3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-13 23:49:23 +01:00
Commit Graph

4492 Commits

Author SHA1 Message Date
James Prestwood
b09dbcd5ac ie: add parser/builder to handle OSEN
The OSEN AKM is nearly identical to the RSN IE, but differs slightly.
For one, OSEN is encapsulated into the vendor specific IE, and includes
the WFA OUI before the 'normal' RSN elements. OSEN also does not include
a WPA version, since its not technically WPA/WPA2.

Some of the RSN parsing was made common so both RSN/OSEN parsing could
use it.
2019-06-10 18:03:10 -05:00
James Prestwood
08a3775821 station: fix compiler error after bss_free change 2019-06-10 15:19:11 -05:00
James Prestwood
0ec9618b5f station: remove print in bss_free
In environments with many APs, the debug log is spammed with this print,
which isn't particularly useful to the average user.
2019-06-10 14:15:02 -05:00
James Prestwood
039ae3659b eapol: handshake: add OSEN AKM
The handshake procedure for OSEN is part of the 'AKM_DEFINED' group
of AKMs.
2019-06-07 17:10:49 -05:00
James Prestwood
5d3b37e2e4 ie: add is_ie_wfa_ie
This checks if an IE tagged as vendor specific is a WiFi-Alliance
OUI. This is similar to how is_ie_wpa_ie works.
2019-06-07 16:15:09 -05:00
James Prestwood
2e0fed3d77 ie: add IE_RSN_AKM_SUITE_OSEN 2019-06-07 16:15:07 -05:00
James Prestwood
6c372c6c19 unit: update test-eapol with new handshake APIs 2019-06-07 14:22:39 -05:00
James Prestwood
75e6ee98f3 handshake: simplify IE setters
The handshake object had 4 setters for authenticator/supplicant IE.
Since the IE ultimately gets put into the same buffer, there really
only needs to be a single setter for authenticator/supplicant. The
handshake object can deal with parsing to decide what kind of IE it
is (WPA or RSN).
2019-06-07 14:22:36 -05:00
James Prestwood
f6df93d358 crypto: add OSEN AKM
OSEN (OSU Server-Only authenticated layer 2 Encryption Network) is
required for the WiFi Alliance Hotspot Specification.
2019-06-07 14:22:33 -05:00
James Prestwood
6ee479f022 eap-tls: add new EAP method for Anonymous TLS
This adds the WiFi Alliance 'Anonymous TLS' EAP type.
2019-06-06 13:29:11 -05:00
James Prestwood
233804d7fc eap-tls-common: allow for EAP_TYPE_EXPANDED in TLS
The Hotspot 2.0 spec introduces 'Anonymous EAP-TLS' as a new EAP method
to be used with OSEN/Hotspot. The protocol details of this aren't
relevant to this patch, but one major difference is that it uses the
expanded EAP type rather than the TLS type. Since the common TLS code
was written with only EAP_TYPE_TLS in mind the vendor ID/type cause the
EAP packet to be malformed when using the expanded EAP type.

To handle this the common TLS code now checks the EAP type, and if its
expanded we shift the payload 7 bytes further to account for the extra
header data.
2019-06-06 13:29:11 -05:00
James Prestwood
e0c9b68467 monitor: parse/print HS2.0/WFA IEs
This is just a few of the WiFi Alliance IEs used for Hotspot 2.0
2019-06-05 16:53:11 -05:00
James Prestwood
f3ad319e59 ie: add advertisement protocol definitions
802.11 defines GAS (generic advertisement service) which can be used
to query supported advertisement protocols from an AP before
authentication/association. Hotspot/OSEN only care about the ANQP
protocol, but the way the IE is structured potentially requires
iterating through several tuples before you reach the ANQP protocol
identifier. Because of this we define all protocol identifiers.
2019-06-05 16:53:11 -05:00
James Prestwood
b9d97c9d87 monitor: change naming of Microsoft OUI
Inside print_ie_vendor, the Microsoft OUI is checked for a WPA IE. The
variable name for the OUI was wfa_oui, but this OUI is not actually the
WiFi-Alliance (sometimes refered to as 'wfa') but rather the Microsoft
OUI.
2019-06-05 16:53:11 -05:00
James Prestwood
edd4f2b2a2 test-runner: allow glob matching of tests
This allows a glob match of tests, e.g.

./test-runner -A testEAP-TTLS*

would run all TTLS based tests
2019-06-05 16:49:45 -05:00
James Prestwood
1561392614 auto-t: update testOWE to use new HostapdCLI 2019-06-05 16:18:26 -05:00
James Prestwood
5937bfafca auto-t: update testFILS to use new HostapdCLI 2019-06-05 16:18:26 -05:00
James Prestwood
35f06ef87a auto-t: hostapd: allow CLI to lookup by config file
There is a common interface lookup in many tests in order to initialize
the HostapdCLI object e.g.:

for intf in hostapd_map.values():
    if intf.config == 'ssidOWE.conf':
        hapd = HostapdCLI(intf)
        break

Instead of having to do this in every test, HostapdCLI will now
optionally take a config file (config=<file>). The interface object
will still be prefered (i.e. supplying an interface will not even
check the config file) as to not break existing tests. But if only
a config file is supplied the lookup is done internally.

There are some tests that do still need the interface, as they do
an interface lookup to initialize both hostapd and hwsim at the
same time.
2019-06-05 16:18:26 -05:00
James Prestwood
55a077d399 auto-t: testutil: allow skipping of group traffic test
If the network does not support group traffic we can now skip the
broadcast test by specifying group=False in test_ifaces_connected.
2019-06-05 16:18:26 -05:00
Denis Kenzior
c80d32a162 ap: Convert to IWD_MODULE 2019-05-28 14:43:42 -05:00
Denis Kenzior
eeac3e8f40 adhoc: Convert to IWD_MODULE 2019-05-28 14:24:37 -05:00
Denis Kenzior
a9e3b3e906 scan: Convert to IWD_MODULE 2019-05-28 14:12:25 -05:00
Denis Kenzior
d74fcfd25c storage: Use L_TFR instead of TFR 2019-05-28 14:06:22 -05:00
Denis Kenzior
57748347b0 treewide: Use L_TFR macro 2019-05-24 11:52:40 -05:00
Denis Kenzior
865492df8c ft: Fix endianness issues
The use of mmpdu_association_response members marked as __le requires
the relevant endianness conversion.
2019-05-23 16:59:34 -05:00
Denis Kenzior
360ec1488d fils: Fix endianness issues
Using mmpdu_associate_response and mmpdu_authenticate structure
members marked __le requires the relevant endianness conversion.
2019-05-23 16:59:14 -05:00
Denis Kenzior
e53bd17992 owe: Fix endianness issues
Using mmpdu_associate_response structure members marked __le requires
the relevant endianness conversion.
2019-05-23 16:58:59 -05:00
Denis Kenzior
85bd019c85 sae: Fix endianness issues
The use of mmpdu_authentication and mmpdu_association_response members
marked as __le requires the relevant endianness conversion.
2019-05-23 16:56:45 -05:00
James Prestwood
77d66ebc54 auto-t: FILS-FT autotest 2019-05-23 15:28:24 -05:00
James Prestwood
628c079e55 station: netdev: allow FILS-FT AKMs
This adds some checks for the FT_OVER_FILS AKMs in station and netdev
allowing the FILS-FT AKMs to be selected during a connection.

Inside netdev_connect_event we actually have to skip parsing the IEs
because FILS itself takes care of this (needs to handle them specially)
2019-05-23 15:27:29 -05:00
James Prestwood
e583b1d243 fils: update to handle FILS-FT
FILS unfortunately is a special case when it comes to fast transition.
We have to process the FT IEs internally since we cannot trigger the
same initial mobility association code path (via netdev).
2019-05-23 15:26:34 -05:00
James Prestwood
5ca4fa9b9e wiphy: allow both FILS-FT AKMs to be chosen 2019-05-23 15:23:46 -05:00
James Prestwood
7f7a5c861d ft: update for larger MIC/FILS-FT 2019-05-23 15:23:46 -05:00
James Prestwood
1accf534dc ie: allow 24 byte FTE MIC
FT over FILS-SHA384 uses a 24 byte FT MIC rather than the 16 byte MIC
used for all other AKMs. This change allows both the FT builder/parser
to handle both lengths of MIC. The mic length is now passed directly
into ie_parse_fast_bss_transition and ie_build_fast_bss_transition
2019-05-23 15:23:08 -05:00
James Prestwood
4097a49669 eapol: add FILS-FT AKMs to eapol_start
This will prevent FILS-FT from starting the 4-way handshake as it
does for regular FILS
2019-05-22 16:29:23 -05:00
James Prestwood
5d2b995175 handshake: update FT derivation functions for FILS-FT
FILS-FT could derive a longer PMKR0/R1 key, as well as uses a special
xxkey that it derives during FILS.
2019-05-22 16:15:23 -05:00
James Prestwood
0e9ed03e60 handshake: update key getters for FILS-FT
FILS-FT is a special case with respect to the PTK keys. The KCK getter
was updated to handle both FT-FILS AKMs, by returning the offset in
the PTK to the special KCK generated during FILS. A getter for the KCK
length was added, which handles the SHA384 variant. The PTK size was
also updated since FILS-FT can generate an additional 56 bytes of PTK
2019-05-22 16:14:51 -05:00
James Prestwood
bc381bd8c3 crypto: update FT derivation functions to use sha384
FILS-FT requires the SHA384 KDF to derive the FT keys
2019-05-22 16:14:14 -05:00
James Prestwood
aafb3fa7ed handshake: add key for FILS-FT in handshake_state
FILS derives its own FT key, for use as xxkey during fast transition.
2019-05-22 16:14:01 -05:00
James Prestwood
e109e1b1cf crypto: pass xxkey length for crypto_derive_pmk_r0
FILS-FT has a special derivation for xxkey, and depending on AKM
the key may be 32 or 48 bytes long.
2019-05-22 16:13:57 -05:00
James Prestwood
4c32dd09f6 fils: add forgotten break 2019-05-22 16:13:08 -05:00
Denis Kenzior
03ff5ef7d0 device: Convert to using IWD_MODULE 2019-05-22 10:20:10 -05:00
Denis Kenzior
978e538f81 station: Convert to use IWD_MODULE 2019-05-22 10:20:10 -05:00
Denis Kenzior
23b278ef52 wsc: Convert to use IWD_MODULE 2019-05-22 10:20:10 -05:00
Denis Kenzior
4cfcb9c88d network: Convert to use IWD_MODULE 2019-05-22 10:20:10 -05:00
Denis Kenzior
800d57d095 knownnetworks: Convert to IWD_MODULE 2019-05-22 10:20:10 -05:00
Denis Kenzior
546c3c26d3 simauth: Convert to use IWD_MODULE 2019-05-22 10:20:08 -05:00
Denis Kenzior
b8f6899f40 blacklist: Convert to use IWD_MODULE 2019-05-22 09:58:04 -05:00
Denis Kenzior
a1d9c07f2f erp: Convert to using IWD_MODULE 2019-05-19 13:07:13 -05:00
Denis Kenzior
2386fa7938 main: Add IWD_MODULE macro 2019-05-19 13:05:06 -05:00