Commit Graph

135 Commits

Author SHA1 Message Date
Jouni Malinen
204dd3f420 EAP server: Force identity request after INITIALIZE for passthrough
Previously, sm->start_reauth was set to TRUE in SUCCESS2 state to force
reauthentication to start with EAP identity request. This works fine for
the case of EAP success through the AAA passthrough authentication, but
is not enough to handle passthrough authentication failure. sm->identity
is set in that case and getDecision would return PASSTHROUGH instead of
CONTINUE (to Identity method).

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-03 17:37:48 +02:00
Jouni Malinen
363ab44067 EAP-AKA: Use strdup instead of strlen + malloc + memcpy
While the copy is not used as a null terminated string, this can prevent
some static analyzers from complaining about non-issue.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 22:45:01 +02:00
Jouni Malinen
0ac6c3f71a EAP-PEAP: Remove unused hdr assignment
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 22:43:21 +02:00
Jouni Malinen
864a8e3bf6 EAP-PSK: Fix memory leak on error path
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 22:41:38 +02:00
Jouni Malinen
cd52acec85 Rename tls_prf() to tls_prf_sha1_md5()
Prepare for multiple TLS PRF functions by renaming the SHA1+MD5 based
TLS PRF function to more specific name and add tls_prf() within the
internal TLS implementation as a wrapper for this for now.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 21:27:01 +02:00
Jouni Malinen
5419d6afed EAP-pwd: Remove struct eap_pwd_hdr
This structure was not really used for anything apart from figuring out
length of the EAP-pwd header (and even that in a way that would not work
with fragmentation). Since the bitfields in the structure could have
been problematic depending on target endianness, remove this unnecessary
structure.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-19 16:52:52 +02:00
Dan Harkins
e547e071e1 EAP-pwd: Fix zero-padding of input to H()
Another niceness of OpenSSL is that if the high-order bit of a 521-bit
big num is not set then BN_bn2bin() will just return 65 bytes instead of
66 bytes with the 1st (big endian, after all) being all zero. When this
happens the wrong number of octets are mixed into function H(). So
there's a whole bunch of "offset" computations and BN_bn2bin() dumps the
big number into a buffer + offset. That should be obvious in the patch
too.
2011-11-19 16:47:25 +02:00
Jouni Malinen
e9447a94c0 Use a single define for maximum number of EAP methods
This cleans up the code a bit by not having to deal with theoretical
possibility of maximum number of EAP methods to be different between
various components in hostapd.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-17 20:06:33 +02:00
Jouni Malinen
bfbc4284a8 Avoid 0-length memmove from buffer end to keep static analyzers happier
This avoid incorrect errors from some static analyzers that do not like
memmove with pointers just after the end of a buffer even if the number
of bytes to move is zero.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-17 19:54:26 +02:00
Jouni Malinen
3724ddc0c1 PEAP: Verify peap_prfplus() result
This function can fail in theory since the SHA-1 functions are
allowed to return an error. While this does not really happen in
practice (we would not get this far if SHA-1 does not work), it is
cleaner to include the error handling here to keep static analyzers
happier. [Bug 421]

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-13 11:29:17 +02:00
Jouni Malinen
fd2f2d0489 Remove EAP-TTLSv1 and TLS/IA
These protocols seem to be abandoned: latest IETF drafts have expired
years ago and it does not seem likely that EAP-TTLSv1 would be
deployed. The implementation in hostapd/wpa_supplicant was not complete
and not fully tested. In addition, the TLS/IA functionality was only
available when GnuTLS was used. Since GnuTLS removed this functionality
in 3.0.0, there is no available TLS/IA implementation in the latest
version of any supported TLS library.

Remove the EAP-TTLSv1 and TLS/IA implementation to clean up unwanted
complexity from hostapd and wpa_supplicant. In addition, this removes
any potential use of the GnuTLS extra library.
2011-09-25 21:28:32 +03:00
Pavel Roskin
ffbf1eaa26 Fix typos found by codespell
Signed-off-by: Pavel Roskin <proski@gnu.org>
2011-09-22 00:43:59 +03:00
Jouni Malinen
49a191a142 EAP: Add "expanded" EAP type to get_name functions 2011-08-28 19:23:16 +03:00
Jouni Malinen
fa5165586f WPS: Add a workaround for Windows 7 capability discovery for PBC
Windows 7 uses incorrect way of figuring out AP's WPS capabilities by
acting as a Registrar and using M1 from the AP. The config methods
attribute in that message is supposed to indicate only the configuration
method supported by the AP in Enrollee role, i.e., to add an external
Registrar. For that case, PBC shall not be used and as such, the
PushButton config method is removed from M1 by default. If pbc_in_m1=1
is included in the configuration file, the PushButton config method is
left in M1 (if included in config_methods parameter) to allow Windows 7
to use PBC instead of PIN (e.g., from a label in the AP).
2011-05-17 19:53:02 +03:00
Jouni Malinen
f8b5f7dc6b TNC: Fix TNC_{TNCC,TNCS}_ReportMessageTypes copy type
The supportedTypes parameter is a list of TNC_MessageType values
and the buffer to be copied should use size of TNC_MessageType, not
TNC_MessageTypeList. In practice, these are of same length on most
platforms, so this is not a critical issue, but anyway, the correct
type should be used.
2011-04-13 23:10:21 +03:00
Jouni Malinen
d601247ca9 P2P: Allow WPS_PBC command on GO to select on P2P Device Address
An optional parameter, p2p_dev_addr, can now be given to WPS_PBC
command on P2P GO to indicate that only the P2P device with the
specified P2P Device Address is allowed to connect using PBC. If
any other device tries to use PBC, a session overlap is indicated
and the negotiation is rejected with M2D. The command format for
specifying the address is "WPS_PBC p2p_dev_addr=<address>", e.g.,
WPS_PBC p2p_dev_addr=02:03:04:05:06:07

In addition, show the PBC session overlap indication as a WPS failure
event on an AP/GO interface. This particular new case shows up as
"WPS-FAIL msg=4 config_error=12".
2011-02-07 18:28:36 +02:00
Dan Harkins
e4d7b22a53 EAP-pwd: Fix some interoperability issues
The changes are:

  1. the word "and" in the hunting-and-pecking string passed to the KDF
     should be capitalized.
  2. the primebitlen used in the KDF should be a short not an int.
  3. the computation of MK in hostap is based on an older version of the
     draft and is not the way it's specified in the RFC.
  4. the group being passed into computation of the Commit was not in
     network order.
2011-01-16 13:12:07 +02:00
Jouni Malinen
3642c4313a Annotate places depending on strong random numbers
This commit adds a new wrapper, random_get_bytes(), that is currently
defined to use os_get_random() as is. The places using
random_get_bytes() depend on the returned value being strong random
number, i.e., something that is infeasible for external device to
figure out. These values are used either directly as a key or as
nonces/challenges that are used as input for key derivation or
authentication.

The remaining direct uses of os_get_random() do not need as strong
random numbers to function correctly.
2010-11-24 01:05:20 +02:00
Jouni Malinen
6fc58a89e1 Fix EAP standalone server
Commit c3fc47ea8e fixed EAP passthrough
server to allow Logoff/Re-authentication to be used. However, it
broke EAP standalone server while doing that. Fix this by reverting
the earlier fix and by clearing the EAP Identity information in the
EAP server code whenever an EAPOL-Start or EAPOL-Logoff packet is
received.
2010-11-07 16:25:35 +02:00
Jouni Malinen
c3fc47ea8e EAP server: Allow reauth to be started with passthrough
Some sequencies of EAPOL logoff/logon/start messages seem to be
able to get the previous implementation into state where hostapd
would not be able to start reauthentication when external
authentication server is used. The EAP server code would bypass
the initial Identity Request generation and EAPOL code would not
be able to send anything to the authentication server or supplicant
at that point. Work around this by forcing EAP server code to
start with Identity Request after INITIALIZE state even if the
Identity is known.
2010-10-09 08:53:45 +03:00
Jouni Malinen
3d32c6517d EAP-pwd: Fix couple of memory leaks 2010-09-14 22:16:17 -10:00
Jouni Malinen
d52be1db76 EAP-pwd: Move bnctx into per-protocol instance structure
This avoids double frees of bnctx and related crashes.
2010-09-14 22:04:09 -10:00
Dan Harkins
df684d82ff EAP-pwd: Add support for EAP-pwd server and peer functionality
This adds an initial EAP-pwd (RFC 5931) implementation. For now,
this requires OpenSSL.
2010-09-14 21:51:40 -10:00
Jouni Malinen
f684e608af P2P: Use PSK format in WPS Credential 2010-09-09 07:17:17 -07:00
Jouni Malinen
cce1f698e5 WPS: Use more defensive design to avoid theoretical NULL deref
Prior to commit 6195adda9b the sm->user
dereference did not exist here. While this is in practice non-NULL,
better use more defensive construction here to avoid NULL pointer
dereference should this ever change.
2010-09-04 21:37:36 +03:00
Jouni Malinen
8cbd92ee29 EAP-FAST server: Add I-ID into PAC-Info
This indicates that the peer identity is associated with the
credential and will be required to match with the identity used
during authentication when the PAC is used (RFC 5422, 4.2.4).
2010-08-19 21:16:19 +03:00
Jouni Malinen
6195adda9b WPS: Allow AP to start in Enrollee mode without AP PIN for probing
In theory, this should not really be needed, but Windows 7 uses
Registrar mode to probe AP's WPS capabilities before trying to use
Enrollee and fails if the AP does not allow that probing to happen.
This allows the AP to start as an Enrollee and send M1, but refuse
to continue beyond that (M3 will not be sent if AP PIN is not known).
2010-07-26 18:12:08 -07:00
Jouni Malinen
7f6ec672ea EAP server: Add support for configuring fragment size 2010-07-20 22:56:10 -07:00
Jouni Malinen
e4cbe058d6 TNC: Add more debug infor to EAP-TNC server state changes 2010-04-18 12:24:02 +03:00
Jouni Malinen
11804a4ebc TNC: Fix EAP-TNC fragmentation of the last message
62477841a1 tried to address fragmentation
issues, but it did not address the case where the final EAP-TNC
message gets fragmented. Move the state update to the correct place
to address this case, too.
2010-04-18 12:21:56 +03:00
Jouni Malinen
5febb0d272 TNCS: Fix uninit in error case to not double free IMVs 2010-04-18 11:10:46 +03:00
Jouni Malinen
7992b07f6a Remove unnecessary SUBDIRS loops from src/*/Makefile
There are no subdirectories in any of these directories or plans
for adding ones. As such, there is no point in running the loop
that does not do anything and can cause problems with some shells.
2010-04-17 17:10:31 +03:00
Jouni Malinen
8d6399e455 Use unsigned bitfield for 1-bit values 2010-04-11 12:27:13 +03:00
Gregory Detal
bb437f282b AP: Add wpa_msg() events for EAP server state machine 2010-04-07 11:13:14 +03:00
Jouni Malinen
0823031750 Fix Windows compilation issues with AP mode code 2010-04-04 08:14:14 +03:00
Jouni Malinen
ffd2c8cd4d Avoid warnings on unused function/variables if debug is disabled
CONFIG_NO_STDOUT_DEBUG removes wpa_printf() calls, so need to ifdef
some function and variable definitions to avoid compiler warnings.
2010-03-06 16:37:57 +02:00
Jouni Malinen
94d9bfd59b Rename EAP server source files to avoid duplicate names
This makes it easier to build both EAP peer and server functionality
into the same project with some toolchains.
2010-02-19 18:54:07 +02:00
Jouni Malinen
25ac1328f6 EAP-TNC: Add Flags field into fragment acknowledgement
TNC IF-T is somewhat unclear on this are, but
draft-hanna-nea-pt-eap-00.txt, which is supposed to define the same
protocol, is clearer on the Flags field being included.

This change breaks interoperability with the old implementation if
EAP-TNC fragmentation is used. The old version would not accept
the acknowledgement message with the added Flags octet while the
new version accepts messagss with with both options.
2010-02-14 16:08:15 +02:00
Jouni Malinen
62477841a1 EAP-TNC server: Fix processing when last message is fragmented
If the last message from the EAP-TNC server was fragmented, the
fragment processing lost the DONE/FAIL state and did not know how
to handle the final ACK from the peer. Fix this by remembering the
earlier DONE/FAIL state when fragmenting a frame.
2010-02-13 18:03:52 +02:00
Jouni Malinen
b29d086d50 EAP-TNC: Accept fragment ack frame with Flags field
TNC IF-T specification is unclear on the exact contents of the fragment
acknowledgement frame. An interoperability issue with the tncs@fhh
implementation was reported by Arne Welzel
<arne.welzel@stud.fh-hannover.de> due to the different interpretations
of the specification. Relax EAP-TNC server/peer validation rules to
accept fragmentation acknowledgement frames to include the Flags field
to avoid this issue.
2010-02-13 18:00:39 +02:00
Jouni Malinen
2e06e9dd6f Fix TLS in/out buffer freeing
The previous version could end leaking memory since os_free() was used
instead of wpabuf_free(). In addition, this could potentially have
triggered a crash if the TLS context were being freed when pending
input data where still in the buffer (though, this may not be possible
to trigger in practice).
2010-02-12 21:13:51 +02:00
Jouni Malinen
2a29f0d45c Rename EAP TLS variables to make server and peer code consistent 2009-12-24 00:16:58 +02:00
Jouni Malinen
f3f2eeba01 WPS: Add option for forcing Registrar to use PSK format in Credential
The use_psk_key parameter can now be used to force the Registrar to
use PSK format instead of ASCII passphrase when building a Credential
for the Enrollee. For now, this is not enabled, but it could be enabled
either based on external (to WPS) configuration or automatically set
based on some WPS attribute values from the Enrollee.
2009-12-21 12:46:19 +02:00
Jouni Malinen
496c5d981e Use wpabuf with tls_connection_ia_send_phase_finished() 2009-12-20 21:33:32 +02:00
Jouni Malinen
2574634b7f Check TLS status on EAP server during handshake
The new TLS wrapper use may end up returning alert data and we need to
make sure here that it does not end up getting interpreted as success
due to non-NULL response.
2009-12-20 19:11:43 +02:00
Jouni Malinen
81c85c069a Convert TLS wrapper to use struct wpabuf
This converts tls_connection_handshake(),
tls_connection_server_handshake(), tls_connection_encrypt(), and
tls_connection_decrypt() to use struct wpa_buf to allow higher layer
code to be cleaned up with consistent struct wpabuf use.
2009-12-20 18:17:55 +02:00
Jouni Malinen
f52ab9e6b0 Fix lastReqData freeing to use wpabuf_free() 2009-12-20 17:22:25 +02:00
Jouni Malinen
c479e41f53 EAP-FAST server: Piggyback Phase 2 start with end of Phase 1
If Finished message from peer has been received before the server
Finished message, start Phase 2 with the same message to avoid extra
roundtrip when the peer does not have anything to send after the server
Finished message.
2009-12-20 11:39:45 +02:00
Jouni Malinen
5c90d47657 Move EAP-SIM DB conditional build into hostapd 2009-12-06 18:23:53 +02:00
Jouni Malinen
f721aed4b1 Increase EAP server extra room for encryption overhead (for GnuTLS)
This fixes issues with some GnuTLS versions that seem to be adding
quite a bit of extra data into TLS messages. The EAP server code is
now using the same 300 byte extra room that was already used in the
EAP peer implementation.
2009-12-06 12:02:28 +02:00