Commit graph

6964 commits

Author SHA1 Message Date
Andrei Otcheretianski
6bb9d9a8db AP: Avoid NULL use with snprintf string
identity_buf may be NULL here. Handle this case explicitly by printing
"N/A" instead relying on snprintf converting this to "(null)" or some
other value based on unexpected NULL pointer.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2019-04-06 18:49:26 +03:00
Ilan Peer
277fa92b37 crypto: Fix unreachable code in tls_prf_sha1_md5()
While commit 1c156e783d ("Fixed tls_prf() to handle keys with
odd length") added support for keys with odd length, the function
never reached this code as the function would return earlier in
case the key length was odd. Fix this by removing the first check
for the key length.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2019-04-06 17:00:07 +03:00
Jouni Malinen
3d93e26e66 tests: SAE test vector from IEEE P802.11-REVmd/D2.1, Annex J.10
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-06 13:26:15 +03:00
Sunil Dutt
e5711b6181 Add a QCA vendor attribute to carry the reason for roaming
This commit introduces an attribute
QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_REASON to carry the roam reason code
through QCA_NL80211_VENDOR_SUBCMD_KEY_MGMT_ROAM_AUTH event.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-05 21:15:16 +03:00
Ankita Bajaj
005585d602 nl80211: Add SAE, FT-SAE, FT-EAP-SHA384 AKMs in connect request
This is needed for full MAC drivers that use NL80211_CMD_CONNECT
for issuing connect request.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-05 21:02:37 +03:00
Jouni Malinen
bd23daa8e6 DPP: Move GAS encapsulation into dpp_build_conf_req()
Avoid duplicated code in each user of dpp_build_conf_req() by moving the
common encapsulation case into this helper function.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-03 19:10:47 +03:00
Jouni Malinen
253ce212ee Add AKM info in the debug message noting PMKSA caching entry addition
This is useful for debugging issues where an expected PMKSA cache entry
is not found.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-27 04:02:19 +02:00
vamsi krishna
6fe3f0f798 FT-SAE: Use PMK as XXKey in AP when SAE PMKSA caching is used
When connected using FT-SAE key mgmt, use PMK from PMKSA cache as XXKey
for PMK-R0 and PMK-R1 derivations. This fixes an issue where FT key
hierarchy could not be established due to missing (not yet configured)
XXKey when using SAE PMKSA caching for the initial mobility domain
association.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-27 04:01:26 +02:00
Jouni Malinen
6d14b98fc6 nl80211: Do not add WMM parameters when updating an existing STA entry
In the case of the driver not supporting full AP mode STA state (i.e.,
not adding a STA entry before association), the QoS parameters are not
allowed to be modified when going through (re)association exchange for a
STA entry that has not been removed from the kernel. cfg80211 would
reject such command to update STA flags, so do not add the WMM parameter
in this case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-27 03:14:02 +02:00
Jouni Malinen
2ffd8076de FT/RRB: Pad RRB messages to at least minimum Ethernet frame length
Ethernet frames have minimum length of 64 octets and shorter frames may
end up getting arbitrary padding in the end. This would result in the
FT/RRB receiver rejecting the frame as an incorrectly protected one.
Work around this by padding the message so that it is never shorter than
the minimum Ethernet frame.

Unfortunately, this padding is apparently not enough with all Ethernet
devices and it is still possible to see extra two octet padding at the
end of the message even if larger frames are used (e.g., showed up with
128 byte frames). For now, work around this by trying to do AES-SIV
decryption with two octets shorter frame (ignore last two octets) if the
first attempt fails.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-26 22:50:17 +02:00
Jouni Malinen
555c93e2d8 FT/RRB: Add more debug prints for RRB message encryption/decryptiom
This is needed to make it easier to understand what could be going wrong
in RRB communication.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-26 22:50:17 +02:00
Jouni Malinen
87d8435cf9 DPP: Common configurator/bootstrapping data management
Merge the practically copy-pasted implementations in wpa_supplicant and
hostapd into a single shared implementation in dpp.c for managing
configurator and boostrapping information. This avoid unnecessary code
duplication and provides a convenient location for adding new global DPP
data.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-24 17:29:45 +02:00
Jouni Malinen
08dc8efd29 Fix memcpy regression in PMK handling
The memcpy calls added for exposing the PMK from wpa_auth module could
end up trying to copy the same memory buffer on top of itself.
Overlapping memory areas are not allowed with memcpy, so this could
result in undefined behavior. Fix this by making the copies conditional
on the updated value actually coming from somewhere else.

Fixes: b08c9ad0c7 ("AP: Expose PMK outside of wpa_auth module")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-23 12:44:42 +02:00
Jouni Malinen
130444738b FILS: Fix KEK2 derivation for FILS+FT
The offset update for copying KEK2 from the extended PTK was overriding
the offset instead of incrementing it (a likely copy-paste error from
the first offset assignment based on KCK). This resulted in KEK2 being
set to incorrect segment of PTK. Fix this by updating the offset
properly so that KEK2 is copied from the correct place at the end of the
PTK.

Fixes: 2f37387812 ("FILS: Add more complete support for FT-FILS use cases")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-20 22:26:56 +02:00
Jouni Malinen
bf84e78cbc OpenSSL: Fix build with current BoringSSL
SSL_use_certificate_chain_file() is not available in the current
BoringSSL even though the defined OPENSSL_VERSION_NUMBER is large enough
to claim that this function would be present in the OpenSSL API.

Fall back to using SSL_use_certificate_file() with BoringSSL to fix the
build.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-19 18:24:09 +02:00
Jouni Malinen
b750dde64d OWE: Move Association Response frame IE addition to appropriate place
This code was after the FILS handling that would have encrypted the
frame. While FILS and OWE are never used together, the OWE handling
should really be before the FILS handling since no IEs can be added
after the FILS encryption step. In addition, the Diffie-Hellman
Parameter element is not a Vendor Specific element, so it should be
before some of the Vendor Specific elements even though it is not
defined in IEEE 802.11.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-18 18:32:31 +02:00
Jouni Malinen
10ec6a5f38 DPP2: PFS for PTK derivation
Use Diffie-Hellman key exchange to derivate additional material for
PMK-to-PTK derivation to get PFS. The Diffie-Hellman Parameter element
(defined in OWE RFC 8110) is used in association frames to exchange the
DH public keys. For backwards compatibility, ignore missing
request/response DH parameter and fall back to no PFS in such cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-18 18:32:31 +02:00
Jouni Malinen
ecacd9ccd4 DPP2: Extend wpa_pmk_to_ptk() to support extra Z.x component in context
DPP allows Diffie-Hellman exchange to be used for PFS in PTK derivation.
This requires an additional Z.x (x coordinate of the DH shared secret)
to be passed to wpa_pmk_to_ptk(). This commit adds that to the function
and updates all the callers to pass NULL,0 for that part in preparation
of the DPP specific changes to start using this.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-18 01:31:31 +02:00
Jouni Malinen
16a4e931f0 OWE: Allow Diffie-Hellman Parameter element to be included with DPP
The previous OWE implementation on the AP side rejected any
(Re)Association Request frame with the Diffie-Hellman Parameter element
if AKM was not OWE. This breaks compatibility with DPP PFS, so relax
that rule to allow DPP AKM to be used as well. While this commit alone
does not add support for PFS, this allows interoperability between
non-PFS implementation on the AP and a newer PFS implementation on the
STA.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-18 00:27:11 +02:00
Jouni Malinen
808bdb308f Add TEST_FAIL() to aes_encrypt_init() with internal crypto
This is needed for the hwsim test cases ap_wpa2_eap_psk_oom and
ap_wpa2_eap_sim_oom.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-16 18:52:09 +02:00
Jouni Malinen
32f4760664 TLS: Add support for RFC 5705 TLS exporter context with internal TLS
Use the provided context, if any, to generate the seed for TLS PRF.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-16 18:52:09 +02:00
Ervin Oro
a916ff5cd8 Add support for an optional context parameter to TLS exporter
Allow an additional context value to be passed to TLS exporter as
specified in RFC 5705 section 4.

This does not yet implement it for the internal TLS implementation.
However, as currently nothing uses context yet, this will not break
anything right now. WolfSSL maintainers also stated that they are not
going to add context support yet, but would look into it if/when this is
required by a published draft or a standard.

Signed-off-by: Ervin Oro <ervin.oro@aalto.fi>
2019-03-16 18:52:09 +02:00
Jouni Malinen
18015fc8a4 DPP2: Support new legacy+DPP config object credentials
This allows devices supporting DPP protocol version 2 or newer to
provision networks that enable both the legacy (PSK/SAE) and DPP
credentials.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-16 18:52:06 +02:00
Jouni Malinen
9305c2332b DPP: Clean up configuration parsing
Share a single parsing implementation for both hostapd and
wpa_supplicant to avoid code duplication. In addition, clean up the
implementation to be more easily extensible.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-16 17:29:59 +02:00
Jouni Malinen
c675397cc3 OpenSSL: Fix build with OpenSSL 1.0.2
X509_get_subject_name() in OpenSSL 1.0.2 does not mark its argument as a
const pointer, so need to type cast this to avoid a build warning.

Fixes: 841205a1ce ("OpenSSL: Add 'check_cert_subject' support for TLS server")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 00:33:33 +02:00
Jouni Malinen
ff5f54e159 SAE: Reduce queue wait time for pending Authentication frames
The queue_len * 50 ms wait time was too large with the retransmission
timeouts used in the mesh case for SAE. The maximum wait of 750 ms was
enough to prevent successful completion of authentication after having
hit the maximum queue length. While the previous commit is enough to
allow this to complete successfully in couple of retries, it looks like
a smaller wait time should be used here even if it means potentially
using more CPU.

Drop the processing wait time to queue_len * 10 ms so that the maximum
wait time is 150 ms if the queue is full.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 00:31:09 +02:00
Jouni Malinen
5e3a759cd4 SAE: Improved queuing policy for pending authentication frames
The previous design of simply queuing all SAE commit messages was not
exactly good at allowing recovery from a flooding state if the valid
peer used frequent retransmissions of the SAE message. This could
happen, e.g., with mesh BSSs using SAE. The frequent retransmissions and
restarts of SAE authentication combined with SAE confirm messages
bypassing the queue ended up in not being able to finish SAE exchange
successfully.

Fix this by modifying the queuing policy to queue SAE confirm messages
if there is a queued SAE commit message from the same peer so that the
messages within the same exchange do not get reordered. In addition,
replace queued SAE commit/confirm message if a new matching message is
received from the same peer STA. This is useful for the case where the
peer restarts SAE more quickly than the local end has time to process
the queued messages.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 00:31:09 +02:00
Jouni Malinen
67b3bcc954 DPP2: Testing option for Config Object rejction
Add a new testing option to force Enrollee to reject the receive Config
Object.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 00:31:09 +02:00
Jouni Malinen
22f90b32f1 DPP2: Configuration Result message generation and processing
Use this new message from Enrollee to Configurator to indicate result of
the config object provisioning if both devices support protocol version
2 or newer.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-15 00:31:09 +02:00
Jouni Malinen
673631b8a3 More robust timer_tick_enabled tracking
Do not set sm->timer_tick_enabled if the eloop_register_timeout() call
fails so that the next attempt to enable the timer in
eapol_enable_timer_tick() can try to recover from unexpected eloop
failures. This should not really be needed in practical use cases, but
certain out-of-memory test cases can trigger allocation failure in
eloop_register_timeout() and if that happens, the previous EAPOL
supplicant state machine implementation got pretty much completely stuck
for any operation needing the timer.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 23:33:41 +02:00
Jouni Malinen
b5e57699af FILS+FT: STA mode validation of PMKR1Name in initial MD association
Verify that the AP uses matching PMKR1Name in (Re)Association Response
frame when going through FT initial mobility domain association using
FILS. Thise step was missing from the initial implementation, but is
needed to match the IEEE 802.11ai requirements for explicit confirmation
of the FT key hierarchy (similarly to what is done in FT 4-way handshake
when FILS is not used).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 19:15:13 +02:00
Jouni Malinen
3653663933 FILS+FT: AP mode processing of PMKR1Name in initial MD association
Derive PMKR1Name during the FILS authentication step, verify that the
station uses matching PMKR1Name in (Re)Association Request frame, and
add RSNE[PMKR1Name] into (Re)Association Response frame when going
through FT initial mobility domain association using FILS. These steps
were missed from the initial implementation, but are needed to match the
IEEE 802.11ai requirements for explicit confirmation of the FT key
hierarchy (similarly to what is done in FT 4-way handshake when FILS is
not used).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 19:15:06 +02:00
Jouni Malinen
aabbdb818d FILS: Do not try to add PMKSA cache entry if caching is disabled
This gets rid of a confusing error message "FILS: Failed to add PMKSA
cache entry based on ERP" for cases where PMKSA caching is disabled in
hostapd (disable_pmksa_caching=1). Functionality remains unchanged,
i.e., no cache entry was added before this change either.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 16:34:48 +02:00
Arif Hussain
02bde9581f Vendor attribute to enable or disable TWT request support
Add a new QCA vendor attribute for testing purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 14:56:59 +02:00
vamsi krishna
4efade3157 nl80211: Clear keys from heap memory before freeing it for get_seqnum
NL80211_CMD_GET_KEY response may return the actual key in addition to
the last used sequence number that we need. That might result in a key
being left in unused heap memory after the buffer is freed.

Explicitly clear the message payload with the possibly included key
material from heap memory before returning from the handler function
(and having libnl free the nlmsg) when key information is obtained from
the driver using the NL80211_CMD_GET_KEY command.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 14:54:18 +02:00
vamsi krishna
c6ec9759c5 nl80211: Exclude PMK when sending NL80211_CMD_DEL_PMKSA explicitly
Add a check in nl80211 driver layer to not include PMK while sending
NL80211_CMD_DEL_PMKSA explicitly. Though it is taken care already in
supplicant layer by setting the pmk_len to zero, it would be good
to have a check in nl80211 layer in order to avoid future accidental
inclusions of keying material in commands that do not need them.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 13:22:40 +02:00
Jouni Malinen
0b4a906de1 DPP2: Protocol version indication
Send out the new Protocol Version attribute in Authentication
Request/Response messages and determine the peer version based on this
attribute.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-13 13:22:37 +02:00
Jouni Malinen
bf0021ede3 Allow fragmentation/RTS threshold to be disabled explicitly
hostapd configuration parameters fragm_threshold and rts_threshold were
documented to disable the threshold with value -1 and not change driver
configuration if the parameter is not included. However, -1 was mapped
into not changing the driver value, so the explicit disabling part did
not work.

Replace the default values for these to be -2 so that explicitly set
configuration value -1 can be distinguished from the case of not
including the parameter. Map the -1 value to a driver request to disable
the threshold. Ignore any error from this operation just in case to
avoid breaking functionality should some drivers not accept the (u32) -1
value as a threshold value request to disable the mechanism.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-12 17:15:08 +02:00
stonez
48102f65ef Add a vendor subcommand QCA_NL80211_VENDOR_SUBCMD_MPTA_HELPER_CONFIG
This subcommand is used to update Zigbee state and specified WLAN
durations to enhance success ratio of Zigbee joining network. The
attributes defined in enum qca_mpta_helper_vendor_attr are used to
deliver these parameters to the driver.

Signed-off-by: stonez <stonez@codeaurora.org>
2019-03-12 13:00:24 +02:00
Amir Patel
f10a4af1bd Add QCA vendor command/event and attributes for peer rate statistics
Peer rate statistics is per-peer cached data in the driver. These
statistics needs to be flushed to a user space application on
synchronous/asynchronous events. This command is used as an event from
the driver to flush per-peer cached statistics to the application.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-12 12:42:58 +02:00
Jouni Malinen
56a33496fe Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2019-01-25.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-12 00:23:45 +02:00
Jared Bents
841205a1ce OpenSSL: Add 'check_cert_subject' support for TLS server
This patch added 'check_cert_subject' support to match the value of
every field against the DN of the subject in the client certificate. If
the values do not match, the certificate verification will fail and will
reject the user.

This option allows hostapd to match every individual field in the right
order, also allow '*' character as a wildcard (e.g OU=Development*).

Note: hostapd will match string up to 'wildcard' against the DN of the
subject in the client certificate for every individual field.

Signed-off-by: Paresh Chaudhary <paresh.chaudhary@rockwellcollins.com>
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-11 14:09:45 +02:00
Jouni Malinen
0173423f41 Use char pointers for EAP configuration parameters without length
These parameters were using the u8*/len style types even though they
were used as char* strings without an explicit length field. Make this
char* instead of u8* to avoid confusion and unnecessary type casting.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-11 14:09:45 +02:00
Jouni Malinen
cd6a5866eb Remove forgotten os_strncpy() implementations
This was replaced with os_strlcpy() long time ago.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-10 15:56:51 +02:00
Jouni Malinen
ca9efe113c roboswitch: Check some read operation results
This gets rid of some static analyzer warnings about uninitialized
variables being used in comparisons or write operations.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-09 18:56:48 +02:00
Jouni Malinen
4d379be4a9 Clarify AP mode Action frame handling
Include only one of hostapd_mgmt_rx() and hostapd_action_rx() functions
in the build. Previously, NEED_AP_MLME builds (i.e., cases where hostapd
AP MLME implementation is included) included both of these functions and
both were tried in sequence. In addition to being difficult to
understand, that could result in unexpected behavior if
hostapd_mgmt_rx() rejected a frame and return 0 to allow
hostapd_action_rx() to attempt to process the frame.

All the operations included in hostapd_action_rx() are supposed to be
available through the hostapd_mgmt_rx() call in handle_action() and
those should result in the exact same Category/Action-based handler
function to be called in the end. As such, this should not result in
different behavior. And if there is a difference, that would be pointing
at a hidden bug that would need to be fixed anyway. Furthermore, builds
without NEED_AP_MLME would not have any difference in behavior or
contents of the binary either.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-09 12:51:34 +02:00
Jouni Malinen
cc833a236c Minor cleanup to return after WNM Action frame handling
There is no need to go through the following handler calls in
hostapd_action_rx() after having found the matching WLAN_ACTION_WNM
handler.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-09 12:43:20 +02:00
Jouni Malinen
700b3f395e Move SA Query frame length check to the shared handler function
Check the length in the common handler functions instead of both
callers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-09 12:41:49 +02:00
Jouni Malinen
002edb6303 Fix AP MLME in driver handling of FT and SA Query Action frames
hostapd_action_rx() was pointing at incorrect field (Action vs.
Category) for the wpa_ft_action_rx() call and the length check for SA
Query Action frames. This resulted in those frames getting dropped as
invalid (FT) or ignored as truncated (SA Query). Fix this by pointing to
the correct place at the beginning of the frame body.

This issue had a long history. These were broken during cleanup in
commit dbfb8e82ff ("Remove unnecessary EVENT_RX_ACTION") which
actually fixed the initial reason for the error accidentally. It was
just that that error was needed to cancel out another earlier error..

One of the errors came from misuse of the EVENT_RX_ACTION API in commit
deca6eff74 ("atheros: Add new IEEE 802.11r driver_ops"). That pointed
struct rx_action data/len to cover the Action frame from the Category
field to the end of the frame body while the API was documented to cover
Action field to the end of the frame body. This error was cancelled by
another error in commit 88b32a99d3 ("FT: Add FT AP support for drivers
that manage MLME internally") that called wpa_ft_action_rx() with the
struct rx_action::data field as the second argument. That argument needs
to point to the Category field, but that struct rx_action field was
supposed to point to the Action field.

Number of the Action frame handlers added into hostapd_action_rx() had
been fixed more or less accidentally after this in various other
commits, but the FT and SA Query handlers had ended up maintaining the
incorrect operations. This is now fixing those.

This seems to fix at least some cases of FT-over-DS with drivers that
use driver-based AP MLME. Such drivers might use internal SA Query
processing, so it is not clear whether that part actually fixes any real
issues.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-03-09 12:41:43 +02:00
Masashi Honma
1e653daa31 EAP-pwd server: Fix memory leak with salted passwords
The struct hostapd_eap_user changes with a new allocated variable were
not covered in the RADIUS server code. Fix this by using eap_user_free()
instead of custom memory freeing operation in radius_server.c.

The hwsim tests with salted password (ap_wpa2_eap_pwd_salt_sha1,
ap_wpa2_eap_pwd_salt_sha256, ap_wpa2_eap_pwd_salt_sha512) triggered
these memory leaks.

Fixes: d52ead3db7 ("EAP-pwd server: Add support for salted password databases")
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-03-08 16:59:27 +02:00
Jouni Malinen
96d6dfa8e4 SAE: Add Finite Cyclic Group field in status code 77 response
Copy the Finite Cyclic Group field value from the request to the
response Authentication frame if we end up rejecting the request due to
unsupported group.

IEEE Std 802.11-2016 has conflicting statements about this behavior.
Table 9-36 (Presence of fields and elements in Authentication frames)
indicates that the Finite Cyclic Group field is only included with
status code values 0 (success) and 76 (anti-clogging token request)
while SAE protocol description implying that the Finite Cyclic Group
field is set to the rejected group (12.4.8.6.3 and 12.4.8.6.4).

The standard language needs to cleaned up to describe this
unambiguously, but since it looks safe to add the field into the
rejection case and since there is desire to have the field present to be
able to implement what exactly is stated in 12.4.8.6.4, it looks
reasonable to move ahead with the AP mode implementation change. There
is no change in wpa_supplicant for now to modify its behavior based on
whether this field is present, i.e., wpa_supplicant will continue to
work with both the old and new hostapd behavior for SAE group
negotiation.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-08 16:21:03 +02:00
Jouni Malinen
fda7660106 EAP-pwd: Fix a memory leak in hunting-and-pecking loop
tmp2 (y^2) was derived once in each iteration of the loop and only freed
after all the loop iterations. Fix this by freeing the temporary value
during each iteration.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-07 00:27:12 +02:00
Jouni Malinen
fc30f99b34 WPS: Allow AP SAE configuration to be added automatically for PSK
The new hostapd configuration parameter wps_cred_add_sae=1 can be used
to request hostapd to add SAE configuration whenever WPS is used to
configure the AP to use WPA2-PSK and the credential includes a
passphrase (instead of PSK). This can be used to enable WPA3-Personal
transition mode with both SAE and PSK enabled and PMF enabled for PSK
and required for SAE associations.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-06 21:52:43 +02:00
Sunil Dutt
b9cd4f5e75 Vendor feature capability for TWT (Target Wake Time)
Add a new QCA vendor specific feature capability indication for the
device to indicate the support of TWT.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-06 14:13:33 +02:00
Sunil Dutt
877502a6a7 Vendor attribute to indicate a set_blacklist of BSSID only as a hint
The current/default behavior of set blacklist BSSID QCA vendor command
is a mandate to the driver - do not consider this BSSID for connect/roam
till reset.

There are use cases where this need not be a mandate and thus could
provide the flexibility for the driver to consider this BSSID if there
are no better ones. Such use cases can use this new flag attribute to
only hint the blacklist of a BSSID to the driver.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-06 14:09:15 +02:00
Kiran Kumar Lokere
a9247bcdf2 Vendor attribute to configure HE testbed default capabilities
Add a new QCA vendor attribute for testing purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-06 14:04:28 +02:00
Kiran Kumar Lokere
8a7510cc0d Vendor attribute to configure support to enable VHT in 2.4G band
Add a new QCA vendor attribute for testing purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-06 14:03:56 +02:00
Kiran Kumar Lokere
8919ec616b Vendor attribute to configure HE OMI UL MU data disable
Add a new QCA vendor attribute for testing purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-06 14:02:37 +02:00
Jouni Malinen
f214361581 SAE: Reuse previously generated PWE on a retry with the same STA
Do not start SAE authentication from scratch if a STA starts a new
attempt for the same group while we still have previously generated PWE
available. Instead, use the previously generated PWE as-is and skip
anti-clogging token exchange since the heavy processing is already
completed. This saves unnecessary processing on the AP side in case the
STA failed to complete authentication on the first attempt (e.g., due to
heavy SAE load on the AP causing a timeout) and makes it more likely for
a valid STA to be able to complete SAE authentication during a DoS
attack.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-06 13:07:20 +02:00
Jouni Malinen
fd83089120 SAE: Reuse previously generated PWE on a retry with the same AP
Do not start SAE authentication from scratch when the AP requests
anti-clogging token to be used. Instead, use the previously generated
PWE as-is if the retry is for the same AP and the same group. This saves
unnecessary processing on the station side in case the AP is under heavy
SAE authentiation load.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-06 13:07:11 +02:00
Jouni Malinen
a9af1da0b5 SAE: Enforce single use for anti-clogging tokens
Add a 16-bit token index into the anti-clogging token. This can be used
to enforce only a single use of each issued anti-clogging token request.
The token value is now token-index |
last-30-octets-of(HMAC-SHA256(sae_token_key, STA-MAC-address |
token-index)), i.e., the first two octets of the SHA256 hash value are
replaced with the token-index and token-index itself is protected as
part of the HMAC context data.

Track the used 16-bit token index values and accept received tokens only
if they use an index value that has been requested, but has not yet been
used. This makes it a bit more difficult for an attacker to perform DoS
attacks against the heavy CPU operations needed for processing SAE
commit since the attacker cannot simply replay the same frame multiple
times and instead, needs to request each token separately.

While this does not add significant extra processing/CPU need for the
attacker, this can be helpful in combination with the queued processing
of SAE commit messages in enforcing more delay during flooding of SAE
commit messages since the new anti-clogging token values are not
returned before the new message goes through the processing queue.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-06 13:07:03 +02:00
Jouni Malinen
ff9f40aee1 SAE: Process received commit message through a queue
This allows better control of processing new SAE sessions so that other
operations can be given higher priority during bursts of SAE requests,
e.g., during a potential DoS attack. The receive commit messages are
queued (up to maximum of 15 entries) and processed from eloop callback.
If the queue has multiple pending entries, more wait time is used to go
through the each new entry to reduce heavy CPU load from SAE processing.

Enable anti-clogging token use also based on the pending commit message
queue and not only based on the already started sessions.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-06 13:06:50 +02:00
Jouni Malinen
941bad5ef4 SAE: Enable only group 19 by default in AP mode
Change the AP mode default for SAE to enable only the group 19 instead
of enabling all ECC groups that are supported by the used crypto library
and the SAE implementations. The main reason for this is to avoid
enabling groups that are not as strong as the mandatory-to-support group
19 (i.e., groups 25 and 26). In addition, this disables heavier groups
by default.

In addition, add a warning about MODP groups 1, 2, 5, 22, 23, and 24
based on "MUST NOT" or "SHOULD NOT" categorization in RFC 8247. All the
MODP groups were already disabled by default and would have needed
explicit configuration to be allowed.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-05 17:21:41 +02:00
Jouni Malinen
b11fa98bcb Add explicit checks for peer's DH public key
Pass the group order (if known/specified) to crypto_dh_derive_secret()
(and also to OpenSSL DH_generate_key() in case of Group 5) and verify
that the public key received from the peer meets 1 < pubkey < p and
pubkey^q == 1 mod p conditions.

While all these use cases were using only ephemeral DH keys, it is
better to use more explicit checks while deriving the shared secret to
avoid unexpected behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-05 17:05:03 +02:00
Jouni Malinen
4a9531a755 bignum: Fix documentation for bignum_cmp_d()
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-05 16:10:33 +02:00
Jouni Malinen
bb05d03606 Fix a regression from VLAN assignment using WPA/WPA2 passphrase/PSK
This extension of VLAN assignment code had a bug in one of the code
paths where vlan_id could have been left uninitialized. This could
result in SAE authentication getting rejected in cases where VLAN
assignment is not used if the uninitialized stack memory had nonzero
value.

Fixes: dbfa691df4 ("VLAN assignment based on used WPA/WPA2 passphrase/PSK")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00
Jouni Malinen
429ed54a3d UBSan: Avoid a warning on signed left shift
Use unsigned 1 (1U) instead of signed (1) when doing left shift that
could potentially need to use all bits of the 32-bit unsigned variable.

radius_server.c:2254:14: runtime error: left shift of 1 by 31 places cannot be represented in type 'int'

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00
Jouni Malinen
b3957edbe9 UBSan: Split loop index decrementation into a separate step
Avoid an unnecessary unsigned integer overflow warning due to loop index
j-- use.

hostapd.c:661:10: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'unsigned int'

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00
Jouni Malinen
5ac13f6d00 atheros: Avoid clang compiler warning on address of array check
ie.wps_ie is an array, so there is no point in checking whether it is
NULL.

driver_atheros.c:1221:9: error: address of array 'ie.wps_ie' will
      always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00
Jouni Malinen
aaa6b14984 Avoid compiler warning about potentially unaligned pointer value
(&mgmt->u.deauth.reason_code + 1) is not exactly clean and now that we
have the u8 variable[] member in the struct after this field, use that
directly to avoid clang compiler warning:
ctrl_iface_ap.c:454:18: error: taking address of packed member
      'reason_code' of class or structure 'ieee80211_mgmt::(anonymous
      union)::(anonymous)' may result in an unaligned pointer value
      [-Werror,-Waddress-of-packed-member]

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00
Jouni Malinen
cce974d367 UBSan: Define FST LLT macros without integer overflow
FST_MAX_LLT_MS definition depended on undefined behavior with unsigned
integer overflow. Avoid that and also optimize the
FST_LLT_{MS_TO_VAL,VAL_TO_MS} macros to handle larger values without
overflowing 32-bit unsigned integers.

fst_session.c:1274:52: runtime error: unsigned integer overflow: 4294967295 * 32 cannot be represented in type 'unsigned int'

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00
Jouni Malinen
9140caf5fb UBSan: Avoid integer overflow in a loop index counter
Split the check and decrementation into separate steps to avoid an
unnecessary UBSan warning.

hostapd.c:1895:14: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'size_t' (aka 'unsigned long')

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00
Jouni Malinen
8fc22fdde6 UBSan: Avoid NULL pointer dereferences on an error path
hapd->conf might be NULL in case initialized failed, so better be
prepared for that when debug printing interface name in the deinit path.

hostapd.c:312:54: runtime error: member access within null pointer of type 'struct hostapd_bss_config'
hostapd.c:351:29: runtime error: member access within null pointer of type 'struct hostapd_bss_config'
hostapd.c:2158:18: runtime error: member access within null pointer of type 'struct hostapd_bss_config'

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00
Jouni Malinen
43216777e5 UBSan: Avoid unsigned integer overflow in base64 encoding
Add a constraint on the base64 encoded buffer length to avoid an integer
overflow in the output length calculation.

common.c:1087:16: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'size_t' (aka 'unsigned long')

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00
Jouni Malinen
fed7d8fcba UBSan: Avoid unsigned integer overflow in utf8_{,un}escape()
Split the if/while loop condition into two independent steps so that
in_size-- happens only in the case in_size is nonzero. This gets rid of
unnecessary UBSan warnings.

common.c:1087:16: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'size_t' (aka 'unsigned long')
common.c:1076:16: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'size_t' (aka 'unsigned long')
common.c:1119:16: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'size_t' (aka 'unsigned long')

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00
Jouni Malinen
a9377bc380 UBSan: Avoid memcpy(ptr, NULL, 0)
This results in an UBSan warning that can be avoided easily.

os_unix.c:524:3: runtime error: null pointer passed as argument 2, which is declared to never be null

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00
Jouni Malinen
5a23c2528a UBSan: Avoid an unsigned integer overflow warning
ext_supp_rates_len would be 0 here, so decrementing it by 2 will result
in unsigned integer overflow even if that result is not actually used
anywhere. Avoid that to get rid of the UBSan warning.

tdls.c:1597:27: runtime error: unsigned integer overflow: 0 - 2 cannot be represented in type 'unsigned long'

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00
Jouni Malinen
abde4eba45 UBSan: Pack MACsec peer id structure
This is needed to avoid an UBSan warning and since this struct is used
as part of a message construction, it needs to be packed anyway to
guarantee correct functionality.

ieee802_1x_kay.c:1021:3: runtime error: member access within misaligned address 0x0000031921e2 for type 'struct ieee802_1x_mka_peer_id', which requires 4 byte alignment

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:49 +02:00
Jouni Malinen
1b85cad29c UBSan: Use typecast to avoid unsigned integer overflow
iface->num_bss is unsigned integer, so need to explicit typecast it to
unsigned before decrementation by one even when the result is stored in
an unsigned integer.

../src/ap/hostapd.c:2185:26: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'unsigned long'

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:48:46 +02:00
Jouni Malinen
3b6b3ae581 Modify dl_list_for_each() to not use unaligned access with WPA_TRACE
UBSan testing with WPA_TRACE=y ended up hitting an unaligned access for
struct os_alloc_trace in os_program_deinit() because of the
dl_list_for_each() design that looked like dereferencing the member
element of the list head which is something that does not exist.

Get the first entry from the list using dl_list_first() so that the
empty list special case is covefred and compare item pointers instead of
struct dl_list pointers to check whether the end of the loop has been
reached.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-25 19:42:34 +02:00
Jouni Malinen
1415d4b82d Multi-AP: Avoid memcpy(ptr, NULL, 0) in WPS Registrar initialization
This can result in compiler warnings due to the unexpected NULL pointer
as a source memory even when the length of the copied data is 0.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-23 11:37:20 +02:00
Lior David
2c129a1b71 Fix cipher suite selector default value in RSNE for DMG
According to IEEE Std 802.11-2016, 9.4.2.25 when fields of an RSNE are
not included, the default values are used. The cipher suite defaults
were hardcoded to CCMP in the previous implementation, but the default
is actually different for DMG: GCMP (per 9.4.2.25.2).

It is not possible to find out from the RSNE if the network is non-DMG
or DMG, so callers of wpa_parse_wpa_ie_rsn() need to handle this case
based on context, which can be different for each caller.

In order to fix this issue, add flags to the wpa_ie_data indicating
whether pairwise/group ciphers were included in the RSNE. Callers can
check these flags and fill in the appropriate ciphers. The
wpa_parse_wpa_ie_rsn() function still initializes the ciphers to CCMP by
default so existing callers will not break. This change also fixes some
callers which need to handle the DMG network case.

Signed-off-by: Lior David <liord@codeaurora.org>
2019-02-21 12:42:24 +02:00
Jiani Liu
239794018e Add new QCA vendor attributes for coex configuration
Signed-off-by: Jiani Liu <jianil@codeaurora.org>
2019-02-21 12:24:45 +02:00
Arun Kumar Khandavalli
d939a8cb49 Add a vendor attribute for specifying ethernet protocol type
This new QCA vendor attribute adds provision to specify the
ethernet protocol id from userspace to the packets which are
offloaded to the driver/firmware (e.g., IPv4, IPv6).

Signed-off-by: Arun Kumar Khandavalli <akhandav@codeaurora.org>
2019-02-21 12:18:19 +02:00
Davina Lu
66819b07b5 hostapd: Support Multi-AP backhaul STA onboarding with WPS
The Wi-Fi Alliance Multi-AP Specification v1.0 allows onboarding of a
backhaul STA through WPS. To enable this, the WPS Registrar offers a
different set of credentials (backhaul credentials instead of fronthaul
credentials) when the Multi-AP subelement is present in the WFA vendor
extension element of the WSC M1 message.

Add new configuration options to specify the backhaul credentials for
the hostapd internal registrar: multi_ap_backhaul_ssid,
multi_ap_backhaul_wpa_psk, multi_ap_backhaul_wpa_passphrase. These are
only relevant for a fronthaul SSID, i.e., where multi_ap is set to 2 or
3. When these options are set, pass the backhaul credentials instead of
the normal credentials when the Multi-AP subelement is present.

Ignore the Multi-AP subelement if the backhaul config options are not
set. Note that for an SSID which is fronthaul and backhaul at the same
time (i.e., multi_ap == 3), this results in the correct credentials
being sent anyway.

The security to be used for the backaul BSS is fixed to WPA2PSK. The
Multi-AP Specification only allows Open and WPA2PSK networks to be
configured. Although not stated explicitly, the backhaul link is
intended to be always encrypted, hence WPA2PSK.

To build the credentials, the credential-building code is essentially
copied and simplified. Indeed, the backhaul credentials are always
WPA2PSK and never use per-device PSK. All the options set for the
fronthaul BSS WPS are simply ignored.

Signed-off-by: Davina Lu <ylu@quantenna.com>
Signed-off-by: Igor Mitsyanko <igor.mitsyanko.os@quantenna.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Marianna Carrera <marianna.carrera.so@quantenna.com>
2019-02-18 22:35:41 +02:00
Davina Lu
83ebf55865 wpa_supplicant: Support Multi-AP backhaul STA onboarding with WPS
The Wi-Fi Alliance Multi-AP Specification v1.0 allows onboarding of a
backhaul STA through WPS. To enable this, the backhaul STA needs to add
a Multi-AP IE to the WFA vendor extension element in the WSC M1 message
that indicates it supports the Multi-AP backhaul STA role. The Registrar
(if it support Multi-AP onboarding) will respond to that with a WSC M8
message that also contains the Multi-AP IE, and that contains the
credentials for the backhaul SSID (which may be different from the SSID
on which WPS is performed).

Introduce a new parameter to wpas_wps_start_pbc() and allow it to be
set via control interface's new multi_ap=1 parameter of WPS_PBC call.
multi_ap_backhaul_sta is set to 1 in the automatically created SSID.
Thus, if the AP does not support Multi-AP, association will fail and
WPS will be terminated.

Only wps_pbc is supported.

This commit adds the multi_ap argument only to the control socket
interface, not to the D-Bus interface.

Since WPS associates with the fronthaul BSS instead of the backhaul BSS,
we should not drop association if the AP announces fronthaul-only BSS.
Still, we should only do that in the specific case of WPS. Therefore,
add a check to multi_ap_process_assoc_resp() to allow association with a
fronthaul-only BSS if and only if key_mgmt contains WPS.

Signed-off-by: Davina Lu <ylu@quantenna.com>
Signed-off-by: Igor Mitsyanko <igor.mitsyanko.os@quantenna.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Cc: Marianna Carrera <marianna.carrera.so@quantenna.com>
2019-02-18 22:35:41 +02:00
Arnout Vandecappelle (Essensium/Mind)
56a2d788f9 WPS: Add multi_ap_subelem to wps_build_wfa_ext()
The Multi-AP specification adds a new subelement to the WFA extension
element in the WPS exchange. Add an additional parameter to
wps_build_wfa_ext() to add this subelement. The subelement is only added
if the parameter is nonzero. Note that we don't reuse the existing
MULTI_AP_SUB_ELEM_TYPE definition here, but rather define a new
WFA_ELEM_MULTI_AP, to make sure the enum of WFA subelement types for WPS
vendor extension remains complete.

For now, all callers set the multi_ap_subelem parameter to 0.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-02-18 20:30:26 +02:00
Arnout Vandecappelle (Essensium/Mind)
bfcdac1c8b Multi-AP: Don't reject backhaul STA on fronthaul BSS
The Multi-AP specification only specifies that information elements have
to be added to the Association Request and Association Response frame;
it doesn't specify anything about what should be done in case they are
missing. Previously, we rejected non-backhaul associations on a
backhaul-only BSS, and non-fronthaul associations on a fronthaul-only
BSS.

However, this makes WPS fail when fronthaul and backhaul are separate
SSIDs. Indeed, WPS for the backhaul link is performed on the *fronthaul*
SSID. Thus, the Association Request frmae used for WPS *will* contain
the Multi-AP IE indicating a backhaul STA. Rejecting that association
makes WPS fail.

Therefore, accept a multi-AP backhaul STA Association Request frame on a
fronthaul-only BSS. Still issue a warning about it, but only at level
DEBUG intead of INFO. Also change the condition checking to make it
clearer.

While we're at it, also fix the handling of unexpected bits in the
Multi-AP IE. 4 bits are reserved in the specification, so these
certainly have to be ignored. The specification also doesn't say that
setting one of the other bits is not allowed. Therefore, only report
unexpected values in the Multi-AP IE, don't reject because of it. Note
that a malformed IE (containing more than one byte) still triggers a
rejection.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-02-18 20:21:01 +02:00
Jouni Malinen
2fae58fdc1 Fix wpa_psk_file parser error case handling
str_token() can return NULL for the name if the remaining token contains
only the delimiter. Fix this to avoid NULL pointer dereference with a
corner case of an invalid value used in the configuration.

Fixes: ec5c39a557 ("AP: Allow identifying which passphrase station used with wpa_psk_file")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-18 18:41:32 +02:00
Jouni Malinen
b0e91e3877 SAE: VLAN assignment based on SAE Password Identifier
The new sae_password parameter [|vlanid=<VLAN ID>] can now be used to
assign stations to a specific VLAN based on which SAE Password
Identifier they use. This is similar to the WPA2-Enterprise case where
the RADIUS server can assign stations to different VLANs and the
WPA2-Personal case where vlanid parameter in wpa_psk_file is used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-17 17:24:23 +02:00
Jouni Malinen
947b5a1532 P2P: Stop listen state if Action frame TX is needed on another channel
This speeds up P2P responses to frames received on an operating channel
in case there is an ongoing P2P listen operation on another channel.
This is applicable to drivers that support multiple channels in
concurrently.

This addresses an issue showing up in the
p2ps_channel_active_go_and_station_different_mcc test case where the
Provision Discovery Request frame can be received on the operating
channel of a group instead of the Listen channel. The response was
delayed until the listen operation timed out and this took too long time
for the peer to receive the response.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-17 16:53:03 +02:00
Jouni Malinen
b3e8ca65a6 P2P: Fix a typo in a debug message
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-17 16:24:34 +02:00
Qun Zhang
31ee2992c7 Add QCA vendor subcmd/attribute to check wlan firmware state
Allow user space applications to check whether wlan firmware is alive
through an nl80211 vendor command.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-15 02:09:41 +02:00
Jouni Malinen
ccaf774767 Add HE Capabilities into ieee802_11_parse_elems()
This is needed to determine whether an association negotiated use of HE.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-15 02:09:41 +02:00
Jouni Malinen
5d68c0acd2 nl80211: (Re)Association Request frame IEs from association event
Process NL80211_ATTR_REQ_IE from the NL80211_CMD_ASSOCIATE event to
allow request IEs to be made available for the SME-in-wpa_supplicant
case similarly to how this is done with SME-in-driver with
NL80211_CMD_CONNECT.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-15 02:09:41 +02:00
Jouni Malinen
dbfa691df4 VLAN assignment based on used WPA/WPA2 passphrase/PSK
Extend wpa_psk_file to allow an optional VLAN ID to be specified with
"vlanid=<VLAN ID>" prefix on the line. If VLAN ID is specified and the
particular wpa_psk_file entry is used for a station, that station is
bound to the specified VLAN. This can be used to operate a single
WPA2-Personal BSS with multiple VLANs based on the used passphrase/PSK.
This is similar to the WPA2-Enterprise case where the RADIUS server can
assign stations to different VLANs.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-14 13:36:54 +02:00
Jouni Malinen
f3a841bbff Do not disassociate not-associated STA on timeout
If the ap_handle_timer() timeout is reached for a not-associated STA, do
not default to disassociating that STA first since Disassociation frame
is not really appropriate to send to a STA that is not in associated
state. Instead, skip directly to deauthentication and STA entry removal.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-11 17:42:53 +02:00
Jouni Malinen
91205c8eb4 OpenSSL: Fix uninitialized variable in CRL reloading corner case
The flags variable needs to be initialized to 0 if check_crl is 0 in
the updated configuration.

Fixes: 159a7fbdea ("crl_reload_interval: Add CRL reloading support")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 14:02:17 +02:00
Jouni Malinen
092a19222b Use for_each_element() in ieee802_11_parse_elems()
Use the new iteration macro to simplify the impelmentation and make it
more consistent with other IE parsers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 13:51:11 +02:00
Johannes Berg
b50a638965 common: Use for_each_element_id/_extid for get_ie/get_ie_ext/get_vendor_ie
Simplifications based on the new iteration macros.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-11 13:37:22 +02:00
Johannes Berg
b644797429 common: Use for_each_element_id() in mb_ies_info_by_ies()
The change is bigger because here we need to catch the error
condition if the last element doesn't fit.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-11 13:37:22 +02:00
Johannes Berg
9008048f0f common: Use for_each_element_id() in ieee802_11_vendor_ie_concat()
Simple cleanup using the new iteration helper macro.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-11 13:37:22 +02:00
Johannes Berg
eb84238df6 common: Use for_each_element() in ieee802_11_ie_count()
Simple cleanup using the new macros.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-11 13:37:22 +02:00
Johannes Berg
0e0c31bdc5 common: Add strongly typed element iteration macros
Rather than always iterating elements from frames with pure
u8 pointers, add a type "struct element" that encapsulates
the id/datalen/data format of them.

Then, add the element iteration macros
 * for_each_element
 * for_each_element_id
 * for_each_element_extid

which take, as their first 'argument', such a structure and
iterate through a given u8 array interpreting it as elements.

While at it also add
 * for_each_subelement
 * for_each_subelement_id
 * for_each_subelement_extid

which instead of taking data/length just take an outer element
and use its data/datalen.

Also add for_each_element_completed() to determine if any of
the loops above completed, i.e., it was able to parse all of
the elements successfully and no data remained.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2019-02-11 13:37:22 +02:00
Jouni Malinen
525923b1d7 tests: EAPOL-Key fuzzing tool
Add test-eapol program that can be used for fuzzing the EAPOL-Key
Supplicant and Authenticator implementations. This tool can write
Supplicant or Authenticator messages into a file as an initialization
step and for the fuzzing step, that file (with potential modifications)
can be used to replace the internally generated message contents.

The TEST_FUZZ=y build parameter is used to make a special build where a
hardcoded random number generator and hardcoded timestamp are used to
force deterministic behavior for the EAPOL-Key operations. This will
also make the implementation ignore Key MIC and AES keywrap errors to
allow processing of modified messages to continue further.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
02a0a23939 RSN: Do not start preauthentication timer without candidates
There is no need to schedule the postponed RSN preauthentication start
if there are no candidates. Avoid wasting eloop resources for this.

This is most useful for fuzz testing of the 4-way handshake
implementation to avoid getting stuck waiting for this unnecessary one
second time when using eloop to coordinate the Authenticator and
Supplicant state machines.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
1e5506588d JSON: Fix string parsing when \\ escape is at the end of buffer
This would have resulted in reading one octet past the end of the buffer
before rejecting the string.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
0dedcb3154 JSON: Fix parsing of a number from the end of the buffer
Avoid reading one octet past the end of the buffer when parsing a number
that is at the very end of the buffer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
79fa1b4530 tests: JSON parser fuzzer
test-json can be used for fuzz testing the JSON parser implementation in
src/utils/json.c.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
62269c8d8d TLS: Fix X.509 certificate name conversion into empty string
If none of the supported name attributes are present, the name string
was nul terminated only at the end. Add an explicit nul termination at
the end of the last written (or beginning of the buffer, if nothing is
written) to avoid writing uninitialized data to debug log.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
3eae9766b7 TLS: Fix ASN.1 parsing with no room for the header
Explicitly check the remaining buffer length before trying to read the
ASN.1 header values. Attempt to parse an ASN.1 header when there was not
enough buffer room for it would have started by reading one or two
octets beyond the end of the buffer before reporting invalid data at the
following explicit check for buffer room.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
fbc2123a14 TLS: Fix AlertDescription for missing partial processing case
tlsv1_record_receive() did not return error here and as such, &alert was
not set and must not be used. Report internal error instead to avoid use
of uninitialized memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
1ac9c020b5 tests: TLS fuzzing tool
Add test-tls program that can be used for fuzzing the internal TLS
client and server implementations. This tool can write client or server
messages into a file as an initialization step and for the fuzzing step,
that file (with potential modifications) can be used to replace the
internally generated message contents.

The TEST_FUZZ=y build parameter is used to make a special build where a
hardcoded random number generator and hardcoded timestamp are used to
force deterministic behavior for the TLS operations.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-11 02:35:29 +02:00
Jouni Malinen
f3cca8b1ea TLS server: Check credentials have been configured before using them
Allow ServerHello to be built without local credential configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Jouni Malinen
19dd7a736e TLS server: Local failure information on verify_data mismatch
Mark connection state FAILED in this case even though TLS Alert is not
sent.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Jouni Malinen
f08ab18bf9 TLS server: Add internal callbacks get_failed, get_*_alerts
These can be used to implement cleaner termination of the handshake in
case of failures.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Jouni Malinen
b642ab4062 TLS server: More complete logging of ClientHello decode errors
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Jouni Malinen
fdd8a2f0b8 TLS client: Fix peer certificate event checking for probing
conn->cred might be NULL here, so check for that explicitly before
checking whether conn->cred->cert_probe is set. This fixes a potential
NULL pointer dereference when going through peer certificates with
event_cb functionality enabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Jouni Malinen
e5bffe1aa9 OpenSSL: Add more handshake message names to debug
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Jouni Malinen
21cd8f8319 nl80211: Use wpa_ssid_txt() for debug messages more consistently
Print the SSID with printf escaping instead of wpa_hexdump_ascii()
format to clean up the debug log a bit. This was already done for number
of SSID debug prints.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-10 01:43:50 +02:00
Purushottam Kushwaha
f2a6ac63ee P2P: Update find_start timer only when p2p_scan is started.
p2p->find_start timer was updated on each p2p_find call irrespective of
p2p_find being successful/failed/rejected. For cases where p2p_find was
in progress/pending, another call to p2p_find would be rejected but
p2p->find_start timer would still be updated.

p2p->find_start is maintained in wpa_supplicant to reject the kernel
scan entries before the p2p->find_start time. In above scenario, some of
the scan entries could be discarded even if the Probe Respons frame(s)
were received during the last scan/p2p_find.

This commit changes this to update the p2p->find_start timer only when
call to p2p_find is successful, i.e., a new scan is actually started.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-07 11:56:35 +02:00
Jouni Malinen
c4e90da6d0 MBO: Move the WNM-Notification subtype definitions to common location
Do not use a separate enum for MBO WNM-Notification Request frame
subtype values since these share the same number space with the Hotspot
2.0 ones.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-06 19:10:17 +02:00
Jouni Malinen
105b14f54b HS 2.0: Update the T&C Acceptance subtype value
The previously used value 2 was already assigned for another purpose
(MBO non-preferred channel report), so the newer T&C Acceptable
definition needs to be updated with a unique value.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-06 19:10:17 +02:00
Jouni Malinen
6110753b18 nl80211: Clear PMKID add command message buffer
This command has now been extended to include PMK for offload needs, so
the message buffer needs to be cleared explicitly after use to avoid
leaving such material in heap memory unnecessarily.

Fixes: 061a3d3d53 ("nl80211: Add support for FILS Cache Identifier in add/remove_pmkid()")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-05 23:34:30 +02:00
Jouni Malinen
0fa33e05b4 nl80211: Clear connect command message buffer
This command can include keys (WEP or PSK for offload), so the message
buffer needs to be cleared explicitly after use to avoid leaving such
material in heap memory unnecessarily.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-05 23:34:30 +02:00
Jouni Malinen
b14e8ea1d2 nl80211: Request kernel to trim off payload of netlink requests from acks
We do not need such payload in the acknowledgment, so adding it uses
resources unnecessarily. Furthermore, the original request can include
key material (e.g., NL80211_ATTR_PMK). libnl does not explicitly clear
this received message buffer and it would be inconvenient for
wpa_supplicant/hostapd to try to clear it with the current libnl design
where a duplicated buffer is actually passed to the callback. This means
that keys might be left unnecessarily in heap memory. Avoid this by
requesting the kernel not to copy back the request payload.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-05 23:34:30 +02:00
Jouni Malinen
789b48bb48 EAP peer: Clear temporary message buffers before freeing
These buffers in TLS-based EAP methods might contain keys or password
(e.g., when using TTLS-PAP or PEAP-GTC), so clear them explicitly to
avoid leaving such material into heap memory unnecessarily.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-02-05 23:34:30 +02:00
Jouni Malinen
d05dda61d8 PEAP: Explicitly clear temporary keys from memory when using CMK
The case of PEAPv0 with crypto binding did not clear some of the
temporary keys from stack/heap when those keys were not needed anymore.
Clear those explicitly to avoid unnecessary caching of keying material.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-02 00:01:29 +02:00
Jouni Malinen
4e1cd3468e EAP-PEAP: Derive EMSK and use 128-octet derivation for MSK
Derive EMSK when using EAP-PEAP to enable ERP. In addition, change the
MSK derivation for EAP-PEAP to always derive 128 octets of key material
instead of the 64 octets to cover just the MSK. This is needed with the
PRF used in TLS 1.3 since the output length is mixed into the PRF
context.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-01 23:52:28 +02:00
Purushottam Kushwaha
59fa205388 P2P: Allow the avoid channels for P2P discovery/negotiation
The avoid channels are notified through
QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY allow minimal traffic, so
enhance the P2P behavior accordingly by considering these avoid
frequencies for P2P discovery/negotiation as long as they are not in
disallowed frequencies list.

Additionally, do not return failure when none of social channels are
available as operation channel, rather, mark the op_channel/op_reg_class
to 0 as this would anyway get selected during the group formation in
p2p_prepare_channel.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-30 12:15:19 +02:00
Jouni Malinen
e34cd9f06e WNM: Fix WNM-Sleep Mode Request bounds checking
ieee802_11_rx_wnmsleep_req() might have been called for a short frame
that has no more payload after the Public Action field, i.e., with len
== 0. The bounds checking for the payload length was done only for the
information elements while the one octet Dialog Token field was read
unconditionally. In the original implementation, this could have
resulted in reading one octet beyond the end of the received frame data.

This case has not been reachable after the commit e0785ebbbd ("Use
more consistent Action frame RX handling in both AP mode paths"), but it
is better to address the specific issue in ieee802_11_rx_wnmsleep_req()
as well for additional protection against accidential removal of the
check and also to have something that can be merged into an older
version (pre-v2.7) if desired. The comments below apply for such older
versions where the case could have been reachable.

Depending on driver interface specific mechanism used for fetching the
frame, this could result in reading one octet beyond the end of a
stack/hash buffer or reading an uninitialized octet from within a
buffer. The actual value that was read as the Dialog Token field is not
used since the function returns immediately after having read this value
when there is no information elements following the field.

This issue was initially added in commit d32d94dbf4 ("WNM: Add
WNM-Sleep Mode implementation for AP") (with CONFIG_IEEE80211V=y build
option) and it remained in place during number of cleanup and fix
changes in this area and renaming of the build parameter to
CONFIG_WNM=y. The impacted function was not included in any default
build without one of the these optional build options being explicitly
enabled. CONFIG_WNM=y is still documented as "experimental and not
complete implementation" in hostapd/defconfig. In addition, commit
114f2830d2 ("WNM: Ignore WNM-Sleep Mode Request in wnm_sleep_mode=0
case") made this function exit before the impact read if WNM-Sleep Mode
support was not explicitly enabled in runtime configuration
(wnm_sleep_mode=1 in hostapd.conf). Commit e0785ebbbd ("Use more
consistent Action frame RX handling in both AP mode paths") made this
code unreachable in practice.

Add an explicit check that the frame has enough payload before reading
the Dialog Token field in ieee802_11_rx_wnmsleep_req().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-28 14:58:17 +02:00
Jared Bents
159a7fbdea crl_reload_interval: Add CRL reloading support
This patch adds a new flag 'crl_reload_interval' to reload CRL
periodically. This can be used to reload ca_cert file and the included
CRL information on every new TLS session if difference between the last
reload and the current time in seconds is greater than
crl_reload_interval.

This reloading is used for cases where check_crl is 1 or 2 and the CRL
is included in the ca_file.

Signed-off-by: Paresh Chaudhary <paresh.chaudhary@rockwellcollins.com>
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
2019-01-27 18:45:07 +02:00
Michal Kazior
ec5c39a557 AP: Allow identifying which passphrase station used with wpa_psk_file
It is now possible to optionally specify keyid for
each wpa_psk_file entry:

 keyid=something 00:00:00:00:00:00 secretpassphrase

When station connects and the passphrase it used
has an associated keyid it will be appended to the
AP-STA-CONNECTED event string:

 wlan0: AP-STA-CONNECTED 00:36:76:21:dc:7b keyid=something

It's also possible to retrieve it through the control interface:

 $ hostapd_cli all_sta
 Selected interface 'ap0'
 00:36:76:21:dc:7b
 ...
 keyid=something

New hostapd is able to read old wpa_psk_file. However, old hostapd will
not be able to read the new wpa_psk_file if it includes keyids.

Signed-off-by: Michal Kazior <michal@plume.com>
2019-01-26 17:52:04 +02:00
Michal Kazior
b08c9ad0c7 AP: Expose PMK outside of wpa_auth module
This doesn't change any behavior on its own. It's going to be used to
expose per-station keyids and allow reloading passphrases in runtime.

Signed-off-by: Michal Kazior <michal@plume.com>
2019-01-26 17:52:04 +02:00
Jouni Malinen
42d308635f SAE: Advertise Password Identifier use
Support the new Extended Capabilities field bits 81 and 82 to indicate
whether SAe Password Identifiers are in use.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-24 00:20:49 +02:00
stonez
fff8da8ace Add a vendor attribution to transfer EVM information
This new QCA vendor attribute indicates the EVM value in netlink.

Signed-off-by: stonez <stonez@codeaurora.org>

:100644 100644 ad5dac2... ede4fc8... M	src/common/qca-vendor.h
2019-01-21 12:28:05 +02:00
Stefan Strogin
67d35396cb Fix build with LibreSSL
When using LibreSSL build fails with:

../src/crypto/tls_openssl.o: in function `tls_connection_client_cert':
../src/crypto/tls_openssl.c:2817: undefined reference to `SSL_use_certificate_chain_file'
collect2: error: ld returned 1 exit status
make: *** [Makefile:1901: wpa_supplicant] Error 1

There is no such function in LibreSSL.

Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com>
2019-01-12 15:26:07 +02:00
Peng Xu
5a3319ab1b P2P: Add 802.11ax support for P2P GO
An optional parameter "he" is added to p2p_connect, p2p_group_add, and
p2p_invite to enable 11ax HE support. The new p2p_go_he=1 configuration
parameter can be used to request this to be enabled by default.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-12 13:09:39 +02:00
Sunil Dutt
9da1641a4c Clarify documentation of avoid channels expectations
The vendor command QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY was defined
to carry the list of avoid frequencies that aim to avoid any
interference with other coexistencies. This recommendation was followed
strictly by trying to prevent WLAN traffic on the impacted channels.

This commit refines the expectation of the interface by defining this
avoid channel list to allow minimal traffic but not heavier one. For
example, P2P may still be able to use avoid list frequencies for P2P
discovery and GO negotiation if the actual group can be set up on a not
impact channel.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-12 12:39:36 +02:00
Siva Mullati
11ce7a1bc3 HE: Add MU EDCA Parameter Set element (AP)
Add support for configuring parameters for the MU EDCA Parameter Set
element per IEEE P802.11ax/D3.0.

Signed-off-by: Siva Mullati <siva.mullati@intel.com>
2019-01-08 17:22:43 +02:00
Jouni Malinen
6bcbda4082 drivers: Set CONFIG_LIBNL32=y automatically based on pkg-config
If the libnl version is not specified explicitly with CONFIG_LIBNL*, try
to check for the most likely case today with pkg-config.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-08 13:31:55 +02:00
Andrey Kartashev
41b747522e drivers: Move libnl related build flags to separate ifdef block
Fix compilation issue if we want to build wpa_supplicant without any
wireless connectivity but only with MACSec support via Linux kernel
driver.

Signed-off-by: Andrey Kartashev <a.s.kartashev@gmail.com>
2019-01-08 13:24:22 +02:00
Mike Siedzik
a07b8a70b5 mka: New MI should only be generated when peer's key is invalid
Two recent changes to MKA create a situation where a new MI is generated
every time a SAK Use parameter set is decoded.  The first change moved
invalid key detection from ieee802_1x_decode_basic_body() to
ieee802_1x_kay_decode_mpkdu():

  commit db9ca18bbf ("mka: Do not ignore MKPDU parameter set decoding failures")

The second change forces the KaY to generate a new MI when an invalid
key is detected:

  commit a8aeaf41df ("mka: Change MI if key invalid")

The fix is to move generation of a new MI from the old invalid key
detection location to the new location.

Fixes: a8aeaf41df ("mka: Change MI if key invalid")
Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2019-01-08 01:12:02 +02:00
Arend van Spriel
d896874f86 nl80211: Indicate 802.1X 4-way handshake offload in connect
Upon issuing a connect request we need to indicate that we want the
driver to offload the 802.1X 4-way handshake for us. Indicate it if
the driver capability supports the offload.

Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com>
2019-01-08 01:12:02 +02:00
Arend van Spriel
436ee2fd93 drivers: Add separate driver flags for 802.1X and PSK 4-way HS offloads
Allow drivers to indicate support for offloading 4-way handshake for
either IEEE 802.1X (WPA2-Enterprise; EAP) and/or WPA/WPA2-PSK
(WPA2-Personal) by splitting the WPA_DRIVER_FLAGS_4WAY_HANDSHAKE flag
into two separate flags.

Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com>
2019-01-08 01:12:02 +02:00
Zefir Kurtisi
10de40c0c8 DFS: Restart pending CAC on interface enable
When an interface is re-enabled after it was disabled during CAC, it
won't ever get active since hostapd is waiting for a CAC_FINISHED while
kernel side is waiting for a CMD_RADAR_DETECT to start a CAC.

This commit checks for a pending CAC when an interface is enabled and if
so restarts its DFS processing.

Signed-off-by: Zefir Kurtisi <zefir.kurtisi@neratec.com>
2019-01-08 01:11:56 +02:00
Bo Chen
27ebadccfb RADIUS client: Cease endless retry for message for multiple servers
In the previous RADIUS client implementation, when there are multiple
RADIUS servers, we kept trying the next server when the current message
can not be acked. It leads to endless retry when all the RADIUS servers
are down.

Fix this by keeping a counter for the accumulated retransmit attempts
for the message, and guarantee that after all the servers failover
RADIUS_CLIENT_MAX_FAILOVER times the message will be dropped.

Another issue with the previous code was that the decision regarding
whether the server should fail over was made immediately after we send
out the message. This patch guarantees we consider whether a server
needs failover after pending ack times out.

Signed-off-by: Bo Chen<bochen@meraki.com>
2019-01-07 23:38:18 +02:00
Kiran Kumar Lokere
166ab0b780 QCA vendor commands to configure HE +HTC capability and OM control Tx
Define QCA vendor command attributes to configure HE +HTC support and
HE operating mode control transmission. This is used to configure the
testbed device.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-07 22:55:20 +02:00
Jouni Malinen
89d79150ac Avoid forward references to enum types in ieee802_11_common.h
These are not allowed in ISO C++ (and well, not really in ISO C either,
but that does not result in compiler warning without pedantic
compilation).

Since ieee802_11_common.h may end up getting pulled into C++ code for
some external interfaces, it is more convenient to keep it free of these
cases. Pull in ieee802_11_defs.h to get enum phy_type defined and move
enum chan_width to common/defs.h (which was already pulled in into
src/drivers/driver.h and src/common/ieee802_11_common.h).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-07 17:26:40 +02:00
Janusz Dziedzic
bb35e2d214 hostapd: Work around an interop connection issue in FT-PSK + WPA-PSK
While the AP is configured to enable both FT-PSK and WPA-PSK, an HP
printer request both AKMs (copied from AP?) in Association Request
frame, but don't add MDIE and don't use FT. This results in the
connection failing.

Next in logs we see:

RSN: Trying to use FT, but MDIE not included
IE - hexdump(len=26): 30 18 01 00 00 0f ac 04 01 00 00 0f ac 04
                      02 00 00 0f ac 02 00 0f ac 04 00 00

This is seen with some HP and Epson printers. Work around this by
stripping FT AKM(s) when MDE is not present and there is still a non-FT
AKM available.

Signed-off-by: Janusz Dziedzic <janusz@plumewifi.com>
2019-01-06 21:10:08 +02:00