Commit graph

17558 commits

Author SHA1 Message Date
Jouni Malinen
9e11e746fa EAP-TLS: Do not allow TLSv1.3 success without protected result indication
RFC 9190 requires protected result indication to be used with TLSv1.3,
so do not allow EAP-TLS to complete successfully if the server does not
send that indication.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-06 15:28:49 +03:00
Jouni Malinen
6135a8a6aa Stop authentication attemps if AP does not disconnect us
It would have been possible for the authentication attemps to go into a
loop if the AP/Authenticator/authentication server were to believe EAP
authentication succeeded when the local conclusion in Supplicant was
failure. Avoid this by timing out authentication immediately on the
second consecutive EAP authentication failure.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-06 15:28:49 +03:00
Jouni Malinen
88ab59d71b EAP-TLS: Replace the Commitment Message term with RFC 9190 language
While the drafts for RFC 9190 used a separate Commitment Message term,
that term was removed from the published RFC. Update the debug prints to
match that final language.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-05 23:05:45 +03:00
Jouni Malinen
63f311b107 EAP-TLS: Update specification references to RFC 5216 and 9190
The previously used references were pointing to an obsoleted RFC and
draft versions. Replace these with current versions.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-05 22:57:51 +03:00
Chenming Huang
74ae4cf757 Android: Avoid LOCAL_PATH conflicts in builds
Change the top level Android.mk's LOCAL_PATH to S_LOCAL_PATH to
avoid potential LOCAL_PATH conflict in subdirectory's LOCAL_PATH.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-05 19:48:08 +03:00
Jouni Malinen
5ab3853211 Revert "Android: Compile hs20-osu-client to /vendor/bin in test builds"
This reverts commit 1192d5721b. That
commit disabled hostapd and wpa_supplicant build in user build variants.
Furthermore, it used duplicated TARGET_BUILD_VARIANT checks between the
Android.mk files.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-05 19:47:44 +03:00
Jouni Malinen
e955998220 tests: WPA2-PSK AP and GTK rekey failing with one STA
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-05 17:25:24 +03:00
Veerendranath Jakkam
b746cb28bc Add support for not transmitting EAPOL-Key group msg 2/2
To support the STA testbed role, the STA has to disable transmitting
EAPOL-Key group msg 2/2 of Group Key Handshake. Add test parameter to
disable sending EAPOL-Key group msg 2/2 of Group Key Handshake.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-04-05 17:06:32 +03:00
Karthikeyan Kathirvel
d27f7bd946 FILS: Fix config check to allow unsolicited broadcast Probe Response
Unsolicited broadcast Probe Response frame configuration did not work in
hostapd due fils_discovery_min_int being used by mistake where
fils_discovery_max_int should have been used in checking for conflicting
configuration. The latter is the one used to decide whether FILS
discovery is enabled or not.

Signed-off-by: Karthikeyan Kathirvel <quic_kathirve@quicinc.com>
2022-04-05 00:33:33 +03:00
Jouni Malinen
b1cc775cf3 tests: Opportunistic Wireless Encryption - duplicated association attempt
Signed-off-by: Jouni Malinen <j@w1.fi>
2022-04-02 17:52:50 +03:00
Jouni Malinen
65a3a273cd OWE: Reuse own DH private key in AP if STA tries OWE association again
This is a workaround for mac80211 behavior of retransmitting the
Association Request frames multiple times if the link layer retries
(i.e., seq# remains same) fail. The mac80211 initiated retransmission
will use a different seq# and as such, will go through duplicate
detection. If we were to change our DH key for that attempt, there would
be two different DH shared secrets and the STA would likely select the
wrong one.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-04-02 17:52:50 +03:00
Yegor Yefremov
6ff8bda992 hostapd: Add the missing CONFIG_SAE option to the defconfig
CONFIG_SAE was added to wpa_supplicant's defconfig but wasn't
added to the hostapd's defconfig file.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
2022-04-02 17:52:50 +03:00
Masashi Honma
1f5b6085c1 Fix SIGSEGV of eapol_test
Running eapol_test to FreeRADIUS 3.0.25 causes trailing SIGSEGV.

WPA_TRACE: eloop SIGSEGV - START
[1]: ./eapol_test(+0x67de6) [0x55b84fa4ade6]
     eloop_sigsegv_handler() ../src/utils/eloop.c:123
[2]: /lib/x86_64-linux-gnu/libc.so.6(+0x430c0) [0x7fec94ad20c0]
[3]: ./eapol_test(dpp_tcp_conn_status_requested+0x4) [0x55b84fa7e674]
     dpp_tcp_conn_status_requested() ../src/common/dpp_tcp.c:2246
[4]: ./eapol_test(wpas_dpp_connected+0x3c) [0x55b84fa816dc]
     wpas_dpp_connected() dpp_supplicant.c:437
[5]: ./eapol_test(wpa_supplicant_set_state+0x48d) [0x55b84fc12c9d]
     wpa_supplicant_set_state() wpa_supplicant.c:1067
[6]: ./eapol_test(eapol_sm_step+0x4b4) [0x55b84fb3b994]
     sm_SUPP_PAE_Step() ../src/eapol_supp/eapol_supp_sm.c:419
     eapol_sm_step() ../src/eapol_supp/eapol_supp_sm.c:989
[7]: ./eapol_test(eapol_sm_rx_eapol+0x190) [0x55b84fb3c060]
     eapol_sm_rx_eapol() ../src/eapol_supp/eapol_supp_sm.c:1293
[8]: ./eapol_test(+0x24760f) [0x55b84fc2a60f]
     ieee802_1x_decapsulate_radius() eapol_test.c:834
     ieee802_1x_receive_auth() eapol_test.c:945
[9]: ./eapol_test(+0x248d46) [0x55b84fc2bd46]
     radius_client_receive() ../src/radius/radius_client.c:937
[10]: ./eapol_test(+0x68323) [0x55b84fa4b323]
     eloop_sock_table_dispatch() ../src/utils/eloop.c:606
[11]: ./eapol_test(eloop_run+0x251) [0x55b84fa4be51]
     eloop_sock_table_dispatch() ../src/utils/eloop.c:597
     eloop_run() ../src/utils/eloop.c:1234
[12]: ./eapol_test(main+0x8cf) [0x55b84fa30d6f]
     main() eapol_test.c:1517
WPA_TRACE: eloop SIGSEGV - END
Aborted (core dumped)

Fixes: 33cb47cf01 ("DPP: Fix connection result reporting when using TCP")
Reported-by: Alexander Clouter <alex+hostapd@coremem.com>
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2022-04-02 17:52:50 +03:00
Jouni Malinen
576662d277 ieee802_11_auth: Coding style cleanup - NULL comparison
Signed-off-by: Jouni Malinen <j@w1.fi>
2022-04-02 17:52:50 +03:00
Jouni Malinen
945acf3ef0 ieee802_11_auth: Coding style cleanup - no string constant splitting
Signed-off-by: Jouni Malinen <j@w1.fi>
2022-04-02 17:52:50 +03:00
Jouni Malinen
1a630283db tests: wpa_psk_radius=3
Signed-off-by: Jouni Malinen <j@w1.fi>
2022-04-02 17:52:50 +03:00
Jouni Malinen
1c3438fec4 RADIUS ACL/PSK check during 4-way handshake
Add an alternative sequence for performing the RADIUS ACL check and PSK
fetch. The previously used (macaddr_acl=2, wpa_psk_radius=2) combination
does this during IEEE 802.11 Authentication frame exchange while the new
option (wpa_psk_radius=3) does this during the 4-way handshake. This
allows some more information to be provided to the RADIUS authentication
server.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-04-02 17:52:32 +03:00
Jouni Malinen
5b5c954c04 Fix AP config check to recognize all PSK AKMs
The check for PSK/passphrase not being present was considering only the
WPA-PSK AKM, but the same check should be applied for all other AKMs
that can use a PSK.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-04-02 16:26:02 +03:00
Kiran Kumar Lokere
c5d9f9064b QCA vendor attribute to indicate NDP interface managemtn using nl80211
Add a QCA_WLAN_VENDOR_FEATURE_USE_ADD_DEL_VIRTUAL_INTF_FOR_NDI
flag to indicate that the driver requires add/del virtual interface
path using the generic nl80211 commands for NDP interface create/delete
and to register/unregister of netdev instead of creating/deleting
the NDP interface using vendor commands.

With the latest Linux kernel (5.12 version onward), interface
creation/deletion is not allowed using vendor commands as it leads to a
deadlock while acquiring the RTNL_LOCK during the register/unregister of
netdev. Create and delete NDP interface using NL80211_CMD_NEW_INTERFACE
and NL80211_CMD_DEL_INTERFACE commands respectively if the driver
advertises this capability.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-01 18:57:09 +03:00
Xin Deng
a9c90475bb FT: Update current_bss to target AP before check for SME-in-driver
STA needs to check AP's information after receive reassociation
response. STA uses connected AP's Beacon/Probe Response frame to compare
with Reassociation Response frame of the target AP currently. However,
if one AP supports OCV and the other AP doesn't support OCV, STA will
fail to verify RSN capability, then disconnect. Update current_bss to
the target AP before check, so that STA can compare correct AP's RSN
information in Reassociation Response frame.

Signed-off-by: Xin Deng <quic_deng@quicinc.com>
2022-04-01 12:22:47 +03:00
Jouni Malinen
0c88d1487c Debug print on CONFIG_NO_TKIP=y prevent RSNE with TKIP as group cipher
This makes the debug log clearer for one of the more likely cases of
"invalid group cipher" preventing RSNE parsing.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-01 11:13:10 +03:00
Sreeramya Soratkal
d5a9331f97 P2P: Copy only valid opclasses while filtering out 6 GHz channels
Copy channels from only valid operating classes in the source channel
list while preparing a non-6 GHz channel/op-classes list when the 6 GHz
band is not used for P2P GO negotiation.

Earlier, during preparation of P2P channels for GO negotiation, a union
of the GO channels and the P2P Client channels is used. While generating
the union in p2p_channels_union_inplace() as the first list itself has
P2P_MAX_REG_CLASSES number of entries, the operating classes from the
second list which are not in the first list were not getting considered.

Fix this by not setting the dst->reg_classes to too large a value.

Fixes: f7d4f1cbec ("P2P: Add a mechanism for allowing 6 GHz channels in channel lists")
Signed-off-by: Sreeramya Soratkal <quic_ssramya@quicinc.com>
2022-03-30 20:42:14 +03:00
Jouni Malinen
99c91beaad Sync with wireless-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2022-03-11.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-03-28 19:40:23 +03:00
Jouni Malinen
1fb907a684 tests: wpa_supplicant AP mode - ACL management
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-03-24 23:22:42 +02:00
Chaoli Zhou
d9121335a0 wpa_cli: Add ACL and BTM control commands
Add AP mode commands for ACL and BTM into wpa_cli similarly to the way
these were already available in hostapd_cli.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-03-24 20:53:50 +02:00
Chaoli Zhou
00622fcfef Extend ACL to install allow/deny list to the driver dynamically
Support installing the updated allow/deny list to the driver if it
supports ACL offload. Previously, only the not-offloaded cases were
updated dynamically.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-03-24 20:53:50 +02:00
Chaoli Zhou
077bce96f3 Set drv_max_acl_mac_addrs in wpa_supplicant AP mode
hostapd code will need this for offloading ACL to the driver.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-03-24 20:53:50 +02:00
Chaoli Zhou
9828aba16e Support ACL operations in wpa_supplicant AP mode
Extend AP mode ACL control interface commands to work from
wpa_supplicant in addition to the previously supported hostapd case.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-03-24 20:53:50 +02:00
Chaoli Zhou
fd0d738ff4 Add return value to ACL functions
While these do not return error code within the current hostapd
implementation, matching functions in wpa_supplicant AP functionality
will have an error case and using consistent return type will make the
control interface code more consistent.

In addition, export hostapd_set_acl() in preparation for the
wpa_supplicant control interface implementation extension.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-03-24 20:53:28 +02:00
Chaoli Zhou
f5ac428116 Move ACL control interface commands into shared files
This is a step towards allowing these commands to be used from
wpa_supplicant.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-03-24 14:22:24 +02:00
Chaoli Zhou
9306956626 Add BSS-TM-QUERY event to indicate reception of BSS TM Query
This allows upper layers to learn about associated stations requesting
BSS transition management from the AP.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-03-24 00:56:53 +02:00
Chaoli Zhou
febcdf3243 Support BTM operations in wpa_supplicant AP mode
Extend AP mode BTM control interface commands to work from
wpa_supplicant in additiona to the previously support hostapd case.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-03-24 00:56:53 +02:00
Chaoli Zhou
0f8c6e9955 Move BTM control interface commands into shared file
This is a step towards allowing these commands to be used from
wpa_supplicant.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-03-24 00:56:53 +02:00
Chaoli Zhou
e059d8ece8 Update the Extended Capability element to struct sta_info
Only the SME-in-hostapd case updated sta->ext_capability while the
SME-in-the-driver case updated sta->qos_map_enabled, but not other items
related to the extended capabilities. This resulted in reduced
information being available through the control interface.

Use the shared helper function for both cases to get matching
information available regardless of the SME architecture.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-03-24 00:56:53 +02:00
Chaoli Zhou
eb2e6b56bb Enable BSS Transition Management in wpa_supplicant AP mode
Enable BTM capability for AP mode only and do not affect P2P GO mode.
This can be used for AP band steering when using wpa_supplicant to
control AP mode operations.

Signed-off-by: Chaoli Zhou <quic_zchaoli@quicinc.com>
2022-03-24 00:56:53 +02:00
Jouni Malinen
30ecf0181d DPP: Update Controller parameters when it was already started
dpp_configurator_params changes were taken into use in the
non-TCP/Controller case immediately on change, but that was not the case
for the Controller where this was updated only when explicitly starting
it. Change this to update dpp_configurator_params for the Controller as
well even if it is already running.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-03-24 00:56:53 +02:00
Jouni Malinen
b93d1083ee DPP: Fix msg_ctx for PKEX over TCP as Controller/Responder
PKEX Exchange Request handling in Controller used incorrect msg_ctx
pointer and that could result in event messages causing unexpected
behavior. Fix this by registering the correct msg_ctx pointer for these
cases.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-03-24 00:56:53 +02:00
Jouni Malinen
3085e1a671 hs20-osu-client: dNSName values from OSU server certificate for PPS MO
The previous change to allow EST server to use a different host name
ended up overriding the OSU server certificate information and the
incorrect server certificate was used when comparing the SP FQDN from
the PPS MO if the OSU and EST servers where different. Fix this by
keeping the dNSName from the SPP interaction and not storing the values
from the EST interaction.

Fixes: 0ce8d55a2e ("hs20-osu-client: Allow EST server to use different host name")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-03-14 10:42:11 +02:00
Jouni Malinen
ce86f2446f DFS: Remove unnecessary variable
This was not used for anything else than checking the value returned by
the called function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-03-13 21:23:54 +02:00
Lorenzo Bianconi
760a5ae26b DFS: Switch to background radar channel if available
On radar detection on the main chain switch to the channel monitored
by the background chain if we have already performed the CAC there.
If a radar pattern is reported on the background chain, just select a
new random channel according to the regulations for monitoring.

Tested-by: Owen Peng <owen.peng@mediatek.com>
Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
2022-03-13 21:23:10 +02:00
Lorenzo Bianconi
b63d953feb DFS: Enable CSA for background radar detection
Rely on hostapd_dfs_request_channel_switch() to enable CSA for
background radar detection switching back to the selected channel.

Tested-by: Owen Peng <owen.peng@mediatek.com>
Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
2022-03-13 21:15:48 +02:00
Lorenzo Bianconi
25663241c5 DFS: Introduce hostapd_dfs_request_channel_switch()
This is a preliminary patch to add Channel Switch Announcement for
background radar detection.

Tested-by: Owen Peng <owen.peng@mediatek.com>
Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
2022-03-13 21:12:43 +02:00
Lorenzo Bianconi
316a9dc63b DFS: Configure background radar/CAC detection
Introduce the capability to perform radar/CAC detection on an offchannel
radar chain available on some hardware (e.g., mt7915). This feature
allows to avoid CAC downtime switching on a different channel during CAC
detection on the selected radar channel.

Tested-by: Owen Peng <owen.peng@mediatek.com>
Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
2022-03-13 21:06:51 +02:00
Lorenzo Bianconi
bad12effe8 nl80211: Radar background flag setting
Allow background radar detection flag to be set when specifying a
channel. This is a preliminary change to introduce radar/CAC background
detection support.

Tested-by: Owen Peng <owen.peng@mediatek.com>
Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
2022-03-13 20:48:06 +02:00
Lorenzo Bianconi
effd6111b8 DFS: Rely on channel_type in dfs_downgrade_bandwidth()
Add the capability to specify all 3 channel type possibilities in
dfs_downgrade_bandwidth(). This is a preliminary change to introduce
radar/CAC background detection support.

Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
2022-03-13 18:30:56 +02:00
Jouni Malinen
b37bbcc390 tests: Clear country configuration at the end of wpas_ap_async_fail
This was causing a failure in the following sequence:
wpas_ap_async_fail wpas_ctrl_country

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-03-13 18:26:45 +02:00
Jouni Malinen
7f661f942d tests: Make DPP relay tests more robust
Flush scan results to avoid failure caused by incorrect channel
selection based on an old result for the same BSSID. This was found with
the following test sequence:
ap_track_sta_no_auth dpp_network_intro_version_missing_req dpp_controller_relay_pkex

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-03-13 18:26:45 +02:00
Jouni Malinen
f9ba3d5c89 OpenSSL 3.0: Set SSL groups using SSL_set1_groups()
The mechanism using SSL_set_tmp_ecdh() has been obsoleted and
SSL_set1_groups() takes care of it instead.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-03-13 11:27:15 +02:00
Jouni Malinen
09c62aaf11 OpenSSL: Determine RSA key size without low-level routines
RSA low-level routines were deprecated in OpenSSL 3.0.
EVP_PKEY_get_bits(), or its older and more backwards compatible name
EVP_PKEY_bits() can be used here instead.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-03-13 11:27:12 +02:00
Jouni Malinen
b700a56e14 OpenSSL 3.0: Determine the prime length for an EC key group using EVP_PKEY
EVP_PKEY_get0_EC_KEY() and EC_KEY_get0_group() were deprecated in
OpenSSL 3.0. Add a version of this by determining the group without
fetching the EC_KEY itself from an EVP_PKEY.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-03-13 11:26:55 +02:00