Jouni Malinen [Tue, 9 Dec 2014 21:41:09 +0000 (23:41 +0200)]
Add tls_session_reused=<0/1> into EAP peer TLS status
This can be used to determine whether the last TLS-based EAP
authentication instance re-used a previous session (e.g., TLS session
resumption or EAP-FAST session ticket).
Chet Lanctot [Sat, 6 Dec 2014 00:48:23 +0000 (16:48 -0800)]
nl80211: Add QCA vendor specific query of device/driver features
This commit introduces a QCA vendor command that allows interrogation of
the vendor-specific features supported by the device/driver. Currently
the only defined feature is the ability to offload key management.
Jouni Malinen [Tue, 9 Dec 2014 13:57:03 +0000 (15:57 +0200)]
OpenSSL: Fix EAP-FAST peer regression
Commit 35efa2479ff19c3f13e69dc50d2708ce79a99beb ('OpenSSL: Allow TLS
v1.1 and v1.2 to be negotiated by default') changed from using
TLSv1_method() to SSLv23_method() to allow negotiation of TLS v1.0,
v1.1, and v1.2.
Unfortunately, it looks like EAP-FAST does not work with this due to
OpenSSL not allowing ClientHello extensions to be configured with
SSL_set_session_ticket_ext() when SSLv23_method() is used. Work around
this regression by initiating a separate SSL_CTX instance for EAP-FAST
phase 1 needs with TLSv1_method() while leaving all other EAP cases
using TLS to work with the new default that allows v1.1 and v1.2 to be
negotiated. This is not ideal and will hopefully get fixed in the future
with a new OpenSSL method, but until that time, this can be used allow
other methods use newer TLS versions while still allowing EAP-FAST to be
used even if it remains to be constraint to TLS v1.0 only.
Jouni Malinen [Tue, 9 Dec 2014 11:19:22 +0000 (13:19 +0200)]
Fix OpenSSL 0.9.8za patch for EAP-FAST support
OpenSSL 0.9.8za added a fix for CVE-2014-0224 and the original fix broke
EAP-FAST support due to forgotten SSL3_FLAGS_CCS_OK marking for
tls_session_secret_cb. Fix for this regression was added into OpenSSL
1.x and newer. The same fix is needed in this backport patch for
0.9.8za.
Jouni Malinen [Tue, 9 Dec 2014 10:05:03 +0000 (12:05 +0200)]
OpenSSL: Remove support for the old EAP-FAST interface
Commit f5fa824e9a86940835e30a5a0b1fd3d8a7c4c640 ('Update OpenSSL 0.9.8
patch for EAP-FAST support') changed the OpenSSL 0.9.8 patch to support
the new API that was introduced in OpenSSL 1.0.0 for EAP-FAST. As such,
there should be no valid users of the old API anymore and tls_openssl.c
can be cleaned up to use only the new API.
Xiaofei Shen [Tue, 9 Dec 2014 14:20:31 +0000 (16:20 +0200)]
MACsec: Update protect frames and replay on reauthentication
Some cases like ifconfig down/up may require MACsec restart. To make
sure the appropriate protect frames and replay parameters get configured
in cases where the interface was down, set these parameters from KaY
configuration to the driver before creating a new transmit SC. This
allows MACsec functionality to recover automatically on such restart.
Jouni Malinen [Mon, 8 Dec 2014 23:56:57 +0000 (01:56 +0200)]
tests: Invitation Request retry and duplicated response
This verifies that the corner case of a duplicated, retransmitted
Invitation Response frame ends up being dropped instead of being
processed twice for the case of Invitation Request getting resend with
social channel as an operating channel in case of no common channels
found.
Sunil Dutt [Mon, 8 Dec 2014 09:41:16 +0000 (15:11 +0530)]
P2P: Check Invitation Response dialog token match for resend case
Commit ac330cfd87397a1a01e697984f3944f427e88dad ('P2P: Reinvite with
social operation channel if no common channels') introduced a mechamisn
to reinvite a peer during a persistent group reinvocation from a GO with
a different operating channel proposal. This mechanism can fail if the
inviting device (GO) ends up getting a retransmitted, duplicated
Invitation Response frame processed second time while waiting for the
response to the retried Invitation Request (using one of the social
channels as the operating channel). IEEE 802.11 duplicate frame
detection mechanisms are supposed to prevent this type of sequence, but
not all drivers support those rules properly for pre-association frames,
including P2P Public Action frames.
Work around this issue by checking that the dialog token in the
Invitation Response frame matches the one from the last Invitation
Request if the special invitation retry mechanism is used. This is safer
to do now than to enable dialog token matching for all invitation cases.
Jouni Malinen [Mon, 8 Dec 2014 14:22:13 +0000 (16:22 +0200)]
Clear wpa_s->disconnected on ctrl_iface FLUSH
This is needed to get into more consistent state after the FLUSH
command. DISCONNECT followed by FLUSH could result in
wpa_s->disconnected being left to 1 and this resulted in a test failure,
e.g., when running wpas_ctrl_dup_network followed by
wpas_ctrl_enable_disable_network where the latter was expecting
ENABLE_NETWORK on a disabled network to connect automatically and that
does not happen if wpa_s->disconnected == 1.
Jouni Malinen [Mon, 8 Dec 2014 14:10:46 +0000 (16:10 +0200)]
nl80211: Try to unmask 11b rates again on next connection request
It is possible for unmasking of 11b rates to fail if a P2P group is
terminated while the netdev is down (e.g., due to rfkill block). This
could result in the 11b TX rates being left masked for non-P2P
operations. This would be particularly unfortunate for channel 14 use
since OFDM rates are not allowed on channel 14 and only OFDM rates were
configured P2P. This issue showed up, e.g., when running hwsim test case
rfkill_autogo followed by ap_wps_conf_chan14.
It may be possible to allow the failed operation in cfg80211/mac80211,
but it looks better to work around this on wpa_supplicant side as well.
Try to unmask the 11b rates again on the next connection request if the
rate unmasking operation had failed.
Jouni Malinen [Mon, 8 Dec 2014 09:22:52 +0000 (11:22 +0200)]
Check os_snprintf() result more consistently - automatic 3
This converts os_snprintf() result validation cases to use
os_snprintf_error() where the comparison was 'res > size' instead of
'res >= size - 1'. These changes were done automatically with spatch
using the following semantic patch:
Jouni Malinen [Mon, 8 Dec 2014 09:18:39 +0000 (11:18 +0200)]
Check os_snprintf() result more consistently - automatic 2
This converts os_snprintf() result validation cases to use
os_snprintf_error() where the comparison was 'res > size' instead of
'res >= size'. These changes were done automatically with spatch using
the following semantic patch:
Jouni Malinen [Mon, 8 Dec 2014 09:15:51 +0000 (11:15 +0200)]
Check os_snprintf() result more consistently - automatic 1
This converts os_snprintf() result validation cases to use
os_snprintf_error() where the exact rule used in os_snprintf_error() was
used. These changes were done automatically with spatch using the
following semantic patch:
Jouni Malinen [Sun, 7 Dec 2014 10:15:34 +0000 (12:15 +0200)]
Check os_snprintf() result more consistently - success case
This converts os_snprintf() result validation cases to use
os_snprintf_error() in cases where success condition was used to execute
a step. These changes were done automatically with spatch using the
following semantic patch:
Jouni Malinen [Sun, 7 Dec 2014 10:11:13 +0000 (12:11 +0200)]
Check os_snprintf() result more consistently - maximum length
This adds verification of os_snprintf() result against the maximum
buffer length. These changes were done automatically with spatch
using the following semantic patch:
Jouni Malinen [Sun, 7 Dec 2014 23:37:39 +0000 (01:37 +0200)]
tests: Optimize WPS tests by avoiding full scan
A single channel scan just before WPS_REG, WPS_PBC, and WPS_PIN commands
can be used to avoid having to run a full scan. This saves significant
amount of time in the WPS test cases.
Jouni Malinen [Sun, 7 Dec 2014 23:25:26 +0000 (01:25 +0200)]
WPS: Start EAPOL immediately even without WPA on WPS association
Previously, the immediate EAPOL authenticator startup was scheduled
without having received EAPOL-Start only for the case where WPA/WPA2 was
enabled. This can be extended to speed up non-WPA/WPA2 cases as well if
the STA includes WPS IE in Association Request frame.
Jouni Malinen [Sun, 7 Dec 2014 21:27:45 +0000 (23:27 +0200)]
tests: Additional coverage for SCAN_RESULTS and BSS entry flags
This increases wpa_supplicant_ie_txt(), print_bss_info(), and
wpa_supplicant_ctrl_iface_scan_result() testing coverage to include the
previously missing key management options.
Jouni Malinen [Sun, 7 Dec 2014 20:02:57 +0000 (22:02 +0200)]
base64: Try to avoid static analyzer warning (part 2)
Shift right on unsigned char limits the value to 0..63 which is within
bounds for base64_table[]. Anyway, some static analyzers do not seem to
understand that. See if an otherwise unnecessary masking gets rid of
false warnings. (CID 62858)
Jouni Malinen [Sun, 7 Dec 2014 13:31:38 +0000 (15:31 +0200)]
tests: Remove test names from VM command with parallel-vm.py
There is no need to pass the test case names to the VMs when using
parallel-vm.py. Removing those from the command line helps in avoiding
kernel panic if maximum number of kernel parameters limit is hit.
Jouni Malinen [Sat, 6 Dec 2014 17:03:52 +0000 (19:03 +0200)]
base64: Try to avoid static analyzer warning
Shift right on unsigned char limits the value to 0..63 which is within
bounds for base64_table[]. Anyway, some static analyzers do not seem to
understand that. See if an otherwise unnecessary masking gets rid of
false warnings. (CID 62858)
Jouni Malinen [Sat, 6 Dec 2014 16:51:23 +0000 (18:51 +0200)]
Interworking: Make bounds checking easier for static analyzers
'num * 5 > end - pos' handles bounds checking a bit more efficiently,
but apparently that is not clear enough for all static analyzers.
Replace with 'num > left / 5' to avoid false reports. (CID 68117)
Jouni Malinen [Sat, 6 Dec 2014 16:34:23 +0000 (18:34 +0200)]
TLS: Reorder length bounds checking to avoid static analyzer warning
For some reason, "pos + len > end" is not clear enough, but "len > end -
pos" is recognized. Use that to get rid of a false positive from a
static analyzer (CID 72697).
Jouni Malinen [Sat, 6 Dec 2014 16:28:00 +0000 (18:28 +0200)]
EAP-SIM DB: Make recv() null termination easier for static analyzers
For some reason, the previous version was not understood to be null
terminating the buffer from recv(). It was doing this fine, though. Try
to use a bit more simpler design in hopes of getting static analyzers to
understand this. (CID 72702)
Jouni Malinen [Sat, 6 Dec 2014 16:13:29 +0000 (18:13 +0200)]
Replace send_ft_action() driver_op with send_action()
This reduced number of unnecessarily duplicated driver interface
callback functions for sending Action frames by using the more generic
send_action() instead of FT specific send_ft_action().
Jouni Malinen [Sat, 6 Dec 2014 14:47:12 +0000 (16:47 +0200)]
nl80211: Clean up nl80211_scan_common() to use nl80211_cmd_msg()
This helper function had not used the nl80211_set_iface_id() helper, but
there is no reason why it couldn't re-use the same helper as other
places using nl80211_cmd_msg().
Jouni Malinen [Sat, 6 Dec 2014 11:04:29 +0000 (13:04 +0200)]
nl80211: Use the new nl80211_cmd_msg() helper
This removes duplicated code for building nl80211 commands for a BSS.
This commit handles the functions that were already using
nl80211_set_iface_id().
Jouni Malinen [Fri, 5 Dec 2014 18:33:08 +0000 (20:33 +0200)]
nl80211: Continue getting rid of NLA_PUT* macro use
This gets rid of more NLA_PUT* macro uses in nl80211 to reduce the
number of functions that depend on the hidden behavior of jumping to the
nla_put_failure label.
Jouni Malinen [Fri, 5 Dec 2014 17:24:38 +0000 (19:24 +0200)]
nl80211: Get rid of NLA_PUT* macro use in capability checking
This gets rid of NLA_PUT* macro use in checking nl80211 capabilities to
reduce the number of functions that depend on the hidden behavior of
jumping to the nla_put_failure label.
Jouni Malinen [Fri, 5 Dec 2014 21:05:11 +0000 (23:05 +0200)]
Make GTK length validation easier to analyze
Bounds checking for gd->gtk_len in wpa_supplicant_check_group_cipher()
was apparently too complex for some static analyzers. Use a local
variable and a more explicit validation step to avoid false report.
(CID 62864)
Jouni Malinen [Fri, 5 Dec 2014 20:59:20 +0000 (22:59 +0200)]
FT: Make aes_wrap() call easier to analyze
Using aes_wrap() to initialize a data structure seemed to be too much
for some static analyzers to understand. Make it obvious that the target
is not just the single struct member. (CID 68111)
Jouni Malinen [Fri, 5 Dec 2014 20:52:06 +0000 (22:52 +0200)]
FT: Make aes_unwrap() calls easier to analyze
Using aes_unwrap() to initialize a data structure seemed to be too much
for some static analyzers to understand. Make it obvious that the target
is initialized and that the target is not just the single struct member.
In addition, clean up the design to avoid removal of const with a
typecast. (CID 68112, CID 68134, CID 68135, CID 68136)
Jouni Malinen [Fri, 5 Dec 2014 20:34:27 +0000 (22:34 +0200)]
P2P: Split p2p_channels_union() into two functions
The separate p2p_channels_union_inplace() makes the function easier for
static analyzers to see that the result buffer is always initialized.
(CID 74494)
Jouni Malinen [Fri, 5 Dec 2014 15:12:30 +0000 (17:12 +0200)]
tests: Optimize FT test cases
Use single channel scan instead of full scan to save time. In addition,
use EAP-GPSK which takes significantly less CPU that EAP-EKE with
default parameters.
Jouni Malinen [Fri, 5 Dec 2014 13:22:33 +0000 (15:22 +0200)]
WFD: Allow WFD_SUBELEM_SET/GET all to be used with full IE buffer
This extends the previously used WFD_SUBELEM_SET/GET <subelem id> design
to allow special "all" value to be used as an id to indicate that all
WFD subelements are to be set/get. This uses similar interface as was
previously added over D-Bus.
Jouni Malinen [Fri, 5 Dec 2014 11:08:29 +0000 (13:08 +0200)]
WMM-AC: Use DEBUG verbosity for ignoring Action frame messages
There is no point in flooding the log with WARNING or ERROR level
messages if WMM-AC related Action frames are ignored in cases where they
were not expected. In addition, WARNING/ERROR should not really be used
in cases an invalid frame is dropped especially if this is not related
to a security setup since external devices could otherwise generate log
entries.
Jouni Malinen [Thu, 4 Dec 2014 23:08:40 +0000 (01:08 +0200)]
hostapd: Fix HT40 determination for ACS offload
Commit 16689c7cfc99c66aecbf16eb2f4a8bc941cb5d0f ('hostapd: Allow ACS to
be offloaded to the driver') used incorrect operator to determine
whether HT40 was configured. Fix that to mask the ht_capab bit
correctly. (CID 77286)
Jouni Malinen [Thu, 4 Dec 2014 22:56:05 +0000 (00:56 +0200)]
HS 2.0: Clarify OSU Provider list length validation
The previous version was somewhat too complex for some static analyzers.
Use local variables for the extracted length fields and explicitly
compare these against the remaining buffer length. (CID 68121)
Jouni Malinen [Thu, 4 Dec 2014 22:33:31 +0000 (00:33 +0200)]
ERP: Avoid a static analyzer warning on uninitialized emsk_len
This was not really a real issue since bin_clear_free() would not use
the emsk_len argument when emsk is NULL as it would be on the path where
emsk_len has not been initilized. Anyway, it is better to get rid of the
warning.
Jouni Malinen [Sat, 29 Nov 2014 21:14:40 +0000 (23:14 +0200)]
ERP: Add support for ERP on EAP peer
Derive rRK and rIK on EAP peer if ERP is enabled. The new wpa_supplicant
network configuration parameter erp=1 can now be used to configure the
EAP peer to derive EMSK, rRK, and rIK at the successful completion of an
EAP authentication method. This functionality is not included in the
default build and can be enabled with CONFIG_ERP=y.
If EAP authenticator indicates support for re-authentication protocol,
initiate this with EAP-Initiate/Re-auth and complete protocol when
receiving EAP-Finish/Re-auth.
Jouni Malinen [Sat, 29 Nov 2014 19:28:24 +0000 (21:28 +0200)]
ERP: Add support for ERP on EAP server and authenticator
Derive rRK and rIK on EAP server if ERP is enabled and use these keys to
allow EAP re-authentication to be used and to derive rMSK.
The new hostapd configuration parameter eap_server_erp=1 can now be used
to configure the integrated EAP server to derive EMSK, rRK, and rIK at
the successful completion of an EAP authentication method. This
functionality is not included in the default build and can be enabled
with CONFIG_ERP=y.
projects / thirdparty / hostap.git / log
