Jouni Malinen [Fri, 6 Dec 2019 15:13:59 +0000 (17:13 +0200)]
SAE: Testing option to ignore H2E requirement mismatch
"SET ignore_sae_h2e_only 1" can now be used to configurate
wpa_supplicant to a test mode where it ignores AP's H2E-required
advertisement and try to connect with hunt-and-pecking loop instead.
This is used only for testing AP behavior with unexpected STA behavior.
Ankita Bajaj [Tue, 19 Nov 2019 13:11:34 +0000 (18:41 +0530)]
ACS: Remove redundant ch_list parameters from do_acs interface
Clean up do_acs interface to not pass ch_list to drivers as the same
information is available in freq_list. The channel numbers are
duplicated between 2.4 GHz and 5 GHz bands and the 6 GHz band. So, use
the QCA_WLAN_VENDOR_ATTR_ACS_CH_LIST to populate only 2.4 GHz and 5 GHz
channels to ensure backwards compatibility with old drivers which do not
have support to decode the newer QCA_WLAN_VENDOR_ATTR_ACS_FREQ_LIST
attribute.
Jouni Malinen [Tue, 3 Dec 2019 16:22:36 +0000 (18:22 +0200)]
DPP: Bootstrapping via NFC URI Record
This extends hostapd and wpa_supplicant DPP implementation to allow the
bootstrapping URI to be generated for and parsed from an NFC Tag with an
NFC URI Record. This is similar to the way the bootstrapping URI is used
with QR Code for unidirectional authentication.
The DPP_BOOTSTRAP_GEN command uses "type=nfc-uri" to request the URI to
be assigned for NFC URI Record. In practice, the URI is generated
identically to the QR Code case, but the internal entry maintains the
NFC-URI type.
A new command "DPP_NFC_URI <uri>" can now be used to parse the URI read
from an NFC Tag with the NFC URI Record. This is similar to the
DPP_QR_CODE command.
Other commands (mainly, DPP_LISTEN and DPP_AUTH_INIT) are used for NFC
URI in the same way as they are used for QR Code.
Hu Wang [Wed, 23 Oct 2019 09:54:18 +0000 (17:54 +0800)]
Extend hostapd to support setband to driver via QCA vendor command
Commit 844dfeb804af ("QCA vendor command support to set band to driver")
added a vendor command to pass 'SET setband' command information to the
driver in wpa_supplicant. Add similar changes to hostapd control
interface.
hostapd: Register wpa_msg callback even if only global ctrl_iface is used
Previously, wpa_msg_register_cb() was called only from successful
completion of per-interface control interface initialization. This would
leave the callback unregistered in case only the global control
interface is used which would result in not delivering control interface
events on the global interface. Fix this by registering the callback
handler also from successful initialization of the global control
interface.
hostapd: Extend global control interface notifications
Previously, hostapd sent only WPA_MSG_ONLY_GLOBAL type notifications to
the global control interface and all other notifications to
per-interface control interface. Extend this by making it similar to
wpa_supplicant global control interface notifications handling. With
this hostapd now sends all notifications except WPA_MSG_NO_GLOBAL to the
global control interface. In addition, WPA_MSG_PER_INTERFACE type
messages will be prefixed with "IFNAME=<interface name> " while sending
to the global control interface to indicate that the message is
interface specific.
Jouni Malinen [Thu, 28 Nov 2019 22:07:57 +0000 (00:07 +0200)]
SAE H2E: Do not use sae_h2e param in AP mode if SAE is disabled
Previously, nonzero sae_h2e parameter values were used to perform SAE
H2E specific operations (deriving PT, adding RSNXE, adding H2E-only BSS
membership selector) in AP mode even if SAE was not enabled for the
network. This could result in unexpected behavior if sae_pwe=1 or
sae_pwe=2 were set in the configuration. Fix this by making the SAE
operations conditional on SAE being actually enabled.
Jouni Malinen [Thu, 28 Nov 2019 22:06:50 +0000 (00:06 +0200)]
tests: Clear sae_pwe at the end of sigma_dut test cases
sigma_dut does not clear sae_pwe value when the command line argument
"-2" is used, so we need to explicitly clear this from wpa_supplicant at
the end of the test case.
Jouni Malinen [Wed, 27 Nov 2019 13:55:33 +0000 (15:55 +0200)]
Clean up base64_{encode,decode} pointer types
Allow any pointer to be used as source for encoding and use char * as
the return value from encoding and input value for decoding to reduce
number of type casts needed in the callers.
Jouni Malinen [Wed, 27 Nov 2019 13:30:53 +0000 (15:30 +0200)]
Clean up base64_url_{encode,decode} pointer types
Allow any pointer to be used as source for encoding and use char * as
the return value from encoding and input value for decoding to reduce
number of type casts needed in the callers.
Jouni Malinen [Wed, 27 Nov 2019 13:21:28 +0000 (15:21 +0200)]
Simplify base64_url_encode() prototype
There is no use case for adding padding into the base64url encoded
strings, so remove the unneeded add_pad argument that was hardcoded to 0
in all callers.
Jouni Malinen [Sat, 23 Nov 2019 15:39:55 +0000 (17:39 +0200)]
WMM: Do not modify input TSPEC buffer during processing
The WMM TSPEC processor used the input buffer for processing the request
and building the response. This was fine for the FT case, but for the
WMM Action frame case, the input buffer is marked const, so it should
not really be modified. This modification could not really cause any
noticeable harm, but it can result in error reports from fuzzing and
potentially even from some static analyzers.
Fix this by marking the input arguments const more consistently (the
parsed IE was able to drop the const) and copy the const input data to a
temporary buffer for processing and modification instead of allowing the
input data to be modified.
Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19050 Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 23 Nov 2019 15:19:49 +0000 (17:19 +0200)]
tests: Remove a multi-line test description
The previous description of wmediumd_scan_only_one used multiple lines
and that resulted in parallel-vm.py miscounting total number of test
cases. Fix that by getting rid of the newlines from the description.
Jouni Malinen [Sat, 23 Nov 2019 15:09:56 +0000 (17:09 +0200)]
tests: Fix 'unexpected exit' detection in parallel-vm.py
Now that parallel-vm.py is actually stopping VMs as soon as they are not
needed for retries, it is not really an unexpected exit to see a VM exit
while test cases remain in the queue as long as at least that many VMs
remain running. Get rid of confusing 'unexpected exit' status from the
UI in such cases.
Fixes: 4aaddecdd85a ("tests: Handle test retries through the same queue") Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 17 Nov 2019 19:02:42 +0000 (21:02 +0200)]
tests: ap_hs20_cred_and_no_roaming_consortium to match implementation
Now that wpa_supplicant was modified to use NAI realm query even if
roaming_consortium is set, this test case is actually able to find a
match. Update it to avoid cause incorrect test failures.
HS2.0: Skip check for roaming_consortium for NAI realm query
Previously ANQP fetch considered NAI realm query only when cred block
did not specify roaming_consortium to optimize ANQP operations (NAI
realm list can have a very long value). In certain cases, both NAI realm
and roaming_consortium are configured in credential block and this
resulted in ANQP fetch for NAI realm not being initiated. That could
result in not being able to select the highest priority available
credential/network.
Remove roaming_consortium check for NAI realm query inclusion in ANQP
request so that we will request NAI realm information whenever it can
result in matching additional networks. This makes the ANQP queries more
costly in some cases, but the additional information is needed for
correct behavior in network selection.
Hu Wang [Wed, 13 Nov 2019 04:54:55 +0000 (12:54 +0800)]
P2P: Fix listen state machine getting stuck in send_action() scheduled case
Commit 947b5a1532f9 ("P2P: Stop listen state if Action frame TX is
needed on another channel") added an optimization for P2P response
transmission in certain concurrent operation cases. However, it did not
take into account possibility of the driver not being in listen
state (p2p->drv_in_listen == 0) and could end up getting stuck with the
P2P state machine in a manner that made the device not listen for
following messages. This showed up in following manner in the debug log:
P2P: Starting short listen state (state=SEARCH)
P2P: Driver ended Listen state (freq=2437)
process received frame and send a response
P2P: Stop listen on 0 MHz to allow a frame to be sent immediately on 2437 MHz
P2P: Clear timeout (state=SEARCH)
--> state machine stuck
Fix this by adding drv_in_listen > 0 condition for the optimization to
stop the listen operation in send_action() resulting in scheduled TX.
Fixes: 947b5a1532f9 ("P2P: Stop listen state if Action frame TX is needed on another channel") Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Jouni Malinen [Fri, 8 Nov 2019 22:33:58 +0000 (00:33 +0200)]
Fix status code in SAE/DPP association PMKID mismatch (driver-AP-SME)
wpa_validate_wpa_ie() was already extended to cover these cases with
WPA_INVALID_PMKID return value, but hostapd_notif_assoc() did not have
code for mapping this into the appropriate status code
(STATUS_INVALID_PMKID) and ended up using the default
(WLAN_STATUS_INVALID_IE) instead. This caused AP SME-in-driver cases
returning incorrect status code when the AP did not have a matching
PMKSA cache entry. This could result in unexpected station behavior
where the station could continue trying to use a PMKSA cache entry that
the AP does not have and not being able to recover this.
Fix this by adding the previously missed mapping of validation errors to
status/reason codes.
Fixes: 567da5bbd027 ("DPP: Add new AKM") Fixes: 458d8984de1d ("SAE: Reject request with mismatching PMKID (no PMKSA cache entry)") Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Eric Caruso [Thu, 17 Oct 2019 23:03:52 +0000 (16:03 -0700)]
Allow scans triggered by D-Bus to use MAC address randomization
wpas_dbus_handler_scan() constructs a set of 'params' each time, but it
doesn't acknowledge the existing randomization settings when doing so.
That means that any D-Bus initiated scans weren't going to follow the
configured settings.
Signed-off-by: Eric Caruso <ejcaruso@chromium.org>
Eric Caruso [Thu, 17 Oct 2019 23:03:50 +0000 (16:03 -0700)]
Move ownership of MAC address randomization mask to scan params
This array can be freed either from the scan parameters or from
clearing the MAC address randomization parameters from the
wpa_supplicant struct. To make this ownership more clear, we have
each struct own its own copy of the parameters.
Signed-off-by: Eric Caruso <ejcaruso@chromium.org>
Johannes Berg [Tue, 8 Oct 2019 12:11:09 +0000 (14:11 +0200)]
tests: Add negative scan tests
There was a bug in wmediumd in that it didn't set the
frequency of frames, and thus they were always received
by mac80211_hwsim, regardless of channel it was on.
Add two tests that verify we only find a single instance
of an AP if we only have that one, and run this both with
and without wmediumd.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Sun, 27 Oct 2019 14:20:19 +0000 (16:20 +0200)]
tests: Make wpas_mesh_pmksa_caching_ext more robust
Avoid race conditions in completing mesh group removal/re-addition steps
and starting connectivity check. It seemed to be possible to get to the
connectivity test in some cases before the mesh STA had rejoined the
mesh and completed key configuration.
Export a new 'owe' capability to indicate that wpa_supplicant was
built with OWE support and accepts 'key_mgmt=OWE'. Also, support 'owe'
in the array of BSS' available key managements.
Davide Caratti [Wed, 2 Oct 2019 12:08:41 +0000 (14:08 +0200)]
D-Bus: Fix P2P NULL dereference after interface removal
When the P2P management interface is deleted, P2P is then disabled and
global->p2p_init_wpa_s is set to NULL. After that, other interfaces can
still trigger P2P functions (like wpas_p2p_find()) using D-Bus. This
makes wpa_supplicant terminate with SIGSEGV, because it dereferences a
NULL pointer. Fix this by adding proper checks, like it's done with
wpa_cli.
CC: Beniamino Galvani <bgalvani@redhat.com> CC: Benjamin Berg <benjamin@sipsolutions.net> Reported-by: Vladimir Benes <vbenes@redhat.com> Signed-off-by: Davide Caratti <davide.caratti@gmail.com>
Mikael Kanstrup [Tue, 1 Oct 2019 14:19:29 +0000 (16:19 +0200)]
nl80211: Indicate SUITE_B_192 capa only when CCMP-256/GCMP-256 supported
SUITE_B_192 AKM capability was indicated for all devices using the
nl80211 driver (without the QCA vendor specific AKM capability
indication). However, some devices can't handle Suite B 192 due to
insufficient ciphers supported. Add a check for CCMP-256 or GCMP-256
cipher support and only indicate SUITE_B_192 capability when such cipher
is supported. This allows compiling with CONFIG_SUITEB192 and still get
proper response to the 'GET_CAPABILITY key_mgmt' command. Under Android
it can also serve as a dynamic way for HAL to query platform for
WPA3-Enterprise 192-bit support.
Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
Jouni Malinen [Sun, 27 Oct 2019 12:35:04 +0000 (14:35 +0200)]
SAE: Ignore commit message when waiting for confirm in STA mode
Previously, an unexpected SAE commit message resulted in forcing
disconnection. While that allowed recovery by starting from scratch,
this is not really necessary. Ignore such unexpected SAE commit message
instead and allow SAE confirm message to be processed after this. This
is somewhat more robust way of handling the cases where SAE commit
message might be retransmitted either in STA->AP or AP->STA direction.
Jouni Malinen [Sun, 27 Oct 2019 10:54:40 +0000 (12:54 +0200)]
Do not indicate possible PSK failure when using SAE
wpa_key_mgmt_wpa_psk() includes SAE AKMs. However, with SAE, there is no
way of reaching 4-way handshake without the password having already been
verified as part of SAE authentication. As such, a failure to complete
4-way handshake with SAE cannot indicate that the used password was
incorrect.
Yu Wang [Tue, 15 Oct 2019 09:10:07 +0000 (17:10 +0800)]
Add QCA vendor cmd for setting BT coex chain mode
To config BT coex chain mode, add a new QCA sub command
QCA_NL80211_VENDOR_SUBCMD_BTC_CHAIN_MODE.
This new command has two attributes:
1. QCA_VENDOR_ATTR_COEX_BTC_CHAIN_MODE: u32 attribute. Indicates the
BT coex chain mode, are 32-bit values from enum qca_btc_chain_mode.
2. QCA_VENDOR_ATTR_COEX_BTC_CHAIN_MODE_RESTART: flag attribute.
If set, vdev should be restarted once BT coex chain mode is updated.
Extend QCA OEM data vendor subcmd to allow use as an event
The QCA_NL80211_VENDOR_SUBCMD_OEM_DATA command was previously defined
only to pass data blobs from user space to kernel (application to
firmware) but there was no mechanism to send the data blobs from
firmware to application. Extend this to define use of the same
subcommand and attributes as vendor events.
Jouni Malinen [Fri, 25 Oct 2019 12:54:11 +0000 (15:54 +0300)]
SAE: Determine H2E vs. looping when restarting SAE auth in AP mode
If hostapd had existing STA SAE state, e.g., from a previously completed
SAE authentication, a new start of a separate SAE authentication (i.e.,
receiving of a new SAE commit) ended up using some of the previous
state. This is problematic for determining whether to H2E vs. looping
since the STA is allowed (even if not really expected to) to change
between these two alternatives. This could result in trying to use H2E
when STA was using looping to derive PWE and that would result in SAE
confirm failing.
Fix this by determining whether to use H2E or looping for the restarted
authentication based on the Status Code in the new SAE commit message
instead of previously cached state information.
Jouni Malinen [Fri, 25 Oct 2019 11:34:44 +0000 (14:34 +0300)]
crypto: Remove unused crypto_bignum_sqrtmod()
This wrapper function is not used anymore, so drop it instead of trying
to figure out good way of implementing it in constant time with various
crypto libraries.
Jouni Malinen [Fri, 25 Oct 2019 11:32:05 +0000 (14:32 +0300)]
SAE: Drop sqrt() alternative from SSWU (H2E)
Remove support for performing full sqrt(), i.e., only support curves
that use prime with p = 3 mod 4. In practice, this drops only group 26
with SAE H2E. This seems acceptable since there does not seem to be any
strong use case for that group taken into account the limits being
placed on acceptable prime lengths.
When using void pointers in calculations, the behavior is undefined.
Arithmetic operations on 'void *' is a GNU C extension,
which defines the 'sizeof(void)' to be 1.
This change improves portability of the code.
Signed-off-by: Jesus Fernandez Manzano <jesus.manzano@galgus.net>
Jouni Malinen [Mon, 21 Oct 2019 15:11:30 +0000 (18:11 +0300)]
Fix AP Extended Capability length determination
The IE minimum length determination in hostapd_eid_ext_capab() was not
fully up to date with the hostapd_ext_capab_byte() conditions. This
could result in omitting some of the capability octets depending on
configuration. Fix this by adding the missing conditions.
Jimmy Chen [Thu, 17 Oct 2019 13:36:50 +0000 (21:36 +0800)]
P2P: Continue listening next request if no post-PD operations
If there are no post-provision discovery operations, we should continue
in find mode to avoid getting the p2p_find operation stopped (stuck in
SEARCH state) unexpectedly.
Signed-off-by: Jimmy Chen <jimmycmchen@google.com>
Jouni Malinen [Fri, 18 Oct 2019 21:45:57 +0000 (00:45 +0300)]
tests: Make ap_ft_ap_oom4 more robust against compiler optimizations
It looks like the wpa_auth_get_seqnum() function might not always be
visible in the backtrace since the compiler may optimize that wrapper
away. Use the i802_get_seqnum() function instead as a trigger for the
get_seqnum operation failure trigger to avoid this.
Jouni Malinen [Fri, 18 Oct 2019 10:02:27 +0000 (13:02 +0300)]
Merge wpa_supplicant and hostapd EAPOL-Key KDE parsers
Use a single struct definition and a single shared implementation for
parsing EAPOL-Key KDEs and IEs instead of maintaining more or less
identical functionality separately for wpa_supplicant and hostapd.
Jouni Malinen [Thu, 17 Oct 2019 21:17:51 +0000 (00:17 +0300)]
RSN: Verify RSNXE match between (Re)AssocReq and EAPOL-Key msg 2/4
If the STA advertises RSN Extension element, it has to be advertised
consistently in the unprotected ((Re)Association Request) and protected
(EAPOL-Key msg 2/4) frames. Verify that this is the case.
Jouni Malinen [Thu, 17 Oct 2019 13:54:05 +0000 (16:54 +0300)]
SAE: Add RSNXE in Association Request and EAPOL-Key msg 2/4
Add the new RSNXE into (Re)Association Request frames and EAPOL-Key msg
2/4 when using SAE with hash-to-element mechanism enabled. This allows
the AP to verify that there was no downgrade attack when both PWE
derivation mechanisms are enabled.
Add a QCA vendor subcommand QCA_NL80211_VENDOR_SUBCMD_ADD_STA_NODE with
attributes qca_wlan_vendor_attr_add_sta_node_params to add STA peer
entries in AP mode. This vendor sub command is used in FT roaming
scenario to send STA node information from application/service to
driver/firmware. The attributes defined in enum
qca_wlan_vendor_attr_add_sta_node_params are used to deliver the
parameters.
Subrat Dash [Thu, 3 Oct 2019 16:12:46 +0000 (21:42 +0530)]
Add a new QCA vendor attribute to carry device info for OEM data
The OEM data binary blobs from application/service will be routed to the
appropriate device based on this attribute value. This optional
attribute is used to specify whether the device type is virtual or
physical. This attribute can be omitted when the command is for a
virtual device.
QCA vendor attributes to indicate BW-based agile spectral capability
Some chipsets don't have the capability to run agile spectral scan with
160/80+80 MHz modes. Add separate agile spectral scanning capability
flags for 160, 80+80, and non-160 MHz modes to cover such cases.
nl80211: Allow external auth based on SAE/FT-SAE key mgmt
In the SME-in-driver case, wpa_supplicant used only the selected SAE
auth_alg value as the trigger for enabling external authentication
support for SAE. This prevented the driver from falling back to full SAE
authentication if PMKSA caching was attempted (Open auth_alg selected)
and the cached PMKID had been dropped.
Enable external auth based on SAE/FT-SAE key_mgmt, rather than doing
this based on SAE auth_alg, so that the driver can go through full SAE
authentication in cases where PMKSA caching is attempted and it fails.
Add support for new hardware mode for 6 GHz band. 6 GHz operation is
defined in IEEE P802.11ax/D4.3. 6 GHz band adds global operating classes
131-135 that define channels in frequency range from 5940 MHz to 7105
MHz.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
- Remove HOSTAPD_MODE_IEEE80211AX mode
- Replace check for HOSTAPD_MODE_IEEE80211AX with is_6ghz_freq()
- Move center_idx_to_bw_6ghz() to ieee802_11_common.c file
Add hostapd config option "op_class" for fixed channel selection along
with existing "channel" option. "op_class" and "channel" config options
together can specify channels across 2.4 GHz, 5 GHz, and 6 GHz bands
uniquely.
Jouni Malinen [Wed, 9 Oct 2019 15:49:42 +0000 (18:49 +0300)]
wpa_supplicant: Pass in operating class for channel validity checks
This is needed to allow the 6 GHz operating classes to be compared
against the driver support channels since the channel numbers are not
really unique identifiers of a channel even within a single band.
Verify behavior with sae_pwe configuration values 0..2, i.e., test the
new hash-to-element mechanism for deriving PWE and negotiation for which
method to use.