]> git.ipfire.org Git - thirdparty/hostap.git/log
thirdparty/hostap.git
5 years agoMBO: Always include Non-preferred Channel Report attribute in AssocReq
Ankita Bajaj [Fri, 5 Apr 2019 09:07:40 +0000 (14:37 +0530)] 
MBO: Always include Non-preferred Channel Report attribute in AssocReq

Include the Non-preferred Channel Report attribute in (Re)Association
Request frames even when the MBO STA has no non-preferred channels in
any operating classes. In case of no non-preferred channels the
attribute length field shall be set to zero and the Operating Class,
Channel List, Preference and Reason Code fields shall not be included.
This indicates to the MBO AP that the MBO STA has no non-preferred
channels access all supported operating classes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoDPP: Move GAS encapsulation into dpp_build_conf_req()
Jouni Malinen [Wed, 3 Apr 2019 16:09:59 +0000 (19:09 +0300)] 
DPP: Move GAS encapsulation into dpp_build_conf_req()

Avoid duplicated code in each user of dpp_build_conf_req() by moving the
common encapsulation case into this helper function.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoSAE: Fix commit message override with external authentication
Jouni Malinen [Fri, 29 Mar 2019 21:04:35 +0000 (23:04 +0200)] 
SAE: Fix commit message override with external authentication

Do not add duplicate Transaction Sequence and Status Code fields when
using test functionality to override SAE commit message.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: sigma_dut controlled AP with PSK, SAE, FT
Jouni Malinen [Thu, 28 Mar 2019 20:09:45 +0000 (22:09 +0200)] 
tests: sigma_dut controlled AP with PSK, SAE, FT

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoPrefer FT-SAE over FT-PSK if both are enabled
Jouni Malinen [Thu, 28 Mar 2019 01:27:35 +0000 (03:27 +0200)] 
Prefer FT-SAE over FT-PSK if both are enabled

FT-SAE is considered stronger than FT-PSK, so prefer it over FT-PSK
similarly to how SAE is preferred over WPA-PSK.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoAdd more debug prints on suite selector selection
Jouni Malinen [Thu, 28 Mar 2019 00:58:00 +0000 (02:58 +0200)] 
Add more debug prints on suite selector selection

This makes it a bit easier to figure out why wpa_supplicant selects a
specific cipher/AKM for association.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: WPA2-EAP-FT with SHA384 using REASSOCIATE
Jouni Malinen [Wed, 27 Mar 2019 23:12:59 +0000 (01:12 +0200)] 
tests: WPA2-EAP-FT with SHA384 using REASSOCIATE

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoSuite B: Prefer FT-EAP-SHA384 over WPA-EAP-SUITE-B-192
Jouni Malinen [Wed, 27 Mar 2019 23:13:57 +0000 (01:13 +0200)] 
Suite B: Prefer FT-EAP-SHA384 over WPA-EAP-SUITE-B-192

If both of these AKMs are enabled in the wpa_supplicant network profile
and the target AP advertises support for both, prefer the FT version
over the non-FT version to allow FT to be used.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: WPA2-FT-SAE AP and PMKSA caching for initial MD association
Jouni Malinen [Wed, 27 Mar 2019 02:04:16 +0000 (04:04 +0200)] 
tests: WPA2-FT-SAE AP and PMKSA caching for initial MD association

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoSAE: Fix PMKSA cache entry search for FT-SAE case
Jouni Malinen [Wed, 27 Mar 2019 02:03:12 +0000 (04:03 +0200)] 
SAE: Fix PMKSA cache entry search for FT-SAE case

Previously, PMKSA cache entries were search for AKM=SAE and that did not
find an entry that was created with FT-SAE when trying to use FT-SAE
again. That resulted in having to use full SAE authentication instead of
the faster PMKSA caching alternative.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoAdd AKM info in the debug message noting PMKSA caching entry addition
Jouni Malinen [Wed, 27 Mar 2019 02:02:19 +0000 (04:02 +0200)] 
Add AKM info in the debug message noting PMKSA caching entry addition

This is useful for debugging issues where an expected PMKSA cache entry
is not found.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoFT-SAE: Use PMK as XXKey in AP when SAE PMKSA caching is used
vamsi krishna [Tue, 26 Mar 2019 14:49:02 +0000 (20:19 +0530)] 
FT-SAE: Use PMK as XXKey in AP when SAE PMKSA caching is used

When connected using FT-SAE key mgmt, use PMK from PMKSA cache as XXKey
for PMK-R0 and PMK-R1 derivations. This fixes an issue where FT key
hierarchy could not be established due to missing (not yet configured)
XXKey when using SAE PMKSA caching for the initial mobility domain
association.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoFT-SAE: Enable external auth support for FT-SAE also
vamsi krishna [Tue, 26 Mar 2019 14:29:59 +0000 (19:59 +0530)] 
FT-SAE: Enable external auth support for FT-SAE also

Extend the external authentication support to FT-SAE mode connections
also in addition to SAE mode connections.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agonl80211: Do not add WMM parameters when updating an existing STA entry
Jouni Malinen [Wed, 27 Mar 2019 01:14:02 +0000 (03:14 +0200)] 
nl80211: Do not add WMM parameters when updating an existing STA entry

In the case of the driver not supporting full AP mode STA state (i.e.,
not adding a STA entry before association), the QoS parameters are not
allowed to be modified when going through (re)association exchange for a
STA entry that has not been removed from the kernel. cfg80211 would
reject such command to update STA flags, so do not add the WMM parameter
in this case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoFT/RRB: Pad RRB messages to at least minimum Ethernet frame length
Jouni Malinen [Tue, 26 Mar 2019 20:26:07 +0000 (22:26 +0200)] 
FT/RRB: Pad RRB messages to at least minimum Ethernet frame length

Ethernet frames have minimum length of 64 octets and shorter frames may
end up getting arbitrary padding in the end. This would result in the
FT/RRB receiver rejecting the frame as an incorrectly protected one.
Work around this by padding the message so that it is never shorter than
the minimum Ethernet frame.

Unfortunately, this padding is apparently not enough with all Ethernet
devices and it is still possible to see extra two octet padding at the
end of the message even if larger frames are used (e.g., showed up with
128 byte frames). For now, work around this by trying to do AES-SIV
decryption with two octets shorter frame (ignore last two octets) if the
first attempt fails.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoFT/RRB: Add more debug prints for RRB message encryption/decryptiom
Jouni Malinen [Tue, 26 Mar 2019 17:12:20 +0000 (19:12 +0200)] 
FT/RRB: Add more debug prints for RRB message encryption/decryptiom

This is needed to make it easier to understand what could be going wrong
in RRB communication.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: sigma_dut controlled SAE association with Password Identifier/FT
Jouni Malinen [Tue, 26 Mar 2019 04:52:28 +0000 (06:52 +0200)] 
tests: sigma_dut controlled SAE association with Password Identifier/FT

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: SAE + FT-SAE configuration
Jouni Malinen [Tue, 26 Mar 2019 04:35:33 +0000 (06:35 +0200)] 
tests: SAE + FT-SAE configuration

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoSAE: Reorder SAE and FT-SAE AKM selection to prefer the FT option
Jouni Malinen [Tue, 26 Mar 2019 04:32:10 +0000 (06:32 +0200)] 
SAE: Reorder SAE and FT-SAE AKM selection to prefer the FT option

If a network profile has both SAE and FT-SAE enabled, SAE was previously
picked (and used incorrectly as explained in the previous commit). This
is not ideal since use of FT protocol can speed up roaming within in
mobility domain. Reorder this checks so that FT-SAE is preferred over
SAE if both are enabled.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoFT: Fix SAE + FT-SAE behavior in association parameter selection
Jouni Malinen [Tue, 26 Mar 2019 04:29:34 +0000 (06:29 +0200)] 
FT: Fix SAE + FT-SAE behavior in association parameter selection

Do not try to initialize FT reassociation if the selected AKM is for SAE
instead of FT-SAE when both of these are enabled in a network profile.
This fixes an issue with MDE being included in an (Re)Association
Request frame even when using a non-FT AKM (which is something that
results in hostapd rejecting the association).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: sigma_dut and SAE Password Identifier
Jouni Malinen [Mon, 25 Mar 2019 23:09:04 +0000 (01:09 +0200)] 
tests: sigma_dut and SAE Password Identifier

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: dpp_bootstrap_gen_failures to match implementation changes
Jouni Malinen [Sun, 24 Mar 2019 14:48:31 +0000 (16:48 +0200)] 
tests: dpp_bootstrap_gen_failures to match implementation changes

The separate dpp_bootstrap_gen() functions were merged into a single
one, so the test case needs a matching change to avoid failures.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoDPP: Common configurator/bootstrapping data management
Jouni Malinen [Sun, 24 Mar 2019 14:44:21 +0000 (16:44 +0200)] 
DPP: Common configurator/bootstrapping data management

Merge the practically copy-pasted implementations in wpa_supplicant and
hostapd into a single shared implementation in dpp.c for managing
configurator and boostrapping information. This avoid unnecessary code
duplication and provides a convenient location for adding new global DPP
data.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: sigma_dut sta_scan GetParameter,SSID_BSSID
Jouni Malinen [Thu, 21 Mar 2019 15:08:02 +0000 (17:08 +0200)] 
tests: sigma_dut sta_scan GetParameter,SSID_BSSID

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoFix memcpy regression in PMK handling
Jouni Malinen [Sat, 23 Mar 2019 10:44:42 +0000 (12:44 +0200)] 
Fix memcpy regression in PMK handling

The memcpy calls added for exposing the PMK from wpa_auth module could
end up trying to copy the same memory buffer on top of itself.
Overlapping memory areas are not allowed with memcpy, so this could
result in undefined behavior. Fix this by making the copies conditional
on the updated value actually coming from somewhere else.

Fixes: b08c9ad0c78d ("AP: Expose PMK outside of wpa_auth module")
Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agoFILS: Fix KEK2 derivation for FILS+FT
Jouni Malinen [Wed, 20 Mar 2019 20:26:56 +0000 (22:26 +0200)] 
FILS: Fix KEK2 derivation for FILS+FT

The offset update for copying KEK2 from the extended PTK was overriding
the offset instead of incrementing it (a likely copy-paste error from
the first offset assignment based on KCK). This resulted in KEK2 being
set to incorrect segment of PTK. Fix this by updating the offset
properly so that KEK2 is copied from the correct place at the end of the
PTK.

Fixes: 2f37387812a5 ("FILS: Add more complete support for FT-FILS use cases")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoOpenSSL: Fix build with current BoringSSL
Jouni Malinen [Tue, 19 Mar 2019 16:15:28 +0000 (18:15 +0200)] 
OpenSSL: Fix build with current BoringSSL

SSL_use_certificate_chain_file() is not available in the current
BoringSSL even though the defined OPENSSL_VERSION_NUMBER is large enough
to claim that this function would be present in the OpenSSL API.

Fall back to using SSL_use_certificate_file() with BoringSSL to fix the
build.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Reset sae_groups in sigma_dut_dpp_qr_init_enrollee_sae
Jouni Malinen [Mon, 18 Mar 2019 17:00:06 +0000 (19:00 +0200)] 
tests: Reset sae_groups in sigma_dut_dpp_qr_init_enrollee_sae

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Remove unnecessary dump_monitor() calls from end of test cases
Jouni Malinen [Mon, 18 Mar 2019 16:23:02 +0000 (18:23 +0200)] 
tests: Remove unnecessary dump_monitor() calls from end of test cases

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Use a helper function for DPP_CONFIGURATOR_ADD/REMOVE
Jouni Malinen [Mon, 18 Mar 2019 11:36:32 +0000 (13:36 +0200)] 
tests: Use a helper function for DPP_CONFIGURATOR_ADD/REMOVE

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Use a helper function for DPP_AUTH_INIT
Jouni Malinen [Mon, 18 Mar 2019 09:36:43 +0000 (11:36 +0200)] 
tests: Use a helper function for DPP_AUTH_INIT

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoOWE: Move Association Response frame IE addition to appropriate place
Jouni Malinen [Mon, 18 Mar 2019 09:48:53 +0000 (11:48 +0200)] 
OWE: Move Association Response frame IE addition to appropriate place

This code was after the FILS handling that would have encrypted the
frame. While FILS and OWE are never used together, the OWE handling
should really be before the FILS handling since no IEs can be added
after the FILS encryption step. In addition, the Diffie-Hellman
Parameter element is not a Vendor Specific element, so it should be
before some of the Vendor Specific elements even though it is not
defined in IEEE 802.11.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: DPP AP+STA provisioning and connection with Brainpool curves
Jouni Malinen [Mon, 18 Mar 2019 09:44:00 +0000 (11:44 +0200)] 
tests: DPP AP+STA provisioning and connection with Brainpool curves

Increase testing coverage by going through all six possible curves with
full provisioning of AP and STA and connection (which includes PFS with
DPP2).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoDPP2: PFS for PTK derivation
Jouni Malinen [Sun, 17 Mar 2019 21:51:53 +0000 (23:51 +0200)] 
DPP2: PFS for PTK derivation

Use Diffie-Hellman key exchange to derivate additional material for
PMK-to-PTK derivation to get PFS. The Diffie-Hellman Parameter element
(defined in OWE RFC 8110) is used in association frames to exchange the
DH public keys. For backwards compatibility, ignore missing
request/response DH parameter and fall back to no PFS in such cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoDPP2: Extend wpa_pmk_to_ptk() to support extra Z.x component in context
Jouni Malinen [Sun, 17 Mar 2019 20:02:06 +0000 (22:02 +0200)] 
DPP2: Extend wpa_pmk_to_ptk() to support extra Z.x component in context

DPP allows Diffie-Hellman exchange to be used for PFS in PTK derivation.
This requires an additional Z.x (x coordinate of the DH shared secret)
to be passed to wpa_pmk_to_ptk(). This commit adds that to the function
and updates all the callers to pass NULL,0 for that part in preparation
of the DPP specific changes to start using this.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoOWE: Allow Diffie-Hellman Parameter element to be included with DPP
Jouni Malinen [Sun, 17 Mar 2019 22:25:11 +0000 (00:25 +0200)] 
OWE: Allow Diffie-Hellman Parameter element to be included with DPP

The previous OWE implementation on the AP side rejected any
(Re)Association Request frame with the Diffie-Hellman Parameter element
if AKM was not OWE. This breaks compatibility with DPP PFS, so relax
that rule to allow DPP AKM to be used as well. While this commit alone
does not add support for PFS, this allows interoperability between
non-PFS implementation on the AP and a newer PFS implementation on the
STA.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Fix mesh_sae_groups_invalid to reset sae_groups setting
Jouni Malinen [Sun, 17 Mar 2019 22:01:34 +0000 (00:01 +0200)] 
tests: Fix mesh_sae_groups_invalid to reset sae_groups setting

This test case did not clear a possibly modified sae_groups value from a
prior test case for adev[2] and could fail if the previously set group
was not supported by the AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: Fix WPS with SAE test cases to reset sae_groups setting
Jouni Malinen [Sun, 17 Mar 2019 21:56:23 +0000 (23:56 +0200)] 
tests: Fix WPS with SAE test cases to reset sae_groups setting

These test cases did not clear a possibly modified sae_groups value from
a prior test case and could fail if the previously set group was not
supported by the AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: Fix ap_mixed_security to reset sae_groups setting
Jouni Malinen [Sun, 17 Mar 2019 19:42:38 +0000 (21:42 +0200)] 
tests: Fix ap_mixed_security to reset sae_groups setting

This test case did not clear a possibly modified sae_groups value from a
prior test case and could fail if the previously set group was not
supported by the AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: ap_mixed_security to use SAE capability from the correct station
Jouni Malinen [Sun, 17 Mar 2019 19:38:34 +0000 (21:38 +0200)] 
tests: ap_mixed_security to use SAE capability from the correct station

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: Helper function for checking DPP-FAIL reporting
Jouni Malinen [Sun, 17 Mar 2019 18:26:23 +0000 (20:26 +0200)] 
tests: Helper function for checking DPP-FAIL reporting

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: Helper functions for DPP PKEX initiator and responder
Jouni Malinen [Sun, 17 Mar 2019 17:22:11 +0000 (19:22 +0200)] 
tests: Helper functions for DPP PKEX initiator and responder

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: DPP use the wait_auth_success() helper function
Jouni Malinen [Sun, 17 Mar 2019 16:37:56 +0000 (18:37 +0200)] 
tests: DPP use the wait_auth_success() helper function

Use the already existing helper function and extend it to cover the most
common test sequences.

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: Use helper function for DPP_LISTEN commands
Jouni Malinen [Sun, 17 Mar 2019 16:19:58 +0000 (18:19 +0200)] 
tests: Use helper function for DPP_LISTEN commands

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: Helper function for DISCONNECT + ABORT_SCAN + wait
Jouni Malinen [Sun, 17 Mar 2019 15:55:43 +0000 (17:55 +0200)] 
tests: Helper function for DISCONNECT + ABORT_SCAN + wait

Use a helper function to perform this common sequence to disconnect and
stop any possibly started reconnection attempt.

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: Handle scan result clearing more carefully in ap_country
Jouni Malinen [Sun, 17 Mar 2019 15:40:39 +0000 (17:40 +0200)] 
tests: Handle scan result clearing more carefully in ap_country

If the ABORT_SCAN command succeeds, CTRL-EVENT-SCAN-RESULTS event is
delivered for the aborted scan. Following this with an immediate
flush_scan_cache() call can result in the first scan interpreting that
pending event as the completion and that results in trying to start
another scan while the first scan is still in progress.

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: Remove group at the end of p2p_ext_vendor_elem_invitation
Jouni Malinen [Sun, 17 Mar 2019 15:06:04 +0000 (17:06 +0200)] 
tests: Remove group at the end of p2p_ext_vendor_elem_invitation

This is needed to avoid leaving behind a ROC operation at the end of the
test case. This was found with the following test sequence:
p2p_ext_vendor_elem_invitation wifi_display_r2

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: Fix ECDSA signature generation
Jouni Malinen [Sun, 17 Mar 2019 14:53:05 +0000 (16:53 +0200)] 
tests: Fix ECDSA signature generation

Parsing of the DER encoded signature was unable to handle results that
were shorter than the prime. These need to be zero padded from left to
generate the correct value.

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: Split event wait in grpform_cred_ready_timeout
Jouni Malinen [Sun, 17 Mar 2019 14:00:18 +0000 (16:00 +0200)] 
tests: Split event wait in grpform_cred_ready_timeout

The long wait for the monitor socket events resulted in another socket
running out of TX buffer space. Split the wait into smaller segments and
clear the other socket in each iteration.

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: Clear monitor socket queue in ap_hs20_interworking_oom
Jouni Malinen [Sun, 17 Mar 2019 13:29:02 +0000 (15:29 +0200)] 
tests: Clear monitor socket queue in ap_hs20_interworking_oom

Do not leave all the event messages pending in the socket queue for the
full duration of the test case to avoid hitting the TX socket queue
limit.

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: Close wpa_supplicant control interface more robustly
Jouni Malinen [Sun, 17 Mar 2019 13:26:34 +0000 (15:26 +0200)] 
tests: Close wpa_supplicant control interface more robustly

Some of the test cases left behind attached control interface monitor
sockets that could result in hitting the wpa_supplicant socket TX queue
limit. Try to be a bit more careful about detaching and closing the
sockets to avoid this.

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agotests: Fix dump_monitor() without monitor attached
Jouni Malinen [Sun, 17 Mar 2019 10:22:23 +0000 (12:22 +0200)] 
tests: Fix dump_monitor() without monitor attached

Do not try to dump pending event messages if the monitor socket has not
been attached.

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agoAdd TEST_FAIL() to aes_encrypt_init() with internal crypto
Jouni Malinen [Sat, 16 Mar 2019 16:45:51 +0000 (18:45 +0200)] 
Add TEST_FAIL() to aes_encrypt_init() with internal crypto

This is needed for the hwsim test cases ap_wpa2_eap_psk_oom and
ap_wpa2_eap_sim_oom.

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agoTLS: Add support for RFC 5705 TLS exporter context with internal TLS
Jouni Malinen [Sat, 16 Mar 2019 16:40:49 +0000 (18:40 +0200)] 
TLS: Add support for RFC 5705 TLS exporter context with internal TLS

Use the provided context, if any, to generate the seed for TLS PRF.

Signed-off-by: Jouni Malinen <j@w1.fi>
5 years agoAdd support for an optional context parameter to TLS exporter
Ervin Oro [Mon, 11 Mar 2019 11:21:36 +0000 (13:21 +0200)] 
Add support for an optional context parameter to TLS exporter

Allow an additional context value to be passed to TLS exporter as
specified in RFC 5705 section 4.

This does not yet implement it for the internal TLS implementation.
However, as currently nothing uses context yet, this will not break
anything right now. WolfSSL maintainers also stated that they are not
going to add context support yet, but would look into it if/when this is
required by a published draft or a standard.

Signed-off-by: Ervin Oro <ervin.oro@aalto.fi>
5 years agotests: Python coding style cleanup (pylint3 bad-whitespace)
Jouni Malinen [Fri, 15 Mar 2019 10:10:37 +0000 (12:10 +0200)] 
tests: Python coding style cleanup (pylint3 bad-whitespace)

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: DPP and provisoning DPP and legacy AKMs
Jouni Malinen [Sat, 16 Mar 2019 15:27:09 +0000 (17:27 +0200)] 
tests: DPP and provisoning DPP and legacy AKMs

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoDPP2: Support new legacy+DPP config object credentials
Jouni Malinen [Sat, 16 Mar 2019 15:17:46 +0000 (17:17 +0200)] 
DPP2: Support new legacy+DPP config object credentials

This allows devices supporting DPP protocol version 2 or newer to
provision networks that enable both the legacy (PSK/SAE) and DPP
credentials.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoDPP: Support DPP and SAE in the same network profile
Jouni Malinen [Sat, 16 Mar 2019 15:15:09 +0000 (17:15 +0200)] 
DPP: Support DPP and SAE in the same network profile

Make both DPP and SAE code aware of the cases where the same network
profile is configured to enable both DPP and SAE. Prefer DPP over SAE in
such cases and start DPP/SAE exchanges based on what both the station
and the AP support.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoDPP: Clean up configuration parsing
Jouni Malinen [Sat, 16 Mar 2019 10:19:10 +0000 (12:19 +0200)] 
DPP: Clean up configuration parsing

Share a single parsing implementation for both hostapd and
wpa_supplicant to avoid code duplication. In addition, clean up the
implementation to be more easily extensible.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Use matching prefix for the ProxyARP IPv6 log files
Jouni Malinen [Fri, 15 Mar 2019 21:56:34 +0000 (23:56 +0200)] 
tests: Use matching prefix for the ProxyARP IPv6 log files

The "_ipv6" part of the file name was missing and this resulted in file
names that conflicted with the IPv4 test cases and could overwrite logs
for those.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Decode brctl showmacs output for the debug log
Jouni Malinen [Fri, 15 Mar 2019 21:53:27 +0000 (23:53 +0200)] 
tests: Decode brctl showmacs output for the debug log

This is needed with python3 to make the debug log more readable.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Remove unnecessary second wait from connect_cmd_reject_assoc
Jouni Malinen [Fri, 15 Mar 2019 20:42:18 +0000 (22:42 +0200)] 
tests: Remove unnecessary second wait from connect_cmd_reject_assoc

It does not look like there would be two CTRL-EVENT-ASSOC-REJECT events
here, so only check the first one instead of requiring both to be
received with status_code=27. This test case could fail based on the
second connection attempt (due to that extra event wait) timing out.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Make parallel-vm.py log easier to use for debugging failures
Jouni Malinen [Fri, 15 Mar 2019 19:08:10 +0000 (21:08 +0200)] 
tests: Make parallel-vm.py log easier to use for debugging failures

Print a list of full paths to log files from failed test cases both the
parallel.log and stdout so that they can be easily opened for analysis.
In addition, renumber the VM lines in the <timestamp>-parallel.log to
match the i+1 numbering used in the log directories and UI that is
tracking test execution.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Make ap_wpa2_eap_peap_params more robust
Jouni Malinen [Fri, 15 Mar 2019 11:49:25 +0000 (13:49 +0200)] 
tests: Make ap_wpa2_eap_peap_params more robust

One of the steps that expected failure due to PMKID mismatch did not
stop connection attempts. This could result in the following test step
failing due to the previous profile with peaplabel=1 getting used to
derive the MSK incorrectly.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Clear pending monitor events before starting scan
Jouni Malinen [Fri, 15 Mar 2019 11:40:04 +0000 (13:40 +0200)] 
tests: Clear pending monitor events before starting scan

The wait_event() call for scan completion could have processed a
previously received event from a prior scan instead of the newly started
one. This could result in flush_scan_cache() assuming there are still
results in the cache even though the scan request to clear the cache had
not even be started yet.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: External radio work and DISCONNECT clearing connection attempt
Jouni Malinen [Fri, 15 Mar 2019 11:03:10 +0000 (13:03 +0200)] 
tests: External radio work and DISCONNECT clearing connection attempt

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoRemove pending connect and sme-connect radio works on disconnect
Jouni Malinen [Fri, 15 Mar 2019 10:59:55 +0000 (12:59 +0200)] 
Remove pending connect and sme-connect radio works on disconnect

There was a race condition in a case where a new connection attempt was
scheduled as a pending radio work and that was followed by a DISCONNECT
command before the pending radio work is started. The pending radio work
would not have been deleted in that sequence and instead, it was
executed when the radio became available next. This could result in an
unexpected connection after an explicit request to disconnect.

Fix this by removing pending connect and sme-connect radio works on
disconnection request.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Python coding style cleanup (pylint3 unneeded-not)
Jouni Malinen [Fri, 15 Mar 2019 09:34:32 +0000 (11:34 +0200)] 
tests: Python coding style cleanup (pylint3 unneeded-not)

Use more readable "foo not in bar" construction for the couple of places
that did "not foo in bar".

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Fix run-tests.py module file (-l) handling
Jouni Malinen [Fri, 15 Mar 2019 09:18:20 +0000 (11:18 +0200)] 
tests: Fix run-tests.py module file (-l) handling

Prior cleanup broke the indentation here and made the addition of test
cases unreachable.

Fixes: 0663ae22ffc7 ("tests: Do not use tabs for indentation")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoOpenSSL: Fix build with OpenSSL 1.0.2
Jouni Malinen [Thu, 14 Mar 2019 22:33:33 +0000 (00:33 +0200)] 
OpenSSL: Fix build with OpenSSL 1.0.2

X509_get_subject_name() in OpenSSL 1.0.2 does not mark its argument as a
const pointer, so need to type cast this to avoid a build warning.

Fixes: 841205a1ceb1 ("OpenSSL: Add 'check_cert_subject' support for TLS server")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: SAE anti-clogging request with mesh BSS
Jouni Malinen [Thu, 14 Mar 2019 22:12:05 +0000 (00:12 +0200)] 
tests: SAE anti-clogging request with mesh BSS

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoSAE: Reduce queue wait time for pending Authentication frames
Jouni Malinen [Thu, 14 Mar 2019 22:08:37 +0000 (00:08 +0200)] 
SAE: Reduce queue wait time for pending Authentication frames

The queue_len * 50 ms wait time was too large with the retransmission
timeouts used in the mesh case for SAE. The maximum wait of 750 ms was
enough to prevent successful completion of authentication after having
hit the maximum queue length. While the previous commit is enough to
allow this to complete successfully in couple of retries, it looks like
a smaller wait time should be used here even if it means potentially
using more CPU.

Drop the processing wait time to queue_len * 10 ms so that the maximum
wait time is 150 ms if the queue is full.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoSAE: Improved queuing policy for pending authentication frames
Jouni Malinen [Thu, 14 Mar 2019 22:03:29 +0000 (00:03 +0200)] 
SAE: Improved queuing policy for pending authentication frames

The previous design of simply queuing all SAE commit messages was not
exactly good at allowing recovery from a flooding state if the valid
peer used frequent retransmissions of the SAE message. This could
happen, e.g., with mesh BSSs using SAE. The frequent retransmissions and
restarts of SAE authentication combined with SAE confirm messages
bypassing the queue ended up in not being able to finish SAE exchange
successfully.

Fix this by modifying the queuing policy to queue SAE confirm messages
if there is a queued SAE commit message from the same peer so that the
messages within the same exchange do not get reordered. In addition,
replace queued SAE commit/confirm message if a new matching message is
received from the same peer STA. This is useful for the case where the
peer restarts SAE more quickly than the local end has time to process
the queued messages.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: DPP and Enrollee rejecting Config Object
Jouni Malinen [Thu, 14 Mar 2019 15:26:09 +0000 (17:26 +0200)] 
tests: DPP and Enrollee rejecting Config Object

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoDPP2: Testing option for Config Object rejction
Jouni Malinen [Thu, 14 Mar 2019 15:08:44 +0000 (17:08 +0200)] 
DPP2: Testing option for Config Object rejction

Add a new testing option to force Enrollee to reject the receive Config
Object.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoDPP2: Configuration Result message generation and processing
Jouni Malinen [Thu, 14 Mar 2019 15:05:02 +0000 (17:05 +0200)] 
DPP2: Configuration Result message generation and processing

Use this new message from Enrollee to Configurator to indicate result of
the config object provisioning if both devices support protocol version
2 or newer.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: DPP test cases to handle new behavior due to config result
Jouni Malinen [Thu, 14 Mar 2019 18:46:37 +0000 (20:46 +0200)] 
tests: DPP test cases to handle new behavior due to config result

The new DPP Configuration Result message can result in a bit different
behavior at the end of the configuration exchange and some of the test
cases need more flexibility to work with that DPP2 behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoDPP2: Make DPP version number support available over control interface
Jouni Malinen [Thu, 14 Mar 2019 18:45:36 +0000 (20:45 +0200)] 
DPP2: Make DPP version number support available over control interface

"GET_CAPABILITY dpp" can now be used to determine which version number
of DPP is supported in the build.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Fix dpp_qr_code_auth_initiator_enrollee to clear gas_address3
Jouni Malinen [Wed, 13 Mar 2019 22:13:35 +0000 (00:13 +0200)] 
tests: Fix dpp_qr_code_auth_initiator_enrollee to clear gas_address3

gas_address3 was set to 1 in this test case, but it was never cleared.
That can result in unexpected behavior in other test cases that dpeends
on gas_address3 being in its default value 0. Clear the parameter
explicitly to avoid this.

This resulted in an error in the following test sequence:
dpp_qr_code_auth_initiator_enrollee gas_anqp_address3_ap_forced

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Make WNM test case scan clearing more robust
Jouni Malinen [Wed, 13 Mar 2019 21:32:31 +0000 (23:32 +0200)] 
tests: Make WNM test case scan clearing more robust

There was a race condition on starting the flush_scan_cache() operations
if a scan happened to be in progress when the test case ended since the
ABORT_SCAN success case did not wait for the pending scan operation to
be completed. Wait for the scan completion event in addition to the
disconnection event if the ABORT_SCAN command is accepted.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoMore robust timer_tick_enabled tracking
Jouni Malinen [Wed, 13 Mar 2019 21:25:21 +0000 (23:25 +0200)] 
More robust timer_tick_enabled tracking

Do not set sm->timer_tick_enabled if the eloop_register_timeout() call
fails so that the next attempt to enable the timer in
eapol_enable_timer_tick() can try to recover from unexpected eloop
failures. This should not really be needed in practical use cases, but
certain out-of-memory test cases can trigger allocation failure in
eloop_register_timeout() and if that happens, the previous EAPOL
supplicant state machine implementation got pretty much completely stuck
for any operation needing the timer.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Make TDLS test case scan clearing more robust
Jouni Malinen [Wed, 13 Mar 2019 19:05:15 +0000 (21:05 +0200)] 
tests: Make TDLS test case scan clearing more robust

There was a race condition on starting the flush_scan_cache() operations
if a scan happened to be in progress when the test case ended since the
ABORT_SCAN success case did not wait for the pending scan operation to
be completed. Wait for the scan completion event in addition to the
disconnection event if the ABORT_SCAN command is accepted.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Decode station dump output to restore pre-python3 behavior
Jouni Malinen [Wed, 13 Mar 2019 18:40:31 +0000 (20:40 +0200)] 
tests: Decode station dump output to restore pre-python3 behavior

These TDLS test cases missed Popen() result decode() calls in the
earlier python3 compatibility changes. Add those to make debug log more
readable.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Make DPP protocol failure testing more robust
Jouni Malinen [Wed, 13 Mar 2019 17:40:50 +0000 (19:40 +0200)] 
tests: Make DPP protocol failure testing more robust

Wait explicitly for the DPP-NOT-COMPATIBLE event when going through
protocol testing with local failures instead of just waiting for a fixed
0.1 second duration. This prevents a test failure at least in
dppauth_resp_status_failure in a case where the failing operation may be
delayed under heavy CPU load.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Clear scan results from dev5 in WPS testing
Jouni Malinen [Wed, 13 Mar 2019 17:27:21 +0000 (19:27 +0200)] 
tests: Clear scan results from dev5 in WPS testing

Test case sequence "ap_wps_ap_scan_2 ap_wps_pbc_2ap" resulted in a
failure due to a scan entry being left behind from the first test case
and the second one ending up using that obsolete result during WPS_PBC
processing. Fix this by clearing the scan results explicitly on dev5.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoFILS+FT: STA mode validation of PMKR1Name in initial MD association
Jouni Malinen [Wed, 13 Mar 2019 17:13:49 +0000 (19:13 +0200)] 
FILS+FT: STA mode validation of PMKR1Name in initial MD association

Verify that the AP uses matching PMKR1Name in (Re)Association Response
frame when going through FT initial mobility domain association using
FILS. Thise step was missing from the initial implementation, but is
needed to match the IEEE 802.11ai requirements for explicit confirmation
of the FT key hierarchy (similarly to what is done in FT 4-way handshake
when FILS is not used).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoFILS+FT: AP mode processing of PMKR1Name in initial MD association
Jouni Malinen [Wed, 13 Mar 2019 15:24:29 +0000 (17:24 +0200)] 
FILS+FT: AP mode processing of PMKR1Name in initial MD association

Derive PMKR1Name during the FILS authentication step, verify that the
station uses matching PMKR1Name in (Re)Association Request frame, and
add RSNE[PMKR1Name] into (Re)Association Response frame when going
through FT initial mobility domain association using FILS. These steps
were missed from the initial implementation, but are needed to match the
IEEE 802.11ai requirements for explicit confirmation of the FT key
hierarchy (similarly to what is done in FT 4-way handshake when FILS is
not used).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoFILS: Do not try to add PMKSA cache entry if caching is disabled
Jouni Malinen [Wed, 13 Mar 2019 14:34:48 +0000 (16:34 +0200)] 
FILS: Do not try to add PMKSA cache entry if caching is disabled

This gets rid of a confusing error message "FILS: Failed to add PMKSA
cache entry based on ERP" for cases where PMKSA caching is disabled in
hostapd (disable_pmksa_caching=1). Functionality remains unchanged,
i.e., no cache entry was added before this change either.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoVendor attribute to enable or disable TWT request support
Arif Hussain [Tue, 12 Mar 2019 21:59:48 +0000 (14:59 -0700)] 
Vendor attribute to enable or disable TWT request support

Add a new QCA vendor attribute for testing purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agonl80211: Clear keys from heap memory before freeing it for get_seqnum
vamsi krishna [Wed, 13 Mar 2019 07:03:17 +0000 (12:33 +0530)] 
nl80211: Clear keys from heap memory before freeing it for get_seqnum

NL80211_CMD_GET_KEY response may return the actual key in addition to
the last used sequence number that we need. That might result in a key
being left in unused heap memory after the buffer is freed.

Explicitly clear the message payload with the possibly included key
material from heap memory before returning from the handler function
(and having libnl free the nlmsg) when key information is obtained from
the driver using the NL80211_CMD_GET_KEY command.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoP2P: Fix ACS offloading behavior with p2p_no_group_iface=1
Jayachandran Sreekumaran [Fri, 8 Mar 2019 10:30:56 +0000 (16:00 +0530)] 
P2P: Fix ACS offloading behavior with p2p_no_group_iface=1

wpa_s->p2p_go_do_acs was not cleared during P2P group deletion and that
resulted in the case of no separate group interface continuing to assume
ACS was to be used for consecutive GO starts even if they tried to
specify a frequency. Fix this by explicitly clearing
wpa_s->p2p_go_do_acs during P2P group deletion and also clear this when
processing the P2P_GROUP_ADD if the parameters do not request ACS to be
used.

Fixes: 37ed3254de22 ("P2P: ACS offload for the autonomous GO")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agonl80211: Exclude PMK when sending NL80211_CMD_DEL_PMKSA explicitly
vamsi krishna [Wed, 13 Mar 2019 07:43:38 +0000 (13:13 +0530)] 
nl80211: Exclude PMK when sending NL80211_CMD_DEL_PMKSA explicitly

Add a check in nl80211 driver layer to not include PMK while sending
NL80211_CMD_DEL_PMKSA explicitly. Though it is taken care already in
supplicant layer by setting the pmk_len to zero, it would be good
to have a check in nl80211 layer in order to avoid future accidental
inclusions of keying material in commands that do not need them.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: DPP and duplicated Authentication Response
Jouni Malinen [Wed, 13 Mar 2019 11:00:33 +0000 (13:00 +0200)] 
tests: DPP and duplicated Authentication Response

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoDPP2: Protocol version indication
Jouni Malinen [Wed, 13 Mar 2019 10:18:01 +0000 (12:18 +0200)] 
DPP2: Protocol version indication

Send out the new Protocol Version attribute in Authentication
Request/Response messages and determine the peer version based on this
attribute.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoDPP2: Build configuration flags for DPP version 2 support
Jouni Malinen [Wed, 13 Mar 2019 10:00:09 +0000 (12:00 +0200)] 
DPP2: Build configuration flags for DPP version 2 support

The new CONFIG_DPP2=y build option for hostapd and wpa_supplicant is
used to control whether new functionality defined after the DPP
specification v1.0 is included. All such functionality are considered
experimental and subject to change without notice and as such, not
suitable for production use.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Make sae_anti_clogging_during_attack more robust
Jouni Malinen [Tue, 12 Mar 2019 15:31:40 +0000 (17:31 +0200)] 
tests: Make sae_anti_clogging_during_attack more robust

Accept a smaller number of token responses in second round to avoid
failing this test case as frequently.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Disable fragm/rts_threshold after testing it
Jouni Malinen [Tue, 12 Mar 2019 15:18:38 +0000 (17:18 +0200)] 
tests: Disable fragm/rts_threshold after testing it

The configurated fragmentation/RTS threshold value survives AP mode
interface restarts, so these values need to be explicitly cleared back
to default (disabled). This fixes an issue where some test cases could
not work correctly if fragmentation on the interface was enabled. For
example, this combination used to fail:
ap_fragmentation_open ap_hs20_fetch_osu

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agoAllow fragmentation/RTS threshold to be disabled explicitly
Jouni Malinen [Tue, 12 Mar 2019 15:15:08 +0000 (17:15 +0200)] 
Allow fragmentation/RTS threshold to be disabled explicitly

hostapd configuration parameters fragm_threshold and rts_threshold were
documented to disable the threshold with value -1 and not change driver
configuration if the parameter is not included. However, -1 was mapped
into not changing the driver value, so the explicit disabling part did
not work.

Replace the default values for these to be -2 so that explicitly set
configuration value -1 can be distinguished from the case of not
including the parameter. Map the -1 value to a driver request to disable
the threshold. Ignore any error from this operation just in case to
avoid breaking functionality should some drivers not accept the (u32) -1
value as a threshold value request to disable the mechanism.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
5 years agotests: Fix scan_specific_bssid in case Beacon frame is seen
Jouni Malinen [Tue, 12 Mar 2019 14:36:46 +0000 (16:36 +0200)] 
tests: Fix scan_specific_bssid in case Beacon frame is seen

The first scan for the unknown BSSID could have been timed in a manner
that allows passive scanning to find the real AP even if that AP's
beacon interval was 1000 (e.g., heavy CPU load changed timing so that
the AP beaconing started at suitable time). The check for BSS result
entry not including Probe Response frame was comparing incorrect BSS
entries (bss2 vs. bss1) which resulted in the test case claiming failure
even when there was no unexpected Probe Response frame.

Fix this by comparing the beacon_ie and ie parameters from the same BSS
entry (bss1).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>