CampusWLAN
  1. CampusWLAN

hostapd

Public

Network

 
AuthorCommitMessageCommit Date
Michael BraunMichael Braun
e91b6b081caMKA: workaround Aruba Aruba Switche KB 16.04.0008 fails to set KeySrv flag when distributing keys. Ignore this flag as it only gets set from the message anyway. 1503000470.401222: l2_packet_receive: src=1c:98:ec:c8:e1:00 len=132 1503000470.401332: eth0: RX EAPOL from 1c:98:ec:c8:e1:00 1503000470.401358: RX EAPOL - hexdump(len=132): 03 05 00 80 01 10 20 2c 1c 98 ec c8 f1 93 00 6d 40 51 aa 5a 31 49 57 1f 3d 94 bc ef 00 00 00 cd 00 80 c2 01 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff 03 34...
Michael BraunMichael Braun
fb49b68f18amacsec_linux: exit early when missing macsec kernel module Using driver macsec_linux makes no sense without macsec kernel module loaded. Signed-off-by: Michael Braun <michael-dev@fami-braun.de> -- v2: improve output, fix coding style
Michael BraunMichael Braun
6db18629362macsec: handle missing macsec kernel module This fixes the following crash: 0. do not modprobe macsec 1. create veth pair 2. run two wpa_supplicant linux_macsec instances on both ends 3. see one instance crash Successfully initialized wpa_supplicant macsec_linux: genl resolve failed macsec_linux: genl resolve failed macsec_linux: NULL rtnl socket veth1: Associated with 01:80:c2:00:00:03 veth1: CTRL-EVENT-CONNECTED - Connection to 01:80:c2:00:00:03 completed [id=0 id_str=] WMM AC: Missing I...
Michael BraunMichael Braun
992222aa34ecrypto:fix undefined behaviour ubsan reported: ../src/crypto/random.c:69:30: runtime error: shift exponent 32 is too large for 32-bit type 'unsigned int' Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
Michael BraunMichael Braun
8578af6d840802.1X: validate input before pointer ieee802_1x_kay_decode_mkpdu calls ieee802_1x_mka_i_in_peerlist before body_len has been checked on all segments. ieee802_1x_kay_decode_mkpdu and ieee802_1x_mka_i_in_peerlist might continue and thus underflow left_len even if it finds left_len to small (or before checking). Additionally, ieee802_1x_mka_dump_peer_body might perform out of bound reads in this case. Fix this by checking left_len and aborting if too small early. Signed-off-by: Michael Bra...
Michael BraunMichael Braun
e99b3e267f8MKA: handle unaligned ckn length IEEE 802.1X-2010 Figure 11-7 explaines that "Parameter set body length" is exclusive of the suffix padding. This fixes variable length encoding and decoding when ckn length is not a multiple of 4 bytes. Signed-off-by: Michael Braun <michael-dev@fami-braun.de> -- v2: fix parser as well
michael-devmichael-dev
b18797cc065macsec: make pre-shared ckn variable length IEEE 802.1X-2010 Section 9.3.1 restricts CKN > MKA places no restriction on the format of the CKN, save that it comprise > an integral number of octets, between 1 and 32 (inclusive), and that all > potential members of the CA use the same CKN. No further constraints are > placed onthe CKNs used with PSKs, ... . Hence do not require a 32 byte long CKN but instead allow a shorter ckn to be configured. This fixes interoperability with some Aruba Swi...
Sven EckelmannSven Eckelmann
b0fc2ef3a37hw_features: Fix check of supported 802.11ac channel width The two channel width bits in the VHT capability field can be decoded in following values (IEEE Std 802.11ac-2013 8.4.2.160.2 VHT Capabilities Info field): * 0: no 160 or 80+80 MHz support * 1: 160 MHz support * 2: 160 and 80+80 MHz support * 3: (reserved) The check must therefore not be done bitwise but instead it must checked whether the capabilities announced by the driver are at least the ones requested by the user. Fixes:...
Andrei OtcheretianskiAndrei Otcheretianski
9a6e2a5edeetests: Make wnm_bss_tm_req_with_mbo_ie more robust On slow machines or inside VM it may take some time for "DISCONNECTED" event to arrive. Since the retry delay counter is started already, it may result in less than 5 seconds time between "DISCONNECTED" and "CONNECTED" events. Fix the test by taking more accurate timestamps between the events. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Avraham SternAvraham Stern
b5bf84ba39eWNM: Differentiate between WNM for station and for AP in build Previously, CONFIG_WNM enabled build that supports WNM for both station mode and AP mode. However, in most wpa_supplicant cases only station mode WNM is required and there is no need for AP mode WNM. Add support to differentiate between station mode WNM and AP mode WNM in wpa_supplicant builds by adding CONFIG_WNM_AP that should be used when AP mode WNM support is required in addition to station mode WNM. This allows binary size...
Avraham SternAvraham Stern
922dcf1b457RRM: Remove duplicate frequencies from beacon report scan request When setting the frequencies for beacon report request scan, it is possible that a frequency is added twice (e.g., when the same channel appears both in the channel field and in the AP channel report subelement). This may cause the scan request to fail. Make sure the frequencies array contains no duplications before requesting the scan. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Andrei OtcheretianskiAndrei Otcheretianski
cdb3aab5696tests: Fix RRM tests to allow refused/incapable responses Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Avraham SternAvraham Stern
705e2909c63RRM: Send response when Beacon report request is not supported/refused Send Radio Measurement response with measurement mode set to reject in the following cases: 1. Reporting conditions is not supported. 2. No valid channels found for the measurement Sending a response with an incapable indication will stop the AP from sending other measurement requests of the same type as specified in IEEE Std 802.11-2016, 11.11.6. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Avraham SternAvraham Stern
3756acfd48cRRM: Send Radio Measurement response when beacon report scan fails When failing to trigger scan for beacon report (e.g., when the requested duration is not supported by the driver), send a Radio Measurement response with the mode set to refused and don't retry the scan. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Jouni MalinenJouni Malinen
d5571831506tests: Rejection of group-addressed RRM measurement request Signed-off-by: Jouni Malinen <j@w1.fi>
Avraham SternAvraham Stern
b3c148e9f8aRRM: Send reject/refuse response only to unicast measurement request IEEE Std 802.11-2016, 11.11.6 specifies that a station that is unable to make a requested measurement or refuses to make a measurement shall respond only if the measurement request was received within an individually addressed radio measurement request frame, but shall not respond if such a request was received in a group addressed frame. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Dmitry ShmidtDmitry Shmidt
51143af7e79wpa_cli: Fix global control interface for STA-FIRST/STA-NEXT If global control interface is used and wlan doesn't support P2P, wpa_s->global->p2p == NULL, and log shows: wpa_supplicant: Failed to create interface p2p-dev-wlan0: -5 (I/O error) wpa_supplicant: nl80211: Failed to create a P2P Device interface p2p-dev-wlan0 wpa_supplicant: P2P: Failed to enable P2P Device interface Then STA-FIRST/STA-NEXT is not going to redirect to any interface, making update_stations(ctrl_conn) is stuck i...
Jouni MalinenJouni Malinen
809c675029fDPP: Fix build with OpenSSL 1.1.0 X509_ALGOR_get0() was modified to use const ** pointer as the first argument in OpenSSL 1.1.0, so need to use different type here to avoid compilation issues. Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni MalinenJouni Malinen
89971d8b1e3OpenSSL: Clear default_passwd_cb more thoroughly Previously, the pointer to strdup passwd was left in OpenSSL library default_passwd_cb_userdata and even the default_passwd_cb was left set on an error path. To avoid unexpected behavior if something were to manage to use there pointers, clear them explicitly once done with loading of the private key. Signed-off-by: Jouni Malinen <j@w1.fi>
Beniamino GalvaniBeniamino Galvani
f665c93e1d2OpenSSL: Fix private key password handling with OpenSSL >= 1.1.0f Since OpenSSL version 1.1.0f, SSL_use_PrivateKey_file() uses the callback from the SSL object instead of the one from the CTX, so let's set the callback on both SSL and CTX. Note that SSL_set_default_passwd_cb*() is available only in 1.1.0. Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
Beniamino GalvaniBeniamino Galvani
2b9891bd6e1OpenSSL: Add build option to select default ciphers Add a build option to select different default ciphers for OpenSSL instead of the hardcoded default "DEFAULT:!EXP:!LOW". This new option is useful on distributions where the security level should be consistent for all applications, as in Fedora [1]. In such cases the new configuration option would be set to "" or "PROFILE=SYSTEM" to select the global crypto policy by default. [1] https://fedoraproject.org/wiki/Changes/CryptoPolicy Signed...
Ashwini PatilAshwini Patil
65833d71a5fOCE: Add hostapd mode OCE capability indication if enabled Add OCE IE in Beacon, Probe Response, and (Re)Association Response frames if OCE is enabled in the configuration. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Ashwini PatilAshwini Patil
332aadb8a22STA: Add OCE capability indication attribute Add OCE capability indication attribute in Probe Request and (Re)Association Request frames. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Ashwini PatilAshwini Patil
fb718f94d60nl80211: Check if driver supports OCE specific features Check if device supports OCE STA/STA-CFON/AP specific mandatory features. This commit includes checking based on the QCA vendor attributes. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
vamsi krishnavamsi krishna
46b15e470e7Add vendor flags for OCE feature support indication Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Vidyullatha KanchanapallyVidyullatha Kanchanapally
b377ec2585bFILS: Fix issuing FILS connect to a non-FILS AP in driver-FILS case If an AP is not FILS capable and wpa_supplicant has a saved network block for the network with FILS key management and a saved erp info, wpa_supplicant might end up issuing a FILS connection to a non-FILS AP. Fix this by looking for the presence of FILS AKMs in wpa_s->key_mgmt, i.e., after deciding on the AKM suites to use for the current connection. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Sunil DuttSunil Dutt
9f44f7f3b52Introduce a vendor attribute to represent the PNO/EPNO Request ID This request ID was wrongly referred from the REQUEST_ID in enum qca_wlan_vendor_attr_gscan_config_params which is mapped to QCA_WLAN_VENDOR_ATTR_PNO_PASSPOINT_LIST_PARAM_NUM in PNO Config. Hence define a different attribute to represent the request ID for PNO Config. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Emmanuel GrumbachEmmanuel Grumbach
881a92e8b85FILS: Fix compilation with CONFIG_NO_WPA wpa_fils_is_completed() was not defined. Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
Jouni MalinenJouni Malinen
c1361765fd2tests: Additional EAP-TTLS error path This is a regression test for a memory leak on an error path. Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni MalinenJouni Malinen
1f2ae8cff5dEAP-TTLS: Fix a memory leak on error paths The allocated challenge needs to be freed on these error paths as well. Signed-off-by: Jouni Malinen <j@w1.fi>
Ilan PeerIlan Peer
83e003a9132EAP-TTLS: Fix possible memory leak in eap_ttls_phase2_request_mschap() The msg buffer needs to be freed on these two error paths. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Ilan PeerIlan Peer
422570eec80MBO: Fix possible memory leak in anqp_send_req() In case that an mbo object is allocated, but there is a failure to resize the wpabuf, need to free the mbo object. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Jouni MalinenJouni Malinen
e4e99927bf6tests: Additional LEAP error path This is a regression test for a memory leak on an error path. Signed-off-by: Jouni Malinen <j@w1.fi>
Ilan PeerIlan Peer
96e595a9f12EAP-LEAP: Fix possible memory leak in eap_leap_process_request() Free 'resp' object in case of a failure to derive the response. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Avraham SternAvraham Stern
23eead4d748RRM: Filter scan results by parent TSF only if driver supports it Scan results with parent TSF older than the scan start TSF are not added to the beacon report since they are considered as scan results from previous scans. However, for drivers that report the scan start TSF but not the parent TSF of each scan result, the parent TSF will be zero so valid scan results will be dropped. Fix this by filtering scan results by the parent TSF only if the driver supports reporting the parent TSF for...
Naftali GoldsteinNaftali Goldstein
3f8e3a5486aap: Fix invalid HT40 channel pair fallback In case of incorrect HT40 configuration as part of an attempt to create a 80 MHz AP, iface->conf->vht_oper_centr_freq_seg0_idx and iface->conf->vht_oper_centr_freq_seg1_idx are zero'ed, but iface->conf->vht_oper_chwidth remains VHT_CHANWIDTH_80MHZ. This causes the logic in dfs_get_start_chan_idx to fail. Fix this by setting iface->conf->vht_oper_chwidth to VHT_CHANWIDTH_USE_HT when zero'ing the center frequency parameters. Signed-off-by: Naftali G...
Ilan PeerIlan Peer
6d3e24d3e38ap: Fix return value in hostapd_drv_switch_channel() The documentation in driver.h state that in case of an error -1 is returned. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Adiel AloniAdiel Aloni
0b6cbc4e645tests: Use global control interface in test_p2p_channel.py Previously p2p_channel_drv_pref_* tests would fail if dedicated P2P device is used, since the SET commands were sent to incorrect interface. Fix this by using a global control interface instead. Signed-off-by: Adiel Aloni <adiel.aloni@intel.com>
Andrei OtcheretianskiAndrei Otcheretianski
d02e4c8ac8cP2P: Clear get_pref_freq_list_override on P2P Device Clear the get_pref_freq_list_override in p2p_ctrl_flush(). This fixes the case when a dedicated P2P device interface is used. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Johannes BergJohannes Berg
100d334f43dtests: Print higher debug level on console We capture the dmesg that contains everything, but if a test causes a kernel crash we will miss all logging at higher levels like debug. Change the printk level to catch all of that too. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Johannes BergJohannes Berg
a95d5fdbe15tests: Catch various lockdep warnings Lockdep no longer prints "INFO:" but now prints "WARNING:". Also add the "*** DEADLOCK ***" string it usually prints so if it changes again we can keep finding that string. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Andrei OtcheretianskiAndrei Otcheretianski
bfbc41eace0DPP: Fix compilation without openssl dpp.h file requires openssl in order to compile, which breaks compilation on systems without it. Move DPP_OUI_TYPE to ieee802_11_defs.h and don't include dpp.h when not really needed. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Andrei OtcheretianskiAndrei Otcheretianski
4874f5bad32tests: Skip dpp_pkex_config dpp_pkex_config2 tests correctly When CONFIG_DPP is not defined these tests would fail. Skip them. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Sunil DuttSunil Dutt
cc6088463a2P2P: Allow auto GO on DFS channels if driver supports this If a DFS forced frequency is provided in 'p2p_group_add' and the driver supports DFS offload, the frequency was rejected in wpas_p2p_init_go_params(). However, it was accepted in wpas_p2p_select_go_freq() and wpas_p2p_group_add(). To make the behavior consistent, the DFS frequency is now accepted in wpas_p2p_init_go_params() similar to the way done in wpas_p2p_select_go_freq(). Redundant check in wpas_p2p_group_add() for DFS forced ...
Vidyullatha KanchanapallyVidyullatha Kanchanapally
fe3e0bac1f3FILS: Advertize FILS capability based on driver capability Add changes to control interface command get_capability to advertize FILS capability, FILS AKMs suites, and FILS Authentication algorithms based on the driver capabilities. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni MalinenJouni Malinen
5579c11c3edFix a typo in vendor attribute documentation The attribute is QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SAR_ENABLE, not QCA_WLAN_VENDOR_ATTR_SAR_LIMITS_SELECT. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jeffin MammenJeffin Mammen
8b5ddda5fbaFILS: Add HLP support with driver-based AP SME This allows HLP processing to postpone association processing in hostapd_notify_assoc(). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jeffin MammenJeffin Mammen
31ec556cefbFILS: Fix the IP header protocol field in HLP DHCP response The IP header should indicate that UDP is used in the message. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Vidyullatha KanchanapallyVidyullatha Kanchanapally
9d3eb21ec47tests: FILS ERP authentication followed by PMKSA caching This test case verifies that both wpa_supplicant and hostapd are adding a PMKSA cache entry based on FILS shared key authentication using ERP. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni MalinenJouni Malinen
b3e567c890dFILS: ERP-based PMKSA cache addition on AP hostapd did not add a new PMKSA cache entry when FILS shared key authentication was used, i.e., only the initial full authentication resulted in a PMKSA cache entry being created. Derive the PMKID for the ERP case as well and add a PMKSA cache entry if the ERP exchange succeeds. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>