Jouni Malinen [Wed, 23 Dec 2015 22:42:40 +0000 (00:42 +0200)]
tests: EAP-TLS with intermediate CAs and OCSP multi
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 22 Dec 2015 22:00:13 +0000 (00:00 +0200)]
TLS client: Multi-OCSP check to cover intermediate CAs
This extends multi-OCSP support to verify status for intermediate CAs in
the server certificate chain.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 22 Dec 2015 22:28:13 +0000 (00:28 +0200)]
Add ocsp=3 configuration parameter for multi-OCSP
ocsp=3 extends ocsp=2 by require all not-trusted certificates in the
server certificate chain to receive a good OCSP status. This requires
support for ocsp_multi (RFC 6961). This commit is only adding the
configuration value, but all the currently included TLS library wrappers
are rejecting this as unsupported for now.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 22 Dec 2015 22:01:25 +0000 (00:01 +0200)]
TLS: Move variable declaration to the beginning of the block
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 22 Dec 2015 17:33:18 +0000 (19:33 +0200)]
tests: Minimal testing of OCSP stapling with ocsp_multi
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 22 Dec 2015 17:39:37 +0000 (19:39 +0200)]
TLS client: OCSP stapling with ocsp_multi option (RFC 6961)
This adds a minimal support for using status_request_v2 extension and
ocsp_multi format (OCSPResponseList instead of OCSPResponse) for
CertificateStatus. This commit does not yet extend use of OCSP stapling
to validate the intermediate CA certificates.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 22 Dec 2015 17:37:12 +0000 (19:37 +0200)]
TLS server: OCSP stapling with ocsp_multi option (RFC 6961)
This allows hostapd with the internal TLS server implementation to
support the extended OCSP stapling mechanism with multiple responses
(ocsp_stapling_response_multi).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 22 Dec 2015 17:34:36 +0000 (19:34 +0200)]
Server configuration for OCSP stapling with ocsp_multi (RFC 6961)
This adds a new hostapd configuration parameter
ocsp_stapling_response_multi that can be used similarly to the existing
ocsp_stapling_response, but for the purpose of providing multiple cached
OCSP responses. This commit adds only the configuration parameter, but
does not yet add support for this mechanism with any of the supported
TLS implementations.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 22 Dec 2015 15:53:45 +0000 (17:53 +0200)]
TLS server: OCSP stapling
This adds support for hostapd-as-authentication-server to be build with
the internal TLS implementation and OCSP stapling server side support.
This is more or less identical to the design used with OpenSSL, i.e.,
the cached response is read from the ocsp_stapling_response=<file> and
sent as a response if the client requests it during the TLS handshake.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 22 Dec 2015 15:51:54 +0000 (17:51 +0200)]
tests: Add dh_file parameter for integrated EAP server
This is needed for number of EAP test cases at least when using the
internal TLS server implementation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 22 Dec 2015 14:47:29 +0000 (16:47 +0200)]
GnuTLS: OCSP stapling on the server side
This adds support for hostapd-as-authentication-server to be build
against GnuTLS with OCSP stapling server side support. This is more or
less identical to the design used with OpenSSL, i.e., the cached
response is read from the ocsp_stapling_response=<file> and sent as a
response if the client requests it during the TLS handshake.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 22 Dec 2015 09:22:19 +0000 (11:22 +0200)]
Use wpa_msg() for the "RSN: PMKID mismatch" message
This message is sent at MSG_INFO level and it is supposed to go out even
even debug messages were to be removed from the build. As such, use
wpa_msg() instead of wpa_dbg() for it.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 21 Dec 2015 22:02:02 +0000 (00:02 +0200)]
EAP-EKE: Merge identical error return paths
There is no need to maintain multiple copies of the same error return
path.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 21 Dec 2015 22:03:44 +0000 (00:03 +0200)]
EAP-EKE: Reject too long Prot() data when building a frame
This error case in own buffer lengths being too short was not handled
properly. While this should not really happen since the wpabuf
allocation is made large for the fixed cases that are currently
supported, better make eap_eke_prot() safer if this functionally ever
gets extended with a longer buffer need.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 21 Dec 2015 21:57:16 +0000 (23:57 +0200)]
tests: WPA2-Enterprise connection using EAP-EKE (many connections)
This tries to make it more likely to hit the special case of pub_len <
prime_len for additional code coverage.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 21 Dec 2015 21:31:15 +0000 (23:31 +0200)]
tests: EAP protocol tests with expanded header
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 21 Dec 2015 15:45:57 +0000 (17:45 +0200)]
Document previously missing key_mgmt values
Number of key_mgmt options were missing from the documentation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 21 Dec 2015 09:55:30 +0000 (11:55 +0200)]
tests: Add AP Location Public Identifier into gas_anqp_extra_elements
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sun, 20 Dec 2015 18:02:56 +0000 (20:02 +0200)]
tests: GAS fragmentation and comeback delay
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 17:58:05 +0000 (19:58 +0200)]
GAS: Do not cancel initial offchannel wait with comeback delay 1
The minimum comeback delay 1 is used to indicate that fragmentation is
needed instead of indicating that the response is going to be available
only after some time. Do not cancel offchannel wait for this case
between the initial and comeback exchanges to avoid delaying the full
operation unnecessarily.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 16:13:17 +0000 (18:13 +0200)]
tests: GAS fragmentation with mac80211_hwsim MCC enabled
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 18:56:34 +0000 (20:56 +0200)]
tests: Update gas_anqp_oom_hapd to match new implementation
Since wpa_supplicant is now retrying GAS comeback failures once, the
gas_anqp_oom_hapd test case started failing. Fix this by updating the
test case to expect success (on the retry).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 17:26:01 +0000 (19:26 +0200)]
GAS: Retry full GAS query if comeback response is not received
It is possible for a comeback response to get lost especially when going
through a large GAS exchange fragmented to multiple frames in an
environment with interference or other traffic. Make this less likely to
fail the full exchange by trying full GAS query again and using longer
wait time on the GAS comeback exchanges.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 19:06:21 +0000 (21:06 +0200)]
tests: Modify gas_malformed_comeback_resp to allow GAS retries
This is in preparation of a wpa_supplicant change to allow GAS retries
which can result in the previous test case design showing failures due
to "unexpected" management frames (GAS Initial Request from the retry).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 17:23:58 +0000 (19:23 +0200)]
GAS server: Replenish temporary STA entry timeout on comeback request
Previously, the five second timeout was added at the beginning of the
full GAS query and it was not replenished during fragmented exchanges.
This could result in timing out a query if it takes significant time to
go through the possibly multiple fragments and long comeback delay.
Signed-off-by: Jouni Malinen <j@w1.fi>
Matti Gottlieb [Thu, 10 Dec 2015 10:56:09 +0000 (12:56 +0200)]
GAS: Shorten the duration of the wait for GAS comeback response
When exchanging GAS frames with the AP, the initial response from the AP
may take a while to come, since the AP may need to fetch the info from a
server. The next fragments/comeback response frames should take much
less time since the AP already has all of the info, so the wait time
for these frames can be reduced.
In addition, some drivers, e.g., mac80211, try to combine ROC based flows,
to improve medium utilization. For example, if the requested ROC fits
entirely in a previous requested ROC they can be combined. Thus, reducing
the wait time for the next frames can improve medium utilization.
Shorten the duration of GAS comeback to improve medium utilization and
overall GAS exchange times.
Signed-off-by: Matti Gottlieb <matti.gottlieb@intel.com>
Jouni Malinen [Sun, 20 Dec 2015 17:37:06 +0000 (19:37 +0200)]
GAS: Clear offchannel_tx_started when ending remain-on-channel
Commit
2c0d0ae370f72fbe6248feed7ea0635303e3dc5a ('GAS: End
remain-on-channel due to delayed GAS comeback request') started ending
the remain-on-channel operation between the initial request and the
following comeback request. However, it did not check or update the
offchannel_tx_started variable. While this alone would not necessarily
be problematic, this makes it more difficult to optimize wait time for
offchannel TX operations, so make sure the internal tracking variable
gets updated.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 15:36:51 +0000 (17:36 +0200)]
tests: EAP-PEAP phase1 TLS flags
This adds some more test coverage for phase1 parameters that had not
previously been included in any of the test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 15:33:03 +0000 (17:33 +0200)]
tests: EAP-TTLS with unsupported Phase 2 EAP method in configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 15:32:10 +0000 (17:32 +0200)]
EAP-TTLS/PEAP/FAST: Reject unsupported Phase 2 method in configuration
Instead of using default list of methods, reject a configuration with an
unsupported EAP method at the time the main TLS method is being
initialized.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 15:25:04 +0000 (17:25 +0200)]
EAP-TLS: Merge common error paths
There is no need to keep these identical error paths separate.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 15:12:15 +0000 (17:12 +0200)]
tests: EAP-TLS and TLS Message Length in unfragmented packets
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 15:07:25 +0000 (17:07 +0200)]
tests: EAP-TLS and config blob missing
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 14:58:33 +0000 (16:58 +0200)]
tests: Speed up TNC test cases with the use of a single channel scan
There is no need for these test cases to run a full scan.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 14:56:42 +0000 (16:56 +0200)]
tests: TNC PEAP-SoH local error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 14:55:28 +0000 (16:55 +0200)]
EAP-PEAP peer: Fix a memory leak on an error path
If memory allocation for adding SoH response fails, the SoH response was
not freed properly on the error path.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 11:43:41 +0000 (13:43 +0200)]
tests: TNC TTLS local error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 11:40:59 +0000 (13:40 +0200)]
Drop any pending EAPOL RX frame when starting a new connection
Such a pending frame cannot be valid anymore, so drop it instead of
risking of using an unexpected EAPOL frame after association if a
previous association received one at the end and the new association can
happen within 100 ms.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 10:59:19 +0000 (12:59 +0200)]
tests: Fix scan result clearing in ssid_hidden*
These test cases were supposed to clear the cfg80211 and wpa_supplicant
scan caches in the end to avoid causing issues to the following test
cases. This did not work properly after introduction of the support for
aborting a pending scan. Fix this by using the flush_scan_cache()
function and waiting within the test case until the final scan operation
completes.
This issue was triggered by ssid_hidden/ssid_hidden2 followed by
ext_password_interworking (though, not every time).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 10:46:45 +0000 (12:46 +0200)]
tests: EAP-TTLS/MSCHAP with password hash
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 09:55:18 +0000 (11:55 +0200)]
tests: EAP-TTLS local error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Dec 2015 08:52:30 +0000 (10:52 +0200)]
WPA: Explicitly clear the buffer used for decrypting Key Data
When AES-WRAP was used to protect the EAPOL-Key Key Data field, this was
decrypted using a temporary heap buffer with aes_unwrap(). That buffer
was not explicitly cleared, so it was possible for the group keys to
remain in memory unnecessarily until the allocated area was reused.
Clean this up by clearing the temporary allocation explicitly before
freeing it.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 19 Dec 2015 19:04:39 +0000 (21:04 +0200)]
tests: EAP-PEAP local error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 19 Dec 2015 18:59:14 +0000 (20:59 +0200)]
tests: EAP-PEAP version forcing
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 19 Dec 2015 18:34:27 +0000 (20:34 +0200)]
EAP-PEAP peer: Check SHA1 result when deriving Compond_MAC
This handles a mostly theoretical case where hmac_sha1_vector() might
fail for some reason.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 19 Dec 2015 18:23:51 +0000 (20:23 +0200)]
tests: EAP-PEAP session resumption with crypto binding
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 19 Dec 2015 18:22:43 +0000 (20:22 +0200)]
EAP-PEAP server: Add support for fast-connect crypto binding
IPMK and CMK are derived from TK when using TLS session resumption with
PEAPv0 crypto binding. The EAP-PEAP peer implementation already
supported this, but the server side did not.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 19 Dec 2015 18:05:50 +0000 (20:05 +0200)]
tests: EAP-PEAP with peap_outer_success=0
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 19 Dec 2015 17:54:56 +0000 (19:54 +0200)]
EAP-PEAP peer: Remove unused return value and error path
eap_peap_parse_phase1() returned 0 unconditionally, so there was no need
for that return value or the code path that tried to address the error
case.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 19 Dec 2015 16:53:27 +0000 (18:53 +0200)]
HS 2.0: Remove duplicate icon entries
Only one of the icon entries with a matching BSSID and file name can be
fetched from wpa_supplicant and as such, there is no need to maintain
the old data if it was not explicitly deleted before running a new fetch
for the same BSSID and icon. Remove older duplicated entries whenever
completing a pending icon fetch to optimize memory use.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 19 Dec 2015 16:49:32 +0000 (18:49 +0200)]
HS 2.0: Convert icon storage to use dl_list
This simplifies the list operations quite a bit.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 18 Dec 2015 15:46:51 +0000 (17:46 +0200)]
tests: REQ_HS20_ICON and DEL_HS20_ICON
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jan Nordqvist [Fri, 11 Dec 2015 01:01:46 +0000 (17:01 -0800)]
HS 2.0: Add a command to retrieve icon with in-memory storage
This adds a new command based Hotspot 2.0 icon retrieval option.
In short, here is the new command sequence:
1. REQ_HS20_ICON <bssid> <file-name>
2. event: RX-HS20-ICON <bssid> <file-name> <size>
3. GET_HS20_ICON <bssid> <file-name> <offset> <size>
(if needed, repeat with larger offset values until full icon is
fetched)
5. DEL_HS20_ICON <bssid> <file-name>
REQ_HS20_ICON is a new command that is analogous to HS20_ICON_REQUEST
with the slight difference that an entry to store the icon in memory is
prepared. The RX-HS20-ICON event has been augmented with BSSID,
file-name and size, and GET_HS20_ICON is used to retrieve a chunk of up
to <size> bytes of icon data at offset <offset>. Each chunk is returned
as a base64 encoded fragment, preceded by "HS20-ICON-DATA", BSSID, and
file-name as well as the starting offset of the data.
If there is no entry prepared for the icon when the ANQP result comes
back, hs20_process_icon_binary_file falls back to legacy behavior.
Finally the DEL_HS20_ICON command deletes (all) icons associated with
BSSID and file-name (there could be several if retries are used and they
have different dialog tokens).
Signed-off-by: Jan Nordqvist <jannq@google.com>
Ilan Peer [Thu, 17 Dec 2015 13:54:12 +0000 (15:54 +0200)]
tests: Add rfkill tests for P2P Device operations
Add a couple of tests for rfkill with P2P Device operations
(with and without P2P Device interface).
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Johannes Berg [Thu, 17 Dec 2015 13:54:11 +0000 (15:54 +0200)]
rfkill: Match only the correct expected wiphy rfkill
On systems that have multiple WLAN rfkill instances, the rfkill code
can become confused into thinking that the device was unblocked when
in fact it wasn't, because it only matches on the WLAN type.
Since it then stores the new (unblocked) state from the wrong rfkill
instance, it will never retry the failing IFF_UP operation and the
user has to toggle rfkill again, or otherwise intervene manually, in
this case to get back to operational state.
Fix this by using the existing (but unused) ifname argument when the
rfkill instance is created to match to a specific rfkill index only.
As a P2P Device interface does not have a netdev interface associated
with it, use the name of a sibling interface to initialize the rfkill
context for the P2P Device interface. For nl80211, as the wiphy index
is known only after getting the driver capabilities from the kernel,
move the initialization of the rfkill object to
wpa_driver_nl80211_finish_drv_init().
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Ilan Peer [Thu, 17 Dec 2015 13:54:10 +0000 (15:54 +0200)]
nl80211: Handle rfkill for P2P Device interface
The rfkill processing in nl80211 driver assumes that the
INTERFACE_ENABLED/DISABLED will be also issued, so does not do much in
the rfkill callbacks. However, as a P2P Device interface is not
associated with a network interface, these events are not issued for it.
Handle rfkill events for the P2P_DEVICE interface by faking the
INTERFACE_ENABLED/DISABLED.
Signed-off-by: Moshe Benji <Moshe.Benji@intel.com>
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Jouni Malinen [Fri, 18 Dec 2015 20:22:25 +0000 (22:22 +0200)]
tests: Prepare ap_open_out_of_memory for modified rfkill init path
The rfkill initialization will be moved out from
wpa_driver_nl80211_drv_init() which would break one step in this OOM
test case due to the memory allocation not existing anymore. Fix this by
skipping that OOM step to avoid causing false failures with the
following commits.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 18 Dec 2015 19:01:42 +0000 (21:01 +0200)]
tests: wpa_supplicant SIGNAL_MONITOR command
Signed-off-by: Jouni Malinen <j@w1.fi>
Dmitry Shmidt [Wed, 16 Dec 2015 22:18:18 +0000 (14:18 -0800)]
wpa_supplicant: Add SIGNAL_MONITOR command
SIGNAL_MONITOR THRESHOLD=DD HYSTERESIS=DD command will request signal
strength monitoring events based on there having been requested amount
of drop in the signal strength. The threshold value is the RSSI
threshold in dBm for the event to be sent. 0 threshold can be used to
disable monitoring. The hysteresis value is RSSI hysteresis in dB to
specify the minimum amount of change before a consecutive event is
reported.
With nl80211 driver interface, these values map to the
NL80211_CMD_SET_CQM command with NL80211_ATTR_CQM_RSSI_THOLD and
NL80211_ATTR_CQM_RSSI_HYST attributes to the driver.
This command cannot be used when bgscan module is in use since that
depends on being able to control the connection monitoring parameters.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Matti Gottlieb [Thu, 10 Dec 2015 10:56:08 +0000 (12:56 +0200)]
GAS: End remain-on-channel due to delayed GAS comeback request
During the sequence of exchanging GAS frames with the AP, the AP can
request to come back in X amount of time and resend the GAS request.
Previously, wpa_supplicant did not terminate the remain-on-channel
session, but rather waited until the requested comeback delay had
expired, and then tried to send the GAS frame (potentially to save the
time that is required to schedule a new remain on channel flow).
This might cause unnecessary idle time (can be close to 1000 ms) in
which the device might be off-channel. Ending the current
remain-on-channel session and then rescheduling makes better usage of
the time in this case.
End remain-on-channel session due to receiving a delayed GAS comeback
request from the AP.
Signed-off-by: Matti Gottlieb <matti.gottlieb@intel.com>
Arik Nemtsov [Thu, 10 Dec 2015 10:56:07 +0000 (12:56 +0200)]
TDLS: Ignore incoming TDLS Setup Response retries
The Setup Response timer is relatively fast (500 ms) and there are
instances where it fires on the responder side after the initiator has
already sent out the TDLS Setup Confirm frame. Prevent the processing of
this stale TDLS Setup Response frame on the initiator side.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Jouni Malinen [Fri, 18 Dec 2015 18:13:39 +0000 (20:13 +0200)]
hlr_auc_gw: Simplify string parsers with str_token()
The helper function allows these string parsers to be made much simpler.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 18 Dec 2015 17:56:21 +0000 (19:56 +0200)]
hlr_auc_gw: Fix a typo in an error message
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 18 Dec 2015 17:55:01 +0000 (19:55 +0200)]
hlr_auc_gw: Remove unnecessary assignment
The pos variable is not used after the final parsed item, so no need to
set it here.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 18 Dec 2015 14:14:55 +0000 (16:14 +0200)]
tests: Detect invitation GO issues more quickly
This speeds up and clarifies error reporting for cases where the GO
fails to start in invitation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Eliad Peller [Thu, 10 Dec 2015 10:56:06 +0000 (12:56 +0200)]
wpa_cli: Send ALL_STA command to the correct interface
wpa_ctrl_command_sta(), called by the "ALL_STA" handler, didn't consider
ifname_prefix, resulting in various commands being sent to the global
control interface, rather than the specified interface when IFNAME=
prefix was used.
This in turn caused the unexpected "UNKNOWN COMMAND" result be
considered as valid station, resulting in infinite loop while trying to
get all stations.
Fix it by considering ifname_prefix, similarly to _wpa_ctrl_command().
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Ayala Beker [Thu, 10 Dec 2015 10:56:05 +0000 (12:56 +0200)]
Disconnect before trying to switch to a different network
Previously, when wpa_supplicant received bgscan results with a preferred
network, it connected to that network without disconnecting from the
previous one. This might result in an inconsistent state of upper
layers.
Fix this by disconnecting from the current AP before connecting to the
new one when the network profile changes and there is an existing
connection.
Signed-off-by: Ayala Beker <ayala.beker@intel.com>
Arik Nemtsov [Thu, 10 Dec 2015 10:56:04 +0000 (12:56 +0200)]
Avoid network selection from scan during connection
If scan results arrive during the connection process, the network
selection function was called, interrupting the current connection.
While a regular scan is mutually exclusive with connection establishment
via the nature of radio work, there's no such protection for scheduled
scan. Prevent network selection while a connection is in progress.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Ayala Beker [Thu, 10 Dec 2015 10:56:03 +0000 (12:56 +0200)]
utils: Fix NULL pointer dereference with unexpected kernel behavior
Fix mostly theoretical NULL pointer dereference in
wpa_debug_open_linux_tracing() if /proc/mounts were to return a
malformed line.
Signed-off-by: Ayala Beker <ayala.beker@intel.com>
Ayala Beker [Thu, 10 Dec 2015 10:56:02 +0000 (12:56 +0200)]
P2P: Fix possible NULL pointer dereference
Fix wpas_p2p_invite() to call p2p_set_own_pref_freq_list() after the
NULL check, to avoid NULL pointer dereference if P2P initialization were
to have failed or P2P module getting deinitialized.
Signed-off-by: Ayala Beker <ayala.beker@intel.com>
Johannes Berg [Fri, 11 Dec 2015 16:44:23 +0000 (17:44 +0100)]
tests: vm: Honor EPATH in uevent.sh
This is useful for testing CRDA since it means you can use EPATH to
redirect the test scripts to a different crda binary.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Thu, 17 Dec 2015 22:05:07 +0000 (00:05 +0200)]
tests: EAP-TTLS with invalid phase2 parameter values
Signed-off-by: Jouni Malinen <j@w1.fi>
Pali Rohár [Sun, 6 Dec 2015 11:01:32 +0000 (12:01 +0100)]
EAP-TTLS peer: Fix parsing auth= and autheap= phase2 params
This patch fixes an issue with an invalid phase2 parameter value
auth=MSCHAPv2 getting interpreted as auth=MSCHAP (v1) which could
degrade security (though, only within a protected TLS tunnel). Now when
invalid or unsupported auth= phase2 parameter combinations are
specified, EAP-TTLS initialization throws an error instead of silently
doing something.
More then one auth= phase2 type cannot be specified and also both auth= and
autheap= options cannot be specified.
Parsing phase2 type is case sensitive (as in other EAP parts), so phase2
parameter auth=MSCHAPv2 is invalid. Only auth=MSCHAPV2 is correct.
Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
[Use cstr_token() to get rid of unnecessary allocation; cleanup]
Signed-off-by: Jouni Malinen <j@w1.fi>
Matt Woods [Sat, 12 Dec 2015 10:25:42 +0000 (10:25 +0000)]
atheros: Unify memory processing functions
There are two types of memory processing functions in the file
atheros_driver.c, such as memory and os_memory. Unify the processing
functions into one type which has the prefix "os_".
Signed-off-by: Matt Woods <matt.woods@aliyun.com>
Jouni Malinen [Thu, 17 Dec 2015 17:26:40 +0000 (19:26 +0200)]
tests: TDLS with VHT 80, 80+80, and 160
This adds more coverage for TDLS testing for a case where the direct
link should use various VHT channel bandwidths.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 17 Dec 2015 16:37:19 +0000 (18:37 +0200)]
mesh: Fix VHT Operation information in peering messages
The full VHT channel information was not set in the hostapd data
structures which resulted in incorrect information (all zeros) being
used when building the VHT Operation element for peering messages while
the actual driver mode was set with the full details. We did not seem to
use the VHT information from peering messages, so this does not change
behavior with another wpa_supplicant-based mesh implementation. Anyway,
these elements should match the ones used in Beacon frames.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 17 Dec 2015 10:54:50 +0000 (12:54 +0200)]
tests: Verify SIGNAL_POLL values in ap_vht80
This confirms that the station recognized and negotiated 80 MHz
channel use with VHT.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 17 Dec 2015 09:31:37 +0000 (11:31 +0200)]
tests: Run OCSP test cases with internal TLS library
There is no sufficient OCSP support to go through these test cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 17 Dec 2015 09:45:48 +0000 (11:45 +0200)]
TLS: Report OCSP rejection cases when no valid response if found
This adds a CTRL-EVENT-EAP-TLS-CERT-ERROR and CTRL-EVENT-EAP-STATUS
messages with 'bad certificate status response' for cases where no valid
OCSP response was received, but the network profile requires OCSP to be
used.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 16 Dec 2015 23:45:51 +0000 (01:45 +0200)]
TLS: Process OCSP SingleResponse(s)
This completes OCSP stapling support on the TLS client side. Each
SingleResponse value is iterated until a response matching the server
certificate is found. The validity time of the SingleResponse is
verified and certStatus good/revoked is reported if all validation step
succeed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 17 Dec 2015 09:27:31 +0000 (11:27 +0200)]
TLS: Store DER encoded version of Subject DN for X.509 certificates
This is needed for OCSP issuerNameHash matching.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 17 Dec 2015 09:19:18 +0000 (11:19 +0200)]
TLS: Share digest OID checkers from X.509
These will be used by the OCSP implementation.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 16 Dec 2015 23:41:45 +0000 (01:41 +0200)]
TLS: Support longer X.509 serialNumber values
This extends the old support from 32 or 64 bit value to full 20 octets
maximum (RFC 5280, 4.1.2.2).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 16 Dec 2015 22:48:59 +0000 (00:48 +0200)]
tests: OCSP certificate signed OCSP response using key ID
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 16 Dec 2015 22:38:40 +0000 (00:38 +0200)]
TLS: Parse and validate BasicOCSPResponse
This adds the next step in completing TLS client support for OCSP
stapling. The BasicOCSPResponse is parsed, a signing certificate is
found, and the signature is verified. The actual sequence of OCSP
responses (SignleResponse) is not yet processed in this commit.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 14 Dec 2015 15:23:47 +0000 (17:23 +0200)]
tests: Make key-lifetime-in-memory more robust for GTK check
The decrypted copy of a GTK from EAPOL-Key is cleared from memory only
after having sent out CTRL-EVENT-CONNECTED. As such, there was a race
condition on the test case reading the wpa_supplicant process memory
after the connection. This was unlikely to occur due to the one second
sleep, but even with that, it would be at least theorically possible to
hit this race under heavy load (e.g., when using large number of VMs to
run parallel testing). Avoid this by running a PING command to make sure
wpa_supplicant has returned to eloop before reading the process memory.
This should make it less likely to report false positives on GTK being
found in memory.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 14 Dec 2015 13:47:38 +0000 (15:47 +0200)]
tests: Add more memory details on key-lifetime-in-memory
This makes it easier to see where in memory the key was found and what
there is in memory around that location.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 14 Dec 2015 10:31:35 +0000 (12:31 +0200)]
TLS: Parse OCSPResponse to extract BasicOCSPResponse
This adds the next step for OCSP stapling. The received OCSPResponse is
parsed to get the BasicOCSPResponse. This commit does not yet process
the BasicOCSPResponse.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 13 Dec 2015 21:11:32 +0000 (23:11 +0200)]
TLS: Parse CertificateStatus message
This allows the internal TLS client implementation to accept
CertificateStatus message from the server when trying to use OCSP
stapling. The actual OCSPResponse is not yet processed in this commit,
but the CertificateStatus message is accepted to allow the TLS handshake
to continue.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 13 Dec 2015 20:46:25 +0000 (22:46 +0200)]
TLS: Add status_request ClientHello extension if OCSP is requested
This allows the internal TLS implementation to request server
certificate status using OCSP stapling. This commit is only adding code
to add the request. The response is not yet used.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 13 Dec 2015 20:45:35 +0000 (22:45 +0200)]
TLS: Parse ServerHello extensions
This prints the received ServerHello extensions into the debug log and
allows handshake to continue even if such extensions are included.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 13 Dec 2015 18:54:20 +0000 (20:54 +0200)]
tests: Run PKCS#12 tests with internal TLS crypto
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 13 Dec 2015 18:52:43 +0000 (20:52 +0200)]
TLS: Add minimal support for PKCS #12
This allows the internal TLS implementation to parse a private key and a
certificate from a PKCS #12 file protected with
pbeWithSHAAnd3-KeyTripleDES-CBC.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 13 Dec 2015 18:50:08 +0000 (20:50 +0200)]
TLS: Extend PKCS #5 to support PKCS #12 style key decryption
This adds support for decrypting private keys protected with the old
PKCS #12 mechanism using OID pbeWithSHAAnd3-KeyTripleDES-CBC.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 13 Dec 2015 20:10:46 +0000 (22:10 +0200)]
TLS: Fix and complete ASN.1 tag list
One of the unused defines had incorrect value and couple of tags were
missing.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 12 Dec 2015 16:16:19 +0000 (18:16 +0200)]
tests: External server certificate chain validation
This tests tls_ext_cert_check=1 behavior with EAP-TLS, EAP-TTLS,
EAP-PEAP, and EAP-FAST.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 12 Dec 2015 16:16:54 +0000 (18:16 +0200)]
EAP peer: External server certificate chain validation
This adds support for optional functionality to validate server
certificate chain in TLS-based EAP methods in an external program.
wpa_supplicant control interface is used to indicate when such
validation is needed and what the result of the external validation is.
This external validation can extend or replace the internal validation.
When ca_cert or ca_path parameter is set, the internal validation is
used. If these parameters are omitted, only the external validation is
used. It needs to be understood that leaving those parameters out will
disable most of the validation steps done with the TLS library and that
configuration is not really recommend.
By default, the external validation is not used. It can be enabled by
addingtls_ext_cert_check=1 into the network profile phase1 parameter.
When enabled, external validation is required through the CTRL-REQ/RSP
mechanism similarly to other EAP authentication parameters through the
control interface.
The request to perform external validation is indicated by the following
event:
CTRL-REQ-EXT_CERT_CHECK-<id>:External server certificate validation needed for SSID <ssid>
Before that event, the server certificate chain is provided with the
CTRL-EVENT-EAP-PEER-CERT events that include the cert=<hexdump>
parameter. depth=# indicates which certificate is in question (0 for the
server certificate, 1 for its issues, and so on).
The result of the external validation is provided with the following
command:
CTRL-RSP-EXT_CERT_CHECK-<id>:<good|bad>
It should be noted that this is currently enabled only for OpenSSL (and
BoringSSL/LibreSSL). Due to the constraints in the library API, the
validation result from external processing cannot be reported cleanly
with TLS alert. In other words, if the external validation reject the
server certificate chain, the pending TLS handshake is terminated
without sending more messages to the server.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 12 Dec 2015 10:45:30 +0000 (12:45 +0200)]
tests: Fix wpas_ctrl_country and dbus_country with valid db.txt
init=CORE was previously used due to invalid db.txt data for 00. For
now, allow both it and the new init=USER after fixed db.txt.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 12 Dec 2015 10:07:51 +0000 (12:07 +0200)]
tests: EAP-FAST local error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 12 Dec 2015 10:00:28 +0000 (12:00 +0200)]
EAP-FAST peer: Fix PAC parser error messages
Do not override the parsing error with the "PAC block not terminated
with END" message if the reason for the END line not yet being seen is
in failure to parse an earlier line.
Signed-off-by: Jouni Malinen <j@w1.fi>