Jouni Malinen [Wed, 1 Jan 2014 15:37:08 +0000 (17:37 +0200)]
tests: Add some coverage for Device Discoverability exchange
This is not really perfect, but something to get a bit more testing
coverage.. For proper discoverability mechanism validation, the P2P
client would need to go to sleep to avoid acknowledging the GO
Negotiation Request frame. Offchannel Listen mode operation on the P2P
Client with mac80211_hwsim is apparently not enough to avoid the
acknowledgement on the operating channel, so need to disconnect from the
group which removes the GO-to-P2P Client part of the discoverability
exchange in practice.
Jouni Malinen [Tue, 31 Dec 2013 17:41:47 +0000 (19:41 +0200)]
WNM: Clean up le16 variable use to avoid sparse warnings
intval is marked le16 and should be used through proper byte order
conversion functions even if it ended up getting set correctly due to
the two operations cancelling each other.
Jouni Malinen [Tue, 31 Dec 2013 17:29:52 +0000 (19:29 +0200)]
Declare wpa_debug_* variables in src/utils/wpa_debug.h
These were somewhat more hidden to avoid direct use, but there are now
numerous places where these are needed and more justification to make
the extern int declarations available from wpa_debug.h. In addition,
this avoids some warnings from sparse.
Jouni Malinen [Tue, 31 Dec 2013 08:49:26 +0000 (10:49 +0200)]
tests: WEXT functionality
It did not look like open mode association completed with WEXT.. I'm
commenting that test case out for now since WPA2-PSK worked. If you care
about WEXT, feel free to fix it and submit a patch to remove the
"REMOVED_" prefix here..
Jouni Malinen [Mon, 30 Dec 2013 22:07:23 +0000 (00:07 +0200)]
nl80211: Add driver param for forcing monitor and connect APIs
use_monitor=1 and force_connect_cmd=1 driver parameters can now be used
to force older monitor interface design and the connect API (SME in
driver) to increase hwsim testing coverage.
Jouni Malinen [Tue, 31 Dec 2013 08:17:53 +0000 (10:17 +0200)]
nl80211: Fix nl_mgmt handling in partial error case
If Action frame registration in nl80211_mgmt_subscribe_non_ap() failed
for any frame type, the previous implementation skipped
nl80211_mgmt_handle_register_eloop() call. This is not desirable since
none of the Action frame types could be received and even worse, the
following nl80211_destroy_eloop_handle() call for nl_mgmt would likely
result in crashing the process due to the ELOOP_SOCKET_INVALID XOR
operation. This could be triggered at least in a P2P group interface
startup failure case.
Jouni Malinen [Tue, 31 Dec 2013 07:38:55 +0000 (09:38 +0200)]
nl80211: Prefer newer scan result over older during duplicate removal
Previously, it was possible for bss_info_handler() to end up dropping a
newer scan result entry if there were two entries with the same BSSID
and SSID (i.e., only frequency was different) and we were not associated
with either. This could happen, e.g., in some P2P use cases where device
discovery may happen on different channels. Fix this by checking the age
of the scan entries as well to prefer the most recent response.
Jouni Malinen [Mon, 30 Dec 2013 17:33:39 +0000 (19:33 +0200)]
Get rid of duplicated cipher suite and AKM definitions
WPA_CIPHER_* and CIPHER_* are used for the exact same set of cipher
suites with the main difference being that the WPA_CIPHER_* version is
suitable to be used as a bitfield. Similarly, WPA_KEY_MGMT_* and
KEY_MGMT_* have similar design for AKMs. There is no need to maintain
two separate copies of the definitions since the bitfield compatible
version can be used for both needs. Get rid of the CIPHER_* and
KEY_MGMT_* versions to clean up the implementation by getting rid of
unnecessary mapping functions.
Jouni Malinen [Mon, 30 Dec 2013 16:21:04 +0000 (18:21 +0200)]
nl80211: Set control port for NL80211_CMD_COMMAND
NL80211_ATTR_CONTROL_PORT was previously set only for
NL80211_CMD_ASSOCIATE, but it should also be set when using
NL80211_CMD_COMMAND (driver-based SME) even though none of the current
non-mac80211 drivers use this.
Jouni Malinen [Mon, 30 Dec 2013 13:43:55 +0000 (15:43 +0200)]
Interworking: Allow cred blocks not to be saved to a file
The new cred block parameter 'temporary' can be used to indicate that a
cred block is not to be saved to wpa_supplicant configuration file
(e.g., "SET_CRED 0 temporary 1"). This is similar to the concept of
temporary network blocks and allows cred blocks to be managed outside
the wpa_supplicant config file when other parameters are still saved to
the file written by wpa_supplicant.
Jouni Malinen [Sun, 29 Dec 2013 16:20:47 +0000 (18:20 +0200)]
P2P: Remove WPA_DRIVER_FLAGS_P2P_MGMT option
The option of handling upper layer P2P management operations within the
driver/firmware was originally planned to be used with wpa_supplicant,
but this has not really happened and there is no clear sign of this
being needed in the near term either. This functionality has not been
completed and it is certainly not being kept up-to-date or tested. As
such, it is best to remove it for now and if this or something similar
is needed in the future, it can be brought back once a clear need for it
has been demonstrated first.
Jouni Malinen [Sun, 29 Dec 2013 16:02:05 +0000 (18:02 +0200)]
WPS: Use shorter scan interval during pre-provisioning search
Previously, the shorter scan interval was already in use for the
connection following the provisioning step, but same optimization can
also be used for the pre-provisioning scan.
Jouni Malinen [Sun, 29 Dec 2013 13:59:31 +0000 (15:59 +0200)]
SAE: Fix ECC element y coordinate validation step
prime_len was added to the start pointer twice and because of this, the
actual y coordinate was not verified to be valid. This could also result
in reading beyond the buffer in some cases.
Jouni Malinen [Sun, 29 Dec 2013 11:15:43 +0000 (13:15 +0200)]
EAP-EKE: Allow forced algorithm selection to be configured
phase1 parameters dhgroup, encr, prf, and mac can now be used to specify
which algorithm proposal is selected, e.g., with phase1="dhgroup=3
encr=1 prf=1 mac=1" selecting the mandatory-to-implement case. This is
mainly for testing purposes, but can also be used to enforce stronger
algorithms to be used.
Jouni Malinen [Sun, 29 Dec 2013 10:07:15 +0000 (12:07 +0200)]
Remove unused information element parsing data
These information elements are not really used anywhere in hostapd or
wpa_supplicant nor is there any plan to use them. As such, there is no
need to keep the code here either, so save couple of bytes here.
Jouni Malinen [Sun, 29 Dec 2013 09:22:23 +0000 (11:22 +0200)]
Remove unnecessary EVENT_RX_ACTION
This driver event was used separately for some Action frames, but all
the driver wrappers converted to this from information that would have
been enough to indicate an EVENT_RX_MGMT event. In addition, the
received event was then converted back to a full IEEE 802.11 management
frame for processing in most cases. This is unnecessary complexity, so
get rid of the extra path and use EVENT_RX_MGMT for Action frames as
well as other management frame subtypes.
Jouni Malinen [Sun, 29 Dec 2013 11:37:17 +0000 (13:37 +0200)]
Define __maybe_unused
This can be used to silence compiler warnings in cases where #ifdef
blocks can leave some variables or functions unused and there is no
cleaner way of avoiding the warnings.
Jouni Malinen [Sun, 29 Dec 2013 08:18:49 +0000 (10:18 +0200)]
Do not process Action frames twice in hostapd SME/MLME
Commit 88b32a99d30894b2d6bb391371c442fc117edbab added support for using
some Action frame processing in hostapd for drivers that handle most of
SME/MLME internally (it added FT, this has since be extended for SA
Query and WNM). However, this was added in a way that ended up getting
both the hostapd_rx_action() and hostapd_action_rx() called for Action
frames. This could result in an attempt to process FT, SA Query, and WNM
Action frames twice.
There is need for more significant cleanup in Action frame processing in
hostapd depending on the driver type, but as a simple step to avoid
issues, skip the hostapd_action_rx() call if hostapd_rx_action()
processed the frame.
Jouni Malinen [Sat, 28 Dec 2013 17:18:47 +0000 (19:18 +0200)]
WPS: Make sure reconfiguration timeout is not left behind on deinit
Even though this is a short timeout, it is at least theoretically
possible for the interface to be removed while waiting for
reconfiguration to start. Avoid issues with this by cancelling the
timeout on any WPS interface deinit. In theory, this should be postponed
until interface removal, but that does not fit very nicely to the
current wps_hostapd.c style.
Jouni Malinen [Sat, 28 Dec 2013 16:35:30 +0000 (18:35 +0200)]
WPS: Allow testing mode to disable 2.0 functionality
Previously, wps_version_number was used only to test extensibility to
newer version numbers, but it can also be used to enable testing of
older versions (1.0), e.g., to avoid hitting some 2.0 specific
validation steps.
Jouni Malinen [Sat, 28 Dec 2013 15:00:08 +0000 (17:00 +0200)]
Remove unnecessary extra tracking of eloop registration
It is fine to try to cancel a registration that does not exist, so there
is no need to have the duplicated checks for eloop timeout and socket
registration.
Jouni Malinen [Sat, 28 Dec 2013 11:41:02 +0000 (13:41 +0200)]
Enable FT with SAE
It was already possible to configure hostapd and wpa_supplicant to use
FT-SAE for the key management, but number of places were missing proper
AKM checks to allow FT to be used with the new AKM.
Jouni Malinen [Sun, 29 Dec 2013 07:57:42 +0000 (09:57 +0200)]
nl80211: Fix protected Action frame reporting for AP mode
Action frame RX report through EVENT_RX_ACTION did not indicate whether
the frame was protected or not even though that information is available
in mlme_event_mgmt(). hostapd_rx_action() has a workaround for setting
the protected flag for SA Query frames, but that did not apply for other
frames, like FT Action. This broke FT-over-DS when PMF is enabled with
newer kernel versions (i.e., the ones that do not use monitor interface
for receiving management frames).
Jouni Malinen [Sat, 28 Dec 2013 09:43:42 +0000 (11:43 +0200)]
tests: Verify PeerKey handshake
NOTE: Actual use of the direct link (DLS) is not supported in
mac80211_hwsim, so this operation fails at setting the keys after
successfully completed 4-way handshake. This test case does allow the
key negotiation part to be tested for coverage, though.
Jouni Malinen [Sat, 28 Dec 2013 09:40:23 +0000 (11:40 +0200)]
Fix PeerKey 4-way handshake
The earlier changes to buffer EAPOL frames when not associated to avoid
race conditions (especially commit 3ab35a660364dc68eaebfc0df6130071bbee6be5 but maybe something even before
that) broke PeerKey 4-way handshake. Fix this by using a separate check
before the race condition workaround to process PeerKey 4-way handshake
EAPOL-Key messages differently.
Jouni Malinen [Fri, 27 Dec 2013 16:44:21 +0000 (18:44 +0200)]
WNM: Fix AP processing without wnm_oper driver callback
hostapd_drv_wnm_oper() needs to indicate an error if the driver callback
function is not implemented. Without this, the buf_len argument could
have been left uninitialized which could result in crashing the process.
Jouni Malinen [Fri, 27 Dec 2013 15:42:11 +0000 (17:42 +0200)]
WNM: Minimal processing of BSS Transition Management Query/Response
This adds first steps at processing a BSS Transition Management Query on
the AP side. Mainly, the message is parsed and printed out in the debug
log and a minimal BSS Transition Management Request frame is sent as a
response. BSS Transition Management Response frame is also parsed and
details printed out in the debug log.
projects / thirdparty / hostap.git / log
