Commit graph

17442 commits

Author SHA1 Message Date
Jouni Malinen
33cb47cf01 DPP: Fix connection result reporting when using TCP
The TCP code path did not handle the postponed connection attempt on TX
status and the following result message from the Enrollee to the
Configurator. Fix this by adding TCP-versions of these operations to
match the way wpa_supplicant implemented this for the Public Action
frames.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-28 17:28:49 +02:00
Jouni Malinen
75f42be0a7 tests: sigma_dut and DPP PKEX over TCP
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-27 20:50:39 +02:00
Jouni Malinen
75d791c0e3 tests: sigma_dut and additional protocol tests for DPP Network Intro
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-27 18:44:57 +02:00
Jouni Malinen
1822bd3789 DPP: Testing capability for invalid Protocol Version in Network Intro
This extends dpp_test functionality to allow DPP Network Introduction
exchanges to use an incorrect value in the Protocol Version attribute.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-27 18:44:07 +02:00
Jouni Malinen
c93679a87f tests: sigma_dut forcing PKEX v1 only
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-26 00:40:09 +02:00
Jouni Malinen
b007bfdf68 tests: DPP PKEX over TCP
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2022-01-26 00:40:09 +02:00
Jouni Malinen
d7be749335 DPP3: PKEX over TCP
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2022-01-26 00:40:09 +02:00
Jouni Malinen
008e177597 tests: Update DPP PKEX version indication style
Update test cases to match implementation.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-25 20:42:18 +02:00
Jouni Malinen
bdcccbc275 DPP: Change PKEX version configuration design
Use a separate ver=<1|2> parameter to DPP_PKEX_ADD instead of
overloading init=1 with version indication. This allows additional
options for forcing v1-only and v2-only in addition to automatic mode
(start with v2 and fall back to v1, if needed).

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-25 20:32:48 +02:00
Jouni Malinen
53fae01c8b tests: DPP PKEXv2 initiator fallback to v1 in hostapd
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-24 22:58:38 +02:00
Jouni Malinen
9d3f347a2b DPP3: Add PKEX initiator retries and fallback from v2 to v1 for hostapd
This extends hostapd with the design used in wpa_supplicant for PKEX
initiator retries and automatic version fallback from v2 to v1 (the
latter is enabled only with CONFIG_DPP3=y).

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-24 22:58:38 +02:00
Jouni Malinen
3f67ab5871 DPP: Handle TX status events for broadcast DPP messages
Report TX status for DPP messages even if the destination address was
broadcast. This is needed to get appropriate trigger for PKEX retries.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-24 22:58:38 +02:00
Jouni Malinen
93a19abcaf tests: sigma_dut DPP/PKEXv2 initiator and fallback to v1
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-24 22:58:38 +02:00
Jouni Malinen
8021362998 DPP3: Start with PKEXv2 and fall back to v1
Use automatic PKEX version negotiation as the initiator by starting with
PKEXv2 and if no response is received, trying again with PKEXv1. For
now, this is enabled only in wpa_supplicant CONFIG_DPP3=y builds.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-24 22:58:38 +02:00
Jouni Malinen
9a4feed2f8 tests: Update dpp_proto_after_wrapped_data_pkex_cr_req for PKEXv2
Check for both PKEX v1 and v2 variants of the message.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-24 22:58:38 +02:00
Qiwei Cai
f32f99df11 P2P: Send response frame on channel where the request is received
The rx_freq of Public Action frame was not maintained by the GO and the
GO always sent the response on the operating channel. This causes
provision discovery failure when a P2P Device is sending a PD Request on
a 2.4 GHz social channel and the GO is responding on a 5 GHz operating
channel.

Save the rx_freq and use it for GO to sent the response. This extends
commit c5cc7a59ac ("Report offchannel RX frame frequency to hostapd")
to cover additional frame types.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-17 20:27:37 +02:00
Madhvapathi Sriram
b678a3aa32 Extend QCA_NL80211_VENDOR_SUBCMD_PEER_FLUSH_PENDING
Extend the peer queue flush command with following attributes
1. Enable to flush per TID peer queue
2. Enable to configure when to flush the peer/TID queue

Signed-off-by: Madhvapathi Sriram <quic_msriram@quicinc.com>
2022-01-17 20:16:21 +02:00
Arowa Suliman
a16434ad96 tests: Update the repository branch name
This was forgotten from the earlier commit.

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2022-01-17 17:34:39 +02:00
Arowa Suliman
fc4bc342e5 Replace "blacklist" with "denylist" in vendor interface definition
Replace the word "blacklist" with the inclusive word "denylist" and add
aliases for backward compatibility.

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2022-01-17 17:30:28 +02:00
Arowa Suliman
bc9fd8adc0 Replace "whitelist" with "allowlist" in vendor interface definition
Replace the word "whitelist" with the inclusive word "allowlist" and add
aliases for backward compatibility.

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2022-01-17 17:30:00 +02:00
Arowa Suliman
ffe80cb8e6 wpa_supplicant: ap: Update comment
Update the comment to use the word "include" instead of the oppressive
term "white-list".

Signed-off-by: Arowa Suliman <arowa@chromium.org>
2022-01-17 17:24:40 +02:00
Jouni Malinen
c765450339 The main branch is now used for v2.11 development
Signed-off-by: Jouni Malinen <j@w1.fi>
2022-01-17 00:03:42 +02:00
Jouni Malinen
cff80b4f7d Preparations for v2.10 release
Update the version number for the build and also add the ChangeLog
entries for both hostapd and wpa_supplicant to describe main changes
between v2.9 and v2.10.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-01-16 22:51:29 +02:00
Jouni Malinen
7a57eb3156 Update copyright notices for the new year 2022
Signed-off-by: Jouni Malinen <j@w1.fi>
2022-01-16 22:51:29 +02:00
Jouni Malinen
0b48cfe178 tests: Update eap_proto_pwd_errors to match implementation
A negative test was failing with the PWE derivation change in the
implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-01-11 20:15:36 +02:00
Jouni Malinen
f73e041b9b tests: Update sae_bignum_failure to match implementation
This was failing with the PWE derivation change in the implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-01-11 20:15:36 +02:00
Jouni Malinen
9b14aed908 crypto: Remove unused crypto_ec_point_solve_y_coord()
This wrapper function is not used anymore, so remove it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-01-11 20:15:36 +02:00
Jouni Malinen
8c502336d4 EAP-pwd: Derive the y coordinate for PWE with own implementation
The crypto_ec_point_solve_y_coord() wrapper function might not use
constant time operations in the crypto library and as such, could leak
side channel information about the password that is used to generate the
PWE in the hunting and pecking loop. As such, calculate the two possible
y coordinate values and pick the correct one to use with constant time
selection.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-01-11 20:15:36 +02:00
Jouni Malinen
6c380f4c87 SAE: Derive the y coordinate for PWE with own implementation
The crypto_ec_point_solve_y_coord() wrapper function might not use
constant time operations in the crypto library and as such, could leak
side channel information about the password that is used to generate the
PWE in the hunting and pecking loop. As such, calculate the two possible
y coordinate values and pick the correct one to use with constant time
selection.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-01-11 20:15:36 +02:00
Jouni Malinen
8ebd8aacc2 SAE: Move sqrt() implementation into a helper function
This implementation within SSWU can be helpful for other users of the
dragonfly design, so move it into a shared helper function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-01-11 20:15:36 +02:00
Vishal Miskin
41c7f3f20e Defined a driver interface for periodic TSF sync feature
Add a QCA vendor netlink interface to start/stop periodic TSF sync
feature and also support configuration of interval value as part of TSF
sync start command. In addition, improve documentation for the related
attributes and values.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-11 18:37:52 +02:00
Veerendranath Jakkam
5758d09294 Add a QCA vendor attribute to indicate ACS over EHT
Add QCA_WLAN_VENDOR_ATTR_ACS_EHT_ENABLED flag attribute to conduct ACS
for EHT mode. The driver can consider EHT specific parameters such as
puncture pattern for ACS when this flag attribute is indicated by
userspace.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-01-11 18:30:24 +02:00
Jouni Malinen
7ffcbd08cf Clear roam/BSS TM in progress flags for additional cases
It looks like the recently added roam_in_progress and
bss_trans_mgmt_in_progress flags could end up getting set, but not
cleared, in some cases. Make sure these get cleared on explicit
disconnection request and also in case the SME-in-driver path is used
(while that path does not really use these flags yet, it is better to
not allow them to be forgotten to be set should it be extended to cover
similar functionality).

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-11 18:02:53 +02:00
Nicolas Norvez
16b5ea9e91 Reject authentication start during BSS TM requests
After receiving a BSS Transition Management request,
wpa_supplicant_connect() will abort ongoing scans, which will cause scan
results to be reported. Since the reassociate bit is set, this will
trigger a connection attempt based on the aborted scan's scan results
and cancel the initial connection request. This often causes
wpa_supplicant to reassociate to the same AP it is currently associated
to instead of the AP it was asked to transition to.

Add a bss_trans_mgmt_in_progress flag to indicate that we're currently
transitioning to a different AP so that we don't initiate another
connection attempt based on the possibly received scan results from a
scan that was in progress at the time the BSS Transition Management
request was received.

This is the equivalent of commit 5ac977758d ("Reject authentication
start during explicit roam requests") for the roaming scenario.

Signed-off-by: Nicolas Norvez <norvez@chromium.org>
2022-01-11 17:57:38 +02:00
Alex Kiernan
af6d4031d7 D-Bus: Fix build without CONFIG_INTERWORKING
Make wpas_dbus_handler_interworking_select() conditional on
CONFIG_INTERWORKING to avoid compilation issues.

Fixes: c8e4283f90 ("D-Bus: Interworking network selection")
Signed-off-by: Alex Kiernan <alexk@zuma.ai>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
2022-01-11 17:50:17 +02:00
Jouni Malinen
58bbcfa31b OpenSSL: Update security level drop for TLS 1.0/1.1 with OpenSSL 3.0
OpenSSL 3.0 dropped these older TLS versions from the security level 2
to 1, so need to drop the security level all the way to 0 if TLS v1.0 or
v1.1 is explicitly enabled.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-11 17:42:55 +02:00
Jouni Malinen
f5fcac731f tests: Update capability checks to include OpenSSL 3.0
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-11 17:42:55 +02:00
Jouni Malinen
500813f9f3 tests: Do not use SAE group 26
This group should not be used with SAE and as such, it could cause
confusing test errors here. Use an acceptable group instead.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-11 17:42:42 +02:00
Jouni Malinen
682fce579f OpenSSL: Fix compressed form encoding for subjectPublicKey with 3.0
It looks like EC_KEY_set_conv_form() for the EC_KEY within the EVP_PKEY
does not take effect for i2d_PUBKEY() with OpenSSL 3.0, so allocate a
new wrapper EVP_PKEY after the conversion format change to be able to
return the correctly encoded (compressed) value here. This is required
for DPP to work correctly.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-11 17:40:06 +02:00
Jouni Malinen
ff2eccbdf9 OpenSSL: Load legacy provider when needed for OpenSSL 3.0
Number of the older algorithms have now been moved into a separate
provider in OpenSSL 3.0 and they are not available by default.
Explicitly load the legacy provider when such an algorithm is needed for
the first time.

In addition, at least for now, load the legacy providers when initiating
TLS context to maintain existing functionality for various private key
formats.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-11 17:40:06 +02:00
Jouni Malinen
ddcdd62866 OpenSSL: Clean up EVP_PKEY_get{0,1}_EC_KEY() use
Use get1 whenever actually modifying the EC_KEY parameters and mark the
variable used with get0 const to be compatible with OpenSSL 3.0.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-01-11 17:40:06 +02:00
Jouni Malinen
384aa245ef OpenSSL: Speed up crypto_ec_point_compute_y_sqr()
Optimize the calculation by computing (x^2 + a) first to get rid of one
separate multiplication by x.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-01-11 17:40:06 +02:00
Chenming Huang
b26f5c0fe3 DPP: Remove dpp-listen radio work when stopping
The radio work starting may be delayed. If the DPP listen operation is
stopped before the radio work starts, the pending dpp-listen radio work
won't get cleaned up, which might lead to failing to start the next DPP
listen operation.

Issue scenario: DPP start -> dpp-listen radio work added but not started
-> DPP stop, pending radio work not cleaned up -> radio work start ->
trying to start DPP but failing because a dpp-listen work already
exists.

This commit removes the potential pending dpp-listen radio
work when DPP stops.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2021-12-21 00:09:28 +02:00
Shivani Baranwal
3f8c83a65e SAE: Make sure BSS entry is available to determine RSNXE information
wpa_supplicant may use wrong SAE authentication method if it doesn't
have the scan result for the target BSS since RSNXE information is not
available.

For example, STA might use the hunting-and-pecking loop method for SAE
authentication even though AP supports SAE H2E and STA is configured
with sae_pwe=2.

This is possible in cases like EXTERNAL_AUTH triggered by the driver
during roaming. To avoid this update scan results to fetch the target
BSS scan result from the driver.

Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
2021-12-21 00:06:19 +02:00
Mukul Sharma
43f600a1f7 Add new vendor attributes to avoid coex unsafe frequencies
Add additional attributes in
QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY_EXT vendor sub command to
avoid usage of unsafe frequencies on wifi interfaces sent from userspace
to the driver/firmware. The driver/firmware shall use restrictions and
power cap accordingly to restrict the usage of these frequencies on
operating interface(s).

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2021-12-21 00:04:26 +02:00
Jouni Malinen
bb6fa62b3f tests: Fix DPP PKEXv2 capability checks
At least for the time being PKEXv2 needs CONFIG_DPP3=y to work in a
testable manner. Couple of the test cases did not cover this correctly
and resulted in failures (instead of skipping the tests) when the
default build configuration was used. Fix that by checking for DPP
version 3.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2021-12-14 19:45:43 +02:00
Jouni Malinen
cab51021c6 DPP3: Update version capability indication for hostapd
The "GET_CAPABILITY dpp" command in wpa_supplicant was already extended
to cover DPP version 3, but the matching change for hostapd was
forgotten. Add that now.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2021-12-14 19:45:43 +02:00
peterhuang
bc24a8a09e Update supported channel width set (HT40) after channel switch
hostapd should update Supported Channel Width Set of HT Capability
Information field after channel switching done. Otherwise, it would
continue to use the old setting.

Signed-off-by: peterhuang <peterhuang@realtek.com>
2021-12-12 22:53:22 +02:00
peterhuang
ff7e403f06 Fix channel switch wrapper when switching from HT to VHT/HE
Because ieee80211ac and ieee80211ax were not updated before channel
switch is done, hostapd didn't build the Channel Switch Wrapper element
when it switched from HT to bandwidth more than 40 MHz of VHT/HE. fix
this by allowing hostapd_eid_wb_chsw_wrapper() to determine internally
when the element needs to be added based on the new channel instead of
the old configuration.

Signed-off-by: peterhuang <peterhuang@realtek.com>
2021-12-12 22:42:59 +02:00
peterhuang
5606ede121 Update ieee80211ac when channel switching
hostapd will build wrong beacon_after in hostapd_fill_csa_settings() if
it doesn't update ieee80211ac when channel switching.

Signed-off-by: peterhuang <peterhuang@realtek.com>
2021-12-12 22:36:51 +02:00