Jouni Malinen [Mon, 5 Jan 2015 15:12:27 +0000 (17:12 +0200)]
tests: Move MD5 test cases into hwsim framework
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 5 Jan 2015 15:05:42 +0000 (17:05 +0200)]
tests: Move ms_funcs test cases into hwsim framework
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 5 Jan 2015 14:57:57 +0000 (16:57 +0200)]
tests: Add some of the AES ECB mode test cases from CAVS 11.1
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 5 Jan 2015 14:35:59 +0000 (16:35 +0200)]
tests: Move AES key wrap/unwrap test cases into hwsim framework
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 5 Jan 2015 14:28:46 +0000 (16:28 +0200)]
tests: Move AES-CBC test cases into hwsim framework
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 5 Jan 2015 14:24:22 +0000 (16:24 +0200)]
tests: Move AES-128 EAX mode test cases into hwsim framework
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 5 Jan 2015 14:15:23 +0000 (16:15 +0200)]
tests: Additional OMAC1-AES module test coverage
This verifies couple of corner cases with short vector entries in the
OMAC1-AES implementation.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 5 Jan 2015 14:02:08 +0000 (16:02 +0200)]
tests: Move OMAC1-AES test cases into hwsim module tests
This makes sure the test cases are executed automatically with rest of
the hwsim tests.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 5 Jan 2015 13:48:17 +0000 (15:48 +0200)]
tests: Add module tests for AES-SIV
This moves the AES-SIV test case from tests/test-aes.c to be part of
wpa_supplicant module testing framework with a new
src/crypto/crypto_module_tests.c component. In addition, the second test
vector from RFC 5297 is also included for additional coverage.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 5 Jan 2015 13:22:36 +0000 (15:22 +0200)]
AES-SIV: Make aes_s2v() static
This function is not used outside aes-siv.c. In addition, include the
aes_siv.h header to make sure that functions get declared consistently.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 5 Jan 2015 11:40:07 +0000 (13:40 +0200)]
nl80211: Simplify event processing error paths
These are practically unreachable code since cfg80211 fills in the
required attributes or does not send the event. Keep the checks in
place, but minimize the extra code in wpa_supplicant/hostapd.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 5 Jan 2015 10:21:12 +0000 (12:21 +0200)]
nl80211: Remove cfg80211 state mismatch workaround for authentication
cfg80211 dropped support for tracking BSS authentication state and
setting NL80211_BSS_STATUS_AUTHENTICATED in 'cfg80211: stop tracking
authenticated state' three years ago (starting in Linux 3.4). As such,
this workaround code in wpa_supplicant cannot be reached anymore. There
is no real need for maintaining it for older kernels either, since there
are other ways of detecting and working around state mismatches with the
actual authentication operations failing.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 5 Jan 2015 10:00:09 +0000 (12:00 +0200)]
nl80211: Check support for rekey offload on first use
While there is no explicit driver capability advertisement for this in
nl80211, the EOPNOTSUPP response can be interpreted as a clear
indication of NL80211_CMD_SET_REKEY_OFFLOAD not being supported. Check
for that and don't try to offload keys again if the driver has not use
for them.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 4 Jan 2015 21:05:47 +0000 (23:05 +0200)]
tests: MAC_RAND_SCAN with valid and invalid arguments
This verifies that random MAC address is used as requested in Probe
Request frames.
Signed-off-by: Jouni Malinen <j@w1.fi>
Ilan Peer [Mon, 29 Dec 2014 06:41:08 +0000 (01:41 -0500)]
wpa_cli: Add MAC address randomization in scan
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Ilan Peer [Mon, 29 Dec 2014 06:41:07 +0000 (01:41 -0500)]
ctrl_iface: Add MAC address randomization in scan processing
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Ilan Peer [Mon, 29 Dec 2014 06:41:06 +0000 (01:41 -0500)]
scan: Add MAC address randomization in scan handling
1. Supported MAC address randomization for scan.
2. Supported MAC address randomization for scheduled scan.
2. Supported MAC address randomization for pno.
4. Add functions to set and clear the MAC address randomization
state variables.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Ilan Peer [Mon, 29 Dec 2014 06:41:05 +0000 (01:41 -0500)]
nl80211: Handle MAC address randomization in scan/sched_scan
1. Process supported driver capabilities.
2. Populate scan request with MAC address randomization data
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Ilan Peer [Mon, 29 Dec 2014 06:41:04 +0000 (01:41 -0500)]
driver: Add definitions for MAC address randomization in scan
1. Add parameters to the scan command to allow MAC address
randomization during scan and scheduled scan.
2. Add capability bits to publish MAC address randomization support
in scan and scheduled scan.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Jouni Malinen [Sun, 4 Jan 2015 19:45:18 +0000 (21:45 +0200)]
tests: TDLS channel switching
Verify correct behavior with invalid commands. In addition, allow minor
mac80211_hwsim modifications to be used to enable testing of the driver
interface to enable and disable channel switching.
Signed-off-by: Jouni Malinen <j@w1.fi>
Arik Nemtsov [Mon, 29 Dec 2014 03:35:21 +0000 (22:35 -0500)]
wpa_cli: Implement TDLS start/cancel channel switching commands
For the start operation, this includes appropriate parameters for
specifying channel and peer information. The cancel operation includes
peer information.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Arik Nemtsov [Mon, 29 Dec 2014 03:35:20 +0000 (22:35 -0500)]
nl80211: Pass TDLS channel-switch start/stop params to kernel
The kernel-driver/firmware are responsible for performing periodic
switches to the target channel with the given peer. Propagate all TDLS
channel switching related information to kernel.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Arik Nemtsov [Mon, 29 Dec 2014 05:20:51 +0000 (00:20 -0500)]
TDLS: Propagate enable/disable channel-switch commands to driver
The supplicant code does not try to control the actual channel of the
radio at any point. It simply passes the target peer and channel
parameters to the driver. It's the driver's responsibility to
periodically initiate TDLS channel-switch operations when TDLS
channel-switching is enabled.
Allow enable/disable operations to be invoked via the control interface.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Arik Nemtsov [Mon, 29 Dec 2014 03:35:18 +0000 (22:35 -0500)]
TDLS: Track TDLS channel switch prohibition in BSS
Mark an appropriate sm flag when TDLS switch is prohibited by the AP.
Populate the flag upon association with the AP.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Arik Nemtsov [Mon, 29 Dec 2014 03:44:37 +0000 (22:44 -0500)]
TDLS: Add channel-switch capability flag
Propagate a driver TDLS channel-switch support bit from nl80211 to
TDLS code.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Jouni Malinen [Sun, 4 Jan 2015 13:35:34 +0000 (15:35 +0200)]
Sync with wireless-testing.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2014-11-26.
Signed-off-by: Jouni Malinen <j@w1.fi>
Eliad Peller [Mon, 29 Dec 2014 02:15:03 +0000 (21:15 -0500)]
tests: WMM-AC reassociation-to-same-BSS test
Make sure the tspecs are kept on reassociation to the same BSS.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Eliad Peller [Mon, 29 Dec 2014 02:15:02 +0000 (21:15 -0500)]
tests: wmm_ac_status and roaming case with WMM-AC
Make sure the wmm_ac_status command reflects correctly the existing
tspecs after add_ts/del_ts commands. Add a new test to verify all tspecs
are removed on roaming (while FT is not used).
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Eliad Peller [Mon, 29 Dec 2014 02:15:01 +0000 (21:15 -0500)]
WMM AC: Reconfigure tspecs on reassociation to the same BSS
The specification requires the tspecs to be kept upon reassociation to
the same BSS. Save the last tspecs before such reassociation, and
reconfigure on the association notification.
Note that the current flow is not transparent to the user
(it is notified about deauth/reassoc and tspec removal/addition).
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Eliad Peller [Mon, 29 Dec 2014 02:15:00 +0000 (21:15 -0500)]
WMM AC: Do not fail on unknown IEs in Association Response
Some APs add their custom (vendor-specific) IEs to the Association
Response frame. Fail WMM AC initialization only if Association Response
frame IE parsing actually failed, i.e., ignore all unknown IEs.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Eliad Peller [Mon, 29 Dec 2014 02:14:59 +0000 (21:14 -0500)]
WMM AC: Delete tspecs on roaming
In case of roaming, we don't get disassoc notification, but
still want to remove the existing tspecs.
Move the wmm_ac_notify_disassoc() call to the state change
function, which get called also on roaming.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Eliad Peller [Mon, 29 Dec 2014 02:14:58 +0000 (21:14 -0500)]
WMM AC: Print user-priority in wmm_ac_status
The UP is important property of the tspec, so print it as well.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
Avraham Stern [Mon, 29 Dec 2014 02:14:57 +0000 (21:14 -0500)]
nl80211: Always register management frames handler
If registering WMM-AC ADDTS response action frame or WMM-AC DELTS
action frame fails, the management frame handler is not being
registered. This results with a segmentation fault when trying to
unsubscribe the handler when the interface is removed.
Fix it by always registering the handler and just returning a negative
value to note that the action frame could not be registered.
This fixes an issue introduced in the commit
dfa8787833f0b237f954b01233cad3527f3d4805 ('nl80211: Implement
add_ts/del_ts ops').
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Jouni Malinen [Sat, 3 Jan 2015 14:59:14 +0000 (16:59 +0200)]
doc: Extend driver.h documentation
This documents some more parts of the driver wrapper interface.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 3 Jan 2015 13:57:41 +0000 (15:57 +0200)]
doc: Add rule for generating _wpa_supplicant.eps
Commit
7c4e92115a795dd2ee2135cf49d7e9e172fb5851 ('Update Doxygen
documentation for new version') rename the PNG version of the image, but
forgot the EPS version for Latex.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Dec 2014 19:57:35 +0000 (21:57 +0200)]
tests: Extend EAP key lifetime in memory to cover MSK and EMSK
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 3 Jan 2015 13:44:35 +0000 (15:44 +0200)]
doc: Disable Doxygen autolink support
The way autolink support is implementing in Doxygen is a bit
inconvenient with wpa_supplicant being recognized as something that
would always be linked to struct wpa_supplicant. In addition, number of
links were not really noticed automatically. To get this working more
robustly and without having to use the %wpa_supplicant workaround (which
had its own issues, e.g., with titles), disable autolinking and use
explicit \ref commands instead.
This is also updating some of the obsolete notes to point to correct
file names, etc. changes in the source code tree.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Jan 2015 23:01:42 +0000 (01:01 +0200)]
nl80211: Clear nlmsg payload with keys before freeing
This reduces the time possible keys could remain in heap memory. Couple
of the nl80211 messages include keys (TK for normal ciphers and
KCK/KEK/PMK for various offloading cases).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Jan 2015 20:54:30 +0000 (22:54 +0200)]
nl80211: Note linux_set_iface_flags() failure in debug log
There was one final remaining linux_set_iface_flags() call that did not
check the result. This specific one does not really matter much, but
anyway, be more consistent by checking the result and log any error in
debug log. (CID 74146)
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Jan 2015 20:12:38 +0000 (22:12 +0200)]
tests: Make wpas_mesh_max_peering more robust
The previous version was enabling all three stations at the same time
and left dev[1] and dev[2] competing on getting connected with dev[0]
that allowed only one pairing. This was not exactly robust and the pass
criteria depended on an extra event from either dev[1] or dev[2]. Fix
that by first connecting dev[0] and dev[1] and only after that, start
dev[2]. This allows proper validation of both the peering limit on
dev[0] and no extra event on dev[2].
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Jan 2015 16:21:25 +0000 (18:21 +0200)]
tests: Make scan_hidden more robust under heavy CPU load
It is possible for the Probe Response frame wait to time out when active
scanning is used under heavy CPU load. Make this test case more robust
by trying multiple times before declaring the scan for a hidden SSID to
have failed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 26 Dec 2014 17:59:23 +0000 (19:59 +0200)]
tests: wpa_supplicant D-Bus interface
This adds new files with test cases to verify both the old and new
wpa_supplicant D-Bus interface.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 26 Dec 2014 15:44:24 +0000 (17:44 +0200)]
tests: Enable wpa_supplicant D-Bus support for hwsim tests
This allows automated testing of the wpa_supplicant D-Bus interface. The
instance controlling wlan0 registers with D-Bus if dbus-daemon was
started successfully. This is only used in VM testing, i.e., not when
run-tests.sh is used on the host system with D-Bus running for normal
system purposes.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 10:18:43 +0000 (12:18 +0200)]
doc: Document the D-Bus P2P extensions
P2P support was added to the wpa_supplicant D-Bus interface long time
ago, but there has been no attempt of documenting that interface so far.
This commit adds at least a list of new interfaces, methods, properties,
and signals. Some of the incorrect and/or strange parts of the interface
are also identified with bug/todo comments.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Jan 2015 14:06:12 +0000 (16:06 +0200)]
doc: Document D-Bus WPS property ConfigMethods
This was added a long time ago, but documentation update was forgotten.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Jan 2015 14:03:22 +0000 (16:03 +0200)]
doc: Document missing D-Bus Interface properties
CurrentAuthMode and DisconnectReason have been added a long time ago,
but documentation update was forgotten.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Jan 2015 13:55:15 +0000 (15:55 +0200)]
doc: Document D-Bus BSS properties WPS and Age
These have been added a long time ago, but documentation update was
forgotten.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 30 Dec 2014 11:56:42 +0000 (13:56 +0200)]
doc: Add D-Bus documentation for Probe Request reporting
Commit
2d43d37ff2c3115da812bec8ea4c72048e1194d8 ('DBus: Add ability to
report probe requests') added this capability, but forgot to document
it.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 30 Dec 2014 11:19:54 +0000 (13:19 +0200)]
doc: Fix D-Bus documentation for .Network Properties
This propertry is not read-only, i.e., it can also be used to change
configuration parameters for an existing network.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Jan 2015 15:11:15 +0000 (17:11 +0200)]
D-Bus: Fix WPS.Start method in AP/P2P GO mode
Previously, role="enrollee" was required to be used to allow the AP mode
WPS operation to be started. This is incorrect since the AP/GO will
operate in Registrar role. Fix this by ignoring the role parameter when
AP (including P2P GO) mode is enabled.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Jan 2015 15:09:38 +0000 (17:09 +0200)]
WPS: Reject station-mode WPS operations when AP mode is enabled
Start of station-mode WPS PBC/PIN/Registrar/NFC operation would result
in the AP mode getting disabled. This can be particularly confusing for
the P2P GO case where the group would need to be stopped cleanly. As
such, it is better to reject these invalid operations rather than trying
to handle all corner cases needed to allow this to work robustly.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Jan 2015 14:11:56 +0000 (16:11 +0200)]
D-Bus: Move NetworkRequest signal to correct registration array
This is an interface signal, not a global signal, so move it to the
current array for registering the signal.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Jan 2015 10:51:39 +0000 (12:51 +0200)]
D-Bus: Remove registration of P2PStateChanged signal
This signal is not generated anywhere, so there is no point in claiming
it to be available.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Jan 2015 10:25:32 +0000 (12:25 +0200)]
D-Bus: Make P2P Group Passphrase property getter available for P2P Client
There is no need to limit this property based on the role of the device
in the group, so return the passphrase if it is available. It will be
available in GO role and it may be available in P2P Client role based on
whether the peer GO provided it during the WPS provisioning step.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 2 Jan 2015 10:20:44 +0000 (12:20 +0200)]
D-Bus: Fix P2P Group PSK property getter
This was returning a byte array of the pointer to the PSK, not the
actual PSK, due to incorrect use of
wpas_dbus_simple_array_property_getter(). In addition, there is no need
to limit this property based on the role of the device in the group, so
return the PSK if it is available (which it will be for both GO and P2P
Client roles).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 1 Jan 2015 20:36:52 +0000 (22:36 +0200)]
D-Bus: Simplify out-of-memory reporting
There is no need to have separate wpa_printf() and different error
message strings for the unlikely out-of-error messages. Use a helper
function, wpas_dbus_error_no_memory(), to get consistent behavior with a
one-line call.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 1 Jan 2015 20:16:34 +0000 (22:16 +0200)]
D-Bus: Remove the obsolete notes from wpas_dbus_error_unknown_error()
Commit
6aeeb6fa21bc072ba92ce9423ba5c0417e8c0bf5 ('dbus: clean up new
D-Bus interface getters and setters') redesigned the property
getter/setter calls in a way that made the
wpas_dbus_error_unknown_error() note about message being NULL in some
cases obsolete. All the remaining callers are from method handler
functions that must have a valid message. Remove the obsolete notes and
unnecessary messsage == NULL check.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 21:21:10 +0000 (23:21 +0200)]
D-Bus: Coding style cleanup
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 11:57:48 +0000 (13:57 +0200)]
D-Bus: Simplify message building error paths
There is no need to have multiple separate return statements for error
cases in a sequence of operations. In addition, there is not much point
in "converting" boolean return values with "if (!res) return FALSE;
return TRUE;" style constructions.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 1 Jan 2015 16:04:05 +0000 (18:04 +0200)]
D-Bus: Fix GroupAdd, Invite, RemovePersistentGroup path validation
net_id_str can be NULL and that must be checked for to avoid NULL
pointer dereference if an invalid persistent_group_object path is used
with these methods.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 1 Jan 2015 15:47:29 +0000 (17:47 +0200)]
D-Bus: Fix error message for Listen() failure
DBUS_ERROR_NO_MEMORY does not look like the best option for the failure
reason in case wpas_p2p_listen() fails.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 1 Jan 2015 09:42:32 +0000 (11:42 +0200)]
D-Bus: Clean up wpas_dbus_new_decompose_object_path()
None of the new D-Bus interface cases use the bssid_part in
decompose_object_path (while the old interface ones do). As such, this
is dead code and can be removed. In addition, the P2P addition here was
pretty ugly extension. Replace these with a cleaner way of passing the
separating string (e.g., "Networks") from the caller and returning the
requested item.
In addition, there is no need to allocate the returned item separately,
so use a single allocation and a pointer to that allocated memory. This
will make it easier for callers to have to free only a single
allocation. This is also fixing a memory leak in P2P invitation
persistent group case where the caller had missed the need to free the
returned values.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 1 Jan 2015 13:24:08 +0000 (15:24 +0200)]
D-Bus: Clean up parse_peer_object_path() uses
This helper function does not modify peer_path, so mark it const. In
addition, there is no point in callers to check separately whether
peer_path is NULL since that is taken care of by this helper function.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 1 Jan 2015 00:13:27 +0000 (02:13 +0200)]
D-Bus: Remove useless NULL check from static function
The entry argument cannot be NULL in this static function.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 19:33:21 +0000 (21:33 +0200)]
D-Bus: Add debug prints for parsing dict entries
This makes it easier to figure out what happens if there are issues with
processing messages.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 1 Jan 2015 00:10:37 +0000 (02:10 +0200)]
D-Bus: Remove useless wpa_s->conf checks
This cannot be NULL when an interface is in use. There is not much point
in couple of functions checking this while large number of other places
do not.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 22:59:20 +0000 (00:59 +0200)]
D-Bus: Write Get/Set property name in debug log
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 18:25:49 +0000 (20:25 +0200)]
D-Bus: Add more debug prints to cover operations
This adds the message signature to the new D-Bus interface message
handler and similar prints to the old interface messages handlers.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 21:20:01 +0000 (23:20 +0200)]
D-Bus: Fix property change timer update
eloop_is_timeout_registered() was called with incorrect context argument
which meant that the pending timeout would have never been found.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 14:54:48 +0000 (16:54 +0200)]
D-Bus (old): Fix removeNetwork method to not use freed memory
wpa_supplicant_deauthenticate() call needs to happen before
wpa_config_remove_network(). Freed memory could be dereferenced if
removeNetwork method was issued on the currently connected network.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 14:40:14 +0000 (16:40 +0200)]
D-Bus: Avoid valgrind warning due to compiler optimization
It looks like both gcc and clang optimize the (entry.type != foo ||
entry.array_type != bar) in a way that ends up evaluating the second
condition even when the first one results in 0. While this is not really
what the C language requirements on short-circuit evaluation require,
the compiler likely assumes this can have no side effects and with both
type and array_type being comparable in a single 64-bit operation, this
can clearly be a bit more efficient. While the code behaves same in both
cases, valgrind does warn about use of uninitialized memory when the
second condition is evaluated (entry.array_type is not initialized if
entry.type != DBUS_TYPE_ARRAY).
To keep valgrind logs cleaner, initialize entry.array_type to
DBUS_TYPE_INVALID so that these compiler optimizations do not result in
reading uninitialized memory.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 14:33:35 +0000 (16:33 +0200)]
D-Bus: Avoid compiler warning on sometimes uninitialized variable
The logic in wpas_dbus_signal_p2p_provision_discovery() seemed to imply
that there could be a case where _signal would be used uninitized. While
that is not the case since either (request || !status) or (!request &&
status) would always be true, some compilers do not seem to be clever
enough to figure that out to avoid the warning. Make this easier for
such compilers by removing the (!request && status) condition since it
is identical to !(request || !status).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 13:46:08 +0000 (15:46 +0200)]
D-Bus: Make WPAS_DBUS_TYPE_BINARRAY value less confusing
Commit
911e97e4002019e577bb1086f1fd02daff978544 ('DBus: Refactor array
adding, add binary arrays') introduced WPAS_DBUS_TYPE_BINARRAY as an
internal fake type for array_type. However, it selected this value to be
(DBUS_NUMBER_OF_TYPES + 100) = 116 = 't'. This happens to conflict with
DBUS_TYPE_UINT64 ((int) 't'). While none of the existing array_type use
cases supported UINT64, it is much clearer if WPAS_DBUS_TYPE_BINARRAY
has a value that does not match any existing DBUS_TYPE_* value. Replace
this with '@' (64).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 11:32:47 +0000 (13:32 +0200)]
D-Bus: Fix dict binarray getter to accept empty array of array
This is needed to allow Set(P2PDeviceConfig) to clear the
VendorExtension array (i.e., to remove all configured vendor
extensions). Previously, such an attempt was met with a D-Bus assert and
rejection of the operation.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 11:05:51 +0000 (13:05 +0200)]
D-Bus: Fix memory leak on P2PDeviceConfig::VendorExtension
The wps_vendor_ext array can be set using D-Bus Set(P2PDeviceConfig)
with the VendorExtension key in the dictionary. However, there was no
code for freeing the allocated memory when the interface is removed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 09:41:11 +0000 (11:41 +0200)]
D-Bus: Fix GONegotiationSuccess signal passphrase format
Passphrase is a variable length string of (8..63 characters), not a byte
array of fixed 64 octets.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 09:00:31 +0000 (11:00 +0200)]
D-Bus: Make wpas_dbus_error_scan_error() static
This function is not used anywhere outside this file.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Wed, 31 Dec 2014 08:45:50 +0000 (10:45 +0200)]
D-Bus: Fix ServiceDiscoveryResponse to accept int32 dialog_token
The ServiceDiscoveryRequest signal uses int32 for encoding dialog_token
for some reason (even though this is a u8 field).
ServiceDiscoveryResponse is supposed to accept the values from the
signal as-is, so extend that to accept int32 in addition to the
previously used uint32.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 30 Dec 2014 22:36:19 +0000 (00:36 +0200)]
D-Bus: Fix memory leaks on AddService/DeleteService error paths
The query and service parameters need to be freed on all paths to avoid
memory leaks in error cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 30 Dec 2014 20:20:00 +0000 (22:20 +0200)]
D-Bus: Fix .Group Set(WPSVendorExtensions) format
The earlier implementation seemed to require a strange extra
encapsulation with a dictionary for setting the WPSVendorExtensions
property while this was defined to have aay signature and the get
operation did indeed return and array of array of bytes without that
dictionary. Fix this to accept aay format for the setter as well. Keep
support for the old dictionary encapsulation format for backwards
compatibility.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Tue, 30 Dec 2014 19:04:07 +0000 (21:04 +0200)]
D-Bus: Fix memory leak on P2P GO WPSVendorExtensions
It was possible to add WPS vendor extensions through the D-Bus
WPSVendorExtensions setter, but these extensions were not freed when the
P2P GO was stopped or when replacing previously configured extensions.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Dec 2014 11:13:25 +0000 (13:13 +0200)]
tests: Verify that wpa_supplicant clears keys from memory
Check that PMK and PTK and not left in memory (heap or stack)
unnecessarily after they are not needed anymore.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Dec 2014 16:40:10 +0000 (18:40 +0200)]
SAE: Clear keys from memory on disassociation
There is no need to keep temporary keys in memory beyond the end of the
association, so explicitly clear any SAE buffers that can contain keys
as soon as such keys are not needed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Dec 2014 13:41:03 +0000 (15:41 +0200)]
Clear GTK from memory as soon as it is not needed anymore
It was possible for the decrypted EAPOL-Key Key Data field to remain in
heap after the temporary buffer was freed. Explicitly clear that buffer
before freeing it to minimize the time GTK remains in memory.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Dec 2014 11:11:29 +0000 (13:11 +0200)]
Clear psk_list while freeing config_ssid instances
Previously, the main PSK entry was cleared explicitly, but psk_list
could include PSKs for some P2P use cases, so clear it as well when
freeing config_ssid instances.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Dec 2014 11:10:30 +0000 (13:10 +0200)]
Explicitly clear the temporary stack-based PSK buffer
There is no need to leave this temporary key in stack memory after
having been configured to the WPA state machine.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Dec 2014 11:09:24 +0000 (13:09 +0200)]
Explicitly clear the temporary stack-based key for WPA-None
There is no need to leave this temporary key in stack memory after
having been configured to the driver.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Dec 2014 11:07:00 +0000 (13:07 +0200)]
WPS ER: Explicitly clear PSK from stack after use
There is no need to leave the PSK from temporary Credential structure
that was built in stack after that Credential has been passed to the WPS
module.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Dec 2014 11:05:32 +0000 (13:05 +0200)]
Clear wpa_psk memory when setting up wpa_supplicant AP mode
This is more of a theoretical case since this part is done only during
setup and the structure is not allocated in practice. Anyway,
maintaining more consistent use of bin_clear_free() for structures that
may contain keys is useful.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Dec 2014 11:03:01 +0000 (13:03 +0200)]
Clear TK part of PTK after driver key configuration
There is no need for wpa_supplicant to maintain a copy of the TK part of
PTK after this has been configured to the driver, so clear that from
heap memory and only maintain KEK and KCK during association to allow
additional EAPOL-Key handshakes.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Dec 2014 11:00:03 +0000 (13:00 +0200)]
Clear temporary keys from WPA supplicant state machine when not needed
PMK and PTK are not needed in the supplicant state machine after
disassociation since core wpa_supplicant will reconfigure them for the
next association. As such, clear these from heap in
wpa_sm_notify_disassoc() to reduce time and number of places storing key
material in memory. In addition, clear FT keys in case of
CONFIG_IEEE80211R=y build (sm->xxkey stored a copy of PSK in case of
FT-PSK).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 29 Dec 2014 15:22:17 +0000 (17:22 +0200)]
tests: Filter out extra files from codecov reports
wpa_cli and hostapd_cli are not currently tested for code coverage, so
filter the files specific to those components away from the code
coverage reports. *_module_tests.c are not included in normal builds, so
drop them as well. In addition, drop the system header file (byteswap.h)
that gets somehow unnecessarily included in the reports for couple of
lines.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 28 Dec 2014 19:45:21 +0000 (21:45 +0200)]
doc: Add D-Bus signals Certification(), EAP(), NetworkRequest()
This documents number of EAP related D-Bus signals and the related
NetworkResponse() method.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 28 Dec 2014 19:00:06 +0000 (21:00 +0200)]
doc: Add D-Bus FlushBSS() method
Commit
2b65b30da86f550dc8c228cb2c6456e76dbc7978 ('dbus: Add D-Bus
methods to flush the BSS cache') added this, but forgot to update
documentation.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 28 Dec 2014 18:15:56 +0000 (20:15 +0200)]
doc: Add D-Bus RemoveAllNetworks() method
Commit
7c49fdd0bd214f5fa3af8407d7011930ac150ef1 ('dbus: Add
RemoveAllNetworks to the new D-Bus API') added this, but forgot to
document it.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 28 Dec 2014 17:56:36 +0000 (19:56 +0200)]
doc: Add D-Bus Reattach() method
Commit
0f44ec8eba8a2b01e9c443308a72a2fd3208f7cf ('Add a reattach command
for fast reassociate-back-to-same-BSS') added Reattach(), but forgot to
document it.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 28 Dec 2014 17:30:26 +0000 (19:30 +0200)]
doc: Add D-Bus SignalPoll() method
Commit
7a4a93b9593575ffd64ba72739429d98e4b90858 ('dbus: Add SignalPoll()
method to report current signal properties') added this method, but
forgot to document it.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 28 Dec 2014 16:07:09 +0000 (18:07 +0200)]
doc: Add D-Bus global Capabilities property
This property was added to the fi.w1.wpa_supplicant1 interface in commit
1634ac0654eba8d458640a115efc0a6cde3bac4d ('dbus: Add global capabilities
property'), but documentation was not updated.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 28 Dec 2014 15:05:11 +0000 (17:05 +0200)]
doc: Fix D-Bus documentation for CreateInterface()
The "Bridge_ifname" parameter had been renamed to "BridgeIfname" and
"ConfigFile" is also available as a parameter.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 28 Dec 2014 15:03:18 +0000 (17:03 +0200)]
doc: Fix D-Bus page format with newer Doxygen versions
It looks like the space indentation before the HTML command ended up
being converted to HTML tags getting shown as code text rather than
being used to control formatting. Fix this by removing indentation from
the first line of each HTML segment.
Signed-off-by: Jouni Malinen <j@w1.fi>