Commit graph

14410 commits

Author SHA1 Message Date
Jouni Malinen
e34cd9f06e WNM: Fix WNM-Sleep Mode Request bounds checking
ieee802_11_rx_wnmsleep_req() might have been called for a short frame
that has no more payload after the Public Action field, i.e., with len
== 0. The bounds checking for the payload length was done only for the
information elements while the one octet Dialog Token field was read
unconditionally. In the original implementation, this could have
resulted in reading one octet beyond the end of the received frame data.

This case has not been reachable after the commit e0785ebbbd ("Use
more consistent Action frame RX handling in both AP mode paths"), but it
is better to address the specific issue in ieee802_11_rx_wnmsleep_req()
as well for additional protection against accidential removal of the
check and also to have something that can be merged into an older
version (pre-v2.7) if desired. The comments below apply for such older
versions where the case could have been reachable.

Depending on driver interface specific mechanism used for fetching the
frame, this could result in reading one octet beyond the end of a
stack/hash buffer or reading an uninitialized octet from within a
buffer. The actual value that was read as the Dialog Token field is not
used since the function returns immediately after having read this value
when there is no information elements following the field.

This issue was initially added in commit d32d94dbf4 ("WNM: Add
WNM-Sleep Mode implementation for AP") (with CONFIG_IEEE80211V=y build
option) and it remained in place during number of cleanup and fix
changes in this area and renaming of the build parameter to
CONFIG_WNM=y. The impacted function was not included in any default
build without one of the these optional build options being explicitly
enabled. CONFIG_WNM=y is still documented as "experimental and not
complete implementation" in hostapd/defconfig. In addition, commit
114f2830d2 ("WNM: Ignore WNM-Sleep Mode Request in wnm_sleep_mode=0
case") made this function exit before the impact read if WNM-Sleep Mode
support was not explicitly enabled in runtime configuration
(wnm_sleep_mode=1 in hostapd.conf). Commit e0785ebbbd ("Use more
consistent Action frame RX handling in both AP mode paths") made this
code unreachable in practice.

Add an explicit check that the frame has enough payload before reading
the Dialog Token field in ieee802_11_rx_wnmsleep_req().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-28 14:58:17 +02:00
Jouni Malinen
a18d58f47c tests: EAP-TLS and server reloading CRL from ca_cert
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-27 18:48:16 +02:00
Jared Bents
159a7fbdea crl_reload_interval: Add CRL reloading support
This patch adds a new flag 'crl_reload_interval' to reload CRL
periodically. This can be used to reload ca_cert file and the included
CRL information on every new TLS session if difference between the last
reload and the current time in seconds is greater than
crl_reload_interval.

This reloading is used for cases where check_crl is 1 or 2 and the CRL
is included in the ca_file.

Signed-off-by: Paresh Chaudhary <paresh.chaudhary@rockwellcollins.com>
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
2019-01-27 18:45:07 +02:00
Jouni Malinen
0eb34f8f28 tests: WPA2-PSK AP with PSK from a file (keyid and reload)
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-26 17:52:04 +02:00
Michal Kazior
83c8608132 AP: Add wpa_psk_file reloading in runtime
The wpa_psk_file can now be modified and hostapd can be told to re-read
it with the control interface RELOAD_WPA_PSK command:

 $ hostapd_cli reload_wpa_psk

It must be noted special care must be taken if WPS is configured
(wps_state=2, eap_server=1) because WPS appends PMKs to the
wpa_psk_file.

Signed-off-by: Michal Kazior <michal@plume.com>
2019-01-26 17:52:04 +02:00
Michal Kazior
ec5c39a557 AP: Allow identifying which passphrase station used with wpa_psk_file
It is now possible to optionally specify keyid for
each wpa_psk_file entry:

 keyid=something 00:00:00:00:00:00 secretpassphrase

When station connects and the passphrase it used
has an associated keyid it will be appended to the
AP-STA-CONNECTED event string:

 wlan0: AP-STA-CONNECTED 00:36:76:21:dc:7b keyid=something

It's also possible to retrieve it through the control interface:

 $ hostapd_cli all_sta
 Selected interface 'ap0'
 00:36:76:21:dc:7b
 ...
 keyid=something

New hostapd is able to read old wpa_psk_file. However, old hostapd will
not be able to read the new wpa_psk_file if it includes keyids.

Signed-off-by: Michal Kazior <michal@plume.com>
2019-01-26 17:52:04 +02:00
Michal Kazior
b08c9ad0c7 AP: Expose PMK outside of wpa_auth module
This doesn't change any behavior on its own. It's going to be used to
expose per-station keyids and allow reloading passphrases in runtime.

Signed-off-by: Michal Kazior <michal@plume.com>
2019-01-26 17:52:04 +02:00
Masashi Honma
1699309378 tests: Modify pmksa_cache test sets for python3
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-26 13:15:40 +02:00
Masashi Honma
26b91346b9 tests: Modify ocv test sets for python3
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-26 13:15:32 +02:00
Masashi Honma
255f3846a9 tests: ap_eap test requires more memory in VM
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-26 13:05:44 +02:00
Masashi Honma
26b0c29042 tests: Python3 does not allow mixed indentation
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-26 13:04:38 +02:00
Masashi Honma
00a41ed986 tests: Remove deprecated statement for python3 compatibility
This patch is made by using 2to3 command.

find . -name *.py | xargs 2to3 -f future -w -n

This was not really needed in this file for python2 compatibility.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-26 13:03:49 +02:00
Masashi Honma
e6b283f758 tests: Use int instead of long for python3 compatibility
This patch is made by using 2to3 command.

$ find . -name *.py | xargs 2to3 -f long -w -n

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-26 13:02:50 +02:00
Masashi Honma
e1bb41bfde tests: Use python3 compatible raise statement
This patch is made by using 2to3 command.

find . -name *.py | xargs 2to3 -f raise -w -n

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-26 13:01:33 +02:00
Masashi Honma
8c851c2e36 tests: Use python3 compatible function attribute
This patch is made by using 2to3 command.

$ find . -name *.py | xargs 2to3 -f funcattrs -w -n

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-26 13:00:03 +02:00
Masashi Honma
330f2dd6bb tests: Use python3 compatible range operation
This patch is made by using 2to3 command.

$ find . -name *.py | xargs 2to3 -f xrange -w -n

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-26 12:56:02 +02:00
Masashi Honma
35d8c2545e tests: Use python3 compatible dict operation
This patch is made by using 2to3 command.

$ find . -name *.py | xargs 2to3 -f dict -w -n

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-26 12:53:05 +02:00
Masashi Honma
89896c0008 tests: Use python3 compatible print statement
This patch is made by using 2to3 command.

$ find . -name *.py | xargs 2to3 -f print -w -n

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-26 12:37:25 +02:00
Masashi Honma
bab493b904 tests: Use python3 compatible "except" statement
This patch is made by using 2to3 command.

$ find . -name *.py | xargs 2to3 -f except -w -n

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-26 12:11:35 +02:00
Daniel Golle
0dab477335 Write multi_ap_backhaul_sta to wpa_supplicant config
The network configration option multi_ap_backhaul_sta was added without
adding it to wpa_config_write_network(). Hence the value of this option
was not included when writing the configuration file. Fix this by
including it in wpa_config_write_network().

Fixes: 5abc7823b ("wpa_supplicant: Add Multi-AP backhaul STA support")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-01-24 00:27:12 +02:00
Lubomir Rintel
98251c6f21 dbus: Document more possible BSS/RSA/KeyMgmt values
This is probably not ideal, since it would be better if it ended up
being autogenerated somehow, but at least it's somewhat of an
improvement.

Also added a comment that encourages keeping the docs in sync.

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
2019-01-24 00:24:09 +02:00
Lior David
1e591df063 Check supported types in wpas_mac_addr_rand_scan_set()
When setting scan with randomized MAC, check the requested scan type
against supported types, to ensure callers will not set an unsupported
type, since this can cause scan/connect failures later. It is better to
do this in wpas_mac_addr_rand_scan_set() instead of control interface
specific code to apply the constraint on all possible interfaces using
this setting.

Signed-off-by: Lior David <liord@codeaurora.org>
2019-01-24 00:21:34 +02:00
Lior David
c85249aa15 Fix test compilation error related to sme_event_unprot_disconnect()
sme_event_unprot_disconnect() is only defined with CONFIG_IEEE80211W, so
the CONFIG_TESTING_OPTIONS command UNPROT_DEAUTH can be defined only
with builds that enable IEEE 802.11w support.

Signed-off-by: Lior David <liord@codeaurora.org>
2019-01-24 00:21:28 +02:00
Jouni Malinen
6de2a80940 tests: SAE and password identifier (exclusively)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-24 00:20:49 +02:00
Jouni Malinen
42d308635f SAE: Advertise Password Identifier use
Support the new Extended Capabilities field bits 81 and 82 to indicate
whether SAe Password Identifiers are in use.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-24 00:20:49 +02:00
Jouni Malinen
59c6930641 HS 2.0 server: Command line option to fetch the version information
This can be used to report automatically generated version strings from
the SPP server.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-24 00:20:44 +02:00
Jouni Malinen
2d1762fa4a HS 2.0 server: Alternative subrem updateNode for certificate credentials
The new subrem field in the users database can now be used to issue an
alternative subscription remediation updateNode for clients using
certificate credentials. The data file for this case is similar to the
policy update files, but it starts with the managementTreeURI value in
the first line.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-23 01:03:46 +02:00
Jouni Malinen
d97cf2a117 HS 2.0 server: Use noMOUpdate in client certificate subrem
There is no point in trying to update the Credential node with the
existing contents in case of subscription remediation using a client
certificate instead of a username/password credential, so use the
noMOUpdate in that case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-22 23:31:06 +02:00
Jouni Malinen
13a200a92a FILS: Remove notes about experimental implementation
The standard amendment has been published and there has been sufficient
amount of interoperability testing for FILS to expect the protocol not
to be changed anymore, so remove the notes claiming this to be
experimental and not suitable for production use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-22 13:33:48 +02:00
Jouni Malinen
ad171ccd82 tests: Update README to refer to parallel-vm.py
parallel-vm.sh was removed earlier.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-22 13:27:31 +02:00
Lubomir Rintel
86d4e05374 dbus: Expose support of SAE key management in BSS properties
This is going to be useful for NetworkManager and likely others.

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
2019-01-22 13:26:12 +02:00
Masashi Honma
3e949655cc Revert "mesh: Apply channel attributes before setup interface"
This reverts commit 2564184440.

Commit 2564184440 ("mesh: Apply channel attributes before setup
interface") triggers some channel configurations to result in leaking
memory. This seems to be caused by hapd->started not getting set when
going through a callback to start hostapd operation (e.g., when using
HT40 coex scan) due to hostapd_setup_bss() not getting called. This
results in hostapd_free_hapd_data() not clearing allocated
hapd->wpa_auth. This can be reproduced with the hwsim test case
mesh_secure_ocv_mix_legacy.

A more complete cleanup of the pending mesh patch for DFS support seems
to be needed to fix this properly, so the best approach for now is to
revert this patch and bring it back once rest of the mesh changes are
ready to be applied.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2019-01-21 23:43:12 +02:00
Ian Archer
9758b08bcf hostapd: Add support for setting pbss option from config file
There is currently no support for setting hostapd_bss_config.pbss from a
config file, i.e., it was used only based on automatic logic in
wpa_supplicant. This patch adds a key naturally called "pbss" which can
be used to set it.

Cc: Antony King <antony.king@bluwirelesstechnology.com>
Signed-off-by: Brendan Jackman <brendan.jackman@bluwirelesstechnology.com>
2019-01-21 12:35:59 +02:00
Amit Khatri
cc0f24196b D-Bus: Fix P2P Flush method to clear pending Action frames
If we call p2p_flush from ctrl_iface, before calling p2p_flush() it
calls wpas_p2p_stop_find(). Add the same call to the matching D-Bus
method to clear all pending operations.

Signed-off-by: Amit Khatri <amit7861234@gmail.com>
2019-01-21 12:30:17 +02:00
stonez
fff8da8ace Add a vendor attribution to transfer EVM information
This new QCA vendor attribute indicates the EVM value in netlink.

Signed-off-by: stonez <stonez@codeaurora.org>

:100644 100644 ad5dac2... ede4fc8... M	src/common/qca-vendor.h
2019-01-21 12:28:05 +02:00
Jouni Malinen
3cd0adea26 tests: wpa_supplicant config parsing and storing for new variables
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-12 19:21:45 +02:00
Jouni Malinen
9b8e1f9044 tests: P2P group formation with random interface addresses
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-12 19:18:02 +02:00
Jimmy Chen
a95906f938 P2P: support random interface address
To enhance privacy, generate a random interface for each group.

There are two configurations are introduced:
* p2p_interface_random_mac_addr
  enable interface random MAC address feature, default disable.

Signed-off-by: Jimmy Chen <jimmycmchen@google.com>
2019-01-12 17:58:30 +02:00
Jimmy Chen
9359cc8483 P2P: Support random device address
To enhance privacy, generate a random device address for P2P interface.
If there is no saved persistent group, it generate a new random MAC
address on bringing up p2p0. If there is saved persistent group, it will
use last MAC address to avoid breaking group reinvoke behavior.

There are two configurations are introduced:
* p2p_device_random_mac_addr
  enable device random MAC address feature, default disable.
* p2p_device_persistent_mac_addr
  store last used random MAC address.

Signed-off-by: Jimmy Chen <jimmycmchen@google.com>
2019-01-12 17:55:42 +02:00
Arnout Vandecappelle (Essensium/Mind)
222ff97bc3 tests: start.sh: fix logs/current symlink creation
Since 3bdc651a62, start.sh creates the logs/current symlink even if
LOGDIR was set in the environment, as is the case when using run-all.sh.
However, run-all.sh and start.sh use a separate 'date' invocation so the
resulting string may be different. Usually it is the same because the
two invocations immediately follow each other, *except* if run-all.sh
also does a build. In addition, if the user sets LOGDIR to something
else, the symlink is completely bogus.

Fix this by not relying on the 'date' invocation for creating the
symlink. Instead, use the basename of LOGDIR. To keep things consistent
with current behavior, only create the symlink if LOGDIR points to a
subdirectory of DIR/logs.

The following use cases now work reliably:
* run-all.sh with or without the -B option;
* manually calling start.sh followed by run-tests.py without setting
  LOGDIR.
* manually calling start.sh with LOGDIR set to a subdirectory of logs
  and calling run-tests.py without --logdir option (which makes it
  default to logs/current).
* run-all.sh with LOGDIR set to a subdirectory of logs.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-01-12 17:39:59 +02:00
Jouni Malinen
cbf25808b9 tests: Build with various LibreSSL and OpenSSL versions
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-12 17:32:15 +02:00
Stefan Strogin
67d35396cb Fix build with LibreSSL
When using LibreSSL build fails with:

../src/crypto/tls_openssl.o: in function `tls_connection_client_cert':
../src/crypto/tls_openssl.c:2817: undefined reference to `SSL_use_certificate_chain_file'
collect2: error: ld returned 1 exit status
make: *** [Makefile:1901: wpa_supplicant] Error 1

There is no such function in LibreSSL.

Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com>
2019-01-12 15:26:07 +02:00
Peng Xu
5a3319ab1b P2P: Add 802.11ax support for P2P GO
An optional parameter "he" is added to p2p_connect, p2p_group_add, and
p2p_invite to enable 11ax HE support. The new p2p_go_he=1 configuration
parameter can be used to request this to be enabled by default.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-12 13:09:39 +02:00
Sunil Dutt
9da1641a4c Clarify documentation of avoid channels expectations
The vendor command QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY was defined
to carry the list of avoid frequencies that aim to avoid any
interference with other coexistencies. This recommendation was followed
strictly by trying to prevent WLAN traffic on the impacted channels.

This commit refines the expectation of the interface by defining this
avoid channel list to allow minimal traffic but not heavier one. For
example, P2P may still be able to use avoid list frequencies for P2P
discovery and GO negotiation if the actual group can be set up on a not
impact channel.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-12 12:39:36 +02:00
Jouni Malinen
8c70c30472 HS 2.0 server: Log new username in eventlog for cert reenroll
Make it easier to find the new username (and the new serial number from
it) when a user entry is renamed at the conclusion of client certificate
re-enrollment sequence.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-01-10 00:47:04 +02:00
Siva Mullati
11ce7a1bc3 HE: Add MU EDCA Parameter Set element (AP)
Add support for configuring parameters for the MU EDCA Parameter Set
element per IEEE P802.11ax/D3.0.

Signed-off-by: Siva Mullati <siva.mullati@intel.com>
2019-01-08 17:22:43 +02:00
Martin Stanislav
cfb01f58a6 eapol_test: Start the identifier at an initial random value
Start the (EAP request) identifier at an initial random value
as recommended by RFC 3748 in section 4.1 Request and Response
on page 21.

Signed-off-by: Martin Stanislav <ms@uakom.sk>
2019-01-08 13:40:33 +02:00
Jouni Malinen
6bcbda4082 drivers: Set CONFIG_LIBNL32=y automatically based on pkg-config
If the libnl version is not specified explicitly with CONFIG_LIBNL*, try
to check for the most likely case today with pkg-config.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-08 13:31:55 +02:00
Andrey Kartashev
41b747522e drivers: Move libnl related build flags to separate ifdef block
Fix compilation issue if we want to build wpa_supplicant without any
wireless connectivity but only with MACSec support via Linux kernel
driver.

Signed-off-by: Andrey Kartashev <a.s.kartashev@gmail.com>
2019-01-08 13:24:22 +02:00
Mike Siedzik
a07b8a70b5 mka: New MI should only be generated when peer's key is invalid
Two recent changes to MKA create a situation where a new MI is generated
every time a SAK Use parameter set is decoded.  The first change moved
invalid key detection from ieee802_1x_decode_basic_body() to
ieee802_1x_kay_decode_mpkdu():

  commit db9ca18bbf ("mka: Do not ignore MKPDU parameter set decoding failures")

The second change forces the KaY to generate a new MI when an invalid
key is detected:

  commit a8aeaf41df ("mka: Change MI if key invalid")

The fix is to move generation of a new MI from the old invalid key
detection location to the new location.

Fixes: a8aeaf41df ("mka: Change MI if key invalid")
Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
2019-01-08 01:12:02 +02:00