Michael Braun [Fri, 10 Apr 2015 12:49:47 +0000 (14:49 +0200)]
Fix STA VLAN bind for RSN pre-authentication case
Previously, during RSN preauthentication, ap_sta_bind_vlan() was called,
which fails for non-zero sta->vlan_id as the station is not known to the
kernel driver.
Fix this by binding the station only if it is associated. If it is not
associated, ap_sta_bind_vlan() will be done later during association.
In addition, reject Access-Accept if the returned VLAN ID is not valid
in the current hostapd configuration.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
dbus: Fix WPS property of fi.w1.wpa_supplicant1.BSS interface
The dbus interface documentation says the following about the
WPS property of the fi.w1.wpa_supplicant1.BSS interface:
==
WPS information of the BSS. Empty dictionary indicates no WPS support.
Dictionary entries are:
Type s "pbc", "pin", ""
==
However the implementation returns "type" => "" for BSSes
that do not support WPS.
Fix the implementation to match the documentation.
Return empty dictionary if there is no WPS support.
And "type" => "" if WPS is supported, but is not in progress
right now.
Nick Kralevich [Sun, 12 Apr 2015 20:20:26 +0000 (13:20 -0700)]
Updates for stricter automatic memcpy bounds checking
Both Android's libc and glibc support _FORTIFY_SOURCE, a compiler
and libc feature which inserts automatic bounds checking into
common C functions such as memcpy() and strcpy(). If a buffer
overflow occurs when calling a hardened libc function, the
automatic bounds checking will safely shutdown the program and
prevent memory corruption.
Android is experimenting with _FORTIFY_SOURCE=3, a new fortify
level which enhances memcpy() to prevent overflowing an element
of a struct. Under the enhancements, code such as
int main() {
foo myfoo;
int n = atoi("11");
memcpy(myfoo.a, "01234567890123456789", n);
return 0;
}
will cleanly crash when the memcpy() call is made.
Fixup hostap code to support the new level. Specifically:
* Fixup sha1_transform so it works with the enhanced bounds checking.
The old memcpy() code was attempting to write to context.h0, but that
structure element is too small and the write was extending (by design)
into h1, h2, h3, and h4. Use explicit assignments instead of
overflowing the struct element.
* Modify most of the structures in ieee802_11_defs.h to use ISO C99
flexible array members (https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html)
instead of a zero length array. Zero length arrays have zero length,
and any attempt to call memcpy() on such elements will always overflow.
Flexible array members have no such limitation. The only element not
adjusted is probe_req, since doing so will generate a compile time error,
and it's not obvious to me how to fix it.
Ben Greear [Fri, 3 Apr 2015 23:34:33 +0000 (19:34 -0400)]
Fix INTERFACE_ADD parsing
This fixes a regression caused by commit efa232f9159e33e18ed624906b0093e11ddcf78e ('Add support for virtual
interface creation/deletion') for the case where an empty extra argument
is included.
Signed-off-by: Ben Greear <greearb@candelatech.com>
hlr_auc_gw: Allow Milenage RES length to be reduced
Some USIM use shorter RES length than the 64-bit default from Milenage.
Such cases did not interoperate with the hlr_auc_gw implementation. Make
it possible to configure the RES length 4..8 octets, i.e., 32 to 64
bits) to support such USIM.
Jason Abele [Fri, 3 Apr 2015 00:30:48 +0000 (17:30 -0700)]
wpa_supplicant: Clear blacklist on connect
It has been noticed that the band steering/load balancing of some
multi-AP networks will lead to an ever-growing list of blacklisted
BSSIDs. This eventually leads to a connection drop when the connection
is pushed to a distant AP.
Fix this issue by clearing the blacklist upon successful connect.
Mark Salyzyn [Wed, 1 Apr 2015 00:58:11 +0000 (17:58 -0700)]
Android: wpa_ctrl missing include for sys/stat.h
wpa_ctrl.c gets sys/stat.h inherited from
private/android_filesystem_config.h it should
not rely on this in the future. The intent is
to move fs_config function into libcutils and
thus deprecate any need for sys/stat.h in this
include file.
Dmitry Shmidt [Mon, 30 Mar 2015 20:44:11 +0000 (13:44 -0700)]
Reschedule scan from wpas_stop_pno if it was postponed
This reschedules the postponed scan request (if such a request is
pending) from EVENT_SCHED_SCAN_STOPPED event handler to speed up
scanning after PNO/sched_scan stop has been requested.
Jouni Malinen [Tue, 31 Mar 2015 13:17:48 +0000 (16:17 +0300)]
TLS: Fix memory leaks on tls_connection_set_params() error paths
The internal TLS implementation started rejecting number of unsupported
configuration parameters recently, but those new error paths did not
free the allocated tlsv1_credentials buffer.
Jouni Malinen [Tue, 31 Mar 2015 13:15:39 +0000 (16:15 +0300)]
Make tls_connection_get_keyblock_size() internal to tls_*.c
This function exposes internal state of the TLS negotiated parameters
for the sole purpose of being able to implement PRF for EAP-FAST. Since
tls_connection_prf() is now taking care of all TLS-based key derivation
cases, it is cleaner to keep this detail internal to each tls_*.c
wrapper implementation.
Jouni Malinen [Tue, 31 Mar 2015 12:52:40 +0000 (15:52 +0300)]
Remove master key extraction from tls_connection_get_keys()
This is not needed anymore with the tls_connection_prf() being used to
handle all key derivation needs. tls_connection_get_keys() is a bit
misnamed for now, but it is only used to fetch the client and server
random for Session-Id derivation.
Jouni Malinen [Tue, 31 Mar 2015 12:47:32 +0000 (15:47 +0300)]
Use tls_connection_prf() for all EAP TLS-based key derivation
tls_openssl.c is the only remaining TLS/crypto wrapper that needs the
internal PRF implementation for EAP-FAST (since
SSL_export_keying_material() is not available in older versions and does
not support server-random-before-client case). As such, it is cleaner to
assume that TLS libraries support tls_connection_prf() and move the
additional support code for the otherwise unsupported cases into
tls_openssl.c.
Jouni Malinen [Mon, 30 Mar 2015 09:58:41 +0000 (12:58 +0300)]
Rename HT 20/40 coex variable to be more descriptive
is_ht_allowed is a confusing name since this variable is used to track
whether 40 MHz channel bandwidth is allowed instead of whether HT is
allowed in general.
Avraham Stern [Sun, 29 Mar 2015 10:10:36 +0000 (13:10 +0300)]
P2P: Optimize scan frequencies list when re-joining a persistent group
When starting a P2P client to re-join a persistent group
(P2P_GROUP_ADD persistent=<id>), it is possible that the P2P GO was
already found in previous scans. Try to get the P2P GO operating
frequency from the scan results list so wpa_supplicant will initially
scan only the P2P GO known operating frequency.
Signed-off-by: Avraham Stern <avraham.stern@intel.com> Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Lauri Hintsala [Fri, 20 Mar 2015 18:46:03 +0000 (20:46 +0200)]
Add support for CONFIG_NO_ROAMING to Makefile
Commit e9af53ad39a19264bf5307a1b5923afc2b2f9b06 introduced new
CONFIG_NO_ROAMING configuration parameter but unfortunately it was added
only to Android.mk. Enabling this parameter didn't have any effect when
Makefile was used to build wpa_supplicant. This commit fixes that problem
and cleans "unused variable" compiler warning.
Signed-off-by: Lauri Hintsala <lauri.hintsala@silabs.com>
Jouni Malinen [Sun, 29 Mar 2015 17:30:58 +0000 (20:30 +0300)]
OpenSSL: Implement AES-128 CBC using EVP API
This replaces the internal CBC mode implementation in
aes_128_cbc_encrypt() and aes_128_cbc_decrypt() with the OpenSSL
implementation for CONFIG_TLS=openssl builds.
Jouni Malinen [Sun, 29 Mar 2015 13:43:03 +0000 (16:43 +0300)]
Explicitly clear temporary stack buffers in tls_prf_sha1_md5()
The local buffers may contain information used to generate parts of the
derived key, so clear these explicitly to minimize amount of unnecessary
private key-related material in memory.
Jouni Malinen [Sun, 29 Mar 2015 13:40:55 +0000 (16:40 +0300)]
Explicitly clear temporary stack buffer in sha1_t_prf()
The local hash[] buffer may contain parts of the derived key, so clear
it explicitly to minimize number of unnecessary copies of key material
in memory.
Jouni Malinen [Sun, 29 Mar 2015 08:42:02 +0000 (11:42 +0300)]
wext: Add support for renamed Host AP driver ifname
Previous workaround for WEXT events from the Host AP driver required
wlan# and wifi# interfaces to have fixed names with the same number.
While that used to be the common case ten years ago, it is less common
nowadays. Extend this to use sysfs (if available) to figure out the
wifi# interface name if the specified interface is detected to be using
the Host AP driver.
Ben Greear [Thu, 26 Mar 2015 21:39:48 +0000 (17:39 -0400)]
HS 2.0R2: Allow custom libcurl linkage for hs20-osu-client
In case someone is compiling their own libcurl and wants to link it
statically, for instance, the new CUST_CURL_LINKAGE parameter can be
used to override the default -lcurl argument.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Jouni Malinen [Sat, 28 Mar 2015 09:05:13 +0000 (11:05 +0200)]
Allow PSK/passphrase to be set only when needed
The new network profile parameter mem_only_psk=1 can be used to specify
that the PSK/passphrase for that network is requested over the control
interface (ctrl_iface or D-Bus) similarly to the EAP network parameter
requests. The PSK/passphrase can then be configured temporarily in a way
that prevents it from getting stored to the configuration file.
For example:
Event:
CTRL-REQ-PSK_PASSPHRASE-0:PSK or passphrase needed for SSID test-wpa2-psk
Response:
CTRL-RSP-PSK_PASSPHRASE-0:"qwertyuiop"
Note: The response value uses the same encoding as the psk network
profile parameter, i.e., passphrase is within double quotation marks.
Jouni Malinen [Sat, 28 Mar 2015 07:43:33 +0000 (09:43 +0200)]
EAP-pwd peer: Add support for hashed password
This extends EAP-pwd peer support to allow NtHash version of password
storage in addition to full plaintext password. In addition, this allows
the server to request hashed version even if the plaintext password is
available on the client. Furthermore, unsupported password preparation
requests are now rejected rather than allowing the authentication
attempt to continue.
Jouni Malinen [Thu, 26 Mar 2015 20:18:54 +0000 (22:18 +0200)]
tests: Make parallel-vm.py FAIL parser more robust
It looks like it was possible to receive an incomplete FAIL line and
break out from test execution due to a parsing error. Handle this more
robustly and log the error.
wpa_gui: Add tray icon based signal strength meter
System tray icon can be set to 5 different pictographs according to the
connection status. One for disconnected state (not associated with the
network, or not connected with the wpa_supplicant service), and four for
connected status (showing the signal strength on the receiver).
By default this functionality is disabled. The reason for this, is the
fact, that the underlaying approach of this functionality is poll based,
which might be considered as a non-efficient one. Update interval has to
be set explicitly by the user with '-m<seconds>' command line argument.
Status icon names are based on various Gnome icon packs (e.g., Faba).
When icon can not be found, default one is shown (wpa_gui logo).
Jouni Malinen [Tue, 24 Mar 2015 18:33:33 +0000 (20:33 +0200)]
tests: Change proxyarp_open LL src MAC check to match requirements
Now that there is a kernel patch for IPv6 ProxyARP that is capable of
using the non-AP STAs MAC address as the link layer source address in
NA, validate that behavior rather than the temporary check for BSSID.
Manikandan Mohan [Wed, 11 Mar 2015 20:03:58 +0000 (13:03 -0700)]
Extend offloaded ACS QCA vendor command to support VHT
Update ACS driver offload feature for VHT configuration. In addition,
this allows the chanlist parameter to be used to specify which channels
are included as options for the offloaded ACS case.
Ilan Peer [Mon, 16 Mar 2015 05:20:48 +0000 (01:20 -0400)]
Add Extended Capabilities element to all Probe Request frames
Always add the Extended Capabilities element to Probe Request frames (in
case it is not all zeros) to publish support for driver advertised
capabilities and wpa_supplicant specific capabilities.
This also fixes the case where Extended Capabilities element was added
for Interworking cases, but did not use the driver advertised ones and
did not handle other capabilities supported by wpa_supplicant.
Avraham Stern [Mon, 16 Mar 2015 05:20:02 +0000 (01:20 -0400)]
Delay AP selection if all networks are temporarily disabled
If all networks are temporarily disabled, delay AP selection until at
least one network is enabled. Running AP selection when all networks are
disabled is useless as wpa_supplicant will not try to connect. In
addition, it will result in needless scan iterations that may delay the
connection when it is needed.
Avraham Stern [Mon, 16 Mar 2015 05:20:01 +0000 (01:20 -0400)]
Don't optimize scan frequencies if selected network has changed
When disconnecting from a BSS, the next scan is optimized to scan only
the channels used by the connected ESS. But when disconnecting because a
new network was selected, this optimization is wrong because
wpa_supplicant is now trying to connect to another ESS. Fix this by not
optimizing the scan frequencies in case the selected network has
changed.
Eliad Peller [Thu, 19 Mar 2015 14:41:42 +0000 (16:41 +0200)]
DFS: Fix range availability check
There's off-by-one in the range availability check - the case of
first_chan_idx + num_chans == num_channels should be allowed (e.g., 0 +
1 == 1, for the case of a single 20 MHz channel).
Eliad Peller [Thu, 19 Mar 2015 14:41:41 +0000 (16:41 +0200)]
DFS: Consider non-contiguous channels
When looking for a new operating channel, consider the case of
non-contiguous channels when checking all the needed channels (e.g., the
driver might support channels 36, 38, 40, so look for channels 36+40
explicitly, instead of failing when encountering channel 38).
The channel list can be changed as a result of arriving beacon hints
during normal scan or as a result of local Reg-Domain change. Some
passive channels can become active and needs to be reconfigured
accordingly for the scheduled scan.
This fixes the connection to hidden SSIDs on 5 GHz band during default
Reg-Domain 00 (world roaming).
Signed-off-by: Victor Goldenshtein <victorg@ti.com> Signed-off-by: Eliad Peller <eliad@wizery.com>
Jouni Malinen [Fri, 20 Mar 2015 12:56:31 +0000 (14:56 +0200)]
Fix hlr_auc_gw build with OpenSSL
Commit 983c6a606bc839248ea0c69090e60c095a655bc6 ('OpenSSL: Replace
internal HMAC-MD5 implementation') forgot to make inclusion of md5.o
conditional for hlr_auc_gw build.
Zefir Kurtisi [Wed, 18 Mar 2015 17:26:59 +0000 (18:26 +0100)]
nl80211: Fix vendor command handling
In wiphy_info_handler(), vendor specific commands were
interpreted as QCA specific without checking for the OUI,
which caused incorrect setting of driver flags with
commands from other vendors. As a result, that could
prevent proper operation (e.g., inability to process CSA).
This patch ensures that QCA vendor specific commands are
checked against QCA OUI before related flags are set.
Neelansh Mittal [Thu, 19 Mar 2015 19:02:44 +0000 (00:32 +0530)]
Interworking: Prevent scan during ANQP fetch and Interworking select
Reject external scan request while either ANQP fetch or Interworking
select is in progress. Not doing so could lead to a situation in which
Interworking automatic network selection does not get triggered because
of a new scan result event forcing the ANQP fetch cycle to be disrupted
and restarted all over again. Interworking automatic network selection
is only triggered when AQNP fetch cycle, that is, ANQP exchange with
every Interworking capable BSS in the current BSS list, is completed.
Jouni Malinen [Thu, 19 Mar 2015 11:14:21 +0000 (13:14 +0200)]
Add a AP mode event message for possible PSK/passphrase mismatch
If the AP/Authenticator receives an EAPOL-Key msg 2/4 for an association
that negotiated use of PSK and the EAPOL-Key MIC does not match, it is
likely that the station is trying to use incorrect PSK/passphrase.
Report this with "AP-STA-POSSIBLE-PSK-MISMATCH <STA addr>" control
interface event.
Jouni Malinen [Wed, 18 Mar 2015 20:31:36 +0000 (22:31 +0200)]
Remove SChannel support
SChannel/CryptoAPI as a TLS/crypto library alternative was never
completed. Critical functionality is missing and there are bugs in this
implementation. Since there are no known plans of completing this
support, it is better to remove this code.
In the commit 77b244d577a7cb5c928478627af6687a0733193d9 ('wpa_gui: Quiet
mode - disable tray icon messages') a new parameter has been introduced,
but it was not documented. This commit fixes this omission.
projects / thirdparty / hostap.git / log
