This extends the TDLS operation request mechanism to allow TDLS
Discovery Request to be initiated by the driver similarly to the
existing Setup and Teardown requests.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, it was possible for the wpa_sm_start_preauth() and
wpa_sm_rekey_ptk() eloop callbacks to remain active after disconnection
and potentially continue to be used for the next association. This is
not correct behavior, so explicitly cancel these timeouts to avoid
unexpected attempts to complete RSN preauthentication or to request PTK
to be rekeyed.
It was possible to trigger this issue, e.g., by running the following
hwsim test case sequence: ap_wpa2_ptk_rekey ap_ft_sae_over_ds
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The initial IEEE 802.11 ProxyARP functionality in the kernel needed
changes in behavior and that ended up requiring an independent
configuration parameter to be used. Update hostapd to use that new
proxyarp_wifi parameter instead of the earlier proxyarp.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This converts the QCA vendor event to EVENT_DFS_* events for the case
of DFS offloaded to the driver.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Modify the string for AP-CSA-FINISHED event indication to include a flag
which tells the framework whether the new channel is a DFS channel.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add handling logic for DFS offloaded case, and add a helper function
that takes the frequency (MHz) as a param and returns 1 if given channel
requires DFS, or 0 otherwise.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If DFS is offloaded to the driver, hostapd should not be performing
these operations. Send the relevant control interface events to provide
information to upper layer software that may use such events to track
DFS/CAC state. This makes the offloaded DFS implementation more
consistent with the DFS-in-hostapd behavior.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit introduces a callback to notify any configuration updates
from the eap_proxy layer. This is used to trigger re-reading of IMSI and
MNC length.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If a connection with the primary server cannot be established, restore
connection to the previously used server.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commit 347c55e216 ('RADIUS client: Re-try
connection if socket is closed on retransmit') added a new option for
initialing RADIUS server failover from radius_client_retransmit(), but
ended up trying to change authentication servers when accounting server
was supposed to be changed due to a copy-paste issue.
Signed-off-by: Jouni Malinen <j@w1.fi>
It was possible for the GO Negotiation Response (failure) TX status to
be processed at a point where there is no P2P timeout to continue
search. Avoid stopping the ongoing search operation by explicitly
restarting it from this callback.
Signed-off-by: Jouni Malinen <j@w1.fi>
The optional freq=<MHz> can now be used with the P2P_FIND command to
specify a single channel to scan during the first round of P2P search.
For example, this can be used to replace the full initial scan with a
single channel scan of a known operation channel.
Signed-off-by: Daichi Ueura <daichi.ueura@sonymobile.com>
This reverts commit 3df2f4fe99 ('P2P:
Remove unused P2P_SCAN_SPECIFIC') with a modification to fit the current
code base.
Signed-off-by: Daichi Ueura <daichi.ueura@sonymobile.com>
Disable VHT caps for STAs for which there is not even a single
allowed MCS in any supported number of streams. i.e STA is
advertising 3 (not supported) as VHT MCS rates for all supported
streams.
Signed-off-by: Rajkumar Manoharan <rmanohar@qti.qualcomm.com>
Commit 347c55e216 ('RADIUS client: Re-try
connection if socket is closed on retransmit') added a possibility of
executing RADIUS server failover change within
radius_client_retransmit() without taking into account that this
operation may end up freeing the pending message that is being
processed. This could result in use of freed memory. Avoid this by
checking whether any pending messages have been removed and if so, do
not try to retransmit the potentially freed message.
Signed-off-by: Jouni Malinen <j@w1.fi>
Previously, send() was called with invalid fd = -1 in some error cases
for retransmission and this could even result in a loop of multiple such
attempts. This is obviously not going to work, so drop such attempts and
instead, try to reconnect a socket to the server if the current socket
is not valid.
In addition, initiate server failover immediately if the current socket
is not valid instead of waiting for a timeout.
Signed-off-by: Jouni Malinen <j@w1.fi>
If the initial attempt at opening the socket connection to the RADIUS
server failed due to missing IP connectivity during startup, e.g., with
"connect[radius]: Network is unreachable", hostapd did not try to
reconnect when RADIUS messages were sent. Instead, it only reported "No
authentication server configured" even if the configuration did have a
server entry.
This was broken by commit 9ed4076673
('RADIUS client: Do not try to send message without socket') for the
initial case and the more recent fixes in RADIUS server failover cases
did not cover the initial failure case.
Signed-off-by: Jouni Malinen <j@w1.fi>
It does not look likely that the old DSA design would be added into the
internal TLS implement, so remove this otherwise dead code.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows wpa_supplicant to recover from some of the cases where
cfg80211 is unloaded and reloaded without restarting wpa_supplicant. The
netlink socket used for nl80211 events (global->nl_event) seemed to end
up in otherwise functionality state, but with all the event memberships
lost when cfg80211 gets reloaded.
There does not seem to be any clear way of determining when this has
happened, so it looks simplest to just try to re-subscribe to all the
events whenever an interface is re-enabled or added.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commit e6dd8196e5 ('Work around Linux
packet socket regression') closed the workaround socket on the first
received EAPOL frame from the main packet socket. This can result in
closing the socket in cases where the kernel does not really work in the
expected way during the following initial association since
reauthentication/rekeying using EAPOL frames happens while operstate is
not dormant and as such, the frames can get delivered through the main
packet socket.
Fix this by closing the workaround socket only in case the first EAPOL
frame is received through the main packet socket. This case happens
while the interface is in dormant state and as such, is more likely to
show the more restricted case of kernel functionality.
In order to avoid processing the received EAPOL frames twice, verify a
checksum of the frame contents when receiving frames alternatively from
the main packet socket and the workaround socket.
Signed-off-by: Jouni Malinen <j@w1.fi>
These values were previously used only for sorting the scan results, but
it may be useful to provide access to the used values through the BSS
entries.
Signed-off-by: Jouni Malinen <j@w1.fi>
This modifies the BSS selection routines to calculate SNR and estimated
throughput for each scan result and then use the estimated throughput as
a criteria for sorting the results. This extends the earlier design by
taking into account higher throughput rates if both the AP and local
device supports HT20, HT40, or VHT80. In addition, the maximum rate is
restricted based on SNR.
In practice, this gives significantly higher probability of selecting
HT/VHT APs when there are multiple BSSes in the same ESS and SNR is not
low enough to prevent higher MCS use.
Signed-off-by: Jouni Malinen <j@w1.fi>
This makes it somewhat easier to use CONFIG_WPA_TRACE=y build with
external programs that might not be aware of the initialization
requirement, e.g., when linking wpa_ctrl.c with a program that does not
use the os_*() wrappers.
Signed-off-by: Jouni Malinen <j@w1.fi>
This change adds the function hostapd_config_clear_wpa_psk() that
deletes an entire wpa_psk structure, making sure to follow the linked
list and to free the allocated memory of each PSK node. This helps to
prevent memory leaks when using PSKs from multiple sources and
reconfiguring the AP during runtime.
Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
Configure the GO CTWindow on APstart if the driver supports it and this
parameter is set in wpa_supplicant configuration.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Read p2p_go_ctwindow (0-127 TUs) from the config file, and pass it to
the driver on GO start.
Use p2p_go_ctwindow=0 (no CTWindow) by default.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Some APs (e.g., Cisco 1260) sometimes add padding to the end of short
TDLS management packets and that can look like invalid IEs. This was
allowed on M3 and discovery packets, but not in others. Allow it for the
other packets as well, since required IEs are verified in the code
anyway.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Add fixed_freq=<0/1> network block parameter and pass it to the driver
when starting or joining an IBSS. If this flag is set, IBSS should not
try to look for other IBSS networks to merge with on different channels.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
The '/usr/include/libnl3' header path is unsafe for cross-compilation.
Use pkg-config to find libnl-3.0 headers by default and alternatively,
allow LIBNL_INC=<path> to be used in .config to override.
Signed-off-by: Romain Naour <romain.naour@openwide.fr>
These were not supposed to include a newline at the end of the message
text since such formatting gets handled by tls_show_errors(). In
addition, change the message about the issuer's issuer to be more
accurate.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If addition of a peer issuer certificate fails, the certs pointer would
be NULL when being passed to sk_X509_push() for peer issuer's issuer.
Fix this by skipping addition of issuer's issue if issuer addition
fails.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If addition of a peer issuer certificate fails, the certs pointer would
be NULL when being passed to sk_X509_push() for peer issuer's issuer.
Fix this by skipping addition of issuer's issue if issuer addition
fails.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
When DFS offloading capability is supported by the driver, the driver
should use these events to indicate when a radar pattern has been
detected, channel availability check (CAC) has been completed, aborted
or finished after the non-occupancy period is over on a DFS channel.
Also, add a new driver.h event to be used by NL80211 to indicate CAC
Started event on a DFS channel.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If the driver indicates that the interface has been disabled, assume
that all associations have been lost and remove the hostapd STA entries.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
RTM_NEWLINK event without IFF_UP were processed for all related
interfaces (including VLANs and bridge). While these events may need to
be processed for other purposes, they should not end up claiming that
the main interface has been disabled, so indicate
EVENT_INTERFACE_DISABLED only if the ifname matches the first BSS ifname
for the interface. In addition, fix some of the ifup/down checks from
if_indextoname() cases to actually use the resolved ifname (namebuf)
rather than hardcoding the first configured ifname to be used.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This uses couple of additional helper macros and prints more debug
information to make the VLAN events easier to analyze.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Sending client probe on already removed client from kernel driver does
not have any benefit and may lead unintended behavior among variable
drivers (mac80211 has a WARN_ON() that could have been triggered after
ifconfig down+up earlier when hostapd did not re-enable beaconing on
ifup). Skip this step in discussion when the kernel driver reports that
client entry is removed.
Signed-off-by: Peter Oh <poh@qca.qualcomm.com>
This allows WPA2 mode AP to be re-enabled automatically after external
ifconfig down + up on a netdev used by hostapd.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is a step towards enabling hostapd to restart AP mode functionality
if the interface is disabled and re-enabled, e.g., with ifconfig down
and up. This commit takes care of beaconining only which may be
sufficient for open mode connection, but not for WPA2 cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It is possible for an Action frame TX operation to be stopped in a way
that results in the TX status callback function not being called. This
could happen, e.g., when P2P_STOP_FIND was issued while waiting for PD
Response TX status. This specific case ended in leaving
p2p->send_action_in_progress set to 1 and that ending up stopping a
future TX operation when p2p_send_action_cb() gets called with
p2p->pending_action_state == P2P_NO_PENDING_ACTION.
This could result in reception of a fragmented service discovery
response failing due to the GAS sequence getting stopped when receiving
TX callback for the first GAS comeback request. That sequence could be
hit in mac80211_hwsim tests when p2p_listen_and_offchannel_tx was
followed by p2p_service_discovery_fragmentation (even after a long time
since this was on dev1 and there could be even 10 minutes between these
test cases).
Fix this issue by clearing send_action_in_progress whenever stopping
pending P2P operation with p2p_stop_find (or P2P_FLUSH for that matter).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
When DFS offloading capability is supported by the driver, the driver
should use this event to indicate when channel availability check (CAC)
is started on a DFS channel.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds testing code (for CONFIG_TESTING_OPTIONS=y builds only) to
send an nl80211 vendor command and report a test vendor event in case
the driver supports this.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Do not reply to a Probe Request frame with a DSSS Parameter Set element
in which the channel is different than the operating channel of the AP,
as the sending station is not found on the AP's operating channel.
IEEE Std 802.11-2012 describes this as a requirement for an AP with
dot11RadioMeasurementActivated set to true, but strictly speaking does
not allow such ignoring of Probe Request frames if
dot11RadioMeasurementActivated is false. Anyway, this can help reduce
number of unnecessary Probe Response frames for cases where the STA is
less likely to see them (Probe Request frame sent on a neighboring, but
partially overlapping, channel).
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Send MESH-SAE-AUTH-BLOCKED event if SAE authentication is blocked. The
BLOCK state will finish when a new peer notification event is sent for
the same MAC address.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
SAE authentication fails likely with wrong password. This commit adds a
notification of the failure to the upper application (UI) so that the
application can notify suspection of a wrong password to the user. The
control interface monitor even for this is "MESH-SAE-AUTH-FAILURE
addr=<peer>".
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Commit 5a2a6de6a5 ('mesh: Make inactivity
timer configurable') has a problem on 32 bit systems. Setting
NL80211_MESHCONF_PLINK_TIMEOUT to 0xffffffff causes expiration of STA in
a minute by NL80211_CMD_DEL_STATION event. this is the kernel rule for
STA expiration:
(current jiffies) > (frame Rx jiffies + NL80211_MESHCONF_PLINK_TIMEOUT * 250)
On a 32 bit system, the right side could overflow and be unexpected
small value if NL80211_MESHCONF_PLINK_TIMEOUT is sufficiently large. STA
expiration occurs by this reason.
This patch solves the problem by disabling the STA expiration
functionality in mac80211. However, old kernel does not support
disabling it. If so, this patch sets mac80211 inactivity timer 60
seconds into future from the wpa_supplicant inactivity timer.
And I mis-understood that mesh_max_inactivity=0 disables inactivity
timer in wpa_supplicant. This commit fixes it also.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
If HT40 co-ex scan fails due to the driver rejecting scan triggers
multiple times, it was possible for the ap_ht40_scan_retry() timeout
being left behind and it getting run after hapd->drv_priv has been
cleared. This would result in NULL pointer dereference in
driver_nl80211_scan.c. Fix this by canceling the timeout when disabling
the interface.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commit e6dd8196e5 ('Work around Linux
packet socket regression') added a mechanism to close the workaround
bridge socket in l2_packet_receive(). However, it did not take into
account the possibility of the l2->rx_callback() closing the l2_packet
socket altogether. This could result in use of freed memory when usin
RSN pre-authentication. Fix this by reordering the calls to clear the
workaround socket before calling the rx_callback.
Signed-off-by: Jouni Malinen <j@w1.fi>
Previously, a channel with even a single scan/survey result missing
information was skipped in ACS. This may not be desirable in cases when
multiple scan iterations are used (which is the case by default in
hostapd). Instead, use all channels that provided at least one complete
set of results. Calculate the average interference factor as an average
of the iterations that did provide complete values.
This seems to help with some cases, e.g., when ath9k may not be able to
report the noise floor for all channels from the first scan iteration
immediately after the driver has been loaded, but then returns it for
all other scan iterations.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The new acs_chan_bias configuration parameter is a space-separated list
of <channel>:<bias> pairs. It can be used to increase (or decrease) the
likelihood of a specific channel to be selected by the ACS algorithm.
The total interference factor for each channel gets multiplied by the
specified bias value before finding the channel with the lowest value.
In other words, values between 0.0 and 1.0 can be used to make a channel
more likely to be picked while values larger than 1.0 make the specified
channel less likely to be picked. This can be used, e.g., to prefer the
commonly used 2.4 GHz band channels 1, 6, and 11 (which is the default
behavior on 2.4 GHz band if no acs_chan_bias parameter is specified).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The interference factors for adjacent 2.4 GHz channels were summed
together without doing any kind of weighted average on them. This
resulted in the channels at the band edges getting undue preference due
to only including interference factors from three channels vs. five for
the channels in the middle of the band.
While it is somewhat unclear whether the design here was supposed to
count overlapping channels together in this way or whether that is
already covered in channel survey results, it is clear that this summing
of three to five values together and then comparing the sum rather than
average of some kind gives too much preference to the channels at the
edges of the band by assuming that there is no interference whatsoever
outside the band.
Use weighted average of the interference factors rather than a sum from
different number of values. For now, the adjacent 2.4 GHz channels get
weight of 0.85 (1.0 for the main channel itself) and the neighboring
channels to those adjacent ones get 0.55 weight. Band-edge channels are
handled in a way that takes average over the channels that were actually
considered instead of assuming zero interference from neighboring bands.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If p2p_find_timeout triggers after starting SD but before getting TX
status for send action, unwanted search could get triggered again when
TX status arrives though p2p_find_timeout moved the state to P2P_IDLE by
then. p2p_continue_find() would then move the state to P2P_SEARCH again.
Do not trigger the find operation from this context if state is
P2P_IDLE to avoid this.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is going to be required for OpenSSL 1.1.0 which makes the SSL
structure opaque. Older versions starting from OpenSSL 1.0.1 include
this function, so start using it now based on OPENSSL_VERSION_NUMBER.
Signed-off-by: Jouni Malinen <j@w1.fi>
OpenSSL 0.9.8 and newer includes SSL_CTX_get_cert_store() and
SSL_CTX_set_cert_store() helper functions, so there is no need to
dereference the SSL_CTX pointer to cert ssl_ctx->cert_store. This helps
in working with the future OpenSSL 1.1.0 release that makes the SSL_CTX
structure opaque.
Signed-off-by: Jouni Malinen <j@w1.fi>
Do not claim to change the Listen channel in a debug message when
previously configured channel prevents this. In addition, fix a typo in
another related debug print.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If OBSS scan interval is not set, the AP must not schedule a timeout to
restore 40 MHz operation immediately after having moved to a 20 MHz
channel based on an unsolicited co-ex report. Fix this by scheduling the
timeout only if obss_interval is non-zero.
Since we do not currently support AP doing OBSS scans after the initial
BSS setup, this means practically that 40-to-20 MHz transition is
allowed, but 20-to-40 MHz is not with obss_interval=0. The latter gets
enabled if obss_interval is set to a non-zero value so that associated
STAs can take care of OBSS scanning.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
p2p_timeout_prov_disc_req is getting triggered in P2P_IDLE,
P2P_SEARCH and P2P_LISTEN_ONLY states. Retry logic should not be
limited to only P2P_IDLE state.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
During service discovery if P2P_FIND times out, P2P_FIND_STOPPED event
is sent to upper layers to allow follow up P2P_FIND commands. This needs
to be done also in case an SD was in progress during the find operation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This introduces a P2P module callback function that will be used to
create the pending P2PS group after sending PD Response and receiving
ACK status for it.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
When the peer device is trying to form a new group despite having
old persistent group with same roles, remove the stale persistent
group.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This extends wpas_p2p_prov_disc() implementation to accept P2PS
parameters. None of the callers are yet using this functionality; the
following commit introduces a user.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds a data structure for storing P2PS PD information and code to
add the related attributes into PD Request. The actual operation to
trigger this behavior will be added in a separate commit.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add support to parse received GAS requests for ASP services and
prepare GAS responses accordingly.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
In addition, add a new P2P_SERVICE_REP command that can be used to
replace existing ASP advertisements.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This make it easier to use wpa_s->p2p_group without having to check
whether there is a group initialized on this wpa_s instance.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This provides additional WPS definitions and rules for negotiating use
of P2PS default PIN configuration method.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
P2PS seek strings can now be specified in the P2P_FIND control interface
command with one or more optional "seek=<str>" parameters.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes it easier to debug issues related to ongoing P2P operations
getting stopped due to Action frame exchanges.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
For wired IEEE 802.1X authentication, phase1="allow_canned_success=1"
can now be used to configure a mode that allows EAP-Success (and
EAP-Failure) without going through authentication step. Some switches
use such sequence when forcing the port to be authorized/unauthorized or
as a fallback option if the authentication server is unreachable. By
default, wpa_supplicant discards such frames to protect against
potential attacks by rogue devices, but this option can be used to
disable that protection for cases where the server/authenticator does
not need to be authenticated.
When enabled, this mode allows EAP-Success/EAP-Failure as an immediate
response to EAPOL-Start (or even without EAPOL-Start) and EAP-Success is
also allowed immediately after EAP-Identity exchange (fallback case for
authenticator not being able to connect to authentication server).
Signed-off-by: Jouni Malinen <j@w1.fi>
wpa_supplicant used to request user to re-enter username/password if the
server indicated that EAP-MSCHAPv2 (e.g., in PEAP Phase 2)
authentication failed (E=691), but retry is allowed (R=1). This is a
reasonable default behavior, but there may be cases where it is more
convenient to close the authentication session immediately rather than
wait for user to do something.
Add a new "mschapv2_retry=0" option to the phase2 field to allow the
retry behavior to be disabled. This will make wpa_supplicant abort
authentication attempt on E=691 regardless of whether the server allows
retry.
Signed-off-by: Jouni Malinen <j@w1.fi>
Linux kernel commit 576eb62598f10c8c7fd75703fe89010cdcfff596 ('bridge:
respect RFC2863 operational state') from 2012 introduced a regression
for using wpa_supplicant with EAPOL frames and a station interface in a
bridge. Since it does not look like this regression is going to get
fixed any time soon (it is already two years from that commit and over
1.5 from a discussion pointing out the regression), add a workaround in
wpa_supplicant to avoid this issue.
The wpa_supplicant workaround uses a secondary packet socket to capture
all frames (ETH_P_ALL) from the netdev that is in a bridge. This is
needed to avoid the kernel regression. However, this comes at the price
of more CPU load. Some of this is avoided with use of Linux socket
filter, but still, this is less efficient than a packet socket bound to
the specific EAPOL ethertype. The workaround gets disabled
automatically, if the main packet socket interface on the bridge
interface turns out to be working for RX (e.g., due to an old kernel
version being used or a new kernel version having a fix for the
regression). In addition, this workaround is only taken into use for the
special case of running wpa_supplicant with an interface in a bridge.
Signed-off-by: Jouni Malinen <j@w1.fi>
Use standard numbers-and-dots format for IPv4 in debug logs instead
of hexdump in two different byte orders.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, the old VLAN ID could have been deleted before the STA was
bound to the new VLAN in case the RADIUS server changed the VLAN ID
during an association. This did not exactly work well with mac80211, so
reorder the operations in a way that first binds the STA to the new VLAN
ID and only after that, removes the old VLAN interface if no STAs remain
in it.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, it was possible for some corner cases to leave the WPA
authenticator state machine running if PMK could not be derived. Change
this to forcefully disconnect the STA to get more consistent behavior
and faster notification of the error.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This type of error reporting cases should use wpa_printf() to get
consistent debug logging behavior.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The payload length in a Phase 2 TLV message reporting error was not set
correctly. Fix this to not include the TLVs that are included only in
success case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This extends the VENDOR-TEST EAP method peer implementation to allow
pending processing case to be selected at run time. The
ap_wpa2_eap_vendor_test test case is similarly extended to include this
option as the second case for full coverage.
Signed-off-by: Jouni Malinen <j@w1.fi>
Drop the unneeded 'attempt' argument. This was originally used for
indicating an aborted PMKID caching attempt, but a fix in 2006 removed
the only such user and since that time, only attempt == 1 has been used.
Signed-off-by: Jouni Malinen <j@w1.fi>
This replaces the implementation in aes-wrap.c and aes-unwrap.c with
OpenSSL AES_wrap_key() and AES_unwrap_key() functions when building
hostapd or wpa_supplicant with OpenSSL.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
These have reached out-of-life status in the OpenSSL project and there
is no need to maintain support for them in hostapd/wpa_supplicant
either.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Use OpenSSL HMAC_* functions to implement HMAC-MD5 instead of depending
on the src/crypto/md5.c implementation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 630b3230c8 ('nl80211: Increase
netlink receive buffer size') added unconditional use of
nl_socket_set_buffer_size() which was not included in libnl 1.1. Fix use
of that old version by making this conditional on CONFIG_LIBNL20.
Signed-off-by: Jouni Malinen <j@w1.fi>
This modifies struct wpa_ptk to allow the length of KCK and KEK to be
stored. This is needed to allow longer keys to be used, e.g., with
Suite B 192-bit level.
Signed-off-by: Jouni Malinen <j@w1.fi>
omac1_aes_256() and omac1_aes_vector() can now be used to perform
256-bit CMAC operations similarly to the previously supported 128-bit
cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The correct nl80211 flag for group key management cipher was set only
for BIP (AES-CMAC-128). The same flag needs to be used with the newer
ciphers BIP-CMAC-256, BIP-GMAC-128, and BIP-GMAC-256.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
A NULL pointer crash was caused by commit
7139cf4a4f ('P2P: Decrement
sd_pending_bcast_queries when sd returns'). p2p->sd_query can be cleared
to NULL whenever a query is cancelled, even in case the request had
already been transmitted. As such, need to be prepared for the query not
remaining when processing TX status callback for the frame.
Crashes on 2ee98 in following code
2ee90: f7fc f8b6 bl 2b000 <p2p_dbg>
2ee94: e02c b.n 2eef0 <p2p_send_action_cb+0x348>
2ee96: 6c25 ldr r5, [r4, #64] ; 0x40
2ee98: 68ee ldr r6, [r5, #12]
2ee9a: b166 cbz r6, 2eeb6 <p2p_send_action_cb+0x30e>
Signed-off-by: Ola Olsson <ola.olsson@sonymobile.com>
libnl uses a pretty small buffer (32 kB that gets converted to 64 kB) by
default. It is possible to hit that limit in some cases where operations
are blocked, e.g., with a burst of Deauthentication frames to hostapd
and STA entry deletion. Try to increase the buffer to make this less
likely to occur.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The ANQP verification/parsing is done only after the GAS_DONE indication
is sent over the control interface. This means that in case the ANQP
parsing fails there is no indication to the upper layers. Add an
ANQP-QUERY-DONE event that reports the status of the ANQP parsing.
Signed-off-by: ASHUTOSH NARAYAN <ashutoshx.narayan@intel.com>
If TLS encryption fails, encr may be NULL and that would have resulted
in NULL pointer dereference..
Signed-off-by: Haim Dreyfuss <haim.dreyfuss@intel.com>
In ieee802_1x_decapsulate_radius(), eap_server_get_name() may return
NULL, and it could be dereferenced depending on printf implementation.
Change it to return "unknown" instead for the case of no matching EAP
method found. This makes it easier for the callers to simply print this
in logs (which is the only use for this function).
Signed-off-by: Eytan Lifshitz <eytan.lifshitz@intel.com>
We were copying the NL80211_ATTR_EXT_CAPA attribute into the
extended_capa_mask element, which is incorrect. Use
NL80211_ATTR_EXT_CAPA_MASK instead.
Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
Commit ce7b56afab ('WPS: Fix an
interoperability issue with mixed mode and AP Settings') added code to
filter M7 Authentication/Encryption Type attributes into a single bit
value in mixed mode (WPA+WPA2) cases to work around issues with Windows
7. This workaround was lost in commit
d7a15d5953 ('WPS: Indicate current AP
settings in M7 in unconfigurated state') that fixed unconfigured state
values in AP Settings, but did not take into account the earlier
workaround for mixed mode.
Re-introduce filtering of Authentication/Encryption Type attributes for
M7 based on the current AP configuration. In other words, merge those
two earlier commits together to include both the earlier workaround the
newer fix.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add the possibility to define a subset of channels used by the ACS
engine when not operating on DFS channels.
Signed-off-by: Adrien Decostre <ad.decostre@gmail.com>
Current mesh code uses ap_max_inactivity as inactivity timer. This patch
makes it configurable.
There is another mesh inactivity timer in mac80211. The timer works even
if user_mpm=1. So this patch sets the max value to the timer for
workaround.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
If the inactivity check returns that there is no entry remaining for the
STA in the kernel, drop the STA in hostapd as well.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
It was possible for an out-of-memory code path to trigger NULL pointer
dereference when preparing a RADIUS accounting report.
Signed-off-by: Jouni Malinen <j@w1.fi>
This extends Disconnect-Request processing to check against PMKSA cache
entries if no active session (STA association) match the request.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
dot1xAuthSessionId was previously used to make Acct-Session-Id available
through the control interface. While there is no IEEE 802.1X MIB
variable for Acct-Multi-Session-Id, it is useful to make this value
available as well.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, the first matching STA was picked. That is not really the
design in RFC 5176, so extend this matching code to go through all
specified session identification attributes and verify that all of them
match. In addition, check for a possible case of multiple sessions
matching. If such a case is detected, return with Disconnect-NAK and
Error-Code 508 (multiple session selection not supported).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If a second scan trigger attempt fails in STA mode, the error path was
supposed to restore the old mode that was in use before changing to STA
mode. However, wpa_driver_nl80211_set_mode() changes drv->nlmode on
success, so the recovery path needs to use the saved old_mode value
instead.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is similar with domain_suffix_match, but required a full match of
the domain name rather than allowing suffix match (subdomains) or
wildcard certificates.
Signed-off-by: Jouni Malinen <j@w1.fi>
A new "CTRL-EVENT-EAP-PEER-ALT depth=<i> <alt name>" event is now used
to provide information about server certificate chain alternative
subject names for upper layers, e.g., to make it easier to configure
constraints on the server certificate. For example:
CTRL-EVENT-EAP-PEER-ALT depth=0 DNS:server.example.com
Currently, this includes DNS, EMAIL, and URI components from the
certificates. Similar information is priovided to D-Bus Certification
signal in the new altsubject argument which is a string array of these
items.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commit e7d0e97bdb ('hostapd: Add vendor
specific VHT extension for the 2.4 GHz band') resulted in a compiler
warning regarding comparison between signed and unsigned integers at
least for 32-bit builds.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The new VENDOR_ELEM value 13 can now be used to add a vendor element
into all (Re)Association Request frames, not just for P2P use cases like
the previous item was for.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows vendor specific information element to be used to advertise
support for VHT on 2.4 GHz band. In practice, this is used to enable use
of 256 QAM rates (VHT-MCS 8 and 9) on 2.4 GHz band.
This functionality is disabled by default, but can be enabled with
vendor_vht=1 parameter in hostapd.conf if the driver advertises support
for VHT on either 2.4 or 5 GHz bands.
Signed-off-by: Yanbo Li <yanbol@qti.qualcomm.com>
This allows ocsp=2 to be used with wpa_supplicant when built with GnuTLS
to request TLS status extension (OCSP stapling) to be used to validate
server certificate validity.
Signed-off-by: Jouni Malinen <j@w1.fi>
The server certificate will be rejected if it includes any EKU and none
of the listed EKUs is either TLS Web Server Authentication or ANY.
Signed-off-by: Jouni Malinen <j@w1.fi>
Certificate expiration is checked both within GnuTLS and in the
tls_gnutls.c implementation. The former was configured to use the
request to ignore time checks while the latter was not. Complete support
for this parameter by ignoring the internal expiration checks if
requested.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows private key and client certificate to be configured using
wpa_supplicant blobs instead of external files.
Signed-off-by: Jouni Malinen <j@w1.fi>
It looks like GnuTLS may return success on
gnutls_certificate_set_x509_*() functions with GNUTLS_X509_FMT_PEM even
when trying to read DER encoded information. Reverse the order of
parsing attempts so that we start with DER and then move to PEM if
GnuTLS reports failure on DER parsing. This seems to be more reliable
way of getting errors reported and both cases can now be handled.
Signed-off-by: Jouni Malinen <j@w1.fi>
This new wpa_supplicant and hostapd control interface command can be
used to determine which TLS library is used in the build and what is the
version of that library.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows wpa_supplicant to provide more information about peer
certificate validation results to upper layers similarly to the
mechanism used with OpenSSL.
Signed-off-by: Jouni Malinen <j@w1.fi>
This implementation uses GnuTLS function
gnutls_x509_crt_check_hostname(). It has a bit different rules regarding
matching (allows wildcards in some cases, but does not use suffix
matching) compared to the internal implementation used with OpenSSL.
However, these rules are sufficiently close to each other to be of
reasonable use for most cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
After having checked all known GNUTLS_CERT_* error cases that we care
about, check that no other errors have been indicated by
gnutls_certificate_verify_peers2() as a reason to reject negotiation.
Signed-off-by: Jouni Malinen <j@w1.fi>
Make the debug output more useful for determining whuch version of
GnuTLS was used and what was negotiated for the session.
Signed-off-by: Jouni Malinen <j@w1.fi>
GnuTLS 2.10.0 added gnutls_certificate_set_verify_function() that can be
used to move peer certificate validation to an earlier point in the
handshake. Use that to get similar validation behavior to what was done
with OpenSSL, i.e., reject the handshake immediately after receiving the
peer certificate rather than at the completion of handshake.
Signed-off-by: Jouni Malinen <j@w1.fi>
GnuTLS project has marked 2.12.x obsolete since January 2014. There is
not much need for maintaining support for obsolete versions of the
library, so drop all #if/#endif blocks targeting 2.x.y versions. In
practice, none of these were requiring 2.12.x version with x greater
than 0, so 2.12.x remains supported for now.
In addition, add newer version (GnuTLS 3.0.18 and newer) to fetch client
and server random from the session since the old method is not supported
by new GnuTLS versions and as such, gets removed with rest of the old
ifdef blocks.
Signed-off-by: Jouni Malinen <j@w1.fi>
No one should be using GnuTLS versions older than 1.3.2 from 2006
anymore, so remove these unnecessary #if/#endif checks.
Signed-off-by: Jouni Malinen <j@w1.fi>
This was needed with very old GnuTLS versions, but has not been needed,
or used, since GnuTLS 1.3.2 which was released in 2006. As such, there
is no need to maintain this code anymore and it is better to just clean
the source code by removing all the related code.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows GnuTLS to be used with trusted CA certificate from
wpa_supplicant blob rather than an external certificate file.
Signed-off-by: Jouni Malinen <j@w1.fi>
This TLS configuration parameter is explicitly for OpenSSL. Instead of
ignoring it silently, reject any configuration trying to use it in
builds that use other options for TLS implementation.
Signed-off-by: Jouni Malinen <j@w1.fi>
This define had been forgotten at some point in time and wpa_supplicant
compilation for Windows failed with some recently added code that
depended on this.
Signed-off-by: Jouni Malinen <j@w1.fi>
Addition of os_memcmp_const() in commit
afc3c8b07f had forgotten to include
common.h into os_win32.c to get u8 defined.
Signed-off-by: Jouni Malinen <j@w1.fi>
NSS as a TLS/crypto library alternative was never completed and this
barely functional code does not even build with the current NSS version.
Taken into account that there has not been much interest in working on
this crypto wrapper over the years, it is better to just remove this
code rather than try to get it into somewhat more functional state.
Signed-off-by: Jouni Malinen <j@w1.fi>
Validation of these parameters has not been implemented with schannel.
Instead of ignoring them silently, reject the configuration to avoid
giving incorrect impression of the parameters being used if
wpa_supplicant is built with schannel instead of the default OpenSSL.
Signed-off-by: Jouni Malinen <j@w1.fi>
Validation of these parameters has not been implemented in the internal
TLS implementation. Instead of ignoring them silently, reject the
configuration to avoid giving incorrect impression of the parameters
being used if wpa_supplicant is built with the internal TLS
implementation instead of the default OpenSSL.
Signed-off-by: Jouni Malinen <j@w1.fi>
Validation of these parameters has not been implemented with GnuTLS.
Instead of ignoring them silently, reject the configuration to avoid
giving incorrect impression of the parameters being used if
wpa_supplicant is built with GnuTLS instead of the default OpenSSL.
Signed-off-by: Jouni Malinen <j@w1.fi>
These were already covered in both README-HS20 for credentials and in
header files for developers' documentation, but the copy in
wpa_supplicant.conf did not include all the details. In addition, add a
clearer note pointing at subject_match not being suitable for suffix
matching domain names; domain_suffix_match must be used for that.
Signed-off-by: Jouni Malinen <j@w1.fi>
data.function needs to be set for the return value to be of any use and
strcmp won't work with NULL pointer either. (CID 99907)
Signed-off-by: Jouni Malinen <j@w1.fi>
In many applications it is useful not just to enumerate a group of well
known access points, but to use a address/mask notation to match an
entire set of addresses (ca:ff:ee:00:00:00/ff:ff:ff:00:00:00).
This change expands the data structures used by MAC lists to include a
mask indicating the significant (non-masked) portions of an address and
extends the list parser to recognize mask suffixes.
Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
There should not be a mesh-specific mechanism for setting up channel
parameters since that will just result in duplicated code. IBSS, mesh,
and AP mode can use the same data structures and parameters for setting
up such parameters.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add WPA_DRIVER_FLAGS_HT_IBSS driver feature flag. Some drivers could not
set this feature and next could fail when we will enable HT support for
IBSS with error message: nl80211: Join IBSS failed: ret=-22 (Invalid
argument).
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Add the t0 retransmission timer as specified by IEEE Std 802.11-2012,
11.3.8.4. This makes SAE much more likely to succeed in the case of lost
frames.
Signed-off-by: Bob Copeland <me@bobcopeland.com>
When performing SAE authentication in mesh, one station may
initiate authentication by sending a COMMIT as soon as a peer
candidate is discovered. Previously we did this in mesh_rsn.c,
but this left some of the state initialization in a different
part of the code from the rest of the state machine, and we may
need to add other initializations here in the future, so move
that to a more central function.
Signed-off-by: Bob Copeland <me@bobcopeland.com>
On FreeBSD and DragonFly BSD, we additionally need to skip the
isr_meshid_len bytes of the MESH ID, to get the correct address for
copying the IE data.
The isr_meshid_len field was added in the FreeBSD svn revision r195618
in 2009, so I don't think we need to check the FreeBSD version here.
Signed-off-by: Imre Vadász <imre@vdsz.com>
The local conf pointer needs to be cleared once it gets assigned to
hapd_iface to avoid double-free of the configuration data on error path.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new control interface command TEST_ALLOC_FAIL and GET_ALLOC_FAIL can
now be used to trigger memory allocation failures for testing purposes.
TEST_ALLOC_FAIL sets a failure conditions with
<count>:func[;func][;func]... string and GET_ALLOC_FAIL returns the
current state using the same format. Whenever an allocation is made with
a matching backtrace of calling functions, the count is decremented by
one and once zero is reached, the allocation is forced to fail.
Function names can be prefixed with either '=' or '?' to get different
matching behavior. '=' requires this specific function to be the next
one in the backtrace (i.e., do not skip any other functions in the list
which is the default behavior). '?' allows the function to be optionally
present in the backtrace.
Signed-off-by: Jouni Malinen <j@w1.fi>
It is possible for wpa_tdls_teardown_peers() to be called with sm ==
NULL in case interface addition fails before the WPA state machine is
initialized.
Signed-off-by: Jouni Malinen <j@w1.fi>
With CONFIG_WPA_TRACE_BFD, the type cast from void* to integer was
generating a compiler warning due to the target integer being larger in
size in case of 32-bit builds. Type case to bfd_hostptr_t instead of
directly to bfd_vma to avoid this.
Signed-off-by: Jouni Malinen <j@w1.fi>
The socket reference tracking entries need to be restored in case
os_realloc_array() fails when adding a new eloop socket.
Signed-off-by: Jouni Malinen <j@w1.fi>
The per-BSS configuration information needs to be freed if hostapd fails
to add a new interface for a BSS added with "ADD bss_config=..."
command.
Signed-off-by: Jouni Malinen <j@w1.fi>
If hostapd_alloc_bss_data() failed to allocate the struct hostapd_data
instance, dynamic interface addition path ended up trying to dereference
freed memory due to incorrect cleanup steps. Fix this by decrementing
the interface count when the newly added interface is removed. In
addition, make the setup more robust by clearing all changes within
hostapd_data_alloc() if any of the allocations fails.
Signed-off-by: Jouni Malinen <j@w1.fi>
Unfortunately, libnl 3.0 has changed the API in a way that is not
backwards compatible by renaming nlmsg_len() to nlmsg_datalen() without
leaving the older nlmsg_len() defined. As such, there does not seem to
be any clean way of using this function without breaking the build with
some libnl versions. For now, replace this call with direct calculation
of the data length since it can be done with a simple one-liner that
compiles with all libnl versions.
Signed-off-by: Jouni Malinen <j@w1.fi>
This was supposed to use the iterations parameter from the caller
instead of the hardcoded 4096. In practice, this did not have problems
for normal uses since that 4096 value was used in all cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
This moves the AES-SIV test case from tests/test-aes.c to be part of
wpa_supplicant module testing framework with a new
src/crypto/crypto_module_tests.c component. In addition, the second test
vector from RFC 5297 is also included for additional coverage.
Signed-off-by: Jouni Malinen <j@w1.fi>
This function is not used outside aes-siv.c. In addition, include the
aes_siv.h header to make sure that functions get declared consistently.
Signed-off-by: Jouni Malinen <j@w1.fi>
These are practically unreachable code since cfg80211 fills in the
required attributes or does not send the event. Keep the checks in
place, but minimize the extra code in wpa_supplicant/hostapd.
Signed-off-by: Jouni Malinen <j@w1.fi>
cfg80211 dropped support for tracking BSS authentication state and
setting NL80211_BSS_STATUS_AUTHENTICATED in 'cfg80211: stop tracking
authenticated state' three years ago (starting in Linux 3.4). As such,
this workaround code in wpa_supplicant cannot be reached anymore. There
is no real need for maintaining it for older kernels either, since there
are other ways of detecting and working around state mismatches with the
actual authentication operations failing.
Signed-off-by: Jouni Malinen <j@w1.fi>
While there is no explicit driver capability advertisement for this in
nl80211, the EOPNOTSUPP response can be interpreted as a clear
indication of NL80211_CMD_SET_REKEY_OFFLOAD not being supported. Check
for that and don't try to offload keys again if the driver has not use
for them.
Signed-off-by: Jouni Malinen <j@w1.fi>
1. Add parameters to the scan command to allow MAC address
randomization during scan and scheduled scan.
2. Add capability bits to publish MAC address randomization support
in scan and scheduled scan.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
The kernel-driver/firmware are responsible for performing periodic
switches to the target channel with the given peer. Propagate all TDLS
channel switching related information to kernel.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
The supplicant code does not try to control the actual channel of the
radio at any point. It simply passes the target peer and channel
parameters to the driver. It's the driver's responsibility to
periodically initiate TDLS channel-switch operations when TDLS
channel-switching is enabled.
Allow enable/disable operations to be invoked via the control interface.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Mark an appropriate sm flag when TDLS switch is prohibited by the AP.
Populate the flag upon association with the AP.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
If registering WMM-AC ADDTS response action frame or WMM-AC DELTS
action frame fails, the management frame handler is not being
registered. This results with a segmentation fault when trying to
unsubscribe the handler when the interface is removed.
Fix it by always registering the handler and just returning a negative
value to note that the action frame could not be registered.
This fixes an issue introduced in the commit
dfa8787833 ('nl80211: Implement
add_ts/del_ts ops').
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
This reduces the time possible keys could remain in heap memory. Couple
of the nl80211 messages include keys (TK for normal ciphers and
KCK/KEK/PMK for various offloading cases).
Signed-off-by: Jouni Malinen <j@w1.fi>
There was one final remaining linux_set_iface_flags() call that did not
check the result. This specific one does not really matter much, but
anyway, be more consistent by checking the result and log any error in
debug log. (CID 74146)
Signed-off-by: Jouni Malinen <j@w1.fi>
It was possible to add WPS vendor extensions through the D-Bus
WPSVendorExtensions setter, but these extensions were not freed when the
P2P GO was stopped or when replacing previously configured extensions.
Signed-off-by: Jouni Malinen <j@w1.fi>
There is no need to keep temporary keys in memory beyond the end of the
association, so explicitly clear any SAE buffers that can contain keys
as soon as such keys are not needed.
Signed-off-by: Jouni Malinen <j@w1.fi>
It was possible for the decrypted EAPOL-Key Key Data field to remain in
heap after the temporary buffer was freed. Explicitly clear that buffer
before freeing it to minimize the time GTK remains in memory.
Signed-off-by: Jouni Malinen <j@w1.fi>
There is no need for wpa_supplicant to maintain a copy of the TK part of
PTK after this has been configured to the driver, so clear that from
heap memory and only maintain KEK and KCK during association to allow
additional EAPOL-Key handshakes.
Signed-off-by: Jouni Malinen <j@w1.fi>
PMK and PTK are not needed in the supplicant state machine after
disassociation since core wpa_supplicant will reconfigure them for the
next association. As such, clear these from heap in
wpa_sm_notify_disassoc() to reduce time and number of places storing key
material in memory. In addition, clear FT keys in case of
CONFIG_IEEE80211R=y build (sm->xxkey stored a copy of PSK in case of
FT-PSK).
Signed-off-by: Jouni Malinen <j@w1.fi>
If hostapd will use stdout for debugging, set stdout to be line
buffered in case its output is redirected to a file. This allows
incremental output to be viewed immediately instead of at the file
buffering interval.
Signed-hostap: Paul Stewart <pstew@chromium.org>
It isn't mandatory. If we need one and it's not present, the ENGINE will
try asking for it. Make sure it doesn't actually let an OpenSSL UI loose,
since we don't currently capture those.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
It needs to be available to ENGINE_by_id(), which in my case means it
needs to be /usr/lib64/openssl/engines/libpkcs11.so. But that's a system
packaging issue. If it isn't there, it will fail gracefully enough with:
ENGINE: engine pkcs11 not available [error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library]
TLS: Failed to set TLS connection parameters
EAP-TLS: Failed to initialize SSL.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
This means that if the PKCS#11 engine is installed in the right place
in the system, it'll automatically be invoked by ENGINE_by_id("pkcs11")
later, and things work without explictly configuring pkcs11_engine_path.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
If these start with "pkcs11:" then they are PKCS#11 URIs. These Just Work
in the normal private_key/ca_cert/client_cert configuration fields when
built with GnuTLS; make it work that way with OpenSSL too.
(Yes, you still need to explicitly set engine=1 and point to the engine,
but I'll work on that next...)
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
There's no reason I shouldn't be able to use PKCS#11 for just the CA cert,
or even the client cert, while the private key is still from a file.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
New versions of engine_pkcs11 will automatically use the system's
p11-kit-proxy.so to make the globally-configured PKCS#11 tokens available
by default. So invoking the engine without an explicit module path is
not an error.
Older engines will fail but gracefully enough, so although it's still an
error in that case there's no need for us to catch it for ourselves.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
This converts most of the remaining perror() and printf() calls from
hostapd and wpa_supplicant to use wpa_printf().
Signed-off-by: Jouni Malinen <j@w1.fi>
It's possible to jump through hoops to support it in older versions too,
but that seems a little unnecessary at this point.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
'_t' suffix for gnutls_session and gnutls_transport_ptr was added in
GnuTLS 1.1.11 over ten years ago and the more recent versions of GnuTLS
have started forcing compiler warnings from the old names. Move to the
new names and don't bother about backwards compatibility with older
versions taken into account how long ago this change happened in GnuTLS.
Signed-off-by: Jouni Malinen <j@w1.fi>