Jouni Malinen [Sat, 21 Mar 2020 13:57:37 +0000 (15:57 +0200)]
Ignore duplicated SSID element when parsing
Some APs have managed to add two SSID elements into Beacon frames and
that used to result in picking the last one which had incorrect data in
the known examples of this misbehavior. Pick the first one to get the
correct SSID.
Jouni Malinen [Sat, 21 Mar 2020 10:57:37 +0000 (12:57 +0200)]
Check against integer overflow in int_array functions
int_array_concat() and int_array_add_unique() could potentially end up
overflowing the int type variable used to calculate their length. While
this is mostly theoretical for platforms that use 32-bit int, there
might be cases where a 16-bit int overflow could be hit. This could
result in accessing memory outside buffer bounds and potentially a
double free when realloc() ends up freeing the buffer.
All current uses of int_array_add_unique() and most uses of
int_array_concat() are currently limited by the buffer limits for the
local configuration parameter or frame length and as such, cannot hit
this overflow cases. The only case where a long enough int_array could
be generated is the combination of scan_freq values for a scan. The
memory and CPU resource needs for generating an int_array with 2^31
entries would not be realistic to hit in practice, but a device using
LP32 data model with 16-bit int could hit this case.
It is better to have more robust checks even if this could not be
reached in practice, so handle cases where more than INT_MAX entries
would be added to an int_array as memory allocation failures instead of
allowing the overflow case to proceed.
Jouni Malinen [Fri, 20 Mar 2020 22:23:01 +0000 (00:23 +0200)]
Allow RSNXE to be removed from Beacon frames for testing purposes
The new hostapd configuration parameter no_beacon_rsnxe=1 can be used to
remove RSNXE from Beacon frames. This can be used to test protection
mechanisms for downgrade attacks.
Jouni Malinen [Fri, 20 Mar 2020 19:56:44 +0000 (21:56 +0200)]
FT: Omit RSNXE from FT protocol Reassociation Response when needed
The previous design for adding RSNXE into FT was not backwards
compatible. Move to a new design based on 20/332r3 to avoid that issue
by not include RSNXE in the FT protocol Reassociation Response frame so
that a STA not supporting RSNXE can still validate the FTE MIC
correctly.
Jouni Malinen [Fri, 20 Mar 2020 19:45:22 +0000 (21:45 +0200)]
FT: Omit RSNXE from FT protocol Reassociation Request when needed
The previous design for adding RSNXE into FT was not backwards
compatible. Move to a new design based on 20/332r3 to avoid that issue
by not include RSNXE in the FT protocol Reassociation Request frame so
that an AP not supporting RSNXE can still validate the FTE MIC
correctly.
Jouni Malinen [Fri, 20 Mar 2020 19:38:22 +0000 (21:38 +0200)]
FT: Verify that RSNXE is used consistently in Reassociation Response
Verify that the AP included RSNXE in Beacon/Probe Response frames if it
indicated in FTE that RSNXE is used. This is needed to protect against
downgrade attacks based on the design proposed in 20/332r3.
Jouni Malinen [Fri, 20 Mar 2020 19:33:02 +0000 (21:33 +0200)]
FT: Verify that RSNXE is used consistently in Reassociation Request
Verify that the STA includes RSNXE if it indicated in FTE that RSNXE is
used and the AP is also using RSNXE. This is needed to protect against
downgrade attacks based on the design proposed in 20/332r3.
Jouni Malinen [Fri, 20 Mar 2020 19:23:48 +0000 (21:23 +0200)]
FT: Set the new RSNXE Used subfield in FT reassociation
This is a workaround needed to keep FT protocol backwards compatible for
the cases where either the AP or the STA uses RSNXE, but the other one
does not. This commit adds setting of the new field to 1 in
Reassociation Request/Response frame during FT protocol when the STA/AP
uses RSNXE in other frames. This mechanism is described in 20/332r3.
Jouni Malinen [Sun, 15 Mar 2020 21:24:18 +0000 (23:24 +0200)]
Remove unnecessary and confusing length check from the PMKID KDE case
wpa_parse_kde_ies(), i.e., the only caller to wpa_parse_generic(),
verifies that there is room for KDE Length field and pos[1] (that
length) octets of payload in the Key Data buffer. The PMKID KDE case
within wpa_parse_generic() was doing an unnecessary separate check for
there being room for the Length, OUI, and Data Type fields. This is
covered by the check in the calling function with the combination of
verifying that pos[1] is large enough to contain RSN_SELECTOR_LEN +
PMKID_LEN octets of payload.
This is confusing since no other KDE case was checking remaining full
buffer room within wpa_parse_generic(). Clean this up by removing the
unnecessary check from the PMKID KDE case so that all KDEs are handled
consistently.
Alexander Wetzel [Sun, 15 Mar 2020 19:04:19 +0000 (20:04 +0100)]
Add KEY_FLAG_MODIFY for Extended Key ID support
KEY_FLAG_MODIFY was initial added for the planned Extended Key ID
support with commit a919a260352a ("Introduce and add key_flag") and then
removed with commit 82eaa3e6882f ("Remove the not yet needed
KEY_FLAG_MODIFY") to simplify commit e9e69221c1d1 ("Validity checking
function for key_flag API").
Add it again and update check_key_flag() accordingly.
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
Jouni Malinen [Sun, 15 Mar 2020 19:18:16 +0000 (21:18 +0200)]
Indicate scan completion in active AP mode even when ignoring results
This is needed to avoid leaving external components (through control
interface or D-Bus) timing out while waiting for the scan completion
events. This was already taken care of for the scan-only case
("TYPE=only"), but the scan-and-allow-roaming case did not report the
scan completion event when operating in AP mode.
Jouni Malinen [Sun, 15 Mar 2020 15:07:52 +0000 (17:07 +0200)]
tests: Check more details in pmksa_cache_ap_expiration
It looks like this test case can fail if the STA goes to power save mode
and the Deauthentication frame from the AP after session timeout is not
actually sent at all. Check more details to make it clear that this is
indeed the reason behind the failure.
Jouni Malinen [Sun, 15 Mar 2020 15:06:35 +0000 (17:06 +0200)]
nl80211: Add more TX status details in debug log in AP mode
The actual TX status (whether ACK frame was received) was not included
in the debug log in AP mode. Add that for all cases. In addition, add
some more details in the debug log to make the log more helpful in
debugging issues related to frame delivery.
Jouni Malinen [Sun, 15 Mar 2020 09:11:38 +0000 (11:11 +0200)]
Allow RSNE in EAPOL-Key msg 2/4 to be overridden for testing purposes
The new wpa_supplicant control interface parameter rsne_override_eapol
can be used similarly to the earlier rsnxe_override_eapol to override
the RSNE value added into EAPOL-Key msg 2/4.
Jouni Malinen [Sat, 14 Mar 2020 21:57:39 +0000 (23:57 +0200)]
FT: Check RSNE/RSNXE match in FT protocol Reassociation Response frame
While 13.7.1 (FT reassociation in an RSN) in P802.11-REVmd/D3.0 did not
explicitly require this to be done, this is implied when describing the
contents of the fourth message in the FT authentication sequence (see
13.8.5). Furthermore, 20/332r2 is proposing an explicit validation step
to be added into 13.7.1.
Jouni Malinen [Sat, 14 Mar 2020 16:20:31 +0000 (18:20 +0200)]
wlantest: Do not report PMF failure without BSS supporting PMF
Previously, missing CCMP protection on Robust Management frames was
reported based on the STA having indicated MFPC=1. That is not accurate
since the AP/BSS may have MFPC=0. Report this failure only if both the
AP and STA have indicated MFPC=1, i.e., when PMF has been negotiated for
the association.
Multi-AP: Set 4-address mode after network selection
Split multi_ap_process_assoc_resp() to set 4-address mode after network
selection. Previously, wpa_s->current_ssid might have been NULL in some
cases and that would have resulted in 4-address mode not getting enabled
properly.
Ananya Barat [Tue, 10 Mar 2020 06:37:33 +0000 (12:07 +0530)]
Fill the current opclass in (Re)AssocRequest depending on HT/VHT IEs
The previous implementation was assuming a fixed 20 MHz channel
bandwidth when determining which operating class value to indicate as
the Current Operating Class in the Supported Operating Classes element.
This is not accurate for many HT/VHT cases.
Fix this by determining the current operating class (i.e., the operating
class used for the requested association) based on the HT/VHT operation
elements from scan results.
AP: Fix regression in frequency check for a usable EDMG channel
Commit 5f9b4afd ("Use frequency in HT/VHT validation steps done before
starting AP") modified hostapd_is_usable_edmg() to use freq instead of
channel numbers. Unfortunately, it did not convert the frequency
calculation correctly and this broke EDMG functionality.
Fix the frequency calculation so that EDMG channel 9 works again.
Fixes: 5f9b4afdfaf5 ("Use frequency in HT/VHT validation steps done before starting AP") Signed-off-by: Hrishikesh Vidwans <hvidwans@codeaurora.org>
Arturo Buzarra [Mon, 9 Mar 2020 17:18:16 +0000 (18:18 +0100)]
mesh: Fix CONFIG_HT_OVERRIDES build without CONFIG_VHT_OVERRIDES
Commit e5a9b1e8a3 ("mesh: Implement use of VHT20 config in mesh mode")
introduced the possibility to check the disable_vht param. However, this
entry is only available when CONFIG_VHT_OVERRIDES is enabled and as
such, this broke the build for some cases.
Fix this by encapsulating VHT property with the proper CONFIG entry.
Fixes: e5a9b1e8a3a5 ("mesh: Implement use of VHT20 config in mesh mode") Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
Jouni Malinen [Tue, 10 Mar 2020 18:48:15 +0000 (20:48 +0200)]
WPS: Do not set auth_alg=OPEN for PSK+SAE case
When wps_cred_add_sae=1 is used, WPS_AUTH_WPA2PSK credential gets
converted to enabling both PSK and SAE AKMs. However, this case was
still hardcoded auth_alg=OPEN which is not really correct for SAE. While
the SME-in-wpa_supplicant case can handle that, the SME-in-driver case
might not. Remove the unnecessary auth_alg=OPEN configuration to get the
normal PSK+SAE configuration enabled for the network profile.
Janusz Dziedzic [Sun, 8 Mar 2020 13:27:04 +0000 (14:27 +0100)]
tests: Set device_name for WPS test cases
Set device_name in the test cases instead of relying on the
wpa_supplicant configuration file. This fixes problems when we run WPS
test cases in remote test environment.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
Jouni Malinen [Sun, 8 Mar 2020 14:59:42 +0000 (16:59 +0200)]
SAE: Expose sae_write_commit() error cases to callers
Check whether an error is reported from any of the functions that could
in theory fail and if so, do not proceed with the partially filled SAE
commit buffer.
Jouni Malinen [Sun, 8 Mar 2020 14:51:30 +0000 (16:51 +0200)]
SAE: Check hmac_sha256() result in sae_token_hash()
In theory, hmac_sha256() might fail, so check for that possibility
instead of continuing with undetermined index value that could point to
an arbitrary token entry.
Jouni Malinen [Sun, 8 Mar 2020 14:48:00 +0000 (16:48 +0200)]
nl80211: Fix error print for hapd_send_eapol()
The return value from nl80211_send_monitor() is not suitable for use
with strerror(). Furthermore, nl80211_send_monitor() itself is printing
out a more detailed error reason.
Jouni Malinen [Sun, 8 Mar 2020 14:32:47 +0000 (16:32 +0200)]
SAE: Check sta pointer more consistently in testing code
send_auth_reply() could be called with sta == NULL in certain error
conditions. While that is not applicable for this special test
functionality for SAE, the inconsistent checks for the sta pointer could
result in warnings from static analyzers. Address this by explicitly
checking the sta pointer here.
Jouni Malinen [Sun, 8 Mar 2020 14:28:03 +0000 (16:28 +0200)]
Clean up hostapd_get_he_twt_responder() processing
mode->he_capab is an array and as such, there is no point in checking
whether it is NULL since that cannot be the case. Check for the
he_supported flag instead. In addition, convert the TWT responder
capability bit into a fixed value 1 to avoid any surprising to the
callers. In practice, neither of these changes results in different
behavior in the current implementation, but this is more robust.
Jouni Malinen [Sun, 8 Mar 2020 14:18:22 +0000 (16:18 +0200)]
DPP: Fix connectorTemplate addition
There was a copy-paste error in this code that would be adding the
connectorTemplate once that becomes available. In practice, this was not
reachable code, but anyway, this should be ready for potential addition
of connectorTemplate in the future.
Joshua DeWeese [Mon, 4 Feb 2019 20:43:29 +0000 (15:43 -0500)]
Replace systemd install Alias with WantedBy
According to the systemd documentation "WantedBy=foo.service in a
service bar.service is mostly equivalent to
Alias=foo.service.wants/bar.service in the same file." However,
this is not really the intended purpose of install Aliases.
Jouni Malinen [Sun, 8 Mar 2020 11:49:22 +0000 (13:49 +0200)]
tests: Fix sigma_dut_sae_pw_id_pwe_loop to clear sae_pwe setting
Leaving out the special sae_pwe value was causing failures for following
test cases, e.g., in the following sequence:
sigma_dut_sae_pw_id_pwe_loop sae_password_id_only
Jouni Malinen [Sun, 8 Mar 2020 11:11:50 +0000 (13:11 +0200)]
RSN: Stop 4-way handshake if scan results are not available
While there may have initially been cases where the RSNE from
Beacon/Probe Response frames was not available from some drivers, it is
now more valuable to notice if such a case were to be hit with drivers
that are always expected to have such information available. As such,
make it a fatal error if the scan results for the current AP are not
available to check the RSNE/RSNXE in EAPOL-Key msg 3/4.
Jouni Malinen [Sun, 8 Mar 2020 09:29:45 +0000 (11:29 +0200)]
OWE: Allow BSS entry with different SSID to be used in transition mode
Similarly to the wpa_supplicant_select_config() case,
wpa_get_beacon_ie() needs to handle the special case for OWE transition
mode where the SSID in the network profile does not match the SSID of
the OWE BSS (that has a hidden, random SSID). Accept such a BSS in case
the current scan results needs to be fetched for verifying EAPOL-Key msg
3/4 IEs.
Jouni Malinen [Sun, 8 Mar 2020 14:13:35 +0000 (16:13 +0200)]
OWE: Mark BSS for transition mode based on active OWE network profiles
It is possible for the hidden OWE BSS to be found based on SSID-specific
scan (e.g., from the special OWE scan mechanism). In that sequence, the
previously used learning of OWE BSS was skipped since the SSID was
already present in the BSS entry. This could result in not being able to
find a matching BSS entry for the OWE BSS in transition mode.
Fix this by adding the BSS flag for transition mode based on SSID
matching against currently enabled OWE network profiles in addition to
the previous mechanism.
Jouni Malinen [Sat, 7 Mar 2020 16:03:32 +0000 (18:03 +0200)]
OWE: Avoid incorrect profile update in transition mode
The "unexpected" change of SSID between the current network profile
(which uses the SSID from the open BSS in OWE transition mode) and the
association with the OWE BSS (which uses a random, hidden SSID) resulted
in wpa_supplicant incorrectly determining that this was a
driver-initiated BSS selection ("Driver-initiated BSS selection changed
the SSID to <the random SSID from OWE BSS>" in debug log).
This ended up with updating security parameters based on the network
profile inwpa_supplicant_set_suites() instead of using the already
discovered information from scan results. In particular, this cleared
the RSN supplicant state machine information of AP RSNE and resulted in
having to fetch the scan results for the current BSS when processing
EAPOL-Key msg 3/4.
Fix this by recognizing the special case for OWE transition mode where
the SSID for the associated AP does not actually match the SSID in the
network profile.
Jouni Malinen [Sat, 7 Mar 2020 15:05:01 +0000 (17:05 +0200)]
Report RSNXE mismatch in EAPOL-Key msg 3/4 more consistently with RSNE
Use the same reason code to indicate that IE different in 4-way
handshake and also print a hexdump of RSNXE in both Beacon/ProbeResp and
EAPOL-Key msg 3/4 in the log.
Jouni Malinen [Sat, 7 Mar 2020 14:45:52 +0000 (16:45 +0200)]
Allow RSNE in EAPOL-Key msg 3/4 to be replaced for testing purposes
The new hostapd configuration parameter rsne_override_eapol can now be
used similarly to the previously added rsnxe_override_eapol to override
(replace contents or remove) RSNE in EAPOL-Key msg 3/4. This can be used
for station protocol testing to verify sufficient checks for RSNE
modification between the Beacon/Probe Response frames and EAPOL-Key msg
3/4.
Jouni Malinen [Sat, 7 Mar 2020 14:39:36 +0000 (16:39 +0200)]
Extend hostapd rsnxe_override_eapol to allow IE removal
Previous implementation was determining whether the override value was
set based on its length being larger than zero. Replace this with an
explicit indication of whether the parameter is set to allow zero length
replacement, i.e., remove of RSNXE from EAPOL-Key msg 3/4.
In addition, move IE replacement into a more generic helper function to
allow this to be used with other IEs as well.
Jouni Malinen [Sat, 7 Mar 2020 11:56:56 +0000 (13:56 +0200)]
Do not override WDS VLAN assignment for STA
The 4-address frames WDS design in mac80211 uses VLAN interfaces
similarly to the way VLAN interfaces based on VLAN IDs are used. The EAP
authentication case ended up overriding the WDS specific assignment even
when the RADIUS server did not assign any specific VLAN for the STA.
This broke WDS traffic.
Fix this by skipping VLAN assignment to VLAN ID 0 for STAs that have
been detected to use 4-address frames.
Jouni Malinen [Sat, 7 Mar 2020 11:26:56 +0000 (13:26 +0200)]
HS 2.0 server: Allow OCSP responder to continue running after errors
By default, 'openssl ocsp' exits upon receiving a malformed request.
That's not really ideal for a server, so configure openssl to not do
that and instead, continue running to process other requests.
The resource-load-started cannot be used to replace the older
resource-request-starting signal and as such, the final redirect to the
special http://localhost:12345/ URL did not work. Use the decide-policy
signal for navigation action instead.
Also remove the attempt to modify the request URI from
resource-load-started since that is not going to work either. This is
not really critical for functionality, but could eventually be replaced
with a handler for the WebKitWebPage send-request signal.
wpa_tdls_set_key() did set the key_id to -1 to avoid a useless
NL80211_CMD_SET_KEY call that the updated nl80211 driver no longer
carries out. Remove the no longer required workaround.
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
DFS: Add support for 80+80 MHz when going through channel switch
After a radar signal is detected, the AP should switch to another
channel, but in the case of 80+80 MHz, channel switch failed because
hostapd did not select the secondary channel in the process. Fix this by
selecting a secondary channel in the case of 80+80 MHz.
Signed-off-by: Xin Wang <xwangw@codeaurora.org> Signed-off-by: Pravas Kumar Panda <kumarpan@codeaurora.org>
Jouni Malinen [Fri, 6 Mar 2020 15:27:40 +0000 (17:27 +0200)]
tests: Make ap_ht_40mhz_intolerant_ap more robust
Some test case sequences seemed to prevent the station from completing
the first OBSS scan (that scan was aborted) and that resulted in failing
the test case because the AP had not received any report in time. Wait
for scan completion and allow additional scans before timing out to
avoid indicating incorrect AP behavior in cases where the report was not
even received.
Hu Wang [Thu, 5 Mar 2020 11:20:38 +0000 (19:20 +0800)]
OWE: Fix PTK derivation workaround for interoperability
The initial implementation of the PTK derivation workaround for
interoperability with older OWE implementations forced
WPA_KEY_MGMT_PSK_SHA256 to be used for all of PTK derivation. While that
is needed for selecting which hash algorithm to use, this was also
changing the length of the PTK components and by doing so, did not
actually address the backwards compatibility issue.
Fix this by forcing SHA256 as the hash algorithm in PTK derivation
without changing the PTK length calculation for OWE when
owe_ptk_workaround is enabled.
Fixes: 65a44e849af9 ("OWE: PTK derivation workaround in AP mode") Fixes: 8b138d28264e ("OWE: PTK derivation workaround in STA mode") Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Zhaoyang Liu [Thu, 5 Mar 2020 03:25:00 +0000 (11:25 +0800)]
Fix segmentation fault for NULL confname in SAVE_CONFIG
When wpa_supplicant interface is added without a configuration file, the
SAVE_CONFIG command causes a segmentation fault due to referencing a
NULL pointer if the update_config parameter is first explicitly enabled.
Fix the issue by checking the confname for NULL before saving
configuration.
Migrate nl80211 driver to key_flag API and add additional sanity checks.
I'm still not sure why we install unicast WEP keys also as default
unicast keys. Based on how I understand how mac80211 handles that it
should be pointless. I just stuck to how we do things prior to the patch
for WEP keys to not break anything. After all other drivers may need it.
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
Always report an error when NL80211_CMD_SET_KEY can't set a key to
default.
The old ioctl-based design used a single command to add, set, and delete
a key and had to ignore ENOENT for key deletions. It looks like that
special handling was also ported for NL80211_CMD_NEW_KEY and
NL80211_CMD_SET_KEY instead only for NL80211_CMD_DEL_KEY.
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
Calling NL80211_CMD_NEW_KEY with NL80211_KEY_DEFAULT_TYPES attributes is
pointless. The information is not expected and therefore the kernel
never forwards it to the drivers. That attribute is used with
NL80211_CMD_SET_KEY.
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
Turns out we are sometime providing a seq when deleting the key. Since
that makes no sense on key deletion let's stop forwarding that to the
driver at least.
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
I decided to drop KEY_FLAG_MODIFY instead of allowing flag combinations not
yet used in the code and will simply recreate it with the Extended Key
ID patches once we get there. For that reason I also did not renumber
the flags.
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
Fix unicast argument for set_wep_key() from EAPOL supplicant
The unicast parameter in set_wep_key() is only expected to be set to 0
or 1. Without this patch we set unicast to 0x80 instead of 1. Since
unicast is used as boolean that is working fine but violates the
documented API.
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
Jouni Malinen [Wed, 4 Mar 2020 21:26:02 +0000 (23:26 +0200)]
WPS: Remove expired PINs on Selected Registrar timeout
This clears the AuthorizedMACs advertisement immediately when the
Selected Registrar timeout is hit and no more active PINs are present.
Previously, the AuthorizedMACs advertisement could remain in place
indefinitely since expired PINs were removed only when actually trying
to find a PIN for a new WPS exchange.
hostapd: Fix to downgrade bandwidth in radar detection
Upon radar detection we used to search channels with the same bandwidth.
This way we might not find any other channels. If there are no channels
available with that bandwidth the AP service will be stopped. To avoid
this problem, also search a suitable channel by downgrading the
bandwidth. This scenario is applicable during CAC as well.