Commit Graph

4516 Commits

Author SHA1 Message Date
Jouni Malinen
f5ed40010c EAP-SAKE: Make attribute parser more readable
Clean up eap_sake_parse_add_attr() design by passing in pointer to the
payload of the attribute instead of parsing these separately for each
attribute within the function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-05-03 16:32:50 +03:00
Jouni Malinen
0dfb7be470 EAP-SAKE: Pass EAP identifier instead of full request
This simplifies analysis of areas that get access to unverified message
payload.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-05-03 16:32:46 +03:00
Jouni Malinen
354e3f7959 TLS: Fix debug dump of X.509 certificate
The length of the extra data following the encoded certificate was
printed out in debug hexdump.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-05-03 16:32:40 +03:00
Jouni Malinen
87fcb5a735 EAP-PAX: Fix PAX_STD-1 and PAX_STD-3 payload length validation
The req_plen argument to eap_pax_process_std_1() and
eap_pax_process_std_3() could be smaller than sizeof(struct eap_pax_hdr)
since the main processing function was only verifying that there is
enough room for the ICV and then removed ICV length from the remaining
payload length.

In theory, this could have resulted in the size_t left parameter being
set to a negative value that would be interpreted as a huge positive
integer. That could then result in a small buffer read overflow and
process termination if MSGDUMP debug verbosity was in use.

In practice, it does not seem to be feasible to construct a short
message that would be able to pass the ICV validation (calculated using
HMAC-SHA1-128) even for the case where an empty password is used.
Anyway, the implementation should really check the length explicitly
instead of depending on implicit check through ICV validation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-05-03 16:32:36 +03:00
Jouni Malinen
c3c5615ee0 EAP-GPSK: Pass EAP identifier instead of full request
This simplifies analysis of areas that get access to unverified message
payload.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-05-03 16:32:28 +03:00
Jouni Malinen
d36c803c69 EAP-TLS/PEAP/TTLS/FAST: Move more towards using struct wpabuf
The EAP-TLS-based helper functions can easily use struct wpabuf in more
places, so continue cleanup in that direction by replacing separate
pointer and length arguments with a single struct wpabuf argument.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-05-03 16:32:23 +03:00
Jouni Malinen
8d9f3b8ed6 EAP-FAST: Do not use type cast to remove const specification
All the uses here are read only, so there is no need to type case the
const specification away.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-05-03 16:32:19 +03:00
Jouni Malinen
07f9034d14 EAP-FAST: Pass EAP identifier instead of full request
This simplifies analysis of areas that get access to unverified message
payload.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-05-03 16:32:10 +03:00
Jouni Malinen
f153e41bb2 EAP-EKE: Do not pass full request to eap_eke_build_fail()
This function is only using the Identifier field from the EAP request
header, so there is no need to pass it a pointer to the full message.
This makes it a bit easier to analyze the area that gets access to
unverified message payload.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-05-03 16:32:05 +03:00
Jouni Malinen
53f376c103 Fix a typo in function documentation
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-05-03 16:31:59 +03:00
Jouni Malinen
dea0d8ee29 RADIUS: Fix a copy-paste error in variable name
MS-MPPE-Recv-Key generation in radius_msg_add_mppe_keys() used incorrect
function argument (send_key_len; should be recv_key_len) when allocating
a temporary buffer. Fix this by using the correct argument.

The only caller of the function uses the same length for both
send_key_len and recv_key_len, so this copy-paste error did not result
in any difference in the behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-29 12:08:27 +03:00
Hamad Kadmany
01a025937c WPS: Add support for 60 GHz band
Handling of WPS RF band for 60 GHz was missing. Add it in all relevant
places and also map "AES" as the cipher to GCMP instead of CCMP when
operating on the 60 GHz band.

Signed-off-by: Hamad Kadmany <qca_hkadmany@qca.qualcomm.com>
2015-04-28 00:22:16 +03:00
Jouni Malinen
346517674a nl80211: Verify that cipher suite conversion succeeds
It was possible for the WPA_ALG_PMK algorithm in set_key() to result in
trying to configure a key with cipher suite 0. While this results in a
failure from cfg80211 or driver, this is not really desirable operation,
so add a check for cipher suite conversion result before issuing the
nl80211 command.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-27 16:49:06 +03:00
Jouni Malinen
4a7ce98469 Make IPv6 NA multicast-to-unicast conversion configurable
This can be used with Proxy ARP to allow multicast NAs to be forwarded
to associated STAs using link layer unicast delivery. This used to be
hardcoded to be enabled, but it is now disabled by default and can be
enabled with na_mcast_to_ucast=1. This functionality may not be desired
in all networks and most cases work without it, so the new
default-to-disabled is more appropriate.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-27 12:30:09 +03:00
Michael Braun
a0ad9e8c9e Remove WPA per-VLAN groups when no more stations remain
Previously, struct wpa_group was created when the first station enters
the group and the struct wpa_group was not freed when all station left
the group. This causes a problem because wpa_group will enter
FATAL_FAILURE when a wpa_group is running while the AP_VLAN interface
has already been removed.

Fix this by adding a reference counter to struct wpa_group and free a
group if it is unused.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2015-04-26 16:56:22 +03:00
Jouni Malinen
87b5b53959 Make VLAN ID available in STA info over control interface
If hostapd has bound a STA into a specific VLAN, the new vlan_id
parameter in the control interface STA command can now be used to check
which VLAN ID is in use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-26 15:58:10 +03:00
Jouni Malinen
209214b479 vlan: Move CONFIG_FULL_DYNAMIC_VLAN includes to proper places
All the system header files are supposed to be included before any other
internal header file apart from utils/includes.h.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-26 13:36:55 +03:00
Jouni Malinen
a6da824b19 Do not use C++ reserved words as variable names
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-26 13:36:55 +03:00
Mikael Kanstrup
8b423edbd3 Declare all read only data structures as const
By analysing objdump output some read only structures were found in
.data section. To help compiler further optimize code declare these
as const.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
2015-04-25 17:33:06 +03:00
Mike Gerow
fd4fb28179 OpenSSL: Try to ensure we don't throw away the PIN unnecessarily
Now on an engine error we decode the error value and determine if the
issue is due to a true PIN error or not. If it is due to incorrrect PIN,
delete the PIN as usual, but if it isn't let the PIN be.

Signed-off-by: Mike Gerow <gerow@google.com>
2015-04-25 16:05:50 +03:00
Masashi Honma
fabc6dd8c4 mesh: Retransmit the last Commit Message in the Committed state
Previously, mesh state machine transmits updated Commit Message when
receiving a Confirm Message in Committed state. According to the
standard, it should (re)send the latest Commit Message previously sent.

IEEE Std 802.11-2012, 11.3.8.6.4 Protocol instance behavior - Committed
state:
"Upon receipt of a Con event, ... If Sync is not greater than
dot11RSNASAESync, the protocol instance shall increment Sync, transmit
the last Commit Message sent to the peer, and set the t0
(retransmission) timer."

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-04-25 15:36:41 +03:00
Michael Braun
068669fc92 vlan: Verify RADIUS returned VLAN-ID and dynamic_vlan=required
This extends dynamic_vlan=required checks to apply for WPA-PSK with
macaddr_acl=2 (RADIUS) case.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2015-04-25 10:28:19 +03:00
Jouni Malinen
8ea8a89cb4 nl80211: Extend unique MAC address assignment for station iftype
Previously, only P2P and mesh use cases enforced unique MAC address for
a dynamically added virtual interface. Extend this to cover normal
station mode interfaces since those can now be added with INTERFACE_ADD.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-24 01:22:14 +03:00
Jouni Malinen
ca68a8b561 WPS: Explicitly reject Public Key attribute with unexpected length
There is no need to try to derive DH shared key with a peer that tries
to use too short or too long DH Public Key. Previously, such cases ended
up implicitly getting rejected by the DH operations failing to produce
matching results. That is unnecessarily, so simply reject the message
completely if it does not have a Public Key with valid length. Accept
couple of octets shorter value to be used to avoid interoperability
issues if there are implementations that do not use zero-padding
properly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 22:05:12 +03:00
Jouni Malinen
6b94f71dcd WPS: Truncate variable length string attributes to maximum length
This enforces variable length strings Manufacturer, Model Name, Model
Number, and Serial Number to be within the maximum length defined in the
WSC specification. While none of the existing users for these within
hostapd/wpa_supplicant had problems with longer strings, it is good to
ensure the strings are not longer to avoid potential issues at higher
layer components.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 22:05:12 +03:00
Jouni Malinen
f4b64c603e Simplify VHT Operation element parsing
Check the element length in the parser and remove the length field from
struct ieee802_11_elems since the element is of fixed length.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 22:05:12 +03:00
Jouni Malinen
d6fefd64d2 Simplify HT Operation element parsing
Check the element length in the parser and remove the length field from
struct ieee802_11_elems since the element is of fixed length.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 22:05:11 +03:00
Jouni Malinen
40baac0e43 Simplify VHT Capabilities element parsing
Check the element length in the parser and remove the length field from
struct ieee802_11_elems since the element is of fixed length.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 22:05:11 +03:00
Jouni Malinen
baae4cb9b4 Simplify HT Capabilities element parsing
Check the element length in the parser and remove the length field from
struct ieee802_11_elems since the element is of fixed length.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 22:05:11 +03:00
Jouni Malinen
b39a05913a Simplify Timeout Interval element parsing
Remove the length field from struct ieee802_11_elems since the only
allowed element length is five and that is checked by the parser.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 22:05:11 +03:00
Jouni Malinen
e8997b9407 Simplify ERP element parsing
Check the element length in the parser and remove the length field from
struct ieee802_11_elems since the only allowed element length is one.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 22:05:11 +03:00
Jouni Malinen
f87c99c787 Simplify DSSS Parameter Set element parsing
Check the element length in the parser and remove the length field from
struct ieee802_11_elems since the only allowed element length is one.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 22:05:11 +03:00
Jouni Malinen
ae7a42bde2 FT: Check FT, MD, and Timeout Interval length in the parser
All the existing users of these elements were already validating the
element length. However, it is clearer to validate this already at the
parser for extra layer of protection for any future changes.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 22:05:11 +03:00
Jouni Malinen
253103681c FT: Fix WMM TSPEC validation in driver-based AP MLME case
Commit 88b32a99d3 ('FT: Add FT AP support
for drivers that manage MLME internally') added an alternative way of
processing the WMM TSPEC from RIC. However, that change did not seem to
include the same checks for WMM TSPEC element length that were used in
the original implementation for MLME-in-hostapd case. Fix this by
sharing the older implementation of copying the WMM TSPEC from RIC for
both cases.

It looks like the destination buffer for the response is sufficiently
long for the fixed length copy, but it may have been possible to trigger
a read beyond the end of the FTIE by about 50 bytes. Though, that seems
to be within the buffer received for RX buffer in the case that uses
this driver-based AP MLME design for FT.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 11:44:19 +03:00
Jouni Malinen
26b3f64428 tests: Add ap-mgmt-fuzzer
This program can be used to run fuzzing tests for areas related to AP
management frame parsing and processing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 11:44:19 +03:00
Jouni Malinen
46c3befe24 tests: Add eapol-fuzzer
This program can be used to run fuzzing tests for areas related to EAPOL
frame parsing and processing on the supplicant side.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 11:44:19 +03:00
Jouni Malinen
a65d7495b5 tests: Add p2p-fuzzer
This program can be used to run fuzzing tests for areas related to P2P
message parsing and processing. p2p-fuzzer allows data files to be used
to inject Probe Response and Action frames for processing by the P2P
module.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 11:44:19 +03:00
Jouni Malinen
632931c3ce P2P: Use WPS_SEC_DEV_TYPE_MAX_LEN in P2P array definition
This makes it more obvious that the wps_parse_msg() bounds checking is
used to verify that there is sufficient space in the P2P buffer for the
secondary device types.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 11:44:19 +03:00
Jouni Malinen
6ca8a74cd0 tests: Add a module test for wpa_ssid_txt() with too long SSID
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com
2015-04-22 11:44:19 +03:00
Jouni Malinen
0f5acfba06 Use common is_ctrl_char() helper function
This modifies couple of code segments that replaced control characters
in strings with '_' to use a common helper function.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 11:44:19 +03:00
Jouni Malinen
5a041acc0a WPS: Ignore too long SSID attribute
While it looks like all the users of this parsed attribute were able to
handle longer SSID values, there is no valid use case for these and to
avoid any potential future issues, enforce maximum length (32 bytes) on
the SSID during parsing.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 11:44:19 +03:00
Jouni Malinen
d6c3067d32 Replace SSID_LEN with SSID_MAX_LEN
This makes source code more consistent.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 11:44:19 +03:00
Jouni Malinen
81847c22ba Replace HOSTAPD_MAX_SSID_LEN with SSID_MAX_LEN
This makes source code more consistent.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 11:44:18 +03:00
Jouni Malinen
6fb761c690 Replace WPA_MAX_SSID_LEN with SSID_MAX_LEN
This makes the source code more consistent.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 11:44:18 +03:00
Jouni Malinen
d9d1b9527a Use SSID_MAX_LEN define instead of value 32 when comparing SSID length
This makes the implementation easier to understand.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 11:44:18 +03:00
Jouni Malinen
65b10253d6 WPS: Ignore too long Device Name attribute
While it looks like all the users of this parsed attribute were able to
handle longer Device Name values, there is no valid use case for these
and to avoid any potential issues in upper layer components, enforce
maximum length (32 bytes) on the Device Name during parsing.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 11:44:18 +03:00
Jouni Malinen
cc6f24380c Add WPS_DEV_NAME_MAX_LEN define and use it when comparing length
This make code easier to understand.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 11:44:18 +03:00
Jouni Malinen
dd3d8578d0 P2PS: Check for maximum SSID length in Persistent Group Info
While none of the current users of msg.persistent_ssid{,_len} would have
issues with too long SSID value, it is safer to enforce bounds checking
on the SSID while parsing the attribute to avoid any potential issues in
the future.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 11:44:18 +03:00
Jouni Malinen
05e46a944a Ignore too long SSID element value in parser
The SSID element is defined to have a valid length range of 0-32. While
this length was supposed to validated by the users of the element
parser, there are not really any valid cases where the maximum length of
32 octet SSID would be exceeded and as such, the parser itself can
enforce the limit as an additional protection.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 11:44:18 +03:00
Jouni Malinen
9ed4eee345 P2P: Validate SSID element length before copying it (CVE-2015-1863)
This fixes a possible memcpy overflow for P2P dev->oper_ssid in
p2p_add_device(). The length provided by the peer device (0..255 bytes)
was used without proper bounds checking and that could have resulted in
arbitrary data of up to 223 bytes being written beyond the end of the
dev->oper_ssid[] array (of which about 150 bytes would be beyond the
heap allocation) when processing a corrupted management frame for P2P
peer discovery purposes.

This could result in corrupted state in heap, unexpected program
behavior due to corrupted P2P peer device information, denial of service
due to process crash, exposure of memory contents during GO Negotiation,
and potentially arbitrary code execution.

Thanks to Google security team for reporting this issue and smart
hardware research group of Alibaba security team for discovering it.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 11:44:18 +03:00
Jouni Malinen
90758f09ec Mark QCA vendor command id 53 reserved, but not used anymore
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 11:21:18 +03:00
Jouni Malinen
f41ded6fa4 Remove unused leftover from multi-SSID design
The multi-SSID design that used a single beaconing BSSID with multiple
SSIDs was never completed in this repository, so there is no need to
maintain the per-STA ssid/ssid_probe pointers that could only point to
&hapd->conf->ssid. Save some memory and reduce code complexity by
removing this unused partial capability.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 11:17:32 +03:00
Jouni Malinen
cb71a8342d OpenSSL: Clean up TLS PRF implementation
Commit fa0e715100 ('Use
tls_connection_prf() for all EAP TLS-based key derivation') copied some
pointer checks from the generic implementation to tls_openssl.c.
However, these are arrays and cannot be NULL in OpenSSL data. Remove the
unnecessary checks and add master_key_length check for completeness.
(CID 109619).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-22 11:17:26 +03:00
Jouni Malinen
7f90a234b6 Add QCA vendor subcmd for OCB
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-22 01:05:52 +03:00
Jouni Malinen
1acf38f1a5 Add ifname to vlan_remove_dynamic() debug print
This makes it easier to interpret debug logs for cases where hostapd
control multiple interfaces.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-13 17:08:10 +03:00
Jouni Malinen
2e192bd08f Print debug entry on STA pruning from other interfaces
This makes it easier to interpret debug logs in case hostapd controls
multiple interfaces and a STA roams between them.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-13 17:08:10 +03:00
Michael Braun
c8e6beabb6 Remove VLAN interface on STA free
Currently, vlan_remove_dynamic() is only called when the station VLAN ID
is changed (ap_sta_bind_vlan), but not when the station is freed. So
dynamic VLAN interfaces are not removed actually except within 1x
reauthentification VLAN ID change, although most of the code is already
there.

This patch fixes this by calling vlan_remove_dynamic() in ap_free_sta().

It cannot just use sta->vlan_id for this, as this might have been
changed without calling ap_sta_bind_vlan() (ap/ieee802_11.c:handle_auth
fetches from RADIUS cache for WPA-PSK), thus reference counting might
not have been updated. Additionally, reference counting might get wrong
due to old_vlanid = 0 being passed unconditionally, thus increasing the
reference counter multiple times.

So tracking the currently assigned (i.e., dynamic_vlan counter
increased) VLAN is done in a new variable sta->vlan_id_bound. Therefore,
the old_vlan_id argument of ap_sta_bind_vlan() is no longer needed and
setting the VLAN for the sta in driver happens unconditionally.

Additionally, vlan->dynamic_vlan is only incremented when it actually
is a dynamic VLAN.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2015-04-13 17:08:10 +03:00
Michael Braun
de31fb052c vlan: Ignore multiple NEWLINK messages
hostapd receives NEWLINK messages multiple times and thus does
configuration of the the vlan interface multiple times.

This is not required and leads to the following during cleanup in
test pmksa_cache_preauth_vlan_used:
 1. run-test.py does: brctl delif brvlan1 wlan3.1
 2. hostapd processes NEWLINK and does: brctl addif brvlan1 wlan3.1
 3. run-test.py does: brctl delbr brvlan1
    -> fails as wlan3.1 is still in the bridge

This patch fixes this by ignoring repeated NEWLINK messages.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2015-04-13 15:34:33 +03:00
Michael Braun
371205dd0c vlan: Ignore DELLINK on interfaces that exists
When hitting
> Failed to create interface wlan3.1: -23 (Too many open files in system)
> Try to remove and re-create wlan3.1
hostapd deletes the AP_VLAN interface and then recreates it. Thus the
kernel assigns the same ifidx to the new interfaces and sends DELLINK
and NEWLINK mesages.

As the DELLINK messages are processed after the struct hostapd_vlan is
added, hostapd deletes the struct hostapd_vlan entry, deconfigures the
AP_VLAN interface and leaves vlan_newlink nothing to find afterwards.

So this patch makes DELLINK messages to be ignored when the interface
exists.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2015-04-13 15:31:56 +03:00
Michael Braun
a5e81ba9eb Fix STA VLAN bind for RSN pre-authentication case
Previously, during RSN preauthentication, ap_sta_bind_vlan() was called,
which fails for non-zero sta->vlan_id as the station is not known to the
kernel driver.

Fix this by binding the station only if it is associated. If it is not
associated, ap_sta_bind_vlan() will be done later during association.

In addition, reject Access-Accept if the returned VLAN ID is not valid
in the current hostapd configuration.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2015-04-13 15:26:40 +03:00
Michael Braun
3ffdeb7ac8 Fix RSN preauthentication with dynamic_vlan enabled but unused
sta->vlan_id == -1 means no VLAN, as does vlan_id = 0.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2015-04-13 15:26:40 +03:00
Nick Kralevich
d447cd596f Updates for stricter automatic memcpy bounds checking
Both Android's libc and glibc support _FORTIFY_SOURCE, a compiler
and libc feature which inserts automatic bounds checking into
common C functions such as memcpy() and strcpy(). If a buffer
overflow occurs when calling a hardened libc function, the
automatic bounds checking will safely shutdown the program and
prevent memory corruption.

Android is experimenting with _FORTIFY_SOURCE=3, a new fortify
level which enhances memcpy() to prevent overflowing an element
of a struct. Under the enhancements, code such as

  struct foo {
    char empty[0];
    char one[1];
    char a[10];
    char b[10];
  };

  int main() {
    foo myfoo;
    int n = atoi("11");
    memcpy(myfoo.a, "01234567890123456789", n);
    return 0;
  }

will cleanly crash when the memcpy() call is made.

Fixup hostap code to support the new level. Specifically:

* Fixup sha1_transform so it works with the enhanced bounds checking.
The old memcpy() code was attempting to write to context.h0, but that
structure element is too small and the write was extending (by design)
into h1, h2, h3, and h4. Use explicit assignments instead of
overflowing the struct element.

* Modify most of the structures in ieee802_11_defs.h to use ISO C99
flexible array members (https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html)
instead of a zero length array. Zero length arrays have zero length,
and any attempt to call memcpy() on such elements will always overflow.
Flexible array members have no such limitation. The only element not
adjusted is probe_req, since doing so will generate a compile time error,
and it's not obvious to me how to fix it.

Signed-off-by: Nick Kralevich <nnk@google.com>
2015-04-13 14:01:40 +03:00
Jouni Malinen
60eb9e173e AP: Enable multicast snooping on bridge if ProxyARP IPv6 is in use
This is needed to allow correct ProxyARP behavior for IPv6.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-13 14:00:32 +03:00
Mark Salyzyn
0144ecb8c8 Android: wpa_ctrl missing include for sys/stat.h
wpa_ctrl.c gets sys/stat.h inherited from
private/android_filesystem_config.h it should
not rely on this in the future. The intent is
to move fs_config function into libcutils and
thus deprecate any need for sys/stat.h in this
include file.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2015-04-03 10:47:36 +03:00
Jouni Malinen
80fd9c3576 EAP-PEAP server: Add support for negotiating vendor for Phase 2
This is a step towards enabling support of expanded EAP header in Phase
2.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-01 12:57:11 +03:00
Jouni Malinen
a867082cb8 EAP peer: Use 32-bit EAP method type for Phase 2 processing
This is a step towards enabling expanded EAP header within Phase 2 EAP
methods.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-01 12:57:11 +03:00
Jouni Malinen
c4b45c60ad TLS: Fix memory leaks on tls_connection_set_params() error paths
The internal TLS implementation started rejecting number of unsupported
configuration parameters recently, but those new error paths did not
free the allocated tlsv1_credentials buffer.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-01 12:57:11 +03:00
Jouni Malinen
af851914f8 Make tls_connection_get_keyblock_size() internal to tls_*.c
This function exposes internal state of the TLS negotiated parameters
for the sole purpose of being able to implement PRF for EAP-FAST. Since
tls_connection_prf() is now taking care of all TLS-based key derivation
cases, it is cleaner to keep this detail internal to each tls_*.c
wrapper implementation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-04-01 12:56:54 +03:00
Jouni Malinen
94f1fe6f63 Remove master key extraction from tls_connection_get_keys()
This is not needed anymore with the tls_connection_prf() being used to
handle all key derivation needs. tls_connection_get_keys() is a bit
misnamed for now, but it is only used to fetch the client and server
random for Session-Id derivation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-31 15:52:40 +03:00
Jouni Malinen
fa0e715100 Use tls_connection_prf() for all EAP TLS-based key derivation
tls_openssl.c is the only remaining TLS/crypto wrapper that needs the
internal PRF implementation for EAP-FAST (since
SSL_export_keying_material() is not available in older versions and does
not support server-random-before-client case). As such, it is cleaner to
assume that TLS libraries support tls_connection_prf() and move the
additional support code for the otherwise unsupported cases into
tls_openssl.c.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-31 15:47:32 +03:00
Jouni Malinen
df8191d0b8 Rename HT 20/40 coex variable to be more descriptive
is_ht_allowed is a confusing name since this variable is used to track
whether 40 MHz channel bandwidth is allowed instead of whether HT is
allowed in general.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-30 12:59:43 +03:00
Jouni Malinen
1d0f42a073 EAP server: Add debug prints to help asleap testing
This adds hexdumps of MSCHAP/MSCHAPv2 Challenge and Response in format
used by asleap. This is only enabled for CONFIG_TESTING_OPTIONS=y
builds.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 22:49:16 +03:00
Jouni Malinen
2c1cf90376 Add wpa_snprintf_hex_sep()
This can be used to print a hexdump with the specified separator between
octets.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 22:27:43 +03:00
Jouni Malinen
5955cfaacd ms_funcs: Make challenge_hash() non-static
This function can be of use outside ms_funcs.c.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 22:27:00 +03:00
Eliad Peller
154a1d5f7f hostapd: Fix some compilation errors
If NEED_AP_MLME=y is not defined, compilation might
fail under some configurations:

src/ap/drv_callbacks.c:594:2: warning: implicit declaration of
function ‘hostapd_acs_completed’ [-Wimplicit-function-declaration]

src/ap/sta_info.c:253: undefined reference to `sae_clear_retransmit_timer'

Fix these errors by adding the missing hostapd_acs_completed() stub,
and defining NEED_AP_MLME in case of CONFIG_SAE.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2015-03-29 20:51:14 +03:00
Jouni Malinen
65a7b21f5e OpenSSL: Implement AES-128 CBC using EVP API
This replaces the internal CBC mode implementation in
aes_128_cbc_encrypt() and aes_128_cbc_decrypt() with the OpenSSL
implementation for CONFIG_TLS=openssl builds.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 20:30:58 +03:00
Jouni Malinen
22ba05c09e Explicitly clear temporary stack buffers in tls_prf_sha1_md5()
The local buffers may contain information used to generate parts of the
derived key, so clear these explicitly to minimize amount of unnecessary
private key-related material in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 16:43:03 +03:00
Jouni Malinen
940a4dbf66 Explicitly clear temporary stack buffer in sha1_t_prf()
The local hash[] buffer may contain parts of the derived key, so clear
it explicitly to minimize number of unnecessary copies of key material
in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 16:40:55 +03:00
Jouni Malinen
eccca102bf Explicitly clear temporary stack buffer in hmac_sha256_kdf()
The local T[] buffer may contain parts of the derived key, so clear it
explicitly to minimize number of unnecessary copies of key material in
memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 16:38:37 +03:00
Jouni Malinen
e8e365def6 wext: Add support for renamed Host AP driver ifname
Previous workaround for WEXT events from the Host AP driver required
wlan# and wifi# interfaces to have fixed names with the same number.
While that used to be the common case ten years ago, it is less common
nowadays. Extend this to use sysfs (if available) to figure out the
wifi# interface name if the specified interface is detected to be using
the Host AP driver.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-29 11:42:02 +03:00
Ben Greear
fc48d33b0d Improve error messages related to EAP DB
Add SQLite error message and DB name to the DB related errors. Add
enough tracing so that users can know exactly where users are failing to
be found.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-03-28 13:16:26 +02:00
Ben Greear
23dd15a992 http-curl: Improve log messages
Helps to track down why some problems relating to certs can happen.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-03-28 11:23:16 +02:00
Jouni Malinen
a52410c29f Allow PSK/passphrase to be set only when needed
The new network profile parameter mem_only_psk=1 can be used to specify
that the PSK/passphrase for that network is requested over the control
interface (ctrl_iface or D-Bus) similarly to the EAP network parameter
requests. The PSK/passphrase can then be configured temporarily in a way
that prevents it from getting stored to the configuration file.

For example:

Event:
CTRL-REQ-PSK_PASSPHRASE-0:PSK or passphrase needed for SSID test-wpa2-psk

Response:
CTRL-RSP-PSK_PASSPHRASE-0:"qwertyuiop"

Note: The response value uses the same encoding as the psk network
profile parameter, i.e., passphrase is within double quotation marks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-28 11:05:13 +02:00
Jouni Malinen
3e808b831c EAP-pwd peer: Add support for hashed password
This extends EAP-pwd peer support to allow NtHash version of password
storage in addition to full plaintext password. In addition, this allows
the server to request hashed version even if the plaintext password is
available on the client. Furthermore, unsupported password preparation
requests are now rejected rather than allowing the authentication
attempt to continue.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-28 09:43:33 +02:00
Jouni Malinen
e4840b381c EAP-pwd server: Add support for hashed password
This extends EAP-pwd server support to allow NtHash version of password
storage in addition to full plaintext password.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-28 09:42:31 +02:00
Jouni Malinen
2bd2ed2006 EAP-pwd: Mark helper function arguments const when appropriate
These variables are not modified during PWE or key computation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-28 09:34:30 +02:00
Ben Greear
0f8385e6fa Show OSEN key management properly in scan results
Old code defaulted to WEP for an AP advertising OSEN. Show as OSEN
instead. Re-use most of the RSN parsing logic since all but the header
is the same.

Example output:

[root@ath9k-f lanforge]# ./local/bin/wpa_cli -i sta0 scan_results
bssid / frequency / signal level / flags / ssid
00:0e:8e:6f:40:49	2462	-23	[OSEN-OSEN-CCMP][ESS]	ben-138

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-03-25 16:04:03 +02:00
Ilan Peer
54d3dc9184 AP: Unset HT capabilities for an HT association request without WMM
HT requires QoS/WMM, so unset HT capabilities for a station
whose association request does not include a valid WMM IE.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-03-25 15:02:58 +02:00
Krishna Vamsi
c41d0840a1 nl80211: Allow driver-based roam to change ESS
This extends NL80211_CMD_ROAM event processing to allow the driver to
roam to another ESS (different SSID) when using offloaded BSS selection.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-24 21:13:28 +02:00
Ashok Kumar Ponnaiah
1de071007e atheros: Clear WPS appie during deinit
The WPS IE(s) need to be cleared from the driver explicitly.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-24 15:05:43 +02:00
Manikandan Mohan
857d94225a Extend offloaded ACS QCA vendor command to support VHT
Update ACS driver offload feature for VHT configuration. In addition,
this allows the chanlist parameter to be used to specify which channels
are included as options for the offloaded ACS case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-23 12:18:05 +02:00
Max Stepanov
c40a8918ec P2PS: Delete ASP advertisements on wpas_p2p_service_flush
Delete all ASP serice advertisement on wpas_p2p_service_flush similarly
to Bonjour and UPnP services.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
2015-03-20 15:56:59 +02:00
Eliad Peller
030a3e12da DFS: Fix range availability check
There's off-by-one in the range availability check - the case of
first_chan_idx + num_chans == num_channels should be allowed (e.g., 0 +
1 == 1, for the case of a single 20 MHz channel).

Signed-off-by: Maital Hahn <maitalm@ti.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
2015-03-20 15:56:59 +02:00
Eliad Peller
56ef99255c DFS: Consider non-contiguous channels
When looking for a new operating channel, consider the case of
non-contiguous channels when checking all the needed channels (e.g., the
driver might support channels 36, 38, 40, so look for channels 36+40
explicitly, instead of failing when encountering channel 38).

Signed-off-by: Eliad Peller <eliad@wizery.com>
2015-03-20 15:56:59 +02:00
Eliad Peller
e7a296ba13 Remove unused shared_freq driver op
This driver op is not used anymore

Signed-off-by: Eliad Peller <eliad@wizery.com>
2015-03-20 15:56:59 +02:00
Zefir Kurtisi
5f9c92f8f7 nl80211: Fix vendor command handling
In wiphy_info_handler(), vendor specific commands were
interpreted as QCA specific without checking for the OUI,
which caused incorrect setting of driver flags with
commands from other vendors. As a result, that could
prevent proper operation (e.g., inability to process CSA).

This patch ensures that QCA vendor specific commands are
checked against QCA OUI before related flags are set.

Signed-off-by: Zefir Kurtisi <zefir.kurtisi@neratec.com>
2015-03-20 15:56:59 +02:00
Jouni Malinen
2c50246078 Add a AP mode event message for possible PSK/passphrase mismatch
If the AP/Authenticator receives an EAPOL-Key msg 2/4 for an association
that negotiated use of PSK and the EAPOL-Key MIC does not match, it is
likely that the station is trying to use incorrect PSK/passphrase.
Report this with "AP-STA-POSSIBLE-PSK-MISMATCH <STA addr>" control
interface event.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-19 13:14:21 +02:00
Jouni Malinen
6784168d07 Remove SChannel support
SChannel/CryptoAPI as a TLS/crypto library alternative was never
completed. Critical functionality is missing and there are bugs in this
implementation. Since there are no known plans of completing this
support, it is better to remove this code.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-18 22:31:36 +02:00
Peter Oh
6128a90979 hostapd: Add channel 140 to allowed HT40 channel pairs
Channel 140 is needed as allowed HT40 channel pair to use
channel 144 introduced in 802.11ac for VHT40 and VHT80.

Signed-off-by: Peter Oh <poh@qca.qualcomm.com>
2015-03-16 12:03:36 +02:00
Jouni Malinen
74fa78b281 Add AVG_BEACON_RSSI to SIGNAL_POLL output
If the driver reports separate signal strength average for Beacon
frames, report that in SIGNAL_POLL output.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-15 20:45:20 +02:00