Commit graph

9292 commits

Author SHA1 Message Date
Mike Gerow
471c810bc1 pkcs11: Don't ask for a new PIN on TLS handshake failure
The only time the PIN should fail is when we initialize the TLS
connection, so it doesn't really make sense to get rid of the PIN just
because some other part of the handshake failed.

This is a followup to commit fd4fb28179
('OpenSSL: Try to ensure we don't throw away the PIN unnecessarily').

Signed-off-by: Mike Gerow <gerow@google.com>
2015-07-07 19:25:31 +03:00
Jouni Malinen
1f560ff08f tests: Add Undefined Behavior Sanitizer (ubsan) configuration
This allows hostapd and wpa_supplicant to be built for hwsim test cases
with ubsan functinality from the recent gcc/clang compiler versions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 18:23:04 +03:00
Jouni Malinen
66f1e078e7 DATA_TEST_TX: Avoid ubsan warning on 0x80<<24 not fitting in int
Use unsigned constant instead of signed to avoid warning with the LSB
being set in an int.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
75352270fa Avoid misaligned IPv4 header accesses in DATA_TEST_* commands
The IPv4 header after the Ethernet header is not 32-bit aligned and the
previous version ended up accessing 32-bit members at misaligned
addresses.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
476a634d60 Avoid ubsan warning on 0x80<<24 not fitting in int in WPA_GET_BE32/LE32
Use a typecast to make this shift unsigned so that the MSB fits within
the range of allowed values.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
cf6fd19b34 ndisc_snoop: Avoid misaligned read of IPv6 address
The IPv6 address in the frame buffer may not be 32-bit aligned, so use a
local copy to align this before reading the address with 32-bit reads
(s6_addr32[]).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
e9ed7d9898 EAP-TTLS: Avoid ubsan warning on 0x80<<24 not fitting in int
Use a typecast to make this unsigned so that the MSB fits within the
range of allowed values.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
0f5fb8a467 radiotap: Avoid ubsan warning on 1<<31
Use the BIT() macro and unsigned int to avoid ubsan warning on 1<<31 not
fitting in an int.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
fc880b11ed NFC: Avoid misaligned read of an NDEF field
The 32-bit version of payload length field may not be 32-bit aligned in
the message buffer, so use WPA_GET_BE32() to read it instead of ntohl().

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
e01281fccc trace: Use explicit alignment requirements to avoid misalignment
64-bit builds with CONFIG_WPA_TRACE=y resulted in the wpabuf pointers
getting misaligned (only 32-bit aligned) and that would result in reads
and writes of unaligned size_t values. Avoid this by indicating explicit
alignment requirement for wpabuf_trace to 8 octets (i.e., there will be
extra four octets of padding in case of 64-bit builds).

Similarly, struct os_alloc_trace resulted in some potential misalignment
cases, e.g., when CONFIG_ACS=y uses a 'long double' variable within
struct hostapd_channel_data. Avoid misalignment issues with explicit
alignment indication.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
f97e3ce473 drivers: Use unsigned arguments for sta_set_flags()
Since BIT() is now returning unsigned int, these functions need to match
that to avoid compiler warnings.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
32d6463fe7 Make BIT() unsigned int instead of int
This is needed to avoid ubsan warnings on BIT(31).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
bd47c80564 Include stddef.h to use the standard offsetof()
src/utils/list.h ended up defining a local version of offsetof() due to
stddef.h not getting included. This resulted in unnecessary warnings
from ubsan related to "dereferencing" of a NULL pointer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
028b19675d RADIUS DAS: Avoid compiler warning on abs()
The input parameter ended up being converted to long int instead of int,
so use an explicit typecase to get rid of the compiler warning.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
597e8afeb4 ERP: Avoid mixing of enum types
Use explicit typecasting to avoid implicit conversion warnings in cases
where enum eap_erp_type is used in functions taking an EapType argument.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
96e8c13da7 D-Bus: Fix dont_quote const declaration
Commit 38279bdb35 ('D-Bus: Coding style
cleanup') handled the dbus_new_handlers.c change properly, but misplaced
the second 'const' in dbus_old_handlers.c in a way that resulted in
duplicated const rather than marking the actual value const.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
34d3eaa8ee tests: WPA2-PSK-FT AP over DS protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
cf671d54bd tests: WPA2-PSK-FT and OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
7b741a5383 tests: WPA2-PSK-FT AP with GCMP-256 cipher
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
05a90d78dc FT: Allow CCMP-256 and GCMP-256 as group ciphers
The FT-specific check for valid group cipher in wpa_ft_gen_req_ies() was
not up-to-date with the current list of supported ciphers. Fix this by
using a generic function to determine validity of the cipher. In
practice, this adds support for using CCMP-256 and GCMP-256 as the group
cipher with FT.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
348bc4e0eb tests: IEEE 802.1X connection and EAPOL-Key protocol tests
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
2ff4928967 tests: IEEE 802.1X and EAPOL-Start retransmissions
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-07 16:25:06 +03:00
Jouni Malinen
85774b70a1 tests: EAP server and OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-01 00:42:09 +03:00
Jouni Malinen
405c621cdb tests: WPA2-Enterprise connection using MAC ACL
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-01 00:34:27 +03:00
Jouni Malinen
df7ad0fa11 tests: EAP-TLS and unknown OCSP signer
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-30 22:05:37 +03:00
Jouni Malinen
d2a1047e67 tests: Invalid OCSP data (parsing failure)
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-30 22:01:05 +03:00
Jouni Malinen
7be5ec991d tests: Invalid openssl_ciphers value
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-30 21:55:59 +03:00
Jouni Malinen
f24b97972b OpenSSL: Merge error returns
These similar error cases can use a single return statement.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-30 21:48:22 +03:00
Jouni Malinen
84d6a17a27 TLS: Remove unused tls_capabilities()
This mechanism to figure out TLS library capabilities has not been used
since commit fd2f2d0489 ('Remove
EAP-TTLSv1 and TLS/IA') (Sep 2011).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-30 21:40:48 +03:00
Jouni Malinen
6eddd5303c tests: EAP-FAST/MSCHAPv2 and server OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-30 21:36:12 +03:00
Jouni Malinen
b3ff3decf6 tests: DH parameter file DSA conversion and error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
0c83ae0469 tests: EAP-TLS with PKCS12 that includes additional certificates
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
b1fb42751a tests: EAP-TLS and OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
b197a8194b tests: EAP-TLS and server checking CRL
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
786722763d ms_funcs: Merge similar return cases
There is no need to have separate return statements for these corner
cases that are unlikely to be hit in practice.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
359636170f hw_features: Merge similar return case in check_40mhz_2g4()
There is no need to have separate return statements for these corner
cases that are unlikely to be hit in practice.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
486f4e3c83 tests: EAP-SIM and OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
f1ab79c34c tests: WPA2-Enterprise connection using EAP-IKEv2 and OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
8c4e4c01f6 tests: WPA2-Enterprise connection using EAP-PSK and OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
10ba4ae4d3 tests: SAE and no random numbers available
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
bf7071bb0c tests: WPA2-PSK AP and no random numbers available
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
aac1efec34 Reject the initial 4-way handshake if initial GTK setup fails
This makes the AP/Authenticator design more robust against unexpected
failures in random number generation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
2da525651d Add backtrace-based error path testing mechanism
The new TEST_FAIL and GET_FAIL control interface commands can be used
similarly to the earlier TEST_ALLOC_FAIL/GET_ALLOC_FAIL design. The new
version is more generic framework allowing any function to be annotated
for failure testing with the TEST_FAIL() macro. This mechanism is only
available in builds with CONFIG_WPA_TRACE_BFD=y and
CONFIG_TESTING_OPTIONS=y. For other builds, the TEST_FAIL() macro is
defined to return 0 to allow the compiler to remove the test code from
normal production builds.

As the first test site, allow os_get_random() to be marked for failing
based on call backtrace.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
0937ea746b tests: Concurrent P2P autonomous GO on 5 GHz and HT40 co-ex
This verifies that 20/40 MHz co-ex scan does not force MCC with PRI/SEC
channel switch.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
55413ce072 P2P: Do not allow 40 MHz co-ex PRI/SEC switch to force MCC
Do not allow 40 MHz co-ex PRI/SEC switch to force us to change our PRI
channel if we have an existing connection on the selected PRI channel
since doing multi-channel concurrency is likely to cause more harm than
using different PRI/SEC selection in environment with multiple BSSes on
these two channels with mixed 20 MHz or PRI channel selection.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-28 18:14:58 +03:00
Stepanov, Max
8c43ef8449 P2PS: Fix attribute addition in p2p_buf_add_service_instance()
Fix a condition when Advertised Service Info Attribute is added to
a probe response in p2p_buf_add_service_instance(). The issue is
that a 'found' value is increased even if 'test' and 'adv->hash' hashes
are different. As result 'found' may have a non-zero value when an
attribute data length is 0. In this cause an empty attribute is about to
be added. Fixing it by eliminating 'found' and checking 'total_len'
containing a real number of bytes added to Advertised Service Info
Attribute.

This fixes an issue from commit 50a9efe713
('P2PS: Fix Probe Response frame building in error cases').

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
2015-06-27 23:54:10 +03:00
Stepanov, Max
a9ea609ce8 P2PS: Fix p2p_find last parameter handling
In p2p_find command line processing a loop searching for multiple
'seek=' parameters modifies cmd buffer adding '\0' terminators.
The 'freq=' parameter is handled after that and can be
lost if a 'freq=' follows 'seek=' in a command line.
Fix it by moving a handling of 'freq=' parameter to be processed
before 'seek=' handling loop.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
2015-06-27 23:49:15 +03:00
Jouni Malinen
6c7314917b AP: Increase maximum value accepted for cwmin/cwmax
The cwmin/cwmax parameters were limited more than is needed. Allow the
full range (0..15 for wmm_ac_??_{cwmin,cwmax} and 1..32767 for
tx_queue_data?_{cwmin,cwmax}) to be used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-27 23:34:49 +03:00
Jouni Malinen
7c1fd15f86 tests: Use 16 instead of 13 as the cwmin/cwmax invalid case
This is needed to allow the parser to accept 15 which is actually a
valid value.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-27 23:24:15 +03:00
Jouni Malinen
575e4f5d49 SAE: Reject FFC commit-element with value p-1
The current P802.11 description of SAE uses "1 < element < p" as the
required range. However, this is not correct and does not match the
Dragonfly description of "1 < element < p-1". SAE definition will need
to change here. Update the implementation to reject p-1 based on the
correct rule here.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-27 21:20:14 +03:00