3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-05 03:29:28 +01:00
Commit Graph

2107 Commits

Author SHA1 Message Date
Andrew Zaborowski
00cafb2cc5 wiphy: Check early that a BSS supports compatible ciphers.
In the D-bus .Connect call return an error immediately if we
find that there's no common cipher supported between iwd, the
network adapter and the AP.  This is to avoid asking the agent
for the passkey if we know the connection will fail.

An alternative would be to only show networks that we can connect
to in the scan results on D-bus but I suspect that would cause
more pain to users debugging their wifi setups on average.

For now, if a passphrase is needed we check once before querying
for passphrase and recheck afterwards when we're about to
associate.
2015-05-27 08:52:01 -05:00
Andrew Zaborowski
4bf109a7ce test: Avoid input() in simple-agent.py.
That function reads a string of python code and immediately executes
it.  This required passphrases to be input as python literals, we
can just use a string as passphrase instead.
2015-05-27 08:42:45 -05:00
Denis Kenzior
99cdb860c0 eapol: Simplify install_tk callback 2015-05-21 21:10:21 -05:00
Denis Kenzior
e93dd44607 eapol: Simplify GTK install callback
Instead of passing in the RSN/WPA elements, simply pass in the
configured cipher.  This will make the implementation of the install_gtk
callback much simpler.
2015-05-21 21:08:47 -05:00
Denis Kenzior
d4cdd74ae0 ie: Add ie_rsn_cipher_suite_to_cipher 2015-05-21 20:58:42 -05:00
Denis Kenzior
d22a1af576 wiphy: Group RSN/WPA generation and setup 2015-05-21 20:43:54 -05:00
Denis Kenzior
d33db27a84 unit: Add additional sanity checks 2015-05-19 00:07:23 -05:00
Denis Kenzior
9992d3aeda eapol: Extract & keep track of desired ciphers
When our own WPA IE or RSN IE are set, extract group and pairwise
ciphers.  These ciphers are the ones we desire to use for the secure
connection.
2015-05-19 00:05:53 -05:00
Denis Kenzior
12551b52ff eapol: Sanity check 2nd RSNE
If the second (optional) RSN element is included in Step 3/4 of the
4-way handshake, parse it and perform basic sanity checks
2015-05-18 23:49:11 -05:00
Denis Kenzior
3b3ed6defe unit: Add another WPA1 TK/GTK handshake test 2015-05-18 14:56:55 -05:00
Denis Kenzior
72babefa33 unit: Update to the new API
This commit also fixes the unit test data for GTK Step 2 since we now
include WPA Key Index in this frame
2015-05-18 14:45:13 -05:00
Denis Kenzior
8593ebaad4 eapol: Set wpa_key_id in WPA1 Step 2 of 2 2015-05-18 14:45:09 -05:00
Denis Kenzior
6500fd4264 unit: Unify verify_* functions 2015-05-18 14:16:45 -05:00
Denis Kenzior
76890aea3c unit: Unify snonce funcs
The snonce function will just copy the nonce value from snonce global
variable.  This lets us avoid multiple functions that do essentially the
same thing.
2015-05-18 14:08:14 -05:00
Denis Kenzior
cc97b53528 unit: Add WPA1 GTK Step 2/2 test data + test 2015-05-18 14:04:07 -05:00
Denis Kenzior
1b6240cd05 unit: Add WPA1 GTK Step 1/2 test data + test 2015-05-18 14:04:05 -05:00
Denis Kenzior
a684e64dbb unit: Add WPA1 Step 4/4 test data + test 2015-05-18 14:04:03 -05:00
Denis Kenzior
bbbd8f67d3 unit: Add WPA1 Step 3/4 test data + test 2015-05-18 14:04:01 -05:00
Denis Kenzior
b6677680f2 unit: Add WPA1 Step 2/4 test data + test 2015-05-18 14:03:42 -05:00
Denis Kenzior
039ab49357 unit: Add WPA1 Step 1/4 test data + test 2015-05-18 14:02:48 -05:00
Andrew Zaborowski
6c9bf06f73 unit: WPA+TKIP handshake logic tests. 2015-05-18 13:58:54 -05:00
Andrew Zaborowski
6bb31ac5b4 unit: WPA+TKIP EAPOL-Key frame tests. 2015-05-18 13:58:34 -05:00
Denis Kenzior
fa8c673137 monitor: Print Key ID field in the case of WPA 2015-05-18 12:50:50 -05:00
Denis Kenzior
4f5013515d monitor: Shorten up printed strings
HT Operation Information strings wrap on 80 character terminals, so
shorten up the printed string to avoid that in most cases
2015-05-18 12:50:50 -05:00
Andrew Zaborowski
a227d0b00f eapol: In GTK step 2 of 2, secure bit is always 1 2015-05-18 12:50:50 -05:00
Andrew Zaborowski
0293b62f2e wiphy: select TKIP if CCMP not supported
If AP does not support CCMP, or if the wiphy does not.
2015-05-18 12:50:50 -05:00
Andrew Zaborowski
a84d232eb1 eapol: Accept 32-byte keys in verify_ptk_3_of_4
TKIP key data is 32 bytes long.
2015-05-18 12:37:34 -05:00
Andrew Zaborowski
4b1555c935 scan: Utility to find AP supported ciphers
Extracts the supported ciphers masks from the beacon data.  If RSN IE
was present, the WPA IE is ignored.
2015-05-18 12:37:34 -05:00
Andrew Zaborowski
27d18cdd96 wiphy: Detect IE type in key install callbacks 2015-05-18 12:34:47 -05:00
Denis Kenzior
6cae91572f TODO: Mark Decode HT Capabilities field as done 2015-05-07 21:33:32 -05:00
Denis Kenzior
96d0703eb3 monitor: Add decoder for HT Capabilities field 2015-05-07 21:33:07 -05:00
Denis Kenzior
2948f2d933 monitor: Pretty-print Extended Capabilities IE 2015-05-06 21:57:53 -05:00
Denis Kenzior
9ac2e109e3 monitor: Reflow formatting of ie_entry 2015-05-06 21:55:55 -05:00
Denis Kenzior
0239c6f09e monitor: Add decoder for NL80211_ATTR_EXT_CAPA 2015-05-06 21:50:30 -05:00
Denis Kenzior
6f7a07e012 monitor: Add additional nl80211 command names 2015-05-06 15:29:28 -05:00
Denis Kenzior
e2591b9865 wiphy: Track whether Rekey Offload is supported 2015-05-06 15:24:14 -05:00
Denis Kenzior
c3abaf8181 monitor: Pretty-print commands supported by phy 2015-05-06 15:23:57 -05:00
Denis Kenzior
619448cacc eapol: Sanity check wpa_key_id field a bit more 2015-05-05 22:26:11 -05:00
Denis Kenzior
9793054a0a eapol: Update TODO comment 2015-05-05 22:19:45 -05:00
Denis Kenzior
a38b6f1f9a eapol: Add missing newline 2015-05-05 22:18:35 -05:00
Denis Kenzior
2f13c5617b unit: Add call to eapol_verify_gtk_2_of_2 2015-05-05 22:08:06 -05:00
Denis Kenzior
8f3fd6e47d eapol: Add eapol_verify_gtk_2_of_2 2015-05-05 22:04:21 -05:00
Denis Kenzior
2ba7867e9f eapol: Drop unneded check in verify_ptk_4_of_4
Step 4 is always sent without encrypted Key Data according to Section
11.6.6.5.  In the case of WPA, Encrypted Key Data field is reserved, and
should always be 0.  Thus it is safe to drop the !is_wpa condition.
2015-05-05 22:01:53 -05:00
Denis Kenzior
bb17f5df94 eapol: Add sanity checking of the install bit 2015-05-05 21:50:35 -05:00
Andrew Zaborowski
30c277f8d6 unit: GTK Handshake tests. 2015-05-05 21:39:19 -05:00
Andrew Zaborowski
eae718091d unit: Update to new eapol API 2015-05-05 21:36:52 -05:00
Andrew Zaborowski
bb2be272ae unit: Assert eapol_key_validate is valid first
Before running eapol_verify_ptk_2_of_4, assert that eapol_key_validate
did not return NULL.
2015-05-05 21:35:02 -05:00
Andrew Zaborowski
31284bf86b wiphy: If handshake failed check connect_pending
When handling repeated 4-Way Handshakes from the AP there will be no
.Connect() call pending so we need to check that netdev->connect_pending
is non-NULL.  It may be a good idea to check this even during initial
handshake.
2015-05-05 21:22:41 -05:00
Andrew Zaborowski
0ea28ba5ad eapol: Generate new snonce on new 4-Way Handshake
Make sure that we handle PTK rekeying.
2015-05-05 21:22:38 -05:00
Andrew Zaborowski
1d0afbc44c wiphy: Basic WPA support
Legacy WPA will be used with APs that advertise WPA support and
no WPA2 (RSN).  TKIP is not yet supported though, so only CCMP
will work.
2015-05-05 21:22:34 -05:00