Use correct WPA_ALG_* values to compare for enum wpa_alg
enum wpa_alg was being compared with WPA_CIPHER_* values. That does not
work here and strict compilers will report this as an error. Fix the
comparision to use proper WPA_ALG_* values. This fixes testing
capability for resetting IPN for BIP.
Fixes: 16579769ff7b ("Add testing functionality for resetting PN/IPN for configured keys") Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Jouni Malinen [Sun, 11 Mar 2018 15:04:34 +0000 (17:04 +0200)]
mka: Mark ieee802_1x_kay_create_mka() ckn and cak arguments const
These structures are not modified or freed (i.e., only data from them is
copied), so mark the arguments const to document this a bit more clearly
now that there was a memory leak in one of the callers to this function.
Davide Caratti [Thu, 8 Mar 2018 16:15:02 +0000 (17:15 +0100)]
wpa_supplicant: Fix memory leaks in ieee802_1x_create_preshared_mka()
In case MKA is initialized successfully, local copies of CAK and CKN
were allocated, but never freed. Ensure that such memory is released
also when ieee802_1x_kay_create_mka() returns a valid pointer.
Mike Siedzik [Tue, 20 Feb 2018 19:28:40 +0000 (14:28 -0500)]
mka: Do not print contents of SAK to debug log
Log newly generated SAKs as well as unwrapped SAKs with wpa_hexdump_key()
rather than wpa_hexdump(). By default, the wpa_hexdump_key() function
will not display sensitive key data.
Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
Mike Siedzik [Tue, 20 Feb 2018 19:28:37 +0000 (14:28 -0500)]
mka: Detect duplicate MAC addresses during key server election
In the unlikely event the local KaY and the elected peer have the same
actor priority as well as the same MAC address, log a warning message
and do not elect a key server. Resolution is for network administrator
to reconfigure MAC address.
Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
Mike Siedzik [Tue, 20 Feb 2018 19:28:34 +0000 (14:28 -0500)]
mka: Loss of live peers to result in connect PENDING not AUTHENTICATED
When the number of live peers becomes 0 the KaY was setting
kay->authenticated true and telling the CP to connect AUTHENTICATED.
Per IEEE Std 802.1X-2010 Clause 12.2, MKA.authenticated means "the Key
Server has proved mutual authentication but has determined that
Controlled Port communication should proceed without the use of MACsec",
which means port traffic will be passed in the clear.
When the number of live peers becomes 0 the KaY must instead set
kay->authenticated false and tell the CP to connect PENDING. Per Clause
12.3 connect PENDING will "prevent connectivity by clearing the
controlledPortEnabled parameter."
Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
Mike Siedzik [Tue, 20 Feb 2018 19:28:32 +0000 (14:28 -0500)]
mka: Ignore MACsec SAK Use Old Key parameter if we don't have our old key
Upon receipt of the "MACsec MKPDU SAK Use parameter set" the KaY verifies
that both the latest key and the old key are valid. If the local system
reboots or is reinitialized, the KaY won't have a copy of its old key.
Therefore if the KaY does not have a copy of its old key it should not
reject MKPDUs that contain old key data in the MACsec SAK Use parameter.
Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
Mike Siedzik [Tue, 20 Feb 2018 19:28:31 +0000 (14:28 -0500)]
mka: When matching CKNs ensure that lengths are identical
KaY looks up participants using CAK Name (CKN). Per IEEE Std 802.1X-2010
Clause 9.3.1 CAK identification, the CKN is an integral number of
octets, between 1 and 32 (inclusive). This fix will ensure that the KaY
does not inadvertently match CKNs such as 'myCakNamedFoo' and
'myCakNamedFooBar'.
Signed-off-by: Michael Siedzik <msiedzik@extremenetworks.com>
Tamizh chelvam [Wed, 14 Feb 2018 13:43:56 +0000 (19:13 +0530)]
Extend ACL check for Probe Request frames
Extend ACL check to deny Probe Request frames for the client which does
not pass ACL check. Skip this check for the case where RADIUS ACL is
used to avoid excessive load on the RADIUS authentication server due to
Probe Request frames. This patch add wpa_msg event for auth and assoc
rejection due to acl reject.
Add new WiFi test config attributes to configure BA params
Define a new WiFi test configuration attributes in QCA vendor
command to configure BA session parameters and to add or
delete a BA session and to configure no ack policy.
This is used for configuring the testbed device.
Add new WiFi test config attribute to allow WEP/TKIP in HE
Define a new WiFi test configuration attribute in QCA vendor
command to allow or not to allow WEP/TKIP in HT/VHT/HE mode.
This is used for configuring the testbed device.
Jeffin Mammen [Fri, 2 Mar 2018 19:10:38 +0000 (21:10 +0200)]
FILS: Check kde more consistently to avoid static analyzer warnings
For FILS, __wpa_send_eapol() is called only with the kde != NULL, but a
static analyzer might not understand that. Add an explicit check kde !=
NULL similarly to the other cases going through the kde parameter to
silence such bogus warnings.
Jouni Malinen [Fri, 2 Mar 2018 10:29:30 +0000 (12:29 +0200)]
SAE: Debug print group support in the crypto library
This makes it easier to understand why "SAE: Failed to select group"
debug entry shows up in cases the selected crypto library does not
support a specific group.
Jouni Malinen [Fri, 2 Mar 2018 10:13:16 +0000 (12:13 +0200)]
SAE: Fix potential infinite loop in mismatching PMK case on AP
Commit e61fea6b467bec0702096c795b06195584d32a6c ('SAE: Fix PMKSA caching
behavior in AP mode') modified the PSK fetching loop to not override PMK
in case of SAE with PMKSA caching. However, that commit missed the error
path cases where there is need to break from the loop with exact
negative of the check in the beginning of the loop. This could result in
hitting an infinite loop in hostapd if a station derived a different PMK
value from otherwise successfully completed SAE authentication or if a
STA used a different PMK with a PMKSA caching attempt after a previously
completed successful authentication.
Fix this by adding the matching break condition on SAE AKM within the
loops.
Fixes: e61fea6b467b ("SAE: Fix PMKSA caching behavior in AP mode") Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Anurag Das [Fri, 23 Feb 2018 10:14:02 +0000 (15:44 +0530)]
wpadebug: Add activity to select method for QR Code scanning
Add QrCodeReadActivity that makes a decision to select between InputUri
and QrCodeScannerActivity depending on the availability of the camera in
the device.
Anurag Das [Wed, 21 Feb 2018 12:35:33 +0000 (18:05 +0530)]
wpadebug: A dialog activity to input the URI from QR Code Scanner
This should help to read the URI from the QR Code Scanner's (USB HID
devices instead of USB video device) that decodes the QR Code.
This dialog box provisions the mechanism to enter the decoded
URI code from such hardware devices.
This dialog can be used with:
am start -n w1.fi.wpadebug/w1.fi.wpadebug.InputUri
Jouni Malinen [Fri, 16 Feb 2018 15:15:57 +0000 (17:15 +0200)]
tests: Suite B tests with BoringSSL
Enable appropriate Suite B test cases with BoringSSL. Currently, this
means enabling only the 192-bit level ECDSA and ECDHE-RSA since
BoringSSL has removed support for DHE and there is no need to support
128-bit level ECDSA anymore.
Jouni Malinen [Mon, 19 Feb 2018 14:37:36 +0000 (16:37 +0200)]
BoringSSL: Set appropriate sigalgs for Suite B RSA 3K cases
This commit takes care of the sigalg configuration using the relatively
recent SSL_CTX_set_verify_algorithm_prefs() addition from April 2017 to
address the functionality that was already there with OpenSSL using
SSL_set1_sigalgs_list().
Jouni Malinen [Mon, 19 Feb 2018 14:25:54 +0000 (16:25 +0200)]
BoringSSL: Map OpenSSL SUITEB192 cipher into appropriate sigalgs
BoringSSL removed the special OpenSSL cipher suite value "SUITEB192", so
need to map that to the explicit ciphersuite
(ECDHE-ECDSA-AES256-GCM-SHA384), curve (P-384), and sigalg
(SSL_SIGN_ECDSA_SECP384R1_SHA384) to allow 192-bit level Suite B with
ECDSA to be used.
This commit takes care of the sigalg configuration using the relatively
recent SSL_CTX_set_verify_algorithm_prefs() addition from April 2017.
Jouni Malinen [Fri, 16 Feb 2018 15:14:16 +0000 (17:14 +0200)]
BoringSSL: Map OpenSSL SUITEB192 cipher into appropriate parameters
BoringSSL removed the special OpenSSL cipher suite value "SUITEB192", so
need to map that to the explicit ciphersuite
(ECDHE-ECDSA-AES256-GCM-SHA384), curve (P-384), and sigalg
(SSL_SIGN_ECDSA_SECP384R1_SHA384) to allow 192-bit level Suite B with
ECDSA to be used.
This commit takes care of the ciphersuite and curve configuration.
sigalg change is in a separate commit since it requires a newer
BoringSSL API function that may not be available in all builds.
Jouni Malinen [Mon, 19 Feb 2018 14:00:19 +0000 (16:00 +0200)]
OpenSSL: Replace SSL_set1_curves_list() with SSL_set1_curves()
In practice, this does the same thing (i.e., allows only the P-384 curve
to be used), but using an older API function that happens to be
available in some BoringSSL builds while the newer one is not.
Masashi Honma [Sat, 30 Dec 2017 20:35:28 +0000 (05:35 +0900)]
tests: Fix Permission denied on Fedora
On Fedora 26, start.sh fails with these error messages.
Failed to connect to wpa_supplicant global interface: /tmp/wpas-wlan0 error: Permission denied
Failed to connect to wpa_supplicant global interface: /tmp/wpas-wlan0 error: Permission denied
...
This is because Fedora 26 uses "wheel" group as administrative group.
Now we can configure the network block so that it allows MFP setting for
the NL80211_CMD_CONNECT command. If the kernel finds an AP that requires
MFP, it'll be able to connect to it.
Note that since NL80211_MFP_OPTIONAL isn't supported for
NL80211_CMD_ASSOCIATE, we need to take the MFP configuration outside
nl80211_connect_common(). In addition, check that
NL80211_EXT_FEATURE_MFP_OPTIONAL is supported, to be backward compatible
with older kernels.
Avraham Stern [Sun, 28 Jan 2018 12:45:37 +0000 (14:45 +0200)]
wpa_supplicant: Handle port authorized event
When the driver indicates that the connection is authorized (i.e., the
4-way handshake was completed by the driver), cancel the EAP
authentication timeout and set the EAP state machine to success state.
Avraham Stern [Sun, 28 Jan 2018 12:45:35 +0000 (14:45 +0200)]
driver: Add port authorized event
Add an event that indicates that the 4 way handshake was completed by
the driver.
This event is useful for networks that require 802.1X authentication.
The driver can use this event that a new connection is already
authorized (e.g. when the driver used PMKSA caching) and 802.1X
authentication is not required.
Eliad Peller [Sun, 28 Jan 2018 12:45:33 +0000 (14:45 +0200)]
nl80211: Check 4-way handshake offload support
Set the WPA_DRIVER_FLAGS_4WAY_HANDSHAKE flag if the driver indicates
both 4-way handshake PSK and 802.1X support. Currently wpa_supplicant
doesn't distinguish between 4-way handshake for 802.1X and PSK, but
nl80211 API has different capabilities for each one.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
wpa_passphrase requires libcrypto from OpenSSL (or another selected
library). User can set an alternative path to OpenSSL libraries by
defining LIBS at the top of .config but if $(LIBS) is not actually used
wrong libcrypto is used or compilation fails if there is no libcrypto in
the default locations cc is looking for it. It's especially bad for
cross-compilers that fail with 'cannot find -lcrypto' message.
Jouni Malinen [Sat, 17 Feb 2018 16:07:43 +0000 (18:07 +0200)]
DPP: Do not include common/dpp.h without CONFIG_DPP=y
This header file pulls in an OpenSSL header file and as such, should not
be included without CONFIG_DPP=y to avoid bringing in an unnecessary
build dependency on OpenSSL header files.
Jouni Malinen [Sat, 17 Feb 2018 15:41:57 +0000 (17:41 +0200)]
tests: Fix dbus_set_global_properties failure if run twice
Clear the model_name parameter back to the default (empty string) at the
beginning and the end of dbus_set_global_properties to avoid failures if
the test case is run multiple times.
Jouni Malinen [Sat, 17 Feb 2018 15:21:05 +0000 (17:21 +0200)]
tests: Make dbus_p2p_discovery more robust
Ignore any unexpected deviceLost event before the peer devices has been
discovered. This works around issues where the previous test case
terminates before the D-Bus events have been fully delivered. This could
happen, e.g., when running dbus_p2p_discovery twice in a row.
Jouni Malinen [Wed, 14 Feb 2018 10:40:33 +0000 (12:40 +0200)]
OpenSSL: Fix EAP-FAST with OpenSSL 1.1.1-pre1
TLS v1.3 needs to be explicitly disabled to allow cipher suite selection
for EAP-FAST to work with OpenSSL builds that include TLS v1.3 support.
Without this, OpenSSL refuses to generate ClientHello due to the cipher
suite list including only ciphers allowed with older versions than TLS
v1.3.
Jouni Malinen [Sat, 10 Feb 2018 10:42:00 +0000 (12:42 +0200)]
DPP: Use wildcard BSSID in GAS query frames
Force use of the wildcard BSSID address in GAS query frames with DPP
regardless of how the gas_address3 configuration parameter is set. DPP
specification mandates this and the use of GAS here is really outside
the context of a BSS, so using the wildcard BSSID makes sense even for
the corner case of Configurator running on a known AP (where IEEE 802.11
standard would allow the BSSID of the AP to be used).
Jouni Malinen [Sat, 10 Feb 2018 10:16:53 +0000 (12:16 +0200)]
nl80211: Do not try to add too large NL80211_ATTR_PMK for set/del PMKSA
The current cfg80211 limit for the maximum NL80211_ATTR_PMK length is
48, so anything larger than that will result in the operation completely
failing. Since the PMKSA entries can be used without the PMK for most
purposes (the main use case for PMK currently is offloaded FILS
authentication), try to go ahead by configuring only the PMKID for the
case where 64-octet PMK is needed (which is currently limited to only
DPP with NIST P-521 and brainpoolP512r1 curves). This can fix DPP
connections with drivers that expect to get the PMKID through this
interface while still leaving the actual 4-way handshake for user space.
wpadebug: Add support for QR Code scanning and display via zxing
Enhance wpadebug application to support scanning and displaying of QR
codes. This depends on a third-party source: zxing
(https://github.com/zxing/zxing).
Shell command to launch scanner/viewer via wpadebug is:
>adb root
>adb shell
Tamizh chelvam [Thu, 11 Jan 2018 09:59:03 +0000 (15:29 +0530)]
hostapd: Dynamic MAC ACL management over control interface
Previously, MAC ACL could be modified only through file operations
(modify accept/deny_mac_file and reload it to hostapd). Extend this to
allow MAC ACL to be modified and displayed through new control interface
commands:
Jouni Malinen [Wed, 7 Feb 2018 16:03:58 +0000 (18:03 +0200)]
DPP: Fix GAS query removal race condition on DPP_STOP_LISTEN
If a DPP_STOP_LISTEN call happens to be received when there is a pending
gas-query radio work that has not yet been started, it was possible for
gas_query_stop() to go through gas_query_done() processing with
gas->work == NULL and that ended up with the pending GAS query getting
freed without removing the pending radio work that hold a reference to
the now freed memory. Fix this by removing the pending non-started radio
work for the GAS query in this specific corner case.
Jouni Malinen [Wed, 7 Feb 2018 15:09:20 +0000 (17:09 +0200)]
tests: Make dpp_qr_code_curve_select more robust
Wait for the configuration exchange to complete before issuing the
DPP_STOP_LISTEN command to avoid confusing sequence of operation between
the ongoing and immediately following DPP exchanges.
Jouni Malinen [Wed, 7 Feb 2018 14:56:43 +0000 (16:56 +0200)]
DPP: PKEX initiation on other bands
Add support for wpa_supplicant to try to initiate PKEX on 5 GHz and 60
GHz bands in addition to the previously available 2.4 GHz case. If no
response from a peer device is seen on the 2.4 GHz band (channel 6) for
the five attempts, try the other PKEX channels (5 GHz channels 44 and
149; and 60 GHz channel 2) if they are supported and allowed for
initiating radiation.
Jouni Malinen [Wed, 7 Feb 2018 11:45:48 +0000 (13:45 +0200)]
tests: Make owe_transition_mode_multi_bss more robust
Fix bssid2 value to make scanning more reliable for the second OWE BSS.
In addition, reorder the STA status checks to happen before the data
connectivity check to get more accurate failure reason into the log if
the test case fails.
Jouni Malinen [Wed, 7 Feb 2018 10:34:41 +0000 (12:34 +0200)]
ieee802_11_mgmt: Handle frame info more consistently
Check for the fi parameter to be non-NULL before trying to fetch the
ssi_signal information similarly to how the fi->freq was already
handled. While the meta information is supposed to be available, it
looks like there is at least one corner case where fi == NULL could be
used (Authentication frame reprocessing after RADIUS-based ACL).
Define new QCA vendor sub command for wifi test configuration
Define a new QCA vendor sub command for configuring the device with wifi
test configuration. Add new test config attributes for this sub command
that are used to configure the device for testbed configuration.
Jouni Malinen [Tue, 6 Feb 2018 18:54:55 +0000 (20:54 +0200)]
DPP: Require use of PMF for DPP AKM
Previously, wpa_supplicant set PMF as optional for the DPP AKM since
there was no clear statement about this requirement in the tech spec.
Now that this requirement has been added, update the implementation to
match. In addition, set ssid->ieee80211w using the actual enum
mfp_options values instead of magic constants to make this a bit more
readable.
Ashok Ponnaiah [Tue, 6 Feb 2018 18:20:22 +0000 (20:20 +0200)]
OWE: Support DH groups 20 and 21 with driver-SME/MLME
This was already the case with the hostapd-based SME/MLME
implementation, but the OWE DH Param element construction for the
driver-based SME/MLME needed a matching change to set the group
properly.
Michal Kazior [Thu, 1 Feb 2018 11:03:28 +0000 (12:03 +0100)]
hostapd: Fix wpa_psk_file support for FT-PSK
For FT-PSK sm->xxkey was populated with only the first password on the
linked list (i.e., last matching password in the wpa_psk_file) in
INITPSK. This caused only that password to be recognized and accepted.
All other passwords were not verified properly and subsequently
prevented clients from connecting.
Hostapd would report:
Jan 30 12:55:44 hostapd: ap0: STA xx:xx:xx:xx:xx:xx WPA: sending 1/4 msg of 4-Way Handshake
Jan 30 12:55:44 hostapd: ap0: STA xx:xx:xx:xx:xx:xx WPA: received EAPOL-Key frame (2/4 Pairwise)
Jan 30 12:55:44 hostapd: ap0: STA xx:xx:xx:xx:xx:xx WPA: invalid MIC in msg 2/4 of 4-Way Handshake
Jan 30 12:55:45 hostapd: ap0: STA xx:xx:xx:xx:xx:xx WPA: EAPOL-Key timeout
Signed-off-by: Michal Kazior <michal@plumewifi.com>
Jouni Malinen [Sun, 4 Feb 2018 10:20:13 +0000 (12:20 +0200)]
wpa_supplicant: Fix parsing errors on additional config file
If the -I<config> argument is used and the referenced configuration file
cannot be parsed, wpa_config_read() ended up freeing the main
configuration data structure and that resulted in use of freed memory in
such an error case. Fix this by not freeing the main config data and
handling the error case in the caller.
Dmitry Shmidt [Thu, 1 Feb 2018 00:34:54 +0000 (00:34 +0000)]
wpa_supplicant: Free config only if it was allocated in same call
If option -I:config points to a non-existing file, the the previously
allocated config must not be freed. Avoid use of freed memory in such an
error case by skipping the incorrect freeing operation.
Adiel Aloni [Tue, 30 Jan 2018 11:10:10 +0000 (13:10 +0200)]
tests: Enable device PS before sending PS-Poll
Linux kernel commit c9491367b759 ("mac80211: always update the PM state
of a peer on MGMT / DATA frames") enforces the AP to check only
mgmt/data frames PM bit, and to update station's power save accordingly.
When sending only a PS-Poll (control frame) the AP will ignore the PM
bit. As the result, the partial virtual bitmap will not be updated, and
the test ap_open_disconnect_in_ps will fail on tshark check. Since the
test needs only the TIM to be updated, setting PS enabled will send NDP
that will signal that the station is sleeping. Sending PS-Poll to enable
power save is not correct, according to the following standard
statement: "A PS-Poll frame exchange does not necessarily result in an
Ack frame from the AP, so a non-AP STA cannot change power management
mode using a PS-Poll frame."
Jouni Malinen [Sun, 4 Feb 2018 09:55:01 +0000 (11:55 +0200)]
OWE: Fix association IEs for transition mode open AP connection
The special case of returning from wpa_supplicant_set_suites() when OWE
transition mode profile is used for an open association did not clear
the wpa_ie buffer length properly. This resulted in trying to use
corrupted IEs in the association request and failed association
(cfg80211 rejects the request or if the request were to go out, the AP
would likely reject it).
Simon Dinkin [Thu, 1 Feb 2018 15:12:03 +0000 (17:12 +0200)]
common: Fix the description of wpa_ctrl_request() function
The blocking timeout of this function was changed from 2 seconds to 10
seconds in this commit 1480633f ("Use longer timeout in
wpa_ctrl_request()"), but the description was never changed accordingly.
Signed-off-by: Simon Dinkin <simon.dinkin@tandemg.com> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
David Messer [Wed, 31 Jan 2018 16:01:00 +0000 (11:01 -0500)]
Fix compiler issue with CONFIG_TESTING_OPTIONS
Use the preprocessor conditional "ifdef" instead of "if" before
CONFIG_TESTING_OPTIONS to prevent an issue on build systems that treat
undefined preprocessor identifiers as an error.
Signed-off-by: David Messer <david.messer@garmin.com>
Jouni Malinen [Sat, 3 Feb 2018 10:08:09 +0000 (12:08 +0200)]
wpa_cli: Fix cred_fields[] declaration
This was supposed to be an array of const-pointers to const-char; not
something duplicating const for char and resulting in compiler warnings
with more recent gcc versions.
Sunil Dutt [Thu, 1 Feb 2018 11:31:28 +0000 (17:01 +0530)]
SAE: Support external authentication offload for driver-SME cases
Extend the SME functionality to support the external authentication.
External authentication may be used by the drivers that do not define
separate commands for authentication and association
(~WPA_DRIVER_FLAGS_SME) but rely on wpa_supplicant's SME for the
authentication.
Sunil Dutt [Thu, 1 Feb 2018 07:15:41 +0000 (12:45 +0530)]
nl80211: Introduce the interface for external authentication
This command/event interface can be used by host drivers that do not
define separate commands for authentication and association but rely on
wpa_supplicant for the authentication (SAE) processing.
Guisen Yang [Thu, 1 Feb 2018 09:05:19 +0000 (17:05 +0800)]
Add new QCA vendor commands for thermal shutdown
Add new QCA vendor commands and attributes to get thermal information
and send thermal shutdown related commands. Indicates the driver to
enter the power saving mode or resume from the power saving mode based
on the given temperature and thresholds.
Ashok Ponnaiah [Tue, 30 Jan 2018 11:24:39 +0000 (16:54 +0530)]
OWE: Use PMKSA caching if available with driver AP MLME
If a matching PMKSA cache entry is present for an OWE client, use it and
do not go through DH while processing Association Rquest frame.
Association Response frame will identify the PMKID in such a case and DH
parameters won't be present.