Commit Graph

15603 Commits

Author SHA1 Message Date
Jouni Malinen
466e48dcd7 HT: Remove SMPS in AP mode
SM Power Save was described in somewhat unclear manner in IEEE Std
802.11n-2009 as far the use of it locally in an AP to save power. That
was clarified in IEEE Std 802.11-2016 to allow only a non-AP STA to use
SMPS while the AP is required to support an associated STA doing so. The
AP itself cannot use SMPS locally and the HT Capability advertisement
for this is not appropriate.

Remove the parts of SMPS support that involve the AP using it locally.
In practice, this reverts the following commits:
04ee647d58 ("HT: Let the driver advertise its supported SMPS modes for AP mode")
8f461b50cf ("HT: Pass the smps_mode in AP parameters")
da1080d721 ("nl80211: Advertise and configure SMPS modes")

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-16 13:58:54 +02:00
Jouni Malinen
91ea29a79e tests: Remove ap_ht_smps
AP using SMPS mode locally is about to be removed from hostapd, so
remove the test case that was using it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-16 13:48:39 +02:00
Mikhail Karpenko
8de0ff0fa1 HE: Add TWT responder extended capabilities field
Set the proper bits inside the extended capabilities field to indicate
support for TWT responder.

Tested-by: John Crispin <john@phrozen.org>
Signed-off-by: Mikhail Karpenko <karpenko@fastmail.com>
2020-02-16 12:41:24 +02:00
John Crispin
ab8c55358e HE: Dynamically turn on TWT responder support
This allows us to dynamically turn on TWT responder support using an
nl80211 attribute.

Signed-off-by: John Crispin <john@phrozen.org>
2020-02-16 12:37:47 +02:00
John Crispin
0cb39f4fd5 HE: Extend BSS color support
The HE Operation field for BSS color consists of a disabled, a partial,
and 6 color bits. The original commit adding support for BSS color
considered this to be a u8. This commit changes this to the actual
bits/values.

This adds an explicit config parameter for the partial bit. The disabled
is set to 0 implicitly if a bss_color is defined.

Interoperability testing showed that stations will require a BSS color
to be set even if the feature is disabled. Hence the default color is 1
when none is defined inside the config file.

Signed-off-by: John Crispin <john@phrozen.org>
2020-02-16 12:32:17 +02:00
Jouni Malinen
458162a271 Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2020-02-07.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-16 12:06:04 +02:00
Jouni Malinen
981b96caa9 WPS: Mark added PSK entry with wps=1 tag for per-Enrollee PSK case
Commit 2bab073dfe ("WPS: Add new PSK entries with wps=1 tag") added
this when writing the new entry into a file, but the in-memory update
did not get the tag. Add it there as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-16 11:54:36 +02:00
Jouni Malinen
dd3d5da3c7 tests: WPS PIN provisioning with per-station PSK preset
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-16 11:54:30 +02:00
Thomas Pedersen
1c67a07603 tests: Add basic power saving tests for ap_open
ap_open_sta_ps checks whether a STA told its hardware to enter power
save after enabling power save.

ap_open_ps_mc_buf checks whether an AP properly buffers and releases
multicast frames when a STA with PS active is associated.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-02-15 18:36:29 +02:00
Thomas Pedersen
1d9d6c2432 tests: Factor out multicast connectivity check
A test may want to check multicast connectivity independent of unicast
or check multicast without exercising unicast first. Factor out the
multicast connectivity check code into its own function.

Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
2020-02-15 18:36:29 +02:00
Jouni Malinen
b056275111 Fix exception checking in a wpa_supplicant P2P example script
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 18:36:29 +02:00
Jouni Malinen
91cce45226 tests: Fix exception generation in persistent_group_per_sta_psk
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 18:36:29 +02:00
Jouni Malinen
7e7e32f7e6 tests: Fix a typo in raising an exception
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 18:36:29 +02:00
Jouni Malinen
afd10e880b tests: Require wps=1 tag in ap_wps_per_station_psk
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 18:36:27 +02:00
Jouni Malinen
2bab073dfe WPS: Add new PSK entries with wps=1 tag
Now that hostapd wpa_psk_file has a new tag for identifying PSKs that
can be used with WPS, add that tag to new entries for PSKs from WPS.
This makes it clearer where the PSK came from and in addition, this
allows the same PSK to be assigned if the same Enrollee goes through WPS
provisioning again.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 17:37:27 +02:00
Jouni Malinen
68e9b8cb16 tests: Prepare ap_wps_per_station_psk for the new wps=1 tag in PSK file
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 17:37:27 +02:00
Tomasz Jankowski
fde8e79463 WPS: Make it possible to use PSKs loaded from the PSK file
By default, when configuration file set wpa_psk_file, hostapd generated
a random PSK for each Enrollee provisioned using WPS and appended that
PSK to wpa_psk_file.

Changes that behavior by adding a new step. WPS will first try to use a
PSK from wpa_psk_file. It will only try PSKs with wps=1 tag.
Additionally it'll try to match enrollee's MAC address (if provided). If
it fails to find an appropriate PSK, it falls back to generating a new
PSK.

Signed-off-by: Tomasz Jankowski <tomasz.jankowski@plume.com>
2020-02-15 17:28:00 +02:00
Jouni Malinen
b1977a652d WPS: Use PMK_LEN instead of hardcoded 32
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 17:27:52 +02:00
Jouni Malinen
b27ed050db Do not split strings into multiple lines
Convert hostapd_config_read_wpa_psk() to the newer style of not
splitting strings into multiple lines.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 17:12:45 +02:00
Jouni Malinen
838180877f Use PMK_LEN macro instead of hardcoded value 64 (= 2 * 32)
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 17:11:18 +02:00
Jouni Malinen
f5da5810c9 Check pbkdf2_sha1() result when generating PSK from PSK file
This function can fail in theory, so check the return value.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-02-15 17:10:08 +02:00
Sergey Matyukevich
e7d8842e6b OWE: Rename owe_assoc_req_process() parameter reason to status
In the function owe_assoc_req_process(), values assigned to the reason
argument imply that it should be renamed to status. Rename 'reason' to
'status' and modify the uses of owe_assoc_req_process() accordingly.

Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
2020-02-15 16:46:32 +02:00
Clemens Famulla-Conrad
0aeda4da1b doc: Describe Set properties of fi.w1.wpa_supplicant1.Network
The current description of Properties of fi.wq.wpa_supplicant1.Network
only apply when retrieving these.
If you need to use the method=Set, then the types should be in the same
format as with function AddNetwork().

Signed-off-by: Clemens Famulla-Conrad <cfamullaconrad@suse.de>
2020-02-15 16:36:51 +02:00
Sunil Dutt
877d9a02b0 Additional get_sta_info attrs for Beacon/Probe Response/disconnect reasons
This commit adds new attributes for getting the Probe Response frame
IEs, Beacon frame IEs and the disconnection reason codes through
get_sta_info vendor command.

The host driver shall give this driver specific reason code through
the disconnection reason code attribute
QCA_WLAN_VENDOR_ATTR_GET_STA_DRIVER_DISCONNECT_REASON.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-13 18:47:50 +02:00
Sachin Ahuja
8162d98f2e Introduce QCA_NL80211_VENDOR_SUBCMD_DRIVER_DISCONNECT_REASON
This acts as an event from the host driver to the user space to notify
the driver specific reason for a disconnection. The host driver
initiates the disconnection for various scenarios (beacon miss, Tx
Failures, gateway unreachability, etc.) and the reason codes from
cfg80211_disconnected() do not carry these driver specific reason codes.
Host drivers should trigger this event immediately prior to triggering
cfg80211_disconnected() to allow the user space to correlate the driver
specific reason code with the disconnect indication.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-13 18:47:48 +02:00
Sunil Dutt
32551066b8 Introduce QCA_NL80211_VENDOR_SUBCMD_UPDATE_STA_INFO
This acts as a vendor event and is used to update the information
of a station from the driver to userspace.

Add an attribute for the driver to update the channels scanned in
the last connect/roam attempt.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-13 18:46:39 +02:00
Vamsi Krishna
dae85e655c P2P: Increase number of channels per operating class
Some of the operating classes added in the 6 GHz band have a larger
number of channels included in them (e.g., operating class 131 has 59
channels). Increase the maximum number of channels per operating class
so that all channels will get populated.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-12 23:17:24 +02:00
Vamsi Krishna
75d0ec4702 P2P: Fix a possible buffer overflow in struct p2p_reg_class
Avoid adding more than P2P_MAX_REG_CLASSES operating classes or
P2P_MAX_REG_CLASS_CHANNELS channels while populating P2P channels. The
current limits on the operating classes or channels per operating class
could be hit in some case (mainly, with 6 GHz, but in theory, with a
2.4/5/60 GHz capable device as well).

If the local driver advertised a larger number of supported operarting
classes or channels per operating class, the construction of the struct
p2p_reg_class instances could have resulted in writing beyond the end of
the buffer and ending up corrupting memory around the struct p2p_config.
This could result in unexpected behavior in some other operations that
used corrupted memory, e.g., generation of a P2P Channel List failing
(with validation code stopping the process to avoid writing beyond the
end of the message buffer) due to not having sufficient buffer space for
the corrupted data.

This issue is triggered only based on information from the local driver
(mainly based on addition of support for 6 GHz band operating classes),
so the issue cannot be triggered based on received frames or any other
remote information.

The issue was introduced by commit d7c2c5c98c ("AP: Add initial
support for 6 GHz band") which added the operating class 131 which has
sufficiently large number of channels to go beyond the
P2P_MAX_REG_CLASS_CHANNELS limit.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-12 23:17:24 +02:00
Sunil Dutt
5551317834 Introduce QCA_WLAN_VENDOR_ATTR_BEACON_REPORT_FAIL
This attribute aims to configure the STA to send the Beacon Report
Response with failure reason for the scenarios where the Beacon Report
Request cannot be handled.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-12 21:19:37 +02:00
Jouni Malinen
dd900637b2 tests: Make gas_anqp_extra_elements more robust
Explicitly flush cfg80211 scan cache for this test case since the BSS
entry check might fail if there are multiple results for the same BSSID.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-11 07:54:47 +02:00
Jouni Malinen
c304bddcf9 DPP: Stop Action frame sequence on DPP_STOP_LISTEN and PKEX failure
Previously it was possible for the PKEX/DPP exchange to terminate with
an error and the ongoing Action frame TX/RX offchannel operation not
getting terminated. This could leave the driver waiting on offchannel
until timeout and failing following operations before that timeout
happens. Fix this by explicitly stopping the Action frame sequence in
the driver in the previously missed cases.

This fixes a case that was showing up with the following test sequence
every now and then:
dpp_qr_code_chan_list_unicast dpp_pkex_test_fail dpp_enrollee_reject_config

dpp_pkex_test_fail was adding a large number of pending offchannel
operations and dpp_enrollee_reject_config could fail if those pending
operations were blocking new remain-on-channel or offchannel TX
operation for a sufficiently long time.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-11 07:09:47 +02:00
Jouni Malinen
d299756e3e tests: DPP QR Code and enrollee initiating with netrole specified
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-11 06:43:02 +02:00
Jouni Malinen
de08fae66a DPP: Do not require dpp_configurator_params to start with a space
This ugly hack for being able to search for optional arguments with
space before them was quite inconvenient and unexpected. Clean this up
by handling this mess internally with a memory allocation and string
duplication if needed so that the users of wpa_supplicant control
interface do not need to care about such details.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-11 06:43:02 +02:00
Jouni Malinen
c7cc80fbc8 DPP: Reset DPP_AUTH_INIT netrole back to STA by default
Previously DPP_AUTH_INIT command update wpa_s->dpp_netrole only if the
netrole parameter was included. This could leave AP or configurator
network in place for the next DPP_AUTH_INIT command. This would be
unexpected behavior, so reset wpa_s->dpp_netrole back to the
DPP_NETROLE_STA default if no explicit netrole parameter is included.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-11 06:33:24 +02:00
Jouni Malinen
ef39ac497e tests: wifi_generation on 2.4 GHz with subset of VHT
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-11 05:19:16 +02:00
Veerendranath Jakkam
adf3de44ca Add check to consider band in enabling connection_vht flag
connection_vht flag was set to true when both Association Request and
Response frame IEs have VHT capability. Thus all devices that have
support for the vendor specific partial VHT support in the 2.4 GHz band
were also being reported as VHT capable. However, IEEE Std 802.11ac-2013
defines VHT STA to operate in frequency bands below 6 GHz excluding the
2.4 GHz band.

Do not set connection_vht when the operating band is 2.4 GHz. This
avoids reporting wifi_generation 5 on the 2.4 GHz band and reserves the
generation value 5 for full VHT as defined in the IEEE 802.11 standard.

Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
2020-02-11 05:19:16 +02:00
Vamsi Krishna
490d90db40 Define macro BIT() in qca_vendor.h
As qca_vendor.h alone can be included by other applications, define
macro BIT() in qca_vendor.h itself if not yet defined, e.g., by
including utils/common.h before qca_vendor.h.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-11 04:59:38 +02:00
Jouni Malinen
9a0edf1700 wlantest: Add PTK derivation support with SAE, OWE, DPP
wlantest build did not define build options to determine key management
values for SAE, OWE, and DPP. Add those and the needed SHA512 functions
to be able to decrypt sniffer captures with PMK available from an
external source.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-10 21:58:10 +02:00
Markus Theil
96a2a9a88b Send RM Enabled Capabilities element in (Re)Association Response frame
(Re)Association Response frames should include radio measurement
capabilities in order to let stations know if they can, e.g., use
neighbor requests.

I tested this commit with a Samsung S8, which does not send neighbor
requests without this commit and sends them afterwards.

Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
2020-02-10 06:51:42 +02:00
Matthew Wang
23dc196fde Check for FT support when selecting FT suites
A driver supports FT if it either supports SME or the
NL80211_CMD_UPDATE_FT_IES command. When selecting AKM suites,
wpa_supplicant currently doesn't take into account whether or not either
of those conditions are met. This can cause association failures, e.g.,
when an AP supports both WPA-EAP and FT-EAP but the driver doesn't
support FT (wpa_supplicant will decide to do FT-EAP since it is unaware
the driver doesn't support it). This change allows an FT suite to be
selected only when the driver also supports FT.

Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Reviewed-by: Brian Norris <briannorris@chromium.org>
2020-02-10 06:43:38 +02:00
Dmitry Shmidt
85f3ab758e Replace deprecated readdir_r() with readdir()
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2020-02-10 06:40:50 +02:00
Jouni Malinen
c90822a5c3 tests: SAE Password Identifier with unexpected PWE derivation
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-10 05:13:13 +02:00
Jouni Malinen
641d79f165 SAE: Special test mode sae_pwe=3 for looping with password identifier
The new sae_pwe=3 mode can be used to test non-compliant behavior with
SAE Password Identifiers. This can be used to force use of
hunting-and-pecking loop for PWE derivation when Password Identifier is
used. This is not allowed by the standard and as such, this
functionality is aimed at compliance testing.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-10 05:13:13 +02:00
Jouni Malinen
d57349d4b8 tests: sigma_dut fetching the current PMK
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-10 03:01:07 +02:00
Jouni Malinen
6478f4375b tests: GET_PMK and PMKSA_GET match
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-10 02:56:40 +02:00
Jouni Malinen
31d7fe9171 Add GET_PMK for fetching the current PMK for a STA from hostapd
This test functionality (CONFIG_TESTING_OPTIONS=y) can be used to fetch
the current PMK for a STA.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-10 02:52:48 +02:00
Jouni Malinen
ca1cecc54d SAE: Verify that appropriate Status Code is used in SAE commit (SME)
Previous version accepted both 0 and 126 values in SAE commit message
from the AP. Explicitly check that the value the AP uses matches what
the STA started with to avoid unexpected cases.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
c248ebaf4f DPP: Fix encryptedContent DER encoding
This was not supposed to set the constructed bit in the header. Fix this
to avoid parsing issues with other ASN.1 DER parsers.

Fixes: c025c2eb59 ("DPP: DPPEnvelopedData generation for Configurator backup")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
3ecaddd62b tests: SAE anti clogging (forced, H2E + loop)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00
Jouni Malinen
daf8491dea tests: WPA2-PSK-FT-SAE AP (AP H2E, STA loop)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-02-08 07:19:53 +02:00