Commit graph

3826 commits

Author SHA1 Message Date
Jouni Malinen
6c9f74deaf EAP-PAX server: Remove unused assignment
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:14:42 +03:00
Jouni Malinen
918bd0fe78 EAP-SIM DB: Remove unused assignment
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:13:32 +03:00
Jouni Malinen
6f577c5e45 EAP-FAST server: Remove unused assignment
Commit e8c08c9a36 ('EAP-FAST server: Fix
potential read-after-buffer (by one byte)') changed the while loop
design in a way that does not require the pos variable to be updated
anymore. Remove that unneeded code to clean up static analyzer warnings
about unused assignments.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:11:14 +03:00
Jouni Malinen
e9471493ef EAP-FAST server: Remove unused write
next_type is not used in case m->check() results in ignoring the packet.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:10:27 +03:00
Jouni Malinen
58b992489c RADIUS: Remove unused write
There is no need to update the left variable when breaking out from the
loop.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:06:52 +03:00
Jouni Malinen
4aa01d38f5 IAPP: Avoid warnings on unused write
The hlen and len variables are identical here, but only the hlen was
used in the end. Change this to use the len variable to avoid
unnecessary static analyzer warnings about unused writes.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:03:38 +03:00
Jouni Malinen
01b3bbfc66 test: Remove driver_test.c
The driver_test.c driver wrapper (-Dtest in wpa_supplicant and
driver=test in hostapd) was previously used for testing without real
Wi-Fi hardware. mac80211_hwsim-based tests have practically replaced all
these needs and there has been no improvements or use for driver_test.c
in a long while. Because of this, there has not really been any effort
to maintain this older test tool and no justification to change this
either. Remove the obsoleted test mechanism to clean up the repository.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 17:46:04 +03:00
Jouni Malinen
e41e4f9ee3 Simplify memory allocation/freeing for static analyzers
It looks like the use of sm->wpa == WPA_VERSION_WPA2 in two locations
within the function was a bit too much for clang static analyzer to
understand. Use a separate variable for storing the allocated memory so
that it can be freed unconditionally. The kde variable can point to
either stack memory or temporary allocation, but that is now const
pointer to make the design clearer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 17:29:50 +03:00
Jouni Malinen
f4452cc2b1 Add a workaround to clanc static analyzer warning
dl_list_del() followed by dl_list_add() seemed to confuse clang static
analyzer somehow, so explicitly check for the prev pointer to be
non-NULL to avoid an incorrect warning.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 17:18:02 +03:00
Jouni Malinen
3e9fa3be62 WPS UPnP: Make dl_list_first() use easier for static analyzer
The preceding dl_list_len() check guarantees that dl_list_first()
returns an entry and not NULL. However, that seems to be a bit too
difficult path to follow for static analyzers, so add an explicit check
for the dl_list_first() return value to be non-NULL to avoid warnings.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 13:45:25 +03:00
Jouni Malinen
e635efb407 P2P: Clean up coding style and indentation level
The multi-line for loop body and incorrect indentation level on the
return statement looked pretty confusing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 12:05:27 +03:00
Jouni Malinen
59d7148ad7 nl80211: Provide subtype and reason code for AP SME drivers
This allows drivers that implement AP SME internally to generate a
Deauthentication or Disassociation frame with the specified reason code.
This was already done with drivers that use hostapd/wpa_supplicant for
AP SME.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-10 20:05:37 +03:00
Jouni Malinen
9d4ff04af3 Add external EAPOL transmission option for testing purposes
The new ext_eapol_frame_io parameter can be used to configure hostapd
and wpa_supplicant to use control interface for receiving and
transmitting EAPOL frames. This makes it easier to implement automated
test cases for protocol testing. This functionality is included only in
CONFIG_TESTING_OPTIONS=y builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-10 18:40:57 +03:00
Sunil Dutt
61fc90483f P2P: Handle improper WPS termination on GO during group formation
A P2P Client may be able to connect to the GO even if the WPS
provisioning step has not terminated cleanly (e.g., P2P Client does not
send WSC_Done). Such group formation attempt missed the event
notification about started group on the GO and also did not set the
internal state corresponding to the successful group formation.

This commit addresses the missing part by completing GO side group
formation on a successful first data connection if WPS does not complete
cleanly. Also, this commit reorders the STA authorization indications to
ensure that the group formation success notification is given prior to
the first STA connection to handle such scenarios.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-10 18:40:57 +03:00
Jouni Malinen
51465a0b5c The master branch is now used for v2.4 development
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-09 20:36:53 +03:00
Jouni Malinen
724fce8fff Change version information for the 2.3 release
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-09 17:41:31 +03:00
Jouni Malinen
2b28ef6ca8 browser-wpadebug: Use more robust mechanism for starting browser
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 17:38:25 +03:00
Jouni Malinen
3d8a3ffcf0 browser-android: Use more robust mechanism for starting browser
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 17:38:25 +03:00
Jouni Malinen
17dc39a8bc browser-system: Use more robust mechanism for starting browser
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 17:38:25 +03:00
Jouni Malinen
89de07a944 Add os_exec() helper to run external programs
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 17:38:25 +03:00
Jouni Malinen
4a274f487a DFS: Allow 80+80 MHz be configured for VHT
This allows cases where neither 80 MHz segment requires DFS to be
configured. DFS CAC operation itself does not yet support 80+80, though,
so if either segment requires DFS, the AP cannot be brought up.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 14:25:55 +03:00
Jouni Malinen
d5fe4e6c18 Reserve QCA vendor specific nl80211 commands 34..49
These are reserved for QCA use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-07 20:08:47 +03:00
Jouni Malinen
a256506ddc AES: Extend key wrap implementation to support longer data
This extends the "XOR t" operation in aes_wrap() and aes_unwrap() to
handle up to four octets of the n*h+i value instead of just the least
significant octet. This allows the plaintext be longer than 336 octets
which was the previous limit.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-07 14:57:10 +03:00
Jouni Malinen
eefec1e40b AES: Extend key wrap design to support longer AES keys
This adds kek_len argument to aes_wrap() and aes_unwrap() functions and
allows AES to be initialized with 192 and 256 bit KEK in addition to
the previously supported 128 bit KEK.

The test vectors in test-aes.c are extended to cover all the test
vectors from RFC 3394.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-07 14:57:06 +03:00
Jouni Malinen
98a1571d88 OpenSSL: Clean up one part from the BoringSSL patch
The (int) typecast I used with sk_GENERAL_NAME_num() to complete the
BoringSSL compilation was not really the cleanest way of doing this.
Update that to use stack_index_t variable to avoid this just like the
other sk_*_num() calls.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-07 11:49:20 +03:00
Adam Langley
a8572960a9 Support building with BoringSSL
BoringSSL is Google's cleanup of OpenSSL and an attempt to unify
Chromium, Android and internal codebases around a single OpenSSL.

As part of moving Android to BoringSSL, the wpa_supplicant maintainers
in Android requested that I upstream the change. I've worked to reduce
the size of the patch a lot but I'm afraid that it still contains a
number of #ifdefs.

[1] https://www.imperialviolet.org/2014/06/20/boringssl.html

Signed-off-by: Adam Langley <agl@chromium.org>
2014-10-07 01:18:03 +03:00
Jouni Malinen
a61fcc131a Clean up authenticator PMKSA cache implementation
This makes the implementation somewhat easier to understand.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
cb129db34c Clear PMKSA cache entry data when freeing them
Avoid leaving the PMK information unnecessarily in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
8c8d26aada Remove unnecessary PMKSA cache freeing step
_pmksa_cache_free_entry() is a static function that is never called with
entry == NULL, so there is no need to check for that.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
9c829900bb Fix authenticator OKC fetch from PMKSA cache to avoid infinite loop
If the first entry in the PMKSA cache did not match the station's MAC
address, an infinite loop could be reached in pmksa_cache_get_okc() when
trying to find a PMKSA cache entry for opportunistic key caching cases.
This would only happen if OKC is enabled (okc=1 included in the
configuration file).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
47ea24c13d Fix PMKSA cache timeout from Session-Timeout in WPA/WPA2 cases
Previously, WPA/WPA2 case ended up using the hardcoded
dot11RSNAConfigPMKLifetime (43200 seconds) for PMKSA cache entries
instead of using the Session-Timeout value from the RADIUS server (if
included in Access-Accept). Store a copy of the Session-Timeout value
and use it instead of the default value so that WPA/WPA2 cases get the
proper timeout similarly to non-WPA/WPA2 cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Janusz Dziedzic
4ec68377ef wpa_supplicant: Use hostapd_freq_params in assoc_params
Use hostapd_freq_params instead of simple frequency parameter for driver
commands. This is preparation for IBSS configuration to allow use of
HT/VHT in IBSS.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-10-04 18:43:42 +03:00
Jouni Malinen
43f02e6ad7 wpa_ctrl: Update wpa_ctrl_recv() documentation for non-block behavior
Commit 4fdc8def88 changed the wpa_ctrl
socket to be be non-blocking, so the comment about wpa_ctrl_recv()
blocking is not valid anymore.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 18:32:57 +03:00
Dan Williams
3e0272ca00 nl80211: Re-read MAC address on RTM_NEWLINK
Commit 97279d8d (after hostap-2.0) dropped frame events from foreign
addresses. Unfortunately this commit did not handle the case where the
interface's MAC address might be changed externally, which other
wpa_supplicant code already handled. This causes the driver to reject
any MLME event because the address from the event doesn't match the
stale address in the driver data.

Changing an interface's MAC address requires that the interface be
down, the change made, and then the interface brought back up. This
triggers an RTM_NEWLINK event which driver_nl80211.c can use to
re-read the MAC address of the interface.

Signed-hostap: Dan Williams <dcbw@redhat.com>
2014-10-04 16:41:20 +03:00
Jouni Malinen
5dfbd725a9 nl80211: Add get_bss_ifindex() helper
This can be used to fetch a BSS entry based on interface index.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 16:21:03 +03:00
Arik Nemtsov
08d7665c6b TDLS: Use WMM IE for propagating peer WMM capability
Relying on qos qosinfo is not enough, as it can be 0 for WMM enabled
peers that don't support U-APSD. Further, some peers don't even contain
this IE (Google Nexus 5), but do contain the WMM IE during setup.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2014-10-03 11:52:56 +03:00
Arik Nemtsov
17729b0985 TDLS: Fix concurrent setup test for mac80211 drivers
A recent mac80211 patch ("8f02e6b mac80211: make sure TDLS peer STA
exists during setup") forces the TDLS STA to exist before sending any
mgmt packets. Add the STA before sending a concurrent-setup test packet.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2014-10-03 11:52:27 +03:00
Arik Nemtsov
984dadc23a TDLS: Set the initiator during tdls_mgmt operations
Some drivers need to know the initiator of a TDLS connection in order
to generate a correct TDLS mgmt packet. It is used to determine
the link identifier IE. Pass this information to the driver.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2014-10-03 11:52:21 +03:00
Jouni Malinen
01cb5df20c Sync with wireless-testing.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2014-10-02.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-03 11:39:27 +03:00
Ilan Peer
ca3c6b4da7 nl80211: Fix compatibility with older version of libnl
Commit 97ed9a06df ('nl80211: Remove bridge
FDB entry upon sta_remove()') used nl_sock and nl_socket_* functions
which are not compatible with older versions of libnl. Fix this.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2014-10-03 11:34:51 +03:00
Jouni Malinen
d76426c3aa TDLS: Filter AID value properly for VHT peers
IEEE 802.11 standard sends AID in a field that is defined in a bit
strange way to set two MSBs to ones. That is not the real AID and those
extra bits need to be filtered from the value before passing this to the
driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-01 19:58:44 +03:00
Jouni Malinen
1cbdb9d137 Add helper function for generating random MAC addresses with same OUI
random_mac_addr_keep_oui() is similar to random_mac_addr(), but it
maintains the OUI part of the source address.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-30 00:40:23 +03:00
Kyeyoon Park
97ed9a06df nl80211: Remove bridge FDB entry upon sta_remove()
The FDB entry removal ensures that the traffic destined for a
disassociated station's MAC address is no longer forwarded from the
bridge to the BSS.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-09-29 13:10:13 +03:00
Kyeyoon Park
39323bc16a AP: hostapd_setup_bss() code clean-up
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-09-29 13:10:13 +03:00
Ahmad Masri
1595eb93ae P2P: Add support for 60 GHz social channel
Support 60 GHz band in P2P module by selecting random social channel
from all supported social channels in 2.4 GHz and 60 GHz bands.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-29 12:01:46 +03:00
Philippe De Swert
375f4a3b5a hostapd: Avoid dead code with P2P not enabled
In case P2P is not enabled the if (dev_addr) is always ignored as
dev_addr will be NULL. As this code is relevant only to P2P, it can be
moved to be the ifdef to avoid static analyzer warnings. (CID 72907)

Signed-off-by: Philippe De Swert <philippe.deswert@jollamobile.com>
2014-09-28 20:47:06 +03:00
Bernhard Walle
a8833b84f4 util: Don't use "\e"
'\e' representing ESC (0x1b) is not C standard, it's an GNU extension.
https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes

Since the code also compiles on Windows with Microsoft compiler, we
should use '\033' instead.

Note: I didn't try to build the whole wpa_supplicant on Windows, so I
don't know if it still builds (I have no Visual Studio 2005 for a quick
test). I just needed the string conversion routines for the P"" syntax
in both directions.

Signed-off-by: Bernhard Walle <bernhard@bwalle.de>
2014-09-28 19:16:32 +03:00
Stefan Lippers-Hollmann
8c6f4a5a50 ap_config.c: fix typo for "capabilities"
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
2014-09-28 11:03:48 +03:00
Constantin Musca
7139cf4a4f P2P: Decrement sd_pending_bcast_queries when sd returns success
The sd_pending_bcast_queries variable should be decremented only
in case of success. This way, the supplicant can retry if a service
discovery request fails.

Signed-off-by: Constantin Musca <constantin.musca@intel.com>
2014-09-28 11:03:48 +03:00
Janusz Dziedzic
dbdc9a1d48 nl80211: Fix memory leak on start radar detection error path
Free nlmsg if failing to start radar detection.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-09-28 11:03:48 +03:00