Masashi Honma [Fri, 8 Feb 2019 22:51:07 +0000 (07:51 +0900)]
tests: Change handling of reading non blocked empty stream for python3
The result of reading non blocked empty stream is different between
python2 and 3. The python2 sends "[Errno 11] Resource temporarily
unavailable" exception. The python3 could read "None" without
exception, so handle this "None" case as well.
Jouni Malinen [Sat, 9 Feb 2019 22:06:26 +0000 (00:06 +0200)]
nl80211: Use wpa_ssid_txt() for debug messages more consistently
Print the SSID with printf escaping instead of wpa_hexdump_ascii()
format to clean up the debug log a bit. This was already done for number
of SSID debug prints.
P2P: Update find_start timer only when p2p_scan is started.
p2p->find_start timer was updated on each p2p_find call irrespective of
p2p_find being successful/failed/rejected. For cases where p2p_find was
in progress/pending, another call to p2p_find would be rejected but
p2p->find_start timer would still be updated.
p2p->find_start is maintained in wpa_supplicant to reject the kernel
scan entries before the p2p->find_start time. In above scenario, some of
the scan entries could be discarded even if the Probe Respons frame(s)
were received during the last scan/p2p_find.
This commit changes this to update the p2p->find_start timer only when
call to p2p_find is successful, i.e., a new scan is actually started.
Jouni Malinen [Thu, 31 Jan 2019 10:54:33 +0000 (12:54 +0200)]
HS 2.0: Update the T&C Acceptance subtype value
The previously used value 2 was already assigned for another purpose
(MBO non-preferred channel report), so the newer T&C Acceptable
definition needs to be updated with a unique value.
Johannes Berg [Sat, 2 Feb 2019 22:38:35 +0000 (23:38 +0100)]
tests: Make /etc/alternatives work in VM
In recent Debian versions, ebtables is an alias managed by
the alternatives(8) mechanism. This means /usr/sbin/ebtables
is a symlink to /etc/alternatives/ebtables, which in turn
links to the real binary.
As we mount a tmpfs over /etc, we cannot access this.
Fix this by bind-mounting the real /etc to /tmp/etc and
adding a symlink from /etc/alternatives to this.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Sat, 2 Feb 2019 22:16:07 +0000 (23:16 +0100)]
tests: Add sigma_dut to .gitignore
Evidently this file must exist when running the sigma_dut
dependent tests, add it to .gitignore so it's not seen as
making the tree "unclean" when it is added manually.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Sat, 2 Feb 2019 22:16:03 +0000 (23:16 +0100)]
tests: Add test reconnecting on assoc failure
Add a test that drops the authentication frame, so that
hostapd thinks the station is unknown, and then sends one
by itself, so the station thinks it's associated. This
tests mostly the kernel's capability to recover from this
scenario.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Tue, 5 Feb 2019 18:36:28 +0000 (20:36 +0200)]
nl80211: Clear PMKID add command message buffer
This command has now been extended to include PMK for offload needs, so
the message buffer needs to be cleared explicitly after use to avoid
leaving such material in heap memory unnecessarily.
Fixes: 061a3d3d5300 ("nl80211: Add support for FILS Cache Identifier in add/remove_pmkid()") Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Jouni Malinen [Tue, 5 Feb 2019 18:34:34 +0000 (20:34 +0200)]
nl80211: Clear connect command message buffer
This command can include keys (WEP or PSK for offload), so the message
buffer needs to be cleared explicitly after use to avoid leaving such
material in heap memory unnecessarily.
Jouni Malinen [Tue, 5 Feb 2019 18:30:08 +0000 (20:30 +0200)]
nl80211: Request kernel to trim off payload of netlink requests from acks
We do not need such payload in the acknowledgment, so adding it uses
resources unnecessarily. Furthermore, the original request can include
key material (e.g., NL80211_ATTR_PMK). libnl does not explicitly clear
this received message buffer and it would be inconvenient for
wpa_supplicant/hostapd to try to clear it with the current libnl design
where a duplicated buffer is actually passed to the callback. This means
that keys might be left unnecessarily in heap memory. Avoid this by
requesting the kernel not to copy back the request payload.
Jouni Malinen [Tue, 5 Feb 2019 18:26:50 +0000 (20:26 +0200)]
EAP peer: Clear temporary message buffers before freeing
These buffers in TLS-based EAP methods might contain keys or password
(e.g., when using TTLS-PAP or PEAP-GTC), so clear them explicitly to
avoid leaving such material into heap memory unnecessarily.
Jouni Malinen [Tue, 5 Feb 2019 18:25:21 +0000 (20:25 +0200)]
Clear config item writing buffer before freeing it
This buffer may be used to store items like passwords, so better clean
it explicitly to avoid possibility of leaving such items in heap memory
unnecessarily.
Johannes Berg [Tue, 5 Feb 2019 11:26:58 +0000 (12:26 +0100)]
tests: Optionally start telnet server inside VMs
If telnetd is installed and --telnet <port> is passed on the
vm-run.sh command line, start a telnet server (directly connected
to bash, no login) inside the VM(s) to be able to look into them
when something is wrong. Use a user network in qemu with a single
host forward from the specified port for this, listening only on
'localhost'.
Please note that this provides unauthenticated access to the guest
system from anything that can open a TCP connection on the host system.
The guess system does have access to reading all files on the host that
the user account running kvm has access to (and even write access if the
default ROTAG ,readonly parameter is cleared). In other words, this
option should not be used on any multiuser systems where kvm is run
under user accounts that are not dedicated for testing purposes (i.e.,
do not have access to any files that should not be readable to
everyone).
This needs CONFIG_VIRTIO_NET=y in the guest kernel.
For parallel-vm.py, the --telnet argument specifies the base port
and each VM index (0, 1, ...) is added to it.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Tue, 5 Feb 2019 11:26:46 +0000 (12:26 +0100)]
tests: Suppress annoying console reset from VMs
Recently, qemu/seabios grew an annoying console/terminal reset,
which also causes my terminal to be left in a state where long
lines don't work well and less gets confused because of this.
Suppress this by suppressing all output from qemu before a new
magic string printed from inside.sh.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Tue, 5 Feb 2019 00:12:00 +0000 (02:12 +0200)]
tests: Create radio for p2ps_channel_active_go_and_station_different_mcc
Instead of relying on existing configuration (which may conflict
with other tests) and skipping otherwise, create a new radio with
two channels in this test and use it.
Johannes Berg [Sat, 2 Feb 2019 23:04:31 +0000 (00:04 +0100)]
tests: Create radio for p2ps_channel_both_connected_different_mcc
Instead of relying on existing configuration (which may conflict
with other tests) and skipping otherwise, create a new radio with
two channels in this test and use it.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Mon, 4 Feb 2019 17:27:57 +0000 (19:27 +0200)]
tests: Encode Disconnect-Request attributes in sorted order for python3
This is needed to fix issues with dict iteration resulting in different
order of attributes when trying to calculate Message-Authenticator
externally to pyrad.
Jouni Malinen [Mon, 4 Feb 2019 16:26:53 +0000 (18:26 +0200)]
tests: Clean up pyrad test cases for python3 compatibility
All other test cases seem to work, but radius_das_disconnect_time_window
is still failing due to incorrect authenticator or Message-Authenticator
in Disconnect-Request.
Jouni Malinen [Mon, 4 Feb 2019 15:13:54 +0000 (17:13 +0200)]
D-Bus: Fix P2P DeleteService dict iteration
The previous implementation assumed the first entry coming out from the
dict is always service_type. That may not be the case, so properly
iterate over all dict entries in one loop instead of assuming what the
first entry is.
Jouni Malinen [Mon, 4 Feb 2019 14:46:31 +0000 (16:46 +0200)]
tests: Read sigma_dut-ap.conf as binary data for python3 compatibility
Sending UTF-8 encoded data to logger file is currently not working
properly, so create a separate binary file with a copy of
sigma_dut-ap.conf instead to work with both python2 and python3.
Jouni Malinen [Mon, 4 Feb 2019 10:23:45 +0000 (12:23 +0200)]
tests: MAC address ASCII string generation in python3 compatible manner
Use struct.unpack() to get a list of int and then generate a list of
hexstr octets from it for ':'.join() to get consistent behavior for both
python2 and python3.
Jouni Malinen [Sun, 3 Feb 2019 10:24:49 +0000 (12:24 +0200)]
tests: Replace str.translate() with str.replace()
This is needed for python3 since the two argument version of
str.translate() is not available for unicode. Furthermore, these cases
of delete colons from the string are simple enough for replace.
Jouni Malinen [Sat, 2 Feb 2019 10:49:23 +0000 (12:49 +0200)]
wpaspy: Convert to/from str to bytes as needed for python3
The control interface commands use mostly ASCII or UTF-8 strings, so
convert input/output to strings/bytes as needed for the socket
operations with python3.
Jouni Malinen [Fri, 1 Feb 2019 22:01:29 +0000 (00:01 +0200)]
PEAP: Explicitly clear temporary keys from memory when using CMK
The case of PEAPv0 with crypto binding did not clear some of the
temporary keys from stack/heap when those keys were not needed anymore.
Clear those explicitly to avoid unnecessary caching of keying material.
Jouni Malinen [Fri, 1 Feb 2019 21:52:28 +0000 (23:52 +0200)]
EAP-PEAP: Derive EMSK and use 128-octet derivation for MSK
Derive EMSK when using EAP-PEAP to enable ERP. In addition, change the
MSK derivation for EAP-PEAP to always derive 128 octets of key material
instead of the 64 octets to cover just the MSK. This is needed with the
PRF used in TLS 1.3 since the output length is mixed into the PRF
context.
Johannes Berg [Fri, 1 Feb 2019 20:31:59 +0000 (21:31 +0100)]
tests: wpasupplicant: Refactor code duplication in wait_global_event()
This code is identical to the wait_event() code, except for the
mon/global_mon instance. Create a _wait_event() function that
encapsulates this, and use it for both.
While at it, fix the bug in wait_global_event() where in the case
of not having a global_mon it always returns None.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Wed, 30 Jan 2019 10:28:43 +0000 (12:28 +0200)]
DPP: Clear dpp_listen_freq on remain-on-channel failure
If the DPP_LISTEN command failed due to the driver rejecting the
remain-on-channel request, wpa_s->dpp_listen_freq was left set to the
requested listen frequency and this resulted in the next DPP_LISTEN for
the same frequency reporting "DPP: Already listening on .." even when
the driver was not really listening on that frequency. Fix this by
clearing wpa_s->dpp_listen_freq in the error case.
P2P: Allow the avoid channels for P2P discovery/negotiation
The avoid channels are notified through
QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY allow minimal traffic, so
enhance the P2P behavior accordingly by considering these avoid
frequencies for P2P discovery/negotiation as long as they are not in
disallowed frequencies list.
Additionally, do not return failure when none of social channels are
available as operation channel, rather, mark the op_channel/op_reg_class
to 0 as this would anyway get selected during the group formation in
p2p_prepare_channel.
Jouni Malinen [Mon, 29 Oct 2018 19:10:27 +0000 (21:10 +0200)]
tests: WNM-Sleep Mode Request bounds checking for empty contents
The wnm_sleep_mode_proto test case was already covering number of
invalid WNM-Sleep Mode Request frame cases, but it was missing the
shortest possible case with a missing Dialog Token field. Add that as a
regression test case for bounds checking in
ieee802_11_rx_wnmsleep_req().
Jouni Malinen [Mon, 29 Oct 2018 18:48:07 +0000 (20:48 +0200)]
WNM: Fix WNM-Sleep Mode Request bounds checking
ieee802_11_rx_wnmsleep_req() might have been called for a short frame
that has no more payload after the Public Action field, i.e., with len
== 0. The bounds checking for the payload length was done only for the
information elements while the one octet Dialog Token field was read
unconditionally. In the original implementation, this could have
resulted in reading one octet beyond the end of the received frame data.
This case has not been reachable after the commit e0785ebbbd18 ("Use
more consistent Action frame RX handling in both AP mode paths"), but it
is better to address the specific issue in ieee802_11_rx_wnmsleep_req()
as well for additional protection against accidential removal of the
check and also to have something that can be merged into an older
version (pre-v2.7) if desired. The comments below apply for such older
versions where the case could have been reachable.
Depending on driver interface specific mechanism used for fetching the
frame, this could result in reading one octet beyond the end of a
stack/hash buffer or reading an uninitialized octet from within a
buffer. The actual value that was read as the Dialog Token field is not
used since the function returns immediately after having read this value
when there is no information elements following the field.
This issue was initially added in commit d32d94dbf47a ("WNM: Add
WNM-Sleep Mode implementation for AP") (with CONFIG_IEEE80211V=y build
option) and it remained in place during number of cleanup and fix
changes in this area and renaming of the build parameter to
CONFIG_WNM=y. The impacted function was not included in any default
build without one of the these optional build options being explicitly
enabled. CONFIG_WNM=y is still documented as "experimental and not
complete implementation" in hostapd/defconfig. In addition, commit 114f2830d2c2 ("WNM: Ignore WNM-Sleep Mode Request in wnm_sleep_mode=0
case") made this function exit before the impact read if WNM-Sleep Mode
support was not explicitly enabled in runtime configuration
(wnm_sleep_mode=1 in hostapd.conf). Commit e0785ebbbd18 ("Use more
consistent Action frame RX handling in both AP mode paths") made this
code unreachable in practice.
Add an explicit check that the frame has enough payload before reading
the Dialog Token field in ieee802_11_rx_wnmsleep_req().
Jared Bents [Wed, 16 Jan 2019 15:15:01 +0000 (09:15 -0600)]
crl_reload_interval: Add CRL reloading support
This patch adds a new flag 'crl_reload_interval' to reload CRL
periodically. This can be used to reload ca_cert file and the included
CRL information on every new TLS session if difference between the last
reload and the current time in seconds is greater than
crl_reload_interval.
This reloading is used for cases where check_crl is 1 or 2 and the CRL
is included in the ca_file.
Signed-off-by: Paresh Chaudhary <paresh.chaudhary@rockwellcollins.com> Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
projects / thirdparty / hostap.git / log
