Commit graph

1447 commits

Author SHA1 Message Date
Matthew Wang
b97aa038b7 Add WPA_EVENT_{DO,SKIP}_ROAM events
Add events for within-ESS reassociation. This allows us to monitor roam
events, both skipped and allowed, in tests.

Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
2020-06-19 18:34:26 +03:00
Jouni Malinen
0bbab64656 DPP2: Fix dot1x config object parsing without trustedEapServerName
Need to check that the JSON node was found before using its value.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-19 00:13:48 +03:00
Jouni Malinen
8f88dcf050 DPP2: Add an automatic peer_bi entry for CSR matching if needed
This allows the DPP_CA_SET command to be targeting a specific DPP-CST
event in cases where the Configurator did not receive the bootstrapping
information for the peer.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-19 00:13:48 +03:00
Jouni Malinen
b25ddfe9d3 DPP2: Add Enrollee name into CSR as the commonName
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-19 00:13:48 +03:00
Jouni Malinen
11aa77e00f DPP2: GAS comeback response processing for Enrollee over TCP
This is almost identical to processing of the GAS initial response.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-19 00:13:37 +03:00
Jouni Malinen
18e013a93f DPP2: GAS comeback request processing for Configurator over TCP
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-19 00:13:37 +03:00
Jouni Malinen
68d9586a46 DPP2: GAS Comeback Request for the TCP case
Make the Enrollee handle GAS comeback delay when performing DPP over
TCP.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-18 13:17:17 +03:00
Jouni Malinen
a352c7230d DPP2: Comeback delay response for certificate in over TCP case
Send out the GAS Initial Response with comeback delay when Configurator
is operating over TCP.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-18 13:03:29 +03:00
Jouni Malinen
0f9463d6ee DPP2: CSR wait in Configurator when using TCP
Make Configurator wait for CSR (i.e., another Config Request) when using
DPP over TCP similarly to the over Public Action frame case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-18 12:56:51 +03:00
Jouni Malinen
1f86b2c248 DPP2: CSR generation in TCP Client/Enrollee
This was previously covered for the DPP over Public Action frames, but
the DPP over TCP case was missed.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-18 12:10:23 +03:00
Alan Chen
ffc8ae507e Define a new QCA vendor attribute for Optimized Power Management
Define a new attribute configuring Optimized Power Management.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-17 21:59:47 +03:00
Jouni Malinen
3b60f11741 DPP2: Validate CSR on Configurator before forwarding to CA/RA
Parse the received CSR, verify that it has been signed correctly, and
verify that the challengePassword is present and matches the derived cp.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-17 20:33:07 +03:00
Jouni Malinen
c98db9f1f8 DPP2: Add challengePassword into CSR
Derive challengePassword from bk and add it into the CSR.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-17 12:22:08 +03:00
Jouni Malinen
ace3723d98 DPP2: Enterprise provisioning (Enrollee)
Add initial Enrollee functionality for provisioning enterprise (EAP-TLS)
configuration object. This commit is handling only the most basic case
and a number of TODO items remains to handle more complete CSR
generation and config object processing.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-16 18:26:06 +03:00
Jouni Malinen
6568e5d203 DPP2: Enterprise provisioning (Configurator)
Add Configurator functionality for provisioning enterprise (EAP-TLS)
configuration object.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-16 18:24:23 +03:00
Jouni Malinen
4643b2feec DPP2: Enterprise provisioning definitions for dot1x AKM
Add shared AKM definitions for provisioning enterprise (EAP-TLS)
credentials.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-16 18:24:23 +03:00
Jouni Malinen
68ac45d53c GAS server: Support comeback delay from the request handler
Allow GAS request handler function to request comeback delay before
providing the response.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-15 23:56:06 +03:00
Jouni Malinen
6dc2c0118a Update DFS terminology in attribute value documentation
Use "client device" as the term for the device that operates under a
guidance of the device responsible for enforcing DFS rules.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-11 21:53:24 +03:00
Rajkumar Manoharan
1f72bbbefb AP: Reject association request upon invalid HE capabilities
Operation in the 6 GHz band mandates valid HE capabilities element in
station negotiation. Reject association request upon receiving invalid
or missing HE elements.

Signed-off-by: Rajkumar Manoharan <rmanohar@codeaurora.org>
2020-06-10 21:34:38 +03:00
Rajkumar Manoharan
6a34bd3007 HE: Use device HE capability instead of HT/VHT for 6 GHz IEs
Previously, 6 GHz Band Capability element was derived from HT and VHT
capabilities of the device. Removes such unnecessary dependency by
relying directly on the HE capability.

In addition, clean up the struct ieee80211_he_6ghz_band_cap definition
to use a 16-bit little endian field instead of two 8-bit fields to match
the definition in P802.11ax.

Signed-off-by: Rajkumar Manoharan <rmanohar@codeaurora.org>
2020-06-10 21:23:24 +03:00
Jouni Malinen
a77d6d2203 SAE-PK: Update SAE confirm IE design
Move the FILS Public Key element and the FILS Key Confirmation element
to be separate IEs instead of being encapsulated within the SAE-PK
element. This is also removing the unnecessary length field for the
fixed-length EncryptedModifier.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-10 12:47:07 +03:00
Jouni Malinen
363dbf1ece SAE-PK: Remove requirement of SAE group matching SAE-PK (K_AP) group
This was clarified in the draft specification to not be a mandatory
requirement for the AP and STA to enforce, i.e., matching security level
is a recommendation for AP configuration rather than a protocol
requirement.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-10 12:46:49 +03:00
Subrat Dash
411e42673f Move local TX queue parameter parser into a common file
This allows the same implementation to be used for wpa_supplicant as
well.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-09 00:17:39 +03:00
Jouni Malinen
e30dcda3b1 SAE-PK: Fix FILS Public Key element Key Type for ECDSA
Use value 2 to point to RFC 5480 which describes the explicit
indicatiotion of the public key being in compressed form.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 17:11:06 +03:00
Jouni Malinen
4c3fbb2346 SAE-PK: Check minimum password length more accurate
Get the Sec value from the password to check the minimum length based on
the used Sec.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 17:11:06 +03:00
Jouni Malinen
43a191b890 tests: Remove too short SAE-PK passwords
This is in preparation of implementation changes to check SAE-PK
password length more accurately based on the Sec value.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 17:11:06 +03:00
Jouni Malinen
4ff0df39eb SAE-PK: Testing functionality to allow behavior overrides
The new sae_commit_status and sae_pk_omit configuration parameters and
an extra key at the end of sae_password pk argument can be used to
override SAE-PK behavior for testing purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-08 15:21:18 +03:00
Min Liu
5cf91afeeb QCA vendor attribute for dynamic bandwidth adjustment
Define QCA vendor attribute in SET(GET)_WIFI_CONFIGURATION to
dynamically configure capabilities for dynamic bandwidth adjustment.

Signed-off-by: Min Liu <minliu@codeaurora.org>
2020-06-06 15:18:13 +03:00
Min Liu
1a28589b28 QCA vendor attributes for setting channel width
Define QCA vendor attribute in SET(GET)_WIFI_CONFIGURATION to
dynamically configure capabilities for channel width.

Signed-off-by: Min Liu <minliu@codeaurora.org>
2020-06-06 15:18:13 +03:00
Veerendranath Jakkam
18f3f99ac4 Add vendor attributes to configure testing functionality for FT/OCV/SAE
Add new QCA vendor attributes to configure RSNXE Used (FTE), ignore CSA,
and OCI frequency override with QCA vendor command
QCA_NL80211_VENDOR_SUBCMD_WIFI_TEST_CONFIGURATION for STA testbed role.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Min Liu
e53756a64e Fix a typo vendor attribute documentation
Fix a typo in comment of enum qca_wlan_tspec_ack_policy.

Signed-off-by: Min Liu <minliu@codeaurora.org>
2020-06-06 15:18:13 +03:00
Sunil Dutt
960e8e5334 QCA vendor attribute to configure NSS
Defines the attribute in SET(GET)_WIFI_CONFIGURATION to dynamically
configure NSS.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
cc22fb1b86 SAE: Move H2E and PK flags to main sae_data
This maintains knowledge of whether H2E or PK was used as part of the
SAE authentication beyond the removal of temporary state needed during
that authentication. This makes it easier to use information about which
kind of SAE authentication was used at higher layer functionality.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-06 15:18:13 +03:00
Jouni Malinen
c85b39ec50 SAE-PK: Increment the minimum password length to 9
While this is not explicitly defined as the limit, lambda=8 (i.e., 9
characters with the added hyphen) is needed with Sec=5 to reach the
minimum required resistance to preimage attacks, so use this as an
implicit definition of the password length constraint.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-04 23:53:55 +03:00
Jouni Malinen
2c7b5a2c5f tests: Skip too short SAE-PK passwords in positive testing
Lambda >= 12 is needed with Sec = 2, so drop the shorter password
lengths in the sae_pk and module_wpa_supplicant test cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-04 23:53:33 +03:00
Jouni Malinen
d777156e1f SAE-PK: Determine hash algorithm from K_AP group instead of SAE group
While the current implementation forces these groups to be same, that is
not strictly speaking necessary and the correct group to use here is
K_AP, not the SAE authentication group.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-03 17:30:36 +03:00
Jouni Malinen
00e4fbdcc5 tests: Module test for SAE-PK
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-02 23:25:22 +03:00
Jouni Malinen
6b9e99e571 SAE-PK: Extend SAE functionality for AP validation
This adds core SAE functionality for a new mode of using SAE with a
specially constructed password that contains a fingerprint for an AP
public key and that public key being used to validate an additional
signature in SAE confirm from the AP.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-02 23:25:22 +03:00
Jouni Malinen
b6dcbd01a6 SAE-PK: Identifier definitions
Add the assigned identifiers for SAE-PK elements and fields.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-06-02 17:56:45 +03:00
Jouni Malinen
d10a57f6e9 DPP2: Derive a separate key for enveloped data
Derive a new key from bk to be used as the password for PBKDF2 instead
of using ke for this.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-29 21:42:33 +03:00
Jouni Malinen
32d3360f33 DPP: Fix a typo in a comment
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-29 21:35:26 +03:00
Sachin Ahuja
88436baaac Add a vendor attribute to get OEM data
Add an attribute QCA_WLAN_VENDOR_ATTR_OEM_DATA_RESPONSE_EXPECTED
to get the response for the queried data.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-25 23:40:01 +03:00
Sunil Dutt
3f9a89ca1c Vendor attributes for configuring LDPC, TX STBC, RX STBC
Defines the attributes in SET(GET)_WIFI_CONFIGURATION to dynamically
configure capabilities: LDPC, TX STBC, RX STBC.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-25 23:34:37 +03:00
Jouni Malinen
d52067a5b6 OCV: Report validation errors for SA Query Request/Response in AP mode
Add a new OCV-FAILURE control interface event to notify upper layers of
OCV validation issues. This commit adds this for SA Query processing in
AP mode.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-25 18:42:00 +03:00
Jouni Malinen
52579be860 OCV: Move "OCV failed" prefix to callers
Make reporting of OCV validation failure reasons more flexible by
removing the fixed prefix from ocv_verify_tx_params() output in
ocv_errorstr so that the caller can use whatever prefix or encapsulation
that is most appropriate for each case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-25 18:34:59 +03:00
Jouni Malinen
d9532eb70f Debug print PMK-R0/R1 and PMKR0/R1Name in the helper functions
There is no need to have all callers debug print these separately.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-23 21:45:29 +03:00
Min Liu
5ab8ad4cfe Vendor attributes for ssetting TX A-MSDU and RX A-MSDU parameters
Define QCA vendor attributes for SET(GET)_WIFI_CONFIGURATION to
dynamically configure capabilities for TX A-MSDU and RX A-MSDU.

Signed-off-by: Min Liu <minliu@codeaurora.org>
2020-05-21 00:53:20 +03:00
Min Liu
f7a904a283 QCA vendor command for adding and deleting TSPEC
Add a QCA vendor subcommand QCA_NL80211_VENDOR_SUBCMD_CONFIG_TSPEC
to add and delete TSPEC in STA mode.
The attributes defined in enum qca_wlan_vendor_attr_config_tspec
are used to encapsulate required information.

Signed-off-by: Min Liu <minliu@codeaurora.org>
2020-05-21 00:48:11 +03:00
Kiran Kumar Lokere
82867456e9 Vendor attributes to configure PMF protection and disassoc Tx for testing
Add new QCA vendor attributes to configure misbehavior for PMF
protection for Management frames and to inject Disassociation frames.

These attributes are used for testing purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-21 00:35:54 +03:00
Vamsi Krishna
e5e2757455 Add QCA vendor interface support to configure PHY modes
Add an attribute that can be used with
QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION vendor command to
configure different PHY modes to the driver/firmware.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-21 00:33:55 +03:00
Rajkumar Manoharan
88911a0aa4 HE: Add HE 6 GHz Band Capabilities into ieee802_11_parse_elems()
Handle 6 GHz band capability element parsing for association.

Signed-off-by: Rajkumar Manoharan <rmanohar@codeaurora.org>
2020-05-17 16:38:00 +03:00
Rajkumar Manoharan
b2c0b83c66 HE: Remove VHT Operation Information from HE Operation element
The VHT Operation Information subfield is conditonally present, so do
not hardcoded it in struct ieee80211_he_operation. These members of the
struct are not currently used, so these can be removed without impact to
functionality.

Signed-off-by: Rajkumar Manoharan <rmanohar@codeaurora.org>
2020-05-17 16:32:49 +03:00
Rajkumar Manoharan
e297a5bfda HE: Define 6 GHz band capability elements
Defines IEEE P802.11ax/D6.0, 9.4.2.261 HE 6 GHz Band Capabilities
element and 6 GHz Operation Information field of HE Operation element
(IEEE P802.11ax/D6.0, Figure 9-787k).

Signed-off-by: Rajkumar Manoharan <rmanohar@codeaurora.org>
2020-05-17 16:24:08 +03:00
Jouni Malinen
4ae3f39720 Add a helper function for recognizing BIP enum wpa_alg values
Use a shared wpa_alg_bip() function for this and fix the case in
nl_add_key() to cover all BIP algorithms. That fix does not change any
behavior since the function is not currently used with any BIP
algorithm, but it is better to avoid surprises should it ever be needed
with IGTK.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 01:31:19 +03:00
Jouni Malinen
d3cab56c04 Rename WPA_ALG_IGTK to use the correct cipher name for BIP
IGTK is the key that is used a BIP cipher. WPA_ALG_IGTK was the
historical name used for this enum value when only the AES-128-CMAC
based BIP algorithm was supported. Rename this to match the style used
with the other BIP options.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-17 01:31:19 +03:00
Jouni Malinen
f2dbaa8ace SAE: Fix a typo in a comment
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-16 21:01:32 +03:00
Jouni Malinen
0f58c88fc3 DPP2: Fix CONFIG_DPP2=y build with OpenSSL 1.0.2
This file needs the EVP_PKEY_get0_EC_KEY() compatibility wrapper just
like other DPP source code files using this function.

Fixes: 21c612017b ("DPP: Move configurator backup into a separate source code file")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-12 21:02:39 +03:00
Jouni Malinen
db59827a3c DPP2: Extend TCP encapsulation case to support Configurator as Initiator
This allows DPP_AUTH_INIT to be used with tcp_addr=<dst> argument and
Configurator parameters to perform Configurator initiated DPP
provisioning over TCP. Similarly, DPP_CONTROLLER_START can now be used
to specify Configurator/Enrollee roles and extend Controller to work in
Enrollee role.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-12 14:48:49 +03:00
Jouni Malinen
7f20a3ebda DPP2: Reconfiguration support in Controller
Add handling of Reconfiguration messages in Controller.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:11 +03:00
Jouni Malinen
6dcb8aaf13 DPP2: Reconfig Announcement relaying from AP to Controller
Recognize the Reconfig Announcement message type and handle it similarly
to the Presence Announcement in the Relay, i.e., send it to the first
Controller if the local Configurator does not have matching C-sign-key.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:11 +03:00
Jouni Malinen
3b4f7dfaa1 DPP2: Fix Presence Announcement processing in Controller
Use the new struct dpp_authentication instance when setting Configurator
parameters for authentication exchange triggered by Presence
Announcement. conn->auth is NULL here and would cause dereferencing of a
NULL pointer if dpp_configurator_params is set.

Fixes: fa5143feb3 ("DPP2: Presence Announcement processing in Controller")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:11 +03:00
Jouni Malinen
5e2d877cc4 DPP: Mark internal-to-file functions static
These functions are not used outside dpp_crypto.c anymore.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:11 +03:00
Jouni Malinen
3aaf269f67 DPP: Move TCP encapsulation into a separate source code file
This continues splitting dpp.c into smaller pieces.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:11 +03:00
Jouni Malinen
21c612017b DPP: Move configurator backup into a separate source code file
This continues splitting dpp.c into smaller pieces.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:11 +03:00
Jouni Malinen
fdbbb74064 DPP: Move authentication functionality into a separate source code file
This continues splitting dpp.c into smaller pieces.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:11 +03:00
Jouni Malinen
3e48c5d4b4 DPP2: Reconfig Authentication Confirm processing
Extend Enrollee functionality to process Reconfig Authentication
Confirm message and start GAS client.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:11 +03:00
Jouni Malinen
24b01c706b DPP2: Reconfig Authentication Response processing and Confirm generation
Extend Configurator functionality to process Reconfig Authentication
Response message, derive the needed keys, and generate Reconfig
Authentication Confirm message.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 17:26:09 +03:00
Jouni Malinen
65e94351dc DPP2: Reconfig Authentication Request processing and Response generation
Extend Enrollee functionality to process Reconfig Authentication Request
message, derive the needed keys, and generate Reconfig Authentication
Response message.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 16:41:33 +03:00
Jouni Malinen
3774b6bd03 DPP2: Reconfig Authentication Request generation and transmission
Extend Configurator functionality to sign a special Connector for
reconfiguration and reply with Reconfig Authentication Request frame
when Reconfig Announcement frame is received with a matching C-sign key
hash value.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 16:41:33 +03:00
Jouni Malinen
66ac616cdb DPP2: Process received Reconfig Announcement frame
Check if there is a matching Configurator and be ready to initiate
Reconfig Authentication (which itself is not included in this commit).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 16:41:33 +03:00
Jouni Malinen
0c043d9de7 DPP2: Reconfig Announcement transmission
Extend DPP chirping mechanism to allow Reconfig Announcement frames to
be transmitted instead of the Presence Announcement frames. Add a new
wpa_supplicant control interface command "DPP_RECONFIG <network id>" to
initiate reconfiguration for a specific network profile.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 16:41:33 +03:00
Jouni Malinen
92492dd3ac DPP2: Extend connector matching for reconfiguration
Allow the same helper functions to be used with reconfiguration
connector.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 16:41:33 +03:00
Jouni Malinen
961435097b DPP2: Move connStatus object building into a helper function
Allow the same helper function to be used for reconfiguration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 16:41:33 +03:00
Jouni Malinen
94f73f90ef DPP: Move signed connector checking into a helper function
This can be reused for similar need with reconfiguration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 16:41:33 +03:00
Jouni Malinen
94a28a4940 DPP: Move parsing of own connector into a helper function
This can be used for reconfiguration as well.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 16:41:33 +03:00
Jouni Malinen
d4ae12355a DPP: Move PKEX functionality into a separate source code file
This continues splitting dpp.c into smaller pieces.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 16:41:33 +03:00
Jouni Malinen
87b6572616 DPP: Move crypto routines into a separate source code file
This is an initial step in splitting the overly long dpp.c into smaller
pieces.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-11 12:09:24 +03:00
Jouni Malinen
16626dff9b DPP2: Derive bk ("base key")
Split ke derivation into two parts so that the previously used
internal-only PRK gets stored as the bk in the authentication state.
This new key will be needed for deriving additional keys with DPP R2.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-10 15:55:30 +03:00
Jouni Malinen
76029c6e11 DPP: Use EVP_PKEY_get0_EC_KEY() when a const reference is sufficient
This removes unnecessary allocations and simplifies the implementation
by not having to remember to free the cloned reference.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-10 15:55:30 +03:00
Jouni Malinen
481fdfc462 DPP2: Fix URI version parser
Fix a copy-paste error in parsing the version info.

Fixes: 7dd768c3ca ("DPP2: Version information in bootstrapping info URI")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-06 11:58:56 +03:00
Jouni Malinen
7dd768c3ca DPP2: Version information in bootstrapping info URI
Add the local supported version information into the bootstrapping
information (V=2 in the URI) and parse this from received URI.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-05 20:48:23 +03:00
Jouni Malinen
5a0718a19c DPP2: Report MUD URL and bandSupport in control interface events
Report MUD URL and bandSupport from config request if those optional
nodes are included. For now, these are mainly for testing purposes since
there is no mechanism to delay sending of config response.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 15:33:03 +03:00
Jouni Malinen
769139c490 DPP2: Do not include Protocol Version in Auth Req when testing v1
When DPP v2 implementation is hardcoded to behave as v1 for testing
purposes, leave out the Protocol Version attribute form Authentication
Request instead of including it there with indication for v1.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 13:12:21 +03:00
Jouni Malinen
fad64b4168 DPP: Move dppCon signing to a set of helper functions
This simplifies dpp_build_conf_obj_dpp() and makes it easier to share
the signing functionality for other purposes like reconfiguration where
the Configurator needs to sign a dppCon object for itself without
generating the encapsulating config object.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:39:19 +03:00
Jouni Malinen
12c8eacf73 DPP: Allow version number to be overridden for testing purposes
"SET dpp_version_override <ver>" can now be used to request
wpa_supplicant and hostapd to support a subset of DPP versions. In
practice, the only valid case for now is to fall back from DPP version 2
support to version 1 in builds that include CONFIG_DPP2=y.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:45 +03:00
Jouni Malinen
68422fedbf DPP2: Parse DPP KDE in EAPOL-Key Key Data field
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:44 +03:00
Jouni Malinen
b11a12401a DPP2: Add DPP KDE into EAPOL-Key msg 3/4 when using DPP AKM
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-05-04 00:37:44 +03:00
Jouni Malinen
e81e2091b3 Remove now unused Boolean/TRUE/FALSE definitions
The previous users were converted to C99 bool.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-24 17:06:50 +03:00
Jouni Malinen
4d9c313f2a WPA: Fix wpa_parse_kde_ies() handling with vendor specific elements
Documentation of the return values for wpa_parse_vendor_specific() and
wpa_parse_generic() were not accurate and the parsing results from these
were not really handled appropriately. There is no point in calling
wpa_parse_vendor_specific() if wpa_parse_generic() recognizes a KDE. Not
that this would break anything in practice, but still, it looks
confusing.

The part about handling wpa_parse_vendor_specific() return value can, at
least in theory, break some cases where an unexpectedly short KDE/vendor
specific element were present and something would need to be recognized
after it. That does not really happen with any standard compliant
implementation and this is unlikely to cause any real harm, but it is
clearer to handle this more appropriately even for any theoretical case,
including misbehavior of a peer device.

Instead of stopping parsing on too short vendor specific element,
continue parsing the following KDEs/IEs. Skip the
wpa_parse_vendor_specific() call when a KDE has been recognized. Also
fix the return value documentation for wpa_parse_generic() and remove
the useless return value from wpa_parse_vendor_specific().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-24 17:06:50 +03:00
Jouni Malinen
3e6383f31a DPP2: Silence compiler warning with no-CONFIG_DPP2 and OpenSSL 1.0.2
EVP_PKEY_get0_EC_KEY() compatibility wrapper is used only within
CONFIG_DPP2 blocks, so define it with matching condition.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-04-19 17:42:41 +03:00
Disha Das
6b1c590ebb Allow TKIP support to be removed from build
Add a build flag CONFIG_NO_TKIP=y to remove all TKIP functionality from
hostapd and wpa_supplicant builds. This disables use of TKIP as both the
pairwise and group cipher. The end result does not interoperate with a
WPA(v1)-only device or WPA+WPA2 mixed modes.

Signed-off-by: Disha Das <dishad@codeaurora.org>
2020-04-17 23:51:58 +03:00
Edayilliam Jayadev
af0178c75b Add vendor attributes indicating number of spectral detectors
Add per bandwidth capability attributes which indicate the number of
spectral detectors used.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-07 23:05:26 +03:00
Edayilliam Jayadev
7a510a97ba Add an attribute for secondary 80 MHz span of agile spectral scan
Add an attribute QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_FREQUENCY_2
for describing the secondary 80 MHz span of agile spectral scan.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-07 23:03:30 +03:00
Jouni Malinen
512b6c02e0 DPP: Mandate mutual auth with NFC negotiated connection handover
Mark own bootstrap information as having been used in NFC negotiated
connection handover and do not accept non-mutual authentication when
processing Authentication Response from the peer when such bootstrapping
information is used.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-03 16:27:52 +03:00
Jouni Malinen
872299f4b3 DPP2: Store netAccessKey in psk/sae credentials for reconfig
Connector alone is not sufficient for authentication during
reconfiguration, so store the netAccessKey as well.

Fixes: e4eb009d98 ("DPP2: Add Connector and C-sign-key in psk/sae credentials for reconfig")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-03 12:43:48 +03:00
Jouni Malinen
e4eb009d98 DPP2: Add Connector and C-sign-key in psk/sae credentials for reconfig
If the Enrollee indicates support for DPP R2 or newer, add Connector and
C-sign-key in psk/sae credentials (i.e., cases where DPP AKM is not
enabled) for reconfiguration. Extend processing of such credentials in
wpa_supplicant network profile addition to handle this new case
correctly by not setting key_mgmt=DPP based on Connector being present,
but by looking at the actual akm value in the config object.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-02 21:34:49 +03:00
Jouni Malinen
0e794989e5 Beacon frame protection event for incorrect protection
Define a driver interface event for Beacon frame protection failures.
Report such events over the control interface and send a
WNM-Notification Request frame to the AP as well.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-04-01 16:22:48 +03:00
Jouni Malinen
80914e9eb2 DPP2: Fix build with OpenSSL 1.0.2 (EVP_PKEY_get0_EC_KEY() wrapper)
EVP_PKEY_get0_EC_KEY() was added in OpenSSL 1.1.0, so add a
compatibility wrapper for it when building with OpenSSL 1.0.2.

Fixes: c025c2eb59 ("DPP: DPPEnvelopedData generation for Configurator backup")
Fixes: 7d9e320054 ("DPP: Received Configurator backup processing")
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-29 21:15:16 +03:00
Sathishkumar Muruganandam
2b4f9ce287 hostapd: Add HE bit in BSSID Information field of own Neighbor Report
Add definition for HE bit in neighbor report BSSID Information field
from IEEE P802.11ax/D6.0, 9.4.2.36 Neighbor Report element.

Signed-off-by: Sathishkumar Muruganandam <murugana@codeaurora.org>
2020-03-27 23:52:24 +02:00
Jouni Malinen
80d0e50dc5 DPP2: Use a helper function for encapsulating TCP message
This functionality was repeated for multiple different frames. Use a
shared helper function to avoid such duplication.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 20:05:25 +02:00
Jouni Malinen
fa5143feb3 DPP2: Presence Announcement processing in Controller
Process the received Presence Announcement frames in Controller. If a
matching bootstrapping entry for the peer is found, initiate DPP
authentication to complete provisioning of the Enrollee.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 20:05:25 +02:00
Jouni Malinen
db1ef82538 DPP2: Presence Announcement processing in AP/Relay
Process the received Presence Announcement frames in AP/Relay. If a
matching bootstrapping entry for the peer is found in a local
Configurator, that Configurator is used. Otherwise, the frame is relayed
to the first configured Controller (if available).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 20:05:25 +02:00
Jouni Malinen
06dd32903d DPP2: Presence Announcement processing at Configurator
Process received Presence Announcement frames and initiate
Authentication exchange if matching information is available on the
Configurator.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 20:05:25 +02:00
Jouni Malinen
562f77144c DPP2: Chirping in wpa_supplicant Enrollee
Add a new wpa_supplicant control interface command "DPP_CHIRP own=<BI
ID> iter=<count>" to request chirping, i.e., sending of Presence
Announcement frames, to be started.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 20:05:25 +02:00
Jouni Malinen
1f0226770c DPP2: Add a helper function for building Presence Announcement frame
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 17:44:06 +02:00
Jouni Malinen
7cba35b0ed DPP2: New identifier definitions
Add new identifier definitions for presence announcement,
reconfiguration, and certificate enrollment.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 17:44:06 +02:00
Jouni Malinen
547dc7eaa3 DPP: Add DPP_BOOTSTRAP_SET command
"DPP_BOOTSTRAP_SET <ID> <configurator parameters..>" can now be used to
set peer specific configurator parameters which will override any global
parameters from dpp_configurator_params.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 17:44:06 +02:00
Jouni Malinen
804fc268af DPP: Allow per-peer configurator parameters to be set
This is a more convenient way of addressing cases where a
Configurator/Controller may store a large number of peer bootstrapping
information instances and may need to manage different configuration
parameters for each peer while operating as the Responder.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 17:44:06 +02:00
Jouni Malinen
514cc49ba5 DPP: Store global pointers in struct dpp_authentication
Set the global pointer and msg_ctx when allocating struct
dpp_authentication instead of needing to pass these to
dpp_set_configurator().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-27 17:44:06 +02:00
Jouni Malinen
9d1857cf35 Process Transition Disable KDE in station mode
Check whether the Transition Disable KDE is received from an
authenticated AP and if so, whether it contains valid indication for
disabling a transition mode. If that is the case, update the local
network profile by removing the less secure options.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 00:13:14 +02:00
Jouni Malinen
3eb9ddc658 Transition Disable KDE definitions
Define the OUI Type and bitmap values for Transition Disable KDE. These
will be shared by both the AP and STA implementations.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-26 00:12:39 +02:00
Wu Gao
a72ec4c221 Add addition CFR capture type to filter all NDPA NDP frames
Add QCA_WLAN_VENDOR_CFR_NDPA_NDP_ALL in enum
qca_wlan_vendor_cfr_capture_type. This capture type requests all NDPA
NDP frames to be filtered.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-25 12:05:14 +02:00
Wu Gao
a163bfe2bc Change CFR attributes from required to optional
Some CFR attributes are used frequently with conditions, so change them
from required to optional.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-25 12:04:37 +02:00
John Crispin
1e8ea0833d HE: Add HE support to hostapd_set_freq_params()
The parameters that need to be applied are symmetric to those of VHT,
however the validation code needs to be tweaked to check the HE
capabilities.

Signed-off-by: Shashidhar Lakkavalli <slakkavalli@datto.com>
Signed-off-by: John Crispin <john@phrozen.org>
2020-03-23 18:08:50 +02:00
Wu Gao
bb08be757f Extend vendor attributes to support enhanced CFR capture
Enhanced channel frequency response supports capturing of channel status
information based on RX. Define previous CFR as version 1 and enhanced
CFR as version 2. If target supports both versions, two versions can't
be enabled at same time. Extend attributes for enhanced CFR capture in
enum qca_wlan_vendor_peer_cfr_capture_attr.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-23 15:39:36 +02:00
Noam Shaked
30ac8ddaf6 Add QCA vendor attributes for ACS over EDMG (IEEE 802.11ay)
QCA_WLAN_VENDOR_ATTR_ACS_EDMG_ENABLED, conduct ACS for EDMG.
QCA_WLAN_VENDOR_ATTR_ACS_EDMG_CHANNEL, return the EDMG channel.

Signed-off-by: Noam Shaked <nshaked@codeaurora.org>
2020-03-23 13:19:51 +02:00
Sourav Mohapatra
22547c3148 More details to the vendor specific driver internal failure reporting
Add more hang reason codes for the hang reason in the
QCA_NL80211_VENDOR_SUBCMD_HANG events. This also introduces the
attribute QCA_WLAN_VENDOR_ATTR_HANG_REASON_DATA to carry the required
data for the respective hang reason. This data is expected to contain
the required dump to analyze the reason for the hang.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-21 17:12:29 +02:00
Jouni Malinen
51e8f5d63c Ignore duplicated SSID element when parsing
Some APs have managed to add two SSID elements into Beacon frames and
that used to result in picking the last one which had incorrect data in
the known examples of this misbehavior. Pick the first one to get the
correct SSID.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-21 17:12:29 +02:00
Jouni Malinen
a1afa2df8a Remove unnecessary and confusing length check from the PMKID KDE case
wpa_parse_kde_ies(), i.e., the only caller to wpa_parse_generic(),
verifies that there is room for KDE Length field and pos[1] (that
length) octets of payload in the Key Data buffer. The PMKID KDE case
within wpa_parse_generic() was doing an unnecessary separate check for
there being room for the Length, OUI, and Data Type fields. This is
covered by the check in the calling function with the combination of
verifying that pos[1] is large enough to contain RSN_SELECTOR_LEN +
PMKID_LEN octets of payload.

This is confusing since no other KDE case was checking remaining full
buffer room within wpa_parse_generic(). Clean this up by removing the
unnecessary check from the PMKID KDE case so that all KDEs are handled
consistently.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-15 23:24:18 +02:00
Alexander Wetzel
094c9cdc7e Add parsing of Key ID KDE for Extended Key ID
wpa_parse_generic() can now recognize the Key ID KDE that will be needed
to deliver the Key ID of the pairwise key when Extended Key ID is used.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-03-15 23:17:56 +02:00
Alexander Wetzel
f5c0104f3b Add KEY_FLAG_MODIFY for Extended Key ID support
KEY_FLAG_MODIFY was initial added for the planned Extended Key ID
support with commit a919a26035 ("Introduce and add key_flag") and then
removed with commit 82eaa3e688 ("Remove the not yet needed
KEY_FLAG_MODIFY") to simplify commit e9e69221c1 ("Validity checking
function for key_flag API").

Add it again and update check_key_flag() accordingly.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-03-15 23:00:10 +02:00
Jouni Malinen
10223b501b SAE: Expose sae_write_commit() error cases to callers
Check whether an error is reported from any of the functions that could
in theory fail and if so, do not proceed with the partially filled SAE
commit buffer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-08 16:59:42 +02:00
Jouni Malinen
bb2ea8e5e3 DPP: Remove unreachable return statement
This was forgotten from an earlier development version.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-08 16:35:45 +02:00
Jouni Malinen
7aa47fe5fc DPP: Fix connectorTemplate addition
There was a copy-paste error in this code that would be adding the
connectorTemplate once that becomes available. In practice, this was not
reachable code, but anyway, this should be ready for potential addition
of connectorTemplate in the future.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-08 16:18:22 +02:00
Jouni Malinen
33a28170a3 Recognize OWE Transition Mode element in IE parser
This silences the debug log entry on unknown WFA IE being ignored.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-03-07 17:27:32 +02:00
Alexander Wetzel
be15f33d07 Replace WPA_ALG_PMK with KEY_FLAG_PMK
Drop the no longer needed internal alg WPA_ALG_PMK and use KEY_FLAG_PMK
as replacement.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-03-06 21:44:31 +02:00
Hu Wang
0a76a0b965 OWE: Fix PTK derivation workaround for interoperability
The initial implementation of the PTK derivation workaround for
interoperability with older OWE implementations forced
WPA_KEY_MGMT_PSK_SHA256 to be used for all of PTK derivation. While that
is needed for selecting which hash algorithm to use, this was also
changing the length of the PTK components and by doing so, did not
actually address the backwards compatibility issue.

Fix this by forcing SHA256 as the hash algorithm in PTK derivation
without changing the PTK length calculation for OWE when
owe_ptk_workaround is enabled.

Fixes: 65a44e849a ("OWE: PTK derivation workaround in AP mode")
Fixes: 8b138d2826 ("OWE: PTK derivation workaround in STA mode")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-03-06 21:44:31 +02:00
Alexander Wetzel
e9e69221c1 Validity checking function for key_flag API
Add masks for each key type to define which flags can be combined and
add a helper function to validate key_flag values.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-03-05 00:25:47 +02:00
Alexander Wetzel
82eaa3e688 Remove the not yet needed KEY_FLAG_MODIFY
I decided to drop KEY_FLAG_MODIFY instead of allowing flag combinations not
yet used in the code and will simply recreate it with the Extended Key
ID patches once we get there. For that reason I also did not renumber
the flags.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-03-05 00:17:23 +02:00
Sachin Shelke
21f835e640 SAE: Allow SAE-only network profile with sae_password to be written
The commit a34ca59e (SAE: Allow SAE password to be configured separately
(STA)) added sae_password configuration option. We should also consider
sae_password in the wpa_config_write() function which stores the valid
network block details to an external database.

Fixes: a34ca59e4d ("SAE: Allow SAE password to be configured separately (STA)")
Signed-off-by: Sachin Shelke <sachin.shelke@nxp.com>
Signed-off-by: Cathy Luo <xiaohua.luo@nxp.com>
Signed-off-by: Ganapathi Bhat <ganapathi.bhat@nxp.com>
2020-03-02 11:49:19 +02:00
Alexander Wetzel
c1a6b1e47e privsep: Add key_flag to set_key()
Pass through the new key_flag to wpa_priv.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-03-01 21:11:07 +02:00
Ilan Peer
101da59aa2 common: Add support for element defragmentation
Add support for element defragmentation as defined in IEEE
P802.11-REVmd/D3.0, 10.28.12 (Element defragmentation).

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2020-02-29 23:56:15 +02:00
Ilan Peer
e636bc855f WPA: Rename FILS wrapped data
IEEE P802.11az/D2.0 renamed the FILS Wrapped Data element,
removing the FILS prefix. Change the code accordingly.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2020-02-29 23:30:55 +02:00
Jouni Malinen
200c7693c9 Make WEP functionality an optional build parameter
WEP should not be used for anything anymore. As a step towards removing
it completely, move all WEP related functionality to be within
CONFIG_WEP blocks. This will be included in builds only if CONFIG_WEP=y
is explicitly set in build configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-29 17:45:25 +02:00
Andrej Shadura
3f10f716af common: Provide the BIT() macro locally
wpa_ctrl.h can be installed separately with libwpa_client, so
utils/common.h won't be available to its users.

Signed-off-by: Andrej Shadura <andrew.shadura@collabora.co.uk>
2020-02-28 11:03:05 +02:00
Krishna Rao
b8f6b0713a Add attribute for dwell time in QCA vendor scan
Add an attribute QCA_WLAN_VENDOR_ATTR_SCAN_DWELL_TIME for specifying
dwell time in the QCA vendor scan command. This is a common value which
applies across all frequencies requested in the scan.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-26 23:47:37 +02:00
Sunil Dutt
ec303e2cb1 Introduce QCA_WLAN_VENDOR_ATTR_CONFIG_ROAM_REASON
This attribute enables/disables the host driver to send roam reason
information in the Reassociation Request frame to the AP in the same
ESS.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-24 20:17:00 +02:00
Sunil Dutt
34640a88d8 Fix enum qca_wlan_vendor_attr_config value prefix
Couple of the attributes were defined with inconsistent prefix in the
name (missing "CONFIG_"). Fix these to use the common prefix for all
enum qca_wlan_vendor_attr_config values. Add defined values for the
incorrect names to avoid issues with existing users.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-24 20:16:56 +02:00
Alexander Wetzel
1a7963e36f AP: Allow PTK rekeying without Ext KeyID to be disabled as a workaround
Rekeying a pairwise key using only keyid 0 (PTK0 rekey) has many broken
implementations and should be avoided when using or interacting with
one. The effects can be triggered by either end of the connection and
range from hardly noticeable disconnects over long connection freezes up
to leaking clear text MPDUs.

To allow affected users to mitigate the issues, add a new hostapd
configuration option "wpa_deny_ptk0_rekey" to replace all PTK0 rekeys
with disconnection. This requires the station to reassociate to get
connected again and as such, can result in connectivity issues as well.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-02-23 12:22:49 +02:00
Jouni Malinen
16889aff40 Add BIGTK KDE and subelement similarly to IGTK
This provides the BIGTK updates to associated stations similarly to
IGTK.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-17 23:48:24 +02:00
Jouni Malinen
323d06187a Parsing of BIGTK KDE in EAPOL-Key frames
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-17 23:48:24 +02:00
Jouni Malinen
3937378abe Parsing of BIGTK subelement in FTE
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-17 23:48:24 +02:00
Jouni Malinen
c1df321b6c AP mode indication of Beacon protection being enabled
Add the new Extended Capability bit for indicating Beacon protection.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-17 23:48:24 +02:00
Jouni Malinen
139f6deaff Remove duplicated wpa_akm_to_suite() entry
This was unreachable code due to the previous WPA_KEY_MGTM_OWE case
returning from the function.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-17 17:41:51 +02:00
John Crispin
ab8c55358e HE: Dynamically turn on TWT responder support
This allows us to dynamically turn on TWT responder support using an
nl80211 attribute.

Signed-off-by: John Crispin <john@phrozen.org>
2020-02-16 12:37:47 +02:00
John Crispin
0cb39f4fd5 HE: Extend BSS color support
The HE Operation field for BSS color consists of a disabled, a partial,
and 6 color bits. The original commit adding support for BSS color
considered this to be a u8. This commit changes this to the actual
bits/values.

This adds an explicit config parameter for the partial bit. The disabled
is set to 0 implicitly if a bss_color is defined.

Interoperability testing showed that stations will require a BSS color
to be set even if the feature is disabled. Hence the default color is 1
when none is defined inside the config file.

Signed-off-by: John Crispin <john@phrozen.org>
2020-02-16 12:32:17 +02:00
Sunil Dutt
877d9a02b0 Additional get_sta_info attrs for Beacon/Probe Response/disconnect reasons
This commit adds new attributes for getting the Probe Response frame
IEs, Beacon frame IEs and the disconnection reason codes through
get_sta_info vendor command.

The host driver shall give this driver specific reason code through
the disconnection reason code attribute
QCA_WLAN_VENDOR_ATTR_GET_STA_DRIVER_DISCONNECT_REASON.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-13 18:47:50 +02:00
Sachin Ahuja
8162d98f2e Introduce QCA_NL80211_VENDOR_SUBCMD_DRIVER_DISCONNECT_REASON
This acts as an event from the host driver to the user space to notify
the driver specific reason for a disconnection. The host driver
initiates the disconnection for various scenarios (beacon miss, Tx
Failures, gateway unreachability, etc.) and the reason codes from
cfg80211_disconnected() do not carry these driver specific reason codes.
Host drivers should trigger this event immediately prior to triggering
cfg80211_disconnected() to allow the user space to correlate the driver
specific reason code with the disconnect indication.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-13 18:47:48 +02:00
Sunil Dutt
32551066b8 Introduce QCA_NL80211_VENDOR_SUBCMD_UPDATE_STA_INFO
This acts as a vendor event and is used to update the information
of a station from the driver to userspace.

Add an attribute for the driver to update the channels scanned in
the last connect/roam attempt.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-13 18:46:39 +02:00
Sunil Dutt
5551317834 Introduce QCA_WLAN_VENDOR_ATTR_BEACON_REPORT_FAIL
This attribute aims to configure the STA to send the Beacon Report
Response with failure reason for the scenarios where the Beacon Report
Request cannot be handled.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-12 21:19:37 +02:00