According to the OCE specification, the STA shall select the AKM in
priority order from the list below.
1. FT Authentication over FILS (SHA-384) 00-0F-AC:17
2. FILS (SHA-384) 00-0F-AC:15
3. FT Authentication over FILS (SHA-256) 00-0F-AC:16
4. FILS (SHA-256) 00-0F-AC:14
5. FT Authentication using IEEE Std 802.1X (SHA-256) 00-0F-AC:3
6. Authentication using IEEE Std 802.1X (SHA-256) 00-0F-AC:5
7. Authentication using IEEE Std 802.1X 00-0F-AC:1
Move the FT-FILS-SHA256 check to be after the FILS-SHA384 one to match
this.
Signed-off-by: Seongsu Choi <seongsu.choi@samsung.com>
Add support to configure SAE, PSK, and PSK-SHA256 AKMs in connect
request when driver's SME in use. This is needed for implementing
WPA3-Personal transition mode correctly with any driver that handles
roaming internally.
Send additional AKMs configured in network block to driver based on
the maximum number of AKMs allowed by driver in connect request. Keep
first AKM in the list AKMs in the connect request as AKM selected by
wpa_supplicant to maintain backwards compatibility.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Use the recently added attribute to determine whether the kernel
supports a larger number of AKM suites in various commands.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
CRYPTO_RSA_OAEP_SHA256 is not sufficient here since ssid->eap does not
exist without IEEE8021X_EAPOL.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
The new SAE AKM suites are defined to use H2E, so ignore the sae_pwe
value when these AKM suites are used similarly to the way H2E gets
enabled when SAE Password Identifiers are used.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Define new WPA_KEY_MGMT_* values for the new SAE AKM suite selectors
with variable length keys. This includes updates to various mapping and
checking of the SAE key_mgmt values.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Use the existing helper function instead of maintaining multiple copies
of lists of SAE key management suites.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Move most of CHANWIDTH_* definitions from ieee80211_defs.h to defs.h as
the definitions are getting used mostly for internal purpose only. Also
change prefix of the definitions to CONF_OPER_CHWIDTH_* and update in
all the files accordingly.
Leave the couple of VHT-specific exceptions to use the old defines (the
reason why they were originally added as VHT values), to avoid use of
clearly marked configuration values in information elements. In
addition, use the defines instead of magic values where appropriate.
Signed-off-by: Aleti Nageshwar Reddy <quic_anageshw@quicinc.com>
For hidden GBK encoding of a Chinese SSID, both the UTF-8 and GBK
encoding profiles are added into wpa_supplicant to make sure the
connection succeeds. In this situation, wpa_supplicant_select_network()
will not be called so current_ssid is NULL when association begins.
Android monitors the WPA_EVENT_STATE_CHANGE event to get the SSID and
BSSID. When connecting to a Chinese SSID, in case of association
rejection happens, Android will report null SSID to OEM APP because
current_ssid is updated after wpa_supplicant_set_state(wpa_s,
WPA_ASSOCIATING), which may cause confusion.
Fix this by setting the current_ssid before changing state to
ASSOCIATING.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Use imsi_privacy_cert as the name of the configuration parameter for the
X.509v3 certificate that contains the RSA public key needed for IMSI
privacy. The only allowed format for this information is a PEM-encoded
X.509 certificate, so the previous name was somewhat confusing.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Disable a network profile that has set the imsi_privacy_key if a valid
key cannot be read from the specified file. Previously, this check was
done only after having associated, but there is no point in associating
just to see EAP authentication fail in such a case. This is needed for
avoiding connection attempts if the X.509 certificate for IMSI privacy
has expired.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
It looks like fst_wpa_obj::get_hw_modes would have been left
uninitialized in hostapd. It is not obviously clear why this would not
have caused issues earlier, but in any case, better make this set
properly to allow unexpected behavior should that function pointer ever
be used.
Signed-off-by: Jouni Malinen <j@w1.fi>
This information was already available from the nl80211 control port RX
path, but it was not provided to upper layers within wpa_supplicant and
hostapd. It can be helpful, so parse the information from the driver
event.
Signed-off-by: Jouni Malinen <j@w1.fi>
pbkdf2_sha1() may return errors and this should be checked in calls.
This is especially an issue with FIPS builds because the FIPS
requirement is that the password must be at least 14 characters.
Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
Modify hostapd_set_freq_params() to include EHT parameters and update
the calling functions to match.
Signed-off-by: Muna Sinada <quic_msinada@quicinc.com>
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Signed-off-by: Pradeep Kumar Chitrapu <quic_pradeepc@quicinc.com>
It would have been possible for the authentication attemps to go into a
loop if the AP/Authenticator/authentication server were to believe EAP
authentication succeeded when the local conclusion in Supplicant was
failure. Avoid this by timing out authentication immediately on the
second consecutive EAP authentication failure.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
To support the STA testbed role, the STA has to disable transmitting
EAPOL-Key group msg 2/2 of Group Key Handshake. Add test parameter to
disable sending EAPOL-Key group msg 2/2 of Group Key Handshake.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
It was possible for at least the wpa_s->last_ssid to be left pointing to
a removed network which could result in processing the following
association as a reassociation-within-an-ESS even when it was moving to
a different ESS. This could result in unexpected behavior. This was
found with the following test case sequence:
sigma_dut_ap_psk_sae_ft sae_h2e_password_id ap_wps_pk_oom sigma_dut_client_privacy
Move clearing of wpa_s->last_ssid and wpa_s->current_ssid into
wpas_notify_network_removed() to catch all cases similarily to the way
wpa_s->next_ssid was already cleared.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
It looks like the recently added roam_in_progress and
bss_trans_mgmt_in_progress flags could end up getting set, but not
cleared, in some cases. Make sure these get cleared on explicit
disconnection request and also in case the SME-in-driver path is used
(while that path does not really use these flags yet, it is better to
not allow them to be forgotten to be set should it be extended to cover
similar functionality).
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This allows the same functions to be used for both the control interface
and the D-Bus interface.
Signed-off-by: Damien Dejean <damiendejean@chromium.org>
Since the 6 GHz band has no DFS channels, enable 6 GHz 160 MHz bandwidth
as the default configuration for IEEE 802.11s mesh.
example:
network={
ssid="6gmesh160"
key_mgmt=SAE
mode=5
frequency=6275
psk="1234567890"
}
Signed-off-by: P Praneesh <ppranees@codeaurora.org>
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
Channel numbers of the 6 GHz band overlap those of the 2.4 GHz and 5 GHz
bands. Thus converting to frequency based mesh channel selection helps
accommodate 6 GHz mesh.
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
Some distros carry patches to specify driver fallback, but only in
specific conditions (e.g. the systemd service definition[1]). This leaves
other wpa_supplicant instances needing to define fallback themselves,
which leads to places where wpa_supplicant thinks it can't find a
driver[2]. Instead, when -D is not specified, have wpa_supplicant try
all the drivers it was built with in an attempt to find a working one
instead of just giving up if the first doesn't work.
[1] https://salsa.debian.org/debian/wpa/-/blob/debian/unstable/debian/patches/networkd-driver-fallback.patch
[2] https://bugs.launchpad.net/netplan/+bug/1814012
Signed-off-by: Kees Cook <kees@ubuntu.com>
After roaming from WPA2-AP (group=CCMP) to WPA-AP (group=TKIP) using
driver-based SME and roaming trigger, GTK renewal failures are observed
for the currently associated WPA-AP because of group cipher mismatch,
resulting in deauthentication with the AP.
Update the group cipher and pairwise cipher values in wpa_sm from
association event received from the driver in case of SME offload to the
driver to address GTK renewal failures (and similar issues) that could
happen when the driver/firmware roams between APs with different
security profiles.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add an explicit check for modes != NULL instead of depending on
num_modes > 0 implying that. This is to silence invalid static analyzer
reports.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Indicate DSCP Policy capability by including a WFA Capabilities element
containing the relevant bit set to 1 in the (Re)Association Request
frames when enabled by user.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
Add support to parse received DSCP Policy Request frames and send the
request details as control interface events.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
This function is not specific to GAS, so make it available throughout
wpa_supplicant without requiring CONFIG_GAS.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
"SET disable_mscs_support 1" can be used to disable indication of MSCS
support in the Extended Capabilities element for testing purposes. This
is also disabling addition of the MSCS element even if valid
configuration parameters had been configured.
Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
Add support to receive and process SCS Response frames from the AP and
indicate the status to upper layers.
Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
"SET disable_scs_support 1" can be used to disable indication of SCS
support in the Extended Capabilities element for testing purposes.
Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
Add support to parse SCS control interface command and form the SCS
Request frame to be sent to SCS enabled AP.
Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
P2P connections in the 6 GHz band use SAE authentication algorithm after
getting credentials with WPS connection. During WPS connection as it
doesn't use SAE, SAE PT is not derived. After getting SAE credentials,
the STA connects to the same SSID using SAE auth algorithm. Earlier, SAE
H2E PT was not derived while connecting to the same SSID to which the
STA is connected last time. Due to this, the P2P group formation fails
for 6 GHz channels when H2E is enabled as the PT will not be setup by
the P2P client before proceeding to the SAE authentication. Same could
happen with infrastructure WPS when wps_cred_add_sae=1 is used.
Set up the SAE H2E PT while connecting to the same SSID again also to
make sure that the H2E PT is set up in the STA to derive the PWE for
successful SAE authentication. The PT derivation will be skipped in
wpa_s_setup_sae_pt() if PT is already available for that SSID.
Signed-off-by: Sreeramya Soratkal <ssramya@codeaurora.org>
External applications can store PMKSA entries persistently and
reconfigure them to wpa_supplicant after restart. This can result in
wpa_supplicant having a PMKSA for FILS authentication without having
matching ERP keys for it which would prevent the previously added
mechanism for dropping FILS PMKSA entries to recover from rejected
association attempts.
Fix this by clearing PMKSA entries configured by external applications
upon FILS connection failure even when ERP keys are not available.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
wpa_supplicant generates both a PMKSA cache entry and ERP keys upon
successful FILS connection and uses FILS authentication algorithm for
subsequent connections when either ERP keys or a PMKSA cache entry is
available.
In some cases, like AP/RADIUS server restart, both ERP keys and PMKSA
becomes invalid. But currently when an AP rejects an association,
wpa_supplicant marks only ERP keys as failed but not clearing PMKSA.
Since PMKSA is not cleared, consecutive connection attempts are still
happening with FILS authentication algorithm and connection attempts are
failing with the same association rejection again instead of trying to
recover from the state mismatch by deriving a new ERP key hierarchy.
Clear PMKSA entries as well on association rejection from an AP to allow
the following connection attempt to go with open authentication to
re-establish a valid ERP key hierarchy. Also, since clearing PMKSA
entries on unprotected (Re)Association Response frames could allow DoS
attack (reduce usability of PMKSA caching), clear PMKSA entries only
when ERP keys exists.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
It is safer to remove and free these entries with a shared helper
function to avoid issues with potentially forgetting to unregister or
free something if this structure is extended in the future.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
When a STA makes an association request that is rejected by an OCE AP
due to the RSSI being insufficient, the AP is added to the driver
disallow list by wpa_set_driver_tmp_disallow_list().
Once the AP increases TX power which makes the AP RSSI higher than
Association Rejection RSSI threshold, the AP is supposed to be removed
from the driver disallow list but that was not the case.
wpa_is_bss_tmp_disallowed() is called in the scan result handler, so it
is the best place to put the logic of removing the AP from the driver
disallow list with sufficient AP RSSI.
This is needed with drivers that use the temporarily disallowed BSS list
(which is currently supported only with a QCA vendor command). The
wpa_supplicant internal functionality was already taking care of this
with the wpa_is_bss_tmp_disallowed() return value even for cases where
the entry remaining in the list.
Signed-off-by: Hu Wang <huw@codeaurora.org>
Add checks for features supported by the specific hardware mode of the
local device that has the channel for which the throughput is being
estimated instead of assuming the local device supports all optional
features. This is more accurate for cases where the local capabilities
might differ based on the band. In addition, this is in preparation for
extending rate estimates to cover optional VHT and HE features.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
wpa_supplicant_ctrl_iface_deinit() was executed only if the
per-interface control interface initialization had been completed. This
is not the case if driver initialization fails and that could result in
leaving behind references to the freed wpa_s instance in a corner case
where control interface messages ended up getting queued.
Fix this by calling wpa_supplicant_ctrl_iface_deinit() in all cases to
cancel the potential eloop timeout for wpas_ctrl_msg_queue_timeout with
the reference to the wpa_s pointer. In addition, flush any pending
message from the global queue for this interface since such a message
cannot be of use after this and there is no need to leave them in the
queue until the global control interface gets deinitialized.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
An EAPOL frame may be pending when wpa_supplicant requests to
deauthenticate. At this stage the EAP SM cache is already cleaned by
calling eapol_sm_invalidate_cached_session(). Since at this stage the
wpa_supplicant's state is still set to associated, the EAPOL frame is
processed and results in a crash due to NULL dereference.
This wasn't seen previously as nl80211 wouldn't process the
NL80211_CMD_CONTROL_PORT_FRAME, since wpa_driver_nl80211_mlme() would
set the valid_handler to NULL. This behavior was changed in commit
ab89291928 exposing this race.
Fix it by ignoring EAPOL frames while the deauthentication is in
progress.
Fixes: ab89291928 ("nl80211: Use process_bss_event() for the nl_connect handler")
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
The wpa_ie buffer is now allocated here and needs to be freed before
returning from the function.
Fixes: d2ba0d719e ("Move assoc param setting into a helper function")
Signed-off-by: Jouni Malinen <j@w1.fi>
Use a shared code path for freeing the wpa_ie buffer to avoid
unnecessary complexity with a separate return for the non-FILS case.
Signed-off-by: Jouni Malinen <j@w1.fi>
When the driver SME is used, offloaded RSN handshakes like SA Query, GTK
rekeying, FT authentication, etc. would fail if wpa_supplicant enables
OCV in initial connection based on configuration but the driver doesn't
support OCV. To avoid such failures check the driver's capability for
enabling OCV when the driver SME used.
This commit also adds a capability flag for indicating OCV support
by the driver.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
There's a chance that prior to config reload being requested a scan work
was started. As such forcing wpa_supplicant to WPA_DISCONNECTED was
removing any hints that the actual driver is busy with work. That led to
wpa_supplicant reporting "Failed to initialize AP scan" over and over
again for a few seconds (depending on driver/capabilities) until the
untracked scan finished.
Cancelling a scan isn't really a solution because there's a bunch of
scanning state bits sprinkled across wpa_supplicant structure and they
get updated as driver events actually flow in in async manner.
As far as I can tell this is only preventing unnecessary warning
messages. This doesn't seem like it was crippling any logic per se.
Signed-off-by: Michal Kazior <michal@plume.com>
