Commit graph

13005 commits

Author SHA1 Message Date
Jouni Malinen
04ded82efa OWE: Fix error case handling with drivers that implement AP SME
owe_auth_req_process() can return NULL in error cases, but the caller
was not prepared for this. The p pointer cannot be overridden in such
cases since that would result in buffer length (p - buf) overflows. Fix
this by using a temporary variable to check the return value before
overriding p so that the hostapd_sta_assoc() ends up using correct
length for the IE buffer.

Fixes: 33c8bbd8ca ("OWE: Add AP mode handling of OWE with drivers that implement SME")
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-11 13:41:10 +02:00
Jouni Malinen
c23e87d0d1 OpenSSL: Replace EVP_PKEY_paramgen() with EC_KEY_new_by_curve_name()
The BoringSSL version of crypto_ecdh_init() and dpp_gen_keypair() works
fine with OpenSSL as well, so use that same implementation for both to
avoid unnecessary maintanence of multiple versions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-10 23:49:39 +02:00
Jouni Malinen
7641d485db BoringSSL: Use EC_KEY_new_by_curve_name() to simplify implementation
There is no need to go through EC_GROUP_new_by_curve_name(),
EC_KEY_new(), and EC_KEY_set_group() when a single call to
EC_KEY_new_by_curve_name() takes care of all that.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-10 23:41:29 +02:00
Jouni Malinen
a5da39607d Revert "BoringSSL: Add DPP special cases regardless of claimed version number"
This reverts commit 5548453a2d since
BoringSSL added ECDSA_SIG_set0() and ECDSA_SIG_get0() in commit
8dc226ca8f1ef60737e1c1bf8cfcabf51d4068c7 ('Add some missing OpenSSL
1.1.0 accessors.') and updated X509_ALGOR_get0() prototype to match
OpenSSL 1.1.0 changes in commit e3b2a5d30d309091cab3e6a19dee7323c40d968d
('Const-correct X509_ALGOR_get0.').

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-10 23:27:04 +02:00
Jouni Malinen
0f30844722 Revert "BoringSSL: Define RSA_bits() helper"
This reverts commit 3cfbd3b0f6 since
BoringSSL added RSA_bits() in commit
8dc226ca8f1ef60737e1c1bf8cfcabf51d4068c7 ('Add some missing OpenSSL
1.1.0 accessors.').

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-10 23:22:05 +02:00
Jouni Malinen
2ce88a1d2e tests: Suite B 192-bit with RSA and RADIUS
This tests use of RSA >3K keys and forcing ECDHE on both the server and
client side.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-10 21:18:06 +02:00
Jouni Malinen
a2c442be25 OpenSSL: Allow cipher list to be overridden for tls_suiteb=1 case
This allows wpa_supplicant configuration with phase1="tls_suiteb=1" to
use openssl_ciphers="ECDHE-RSA-AES256-GCM-SHA384" to further limit the
possible TLS cipher suites when using Suite B with RSA >3K keys. This
combination disables use of DHE and as such, mandates ECDHE to be used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-10 21:16:26 +02:00
Jouni Malinen
c358bc4b5b Fix wnm-fuzzer build
Need to include couple more wpa_supplicant source code files into the
build.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-09 18:45:34 +02:00
Jouni Malinen
e5c7c2f28e Fix ap-mgmt-fuzzer build
Add src/ap/eth_p_oui.o into libap.a to be able to link ap-mgmt-fuzzer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-09 18:41:55 +02:00
Jouni Malinen
e9463b482b eapol-fuzzer: Resolve circular library references with --start-group
src/crypto/libcrypto.a and src/tls/libtls.a have circular references
and will need special handling with the linker at least for the time
being. This could be cleaned up eventually, but for now, provide a
mechanism to get the program linked.

This was already done in tests/Makefile, but tests/eapol-fuzzer/Makefile
needs the same.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-09 18:36:48 +02:00
David Benjamin
63942cf0f3 OpenSSL: Avoid SSL*_use_default_passwd_cb()
These functions are a bit awkward to use for one-off file loads, as
suggested by the tls_clear_default_passwd_cb() logic. There was also
some historical mess with OpenSSL versions and either not having per-SSL
settings, having per-SSL settings but ignoring them, and requiring the
per-SSL settings.

Instead, loading the key with the lower-level functions seems a bit
tidier and also allows abstracting away trying both formats, one after
another.

Signed-off-by: David Benjamin <davidben@google.com>
2017-12-09 18:29:08 +02:00
David Benjamin
149143e31d OpenSSL: Remove unnecessary os_strdup() from password callback
There's no need to make an extra copy of private_key_passwd for
SSL_{CTX_,}set_default_passwd_cb().

Signed-off-by: David Benjamin <davidben@google.com>
2017-12-09 18:09:10 +02:00
Jeff Vander Stoep
b65353a767 Android: Set CONFIG_NO_RANDOM_POOL=y
Wpa_supplicant's random pool is not necessary on Android. Randomness
is already provided by the entropymixer service which ensures
sufficient entropy is maintained across reboots. Commit b410eb1913
'Initialize /dev/urandom earlier in boot' seeds /dev/urandom with
that entropy before either wpa_supplicant or hostapd are run.

Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
2017-12-09 17:47:42 +02:00
Po-Chien Hsueh
ff28df739a Android: Move hostapd to vendor partition
Move hostapd to /vendor/bin/ because it's only used by WIFI HAL.

Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
2017-12-09 17:47:24 +02:00
Jouni Malinen
97302b39dc wlantest: Try harder to find a STA entry with PTK for 4-address frames
Commit aab6612836 ('wlantest: Search
bss/sta entry more thoroughly for 4-address frames') allowed wlantest to
find a STA entry in this type of cases, but it was still possible for
that STA entry to be the one that has no derived PTK while the STA entry
for the other side of the link might have the derived PTK available.

Extend this BSS/STA selection mechanism to use sta->ptk_set to determine
which STA entry is more useful for decryption, i.e., select the one with
a known PTK.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-08 21:54:40 +02:00
Paul Zhang
9b0de99fac Add new QCA vendor attribute for WLAN Latency Module (WLM)
A new vendor attribute QCA_WLAN_VENDOR_ATTR_CONFIG_LATENCY_LEVEL is added
for vendor sub-command QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION.
This attribute is for setting the level of WLM.

Signed-off-by: Paul Zhang <paulz@qti.qualcomm.com>
2017-12-08 14:15:19 +02:00
Jouni Malinen
055cd39788 tests: DPP P-256 test vectors
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-07 13:35:19 +02:00
Jouni Malinen
f55269753c DPP: Allow protocol key to be overridden for testing purposes
This can be used for various testing needs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-05 23:53:08 +02:00
Jouni Malinen
33cddd7fe9 tests: sigma_dut and DPPAuthDirection,Mutual on Initiator
Do not include this argument in normal case, but add a test case to
cover the special extra check case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-05 21:13:30 +02:00
Jouni Malinen
c79b9db066 tests: sigma_dut DPP protocol testing - Stop at RX
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-05 20:22:07 +02:00
Jouni Malinen
1fb0c105a4 tests: WPS with other AES-based ciphers
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:14:55 +02:00
Jouni Malinen
afd3cf14a0 WPS: Add GCMP-256 and CCMP-256 cipher options on Enrollee
If a credential with encp type AES is received, add GCMP-256 and
CCMP-256 cipher options on station Enrollee based on local capabilities.
This is needed to allow connection with an AP using either of these
newer ciphers.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:14:55 +02:00
Jouni Malinen
59642ca956 tests: Make ap_wps_ap_scan_2 work with multiple AES-ciphers
This test case is not really realistic and the second connection attempt
would fail if additional AES-based ciphers get provisioned. Work this
around by dropping to CCMP only if other ciphers are present.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:14:55 +02:00
Jouni Malinen
70dcb4aa0e tests: Allow more ciphers in ap_wps_mixed_cred
This is needed to avoid false errors with GCMP-256 and CCMP-256 to be
added in the implementation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:04:32 +02:00
Jouni Malinen
5f481b6fdb WPS: Check BSS table against current BSSID if credential does not match
The credential MAC address is not necessarily that of the AP, i.e., it
is more likely to be that of the Enrollee. Check the scan results
against the current BSSID as well if match is not found otherwise when
going through the mixed mode workaround.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:00:45 +02:00
Jouni Malinen
402c8e00b7 WPS: Map GCMP-256 and CCMP-256 to AES encryption type
This is needed to allow a credential to be built for GCMP-256/CCMP-256
networks that do not enable GCMP-128/CCMP-128.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:00:45 +02:00
Shiva Sankar Gajula
a2660890a5 WPS: Allow WPS to be enabled in CCMP-256 and GCMP-256 only cases
Extend the check against WPA/TKIP only configuration by adding CCMP-256
and GCMP-256 to the list of allowed ciphers. This is needed to allow WPS
to be enabled in AP configurations where neither CCMP-128 nor GCMP-128
are enabled.

Signed-off-by: Shiva Sankar Gajula <sgajula@qti.qualcomm.com>
2017-12-02 12:00:44 +02:00
Jouni Malinen
41dafe0c0a tests: DPP testing to check for mutual authentication on Initiator
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:00:44 +02:00
Jouni Malinen
163fc3d562 DPP: Indicate to upper layers whether mutual authentication was used
DPP Responder selects whether mutual authentication is used. This commit
adds information about that selection to upper layers (ctrl_iface event
DPP-AUTH-DIRECTION mutual=<0/1>) on the Initiator side.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:00:44 +02:00
Jouni Malinen
c30517c6f7 tests: DPP exchange stopping unexpectedly
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:00:44 +02:00
Jouni Malinen
34603767b8 DPP: Extend protocol testing to allow exchange termination
This extends dpp_test functionality to allow DPP exchanges to be stopped
when receiving a specified message.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:00:44 +02:00
Jouni Malinen
ed2c493e9e DPP: Change Authentication Response retry time to 1 second
The previously used 10 second timer did not really make much sense since
the Initiator is not going to be waiting for the response that long.
Change this to 1 second based on the DPP tech spec change.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:00:44 +02:00
Johannes Berg
702384f77e tests: nl80211.py: Fix attribute padding
The kernel started enforcing attribute lengths, and nl80211.py had been
doing it all wrong - the padding must be present, but not part of the
length.

Fix it to do it the right way.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-12-02 12:00:32 +02:00
Jouni Malinen
963d3149ab nl80211: Fix NL80211_MESHCONF_AUTO_OPEN_PLINKS encoding
This nl80211 attribute uses NLA_U8 policy in cfg80211 and wpa_supplicant
needs to use same size when writing the attribute.

This fixes mesh mode regression triggered by kernel commit "net:
netlink: Update attr validation to require exact length for some types"
in v4.15-rc1 that resulted in the following debug log entry when trying
to join a mesh:
nl80211: mesh join failed: ret=-22 (Invalid argument)

Fixes: 6c1664f605 ("nl80211: Add new commands to support mesh interfaces")
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-01 22:21:24 +02:00
Jouni Malinen
a2426829ce nl80211: Fix NL80211_ATTR_SMPS_MODE encoding
This nl80211 attribute uses NLA_U8 policy in cfg80211 and
hostapd/wpa_supplicant needs to use same size when writing the
attribute.

This fixes AP mode regression triggered by kernel commit "net: netlink:
Update attr validation to require exact length for some types" in
v4.15-rc1 that resulted in the following debug log entry when trying to
enable beaconing:
nl80211: Beacon set failed: -34 (Numerical result out of range)

Fixes: da1080d721 ("nl80211: Advertise and configure SMPS modes")
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-01 20:22:44 +02:00
Jouni Malinen
ce83008c79 tests: sigma_dut and WPS PBC Enrollee
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 23:06:33 +02:00
Jouni Malinen
6923312dc6 tests: sigma_dut controlled connection using preconfigured profile
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 22:54:34 +02:00
Jouni Malinen
5f170c99a4 tests: DPP protocol testing - invalid E-nonce in Conf Req
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 22:03:07 +02:00
Jouni Malinen
f0a383a981 DPP: Extend dpp_test with invalid E-Nonce in Config Req
Allow an E-Nonce attribute with invalid length to be sent for protocol
testing purposes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 22:01:10 +02:00
Jouni Malinen
087f494140 tests: DPP protocol testing - invalid Transaction ID in Peer Disc Req
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 21:56:55 +02:00
Jouni Malinen
55c6c85855 DPP: Extend dpp_test with invalid Transaction ID in Peer Disc Req
Allow a Transaction ID attribute with invalid length to be sent for
protocol testing purposes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 21:56:19 +02:00
Krishna Rao
364039d223 Add QCA vendor command and attributes for RROP
Add QCA vendor command and attributes for vendor specific Representative
RF Operating Parameter (RROP) information. This information is intended
for optional use by external ACS. It provides guidance values for some
RF parameters that are used by the system during operation, so that
external ACS can utilize these to compare between channels, bands, etc.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 18:47:32 +02:00
Jouni Malinen
edac8087e6 tests: Make dpp_auth_req_retries* more reliable
These test cases were failing when run immediately after
dpp_pkex_test_fail. It looks like timing of the TX status and the short
eloop wait were getting reordered in this cases. This ended up with some
of the DPP-TX-STATUS event messages missing. Instead of explicitly
checking for those message, simply count the number of DPP-TX messages
to verify that the correct number of retries are being sent.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 12:56:24 +02:00
Jouni Malinen
0e19300d5b nl80211: Use consistent "0x" prefix for the cookie values
One of the event message for TX status was missing 'x' from the "0x"
prefix. Add that to make the used format consistent for all cookie debug
print cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 12:42:58 +02:00
Jouni Malinen
fa5c907495 DPP: Call wpas_dpp_stop() from wpas_dpp_deinit()
This makes the full DPP deinit operation more consistent with stopping
of a single operation. In practice, this adds the new GAS client
stopping functionality.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 00:11:22 +02:00
Jouni Malinen
818e3c94b7 tests: DPP/PKEX and local failures
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 00:08:40 +02:00
Jouni Malinen
1866dfb52c DPP: Stop pending GAS client operation on DPP_STOP_LISTEN
This makes the operation more complete in stopping all ongoing DPP
related functionality.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 00:08:40 +02:00
Jouni Malinen
f981ce7298 DPP: Do not continue if public key hash derivation fails
sha256_vector() result was ignored apart from printing out the failure
in the debug log. This is not really a normal case and it is better to
reject the full operation rather than try to continue with an incorrect
public key hash value.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 00:08:38 +02:00
Jouni Malinen
8a37d54ea7 DPP: Fix memory leak on dpp_auth_build_conf() error paths
The wpabuf for the message needs to be freed on the error paths.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-29 21:21:34 +02:00
Jouni Malinen
281f480c53 JSON: Fix a memory leak on an error path
If the second json_alloc_token() call failed to allocate memory,
json_parse() missed the first allocation on the error path. Assign the
root pointer earlier for that case to avoid the potential memory leak.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-29 13:22:44 +02:00