Commit Graph

5335 Commits

Author SHA1 Message Date
Jouni Malinen
d735811329 tests: Add TEST_FAIL() to hostapd_get_aid()
This allows additional testing coverage for AID unavailability cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-28 20:44:55 +03:00
Jouni Malinen
37fd0be2d3 Add CTRL-EVENT-CHANNEL-SWITCH event to indicate channel changes
This provides information of the channel switch to wpa_supplicant
control interface monitors.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-27 21:10:35 +03:00
Jouni Malinen
e6804fef93 OpenSSL: Update to match the modified DH_get0_key() API
OpenSSL 1.1.0 (master branch) apparently ended up modifying the API
after the beta 2 release that was supposed to complete the work. Mark
the variables const to fix the compilation with the modified OpenSSL
API.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-25 00:35:17 +03:00
Jouni Malinen
617593c37f Assign vendor specific elements for early HE testing
These elements can be used for pre-standard publication testing of HE
before P802.11ax draft assigns the element ID. The payload of these
vendor specific elements is defined by the latest P802.11ax draft.
Please note that the draft is still work in progress and the element
payload is subject to change.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 19:02:58 +03:00
Jouni Malinen
4874b78290 PAE: Use big endian version in current_peer_id.mn to be more consistent
This gets rid of sparse warnings related to mismatching annotation and
byte swapping.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-24 19:02:58 +03:00
Jouni Malinen
ce256b4a49 PAE: Use sci->port more consistently
This is now annotated as be16, so use it as such in all cases instead of
first storing host byte order value and then swapping that to big endian
in other instances of the same structure. This gets rid of number of
sparse warnings.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-24 19:02:58 +03:00
Jouni Malinen
2f13e54dfc wired: Silence sparse warning on redefinition of IFNAMSIZ
driver_wired.c pulls in utils/common.h before net/if.h as a workaround
for NetBSD build. This results in IFNAMSIZ getting redefined and sparse
warning about this. Silence that warning by undefining the IFNAMSIZ
definition from common.h to allow the one from net/if.h being used. In
addition, remove duplicated inclusion of net/if.h.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-24 19:02:58 +03:00
Jouni Malinen
82ffcba755 Move extern declarations for ext_password backends into a header file
This gets rid of a sparse warning and also allows the compatibility of
the declarations to be verified (a missing const declaration is fixed
here as well).

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-24 19:02:58 +03:00
Jouni Malinen
39ab6a5de2 Move extern declarations for driver ops into a header file
This gets rid of number of sparse warnings and also allows the
compatibility of the declarations to be verified (number of missing
const declarations are fixed here as well).

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-24 19:02:58 +03:00
Jouni Malinen
4775471816 nl80211: Mark wpa_driver_nl80211_get_macaddr() static
This function is not used outside this file.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-24 19:02:58 +03:00
Jouni Malinen
ebae413550 Fix a debug print in p2p_manager_disconnect()
fc2str() expects to get the 16-bit frame control value in host byte
order.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 19:02:58 +03:00
Jouni Malinen
582121b038 OpenSSL: Silence sparse warnings in fips186_2_prf()
Use WPA_PUT_BE32() instead of inplace conversion with host_to_be32() to
avoid sparse warnings.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 19:02:58 +03:00
Jouni Malinen
451e094c7e dhcp_snoop: Silence a sparse warning
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 19:02:58 +03:00
Jouni Malinen
bbae0f03aa ndisc_snoop: Include ndisc_snoop.h to check prototypes
This allows the compiler to check that function prototypes match the
implementation. In addition, this gets rid of sparse warnings.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 19:02:58 +03:00
Jouni Malinen
99a716ac91 TNCS: Mark functions static
These are called through function pointers, so no need to make the
function symbols directly available outside this file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 19:02:47 +03:00
Jouni Malinen
799a7ed8a9 PAE: Mark ieee802_1x_kay_deinit_data_key() static
This function is not used outside this file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 01:40:24 +03:00
Jouni Malinen
4e7f5a4a2a PAE: Use be16/be32 instead of u16/u32 for spartse
This converts some of the PAE code to use a design that gets rid
unnecessary warnings from sparse and allows more thorough validation of
byte order operations.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 01:38:48 +03:00
Jouni Malinen
ac36b133aa TNCC: Mark functions static
These are called through function pointers, so no need to make the
function symbols directly available outside this file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-24 01:38:04 +03:00
Jouni Malinen
50a17a76e1 tests: Declare module test functions in a header file
This gets rid of number of warnings from sparse.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 18:26:09 +03:00
Jouni Malinen
3e624369cb tests: Mark some module test arrays static
These are not used outside the source code file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 18:11:35 +03:00
Jouni Malinen
fad6485c56 radiotap: Silence sparse warnings about byte order swapping
These little endian fields were not marked properly and the type case in
the get_unaligned_* helper macros were causing warnings from sparse.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 18:08:11 +03:00
Jouni Malinen
94c4d78ef1 FST: Make fst_action_names static
This is not used outside this file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 17:48:48 +03:00
Jouni Malinen
82c734c28c FST: Fix byte order of couple of fields on big endian hosts
Couple of fsts_id and llt fields were not properly swapped from host
byte order to little endian byte order used in the frames. Fix this and
use the le32 type to make this more consistent and verifiable with
sparse.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 17:46:40 +03:00
Jouni Malinen
3787c91da0 OpenSSL: Pull in header files to check function prototypes
Since crypto_openssl.c is now implementing couple of functions
internally, pull in the relevant header files md5.h and aes_wrap.h to
make sure the function declaration are consistent.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 13:35:26 +03:00
Jouni Malinen
6013bbe04f TDLS: Declare tdls_testing as extern in a header file
This gets rid of a sparse warning with CONFIG_TDLS_TESTING builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 13:31:04 +03:00
Jouni Malinen
0e672b89e7 trace: Define externs in a header file
This gets rid of some unnecessary strace warnings from test builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 13:28:54 +03:00
Jouni Malinen
6527b52ead Undefine __bitwise before defining it for sparse
This gets rid of a compiler warning due to a bit different construction
in linux/types.h.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 13:23:46 +03:00
Jouni Malinen
468b7b12a6 Fix hostapd_sta_add() call to use NULL as the pointer instead of 0
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-23 13:14:17 +03:00
Cedric Izoard
04c18fa04b curl: Don't free memory for subjectAltName before calling callback
Freeing memory for subjectAltName in parse_cert(), will give cert_cb
pointers to freed memory zone that may already been overwritten. Memory
for subjectAltName is released in parse_cert_free().

Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
2016-06-19 22:11:36 +03:00
Masashi Honma
d70a8ab1e3 mesh: Ignore crowded peer
The "Accepting Additional Mesh Peerings bit == 0" means the peer cannot
accept any more peers, so suppress attempt to open a connection to such
a peer.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-06-19 20:18:09 +03:00
Jouni Malinen
3b6deac0e7 mesh: Avoid use of hardcoded cipher
This moves pairwise, group, and management group ciphers to various mesh
data structures to avoid having to hardcode cipher in number of places
through the code. While CCMP and BIP are still the hardcoded ciphers,
these are now set only in one location.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-19 20:18:09 +03:00
Jouni Malinen
f868d5607d mesh: Clean up AMPE element encoding and parsing
The AMPE element includes number of optional and variable length fields
and those cannot really be represented by a fixed struct
ieee80211_ampe_ie. Remove the optional fields from the struct and
build/parse these fields separately.

This is also adding support for IGTKdata that was completely missing
from the previous implementation. In addition, Key RSC for MGTK is now
filled in and used when configuring the RX MGTK for a peer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-19 20:18:09 +03:00
Jouni Malinen
4367eec439 mesh: Do not use RX MGTK as RX IGTK
The previous implementation was incorrect in forcing the MGTK to be used
as the IGTK as well. Define new variable for storing IGTK and use that,
if set, to configure IGTK to the driver. This commit does not yet fix
AMPE element parsing to fill in this information.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-19 20:18:09 +03:00
Jouni Malinen
a4eec3c230 mesh: Use variable length MGTK for RX
This extends the data structures to allow variable length MGTK to be
stored for RX. This is needed as an initial step towards supporting
different cipher suites.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-19 20:18:09 +03:00
Jouni Malinen
b02f4d058c mesh: Add variable length MTK support
This is needed as a part in enabling support for different pairwise
ciphers in mesh.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-19 20:18:09 +03:00
Jouni Malinen
18aca1a07d mesh: Use ieee80211w profile parameter
This is initial step in fixing issues in how PMF configuration for RSN
mesh was handled. PMF is an optional capability for mesh and it needs to
be configured consistently in both hostapd structures (to get proper
RSNE) and key configuration (not included in this commit).

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-18 15:52:54 +03:00
Jouni Malinen
b8b499e4a4 mesh: Use WPA_NONCE_LEN macro
No need to use the magic value 32 here since there is a generic define
for the RSN-related nonce values.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-18 15:52:54 +03:00
Sunil Dutt
bb4e19e3f4 hostapd: Skip hostapd ACL check for drivers supporting ACL offload
Commit 0603bcb7fe ('hostapd: Process MAC
ACLs on a station association event (SME in driver)') processes MAC ACL
on a station association event for drivers which use AP SME offload but
does not consider the scenario where the drivers offload ACL. This can
result in station disconnection, though the driver accepts the
connection. Address this by avoiding the hostapd ACL check for the
drivers offloading MAC ACL.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-17 20:45:35 +03:00
Sunil Dutt
d1296da643 Reserve QCA vendor specific nl80211 command 121
This is reserved for QCA use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-17 00:10:16 +03:00
Sunil Dutt
52a6c9c9e8 Add a QCA vendor command to configure AP parameters
This commit also introduces a new attribute MANDATORY_FREQUENCY_LIST
which aims for AP operation in a channel that ensures best concurrency
sessions.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-16 18:38:16 +03:00
Jouni Malinen
cc27c8e680 hostapd: Fix early init failure path
eloop deinit calls could trigger segmentation fault if the early error
path is hit before eloop_init() gets called.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-13 00:37:23 +03:00
Jouni Malinen
976dfb3237 FST: Make fst_global_deinit() more robust
Verify that fst_global_init() has been called before deinitializing the
global FST context. This makes it a bit easier to handle failure paths
from initialization.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-13 00:37:14 +03:00
Masashi Honma
7a69fad7ad mesh: Sync max peer links with kernel
Set max peer links to kernel even when wpa_supplicant MPM is used. This
sets the correct value for the "Accepting Additional Mesh Peerings bit"
in "Mesh Capability field" in "Mesh Configuration element" in the Beacon
frame.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-06-12 21:49:05 +03:00
David Woodhouse
c3d7fb7e27 OpenSSL: Initialise PKCS#11 engine even if found with ENGINE_by_id()
Recent versions of engine_pkcs11 are set up to be autoloaded on demand
with ENGINE_by_id() because they don't need explicit configuration.

But if we *do* want to explicitly configure them with a PKCS#11 module
path, we should still do so.

We can't tell whether it was already initialised, but it's harmless to
repeat the MODULE_PATH command if it was.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Michael Schaller <misch@google.com>
2016-06-11 12:21:08 +03:00
Paul Stewart
fdc1188a85 nl80211: Fix use-after-free in qca_nl80211_get_features()
Any data accessible from nla_data() is freed before the
send_and_recv_msgs() function returns, therefore we need to allocate
space for info.flags ourselves.

Signed-off-by: Paul Stewart <pstew@google.com>
2016-06-11 12:12:23 +03:00
Jouni Malinen
8359472589 hostapd Make GAS Address3 field selection behavior configurable
gas_address3=1 can now be used to force hostapd to use the IEEE 802.11
standards compliant Address 3 field value (Wildcard BSSID when not
associated) even if the GAS request uses non-compliant address (AP
BSSID).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-10 22:13:37 +03:00
Jouni Malinen
6996ff7b6d hostapd: Fix Public Action frame TX status processing for wildcard BSSID
Previously all TX status events with wildcard BSSID were ignored. This
did not allow Public Action frame TX status to be processed with the
corrected wildcard BSSID use. Fix this to be allowed. In practice, this
affects only test cases since Action frame TX status was not used for
anything else.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-10 21:44:49 +03:00
Jouni Malinen
78a3632765 hostapd: Fix Public Action frame addressing (BSSID field)
IEEE Std 802.11-2012, 10.19 (Public Action frame addressing) specifies
that the wildcard BSSID value is used in Public Action frames that are
transmitted to a STA that is not a member of the same BSS. hostapd used
to use the actual BSSID value for all such frames regardless of whether
the destination STA is a member of the BSS.

Fix this by using the wildcard BSSID in cases the destination STA is not
a member of the BSS. Leave group addressed case as-is (i.e., the actual
BSSID), since both values are accepted. No such frames are currently
used, though.

This version is still using the AP BSSID value in the Address 3 field
for GAS response frames when replying to a GAS request with AP BSSID
instead of Wildcard BSSID. This is left as a workaround to avoid
interoperability issues with deployed STA implementations that are still
using the non-compliant address and that might be unable to process the
standard compliant case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-06-10 21:44:49 +03:00
Jouni Malinen
a5a187b0f4 nl80211: Add TEST_FAIL() to command generation and set_mode
This makes it easier to test error paths for failing driver command
cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-05 00:13:32 +03:00
Jouni Malinen
92a515b869 nl80211: Update drv->assoc_freq on mesh join
This is needed to provide the correct frequency in SIGNAL_POLL command.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-06-04 21:30:18 +03:00