANGE event. The wiphy-specific event is generated by
the cfg80211 reg_process_self_managed_hints() function, e.g., when going
through regulatory_set_wiphy_regd_sync_rtnl(). Previously, such events
were ignored completely in hostapd/wpa_supplicant.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-07 00:05:39 +03:00
Jouni Malinen
c3e4f40cd6 FT: Derive PMKR0Name/PMKR1Name using SHA-384 with AKM 00-0F-AC:13
The AKM 00-0F-AC:13 is supposed to use cryptographic algorithms
consistently, but the current IEEE 802.11 standard is not doing so for
the key names: PMKID (uses SHA-1), PMKR0Name/PMKR1Name (uses SHA-256).
The PMKID case was already implemented with SHA-384 and this commit
replaces use of SHA-256 with SHA-384 for PMKR0Name/PMKR1Name derivation
to be consistent in SHA-384. While this is not compliant with the
current IEEE 802.11 standard, this is clearly needed to meet CNSA Suite
requirements. Matching change is being proposed in REVmd to get the IEEE
802.11 standard to meet the use case requirements.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-06 23:59:46 +03:00
Jouni Malinen
e8d08cf378 SAE: Do not drop STA entry on reauthentication in infrastructure BSS
A new SAE Commit message should not be allowed to drop an existing STA
entry since the sender of that Commit message cannot be authenticated
before receiving the Confirm message. This is important in particular
when PMF is used since this would provide a potential new path for
forcing a connection to be dropped.

Fix this by allowing a new SAE Authentication instance to be started
when the old instance is in Accepted state and the new Commit message
does not use the same peer-scalar value (checked in
sae_parse_commit_scalar()). When PMF is used, the AP will use SA Query
procedure when receiving the (Re)Association Request frame. In theory,
that step could be skipped in case of SAE Authentication since the
non-AP STA is demonstrating knowledge of the password. Anyway, there is
no allowance for that exception in the IEEE 802.11 standard, so at least
for now, leave this using SA Query procedure just like any other PMF
case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-06 01:22:01 +03:00
Jouni Malinen
ef13b33afc FT: Support BIP-CMAC-256, BIP-GMAC-128, BIP-GMAC-256 in STA case
wpa_supplicant was hardcoded to use BIP-CMAC-128 in FT protocol if PMF
was enabled. Extend that to allow the other BIP algorithms to be used as
well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 21:50:36 +03:00
Jouni Malinen
ff168f8c23 FT: Support 256-bit IGTK in AP case
hostapd was hardcoded to use 128-bit IGTK in FT protocol (IGTK
subelement in FTE). Extend that to allow 256-bit IGTK (i.e.,
BIP-CMAC-256 and BIP-GMAC-256) to be used as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 21:50:36 +03:00
Jouni Malinen
2cf36d6085 FT: Handle AssocResp generation failures as fatal errors
Instead of sending out a partially completed frame, abort the
association process if something unexpected happens and remove the STA
entry.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 21:50:36 +03:00
Jouni Malinen
657b4c45a9 FILS: Fix KEK2 use in FT-FILS use cases
When support for KCK2 and KEK2 was added, both keys were derived for
FT-FILS cases, but only KCK2 was actually used. Add similar changes to
use KEK2 to protect GTK/IGTK in FTE with using FT-FILS AKMs.

This fixes AES key wrapping to use the correct key. The change is not
backwards compatible.

Fixes: 2f37387812 ("FILS: Add more complete support for FT-FILS use cases")
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 21:04:54 +03:00
Jouni Malinen
661afb2edd FT: Fix RRB error path handling
When building an RRB message, a failure in wpa_ft_rrb_lin() calls could
have resulted in trying to free an uninitialized pointer. Fix this by
initializing *packet to NULL before going through the initial steps.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 20:16:37 +03:00
Jouni Malinen
df3bf6870b FT: Debug print of IE parsing element details
This makes it easier to debug issues in processing FT frames.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 20:16:37 +03:00
Jouni Malinen
3d9cd08410 FT: Add support for variable length PMK-R1 receiving in RRB
SHA384-based FT AKM uses longer keys, so the RRB receive processing for
push and pull response messages needs to be able to accept variable
length PMK-R1.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 20:16:37 +03:00
Jouni Malinen
a7968ea568 FT: FTE generation for SHA384-based AKM on AP
The MIC field is now a variable length field, so make FTE generation in
hostapd aware of the two different field lengths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 20:16:37 +03:00
Jouni Malinen
06f1286607 FT: FTE generation for SHA384-based AKM on STA
The MIC field is now a variable length field, so make FTE generation in
wpa_supplicant aware of the two different field lengths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 20:16:37 +03:00
Jouni Malinen
9a33737a0b FT: FTE parsing for SHA384-based AKM
The MIC field is now a variable length field, so make the FTE parser
aware of the two different field lengths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 19:29:53 +03:00
Jouni Malinen
994eac7e61 FT: PMK-R0 derivation using SHA384-based AKM
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 19:29:53 +03:00
Jouni Malinen
1655e81c97 FT: PMKID derivation using SHA384-based AKM
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 19:29:53 +03:00
Jouni Malinen
40a2eb1164 FT: PTK derivation using SHA384-based AKM
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 19:29:53 +03:00
Jouni Malinen
7880a6a2b8 FT: PMK-R1 derivation using SHA384-based AKM
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 19:29:52 +03:00
Jouni Malinen
b327026a72 FT: FTE MIC calculation using SHA384-based AKM
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 19:29:52 +03:00
Jouni Malinen
c49a9d6b99 FT: EAPOL-Key MIC calculation using SHA384-based AKM
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 19:29:52 +03:00
Jouni Malinen
9f12271b2a FT: XXKey derivation for SHA384-based AKM
XXKey is the first 384 bits of MSK when using the SHA384-based FT AKM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 19:29:52 +03:00
Jouni Malinen
a3e18dbb6a FT: Support variable length keys
This is a step in adding support for SHA384-based FT AKM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 19:29:52 +03:00
Jouni Malinen
c22bb5bba6 FT: SHA384-based AKM in RSNE processing
This defines key lengths for SHA384-based FT AKM and handles writing and
parsing for RSNE AKMs with the new value.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 01:11:41 +03:00
Jouni Malinen
3a11c69e0d EAP-TLS: Derive Session-Id using TLS-Exporter when TLS v1.3 is used
This updates Session-Id derivation with TLS v1.3 per
draft-ietf-emu-eap-tls13-00.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-01 17:58:56 +03:00
Jouni Malinen
2d26434ac7 EAP-TLS server: Fix EMSK derivation with TLS v1.3
The new label string for TLS-Exporter was taken into use for MSK
derivation, but it was missed from EMSK deriation in the server side
implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-01 17:52:18 +03:00
Jouni Malinen
f8aed720e4 EAP-TLS: Update key derivation label per draft-ietf-emu-eap-tls13-00
The label strings used for deriving Key_Material with TLS v1.3 were
changed, so update the implementation to match the new values.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-01 17:41:59 +03:00
Mikael Kanstrup
8518326b22 Add some missing driver flags strings
New WPA_DRIVER_FLAGS have been added but corresponding lookup
strings for driver_flags command were never added. Add the
missing strings.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
2018-05-31 13:03:54 +03:00
Markus Theil
b375b04b67 WNM: Fix time_zone advertisement without time_zone configuration
If time_advertisement=2 is included in hostapd configuration, but
time_zone is unset, the previous implementation tried to write the Time
Zone element into management frames. This resulted in segmentation fault
when trying to dereference a NULL pointer. Fix that by skipping addition
of this element when time_zone parameter is not set.

Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
2018-05-31 12:53:43 +03:00
Peter Oh
0928b62944 nl80211: Allow mesh interface to send channel switch request
Add mesh type to nl80211 channel switch request, so mesh is able to send
the request to kernel drivers.

Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
2018-05-31 12:16:03 +03:00
Jouni Malinen
f5a602168f HS 2.0: Allow OSEN connection to be used in an RSN BSS
This allows a single BSS/SSID to be used for both data connection and
OSU. In wpa_supplicant configuration, the current proto=OSEN
key_mgmt=OSEN combination is now allowing both the old separate OSEN
BSS/IE and the new RSN-OSEN to be used.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-29 23:34:22 +03:00
Jouni Malinen
8d660a4bac HS 2.0: Allow OSEN connection to be enabled in an RSN BSS
This allows a single BSS/SSID to be used for both data connection and
OSU. Instead of hostapd configuration osen=1, wpa_key_mgmt=OSEN (or more
likely, wpa_key_mgmt=WPA-EAP OSEN) is used to enable this new option.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-29 23:34:22 +03:00
xiaofeis
0fe3ede0a4 macsec_qca: Fix byte order of TX SCI port
Before calling HW macsec driver API, be_to_host16() should be used to
reverse the SCI port byte order. This was broken as part of the mka API
changes.

Fixes: 8ebfc7c2ba ("mka: Pass full structures down to macsec drivers' transmit SC ops")
Signed-off-by: xiaofeis <xiaofeis@codeaurora.org>
2018-05-28 22:17:58 +03:00
Dan Harkins
22ac3dfebf EAP-pwd: Mask timing of PWE derivation
Run through the hunting-and-pecking loop 40 times to mask the time
necessary to find PWE. The odds of PWE not being found in 40 loops is
roughly 1 in 1 trillion.

Signed-off-by: Dan Harkins <dharkins@lounge.org>
2018-05-28 22:15:15 +03:00
Dan Harkins
b8acd50114 EAP-pwd peer: Add SHA512 hash based salt mechanism
Signed-off-by: Dan Harkins <dharkins@lounge.org>
2018-05-28 22:09:20 +03:00
Dan Harkins
fb3675848c EAP-pwd peer: Add SHA256 hash based salt mechanism
Signed-off-by: Dan Harkins <dharkins@lounge.org>
2018-05-28 22:09:20 +03:00
Dan Harkins
7ef8adc7d8 EAP-pwd peer: Add SHA-1 hash based salt mechanism
Signed-off-by: Dan Harkins <dharkins@lounge.org>
2018-05-28 22:09:20 +03:00
Jouni Malinen
7280723fbf EAP-pwd peer: Check for unexpected state for ID exchange
Aborty processing if ID exchange processing is entered twice
unexpectedly. This avoids memory leaks in the function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-28 22:09:20 +03:00
Dan Harkins
44136f6ca2 EAP-pwd peer: Add support for salted password databases
These changes add support for salted password databases to EAP-pwd per
RFC 8146. This commits introduces the framework for enabling this and
the actual salting mechanisms are introduced in the following commits.

Signed-off-by: Dan Harkins <dharkins@lounge.org>
2018-05-28 22:09:20 +03:00
Dan Harkins
0744e303cf EAP-pwd peer: Move PWE derivation to commit exchange
There is no need to do this during the ID exchange, so move PWE
deriation into the following commit exchange in preparation for adding
support for salted passwords.

Signed-off-by: Dan Harkins <dharkins@lounge.org>
2018-05-28 22:09:20 +03:00
Dan Harkins
d52ead3db7 EAP-pwd server: Add support for salted password databases
These changes add support for salted password databases to EAP-pwd per
RFC 8146. This commits introduces the framework for enabling this and
the salting mechanisms based on SHA-1, SHA256, and SHA512 hash
algorithms.

Signed-off-by: Dan Harkins <dharkins@lounge.org>
2018-05-28 22:08:51 +03:00
Dan Harkins
a8712ce5b3 EAP-pwd: Pre-processing method definitions from RFC 8146
Add new password pre-processing method definitions in preparation for
salted passwords with EAP-pwd.

Signed-off-by: Dan Harkins <dharkins@lounge.org>
2018-05-28 17:15:07 +03:00
Dan Harkins
2a5c291881 EAP-pwd: Move EC group initialization to earlier step
This is needed for adding support for salted passwords.

Signed-off-by: Dan Harkins <dharkins@lounge.org>
2018-05-28 17:15:07 +03:00
Sachin Ahuja
b829e4b694 Add a QCA vendor command attribute to enable/disable GTX
This commit adds a new vendor command attribute
QCA_WLAN_VENDOR_ATTR_CONFIG_GTX in
QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION to enable/disable green
Tx power saving feature.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-24 18:47:48 +03:00
Lior David
91db940ff0 fst: Fix compile error in fst_ctrl_aux.h with C++ compilers
Move enum fst_reason to be a top level type, since it is used as
argument in the function fst_reason_name() and having it as nested
type caused a compile error when fst_ctrl_aux.h was included from
a C++ source file.

Signed-off-by: Lior David <liord@codeaurora.org>
2018-05-21 17:47:03 +03:00
Jouni Malinen
9be19d0b9c SAE: Add support for using the optional Password Identifier
This extends the SAE implementation in both infrastructure and mesh BSS
cases to allow an optional Password Identifier to be used. This uses the
mechanism added in P802.11REVmd/D1.0. The Password Identifier is
configured in a wpa_supplicant network profile as a new string parameter
sae_password_id. In hostapd configuration, the existing sae_password
parameter has been extended to allow the password identifier (and also a
peer MAC address) to be set. In addition, multiple sae_password entries
can now be provided to hostapd to allow multiple per-peer and
per-identifier passwords to be set.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-19 17:30:29 +03:00
Naveen Rawat
4e47eec5a9 Add QCA NAN vendor attributes to provide IPv6 information
Add NAN attributes to communicate IPv6 address, port, and protocol
between wifihal and host driver.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-17 22:10:15 +03:00
Jouni Malinen
9973129646 wolfSSL: Fix crypto_bignum_rshift() wrapper
The n argument to this function is number of bits, not bytes, to shift.
As such, need to use mp_rshb() instead of mp_rshd(). This fixes EAP-pwd
with P-521 curve.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-17 22:02:02 +03:00
Sean Parkinson
4b2e03c42a wolfSSL: DH initialization to call TEST_FAIL() for error tests
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-17 20:08:22 +03:00
Sean Parkinson
2b01270c8a wolfSSL: Fix ECDH set peer to use the index when importing point
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-17 20:08:15 +03:00
Sathishkumar Muruganandam
bda9c08596 hostapd: Fix CHAN_SWITCH command for VHT20 and VHT40
Previously, hostapd CHAN_SWITCH command did not effect VHT configuration
for the following:

When VHT is currently disabled (ieee80211ac=0),

1. hostapd_cli -p /var/run/hostapd chan_switch 10 5180 \
                sec_channel_offset=1 center_freq1=5190 bandwidth=40 ht

====> Comes up in HT40

2. hostapd_cli -p /var/run/hostapd chan_switch 10 5765 \
                sec_channel_offset=-1 center_freq1=5775 bandwidth=40 vht

====> Comes up in HT40

3. hostapd_cli -p /var/run/hostapd chan_switch 10 5200 center_freq1=5200 \
                                                  bandwidth=20 vht

====> Comes up in HT20

When VHT is currently enabled (ieee80211ac=1),

1. hostapd_cli -p /var/run/hostapd chan_switch 10 5180 \
                sec_channel_offset=1 center_freq1=5190 bandwidth=40 ht

====> Comes up in VHT40

2. hostapd_cli -p /var/run/hostapd chan_switch 10 5200 center_freq1=5200 \
                                                  bandwidth=20 ht

====> Comes up in VHT20

This is since VHT config from chan_switch is processed only for
bandwidths 80 and above (80P80, 160) and for VHT20, VHT40 cases, only
NLA chan type and chan width are updated.

There is no NL attribute for determining if it is HT or VHT for
bandwidths 20 & 40 and currently they are updated as HT20, HT40 (+ or -
depending on offset). Same is notified back via
NL80211_CMD_CH_SWITCH_NOTIFY.

Instead of adding new NL attribute for tracking HT/VHT enabled config,
we are adding new hostapd VHT config parameter to save the chan_switch
config and use only for chan_switch case of VHT20 and VHT40.

Tested with all combinations of chan_switch (noHT->20->40->80->) HT/VHT
and confirmed to be working.

Signed-off-by: Sathishkumar Muruganandam <murugana@codeaurora.org>
2018-05-16 01:16:54 +03:00
Karthikeyan Periyasamy
c4dd3afa3c ACS: Avoid invalid interference factor when survey channel time is zero
When the channel time is zero the interference factor calculation falls
under divide by zero operation which results in invalid (NaN =
not-a-number) interference factor value. This leads to wrong ideal
channel selection in ACS during the scenario described below.

Scenario:

In VHT80 mode, the channel 36 (first channel) gets the channel time as
zero which causes the interfactor factor to be an invalid number (NaN).
Any operations (like addition, mulitplication, divide, etc.) with NaN
value results in a NaN value, so that average factor for the primary
channel 36 got the invalid value (NaN). Since channel 36 is the first
channel, ideal factor is assigned as NaN in the first iteration. The
following iteration condition check (factor < ideal_factor) with a NaN
value fail for all other primary channels. This results in channel 36
being chosen as the ideal channel in ACS which holds a NaN value.

Logs:

ACS: Survey analysis for channel 36 (5180 MHz)
ACS: 1: min_nf=-103 interference_factor=nan nf=0 time=0 busy=0 rx=0
ACS: 2: min_nf=-103 interference_factor=0.615385 nf=-102 time=13 busy=8 rx=0
ACS: 3: min_nf=-103 interference_factor=2.45455 nf=0 time=22 busy=16 rx=0
ACS: 4: min_nf=-103 interference_factor=0.785714 nf=-103 time=42 busy=33 rx=0
ACS: 5: min_nf=-103 interference_factor=nan nf=0 time=0 busy=0 rx=0
ACS:  * interference factor average: nan
...
ACS:  * channel 36: total interference = nan
..
ACS:  * channel 149: total interference = 5.93174e-21
..
ACS: Ideal channel is 36 (5180 MHz) with total interference factor of nan

Signed-off-by: Karthikeyan Periyasamy <periyasa@codeaurora.org>
2018-05-16 01:16:54 +03:00
Jeff Johnson
6965705bf5 Fix style issues in qca-vendor.h
Over time a number of style issues have crept into qca-vendor.h,
so fix most of them. There are some identifiers and comments which
exceed 80 columns, but these are left as-is for readability.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-16 01:16:54 +03:00
Kiran Kumar Lokere
7d66e7c408 Define new QCA feature flag for self managed regulatory support
This can be used to determine which mechanism to use for configuring
country code from trusted sources.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-16 01:16:54 +03:00
Kiran Kumar Lokere
38f60142d2 Define test config vendor attribute for Tx beamformee configuration
Add a new wifi test config QCA vendor attribute to configure Tx
beamformee in the driver. This is used for testbed configuration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-16 01:16:54 +03:00
Jouni Malinen
46053a4c93 wext: Avoid gcc warnings on restricted pointer aliasing
The first two parameters to readlink() are marked restricted and at
least gcc 8.2 warns about used the same pointer for then, so avoid this
by using separate buffers for the pathname and response buffer.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-16 01:16:54 +03:00
Jouni Malinen
d267bdf9bd Silence new gcc warnings on switch statement fallthroughs
Reword the comments to make gcc 8.1 recognize these as designed cases
and not trigger implicit-fallthrough warnings.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-15 20:55:17 +03:00
Edayilliam Jayadev
98b806b03d Add QCA vendor attribute for spectral hardware generation
Add spectral hardware generation attribute to
QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_CAP_INFO vendor command.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-04 20:44:05 +03:00
Sean Parkinson
ab35793ec1 wolfSSL: Fix EAP-FAST key derivation
Implement tls_connection_get_eap_fast_key() using cryptographic
primitives as wolfSSL implements different spec.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 13:32:51 +03:00
Sean Parkinson
71faf06cb6 wolfSSL: Do not free cert store after setting it
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 13:32:51 +03:00
Sean Parkinson
b7f5b0ec65 wolfSSL: Fix OCSP ifdefs
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 13:32:51 +03:00
Sean Parkinson
ca620a3642 wolfSSL: Fix altSubjectName handling
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 13:32:51 +03:00
Sean Parkinson
7be462084e wolfSSL: Use defines from wolfssl/options.h
Depend on proper wolfSSL configuration instead of trying to define these
build configuration values externally.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 13:32:51 +03:00
Sean Parkinson
385dd7189a wolfSSL: Use wolfSSL memory allocation in dh5_init()
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 13:32:51 +03:00
Sean Parkinson
6590d84664 wolfSSL: Load certificates using 'chain' APIs
This allows the full chain to be loaded.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 13:32:51 +03:00
Sean Parkinson
fc5e88e3ea wolfSSL: Changes for memory allocation failure testing
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 13:32:51 +03:00
Sean Parkinson
06657d3166 wolfSSL: Fix crypto_hash_init() memory clearing
Explicitly clear the allocated memory to avoid uninitialized data in
struct crypto_hash.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 13:32:51 +03:00
Sean Parkinson
d396057109 wolfSSL: Fix crypto_ec_point_y_sqr()
Use the correct intermediate result from mp_sqrmod() in the following
mp_mulmod() call (t is not initialized here; it is used only after this
step).

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 13:32:51 +03:00
Sean Parkinson
e3501ac18f wolfSSL: Fix crypto_ec_point_solve_y_coord()
Provide full uncompressed DER data length to wc_ecc_import_point_der()
even though a compressed form is used here. In addition, use
ECC_POINT_COMP_* defined values to make this more readable.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 13:32:51 +03:00
Sean Parkinson
187ad3a303 wolfSSL: Add crypto_ecdh_*()
Implement the wrapper functions for ECDH operations.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 13:32:49 +03:00
Sean Parkinson
3d2f638d61 wolfSSL: Use new digest namespace
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 12:04:46 +03:00
Sean Parkinson
847665ebec wolfSSL: Fix conditional EAP-FAST compilation issue
Variable name was partially renamed during earlier cleanup.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 00:37:57 +03:00
Jouni Malinen
d501c27cfe EAP-TLS server: Disable TLS v1.3 by default
The current EAP peer implementation is not yet ready for the TLS v1.3
changes with EAP-TTLS, EAP-PEAP, and EAP-FAST, so disable TLS v1.3 for
this EAP method for now.

While the current EAP-TLS implementation is more or less complete for
TLS v1.3, there has been no interoperability testing with other
implementations, so disable for by default for now until there has been
chance to confirm that no significant interoperability issues show up
with TLS version update. tls_flags=[ENABLE-TLSv1.3] configuration
parameter can be used to enable TLS v1.3 (assuming the TLS library
supports it; e.g., when using OpenSSL 1.1.1).

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 22:13:38 +03:00
Jouni Malinen
e8a7af9a38 EAP-TLS peer: Disable TLS v1.3 by default
The current EAP peer implementation is not yet ready for the TLS v1.3
changes with EAP-TTLS, EAP-PEAP, and EAP-FAST, so disable TLS v1.3 for
this EAP method for now.

While the current EAP-TLS implementation is more or less complete for
TLS v1.3, there has been no interoperability testing with other
implementations, so disable for by default for now until there has been
chance to confirm that no significant interoperability issues show up
with TLS version update. phase1="tls_disable_tlsv1_3=0" configuration
parameter can be used to enable TLS v1.3 (assuming the TLS library
supports it; e.g., when using OpenSSL 1.1.1).

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 22:13:38 +03:00
Jouni Malinen
bbbc7e8016 EAP-TLS: Extend TLS version config to allow TLS v1.3 to be disabled
This may be needed to avoid interoperability issues with the new
protocol version and significant changes for EAP use cases in both key
derivation and handshake termination.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 22:13:38 +03:00
Jouni Malinen
53b34578f3 OpenSSL: Move server vs. client information into connection data
This makes this more easily available throughout the handshake
processing, if needed, compared to having to pass through the function
argument through the full path from
tls_connection{,_server}_handshake().

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 21:45:29 +03:00
Jouni Malinen
0de820b333 EAP-TLS peer: MSK/EMSK derivation with TLS v1.3
Use new MSK/EMSK derivation mechanism if TLS v1.3 or newer is used per
draft-mattsson-eap-tls13-02.txt.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 17:53:07 +03:00
Jouni Malinen
1854981c78 EAP-TLS peer: Allow NewSessionTicket after Client Finished with TLS v1.3
The EAP session cannot be marked fully completed on sending Client
Finished with TLS v1.3 since the server may still send NewSessionTicket
before EAP-Success.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 17:51:34 +03:00
Jouni Malinen
6dd98483eb EAP-TLS peer: Support fragmentation of last message
With TLS v1.3, the Finished message from the client can require
fragmentation. Postpone key derivation and marking of the EAP session
fully completed until all the fragments of that last message are sent to
avoid losing all the subsequent fragments.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 17:49:19 +03:00
Jouni Malinen
a80423b521 EAP-TLS server: MSK/EMSK derivation with TLS v1.3
Use new MSK/EMSK derivation mechanism if TLS v1.3 or newer is used per
draft-mattsson-eap-tls13-02.txt.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 17:47:22 +03:00
Jouni Malinen
bac1bdba3e EAP-TLS peer: Determine whether TLS v1.3 or newer is used
This is needed to be able to handle different key derivation and message
handshakes in EAP implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 17:45:37 +03:00
Jouni Malinen
fe7b06c5e1 EAP-TLS server: Determine whether TLS v1.3 or newer is used
This is needed to be able to handle different key derivation and message
handshakes in EAP implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 17:44:22 +03:00
Jouni Malinen
c26ac18958 Mark eap_server_tls_derive_key() label argument const
This value is going to be used only with a helper function that takes it
in as a const value, so use the same style here to simplify callers in
upcoming TLS v1.3 changes.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 17:43:24 +03:00
Jouni Malinen
34c6949fb7 EAP-TLS server: Remove trailing whitespace
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 17:40:58 +03:00
Jouni Malinen
4a576c4736 OpenSSL: Terminate TLS handshake if ClientHello cannot be generated
OpenSSL 1.1.1 added cases where ClientHello generation may fail due to
"no ciphers available". There is no point in sending out the resulting
TLS Alert message to the server since the server does not know what to
do with it before ClientHello. Instead, simply terminate the TLS
handshake locally and report EAP failure to avoid getting stuck waiting
for a timeout.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 13:23:25 +03:00
Jouni Malinen
2439714f90 DPP: Fix testing code for invalid keys with OpenSSL 1.1.1
OpenSSL started reporting failures from
EC_POINT_set_affine_coordinates_GFp() similarly to BoringSSL, so use the
same workaround to enable this protocol testing case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 12:02:57 +03:00
Jouni Malinen
04ee197f87 HS 2.0: Maintain a database of pending T&C acceptance sessions
The new SQLite table pending_tc is used to maintain a list of sessions
that need to accept Terms and Conditions. This information can be used
on an external Terms and Conditions server to map the incoming MAC
address information into user identity.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-30 20:12:36 +03:00
Karthikeyan Periyasamy
6b21df0bb7 Add QCA vendor command/attr to filter frames from other BSSs
Add commands to allow an AP to configure filtering rules to capture
frames from stations that are active on the operating channel, but
not associated to this AP. Operations include add/delete the filter
and get the statistics information of the unassociated stations.

Signed-off-by: Karthikeyan Periyasamy <periyasa@codeaurora.org>
2018-04-26 17:56:22 +03:00
Jouni Malinen
4526038092 HS 2.0: Terms and Conditions testing feature in authentication server
Allow hostapd RADIUS authentication server with SQLite EAP user DB to be
used for testing Terms and Conditions functionality. This could be used
for the HO AAA part of functionality (merging HO AAA and SP AAA into a
single component to avoid separate RADIUS proxy in testing setup).

A T&C server with HTTPS processing is needed to allow this to be used
for full over-the-air testing. This commit adds sufficient functionality
to allow hwsim test cases to cover the RADIUS server part.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-26 17:56:22 +03:00
Jouni Malinen
f456940ef3 HS 2.0: CoA-Request processing for Terms and Conditions filtering
Extend RADIUS DAS to support CoA-Request packets for the case where the
HS 2.0 Terms And Conditions filtering VSA is used to remove filtering.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-25 12:57:46 +03:00
mazumdar
d239ab3962 DFS: Mark channels required DFS based on reg-domain info from the driver
Mark a channel as required DFS based on regulatory information received
from the driver/kernel rather than deciding based on hardcoded
boundaries on the frequency. Previously few channels were being marked
as requiring DFS even though they were non-DFS in a particular country.

If the driver does not provide channel list information, fall back to
the previously used frequency-based determination.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-24 00:35:47 +03:00
Jouni Malinen
7fc6a024f9 HS 2.0: Process received Terms and Conditions Acceptance notification
Extend wpa_supplicant WNM-Notification RX handling to parse and process
received Terms and Conditions Acceptance notifications. If PMF is
enabled for the association, this frame results in control interface
indication (HS20-T-C-ACCEPTANCE <URL>) to get upper layers to guide the
user through the required acceptance steps.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-24 00:35:47 +03:00
Jouni Malinen
8760b9848c HS 2.0: Send Terms and Conditions Acceptance notification
This extends hostapd Access-Accept processing to check if the RADIUS
server indicated that Terms and Conditions Acceptance is required. The
new hs20_t_c_server_url parameter is used to specify the server URL
template that the STA is requested to visit.

This commit does not enable any kind of filtering, i.e., only the part
of forwarding a request from Access-Accept to the STA using
WNM-Notification is covered.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-24 00:35:47 +03:00
Jouni Malinen
6cb8f4f382 HS 2.0: Terms and Conditions attributes in Access-Request messages
This extends hostapd with two new configuration parameters
(hs20_t_c_filename and hs20_t_c_timestamp) that can be used to specify
that the Terms and Conditions attributes are to be added into all
Access-Request messages for Hotspot 2.0 STAs.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-24 00:35:47 +03:00
Bhagavathi Perumal S
1952b626ba hostapd: Add ctrl iface indications for WDS STA interface
This allows user to get event indication when a new interface is
added/removed for 4addr WDS STA and also WDS STA ifname is informed
through the STA command.

Signed-off-by: Bhagavathi Perumal S <bperumal@codeaurora.org>
2018-04-24 00:35:47 +03:00
Jouni Malinen
2598e69303 FILS: Enable SHA256 KDF even without PMF/SAE in the build
While it is unlikely that FILS would be used without PMF or SAE in the
build, it is possible to generate such a build and as such, it would be
good for the KDF selection to work properly. Add CONFIG_FILS as an
independent condition for the SHA256-based KDF. Previously, this
combination would have resulted in failure to derive keys and terminated
key management exchange.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-24 00:35:47 +03:00
Jouni Malinen
1baa130bd0 nl80211: Print NL80211_CMD_SET_POWER_SAVE errors in debug log
This makes it easier to understand what happened with PS configuration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-24 00:35:47 +03:00
Tova Mussai
c4315e6620 AP: Handle AP initalization failure in async flow
When AP initialization is completed in a callback (e.g., OBSS scan),
wpa_supplicant_deinit_ap() is not called in case of failure. Fix this by
calling setup_complete_cb in case of failure, too, which in turn calls
wpa_supplicant_deinit_ap() if needed.

Signed-off-by: Tova Mussai <tova.mussai@intel.com>
2018-04-20 00:48:49 +03:00
Ahmad Masri
86c998d37a FT: Add FT auth algorithm to connect params when roaming
Add WPA FT auth to connect params in case of a re-connection to ESS
supporting FT when FT was used in the first connect.

Signed-off-by: Ahmad Masri <amasri@codeaurora.org>
2018-04-20 00:35:41 +03:00
Ahmad Masri
3dc3afe298 FT: Add MDE to assoc request IEs in connect params
Add MDE (mobility domain element) to Association Request frame IEs in
the driver assoc params. wpa_supplicant will add MDE only if the network
profile allows FT, the selected AP supports FT, and the mobility domain
ID matches.

Signed-off-by: Ahmad Masri <amasri@codeaurora.org>
2018-04-20 00:32:49 +03:00
Jouni Malinen
67cca34645 HS 2.0: Copy Roaming Consortium OI from (Re)AssocReq to Access-Request
This extends hostapd processing of (Re)Association Request frames to
store a local copy of the Consortium OI within the Roaming Consortium
Selection element, if present, and then add that in HS 2.0 Roaming
Consortium attribute into RADIUS Access-Request messages.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-17 16:40:47 +03:00
Jouni Malinen
0e450db285 HS 2.0: Allow configuration of operator icons
This extends hostapd Hotspot 2.0 implementation to allow operator icons
to be made available. The existing hs20_icon parameter is used to define
the icons and the new operator_icon parameter (zero or more entries) is
used to specify which of the available icons are operator icons. The
operator icons are advertised in the Operator Icon Metadata ANQP-element
while the icon data can be fetched using the same mechanism (icon
request/binary file) that was added for the OSU Providers icons.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-17 16:40:47 +03:00
Jouni Malinen
6a8a04d742 HS 2.0: Add fetching of Operator Icon Metadata ANQP-element
This extends wpa_supplicant Hotspot 2.0 ANQP routines to allow the
Operator Icon Metadata ANQP-element to be fetched with "ANQP_GET <bssid>
hs20:12". The result is available in the new hs20_operator_icon_metadata
entry in the "BSS <bssid>" output.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-17 16:40:42 +03:00
Ben Greear
f875da0448 nl80211: Add MLME auth work-around for -EEXIST errno
The Linux 4.9 kernel, at least, can return EEXIST when trying to auth a
station that already exists.

We have seen this bug in multiple places, but it is difficult to
reproduce. Here is a link to someone else that appears to have hit this
issue: https://github.com/greearb/ath10k-ct/issues/18

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-04-15 21:58:53 +03:00
Jouni Malinen
5ecdf06c8c DPP: Fix build with LibreSSL v2.5
The ECDSA_SIG_{set,get}0() wrappers are needed with LibreSSL v2.5 (but
not v2.7.2).

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-04-15 00:01:35 +03:00
Jouni Malinen
4b603f01de DPP: Fix X509_ALGOR_get0() use with LibreSSL
At least LibreSSL v2.7.2 indicates support for OpenSSL API 1.1.0, but it
does not apparently use const ASN1_OBJECT * with X509_ALGOR_get0(). Use
the older non-const version here with LibreSSL to fix compilation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-04-15 00:01:35 +03:00
Jouni Malinen
dee566d98e OpenSSL: Skip SSL_OP_NO_TLSv1_3 if not defined to fix LibreSSL build
LibreSSL v2.7 claims an OPENSSL_VERSION_NUMBER value that would indicate
that SSL_OP_NO_TLSv1_3 is available, but that does not seem to be the
case with LibreSSL. As such, skip this step based on whether
SSL_OP_NO_TLSv1_3 is defined to avoid build issues.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-04-15 00:01:35 +03:00
Bernard Spil
ba3658cfff Fix build with LibreSSL 2.7
LibreSSL 2.7 adds (most of) the OpenSSL 1.1 API.

Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>
2018-04-15 00:01:33 +03:00
Daniel Golle
d6d7debb5d Fix wpa_supplicant build with CONFIG_NO_WPA
pmksa_cache stubs have not been updated when function prototypes have
been modified in commit 852b2f2738 (SAE: Only allow SAE AKMP for PMKSA
caching attempts). Add new function parameter int akmp to stubs of
pmksa_cache_get() and pmksa_cache_set_current() as well to fix build.

Fixes: 852b2f2738 ("SAE: Only allow SAE AKMP for PMKSA caching attempts")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-04-13 11:43:57 +03:00
Jouni Malinen
852b2f2738 SAE: Only allow SAE AKMP for PMKSA caching attempts
Explicitly check the PMKSA cache entry to have matching SAE AKMP for the
case where determining whether to use PMKSA caching instead of new SAE
authentication. Previously, only the network context was checked, but a
single network configuration profile could be used with both WPA2-PSK
and SAE, so should check the AKMP as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-04-09 19:34:44 +03:00
Jouni Malinen
8e402d1657 WPA: Fix a typo in a debug message
"PT derivation" was supposed to be saying "PTK derivation".

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-04-08 19:44:53 +03:00
Jouni Malinen
1bd131105b Clear pmk_len more consistently for extra protection
This gives more protection against unexpected behavior if RSN supplicant
code ends up trying to use sm->pmk[] with a stale value. Couple of the
code paths did not clear sm->pmk_len explicitly in cases where the old
PMK is being removed, so cover those cases as well to make sure these
will result in PMK-to-PTK derivation failures rather than use of
incorrect PMK value if such a code path could be reached somehow.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-04-08 19:44:05 +03:00
Kiran Kumar Lokere
26e0ada47f Define new test config attribute for HE LTF configuration
Add a new wifi test config attribute to configure HE LTF in the
driver. This is used for testbed configuration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-06 23:41:06 +03:00
Jouni Malinen
4d6eb9f2e2 Fix hostapd wmm_enabled setup on config reload path
If there is no explicit wmm_enabled parameter in the configuration
(i.e., conf->wmm_enabled == -1), the configuration reload path needs to
initialize conf->wmm_enabled based on iconf->ieee80211n in
hostapd_reload_bss() similarly to what is done in the initial startup
case in hostapd_setup_bss().

This fixes issues with RSN capabilities being set incorrectly when WMM
is supposed to get enabled and unexpectedly enabling WMM when it is not
supposed to be enabled (HT disabled). Either of these issues could show
up when asking hostapd to reload the configuration file (and when that
file does not set wmm_enabled explicitly).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-06 23:29:11 +03:00
Michael Braun
a6509e850e FT: Add session_timeout to push/resp
This ensures a session timeout configured on R0KH either using
RADIUS-based ACL or 802.1X authentication is copied over to the new
R1KH.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:57:53 +03:00
Michael Braun
3cb286ca49 FT: Add set/get session_timeout callback functions
These are needed to allow wpa_auth_ft.c to control session_timeout
values for STAs.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:48:15 +03:00
Michael Braun
13f118dc59 Convert STA session_timeout to os_reltime
This is needed to allow the remaining session time to be computed for FT
(when sending PMK-R1 to another AP).

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:48:11 +03:00
Michael Braun
069b4e3048 FT: Include identity and radius_cui in pull/resp frames
This allows APs using FT to get the EAP session information from R0KH to
R1KHs.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:09:16 +03:00
Michael Braun
9fbe292ff3 FT: Move wpa_ft_rrb_build_r0() special case to caller
Handle the special case of no PMK-R0 entry in the caller instead of
having to have wpa_ft_rrb_build_r0() aware of the possibility of pmk_r0
being NULL.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:09:16 +03:00
Michael Braun
8c345234fd FT: Add set/get identity/radius_cui callback functions
These are needed to allow wpa_auth_ft.c to control identity/radius_cui
values for STAs.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:01:16 +03:00
Michael Braun
17a8a9893f Fix potential memory leak with identity/radius_cui
ieee802_11_set_radius_info() might be called with a STA entry that has
already stored identity and/or radius_cui information, so make sure the
old values get freed before being replaced by the new ones.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:01:16 +03:00
Michael Braun
17010c38d0 FT: Add IEEE VLAN support (including tagged VLANs)
This uses set_vlan()/get_vlan() callbacks to fetch and configure the
VLAN of STA. Transmission of VLAN information between APs uses new TLVs.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:01:13 +03:00
Michael Braun
47a039b01b FT: Add set_vlan()/get_vlan() callback functions
These are needed to allow wpa_auth_ft.c to control VLAN assignment for
STAs.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-05 22:39:21 +03:00
Michael Braun
3a3e28320b FT: Add expiration to PMK-R0 and PMK-R1 cache
IEEE Std 802.11-2016, 12.7.1.7.1 indicates that the lifetime of the
PMK-R0 (and PMK-R1) is bound to the lifetime of PSK or MSK from which
the key was derived. This is currently stored in r0_key_lifetime, but
cache entries are not actually removed.

This commit uses the r0_key_lifetime configuration parameter when
wpa_auth_derive_ptk_ft() is called. This may need to be extended to use
the MSK lifetime, if provided by an external authentication server, with
some future changes. For PSK, there is no such lifetime, but it also
matters less as FT-PSK can be achieved without inter-AP communication.

The expiration timeout is then passed from R0KH to R1KH. The R1KH verifies
that the given timeout for sanity, it may not exceed the locally configured
r1_max_key_lifetime.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-05 13:58:20 +03:00
Michael Braun
09211c9894 FT: Use dl_list for PMK-R0/R1 cache
This makes it easier to remove expired entries from the list.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-05 13:56:04 +03:00
Michael Braun
89dea17e13 FT: Add helper function for FILS key storing
FILS calls wpa_ft_store_pmk_r0() from wpa_auth.c. This is moved into a
new function wpa_ft_store_pmk_fils() in preparation of additional
information being needed.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-05 13:47:43 +03:00
Michael Braun
83fe4bd3bf FT: Convert r0_key_lifetime to seconds
Add a new configuration option ft_r0_key_lifetime that deprecates
r0_key_lifetime. Though, the old configuration is still accepted for
backwards compatibility.

This simplifies testing. All other items are in seconds as well. In
addition, this makes dot11FTR0KeyLifetime comment match with what got
standardized in the end in IEEE Std 802.11r-2008.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-05 13:47:23 +03:00
Ben Greear
c6b5b9a33b hostapd: Add more authentication error case debugging
This can help one understand better why stations are failing
to authenticate.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-04-02 16:53:10 +03:00
Ben Greear
e2fc13d0ab hostapd: Add logging around Michael MIC related failures
This can help one understand better why stations are failing
to authentication/associate.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-04-02 16:51:29 +03:00
Ben Greear
e7525a2954 hostapd: Add send_auth_reply() caller info in debug logging
This can help one understand better what happens during the
authentication exchange.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-04-02 16:47:26 +03:00
Davide Caratti
d89edb6112 wpa_supplicant: Don't reply to EAPOL if pkt_type is PACKET_OTHERHOST
When wpa_supplicant is running on a Linux interface that is configured in
promiscuous mode, and it is not a member of a bridge, incoming EAPOL
packets are processed regardless of the Destination Address in the frame.
As a consequence, there are situations where wpa_supplicant replies to
EAPOL packets that are not destined for it.

This behavior seems undesired (see IEEE Std 802.1X-2010, 11.4.a), and can
be avoided by attaching a BPF filter that lets the kernel discard packets
having pkt_type equal to PACKET_OTHERHOST.

Signed-off-by: Davide Caratti <davide.caratti@gmail.com>
2018-04-02 12:21:27 +03:00
Mathy Vanhoef
9f917339cc tests: Fix clearing of IGTK PN in handshake retransmit test functions
When locating the position of the IGTK PN in the key data, we also need
to skip the KDE header, in addition to the keyid field. This fixes
hostapd RESEND_M3 and RESEND_GROUP_M1 behavior when PMF is negotiated
for the association. Previously, the IGTK KDE ended up getting
practically hidden since zeroing of the PN ended up clearing the KDE OUI
and Type fields.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-04-01 21:47:16 +03:00
Ahmed ElArabawy
45f7574d31 Propagate the EAP method error code
In the current implementation, upon an EAP method failure, followed by
an EAP failure, the EAP Status is propagated up in wpa_supplicant with a
general failure parameter string "failure". This parameter is used for a
notification on the dbus.

This commit reports the EAP method failure error code in a separate
callback.

The solution in this commit is generic to all EAP methods, and can be
used by any method that need to pass its error code. However, this
commit only implements the reporting for EAP-SIM and EAP-AKA methods
where the Notification Code (in AT_NOTIFICATION) is used as the method
specific error code value.

Signed-off-by: Ahmed ElArabawy <arabawy@google.com>
2018-03-31 11:57:33 +03:00
Beniamino Galvani
77a020a118 wpa_supplicant: Fix auth failure when the MAC is updated externally
When connecting to a WPA-EAP network and the MAC address is changed
just before the association (for example by NetworkManager, which sets
a random MAC during scans), the authentication sometimes fails in the
following way ('####' logs added by me):

wpa_supplicant logs:
 wlan0: WPA: RX message 1 of 4-Way Handshake from 02:00:00:00:01:00 (ver=1)
 RSN: msg 1/4 key data - hexdump(len=22): dd 14 00 0f ac 04 d8 21 9d a5 73 98 88 26 ef 03 d2 ce f7 04 7d 23
 WPA: PMKID in EAPOL-Key - hexdump(len=22): dd 14 00 0f ac 04 d8 21 9d a5 73 98 88 26 ef 03 d2 ce f7 04 7d 23
 RSN: PMKID from Authenticator - hexdump(len=16): d8 21 9d a5 73 98 88 26 ef 03 d2 ce f7 04 7d 23
 wlan0: RSN: no matching PMKID found
 EAPOL: Successfully fetched key (len=32)
 WPA: PMK from EAPOL state machines - hexdump(len=32): [REMOVED]
 #### WPA: rsn_pmkid():
 #### WPA: aa              - hexdump(len=6): 02 00 00 00 01 00
 #### WPA: spa             - hexdump(len=6): 66 20 cf ab 8c dc
 #### WPA: PMK             - hexdump(len=32): b5 24 76 4f 6f 50 8c f6 a1 2e 24 b8 07 4e 9a 13 1b 94 c4 a8 1f 7e 22 d6 ed fc 7d 43 c7 77 b6 f7
 #### WPA: computed PMKID  - hexdump(len=16): ea 73 67 b1 8e 5f 18 43 58 24 e8 1c 47 23 87 71
 RSN: Replace PMKSA entry for the current AP and any PMKSA cache entry that was based on the old PMK
 nl80211: Delete PMKID for 02:00:00:00:01:00
 wlan0: RSN: PMKSA cache entry free_cb: 02:00:00:00:01:00 reason=1
 RSN: Added PMKSA cache entry for 02:00:00:00:01:00 network_ctx=0x5630bf85a270
 nl80211: Add PMKID for 02:00:00:00:01:00
 wlan0: RSN: PMKID mismatch - authentication server may have derived different MSK?!

hostapd logs:
 WPA: PMK from EAPOL state machine (MSK len=64 PMK len=32)
 WPA: 02:00:00:00:00:00 WPA_PTK entering state PTKSTART
 wlan1: STA 02:00:00:00:00:00 WPA: sending 1/4 msg of 4-Way Handshake
 #### WPA: rsn_pmkid():
 #### WPA: aa              - hexdump(len=6): 02 00 00 00 01 00
 #### WPA: spa             - hexdump(len=6): 02 00 00 00 00 00
 #### WPA: PMK             - hexdump(len=32): b5 24 76 4f 6f 50 8c f6 a1 2e 24 b8 07 4e 9a 13 1b 94 c4 a8 1f 7e 22 d6 ed fc 7d 43 c7 77 b6 f7
 #### WPA: computed PMKID  - hexdump(len=16): d8 21 9d a5 73 98 88 26 ef 03 d2 ce f7 04 7d 23
 WPA: Send EAPOL(version=1 secure=0 mic=0 ack=1 install=0 pairwise=1 kde_len=22 keyidx=0 encr=0)

That's because wpa_supplicant computed the PMKID using the wrong (old)
MAC address used during the scan. wpa_supplicant updates own_addr when
the interface goes up, as the MAC can only change while the interface
is down. However, drivers don't report all interface state changes:
for example the nl80211 driver may ignore a down-up cycle if the down
message is processed later, when the interface is already up. In such
cases, wpa_supplicant (and in particular, the EAP state machine) would
continue to use the old MAC.

Add a new driver event that notifies of MAC address changes while the
interface is active.

Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
2018-03-30 12:16:42 +03:00
Alejandro Pérez Méndez
2ff9696d3b Add definitions for RADIUS attributes standardised in RFC 7055
hostap code is used by the Moonshot software (an implementation of the
GSS EAP mechanism - RFC 7055), and those definitions are required but
missing.

Signed-off-by: Alejandro Perez <alex.perez-mendez@jisc.ac.uk>
2018-03-30 11:04:29 +03:00
Dmitry Lebed
c17915462a nl80211: Add DFS offload support using upstream nl80211 definitions
Add generic DFS offload support using the nl80211 feature that was
recently added to the mac80211-next tree. This uses the already
available DFS offload infrastructure that was previously used with
vendor specific definitions and just sets necessary flags (DFS_OFFLOAD
ext_feature) and forawrds CAC_STARTED event for processing.

Signed-off-by: Dmitry Lebed <lebed.dmitry@gmail.com>
2018-03-30 10:56:05 +03:00
Jouni Malinen
1841086adf Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2018-03-26.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-03-30 10:54:57 +03:00
Kabilan Kannan
7cfe2f0011 Add SAR V2 power selection capability (QCA vendor attributes)
Add changes to select SAR V2 power limits using the existing QCA vendor
command.

Signed-off-by: Kabilan Kannan <kabilank@codeaurora.org>
2018-03-30 10:49:11 +03:00
Jouni Malinen
7e1d3ee963 Add hostapd.conf venue_url to set Venue URL ANQP-element
The new venue_url parameter can now be used to set the Venue URL ANQP
information instead of having to construct the data and use
anqp_elem=277:<hexdump> to set the raw value.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-26 16:10:47 +03:00
Jouni Malinen
d555c39c41 FILS: Fix CONFIG_FILS=y build without CONFIG_IEEE80211R=y
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-26 12:33:52 +03:00
Jouni Malinen
2f37387812 FILS: Add more complete support for FT-FILS use cases
This extends the original IEEE Std 802.11ai-2016 functionality with the
changes added in REVmd to describe how additional keys are derived to
protect the FT protocol using keys derived through FILS authentication.

This allows key_mgmt=FT-FILS-SHA256 to be used with FT protocol since
the FTE MIC can now be calculated following the changes in REVmd. The
FT-FILS-SHA384 case is still unsupported (it needs support for variable
length MIC field in FTE).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-26 12:31:04 +03:00
Jouni Malinen
4ddca8142e FT: Derive PMK-R1 locally if requested PMKR0Name is found
Derive PMK-R1 locally if the derived PMKR1Name is not found from the
local cache, but the request is for a key that was originally generated
locally (R0KH-ID matches) and the PMKR0Name is found in the local cache.
This was apparently not hit in the previously used FT sequences, but
this is useful to have available if a PMK-R1 entry is dropped from the
local cache before PMK-R0.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-24 18:53:14 +02:00
Jouni Malinen
1dc0945cc9 FT: Do not send PMK-R1 pull request to own R0KH address
If the requested key is not available locally, there is no point in
trying to send a pull request back to self for the key.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-24 18:53:14 +02:00
Jouni Malinen
1778f1e9a4 SAE: Fix PTK derivation to use KDF-SHA256
The previous implementation ended up defaulting to using PRF-SHA1 for
deriving PTK from PMK when SAE was used. This is not correct since the
SAE AKM is defined to be using SHA-256 -based KDF instead. Fix that.

Note: This change is not backwards compatible. Both the AP and station
side implementations will need to be updated at the same time to
maintain functionality.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-23 18:44:48 +02:00
Jouni Malinen
9d94e4bb6b SAE: Fix PMKID in EAPOL-Key msg 1/4
Previously, the association that used SAE authentication ended up
recalculating the PMKID for EAPOL-Key msg 1/4 using incorrect
PMK-to-PMKID derivation instead of using the previously derived PMKID
from SAE. The correct PMKID was used only when going through PMKSA
caching exchange with a previously derived PMKSA from SAE.

Fix this by storing the SAE PMKID into the state machine entry for the
initial SAE authentication case when there is no explicit PMKSA entry
attached to the station.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-23 18:44:48 +02:00
Jouni Malinen
a03f9d17ea SAE: Fix FT-SAE key derivation for a case where PMKID in msg 1/4 matches
Previously, matching PMKSA cache entry ended up clearing XXKey. However,
that XXKey is needed in the specific case where FT-SAE goes through the
initial mobility domain association with SAE authentication. FT-SAE
worked previously since the hostapd side generation of the particular
PMKID value in msg 1/4 was broken, but once that PMKID is fixed,
wpa_supplicant will need this fix to allow FT-SAE to be used.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-23 18:44:48 +02:00
Jouni Malinen
10949e2480 Do not disable 40 MHz based on co-ex report with matching primary channel
When processing 20/40 BSS Coexistence Management frames that do not
explicitly require 40 MHz to be disabled, check whether the reported
channels in 20/40 BSS Intolerant Channel Report element match the
current primary channel. If so, allow 40 MHz operation to continue. This
makes the during-operation updates for 20/40 Operation Permitted more
consistent with the scans during initial BSS startup.

The received 20/40 BSS Intolerant Channel Report channels are to be used
in the OT set in the during-operation determination and the P == OT_i
exception was ignored in the previous implementation which could result
in the AP first starting with 40 MHz and then dropping to 20 MHz on
first received 20/40 BSS Coexistence Management frame even though there
was no change in the neighboring BSSs.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-21 16:58:05 +02:00
Jouni Malinen
8cbd9c3ed4 Support multiple 20/40 BSS Intolerant Channel Report elements
This extends 20/40 BSS Coexistence Management frame processing to
iterate over all the included 20/40 BSS Intolerant Channel Report
elements instead of using only the first one.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-21 16:53:50 +02:00
Jouni Malinen
8127a0ac02 Ignore intra-BSS 20/40 BSS Coexistence Management from not-associated STA
The 20 MHz BSS Width Request field is set to 1 only for intra-BSS
reports. As such, ignore the frame if such a claim is made by a
transmitter that is not currently associated with the AP.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-21 16:35:15 +02:00
Jouni Malinen
8aa599d45a Add more debug prints for 20/40 BSS Coexistence Management frame Rx
This makes it easier to understand what kind of information a STA is
reporting about 20/40 MHz coexistence requirements.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-21 16:32:35 +02:00
Rajkumar Manoharan
d58c3bd8b7 hostapd: Ignore LOW_ACK event for co-operative steering clients
Ignore hostapd_event_sta_low_ack for a station which has agreed to
steering by checking the agreed_to_steer flag. This flag will be set
whenever a station accepts the BSS transition request from the AP.
Without this ignoring of the LOW_ACK event, the steering in-progress
might be affected due to disassociation. In this way AP will allow some
time (two seconds) for the station to move away and reset the flag after
the timeout.

Co-Developed-by: Tamizh Chelvam <tamizhr@codeaurora.org>
Signed-off-by: Rajkumar Manoharan <rmanohar@codeaurora.org>
Signed-off-by: Tamizh chelvam <tamizhr@codeaurora.org>
2018-03-19 20:16:32 +02:00
Tamizh chelvam
ec2b5173ce Make STA opmode change event available to upper layers
Add an event callback for EVENT_STATION_OPMODE_CHANGED to allow
user/application to get the notification whenever there is a change in a
station's HT/VHT op mode.

The new events:
STA-OPMODE-MAX-BW-CHANGED <addr> <20(no-HT)|20|40|80|80+80|160>
STA-OPMODE-SMPS-MODE-CHANGED <addr> <automatic|off|dynamic|static>
STA-OPMODE-N_SS-CHANGED <addr> <N_SS>

Signed-off-by: Tamizh chelvam <tamizhr@codeaurora.org>
2018-03-19 20:07:22 +02:00
Tamizh chelvam
e8ada1600f nl80211: Add support for STA opmode change events
The nl80211 driver can report STA_OPMODE notification event as soon as
it receives an HT/VHT Action frame about modification of station's SMPS
mode/bandwidth/RX NSS. Add support to parse such events.

Signed-off-by: Tamizh chelvam <tamizhr@codeaurora.org>
2018-03-19 19:57:25 +02:00
Bhagavathi Perumal S
72123a84cb hostapd: Add last_ack_rssi into ctrl iface cmd STA
This allows external application to get last ACK signal strength of the
last transmitted frame if the driver makes this information
(NL80211_STA_INFO_ACK_SIGNAL) available.

Signed-off-by: Bhagavathi Perumal S <bperumal@codeaurora.org>
Signed-off-by: Venkateswara Naralasetty <vnaralas@codeaurora.org>
2018-03-19 19:23:26 +02:00
Ashok Ponnaiah
f5701cc66e OWE: Clean up pointer check in a testing code path
Check wpa_auth_write_assoc_resp_owe() return value to keep static
analyzers happier. The code path where this could happen is not really
reachable due to the separate hapd->conf->own_ie_override check and
wpa_auth_write_assoc_resp_owe() returning NULL only in an error case in
the override path. Furthermore, clean up the pointer return value to use
a proper pointer (NULL vs. 0).

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-03-19 19:08:34 +02:00
Jouni Malinen
ebe61e564c Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2018-02-13.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-03-19 19:08:15 +02:00
Purushottam Kushwaha
8179ae3a2a DPP: Support retrieving of configurator's private key
To retain configurator information across hostapd/wpa_supplicant
restart, private key need to be maintained to generate a valid pair of
authentication keys (connector, netaccess_key, csign) for new enrollees
in the network.

Add a DPP_CONFIGURATOR_GET_KEY control interface API through which the
private key of an existing configurator can be fetched.

Command format:
DPP_CONFIGURATOR_GET_KEY <configurator_id>

The output from this command can then be used with
"DPP_CONFIGURATOR_ADD key=<hexdump>" to create the same key again.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-16 20:55:32 +02:00
Jouni Malinen
4bc801ab42 SAE: Fix EAPOL-Key integrity and key-wrap algorithm selection
The SAE AKM 00-0F-AC:8 is supposed to use EAPOL-Key Key Descriptor
Version 0 (AKM-defined) with AES-128-CMAC and NIST AES Key Wrap.
However, the previous implementation ended up using Key Descriptor
Version 2 (HMAC-SHA-1-128 and NIST AES Key Wrap). Fix this by using the
appropriate Key Descriptor Version and integrity algorithm. Use helper
functions to keep the selection clearer and more consistent between
wpa_supplicant and hostapd uses.

Note: This change is not backwards compatible. Both the AP and station
side implementations will need to be updated at the same time to
maintain functionality.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-16 13:36:42 +02:00
Srinivas Dasari
d74963d411 DPP: Extend dpp_test 89 functionality to transmit side
This extends dpp_test functionality to allow DPP exchanges to be stopped
after authentication is completed on the Initiator, i.e., after sending
out the Authentication Confirm message. Previously, dpp_test=89 was used
only on the Responder side to stop after receiving the Authentication
Confirm message. The main use case for this extended functionality is to
be able to stop the protocol exchange on a device that acts as
authentication Initiator and Enrollee.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-13 01:03:37 +02:00
Purushottam Kushwaha
f8bfc9cbde Use correct WPA_ALG_* values to compare for enum wpa_alg
enum wpa_alg was being compared with WPA_CIPHER_* values. That does not
work here and strict compilers will report this as an error. Fix the
comparision to use proper WPA_ALG_* values. This fixes testing
capability for resetting IPN for BIP.

Fixes: 16579769ff ("Add testing functionality for resetting PN/IPN for configured keys")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-13 00:32:43 +02:00
Jouni Malinen
cce16e43f8 mka: Mark ieee802_1x_kay_create_mka() ckn and cak arguments const
These structures are not modified or freed (i.e., only data from them is
copied), so mark the arguments const to document this a bit more clearly
now that there was a memory leak in one of the callers to this function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-03-11 17:04:34 +02:00
Mike Siedzik
3a52f6b387 mka: Do not print contents of SAK to debug log
Log newly generated SAKs as well as unwrapped SAKs with wpa_hexdump_key()
rather than wpa_hexdump(). By default, the wpa_hexdump_key() function
will not display sensitive key data.

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-03-11 16:52:56 +02:00
Mike Siedzik
77977b3d5d mka: Detect duplicate MAC addresses during key server election
In the unlikely event the local KaY and the elected peer have the same
actor priority as well as the same MAC address, log a warning message
and do not elect a key server. Resolution is for network administrator
to reconfigure MAC address.

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-03-11 16:49:00 +02:00
Mike Siedzik
5762855abd mka: Loss of live peers to result in connect PENDING not AUTHENTICATED
When the number of live peers becomes 0 the KaY was setting
kay->authenticated true and telling the CP to connect AUTHENTICATED.
Per IEEE Std 802.1X-2010 Clause 12.2, MKA.authenticated means "the Key
Server has proved mutual authentication but has determined that
Controlled Port communication should proceed without the use of MACsec",
which means port traffic will be passed in the clear.

When the number of live peers becomes 0 the KaY must instead set
kay->authenticated false and tell the CP to connect PENDING. Per Clause
12.3 connect PENDING will "prevent connectivity by clearing the
controlledPortEnabled parameter."

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-03-11 16:43:12 +02:00
Mike Siedzik
8fb546d8e6 mka: Ignore MACsec SAK Use Old Key parameter if we don't have our old key
Upon receipt of the "MACsec MKPDU SAK Use parameter set" the KaY verifies
that both the latest key and the old key are valid. If the local system
reboots or is reinitialized, the KaY won't have a copy of its old key.
Therefore if the KaY does not have a copy of its old key it should not
reject MKPDUs that contain old key data in the MACsec SAK Use parameter.

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-03-11 16:30:29 +02:00
Mike Siedzik
b54b53e644 mka: When matching CKNs ensure that lengths are identical
KaY looks up participants using CAK Name (CKN). Per IEEE Std 802.1X-2010
Clause 9.3.1 CAK identification, the CKN is an integral number of
octets, between 1 and 32 (inclusive). This fix will ensure that the KaY
does not inadvertently match CKNs such as 'myCakNamedFoo' and
'myCakNamedFooBar'.

Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2018-03-11 13:33:39 +02:00
Sean Parkinson
fec03f9838 Add support for wolfSSL cryptographic library
Allow hostapd/wpa_supplicant to be compiled with the wolfSSL
cryptography and TLS library.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-03-03 11:52:40 +02:00
Tamizh chelvam
92eb00aec2 Extend ACL check for Probe Request frames
Extend ACL check to deny Probe Request frames for the client which does
not pass ACL check. Skip this check for the case where RADIUS ACL is
used to avoid excessive load on the RADIUS authentication server due to
Probe Request frames. This patch add wpa_msg event for auth and assoc
rejection due to acl reject.

Signed-off-by: Tamizh chelvam <tamizhr@codeaurora.org>
2018-03-03 00:42:16 +02:00
Kiran Kumar Lokere
01542e6517 Add new WiFi test config attributes to configure BA params
Define a new WiFi test configuration attributes in QCA vendor
command to configure BA session parameters and to add or
delete a BA session and to configure no ack policy.
This is used for configuring the testbed device.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-03 00:12:39 +02:00
Kiran Kumar Lokere
ba60804419 Add new WiFi test config attribute to allow WEP/TKIP in HE
Define a new WiFi test configuration attribute in QCA vendor
command to allow or not to allow WEP/TKIP in HT/VHT/HE mode.
This is used for configuring the testbed device.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-03 00:09:19 +02:00
Jeffin Mammen
c05f96a386 FILS: Check kde more consistently to avoid static analyzer warnings
For FILS, __wpa_send_eapol() is called only with the kde != NULL, but a
static analyzer might not understand that. Add an explicit check kde !=
NULL similarly to the other cases going through the kde parameter to
silence such bogus warnings.

Signed-off-by: Jeffin Mammen <jmammen@codeaurora.org>
2018-03-02 21:27:30 +02:00
Jouni Malinen
087474512f SAE: Debug print group support in the crypto library
This makes it easier to understand why "SAE: Failed to select group"
debug entry shows up in cases the selected crypto library does not
support a specific group.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-02 21:27:30 +02:00
Jouni Malinen
f5e0a3324b SAE: Fix potential infinite loop in mismatching PMK case on AP
Commit e61fea6b46 ('SAE: Fix PMKSA caching
behavior in AP mode') modified the PSK fetching loop to not override PMK
in case of SAE with PMKSA caching. However, that commit missed the error
path cases where there is need to break from the loop with exact
negative of the check in the beginning of the loop. This could result in
hitting an infinite loop in hostapd if a station derived a different PMK
value from otherwise successfully completed SAE authentication or if a
STA used a different PMK with a PMKSA caching attempt after a previously
completed successful authentication.

Fix this by adding the matching break condition on SAE AKM within the
loops.

Fixes: e61fea6b46 ("SAE: Fix PMKSA caching behavior in AP mode")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-02 21:27:18 +02:00
Jouni Malinen
c54cc8bb1d BoringSSL: Set appropriate sigalgs for Suite B RSA 3K cases
This commit takes care of the sigalg configuration using the relatively
recent SSL_CTX_set_verify_algorithm_prefs() addition from April 2017 to
address the functionality that was already there with OpenSSL using
SSL_set1_sigalgs_list().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-19 17:38:37 +02:00
Jouni Malinen
aa6de8e6b6 BoringSSL: Map OpenSSL SUITEB192 cipher into appropriate sigalgs
BoringSSL removed the special OpenSSL cipher suite value "SUITEB192", so
need to map that to the explicit ciphersuite
(ECDHE-ECDSA-AES256-GCM-SHA384), curve (P-384), and sigalg
(SSL_SIGN_ECDSA_SECP384R1_SHA384) to allow 192-bit level Suite B with
ECDSA to be used.

This commit takes care of the sigalg configuration using the relatively
recent SSL_CTX_set_verify_algorithm_prefs() addition from April 2017.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-19 16:27:05 +02:00
Jouni Malinen
7a47f34b1a BoringSSL: Map OpenSSL SUITEB192 cipher into appropriate parameters
BoringSSL removed the special OpenSSL cipher suite value "SUITEB192", so
need to map that to the explicit ciphersuite
(ECDHE-ECDSA-AES256-GCM-SHA384), curve (P-384), and sigalg
(SSL_SIGN_ECDSA_SECP384R1_SHA384) to allow 192-bit level Suite B with
ECDSA to be used.

This commit takes care of the ciphersuite and curve configuration.
sigalg change is in a separate commit since it requires a newer
BoringSSL API function that may not be available in all builds.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-19 16:26:48 +02:00
Jouni Malinen
3552502344 OpenSSL: Replace SSL_set1_curves_list() with SSL_set1_curves()
In practice, this does the same thing (i.e., allows only the P-384 curve
to be used), but using an older API function that happens to be
available in some BoringSSL builds while the newer one is not.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-19 16:02:31 +02:00
Ben Greear
4ab0f11b80 Allow HT40 on 5 GHz channels 165 and 169
India supports 5 GHz channels 169 and 173 now. Enable HT40 across
channels 165 and 169. Leave channel 173 to remain HT20 only.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-02-17 18:52:01 +02:00
Emmanuel Grumbach
299d21e8e2 nl80211: Use the new NL80211_MFP_OPTIONAL option
Now we can configure the network block so that it allows MFP setting for
the NL80211_CMD_CONNECT command. If the kernel finds an AP that requires
MFP, it'll be able to connect to it.

Note that since NL80211_MFP_OPTIONAL isn't supported for
NL80211_CMD_ASSOCIATE, we need to take the MFP configuration outside
nl80211_connect_common(). In addition, check that
NL80211_EXT_FEATURE_MFP_OPTIONAL is supported, to be backward compatible
with older kernels.

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
2018-02-17 18:50:28 +02:00
Avraham Stern
a8c45d47d3 nl80211: Handle port authorized event
Indicate that the connection is authorized when receiving a port
authorized event from the driver.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2018-02-17 18:44:08 +02:00
Avraham Stern
0a20bd7d91 driver: Add port authorized event
Add an event that indicates that the 4 way handshake was completed by
the driver.

This event is useful for networks that require 802.1X authentication.
The driver can use this event that a new connection is already
authorized (e.g. when the driver used PMKSA caching) and 802.1X
authentication is not required.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2018-02-17 18:39:41 +02:00
Avraham Stern
05fc7c68f6 nl80211: Add API to set the PMK to the driver
Add support for setting the PMK to the driver. This is used for
drivers that support 4-way handshake offload.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2018-02-17 18:36:16 +02:00
Eliad Peller
0ff08f9636 nl80211: Check 4-way handshake offload support
Set the WPA_DRIVER_FLAGS_4WAY_HANDSHAKE flag if the driver indicates
both 4-way handshake PSK and 802.1X support. Currently wpa_supplicant
doesn't distinguish between 4-way handshake for 802.1X and PSK, but
nl80211 API has different capabilities for each one.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2018-02-17 18:31:05 +02:00
Eliad Peller
730c5a1d09 nl80211: Support passing PSK on connect
If the driver advertises WPA_DRIVER_FLAGS_4WAY_HANDSHAKE support, pass
the PSK on connect.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
2018-02-17 18:31:05 +02:00
Jouni Malinen
9ec0dfa31f Define host_to_le64() for Windows builds
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-17 18:04:54 +02:00
Vamsi Krishna
a4016163e8 Extend APF interface for read/write and enable/disable ops
Enhance QCA vendor specific APF interface to support write/read program
and/or data and to enable/disable APF feature.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-15 00:26:06 +02:00
Jouni Malinen
b2e4074ca3 OpenSSL: Fix EAP-FAST with OpenSSL 1.1.1-pre1
TLS v1.3 needs to be explicitly disabled to allow cipher suite selection
for EAP-FAST to work with OpenSSL builds that include TLS v1.3 support.
Without this, OpenSSL refuses to generate ClientHello due to the cipher
suite list including only ciphers allowed with older versions than TLS
v1.3.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-14 12:40:33 +02:00
Ashok Ponnaiah
a22e235fd0 OWE: Add testing RSNE for OWE assoc response with driver SME/MLME
Allow RSNE to be overwritten for testing purposes also in the
driver-based SME/MLME case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-12 21:31:04 +02:00
Jouni Malinen
0887215d94 nl80211: Do not try to add too large NL80211_ATTR_PMK for set/del PMKSA
The current cfg80211 limit for the maximum NL80211_ATTR_PMK length is
48, so anything larger than that will result in the operation completely
failing. Since the PMKSA entries can be used without the PMK for most
purposes (the main use case for PMK currently is offloaded FILS
authentication), try to go ahead by configuring only the PMKID for the
case where 64-octet PMK is needed (which is currently limited to only
DPP with NIST P-521 and brainpoolP512r1 curves). This can fix DPP
connections with drivers that expect to get the PMKID through this
interface while still leaving the actual 4-way handshake for user space.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-10 12:16:53 +02:00
Jouni Malinen
e7f6e6ee1b nl80211: Print NL80211_CMD_{SET,DEL}_PMKSA failures in debug log
This makes it easier to notice if the driver operation to manage PMKSA
cache information fails unexpectedly.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-10 12:10:07 +02:00
Jouni Malinen
659ac96d7f ieee802_11_mgmt: Handle frame info more consistently
Check for the fi parameter to be non-NULL before trying to fetch the
ssi_signal information similarly to how the fi->freq was already
handled. While the meta information is supposed to be available, it
looks like there is at least one corner case where fi == NULL could be
used (Authentication frame reprocessing after RADIUS-based ACL).

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-07 12:34:41 +02:00
Ashok Ponnaiah
458d8984de SAE: Reject request with mismatching PMKID (no PMKSA cache entry)
Reject SAE association request when PMKID is included in the RSNE, but
the corresponding PMKSA is not available in the AP.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-02-07 12:24:36 +02:00
Kiran Kumar Lokere
5ac4346426 Define new QCA vendor sub command for wifi test configuration
Define a new QCA vendor sub command for configuring the device with wifi
test configuration. Add new test config attributes for this sub command
that are used to configure the device for testbed configuration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-07 12:11:47 +02:00
Ashok Ponnaiah
79ce2d519b OWE: Rename function to match use (driver-SME/MLME)
This function is used to process a (Re)Association Request frame, so
rename it appropriately to mention assoc_req instead of auth_req.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-02-06 20:27:41 +02:00
Ashok Ponnaiah
759da93a89 OWE: Check for ECDH availability before use (driver-SME/MLME)
Verify that the STA has ECDH data available before trying to use this
data to add the OWE DH Params element.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-02-06 20:25:41 +02:00
Ashok Ponnaiah
af65ef28f4 OWE: Add RSNE when not using PMKSA caching (driver-SME/MLME)
RSNE needs to be added both with and without use of PMKSA caching.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-02-06 20:22:53 +02:00
Ashok Ponnaiah
5850cba384 OWE: Support DH groups 20 and 21 with driver-SME/MLME
This was already the case with the hostapd-based SME/MLME
implementation, but the OWE DH Param element construction for the
driver-based SME/MLME needed a matching change to set the group
properly.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-02-06 20:20:22 +02:00
Michal Kazior
f9854c183d hostapd: Fix wpa_psk_file support for FT-PSK
For FT-PSK sm->xxkey was populated with only the first password on the
linked list (i.e., last matching password in the wpa_psk_file) in
INITPSK. This caused only that password to be recognized and accepted.
All other passwords were not verified properly and subsequently
prevented clients from connecting.

Hostapd would report:

 Jan 30 12:55:44 hostapd: ap0: STA xx:xx:xx:xx:xx:xx WPA: sending 1/4 msg of 4-Way Handshake
 Jan 30 12:55:44 hostapd: ap0: STA xx:xx:xx:xx:xx:xx WPA: received EAPOL-Key frame (2/4 Pairwise)
 Jan 30 12:55:44 hostapd: ap0: STA xx:xx:xx:xx:xx:xx WPA: invalid MIC in msg 2/4 of 4-Way Handshake
 Jan 30 12:55:45 hostapd: ap0: STA xx:xx:xx:xx:xx:xx WPA: EAPOL-Key timeout

Signed-off-by: Michal Kazior <michal@plumewifi.com>
2018-02-04 12:39:23 +02:00
Simon Dinkin
d1e3d40d04 common: Fix the description of wpa_ctrl_request() function
The blocking timeout of this function was changed from 2 seconds to 10
seconds in this commit 1480633f ("Use longer timeout in
wpa_ctrl_request()"), but the description was never changed accordingly.

Signed-off-by: Simon Dinkin <simon.dinkin@tandemg.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2018-02-03 12:42:15 +02:00
David Messer
82424732af Fix compiler issue with CONFIG_TESTING_OPTIONS
Use the preprocessor conditional "ifdef" instead of "if" before
CONFIG_TESTING_OPTIONS to prevent an issue on build systems that treat
undefined preprocessor identifiers as an error.

Signed-off-by: David Messer <david.messer@garmin.com>
2018-02-03 12:41:09 +02:00
Sunil Dutt
40a68f3384 nl80211: Create a netlink socket handle for the Connect interface
This netlink socket handle owns the connect request and is further used
by the host driver/kernel to request for the external authentication.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-02 19:02:44 +02:00
Sunil Dutt
ba71cb821a nl80211: Introduce the interface for external authentication
This command/event interface can be used by host drivers that do not
define separate commands for authentication and association but rely on
wpa_supplicant for the authentication (SAE) processing.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-02 18:51:04 +02:00
Guisen Yang
8678b14faa Add new QCA vendor commands for thermal shutdown
Add new QCA vendor commands and attributes to get thermal information
and send thermal shutdown related commands. Indicates the driver to
enter the power saving mode or resume from the power saving mode based
on the given temperature and thresholds.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-02 18:35:06 +02:00
Jouni Malinen
99576f6f3c Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2018-01-31.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-02 18:34:14 +02:00
Ashok Ponnaiah
cd483be252 OWE: Use PMKSA caching if available with driver AP MLME
If a matching PMKSA cache entry is present for an OWE client, use it and
do not go through DH while processing Association Rquest frame.
Association Response frame will identify the PMKID in such a case and DH
parameters won't be present.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-02-01 23:58:46 +02:00
Ashok Ponnaiah
a4668c6812 OWE: Handle unsupported finite cyclic group with driver MLME
Handle OWE unsupported finite cyclic group in (Re)Association Request
frame when not using the hostapd SME/MLME.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-02-01 23:51:19 +02:00
Ashok Ponnaiah
f811cc83b3 atheros: Send correct SSID length to the driver
Send the exact SSID length to the driver by removing the legacy +1
padding.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-02-01 23:45:12 +02:00
Srinivas Dasari
e005725a69 nl80211: Add DPP and OWE AKM selectors to CONNECT/ASSOC request
This is needed to support drivers that use NL80211_ATTR_AKM_SUITES.

Signed-off-by: Srinivas Dasari <dasaris@codeaurora.org>
2018-01-31 11:21:10 +02:00
Subhani Shaik
2cc2a0a7ea Extend QCA vendor NDP params to support schedule update indication
Add additional NDP attributes and NDP subcommand value which is
provided as part of schedule update indication from driver/firmware
to HAL.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-29 20:43:10 +02:00
Subhani Shaik
a7769f6da2 Update QCA vendor commands to match ASOP
This updates QCA vendor command and attribute definitions to match AOSP.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-29 20:40:54 +02:00
Ashok Ponnaiah
18e3e9c6e0 OWE: Transition mode with non-AP-MLME
Add OWE Transition IE in build_ap_extra() ies to support drivers that do
not use hostapd MLME.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-01-29 19:01:43 +02:00
Ashok Ponnaiah
92b6e0c582 hostapd: Send broadcast Public Action frame with wildcard BSSID address
Send Public Action frames with wildcard BSSID when destination was
broadcast address. This is required for DPP PKEX where the recipients
may drop the frames received with different BSSID than the wildcard
address or the current BSSID.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-01-29 18:11:03 +02:00
Jouni Malinen
fe3f81e6a8 DPP: Update PKEX role-specific points
The y coordinates for some of these PKEX role-specific points were
changed in the PKEX specification, so update the implementation to
match.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-26 18:06:49 +02:00
Venkateswara Swamy Bandaru
b4cd8b7e1a Add QCA vendor command and attributes for MSDU queue depth threshold
This allow MSDU queue depth threshold in target to be set per peer per
TID. This command contains MAC address, TID, update mask, and threshold
values.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-22 10:56:26 +02:00
Jouni Malinen
703470bfa1 FILS: Fix extended capability bit setting for FILS in AP mode
FILS capability bit setting could have ended up setting boths biths 72
(correct) and 64 (incorrect; part of Max Number of MSDUs In A-MSDU). Fix
this by adding the missing break to the switch statement.

Fixed: f55acd909e ("FILS: Set FILS Capability bit in management frames from AP")
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-01-22 00:07:44 +02:00
Jouni Malinen
9e834fc648 EAP-SIM/AKA: Separate identity for MK derivation
This allows a separate configuration parameter (imsi_identity) to be
used in EAP-SIM/AKA/AKA' profiles to override the identity used in MK
derivation for the case where the identity is expected to be from the
last AT_IDENTITY attribute (or EAP-Response/Identity if AT_IDENTITY was
not used). This may be needed to avoid sending out an unprotected
permanent identity information over-the-air and if the EAP-SIM/AKA
server ends up using a value based on the real IMSI during the internal
key derivation operation (that does not expose the data to others).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2018-01-21 11:28:53 +02:00
Jouni Malinen
b6b5e3554a DPP: Get rid of compiler warnings on signed/unsigned comparison
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-01-21 11:24:33 +02:00
Jouni Malinen
630ea13346 DPP: Track M.x/N.x/L.x availability for ke derivation
This prevents an issue where duplicated Authentication Response frame
could have resulted in deriving a new ke value after M.x had already
been cleared. This would result in the following configuration exchange
failing. This could happen since many driver do not filter out
retransmitted Public Action frames and link layer. Furthermore, this
could have been used as a denial-of-service attack agains the DPP
exchange.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-21 11:13:01 +02:00
Sunil Dutt
c103c0b516 Extend NUD Stats to collect the data packet statistics
This commit extends the existing QCA vendor specific NUD_STATS_GET/SET
interface to also collect the statistics of the data packets. The
intention here is to get more comprehensive information to detect the
network unreachability.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 23:07:15 +02:00
Jouni Malinen
5d5ee699a5 Copy WLAN-Reason-Code value from Access-Reject to Deauthentication
This makes hostapd use the WLAN-Reason-Code value from Access-Reject
when disconnecting a station due to IEEE 802.1X authentication failure.
If the RADIUS server does not include this attribute, the default value
23 (IEEE 802.1X authentication failed) is used. That value was the
previously hardcoded reason code.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 20:55:33 +02:00
Jouni Malinen
f75ed556c8 RADIUS: Add WLAN-Reason-Code attribute to Access-Reject
Make the RADIUS server in hostapd add WLAN-Reason-Code attribute to all
Access-Reject messages generated based on EAP-Failure from the EAP
server. For now, the reason code value is set to 23 (IEEE 802.1X
authentication failed). This can be extending in future commits to cover
addition failure reasons.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 20:45:12 +02:00
Jouni Malinen
feba5848be Replace RSNE group key management mismatch status/reason codes
Use "cipher out of policy" value instead of invalid group cipher (which
is for the group data frame cipher) and management frame policy
violation (which is used for MFPC/MFPR mismatch).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 01:12:00 +02:00
Sunil Dutt
9cc8303d32 Add QCA vendor command to get the WLAN MAC information
This commit introduces a QCA vendor command that provides the current
information of WLAN hardware MAC and its associated WLAN netdev
interfaces.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
fd92095491 DPP: Report reception of Config Request to upper layers
This is mainly for protocol testing purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
80f71b71d5 DPP: Authentication exchange retries and channel iteration in hostapd
This extends hostapd with previoiusly implemented wpa_supplicant
functionality to retry DPP Authentication Request/Response and to
iterate over possible negotiation channels.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-08 05:19:05 +02:00
Jouni Malinen
c5cc7a59ac Report offchannel RX frame frequency to hostapd
Not all code paths for management frame RX reporting delivered the
correct frequency for offchannel RX cases. This is needed mainly for
Public Action frame processing in some special cases where AP is
operating, but an exchange is done on a non-operational channel. For
example, DPP Initiator role may need to do this.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-08 03:37:48 +02:00
Jouni Malinen
b7ed94834d GnuTLS: Add option to build with libnettle instead of libgcrypt
GnuTLS-based builds can now be done using either libnettle or libgcrypt
for crypto functionality:

CONFIG_TLS=gnutls
CONFIG_CRYPTO=nettle

CONFIG_TLS=gnutls
CONFIG_CRYPTO=gnutls

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-29 17:13:57 +02:00
Jouni Malinen
c36d822418 GnuTLS: Suite B validation
This allows OpenSSL-style configuration of Suite B parameters to be used
in the wpa_supplicant network profile. 128-bit and 192-bit level
requirements for ECDHE-ECDSA cases are supported. RSA >=3K case is
enforced using GnuTLS %PROFILE_HIGH special priority string keyword.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
dd227e67ab GnuTLS: Add support for disabling TLS versions
This extends GnuTLS support for tls_disable_v1_{0,1,2}=1 flags in the
phase1 network profile parameter in wpa_supplicant.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
5d292fcfbd GnuTLS: Implement tls_get_cipher()
Provide OpenSSL-style name for the negotiated cipher suite.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
5791d2117c GnuTLS: Make debug prints clearer for cert/key parsing
Indicate more clearly when the parsing succeeds to avoid ending the
debug prints with various internal GnuTLS internal error messages even
when the parsing actually succeeded in the end.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
622d4d49e2 GnuTLS: Add TEST_FAIL() to crypto routines for testing purposes
This allows number of hwsim test cases for local error conditions to be
executed with GnuTLS-based builds.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
f8697e8109 GnuTLS: Implement tls_get_version()
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:06 +02:00
Jouni Malinen
133f8d09fc GnuTLS: Implement HMAC functions using libgcrypt
Replace the internal HMAC MD5, SHA-1, and SHA256 implementations with
the ones from libgcrypt and also add the SHA384 and SHA512 versions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 23:35:26 +02:00
Jouni Malinen
85c12a62ee GnuTLS: Implement sha{256,384,512}_vector() using libgcrypt
Replace the internal SHA256 implementation with the one from libgcrypt
and also add the SHA384 and SHA512 versions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 23:21:37 +02:00
Jouni Malinen
cc3e7bfc3c GnuTLS: Use a helper function for hash functions
Use a shared helper function instead of implementing practically same
sequence separately for each hash function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 23:13:51 +02:00
Jouni Malinen
02b38d0ad5 Fix MFP-enabled test for disallowed TKIP
The test against use of TKIP was done only in MFP-required
(ieee80211w=2) configuration. Fix this to check the pairwise cipher for
MFP-enabled (ieee80211w=1) case as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 18:38:12 +02:00
Jouni Malinen
ba3d435fe4 SAE: Add option to require MFP for SAE associations
The new hostapd.conf parameter sae_require_pmf=<0/1> can now be used to
enforce negotiation of MFP for all associations that negotiate use of
SAE. This is used in cases where SAE-capable devices are known to be
MFP-capable and the BSS is configured with optional MFP (ieee80211w=1)
for legacy support. The non-SAE stations can connect without MFP while
SAE stations are required to negotiate MFP if sae_require_mfp=1.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 18:27:58 +02:00
Jouni Malinen
c4fc7e31c7 SAE: Set special Sc value when moving to Accepted state
Set Sc to 2^16-1 when moving to Accepted state per IEEE Std 802.11-2016,
12.4.8.6.5 (Protocol instance behavior - Confirmed state). This allows
the peer in Accepted state to silently ignore unnecessary
retransmissions of the Confirm message.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 12:19:08 +02:00
Jouni Malinen
abcbd0604c SAE: Add Rc variable and peer send-confirm validation
This implements the behavior described in IEEE Std 802.11-2016,
12.4.8.6.6 (Protocol instance behavior - Accepted state) to silently
discard received Confirm message in the Accepted state if the new
message does not use an incremented send-confirm value or if the special
2^16-1 value is used. This avoids unnecessary processing of
retransmitted Confirm messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 12:19:08 +02:00
Jouni Malinen
9249afc8e1 SAE: Print state changes in debug log
This makes it easier to follow state changes in SAE protocol instances.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 00:07:42 +02:00
Jouni Malinen
d8b841eba8 SAE: Make dot11RSNASAESync configurable
The new hostapd.conf parameter sae_sync (default: 5) can now be used to
configure the dot11RSNASAESync value to specify the maximum number of
synchronization errors that are allowed to happen prior to
disassociation of the offending SAE peer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-26 12:46:22 +02:00
Sean Parkinson
04b1bcc5f3 EAP-pwd: Use abstract crypto API
This makes it easier to use EAP-pwd with other crypto libraries than
OpenSSL.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2017-12-24 21:40:21 +02:00
Sean Parkinson
0c3d49afd8 EAP-EKE: Use abstract crypto API
This makes it easier to use EAP-pwd with other crypto libraries.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2017-12-24 17:38:17 +02:00
Sean Parkinson
c335507c8d Enhance crypto abstract API for DH
The patch offers alternate implementations of some functions using the
abstract cryptographic API.

This work was done in preparation for the changes to allow hostap to be
compiled with the wolfSSL cryptography and TLS library.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2017-12-24 17:38:10 +02:00
Jouni Malinen
0e02f2a9fa crypto: Implement new crypto API functions for DH
This implements crypto_dh_init() and crypto_dh_derive_secret() using
os_get_random() and crypto_mod_exp() for all crypto_*.c wrappers that
include crypto_mod_exp() implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-24 17:36:04 +02:00
Jouni Malinen
eac084cb38 OpenSSL: Implement new crypto API functions
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-24 17:35:41 +02:00
Sean Parkinson
23ff5d73df Enhance crypto abstract API
Add more crypto_*() wrappers to enable use of other crypto libraries
than OpenSSL.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2017-12-24 17:35:38 +02:00
Sean Parkinson
441e8bfbb4 Fix copy-paste errors in function comments
Use correct function names for the documentation.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2017-12-24 17:03:07 +02:00
Jouni Malinen
47e966abac DH: Remove trailing whitespace
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-24 17:02:53 +02:00
Jouni Malinen
3546ef5104 EAP-pwd: Remove trailing empty line
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-23 17:27:15 +02:00
Peng Xu
61536b5f41 Add new QCA vendor attribute for getting preferred channel
A new vendor attribute QCA_WLAN_VENDOR_ATTR_GET_WEIGHED_PCL is added for
getting preferred channels with weight value and a flag to indicate how
the channels should be used in P2P negotiation process.

Signed-off-by: Peng Xu <pxu@qti.qualcomm.com>
2017-12-22 20:34:51 +02:00
Jouni Malinen
1a2cb20d5b Fix couple of QCA_NL80211_VENDOR_SUBCMD_GET_SAR_LIMITS comments
Copy-paste errors in the command name (set vs. the new get).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-22 18:57:47 +02:00
Sunil Dutt
2fca2d2144 Vendor parameter for forcing RSNE override
Indicates the driver to use the RSNE as-is from the connect interface.
Exclusively used for the scenarios where the device is used as a testbed
device with special functionality and not recommended for production.
This helps driver to not validate the RSNE passed from user space and
thus allow arbitrary IE data to be used for testing purposes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-22 18:43:55 +02:00
Jeff Johnson
2d942ec4ac Define a QCA vendor command to retrieve SAR Power limits
Previously commit c79238b6a4 ('Define a
QCA vendor command to configure SAR Power limits') implemented a vendor
command interface to allow a userspace entity to dynamically control the
SAR power limits. Now implement a command to retrieve the current SAR
power limits.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-15 20:55:15 +02:00
vamsi krishna
d98038bb05 FILS: Driver configuration to disable/enable FILS features
The new disable_fils parameter can be used to disable FILS functionality
in the driver. This is currently removing the FILS Capability bit in
Extended Capabilities and providing a callback to the driver wrappers.
driver_nl80211.c implements this using a QCA vendor specific command for
now.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-15 20:52:17 +02:00
Bhagavathi Perumal S
af832aa998 hostapd: Add average channel utilization in STATUS
This allows external programs to get the average channel utilization.
The average channel utilization is calculated and reported through
STATUS command. Users need to configure chan_util_avg_period and
bss_load_update_period in hostapd config to get the average channel
utilization.

Signed-off-by: Bhagavathi Perumal S <bperumal@qti.qualcomm.com>
2017-12-12 00:48:27 +02:00
Bhagavathi Perumal S
802c0fd0c3 hostapd: Update BSS load update period dynamically
Recalculate the timeout value for each event instead of calculating this
once and then not allowing the timeout configuration to be changed
without fully stopping and restarting the interface.

This allows the bss_load_update_period configuration parameter to be
modified while a BSS continues operating.

Signed-off-by: Bhagavathi Perumal S <bperumal@qti.qualcomm.com>
2017-12-12 00:48:25 +02:00
Jouni Malinen
778d87054e Fix error handling in bss_load_update_period parser
Do not update the configuration parameter before having verified the
value to be in the valid range.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-12 00:46:21 +02:00
Jouni Malinen
04ded82efa OWE: Fix error case handling with drivers that implement AP SME
owe_auth_req_process() can return NULL in error cases, but the caller
was not prepared for this. The p pointer cannot be overridden in such
cases since that would result in buffer length (p - buf) overflows. Fix
this by using a temporary variable to check the return value before
overriding p so that the hostapd_sta_assoc() ends up using correct
length for the IE buffer.

Fixes: 33c8bbd8ca ("OWE: Add AP mode handling of OWE with drivers that implement SME")
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-11 13:41:10 +02:00
Jouni Malinen
c23e87d0d1 OpenSSL: Replace EVP_PKEY_paramgen() with EC_KEY_new_by_curve_name()
The BoringSSL version of crypto_ecdh_init() and dpp_gen_keypair() works
fine with OpenSSL as well, so use that same implementation for both to
avoid unnecessary maintanence of multiple versions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-10 23:49:39 +02:00
Jouni Malinen
7641d485db BoringSSL: Use EC_KEY_new_by_curve_name() to simplify implementation
There is no need to go through EC_GROUP_new_by_curve_name(),
EC_KEY_new(), and EC_KEY_set_group() when a single call to
EC_KEY_new_by_curve_name() takes care of all that.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-10 23:41:29 +02:00
Jouni Malinen
a5da39607d Revert "BoringSSL: Add DPP special cases regardless of claimed version number"
This reverts commit 5548453a2d since
BoringSSL added ECDSA_SIG_set0() and ECDSA_SIG_get0() in commit
8dc226ca8f1ef60737e1c1bf8cfcabf51d4068c7 ('Add some missing OpenSSL
1.1.0 accessors.') and updated X509_ALGOR_get0() prototype to match
OpenSSL 1.1.0 changes in commit e3b2a5d30d309091cab3e6a19dee7323c40d968d
('Const-correct X509_ALGOR_get0.').

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-10 23:27:04 +02:00
Jouni Malinen
0f30844722 Revert "BoringSSL: Define RSA_bits() helper"
This reverts commit 3cfbd3b0f6 since
BoringSSL added RSA_bits() in commit
8dc226ca8f1ef60737e1c1bf8cfcabf51d4068c7 ('Add some missing OpenSSL
1.1.0 accessors.').

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-10 23:22:05 +02:00
Jouni Malinen
a2c442be25 OpenSSL: Allow cipher list to be overridden for tls_suiteb=1 case
This allows wpa_supplicant configuration with phase1="tls_suiteb=1" to
use openssl_ciphers="ECDHE-RSA-AES256-GCM-SHA384" to further limit the
possible TLS cipher suites when using Suite B with RSA >3K keys. This
combination disables use of DHE and as such, mandates ECDHE to be used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-10 21:16:26 +02:00
Jouni Malinen
e5c7c2f28e Fix ap-mgmt-fuzzer build
Add src/ap/eth_p_oui.o into libap.a to be able to link ap-mgmt-fuzzer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-09 18:41:55 +02:00
David Benjamin
63942cf0f3 OpenSSL: Avoid SSL*_use_default_passwd_cb()
These functions are a bit awkward to use for one-off file loads, as
suggested by the tls_clear_default_passwd_cb() logic. There was also
some historical mess with OpenSSL versions and either not having per-SSL
settings, having per-SSL settings but ignoring them, and requiring the
per-SSL settings.

Instead, loading the key with the lower-level functions seems a bit
tidier and also allows abstracting away trying both formats, one after
another.

Signed-off-by: David Benjamin <davidben@google.com>
2017-12-09 18:29:08 +02:00
David Benjamin
149143e31d OpenSSL: Remove unnecessary os_strdup() from password callback
There's no need to make an extra copy of private_key_passwd for
SSL_{CTX_,}set_default_passwd_cb().

Signed-off-by: David Benjamin <davidben@google.com>
2017-12-09 18:09:10 +02:00
Paul Zhang
9b0de99fac Add new QCA vendor attribute for WLAN Latency Module (WLM)
A new vendor attribute QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL is added
for vendor sub-command QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION.
This attribute is for setting the level of WLM.

Signed-off-by: Paul Zhang <paulz@qti.qualcomm.com>
2017-12-08 14:15:19 +02:00
Jouni Malinen
055cd39788 tests: DPP P-256 test vectors
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-07 13:35:19 +02:00
Jouni Malinen
f55269753c DPP: Allow protocol key to be overridden for testing purposes
This can be used for various testing needs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-05 23:53:08 +02:00
Jouni Malinen
402c8e00b7 WPS: Map GCMP-256 and CCMP-256 to AES encryption type
This is needed to allow a credential to be built for GCMP-256/CCMP-256
networks that do not enable GCMP-128/CCMP-128.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:00:45 +02:00
Shiva Sankar Gajula
a2660890a5 WPS: Allow WPS to be enabled in CCMP-256 and GCMP-256 only cases
Extend the check against WPA/TKIP only configuration by adding CCMP-256
and GCMP-256 to the list of allowed ciphers. This is needed to allow WPS
to be enabled in AP configurations where neither CCMP-128 nor GCMP-128
are enabled.

Signed-off-by: Shiva Sankar Gajula <sgajula@qti.qualcomm.com>
2017-12-02 12:00:44 +02:00
Jouni Malinen
163fc3d562 DPP: Indicate to upper layers whether mutual authentication was used
DPP Responder selects whether mutual authentication is used. This commit
adds information about that selection to upper layers (ctrl_iface event
DPP-AUTH-DIRECTION mutual=<0/1>) on the Initiator side.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:00:44 +02:00
Jouni Malinen
34603767b8 DPP: Extend protocol testing to allow exchange termination
This extends dpp_test functionality to allow DPP exchanges to be stopped
when receiving a specified message.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:00:44 +02:00
Jouni Malinen
963d3149ab nl80211: Fix NL80211_MESHCONF_AUTO_OPEN_PLINKS encoding
This nl80211 attribute uses NLA_U8 policy in cfg80211 and wpa_supplicant
needs to use same size when writing the attribute.

This fixes mesh mode regression triggered by kernel commit "net:
netlink: Update attr validation to require exact length for some types"
in v4.15-rc1 that resulted in the following debug log entry when trying
to join a mesh:
nl80211: mesh join failed: ret=-22 (Invalid argument)

Fixes: 6c1664f605 ("nl80211: Add new commands to support mesh interfaces")
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-01 22:21:24 +02:00
Jouni Malinen
a2426829ce nl80211: Fix NL80211_ATTR_SMPS_MODE encoding
This nl80211 attribute uses NLA_U8 policy in cfg80211 and
hostapd/wpa_supplicant needs to use same size when writing the
attribute.

This fixes AP mode regression triggered by kernel commit "net: netlink:
Update attr validation to require exact length for some types" in
v4.15-rc1 that resulted in the following debug log entry when trying to
enable beaconing:
nl80211: Beacon set failed: -34 (Numerical result out of range)

Fixes: da1080d721 ("nl80211: Advertise and configure SMPS modes")
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-01 20:22:44 +02:00
Jouni Malinen
f0a383a981 DPP: Extend dpp_test with invalid E-Nonce in Config Req
Allow an E-Nonce attribute with invalid length to be sent for protocol
testing purposes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 22:01:10 +02:00
Jouni Malinen
55c6c85855 DPP: Extend dpp_test with invalid Transaction ID in Peer Disc Req
Allow a Transaction ID attribute with invalid length to be sent for
protocol testing purposes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 21:56:19 +02:00
Krishna Rao
364039d223 Add QCA vendor command and attributes for RROP
Add QCA vendor command and attributes for vendor specific Representative
RF Operating Parameter (RROP) information. This information is intended
for optional use by external ACS. It provides guidance values for some
RF parameters that are used by the system during operation, so that
external ACS can utilize these to compare between channels, bands, etc.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 18:47:32 +02:00
Jouni Malinen
0e19300d5b nl80211: Use consistent "0x" prefix for the cookie values
One of the event message for TX status was missing 'x' from the "0x"
prefix. Add that to make the used format consistent for all cookie debug
print cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 12:42:58 +02:00
Jouni Malinen
f981ce7298 DPP: Do not continue if public key hash derivation fails
sha256_vector() result was ignored apart from printing out the failure
in the debug log. This is not really a normal case and it is better to
reject the full operation rather than try to continue with an incorrect
public key hash value.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 00:08:38 +02:00
Jouni Malinen
8a37d54ea7 DPP: Fix memory leak on dpp_auth_build_conf() error paths
The wpabuf for the message needs to be freed on the error paths.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-29 21:21:34 +02:00
Jouni Malinen
281f480c53 JSON: Fix a memory leak on an error path
If the second json_alloc_token() call failed to allocate memory,
json_parse() missed the first allocation on the error path. Assign the
root pointer earlier for that case to avoid the potential memory leak.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-29 13:22:44 +02:00
Jouni Malinen
622934128b DPP: Fix a memory leak on an error path
Need to free temporary allocations if dpp_build_conf_start() fails to
allocate memory.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-29 13:03:48 +02:00
Jouni Malinen
ed62d40116 DPP: Deinit PKEX instance on DPP_STOP_LISTEN
Previously this stopped only the DPP Authentication instance, but it is
better to clear both PKEX and Authentication.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-29 12:24:01 +02:00
Jouni Malinen
634a130a52 DPP: Clear authentication instance on configuration completion in AP
wpa_supplicant was already doing this and hostapd needs to clear
hapd->dpp_auth when completing the exchange in Configurator (GAS server)
role.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-27 20:33:43 +02:00
Jouni Malinen
d3cb7ebe1b DPP: Do not process dpp_auth_ok_on_ack multiple times
An additional TX status callback could result in processing the DPP
authentication completion another time at least with hostapd. Fix this
by clearing the dpp_auth_ok_on_ack when processing it.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-27 20:20:26 +02:00
Jouni Malinen
82feacced0 DPP: Ignore GAS server status callback for unknown response
It was possible for a timeout from an old GAS server operation to
trigger DPP configuration failure during the subsequent DPP operation.
Fix this by verifying that the status callback is for the response
generated during the same DPP Authentication/Configuration exchange.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-27 13:48:40 +02:00
Jouni Malinen
a2588be82c DPP: Add DPP_CONFIGURATOR_SIGN support to hostapd
Configurator signing its own Connector was previously supported only in
wpa_supplicant. This commit extends that to hostapd to allow an AP
acting as a Configurator to self-configure itself.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-27 13:24:20 +02:00
Jouni Malinen
7eb6bfb45d DPP: Move hostapd Configurator/bootstrap data into global context
This moves the Configurator and Bootstrapping Information data from
struct hostapd_data (per-BSS) to struct hapd_interfaces (per-hostapd
process). This allows the information to be maintained over interface
restarts and shared between interfaces.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-27 13:24:20 +02:00
Jouni Malinen
73f21929a7 DPP: Auto-generate Initiator bootstrapping info if needed
Instead of using the all-zeros Initiator Bootstrapping Key Hash when no
local bootstrapping key is configuref for the Initiator, automatically
generate a temporary bootstrapping key for the same curve that the
Responder uses. If the Responder indicates that it wants to do mutual
authentication, provide the URI for the auto-generated bootstrapping key
in the DPP-RESPONSE-PENDING event for upper layers to display the QR
Code.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-26 17:41:22 +02:00
Sriram R
725a953aea nl80211: Filter global events based on wiphy
Avoid same interface processing nl80211 events when at least one of
IFIDX, WDEV, or WIPHY index attribute is available in the nl80211 event
message.

Previously, a same interface processes events when ifidx and wdev id
attribute were not available in the nl80211 message. This is extended to
check the presence of wiphy index attribute as well since some radar
notifications include only WIPHY index attrbute in the nl80211 message.

Signed-off-by: Sriram R <srirrama@qti.qualcomm.com>
2017-11-26 12:42:56 +02:00
Bhagavathi Perumal S
0bd7f104c1 hostapd: Add supported rate information into STATUS and STA
These allow external programs to determine supported legacy, HT, and VHT
rates of an interface or a STA.

Signed-off-by: Bhagavathi Perumal S <bperumal@qti.qualcomm.com>
2017-11-25 13:25:09 +02:00
Jouni Malinen
1489fcf87d FILS: Do not leave error value in left counter
If fils_decrypt_assoc() were to fail on the AP side, the previous
implementation could have continued through the response generation
using left = -1. That could have resulted in unexpected processing if
this value were to be used as the length of the remaining (unencrypted)
IEs. Fix this by not updating left in the failure case.

Fixes: 78815f3dde ("FILS: Decrypt Association Request elements and check Key-Auth (AP)")
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-24 12:26:38 +02:00
Jouni Malinen
beae255a72 WPA: Check wpa_eapol_key_mic() result on TX
Verify that nothing unexpected happened with EAPOL-Key Key MIC
calculation when transmitting EAPOL-Key frames from the Authenticator.
This should not be able to happen in practice, but if if it does, there
is no point in sending out the frame without the correct Key MIC value.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-24 12:13:26 +02:00
Jouni Malinen
acc555f9e6 DPP: Allow PKEX x/X and y/Y keypairs to be overridden
This is for testing purposes to allow a test vector with specific values
to be generated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-24 01:41:50 +02:00
Jouni Malinen
d722c50d0a DPP: Print more interim EC_POINT results into debug log
This makes it easier to debug issues related to DPP/PKEX EC operations.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-24 01:02:59 +02:00
Jouni Malinen
2bdc47a945 DPP: Allow PKEX own/peer MAC addresses to be overridden
This is for testing purposes to allow a test vector with specific values
to be generated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 23:47:52 +02:00
Jouni Malinen
af4103e5e9 DPP: Provide peer_mac to PKEX Initiator through function argument
Avoid unnecessary direct write to a struct dpp_pkex member from outside
dpp.c.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 23:32:33 +02:00
Jouni Malinen
918a2ac40f DPP: Work around missing EVP_PKEY_CTX_set_ec_param_enc()
This allows compilation with older OpenSSL 1.0.1.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 20:31:12 +02:00
Jouni Malinen
3ca4be1eaa DPP: Remove compiler warnings about signed/unsigned comparisons
These timestamp comparisons did not use matching signedness.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 20:31:12 +02:00
Jouni Malinen
116454f460 DPP: Fix error return value in dpp_auth_conf_rx()
Commit 03abb6b541 ('DPP: Reject unexpected
Req/Resp message based on Auth/PKEX role') used incorrect type of error
value (NULL vs. -1). Fix that.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 20:20:39 +02:00
Hu Wang
63dc0f9c4d hostapd: Disassoc STA without WPA/RSN IE if AP proto is WPA/RSN
With the AP proto configured being WPA/RSN and SME in the
driver, the previous implementation in hostapd is to not
process hostapd_notif_assoc() due to "No WPA/RSN IE from STA",
if the (Re)Association Request frame is without the WPA/RSN IEs.

Enhance that to disassociate such station provided the AP is not using
WPS.

Signed-off-by: Hu Wang <huw@codeaurora.org>
2017-11-23 20:12:34 +02:00
bhagavathi perumal s
cc79e06f00 hostapd: Add wpa_msg_ctrl() to report Probe Request frames from STA
This allows external applications to get event indication for Probe
Request frames. Extend ctrl iface cmd "ATTACH" to enable this event on
per-request basis. For example, user has to send ctrl iface cmd "ATTACH
probe_rx_events=1" to enable the Probe Request frame events.

Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
2017-11-23 20:12:34 +02:00
Jouni Malinen
248264c622 DPP: Stop Authentication Request attempts if no response after ACK
If unicast Authentication Request frame is used and the peer ACKs such a
frame, but does not reply within the two second limit, there is no need
to continue trying to retransmit the request frames since the peer was
found, but not responsive.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 00:22:13 +02:00
Jouni Malinen
e3a5882b3e DPP: Add SAE credential support to Configurator
The new conf={sta,ap}-{sae,psk-sae} parameter values can now be used to
specify that the legacy configuration object is for SAE.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 21:24:08 +02:00
Jouni Malinen
5dd745b738 DPP: Add akm=sae and akm=psk+sae support in Enrollee role
This allows DPP to be used for enrolling credentials for SAE networks in
addition to the legacy PSK (WPA-PSK) case. In addition, enable FT-PSK
and FT-SAE cases automatically.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 21:23:51 +02:00
Jouni Malinen
a444673957 DPP: Protocol testing capability to send invalid I-Nonce in Auth Req
Extend dpp_test to cover one more invalid behavior.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 16:23:42 +02:00
Jouni Malinen
00d2d13db2 DPP: Retry PKEX Exchange Request frame up to five times
Retransmit the PKEX Exchange Request frame if no response from a peer is
received. This makes the exchange more robust since this frame is sent
to a broadcast address and has no link layer retries.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 15:54:35 +02:00
Jouni Malinen
ab0375508d TDLS: Add testing capability to send TPK M2 twice
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-21 00:48:52 +02:00
Jouni Malinen
4b8de0c929 DPP: Protocol testing for invalid Peer Discovery Req/Resp values
Extend dpp_test to allow more invalid attribute values to be written
into Peer Discovery Request/Response frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 17:15:02 +02:00
Jouni Malinen
f9cf7d03f1 DPP: Protocol testing for invalid Config Attrib Object value
Extend dpp_test to cover a case where Config Attrib Object value is
invalid in Configuration Request frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 14:13:20 +02:00
Jouni Malinen
3f35ec2dc3 DPP: Protocol testing for invalid DPP Status value
Extend dpp_test to cover cases where DPP Status value is invalid in
Authentication Response/Confirm frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 14:13:16 +02:00
Jouni Malinen
9efa531499 DPP: Use helper functions to build Bootstrap Key Hash attributes
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 12:41:57 +02:00
Jouni Malinen
acdf703d50 DPP: Replace custom undefined attr with DPP Status in after-wrapped data
This has the same impact and is needed for some testing needs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 12:32:00 +02:00
Jouni Malinen
56f24d1da0 DPP: Use a helper function to build DPP Status attribute
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 12:27:14 +02:00
Jouni Malinen
65ecce87fd DPP: Protocol testing for writing invalid I/R Bootstrap Key Hash
Extend dpp_test to cover cases where Initiator/Responder Bootstrap Key
Hash value in DPP Authentication frames is invalid (flip one bit).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 11:32:02 +02:00
Jouni Malinen
b6b4226bdd DPP: Protocol testing capability to generate invalid Protocol Key
This extends dpp_test to allow invalid Initiator/Responder Protocol Key
to be written into the Authentication Request/Response frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 00:11:44 +02:00
Jouni Malinen
c6eb3e34b6 Stronger GTK derivation routine
If the build include SHA384, use that to derive GTK from GMK. In
addition, add more random bytes bytes to the PRF-X() context data for
longer GTK to reduce dependency on the randomness of the GMK.

GMK is 256 bits of random data and it was used with SHA256, so the
previous design was likely sufficient for all needs even with 128 bits
of additional randomness in GTK derivation. Anyway, adding up to 256
bits of new randomness and using SHA384 can be helpful extra protection
particularly for the cases using GCMP-256 or CCMP-256 as the group
cipher.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-18 17:50:09 +02:00
Jouni Malinen
94619905c8 DPP: Fix dpp_test_gen_invalid_key() with BoringSSL
Unlike OpenSSL, BoringSSL returns an error from
EC_POINT_set_affine_coordinates_GFp() is not on the curve. As such, need
to behave differently here depending on which library is used.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-18 17:50:08 +02:00
Jouni Malinen
746c1792ac DPP: Build bootstrapping key DER encoding using custom routine
While the OpenSSL version of i2d_EC_PUBKEY() seemed to be able to use
the POINT_CONVERSION_COMPRESSED setting on the EC key, that did not seem
to work with BoringSSL. Since this is not exactly robust design, replace
use of i2d_EC_PUBKEY() with a custom routine that enforces the DPP rules
on SubjectPublicKeyInfo (compressed format of the public key,
ecPublicKey OID, parameters present and indicating the curve by OID).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-18 17:50:02 +02:00
Jouni Malinen
f2d27ef94c DPP: Use a helper function to DER encode bootstrapping key
This routine was previously implemented twice using i2d_EC_PUBKEY().
There is no need to duplicate that implementation and especially since
it looks like this implementation needs to be replaced for BoringSSL,
start by using a shared helper function for both locations so that there
is only a single place that uses i2d_EC_PUBKEY() to build the special
DPP bootstrapping key DER encoding.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-18 12:14:21 +02:00
Jouni Malinen
c1564149a6 BoringSSL: Add AES support with 192-bit keys
BoringSSL restored the previously removed AES-192 ECB support in ("Add
AES-192 ECB.") commit. Since this is needed for DPP with the P-384
curve, restore support for this through EVP_aes_192_ecb().

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 21:03:04 +02:00
Jouni Malinen
edd72f55f8 OpenSSL: Debug message if requested AES key length is not supported
This makes it clearer why some AES operations fail especially with
BoringSSL where the 192-bit case is not supported.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 20:59:25 +02:00
Jouni Malinen
5548453a2d BoringSSL: Add DPP special cases regardless of claimed version number
It looks like BoringSSL claims to have OPENSSL_VERSION_NUMBER for a
1.1.0 version, but it does not provide ECDSA_SIG_set0() or
ECDSA_SIG_get0(). For now, add the helper functions regardless of the
version BoringSSL claims to be. Similarly, include the X509_ALGOR_get0()
workaround unconditionally for BoringSSL.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 20:44:42 +02:00
Jouni Malinen
f29761297b BoringSSL: Implement crypto_ecdh_init()
BoringSSL does not provide some of the OpenSSL API that was used here,
so update this to use similar design to what was already done with DPP
key derivation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 20:41:25 +02:00
Jouni Malinen
7721fe082b BoringSSL: Comment out SSL_set_default_passwd_cb*() calls
It looks like BoringSSL claims to have OPENSSL_VERSION_NUMBER for a
1.1.0 version, but it does not provide SSL_set_default_passwd_cb*(). For
now, comment out this regardless of the version BoringSSL claims to be.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 20:34:17 +02:00
Jouni Malinen
b9dc63c261 BoringSSL: Comment out SSL_set1_sigalgs_list() call
It looks like BoringSSL claims to have OPENSSL_VERSION_NUMBER for a
1.1.0 version, but it does not provide SSL_set1_sigalgs_list(). For now,
comment out this regardless of the version BoringSSL claims to be.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 20:30:37 +02:00
Jouni Malinen
3cfbd3b0f6 BoringSSL: Define RSA_bits() helper
It looks like BoringSSL claims to have OPENSSL_VERSION_NUMBER for a
1.1.0 version, but it does not provide RSA_bits(). For now, add this
backwards compatibility wrapper for BoringSSL regardless of the version
it claims to be.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 20:24:46 +02:00
Jouni Malinen
27781c0ab5 Allow group cipher selection to be overridden
The new hostapd configuration parameter group_cipher can now be used to
override the automatic cipher selection based on enabled pairwise
ciphers. It should be noted that selecting an unexpected group cipher
can result in interoperability issues and this new capability is mainly
for testing purposes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 12:31:41 +02:00
Edayilliam Jayadev
af6614ca10 Fix block comment style in QCA vendor attribute definition
Fix the block comment style issue introduced as part of commit
fbfceef3af ("Add QCA vendor commands for
spectral scan").

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-14 18:55:30 +02:00
tinlin
2115603a45 Add QCA_NL80211_VENDOR_SUBCMD_PEER_FLUSH_PENDING
Add sub-command QCA_NL80211_VENDOR_SUBCMD_PEER_FLUSH_PENDING to flush
pending packets in firmware. The attributes are listed in enum
qca_wlan_vendor_attr_flush_pending. The QCA_WLAN_VENDOR_ATTR_PEER_ADDR
specifies the peer MAC address and the QCA_WLAN_VENDOR_ATTR_AC specifies
the access category of the pending packets.

Signed-off-by: Lin Tingting <tinlin@qti.qualcomm.com>
2017-11-14 18:52:59 +02:00
Zhang Qian
27987b67fa Add new QCA vendor attribute for LL stats
A new vendor attribute QCA_WLAN_VENDOR_ATTR_LL_STATS_WMM_AC_PENDING_MSDU
is added for vendor sub-command QCA_NL80211_VENDOR_SUBCMD_LL_STATS_GET.
This attribute is for pending MSDUs corresponding to respective AC.

Signed-off-by: Zhang Qian <zhangq@qti.qualcomm.com>
2017-11-14 18:48:55 +02:00
Ashok Kumar Ponnaiah
41db74cf76 atheros: Process SAE authentication frames using EVENT_RX_MGMT
This adds support for SAE in AP mode with the atheros driver interface.
EVENT_RX_MGMT includes SAE processing while EVENT_AUTH would require
more changes to make this work.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-14 18:47:07 +02:00
Ashok Kumar Ponnaiah
3d9dd4b772 atheros: Generate EVENT_TX_STATUS events for management frames
This is needed for DPP functionality.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-14 18:44:05 +02:00
Beniamino Galvani
f5b74b966c common: Avoid conflict with __bitwise macro from linux/types.h
Undefine the __bitwise macro before defining it to avoid conflicts
with the one from linux/types.h; the same is done some lines above
when __CHECKER__ is defined. Fixes the following warning:

  In file included from ../src/l2_packet/l2_packet_linux.c:15:0:
  hostap/src/utils/common.h:438:0: warning: "__bitwise" redefined
   #define __bitwise

  In file included from /usr/include/linux/filter.h:9:0,
                   from ../src/l2_packet/l2_packet_linux.c:13:
  /usr/include/linux/types.h:21:0: note: this is the location of the previous definition
   #define __bitwise __bitwise__

Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
2017-11-14 18:23:47 +02:00
Masashi Honma
4109555ef7 DPP: Fix compiler warning of testing code
../src/common/dpp.c: In function 'dpp_test_gen_invalid_key':
../src/common/dpp.c:5531:10: warning: return makes integer from pointer without a cast [-Wint-conversion]
   return NULL;
          ^

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2017-11-14 18:22:58 +02:00
Jouni Malinen
1d624a0702 Reject PMK-to-PTK derivation with unsupported cipher
There should be no wpa_pmk_to_ptk() calls with the cipher argument
indicating a cipher that is not allowed as a pairwise cipher. However,
it looks like that was possible to happen with wlantest. Check for this
corner case explicitly to avoid generating confusing debug logs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-14 12:50:30 +02:00
Jouni Malinen
762fb4f066 DPP: Testing capability to send unexpected Authentication Response
This is for protocol testing to check what happens if the Responser
receives an unexpected Authentication Response instead of Authentication
Confirm.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 12:55:56 +02:00
Jouni Malinen
03abb6b541 DPP: Reject unexpected Req/Resp message based on Auth/PKEX role
This prevents issues where an unexpected message in the DPP
Authentication exchange or PKEX could result in undefined behavior.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 12:55:56 +02:00
Jouni Malinen
95b0104a34 DPP: Retransmit DPP Authentication Response frame if it is not ACKed
This extends wpa_supplicant DPP implementation to retransmit DPP
Authentication Response frame every 10 seconds up to 5 times if the peer
does not reply with DPP Authentication Confirm frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 12:35:26 +02:00
Jouni Malinen
c1d3773967 DPP: Stop authentication exchange of DPP_STOP_LISTEN
Previously, this command stopped listen operation immediately, but if
there was an ongoing authentication exchange, a new listen operation was
started. This is not really expected behavior, so stop the
authentication exchange first with this command to avoid restarting
listen operation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 12:35:26 +02:00
Jouni Malinen
d1f082644c DPP: Allowed initiator to indicate either role
The new role=either parameter can now be used with DPP_AUTH_INIT to
indicate that the initiator can take either the Configurator or Enrollee
role.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 11:45:05 +02:00
Jouni Malinen
f97ace34cb DPP: Support multiple channels for initiating DPP Authentication
This extends wpa_supplicant to iterate over all available channels from
the intersection of what the peer indicates and the local device
supports when initiating DPP Authentication. In addition, retry DPP
Authentication Request frame up to five times if no response is
received.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 11:45:05 +02:00
Jouni Malinen
a306ed5a58 DPP: Protocol testing to allow missing attributes in peer discovery
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-06 12:40:18 +02:00
Jouni Malinen
1fafdf1124 DPP: Add DPP_LISTEN and DPP_STOP_LISTEN to hostapd
This is an initial step in allowing non-operating channel operations
with DPP when hostapd is the Responder. For now, this is only used for
specifying role=configurator/enrollee and qr=mutual cases similarly to
the wpa_supplicant configuration for in Responder role. Request to use a
non-operating channel will be rejected.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-04 12:33:03 +02:00
Edayilliam Jayadev
fbfceef3af Add QCA vendor commands for spectral scan
Add the following vendor commands and their vendor attributes for
spectral scan.

 1) QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_CONFIG
        Get current values of spectral parameters.
 2) QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_DIAG_STATS
        Get stats for spectral scan debug.
 3) QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_CAP_INFO
        Get the spectral hardware capability.
 4) QCA_NL80211_VENDOR_SUBCMD_SPECTRAL_SCAN_GET_STATUS
        Get the current status of spectral scan.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 21:47:32 +02:00
Sunil Dutt
bb9808fa9f P2P: Continue P2P_WAIT_PEER_(IDLE/CONNECT) sequence on a listen cancel
Some drivers may accept the remain-on-channel command, but instead of
indicating start event for remain-on-channel, just indicate that the
operation has been canceled immediately. This listen cancel from the
WAIT_PEER_CONNECT state ended up in discontinuation of further
WAIT_PEER_IDLE/WAIT_PEER_CONNECT state transitions. Hence, delay the
subsequent IDLE state by 100 ms.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 21:47:32 +02:00
Zhang Qian
962b8fcf49 Add new QCA vendor attributes for MAC counters
Add QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_REPORT_TIME
and QCA_WLAN_VENDOR_ATTR_LL_STATS_EXT_MEASUREMENT_TIME to record
timestamp and duration for the last MAC counters. Some user layer
application is delay sensitive. It needs to know time stamp and
measurment duration for the counters.

Signed-off-by: Zhang Qian <zhangq@qti.qualcomm.com>
2017-11-03 21:21:55 +02:00
Jouni Malinen
af7f10fcdf DPP: Protocol testing for invalid Config Resp attribute values
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 21:14:08 +02:00
Jouni Malinen
8c99e6264a DPP: Report Config Request/Response failure reasons on control interface
This provides more details of failures to upper layer components.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 21:04:17 +02:00
Jouni Malinen
f411ad1b86 DPP: Protocol testing to remove attributes from Config Req/Resp
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 21:04:17 +02:00
Jouni Malinen
7e0ebe21b0 DPP: Protocol testing - invalid I/R-Auth value in PKEX Commit-Reveal
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 20:18:24 +02:00
Jouni Malinen
89d0bf6783 DPP: Protocol testing - invalid Bootstrap Key value in PKEX Commit-Reveal
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:47 +02:00
Jouni Malinen
f31ef96dc3 DPP: Protocol testing - invalid Status value in PKEX Exchange Response
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:47 +02:00
Jouni Malinen
d05c82c4d0 DPP: Move PKEX z derivation on Responder to earlier phase
K and z can be derived already based on information available at the
time the PKEX Exchange Request is being processed, so move these there
from the PKEX Commit-Reveal Request processing since that matches the
DPP tech spec description close and allows PKEX exchange to be aborted
earlier if anything unexpected happens.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:47 +02:00
Jouni Malinen
578c9ea1ab DPP: Fix a typo in a debug print
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:47 +02:00
Jouni Malinen
5f5fff4363 DPP: Explicitly check that PKEX Qr is not the point-at-infinity
This was already done for Qi, but the same needs to be done for Qr as
well.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:47 +02:00
Jouni Malinen
29ab69e4b0 DPP: PKEX counter t
Add limit on number of failed attempts that could have used PKEX code.
If the limit (5) is reached, drop the PKEX state (including the code)
and report this on the control interface to indicate that a new code
needs to be entered due to possible attack.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
039b8e7369 DPP: Terminate PKEX exchange on detection of a mismatching code
Clean up the pending PKEX exchange if Commit-Reveal Request processing
indicates a mismatch in the PKEX code. Previously, the this case was
silently ignored and the session was left in pending state that
prevented new PKEX exchanges from getting initated. Now, a new attempt
is allowed to be initiated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
fc0efa2a1e DPP: Use dpp_bn2bin_pad() helper to simplify code
Number of places writing BIGNUM values with left-padding were open
coding this helper functionality unnecessarily.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
e0247e7983 DPP: PKEX and STATUS_BAD_GROUP
Report mismatching finite cyclic group with PKEX Exchange Response using
STATUS_BAD_GROUP and provide more detailed error report over the control
interface on the peer device when this happens.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
2265353a4f DPP: Remove obsolete TODO comment on discovery object
The optional channel information was removed from the discovery object
in the DPP tech spec, so no need to maintain this TODO note anymore.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
fe12ae777f Fix Status Code in TKIP countermeasures case
The previously used WLAN_REASON_MICHAEL_MIC_FAILURE (14) value as a
response to Authentication frame or (Re)Association Request frame is not
correct since the resp value is encoded in the Status Code (not Reason
Code) field. Status Code 14 is WLAN_STATUS_UNKNOWN_AUTH_TRANSACTION
which is really what this value would have meant in the response frames.

There is no Michael MIC failure status code, so have to use the generic
"Unspecified failure" (1) reason code for these cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
1cfcbd32ac DPP: Testing capability to generate invalid PKEX encrypted key (M and N)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
d7e7b7122e DPP: Report PKEX failure reasons over control interface
This provides more information to upper layer software to report failure
reasons on the UI.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
61f9f27f80 DPP: Extend protocol testing to cover missing attributes in PKEX
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-02 23:53:55 +02:00
Jouni Malinen
b3e4cc5cbb DPP: Move PKEX Commit-Reveal Response building to a helper function
This cleans up dpp_pkex_rx_commit_reveal_req() a bit and makes it easier
to add protocol testing functionality to PKEX exchange similarly to the
previously added DPP Authentication case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-02 21:34:51 +02:00
Jouni Malinen
b0626c2a6b DPP: Move PKEX Commit-Reveal Request building to a helper function
This cleans up dpp_pkex_rx_exchange_resp() a bit and makes it easier to
add protocol testing functionality to PKEX exchange similarly to the
previously added DPP Authentication case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-02 21:34:50 +02:00
Jouni Malinen
a5c3b41b2f DPP: Move PKEX Exchange Response building to a helper function
This cleans up dpp_pkex_rx_exchange_req() a bit and makes it easier to
add protocol testing functionality to PKEX exchange similarly to the
previously added DPP Authentication case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-02 21:34:17 +02:00
Jouni Malinen
60b9dd86fd DPP: Fix couple of typos in debug messages
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-02 21:34:03 +02:00
Jouni Malinen
06f2df0693 DPP: Fix hostapd control interface events for initiator case
Incorrect msg_ctx was registered for the wpa_msg() calls from the DPP
module.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-02 12:25:35 +02:00
Jouni Malinen
219d4c9fcb DPP: Report possible PKEX code mismatch in control interface
Indicate to upper layers if PKEX Commit-Reveal Request frame AES-SIV
decryption fails. That is a likely sign of the PKEX code mismatch
between the devices.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-02 12:25:35 +02:00
Lior David
0c3bc1be09 Fix test build breakage when not compiling with ieee80211w support
Build breakage was introduced by commit
d8afdb210e ('Allow EAPOL-Key messages 1/4
and 3/4 to be retransmitted for testing') for some
CONFIG_TESTING_OPTIONS=y builds without CONFIG_IEEE80211W=y.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2017-11-01 12:50:20 +02:00
bhagavathi perumal s
ea4ace9c76 hostapd: Add max_txpower into STATUS command
Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
2017-10-31 11:49:41 +02:00
bhagavathi perumal s
bf6c65afce hostapd: Add Beacon interval and DTIM period into STATUS command
Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
2017-10-31 11:45:29 +02:00
bhagavathi perumal s
c7ae2b3104 hostapd: Add HT/VHT capability info into STATUS command
Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
2017-10-31 11:41:38 +02:00
bhagavathi perumal s
1f91a8bdea hostapd: Add HT/VHT capability info into STA command
Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
2017-10-31 11:37:20 +02:00
bhagavathi perumal s
65f9db6bc2 hostapd: Add extended capabilities into STA command
Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
2017-10-31 00:31:31 +02:00
bhagavathi perumal s
d1f3a81446 hostapd: Add [HT] flag into STA command
Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
2017-10-31 00:28:46 +02:00
bhagavathi perumal s
ba72b4b126 hostapd: Add Min/Max Transmit Power Capability into STA command
This provides access to the Minimum/Maximum Transmit Power Capabilitie
fileds (the nominal minimum/maximum transmit power with which the STA
is capable of transmitting in the current channel; signed integer in
units of decibels relative to 1 mW).

Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
2017-10-31 00:22:58 +02:00
Ashok Kumar Ponnaiah
33c8bbd8ca OWE: Add AP mode handling of OWE with drivers that implement SME
Handle OWE DH exchange and key setup when processing the association
event from a driver that implements AP SME.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-30 23:24:42 +02:00
Ashok Kumar Ponnaiah
28d1264131 Check hostapd current_mode before dereferencing it in additional places
While most places using this should be for cases where the hw_features
functionality is required, there seem to be some paths that are getting
exposed in new OWE related operations where that might not be the case.
Add explicit NULL pointer checks to avoid dereferencing the pointer if
it is not set when operating with driver wrappers that do not provide
sufficient information.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-30 23:20:25 +02:00
Jouni Malinen
348c93847a AP-side workaround for WNM-Sleep Mode GTK/IGTK reinstallation issues
Normally, WNM-Sleep Mode exit with management frame protection
negotiated would result in the current GTK/IGTK getting added into the
WNM-Sleep Mode Response frame. Some station implementations may have a
vulnerability that results in GTK/IGTK reinstallation based on this
frame being replayed. Add a new hostapd configuration parameter that can
be used to disable that behavior and use EAPOL-Key frames for GTK/IGTK
update instead. This would likely be only used with
wpa_disable_eapol_key_retries=1 that enables a workaround for similar
issues with EAPOL-Key. This is related to station side vulnerabilities
CVE-2017-13087 and CVE-2017-13088. To enable this AP-side workaround,
set wnm_sleep_mode_no_keys=1.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-29 17:13:54 +02:00
Johannes Berg
3f5a1860a8 wpa_auth: Deplete group rekey eloop handler for strict rekeying
When strict group rekeying is in effect, every station that leaves will
cause a rekeying to happen 0.5 s after leaving. However, if a lot of
stations join/leave, the previous code could postpone this rekeying
forever, since it always re-registers the handling with a 0.5 s timeout.

Use eloop_deplete_timeout() to address that, only registering the
timeout from scratch if it wasn't pending.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-10-29 17:04:14 +02:00
Johannes Berg
92662fb281 Allow forcing group rekeying for testing purposes
In order to test the WoWLAN GTK rekeying KRACK mitigation, add a
REKEY_GTK hostapd control interface command that can be used at certain
points of the test.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-10-29 16:58:55 +02:00
Jouni Malinen
d270920692 DPP: Negotiation channel change request from Initiator
Allow the Initiator to request a different channel to be used for DPP
Authentication and DPP Configuration exchanges. This commit adds support
for this in wpa_supplicant with the optional neg_freq=<freq in MHz>
parameter in DPP_AUTH_INIT.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-29 16:08:02 +02:00
Jouni Malinen
e85b660129 DPP: Add DPP Status attribute into Peer Discovery Response
This was added in DPP tech spec v0.2.7 to allow result of network
introduction to be reported.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-29 12:16:15 +02:00
Jouni Malinen
19ef4289ca DPP: Process Authentication Confirm failure cases
Process Authentication Confirm with the two failure cases defined in the
spec: STATUS_NOT_COMPATIBLE and STATUS_AUTH_FAILURE. This verifies the
{R-nonce}k2 part and reports more detailed failure reason if the message
is valid.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-28 17:44:14 +03:00
Jouni Malinen
7d917ab048 DPP: Send Authentication Confirm failure reports
If Authentication Response processing fails due to R-capab
incompatibility or R-auth mismatch, send Authentication Confirm with
error status.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-28 17:44:14 +03:00
Jouni Malinen
978bc3f2af DPP: Auth Resp/Conf incorrect attribute values for protocol testing
This extends the dpp_test mechanism to allow I-nonce, R-capab, R-auth,
and I-auth values in Authentication Response/Confirm to use incorrect
values.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-28 17:44:10 +03:00
Jouni Malinen
9b51112031 DPP: Allow Responder to decide not to use mutual authentication
Previously, Initiator decided whether to use mutual authentication on
its own based on having own and peer bootstrapping info. This prevented
Responder from selecting not to use mutual authentication in such a
case. Fix this by allowed Initiator to fall back to non-mutual
authentication based on Responder choice if the bootstrapping mechanism
allows this (PKEX does not; it mandates use of mutual authentication).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-27 16:09:51 +03:00
Jouni Malinen
dcdaeab79c DPP: Report Auth Conf failures in control interface
This is useful for protocol testing purposes and UI needs to display
more detailed information about DPP exchanges.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-27 16:09:51 +03:00
Jouni Malinen
f9c7d77029 DPP: Omission of Auth Conf attributes for protocol testing
This extends the dpp_test mechanism to allow each of the required
attributes in Authentication Confirm to be omitted.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-27 16:09:51 +03:00
Jouni Malinen
26806abe85 DPP: Report invalid messages and failure conditions in control interface
This is useful for protocol testing purposes and UI needs to display
more detailed information about DPP exchanges.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 22:45:17 +03:00
Jouni Malinen
ce9acce006 DPP: Omission of Auth Resp attributes for protocol testing
This extends the dpp_test mechanism to allow each of the required
attributes in Authentication Response to be omitted.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 22:38:59 +03:00
Jouni Malinen
a03406dbe2 DPP: Move Authentication Response building into a separate function
This cleans up old dpp_auth_build_resp() (now dpp_auth_build_resp_ok())
a bit by separating initialization steps for a DPP authentication
session from the code needed to build the frame. This allows
dpp_auth_build_resp_status() to share the helper function instead of
having to maintain a duplicated message construction implementation. In
addition, this makes it easier to remove some of the attributes for
protocol testing purposes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 19:05:06 +03:00
Jouni Malinen
0e7cb8c6c1 DPP: Omission of Auth Req attributes for protocol testing
This extends the dpp_test mechanism to allow each of the required
attributes in Authentication Request to be omitted.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 18:27:53 +03:00
Jouni Malinen
606a8e8d57 DPP: Move Authentication Request building into a separate function
This cleans up dpp_auth_init() a bit by separating initialization steps
for a DPP authentication session from the code needed to build the
frame. In addition, this makes it easier to remove some of the
attributes for protocol testing purposes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 18:25:30 +03:00
Jouni Malinen
3749ad0e1d DPP: Explicitly check and reject 0x00 and 0x03 I/R-capab role
0x00 and 0x03 are not valid I/R-capabilities role values.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 17:21:57 +03:00
Jouni Malinen
af48810ba3 DPP: Report transmitted messages as control interface events
This is helpful for testing purposes and also for upper layer components
that may want to show more detailed progress through a DPP exchange.
Both the DPP-TX and DPP-TX-STATUS events are provided.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 17:21:57 +03:00
Jouni Malinen
a707393494 DPP: Report received messages as control interface events
This is helpful for testing purposes and also for upper layer components
that may want to show more detailed progress through a DPP exchange.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 17:21:57 +03:00
Jouni Malinen
27fefbbb76 DPP: Remove unnecessary Wrapped Data checks from callers
Now that dpp_check_attrs() takes care of verifying that no attributes
are after the Wrapped Data attribute, the duplicated checks in hostapd
and wpa_supplicant side of the implementation can be removed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 17:21:57 +03:00
Jouni Malinen
0c881807b5 DPP: Verify that Wrapped Data attribute is the last one in the message
Do not allow any additional attributes to be included after the Wrapped
Data attribute.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 17:21:57 +03:00
Jouni Malinen
60239f60a6 DPP: Protocol testing framework
Add a generic mechanism for configuring the DPP implementation to behave
in particular different (mostly incorrect) ways for protocol testing
purposes. The new dpp_test parameter can be set to a non-zero integer to
indicate a specific behavior. This is only available in
CONFIG_TESTING_OPTIONS=y builds.

This commit include cases for an extra attribute being added after the
Wrapped Data attribute and Initiator/Responder capabilities having an
unexpected zero capability.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 17:21:57 +03:00
Michael Baird
5f7c9e50f5 EAP server: Add event messages for more EAP states
While using an external RADIUS server SUCCESS messages were not being
sent (internal was fine). Also add event messages for other states that
others might find useful, and consistency between the two.

Signed-off-by: Michael Baird <Michael.Baird@ecs.vuw.ac.nz>
2017-10-21 20:28:46 +03:00
andrekorol
a68e0d869f Fix a typo in a comment (the variable is ptk, not pkt)
Signed-off-by: Andre Rossi Korol <anrobits@yahoo.com.br>
2017-10-21 12:02:54 +03:00
Ben Greear
74e55b6585 Fix test build breakage when not compiling with mesh support
Build breakage was introduced by commit
16579769ff ('Add testing functionality for
resetting PN/IPN for configured keys') for some CONFIG_TESTING_OPTIONS=y
builds.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2017-10-21 10:59:15 +03:00
Jouni Malinen
3d0fb95583 WNM: Ignore BSS Transition Management frames in bss_transition=0 case
The hostapd bss_transition parameter was previously used to control
advertisement of BSS Transition Management support, but it was not used
when processing BSS Transition Management Query/Response frames. Add an
explicit check during frame processing as well so that any misbehaving
station is ignored. In addition to bss_transition=1, allow mbo=1 to be
used to mark the functionality enabled.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-20 20:32:36 +03:00
Jouni Malinen
114f2830d2 WNM: Ignore WNM-Sleep Mode Request in wnm_sleep_mode=0 case
The hostapd wnm_sleep_mode parameter was previously used to control
advertisement of WNM-Sleep Mode support, but it was not used when
processing a request to use WNM-Sleep Mode. Add an explicit check during
request processing as well so that any misbehaving station is ignored.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-20 17:39:42 +03:00
Jouni Malinen
3d6953288b Extend RESEND_* test commands to allow forcing plaintext TX
This allows hostapd testing functionality to be forced to send out a
plaintext EAPOL-Key frame with the RESEND_* command. That can be useful
in seeing how the station behaves if an unencrypted EAPOL frame is
received when TK is already configured.

This is not really perfect since there is no convenient way of sending
out a single unencrypted frame in the current nl80211 design. The
monitor interface could likely still do this, but that's not really
supposed to be used anymore. For now, clear and restore TK during this
operation. The restore part is not really working correctly, though,
since it ends up clearing the TSC value on the AP side and that shows up
as replay protection issues on the station. Anyway, this is sufficient
to generate sniffer captures to analyze station behavior.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-19 18:32:16 +03:00
Jouni Malinen
4be5bc98a8 DPP: Update AES-SIV AD for PKEX frames
The protocol design was updated to protect the six octets in the header
before the attributes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-19 18:32:16 +03:00
Jouni Malinen
dc4d271c6d DPP: Update AES-SIV AD for DPP Authentication frames
The protocol design was updated to protect the six octets in the header
before the attributes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-18 22:51:30 +03:00
Vidyullatha Kanchanapally
084131c850 FILS: Allow eap_peer_get_erp_info() to be called without config
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-18 01:19:40 +03:00
Vidyullatha Kanchanapally
693eafb150 nl80211: Update FILS roam info from vendor roam event
Add support to update PMK, PMKID, and ERP next sequence number
from FILS roamed info.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-17 16:26:44 +03:00
Vidyullatha Kanchanapally
3c67e977de nl80211: Add support to send updated connection parameters
After an initial connection certain connection parameters may be
updated. It may be necessary to send these parameters to drivers since
these will be used in driver-initiated roaming cases. This commit
defines the driver_ops call for this and implements the needed
functionality for the nl80211 driver interface.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-17 16:04:51 +03:00
Vidyullatha Kanchanapally
cddfda7892 Add attributes to support roam+auth vendor event for FILS
Add additional attributes to specify the PMK, PMKID, and the ERP next
sequence number to the vendor subcommand
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH. These are needed in case
of an offloaded FILS roaming.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-17 15:55:44 +03:00
Jouni Malinen
c0fe5f125a Clear BSSID information in supplicant state machine on disconnection
This fixes a corner case where RSN pre-authentication candidate from
scan results was ignored if the station was associated with that BSS
just before running the new scan for the connection.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-17 01:15:24 +03:00
Jouni Malinen
006fb845b8 nl80211: Use NL80211_BSS_LAST_SEEN_BOOTTIME if available
This allows a more accurate scan result age to be fetched than the one
available through NL80211_BSS_SEEN_MS_AGO.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-17 00:07:17 +03:00
Jouni Malinen
a6ea665300 Additional consistentcy checks for PTK component lengths
Verify that TK, KCK, and KEK lengths are set to consistent values within
struct wpa_ptk before using them in supplicant. This is an additional
layer of protection against unexpected states.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-17 00:07:17 +03:00
Jouni Malinen
6f234c1e2e Optional AP side workaround for key reinstallation attacks
This adds a new hostapd configuration parameter
wpa_disable_eapol_key_retries=1 that can be used to disable
retransmission of EAPOL-Key frames that are used to install
keys (EAPOL-Key message 3/4 and group message 1/2). This is
similar to setting wpa_group_update_count=1 and
wpa_pairwise_update_count=1, but with no impact to message 1/4
retries and with extended timeout for messages 4/4 and group
message 2/2 to avoid causing issues with stations that may use
aggressive power saving have very long time in replying to the
EAPOL-Key messages.

This option can be used to work around key reinstallation attacks
on the station (supplicant) side in cases those station devices
cannot be updated for some reason. By removing the
retransmissions the attacker cannot cause key reinstallation with
a delayed frame transmission. This is related to the station side
vulnerabilities CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,
CVE-2017-13080, and CVE-2017-13081.

This workaround might cause interoperability issues and reduced
robustness of key negotiation especially in environments with
heavy traffic load due to the number of attempts to perform the
key exchange is reduced significantly. As such, this workaround
is disabled by default (unless overridden in build
configuration). To enable this, set the parameter to 1.

It is also possible to enable this in the build by default by
adding the following to the build configuration:

CFLAGS += -DDEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES=1

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-17 00:06:26 +03:00
Jouni Malinen
bb06748f45 Make last received ANonce available through control interface
This makes it easier to debug 4-way handshake implementation issues
without having to use a sniffer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 17:47:24 +03:00
Jouni Malinen
d8afdb210e Allow EAPOL-Key messages 1/4 and 3/4 to be retransmitted for testing
The new hostapd control interface commands "RESEND_M1 <addr>" and
"RESEND_M3 <addr>" can be used to request a retransmission of the 4-Way
Handshake messages 1/4 and 3/4 witht he same or modified ANonce (in M1).

This functionality is for testing purposes and included only in builds
with CONFIG_TESTING_OPTIONS=y.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 17:47:24 +03:00
Jouni Malinen
6bc2f00f44 Allow group key handshake message 1/2 to be retransmitted for testing
The new hostapd control interface command "RESEND_GROUP_M1 <addr>" can
be used to request a retransmission of the Group Key Handshake message
1/2 for the current GTK.

This functionality is for testing purposes and included only in builds
with CONFIG_TESTING_OPTIONS=y.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 17:47:24 +03:00
Jouni Malinen
16579769ff Add testing functionality for resetting PN/IPN for configured keys
This can be used to test replay protection. The "RESET_PN" command in
wpa_supplicant and "RESET_PN <addr>" command in hostapd resets the local
counters to zero for the last configured key. For hostapd, the address
parameter specifies which STA this operation is for or selects GTK
("ff:ff:ff:ff:ff:ff") or IGTK ("ff:ff:ff:ff:ff:ff IGTK").

This functionality is for testing purposes and included only in builds
with CONFIG_TESTING_OPTIONS=y.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 17:43:10 +03:00
Jouni Malinen
b488a12948 Clear PMK length and check for this when deriving PTK
Instead of setting the default PMK length for the cleared PMK, set the
length to 0 and explicitly check for this when deriving PTK to avoid
unexpected key derivation with an all-zeroes key should it be possible
to somehow trigger PTK derivation to happen before PMK derivation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
00583ef111 Add debug prints on PMK configuration in WPA supplicant
This makes it easier to understand the cases where PMK gets configured
based on information from upper layer call (e.g., a PSK).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Mathy Vanhoef
a00e946c1c WPA: Extra defense against PTK reinstalls in 4-way handshake
Currently, reinstallations of the PTK are prevented by (1) assuring the
same TPTK is only set once as the PTK, and (2) that one particular PTK
is only installed once. This patch makes it more explicit that point (1)
is required to prevent key reinstallations. At the same time, this patch
hardens wpa_supplicant such that future changes do not accidentally
break this property.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2017-10-16 02:03:47 +03:00
Jouni Malinen
a0bf1b68c0 Remove all PeerKey functionality
This was originally added to allow the IEEE 802.11 protocol to be
tested, but there are no known fully functional implementations based on
this nor any known deployments of PeerKey functionality. Furthermore,
PeerKey design in the IEEE Std 802.11-2016 standard has already been
marked as obsolete for DLS and it is being considered for complete
removal in REVmd.

This implementation did not really work, so it could not have been used
in practice. For example, key configuration was using incorrect
algorithm values (WPA_CIPHER_* instead of WPA_ALG_*) which resulted in
mapping to an invalid WPA_ALG_* value for the actual driver operation.
As such, the derived key could not have been successfully set for the
link.

Since there are bugs in this implementation and there does not seem to
be any future for the PeerKey design with DLS (TDLS being the future for
DLS), the best approach is to simply delete all this code to simplify
the EAPOL-Key handling design and to get rid of any potential issues if
these code paths were accidentially reachable.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
e760851176 FILS: Do not allow multiple (Re)Association Response frames
The driver is expected to not report a second association event without
the station having explicitly request a new association. As such, this
case should not be reachable. However, since reconfiguring the same
pairwise or group keys to the driver could result in nonce reuse issues,
be extra careful here and do an additional state check to avoid this
even if the local driver ends up somehow accepting an unexpected
(Re)Association Response frame.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
2f1357fb62 FILS: Accept another (Re)Association Request frame during an association
The previous implementation ended up starting a new EAPOL-Key 4-way
handshake if the STA were to attempt to perform another association.
This resulted in immediate disconnection since the PTK was not ready for
configuring FILS TK at the point when EAPOL-Key msg 1/4 is sent out.
This is better than alloing the association to continue with the same TK
reconfigured, but not really ideal.

Address this potential sequence by not starting a new 4-way handshake on
the additional association attempt. Instead, allow the association to
complete, but do so without reconfiguring the TK to avoid potential
issues with PN reuse with the same TK.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
df94906201 Add MGMT_TX_STATUS_PROCESS command for testing purposes
This allows ext_mgmt_frame_handling=1 cases with hostapd to process TX
status events based on external processing. This is useful for increased
test coverage of management frame processing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
2a9c5217b1 FT: Do not allow multiple Reassociation Response frames
The driver is expected to not report a second association event without
the station having explicitly request a new association. As such, this
case should not be reachable. However, since reconfiguring the same
pairwise or group keys to the driver could result in nonce reuse issues,
be extra careful here and do an additional state check to avoid this
even if the local driver ends up somehow accepting an unexpected
Reassociation Response frame.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
ff89af96e5 TDLS: Reject TPK-TK reconfiguration
Do not try to reconfigure the same TPK-TK to the driver after it has
been successfully configured. This is an explicit check to avoid issues
related to resetting the TX/RX packet number. There was already a check
for this for TPK M2 (retries of that message are ignored completely), so
that behavior does not get modified.

For TPK M3, the TPK-TK could have been reconfigured, but that was
followed by immediate teardown of the link due to an issue in updating
the STA entry. Furthermore, for TDLS with any real security (i.e.,
ignoring open/WEP), the TPK message exchange is protected on the AP path
and simple replay attacks are not feasible.

As an additional corner case, make sure the local nonce gets updated if
the peer uses a very unlikely "random nonce" of all zeros.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
0adc9b28b3 Fix PTK rekeying to generate a new ANonce
The Authenticator state machine path for PTK rekeying ended up bypassing
the AUTHENTICATION2 state where a new ANonce is generated when going
directly to the PTKSTART state since there is no need to try to
determine the PMK again in such a case. This is far from ideal since the
new PTK would depend on a new nonce only from the supplicant.

Fix this by generating a new ANonce when moving to the PTKSTART state
for the purpose of starting new 4-way handshake to rekey PTK.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Mathy Vanhoef
53bb18cc8b Prevent installation of an all-zero TK
Properly track whether a PTK has already been installed to the driver
and the TK part cleared from memory. This prevents an attacker from
trying to trick the client into installing an all-zero TK.

This fixes the earlier fix in commit
ad00d64e7d ('Fix TK configuration to the
driver in EAPOL-Key 3/4 retry case') which did not take into account
possibility of an extra message 1/4 showing up between retries of
message 3/4.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2017-10-16 02:03:47 +03:00
Jouni Malinen
87e2db16ba Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
This extends the protection to track last configured GTK/IGTK value
separately from EAPOL-Key frames and WNM-Sleep Mode frames to cover a
corner case where these two different mechanisms may get used when the
GTK/IGTK has changed and tracking a single value is not sufficient to
detect a possible key reconfiguration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Mathy Vanhoef
cb5132bb35 Prevent reinstallation of an already in-use group key
Track the current GTK and IGTK that is in use and when receiving a
(possibly retransmitted) Group Message 1 or WNM-Sleep Mode Response, do
not install the given key if it is already in use. This prevents an
attacker from trying to trick the client into resetting or lowering the
sequence counter associated to the group key.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2017-10-16 02:03:47 +03:00
Mathy Vanhoef
0e3bd7ac68 hostapd: Avoid key reinstallation in FT handshake
Do not reinstall TK to the driver during Reassociation Response frame
processing if the first attempt of setting the TK succeeded. This avoids
issues related to clearing the TX/RX PN that could result in reusing
same PN values for transmitted frames (e.g., due to CCM nonce reuse and
also hitting replay protection on the receiver) and accepting replayed
frames on RX side.

This issue was introduced by the commit
0e84c25434 ('FT: Fix PTK configuration in
authenticator') which allowed wpa_ft_install_ptk() to be called multiple
times with the same PTK. While the second configuration attempt is
needed with some drivers, it must be done only if the first attempt
failed.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2017-10-16 02:03:47 +03:00
Jouni Malinen
c53eb94616 OWE: Remove forgotten developer debug prints
These were used during initial implementation testing and were not
supposed to get committed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-11 23:43:59 +03:00
Jouni Malinen
2377c1caef SAE: Allow SAE password to be configured separately (AP)
The new sae_password hostapd configuration parameter can now be used to
set the SAE password instead of the previously used wpa_passphrase
parameter. This allows shorter than 8 characters and longer than 63
characters long passwords to be used. In addition, this makes it
possible to configure a BSS with both WPA-PSK and SAE enabled to use
different passphrase/password based on which AKM is selected.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-11 23:10:19 +03:00
Jouni Malinen
58efbcbcd4 DPP: Fix static analyzer warnings in key generation and JWK construction
Memory allocation failures could have resulted in error paths that
dereference a NULL pointer or double-freeing memory. Fix this by
explicitly clearing the freed pointer and checking allocation results.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-11 18:19:03 +03:00
Jouni Malinen
91cc34bf32 OWE: Allow set of enabled DH groups to be limited on AP
The new hostapd configuration parameter owe_groups can be used to
specify a subset of the allowed DH groups as a space separated list of
group identifiers.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 21:03:57 +03:00
Jouni Malinen
265bda3444 OWE: Allow DH Parameters element to be overridden for testing purposes
This allows CONFIG_TESTING_OPTIONS=y builds of wpa_supplicant to
override the OWE DH Parameters element in (Re)Association Request frames
with arbitrary data specified with the "VENDOR_ELEM_ADD 13 <IE>"
command. This is only for testing purposes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 18:26:29 +03:00
Jouni Malinen
8c19ea3f21 DPP: Add the crypto suite field to the frames
This additional field was added to DPP Public Action frames in DPP tech
spec v0.2.3 to support cryptographic agility in the future.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 01:30:08 +03:00
Jouni Malinen
c77e2ff096 DPP: Remove C-sign-key expiry
This was removed in DPP tech spec v0.2.3.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 01:17:33 +03:00
Jouni Malinen
6254045a51 DPP: Explicitly delete the PKEX secret element K upon generation of z
This was added as an explicit requirement in DPP tech spec 0.2.3.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 00:56:21 +03:00
Jouni Malinen
0e6709a4ea DPP: Rename PKEX secret element from Z to K
This matches the change in the DPP tech spec to make this less likely to
be confused with the shared secret z.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 00:52:35 +03:00
Jouni Malinen
6573171792 DPP: Verify that PKEX Qi is not the point-at-infinity
This was added as an explicit requirement in DPP tech spec v0.2.3.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 00:42:34 +03:00
Jouni Malinen
a891388184 OWE: Transition mode information based on BSS ifname
The owe_transition_bssid and owe_transition_ssid parameters can now be
replace with owe_transition_ifname to clone the BSSID/SSID information
automatically in case the same hostapd process manages both the OWE and
open BSS for transition mode.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-09 13:39:23 +03:00
Jouni Malinen
5a78c36194 OWE: PMKSA caching in station mode
This extends OWE support in wpa_supplicant to allow PMKSA caching to be
used.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-09 12:12:54 +03:00
Jouni Malinen
d90f10fa41 OWE: PMKSA caching in AP mode
This extends OWE support in hostapd to allow PMKSA caching to be used.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-09 12:12:54 +03:00
Jouni Malinen
8b5579e17a DPP: Fix EAPOL-Key Key MIC calculation
The Key MIC field value got truncated for all cases and incorrect HMAC
hash algorithm was used for the SHA512 cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-08 17:12:35 +03:00
Jouni Malinen
ec9f483774 OWE: Support DH groups 20 (NIST P-384) and 21 (NIST P-521) in station
This extends OWE support in wpa_supplicant to allow DH groups 20 and 21
to be used in addition to the mandatory group 19 (NIST P-256). The group
is configured using the new network profile parameter owe_group.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-08 17:12:35 +03:00
Jouni Malinen
7a12edd163 OWE: Support DH groups 20 (NIST P-384) and 21 (NIST P-521) in AP mode
This extends OWE support in hostapd to allow DH groups 20 and 21 to be
used in addition to the mandatory group 19 (NIST P-256).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-08 17:12:35 +03:00
Jouni Malinen
6c4726189c OWE: Extend shared helper functions to support other DH curves
This extends the helper functions for determining OWE key lengths and
Key MIC values to support other DH curves beyond the mandatory group 19.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-08 17:12:35 +03:00
Jouni Malinen
d8c8d85753 OWE: Include RSNE in (Re)Association Response frame
This is not normally done in RSN, but RFC 8110 seems to imply that AP
has to include OWE AKM in the RSNE within these frames. So, add the RSNE
to (Re)Association Response frames when OWE is being negotiated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-08 17:12:35 +03:00
Jouni Malinen
675112df1b OWE: Set PMK length properly on supplicant side
sm->pmk_len was not set when deriving the PMK as part of OWE key
generation. This depending on wpa_sm_set_pmk_from_pmksa() call resetting
the value to the default. While this worked for many cases, this is not
correct and can have issues with network profile selection based on
association information. For example, the OWE transition mode cases
would hit an issue here.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-08 17:12:35 +03:00
Jouni Malinen
ea079153f4 OWE: Add AP support for transition mode
The new owe_transition_bssid and owe_transition_ssid parameters can be
used to configure hostapd to advertise the OWE Transition Mode element.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-08 17:12:35 +03:00
Peng Xu
4a37463416 hostapd: Update HE capabilities and HE operation definition
Replace vendor-specific elements for HE capabilities and HE operation
elements with the P802.11ax defined element values. This version is
based on P802.11ax/D1.4.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-05 15:09:43 +03:00
bhagavathi perumal s
3567641ebb Add TX/RX rate info and signal strength into STA output
These allow external programs to fetch the TX and RX rate information
and signal strength for a specific STA through the hostapd control
interface command "STA <addr>". The values of these attributes are
filled in the response of nl80211 command NL80211_CMD_GET_STATION.

Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
2017-10-05 12:12:24 +03:00
Lior David
fa4b605a0d WPS: Do not increment wildcard_uuid when pin is locked
Commit 84751b98c1 ('WPS: Allow wildcard
UUID PIN to be used twice') relaxed the constraints on how many time a
wildcard PIN can be used to allow two attempts. However, it did this in
a way that could result in concurrent attempts resulting in the wildcard
PIN being invalidated even without the second attempt actually going as
far as trying to use the PIN and a WPS protocol run.

wildcard_uuid is a flag/counter set for wildcard PINs and it is
incremented whenever the PIN is retrieved by wps_registrar_get_pin().
Eventually it causes the wildcard PIN to be released, effectively
limiting the number of registration attempts with a wildcard PIN.

With the previous implementation, when the PIN is in use and locked
(PIN_LOCKED), it is not returned from wps_registrar_get_pin() but
wildcard_uuid is still incremented which can cause the PIN to be
released earlier and stations will have fewer registration attempts with
it. Fix this scenario by only incrementing wildcard_uuid if the PIN is
actually going to be returned and used.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2017-10-03 19:19:01 +03:00
Krishna Rao
ee522d27cf Vendor flags for 11ax channel property flags for use with external ACS
Add 802.11ax channel property flags for use with external ACS (QCA
vendor command). Use the remaining available bits in
qca_wlan_vendor_channel_prop_flags for the first few 11ax flags. Then
add qca_wlan_vendor_channel_prop_flags_2 as a continuation of
qca_wlan_vendor_channel_prop_flags and add the remaining 11ax flags
there. Note that qca_wlan_vendor_channel_prop_flags_ext is not used
since it is currently not intended for holding such information. Rather
it is meant for holding additional control information related to
features such as DFS, CSA, etc.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-26 18:00:47 +03:00
Jouni Malinen
61a56c1480 Add group_mgmt network parameter for PMF cipher selection
The new wpa_supplicant network parameter group_mgmt can be used to
specify which group management ciphers (AES-128-CMAC, BIP-GMAC-128,
BIP-GMAC-256, BIP-CMAC-256) are allowed for the network. If not
specified, the current behavior is maintained (i.e., follow what the AP
advertises). The parameter can list multiple space separate ciphers.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-26 17:40:02 +03:00
Michael Braun
0ad5893a2f PAE: Validate input before pointer
ieee802_1x_kay_decode_mkpdu() calls ieee802_1x_mka_i_in_peerlist()
before body_len has been checked on all segments.

ieee802_1x_kay_decode_mkpdu() and ieee802_1x_mka_i_in_peerlist() might
continue and thus underflow left_len even if it finds left_len to small
(or before checking).

Additionally, ieee802_1x_mka_dump_peer_body() might perform out of bound
reads in this case.

Fix this by checking left_len and aborting if too small early.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-09-25 21:26:32 +03:00
Ilan Peer
fd35ed5bba AP: Remove unneeded check for 'added_unassociated'
In fils_hlp_finish_assoc() the station is already added to the
driver so it is not needed to check the 'added_unassociated'
flag.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2017-09-25 21:21:22 +03:00
Vamsi Krishna
d55b174609 FILS: Vendor attribute to disable driver FILS features
The FILS features on STA needs to be disabled for testing purposes to
verify the APUT behavior with non-FILS STAs. Add a QCA vendor attribute
for doing so.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-25 20:22:46 +03:00
Jouni Malinen
29c940e7a6 TDLS: Update the comments related to TPK derivation
Update these comments based on IEEE Std 802.11-2016 to get rid of the
already resolved TODO comment regarding duplicated N_KEY use. The
implementation does not need any changes since it was already following
the fixed version in the current standard.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-22 10:23:35 +03:00
Peng Xu
3de1566db8 FILS: Check req_ies for NULL pointer in hostapd_notif_assoc()
Add checking for NULL req_ies when FILS processing a driver ASSOC event
in hostapd_notif_assoc(). This was already done in number of old code
paths, but the newer FILS path did not handle this. Though, it is
unlikely that this code path would be reachable in practice since this
is all within sta->auth_alg == WLAN_AUTH_FILS_* check.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-19 15:28:58 +03:00
Jouni Malinen
1c9663cf6b OpenSSL: Force RSA 3072-bit DH prime size limit for Suite B
Reject a DHE handshake if the server uses a DH prime that does not have
sufficient length to meet the Suite B 192-bit level requirement (<= 3k
(3072) bits).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-18 12:12:48 +03:00
Jouni Malinen
2ed70c7586 OpenSSL: Add option to disable ECDHE with Suite B RSA
The hostapd.conf tls_flags=[SUITEB-NO-ECDH] and wpa_supplicant network
profile phase1="tls_suiteb_no_ecdh=1" can now be used to configure Suite
B RSA constraints with ECDHE disabled. This is mainly to allow
the DHE TLS cipher suite to be tested.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-18 12:12:48 +03:00
Jouni Malinen
4eb8cfe06b OpenSSL: Force RSA 3072-bit key size limit for Suite B
Reject a peer certificate chain if it includes an RSA public key that
does not use sufficient key length to meet the Suite B 192-bit level
requirement (<= 3k (3072) bits).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-18 12:12:48 +03:00
Jouni Malinen
6418400db9 Add hostapd tls_flags parameter
This can be used to set the TLS flags for authentication server.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-18 12:12:48 +03:00
Jouni Malinen
60ed2f24eb Suite B: Add tls_suiteb=1 parameter for RSA 3k key case
This adds phase1 parameter tls_suiteb=1 into wpa_supplicant
configuration to allow TLS library (only OpenSSL supported for now) to
use Suite B 192-bit level rules with RSA when using >= 3k (3072) keys.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-17 00:09:47 +03:00
Jouni Malinen
5030d7d9fd DPP: Allow raw hex PSK to be used for legacy configuration
The new psk=<hexdump> can be used as an alternative to pass=<passphrase>
when configuring the DPP Configurator with a legacy network parameters.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-15 17:54:31 +03:00
Jouni Malinen
039ab15fdf DPP: Add DPP-CONFOBJ-PASS/PSK events for hostapd legacy configuration
These control interface event messages can be used to allow hostapd AP
to be configured for legacy WPA2-Personal configuration with DPP.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-15 17:45:06 +03:00
Jouni Malinen
9824de57a4 Fix EAPOL-Key version check for a corner case with Suite B AKM
While the Suite B AKM is not really going to be used with CCMP-128 or
GCMP-128 cipher, this corner case could be fixed if it is useful for
some testing purposes. Allow that special case to skip the HMAC-SHA1
check based on CCMP/GCMP cipher and use the following AKM-defined check
instead.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-15 00:36:25 +03:00
Jouni Malinen
4cada9dcc1 FILS: Add DHss into FILS-Key-Data derivation when using FILS SK+PFS
This part is missing from IEEE Std 802.11ai-2016, but the lack of DHss
here means there would not be proper PFS for the case where PMKSA
caching is used with FILS SK+PFS authentication. This was not really the
intent of the FILS design and that issue was fixed during REVmd work
with the changes proposed in
https://mentor.ieee.org/802.11/dcn/17/11-17-0906-04-000m-fils-fixes.docx
that add DHss into FILS-Key-Data (and PTK, in practice) derivation for
the PMKSA caching case so that a unique ICK, KEK, and TK are derived
even when using the same PMK.

Note: This is not backwards compatible, i.e., this breaks PMKSA caching
with FILS SK+PFS if only STA or AP side implementation is updated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-13 22:17:58 +03:00
Jouni Malinen
41b8191485 FILS: Update PMKID derivation rules for ERP key hierarchy establishment
IEEE Std 802.11ai-2016 had missed a change in the Pairwise key hierarchy
clause (12.7.1.3 in IEEE Std 802.11-2016) and due to that, the previous
implementation ended up using HMAC-SHA-1 -based PMKID derivation. This
was not really the intent of the FILS design and that issue was fixed
during REVmd work with the changes proposed in
https://mentor.ieee.org/802.11/dcn/17/11-17-0906-04-000m-fils-fixes.docx
that change FILS cases to use HMAC-SHA-256 and HMAC-SHA-384 based on the
negotiated AKM.

Update the implementation to match the new design. This changes the
rsn_pmkid() function to take in the more generic AKMP identifier instead
of a boolean identifying whether SHA256 is used.

Note: This is not backwards compatible, i.e., this breaks PMKSA caching
based on the initial ERP key hierarchy setup if only STA or AP side
implementation is updated. PMKSA caching based on FILS authentication
exchange is not impacted by this, though.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-13 22:17:58 +03:00
Michael Braun
73b3de01ce macsec_linux: Exit early when missing macsec kernel module
Using driver macsec_linux makes no sense without macsec kernel module
loaded.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-09-10 22:26:36 +03:00
Sabrina Dubroca
7612e65b9b mka: Add error handling for secy_init_macsec() calls
secy_init_macsec() can fail (if ->macsec_init fails), and
ieee802_1x_kay_init() should handle this and not let MKA run any
further, because nothing is going to work anyway.

On failure, ieee802_1x_kay_init() must deinit its kay, which will free
kay->ctx, so ieee802_1x_kay_init callers (only ieee802_1x_alloc_kay_sm)
must not do it. Before this patch there is a double-free of the ctx
argument when ieee802_1x_kay_deinit() was called.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2017-09-10 22:23:25 +03:00
Rohit Pratap Singh
fdbfb63e45 nl80211: Fix bridge name print while removing interface from bridge
Removing interface from bridge in_br
linux_br_del_if(drv->global->ioctl_sock, in_br, ifname)
but in case of failure, the error print is incorrect:
it should show error for "in_br" instead of the wrong bridge name
"brname".

Signed-off-by: Rohit Pratap Singh <rohit.s@samsung.com>
Signed-off-by: Amit Khatri <amit.khatri@samsung.com>
2017-09-10 22:11:08 +03:00
Michael Braun
333517ac1c crypto: Fix undefined behavior in random number generator
ubsan reported:

../src/crypto/random.c:69:30: runtime error: shift exponent 32 is too large for 32-bit type 'unsigned int'

Explicitly check for the ROL32(x, 0) case which is supposed to be a
no-op.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-09-10 21:50:21 +03:00
Akihiro Onodera
84fccc7242 Send Client-Error when AT_KDF attributes from the server are incorrect
After KDF negotiation, must check only requested change occurred in the
list of AT_KDF attributes. If there are any other changes, the peer must
behave like the case that AT_MAC had been incorrect and authentication
is failed. These are defined in EAP-AKA' specification RFC 5448, Section
3.2.

Add a complete check of AT_KDF attributes and send Client-Error if a
change which is not requested is included in it.

Signed-off-by: Tomoharu Hatano <tomoharu.hatano@sony.com>
2017-09-10 20:11:07 +03:00
Akihiro Onodera
446600c354 Add AT_KDF attributes to Synchronization-Failure in EAP-AKA'
AT_KDF attributes need to be included in Synchronization-Failure
according to EAP-AKA' specification RFC 5448.

Signed-off-by: Tomoharu Hatano <tomoharu.hatano@sony.com>
2017-09-10 01:39:37 +03:00
Andrew Elble
155bf11088 PMKSA: Fix use-after-free in pmksa_cache_clone_entry()
pmksa_cache_add_entry() may actually free old_entry if the PMKSA cache
is full. This can result in the PMKSA cache containing entries with
corrupt expiration times.

Signed-off-by: Andrew Elble <aweits@rit.edu>
2017-09-10 01:39:37 +03:00
Jouni Malinen
49e6a55537 FILS: Add a space before MAC address to a HLP debug message
The "FILS: No pending HLP DHCP exchange with hw_addr" debug message was
missing a space before the following MAC address, so add that there to
make the message more readable.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-07 13:33:40 +03:00
Jouni Malinen
359166ed24 Remove the completely unused FT parameters in driver association data
It looks like these parameters related to FT have never been used, so
remove them from causing confusion. The separate update_ft_ies()
callback is used to provide the FT elements.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-06 21:20:13 +03:00
Jouni Malinen
3db2a82df8 Add SHA-384 routines to libcrypto.a
wlantest needs this for being able to decrypt FILS (Re)Association
Request/Response frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-05 18:58:59 +03:00
Jouni Malinen
3648d8a185 SAE: Allow commit fields to be overridden for testing purposes
The new sae_commit_override=<hexdump> parameter can be used to force
hostapd to override SAE commit message fields for testing purposes. This
is included only in CONFIG_TESTING_OPTIONS=y builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-04 13:32:03 +03:00
Jouni Malinen
e75335384a SAE: Add testing code for reflection attack
Allow hostapd to be configured to perform SAE reflection attack for SAE
testing purposes with sae_reflection_attack=1 configuration parameter.
This is included only in CONFIG_TESTING_OPTIONS=y builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-04 13:32:03 +03:00
Jouni Malinen
e61fea6b46 SAE: Fix PMKSA caching behavior in AP mode
Add PMKID into EAPOL-Key 1/4 when using SAE and fix the PMK-from-PMKSA
selection in some cases where PSK (from passphrase) could have been
used.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-04 13:32:03 +03:00
Jouni Malinen
c2d4f2eb5d DPP: Derive PMKID using SHA256() for all curves
This was previously defined inconsistently (H() vs. SHA256()), but it is
now clarified in the draft tech spec to use SHA256(), so update
implementation to do that.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-08-24 23:59:44 +03:00
Jouni Malinen
64a0a75b5b nl80211: Fix auth_alg selection with FILS in the connect command
NL80211_ATTR_AUTH_TYPE needs to be skipped if multiple auth_alg options
are included. The previous list missed the new FILS auth_alg here and
ended up not doing so if OPEN and FILS were included.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-08-24 23:30:20 +03:00
Jouni Malinen
7475e80f14 FILS: Fix wpa_supplicant AP build without CONFIG_IEEE80211W
CONFIG_FILS was missed as one of items requiring the p pointer in
hostapd_notif_assoc().

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-08-24 17:33:03 +03:00
Jouni Malinen
85fd8263a5 DPP: Use Transaction ID in Peer Discovery Request/Response frames
DPP tech spec changed the contents of these frames by replacing the
public key hash attributes with a Transaction ID attribute that gets
copied from the request to the response to identify the transaction in a
simpler manner.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-08-23 12:51:41 +03:00
Hu Wang
a28675da23 hs20-osu-client: Fix build with new OpenSSL and BoringSSL
Use the SSL_get_SSL_CTX() helper instead of dereferencing SSL* since
struct ssl_st is not exposed in public header files anymore.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-08-23 11:40:10 +03:00
Sunil Dutt
cf39475b40 Introduce QCA_NL80211_VENDOR_SUBCMD_HANG
This is an event indicating to the user space that the driver has
detected an internal failure. The driver is expected to recover from
such a failure automatically, e.g., by resetting the device. This event
carries the information indicating the reason that triggered this
detection.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-08-23 11:32:07 +03:00
Jouni Malinen
17385fba2a tests: JSON module tests for additional array parsing
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-08-23 00:29:52 +03:00
Jouni Malinen
d4488b9dad JSON: Fix parsing of arrays of numbers, strings, literals
The previous implementation was able to parse arrays of objects, but not
arrays of other types of items.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-08-23 00:28:55 +03:00
Jouni Malinen
a4bf007877 DPP: Remove devices object from the connector
This was removed from the draft DPP tech spec, so remove it from the
implementation as well.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-08-22 23:46:27 +03:00
Sachin Ahuja
e77d13ef95 QCA vendor attribute to configure beacon miss penalize count for BTC
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-08-18 21:10:53 +03:00
Sachin Ahuja
7bd88aaf37 QCA vendor attribute to configure beacon miss count
This can be used to dynamically enable/disable beacon miss count.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-08-18 21:10:53 +03:00
Sandeep Puligilla
505554bbf7 QCA vendor attribute to enable/disable scan
This commit introduces QCA vendor attribute to
disable/enable scan.

Signed-off-by: Sandeep Puligilla <spuligil@qti.qualcomm.com>
2017-08-18 21:10:53 +03:00
Sven Eckelmann
b0fc2ef3a3 hw_features: Fix check of supported 802.11ac channel width
The two channel width bits in the VHT capability field can be decoded in
following values (IEEE Std 802.11ac-2013 8.4.2.160.2 VHT Capabilities
Info field):

 * 0: no 160 or 80+80 MHz support
 * 1: 160 MHz support
 * 2: 160 and 80+80 MHz support
 * 3: (reserved)

The check must therefore not be done bitwise but instead it must checked
whether the capabilities announced by the driver are at least the ones
requested by the user.

Fixes: c781eb8428 ("hostapd: Verify VHT capabilities are supported by driver")
Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
2017-07-18 13:39:46 +03:00
Avraham Stern
b5bf84ba39 WNM: Differentiate between WNM for station and for AP in build
Previously, CONFIG_WNM enabled build that supports WNM for both
station mode and AP mode. However, in most wpa_supplicant cases only
station mode WNM is required and there is no need for AP mode WNM.

Add support to differentiate between station mode WNM and AP mode
WNM in wpa_supplicant builds by adding CONFIG_WNM_AP that should be
used when AP mode WNM support is required in addition to station mode
WNM. This allows binary size to be reduced for builds that require
only the station side WNM functionality.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2017-07-18 13:28:09 +03:00
Jouni Malinen
809c675029 DPP: Fix build with OpenSSL 1.1.0
X509_ALGOR_get0() was modified to use const ** pointer as the first
argument in OpenSSL 1.1.0, so need to use different type here to avoid
compilation issues.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-07-17 12:26:44 +03:00
Jouni Malinen
89971d8b1e OpenSSL: Clear default_passwd_cb more thoroughly
Previously, the pointer to strdup passwd was left in OpenSSL library
default_passwd_cb_userdata and even the default_passwd_cb was left set
on an error path. To avoid unexpected behavior if something were to
manage to use there pointers, clear them explicitly once done with
loading of the private key.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-07-17 12:06:17 +03:00
Beniamino Galvani
f665c93e1d OpenSSL: Fix private key password handling with OpenSSL >= 1.1.0f
Since OpenSSL version 1.1.0f, SSL_use_PrivateKey_file() uses the
callback from the SSL object instead of the one from the CTX, so let's
set the callback on both SSL and CTX. Note that
SSL_set_default_passwd_cb*() is available only in 1.1.0.

Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
2017-07-17 11:57:16 +03:00
Beniamino Galvani
2b9891bd6e OpenSSL: Add build option to select default ciphers
Add a build option to select different default ciphers for OpenSSL
instead of the hardcoded default "DEFAULT:!EXP:!LOW".

This new option is useful on distributions where the security level
should be consistent for all applications, as in Fedora [1]. In such
cases the new configuration option would be set to "" or
"PROFILE=SYSTEM" to select the global crypto policy by default.

[1] https://fedoraproject.org/wiki/Changes/CryptoPolicy

Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
2017-07-17 11:55:22 +03:00
Ashwini Patil
65833d71a5 OCE: Add hostapd mode OCE capability indication if enabled
Add OCE IE in Beacon, Probe Response, and (Re)Association Response
frames if OCE is enabled in the configuration.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-14 21:27:00 +03:00
Ashwini Patil
332aadb8a2 STA: Add OCE capability indication attribute
Add OCE capability indication attribute in Probe Request and
(Re)Association Request frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-14 21:19:53 +03:00
Ashwini Patil
fb718f94d6 nl80211: Check if driver supports OCE specific features
Check if device supports OCE STA/STA-CFON/AP specific mandatory
features. This commit includes checking based on the QCA vendor
attributes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-14 21:13:22 +03:00
vamsi krishna
46b15e470e Add vendor flags for OCE feature support indication
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-14 21:11:35 +03:00
Sunil Dutt
9f44f7f3b5 Introduce a vendor attribute to represent the PNO/EPNO Request ID
This request ID was wrongly referred from the REQUEST_ID in
enum qca_wlan_vendor_attr_gscan_config_params which is mapped to
QCA_WLAN_VENDOR_ATTR_PNO_PASSPOINT_LIST_PARAM_NUM in PNO Config.
Hence define a different attribute to represent the request ID
for PNO Config.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-14 21:11:35 +03:00
Emmanuel Grumbach
881a92e8b8 FILS: Fix compilation with CONFIG_NO_WPA
wpa_fils_is_completed() was not defined.

Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
2017-07-08 16:21:38 +03:00
Jouni Malinen
1f2ae8cff5 EAP-TTLS: Fix a memory leak on error paths
The allocated challenge needs to be freed on these error paths as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-07-08 16:21:38 +03:00
Ilan Peer
83e003a913 EAP-TTLS: Fix possible memory leak in eap_ttls_phase2_request_mschap()
The msg buffer needs to be freed on these two error paths.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2017-07-08 16:19:36 +03:00
Ilan Peer
96e595a9f1 EAP-LEAP: Fix possible memory leak in eap_leap_process_request()
Free 'resp' object in case of a failure to derive the response.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2017-07-08 16:14:03 +03:00
Naftali Goldstein
3f8e3a5486 ap: Fix invalid HT40 channel pair fallback
In case of incorrect HT40 configuration as part of an attempt to create
a 80 MHz AP, iface->conf->vht_oper_centr_freq_seg0_idx and
iface->conf->vht_oper_centr_freq_seg1_idx are zero'ed, but
iface->conf->vht_oper_chwidth remains VHT_CHANWIDTH_80MHZ. This causes
the logic in dfs_get_start_chan_idx to fail.

Fix this by setting iface->conf->vht_oper_chwidth to
VHT_CHANWIDTH_USE_HT when zero'ing the center frequency parameters.

Signed-off-by: Naftali Goldstein <naftali.goldstein@intel.com>
2017-07-08 16:06:38 +03:00
Ilan Peer
6d3e24d3e3 ap: Fix return value in hostapd_drv_switch_channel()
The documentation in driver.h state that in case of an error
-1 is returned.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2017-07-08 16:06:38 +03:00
Andrei Otcheretianski
bfbc41eace DPP: Fix compilation without openssl
dpp.h file requires openssl in order to compile, which breaks
compilation on systems without it.
Move DPP_OUI_TYPE to ieee802_11_defs.h and don't include dpp.h when
not really needed.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2017-07-07 23:37:45 +03:00
Vidyullatha Kanchanapally
fe3e0bac1f FILS: Advertize FILS capability based on driver capability
Add changes to control interface command get_capability to advertize
FILS capability, FILS AKMs suites, and FILS Authentication algorithms
based on the driver capabilities.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-07 13:39:05 +03:00
Jouni Malinen
5579c11c3e Fix a typo in vendor attribute documentation
The attribute is QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SAR_ENABLE, not
QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-07 13:26:45 +03:00
Jeffin Mammen
8b5ddda5fb FILS: Add HLP support with driver-based AP SME
This allows HLP processing to postpone association processing in
hostapd_notify_assoc().

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-06 15:24:42 +03:00
Jeffin Mammen
31ec556cef FILS: Fix the IP header protocol field in HLP DHCP response
The IP header should indicate that UDP is used in the message.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-06 14:00:30 +03:00
Jouni Malinen
b3e567c890 FILS: ERP-based PMKSA cache addition on AP
hostapd did not add a new PMKSA cache entry when FILS shared key
authentication was used, i.e., only the initial full authentication
resulted in a PMKSA cache entry being created. Derive the PMKID for the
ERP case as well and add a PMKSA cache entry if the ERP exchange
succeeds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-05 17:52:23 +03:00
Jouni Malinen
bfe448331f FILS: Fix a frame name in a debug print
The EAP message included in FILS Wrapped Data from the non-AP STA to the
AP is EAP-Initiate/Re-auth.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-05 17:29:44 +03:00
Ashwini Patil
f2cdb41b81 OCE: Define OCE attributes and other related macros
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-05 02:02:35 +03:00
Jouni Malinen
f522bb2377 DPP: Add DPP_CONFIGURATOR_SIGN to generate own connector
The DPP Configurator can use this new command to generate its own signed
connector for the network that it manages.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-04 17:48:44 +03:00
Jouni Malinen
a86fb43ca3 DPP: DPP_BOOTSTRAP_INFO for hostapd
This extends the hostapd control interface to support the
DPP_BOOTSTRAP_INFO command that was recently added for wpa_supplicant.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-04 15:56:38 +03:00
Jouni Malinen
484788b875 DPP: Share bootstrap type to string helper function
This can be used in hostapd as well.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-04 15:45:03 +03:00
Jouni Malinen
8885023252 Add new key_mgmt values for wpa_supplicant STATUS command
Recently added OWE and DPP were missing from the key_mgmt string list.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-03 14:33:16 +03:00
Jouni Malinen
3a5954ef98 Add mgmt_group_cipher to wpa_supplicant STATUS command
This can be used to check which management group cipher is used in an
association that uses PMF.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-03 14:28:24 +03:00
Jouni Malinen
90f837b0bf Update default wpa_group_rekey to once-per-day when using CCMP/GCMP
The default value for GTK rekeying period was previously hardcoded to
600 seconds for all cases. Leave that short value only for TKIP as group
cipher while moving to the IEEE 802.11 default value of 86400 seconds
(once-per-day) for CCMP/GCMP.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-03 13:42:55 +03:00
Jouni Malinen
787615b381 DPP: Set PMKSA expiration based on peer connector
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-03 13:29:59 +03:00
Jouni Malinen
6b140f0fa2 DPP: Update hostapd configurator parameters to match wpa_supplicant
This updates the previously copied implementation to be up-to-date with
the more recent wpa_supplicant changes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-03 13:15:12 +03:00
Jouni Malinen
2605405aa4 DPP: Configurator in hostapd
This integrates DPP configuration request processing into hostapd GAS
server implementation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-03 13:03:35 +03:00
Jouni Malinen
efeada91a4 DPP: PKEX in hostapd
Allow hostapd to initiate and respond with PKEX bootstrapping similarly
to how this was implemented in wpa_supplicant.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-03 13:03:34 +03:00
Jouni Malinen
6095b47905 DPP: Check JWS protected header alg against C-sign-key curve
These need to be compatible for the JWS protected header signing to be
valid, so add an explicit check to confirm this.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-03 13:03:34 +03:00
Jouni Malinen
31f03cb009 DPP: Update JWS algorithm strings for Brainpool curves
Instead of trying to share the existing definitions for NIST curves,
start using unique strings for Brainpool curves.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-02 21:13:15 +03:00
Jouni Malinen
e0d3d3fceb DPP: Rename Brainpool curve names for JSON
This removes the "R1" postfix from the names used in JSON.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-02 09:35:00 +03:00
Jouni Malinen
500ed7f006 DPP: PKEX bootstrapping
This implements genric PKEX functionality in src/common/dpp.c and glue
code to use this in wpa_supplicant (i.e, hostapd DPP implementation does
not yet support PKEX).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-02 09:35:00 +03:00
Jouni Malinen
b9d47b4848 DPP: Add helper functions for running hash operations
Use helper functions to cover all three different hash algorithm options
for DPP operations instead of having separate calls to each function at
every location a hash operation based on the curve is needed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-02 09:35:00 +03:00
Jouni Malinen
43fbb8db5b DPP: More debug for own connector configuration errors
This makes it easier to notice a reason for failure in cases a connector
string has been truncated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-02 09:35:00 +03:00
Jouni Malinen
f1f4fa7972 DPP: Fix JWK debug prints
This function is used for parsing both the C-sign-key and netAccessKey,
so better not imply that all cases are C-sign-key in the debug prints.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-07-02 09:35:00 +03:00
Ashwini Patil
b04854ceff nl80211/MBO: Set temporary disallowed BSSID list to driver
Set temporary disallowed BSSID list to the driver so that the driver
doesn't try to connect to any of the blacklisted BSSIDs during
driver-based roaming operation. This commit includes support only for
the nl80211 driver interface using a QCA vendor command for this.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-30 17:27:44 +03:00
Vidyullatha Kanchanapally
2a71673e27 ERP: Derive ERP key only after successful EAP authentication
ERP key was previously derived immediately after the availability of
EMSK and Session-Id and the ERP key hierarchy was saved even if the
authentication resulted in failure eventually. Instead, derive the ERP
key only after a successful EAP authentication.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-23 19:37:14 +03:00
Sunil Dutt
528b655788 Add Set Wi-Fi Configuration vendor attribute to configure LRO
This can be used to dynamically enable/disable LRO.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-23 19:25:46 +03:00
Sunil Dutt
944f359e19 Introduce a vendor command to specify the active Type Of Service
This commit introduces QCA_NL80211_VENDOR_SUBCMD_ACTIVE_TOS to specify
the active Type Of Service on the specific interface. This can be used
to modify some of the low level scan parameters (off channel dwell time,
home channel time) in the driver/firmware.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-23 19:23:38 +03:00
Vidyullatha Kanchanapally
b6ea764252 nl80211: Make KCK attribute optional in rekey data
New AKM suites like FILS-SHA256 do not use KCK and hence KCK length can
be zero. Add changes to include KCK attribute in rekey data only if the
length is non-zero.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-23 18:58:24 +03:00
Jouni Malinen
186f204893 JSON: Fix \u escaping
Remove the extra 'x' character from the escaped string.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-22 15:09:57 +03:00
Jouni Malinen
8528994e21 DPP: Automatic network profile creation
wpa_supplicant can now be configured to generate a network profile
automatically based on DPP configuration. The following
dpp_config_processing values can be used to specify the behavior:
0 = report received configuration to an external program for
    processing; do not generate any network profile internally (default)
1 = report received configuration to an external program and generate
    a network profile internally, but do not automatically connect
    to the created (disabled) profile; the network profile id is
    reported to external programs
2 = report received configuration to an external program, generate
    a network profile internally, try to connect to the created
    profile automatically

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-21 18:03:34 +03:00
Jouni Malinen
a0d5c56f8b DPP: Network Introduction protocol for wpa_supplicant
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-19 21:13:59 +03:00
Jouni Malinen
4ff89c2ebd DPP: Network Introduction protocol for hostapd
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-19 21:13:59 +03:00
Jouni Malinen
650a70a72a DPP: Network Introduction protocol
This commit adds generic helper functions for going through Network
Introduction protocol.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-19 21:13:59 +03:00
Jouni Malinen
56c7549587 DPP: AP parameters for DPP AKM
Extend hostapd configuration to include parameters needed for the DPP
AKM: dpp_connector, dpp_netaccesskey, dpp_netaccesskey_expiry,
dpp_csign, dpp_csign_expiry.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-19 21:13:17 +03:00
Jouni Malinen
0c52953b0f DPP: Allow PMKSA cache entries to be added through hostapd ctrl_iface
This allows external programs to generate and add PMKSA cache entries
into hostapd. The main use for this is to run external DPP processing
(network introduction) and testing.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-19 21:13:17 +03:00
Jouni Malinen
567da5bbd0 DPP: Add new AKM
This new AKM is used with DPP when using the signed Connector to derive
a PMK. Since the KCK, KEK, and MIC lengths are variable within a single
AKM, this needs number of additional changes to get the PMK length
delivered to places that need to figure out the lengths of the PTK
components.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-19 21:13:17 +03:00
Jouni Malinen
9c2b8204e6 DPP: Integration for hostapd
This adds DPP bootstrapping, authentication, and configuration into
hostapd similarly to how the design was integrated in wpa_supplicant.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-19 21:13:17 +03:00
Jouni Malinen
461d39af40 DPP: Configuration exchange
This adds support for DPP Configuration Protocol using GAS. Full
generation and processing of the configuration object is not included in
this commit.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-19 21:13:15 +03:00
Jouni Malinen
30d27b048e DPP: Authentication exchange
Add wpa_supplicant control interface commands for managing DPP
Authentication exchange.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-19 21:12:30 +03:00
Jouni Malinen
be27e185b7 DPP: Bootstrap information management
Add wpa_supplicant control interface commands for parsing the bootstrap
info URI from a QR Code (get peer public key) and to generate a new
bootstrap info with private key for local use. The optional
key=<hexdump> argument to the DPP_BOOTSTRAP_GEN command can be used to
specify the bootstrapping private key in OpenSSL ECPrivateKey DER
encoding format. This results in the local bootstrapping information
entry being created with the specified key instead of generating a new
random one.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-19 12:03:30 +03:00
Jouni Malinen
00b02149ed nl80211: Register to receive DPP Public Action frames
These are needed for DPP exchanges. In addition, register GAS frames for
DPP builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-17 18:04:54 +03:00
Jouni Malinen
4e19eb88a9 tests: Module tests for JSON parser
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-17 18:04:54 +03:00
Jouni Malinen
005be3daa9 Add JavaScript Object Notation (JSON) parser (RFC7159)
This is needed for DPP configuration attributes/objects.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-17 18:04:51 +03:00
Jouni Malinen
5b52e1adc2 tests: Update base64 OOM test cases to match implementation changes
Introduction of the new base64 helper function changed the backtraces
for these OOM test cases and resulted in test failures. Update the test
scripts to work with the new implementation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-17 18:04:32 +03:00
Jouni Malinen
0ffdc8b196 Add base64url encoding/decoding per RFC 4648
This adds functionality needed for parsing and generating JSON Web Key
data structures in DPP.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-17 18:04:32 +03:00
Jouni Malinen
77f273c82c Extend SHA-384 and SHA-512 support to match SHA-256
The additional SHA-384 and SHA-512 functionality is needed to support
DPP with various ECC curves.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-17 18:04:12 +03:00
Vidyullatha Kanchanapally
b5db6e5dc4 eap_proxy: Support multiple SIMs in get_imsi()
This allows the eap_proxy mechanism to be used with multiple SIMs by
following the configured sim_num to index which SIM to use for when
fetching the IMSI through eap_proxy.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-06 03:42:32 +03:00
Vidyullatha Kanchanapally
0020876514 eap_proxy: Build realm from IMSI for proxy based EAP methods
For proxy based EAP methods, the EAP identity is constructed in
eap_proxy layer from IMSI when required. Realm information from identity
is used to do ERP eventually, hence construct the realm for proxy based
methods from IMSI in core wpa_supplicant to enable the ERP use case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-06 03:41:23 +03:00
Jouni Malinen
5e0c20ff3e nl80211: Do not notify interface as re-enabled if initialization fails
wpa_supplicant tries to reinitialize an interface when a previously
removed netdev is restored (e.g., re-insert a USB dongle). If that
initialization fails (e.g., driver ejects ifconfig UP), the previous
implementation resulted in leaving the interface in incomplete state
while still claiming to upper layers that the interface status has
changed back to functional one.

Fix this by skipping the interface status update if reinitialization
fails. In other words, remain in INTERFACE_DISABLED state if the
interface cannot be re-enabled successfully.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-06 03:07:43 +03:00
Vidyullatha Kanchanapally
8696e61702 eap_proxy: Add support for deriving ERP information
This commit adds support for deriving ERP key information in EAP Proxy
based EAP method implementations.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-05 08:04:52 +03:00
Vidyullatha Kanchanapally
115d5e2221 hostapd: Fix handling a 20/40 BSS Coexistence Management frame
hostapd processes a received 20/40 BSS Coexistence management frame, but
if no separate callbacks are registered for handling Public Action
frames it eventually sends a reply with MSB of category code set to 1
thinking that the received frame is an invalid frame. This could happen
based on whether hostapd was built and enabled with functionality using
the callback functions.

Fix this by explicitly returning 1 from the function when the 20/40 BSS
Coexistence Management frame is processed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-06-05 08:04:44 +03:00
Sunil Dutt
2d18ab4082 Add a config parameter to exclude DFS channels from ACS
The new acs_exclude_dfs=1 parameter can be used to request hostapd to
exclude all DFS channels from ACS consideration. This is mainly of use
for cases where the driver supports DFS channels, but for some reason a
non-DFS channel is desired when using automatic channel selection.
Previously, the chanlist parameter could have been used for this, but
that required listing all the acceptable channels. The new parameter
allows this to be done without such a list.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-27 11:50:21 +03:00
Sunil Dutt
9ddba3a309 Rename vendor attribute DISABLE_OFFCHANNEL to RESTRICT_OFFCHANNEL
This commit renames the vendor attribute
QCA_WLAN_VENDOR_ATTR_CONFIG_DISABLE_OFFCHANNEL to
QCA_WLAN_VENDOR_ATTR_CONFIG_RESTRICT_OFFCHANNEL as intended by the
original commit d506c35efc ('Set Wi-Fi
Configuration attribute to restrict offchannel operations').

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-26 13:18:06 +03:00
Sunil Dutt
d506c35efc Set Wi-Fi Configuration attribute to restrict offchannel operations
This commit defines an attribute to
QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION -
QCA_WLAN_VENDOR_ATTR_CONFIG_RESTRICT_OFFCHANNEL which can be used to
restrict offchannel operations on the AP/GO interface.

The goal is to restrict any operations which would cause the AP/GO to
leave its operating channel.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-23 00:10:01 +03:00
Vidyullatha Kanchanapally
4aa329298d ERP: Do not generate ERP keys when domain name is not specified
This commit adds changes to not generate ERP information if the domain
name is not specified in the EAP identity. keyName-NAI needs the realm
part and as such, it is reasonable to require the main EAP configuration
to provide that realm.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-22 13:51:23 +03:00
Beniamino Galvani
290834df69 nl80211: Fix race condition in detecting MAC change
Commit 3e0272ca00 ('nl80211: Re-read MAC
address on RTM_NEWLINK') added the detection of external changes to MAC
address when the interface is brought up.

If the interface state is changed quickly enough, wpa_supplicant may
receive the netlink message for the !IFF_UP event when the interface
has already been brought up and would ignore the next netlink IFF_UP
message, missing the MAC change.

Fix this by also reloading the MAC address when a !IFF_UP event is
received with the interface up, because this implies that the
interface went down and up again, possibly changing the address.

Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
2017-05-13 20:01:44 +03:00
Vasanthakumar Thiagarajan
04f667fcdd DFS: Allow switch to DFS channel after radar detection in ETSI
This is to comply with uniform spreading requirement for ETSI domain
(section 4.7.2.7 in EN 301 893 - V1.8.1). ETSI uniform spreading
requires equal probability for the usable channels. The previous channel
selection logic after a radar detection did not fully comply with the
uniform spreading requirement for the domain by ignoring DFS channels.
Consider DFS channels also during channel selection when the current DFS
domain is ETSI.

Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
2017-05-13 20:01:44 +03:00
Vasanthakumar Thiagarajan
aa56e36d66 driver: Make DFS domain information available to core
Current DFS domain information of the driver can be used in ap/dfs
to comply with DFS domain specific requirements like uniform spreading
for ETSI domain.

Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
2017-05-13 20:01:44 +03:00
Vidyullatha Kanchanapally
e8e430fe7a Vendor attributes to retain connection on a roam request failure
This commit introduces the following two attributes to
QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH events:

QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_STATUS - Indicates the status of
	re-association requested by user space
QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_RETAIN_CONNECTION - Indicates whether
	the old association was maintained when a re-association
	is requested by user space and that re-association attempt
	fails (i.e., cannot connect to the requested BSS, but can
	remain associated with the BSS with which the association was
	in place when being requested to roam).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-12 00:39:00 +03:00
Sunil Dutt
33117656e6 Define a QCA vendor attribute to update the listen interval
This commit defines an attribute
QCA_WLAN_VENDOR_ATTR_CONFIG_LISTEN_INTERVAL which allows the currently
used listen interval to be updated using
QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION. This update applies
only during the association and is done without updating the AP about
the change.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-10 23:58:46 +03:00
Jouni Malinen
85cff4b0d8 OpenSSL: Try SHA256 hash for OCSP certificate matching
Previously, only SHA1 hash -based server certificate matching was used,
but the OCSP response may use SHA256 instead of SHA1, so check the match
with both hash functions, if needed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-09 23:36:36 +03:00
Jouni Malinen
d264c2e390 HTTP (curl): Try SHA256 hash for OCSP certificate matching
Previously, only SHA1 hash -based server certificate matching was used,
but the OCSP response may use SHA256 instead of SHA1, so check the match
with both hash functions, if needed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-09 23:36:36 +03:00
Masashi Honma
31a856a127 mesh: Make NL80211_MESHCONF_RSSI_THRESHOLD configurable
In some practical cases, it is useful to suppress joining to node in the
distance. The new field mesh_rssi_threshold could be used as RSSI
threshold for joining.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2017-05-08 16:23:02 +03:00
Jouni Malinen
1f3c49d418 Fix 160 MHz opclass channel to frequency conversion
This needs to allow all 20 MHz channel numbers to be converted even
though the Annex E table lists only channel _center_ frequencies 50 and
114. Neighbor Report (see IEEE Std 802.11-2016, 9.4.2.37 Neighbor Report
element) uses Channel Number field with "last known primary channel of
the AP" which refers to the 20 MHz channel and not the channel center
frequency.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-07 22:08:43 +03:00
Jouni Malinen
8fed47e013 FILS: Derive FT key hierarchy on authenticator side for FILS+FT
Derive PMK-R0 and the relevant key names when using FILS authentication
for initial FT mobility domain association.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-07 22:08:43 +03:00
Jouni Malinen
7d440a3bc4 FILS: Derive FT key hierarchy on supplicant side for FILS+FT
Derive PMK-R0 and the relevant key names when using FILS authentication
for initial FT mobility domain association. Fill in the FT IEs in
(Re)Association Request frame for this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-07 22:08:41 +03:00
Jouni Malinen
215eaa748b FILS: Implement FILS-FT derivation
This extends fils_pmk_to_ptk() to allow FILS-FT to be derived. The
callers do not yet use that capability; i.e., actual use will be added
in separate commits.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-07 17:04:29 +03:00
Jouni Malinen
80ddf5d995 FILS: Fix Key-Auth derivation for SK+PFS for authenticator side
The conditional gSTA and gAP (DH public keys) were not previously
included in Key-Auth derivation, but they are needed for the PFS case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-07 17:04:29 +03:00
Jouni Malinen
e6b6231338 FILS: Fix Key-Auth derivation for SK+PFS for supplicant side
The conditional gSTA and gAP (DH public keys) were not previously
included in Key-Auth derivation, but they are needed for the PFS case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-07 17:04:29 +03:00
Jouni Malinen
4d0a61c501 FILS: Debug print inputs to Key-Auth derivation
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-07 17:04:29 +03:00
Jonas Larsson
853cfa8738 Detect endianness when building for RTEMS
This adds endianness detection and byte swap
definitions for the RTEMS RTOS.

Signed-off-by: Jonas Larsson <ljonas@google.com>
2017-05-05 00:41:12 +03:00
Vamsi Krishna
178553b709 MBO: Add support to set ignore assoc disallow to driver
Add support to set ignore assoc disallow to the driver so that the
driver ignores assoc disallowed bit set by APs while connecting. This is
used by drivers that handle BSS selection and roaming internally.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-05 00:26:05 +03:00
Michael Braun
3a46cf93d0 FT: Add support for wildcard R0KH/R1KH
Enable use of FT RRB without configuring each other AP locally. Instead,
broadcast messages are exchanged to discover APs within the local
network.

When an R0KH or R1KH is discovered, it is cached for one day.

When a station uses an invalid or offline r0kh_id, requests are always
broadcast. In order to avoid this, if r0kh does not reply, a temporary
blacklist entry is added to r0kh_list.

To avoid blocking a valid r0kh when a non-existing pmk_r0_name is
requested, r0kh is required to always reply using a NAK. Resend requests
a few times to ensure blacklisting does not happen due to small packet
loss.

To free newly created stations later, the r*kh_list start pointer in
conf needs to be updateable from wpa_auth_ft.c, where only wconf is
accessed.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-05-03 22:16:14 +03:00
Michael Braun
eefe863015 FT RRB: Add msg replay and msg delay protection
This adds a counter and adds sequence numbering to FT RRB packets. The
sequence number is checked against r0kh/r1kh sequence number cache.

Special attention is needed in case the remote AP reboots and thus loses
its state. I prefer it to recover automatically even without synchronized
clocks. Therefore an identifier called dom is generated randomly along the
initial sequence number. If the dom transmitted does not match or the
sequence number is not in the range currently expected, the sender is asked
for a fresh confirmation of its currently used sequence numbers. The packet
that triggered this is cached and processed again later.

Additionally, in order to ensure freshness, the remote AP includes an
timestamp with its messages. It is then verified that the received
messages are indeed fresh by comparing it to the older timestamps
received and the time elapsed since then. Therefore FT_RRB_TIMESTAMP is
no longer needed.

This assigns new OUI 00:13:74 vendor-specific subtype 0x0001 subtypes:
4 (SEQ_REQ) and 5 (SEQ_RESP).

This breaks backward compatibility, i.e., hostapd needs to be updated
on all APs at the same time to allow FT to remain functional.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-05-03 22:16:14 +03:00
Michael Braun
245fc96e5f FT: New RRB message format
Convert FT RRB into a new TLV based format. Use AES-SIV as AEAD cipher
to protect the messages.

This needs at least 32 byte long keys. These can be provided either
by a config file change or letting a KDF derive the 32 byte key used
from the 16 byte key given.

This breaks backward compatibility, i.e., hostapd needs to be updated on
all APs at the same time to allow FT to remain functional.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-05-03 21:55:29 +03:00
Michael Braun
50bd8e0a90 FT: Replace inter-AP protocol with use of OUI Extended Ethertype
Replace the previously used extension of IEEE 802.11 managed Ethertype
89-0d (originally added for Remote Request/Response in IEEE 802.11r)
with Ethertype 88-b7 (OUI Extended EtherType) for FT inter-AP
communication. The new design uses a more properly assigned identifier
for the messages.

This assigns the OUI 00:13:74 vendor-specific subtype 0x0001 for the new
hostapd AP-to-AP communication purposes. Subtypes 1 (PULL), 2 (RESP),
and 3 (PUSH) are also assigned in this commit for the R0KH-R1KH
protocol.

This breaks backward compatibility, i.e., hostapd needs to be updated on
all APs at the same time to allow FT to remain functional.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-05-03 18:30:31 +03:00
Jouni Malinen
01dd2b1054 ERP: Silence static analyzer warning
The check for erp->keyname_nai within eap_erp_get_key() is apparently
too difficult for some static analyzers to notice. Add an explicit check
for os_strchr() return value being non-NULL to avoid false reports.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-01 22:08:16 +03:00
Jouni Malinen
d912953e37 atheros: Get rid of static analyzer warnings on 0-length memcpy
These functions can potentially be called with ie == NULL and ie_len ==
0. Check explitcitly for the ie == NULL case to avoid confusing
memcpy(dst, NULL, 0) calls.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-01 22:08:16 +03:00
Jouni Malinen
f541148257 Fix GAS server ifdef block use
Commit 941caed980 ('MBO: Add MBO
ANQP-element processing on AP') changed the design by using the
rx_anqp_vendor_specific() function to process all ANQP vendor specific
elements. However, the caller for this was within ifdef CONFIG_HS20
block. Fix this by calling the function even in CONFIG_HS20=y is not
included in the build. This fixes CONFIG_MBO=y builds without
CONFIG_HS20=y.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-05-01 17:39:14 +03:00
Peng Xu
ec27b04e60 hostapd: Select a valid secondary channel if both enabled
When starting AP in HT40 mode and both HT40+ and HT40- options are
specified in hostapd.conf, select a valid secondary channel for the AP
automatically.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-29 16:35:23 +03:00
Vidyullatha Kanchanapally
da6a28ba60 FILS: Specify if FILS HLP was sent in connect
This adds a string "FILS_HLP_SENT" to connect event when HLP is sent
as part of ASSOC/CONNECT request.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-29 16:35:23 +03:00
Ranga Ravuri
9f894823fa PAE: Silence static analyzer warning about NULL pointer dereference
ieee802_1x_kay_move_live_peer() did not check
ieee802_1x_kay_get_potential_peer() result explicitly and a static
analyzer reported a warning about the possible NULL result. This cannot
really happen in practice since the only caller of
ieee802_1x_kay_move_live_peer() verifies that the specific peer entry is
available. Anyway, it is easy to silence the false warning by adding an
explicit check here and cover any other potential case if another caller
is added.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-24 11:38:10 +03:00
Jeffin Mammen
fa61bff6ae FILS: Handle authentication/association in partial driver AP SME
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-24 01:07:39 +03:00
Jeffin Mammen
5cee22ca47 FILS: Make handle_auth_fils() re-usable for driver-based AP SME
Allow this function to be called from outside ieee802_11.c and with the
final steps replaced through a callback function.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-24 01:07:39 +03:00
Jeffin Mammen
5e5f8c816b FILS: Move authentication response handling into a helper function
This can be reused when splitting handle_auth_fils() to support the
driver-based AP SME case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-24 01:07:36 +03:00
Jeffin Mammen
b8a3453aca FILS: Pass only IE area to handle_auth_fils()
This function does not need the frame header, so pass in only the IE
area to make it easier to share this for driver-based AP SME handling.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 18:24:38 +03:00
Jeffin Mammen
9392859d7b FILS: Move AssocResp construction to a helper function
This can be reused from driver-based AP SME callback.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 18:20:00 +03:00
Jeffin Mammen
bd59935323 FILS: Move Key Confirm element validation to a helper function
This can be reused from driver-based AP SME callback.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:55:35 +03:00
Jeffin Mammen
087631b985 FILS: Move Session element validation to a helper function
This can be reused from driver-based AP SME callback.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:47:15 +03:00
Jeffin Mammen
cc20edc9f1 FILS: Add FILS auth_alg to driver-based AP SME association handling
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:47:15 +03:00
Jeffin Mammen
957bff83c4 FILS: Add driver-AP SME callback to set TK after association
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:47:15 +03:00
Jeffin Mammen
8acbf85fa2 FILS: Add FILS AEAD parameters for sta_auth() calls
This is used with partial AP SME in driver cases to enable FILS
association (AES-SIV) processing.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:47:15 +03:00
Jeffin Mammen
f46c154c59 atheros: Add FILS AAD parameters in sta_auth() handler
This is needed to allow the driver SME to perform the needed AES-SIV
operations during FILS association.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:47:15 +03:00
Jeffin Mammen
6b128fb2af driver: Move sta_auth() arguments to a struct
This makes it easier to add more parameters without having to change the
callback function prototype.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-23 17:47:12 +03:00
Jeffin Mammen
d7cff1d871 atheros: Enable raw management frame receive for FILS builds
This is needed to be able to process authentication and association
frames for FILS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-21 19:37:32 +03:00
Jeffin Mammen
2b7a8ec473 atheros: Read driver FILS capability
This will be used to determine what type of operations to use for STA
authentication and association.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-21 19:37:27 +03:00
Jeffin Mammen
d5444aac4c FILS: Add FILS Indication element into Beacon/Probe Response template
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-21 18:44:59 +03:00
Sunil Dutt
8befe8a993 Define a QCA attribute to specify the PCL policy for external ACS
This commit defines an attribute
QCA_WLAN_VENDOR_ATTR_EXTERNAL_ACS_EVENT_POLICY to signify the preferred
channel list policy for external ACS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-20 22:49:08 +03:00
Jouni Malinen
183d3924cf WPS: Add option for using random UUID
If the uuid configuration parameter is not set, wpa_supplicant generates
an UUID automatically to allow WPS operations to proceed. This was
previously always using an UUID generated from the MAC address. This
commit adds an option to use a random UUID instead. The type of the
automatically generated UUID is set with the auto_uuid parameter: 0 =
based on MAC address (default; old behavior), 1 = random UUID.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-13 17:38:55 +03:00
Vidyullatha Kanchanapally
b44d1efd28 FILS: Fix key info in GTK rekey EAPOL-Key msg 2/2
While responding to EAPOL-Key message 1/2 with EAPOL-Key message 2/2
when using FILS AKM suites the ENCRYPTED bit is not set in key info of
2/2 which causes AP to drop 2/2. Fix this by setting the ENCRYPTED bit
since FILS AKM based connection uses AEAD encryption/decryption.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-10 16:18:11 +03:00
Vidyullatha Kanchanapally
04243740c9 FILS: Fix GTK rekey by accepting EAPOL-Key msg 1/2 with FILS AKM
GTK rekeying was rejected if a prior 4-way handshake is not done.
Fix this by allowing GTK rekey to happen in case of a FILS connection
since it does not involve a 4-way handshake.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-10 16:11:41 +03:00
Vidyullatha Kanchanapally
bbe7969d63 FILS: Update cache identifier on association
This is needed when offloading FILS shared key to the drivers.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 18:59:12 +03:00
Vidyullatha Kanchanapally
f705f41b7f FILS: Update PMKSA cache with FILS shared key offload
Add a new PMKSA cache entry within wpa_supplicant if a driver event from
offloaded FILS shared key authentication indicates a new PMKSA entry was
created.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 18:46:13 +03:00
Vidyullatha Kanchanapally
5538fc9309 FILS: Track completion with FILS shared key authentication offload
Update the internal fils_completed state when offloading FILS shared key
authentication to the driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 18:46:13 +03:00
Vidyullatha Kanchanapally
15def72fab ERP: External control of ERP key information
This allows ERP keys to be managed by external entities, e.g., when
offloading FILS shared key authentication to a driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 18:46:13 +03:00
Vidyullatha Kanchanapally
42e69bda2a FILS: Add support for Cache Identifier in add/remove PMKSA
Add support for setting and deleting PMKSA cache entries based on FILS Cache
Identifer. Also additionally add support for sending PMK as part of
SET_PMKSA to enable driver to derive keys in case of FILS shared key
offload using PMKSA caching.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 18:46:13 +03:00
Vidyullatha Kanchanapally
061a3d3d53 nl80211: Add support for FILS Cache Identifier in add/remove_pmkid()
This is needed for configuring PMKSA cache entries to the driver with
the FILS Cache Identifier and SSID.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 17:03:37 +03:00
Vidyullatha Kanchanapally
6fbb54140b driver: Move add_pmkid() and remove_pmkid() arguments into a struct
This makes it easier to add more arguments to these wpa_driver_ops
functions.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 17:03:35 +03:00
Vidyullatha Kanchanapally
ad295f3b85 nl80211: Add support for FILS shared key offload
Add support for FILS shared key offload for drivers which advertize
FILS shared key support using NL80211_CMD_CONNECT.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-07 16:21:55 +03:00
Peng Xu
16217e13d8 QCA vendor commands and attributes for spectral scan
Add new vendor commands for starting and stoppping spectral scan. Add
vendor attributes for configuring spectral scan parameters as part of
the start command.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-04-06 17:34:13 +03:00
Jouni Malinen
5db997e343 FILS: Add FTE into FILS Authentication frame from AP when using FILS+FT
MDE was already added with RSNE, but FTE needed to be added to the FILS
Authentication frame for the FT initial mobility domain association
using FILS authentication case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-04-02 22:38:48 +03:00
Jouni Malinen
af3e362fa7 FILS: Add MDE into Authentication frame for FILS+FT
When using FILS for FT initial mobility domain association, add MDE to
the Authentication frame from the STA to indicate this special case for
FILS authentication.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-04-02 13:23:34 +03:00
Jouni Malinen
5aa08153af FT: Add selection of FT+FILS AKMs
This is needed to enable use of FILS for the FT initial mobility domain
association.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-04-02 12:57:32 +03:00
Jouni Malinen
2971da270f P2P: Do not use wait_time for SD Response TX for last fragmentation
The last SD Response frame fragment is not going to be followed by
another Action frame from the peer, so remove the 200 ms wait time from
the offchannel TX command in that case. This avoids leaving a 200 ms
lock on the radio to remain on the channel unnecessarily.

This is similar to commit 7655bd7388
('P2P: Do not use wait_time for SD Response TX without fragmentation').

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-04-01 14:25:26 +03:00
Michael Braun
c5fee1604b FT: Schedule wpa_ft_rrb_rx() through eloop in intra-process communication
With AP-AP communication, when hapd0 sends a packet, hapd1 can receive
it immediately and send a response. But hapd0 will only read and process
the response after it has returned from the sending context, that is
entered eloop again. So one does not need to consider the RX function of
the reply to run for the request sending hapd before the send calling
function has returned.

Previously, with intra-process communication, the packet is not
scheduled through eloop. Thus the RX handler of the reply might be run
while the sending context of the original request has not returned.
This might become problematic, e.g., when deferring a management frame
processing until an RRB response is received and then have the request
restarted and finished before the original request handling has been
stopped.

I'm not aware of any concrete bug this is currently triggering but came
across it while thinking of FT RRB AP-AP sequence numbering.

I think the non-eloop scheduling approach might be error-prone and thus
propose to model it more closely to the way the message would be
received from a socket. Additionally, this ensures that the tests model
AP-AP communication more closely to real world.

Solution: queue these packets through eloop.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2017-04-01 12:51:05 +03:00
Jouni Malinen
4696773676 Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2017-03-31.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-31 13:14:20 +03:00
Mohammed Shafi Shajakhan
775e986d5f hostapd: Fix crash on consecutive channel switch failures
With multiple interface like AP and station which is already
associated to some other AP, when we try to do channel switch
for the AP mode (different from the operation channel support of
station) and if the AP channel switch fails continously (including
the fallback channel switch), results in a crash due to NULL pointer
dereference. This is because hostapd_deinit_driver() assigns the
driver context (drv_priv) to NULL as we are not able to bring up
the interface with a new channel

Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qti.qualcomm.com>
2017-03-29 15:03:16 +03:00
Zhaoyang Liu
1275958873 QCA vendor command: Add TA max duration attribute for OCB configure
Add attribute for TA max duration after last TA received. So that local
time is synchromous to other communicating OCB STAs. If the duration
expires, OCB STA without UTC time source is not in sync to other STAs
and stop scheduling DSRC channel switch after max duration.

Signed-off-by: Zhaoyang Liu <zhaoyang@codeaurora.org>
Signed-off-by: Ferry Zhou <tianguiz@codeaurora.org>
2017-03-27 17:19:38 +03:00
Zhaoyang Liu
2a9ec7c69c Define attributes for QCA vendor OCB commands
Document QCA vendor OCB commands about IEEE Std 802.11 communication
outside the context of a basic service set. Also define all attributes
for the specific OCB commands.

Signed-off-by: Zhaoyang Liu <zhaoyang@codeaurora.org>
Signed-off-by: Ferry Zhou <tianguiz@codeaurora.org>
2017-03-27 17:17:03 +03:00
Vidyullatha Kanchanapally
0119d44243 FILS: Fix wpa_supplicant compilation errors
This change fixes the following compilation error:

wpa.c:2465: error: undefined reference to 'crypto_ecdh_deinit'

in builds where CONFIG_ECC does not get defined.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-26 21:13:21 +03:00
Vidyullatha Kanchanapally
4cc6574d00 FILS: Fix fils_cache_id check
This fixes the following compiler warning:
wpa_auth.c:4249:34: error: address of array 'a->conf.fils_cache_id'
 will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-26 21:13:21 +03:00
Jouni Malinen
a5269dc209 wpa_helpers: Ignore link-local IPv4 address while waiting for DHCP
Do not accept a link-local IPv4 address when waiting for a valid DHCP
address. This helps with hs20-osu-client use cases where DHCP response
has not yet been received.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-26 21:13:21 +03:00
Jouni Malinen
e2f00bb5ff xml: Add Value node in TNDS node conversion for empty value case
Previously, the Value node was not added if value of a node could not be
fetched. This can cause interoperability issues, so address that in the
same way as an empty length value, i.e., by adding a Value node with
zero-length contents.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-26 21:13:21 +03:00
Davide Caratti
5db86df6a8 macsec_linux: Fix NULL pointer dereference on error cases
In case wpa_supplicant is using driver_macsec_linux, but macsec module
is not (yet) loaded in the kernel, nl_socket_alloc() fails and drv->sk
is NULL. In this case, don't call libnl functions rntl_link_add() or
rtnl_link_change() using such NULL pointer, to prevent program from
getting segmentation faults like:

 Program received signal SIGSEGV, Segmentation fault.
 nl_socket_get_local_port (sk=sk@entry=0x0) at socket.c:365
 365             if (sk->s_local.nl_pid == 0) {
 (gdb) p sk
 $1 = (const struct nl_sock *) 0x0
 (gdb) bt
 #0  nl_socket_get_local_port (sk=sk@entry=0x0) at socket.c:365
 #1  0x00007ffff79c56a0 in nl_complete_msg (sk=sk@entry=0x0,
  msg=msg@entry=0x55555595a1f0) at nl.c:491
 #2  0x00007ffff79c56d1 in nl_send_auto (sk=sk@entry=0x0,
  msg=msg@entry=0x55555595a1f0) at nl.c:522
 #3  0x00007ffff79c652f in nl_send_sync (sk=sk@entry=0x0,
  msg=0x55555595a1f0) at nl.c:556
 #4  0x00007ffff755faf5 in rtnl_link_add (sk=0x0,
  link=link@entry=0x55555595b0f0, flags=flags@entry=1024) at route/link.c:1548
 #5  0x000055555567a298 in macsec_drv_create_transmit_sc (priv=0x55555593b130,
  sc=0x55555593b320, conf_offset=<optimized out>) at ../src/drivers/driver_macsec_linux.c:998

Signed-off-by: Davide Caratti <davide.caratti@gmail.com>
2017-03-26 21:13:21 +03:00
Davide Caratti
e50df5d2a2 mka: Fix use-after-free when transmit secure channels are deleted
ieee802_1x_kay_deinit_transmit_sc() frees the transmit secure channel
data, but secy_delete_transmit_sc() still needs it. Since this functions
are called sequentially, secy_delete_transmit_sc() can be called from
ieee802_1x_kay_deinit_transmit_sc() before txsc is freed.

Fixes: 128f6a98b3 ("mka: Fix the order of operations in secure channel deletion")
Signed-off-by: Davide Caratti <davide.caratti@gmail.com>
2017-03-26 21:13:21 +03:00
Davide Caratti
529d6ed726 mka: Fix use-after-free when receive secure channels are deleted
ieee802_1x_kay_deinit_receive_sc() frees the receive secure channel data,
but secy_delete_receive_sc() still needs it. Since these two functions
are always called sequentially, secy_delete_receive_sc() can be called
from ieee802_1x_kay_deinit_receive_sc() before rxsc is freed.

Fixes: 128f6a98b3 ("mka: Fix the order of operations in secure channel deletion")
Signed-off-by: Davide Caratti <davide.caratti@gmail.com>
2017-03-26 21:13:21 +03:00
lifeng
6c2056abe5 QCA vendor attributes to extend antenna diversity functionality
1. Add new attribute to report corresponding antenna information to the
chain RSSI which is used in subcmd
QCA_NL80211_VENDOR_SUBCMD_GET_CHAIN_RSSI.

2. Add a series of attr to support the new wmi interface
WMI_PDEV_PARAM_ANT_DIV_USRCFG which export parameters setting of antenna
diversity algorithm to userspace.

Signed-off-by: Li Feng <lifeng@qti.qualcomm.com>
2017-03-15 21:30:00 +02:00
Zhang Qian
b4ae5f04dc Add vendor attribute to config propagation delay's absolute value
QCA_WLAN_VENDOR_ATTR_CONFIG_PROPAGATION_ABS_DELAY is added to set
propagation delay's absolute value. This is a more detailed version of
QCA_WLAN_VENDOR_ATTR_CONFIG_PROPAGATION_DELAY.

Signed-off-by: Zhang Qian <zhangq@qti.qualcomm.com>
2017-03-15 21:24:25 +02:00
Dmitry Shmidt
7f5f4e46ac Fix QCA_ATTR_NUD_STATS_IS_DAD value
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2017-03-14 21:11:18 +02:00
Jouni Malinen
2c0ac6d613 P2P: Run full P2P_FIND scan after pending scan completes
If a P2P_FIND command is issued for running the initial full scan and
the attempt to start that full scan fails, the previous behavior was to
wait for the ongoing scan to complete and then continue p2p_find scan
iterations. However, this continued with the social channels scan
instead of the initial full scan. This could end up missing the full
scan completely.

Fix this by marking the full scan pending if the new scan cannot be
started immediately. Then start the initial full scan after the ongoing
scan completes before moving to social channel only scan iterations.
This applies both for the P2P_FIND_START_WITH_FULL (no specific
frequency set) and P2P_FIND_PROGRESSIVE cases since both of them start
with a single full scan round.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-14 20:41:08 +02:00
Jouni Malinen
d3bb082a73 P2P: Continue scanning specified channel with P2P_FIND freq argument
This makes the "P2P_FIND freq=<MHz>" operation more robust by continuing
to include the specified frequency in the consecutive scan rounds
instead of including it only once in the first scan. In other words, the
first scan is only for the specified frequency just like the previous
behavior, but the following scans include all the social channels and
the specified frequency instead of just the previously used social
channels.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-13 12:50:50 +02:00
Jouni Malinen
76e20f4fa7 FILS: Add FILS SK auth PFS support in STA mode
This adds an option to configure wpa_supplicant to use the perfect
forward secrecy option in FILS shared key authentication. A new build
option CONFIG_FILS_SK_PFS=y can be used to include this functionality. A
new runtime network profile parameter fils_dh_group is used to enable
this by specifying which DH group to use. For example, fils_dh_group=19
would use FILS SK PFS with a 256-bit random ECP group.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-12 23:20:32 +02:00
Jouni Malinen
1764559eef FILS: Add FILS SK auth PFS support in AP mode
This adds an option to configure hostapd to enable use of perfect
forward secrecy option in FILS shared key authentication. A new build
option CONFIG_FILS_SK_PFS=y can be used to include this functionality. A
new runtime configuration parameter fils_dh_group is used to enable this
by specifying which DH group to use. For example, fils_dh_group=19 would
allow FILS SK PFS to be used with a 256-bit random ECP group.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-12 23:20:32 +02:00
Jouni Malinen
cad291d671 FILS: Define authentication algorithm for FILS SK auth with PFS
This is needed to add PFS support into hostapd and wpa_supplicant FILS
shared key authentication.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-12 22:39:38 +02:00
Jouni Malinen
07a5fe823e OWE: Use AKM 00-0F-AC:11 style parameters for EAPOL-Key frames
draft-harkins-owe-07.txt does not specify these parameters, so need to
pick something sensible to use for the experimental implementation. The
Suite B 128-bit level AKM 00-0F-AC:11 has reasonable parameters for the
DH group 19 case (i.e., SHA256 hash), so use it for now. This can be
updated if the OWE RFC becomes clearer on the appropriate parameters
(KEK/KCK/MIC length, PRF/KDF algorithm, and key-wrap algorithm).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-12 20:43:06 +02:00
Jouni Malinen
ef9627cbc7 Print the algorithms used for EAPOL-Key professing in log
This makes it easier to debug crypto algorithm selection for 4-way
handshake related functions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-12 20:43:06 +02:00
Jouni Malinen
ef23838590 Return success/failure result from sha384_prf()
This makes the function more consistent with sha256_prf().

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-12 20:43:06 +02:00
Jouni Malinen
0a6147991e OWE: Process Diffie-Hellman Parameter element in STA mode
This adds STA side addition of OWE Diffie-Hellman Parameter element into
(Re)Association Request frame and processing it in (Re)Association
Response frame.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-12 19:24:11 +02:00
Jouni Malinen
09368515d1 OWE: Process Diffie-Hellman Parameter element in AP mode
This adds AP side processing for OWE Diffie-Hellman Parameter element in
(Re)Association Request frame and adding it in (Re)Association Response
frame.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-12 19:24:11 +02:00
Jouni Malinen
f9561868ec OWE: Add driver capability flag for OWE AKM
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-12 19:24:11 +02:00
Jouni Malinen
a1ea1b4522 OWE: Define and parse OWE AKM selector
This adds a new RSN AKM "OWE".

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-12 19:24:11 +02:00
Jouni Malinen
9c7aac738b OWE: Define and parse Diffie-Hellman Parameter element
Add WLAN_EID_EXT_OWE_DH_PARAM definition and extend
ieee802_11_parse_elems() to recognize this element.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-12 00:23:36 +02:00
Jouni Malinen
e73244c240 tests: Extract-and-Expand HKDF (RFC 5869)
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-11 22:40:31 +02:00
Jouni Malinen
4ec833daf8 Extend hmac_sha256_kdf() to support HKDF-Expand() as defined in RFC 5869
The KDF define in RFC 5295 is very similar to HKDF-Expand() defined in
RFC 5869. Allow a NULL label to be used to select the RFC 5869 version
with arbitrary seed (info in RFC 5869) material without forcing the
label and NULL termination to be included. HKDF-Expand() will be needed
for OWE.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-11 22:40:10 +02:00
Jouni Malinen
ae1ec1aaf2 OpenSSL: Add wrapper functions for ECDH
These allow ECDH to be used with compressed public key encoding (only
x-coordinate). This is needed for FILS PFS and OWE.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-11 22:08:48 +02:00
Avraham Stern
e044a9d1e0 common: Add candidate list parsing helper function
Add a helper function that parses candidate list from command line
arguments.

This function will be used (in the following commits) to add
a candidate list to BSS transition management query.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2017-03-11 10:36:15 +02:00
Jouni Malinen
34f2851902 MBO: Parse MBO ANQP-element on STA
This extends the GAS/ANQP parser in wpa_supplicant to process MBO
ANQP-elements and indicate received Cellular Data Connection Preference
values over the control interface.

When a valid MBO ANQP-element is received, the following control
interface message is sent:

RX-MBO-ANQP <BSSID> cell_conn_pref=<value>

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-10 18:57:12 +02:00
Jouni Malinen
941caed980 MBO: Add MBO ANQP-element processing on AP
This extends the GAS server to process MBO ANQP-elements and reply to a
query for the Cellular Data Connection Preference (if configured). The
new configuration parameter mbo_cell_data_conn_pref can be used to set
the value (0, 1, or 255) for the preference to indicate.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-10 18:33:51 +02:00
Avraham Stern
2316cb358c MBO: Add option to add MBO query list to ANQP query
MBO techspec v0.0_r27 changed the MBO ANQP-element format. The MBO
element in ANQP query should now include an MBO Query List element that
contains a list of MBO elements to query.

Add API to add the MBO Query List to an ANQP query.

Format:
ANQP_GET <addr> <info_id>[,<info_id>]...[,mbo:<subtype>...]

Example for querying neighbor report with MBO cellular data
connection preference:
ANQP_GET <bssid> 272,mbo:2

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2017-03-10 16:53:10 +02:00
Vasanthakumar Thiagarajan
7cbb5f1a44 DFS: Handle pre-CAC expired event
As FCC DFS requirement does not explicitly mention about the validity of
the (pre-)CAC when channel is switched, it is safe to assume that the
pre-CAC result will not be valid once the CAC completed channel is
switched or radar detection is not active on the (CAC completed) channel
within a time period which is allowed (10 seconds - channel switch time)
as per FCC DFS requirement.

Use the new driver event to allow the driver to notify expiry of the CAC
result on a channel. Move the DFS state of the channel to 'usable' when
processing pre-CAC expired event.  This means any future operation on
that channel will require a new CAC to be completed. This event is
applicable only when DFS is not offloaded to the kernel driver.

Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
2017-03-09 17:01:50 +02:00
Vasanthakumar Thiagarajan
62c8c7f721 nl80211: Handle pre-CAC expired event from the driver
Process the new nl80211 event NL80211_RADAR_PRE_CAC_EXPIRED to allow the
driver to notify expiry of the CAC result on a channel.

Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
2017-03-09 17:01:36 +02:00
Jouni Malinen
caaaee072b Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2017-03-06.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-09 16:59:42 +02:00
Vasanthakumar Thiagarajan
3dcd735c1e DFS: Handle CAC completion event from other radio
When DFS channel state is shared across multiple radios on the system it
is possible that a CAC completion event is propagated from other radio
to us. When in enabled state, do not proceed with setup completion upon
processing CAC completion event with devices where DFS is not offloaded,
when in state other than enabled make sure the configured DFS channel is
in available state before start the AP.

Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
2017-03-09 16:46:30 +02:00
Purushottam Kushwaha
d0330d57f3 nl80211: Add option to delay start of schedule scan plans
The userspace may want to delay the the first scheduled scan.
This enhances sched_scan to add initial delay (in seconds) before
starting first scan cycle. The driver may optionally choose to
ignore this parameter and start immediately (or at any other time).

This uses NL80211_ATTR_SCHED_SCAN_DELAY to add this via user
global configurable option: sched_scan_start_delay.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-09 15:44:26 +02:00
Johannes Berg
a1f11e34c4 Use os_memdup()
This leads to cleaner code overall, and also reduces the size
of the hostapd and wpa_supplicant binaries (in hwsim test build
on x86_64) by about 2.5 and 3.5KiB respectively.

The mechanical conversions all over the code were done with
the following spatch:

    @@
    expression SIZE, SRC;
    expression a;
    @@
    -a = os_malloc(SIZE);
    +a = os_memdup(SRC, SIZE);
    <...
    if (!a) {...}
    ...>
    -os_memcpy(a, SRC, SIZE);

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-03-07 13:19:10 +02:00
Johannes Berg
dbdda355d0 Introduce os_memdup()
This can be used to clean the code and reduce size by converting
os_malloc() followed by os_memcpy() cases to use a single function call.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-03-07 13:18:49 +02:00
Kanchanapally, Vidyullatha
3ab484928a nl80211: Driver command for checking BTM accept/reject
Add driver interface command using the QCA vendor extensions to check
the driverr whether to accept or reject a BSS transition candidate. For
the reject case, report an MBO reject reason code.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-07 00:20:29 +02:00
Jouni Malinen
b9fd3c244e tests: Add TEST_FAIL() to radius_msg_add_attr()
This makes it easier to test error paths for RADIUS message
construction.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-05 16:37:52 +02:00
Jouni Malinen
de01f254a6 RADIUS server: Fix error paths in new session creation
radius_server_session_free() does not remove the session from the
session list and these radius_server_get_new_session() error paths ended
up leaving a pointer to freed memory into the session list. This
resulted in the following operations failing due to use of freed memory.

Fix this by using radius_server_session_remove() which removes the entry
from the list in addition to calling radius_server_session_free().

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-05 16:18:57 +02:00
Jouni Malinen
4c803dfcd7 ACS: Fix memory leak if interface is disabled during scan
The survey data was not freed if hostapd interface got disabled during
an ACS scan.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-04 17:30:15 +02:00
Jouni Malinen
29be2c090e ACS: Simplify code paths
This removes some unnecessarily duplicated return paths and simplifies
code paths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-04 17:30:10 +02:00
Jouni Malinen
fa07d2d463 tests: Add TEST_FAIL() checks in l2_packet
This enables additional test coverage for error paths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-04 11:43:58 +02:00
Jouni Malinen
d4359923e1 Fix DHCP/NDISC snoop deinit followed by failing re-init
It was possible to hit a double-free on the l2_packet socket if
initialization of DHCP/NDISC snoop failed on a hostapd interface that
had previously had those enabled successfully. Fix this by clearing the
l2_packet pointers during deinit.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-03-04 11:42:15 +02:00
Alexei Avshalom Lazar
160dca0784 Add QCA vendor command/attr for BRP antenna limit control
Add QCA_NL80211_VENDOR_SUBCMD_BRP_SET_ANT_LIMIT for setting the number
of antennas that will be active in different modes for each connection.

Signed-off-by: Alexei Avshalom Lazar <qca_ailizaro@qca.qualcomm.com>
2017-03-02 15:05:46 +02:00
Amarnath Hullur Subramanyam
e9518ae749 WFD: Add WFD R2 Subelements
Define and add support for WFD R2 Subelements.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-01 11:59:57 +02:00
Gaole Zhang
21ac782797 QCA nl80211 vendor attribute for specific sub-20 MHz channel width
Define a new attribute QCA_WLAN_VENDOR_ATTR_CONFIG_SUB20_CHAN_WIDTH.
This attribute can set a station device to work in 5 or 10 MHz channel
width while in disconnect state.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-01 11:55:04 +02:00
Jouni Malinen
ff936bc753 Make the third octet of Country String configurable
The new hostapd.conf parameter country3 can now be used to configure the
third octet of the Country String that was previously hardcoded to ' '
(= 0x20).

For example:

All environments of the current frequency band and country (default)
country3=0x20

Outdoor environment only
country3=0x4f

Indoor environment only
country3=0x49

Noncountry entity (country_code=XX)
country3=0x58

IEEE 802.11 standard Annex E table indication: 0x01 .. 0x1f
Annex E, Table E-4 (Global operating classes)
country3=0x04

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-01 10:58:15 +02:00
Johannes Berg
5118319831 trace: Look up start to cope with ASLR
When ASLR is enabled, like it is by default on many distros now,
the trace code doesn't work right.

Fix this by looking up the start of the executable mapping and
subtracing it from all the lookups.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
2017-02-28 11:37:19 +02:00
Jouni Malinen
206516e8c2 af_alg: Crypto wrappers for Linux kernel crypto (AF_ALG)
CONFIG_TLS=linux can now be used to select the crypto implementation
that uses the user space socket interface (AF_ALG) for the Linux kernel
crypto implementation. This commit includes some of the cipher, hash,
and HMAC functions. The functions that are not available through AF_ALG
(e.g., the actual TLS implementation) use the internal implementation
(CONFIG_TLS=internal).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-28 11:24:15 +02:00
Jouni Malinen
b41d3e0a75 crypto: Process des_encrypt() error returns in callers
This updates all the des_encrypt() callers to handle error cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-28 11:24:05 +02:00
Jouni Malinen
5f0e165e80 crypto: Add return value to DES and AES encrypt/decrypt
These operations may fail with some crypto wrappers, so allow the
functions to report their results to the caller.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-28 11:23:54 +02:00
Peng Xu
5b9f46df0e hostapd: Get channel number from frequency based on other modes as well
When getting the channel number from a frequency, all supported modes
should be checked rather than just the current mode. This is needed when
hostapd switches to a channel in different band.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-26 12:24:03 +02:00
Jouni Malinen
4c8836f139 FILS: Fix fils_hlp.c build with older netinet/udp.h definitions
The __FAVOR_BSD macro was previously used in netinet/udp.h to select
between two different names of the variables in struct udphdr. Define
that to force the versions with the uh_ prefix. In addition, use the
same style consistently within fils_hlp.c.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-26 12:18:29 +02:00
Jouni Malinen
57a2aacabf Add option to disable broadcast deauth in hostapd on AP start/stop
The new broadcast_deauth parameter can be used to disable sending of the
Deauthentication frame whenever AP is started or stopped. The default
behavior remains identical to the past behavior (broadcast_deauth=1).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-26 12:05:40 +02:00
Jouni Malinen
21ed24f5ad hostapd: Fix potential mesh-related change from impacting non-mesh cases
Commit 01e2231fdc ('hostapd: Skip some
configuration steps for mesh cases') removed some operations based on
hapd->iface->mconf being NULL. This was within #ifdef CONFIG_MESH, so it
should not impact hostapd, but it can impact AP mode with
wpa_supplicant. That does not sound intentional, so make these
conditional on hapd->conf->mesh being enabled.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-26 12:05:40 +02:00
Jouni Malinen
869af30728 FILS: Use FILS Cache Identifier to extend PMKSA applicability
This allows PMKSA cache entries for FILS-enabled BSSs to be shared
within an ESS when the BSSs advertise the same FILS Cache Identifier
value.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-26 12:05:40 +02:00
Jouni Malinen
ba9774bd76 FILS: Fix BSSID in reassociation case
The RSN supplicant implementation needs to be updated to use the new
BSSID whenever doing FILS authentication. Previously, this was only done
when notifying association and that was too late for the case of
reassociation. Fix this by providing the new BSSID when calling
fils_process_auth(). This makes PTK derivation use the correct BSSID.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-21 12:26:57 +02:00
Jouni Malinen
7eace3787c FILS: Find PMKSA cache entries on AP based on FILS Cache Identifier
This allows PMKSA cache entries to be shared between all the BSSs
operated by the same hostapd process when those BSSs use the same FILS
Cache Identifier value.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-21 12:18:58 +02:00
Badrish Adiga H R
128f6a98b3 mka: Fix the order of operations in secure channel deletion
The correct order of deleting a secure channel is to purge all the
secure associations in the channel before actually deleting the secure
channel.

Signed-off-by: Badrish Adiga H R <badrish.adigahr@gmail.com>
2017-02-20 22:15:04 +02:00
Jouni Malinen
21fda4ee72 RSN: Fix pre-authentication EAPOL-Start startPeriod configuration
The RSN pre-authentication case ended up ignoring the initial
startPeriod value and delayed EAPOL-Start message by two seconds. Fix
this by forcing the first EAPOL-Start message to be sent when running
pre-authentication.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-20 12:48:04 +02:00
Purushottam Kushwaha
3f23260da8 nl80211: Notify reason for connection timeout failure
This adds reason for timeout in event CTRL-EVENT-ASSOC-REJECT whenever
connection failure happens because of timeout. This extends the
"timeout" parameter in the event to include the reason, if available:
timeout=scan, timeout=auth, timeout=assoc.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-20 10:47:08 +02:00
Peng Xu
ca1ab9db2a hostapd: Get vendor HE capabilities
Allow hostapd query device HE capabilities via vendor command.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-19 17:39:33 +02:00
Peng Xu
7785c70bbb QCA vendor command for fetching HE capabilities
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-19 17:39:30 +02:00
Peng Xu
d512f406fc hostapd: Add IEEE 802.11ax HE IEs into Beacon/Probe Response frames
IEEE 802.11ax HE changes to include HE IEs in Beacon and Probe Response
frames. These elements are using vendor specific forms for now since the
IEEE 802.11ax draft is not yet finalized and the element contents is
subject to change.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-19 17:37:55 +02:00
Peng Xu
94380cb40a hostapd: Initial IEEE 802.11ax (HE) definitions
Add IEEE 802.11ax definitions for config, IEEE structures, and
constants. These are still subject to change in the IEEE process.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-19 17:37:52 +02:00
Masashi Honma
5972dc73c1 mesh: Use correct rate in VHT and HT mixed environment
Let mesh STA A be a STA which has config disable_ht=0 and disable_vht=1.
Let mesh STA B be a STA which has config disable_ht=0 and disable_vht=0.
The mesh STA A and B was connected.

Previously, the mesh STA A sent frame with VHT rate even though its VHT
was disabled. This commit fixes the issue by checking the local BSS VHT
configuration.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2017-02-19 16:01:17 +02:00
Masashi Honma
84ea61cffe mesh: Use correct rate in HT and legacy mixed environment
Let mesh STA A be a STA which has config disable_ht=1.
Let mesh STA B be a STA which has config disable_ht=0.
The mesh STA A and B was connected.

Previously, the mesh STA A sent frame with HT rate even though its HT
was disabled. This commit fixes the issue by checking the local BSS HT
configuration.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2017-02-19 16:01:17 +02:00
Masashi Honma
a7a638c2c4 hw_features: Move VHT capabilities checks to common
This allows the previous AP-specific functions to be use for IBSS/mesh
setup in wpa_supplicant.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2017-02-19 15:53:05 +02:00
Jouni Malinen
e01cf2afc9 Define eapol_sm_get_eap_proxy_imsi() only with CONFIG_EAP_PROXY=y
This function is called only from locations within ifdef
CONFIG_EAP_PROXY, so there is no need to try to cover the not-defined
case here and the function can simply be removed completely if
CONFIG_EAP_PROXY=y is not used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-19 12:28:33 +02:00
Jouni Malinen
a8e25deeb8 FT: Merge similar error paths to use common steps
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-19 12:23:21 +02:00
Jouni Malinen
ecbdc1a1fc Mark RSN msg 1/2 key data debug dump as key material
This debug print can include GTK and IGTK, so use wpa_hexdump_key()
instead of wpa_hexdump() for it to avoid undesired exposure of keys in
debug log.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-18 21:39:01 +02:00
Jouni Malinen
834c5d6816 FILS: Fix PMK length for initial connection with FILS SHA384 AKM
While the FILS authentication cases were already using the proper PMK
length (48 octets instead of the old hardcoded 32 octet), the initial
association case had not yet been updated to cover the new FILS SHA384
AKM and ended up using only a 32-octet PMK. Fix that to use 48-octet PMK
when using FILS SHA384 AKM.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-16 22:15:29 +02:00
Jouni Malinen
e491389ebc FILS: Fix ifdef for PTK derivation with SHA384-based AKM
sha384_prf() is used both with Suite B and FILS, so add CONFIG_FILS as
another alternative to building in this functionality.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-16 22:15:29 +02:00
Jouni Malinen
2e555f9cb0 tests: Add HMAC-SHA256 and HMAC-SHA384 test vectors from RFC 4231
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-16 22:15:29 +02:00
Jouni Malinen
62944f7d2c Add HMAC-SHA384 with internal crypto
This is a copy of the internal HMAC-SHA256 implementation with the hash
block size and output length updated to match SHA384 parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-16 22:15:29 +02:00
Jouni Malinen
aeecd4eaec OpenSSL: Fix hmac_sha384_vector() implementation
The output length was incorrect (32 from the copy-pasted SHA256
version). Fix this to return the correct number of octets (48) for
SHA384. This fixes incorrect key derivation in FILS when using the
SHA384-based AKM.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-16 20:59:06 +02:00
Purushottam Kushwaha
5db32adc99 browser-wpadebug: Send HTTP response with HTTP/1.1 header
HTTP response was previously sent as a plaintext without the HTTP header
on port 12345. By default Android webview/Chrome assumes plaintext as
HTTP/0.9 data. Android webview/Chrome has removed support of HTTP/0.9
request/response on non-standard ports, i.e., other than port 80. This
results in error while opening URL 'http://localhost:12345/'.

Fix this by prefixing the HTTP response with the HTTP/1.1 header.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-16 13:35:44 +02:00
Jouni Malinen
79329ae0aa P2P: Verify local driver preferred frequencies for P2P use cases
Previously the peer operating channel preference was accepted if the
indicated frequency was listed in the local preference list from the
driver. This was assuming that the driver included only channels that
are currently enabled for GO operation. Since that might not be the
case, filter the local preference list by doing an explicit validation
of the indicated channels for P2P support.

This moves the similar validation steps from two other code paths in
p2p_check_pref_chan_recv() and p2p_check_pref_chan_no_recv() into a
common filtering step in p2p_check_pref_chan() for all three cases.

This avoids issues to start the GO in cases where the preferred
frequency list from the driver may include channels that are not
currently enabled for P2P GO use (e.g., 5 GHz band in world roaming
configuration).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-16 12:40:57 +02:00
Jouni Malinen
3a7819f0ad P2P: Add P2P_SET override_pref_op_chan to allow overriding preference
This new P2P_SET parameter uses <op_class>:<channel> format and is used
mainly for testing purposes to allow overriding the value of the GO
Negotiation Response frame Operating Channel attribute.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-16 12:08:22 +02:00
Jouni Malinen
364c064a41 FT: Check key derivation results explicitly in AP operations
Previously, any potential (even if very unlikely) local operation error
was ignored. Now these will result in aborting the negotiation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-14 16:33:01 +02:00
Jouni Malinen
f229f2c67d tests: Add TEST_FAIL() to OpenSSL aes_wrap() and aes_unwrap()
This makes it easier to add more testing coverage for error paths.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-14 10:53:10 +02:00
Jouni Malinen
885bbd4de3 WNM: Remove unused code from BSS TM Req generation
The url argument to ieee802_11_send_bss_trans_mgmt_request() was
hardcoded to NULL in the only caller, so this code cannot be reached.
wnm_send_bss_tm_req() construct the same frame with more generic
parameters, including option for including the URL, so
ieee802_11_send_bss_trans_mgmt_request() can be simplified.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-12 17:44:56 +02:00
Jouni Malinen
e7ddd86a98 WNM: Use a common error path in ieee802_11_send_wnmsleep_resp()
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-12 17:44:56 +02:00
Jouni Malinen
d6d5970e23 WNM: Fix WNM-Sleep Mode Request parsing for WNM-Sleep element
The length of the WNM-Sleep element was not verified before using it.
This could result in reading the subfields in this element (total of
four octets) beyond the end of the buffer. Fix this by ignoring the
element if it is not long enough to contain all the subfields.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-12 17:44:56 +02:00
Jouni Malinen
8492cc79c0 PeerKey: Remove dead code related to STSL negotiation state
The struct wpa_stsl_negotiation seemed to have been for some kind of
tracking of state of PeerKey negotiations within hostapd. However,
nothing is actually adding any entries to wpa_auth->stsl_negotiations or
using this state. Since PeerKey does not look like something that would
be deployed in practice, there is no justification to spend time on
making this any more complete. Remove the dead code now instead of
trying to figure out what it might be used for.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-12 11:15:49 +02:00
Jouni Malinen
0d60567030 WMM: Fix estimated medium time calculation for some corner cases
It was possible for the int medium_time variable to overflow, so use a
64-bit unsigned integer to get a large enough value for the
multiplication.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-11 12:12:28 +02:00
Jouni Malinen
ae26d30213 Fix "IEEE 802.11: Ignored Action frame" debug message
The arguments to printf were in incorrect order which resulted in
incorrect STA address in the debug message.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-11 12:08:12 +02:00
Jouni Malinen
4ead4c7ecd WMM: Remove obsolete TODO comments
These are more about kernel behavior than anything that hostapd would
implement.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-11 10:29:18 +02:00
vamsi krishna
20c846d9ee nl80211: sched_scan relative RSSI parameters
Add driver interface support to set sched_scan relative RSSI parameters
and to indicate driver support for this.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-10 19:48:12 +02:00
Badrish Adiga H R
37e9f511eb mka: Send MKPDUs forever if mode is PSK
Issue: When 2 peers are running MACsec in PSK mode with CA
established, if the interface goes down and comes up after
time > 10 seconds, CA does not get re-established.

Root cause: This is because retry_count of both the peers
would have reached MAX_RETRY_CNT and stays idle for other to
respond. This is clear deadlock situation where peer A waits
for MKA packets from peer B to wake up and vice-versa.

Fix: If MACsec is running in PSK mode, we should send MKPDUs
forever for every 2 seconds.

Signed-off-by: Badrish Adiga H R <badrish.adigahr@gmail.com>
2017-02-10 19:48:12 +02:00
Jouni Malinen
76aa318381 EAP: Call deinit_for_reauth() for Phase 2 EAP methods
EAP-TTLS/PEAP/FAST were previously doing this for init_for_reauth(), but
not for deinit_for_reauth(). Add the deinit_for_reauth() call as well to
cover cases like EAP-AKA cleaup of AT_CHECKCODE data.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-10 19:48:12 +02:00
Jouni Malinen
02156b98b7 EAP-AKA: Don't use anonymous identity in phase2
This adds the same changes to EAP-AKA that were previous done for
EAP-SIM to allow functionality within an EAP-TTLS/PEAP/FAST tunnel
without causing issues to the phase 1 identity string.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-10 19:48:12 +02:00
Paul Stewart
9e2afe10e6 EAP-SIM: Don't use anonymous identity in phase2
The "anonymous_identity" configuration field has more than one
semantic meaning. For tunneled EAP methods, this refers to the
outer EAP identity. For EAP-SIM, this refers to the pseudonym
identity. Also, interestingly, EAP-SIM can overwrite the
"anonymous_identity" field if one is provided to it by the
authenticator.

When EAP-SIM is tunneled within an outer method, it makes sense
to only use this value for the outer method, since it's unlikely
that this will also be valid as an identity for the inner EAP-SIM
method. Also, presumably since the outer method protects the
EAP-SIM transaction, there is no need for a pseudonym in this
usage.

Similarly, if EAP-SIM is being used as an inner method, it must
not push the pseudonym identity using eap_set_anon_id() since it
could overwrite the identity for the outer EAP method.

Signed-off-by: Paul Stewart <pstew@google.com>
2017-02-10 19:48:12 +02:00
Paul Stewart
ed9b1c16d5 EAP peer: Cache decrypted requests for EAP-SIM/AKA/AKA'
Add an internal flag which indicates to tunneled EAP methods (FAST,
PEAP, TTLS) that they should cache decrypted EAP-SIM/AKA/AKA' requests.
This allows EAP-SIM/AKA/AKA' to be tunneled within these outer methods
while using an external SIM authenticator over the control interface.

Signed-off-by: Paul Stewart <pstew@google.com>
2017-02-10 19:48:12 +02:00
Jouni Malinen
401243b73e RRM: Fix range request overriding
This was supposed to cancel the existing eloop timeout instead of
registering another one.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-09 13:26:06 +02:00
Jouni Malinen
fb81c0a3d1 RRM: Merge similar error returns to a single one
There is no need to maintain different return paths for STA being
completely not present and not authorized, so merge these into a single
case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-09 13:26:06 +02:00
Jouni Malinen
13b30052d9 RRM: Fix Range Request max age parsing
This 16-bit field uses little endian encoding and it must be read with
WPA_GET_LE16() instead of assuming host byte order is little endian. In
addition, this could be misaligned, so using a u16 pointer here was not
appropriate.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-09 13:26:06 +02:00
Jouni Malinen
bd6ec7f7ca Fix MAC ACL query freeing on deinit
hapd->acl_cache and hapd->acl_queries were not reset back to NULL in
hostapd_acl_deinit() when cached results and pending ACL queries were
freed. This left stale pointers to freed memory in hapd. While this was
normally followed by freeing of the hapd data, it is possible to re-use
that hapd when disabling and re-enabling an interface. That sequence
could result in use of freed memory if done while there were cached
results or pending ACL operations with a RADIUS server (especially, if
that server did not reply).

Fix this by setting hapd->acl_queries to NULL when the pending entries
are freed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-08 23:48:19 +02:00
Jouni Malinen
0d6dc6830c FILS: Clean up HLP resize check
The "!wpabuf_resize(...) == 0" condition does not make any sense. It
happens to work, but this is really supposed to simple check with
wpabuf_resize() returns non-zero and "wpabuf_resize(...)" is the
cleanest way of doing so.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-07 20:50:33 +02:00
Vamsi Krishna
8331c9b316 nl80211: Add support for mgmt_tx with random TA
This adds support for specifying a random TA for management frame
transmission commands and driver capability flags for indicating whether
this is supported in not-connected and connected states.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-07 19:35:34 +02:00
Jouni Malinen
14fa723a9c Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2017-01-13.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-07 18:55:35 +02:00
Jouni Malinen
65ab7eb1fa GAS: Fix OSU Providers List response with invalid configuration
If the OSU Providers configuration was invalid (included osu_server_uri
but not osu_method_list), it was possible for the GAS response
generation to hit a NULL dereference. Fix this by checking for the
invalid configuration before trying to fill in the OSU methods.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-07 17:47:58 +02:00
Günther Kelleter
4bb9b674c8 Add a log message when GTK rekeying failed
It can happen if the station is unreachable or sleeping longer than
the actual total GTK rekey timeout. To fix the latter case
wpa_group_update_count may be increased.

Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>
2017-02-07 00:25:36 +02:00
Günther Kelleter
41f140d386 Add hostapd options wpa_group_update_count and wpa_pairwise_update_count
wpa_group_update_count and wpa_pairwise_update_count can now be used to
set the GTK and PTK rekey retry limits (dot11RSNAConfigGroupUpdateCount
and dot11RSNAConfigPairwiseUpdateCount). Defaults set to current
hardcoded value (4).

Some stations may suffer from frequent deauthentications due to GTK
rekey failures: EAPOL 1/2 frame is not answered during the total timeout
period of currently ~3.5 seconds. For example, a Galaxy S6 with Android
6.0.1 appears to go into power save mode for up to 5 seconds. Increasing
wpa_group_update_count to 6 fixed this issue.

Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>
2017-02-07 00:25:36 +02:00
Badrish Adiga H R
e54691106b mka: Some bug fixes for MACsec in PSK mode
Issue:
------
The test setup has 2 peers running MACsec in PSK mode, Peer A with
MAC address higher than MAC Address of peer B. Test sequence is
1. Peer B starts with actor_priority 255
2. Peer A starts with priority 16, becomes key server.
3. Peer A stops..
4. Peer A restarts with priority 255, but because of the stale values
participant->is_key_server(=TRUE) and participant->is_elected(=TRUE)
it continues to remain as Key Server.
5. For peer B, key server election happens and since it has lower MAC
address as compared to MAC address of A, it becomes the key server.
Now we have 2 key servers in CA and is not correct.

Root-cause & fix:
-----------------
When number of live peers become 0, the flags such lrx, ltx, orx,
otx, etc. need to be cleared. In MACsec PSK mode, these stale values
create problems while re-establishing CA.

Signed-off-by: Badrish Adiga H R <badrish.adigahr@gmail.com>
2017-02-06 21:02:53 +02:00
Badrish Adiga H R
7faf403f9f mka: Fix an incorrect update of participant->to_use_sak
API ieee802_1x_mka_decode_dist_sak_body() wrongly puts
participant->to_use_sak to TRUE, if Distributed SAK Parameter Set of
length 0 is received. In MACsec PSK mode, this stale incorrect value can
create problems while re-establishing CA. In MACsec PSK mode, CA goes
down if interface goes down and ideally we should be able to
re-establish the CA once interface comes up.

Signed-off-by: Badrish Adiga H R <badrish.adigahr@gmail.com>
2017-02-06 20:37:58 +02:00
Eduardo Abinader
276e936548 hw_features: Clean center freq for falling back HT40 channels
Some channels fail to be set, when falling back to 20 MHz, due to
remaining VHT info of center freq. As we are going to 20 MHz, reset the
VHT center frequency segment information as well.

Signed-off-by: Eduardo Abinader <eduardoabinader@gmail.com>
2017-02-06 19:26:07 +02:00
Dedy Lansky
89fa633afb nl80211: Fix error while enabling AP mode with driver-SME
Following commit a70cd0db87 ('Don't
register for Beacon frames for IEEE 802.11ad AP'),
nl80211_get_wiphy_data_ap() is unconditionally called when starting AP.
This function tries to register for Beacon frames RX which fails for
some driver which don't support such registration and do not need it in
case the driver implements AP mode SME functionality.

Fix this by conditionally calling nl80211_get_wiphy_data_ap() like prior
to commit a70cd0db87.

Signed-off-by: Dedy Lansky <qca_dlansky@qca.qualcomm.com>
2017-02-05 20:48:23 +02:00
Jouni Malinen
84bb12aa6d FILS: Fix send_assoc_resp() HLP extension to cover sta == NULL
Commit 91d91abf6f ('FILS: DHCP relay for
HLP requests') added steps that are conditional on sta->fils_hlp_resp
being non-NULL. One of these cases within send_assoc_resp() was properly
protected from sta == NULL error case (that is now possible after a
recent DMG change), but the first one was not. A DMG error case in a
CONFIG_FILS=y build could have hit a NULL pointer dereference here. Fix
this by verifying sta != NULL more consistently.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-05 16:40:15 +02:00
Jouni Malinen
275cc94280 FILS: Stop processing if fils_rmsk_to_pmk() fails
While the key derivation steps are not expected to fail, this was
already done on the AP side, so do the same in the STA side.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-05 14:38:07 +02:00
Jouni Malinen
caab23f192 Set EAPOL-Key Key Length field to 0 for group message 1/2 in RSN
P802.11i/D3.0 described the Key Length as having value 16 for the group
key handshake. However, this was changed to 0 in the published IEEE Std
802.11i-2004 amendment (and still remains 0 in the current standard IEEE
Std 802.11-2016). We need to maintain the non-zero value for WPA (v1)
cases, but the RSN case can be changed to 0 to be closer to the current
standard.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-05 13:52:43 +02:00
Jouni Malinen
b0fb2be77a Do not send GNonce in EAPOL-Key group message 1/2
While the IEEE Std 802.11-2016 is still indicating that GNonce would be
exchanged in EAPOL-Key messages (see, e.g., Figure 12-52 showing the
Send EAPOL-Key operation in the REKEYNEGOTIATING state or the sample
group key handshake in Figure 12-47), there are also examples of
describing this field as having value zero (e.g., 12.7.7.2 Group key
handshake message 1).

GNonce is used only with the Authenticator and the Supplicant does not
have any use for it, so it is better not to expose that internal value.
Hardcode the Key Nonce field to 0 in EAPOL-Key group message 1/2.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-05 13:39:57 +02:00
Jouni Malinen
3bbc470502 Fix EAPOL-Key Install bit in Group Key 1/2 with FT and FILS auth
sm->Pair needs to be initialized to TRUE since unicast cipher is
supported and this is an ESS. However, the normal place for setting this
(WPA_PTK::INITIALIZE) is skipped with using FT protocol or FILS
authentication, so need to do that separately when forcing PTKINITDONE.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-05 13:28:42 +02:00
Jouni Malinen
db5e53cb06 mesh: Fix struct hostapd_data initialization
The local custom version of allocating and initializing struct
hostapd_data within wpa_supplicant_mesh_init() is problematic. This has
already missed couple of initialization steps that are required. Instead
of trying to remember to keep this up to date, use
hostapd_alloc_bss_data() so that there is only one place for this
initialization.

This is fixing a recent issue where FILS HLP started using
hapd->dhcp_server and expected that to be initialized to -1. For the
mesh case, that did not happen and when removing the interface, the FILS
HLP implementation ended up unregistering eloop socket for
hapd->dhcp_server (= 0). This could result in missing socket callbacks
for an arbitrary socket.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-04 22:17:54 +02:00
Jouni Malinen
4d6e79f867 Use defines in hostapd_set_freq_params()
Use the defines for vht_oper_chwidth values more consistently in
hostapd_set_freq_params() to make this more readable.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-02-04 20:50:16 +02:00
Liu Li
0217b8d874 eloop: Fix comments mismatch eloop_event/timeout_handler definitions
Signed-off-by: Liu Li <lli_njupt@163.com>
2017-02-04 20:41:12 +02:00
Jouni Malinen
09a97eb27e Update the copyright notice years for QCA vendor definitions
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-04 17:05:30 +02:00
Sunil Dutt
841e9a8c73 QCA vendor command to set the trace levels for the specific QCA module
This commit introduces the vendor command to set the trace level
for the respective QCA host driver module.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-04 17:05:21 +02:00
Jouni Malinen
d77f330418 FILS: Fix AES-SIV AAD for (Re)Association Request frame decryption
The hostapd processing of the AES-SIV AAD was incorrect. The design for
the AAD changed between P802.11ai/D7.0 and D8.0 from a single vector
with concatenated data to separate vectors. The change in the
implementation had missed the change in the aes_siv_decrypt() call for
the num_elem parameter. This happened to work with the mac80211
implementation due to a similar error there.

Fix this by using the correct numbers of vectors in the SIV AAD so that
all the vectors get checked. The last vector was also 14 octets too long
due to incorrect starting pointer, so fix that as well. The changes here
are not backwards compatible, i.e., a similar fix in the Linux mac80211
is needed to make things interoperate again.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-04 13:09:52 +02:00
Jouni Malinen
7a6c3de23a ERP: Use macro for EMSKname length instead of hardcoded integer value
While RFC 5295 uses "8" as the value to use in the length field in KDF
context when deriving EMSKname, it is clearer to use the macro defining
EMSKname as the value since the KDF design in RFC 5295 encodes the
length of the derived data in octets in that part of the context data.
This change is just making the implementation easier to understand while
not actually changing the behavior.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-03 15:35:21 +02:00
Jouni Malinen
bb3ea71a23 ERP: Fix rIK derivation
Unlike the EMSKname and rRK derivations, rIK derivation is actually
using the "optional data" component in the context data (see RFC 5295).
RFC 6696 defines that optional data to be the cryptosuite field for rIK.
This was missing from the previous implementation and that resulted in
incorrect rIK being derived.

In addition, the rIK Label string does not actually include the "EAP "
prefix in the way as the rRK Label in RFC 6696 does. This would also
have resulted in incorrect rIK value.

Fix rIK derivation by adding the cryptosuite value into the KDF context
data and fixing the label string. This change is not backwards
compatible and breaks all ERP use cases (including FILS shared key
authentication) with older (broken) and new (fixed)
hostapd/wpa_supplicant builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-03 15:34:59 +02:00
Jouni Malinen
124ddfa19e FILS: Parse and report received FILS HLP Containers from response
The new FILS-HLP-RX control interface event is now used to report
received FILS HLP responses from (Re)Association Response frame as a
response to the HLP requests configured with FILS_HLP_REQ_ADD.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-01 18:17:39 +02:00
Jouni Malinen
91d91abf6f FILS: DHCP relay for HLP requests
The new dhcp_server configuration parameter can now be used to configure
hostapd to act as a DHCP relay for DHCPDISCOVER messages received as
FILS HLP requests. The dhcp_rapid_commit_proxy=1 parameter can be used
to configure hostapd to convert 4 message DHCP exchange into a 2 message
exchange in case the DHCP server does not support DHCP rapid commit
option.

The fils_hlp_wait_time parameter can be used to set the time hostapd
waits for an HLP response. This matches the dot11HLPWaitTime in IEEE Std
802.11ai-2016.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-02-01 18:17:39 +02:00
Jouni Malinen
54b04d6f39 FILS: Move HLP request handling into a separate file
This is independent functionality from the core IEEE 802.11 management
handling and will increase significantly in size, so it is cleaner to
maintain this in a separate source code file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-31 17:46:13 +02:00
Jouni Malinen
5a9d504938 ProxyARP: Use more robust DHCP option parsing
Do not depend on undefined behavior with pointer arithmetic when
checking whether there is sufficient room for an option.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-31 17:46:13 +02:00
Jouni Malinen
e64c13febb Move DHCP definitions into a common file
These can be reused for other purposes than just the DHCP snoofing for
Proxy ARP. In addition, use more complete definition of the parameters
based on the current IANA registry.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-31 17:46:11 +02:00
Kanchanapally, Vidyullatha
70407ee5c3 Add QCA vendor definitions for BSS transition status
Introduce definitions for QCA vendor specific subcommands and attributes
for fetching BSS transition status.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-30 22:31:46 +02:00
Dedy Lansky
53d171440f AP: Check ACL upon association request for 802.11ad
With device_ap_sme disabled, ACL was checked upon authentication
request. In 802.11ad there is no authentication phase so need to check
ACL upon association.

Signed-off-by: Dedy Lansky <qca_dlansky@qca.qualcomm.com>
2017-01-30 22:22:40 +02:00
Daniel Kim
4cc61c3866 GAS: Set temporary session timeout bigger than gas_comeback_delay
Previously, the temporary STA session timeout was set to 5 seconds. If
gas_comeback_delay is configured to be longer than 5 seconds, GAS
Comeback Response frame can't include queried information as all pending
data has already been cleared due to session timeout. This commit
resolves the issue by setting session timeout to be larger than
gas_comeback_delay.

Signed-off-by: Daniel Kim <kimdan@qca.qualcomm.com>
2017-01-30 13:25:48 +02:00
Sunil Dutt
a9491695b3 QCA vendor command to set/get NUD statistics
This commit introduces QCA vendor commands and the corresponding
attributes to set/get NUD (Network Unreachability Detection) statistics.
The set NUD statistics configures the requisite parameters to the host
driver and thereby triggers the start/stop of collection of statistics.
The get stats fetches the statistics collected in the host driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-30 01:54:30 +02:00
Sunil Dutt
f593b6c11d nl80211: Do not reset vendor_scan_cookie after scan timeout
If vendor_scan_cookie is set to 0 after the scan_abort due to the scan
timeout ends in a cookie mismatch when processing the following
QCA_NL80211_VENDOR_SUBCMD_SCAN_DONE indication. This ends up considering
the scan results as being for an external scan and thus the current
ongoing scan is not removed from the radio_work. Hence, do not reset
this vendor_scan_cookie after the scan abort so that the scan completion
event gets processed properly and vendor_scan_cookie gets cleared at
that point.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-30 01:54:30 +02:00
Paul Stewart
6d08f23f0a OpenSSL/BoringSSL: Read certificate chain from client_cert on Android
If the keychain holds additional certificates other than the end
certificate, read them into the certificate chain.

Signed-off-by: Paul Stewart <pstew@google.com>
2017-01-30 01:54:30 +02:00
Wojciech Dubowik
cc3dae85bd hostapd: Add possibility to send debug messages to syslog
We can only send module specific messages to syslog and not debug
messages printed with wpa_printf. Add an extra command line parameter
'-s' to allow it. The feature is enabled with compile flag
CONFIG_DEBUG_SYSLOG as for wpa_supplicant and behaves in the same manner
as the wpa_supplicant -s command line argument.

Signed-off-by: Wojciech Dubowik <Wojciech.Dubowik@neratec.com>
2017-01-30 00:57:13 +02:00
Jouni Malinen
968dce9b13 FST: Silence compiler warning on WPA_ASSERT
This was triggering a sign-compare warning.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-29 18:45:29 +02:00
Jouni Malinen
17e20b1e2b FST: Remove a bogus WPA_ASSERT()
own_addr is not defined here, so no idea what this WPA_ASSERT() was
trying to check.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-29 18:44:36 +02:00
Johannes Berg
cef8fac04b wpa_auth: Make struct wpa_auth_callbacks const
Instead of copying the struct wpa_auth_callbacks, just keep a pointer to
it, keep the context pointer separate, and let the user just provide a
static const structure. This reduces the attack surface of heap
overwrites, since the function pointers move elsewhere.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-01-29 18:41:26 +02:00
Johannes Berg
30eddf3529 Fix or supress various sparse warnings
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-01-29 18:33:10 +02:00
Masashi Honma
9eb5757a86 Define helper function set_disable_ht40()
This functionality can be used outside wpa_set_disable_ht40(), so move
the generic part to a helper function.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2017-01-29 18:04:21 +02:00
Masashi Honma
7813b7c34d nl80211: Fix a memory leak on deinit with HT enabled mesh
Commit a70cd0db87 ('nl80211: Don't
register for Beacon frames for IEEE 802.11ad AP') could cause a trailing
memory leak on IEEE 802.11n enabled mesh. This commit fixes the issue.

-----------------
ELOOP: remaining socket: sock=12 eloop_data=0xba8260 user_data=0xbb3d90 handler=0x4aeb90
WPA_TRACE: eloop unregistered socket handler: 0x4aeb90
     nl80211_recv_beacons() ../src/drivers/driver_nl80211.c:625
WPA_TRACE: eloop sock - START
[0]: ./hostap/wpa_supplicant/wpa_supplicant() [0x431f2a]
     eloop_sock_table_add_sock() ../src/utils/eloop.c:360
[1]: ./hostap/wpa_supplicant/wpa_supplicant() [0x4b0e49]
     nl80211_register_eloop_read() ../src/drivers/driver_nl80211.c:153
[2]: ./hostap/wpa_supplicant/wpa_supplicant() [0x4bacf0]
     dl_list_add() src/utils/list.h:30
     nl80211_get_wiphy_data_ap() ../src/drivers/driver_nl80211.c:728
     wpa_driver_nl80211_set_ap() ../src/drivers/driver_nl80211.c:3786
[3]: ./hostap/wpa_supplicant/wpa_supplicant(ieee802_11_set_beacon+0x150) [0x469700]
     ieee802_11_set_beacon() ../src/ap/beacon.c:1349
[4]: ./hostap/wpa_supplicant/wpa_supplicant(ieee802_11_set_beacons+0x45) [0x469805]
     ieee802_11_set_beacons() ../src/ap/beacon.c:1368
[5]: ./hostap/wpa_supplicant/wpa_supplicant() [0x437559]
     mesh_mpm_add_peer() mesh_mpm.c:688
[6]: ./hostap/wpa_supplicant/wpa_supplicant(wpa_mesh_new_mesh_peer+0x42) [0x439182]
     wpa_mesh_new_mesh_peer() mesh_mpm.c:737
[7]: ./hostap/wpa_supplicant/wpa_supplicant(wpa_mesh_notify_peer+0x80) [0x436460]
     wpa_mesh_notify_peer() mesh.c:347
[8]: ./hostap/wpa_supplicant/wpa_supplicant(wpa_supplicant_event+0xc7a) [0x4a69ba]
     wpa_supplicant_event() events.c:4312
[9]: ./hostap/wpa_supplicant/wpa_supplicant(process_global_event+0xaf0) [0x4c2d40]
     nl80211_new_peer_candidate() ../src/drivers/driver_nl80211_event.c:1247
     do_process_drv_event() ../src/drivers/driver_nl80211_event.c:2322
     process_global_event() ../src/drivers/driver_nl80211_event.c:2360
[10]: /lib/x86_64-linux-gnu/libnl-3.so.200(nl_recvmsgs_report+0x3dc) [0x7f937176873c]
[11]: /lib/x86_64-linux-gnu/libnl-3.so.200(nl_recvmsgs+0x9) [0x7f9371768ba9]
[12]: ./hostap/wpa_supplicant/wpa_supplicant() [0x4aeb58]
     wpa_driver_nl80211_event_receive() ../src/drivers/driver_nl80211.c:1457
[13]: ./hostap/wpa_supplicant/wpa_supplicant() [0x43242e]
     eloop_sock_table_dispatch() ../src/utils/eloop.c:598
[14]: ./hostap/wpa_supplicant/wpa_supplicant(eloop_run+0x22e) [0x432e0e]
     eloop_sock_table_dispatch() ../src/utils/eloop.c:589
     eloop_run() ../src/utils/eloop.c:1219
[15]: ./hostap/wpa_supplicant/wpa_supplicant(wpa_supplicant_run+0x77) [0x49e327]
     wpa_supplicant_run() wpa_supplicant.c:5608
WPA_TRACE: eloop sock - END
MEMLEAK[0xba81b0]: len 72
WPA_TRACE: memleak - START
[0]: ./hostap/wpa_supplicant/wpa_supplicant(os_malloc+0x57) [0x430d67]
     os_malloc() ../src/utils/os_unix.c:690
[1]: ./hostap/wpa_supplicant/wpa_supplicant(os_zalloc+0xe) [0x430fce]
     os_zalloc() ../src/utils/os_unix.c:749
[2]: ./hostap/wpa_supplicant/wpa_supplicant() [0x4babaa]
     nl80211_get_wiphy_data_ap() ../src/drivers/driver_nl80211.c:692
     wpa_driver_nl80211_set_ap() ../src/drivers/driver_nl80211.c:3786
[3]: ./hostap/wpa_supplicant/wpa_supplicant(ieee802_11_set_beacon+0x150) [0x469700]
     ieee802_11_set_beacon() ../src/ap/beacon.c:1349
[4]: ./hostap/wpa_supplicant/wpa_supplicant(ieee802_11_set_beacons+0x45) [0x469805]
     ieee802_11_set_beacons() ../src/ap/beacon.c:1368
[5]: ./hostap/wpa_supplicant/wpa_supplicant() [0x437559]
     mesh_mpm_add_peer() mesh_mpm.c:688
[6]: ./hostap/wpa_supplicant/wpa_supplicant(wpa_mesh_new_mesh_peer+0x42) [0x439182]
     wpa_mesh_new_mesh_peer() mesh_mpm.c:737
[7]: ./hostap/wpa_supplicant/wpa_supplicant(wpa_mesh_notify_peer+0x80) [0x436460]
     wpa_mesh_notify_peer() mesh.c:347
[8]: ./hostap/wpa_supplicant/wpa_supplicant(wpa_supplicant_event+0xc7a) [0x4a69ba]
     wpa_supplicant_event() events.c:4312
[9]: ./hostap/wpa_supplicant/wpa_supplicant(process_global_event+0xaf0) [0x4c2d40]
     nl80211_new_peer_candidate() ../src/drivers/driver_nl80211_event.c:1247
     do_process_drv_event() ../src/drivers/driver_nl80211_event.c:2322
     process_global_event() ../src/drivers/driver_nl80211_event.c:2360
[10]: /lib/x86_64-linux-gnu/libnl-3.so.200(nl_recvmsgs_report+0x3dc) [0x7f937176873c]
[11]: /lib/x86_64-linux-gnu/libnl-3.so.200(nl_recvmsgs+0x9) [0x7f9371768ba9]
[12]: ./hostap/wpa_supplicant/wpa_supplicant() [0x4aeb58]
     wpa_driver_nl80211_event_receive() ../src/drivers/driver_nl80211.c:1457
[13]: ./hostap/wpa_supplicant/wpa_supplicant() [0x43242e]
     eloop_sock_table_dispatch() ../src/utils/eloop.c:598
[14]: ./hostap/wpa_supplicant/wpa_supplicant(eloop_run+0x22e) [0x432e0e]
     eloop_sock_table_dispatch() ../src/utils/eloop.c:589
     eloop_run() ../src/utils/eloop.c:1219
[15]: ./hostap/wpa_supplicant/wpa_supplicant(wpa_supplicant_run+0x77) [0x49e327]
     wpa_supplicant_run() wpa_supplicant.c:5608
WPA_TRACE: memleak - END
MEMLEAK: total 72 bytes
-----------------

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2017-01-29 17:55:10 +02:00
Jouni Malinen
5208160b4b FILS: Parse received FILS HLP requests
This adds parsing of received FILS HLP requests from (Re)Association
Request frames. The reassembled requests are verified to be in valid
format and are printed in debug output. However, actual processing or
forwarding of the packets is not yet implemented, i.e., the vendor
specific frame filtering logic is for now practically dropping all HLP
requests.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-29 14:32:17 +02:00
Jouni Malinen
5732b770f4 FILS: Allow FILS HLP requests to be added
The new wpa_supplicant control interface commands FILS_HLP_REQ_FLUSH and
FILS_HLP_REQ_ADD can now be used to request FILS HLP requests to be
added to the (Re)Association Request frame whenever FILS authentication
is used.

FILS_HLP_REQ_ADD parameters use the following format:
<destination MAC address> <hexdump of payload starting from ethertype>

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-29 14:32:17 +02:00
Jouni Malinen
a1aa2aebc2 Remove unused WLAN_CIPHER_SUITE_* definitions
This gets rid of an unnecessary duplication of the definitions since all
the code has now been moved to using the earlier RSN_CIPHER_SUITE_*
definitions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-28 14:05:44 +02:00
Jouni Malinen
a042e39acf nl80211: Use RSN_CIPHER_SUITE_* instead of WLAN_CIPHER_SUITE_*
This is a step towards getting rid of the unnecessary duplication of
definitions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-28 14:04:44 +02:00
Jouni Malinen
2373a31170 Define all RSN_CIPHER_SUITE_* values
This adds the cipher suite selector values for ciphers that are not
really used with RSN, but are needed to be able to replace
WLAN_CIPHER_SUITE_* definitions with RSN_CIPHER_SUITE_*.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-28 14:03:34 +02:00
Jouni Malinen
89ba101e14 Remove unused WLAN_AKM_SUITE_* definitions
This gets rid of an unnecessary duplication of the definitions since all
the code has now been moved to using the earlier RSN_AUTH_KEY_MGMT_*
definitions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-28 12:36:13 +02:00
Jouni Malinen
bf9f8a0525 Use RSN_AUTH_KEY_MGMT_* instead of WLAN_AKM_SUITE_* for wpa_akm_to_suite()
This is a step towards getting rid of the unnecessary duplication of
definitions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-28 12:34:49 +02:00
Jouni Malinen
3aa24db953 nl80211: Use RSN_AUTH_KEY_MGMT_* instead of WLAN_AKM_SUITE_*
This is a step towards getting rid of the unnecessary duplication of
definitions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-28 12:27:48 +02:00
Jouni Malinen
a1343fa6ba Remove unnecessary ifdef from RSN_AUTH_KEY_MGMT_* definitions
These FT AKM suite selectors might be needed in code even if
CONFIG_IEEE80211R is not defined.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-28 12:26:25 +02:00
Jouni Malinen
510fc2dfc9 Fix AKM suite selectors for FILS and Suite B
IEEE 802.11 standard defines the suite selectors in <OUI>:<subtype>
format where OUI uses hexadecimal format and subtype decimal format.
These WLAN_AKM_SUITE_* definitions ended up getting written incorrectly
by interpretting the decimal part as hexadecimal and as such, by having
an incorrect value. However, the older RSN_AUTH_KEY_MGMT_* values were
defined with correct values and those definitions were used in most
locations.

This commit fixes the AKM suite selector values in RADIUS WLAN-AKM-Suite
attribute for FILS and Suite B. In addition, the AKM values used in
nl80211 driver configuration (NL80211_ATTR_AKM_SUITES) are fixed for the
Suite B cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-27 23:13:10 +02:00
Sunil Dutt
d7d0f909f1 QCA vendor command to carry the reason for power save failure
This commit defines a QCA vendor command
QCA_NL80211_VENDOR_SUBCMD_CHIP_PWRSAVE_FAILURE that carries required
information leading to the power save failure. This will be an event
from the host driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-23 18:47:16 +02:00
Purushottam Kushwaha
4c4070005a QCA vendor command to enable host driver offload ACS to user space
This commit introduces the QCA vendor command and the attributes which
facilitate the host driver to use an external user space entity for
performing automatic channel selection.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-23 06:32:59 +02:00
Masashi Honma
4d77d80edd mesh: Add MESH_PMKSA_GET/ADD commands
These commnds are mesh version of PMKSA_GET/ADD commands. So the usage
and security risk is similar to them. Refer to
commit 3459381dd2 ('External persistent
storage for PMKSA cache entries') also.

The MESH_PMKSA_GET command requires peer MAC address or "any" as an
argument and outputs appropriate stored PMKSA cache. And the
MESH_PMKSA_ADD command receives an output of MESH_PMKSA_GET and re-store
the PMKSA cache into wpa_supplicant. By using re-stored PMKSA cache,
wpa_supplicant can skip commit message creation which can use
significant CPU resources.

The output of the MESH_PMKSA_GET command uses the following format:
<BSSID> <PMKID> <PMK> <expiration in seconds>

The example of MESH_PMKSA_ADD command is this.
MESH_PMKSA_ADD 02:00:00:00:03:00 231dc1c9fa2eed0354ea49e8ff2cc2dc cb0f6c9cab358a8146488566ca155421ab4f3ea4a6de2120050c149b797018fe 42930
MESH_PMKSA_ADD 02:00:00:00:04:00 d7e595916611640d3e4e8eac02909c3c eb414a33c74831275f25c2357b3c12e3d8bd2f2aab6cf781d6ade706be71321a 43180

This functionality is disabled by default and can be enabled with
CONFIG_PMKSA_CACHE_EXTERNAL=y build configuration option.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2017-01-14 18:07:46 +02:00
Jouni Malinen
fa67debf4c Fix duplicate Reassociation Request frame dropping
Relational operators (==) have higher precedence than the ternary
conditional in C. The last_subtype check for association/reassociation
was broken due to incorrect assumption about the precedence. Fix this by
adding parenthesis around the ternary conditional.

The previous implementation worked for Association Request frames by
accident since WLAN_FC_STYPE_ASSOC_REQ happens to have value 0 and when
the last receive frame was an Association Request frame, the
sta->last_subtype == reassoc check was true and non-zero
WLAN_FC_STYPE_REASSOC_REQ was interpreted as true. However, this was
broken for Reassociation Request frame. reassoc == 1 in that case could
have matched received Association Response frame (subtype == 1), but
those are not received in AP mode and as such, this did not break other
behavior apart from not being able to drop duplicated Reassociation
Request frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-14 01:04:31 +02:00
Slava Monich
6ff92677a1 wext: Cancel send_rfkill timeout in deinit
Signed-off-by: Slava Monich <slava.monich@jolla.com>
2017-01-14 00:07:45 +02:00
Jouni Malinen
fcd3d6ce32 FILS: Fix PMK and PMKID derivation from ERP
This adds helper functions for deriving PMK and PMKID from ERP exchange
in FILS shared key authentication as defined in IEEE Std 802.11ai-2016,
12.12.2.5.2 (PMKSA key derivation with FILS authentication). These
functions is used to fix PMK and PMKID derivation which were previously
using the rMSK directly as PMK instead of following the FILS protocol to
derive PMK with HMAC from nonces and rMSK.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-13 21:07:40 +02:00
Jouni Malinen
ef495c78dd OpenSSL: Implement sha384_vector()
This was forgotten from the addition of SHA384 support and is now needed
for FILS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-13 21:05:19 +02:00
Dedy Lansky
a70cd0db87 nl80211: Don't register for Beacon frames for IEEE 802.11ad AP
Beacon frames are not supported in IEEE 802.11ad network (DMG-beacons
used instead). To allow hostapd to manage IEEE 802.11ad AP with
device_ap_sme disabled, skip nl80211_register_beacons() for IEEE
802.11ad AP.

Signed-off-by: Dedy Lansky <qca_dlansky@qca.qualcomm.com>
2017-01-13 15:58:01 +02:00
Jouni Malinen
a2aa21a3bf Assign additional vendor specific elements for early HE testing
These elements can be used for pre-standard publication testing of HE
before P802.11ax draft assigns the element ID extension. The payload of
these vendor specific elements is defined by the latest P802.11ax draft.
Please note that the draft is still work in progress and the element
payload is subject to change.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-13 15:05:26 +02:00
Jouni Malinen
c85dfc6f84 nl80211: Set NL80211_ATTR_IFACE_SOCKET_OWNER for connect and associate
This allows kernel to force disconnection if something kills the
wpa_supplicant process in a manner that does not allow proper cleanup to
be performed. The association is not supposed to be allowed to continue
after process has ended since there are number of operations that
wpa_supplicant may need to do during the association.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-13 15:05:26 +02:00
Jouni Malinen
d07f450da9 Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2017-01-06.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-13 15:05:26 +02:00
Jouni Malinen
b2442f2568 nl80211: Debug prints for TDLS_OPER command and result
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-08 17:12:24 +02:00
Jouni Malinen
0f9b4a0f1d bgscan: Deliver beacon loss event to bgscan modules
This adds a call to the notify_beacon_loss() callback functions when
beacon loss is detected. In addition, a new CTRL-EVENT-BEACON-LOSS event
is made available through the wpa_supplicant control interface.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-08 12:17:58 +02:00
Jouni Malinen
688556722c nl80211: More complete processing of connection quality monitor events
This adds processing of beacon loss events and generation of an internal
EVENT_BEACON_LOSS event based on them for wpa_supplicant processing. In
addition, number of consecutively lost (not acknowledged) packets is now
reported and TXE events are noted in the debug log.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-08 12:11:14 +02:00
Jouni Malinen
167f78a5e8 Send BEACON-REQ-TX-STATUS event only for beacon reports
Check the action TX status callback contents more thoroughly and report
the BEACON-REQ-TX-STATUS event only if the Measurement Type indicates
beacon report.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-07 22:23:13 +02:00
Jouni Malinen
5de6823f7a tests: TEST_FAIL() support for os_get_random()
This allows more testing for rarely executed error paths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-07 22:15:41 +02:00
Jouni Malinen
e4ec6bbfd8 nl80211: Register for Link Measurement Report frames in AP mode
This is needed to be able to get the response to a link measurement
request.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-07 18:46:10 +02:00
Dedy Lansky
05e5e615e6 AP: Skip authentication/deauthentication phase for DMG/IEEE 802.11ad
Authentication and Deauthentication frames are not used in DMG/IEEE
802.11ad networks. For DMG/IEEE 802.11ad the following was implemented:
Upon receiving association request, allocate the sta object and
initialize it as if authentication took place. Upon receiving
disassociation, deallocate the sta object.
ap_sta_disassociate/ap_sta_deauthenticate/ap_sta_disconnect all use
disassociation instead of deauthentication. In driver_nl80211,
i802_sta_deauth() is routed to i802_sta_disassoc().

Signed-off-by: Dedy Lansky <qca_dlansky@qca.qualcomm.com>
2017-01-05 17:28:23 +02:00
Dedy Lansky
0c4b9025c1 AP: Do not look for supported rates in DMG/IEEE 802.11ad
Supported Rates element is not present in DMG/IEEE 802.11ad frames. Make
copy_supp_rates() immediately return with success if hardware mode is
IEEE 802.11ad.

Signed-off-by: Dedy Lansky <qca_dlansky@qca.qualcomm.com>
2017-01-05 17:05:00 +02:00
Andrei Otcheretianski
517b5f928f nl80211: Zero num_modes if nl80211_get_hw_feature_data() fails
It was possible that nl80211_get_hw_feature_data() function would return
NULL when num_modes is not set to zero. This might result in a later crash
when accessing hw.modes. This may be reproduced with hwsim oom tests, for
example, dbus_connect_oom.
Fix that by zeroing num_modes if NULL is returned.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2017-01-05 16:22:53 +02:00
Kanchanapally, Vidyullatha
39c5da3284 nl80211: Use correct attribute for scan flags in vendor scan
This fixes the netlink attribute identifier for the scan flags when
using QCA_NL80211_VENDOR_SUBCMD_TRIGGER_SCAN.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-05 15:49:15 +02:00
Jouni Malinen
ec45927b8a Report received beacon report with BEACON-RESP-RX event
The new hostapd control interface event "BEACON-RESP-RX <STA address>
<dialog token> <report mode> <beacon report>" is now used to report
received beacon reports as a reponse to the REQ_BEACON operation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-03 16:02:58 +02:00
Jouni Malinen
f3383366aa Report beacon request TX status as control interface event
The new BEACON-REQ-TX-STATUS control interface event is now used to
report whether a beacon request (from REQ_BEACON command) was delivered
successfully. This event has the following parameters: <STA address>
<dialog token> <ack=0/1>.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-03 16:02:58 +02:00
Jouni Malinen
90d9d7c32a Beacon request through hostapd control interface
The new control interface command "REQ_BEACON <STA addr>
[req_mode=<mode>] <beacon request>" can now be used to request hostapd
to transmit a measurement request to request a beacon report from an
associated STA. This command returns the assigned dialog token (1-255)
or FAIL on failure.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-03 16:02:58 +02:00
Jouni Malinen
f56877414c Do not add own BSS in neighbor report with invalid op_class/channel
Verify that ieee80211_freq_to_channel_ext() succeeds before adding the
own BSS in the neighbor report.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-03 15:18:30 +02:00
Jouni Malinen
aeff0645d2 FILS: Fix FILS Realm Information ANQP-element construction
The loop to add hash values was supposed to be limited to at most 10000
values, but the count variable was not being decremented in the loop.
Fix this by decrementing counting for each iteration. This fixes
ANQP-element format in the unlikely case of there being more than 10000
configuration realms.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-01-03 15:18:30 +02:00
Avraham Stern
b3060bf99f common: Add helper function to convert RSSI to RCPI
This conversion will be done several times in the code, so add a helper
function that does this conversion.

Signed-off-by: Avrahams Stern <avraham.stern@intel.com>
2017-01-03 15:18:29 +02:00
Avraham Stern
c9ff8e5f6e common: Add function to get an operating class by its number and country
Add a function to get operating class definition (including bandwidth,
channel numbers, etc.) from the operating class number and country.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2017-01-03 15:18:29 +02:00
Avraham Stern
e4f1d879cd common: Add non-global to global operating classes conversion
Add helper function that converts non-global operating classes to global
operating classes according to IEEE Std 802.11-2016, Annex E.

Signed-off-by: Avrahams Stern <avraham.stern@intel.com>
2017-01-03 15:18:29 +02:00
Avraham Stern
96a5f14ee4 nl80211: Add support for additional scan parameters for beacon report
Add support for:
 1. Setting scan dwell time
 2. Parsing scan start TSF and beacon received TSF reported
    by the driver
 3. Setting driver capabilities for the above

These capabilities are needed for Beacon Report radio measurement.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2017-01-03 15:18:29 +02:00
Avraham Stern
c16b9f8d33 driver: Add scan support to beacon report
Add the following parameters to scan request:
 1. Dwell time on each channel.
 2. Whether the specified dwell time is mandatory.

In addition, add to scan results info the time that the scan actually
started, and to each scan result the time the beacon/probe was received,
both in terms of TSF of the BSS that the interface that requested the
scan is connected to (if available).

Add flags to indicate whether the driver supports dwell time
configuration and scan information reporting.

This scan configuration and information is required to support beacon
report radio measurement.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2017-01-03 15:18:29 +02:00
Avraham Stern
d1c74f8c98 Add RRM definitions for beacon report measurement
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2017-01-03 15:18:29 +02:00
Andrei Otcheretianski
bbad185c13 P2P: Fix compilation warning in p2p_add_device()
The address of msg.device_name array is obviously always true, and some
compilers even warn about it.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2016-12-30 00:49:24 +02:00
Jouni Malinen
2977f5193a GAS: Remove unnecessarily duplicate gas_frag_limit configuration
The actual BSS configuration parameter can be updated with the SET
control interface command, so there is no need to maintain a separate
per-BSS parameter and a separate control interface handling for this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-30 00:23:10 +02:00
Jouni Malinen
1940559ea4 FT: Drop FT Action frames if ft_over_ds=0
Previously, the hostapd ft_over_ds parameter was used to only advertise
whether FT-over-DS is enabled in MDE and leave it to the stations to
follow that advertisement. This commit extends this to explicitly reject
(silently drop) FT Action frames if a station does not follow the
advertised capabilities.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-29 01:13:59 +02:00
Jouni Malinen
78022c8366 Fix memory leak on hostapd eap_user_file parsing error paths
Need to free all the pending completed EAP users if a parsing error
prevents the file from being used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-28 14:47:00 +02:00
Jouni Malinen
95de34a10a Remove trailing whitespace
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-28 14:31:42 +02:00
Jouni Malinen
3567730589 RADIUS server: Increase maximum number of sessions
It was possible to hit the previously used maximum of 100 active session
in some hwsim test case sequences like this one: eap_proto_pwd_errors
eap_proto_ikev2_errors eap_proto_sim_errors. This happened due to the
large number of RADIUS authentication iterations in short period of
time, i.e., within the 10 second timeout for expiring completed
sessions.

Increase RADIUS_MAX_SESSION from 100 to 1000 and also reduce the timeout
on expiring completed sessions from 10 to 5 seconds.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-27 12:14:48 +02:00
Jouni Malinen
9266d00bf9 hostapd: Reject invalid macaddr_acl value
Previously, this was noted in error log, but the invalid value was
stored in the configuration without rejecting it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-27 11:43:13 +02:00
Jouni Malinen
1dfd25a68a Fix hostapd SIGHUP processing before interface is enabled
It was possible to try to do driver operations before the driver
interface had been initialized when processing a SIGHUP signal. This
would result in NULL pointer dereference. Fix this by skipping the steps
when SIGHUP is issued before the interface is enabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-27 11:16:51 +02:00
Jouni Malinen
34e29dfd4b Remove unnecessary NULL check from hostapd_config_read_wpa_psk() call
This function is already checking the fname argument against NULL, so
use that check on its own instead of duplicating the check in the only
caller.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 17:42:41 +02:00
Jouni Malinen
946315f172 tests: More ieee802_11_vendor_ie_concat() coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 14:44:44 +02:00
Jouni Malinen
901e6fabcb tests: More ieee802_11_parse_elems() coverage for new elements
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-26 14:30:50 +02:00
Badrish Adiga H R
65dfa87286 mka: Make MKA actor priority configurable
This adds a new wpa_supplicant network profile parameter
mka_priority=0..255 to set the priority of the MKA Actor.

Signed-off-by: Badrish Adiga H R <badrish.adigahr@gmail.com>
2016-12-25 11:41:46 +02:00
Joel Cunningham
04f02faac4 Fix wpa_cipher_to_alg() return type
wpa_cipher_to_alg() returns enumerated values from enum wpa_alg and all
uses of the return value treat it as enum wpa_alg (by either assigning
it to a variable of type enum wpa_alg or passing to a function that
expects enum wpa_alg).

This commit updates the return value to match the expected usage
(enum  wpa_alg) rather than int. This ensures the return value is
of the proper type and eliminates the following compiler warnings:

ARM RVCT (2.2):
  'Warning: #188-D: enumerated type mixed with another type'

Signed-off-by: Joel Cunningham <joel.cunningham@me.com>
2016-12-21 12:48:16 +02:00
Jouni Malinen
d7f12e4eb9 OpenSSL: Make sure local certificate auto chaining is enabled
Number of deployed use cases assume the default OpenSSL behavior of auto
chaining the local certificate is in use. BoringSSL removed this
functionality by default, so we need to restore it here to avoid
breaking existing use cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-21 12:23:15 +02:00
Jouni Malinen
4be02b71bb OpenSSL: Remove SSL_{CTX_,}_clear_options ifdefs
This simplifies the implementation since the SSL_clear_options() and
SSL_CTX_clear_options() are available in all supported versions of
OpenSSL. These were previously needed with older (now obsolete) versions
of OpenSSL, but the ifdefs were missed when removing the more explicit
version macro based backwards compatibility sections.

In practice, this reverts commit
d53d2596e4.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-21 12:06:21 +02:00
Jouni Malinen
7655bd7388 P2P: Do not use wait_time for SD Response TX without fragmentation
The full SD Response frame is not going to be followed by another Action
frame from the peer, so remove the 200 ms wait time from the offchannel
TX command in that case. This avoids leaving a 200 ms lock on the radio
to remain on the channel unnecessarily.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-21 00:18:03 +02:00
Jouni Malinen
1f0fdaf0e4 Fix race condition between AssocResp callback and 4addr event
It is apparently possible for the NL80211_CMD_UNEXPECTED_4ADDR_FRAME
event to be delivered to hostapd before the NL80211_CMD_FRAME_TX_STATUS
event for (Re)Association Response frame. This resulted in the 4-address
WDS mode not getting enabled for a STA. This could occur in particular
when operating under heavy load and the STA is reconnecting to the same
AP in a sequence where Deauthentication frame is followed immediately by
Authentication frame and the driver event processing gets delayed due to
removal of the previous netdev taking time in the middle of this
sequence.

Fix this by recording a pending item for 4-address WDS enabling if the
NL80211_CMD_UNEXPECTED_4ADDR_FRAME event would have been dropped due to
incompleted association and then process this pending item if the TX
status for the (Re)Association Response frame is received and it shows
that the frame was acknowledged.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-20 01:30:09 +02:00
Purushottam Kushwaha
a6f3761f7d eap_proxy: Add support for SIM state change indication from eap_proxy
This registers a new callback to indicate change in SIM state. This
helps to do some clean up (more specifically pmksa_flush) based on the
state change of the SIM. Without this, the reconnection using the cached
PMKSA could happen though the SIM is changed.

Currently eap_proxy_sim_state corresponds to only SIM_STATE_ERROR. This
can be further extended.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-19 22:21:07 +02:00
Jouni Malinen
79a54ab9f6 eap_proxy: Fix eap_proxy_init() prototype to use const eapol_cb
The eapol_cb structure was made const and that change resulted in a
compilation warning/error if CONFIG_EAP_PROXY=<name> is enabled in the
wpa_supplicant build configuration. Fix this by updating the function
prototype to match the change.

Note: This results in a change needed to external eap_proxy_*.c
implementations to match the change.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-19 22:14:07 +02:00
Jouni Malinen
e414f4f021 PeerKey: Fix STK 4-way handshake regression
Commit c93b7e1888 ('RSN: Check result of
EAPOL-Key frame send request') forgot to update two PeerKey users of
EAPOL-Key TX functions. That resulted in STK handshake failing since
message 2/4 and 4/4 TX calls were assumed to have failed when the return
value was changed from 0 to a positive value for success case. This
resulted in not updating nonce information properly and hitting
following error when processing STK 4-way handshake message 3/4:

RSN: INonce from message 1 of STK 4-Way Handshake differs from 3 of STK
4-Way Handshake - drop packet (src=<addr>)

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-18 19:56:05 +02:00
Jouni Malinen
28fb9bb195 PeerKey: Fix EAPOL-Key processing
Commit 6d014ffc6e ('Make struct
wpa_eapol_key easier to use with variable length MIC') forgot to update
number of EAPOL-Key processing steps for SMK and STK exchanges and broke
PeerKey. Fix this by updating the Key Data field pointers to match the
new style with variable length Key MIC field.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-18 19:07:29 +02:00
Badrish Adiga H R
7508c2ad99 PAE: Make KaY specific details available via control interface
Add KaY details to the STATUS command output.

Signed-off-by: Badrish Adiga H R <badrish.adigahr@hpe.com>
2016-12-18 17:47:05 +02:00
Jouni Malinen
b54f43390e FILS: Make FILS Indication element information available in BSS output
This extends wpa_supplicant BSS command to parse FILS Indication
element.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-18 11:41:59 +02:00
Jouni Malinen
8183aee6cc FILS: Add support for building FILS Realm Information ANQP-element
This allows full list of hashed realm names to be fetched from hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-18 11:41:59 +02:00
Jouni Malinen
26bf70e3d2 FILS: Separate FILS realm configuration from ERP domain
The new hostapd configuration parameter fils_realm=<realm> can now be
used to configure one or more FILS realms to advertise for ERP domains
when using FILS. This replaces the use of erp_domain=<domain> parameter
for the FILS use case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-17 22:08:23 +02:00
Jouni Malinen
42b847ac1e FILS: Fix hashed realm name derivation
P802.11ai/D7.0 changed from CRC32 to SHA256 as the hash algorithm for
the FILS realm name. Update the implementation to match that change.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-17 22:07:57 +02:00
Jouni Malinen
29062f2932 Update various definitions based on IEEE Std 802.11-2016
This updates definitions for Status Codes, Reason Codes,
Information Element IDs, Action frame categories, Public Action
codes, Protected Dual of Public Action codes, Advertisement
Protocol ID, and ANQP info IDs based on IEEE Std 802.11-2016.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-17 12:27:49 +02:00
Felix Fietkau
0babae87ad Fix wpa_supplicant build error with IEEE8021X_EAPOL unset
Add missing inline stubs for newly added functions.

Fixes: 3459381dd2 ("External persistent storage for PMKSA cache entries")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-14 16:37:03 +02:00
Jouni Malinen
19810d29bc Make Beacon IEs available in wpa_supplicant BSS command
This makes both the Probe Response and Beacon frame IEs available to
upper layers if scan results include both IE sets. When the BSS command
mask includes WPA_BSS_MASK_BEACON_IE, a new beacon_ie=<hexdump> entry
will be included in output if the BSS entry has two separate sets of IEs
(ie=<hexdump> showing the Probe Response frame contents and
beacon_ie=<hexdump> the Beacon rame contents).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-13 20:07:52 +02:00
Jouni Malinen
cebda0e3e5 Make debug print clearer for AP/mesh mode secondary channel issues
If the secondary channel was not found at all, no debug print was shown
to indicate that the channel was rejected due to that problem. Print a
clearer message indicating which channel was behind the reason to reject
channel configuration as unsuitable for AP mode.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-13 15:09:15 +02:00
Jouni Malinen
3459381dd2 External persistent storage for PMKSA cache entries
This adds new wpa_supplicant control interface commands PMKSA_GET and
PMKSA_ADD that can be used to store PMKSA cache entries in an external
persistent storage when terminating a wpa_supplicant process and then
restore those entries when starting a new process. The previously added
PMKSA-CACHE-ADDED/REMOVED events can be used to help in synchronizing
the external storage with the memory-only volatile storage within
wpa_supplicant.

"PMKSA_GET <network_id>" fetches all stored PMKSA cache entries bound to
a specific network profile. The network_id of the current profile is
available with the STATUS command (id=<network_id). In addition, the
network_id is included in the PMKSA-CACHE-ADDED/REMOVED events. The
output of the PMKSA_GET command uses the following format:

<BSSID> <PMKID> <PMK> <reauth_time in seconds> <expiration in seconds>
<akmp> <opportunistic>

For example:

02:00:00:00:03:00 113b8b5dc8eda16594e8274df4caa3d4 355e98681d09e0b69d3a342f96998aa765d10c4459ac592459b5efc6b563eff6 30240 43200 1 0
02:00:00:00:04:00 bbdac8607aaaac28e16aacc9152ffe23 e3dd6adc390e685985e5f40e6fe72df846a0acadc59ba15c208d9cb41732a663 30240 43200 1 0

The PMKSA_GET command uses the following format:

<network_id> <BSSID> <PMKID> <PMK> <reauth_time in seconds> <expiration
in seconds> <akmp> <opportunistic>

(i.e., "PMKSA_ADD <network_id> " prefix followed by a line of PMKSA_GET
output data; however, the reauth_time and expiration values need to be
updated by decrementing them by number of seconds between the PMKSA_GET
and PMKSA_ADD commands)

For example:

PMKSA_ADD 0 02:00:00:00:03:00 113b8b5dc8eda16594e8274df4caa3d4 355e98681d09e0b69d3a342f96998aa765d10c4459ac592459b5efc6b563eff6 30140 43100 1 0
PMKSA_ADD 0 02:00:00:00:04:00 bbdac8607aaaac28e16aacc9152ffe23 e3dd6adc390e685985e5f40e6fe72df846a0acadc59ba15c208d9cb41732a663 30140 43100 1 0

This functionality is disabled be default and can be enabled with
CONFIG_PMKSA_CACHE_EXTERNAL=y build configuration option. It should be
noted that this allows any process that has access to the wpa_supplicant
control interface to use PMKSA_ADD command to fetch keying material
(PMK), so this is for environments in which the control interface access
is restricted.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-12 23:47:04 +02:00
Jouni Malinen
c579312736 Add PMKSA-CACHE-ADDED/REMOVED events to wpa_supplicant
These allow external program to monitor PMKSA cache updates in
preparation to enable external persistent storage of PMKSA cache.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-12 21:00:43 +02:00
Daisuke Niwa
655dc4a432 Send "TERMINATING" event from hostapd
hostapd didn't send "TERMINATING" event when stopped by
SIGTERM. Android handles this event to stop monitor thread.

This commit adds "TERMINATING" event same as with wpa_supplicant.

Signed-off-by: Tomoharu Hatano <tomoharu.hatano@sonymobile.com>
2016-12-12 20:32:28 +02:00
Sunil Dutt
62cd9d7926 nl80211: Specify the BSSID in the QCA vendor scan
This allows the vendor scan to be optimized when a response is needed
only from a single, known BSS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-11 21:36:16 +02:00
Sunil Dutt
444930e5b6 Define an attribute to do a specific BSSID QCA vendor scan
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-11 21:36:13 +02:00
Sunil Dutt
cea761472a Add QCA vendor command definitions for IDs 61-73
This commit documents the QCA vendor commands 61-73 and the
corresponding definitions of the attributes. This set of commands were
previously reserved for QCA without documentation here.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-11 21:32:20 +02:00
Sunil Dutt
cb0cc6efa6 Define QCA Beacon miss threshold attributes for 2.4 and 5 GHz bands
These thresholds values indicate how many Beacon frames can be missed
before before disconnecting from the AP.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-11 21:11:41 +02:00
Jouni Malinen
c313c8a5d8 Fix QCA vendor command values for SAR power limits
Commit c79238b6a4 ('Define a QCA vendor
command to configure SAR Power limits') had a mismatch between the enum
qca_vendor_attr_sar_limits_selections documentations and actual values.
The BDF SAR profiles are 0-based, so rename the enum values and reorder
the values keep the actual values more convenient. While this changes
values over the interface, this is justifiable since the new command was
introduced only recently and it had not been released in any driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-11 21:08:25 +02:00
Mayank Haarit
0a6c9dc700 P2P: Send P2P-DEVICE-FOUND event on peer changing device name
This is to handle the case when peer changes device name and same needs
to be updated to upper layers by P2P-DEVICE-FOUND event. It is similar
to the case when a peer changes wfd_subelems and P2P-DEVICE-FOUND event
goes to upper layers.

Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
Signed-off-by: Avichal Agarwal <avichal.a@samsung.com>
2016-12-11 12:45:08 +02:00
Mayank Haarit
9a431d4932 WFD: Clear wfd_subelems when P2P peer stops sending them
When a peer device stops sending wfd_subelems, wpa_supplicant should
remove dev->info.wfd_subelems from peer's properties. Previously,
wpa_supplicant left the previously learned dev->info.wfd_subelems in
place whenever the new message did not include wfd_subelems.

In addition to fixing the clearing of the old wfd_subelems, this
resolves another issue. As "wfd_changed" variable becomes true even when
peer stops sending wfd_subelems and dev->info.wfd_subelems has an old
value, a new P2P-DEVICE-FOUND event notification was sent again and
again to upper layers whenever a new discovery response was received
from the peer that previously advertised WFD subelements.

Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
2016-12-11 12:45:08 +02:00
Jouni Malinen
71ac934530 Make update_idx available in BSS control interface command
This can be used to perform more accurate tests on BSS entry updates.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-10 17:03:24 +02:00
Jouni Malinen
49aa88bb5e P2P: Clear PEER_WAITING_RESPONSE on GO Negotiation success
Previously, this flag was cleared only in case of failed GO Negotiation.
That could leave the flag set for a peer and if a new group formation
was performed with the same peer before the entry expired, there was
increased risk of getting stuck in a state where neither peer replied to
a GO Negotiation Request frame if a GO Negotiation Response frame with
Status 1 was dropped.

The error sequence could happen in the go_neg_with_bss_connected test
case when timing was suitable to make the second GO negotiation drop a
pending TX Action frame if the GO Negotiation Response with Status 1 was
scheduled for transmission during a P2P scan and P2P_CONNECT was issued
before that scan got aborted.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-10 00:16:33 +02:00
Jeff Johnson
c79238b6a4 Define a QCA vendor command to configure SAR Power limits
There is a regulatory requirement for Specific Absorption Rate (SAR)
whereby the device transmit power is reduced when it is determined that
the device is in close proximity to the body. Implement a vendor command
interface to allow a userspace entity to dynamically control the SAR
power limits.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-08 18:56:02 +02:00
Jouni Malinen
0f5eb69f85 Use eloop timeout for post-EAP-Failure wait before disconnection
Previously, os_sleep() was used to block the hostapd (or wpa_supplicant
AP/P2P GO mode) processing between sending out EAP-Failure and
disconnecting the STA. This is not ideal for couple of reasons: it
blocks all other parallel operations in the process and it leaves a
window during which the station might deauthenticate and the AP would
have no option for reacting to that before forcing out its own
Deauthentication frame which could go out after the STA has already
started new connection attempt.

Improve this design by scheduling an eloop timeout of 10 ms instead of
the os_sleep() call and perform the delayed operations from the eloop
callback function. This eloop timeout is cancelled if the STA
disconnects or initiates a new connection attempt before the 10 ms time
is reached. This gets rid of the confusing extra Deauthentication frame
in cases where the STA reacts to EAP-Failure by an immediate
deauthentication.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-08 18:56:02 +02:00
Ningyuan Wang
ed0a4ddc22 nl80211: Update drv->ssid on connect/associate event based on BSS data
On a connect nl80211 event, wpa_supplicant uses
wpa_driver_nl80211_get_ssid() to fetch the current associated SSID to
compare to existing configurations. However,
wpa_driver_nl80211_get_ssid() uses drv->ssid, which is a cached value.
It is set when we explicitly initial a connect request using
wpa_supplicant. If the association was initiated outside of
wpa_supplicant, we need another way to populate drv->ssid. This commit
sets drv->ssid based on cfg80211 BSS information on connect/associate
nl80211 events.

Signed-off-by: Ningyuan Wang <nywang@google.com>
2016-12-05 12:08:46 +02:00
Jouni Malinen
9f346fadc8 nl80211: Fix scan_state update in no pending scan state
Commit adcd7c4b0b ('nl80211: Support
vendor scan together with normal scan') made the drv->scan_state updates
for NL80211_CMD_NEW_SCAN_RESULTS and NL80211_CMD_SCAN_ABORTED
conditional on drv->last_scan_cmd being NL80211_CMD_TRIGGER_SCAN. This
missed the part about the possibility of last_scan_cmd == 0 and an
externally started cfg80211 scan is ending. This could leave
drv->scan_state into SCAN_STARTED state even after the scan was
completed. Consequently, hwsim test cases could get stuck in reset()
handler waiting for scan to terminate.

Fix this by updating drv->scan_state also in drv->last_scan_cmd == 0
case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-05 11:48:26 +02:00
Michael Braun
34f7c699a6 Add multicast to unicast support
This adds support for nl80211 NL80211_CMD_SET_MULTICAST_TO_UNICAST
command.

By setting the new hostapd configuration option multicast_to_unicast=1,
hostapd configures this AP to perform multicast to unicast conversion.

When enabled, all multicast packets with ethertype ARP, IPv4, or IPv6
(possibly within an 802.1Q header) will be sent out to each station once
with the destination (multicast) MAC address replaced by the station's
MAC address. Note that this may break certain expectations of the
receiver, e.g., the ability to drop unicast IP packets encapsulated in
multicast L2 frames, or the ability to not send destination unreachable
messages in such cases.

This also does not implement Directed Multicast Service (DMS).

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2016-12-04 21:00:06 +02:00
Jouni Malinen
5f2c0a22a9 Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2016-12-02.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-04 20:50:07 +02:00
Sam Tannous
08032c7418 Remove inactivity timeout for wired interfaces
We should unconditionally remove inactivity timers for wired network
cases. This commit checks for this after a new station association:

   hapd->iface->drv_flags & WPA_DRIVER_FLAGS_WIRED

and then cancels the timeout and does not register a new one.

It prints out a debug message like this:

1476740180.276286: IEEE 802.1X: 00:02:00:00:00:07 CTRL_DIR entering
state FORCE_BOTH
1476740180.276295: hostapd_new_assoc_sta: canceled wired ap_handle_timer
timeout for 00:02:00:00:00:07

This was tested on a debian jessie amd64 system with a configured 120
second inactivity timer and the session did not timeout.

Signed-off-by: Sam Tannous <stannous@cumulusnetworks.com>
2016-12-04 20:38:45 +02:00
Jouni Malinen
a1fce3911f nl80211: Optimize memory use in nl80211_get_assoc_freq()
Do not use the generic bss_info_handler() design to fetch all scan
results into temporary memory buffer. Instead, use a separate BSS info
handler that fetches the requested information without fully parsing the
BSS entries and without allocating any memory for collecting all the
results.

This is also simplifying bss_info_handler() and nl80211_parse_bss_info()
design by getting rid of the special case that was used only for
nl80211_get_assoc_freq() and not normal scan result fetching.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-03 22:37:41 +02:00
Jouni Malinen
da2c284169 nl80211: Reduce nl80211_dump_scan() memory need
Instead of fetching all scan results to a temporary buffer, debug print
scan result dump directly from the message handler function one BSS at a
time.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-03 22:14:04 +02:00
Jouni Malinen
b72a01bc5a nl80211: Split bss_info_handler() into a separate parser function
This allows a single scan result to be parsed at a time. This is a step
towards optimizing scan result fetching without having to allocate
memory for all entries at the same time.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-03 19:36:24 +02:00
Jouni Malinen
cfadab269f nl80211: Move duplicate scan result removal to bss.c
The way the removal of duplicated (one per frequency) BSS entries in the
cfg80211 scan results were removed in driver_nl80211_scan.c
bss_info_handler() depended on having the full scan results available to
allow iteration through the other entries. This is problematic for the
goal of being able to optimize memory allocations for scan result
fetching in a manner that would not build the full result buffer in
memory.

Move this duplicate removal into bss.c since it has sufficient
information available for doing the same determination of which one of
two BSS entries is more current.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-03 19:26:47 +02:00
Jouni Malinen
2a1cf26ecf nl80211: Add more debug details to duplicate scan entry removal
This makes it easier to understand which cfg80211 entry got removed as
obsolete duplicate.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-03 18:59:32 +02:00
Jouni Malinen
865081c307 privsep: Support frequency list for scan requests
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-03 18:27:16 +02:00
Jouni Malinen
da818ee5e9 privsep: Support multiple scan SSIDs
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-03 18:17:28 +02:00
Jouni Malinen
002b504d19 privsep: Coding style cleanup for struct definitions
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-03 18:06:03 +02:00
Jouni Malinen
d3c43e5855 privsep: Fix scan result fetching with Beacon frame IEs
wpa_priv did not yet support Beacon frame IEs (res->beacon_ie_len) which
resulted in invalid scan data being accepted in driver_privsep.c. Add
support for res->beacon_ie_len and also fix the validation step to take
this new variable length field into account.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-03 18:02:49 +02:00
Jouni Malinen
c8fef7869d nl80211: Split nl80211_check_bss_status() into a separate function
This allows a single scan result to be checked at a time. This is a step
towards optimizing scan result fetching without having to allocate
memory for all entries at the same time.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-02 20:54:49 +02:00
Jouni Malinen
e35e137298 nl80211: Separate channel noise fetch from scan result processing
This untangles the NL80211_CMD_GET_SURVEY handler loop from
NL80211_CMD_GET_SCAN processing so that the per-channel noise
information can be fetched with a common function to a local data
structure that can then be easily used to update individual scan results
(a single BSS) instead of having to go through a full set of scan
results. This is a step towards optimizing scan result fetching without
having to allocate memory for all entries at the same time.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-02 20:48:43 +02:00
Jouni Malinen
cb2b666670 Fix 4addr reassociation-without-deauthentication on AP
Data connection was lost if a station reassociated without the STA entry
being cleaned up on the AP side. Fix this by moving reconfiguration of
the STA WDS parameters in association response callback to happen only
after the STA flags have been updated to associated stated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-12-02 12:51:16 +02:00
Jouni Malinen
8c0ed37b64 wired: Mark some common helper functions static
These are used only within driver_wired_common.c now at the end of the
refactoring changes, so there is no need to make these helper functions
available outside driver_wired_common.c.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-11-30 20:08:39 +02:00
Sabrina Dubroca
f014d9dbf0 macsec_linux: Add a driver for macsec on Linux kernels
This uses libnl3 to communicate with the macsec module available on
Linux. A recent enough version of libnl is needed for the macsec.h file
(which is not yet available in a formal libnl release at the time of
this commit).

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-30 20:08:36 +02:00
Sabrina Dubroca
8618313b6e drivers: Move driver_wired_get_ssid() to a common file
This continues refactoring of the common parts of wired drivers code
into a shared file, so that they can be reused by other drivers.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-30 19:33:43 +02:00
Sabrina Dubroca
d27c42baea drivers: Move driver_wired_get_bssid() to a common file
This continues refactoring of the common parts of wired drivers code
into a shared file, so that they can be reused by other drivers.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-30 19:33:43 +02:00
Sabrina Dubroca
9281e5c5ce drivers: Move driver_wired_get_capa() to a common file
This continues refactoring of the common parts of wired drivers code
into a shared file, so that they can be reused by other drivers.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-30 19:33:43 +02:00
Sabrina Dubroca
ec9cfb96c2 drivers: Move driver_wired_deinit_common() to a common file
This continues refactoring of the common parts of wired drivers code
into a shared file, so that they can be reused by other drivers.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-30 19:33:43 +02:00
Sabrina Dubroca
ed5ae61193 drivers: Move driver_wired_init_common() to a common file
This continues refactoring of the common parts of wired drivers code
into a shared file, so that they can be reused by other drivers.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-30 19:33:43 +02:00
Sabrina Dubroca
5a55ec38ed drivers: Move driver_wired_get_ifstatus() to a common file
This continues refactoring of the common parts of wired drivers code
into a shared file, so that they can be reused by other drivers.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-30 19:33:43 +02:00
Sabrina Dubroca
d718a5d975 drivers: Move driver_wired_set_ifflags() to a common file
This continues refactoring of the common parts of wired drivers code
into a shared file, so that they can be reused by other drivers.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-30 19:33:43 +02:00
Sabrina Dubroca
567b7d4ec2 drivers: Move driver_wired_get_ifflags() to a common file
This continues refactoring of the common parts of wired drivers code
into a shared file, so that they can be reused by other drivers.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-30 19:33:43 +02:00
Sabrina Dubroca
693124a1e4 drivers: Move driver_wired_multi() to a common file
This continues refactoring of the common parts of wired drivers code
into a shared file, so that they can be reused by other drivers.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-30 19:33:43 +02:00
Sabrina Dubroca
b0906ef770 drivers: Move wired_multicast_membership() to a common file
This continues refactoring of the common parts of wired drivers code
into a shared file, so that they can be reused by other drivers.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-30 19:33:43 +02:00
Sabrina Dubroca
0abc8d10cc drivers: Move common definitions for wired drivers out
Refactor the common parts of wired drivers code into a shared file, so
that they can be reused by other drivers. The macsec_qca driver already
contains a lot of code duplication from the wired driver, and the
macsec_linux driver would do the same. A structure to hold data common
to all wired drivers is added and used in all these drivers.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-30 19:33:43 +02:00
Sunil Dutt
eeb34a432e nl80211: Enhance abort scan to also abort the vendor scan
This commit enhances the abort scan implementation to also abort the
vendor scan, if one was used to trigger the scan.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-11-30 19:33:39 +02:00
Sunil Dutt
1a793f5c2b Define a QCA vendor command to abort vendor scan
The new QCA_NL80211_VENDOR_SUBCMD_ABORT_SCAN command can be used to
abort an ongoing scan that was started with
QCA_NL80211_VENDOR_SUBCMD_TRIGGER_SCAN.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-11-30 17:11:01 +02:00
Jouni Malinen
2ab09656ae AP: Do not drop STA entry if PMF is used with full AP client state
This fixes a regression from commit
bb598c3bdd ('AP: Add support for full
station state'). That commit added code to remove and re-add the kernel
STA entry when processing Authentication frames with a driver that
advertises support for full AP client state. That resulted in bypassing
PMF protections for unprotected Authentication frames with such drivers
since the TK was lost in this operation.

It is simplest to skip the STA entry clearing in this type of case
completely to leave the TK in place and to process the new
authentication exchange otherwise normally. This matches the behavior
used with the drivers that do not implement full AP client state.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-11-29 16:26:00 +02:00
Will Glynn
209dad066e FT: Explicitly check for MDE not present in non-FT association
IEEE Std 802.11-2012, 12.4.2 states that if an MDE is present in an
(Re)Association Request frame but the RSNE uses a non-FT AKM suite, the
AP shall reject the association using status code 43 ("Invalid AKMP").

wpa_validate_wpa_ie() now explicitly checks for this condition to meet
this requirement instead of simply ignoring the MDE based on non-FT AKM.

Signed-off-by: Will Glynn <will@willglynn.com>
2016-11-26 11:39:44 +02:00
Purushottam Kushwaha
d4f3003c56 nl80211: Configure Beacon frame TX rate if driver advertises support
If the driver advertises support for setting Beacon frame data rate,
allow the user to configure this rate as part of starting the AP. Only
one Beacon frame TX rate is allowed.

Drivers advertising such support should set corresponding flag via the
NL80211_ATTR_EXT_FEATURES attribute.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-11-26 00:36:27 +02:00
Purushottam Kushwaha
29483a5678 Add support for user configurable Beacon frame data rate for AP mode
Allow configuration of Beacon frame TX rate from hostapd.conf with
"beacon_rate=xx" option. The following format is used to set
legacy/HT/VHT beacon rates:

Legacy (CCK/OFDM rates):
	beacon_rate=<legacy rate in 100 kbps>
HT:
	beacon_rate=ht:<HT MCS>
VHT:
	beacon_rate=vht:<VHT MCS>

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-11-25 23:12:30 +02:00
Sabrina Dubroca
e0d9fd344d wpa_supplicant: Allow configuring the MACsec port for MKA
Previously, wpa_supplicant only supported hardcoded port == 1 in the
SCI, but users may want to choose a different port.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-20 00:35:31 +02:00
Sabrina Dubroca
1d3d0666a6 mka: Add enable_encrypt op and call it from CP state machine
This allows MKA to turn encryption on/off down to the driver.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-20 00:35:23 +02:00
Sabrina Dubroca
7b4d546e3d wpa_supplicant: Add macsec_integ_only setting for MKA
So that the user can turn encryption on (MACsec provides
confidentiality+integrity) or off (MACsec provides integrity only). This
commit adds the configuration parameter while the actual behavior change
to disable encryption in the driver is handled in the following commit.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-20 00:35:16 +02:00
Sabrina Dubroca
008e224dbb mka: Disable peer detection timeout for PSK mode
The first peer may take a long time to come up. In PSK mode we are
basically in a p2p system, and we cannot know when a peer will join the
key exchange. Wait indefinitely, and let the administrator decide if
they want to abort.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-20 00:35:11 +02:00
Joel Cunningham
7824bf77d6 nl80211: Fix get_inact_sec() returning -1 on failure
This commit fixes the nl80211 driver call get_inact_sec() to return -1
when STA inactivity time retrieval fails in i802_read_sta_data().

This was intended to be handled by initalizing the inactive_msec member
to -1 but i802_read_sta_data() assumes the data parameter is
uninitialized and memsets the entire structure, neutralizing the attempt
to distinguish between no value (-1) and a time value of 0.

This is fixed by now requiring i802_read_sta_data() callers to
initialize the data structure first (allowing get_inact_sec() to use
-1). This is a safe change because it does not change any driver API
behavior and only affects one other static function in driver_nl80211.c

Signed-off-by: Joel Cunningham <joel.cunningham@me.com>
2016-11-19 17:39:23 +02:00
Sabrina Dubroca
088d53dd15 mka: Fix getting capabilities from the driver
In commit a25e4efc9e ('mka: Add driver op
to get macsec capabilities') I added some code to check the driver's
capabilities. This commit has two problems:
 - wrong enum type set in kay->macsec_confidentiality
 - ignores that drivers could report MACSEC_CAP_NOT_IMPLEMENTED, in
   which case the MKA would claim that MACsec is supported.

Fix this by interpreting MACSEC_CAP_NOT_IMPLEMENTED in the same way as a
DO_NOT_SECURE policy, and set the correct value in
kay->macsec_confidentiality.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-11-19 17:29:54 +02:00
Peng Xu
5e785a6792 Reserve QCA vendor specific nl80211 command 144
This is reserved for QCA use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-11-17 16:00:59 +02:00
Jouni Malinen
4051dd8667 GAS: Add Capability List ANQP-element support for Info ID 270, 280..299
This extends the anqp_elem configuration parameter support for new Info
IDs (270 (TDLS Capability) was previously missed from the list of
defined values, 280 has already been assigned in REVmc/D8.0; 281..299
are yet to be assigned). No additional source code changes are needed to
allow hostapd to advertise support for these if the ANQP-element value
is set with the anqp_elem parameter.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-11-17 16:00:25 +02:00
Jouni Malinen
d50f518e95 Fix libap.a build
Add the new defines and files to allow src/ap/libap.a to be build with
all the needed functions.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-11-16 13:26:23 +02:00
Ilan Peer
4ec1fd8e42 FT: Differentiate between FT for station and for AP in build
Previously, CONFIG_IEEE80211R enabled build that supports FT for both
station mode and AP mode. However, in most wpa_supplicant cases only
station mode FT is required and there is no need for AP mode FT.

Add support to differentiate between station mode FT and AP mode FT in
wpa_supplicant builds by adding CONFIG_IEEE80211R_AP that should be used
when AP mode FT support is required in addition to station mode FT. This
allows binary size to be reduced for builds that require only the
station side FT functionality.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2016-10-29 22:14:54 +03:00
Beni Lev
f0259c3f68 hostapd: Fix own wide bandwidth subelement generation (neighbor report)
The Channel Center Frequency Segment subfields use the channel index
instead of frequency in MHz.

Signed-off-by: Beni Lev <beni.lev@intel.com>
Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-10-29 22:03:43 +03:00
Ilan Peer
0a63635ed0 AP: Use valid status code in wpa_ft_send_rrb_auth_resp()
The return value from this function may be used in an outgoing message,
so use a valid status code instead of -1.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2016-10-29 22:02:14 +03:00
Avraham Stern
e4b48b7b0f Extend ieee80211_freq_to_channel_ext() to cover channels 52-64
Add frequency to channel conversion for the 5 GHz channels 52-64.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2016-10-29 21:51:04 +03:00
David Spinadel
451a27b1ad hostapd: Add a configuration to set an AP as stationary
Add a configuration option in hostapd.conf and in neighbor report that
sets an AP as stationary. To enable this option on the current AP set
the config option stationary_ap to 1. To set a neighbor entry to be
marked as stationary add the word stat to the SET_NEIGHBOR command. This
option tells hostapd to send LCI data even if it is older than requested
by max age subelement in RRM request.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-10-29 19:16:47 +03:00
Ilan Peer
f5ec346902 hostapd: Fix adding neighbor entry
It is possible that a LCI or location civic configuration buffer
is valid but contains no data. In such a case do not add the LCI
and location civic information to the entry in the neighbor
data base.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2016-10-29 19:10:17 +03:00
Sabrina Dubroca
99b82bf537 mka: Implement reference counting on data_key
struct data_key already had a 'user' field for reference counting, but
it was basically unused.

Add an ieee802_1x_kay_use_data_key() function to take a reference on a
key, and use ieee802_1x_kay_deinit_data_key() to release the reference.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-10-29 11:38:57 +03:00
Sabrina Dubroca
23c3528a84 mka: Add support for removing SAs
So that the core can notify drivers that need to perform some operations
when an SA is deleted.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-10-29 11:35:38 +03:00
Sabrina Dubroca
6b6175b788 mka: Sync structs definitions with IEEE Std 802.1X-2010
Document some data structures from IEEE Std 802.1X-2010, and add the
(not used yet) struct ieee802_1x_mka_dist_cak_body.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-10-29 11:28:29 +03:00
Sabrina Dubroca
6f551abdfc mka: Remove "channel" hacks from the stack and the macsec_qca driver
This is specific to the macsec_qca driver. The core implementation
shouldn't care about this, and only deal with the complete secure
channel, and pass this down to the driver.

Drivers that have such limitations should take care of these in their
->create functions and throw an error.

Since the core MKA no longer saves the channel number, the macsec_qca
driver must be able to recover it. Add a map (which is just an array
since it's quite short) to match SCIs to channel numbers, and lookup
functions that will be called in every place where functions would get
the channel from the core code. Getting an available channel should be
part of channel creation, instead of being a preparation step.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-10-29 11:24:08 +03:00
Sergei Sinyak
7d8f795003 Fix typo in DigestAlgorithn
Replace n with m in DigestAlgorithn, i.e., DigestAlgorithm.

Signed-off-by: Sergei Sinyak <serega.belarus@gmail.com>
2016-10-29 11:14:09 +03:00
Filip Matusiak
59d7cff7e3 AP: Disable VHT in TKIP-only configuration
This has already been done for WEP, but there's same constraint for not
allowing VTH rates in case of TKIP.

Signed-off-by: Filip Matusiak <filip.matusiak@tieto.com>
2016-10-29 00:55:49 +03:00
Avrahams Stern
78a3b23060 P2P: Clear old P2PS provision data
Receiving a provision discovery request for an ASP service that
has auto accept set to false should result in a provision discovery
response with the status field set to "currently unavailable".
Having stale P2PS provision data, results in sending a response with
the status set to success because it is mistakenly referred to as the
follow-on provision discovery request.

Fix that by clearing stale P2PS provision data in the following cases:
 1. When provision discovery is complete
 2. When ASP services are flushed (in which case old ASP provisioning
    is no longer valid).

Signed-off-by: Avrahams Stern <avraham.stern@intel.com>
2016-10-29 00:55:49 +03:00
Arik Nemtsov
f69939ede8 P2P: Clear listen state during PD-in-FIND
drv->in_listen should be cleared whenever the state timeout is cleared,
if they were set together. If the flag is not cleared, the
p2p_listen_end() called during cancel-remain-on-channel will not restart
the search, relying on the state timeout function to do it. Use the
p2p_stop_listen_for_freq() function to clear the listen state properly.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2016-10-29 00:55:49 +03:00
Arik Nemtsov
4cc0f909b2 P2P: Clear P2PS provision state on P2P flush
Otherwise, if a P2PS provision is incomplete before the flush, it can
cause incorrect provision responses to be sent out.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2016-10-29 00:55:49 +03:00
Kevin Mahoney
a818425d1c hostapd: Added signal level to STA tracking
Add signal level information to the station tracking information. Also
make it available via the "TRACK_STA_LIST" control command.

Signed-off-by: Kevin Mahoney <k.mahoney@cablelabs.com>
2016-10-29 00:55:49 +03:00
Cedric Izoard
8c889222bc TDLS: Fix checks on prohibit bits
ext_capab/ext_capab_len do not include ID and Length so no extra +2
offset should be used. This fixes a regression from commit
faf427645a ('TDLS: Use proper IE parsing
routine for non-EAPOL-Key cases') that replaced the IE parser without
noticing the difference in the pointer offset.

Signed-off-by: Flavia Vanetti <flavia.vanetti@ceva-dsp.com>
2016-10-29 00:24:12 +03:00
Peng Xu
c2ad5b9218 nl80211: Update channel information after channel switch notification
When channel switch happens, driver wrapper's internal channel
information needs to be updated so that the new frequency will be used
in operations using drv->assoc_freq. Previously, only bss->freq was
updated and the new frequency was also indicated in the EVENT_CH_SWITCH
event. This could potentially leave out couple of cases that use
drv->assoc_freq at least as a fallback mechanism for getting the current
operating frequency.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-28 23:58:23 +03:00
Nishant Chaprana
5f99d96287 Removed redundant NULL check for sta in hostapd_event_sta_low_ack()
Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
2016-10-28 19:06:20 +03:00
Nishant Chaprana
230b2b2c3d Removed redundant NULL check for b in wpabuf_concat()
Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
2016-10-28 19:05:08 +03:00
Maneesh Jain
641c73f84f driver.h: Fix a typo in a comment
Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>
2016-10-28 19:01:50 +03:00
Sunil Dutt
2e4e4fb71c nl80211: Allow TDLS trigger modes to be configured to the host driver
This commit adds a control interface command to configure the TDLS
trigger mode to the host driver. This TDLS mode is configured through
the "SET tdls_trigger_control" control interface command.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-27 23:22:33 +03:00
Sunil Dutt
14cd203fff QCA vendor command to configure the TDLS behavior in the host driver
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-27 23:12:25 +03:00
lifeng
a18563d428 Extend QCA vendor attribute link layer statistics attribute
This adds new statistics attributes to support channel hopping feature.

Signed-off-by: Li Feng <lifeng@qti.qualcomm.com>
2016-10-27 22:05:59 +03:00
lifeng
95f3703ae1 Add more QCA vendor attribute definitions into qca-vendor.h
These attributes were previously maintained elsewhere. This commit moves
them to follow the standard assignment process through the qca-vendor.h
file in hostap.git.

Signed-off-by: Li Feng <lifeng@qti.qualcomm.com>
2016-10-27 22:03:33 +03:00
lifeng
87416eaf64 QCA vendor attribute to report frame aggregation failure
Add a new vendor attribute config to set the reorder blocksize and
timeout in 4 ACs, and then report the frame aggregation failure
statistics in QCA_NL80211_VENDOR_SUBCMD_STATS_EXT command. In addition,
fix the spelling of the enum value for this subcommand.

Signed-off-by: Li Feng <lifeng@qti.qualcomm.com>
2016-10-27 21:46:04 +03:00
Jouni Malinen
befdb2dc8d nl80211: Check driver FILS capability
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-27 16:06:06 +03:00
Jouni Malinen
40a4572738 nl80211: FILS KEK and nonces for NL80211_CMD_ASSOCIATE
This sends the FILS KEK and AAD context (nonces) to the driver with the
NL80211_CMD_ASSOCIATE messages when using FILS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-27 15:02:08 +03:00
Jouni Malinen
d8f9342d03 nl80211: Add support for setting FILS authentication algorithm
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-27 15:02:08 +03:00
Jouni Malinen
e76e950eac Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2016-10-27.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-10-27 15:02:08 +03:00
Jouni Malinen
2a0b86d319 Note set_key(WPA_ALG_NONE) failure in debug log
This makes wpa_remove_ptk() call to wpa_auth_set_key() more consistent
with all the other calls that verify the return value to keep static
analyzers happier.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-26 00:41:04 +03:00
Jouni Malinen
061dac1d3c FILS: Claim FILS capability only if driver supports it
"GET_CAPABILITY fils" used to return "FILS" based on wpa_supplicant
configuration. This can be made more useful by checking both for
wpa_supplicant and driver support for FILS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-26 00:41:04 +03:00
Jouni Malinen
ff338fab92 FILS: Setup EAPOL state machines properly after FILS association (AP)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-26 00:41:04 +03:00
Jouni Malinen
da24c5aa1c FILS: Set TK after association (AP)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-26 00:41:04 +03:00
Jouni Malinen
07e0117d21 FILS: Mark connection fully authorized after FILS Association (AP)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-26 00:20:04 +03:00
Jouni Malinen
706df4291b FILS: Association Response processing (STA)
Decrypt the AES-SIV protected elements and verify Key-Auth. Parse and
configure keys to the driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-26 00:20:04 +03:00
Jouni Malinen
e73ffa0925 FILS: Add Association Response frame elements and encrypt them (AP)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-25 20:42:52 +03:00
Jouni Malinen
78815f3dde FILS: Decrypt Association Request elements and check Key-Auth (AP)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-25 20:42:52 +03:00
Jouni Malinen
86cd6928e0 FILS: Add elements to FILS Association Request frame
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-25 20:01:06 +03:00
Jouni Malinen
ac56c39532 driver: Add option to pass FILS KEK/AAD to the driver for association
This allows the FILS KEK and AAD data (nonces) to be configured to the
driver for association so that the driver can encrypt the
(Re)Association Request frame and decrypt the (Re)Association Response
frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-24 23:07:56 +03:00
Jouni Malinen
a660993772 FILS: Authentication frame processing (STA)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 23:28:36 +03:00
Jouni Malinen
c4fd6d8aa8 FILS: Process FILS Authentication frame (AP)
This implements processing of FILS Authentication frame for FILS shared
key authentication with ERP and PMKSA caching.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 23:27:01 +03:00
Jouni Malinen
ffb62f2272 FILS: Add a helper function for status code conversion
This will allow the existing code to be reused for FILS needs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 23:27:01 +03:00
Jouni Malinen
c1bd4bac5f FILS: Extend wpa_auth_pmksa_get() to support PMKID matching
This is needed for FILS processing to enable PMKSA caching.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 23:13:17 +03:00
Jouni Malinen
c30bd28b14 FILS: Export IEEE 802.1X helper functions
ieee802_1x_encapsulate_radius() and ieee802_1x_alloc_eapol_sm() need to
be called from FILS processing.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 23:13:17 +03:00
Jouni Malinen
a6228b8ed6 ERP: Update client identity based on EAP-Initiate/Re-auth
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 23:13:17 +03:00
Jouni Malinen
f00b9b8864 FILS: Try to use FILS authentication if PMKSA or ERP entry is available
If a PMKSA cache entry for the target AP is available, try to use FILS
with PMKSA caching.

If an ERP key for the target AP is available, try to use FILS with
EAP-Initiate/Re-auth added as Wrapper Data element.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 23:13:17 +03:00
Jouni Malinen
0866ed004d WPA: Add debug print for not-update-own-IEs case
This makes it easier to understand debug logs related to own WPA/RSN IE
selection.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 22:55:27 +03:00
Jouni Malinen
14de9e31c4 FILS: Include wpa_insert_pmkid() in non-FT builds
This function is needed for FILS as well as FT.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 22:55:27 +03:00
Jouni Malinen
de57d87353 ERP: Make eap_peer_finish() callable
This is needed for FILS to process EAP-Finish/Re-auth.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 18:26:00 +03:00
Jouni Malinen
c28767e11c ERP: Make eap_peer_erp_reauth_start() available
This needs to be callable through the EAPOL supplicant wrappers to allow
FILS implementation to use ERP.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 18:25:50 +03:00
Jouni Malinen
5b092fb63f nl80211: Make full (Re)Association Response frame available
This is needed for FILS processing since AAD includes data before the
first element.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 18:12:11 +03:00
Jouni Malinen
2aa1e48a45 FILS: Do not clear PTK on FILS Auth/Assoc (AP)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 18:11:14 +03:00
Jouni Malinen
a852ab4c72 FILS: Key-Auth derivation function for FILS SK
This implements Key-Auth derivation for (Re)Association Request frames
(see P802.11ai/D11.0 12.12.2.6.2) and (Re)Association Response frames
(see P802.11ai/D11.0 12.12.2.6.3).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 17:51:43 +03:00
Jouni Malinen
c089bc5725 FILS: PMK-to-PTK key derivation for FILS authentication
This is the PTKSA key derivation used as part of the FILS authentication
exchange. See P802.11ai/D11.0 12.12.2.5.3.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 17:51:43 +03:00
Jouni Malinen
ce16c489d8 Rename sae_data to more generic auth_data
This makes it cleaner for the FILS implementation to use the same design
for setting Authentication frame elements as was already done with SAE.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-22 17:51:43 +03:00
Lior David
6eb1a569ca Add QCA vendor command/attr for low level DMG(11ad) RF sector control
Add operations to allow low level control over RF sectors in QCA DMG
(11ad) chipsets. Operations include getting/setting the configuration of
a specific sector, as well as getting/setting the selected sector which
the HW uses to communicate with a specific station.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2016-10-17 11:43:57 +03:00
Jouni Malinen
bf07e05349 ERP: Do not pass full EAP header to eap_peer_erp_reauth_start()
That function does not need the full EAP header -- it only needs to know
which EAP identifier to use in the message. Make this usable for cases
where the previous EAP message may not exist (FILS).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:47 +03:00
Jouni Malinen
2449791b8e FILS: Update EAPOL-Key Descriptor Version RX rules (AP)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:47 +03:00
Jouni Malinen
16eb485806 FILS: Handle Group Key msg 1/2 without MIC when using AEAD cipher (STA)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:47 +03:00
Jouni Malinen
75c8563e05 FILS: Perform AEAD processing after PTK has been confirmed
This covers EAPOL-Key frames other than 2/4 that needed special handling
to confirm PTK.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:47 +03:00
Jouni Malinen
0ab1dd0106 FILS: Use AEAD cipher to check received EAPOL-Key frames (STA)
This changes 4-way handshake authenticator processing to decrypt the
EAPOL-Key frames using an AEAD cipher (AES-SIV with FILS AKMs) before
processing the Key Data field. This replaces Key MIC validation for the
cases where AEAD cipher is used.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:47 +03:00
Jouni Malinen
b729fd8df9 FILS: Use AEAD cipher to protect EAPOL-Key frames (AP)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:47 +03:00
Jouni Malinen
3b5b7aa8fb FILS: Use AEAD cipher to check received EAPOL-Key frames (AP)
This changes 4-way handshake authenticator processing to decrypt the
EAPOL-Key frames using an AEAD cipher (AES-SIV with FILS AKMs) before
processing the Key Data field. This replaces Key MIC validation for the
cases where AEAD cipher is used. This needs to move the EAPOL-Key msg
2/4 RSN element processing to happen only after the PTK has been derived
and validated. That is done for all AKMs to avoid extra complexity with
having to maintain two code paths for this.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:47 +03:00
Jouni Malinen
2022f1d08d FILS: Use AEAD cipher to protect EAPOL-Key frames (STA)
This modifies wpa_eapol_key_send() to use AEAD cipher (AES-SIV for FILS
AKMs) to provide both integrity protection for the EAPOL-Key frame and
encryption for the Key Data field. It should be noted that this starts
encrypting the Key Data field in EAPOL-Key message 2/4 while it remains
unencrypted (but integrity protected) in non-FILS cases. Similarly, the
empty Key Data field in EAPOL-Key message 4/4 gets encrypted for AEAD
cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:47 +03:00
Jouni Malinen
1049af7e03 RSN: Pass full PTK to wpa_eapol_key_send() instead of KCK only
This will be needed to be able to implement AEAD cipher support from
FILS that will need to use KEK to protect the frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:47 +03:00
Jouni Malinen
b986648389 FILS: Update EAPOL-Key RX rules for FILS (AP)
Key Descriptor Version 0 is used with FILS and Key Info MIC field is set
to 0 with AEAD ciphers.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:47 +03:00
Jouni Malinen
352caf006a FILS: Update EAPOL-Key descriptor version rules for RX (STA)
FILS AKM uses Key Descriptor version 0 and AEAD cipher.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:47 +03:00
Jouni Malinen
36a50fd4e8 FILS: Set EAPOL-Key Key Descriptor Version to 0 with FILS AKMs (AP)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:46 +03:00
Jouni Malinen
4a26ccdae6 FILS: Set EAPOL-Key Key Info MIC=0 when using AEAD cipher (supplicant)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:46 +03:00
Jouni Malinen
f5ff8ae6a7 FILS: Do not add Key MIC field in supplicant when using AEAD cipher
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:46 +03:00
Jouni Malinen
dc5bad48af RSN authenticator: Add more debug print details on EAPOL-Key RX
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:46 +03:00
Jouni Malinen
6d014ffc6e Make struct wpa_eapol_key easier to use with variable length MIC
Suite B 192-bit addition from IEEE Std 802.11ac-2013 replaced the
previous fixed length Key MIC field with a variable length field. That
change was addressed with an addition of a new struct defined for the
second MIC length. This is not really scalable and with FILS coming up
with a zero-length MIC case for AEAD, a more thorough change to support
variable length MIC is needed.

Remove the Key MIC and Key Data Length fields from the struct
wpa_eapol_key and find their location based on the MIC length
information (which is determined by the AKMP). This change allows the
separate struct wpa_eapol_key_192 to be removed since struct
wpa_eapol_key will now include only the fixed length fields that are
shared with all EAPOL-Key cases in IEEE Std 802.11.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:46 +03:00
Jouni Malinen
94f66e8a26 FILS: Advertise ERP domain in FILS Indication element
Calculate the hashed realm from hostapd erp_domain configuration
parameter and add this to the FILS Indication element when ERP is
enabled.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:46 +03:00
Jouni Malinen
c30ed45f45 FILS: Allow hostapd to select FILS AKM for connection
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:46 +03:00
Jouni Malinen
f55acd909e FILS: Set FILS Capability bit in management frames from AP
If FILS is enabled, indicate that in Beacon, Probe Response, and
(Re)Association Response frames in the Extended Capabilities element.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:46 +03:00
Jouni Malinen
198a942c83 FILS: Add FILS Indication element to Beacon and Probe Response frames
If FILS is enabled, indicate that in AP Beacon/Probe Response frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:46 +03:00
Jouni Malinen
903ecbe8da FILS: Add hostapd configuration options
This adds CONFIG_FILS=y build configuration option and new key
management options for FILS authentication.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 21:11:27 +03:00
Jouni Malinen
274d8b776f FILS: Add definitions for new frames and values
This adds definitions for various management frame elements and values
from P802.11ai/D11.0.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 20:46:36 +03:00
Jouni Malinen
94318a0d30 FILS: Add AKM definitions
This adds definitions for the new AKM suite values from P802.11ai/D11.0.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 20:46:36 +03:00
Jouni Malinen
1d29163035 FILS: Add new information elements
This adds definitions for new information elements from P802.11ai/D11.0
and parsing of these IEs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 20:46:33 +03:00
Jouni Malinen
325a85be36 Extend AES-SIV implementation to support different key lengths
The previous implementation was hardcoded to use 128-bit AES key
(AEAD_AES_SIV_CMAC_256). Extend this by allowing AEAD_AES_SIV_CMAC_384
and AEAD_AES_SIV_CMAC_512 with 192-bit and 256-bit AES keys.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-10 19:40:59 +03:00
Jouni Malinen
e2991ee580 Move CRC-32 routine from wlantest to src/utils
This allows the CRC-32 routine to be shared for other purposes in
addition to the WEP/TKIP/FCS within wlantest.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-10-09 17:13:23 +03:00
Michael Braun
96590564d6 FT: Allow PMK-R0 and PMK-R1 for FT-PSK to be generated locally
Station should be able to connect initially without ft_pmk_cache filled,
so the target AP has the PSK available and thus the same information as
the origin AP. Therefore neither caching nor communication between the
APs with respect to PMK-R0 or PMK-R1 or VLANs is required if the target
AP derives the required PMKs locally.

This patch introduces the generation of the required PMKs locally for
FT-PSK. Additionally, PMK-R0 is not stored (and thus pushed) for FT-PSK.

So for FT-PSK networks, no configuration of inter-AP communication is
needed anymore when using ft_psk_generate_local=1 configuration. The
default behavior (ft_psk_generate_local=0) remains to use the pull/push
protocol.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2016-10-09 11:57:56 +03:00
Sabrina Dubroca
a25e4efc9e mka: Add driver op to get macsec capabilities
This also implements the macsec_get_capability for the macsec_qca
driver to maintain the existing behavior.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-10-09 11:30:48 +03:00
Jouni Malinen
53b2555f67 EAP-pwd: Validate Prep field in EAP-pwd-ID/Response
RFC 5931 Section 2.8.5.1 does not list the Prep field as something that
the server validates to match the Request. However, the supplicant side
has to use the same pre-processing mechanism for the password for the
authentication to work, so we may as well as enforce this field to match
the requested value now that wpa_supplicant implementation is fixed to
copy the value from the request.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-10-08 19:43:36 +03:00
Brian Candler
2875e32333 EAP-pwd: Fix Prep in EAP-pwd-ID/Response when EAP_PWD_PREP_MS is used
Fix the pre-processing field in the response when EAP_PWD_PREP_MS is
being used. This fixes interoperability with EAP-pwd servers that
validate the Prep field in EAP-pwd-ID/Response when the RFC2759
(PasswordHashHash) pre-processing is used.

Signed-off-by: Brian Candler <B.Candler@pobox.com>
2016-10-08 19:43:09 +03:00
Sabrina Dubroca
5f5ca28414 mka: Pass full structures down to macsec drivers' receive SC ops
Clean up the driver interface by passing pointers to struct receive_sc
down the stack to the {create,delete}_recevie_sc() ops, instead of
passing the individual properties of the SC.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-10-08 00:45:19 +03:00
Sabrina Dubroca
8ebfc7c2ba mka: Pass full structures down to macsec drivers' transmit SC ops
Clean up the driver interface by passing pointers to struct transmit_sc
down the stack to the {create,delete}_transmit_sc() ops, instead of
passing the individual arguments.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-10-08 00:45:03 +03:00
Julian Ospald
b70d508c50 LibreSSL: Fix compatibility for EAP-FAST
This basically just follows commit
587b0457e0 ('LibreSSL: Fix build with
LibreSSL') with the same pattern, which was missed here.

Signed-off-by: Julian Ospald <hasufell@hasufell.de>
2016-10-08 00:36:18 +03:00
Christian Neukirchen
df426738fb LibreSSL: Fix TLS initialization/deinitialization
Due to a missing guard for old OpenSSL code, SSL_library_init() was not
called, which is required for LibreSSL. Likewise for cleanup.

Signed-off-by: Christian Neukirchen <chneukirchen@gmail.com>
2016-10-08 00:27:56 +03:00
Christian Neukirchen
0d42179e12 LibreSSL: Fix dh5 code
Add LibreSSL check to old OpenSSL #ifdef guard as DH_{get0,set0}_key()
is not implemented in LibreSSL.

Signed-off-by: Christian Neukirchen <chneukirchen@gmail.com>
2016-10-08 00:26:18 +03:00
Lior David
32d08d5bf6 Add QCA vendor attributes for measurement frequency for FTM/AOA
Add attributes for specifing the frequency where FTM/AOA measurement is
done over the air. This allows the user space framework to maintain its
own cache of peers without depending on the kernel scan results cache,
or perform scans less often (since entries in the kernel scan results
cache expire quickly). The change is backward compatible. If the
frequency attribute is not specified, the kernel scan results cache will
be queried, like done today.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2016-10-04 23:44:18 +03:00
Sabrina Dubroca
cecdecdbe8 mka: Pass full structures down to macsec drivers' receive SA ops
Clean up the driver interface by passing pointers to struct receive_sa
down the stack to the {create,enable,disable}_receive_sa() ops, instead
of passing the individual properties of the SA.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-10-03 13:26:26 +03:00
Sabrina Dubroca
909c1b9835 mka: Pass full structures down to macsec drivers' transmit SA ops
Clean up the driver interface by passing pointers to struct transmit_sa
down the stack to the {create,enable,disable}_transmit_sa ops, instead
of passing the individual properties of the SA.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-10-03 13:17:21 +03:00
Sabrina Dubroca
7fa5eff8ab mka: Pass full structures down to macsec drivers' packet number ops
Clean up the driver interface by passing pointers to structs transmit_sa
and receive_sa down the stack to get_receive_lowest_pn(),
get_transmit_next_pn(), and set_transmit_next_pn() ops, instead of
passing the individual arguments.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-10-03 12:54:08 +03:00
Sabrina Dubroca
f75f6e2b03 mka: Move structs {transmit,receive}_{sa,sc} to a common header
These structs will be passed down to macsec drivers in a coming patch to
make the driver interface cleaner, so they need to be shared between the
core MKA implementation and the drivers.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-10-03 12:50:07 +03:00
Jouni Malinen
98529f3857 The master branch is now used for v2.7 development
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-10-02 22:27:26 +03:00
Jouni Malinen
2462f347bc Change version number to v2.6 for the release
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-10-02 21:51:11 +03:00
Nishant Chaprana
746e5c2565 Fix spelling mistakes in number of comments
Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
2016-09-30 22:45:03 +03:00
Sunil Dutt
8b6688847e Add explicit enum values for QCA vendor config attributes
This makes it easier to copy a subset of definitions without
accidentally getting mismatching values.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-09-30 22:45:03 +03:00
vamsi krishna
8f47917493 MBO: Add support to send ANQP request to get cellular preference
This extends ANQP_GET command to support querying MBO cellular
preference also. The cellular preference can be requested along with
neigbor report by appending mbo:1 to the command arguments.

For example:
ANQP_GET <bssid> 272,mbo:1

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-09-30 22:45:03 +03:00
lifeng
8b7c5b8941 QCA vendor command for antenna diversity feature
The user space app use QCA_NL80211_VENDOR_SUBCMD_GET_CHAIN_RSSI cmd to
get the corresponding antenna rssi value for the specific chain. And the
associcated attributes are added to configure the antenna diversity and
related selftest.

Signed-off-by: Li Feng <lifeng@qti.qualcomm.com>
2016-09-26 23:46:59 +03:00
vamsi krishna
64c92c0757 MBO: Do not parse reason_detail in non_pref_chan attr (AP)
The reason detail field was removed from non_pref_chan attr in MBO
v0.0_r25 draft. Don't parse for this element to be compliant with the
latest drafr.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-09-25 17:31:26 +03:00
vamsi krishna
2800ec85d2 MBO: Add QCA vendor option to configure driver to ignore assoc disallow
MBO capable APs can set association disallowed in the Beacon/Probe
Response frames. For testing purposes, the STA needs to be configured to
not ignore the association disallowed set by APs and continue to connect
to such AP like non-MBO enabled STA. Add a QCA vendor attribute for
QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION vendor sub command to
configure the driver to ignore association disallowed functionality.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-09-25 17:31:26 +03:00
Zhang Qian
320caeab29 Add attributes for QCA_NL80211_VENDOR_SUBCMD_LL_STATS_EXT
More attributes are added for QCA_NL80211_VENDOR_SUBCMD_LL_STATS_EXT
1. Peer signal stats;
2. Peer TX stats;
3. Peer RX stats

Signed-off-by: Zhang Qian <zhangq@qti.qualcomm.com>
2016-09-23 21:13:58 +03:00
Jouni Malinen
ef24ad3ec5 nl80211: Remove unnecessary duplication from nl80211_set_param()
There is no need to find bss->drv separately for each parameter, so do
this once at the beginning of the function.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-09-23 17:36:55 +03:00
Mikael Kanstrup
4d584d8c2b nl80211: Add driver parameter force_bss_selection
Add driver parameter command to force capability flag
WPA_DRIVER_FLAGS_BSS_SELECTION even if driver states otherwise. This is
mainly for testing purposes.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
2016-09-23 17:36:55 +03:00
Ilan Peer
dc2744f922 P2P: Fix common frequencies calculation for a group
Ignore group members for which there is no supported channels
information when calculating common group frequencies.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2016-09-22 23:48:14 +03:00
Srinivas Dasari
0d7eba5417 Define a QCA vendor command to validate encryption engine
This command carries 802.11 header and payload along with key (TK) and
PN for encryption/decryption purpose. Firmware/driver encrypts/decrypts
the given data and sends to userspace as a response to the command. User
space component can validate the data received from the driver to unit
test the hardware's encryption engine.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-09-22 20:30:05 +03:00
Denton Gentry
442819406c taxonomy: Store Probe Request frames in hostapd_sta_info
A weakness in the initial client taxonomy mechanism is from storing both
the Probe and Associate in struct sta_info. struct sta_info is created
after a client associates (or starts authentication frame exchange),
which means that any Probe Request frames sent prior to association are
not retained. The Associate Request frame has to be seen, and then
another Probe Request frame after association, before we have a
signature for the client.

Most clients send lots of Probe Request frames (lots and lots and lots
of Probes, actually), but a few do not. ChromeOS is notably sparing in
sending Probe Request frames, it can take a long time before a signature
for a ChromeOS device is available.

Store the most recent Probe Request frame in struct hostapd_sta_info
tracking list. When a struct sta_info is created, move the Probe Request
frame information from struct hostapd_sta_info to struct sta_info.

Signed-off-by: dgentry@google.com (Denton Gentry)
Signed-off-by: denny@geekhold.com (Denton Gentry)
Signed-off-by: rofrankel@google.com (Richard Frankel)
Signed-off-by: richard@frankel.tv (Richard Frankel)
2016-09-22 00:45:24 +03:00
Denton Gentry
04059ab844 Passive Client Taxonomy
Implement the signature mechanism described in the paper
"Passive Taxonomy of Wifi Clients using MLME Frame Contents"
published by Denton Gentry and Avery Pennarun.

http://research.google.com/pubs/pub45429.html
https://arxiv.org/abs/1608.01725

This involves:
1. Add a CONFIG_TAXONOMY compile option. Enabling taxonomy incurs
   a memory overhead of up to several kilobytes per associated
   station.
2. If enabled, store the Probe Request and (Re)Associate Request frame in
   struct sta_info.
3. Implement code to extract the ID of each Information Element,
   plus selected fields and bitmasks from certain IEs, into a
   descriptive text string. This is done in a new source file,
   src/ap/taxonomy.c.
4. Implement a "signature qq:rr:ss:tt:uu:vv" command
   in hostapd_cli to retrieve the signature.

Signatures take the form of a text string. For example, a signature
for the Nexus 5X is:
  wifi4|probe:0,1,127,45,191,htcap:01ef,htagg:03,htmcs:0000ffff,vhtcap:338061b2,
  vhtrxmcs:030cfffa,vhttxmcs:030cfffa,extcap:00000a0201000040|assoc:0,1,48,45,
  221(0050f2,2),191,127,htcap:01ef,htagg:03,htmcs:0000ffff,vhtcap:339071b2,
  vhtrxmcs:030cfffa,vhttxmcs:030cfffa,extcap:0000000000000040

Signed-off-by: dgentry@google.com (Denton Gentry)
Signed-off-by: denny@geekhold.com (Denton Gentry)
Signed-off-by: rofrankel@google.com (Richard Frankel)
Signed-off-by: richard@frankel.tv (Richard Frankel)
2016-09-22 00:45:24 +03:00
Jouni Malinen
5e993390f6 Initialize iface->sta_seen on allocation
Previously, struct hostapd_iface sta_seen list head was initialized only
when completing interface setup. This left a window for operation that
could potentially iterate through the list before the list head has been
initialized. While the existing code checked iface->num_sta_seen to
avoid this case, it is much cleaner to initialize the list when struct
hostapd_iface is allocated to avoid any accidental missing of the extra
checks before list iteration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-09-22 00:45:24 +03:00
Nick Lowe
81258efacb Remove unused generation of Request Authenticator in Account-Request
Do not generate an unused and invalid Request Authenticator (random
value) when constructing Accounting-Request packets. The correct Request
Authenticator is calculated subsequently in radius_msg_finish_acct()
using MD5(msg + shared secret).

Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
2016-09-22 00:34:19 +03:00
Rafał Miłecki
ea19b39f60 Revert "nl80211: Remove duplicated check in nl80211_setup_ap()"
This reverts commit 647862eb60.

The second check of device_ap_sme looks like duplicated, but it isn't
actually. The trick is nl80211_create_monitor_interface may change that
variable value and the second evaluation may give a different result.

This definitely isn't a very clear code, but that change caused a
regression for drivers that:
1) Don't report NL80211_ATTR_DEVICE_AP_SME
2) Don't support monitor mode
3) Don't support subscribing for PROBE_REQ and/or ACTION frames
like brcmfmac. With such drivers hostapd doesn't start anymore.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-09-17 20:08:24 +03:00
Jouni Malinen
205d2d1ff5 Fix typos in wpa_supplicant configuration parameter documentation
Signed-off-by: Jouni Malinen <j@w1.fi>
2016-09-10 21:09:52 +03:00
Sunil Dutt
660103eca9 nl80211: Use the monitor interface only without device_ap_sme support
The places using drv->use_monitor were already skipping creation of the
monitor interface if drv->device_ap_sme == 0. This means that the
monitor interface operations would not have worked anyway and it is safe
to set drv->use_monitor to zero for all such cases. This fixes an issue
with management frame subscription not happening properly for the case
where the AP SME is in the driver and the driver supports monitor
interfaces (for other purposes).

This commit also removes the check for monitor support and the
previously used workaround that cleared drv->use_monitor in
drv->device_ap_sme == 1 case if monitor interface was not supported
since that condition cannot occur anymore.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-09-08 23:19:07 +03:00
Dedy Lansky
c7f9d44825 FST: Fix search for peer's "other" connection
Upon receiving FST Setup Request from some peer on some interface,
search is made to see if same peer is connected on other interface with
specific band_id. With multiple peers, bug in
fst_group_does_iface_appear_in_other_mbies() caused wrong peer address
to be returned sometimes.

Fix this with a modified, simplified search algorithm of peer's "other"
connection.

Signed-off-by: Dedy Lansky <qca_dlansky@qca.qualcomm.com>
2016-09-08 11:17:45 +03:00
Lior David
a62dea4156 Fix mistakes in definition of QCA vendor commands for indoor location
Fix some mistakes in the previous commit for adding QCA vendor commands
for indoor location.

Note: The renamed enum value does not change the ABI, but the addition
of QCA_WLAN_VENDOR_ATTR_FTM_MEAS_INVALID in the beginning of enum
qca_wlan_vendor_attr_ftm_meas does renumber
QCA_WLAN_VENDOR_ATTR_FTM_MEAS_* values. The previous values were
committed yesterday and have not been used in any released code yet, so
this is a justifiable quick fix.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2016-09-06 23:38:47 +03:00
Joel Cunningham
711e3cab07 Handle NULL return from os_zalloc() in sta_track_add()
This adds handling for a memory allocation failure in sta_track_add().

Signed-off-by: Joel Cunningham <joel.cunningham@me.com>
2016-09-06 18:58:08 +03:00
Lior David
fcd85d9a3f Add QCA vendor commands/attributes for indoor location
Assign QCA vendor specific commands, attributes, and events for
supporting indoor location features.

These features include:

1. Fine timing measurement (FTM) - allows measurement of distance
between two stations. Based on IEEE P802.11-REVmc/D7.0, 11.24.6 FTM is
performed between two stations: one is an initiator, typically a client
that wants to measure distance to another AP, and one is a responder,
typically an AP which responds to measurement requests from other
clients. The responder can be configured to report its location, either
in absolute coordinates (LCI) or free-form description (LCR).

2. Angle of arrival (AOA) - allows measurement of azimuth and elevation
between two stations.

The above features can be combined to allow a station to get an accurate
indoor location.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2016-09-05 21:59:18 +03:00
Lior David
faecb39236 hostapd: Allow FTM functionality to be published
Add configuration options that control publishing of fine timing
measurement (FTM) responder and initiator functionality via bits 70, 71
of Extended Capabilities element. Typically, FTM functionality is
controlled by a location framework outside hostapd. When framework is
activated, it will use hostapd to configure the AP to publish the FTM
functionality. See IEEE P802.11-REVmc/D7.0, 9.4.2.27.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2016-09-05 21:23:07 +03:00
Tamizh chelvam
fc72a48a63 hostapd: Use stations nsts capability in (Re)Association Response frame
Some deployed stations incorrectly consider nsts capability in
(Re)Association Response frame as required capability instead of maximum
capability and if it is greater than station's capability then beamform
will not happen in uplink traffic.

This commit adds support for an optional workaround to use station's
nsts capability in (Re)Association Response frame if the station's nsts
is less than AP by using the use_sta_nsts=1 configuration parameter.
This configuration is introduced in this commit and it is disabled by
default.

Signed-off-by: Tamizh chelvam <c_traja@qti.qualcomm.com>
2016-09-05 21:14:40 +03:00
Zhang Qian
22950d0568 QCA vendor subcommand for LL_STATS extension
Some user space monitor wants to offload link layer statistics to
firmware. A new command QCA_NL80211_VENDOR_SUBCMD_LL_STATS_EXT and
associcated attributes are added. The monitor will use this new command
to configure monitoring paramters and get link layer statistics.
Attributes added in this change:
1. Parameters for FW to trigger the statistics report
2. Peer STA power state
3. TX failure statistics

Signed-off-by: Zhang Qian <zhangq@qti.qualcomm.com>
2016-09-05 20:50:10 +03:00
Sabrina Dubroca
7dcec24881 mka: Clean up key allocation
Assign cs in ieee802_1x_mka_decode_dist_sak_body and reuse it.

Cleanup of key allocation: ieee802_1x_kay_generate_new_sak() and
ieee802_1x_mka_decode_dist_sak_body() both allocate a struct key_conf,
fill it, and ask ieee802_1x_kay_init_data_key() to allocate and set up a
struct data_key. They also allocate multiple key buffers and copy the
same data around. Stop moving data from buffer to buffer, and just
allocate what we really need.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 22:24:33 +03:00
Sabrina Dubroca
95e9460d6a mka: Get rid of struct ieee802_1x_cp_conf
Instead of copying from kay to a temporary struct, and then from the
struct to the sm, just copy from kay to cp.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 21:56:17 +03:00
Sabrina Dubroca
07a6bfe1d2 mka: Store cipher suite ID in a u64 instead of u8 pointer
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 21:55:54 +03:00
Jouni Malinen
535a8b8712 mka: Make csindex unsigned
This avoids unnecessary typecasting while still being able to compare
the value to CS_TABLE_SIZE without compiler warnings.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-08-28 21:48:45 +03:00
Sabrina Dubroca
343eb3b036 mka: Reorganize live peer creation and key server election
This modifies ieee802_1x_kay_decode_mkpdu() check for peer including me
in its peer list.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 21:41:21 +03:00
Sabrina Dubroca
34dbe90ac5 mka: Share a single delete mka implementation
Share mka deletion implementation in ieee802_1x_participant_timer() for
the cak_life and mka_life expiration cases.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 21:31:28 +03:00
Sabrina Dubroca
0dabf79b5d mka: Introduce compare_priorities()
This takes care of priority comparison followed by MAC address
comparison if the priorities are identical.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 21:27:05 +03:00
Sabrina Dubroca
53080f770c mka: Clean up ieee802_1x_kay_mkpdu_sanity_check()
This drops one indentation level and makes the code a bit more readable.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 21:19:37 +03:00
Sabrina Dubroca
05283e7a6f mka: Simplify ieee802_1x_mka_dist_sak_body_present()
No need for an if statement to figure out Boolean return value.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 21:17:43 +03:00
Sabrina Dubroca
87b19c8d88 mka: Replace participant->kay with a local kay variable
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 21:17:36 +03:00
Sabrina Dubroca
f9ea083be3 mka: Fix typos in grammar in variable names and comments
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 20:59:58 +03:00
Sabrina Dubroca
921171f51c mka: Use named initializers for mka_body_handler[]
Also move the struct definition to be next to this array definition.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 20:57:23 +03:00
Sabrina Dubroca
86bef17c94 mka: Remove unused enum mka_created_mode values
DISTRIBUTED and CACHED were not used anywhere.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 20:56:44 +03:00
Sabrina Dubroca
ec958aee32 mka: Remove cs_len argument from the set_current_cipher_suite functions
This is a known constant value (CS_ID_LEN, i.e., the length of the EUI64
identifier) and does not need to be provided separately in these
function calls.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 20:55:34 +03:00
Sabrina Dubroca
46bbda2b83 mka: Clean up ieee802_1x_mka_decode_potential_peer_body()
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 20:50:49 +03:00
Sabrina Dubroca
cf375eb2da mka: Simplify ieee802_1x_mka_encode_icv_body() memory copying
There is no need to maintain two os_memcpy() calls to cover different
cmac lengths.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 20:47:25 +03:00
Sabrina Dubroca
8b4a148842 mka: Simplify ieee802_1x_mka_sak_use_body_present()
to_use_sak is a Boolean variable, so there is no need for an if
statement to figure out whether to return TRUE or FALSE.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 20:46:19 +03:00
Sabrina Dubroca
b3df7836e8 mka: Reorganize loops in number of KaY functions
Use for loop to remove unnecessary goto use and similar cleanup to
simplify the loops in ieee802_1x_mka_i_in_peerlist(),
ieee802_1x_mka_decode_live_peer_body(), and
ieee802_1x_kay_decode_mkpdu().

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 20:44:04 +03:00
Sabrina Dubroca
de7f5337f4 mka: Remove unused body_peer incrementation
Each loop iteration resets body_peer in the beginning, so there is no
need to increment this pointer in the end.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 20:35:45 +03:00
Sabrina Dubroca
2b13bcad70 mka: Add reset_participant_mi() helper
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 20:34:56 +03:00
Sabrina Dubroca
3ceb458254 mka: Clean up printf formats
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 20:31:10 +03:00
Sabrina Dubroca
8fab9e1cae mka: Use named initializers for static structs
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 20:30:48 +03:00
Sabrina Dubroca
d4f668fded mka: Add MKA_ALIGN_LENGTH macro
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 20:29:20 +03:00
Sabrina Dubroca
1de7a9f882 mka: Add helper functions for dumping and creating peer
This allows more code reuse for creating live/potential peer and dumping
peer entries.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 19:49:58 +03:00
Sabrina Dubroca
d9639d1a4e mka: Clean up ieee802_1x_kay_get_cipher_suite() lookup function
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 19:49:57 +03:00
Sabrina Dubroca
7c547cff6b mka: Refactor the get_*_peer() functions
Add ieee802_1x_kay_get_potential_peer() similarly to the previously used
ieee802_1x_kay_get_live_peer() and use these helper functions more
consistently to avoid multiple implementations of peer lookups.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 19:49:57 +03:00
Sabrina Dubroca
515bc1aec1 mka: Fix a typo in mka_body_handler (mak to mka)
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 19:49:57 +03:00
Sabrina Dubroca
a33e3c3214 mka: Add a helper function, sci_equal(), for sci comparison
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 19:49:57 +03:00
Sabrina Dubroca
cefeb8e382 mka: Use less bitfields in the IEEE 802.1X-2010 structs
This splits the u32 bitfields into u8 variables and using bitfields only
for the cases where under 8-bit fields are used.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 19:49:57 +03:00
Sabrina Dubroca
2e9448989f mka: Fix a typo in macsec_capbility
Spell "capability" correctly in the variable name.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-28 19:29:15 +03:00
Jouni Malinen
f2f8616e80 Initialize hapd->nr_db in hostapd_alloc_bss_data()
Previously, this was initialized in hostapd_setup_bss() which made it
possible for a REMOVE_NEIGHBOR control interface command to be issued
prior to the list head pointers having been set. That resulted in a NULL
pointer dereference. Fix this by initializing the list head at the time
the data structure gets allocated.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-08-22 17:44:05 +03:00
Jouni Malinen
1f3b8b4edb Check for driver initialization before doing driver operations
Number of hostapd control interface commands (e.g., STATUS-DRIVER) could
result in NULL pointer dereference when issued on not yet enabled BSS.
Fix this by checking that the driver interface has been initialized
before calling the driver_ops function.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-08-19 16:08:00 +03:00
Eduardo Abinader
833d0d45e8 radius: Sanity check for NULL pointer segfault
When the RADIUS client has not yet been fully enabled, MIB command was
segfaulting hostapd.

Signed-off-by: Eduardo Abinader <eduardoabinader@gmail.com>
2016-08-19 12:16:20 +03:00
Masashi Honma
052b8d38c5 mesh: Report HT operation mode to kernel
Report HT operation mode to kernel to broadcast correct IE in beacon
(for example HT operation IE).

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-08-18 20:46:15 +03:00
Masashi Honma
2bd6217173 mesh: Use WPA_DRIVER_MESH_CONF_FLAG_* as modification flag
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-08-18 20:40:13 +03:00
Masashi Honma
4ffb3f870d mesh: Do NL80211_MESHCONF_* setting in single function
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-08-18 20:37:38 +03:00
Masashi Honma
a1431ef8df mesh: Move max_peer_links parameter to appropriate struct
Accoding to the comment of struct wpa_driver_mesh_bss_params, the
max_peer_links parameter should be under that struct.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-08-18 20:33:39 +03:00
Petko Bordjukov
72a652d785 IAPP: Set SO_REUSEADDR on listening socket
Make it possible for several instances of hostapd to listen on the same
network interface.

Signed-off-by: Petko Bordjukov <bordjukov@gmail.com>
2016-08-18 20:01:48 +03:00
Johannes Berg
81372e347a ap: Use is_multicast_ether_addr() more
Various checks should use is_multicast_ether_addr() instead
of hardcoding the equivalent, change it.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2016-08-17 13:43:31 +03:00
Eduardo Abinader
647862eb60 nl80211: Remove duplicated check in nl80211_setup_ap()
Just removing a duplicated condition.

Signed-off-by: Eduardo Abinader <eduardoabinader@gmail.com>
2016-08-17 13:42:11 +03:00
Johannes Berg
e3429c0b15 nl80211: Fix control port protocol no-encrypt setting
Previously, driver_nl80211 sets NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT in
AP mode, to get EAPOL frames out unencrypted when using IEEE 802.1X/WEP.
However, due to the way nl80211/cfg80211 is implemented, this attribute
is ignored by the kernel if NL80211_ATTR_CONTROL_PORT_ETHERTYPE isn't
specified as well. Fix this by including
NL80211_ATTR_CONTROL_PORT_ETHERTYPE set to ETH_P_PAE. This can be done
unconditionally, since the kernel will allow ETH_P_PAE to be set even
when the driver didn't advertise support for arbitrary ethertypes.

Additionally, the params->pairwise_ciphers appear to not be set at
this point, so relax the check and allow them to be zero.

In client mode, this whole thing was missing, so add it. Again, the
pairwise suite can be WPA_CIPHER_NONE, so allow that case as well.

This fixed IEEE 802.1X/WEP EAP reauthentication and rekeying to use
unencrypted EAPOL frames which is the de facto way of implementing this
in wireless networks.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2016-08-17 13:40:40 +03:00
David Benjamin
478441bf81 OpenSSL: Fix OpenSSL 1.1.0 compatibility functions
To be consistent with OpenSSL 1.1.0, the free functions should
internally check for NULL. EVP_MD_CTX_free also was missing an
EVP_MD_CTX_cleanup, so this leaked a little.

OpenSSL 1.1.0 also has given get_rfc3526_prime_1536 a better namespace
with get_rfc3526_prime_1536 as a compatibility-only name. Use that
instead in 1.1.0.

Signed-off-by: David Benjamin <davidben@google.com>
2016-08-13 21:07:05 +03:00
Felix Fietkau
4fe726e2d7 nl80211: Do not switch interface to station mode when using mesh
This fixes issues with adding mesh interfaces to a bridge.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-13 10:44:11 +03:00
Nick Lowe
8468189e90 Do not include NAS-Port attribute with AID 0
Do not include a NAS-Port attribute in Access-Request and
Accounting-Request packets where the Association ID (AID) is 0, i.e.,
not yet assigned or known.

Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
2016-08-13 10:28:01 +03:00
Manish Shukla
86a318f34a atheros: Accept Public Action frames sent to Wildcard BSSID
Previously, the check for mgmt->bssid matching own address (= BSSID)
ended up rejecting the case where Public Action frames are using
Wildcard BSSID in the Address 3 field. This could result in GAS queries
being dropped. Fix this by allowing both the own address (= AP BSSID)
and Wildcard BSSID in Action frame Address 3 field.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-08-11 16:08:30 +03:00
Yingying Tang
6fe3b9d451 QCA vendor command to get hardware capabilities
This commit introduces a new vendor sub command
QCA_NL80211_VENDOR_SUBCMD_GET_HW_CAPABILITY and the associated
attributes to get Wi-Fi hardware capabilities.

Signed-off-by: Yingying Tang <yintang@qti.qualcomm.com>
2016-08-10 16:49:46 +03:00
Sunil Dutt
dc24a3616a Define an attribute QCA_WLAN_VENDOR_ATTR_CONFIG_QPOWER
This can be used to enable/disable QPOWER.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-08-09 19:23:25 +03:00
Nick Lowe
42d30e9ea0 Add a require_message_authenticator configuration option
This can be used to mandate the presence of the Message-Authenticator
attribute on CoA/Disconnect-Request packets.

Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
2016-08-08 00:36:17 +03:00
Jouke Witteveen
715ad3386e roboswitch: Add support for BCM63xx
These devices do not properly identify themselves.

Signed-off-by: Jouke Witteveen <j.witteveen@gmail.com>
2016-08-08 00:25:31 +03:00
Rahul Bedarkar
a2072a29b9 utils: os_unix: Use access() for checking file existence
Trying to open file for checking file existence seems to be too much.
Instead use access system call which is meant for the same.

Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
2016-08-08 00:24:07 +03:00
Sabrina Dubroca
cfe0a0194b mka: Fix use after free
We must cancel the timer when we delete an MKA instance.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-07 11:44:04 +03:00
Sabrina Dubroca
d68b73cfa5 mka: Add check for body length when decoding peers
The standard says that the body length must be a multiple of 16B.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-07 11:42:37 +03:00
Sabrina Dubroca
ad19e71e68 mka: Avoid reading past the end of mka_body_handler
body_type, used to index in mka_body_handler, can be any u8 value, but
we have only ARRAY_SIZE(mka_body_handler) elements.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-07 11:42:19 +03:00
Jouni Malinen
65b47738e8 mka: Return u8 from get_mka_param_body_type()
This uses a more accurate variable type for body_type and makes it
cleaner to compare this to other unsigned values.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-08-07 11:42:03 +03:00
Sabrina Dubroca
ac285c007c mka: Add error handling around ieee802_1x_kay_move_live_peer()
ieee802_1x_kay_move_live_peer() can fail. In that case, we should not
proceed.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-07 11:36:17 +03:00
Sabrina Dubroca
90bff0e2aa mka: Avoid inconsistent state in ieee802_1x_kay_move_live_peer()
If the memory allocation in ieee802_1x_kay_init_receive_sc() fails, we
end up in an inconsistent state where the peer is moved to the live
peers list and its sci is setup, but we don't have an rxsc.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-07 11:34:50 +03:00
Sabrina Dubroca
12447457bf mka: Fix length when encoding SAK-use
The room we actually use is length. This could also mess up the
receiver, since it will advance by the actual length (as indicated by
the parameter body's length), which could differ from the offset at
which we stored the next item.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-07 11:32:23 +03:00
Sabrina Dubroca
71dc78904f mka: Fix memory leak in ieee802_1x_kay_create_live_peer() error path
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-07 11:31:41 +03:00
Sabrina Dubroca
099613e415 mka: Fix multiple key server election bugs
1. The comparison between SCI's of two servers with identical priority
   is broken, and would always return TRUE. Just use os_memcmp(), which
   provides the ordering we need.

2. If no peer can be key server but this instance can, then become the
   key server.

3. The ordering of blocks between peer as key server and ourself as key
   server overwrites settings. Simple reordering fixes this.

4. Default to being the key server, so that we advertise our ability in
   the MKPDUs we send. That's the only way peers can know we can be key
   server. Cleared automatically as soon as we find a better peer.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
2016-08-07 11:31:17 +03:00
Arran Cudbard-Bell
b84ce655d3 Link to, and adjust types for, the PCSC framework included with OSX
Signed-off-by: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
2016-08-07 11:20:33 +03:00
Johannes Berg
842c5af5d3 ap: Use is_broadcast_ether_addr()
There's no need to have a separate variable and open-code a more
complicated version of this, just use is_broadcast_ether_addr().

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2016-08-06 16:51:48 +03:00
Jouni Malinen
ac81b3948b cli: Share a common tokenize_cmd() implementation
wpa_cli and hostapd_cli had identical copies of this function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-08-06 12:46:39 +03:00
Jouni Malinen
980afcce53 cli: Share a common write_cmd() implementation
wpa_cli and hostapd_cli had identical copies of this function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-08-06 12:41:56 +03:00
Jouni Malinen
fcc84b48b2 cli: Share a common get_cmd_arg_num() implementation
wpa_cli and hostapd_cli had identical copies of this function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-08-06 12:39:56 +03:00
Jouni Malinen
e55df99ee6 Share a single str_starts() implementation
No need to define this as a static function in multiple files.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-08-06 12:38:21 +03:00
Mikael Kanstrup
23c130e9b7 Use a common license string for hostapd_cli and wpa_cli
Move the license strings for hostapd_cli and wpa_cli to common.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
2016-08-06 12:34:25 +03:00
Mikael Kanstrup
977c0796f9 Move parts of wpa_cli to a new common file
In preparation for adding further command completion support
to hostapd_cli move some cli related utility functions out of
wpa_cli into a new common cli file.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
2016-08-06 12:25:58 +03:00
Sunil Dutt
fed802c2e8 Define an attribute QCA_WLAN_VENDOR_ATTR_CONFIG_IFINDEX
This can be used to set the configuration parameters per netdev (instead
of wiphy).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-08-04 21:50:26 +03:00
Sunil Dutt
14b7612447 Define vendor command to support IE based access control
This commit defines QCA vendor subcommand and attributes for IE based
access control, i.e., the specific configured IE (full IE) is matched
with the frames originated by the Wi-Fi STA / AP to accept or deny the
connection. A specific IE can either be a whitelist or blacklist.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-08-04 21:50:22 +03:00
Vikram Kandukuri
4ac75cd01a QCA vendor command to configure GPIO pins
This commit introduces a new vendor sub command
QCA_NL80211_VENDOR_SUBCMD_GPIO_CONFIG_COMMAND and associated
attributes to configure GPIO pins.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-08-03 16:46:30 +03:00
Vikram Kandukuri
babf0ce0d2 Assign QCA vendor attributes for generic commands
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-08-03 16:44:07 +03:00
vamsi krishna
cc9985d1b1 Set default scan IEs to the driver (QCA vendor extension)
This makes wpa_supplicant set default scan IEs to the driver (if the
vendor command is supported). The driver can use these IEs in the scan
requests initiated by the driver itself. Also the driver can merge these
IEs into further scan requests that it receives, in case if the scan
request doesn't carry any of the IEs sent in this command.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-08-02 21:21:52 +03:00
Jouni Malinen
4f910f38e5 Fix a typo in QCA vendor attribution documentation
The previously used subcommand names in the comment did not match the
ones defined above.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-08-02 21:11:25 +03:00
vamsi krishna
ab21863108 Define QCA vendor config attribute to set default scan IEs to the driver
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-08-02 21:11:05 +03:00
Jouni Malinen
5a5638a3bf Show disabled HT/VHT properly in AP mode STATUS command
Previously, HT/VHT state was shown in STATUS based on the configuration
parameter instead of the runtime operational parameters. This could
result in claiming HT/VHT to be enabled even when it was forced to be
disabled due to an incompatible configuration. Clear HT/VHT information
in the STATUS output if HT/VHT has been disabled.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-08-02 17:41:01 +03:00
Wu Gao
551817a582 AP: Disable VHT in WEP configuration
This was already done for HT, but VHT has the same constraint on not
allowing WEP.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-08-02 17:31:48 +03:00
Chaitanya T K
f5728d0a82 nl80211: Fix segfault when params->freq is NULL for AP mode start
If params->freq is NULL here, it leads to a segfault. Do not initialize
bss->bandwidth if params->freq is NULL.

Signed-off-by: Chaitanya T K <Chaitanya.Mgit@gmail.com>
2016-07-23 22:06:10 +03:00
Masashi Honma
3388e7b96f mesh: Remove HT IEs if HT is disabled
Previously, HT capability IE and HT information IE were included in
Beacon and Mesh Peering Open/Confirm frames even if HT is disabled with
disable_ht=1. This patch removes these.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-07-23 22:04:16 +03:00
Masashi Honma
4ac2ea5738 mesh: Make DTIM period configurable
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-07-23 21:58:04 +03:00
Nishant Chaprana
0f282c76ee P2Ps: Clear existing value when peer stops sending adv_service_instance
If a peer stops sending adv_service_instance, we should clear the
existing dev->info.p2ps_instance.

This commit fixes the following scenario:

When peer device stops sending adv_service_instance, wpa_supplicant did
not remove old dev->info.p2ps_instance from device's property. This
variable should be updated as per peer behavior and should be cleared
when peer stops sending this information.

Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
2016-07-23 20:55:52 +03:00
Erik Ljungberg
4d7aab78bd Make driver flags available through control interface
This shows the current set of driver flags in wpa_cli and hostapd_cli.

Signed-off-by: Erik Ljungberg <erik.ljungberg@sonymobile.com>
2016-07-23 20:46:20 +03:00
MAYANK HAARIT
77d468e4db P2P: Cleanup by removing unnecessary os_free() call from p2p_deinit()
Remove the unnecessary os_free() call from p2p_deinit() since
p2p_flush() called just above this takes care of freeing
p2p->after_scan_tx and the second call here ends up being no-op
os_free(NULL) in practice.

Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
2016-07-23 20:35:56 +03:00
Masashi Honma
e347cafe57 mesh: Report mesh peer AID to kernel
Previously, mesh power management functionality works only with kernel
MPM. Because user space MPM did not report mesh peer AID to kernel,
the kernel could not identify the bit in TIM element. So this patch
reports mesh peer AID to kernel.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-07-23 20:26:26 +03:00
Jouni Malinen
e3227c32f0 Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2016-07-01.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-07-23 20:25:28 +03:00
Sunil Dutt
6c34b9c2d2 Assign QCA vendor attribute for setting TX fail count threshold
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-07-22 20:10:06 +03:00
zhangq
52fec3669c Assign QCA vendor attributes for set retry configuration
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-07-22 00:35:37 +03:00
Chandrasekaran, Manishekar
1c8fe68f62 QCA vendor command to configure conditional switch channel for AP
This commit introduces a new vendor sub command
QCA_NL80211_VENDOR_SUBCMD_SAP_CONDITIONAL_CHAN_SWITCH and associated
attributes which aim to configure selected frequencies on which the AP
can conditionally switch onto for preferred operation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-07-22 00:35:28 +03:00
Jouni Malinen
460e5cdf43 OpenSSL: Fix OpenSSL 1.1.0 DH operation
Commit 49fe2ada20 ('OpenSSL: Support
OpenSSL 1.1.0 DH opacity') started using the new accessor functions, but
used incorrect success check for the DH_set0_key() call. This resulted
in dh5_init_fixed() failures and double-free on error path if the build
was linked against OpenSSL 1.1.0. Fix this by checking DH_set0_key()
return value to be 1 for the success case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-07-15 13:30:57 +03:00
Jouni Malinen
f465c32dc2 Interworking: Define control interface message prefixes in wpa_ctrl.h
These control interface event message are used by external programs, so
define them a bit more formally in the header file.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-07-11 21:56:56 +03:00
Peng Xu
a6f5b1937a P2P: Allow P2P listen being offloaded to the driver/firmware
This allows P2P Listen to be offloaded to device to enhance power
saving.

To start P2P listen offload, from wpa_cli interface, issue the command:
	p2p_lo_start <freq> <period> <interval> <count>

To stop P2P listen offload, issue the command:
	p2p_lo_stop

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-07-03 22:36:58 +03:00
Peng Xu
35d6655755 nl80211: P2P Listen offload vendor command definitions
Define QCA vendor commands, events, and attributes for P2P
Listen offload.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-07-03 19:13:42 +03:00
Saurav Babu
4ac5f2f8f4 Add text name for WPA_KEY_MGMT_WPA_NONE key_mgmt value
This will output WPA-NONE for WPA_KEY_MGMT_WPA_NONE key_mgmt value in
STATUS command.

Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
2016-07-03 19:13:41 +03:00
Saurav Babu
f0e84057fb nl80211: Provide frequency in EVENT_ASSOC when IBSS is joined
Provides operating frequency in EVENT_ASSOC when IBSS is joined so that
wpa_s->assoc_freq can be updated when any IBSS network is joined.

Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
2016-07-03 19:13:41 +03:00
Dmitry Shmidt
9607a1aef7 nl80211: Keep QCA vendor extensions together
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2016-06-30 00:25:31 +03:00
Jouni Malinen
d02e549831 mesh: Rename MPM FSM states to match the standard
During the P802.11s draft development, there were separate LISTEN and
IDLE states. However, the current IEEE 802.11 standards uses only the
IDLE state while the implementation called this LISTEN. Rename the state
in the implementation to match the one used in the standard to avoid
confusion. In addition, rename OPEN_{SENT,RCVD} to OPN_{SNT,RCVD} to
match the exact spelling of these states in the standard.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-28 22:53:05 +03:00
Jouni Malinen
d735811329 tests: Add TEST_FAIL() to hostapd_get_aid()
This allows additional testing coverage for AID unavailability cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-28 20:44:55 +03:00
Jouni Malinen
37fd0be2d3 Add CTRL-EVENT-CHANNEL-SWITCH event to indicate channel changes
This provides information of the channel switch to wpa_supplicant
control interface monitors.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-27 21:10:35 +03:00
Jouni Malinen
e6804fef93 OpenSSL: Update to match the modified DH_get0_key() API
OpenSSL 1.1.0 (master branch) apparently ended up modifying the API
after the beta 2 release that was supposed to complete the work. Mark
the variables const to fix the compilation with the modified OpenSSL
API.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-25 00:35:17 +03:00
Jouni Malinen
617593c37f Assign vendor specific elements for early HE testing
These elements can be used for pre-standard publication testing of HE
before P802.11ax draft assigns the element ID. The payload of these
vendor specific elements is defined by the latest P802.11ax draft.
Please note that the draft is still work in progress and the element
payload is subject to change.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 19:02:58 +03:00
Jouni Malinen
4874b78290 PAE: Use big endian version in current_peer_id.mn to be more consistent
This gets rid of sparse warnings related to mismatching annotation and
byte swapping.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-24 19:02:58 +03:00
Jouni Malinen
ce256b4a49 PAE: Use sci->port more consistently
This is now annotated as be16, so use it as such in all cases instead of
first storing host byte order value and then swapping that to big endian
in other instances of the same structure. This gets rid of number of
sparse warnings.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-24 19:02:58 +03:00
Jouni Malinen
2f13e54dfc wired: Silence sparse warning on redefinition of IFNAMSIZ
driver_wired.c pulls in utils/common.h before net/if.h as a workaround
for NetBSD build. This results in IFNAMSIZ getting redefined and sparse
warning about this. Silence that warning by undefining the IFNAMSIZ
definition from common.h to allow the one from net/if.h being used. In
addition, remove duplicated inclusion of net/if.h.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-24 19:02:58 +03:00
Jouni Malinen
82ffcba755 Move extern declarations for ext_password backends into a header file
This gets rid of a sparse warning and also allows the compatibility of
the declarations to be verified (a missing const declaration is fixed
here as well).

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-24 19:02:58 +03:00
Jouni Malinen
39ab6a5de2 Move extern declarations for driver ops into a header file
This gets rid of number of sparse warnings and also allows the
compatibility of the declarations to be verified (number of missing
const declarations are fixed here as well).

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-24 19:02:58 +03:00
Jouni Malinen
4775471816 nl80211: Mark wpa_driver_nl80211_get_macaddr() static
This function is not used outside this file.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-24 19:02:58 +03:00
Jouni Malinen
ebae413550 Fix a debug print in p2p_manager_disconnect()
fc2str() expects to get the 16-bit frame control value in host byte
order.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 19:02:58 +03:00
Jouni Malinen
582121b038 OpenSSL: Silence sparse warnings in fips186_2_prf()
Use WPA_PUT_BE32() instead of inplace conversion with host_to_be32() to
avoid sparse warnings.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 19:02:58 +03:00
Jouni Malinen
451e094c7e dhcp_snoop: Silence a sparse warning
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 19:02:58 +03:00
Jouni Malinen
bbae0f03aa ndisc_snoop: Include ndisc_snoop.h to check prototypes
This allows the compiler to check that function prototypes match the
implementation. In addition, this gets rid of sparse warnings.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 19:02:58 +03:00
Jouni Malinen
99a716ac91 TNCS: Mark functions static
These are called through function pointers, so no need to make the
function symbols directly available outside this file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 19:02:47 +03:00
Jouni Malinen
799a7ed8a9 PAE: Mark ieee802_1x_kay_deinit_data_key() static
This function is not used outside this file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 01:40:24 +03:00
Jouni Malinen
4e7f5a4a2a PAE: Use be16/be32 instead of u16/u32 for spartse
This converts some of the PAE code to use a design that gets rid
unnecessary warnings from sparse and allows more thorough validation of
byte order operations.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 01:38:48 +03:00
Jouni Malinen
ac36b133aa TNCC: Mark functions static
These are called through function pointers, so no need to make the
function symbols directly available outside this file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 01:38:04 +03:00
Jouni Malinen
50a17a76e1 tests: Declare module test functions in a header file
This gets rid of number of warnings from sparse.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 18:26:09 +03:00
Jouni Malinen
3e624369cb tests: Mark some module test arrays static
These are not used outside the source code file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 18:11:35 +03:00
Jouni Malinen
fad6485c56 radiotap: Silence sparse warnings about byte order swapping
These little endian fields were not marked properly and the type case in
the get_unaligned_* helper macros were causing warnings from sparse.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 18:08:11 +03:00
Jouni Malinen
94c4d78ef1 FST: Make fst_action_names static
This is not used outside this file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 17:48:48 +03:00
Jouni Malinen
82c734c28c FST: Fix byte order of couple of fields on big endian hosts
Couple of fsts_id and llt fields were not properly swapped from host
byte order to little endian byte order used in the frames. Fix this and
use the le32 type to make this more consistent and verifiable with
sparse.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 17:46:40 +03:00
Jouni Malinen
3787c91da0 OpenSSL: Pull in header files to check function prototypes
Since crypto_openssl.c is now implementing couple of functions
internally, pull in the relevant header files md5.h and aes_wrap.h to
make sure the function declaration are consistent.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 13:35:26 +03:00
Jouni Malinen
6013bbe04f TDLS: Declare tdls_testing as extern in a header file
This gets rid of a sparse warning with CONFIG_TDLS_TESTING builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 13:31:04 +03:00
Jouni Malinen
0e672b89e7 trace: Define externs in a header file
This gets rid of some unnecessary strace warnings from test builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 13:28:54 +03:00
Jouni Malinen
6527b52ead Undefine __bitwise before defining it for sparse
This gets rid of a compiler warning due to a bit different construction
in linux/types.h.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 13:23:46 +03:00
Jouni Malinen
468b7b12a6 Fix hostapd_sta_add() call to use NULL as the pointer instead of 0
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 13:14:17 +03:00
Cedric Izoard
04c18fa04b curl: Don't free memory for subjectAltName before calling callback
Freeing memory for subjectAltName in parse_cert(), will give cert_cb
pointers to freed memory zone that may already been overwritten. Memory
for subjectAltName is released in parse_cert_free().

Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
2016-06-19 22:11:36 +03:00
Masashi Honma
d70a8ab1e3 mesh: Ignore crowded peer
The "Accepting Additional Mesh Peerings bit == 0" means the peer cannot
accept any more peers, so suppress attempt to open a connection to such
a peer.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-06-19 20:18:09 +03:00
Jouni Malinen
3b6deac0e7 mesh: Avoid use of hardcoded cipher
This moves pairwise, group, and management group ciphers to various mesh
data structures to avoid having to hardcode cipher in number of places
through the code. While CCMP and BIP are still the hardcoded ciphers,
these are now set only in one location.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-19 20:18:09 +03:00
Jouni Malinen
f868d5607d mesh: Clean up AMPE element encoding and parsing
The AMPE element includes number of optional and variable length fields
and those cannot really be represented by a fixed struct
ieee80211_ampe_ie. Remove the optional fields from the struct and
build/parse these fields separately.

This is also adding support for IGTKdata that was completely missing
from the previous implementation. In addition, Key RSC for MGTK is now
filled in and used when configuring the RX MGTK for a peer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-19 20:18:09 +03:00
Jouni Malinen
4367eec439 mesh: Do not use RX MGTK as RX IGTK
The previous implementation was incorrect in forcing the MGTK to be used
as the IGTK as well. Define new variable for storing IGTK and use that,
if set, to configure IGTK to the driver. This commit does not yet fix
AMPE element parsing to fill in this information.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-19 20:18:09 +03:00
Jouni Malinen
a4eec3c230 mesh: Use variable length MGTK for RX
This extends the data structures to allow variable length MGTK to be
stored for RX. This is needed as an initial step towards supporting
different cipher suites.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-19 20:18:09 +03:00
Jouni Malinen
b02f4d058c mesh: Add variable length MTK support
This is needed as a part in enabling support for different pairwise
ciphers in mesh.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-19 20:18:09 +03:00
Jouni Malinen
18aca1a07d mesh: Use ieee80211w profile parameter
This is initial step in fixing issues in how PMF configuration for RSN
mesh was handled. PMF is an optional capability for mesh and it needs to
be configured consistently in both hostapd structures (to get proper
RSNE) and key configuration (not included in this commit).

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-18 15:52:54 +03:00
Jouni Malinen
b8b499e4a4 mesh: Use WPA_NONCE_LEN macro
No need to use the magic value 32 here since there is a generic define
for the RSN-related nonce values.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-18 15:52:54 +03:00
Sunil Dutt
bb4e19e3f4 hostapd: Skip hostapd ACL check for drivers supporting ACL offload
Commit 0603bcb7fe ('hostapd: Process MAC
ACLs on a station association event (SME in driver)') processes MAC ACL
on a station association event for drivers which use AP SME offload but
does not consider the scenario where the drivers offload ACL. This can
result in station disconnection, though the driver accepts the
connection. Address this by avoiding the hostapd ACL check for the
drivers offloading MAC ACL.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-17 20:45:35 +03:00
Sunil Dutt
d1296da643 Reserve QCA vendor specific nl80211 command 121
This is reserved for QCA use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-17 00:10:16 +03:00
Sunil Dutt
52a6c9c9e8 Add a QCA vendor command to configure AP parameters
This commit also introduces a new attribute MANDATORY_FREQUENCY_LIST
which aims for AP operation in a channel that ensures best concurrency
sessions.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-16 18:38:16 +03:00
Jouni Malinen
cc27c8e680 hostapd: Fix early init failure path
eloop deinit calls could trigger segmentation fault if the early error
path is hit before eloop_init() gets called.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-13 00:37:23 +03:00
Jouni Malinen
976dfb3237 FST: Make fst_global_deinit() more robust
Verify that fst_global_init() has been called before deinitializing the
global FST context. This makes it a bit easier to handle failure paths
from initialization.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-13 00:37:14 +03:00
Masashi Honma
7a69fad7ad mesh: Sync max peer links with kernel
Set max peer links to kernel even when wpa_supplicant MPM is used. This
sets the correct value for the "Accepting Additional Mesh Peerings bit"
in "Mesh Capability field" in "Mesh Configuration element" in the Beacon
frame.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-06-12 21:49:05 +03:00
David Woodhouse
c3d7fb7e27 OpenSSL: Initialise PKCS#11 engine even if found with ENGINE_by_id()
Recent versions of engine_pkcs11 are set up to be autoloaded on demand
with ENGINE_by_id() because they don't need explicit configuration.

But if we *do* want to explicitly configure them with a PKCS#11 module
path, we should still do so.

We can't tell whether it was already initialised, but it's harmless to
repeat the MODULE_PATH command if it was.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Michael Schaller <misch@google.com>
2016-06-11 12:21:08 +03:00
Paul Stewart
fdc1188a85 nl80211: Fix use-after-free in qca_nl80211_get_features()
Any data accessible from nla_data() is freed before the
send_and_recv_msgs() function returns, therefore we need to allocate
space for info.flags ourselves.

Signed-off-by: Paul Stewart <pstew@google.com>
2016-06-11 12:12:23 +03:00
Jouni Malinen
8359472589 hostapd Make GAS Address3 field selection behavior configurable
gas_address3=1 can now be used to force hostapd to use the IEEE 802.11
standards compliant Address 3 field value (Wildcard BSSID when not
associated) even if the GAS request uses non-compliant address (AP
BSSID).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-10 22:13:37 +03:00
Jouni Malinen
6996ff7b6d hostapd: Fix Public Action frame TX status processing for wildcard BSSID
Previously all TX status events with wildcard BSSID were ignored. This
did not allow Public Action frame TX status to be processed with the
corrected wildcard BSSID use. Fix this to be allowed. In practice, this
affects only test cases since Action frame TX status was not used for
anything else.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-10 21:44:49 +03:00
Jouni Malinen
78a3632765 hostapd: Fix Public Action frame addressing (BSSID field)
IEEE Std 802.11-2012, 10.19 (Public Action frame addressing) specifies
that the wildcard BSSID value is used in Public Action frames that are
transmitted to a STA that is not a member of the same BSS. hostapd used
to use the actual BSSID value for all such frames regardless of whether
the destination STA is a member of the BSS.

Fix this by using the wildcard BSSID in cases the destination STA is not
a member of the BSS. Leave group addressed case as-is (i.e., the actual
BSSID), since both values are accepted. No such frames are currently
used, though.

This version is still using the AP BSSID value in the Address 3 field
for GAS response frames when replying to a GAS request with AP BSSID
instead of Wildcard BSSID. This is left as a workaround to avoid
interoperability issues with deployed STA implementations that are still
using the non-compliant address and that might be unable to process the
standard compliant case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-10 21:44:49 +03:00
Jouni Malinen
a5a187b0f4 nl80211: Add TEST_FAIL() to command generation and set_mode
This makes it easier to test error paths for failing driver command
cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-05 00:13:32 +03:00
Jouni Malinen
92a515b869 nl80211: Update drv->assoc_freq on mesh join
This is needed to provide the correct frequency in SIGNAL_POLL command.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-04 21:30:18 +03:00
Kanchanapally, Vidyullatha
cc9a2575ca nl80211: Use extended capabilities per interface type
This adds the necessary changes to support extraction and use of the
extended capabilities specified per interface type (a recent
cfg80211/nl80211 extension). If that information is available,
per-interface values will be used to override the global per-radio
value.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-31 21:35:54 +03:00
Jouni Malinen
c6edea0df6 Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2016-05-31.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-31 18:49:05 +03:00
Jouni Malinen
9a5160f5fb Report connection timeouts in CTRL-EVENT-ASSOC-REJECT
Add a new "timeout" argument to the event message if the nl80211 message
indicates that the connection failure is not due to an explicit AP
rejection message. This makes it easier for external programs to figure
out why the connection failed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-31 00:11:42 +03:00
Jouni Malinen
dad0129227 mesh: Support simple SAE group negotiation case
This allows the simplest case of SAE group negotiation to occur by
selecting the next available group if the peer STA indicates the
previous one was not supported. This is not yet sufficient to cover all
cases, e.g., when both STAs need to change their groups, but at least
some cases are no covered.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-30 21:14:08 +03:00
Jouni Malinen
9c10be3f71 mesh: Fix error path handling in init OOM cases
hostapd deinit functions were not ready to handle a case where the data
structures were not fully initialized. Make these more robust to allow
wpa_supplicant mesh implementation to use the current deinit design in
OOM error cases without causing NULL pointer dereferences.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-30 01:05:16 +03:00
David Benjamin
1cece2fafb OpenSSL: Comment out tls_connection_get_eap_fast_key without EAP-FAST
This avoids internal access of structs and also removes the dependency
on the reimplemented TLS PRF functions when EAP-FAST support is not
enabled. Notably, BoringSSL doesn't support EAP-FAST, so there is no
need to access its internals with openssl_get_keyblock_size().

Signed-Off-By: David Benjamin <davidben@google.com>
2016-05-23 21:22:33 +03:00
David Benjamin
7358170787 TLS: Split tls_connection_prf() into two functions
Most protocols extracting keys from TLS use RFC 5705 exporters which is
commonly implemented in TLS libraries. This is the mechanism used by
EAP-TLS. (EAP-TLS actually predates RFC 5705, but RFC 5705 was defined
to be compatible with it.)

EAP-FAST, however, uses a legacy mechanism. It reuses the TLS internal
key block derivation and derives key material after the key block. This
is uncommon and a misuse of TLS internals, so not all TLS libraries
support this. Instead, we reimplement the PRF for the OpenSSL backend
and don't support it at all in the GnuTLS one.

Since these two are very different operations, split
tls_connection_prf() in two. tls_connection_export_key() implements the
standard RFC 5705 mechanism that we expect most TLS libraries to
support. tls_connection_get_eap_fast_key() implements the
EAP-FAST-specific legacy mechanism which may not be implemented on all
backends but is only used by EAP-FAST.

Signed-Off-By: David Benjamin <davidben@google.com>
2016-05-23 20:40:12 +03:00
David Benjamin
f150db6c83 OpenSSL: Remove two more accesses of ssl_ctx->cert_store
Commit 68ae4773a4 ('OpenSSL: Use library
wrapper functions to access cert store') fixed most of these, but missed
a few.

Signed-Off-By: David Benjamin <davidben@google.com>
2016-05-23 19:08:40 +03:00
Jouni Malinen
9ce3e61091 nl80211: Add TEST_FAIL() to nl80211_set_mac_addr()
This makes it easier to test some error paths in wpa_supplicant.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-22 18:08:55 +03:00
Kanchanapally, Vidyullatha
4d916ed6c5 nl80211: Register for only for specific Action frames in AP mode
This makes changes such that hostapd (and wpa_supplicant AP mode)
registers to kernel for specific Action frames instead of generically
registering for all Action frames. This makes it easier for other
programs to register for some Action frames that hostapd does not handle
today without having to somehow coordinate directly with hostapd.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-21 00:07:42 +03:00
Purushottam Kushwaha
467fc149d3 P2PS: Correct config_methods for different P2P cases
Add P2PS config flag only when config_methods are set. This restores the
pre-P2PS behavioer for the cases where Display or Keypad config method
is specified for a peer (i.e., do not add the new P2PS method in that
case).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-19 19:16:10 +03:00
Jouni Malinen
9d136b00ac EAP-SAKE: Do not debug print result if eap_sake_compute_mic() fails
This gets rid of a valgrind warning on uninitialized memory read in the
eap_proto_sake_errors test case where the result was used after the
failed eap_sake_compute_mic() call.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-16 22:26:37 +03:00
Jouni Malinen
0884633577 EAP-PAX: Do not debug print result if eap_pax_mac() fails
This gets rid of a valgrind warning on uninitialized memory read in the
eap_proto_pax_errors test case where the result was used after the
failed eap_pax_mac() call.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-16 22:25:25 +03:00
Jouni Malinen
92abe3782f EAP-FAST: Check sha1_t_prf() result in eap_fast_get_cmk()
This gets rid of a valgrind warning on uninitialized memory read in the
eap_proto_fast_errors test case where the result was used after the
failed sha1_t_prf() call.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-16 22:24:01 +03:00
Jouni Malinen
636a23881b WPS: Check sha256_vector() result in wps_build_oob_dev_pw()
This gets rid of a valgrind warning on uninitialized memory read in the
wpas_ctrl_error test case where the result was used after the failed
sha256_vector() call.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-16 21:06:44 +03:00
Jouni Malinen
2c3d95c7e0 Check md5_vector() result in decrypt_ms_key()
This gets rid of a valgrind warning on uninitialized memory read in the
hostapd_oom_wpa2_eap_connect test case where the result is used after
failed md5_vector() call.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-16 20:08:53 +03:00
Jouni Malinen
38eee0f599 Check hmac_md5() result in radius_msg_verify_msg_auth()
This gets rid of a valgrind warning on uninitialized memory read in the
hostapd_oom_wpa2_eap_connect test case where memcmp is used after failed
hmac_md5() call.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-16 20:07:58 +03:00
Jouni Malinen
05dad946b3 Check md5_vector() result in radius_msg_verify()
This gets rid of a valgrind warning on uninitialized memory read in the
hostapd_oom_wpa2_eap test case where memcmp is used after failed
md5_vector() call.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-16 20:07:53 +03:00
Jouni Malinen
aae125e2cf WPS: Fix debug prints in wps_derive_psk() error case
Check for hmac_sha256() failures and exit from wps_derive_psk() without
printing out the derived keys if anything fails. This removes a valgrind
warning on uninitialized value when running the ap_wps_m3_oom test case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-16 19:35:03 +03:00
SiWon Kang
7a1887faec wpa_cli: Add backspace key process for some terminal
In some terminal, verified with gtkterm and teraterm, backspace key is
not properly processed. For instance, type 'abc', 3 times of backspace
key press then '123' shows the result of 'abc123' instead of '123'. To
fix this, add a routine to process '\b' character input when using
edit_simple.c instead of edit.c (i.e., without CONFIG_WPA_CLI_EDIT=y).

Signed-off-by: Siwon Kang <kkangshawn@gmail.com>
2016-05-13 18:48:45 +03:00
Johannes Berg
d58b60da87 drivers: Add NEED_RADIOTAP
If there's ever a driver that, like nl80211, requires radiotap,
we need to have a NEED_RADIOTAP variable to avoid trying to link
the radiotap helpers twice. Introduce that.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
2016-05-13 18:29:01 +03:00
Jouni Malinen
6a9681e90c OpenSSL: Make dh5_init() match the generic implementation
Commit 4104267e81 ('Fix memory leak on NFC
DH generation error path') modified the generic (non-OpenSSL)
implementation of dh5_init() to free the previously assigned public key,
if any. However, that commit did not modify the OpenSSL specific version
of this function. Add the same change there to maintain consistent
behavior between these two implementations of the same function.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-13 18:25:57 +03:00
Rujun Wang
46bac6520d WPS: Fix segmentation fault in new DH key derivation
Commit 4104267e81 ('Fix memory leak on NFC
DH generation error path') modified dh5_init() behavior in the
non-OpenSSL implementation to free the public key (if any was previously
set). However, this did not update one of the callers to make sure the
publ argument in the call is initialized. This could result in trying to
free invalid pointer and segmentation fault when hostapd or
wpa_supplicant was built against some other crypto library than OpenSSL.

Signed-off-by: Rujun Wang <chinawrj@gmail.com>
2016-05-13 18:25:47 +03:00
David Benjamin
e4471338c6 OpenSSL: BoringSSL has SSL_get_client_random(), etc.
BoringSSL added OpenSSL 1.1.0's SSL_get_client_random() and friends in
working towards opaquifying the SSL struct. But it, for the moment,
still looks more like 1.0.2 than 1.1.0 and advertises
OPENSSL_VERSION_NUMBER as such. This means that there is no need to
define those in BoringSSL and defining them causes conflicts. (C does
not like having static and non-static functions with the same name.)

As requested, this is conditioned on defined(BORINGSSL_API_VERSION) so
wpa_supplicant may continue to support older BoringSSLs for a time.
(BoringSSL revisions without the accessors predate BoringSSL maintaining
a BORINGSSL_API_VERSION.)

Also add a missing opensslv.h include. tls_openssl.c is sensitive to
OPENSSL_VERSION_NUMBER, so it should include the header directly rather
than rely on another header to do so.

Signed-off-by: David Benjamin <davidben@google.com>
2016-05-10 19:36:46 +03:00
Paul Stewart
0fe5a23424 Remove newlines from wpa_supplicant config network output
Spurious newlines output while writing the config file can corrupt the
wpa_supplicant configuration. Avoid writing these for the network block
parameters. This is a generic filter that cover cases that may not have
been explicitly addressed with a more specific commit to avoid control
characters in the psk parameter.

Signed-off-by: Paul Stewart <pstew@google.com>
2016-05-02 11:08:25 +03:00
Jouni Malinen
ecbb0b3dc1 WPS: Reject a Credential with invalid passphrase
WPA/WPA2-Personal passphrase is not allowed to include control
characters. Reject a Credential received from a WPS Registrar both as
STA (Credential) and AP (AP Settings) if the credential is for WPAPSK or
WPA2PSK authentication type and includes an invalid passphrase.

This fixes an issue where hostapd or wpa_supplicant could have updated
the configuration file PSK/passphrase parameter with arbitrary data from
an external device (Registrar) that may not be fully trusted. Should
such data include a newline character, the resulting configuration file
could become invalid and fail to be parsed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-02 11:08:25 +03:00
Rafał Miłecki
f4830bed66 nl80211: Try running without mgmt frame subscription (driver AP SME)
One of supported code paths already allows this scenario. It is used if
driver doesn't report NL80211_ATTR_DEVICE_AP_SME and doesn't support
monitor interface. In such situation:
1) We don't quit if subscribing for WLAN_FC_STYPE_PROBE_REQ fails
2) We don't try subscribing for WLAN_FC_STYPE_ACTION
3) We fallback to AP SME mode after failing to create monitor interface
4) We don't quit if subscribing for WLAN_FC_STYPE_PROBE_REQ fails
Above scenario is used, e.g., with brcmfmac. As you can see - thanks to
events provided by cfg80211 - it's not really required to receive Probe
Request or action frames.

However, the previous implementation did not allow using hostapd with
drivers that:
1) Report NL80211_ATTR_DEVICE_AP_SME
2) Don't support subscribing for PROBE_REQ and/or ACTION frames
In case of using such a driver hostapd will cancel setup after failing
to subscribe for WLAN_FC_STYPE_ACTION. I noticed it after setting flag
WIPHY_FLAG_HAVE_AP_SME in brcmfmac driver for my experiments.

This patch allows working with such drivers with just a small warning
printed as debug message.

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
2016-04-28 20:47:12 +03:00
Jouni Malinen
60d9f67c68 WPS: Explicitly clear wpabuf memory with key information
This reduces duration that private keying material might remain in the
process memory by clearing wpabuf data used in WPS operations when there
is possibility of the buffer including keys or related material.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-04-28 20:32:15 +03:00
Bala Krishna Bhamidipati
a911227061 Add assocresp_elements parameter for hostapd
This new parameter allows hostapd to add Vendor Specific elements into
(Re)Association Response frames similarly to the way vendor_elements
parameter can be used for Beacon and Probe Response frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-04-20 13:12:50 +03:00
Jouni Malinen
49fe2ada20 OpenSSL: Support OpenSSL 1.1.0 DH opacity
The OpenSSL 1.1.0 Beta 2 release made DH opaque and that broke
compilation of crypto_openssl.c. Fix this by using the new accessor
functions when building against OpenSSL 1.1.0 or newer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-04-20 01:20:00 +03:00
Günther Kelleter
b92d2a57ef FT: Fix RRB for FT over-the-air case
Commit 66d464067d ('FT: Register RRB
l2_packet only if FT-over-DS is enabled') disabled RRB l2_packet socket
if ft_over_ds is disabled, but this socket is required for FT
over-the-air, too (FT key distribution). Enable the socket regardless of
ft_over_ds setting if FT is enabled.

Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>
2016-04-19 00:57:17 +03:00
Sunil Dutt
ac7aea862f Assign QCA vendor command/attributes for set/get wifi configuration
This adds QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION and
QCA_NL80211_VENDOR_SUBCMD_GET_WIFI_CONFIGURATION and the attributes used
with these commands.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-04-19 00:49:33 +03:00
Purushottam Kushwaha
57b38882e5 P2P: Add P2P_GROUP_MEMBER command to fetch client interface address
This allows local GO to fetch the P2P Interface Address of a P2P Client
in the group based on the P2P Device Address for the client. This
command should be sent only on a group interface (the same peer may be
in multiple concurrent groups).

Usage:
P2P_GROUP_MEMBER <P2P Device Address>

Output:
<P2P Interface Address>

Signed-off-by: Purushottam Kushwaha <pkushwah@qti.qualcomm.com>
2016-04-19 00:41:16 +03:00
Lior David
0ee8925098 P2P: Trigger event when invitation is accepted
Trigger an event when wpa_supplicant accepts an invitation to re-invoke
a persistent group. Previously wpa_supplicant entered group formation
without triggering any specific events and it could confuse clients,
especially when operating with a driver that does not support
concurrency between P2P and infrastructure connection.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2016-04-18 16:57:05 +03:00
Jouni Malinen
bd86ea0808 nl80211: Get rid of unused assignment warning
The os_snprintf() call here cannot really fail in practice, but since
its result was stored into the local variable and not checked, static
analyzers could warn about the unused assignment. Clean this up by
checking the return value.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-04-17 18:43:30 +03:00
Roy Marples
18ae3a675c bsd: Set level correctly for non FreeBSD systems
Only FreeBSD treats rssi as dBm, other BSD have no special meaning to
rssi.

Signed-off-by: Roy Marples <roy@marples.name>
2016-04-17 18:34:22 +03:00
Beni Lev
b5d172e578 nl80211: Add support for global RRM flag
Set the global RRM flag if global RRM is supported by the device. Also,
allow RRM in (Re)Association Request frame if the global RRM flag is
set.

Signed-off-by: Beni Lev <beni.lev@intel.com>
2016-04-17 12:41:44 +03:00
Beni Lev
a7f0bb7000 driver: Add global RRM support flag
This flag indicates that RRM can be used in (Re)Association Request
frames, without supporting quiet period.

Signed-off-by: Beni Lev <beni.lev@intel.com>
2016-04-17 12:37:08 +03:00
David Spinadel
864b95225c nl80211: Register to receive Radio Measurement Request frames
Register to receive Radio Measurement Request frames since LCI request
is supported by wpa_supplicant.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-17 12:32:14 +03:00
David Spinadel
220754c553 hostapd: Add FTM range request
Add FTM range request via RRM. The AP sends Radio measurement request
with FTM range request as a request for the receiving STA to send FTM
requests to the given list of APs. The neighbor report part of the
request is taken from the neighbor database.

The control interface command is:

REQ_RANGE <dst addr> <rand_int> <min_ap> <responder> [<responder>..]

dst addr: MAC address of an associated STA
rand_int: Randomization Interval (0..65535) in TUs
min_ap: Minimum AP Count (1..15); minimum number of requested FTM ranges
	between the associated STA and the listed APs
responder: List of BSSIDs for neighboring APs for which a measurement
	is requested

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-17 12:29:12 +03:00
David Spinadel
f4f185a224 hostapd: Add LCI request
Add a hostapd control interface command REQ_LCI to request LCI from an
associated station using radio measurement.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-17 12:29:12 +03:00
David Spinadel
629e1804da hostapd: Save RM enabled capability of station
Save RM enabled capability element of an associating station if radio
measurement is supported in its capability field.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-17 12:29:12 +03:00
David Spinadel
2572df34b2 hostapd: Handle Neighbor Report Request frame
Process Neighbor Report Request frame and send Neighbor Report Response
frame based on the configured neighbor report data.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-17 12:29:07 +03:00
David Spinadel
061269b316 hostapd: Add own neighbor report data to neighbor database
Add own neighbor report data to neighbor database based on local LCI and
location civic data.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-16 21:05:40 +03:00
David Spinadel
9b4b226426 hostapd: Add a database of neighboring APs
Add a configurable neighbor database that includes the content of
Nighbor Report element, LCI and Location Civic subelements and SSID.

All parameters for a neighbor must be updated at once; Neighbor Report
element and SSID are mandatory, LCI and civic are optional. The age of
LCI is set to the time of neighbor update.

The control interface API is:
SET_NEIGHBOR <BSSID> <ssid=SSID> <nr=data> [lci=<data>] [civic=<data>]

To delete a neighbor use:
REMOVE_NEIGHBOR <BSSID> <SSID>

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-16 21:05:40 +03:00
David Spinadel
010182120d hostapd: Extend the configuration of RRM capabilities
Extend the radio_measurements parameter to save all the supported
RRM capabilities as it's used in RM enabled capabilities element.

Make this parameter not directly configurable via config file (though,
keep the radio_measurements parameter for some time for backwards
compatibility). Instead, add a configuration option to enable neighbor
report via radio measurements. Other features can be added later as
well.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-16 21:05:39 +03:00
David Spinadel
624b8a061f utils: Add ssid_parse() function
Add a function that parses SSID in text or hex format. In case of the
text format, the SSID is enclosed in double quotes. In case of the hex
format, the SSID must include only hex digits and not be enclosed in
double quotes. The input string may include other arguments after the
SSID.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-16 21:05:37 +03:00
David Spinadel
e4fbc8d423 Add measurement and neighbor report definitions
Add measurement report definitions from Table 9-81 in IEEE
P802.11-REVmc/D5.0 "Measurement type definition for measurement
requests".

Add measurement report definitions from IEEE Std 802.11-2012 Table 8-71
"Location subject definition".

Add neighbor report bandwidth subelement definition from IEEE
P802.11-REVmc/D5.0 MC Table 9-150 - "Optional subelement IDs
neighbor report"

Add neighbor report channel width definition from IEEE
P802.11-REVmc/D5.0, Table 9-152 - "HT/VHT Operation Information
subfields".

Add definitions for neighbor report BSSID info from IEEE
P802.11-REVmc/D5.0, 9.4.2.37 Neighbor Report element.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-09 11:45:42 +03:00
David Spinadel
9d955f751e utils: Rename hostapd_parse_bin to wpabuf_parse_bin and move it
Make the function available as part of the wpabuf API.
Use this renamed function where possible.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-09 11:23:36 +03:00
David Spinadel
74e982d8d7 hostapd: Set LCI and Location Civic information in configuration
Enable configuration of LCI and location civic information in
hostapd.conf.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2016-04-09 11:18:55 +03:00
Jouni Malinen
1854eeca19 Add POLL_STA command to check connectivity in AP mode
The hostapd "POLL_STA <addr>" control interface command can be used to
check whether an associated station ACKs a QoS Data frame. The received
ACK for such a frame is reported as an event message ("AP-STA-POLL-OK
<addr>").

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-04-09 00:30:49 +03:00
Jouni Malinen
3dbfb28cfe Allow AP to disconnect STA without sending Deauth/Disassoc frame
The optional tx=0 parameter can be added to the hostapd
DEAUTHENTICATE/DISASSOCIATE command to request disconnection without
transmitting the Deauthentication/Disassociation frame to the STA.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-04-09 00:30:49 +03:00
Jouni Malinen
de92314033 Add inactive_msec into STA output
This allows external programs to fetch the driver inactivity value for a
specific STA ("STA <addr>" hostapd control interface command).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-04-09 00:30:49 +03:00
Jouni Malinen
61c101186a Extend VENDOR_ELEM parameters to cover non-P2P Probe Request frame
The new VENDOR_ELEM value 14 can now be used to add a vendor element
into Probe Request frames used by non-P2P active scans.

For example:
VENDOR_ELEM_ADD 14 dd05001122330a
and to clear that:
VENDOR_ELEM_REMOVE 14 *

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-04-09 00:30:49 +03:00