Commit graph

18348 commits

Author SHA1 Message Date
Jouni Malinen
2e122945fa DPP2: Do not try to remove Controller TCP connection twice on error
These code paths on the Controller were calling dpp_connection_remove()
twice for the same connection in the error cases. That would result in
double-freeing of the memory, so fix this by remove the
dpp_connection_remove() call from the called function and instead,
remove the connection in dpp_controller_rx() error handling.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-19 00:32:02 +03:00
Jouni Malinen
a47d484919 tests: DPP Controller management in hostapd over interface addition/removal
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-19 00:32:02 +03:00
Jouni Malinen
5bac420e5e DPP2: Clean up Controller on hostapd interface removal
Stop the DPP Controller instance, if one is started, when the hostapd
interface that was used to start that Controller is removed. This is
needed to remove the control pointers that point to the soon-to-be-freed
hostapd structures. This fixes an issue where a Controller operation
with multiple interfaces could have resulted in references to freed
memory if an interface is removed without explicitly stopping the DPP
Controller.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-19 00:32:02 +03:00
leiwei
d8b3d08159 macsec_qca: Support macsec secy id getting from driver
Use the new nss_macsec_secy_id_get() function, if available, instead of
the hardcoded ifname to secy_id mapping.

Signed-off-by: leiwei <leiwei@codeaurora.org>
2021-10-18 23:32:34 +03:00
David Bauer
08bdf4f90d proxyarp: Fix compilation with Hotspot 2.0 disabled
The disable_dgaf config field is only available in case hostapd is
compiled with Hotspot 2.0 support (CONFIG_HS20=y), however Proxy-ARP
(CONFIG_PROXYARP=y) does not depend on Hotspot 2.0.

Only add the code related to this config field when Hotspot 2.0 is
enabled to fix compilation with the aformentioned preconditions.

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-10-18 21:24:59 +03:00
Jouni Malinen
8601356e3b tests: Update sae_pmk_lifetime to match implementation
The current PMKSA cache entry with SAE does not expire during the
association anymore.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-18 21:21:07 +03:00
Jouni Malinen
b0f457b619 SAE: Do not expire the current PMKSA cache entry
There is no convenient mechanism for reauthenticating and generating a
new PMK during an association with SAE. As such, forced PMK update would
mean having to disassociate and reauthenticate which is not really
desired especially when the default PMKLifetime is only 12 hours.

Postpone PMKSA cache entry expiration of the currently used entry with
SAE until the association is lost. In addition, do not try to force the
EAPOL state machine to perform reauthentication for SAE since that won't
work.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-18 21:20:52 +03:00
Kees Cook
f332f69513 wpa_supplicant: Try all drivers by default
Some distros carry patches to specify driver fallback, but only in
specific conditions (e.g. the systemd service definition[1]). This leaves
other wpa_supplicant instances needing to define fallback themselves,
which leads to places where wpa_supplicant thinks it can't find a
driver[2]. Instead, when -D is not specified, have wpa_supplicant try
all the drivers it was built with in an attempt to find a working one
instead of just giving up if the first doesn't work.

[1] https://salsa.debian.org/debian/wpa/-/blob/debian/unstable/debian/patches/networkd-driver-fallback.patch
[2] https://bugs.launchpad.net/netplan/+bug/1814012

Signed-off-by: Kees Cook <kees@ubuntu.com>
2021-10-15 23:33:11 +03:00
Veerendranath Jakkam
4775a5f827 Add support to reconfigure or flush PMKSA cache on interface enable
Update PMKSA cache when interface is disabled and then enabled based on
the new MAC address. If the new MAC address is same as the previous MAC
address, the PMKSA cache entries are valid and hence update the PMKSA
cache entries to the driver. If the new MAC address is not same as the
previous MAC address, the PMKSA cache entries will not be valid anymore
and hence delete the PMKSA cache entries.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2021-10-15 19:23:14 +03:00
Veerendranath Jakkam
6f634b0032 PMKSA: Make sure reauth time is not greater than expiration time
While creating a cloned PMKSA entry for OKC both expiration and
reauth_time values are set to maximum values, but later only the
expiration time is copied from the old PMKSA entry to the new PMKSA
entry. Due to this there is a possibility of reauth_time becoming
greater than expiration time in some cloned entries. To avoid this copy
reauth_time also to the cloned entry.

Also, add check to reject control interface commands with reauth time
greater than expiration time.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2021-10-15 19:16:37 +03:00
Jouni Malinen
2fdd40ae2d tests: AP configuration attempt using wps_config when WPS is disabled
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-14 16:38:40 +03:00
Masashi Honma
973f3e244f Fix hostapd segfault on WPS_CONFIG control interface command to non-WPS AP
Execution of "hostapd_cli wps_config" to non-WPS AP causes segmentation
fault in hostapd.

$ hostapd_cli wps_config test WPA2PSK CCMP 12341234

wlp11s0: interface state UNINITIALIZED->COUNTRY_UPDATE
wlp11s0: interface state COUNTRY_UPDATE->ENABLED
wlp11s0: AP-ENABLED
WPA_TRACE: eloop SIGSEGV - START
[1]: ./git/hostap/hostapd/hostapd(+0x6c196) [0x55b270245196]
     eloop_sigsegv_handler() ../src/utils/eloop.c:123
[2]: /lib/x86_64-linux-gnu/libc.so.6(+0x46210) [0x7f87574a7210]
[3]: ./git/hostap/hostapd/hostapd(hostapd_wps_config_ap+0x1a9) [0x55b2702ce349]
     hostapd_wps_config_ap() ../src/ap/wps_hostapd.c:1970
[4]: ./git/hostap/hostapd/hostapd(+0x90a9f) [0x55b270269a9f]
     hostapd_ctrl_iface_receive_process() ctrl_iface.c:3606
[5]: ./git/hostap/hostapd/hostapd(+0x94069) [0x55b27026d069]
     hostapd_ctrl_iface_receive() ctrl_iface.c:4093
[6]: ./git/hostap/hostapd/hostapd(+0x6c6d3) [0x55b2702456d3]
     eloop_sock_table_dispatch() ../src/utils/eloop.c:606
[7]: ./git/hostap/hostapd/hostapd(eloop_run+0x251) [0x55b2702461c1]
     eloop_sock_table_dispatch() ../src/utils/eloop.c:597
     eloop_run() ../src/utils/eloop.c:1229
[8]: ./git/hostap/hostapd/hostapd(main+0xd53) [0x55b270205773]
     hostapd_global_run() main.c:447
     main() main.c:892
[9]: /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf3) [0x7f87574880b3]
[10]: ./git/hostap/hostapd/hostapd(_start+0x2e) [0x55b2702058fe]
     _start() (null):0
WPA_TRACE: eloop SIGSEGV - END
Aborted

Reported-by: Corentin Labbe <clabbe.montjoie@gmail.com>
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2021-10-14 16:37:49 +03:00
Jouni Malinen
22828b6dba wlantest: Fix PMK length and passphrase-based key derivation for FT
The change to support variable length PMK in wlantest missed couple of
places where the PMK length did not get used or set properly. In
particular, this ended up breaking FT key derivation for the case where
a passphrase was used to derive a potential per-BSS PMK. Fix this by
setting and using the PMK length properly.

Fixes: 6c29d95a90 ("wlantest: Support variable length PMK")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-14 16:28:02 +03:00
Gaurav Sharma
9ef8491d97 Add TWT attribute to configure TWT related parameters
Add QCA_WLAN_TWT_SET_PARAM TWT attribute to configure TWT related
parameters.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-11 22:46:02 +03:00
Arowa Suliman
321dc403e1 Replace "dummy" with "stub" in crypto/random
Replace the word "dummy" with the inclusive word "stub".

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2021-10-11 20:57:06 +03:00
Arowa Suliman
95e140e20f Replace "dummy" with "stub" in NDIS driver interface
Replace the word "dummy" with the inclusive word "stub".

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2021-10-11 20:56:56 +03:00
Arowa Suliman
c53fa92251 Replace "dummy" with "stub" in EAP-TEAP testing
Replace the word "dummy" with the inclusive word "stub".

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2021-10-11 20:56:54 +03:00
Arowa Suliman
c025504487 Replace "dummy" with "stub" in VLAN testing ifname
Replace the word "dummy" with the inclusive word "stub".

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2021-10-11 20:56:28 +03:00
Arowa Suliman
e2c31050b4 Replace "dummy" with "stub" in WPS testing
Replace the word "dummy" with the inclusive word "stub".

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2021-10-11 20:53:24 +03:00
Arowa Suliman
7b365376fd Replace "dummy" with "stub" in wlantest injection
Replace the word "dummy" with the inclusive word "stub".

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2021-10-11 20:53:11 +03:00
Arowa Suliman
575dc1f3b2 Replace "dummy" with "stub" in preauth_test
Replace the word "dummy" with the inclusive word "stub".

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2021-10-11 20:53:03 +03:00
Arowa Suliman
ed5e1b7223 Replace "dummy" with "stub" in comments/documentation
Replace the word "dummy" with the inclusive word "stub".

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2021-10-11 20:52:50 +03:00
Arowa Suliman
3955d2af73 Replace "dummy" with "stub" in wps_testing_dummy_cred
Replace the word "dummy" with the inclusive word "stub".

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2021-10-11 20:52:21 +03:00
Arowa Suliman
77dd712432 Replace "dummy" with "stub" in Authenticator group keys
Replace the word "dummy" with the inclusive word "stub".

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2021-10-11 20:52:06 +03:00
Arowa Suliman
fb1bae2a71 Replace "dummy" with "stub" in SAE
Replace the word "dummy" with the inclusive word "stub".

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2021-10-11 20:51:44 +03:00
Arowa Suliman
e69ea242af hostap: Remove unused driver enum values with "master" in them
Get rid of some more used of the word "master".

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2021-10-11 20:33:50 +03:00
Arowa Suliman
7b50f2f04c Replace "sanity" with "validity"
Replaced the word "sanity" with the inclusive word "validity". The
comment in acs_survey_interference_factor() was referring a function
that does not exist, so remove it instead of trying rename the function.

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2021-10-11 20:25:21 +03:00
Sreeramya Soratkal
891bb1305b P2P: Enforce SAE-H2E for P2P GO in 6 GHz
Allow sae_pwe parameter to be configured per-network and enforce the
SAE hash-to-element mechanism for the P2P GO if it is started on
a 6 GHz channel.

Signed-off-by: Sreeramya Soratkal <ssramya@codeaurora.org>
2021-10-08 00:10:44 +03:00
Veerendranath Jakkam
afcadbbf4e wpa_cli: Add support for SCS, MSCS, and DSCP commands
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2021-10-07 23:46:28 +03:00
Hu Wang
bcaa1ea084 HE: Disable HE in hostapd_set_freq_params() if driver does not support
Existing logic to disable HE in hostapd_set_freq_params() is to check
he_cap != NULL, but this is not correct as he_cap is defined as a stack
member of hostapd_hw_modes which can't be NULL. Add one more check
!he_cap->he_supported to make sure HE can be disabled if the driver not
support it.

This fixes a case where a driver does not support HE, but hostapd.conf
enables HE/HT40 on the 2.4 GHz band and hostapd failed to start with
error '40 MHz channel width is not supported in 2.4 GHz'.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-07 23:43:16 +03:00
Shiva Krishna Pittala
fe1d743a13 Add QCA vendor attributes to indicate 320 MHz spectral scan capabilities
Add a QCA vendor attribute to indicate agile spectral scan support for
320 MHz mode. Add another attribute to indicate the number of detectors
used for spectral scan in 320 MHz mode.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-07 23:40:24 +03:00
Vinay Gannevaram
2b3e64a0fb Update ciphers to address GTK renewal failures while roaming
After roaming from WPA2-AP (group=CCMP) to WPA-AP (group=TKIP) using
driver-based SME and roaming trigger, GTK renewal failures are observed
for the currently associated WPA-AP because of group cipher mismatch,
resulting in deauthentication with the AP.

Update the group cipher and pairwise cipher values in wpa_sm from
association event received from the driver in case of SME offload to the
driver to address GTK renewal failures (and similar issues) that could
happen when the driver/firmware roams between APs with different
security profiles.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-06 21:13:19 +03:00
Jouni Malinen
19307ef69a tests: WPA2/WPA-PSK cfg80211 connect command to trigger roam
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-06 20:56:24 +03:00
Sunil Dutt
9cf4bb0ef0 Vendor command to configure/trigger the roam events
Introduce a new vendor command QCA_NL80211_VENDOR_SUBCMD_ROAM_EVENTS
that aims to configure/trigger the roam events from the driver.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-05 16:06:04 +03:00
Gaurav Sharma
dd3a2960aa Add TWT vendor attribute to configure announce timeout value
Add QCA_WLAN_VENDOR_ATTR_TWT_SETUP_ANNOUNCE_TIMEOUT attribute to
configure announce timeout value for announce TWT session.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-10-04 23:53:06 +03:00
Jouni Malinen
afa0b9b6c5 P2P: Make p2p_check_pref_chan_no_recv() easier for static analyzers
Add an explicit check for msg->channel_list != NULL instead of depending
on msg->channel_list_len > 0 implying that. This is to silence invalid
static analyzer reports.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-09-30 18:27:37 +03:00
Jouni Malinen
857c4dfa83 Make get_mode() easier for static analyzers
Add an explicit check for modes != NULL instead of depending on
num_modes > 0 implying that. This is to silence invalid static analyzer
reports.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-09-30 18:23:26 +03:00
Jouni Malinen
9e46b31273 tests: wpa_supplicant AP mode and vendor elements
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-09-30 18:20:49 +03:00
Chaoli Zhou
9651deba52 Support vendor element configuration for AP mode from wpa_supplicant
Support adding/deleting vendor elements dynamically for AP mode while it
is started by wpa_supplicant instead of hostapd which already supported
this. This adds ap_assocresp_elements global parameter and UPDATE_BEACON
control interface command to take the changed values into effect.

Usage in wpa_cli:
Add vendor IE for (Re)Association Response frames
> set ap_assocresp_elements=xxxx
Add vendor IE for Beacon/Probe Response frames
> set ap_vendor_elements=xxxx

Delete vendor IE from (Re)Association Response frames
> set ap_assocresp_elements
Delete vendor IE from Beacon/Probe Response frames
> set ap_vendor_elements

To make vendor IE changes take effect
> update_beacon

Signed-off-by: Chaoli Zhou <zchaoli@codeaurora.org>
2021-09-30 18:16:11 +03:00
Jouni Malinen
7dc0e9cf47 tests: Extend DSCP testing coverage
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-09-30 17:53:43 +03:00
Shivani Baranwal
2b4b1742ea tests: DSCP policy
Signed-off-by: Shivani Baranwal <shivbara@codeaurora.org>
2021-09-30 16:56:58 +03:00
Veerendranath Jakkam
d144b7f34c DSCP: Add support to send DSCP Policy Query frame
Add support to send DSCP Policy Query frame using a new control
interface command DSCP_QUERY. This includes support for a wildcard DSCP
query and a DSCP query with a single Domain Name attribute.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2021-09-30 16:56:56 +03:00
Veerendranath Jakkam
c903257fb1 DSCP: Parse WFA Capabilities element in (Re)Association Response frame
Add support to parse WFA Capabilities element from the (Re)Association
Response frame. Also register a timeout for the station to wait before
sending a new DSCP query if requested by AP.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2021-09-29 17:18:48 +03:00
Veerendranath Jakkam
a4aae9f9b8 DSCP: Indicate DSCP Policy support in (Re)Association Request frame
Indicate DSCP Policy capability by including a WFA Capabilities element
containing the relevant bit set to 1 in the (Re)Association Request
frames when enabled by user.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2021-09-29 17:09:01 +03:00
Veerendranath Jakkam
d57456c1ff DSCP: Allow DSCP Policy Response Action frame to be sent
Add support to prepare and send DSCP response action frame to the
connected AP in response to a new control interface command DSCP_RESP.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2021-09-29 17:01:34 +03:00
Veerendranath Jakkam
2033e318e6 DSCP: Parsing and processing of DSCP Policy Request frames
Add support to parse received DSCP Policy Request frames and send the
request details as control interface events.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2021-09-29 00:20:42 +03:00
Veerendranath Jakkam
fe2a44485e DSCP: DSCP policy capability configuration
The DSCP policy capability is disabled by default. The user frameworks
which have support for handling DSCP policy request messages need to
enable this capability explicitly to allow wpa_supplicant to advertise
the capability to the AP and allow the related frames to be processed.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2021-09-28 11:07:21 +03:00
Jouni Malinen
8471d940e3 Move pmf_in_use() into a more generic file
This function is not specific to GAS, so make it available throughout
wpa_supplicant without requiring CONFIG_GAS.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-09-28 11:07:21 +03:00
Hu Wang
41ec97cd09 HE: Use a random BSS Color if not defined in the config file
Commit 0cb39f4fd5 ("HE: Extend BSS color support") sets the BSS Color
default value to 1 as "Interoperability testing showed that stations
will require a BSS color to be set even if the feature is disabled."

A new interop issue was observed with hardcoded BSS color value of 1:
- REF device using one interface (e.g., wlan0) to connect to an HE
  AP, whose BSS color is enabled and value is 1.
- REF device using another interface (e.g., p2p0) to connect to a
  P2P GO using BSS color default settings.
  (i.e., BSS color disabled and value is 1).
- REF device checks both AP's and P2P GO's BSS Color values even though
  GO's BSS color is disabled. This causes collision of the BSS
  color somehow causing RX problems.

For DUT as a P2P GO, its firmware uses default BSS color value 1 from
wpa_supplicant, then triggers a timer (e.g., 120 s) to update its BSS
color values based on its neighboring BSSes. To reduce the likelihood of
BSS color collision with REF device before that, use a random BSS Color
if not defined in the config file.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-09-28 11:04:08 +03:00
Sunil Dutt
1518638b70 QCA vendor command to configure the parameters for monitor mode
This new vendor command aims to indicate the driver to enable the
monitor mode for an interface on which this command is issued. Once
enabled, the frames (both TX and RX) on this interface are sent to an
active coexisting monitor interface.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-09-24 18:30:55 +03:00