Commit graph

10496 commits

Author SHA1 Message Date
Jouni Malinen
4db29e6a8a TLS: Add support for PKCS #5 v2.0 PBES2
This extends the internal TLS support for PKCS #5 v2.0 PBES2 private key
format with des-ede3-cbc encryption and PBKDF2 SHA-1.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-12-05 20:23:12 +02:00
Jouni Malinen
b134397b11 tests: P2P persistent group formation, re-invocation, and cancel
Verify that P2P_CANCEL gets rejected on fully re-invoked persistent
group. This did not work properly before the last couple of commits and
before this week, the P2P_CANCEL on a separate group interface in P2p
Client role could result in use of freed memory and process termination.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-04 23:15:11 +02:00
Jouni Malinen
bf3214b593 P2P: Fix re-invoked client interface completion on data connection
This was already working for the case where a separate group interface
is used due to the recent commit
328f49acfe ('P2P: Complete group formation
on client data connection'). However, the case of no separate group
interface was used did not clear the interface state properly on data
connection. Fix this by setting the group formation information in
wpas_start_p2p_client().

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-04 23:11:10 +02:00
Jouni Malinen
63502c64e1 P2P: Fix P2P_CANCEL for p2p_in_invitation case
Commit f05cee9714 ('P2P: Clear
p2p_in_invitation on cancel') added a wpas_p2p_cancel() case to call
wpas_p2p_group_formation_failed() if wpa_s->p2p_in_invitation is set.
This is done in a loop going through wpa_s->next pointers. However, the
call here can result in removing the interface and freeing wpa_s. The
following attempt to read wpa_s->next is from freed memory and that can
result in process termination when using a separate P2P group interface
and issuing P2P_CANCEL on a group that was started through re-invocation
of a persistent group.

The recent commit 328f49acfe ('P2P:
Complete group formation on client data connection') "fixed" this by
accident since wpa_s->p2p_in_invitation gets cleared in the sequence
that could hit this issue and this results in P2P_CANCEL getting
rejected. However, the real bug here is in the loop that continues after
possible wpa_s instance deletion. Fix that by breaking out of the loop.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-04 22:49:59 +02:00
Jouni Malinen
f98b0e5806 tests: Make tests using multi_check() more robust
It was possible for a cached scan entry in cfg80211 from an earlier test
case to show up while verifying that the disabled AP does not show up in
scan results. This could result in invalid test failures, e.g., when
running test cases "ap_require_ht ap_multi_bss_config" multiple times
(depends a bit on timing). Make this less likely to occur by explicitly
clearing the scan cache and by stopping wlan1 from trying to associate
before stopping ap_required_ht* test cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-04 21:03:43 +02:00
Jouni Malinen
e007d538cd EST: Comment out X509_REQ_print calls on Android with BoringSSL
These were restored into BoringSSL in June 2015, but not all Android
branches include those changes. To fix the build, comment these call out
on Android for now if hs20-osu-client is built against BoringSSL. These
are used only for debugging purposes, so this is fine for Hotspot 2.0
functionality.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-04 20:08:31 +02:00
Jouni Malinen
e6f4832737 EST: Add CSR generation support with BoringSSL
This completes EST support with hs20-osu-client when built with
BoringSSL instead of OpenSSL.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-04 20:08:31 +02:00
Jouni Malinen
ed2566ac9b EST: Implement pkcs7_to_cert() with BoringSSL
This adds one more step in completing hs20-osu-client support when using
BoringSSL instead of OpenSSL. EST client can now parse the cacerts file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-04 20:08:31 +02:00
Jouni Malinen
8d27efa814 HTTP (curl): OCSP with BoringSSL
This adds experimental support for using OCSP with libcurl that is built
against BoringSSL. This needs small modifications to libcurl to allow
CURLOPT_SSL_VERIFYSTATUS to be used to call
SSL_enable_ocsp_stapling(connssl->handle) in ossl_connect_step1().

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-04 20:08:31 +02:00
Jouni Malinen
213e158ca8 BoringSSL: Move OCSP implementation into a separate file
This makes it easier to share the OCSP implementation needed for
BoringSSL outside tls_openssl.c. For now, this is mainly for
http_curl.c.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-04 20:08:31 +02:00
Jouni Malinen
f846211e3e BoringSSL: Support new SHA_CTX definition for EAP-SIM PRF
BoringSSL modified the struct sha_state_st (SHA_CTX) definition by
converting h0..h4 with h[5] array. This broke wpa_supplicant/hostapd
build with EAP-SIM enabled. BoringSSL restored the old version for
ANDROID builds, but only the new version is currently defined for
non-Android cases. For now, fix this by having matching selection in
fips_prf_openssl.c based on OPENSSL_IS_BORINGSSL and ANDROID defines.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-04 11:30:36 +02:00
Jouni Malinen
b34c623c07 OpenSSL: Fix build with current OpenSSL master branch snapshot
OpenSSL 1.1.x will apparently go out with "SSLeay" renamed in the API to
"OpenSSL", which broke the build here for fetching the version of the
running OpenSSL library when wpa_supplicant/hostapd is built against the
current OpenSSL snapshot.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-12-03 23:53:35 +02:00
Jouni Malinen
d887ed3f95 tests: Fix ap_wps_er_multi_add_enrollee cleanup steps
Only one of the ERs was stopped at the end of the test case and this
could result in the following test case failing, e.g., when executing
this test case sequence: ap_wps_er_multi_add_enrollee ap_wps_upnp.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-02 18:19:39 +02:00
Jouni Malinen
2c68ae2b21 tests: Remove forgotten print from gas_anqp_oom_hapd
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-02 13:32:59 +02:00
Jouni Malinen
be4a0d0d5a tests: Make autogo_join_auto_go_neg more robust
It was possible for this test case to fail if the single attempt of
discovering the peer as part of the scan for join failed. This test case
was useful in combination with another test case:
ap_hs20_fetch_osu autogo_join_auto_go_neg

However, there is now an explicit test case (discovery_after_gas) for
this, so autogo_join_auto_go_neg can be made more robust without losing
testing coverage.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-02 12:37:12 +02:00
Jouni Malinen
3bba9c71c5 tests: P2P device discovery after fragmented GAS/ANQP exchange
This verifies cfg80211/mac80211 offchannel TX cancellation steps.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-02 12:37:12 +02:00
Jouni Malinen
759a8a3a99 nl80211: Cancel all pending TX frame cookies
These needs to be cancelled so that the kernel driver does not get left
with all old entries blocking other offchannel operations.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-12-02 12:37:10 +02:00
Jouni Malinen
850e054c0f tests: EAP-EKE local error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-12-01 01:09:28 +02:00
Jouni Malinen
9ea91cd67c EAP-EKE peer: Fix memory leak on error path
If DHComponent_P derivation fails (local crypto operation failure), the
message buffer was not freed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-12-01 00:20:25 +02:00
Jouni Malinen
34b164dd25 tests: Fix p2p_go_move_scm_peer_does_not_support to clear avoid freqs
The P2P channel list on dev[1] at the end of
p2p_go_move_scm_peer_does_not_support was empty because all of the 2.4
GHz band got disabled by the simulated avoid frequencies driver event.
That channel list needs to be cleared prior to resetting regulatory
domain back to world roaming to get the P2P channel list updated
properly for the following test cases.

This was triggered by the following test case sequence:
p2p_go_move_scm_peer_does_not_support persistent_group_and_role_change

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-11-30 22:06:54 +02:00
Jouni Malinen
53b2100a3f tests: P2P group formation timeout with cfg80211 P2P Device
Verify that both the GO and P2P Client processing of P2P group formation
timeout removes the correct group.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-11-30 21:38:23 +02:00
Jouni Malinen
328f49acfe P2P: Complete group formation on client data connection
This was already the case in the GO role where the first client
connection is waited before marking
wpa_s->p2p_go_group_formation_completed = 1 and clearing
wpa_s->global->p2p_group_formation. However, in the P2P Client role,
that was done already at the completion of the WPS exchange. This can be
problematic since group formation timeout may still try to clear the
group and with wpa_s->global->p2p_group_formation == NULL, the correct
group interface may not be found.

Fix this by postponing clearing of wpa_s->global->p2p_group_formation on
the P2P Client side until the data connection has been completed and
group is declared started.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-11-30 21:35:16 +02:00
Jouni Malinen
5549bead85 Revert "tests: Dynamic hwsim p2ps_channel_active_go_and_station_different_mcc"
This reverts commit 78fdab307e. This test
case needs MCC support on two stations, so the earlier attempt to handle
this with one dynamic interface is not sufficient.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-30 19:58:07 +02:00
Jouni Malinen
45e8a45bb5 tests: Show vm-run.sh command line for re-running failure sequences
Now that vm-run.sh supports a long list of test cases without crashing
the VM kernel, there is no need to use the "parallel-vm.py -1 1 <tests>"
workaround. Print the re-run example commands with vm-run.sh instead. In
addition, add the --long argument if it was specified for the test run
to avoid skipping test cases in the re-run case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-11-30 19:42:56 +02:00
Jouni Malinen
6a5f578cac tests: Force concurrent exchange in ap_wps_er_multi_add_enrollee
This makes it more likely for the two ERs to go through WPS UPnP
exchange in parallel. This was already happening every now and then and
resulted in failures. However, now that there is support for multiple
concurrent exchanges, it is useful to have this test case hit that
possibility more frequently.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-11-30 16:58:47 +02:00
Jouni Malinen
0e559dc5ad WPS: Support parallel UPnP WPS protocol runs
This allows multiple external registrars to execute a WPS protocol run
with a WPS AP over UPnP. Previously, hostapd supported only a single WPS
peer entry at a time and if multiple ERs tried to go through a WPS
protocol instance concurrently, only one such exchange could succeed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-11-30 16:57:11 +02:00
Jouni Malinen
c00f19061c tests: wpa_supplicant sched_scan_plans parsing
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-11-30 14:03:29 +02:00
Jouni Malinen
bea48f7784 Allow sched_scan_plans to be updated at runtime
This allows the control interface SET command to be used to update the
sched_scan_plans parameter at runtime. In addition, an empty string can
be used to clear the previously configured plan.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-11-30 14:03:28 +02:00
Johannes Berg
23fcfd6004 tests: Allow passing more arguments to vm-run.sh
The script is currently limited by the maximum kernel command line
length and if that's exceeded the kernel panics at boot. Fix this by
writing the arguments to a file and reading it in the VM.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2015-11-30 14:03:28 +02:00
Avraham Stern
32c02261dd Add support for configuring scheduled scan plans
Add the option to configure scheduled scan plans in the config file.
Each scan plan specifies the interval between scans and the number
of scan iterations. The last plan will run infinitely and thus
specifies only the interval between scan iterations.

usage:
sched_scan_plans=<interval:iterations> <interval2:iterations2> ... <interval>

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-11-30 14:03:28 +02:00
Avraham Stern
09ea4309b6 nl80211: Add support for multiple scan plans for scheduled scan
Add 'scan plans' to driver scan parameters for scheduled scan.
Each 'scan plan' specifies the number of iterations to run the scan
request and the interval between iterations. When a scan plan
finishes (i.e., it was run for the specified number of iterations),
the next scan plan is executed. The last scan plan will run
infinitely.

The maximum number of supported scan plans, the maximum number of
iterations for a single scan plan and the maximum scan interval
are advertised by the driver.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-11-30 14:03:28 +02:00
Jouni Malinen
f0154bf434 tests: Extend scan_dfs to cover US-disallowed channels 12 and 13
Verify that active scanning is not used in US regulatory domain on 2.4
GHz channels 12 and 13.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-11-30 14:03:23 +02:00
Jouni Malinen
dd895e9964 P2P: Make p2p_go_configured() more robust against unexpected calls
A hwsim test sequence was able to hit a SIGSEGV in
p2p_go_save_group_common_freqs() called by p2p_go_configured() callback
in a case where a non-P2P AP mode operation is started in wpa_supplicant
(wpas_ap_wep test case). This callback should not have happened for
non-P2P case and the debug logs did not make it clear how this could
happen. In addition, it is unclear how this could be reproduced.

To avoid this type of issues, clear the wpa_s->ap_configured_cb pointer
as soon as the first call to the function happens. In addition, verify
that wpa_s->go_params is available before processing the GO configured
callback.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-30 01:25:24 +02:00
Jouni Malinen
d6ba709aa3 tests: EAP-TLS with SHA512/SHA384 signature
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-30 00:39:38 +02:00
Jouni Malinen
cc71035f6c tests: ap_wpa2_eap_fast_prf_oom with internal TLS implementation
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 23:57:39 +02:00
Jouni Malinen
88119880e0 TLS client: Fix session_resumed status after TLS session ticket use
conn->session_resumed was not set to 1 after successful use of a TLS
session ticket with EAP-FAST. This resulted in the wpa_supplicant STATUS
tls_session_reused showing incorrect value (0 instead of 1) when
EAP-FAST PAC was used. Fix this by setting conn->session_resumed = 1
when TLS handshake using the session ticket succeeds.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 23:52:30 +02:00
Jouni Malinen
7fff91ae51 Fix tls_connection_prf() regression with CONFIG_TLS=internal
Commit af851914f8 ('Make
tls_connection_get_keyblock_size() internal to tls_*.c') broke
tls_connection_prf() with the internal TLS implementation when using
skip_keyblock=1. In practice, this broke EAP-FAST. Fix this by deriving
the correct number of PRF bytes before skipping the keyblock.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 23:40:54 +02:00
Jouni Malinen
1adf262144 TLS: Add support for extKeyUsage X.509v3 extension
If the server/client certificate includes the extKeyUsage extension,
verify that the listed key purposes include either the
anyExtendedKeyUsage wildcard or id-kp-serverAuth/id-kp-clientAuth,
respectively.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 21:53:23 +02:00
Jouni Malinen
404597e630 tests: Skip ap_wpa2_eap_ttls_dh_params_dsa with internal TLS
DH DSA parameters are not yet supported.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 21:09:44 +02:00
Jouni Malinen
686eee77d2 tests: Skip PKCS#12 tests with internal TLS client implementation
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 21:07:39 +02:00
Jouni Malinen
07555778a7 Add TEST_FAIL() support for internal hash functions
md4_vector(), md5_vector(), sha1_vector(), and sha256_vector() already
supported TEST_FAIL() with the OpenSSL crypto implementation, but the
same test functionality is needed for the internal crypto implementation
as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 21:01:33 +02:00
Jouni Malinen
089e7ca372 tests: Skip dbus_connect_eap if altsubject_match is not supported
This test case fails with the current internal TLS client implementation
since the needed altsubject_match parameter is not yet supported.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 20:57:26 +02:00
Jouni Malinen
4104267e81 Fix memory leak on NFC DH generation error path
It was possible for some NFC DH generation error paths to leak memory
since the old private/public key was not freed if an allocation failed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 20:53:20 +02:00
Jouni Malinen
c5ef7bbfa5 tests: Fix wpas_ctrl_oom with the internal TLS implementation
One of the OOM cases does not apply for internal crypto implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 20:43:44 +02:00
Jouni Malinen
c675f669c3 tests: Fix wpas_ctrl_network without SAE
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 20:38:34 +02:00
Jouni Malinen
e78eb40442 tests: Skip domain_match and domain_suffix_match with internal TLS
The internal TLS client in wpa_supplicant does not yet support the
functionality needed for these test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 20:35:05 +02:00
Jouni Malinen
c5864dca5d TLS client: Add certificate chain validation failure callbacks
This adds more support for event_cb() calls for various server
certificate chain validation failures.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 20:32:52 +02:00
Jouni Malinen
2286578fe0 tests: TLS v1.2 check in ap_wpa2_eap_tls_versions for internal TLS
The internal TLS implementation in wpa_supplicant supports TLS v1.2, so
verify that this version can be disabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 20:04:26 +02:00
Jouni Malinen
896a97d712 TLS client: Add support for disabling TLS versions
The internal TLS client implementation in wpa_supplicant can now be used
with the phase2 parameters tls_disable_tlsv1_0=1, tls_disable_tlsv1_1=1,
and tls_disable_tlsv1_2=1 to disable the specified TLS version(s).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 20:03:11 +02:00
Jouni Malinen
0cbc22b2eb TLS client: Use TLS_CONN_* flags
This makes it simpler to add support for new TLS_CONN_* flags without
having to add a new configuration function for each flag.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 19:48:17 +02:00