Jouni Malinen [Thu, 25 Nov 2010 20:00:04 +0000 (22:00 +0200)]
SME: Fix re-try after auth/assoc timeout/failure
There were various issues in how the SME (i.e., nl80211-based driver
interface) handled various authentication and association timeouts and
failures. Authentication failure was not handled at all (wpa_supplicant
just stopped trying to connect completely), authentication timeout
resulted in blacklisting not working in the expected way (i.e., the same
BSS could be selected continuously), and association cases had similar
problems.
Use a common function to handle all these cases and fix the blacklist
operation. Use smaller delay before trying to scan again during the
initial cycle through the available APs to speed up connection. Add
a special case for another-BSS-in-the-same-ESS being present to
speed up recovery from networks with multiple APs doing load balancing
in various odd ways that are deployed out there.
Jouni Malinen [Thu, 25 Nov 2010 14:04:07 +0000 (16:04 +0200)]
P2P: Fix Action frame sending after disconnection
assoc_freq needs to be cleared when an interface gets disconnected.
This fixes an issue where P2P Action frame transmission may fail
because of missing remain-on-channel operation when using the same
interface for group operations (or non-P2P connections) and P2P
management operations.
Jouni Malinen [Wed, 24 Nov 2010 15:01:21 +0000 (17:01 +0200)]
Convert most commonly used drv ops to real function calls
Getting rid of these inline functions seems to reduce the code size
quite a bit, so convert the most commonly used hostapd driver ops to
function calls.
Jouni Malinen [Wed, 24 Nov 2010 14:50:06 +0000 (16:50 +0200)]
Get rid of struct hostapd_driver_ops abstraction
This is not needed anymore and just makes things more difficult
to understand, so move the remaining function pointers to direct
function calls and get rid of the struct hostapd_driver_ops.
Jouni Malinen [Wed, 24 Nov 2010 14:34:49 +0000 (16:34 +0200)]
hostapd_driver_ops reduction
send_eapol, set_key, read_sta_data, sta_clear_stats,
set_radius_acl_auth, set_radius_acl_expire, and set_beacon
to use inline functions instead of extra abstraction.
Commit bf65bc638fe438b96f2986580ad167d5e276ef4c started the path to
add this new abstraction for driver operations in AP mode to allow
wpa_supplicant to control AP mode operations. At that point, the
extra abstraction was needed, but it is not needed anymore since
hostapd and wpa_supplicant share the same struct wpa_driver_ops.
Start removing the unneeded abstraction by converting
send_mgmt_frame() to an inline function, hostapd_drv_send_mlme().
This is similar to the design that is used in wpa_supplicant and
that was used in hostapd in the past (hostapd_send_mgmt_frame()
inline function).
Jouni Malinen [Wed, 24 Nov 2010 12:58:58 +0000 (14:58 +0200)]
nl80211: Fix send commands to return 0 on success
driver.h defines these functions to return 0 on success, not
number of bytes transmitted. Most callers are checking "< 0" for
error condition, but not all. Address this by following the driver
API specification on 0 meaning success.
Albert Liu [Wed, 24 Nov 2010 12:25:33 +0000 (14:25 +0200)]
P2P: Fix RX ack status on Action frames sent via interface in GO mode
The wpa_supplicant_event() EVENT_TX_STATUS ack field needs to be
converted to use wpas_send_action_tx_status()
enum p2p_send_action_result in this case, too, to avoid getting
incorrect TX status for P2P processing.
Jouni Malinen [Wed, 24 Nov 2010 11:08:03 +0000 (13:08 +0200)]
hostapd: Verify availability of random data when using WPA/WPA2
On Linux, verify that the kernel entropy pool is capable of providing
strong random data before allowing WPA/WPA2 connection to be
established. If 20 bytes of data cannot be read from /dev/random,
force first two 4-way handshakes to fail while collecting entropy
into the internal pool in hostapd. After that, give up on /dev/random
and allow the AP to function based on the combination of /dev/urandom
and whatever data has been collected into the internal entropy pool.
Jouni Malinen [Tue, 23 Nov 2010 23:29:40 +0000 (01:29 +0200)]
Maintain internal entropy pool for augmenting random number generation
By default, make hostapd and wpa_supplicant maintain an internal
entropy pool that is fed with following information:
hostapd:
- Probe Request frames (timing, RSSI)
- Association events (timing)
- SNonce from Supplicants
wpa_supplicant:
- Scan results (timing, signal/noise)
- Association events (timing)
The internal pool is used to augment the random numbers generated
with the OS mechanism (os_get_random()). While the internal
implementation is not expected to be very strong due to limited
amount of generic (non-platform specific) information to feed the
pool, this may strengthen key derivation on some devices that are
not configured to provide strong random numbers through
os_get_random() (e.g., /dev/urandom on Linux/BSD).
This new mechanism is not supposed to replace proper OS provided
random number generation mechanism. The OS mechanism needs to be
initialized properly (e.g., hw random number generator,
maintaining entropy pool over reboots, etc.) for any of the
security assumptions to hold.
If the os_get_random() is known to provide strong ramdom data (e.g., on
Linux/BSD, the board in question is known to have reliable source of
random data from /dev/urandom), the internal hostapd random pool can be
disabled. This will save some in binary size and CPU use. However, this
should only be considered for builds that are known to be used on
devices that meet the requirements described above. The internal pool
is disabled by adding CONFIG_NO_RANDOM_POOL=y to the .config file.
Jouni Malinen [Tue, 23 Nov 2010 23:05:20 +0000 (01:05 +0200)]
Annotate places depending on strong random numbers
This commit adds a new wrapper, random_get_bytes(), that is currently
defined to use os_get_random() as is. The places using
random_get_bytes() depend on the returned value being strong random
number, i.e., something that is infeasible for external device to
figure out. These values are used either directly as a key or as
nonces/challenges that are used as input for key derivation or
authentication.
The remaining direct uses of os_get_random() do not need as strong
random numbers to function correctly.
Jouni Malinen [Tue, 23 Nov 2010 22:52:46 +0000 (00:52 +0200)]
Re-initialize GMK and Key Counter on first station connection
This adds more time for the system entropy pool to be filled before
requesting random data for generating the WPA/WPA2 encryption keys.
This can be helpful especially on embedded devices that do not have
hardware random number generator and may lack good sources of
randomness especially early in the bootup sequence when hostapd is
likely to be started.
GMK and Key Counter are still initialized once in the beginning to
match the RSN Authenticator state machine behavior and to make sure
that the driver does not transmit broadcast frames unencrypted.
However, both GMK (and GTK derived from it) and Key Counter will be
re-initialized when the first station connects and is about to
enter 4-way handshake.
Jouni Malinen [Mon, 22 Nov 2010 22:57:14 +0000 (00:57 +0200)]
Mix in more data to GTK/IGTK derivation
The example GMK-to-GTK derivation described in the IEEE 802.11 standard
is marked informative and there is no protocol reason for following it
since this derivation is done only on the AP/Authenticator and does not
need to match with the Supplicant. Mix in more data into the derivation
process to get more separation from GMK.
Jouni Malinen [Sat, 20 Nov 2010 10:27:06 +0000 (12:27 +0200)]
edit: Really fix the completion of last character
The previous commit broke completion in various places. The proper
way of handling the completion of full word is to verify whether
there are more than one possible match at that point.
Jouni Malinen [Sat, 20 Nov 2010 09:59:04 +0000 (11:59 +0200)]
edit: Fix completion at the last character
Completion needs to be done even if the full word has been entered.
In addition, fix the space-after-full-word to properly allocate room
for the extra character when completion is used in the middle of the
string.
Jouni Malinen [Fri, 19 Nov 2010 10:58:31 +0000 (12:58 +0200)]
P2P: Accept invitations to already running persistent group
We can automatically accept invitations that are for a persistent
group that is already running. There is no need to confirm this
separately or preparare a new group interface.
Jouni Malinen [Fri, 19 Nov 2010 10:58:03 +0000 (12:58 +0200)]
P2P: Stop p2p_find/p2p_listen when Invitation is accepted
When an Invitation to reinvoke a persistent group is accepted,
we need to make sure that any pending p2p_find or p2p_listen
operation gets stopped to avoid consuming all radio resources
doing device discovery while the group is being set up.
Jouni Malinen [Thu, 18 Nov 2010 22:35:13 +0000 (00:35 +0200)]
wlantest: Add preliminary infrastructure for injecting frames
This adds new commands for wlantest_cli to request wlantest to
inject frames. This version can only send out Authentication
frames and unprotected SA Query Request frames, but there is
now place to add more frames and encryption with future commits.
Jouni Malinen [Thu, 18 Nov 2010 10:42:02 +0000 (12:42 +0200)]
P2P: Indicate WPS events from AP mode only during group formation
The duplicated WPS event in the parent interface should only be used
during P2P group formation, i.e., when the WPS operation was actually
started using the parent interface. When authorizing a client to
connect to an already running group, the WPS command is issued on
the group interface and there is no need to duplicate the event to
the parent interface.
Jouni Malinen [Thu, 18 Nov 2010 10:41:27 +0000 (12:41 +0200)]
P2P: Make sure wpa_s->global->p2p_group_formation gets cleared
This pointer is now used in number of places to check whether an
interface is in P2P Group Formation, so we better make sure it gets
cleared when group formation has been completed. This was done in
only some of the cases.
Jouni Malinen [Wed, 17 Nov 2010 14:48:39 +0000 (16:48 +0200)]
WPS: Add special AP Setup Locked mode to allow read only ER
ap_setup_locked=2 can now be used to enable a special mode where
WPS ER can learn the current AP settings, but cannot change then.
In other words, the protocol is allowed to continue past M2, but
is stopped at M7 when AP is in this mode. WPS IE does not
advertise AP Setup Locked in this case to avoid interoperability
issues.
In wpa_supplicant, use ap_setup_locked=2 by default. Since the AP PIN
is disabled by default, this does not enable any new functionality
automatically. To allow the read-only ER to go through the protocol,
wps_ap_pin command needs to be used to enable the AP PIN.
Jouni Malinen [Tue, 16 Nov 2010 13:22:06 +0000 (15:22 +0200)]
P2P: Fix invitation-to-running-group handling
The pending_invite_ssid_id of -1 (running group, not persistent) was
being stored incorrectly in the group interface, not device interface
(i.e., parent of the group interface) and consequently, the incorrect
information was used when processing the Invitation Response.
If there was a persistent group credentials stored with network id
0, those were used instead to try to set up a persistent group
instead of using the already running group.
Albert Liu [Mon, 15 Nov 2010 14:16:39 +0000 (16:16 +0200)]
P2P: Update pending join interface address during scans
Since the P2P peer entry may not have been available at the time the
join request was issued, we need to allow the P2P Interface Address
to be updated during join-scans when the P2P peer entry for the GO
may be added.
Jouni Malinen [Mon, 15 Nov 2010 14:15:38 +0000 (16:15 +0200)]
P2P: Allow multiple scan runs to find GO for p2p_connect join
If the GO is not found, we cannot send Provisioning Discovery Request
frame and cannot really connect anyway. Since the Provisioning
Discovery is a mandatory part, it is better to continue join-scan
until the GO is found instead of moving to the next step where
normal connection scan is used (PD would not be used from there).
Use a limit of 10 scan attempts for p2p_connect join to avoid getting
in infinite loop trying to join. If the GO is not found with those
scans, indicate failure (P2P-GROUP-FORMATION-FAILURE) and stop the
join attempt.
Jouni Malinen [Sun, 14 Nov 2010 17:15:23 +0000 (19:15 +0200)]
wpa_cli: Add internal line edit implementation
CONFIG_WPA_CLI_EDIT=y can now be used to build wpa_cli with internal
implementation of line editing and history support. This can be used
as a replacement for CONFIG_READLINE=y.
Jouni Malinen [Sun, 14 Nov 2010 11:16:51 +0000 (13:16 +0200)]
wpa_cli: Replace CONFIG_WPA_CLI_FORK design with eloop
Instead of using a separate process to receive and print event
messages, use a single-process design with eloop to simply
wpa_cli and interaction with readline.
Jouni Malinen [Sun, 14 Nov 2010 09:30:19 +0000 (11:30 +0200)]
wpa_cli: Split wpa_cli_interactive() into two versions
Instead of multiple #ifdef blocks for readline within the function,
use two copies of the functions, one for readline, one without any
readline functionality.