Ilan Peer [Thu, 22 Oct 2020 11:00:25 +0000 (14:00 +0300)]
hw_feature: Correctly select mode in case of the 6 GHz band
There are 2 HW modes with IEEE80211_MODE_A: one for the 5 GHz channels
and one for 6 GHz channels. Since hw_get_chan() checks all the
compatible hw modes, eventually, an incorrect hw mode is selected.
To fix this, add a function that checks if a specific mode supports
the requested frequency and if so use it as the current mode.
Signed-off-by: Ilan Peer <ilan.peer@intel.com> Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Extend SPR element to support following fields and pass all
information to kernel for driver use.
* Non-SRG OBSS PD Max Offset
* SRG BSS Color Bitmap
* SRG Partial BSSID Bitmap
Allow HE MCS rate to be used for beacon transmission when the driver
advertises the support. The rate is specified with a new beacon_rate
option "he:<HE MCS>" in hostapd configuration.
hostapd: Add HE 6 GHz band capability configuration
Enable user to configure Maximum MPDU Length, Maximum A-MPDU Length
Exponent, Rx Antenna Pattern Consistency, and Tx Antenna Pattern
Consistency of 6 GHz capability through config file.
Jouni Malinen [Sun, 7 Feb 2021 17:29:23 +0000 (19:29 +0200)]
EAP-AKA: Check that ID message storing succeeds
This could fail in theory if running out of memory, so better check for
this explicitly instead of allowing the exchange to continue and fail
later due to checkcode mismatch.
Jouni Malinen [Sun, 7 Feb 2021 17:12:24 +0000 (19:12 +0200)]
Fix compiler warning on CONFIG_AP without CONFIG_P2P builds
The static function is_chanwidth160_supported() is called only within
CONFIG_P2P block so the function itself needs to have matching condition
for build.
Fixes: ed24bad1d98d ("AP: Check driver support while auto-selecting bandwidth for AP/P2P GO") Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 7 Feb 2021 14:43:54 +0000 (16:43 +0200)]
Rename INTERWORKING_BLACKLISTED define
Use more accurate INTERWORKING_EXCLUDED for this. The actual event
prefix is not changed to remains compatible with external components
using this control interface event message.
Jouni Malinen [Sun, 7 Feb 2021 14:10:18 +0000 (16:10 +0200)]
Rename network profiles parameters for ignoring/accepted BSSIDs
Rename the network profile parameters bssid_blacklist and
bssid_whitelist to bssid_ignore and bssid_accept to use more specific
names for the configuration of which BSSs are ignored/accepted during
BSS selection. The old parameter names are maintained as aliases for the
new names to avoid breaking compatibility with previously used
configurations.
Jouni Malinen [Sun, 7 Feb 2021 10:30:03 +0000 (12:30 +0200)]
wlantest: Recognize the FTM bit in the CCMP Key ID octet
This previously reserved bit is now used in FTM to help select the
appropriate replay counter. Silence the warning about use of a reserved
bit for this. wlantest does not yet support the actual replay counter
processing for FTM.
Jouni Malinen [Sun, 7 Feb 2021 09:37:58 +0000 (11:37 +0200)]
wlantest: Support TK list for Management frame decryption
Use the TKs from the PTK file (-T command line argument) to try to
decrypt encrypted Management frames if no BSS/STA key can be found based
on addresses.
hostapd: Fix dynamic ACCEPT_ACL management over control interface
hostapd_disassoc_accept_mac() was called after a new accept MAC address
was added (ACCEPT_ACL ADD_MAC), but this function should have been
called after an accept MAC address was removed and accept MAC list was
cleared to disconnect a STA which is not listed in the update accept MAC
address list. Fix this by moving the call to places where a connected
STA can actually end up losing its previously present accept entry.
Janusz Dziedzic [Tue, 13 Oct 2020 10:16:27 +0000 (12:16 +0200)]
tests: Extend Multi AP tests
Add option to:
- add a new AP on the same phy that the backhaul-sta uses
- run CSA from the parent
Adding a new AP (backhaul/fronthaul) on the same phy we have for
backhaul-sta is closer to the real repeater implementation.
Add a test case for that and run CSA.
This is a common problem when we have on the same phy:
- connected backhaul STA
- we started fronthaul/backhaul AP
- we receive (from parent) CSA on the STA interface
This is multi_ap_wps_shared_apdev_csa test case, which fails today with
both mac80211_hwsim and ath9k. To avoid always failing test cases,
ignore this failure for now. Full validation can be enabled once the
issue behind this is fixed.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
Raphaël Mélotte [Wed, 2 Dec 2020 16:51:45 +0000 (17:51 +0100)]
hostapd: Add multi_ap settings to get_config() output
Since a running hostapd is not necessarily using the settings that are
in the configuration file (if they were changed at runtime, or the file
was changed but not reloaded, etc.), being able to get their value at
runtime can be useful (to know if they have to be updated for example).
If multi_ap is set, also print the SSID and passphrase (or PSK).
Raphaël Mélotte [Fri, 18 Dec 2020 10:50:28 +0000 (11:50 +0100)]
tests: Add WPS test with dynamic update
This test first configure hostapd with an initial SSID
('test-wpa2-psk-start'). Then a new SSID is configured
('test-wpa2-psk-new') using SET and RELOAD. Next, a station is
associated using WPS, and the test verifies that the new SSID was served
to the station.
For Android the default value of 5 seconds is usually too short for
scan results from last scan initiated from settings app to be
considered for fast-associate. Make the fast-associate timer value
configurable so that a suitable value can be set based on a systems
regular scan interval.
Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
Arowa Suliman [Tue, 3 Nov 2020 19:20:01 +0000 (11:20 -0800)]
wpa_supplicant: Notify freq change on CH_SWITCH
wpa_supplicant does not send a D-Bus notification of the BSS frequency
change when a CSA happens. Sending a PropertyChanged signal with the
updated frequency will notify the network manager quickly, instead of
waiting for the next scan results.
Signed-off-by: Arowa Suliman <arowa@chromium.org> Reviewed-by: Brian Norris <briannorris@chromium.org>
tests: Fix regdom cleanup in some p2p_channel tests
cfg80211 may ignore user hints while there are active COUNTRY_IE hints,
thus at some timings it may ignore the country setting back to world
domain. Fix it by making sure the country is set only after all the
interfaces are stopped. In addition, call a more robust
clear_regdom_dev() function.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Michal Kazior [Tue, 15 Dec 2020 09:34:54 +0000 (09:34 +0000)]
hostapd: Fix dpp_listen in DPP responder scenario
Some time ago it was found some drivers are setting their hw/ucode RX
filters restrictively enough to prevent broadcast DPP Action frames from
being received at upper layers in the stack.
A set of patches was introduced to the kernel and
ath9k driver as well as wpa_supplicant, e.g.,
However, the hostapd code itself was not calling the new multicast
registration. As such the AP side of things wasn't working as expected
in some scenarios. I've found this while trying to get ath9k working as
an AP Responder/Configurator.
The problem wasn't seen on, e.g., mac80211 hwsim driver.
Extend the wpa_supplicant mechanism to work with hostapd as well.
Raphaël Mélotte [Mon, 30 Nov 2020 11:10:46 +0000 (12:10 +0100)]
hostapd: Add an option to notify management frames on ctrl_iface
In some contexts (e.g., Multi-AP) it can be useful to have access to
some of the management frames in upper layers (e.g., to be able to
process the content of association requests externally).
Add 'notify_mgmt_frames'. When enabled, it will notify the ctrl_iface
when a management frame arrives using the AP-MGMT-FRAME-RECEIVED event
message.
Note that to avoid completely flooding the ctrl_iface, not all
management frames are included (e.g., Beacon and Probe Request frames
are excluded).
Ircama [Sun, 24 Jan 2021 15:33:58 +0000 (16:33 +0100)]
P2P: Adding option to manage device drivers creating random MAC addresses
Add option 2 to the p2p_device_random_mac_addr configuration option to
support device drivers which use by default random MAC adresses when
creating a new P2P Device interface (for instance, the BCM2711 80211
wireless device driver included in Raspberry Pi 4 Model B). In such
case, this option allows to create the P2P Device interface correctly
when using P2P permanent groups, enabling wpa_supplicant to reuse the
same MAC address when re-invoking a P2P permanent group.
Roy Marples [Fri, 1 Jan 2021 14:16:43 +0000 (14:16 +0000)]
BSD: If route socket overflows, sync drivers to system interfaces
Messages such as RTM_IFNFO or RTM_IFANNOUNCE could have been lost.
As such, sync the state of our internal driver to the state of the
system interfaces as reports by getifaddrs(2).
This change requires the routing socket be placed in non-blocking
mode. While here, set the routing and inet sockets to close on exec.
BSDs that support SO_RERROR include NetBSD and DragonFly.
There is a review underway to add this to FreeBSD.
RSN+WPA: Fix RSNE removing in EAPOL-Key msg 3/4 when RSNXE is included
When the AP advertised RSNE, RSNXE, and WPA IE, hostapd incorrectly
removed the RSNE in the EAPOL-Key msg 3/4 if the STA associates with
WPA, leaving only RSNXE instead of WPA IE. WPA STA fails to connect to
such AP as the WPA IE is missing.
Since RSNXE is not really used in non-RSN connection, just remove it
here with RSNE.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Jouni Malinen [Sat, 6 Feb 2021 09:19:55 +0000 (11:19 +0200)]
RSN: Validate RSNXE match in EAPOL-Key msg 3/4 only when RSN is used
This is needed to avoid the corner case of local RSNXE aware station
being configured to behave as WPA(v1)-only STA when the AP might not
include RSNXE in EAPOL-Key msg 3/4.
tests: Fix sporadic failures in p2p_channel_avoid3
The P2P group may be originally formed on UNII-3, so disabling UNII-1
and UNII-2 will not result in a channel switch failing the test.
Fix this by setting 44 as a preferred channel.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
The test configures ft_r0_key_lifetime parameter, however ft_params
already contain the r0_key_lifetime. Since both options are accepted by
hostapd and set the same field, one of them gets overwritten.
As the dictionary enumeration order is not guaranteed in python, the
test may sporadically fail.
Fix that by explicitely removing the unneeded parameter.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Johannes Berg [Thu, 4 Feb 2021 20:26:40 +0000 (21:26 +0100)]
nl80211: Skip frame filter config for P2P-Device
There's no point in attempting to configure frame filters on
a P2P-Devices that doesn't even have a netdev (nor passes any
data traffic), that just results in error messages. Skip it.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Brad Kemp [Fri, 5 Feb 2021 20:46:49 +0000 (15:46 -0500)]
dbus: Fix IEs getter to use wpa_bss_ie_ptr()
The wpa_bss structure's last element is an empty array. The forgotten
code here assumed that the array of IEs was contiguous to the wpa_bss
structure. This is not always the case anymore. Update this missed case
to use the new wpa_bss_ie_ptr() wrapper to send the correct array of IEs
over DBus.
Fixes: be7ee264f654 ("BSS: Use wrapper function for getting a pointer to the IE buffer") Signed-off-by: Brad Kemp <brad at beechwoods.com>
Jouni Malinen [Thu, 4 Feb 2021 23:39:29 +0000 (01:39 +0200)]
P2P: Add a maximum length limit for peer vendor IEs
This is mainly to help with fuzz testing that could generate overly long
test data that would not be possible in real use cases due to MMPDU size
limits. The implementation for storing vendor IEs with such
unrealisticly long IE buffers can result in huge number of memory
reallozations and analyzing those can be very heavy.
While the maximum length of the fuzzing test input could be limited, it
seems nicer to limit this IE storage limit instead to avoid timeouts
from fuzz test runs.
Jouni Malinen [Mon, 9 Nov 2020 09:43:12 +0000 (11:43 +0200)]
P2P: Fix copying of secondary device types for P2P group client
Parsing and copying of WPS secondary device types list was verifying
that the contents is not too long for the internal maximum in the case
of WPS messages, but similar validation was missing from the case of P2P
group information which encodes this information in a different
attribute. This could result in writing beyond the memory area assigned
for these entries and corrupting memory within an instance of struct
p2p_device. This could result in invalid operations and unexpected
behavior when trying to free pointers from that corrupted memory.
Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27269 Fixes: e57ae6e19edf ("P2P: Keep track of secondary device types for peers") Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
David Su [Tue, 26 Jan 2021 22:26:13 +0000 (14:26 -0800)]
Reset external_scan_running on interface deletion
Currently, the external_scan_running flag is not reset when an interface
is removed. Thus, if a connection attempt is made on another iface, it
will fail due to wpa_supplicant incorrectly assuming the radio is still
busy due to the ongoing scan.
To fix this, convert external_scan_running to a pointer to the interface
that started the scan. If this interface is removed, also reset the
pointer to NULL so that other operations may continue on this radio.
Test:
1. Start scan on wlan0
2. Remove wlan0
3. Can connect to a network on wlan1
Ilan Peer [Wed, 16 Dec 2020 11:01:40 +0000 (13:01 +0200)]
WPA: Support deriving KDK based on capabilities (Authenticator)
Derive the KDK as part of PMK to PTK derivation if forced by
configuration or in case both the local AP and the peer station declare
support for secure LTF.
Ilan Peer [Wed, 16 Dec 2020 11:01:39 +0000 (13:01 +0200)]
WPA: Support deriving KDK based on capabilities
Derive the KDK as part of PMK to PTK derivation if forced by
configuration or in case both the local station and the AP declare
support for secure LTF.
Ilan Peer [Wed, 16 Dec 2020 11:01:04 +0000 (13:01 +0200)]
AP: Support PASN with FT key derivation
Note that the implementation is not complete as it is missing support
for the FT wrapped data which is optional for the station, but must be
supported by the AP in case the station included it.
Ilan Peer [Wed, 16 Dec 2020 11:01:03 +0000 (13:01 +0200)]
PASN: Support PASN with FT key derivation
Add support for PASN authentication with FT key derivation:
- As IEEE P802.11az/D2.6 states that wrapped data is optional and
is only needed for further validation of the FT security parameters,
do not include them in the first PASN frame.
- PASN with FT key derivation requires knowledge of the PMK-R1 and
PMK-R1-Name for the target AP. As the WPA state machine stores PMK-R1,
etc. only for the currently associated AP, store the mapping of
BSSID to R1KH-ID for each previous association, so the R1KH-ID
could be used to derive PMK-R1 and PMK-R1-Name. Do so instead
of storing the PMK-R1 to avoid maintaining keys that might not
be used.
Ilan Peer [Wed, 16 Dec 2020 11:00:56 +0000 (13:00 +0200)]
AP: Support PASN with FILS key derivation
As the PASN FILS authentication is only defined for FILS SK without PFS,
and to support PASN authentication with FILS, implement the PASN with
FILS processing as part of the PASN handling and not as part of the WPA
Authenticator state machine.
Ilan Peer [Wed, 16 Dec 2020 11:00:55 +0000 (13:00 +0200)]
PASN: Support PASN with FILS key derivation
As the PASN FILS authentication is only defined for FILS SK without PFS,
and to support PASN authentication with FILS, implement the PASN with
FILS processing as part of the PASN handling and not as part of the WPA
state machine.
Ilan Peer [Wed, 16 Dec 2020 11:00:28 +0000 (13:00 +0200)]
PASN: Add support for PASN processing to wpa_supplicant
Add PASN implementation to wpa_supplicant
1. Add functions to initialize and clear PASN data.
2. Add functions to construct PASN Authentication frames.
3. Add function to process PASN Authentication frame.
4. Add function to handle PASN frame TX status.
5. Implement the station side flow processing for PASN.
The implementation is missing support for wrapped data and PMKSA
establishment for base AKMs, and only supports PASN authentication or
base AKM with PMKSA caching.
Ilan Peer [Wed, 16 Dec 2020 11:00:27 +0000 (13:00 +0200)]
WPA: Add PTKSA cache to wpa_supplicant for PASN
PASN requires to store the PTK derived during PASN authentication
so it can later be used for secure LTF etc. This is also true
for a PTK derived during regular connection.
Add an instance of a PTKSA cache for each wpa_supplicant
interface when PASN is enabled in build configuration.
Ilan Peer [Wed, 16 Dec 2020 11:00:26 +0000 (13:00 +0200)]
WPA: Add PTKSA cache implementation
In order to be able to perform secure LTF measurements, both the
initiator and the responder need to first derive TK and KDK and store
them, so they would later be available for the secure LTF negotiation.
Add a basic implementation of a PTKSA cache that stores derived TK/KDK
which can later be used for secure LTF negotiation, and add it to the
build configuration.
Ilan Peer [Wed, 16 Dec 2020 11:00:21 +0000 (13:00 +0200)]
PASN: Add functions to compute PTK, MIC and hash
1. Add a function to derive the PTK from a PMK and additional data.
2. Add a function to calculate the MIC for a PASN frames.
3. Add a function to compute the hash of an authentication frame body.
The above are built only in case that CONFIG_PASN is enabled at build
time.
Ilan Peer [Wed, 16 Dec 2020 11:00:17 +0000 (13:00 +0200)]
WPA: Extend the wpa_pmk_to_ptk() function to also derive KDK
Extend the wpa_pmk_to_ptk() to also derive Key Derivation
Key (KDK), which can later be used for secure LTF measurements.
Update the wpa_supplicant and hostapd configuration and the
corresponding WPA and WPA Auth state machine, to allow enabling of KDK
derivation. For now, use a testing parameter to control whether KDK is
derived.
Ilan Peer [Wed, 16 Dec 2020 11:00:16 +0000 (13:00 +0200)]
common: Allow WPA_CIPHER_GTK_NOT_USED as a valid group management cipher
PASN authentication requires that group management cipher suite
would be set to 00-0F-AC:7 in the RSNE, so consider it as a valid
group management cipher and adjust the code accordingly.
P2P: Fix channel selection for operating class 129
The operating class 129 includes channels with a maximum bandwidth of
160 MHz with center frequency index 50 and 114. The previous definition
of operating class 129 considered the center frequency index as actual
channels resulting in incorrect channel setup for the operating class.
Fix the definition of operating class 129 to consider channels with the
center frequency index of 50 and 114.
Also update the comment that describes the channel selection for
operating 128, 129, and 130 which mentions wpas_p2p_allow_channel()
verifies the channels while wpas_p2p_verify_channel() takes care of it.
projects / thirdparty / hostap.git / log
