Jouni Malinen
d0b251d2e8
wlantest: Fix handling of PTK rekeying
...
Use a temporary PTK buffer during 4-way handshake when rekeying PTK
so that the new EAPOL-Key frame MIC values are checked against the
new PTK and frames are decrypted using the old PTK. Take the new
PTK into use once msg 4/4 is processed and clear RSC counters at
that point (including moving of RSC update to avoid setting RSC
based on the msg 4/4).
In addition, add a workaround to handle supplicant implementations that
set Secure bit to one during PTK rekeying 4-way handshake in msg 2/4.
This was previously assumed to be msg 4/4, but the key data contents
can be used to figure out whether this is msg 2/4 even if the Secure
bit is set to one.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-14 22:36:02 +02:00
Jouni Malinen
62f05ce9c5
wlantest: Add STA counters for disconnect reason 6/7 RX
...
These can be useful in tests involving association state mismatch
between the AP and the STA (i.e., STA assumes it is still associated
but the AP does not have association state). In such a case, the AP
would be sending out unprotected Deauthentication or Disassociation
frames with reason code 6 or 7 depending on what frame is triggering
this.
2011-10-26 00:06:06 +03:00
Jouni Malinen
6908d459e2
wlantest: Verify that comeback assoc resp includes correct type
...
The Timeout Interval element needs to use Association Comeback time
for the case when (Re)Association Response frame uses Status Code 30.
Verify this before incrementing the (re)assocresp_comeback counters.
2011-09-20 20:13:18 +03:00
Jouni Malinen
02b915f689
wlantest: Allow injection of unprotected frames to unknown BSS
2011-08-28 19:19:38 +03:00
Jouni Malinen
6ca4da6518
wlantest: Use source address of TDLS Setup Confirm failure for matching
...
This is needed to be able to find the correct TDLS entry for the
frame regardless of whether a FromDS or ToDS frame is being processed.
2011-03-14 21:35:40 +02:00
Jouni Malinen
39c147261e
wlantest: Fix source address for FromDS frames
2011-03-14 21:35:14 +02:00
Jouni Malinen
9a994178f1
wlantest: Add command for adding WEP keys during run time
2011-01-28 13:33:21 +02:00
Jouni Malinen
dfaeda0492
Fix couple of compiler warnings about uninitialized variables
2011-01-26 21:29:28 +02:00
Jouni Malinen
4e062e35de
wlantest: Handle missing fields in TDLS Setup Confirm error case
2011-01-24 20:51:28 +02:00
Jouni Malinen
2878cae7a7
wlantest: Handle missing fields in TDLS Setup Response error case
2011-01-24 18:16:26 +02:00
Jouni Malinen
5acf56f6a2
wlantest: Count TDLS Teardown messages
2011-01-24 17:00:28 +02:00
Jouni Malinen
9559a7f882
wlantest: Fix compiler warnings
2011-01-24 16:57:36 +02:00
Jouni Malinen
44a0486607
wlantest: Fix TDLS setup failure counting
...
Need to be able to handle TDLS Setup Response frame with LinkId IE
when non-zero status code is used. In addition, allow finding of a
TDLS entry based on real BSSID instead of the one used in the LinkId
to allow negative testing of different BSS.
2011-01-24 15:25:59 +02:00
Jouni Malinen
244c9303cb
wlantest: Determine ping matches properly for direct link
...
Check ICMP echo request/response matches for both STAs to get proper
counter values for a ping from a one STA to another one using TDLS.
2011-01-24 14:50:51 +02:00
Jouni Malinen
719e7eb28d
wlantest: Set direct links down on deauth/disassoc
2011-01-24 14:34:54 +02:00
Jouni Malinen
0d2e395d74
wlantest: Maintain only a single entry for an active direct link
...
The TDLS link itself is bidirectional, but there is explicit
initiator/responder roles. Remove the other direction of the link if it
exists when processing TDLS Setup Confirm to make sure that the link
counters are stored for the current TDLS entery.
This is also changing the control interface search for TDLS counters
to require initiator/responder addresses in the correct order instead
of matching entries regardless of the role.
2011-01-24 14:34:45 +02:00
Jouni Malinen
eb4923fdae
wlantest: Add counters for TDLS setup frames
2011-01-24 14:03:03 +02:00
Jouni Malinen
8a1cf4be21
wlantest: Add TDLS entry on TDLS Setup Request
...
This will make the TDLS counters available even if setup fails.
2011-01-19 14:00:14 +02:00
Jouni Malinen
2caf69247b
wlantest: Check WPA/RSN IE match between AssocReq and Beacon
...
Note unexpected WPA/RSN IE in AssocReq and ignore them if the last
Beacon/ProbeResp from the AP is not advertising support for
WPA/RSN.
2011-01-17 19:52:35 +02:00
Jouni Malinen
2e479416d1
wlantest: Add support for decrypting WEP frames
2011-01-14 17:43:17 +02:00
Jouni Malinen
3558c41ee7
wlantest: Add more details for CCMP MIC failures
2011-01-14 16:32:59 +02:00
Jouni Malinen
ef44a08bea
wlantest: Fix masking of CCMP AAD QC field
2011-01-14 16:32:14 +02:00
Jouni Malinen
0a9ddd92cd
wlantest: Add STA counter prot_data_tx
2011-01-07 17:09:09 +02:00
Jouni Malinen
e7ba4e2c74
wlantest: Add counters for AP deauth/disassoc while asleep/awake
...
These can be used to check whether the STA is in power save mode
and because of that, is not seeing disconnection notifications.
2011-01-07 16:52:56 +02:00
Jouni Malinen
7e7a57ae3f
wlantest: Track station PS state
2011-01-07 15:54:58 +02:00
Jouni Malinen
01b397dd94
wlantest: Add more details for replay debug messages
...
These make it easier to find the frame in question when looking at
the capture in Wireshark.
2011-01-07 14:17:08 +02:00
Jouni Malinen
62a0255c1f
wlantest: Skip frames inserted by wlantest when reading pcap file
...
This makes debug output clearer when re-reading a file that has
previously been processed and decrypted by wlantest.
2011-01-05 10:41:51 +02:00
Jouni Malinen
fb8f5fc6fd
wlantest: Count number of STA ACK'ed Deauth/Disassoc frames
2011-01-03 19:28:40 +02:00
Jouni Malinen
1da4da6f76
wlantest: Add ping_ok_first_assoc STA counter
...
This can be used to verify whether ping goes through between
clearing of the STA counters and the first (re)association.
2011-01-03 16:54:14 +02:00
Jouni Malinen
a8401116e1
wlantest: Add more debug output for frame injection failures
2010-12-21 12:48:53 +02:00
Jouni Malinen
880a97dc5d
wlantest: Fix management frame injection
...
The TDLS special case was supposed to apply to only Data frames.
2010-12-21 12:48:03 +02:00
Jouni Malinen
71a7e936e1
wlantest: Fix buffer read overflow on CCMP encryption
...
The encryption code may write a full AES block to the end of the
buffer, so make sure the temporary buffer is long enough to fit that
data.
2010-12-17 11:02:56 +02:00
Jouni Malinen
4d00fe48e3
wlantest: Fix error path in TDLS-not-found case
2010-12-17 08:26:39 +02:00
Jouni Malinen
30e09b0d75
wlantest: Avoid aliasing a function parameter by renaming local variable
2010-12-17 08:22:07 +02:00
Jouni Malinen
cb384549e2
wlantest: Remove unnecessary validation code
...
This condition is already checked above when figuring out whether a key
is known and as such, there is no point in keeping this check here.
2010-12-17 08:16:12 +02:00
Jouni Malinen
ef00c78097
wlantest: Replace pcap header directory
...
The use of the pcap subdirectory seems to be limited to some of the
newer Linux distros only, so use the older paths to pcap.h and
pcap-bpf.h to make wlantest bit more easier to compile on older
systems.
2010-12-17 08:06:52 +02:00
Jouni Malinen
0e42fff3de
wlantest: Add counters and AP/direct path validation for TDLS
...
These can be used to write automated test scripts for verifying
that TDLS STAs are using correct data path.
2010-12-16 19:08:49 +02:00
Jouni Malinen
29ec745719
wlantest: Check FTIE MIC in TDLS Teardown messages
2010-12-16 17:08:00 +02:00
Jouni Malinen
b3a6d9d400
wlantest: Add send command for injecting raw frames
...
This can be used by external programs (e.g., wlantest_cli) to inject
raw frames (hex dump of the frame header and body). The data can be
requested to be sent as-is or protected with the current key.
2010-12-16 16:11:54 +02:00
Jouni Malinen
b39f58347d
wlantest: Add support for decrypting TDLS frames
...
Derive TPK based on TDLS TPK Handshake and decrypt frames on the
direct link with TPK-TK.
2010-12-13 11:20:55 +02:00
Jouni Malinen
0f3e4f2a83
wlantest: Add support for reading DLT_IEEE802_11 pcap files
2010-12-04 11:18:21 -08:00
Jouni Malinen
350132bec5
wlantest: Add support for reading pcap files with prism header
2010-12-02 12:56:37 -08:00
Jouni Malinen
38484f69f9
wlantest: Update STA State based on broadcast Deauth/Disassoc
2010-11-23 14:37:21 +02:00
Jouni Malinen
a912dd16c5
wlantest: Implement IEEE 802.11 duplicate detection
...
This cleans up debug logs by avoiding incorrect entries on TKIP/CCMP
replays and some state changes.
2010-11-23 14:27:28 +02:00
Jouni Malinen
107ad4e323
wlantest: Show broadcast Deauth/Disassoc info in debug
2010-11-23 13:16:23 +02:00
Jouni Malinen
f665867bd1
wlantest: Check STA State when validating need for CCMP for mgmt
...
If the STA is in State 1 or 2, Deauth/Disassoc frames are not
protected, so no need to complain about them being sent without CCMP.
2010-11-23 13:15:25 +02:00
Jouni Malinen
783a082ccc
wlantest: Add per-BSS counters for BIP deauth/disassoc
2010-11-21 21:50:28 +02:00
Jouni Malinen
cdd71e307e
wlantest: Add per-STA counter for (Re)AssocResp comeback frames
2010-11-21 21:24:20 +02:00
Jouni Malinen
fc686b1994
wlantest: Use helper functions to parse BSS/STA parameters
2010-11-21 18:18:01 +02:00
Jouni Malinen
2fc0cd54db
wlantest: Add functionality for fetching STA/BSS information
2010-11-21 18:01:18 +02:00
Jouni Malinen
221519dea3
wlantest: Derive PMK to existing BSSes when a new passphrase is added
2010-11-21 13:19:43 +02:00
Jouni Malinen
81d5989176
wlantest: Fix CCMP header generation to include reserved field
2010-11-21 13:18:57 +02:00
Jouni Malinen
0778c8f5ed
wlantest: Add more debugging details for PMK selection
2010-11-21 13:18:02 +02:00
Jouni Malinen
902621e2b0
wlantest: Show encrypted version on injected frame in debug
2010-11-21 13:17:35 +02:00
Jouni Malinen
13b9f3a1f9
wlantest: Add history file for wlantest_cli
2010-11-21 12:09:27 +02:00
Jouni Malinen
8953e9681a
edit: Move history save file specification to caller
2010-11-21 11:43:09 +02:00
Jouni Malinen
ee3b84beb3
wlantest: Parse ICMP echo packet and record STA ping success
2010-11-20 22:34:42 +02:00
Jouni Malinen
161d0339c6
wlantest: Move RX EAPOL processing into its own file
2010-11-20 21:40:04 +02:00
Jouni Malinen
0954399c90
wlantest: Use proper cmd length in fetching STA list
2010-11-20 12:43:16 +02:00
Jouni Malinen
79a670cbf7
wlantest: Add pre-command completion functions
...
This allows the parameters to each command to be completed.
2010-11-20 12:35:11 +02:00
Jouni Malinen
ef49bb80a9
wlantest: Add interactive mode to wlantest_cli
2010-11-20 10:48:32 +02:00
Jouni Malinen
57f7d03f91
wlantest: Do not add new BSS/STA entries based on ctrl commands
...
Introduce bss_find()/sta_find() as an alternative bss_get()/sta_get()
command that do not allocate new BSS/STA entry if no existing entry
is found.
2010-11-19 22:00:10 +02:00
Jouni Malinen
fbdd21327e
wlantest: Add add_passphrase command
...
This can be used to add a new known passphrase without having to
restart wlantest.
2010-11-19 19:31:55 +02:00
Jouni Malinen
a16c859034
wlantest: Add command for fetching wlantest version
2010-11-19 17:45:19 +02:00
Jouni Malinen
990153b4dd
wlantest: Add support for injecting (Re)Association Request frames
2010-11-19 17:09:02 +02:00
Jouni Malinen
2e4c34691b
wlantest: Add support for protecting injected broadcast frames
2010-11-19 16:48:33 +02:00
Jouni Malinen
4adc5e0f0b
wlantest: Add support for injecting Deauth/Disassoc frames
2010-11-19 16:22:44 +02:00
Jouni Malinen
799aa95b23
wlantest: Update SA Query trans id based on injected frame
...
This allows the SA Query transaction id matching code to be used
to verify that a valid response is received for the injected
request.
2010-11-19 16:12:46 +02:00
Jouni Malinen
571ab37b86
wlantest: Add support for CCMP protection for injected frames
2010-11-19 16:09:19 +02:00
Jouni Malinen
7d23e971f0
wlantest: Add preliminary infrastructure for injecting frames
...
This adds new commands for wlantest_cli to request wlantest to
inject frames. This version can only send out Authentication
frames and unprotected SA Query Request frames, but there is
now place to add more frames and encryption with future commits.
2010-11-19 00:35:13 +02:00
Jouni Malinen
6d5ce9fc90
wlantest: Add BSS/STA statistics counters
...
These counters can be cleared and queried from external programs to
script various testing tasks.
2010-11-18 19:05:29 +02:00
Jouni Malinen
d356bd630b
wlantest: Add flush command for dropping all BSS data
2010-11-18 17:36:08 +02:00
Jouni Malinen
6f2346c144
wlantest: Add list_bss and list_sta commands
...
These can be used to list the current BSS and STA information
maintained in wlantest.
2010-11-18 17:17:18 +02:00
Jouni Malinen
a6c1810297
wlantest: Fix wlantest_cli dependency to include wlantest library
2010-11-18 16:27:25 +02:00
Jouni Malinen
644fb8c8a0
wlantest: Add control interface and wlantest_cli
...
This can be used to manage wlantest operation during run time.
2010-11-13 18:38:19 +02:00
Jouni Malinen
77ac47278a
wlantest: Validate EAPOL-Key reserved fields
...
In addition, this handles WPA difference in Key Info for Secure
bit in msg 3/4 and 4/4 (not set, since GTK is not yet available).
2010-11-13 14:09:40 +02:00
Jouni Malinen
ad41bb2ea9
wlantest: Add debug print for ignored group addressed Action frames
2010-11-13 13:18:09 +02:00
Jouni Malinen
f3b9ed70c5
wlantest: Validate MMIE KeyID reserved bits
2010-11-13 13:14:09 +02:00
Jouni Malinen
16b8b6eadf
wlantest: Validate reserved bits in TKIP/CCMP header
2010-11-13 13:03:21 +02:00
Jouni Malinen
20062114cd
wlantest: Verify that TKIP/CCMP frames set ExtIV=1
2010-11-13 12:54:07 +02:00
Jouni Malinen
4dac84539e
wlantest: Implement TKIP replay detection
2010-11-13 12:40:36 +02:00
Jouni Malinen
6c9c513783
wlantest: Add support for WPA key handshakes
...
The Key Data field is handled differently in msg 3/4 and 1/2 in WPA,
so add separate code for processing non-RSN case.
2010-11-13 11:59:43 +02:00
Jouni Malinen
2924b0eb79
wlantest: Add support for TKIP decryption
2010-11-13 11:36:37 +02:00
Jouni Malinen
a9dd29d3e1
wlantest: Use negotiated AKM/cipher to select PMK-to-PTK parameters
2010-11-12 23:33:42 +02:00
Jouni Malinen
42e79f82dc
wlantest: Fix mgmt CCMP decrypt to not crash on failures
2010-11-12 23:28:43 +02:00
Jouni Malinen
2102ecf0b5
wlantest: Verify that unicast robust mgmt frames are protected
2010-11-12 23:17:20 +02:00
Jouni Malinen
070d6173e2
wlantest: Verify MFP use in association with MFPR BSS
2010-11-12 23:16:38 +02:00
Jouni Malinen
994d6a88c5
wlantest: Use MFPC field instead of igtk_set to check if BIP is needed
2010-11-12 23:01:56 +02:00
Jouni Malinen
9bb6cdaaaf
wlantest: Verify that WPA/RSN IE matches in EAPOL-Key and mgmt frames
...
Verify that WPA/RSN IE in (Re)Association Request is identical to the
one used in EAPOL-Key message 2/4.
Verify that WPA/RSN IE in Beacon/Probe Response is identical to the
one(s) used in EAPOL-Key message 3/4.
2010-11-12 22:54:28 +02:00
Jouni Malinen
327f71604c
wlantest: Parse WPA/RSN IE and store info for BSS/STA
...
In addition, verify that the parameters that the STA is requesting
match with what is enabled in the BSS.
2010-11-12 22:40:59 +02:00
Jouni Malinen
8c2cfd973a
wlantest: Dump decrypted Key Data from Group Handshake msg 1/2
2010-11-12 01:02:45 +02:00
Jouni Malinen
64f45d070b
wlantest: Add option for writing a PCAP dump file
...
The output file includes all the capture (or read from wireless PCAP
file) frames in their original contents and another copy of each
frame that is decrypted in wlantest (including EAPOL-Key Key Data
field).
2010-11-12 01:00:31 +02:00
Jouni Malinen
5db8cf314e
wlantest: Add Group Key handshake processing
...
Decrypt GTK/IGTK updates in Group Key message 1/2 and update the
keys. In addition, verify the MIC on both Group Key handshake
messages.
2010-11-11 22:04:38 +02:00
Jouni Malinen
30febd7001
wlantest: Fix Mgmt CCMP replay detection to use correct PN offset
2010-11-11 21:35:30 +02:00
Jouni Malinen
0819b65b17
wlantest: Process Action frames
...
Parse Action frames and verify SA Query transactions.
2010-11-11 21:34:06 +02:00
Jouni Malinen
47fe6880ed
wlantest: Decrypt CCMP protected unicast Robust Management frames
2010-11-11 20:46:15 +02:00
Jouni Malinen
2edd5c23ad
wlantest: Add replay detection for CCMP
2010-11-11 20:21:11 +02:00
Jouni Malinen
07d0a5be45
wlantest: Decrypt group addressed Data frames
2010-11-11 19:53:12 +02:00
Jouni Malinen
d318c534da
wlantest: Add support for decrypting CCMP protected unicast Data frames
2010-11-11 01:29:30 +02:00
Jouni Malinen
4d4c29158d
wlantest: Fix BIP replay detection
2010-11-10 16:59:45 +02:00
Jouni Malinen
bacc31286c
wlantest: Validate MMIE MIC
2010-11-10 02:06:59 +02:00
Jouni Malinen
f0a782979d
wlantest: Parse KDEs from message 2/4
2010-11-10 01:16:32 +02:00
Jouni Malinen
c09caa5882
wlantest: Use more consistent debug levels for keys
2010-11-09 20:35:24 +02:00
Jouni Malinen
4d9f9ee7e5
wlantest: Parse Key Data KDEs and store GTK and IGTK
2010-11-09 20:29:12 +02:00
Jouni Malinen
8672562b04
wlantest: Decrypt EAPOL-Key 3/4 Key Data
2010-11-09 00:39:43 +02:00
Jouni Malinen
d06df64d14
wlantest: Derive PMK from RADIUS exchange
...
Decrypt MPPE keys and derive PMK from RADIUS exchange if RADIUS
shared secret is known. Use the derived PMK when trying to derive
PTK during 4-Way Handshake.
2010-11-07 23:29:02 +02:00
Jouni Malinen
3215df77ee
wlantest: Add capturing and parsing of RADIUS messages
...
Another interface (-I) or pcap file (-R) can now be specified as a
source of RADIUS packets. These packets are now parsed, but the
MSK is not yet derived for PMK use.
2010-11-07 23:29:02 +02:00
Jouni Malinen
4bc82fc7ae
wlantest: Fix LLC debug print
2010-11-07 23:29:01 +02:00
Jouni Malinen
53650bcab4
wlantest: Add PTK derivation based on passphrases
...
Allow pre-configuration of passphrases (-p<passphrase>) to provide
enough information for wlantest to be able to derive PMK for each
BSS and PTK for each STA going through 4-Way Handshake (at least
message 2 and 3 needs to be received).
2010-11-07 23:29:01 +02:00
Jouni Malinen
32234bba52
wlantest: Parse EAPOL-Key frames
2010-11-07 23:29:01 +02:00
Jouni Malinen
021a6fe499
wlantest: Maintain a copy of WPA/RSN IE from (Re)AssocReq
2010-11-07 23:29:01 +02:00
Jouni Malinen
2d73f0a875
wlantest: Move Mgmt and Data frame processing into their own files
2010-11-07 23:29:01 +02:00
Jouni Malinen
b50111fbb2
wlantest: Move bss_update() into bss.c
2010-11-07 23:29:00 +02:00
Jouni Malinen
d30edf54b8
wlantest: Maintain STA state based on auth/assoc/deauth/disassoc
2010-11-07 23:29:00 +02:00
Jouni Malinen
422ef7d205
wlantest: Create station list for each BSS
2010-11-07 23:29:00 +02:00
Jouni Malinen
d84d389351
wlantest: Maintain table of BSS information
...
Whenever a Beacon or Probe Response frame is observed, add or update
a BSS entry to maintain current information about the active BSSes.
2010-11-07 23:29:00 +02:00
Jouni Malinen
a149fcc77d
wlantest: Add preliminary version of IEEE 802.11 protocol testing tool
...
This tool can be used to capture IEEE 802.11 frames either from a
monitor interface for realtime capturing or from pcap files for
offline analysis. This version is only adding basic infrastructure for
going through the frames and parsing their headers.
2010-11-07 23:29:00 +02:00