3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-29 13:12:50 +01:00
Commit Graph

1281 Commits

Author SHA1 Message Date
Tim Kourt
19e7ce2f30 eap: Fix whitespace 2017-04-18 17:44:25 -05:00
Andrew Zaborowski
c0ae9e3577 eapol: Receive frames with the Preauthentication ethertype
Modify the packet filter to also accept frames with ethertype of 0x88c7
and pass the ethertype value to __eapol_rx_packet so it can filter out
the frames where this value doesn't match the sm->preauth flag.
2017-04-18 11:42:45 -05:00
Andrew Zaborowski
0a4bd616c2 eapol: Use the Preauthentication ethertype in eapol_write
Select the right ether type for the eapol frame in eapol_write and pass
it to pae_write.
2017-04-18 11:41:24 -05:00
Andrew Zaborowski
4e9ed2d686 eapol: Add eapol_start_preauthentication
Add a wrapper for eapol_start that sets the sm->preauth flag and sends
the EAPOL-Start frame immediately to skip the timeout since we know
that the supplicant has to initiate the authentication.
2017-04-18 11:09:26 -05:00
Andrew Zaborowski
f340ea510c handshake: Add handshake_util_find_pmkid_kde
Add a function that finds the PMKID kde in an RSNE's Key Data field
similar to handshake_util_find_gtk_kde.
2017-04-17 14:28:09 -05:00
Andrew Zaborowski
b175e7ae06 handshake: Add handshake_state_get_pmkid
Returns the PMKID for the current PMK (configured through
handshake_state_set_pmk for PSK, created through EAP or from
pre-authentication)
2017-04-17 14:26:56 -05:00
Andrew Zaborowski
0f6685bf45 crypto: Add crypto_derive_pmkid
Calculates the PMKID for given PMK
2017-04-17 14:24:02 -05:00
Andrew Zaborowski
10a160a6e1 device: Non-FT roaming support
Use netdev_reassociate if FT is not available.  device_select_akm_suite
is only moved up in the file and the reused code from device_connect is
moved to a separate function.
2017-04-03 09:46:15 -05:00
Andrew Zaborowski
c8b251a475 netdev: Add netdev_reassociate
netdev_reassociate transitions to another BSS without FT.  Similar to
netdev_connect but uses reassociation instead of association and
requires and an existing connection.
2017-04-03 09:41:01 -05:00
Andrew Zaborowski
52ee3b0843 scan: Add error code argument to scan results callback
Pass an additional parameter to the scan results notify functions to
tell them whether the scan was successful.  If it wasn't don't bother
passing an empty bss_list queue, pass NULL as bss_list.  This way the
callbacks can tell whether the scan indicates there are no BSSes in
range or simply was aborted and the old scan results should be kept.
2017-03-26 20:26:53 -05:00
Denis Kenzior
4e421cfc8f netdev: Add sanity checks
In the case we get a connect or authenticate event, make sure we're
actually trying to connect.  Otherwise, it could be another supplicant
is running
2017-03-24 11:50:08 -05:00
Denis Kenzior
e7cb4b680e netdev: Silence warning
This can easily happen if the phy was blacklisted
2017-03-16 16:50:59 -05:00
Denis Kenzior
cacd0d83f4 wiphy: Add phy filtering 2017-03-16 16:50:25 -05:00
Denis Kenzior
c9a98d9681 device: Fix crash with autoconnect
++++++++ backtrace ++++++++
0  0x7fc0b20ca370 in /lib64/libc.so.6
1  0x4497d5 in l_dbus_message_new_error_valist() at /home/denkenz/iwd/ell/dbus-message.c:372
2  0x44994d in l_dbus_message_new_error() at /home/denkenz/iwd/ell/dbus-message.c:394
3  0x41369b in dbus_error_not_supported() at /home/denkenz/iwd/src/dbus.c:148
4  0x40eaf5 in device_connect_network() at /home/denkenz/iwd/src/device.c:1282
5  0x41f61c in network_autoconnect() at /home/denkenz/iwd/src/network.c:424
6  0x40c1c1 in device_autoconnect_next() at /home/denkenz/iwd/src/device.c:172
7  0x40cabf in device_set_scan_results() at /home/denkenz/iwd/src/device.c:368
8  0x40cb06 in new_scan_results() at /home/denkenz/iwd/src/device.c:376
9  0x41be8a in scan_finished() at /home/denkenz/iwd/src/scan.c:1021
10 0x41bf9e in get_scan_done() at /home/denkenz/iwd/src/scan.c:1048
11 0x43d5ce in destroy_request() at /home/denkenz/iwd/ell/genl.c:136
12 0x43ded1 in process_unicast() at /home/denkenz/iwd/ell/genl.c:395
13 0x43e295 in received_data() at /home/denkenz/iwd/ell/genl.c:502
14 0x43aa62 in io_callback() at /home/denkenz/iwd/ell/io.c:120
15 0x439632 in l_main_run() at /home/denkenz/iwd/ell/main.c:375 (discriminator 2)
16 0x403074 in main() at /home/denkenz/iwd/src/main.c:261
17 0x7fc0b20b7620 in /lib64/libc.so.6
2017-03-16 15:32:45 -05:00
Denis Kenzior
2e820abea1 backtrace: Try to find absolute executable path
This allows us to get backtraces from test_runner which does not start
iwd from a current working directory that is a parent of the iwd
executable.
2017-03-16 15:17:41 -05:00
Andrew Zaborowski
c35225d239 scan: Handle CMD_SCAN_ABORTED during periodic scan, refactor
Also handle the case of a periodic scan when handling a
NL80211_CMD_SCAN_ABORTED.  The goal is to make sure the supplied callback
is always called if .trigger was called before, but this should also fix
some other corner cases.

 * I add a sp.triggered field for periodic scans since sc->state doesn't
   tell us whether the scan in progress was triggered by ourselved o
   someone else (in that case .trigger has not been called)

 * Since the NL80211_CMD_SCAN_ABORTED becomes similar to get_scan_done I
   move the common code to scan_finished

 * I believe this fixes a situation where we weren't updating sc->state
   if we'd not triggered the scan, because both get_scan_done and the
   NL80211_CMD_SCAN_ABORTED would return directly.
2017-03-14 10:42:56 -05:00
Andrew Zaborowski
5869b74c2e scan: Don't immediately retry periodic scan on error
On a periodic scan trigger error we already set rearm to true, rearm the
timer instead of retrying immediately.
2017-03-14 10:29:02 -05:00
Andrew Zaborowski
1392a80d34 eapol: Further relax gtk 1/2 msg key length check
Accept any of 0, 16, 32 with WPA or WPA2, update comment.
2017-03-14 10:28:06 -05:00
Andrew Zaborowski
ba5d5430e1 scan: Update current request on NL80211_CMD_SCAN_ABORTED
If the current request is not freed when we receive the
NL80211_CMD_SCAN_ABORTED event, device.c will keep thinking that
we're still scanning and the scan.c logic also gets confused and may
resend the current request at some point and call sr->trigger again
causing a segfault in device.c.

I pass an empty bss_list to the callback, another possibility would be
to pass NULL to let the callback know not to replace old results yet.
The callbacks would need to handle a NULL first.
2017-03-13 11:53:38 -05:00
Andrew Zaborowski
b0167f2469 eapol: Define and use IEEE80211_MAX_DATA_LEN
The same constant will be used in multiple places so define it in a
header file.
2017-03-10 10:01:33 -06:00
Andrew Zaborowski
4d9d309e6a dbus: Add hwsim interface to DBus policy file 2017-03-09 11:45:41 -06:00
Denis Kenzior
5dc347ecb1 wiphy: Coalesce ATTR_WIPHY parsing logic
We parse ATTR_WIPHY and ATTR_WIPHY_NAME in several places.  Implement a
helper function to make this easier and cut down on code size.
2017-03-08 17:32:38 -06:00
Andrew Zaborowski
d67425c936 netdev: React to interface address change
Handle the changes of interface address in RTNL New Link messages
similarly to the name changes, emit a NETDEV_WATCH_EVENT_ADDRESS_CHANGE
event and a propety change on dbus.

Note this can only happen when the interface is down so it doesn't
break anything but we need to handle it anyway.
2017-03-08 09:43:40 -06:00
Denis Kenzior
97191d56f1 wiphy: Make sure path is valid
DBus has certain rules on what constitutes a valid path.  Since the
wiphy name is freeform, it is possible to set it such that the contents
do not contain a valid path.

We fall back to simply using the wiphy index as the path.
2017-03-07 12:01:40 -06:00
Denis Kenzior
c3b33a2cfd wiphy: Make sure Name attribute is valid utf8
DBus strings must be valid utf8.  The kernel only enforces that the
wiphy name is null terminated string.  It does not validate or otherwise
check the contents in any way.  Thus it is possible to have
non-printable or non-utf8 characters inside.
2017-03-07 12:00:03 -06:00
Denis Kenzior
4703dd5200 wiphy: Remove pointless check
wiphy->name is always true since the name member is an array
2017-03-07 11:23:54 -06:00
Denis Kenzior
74e1b85e54 wiphy: React to wiphy name changes
NL80211_CMD_SET_WIPHY can be used to set various attributes on the wiphy
object in the kernel.  This includes ATTR_WIPHY_NAME among others.  iwd
currently does not parse or store any of the other attributes, so we
react to changes in WIPHY_NAME only.
2017-03-07 11:22:25 -06:00
Denis Kenzior
d86b7404fd wiphy: Remove unneeded check
The wiphy attribute should never be repeated by the kernel, so this
check is ultimately not needed.  This condition can also be easily
checked by looking at the iwmon output in case things do go terribly
wrong.
2017-03-07 09:57:40 -06:00
Andrew Zaborowski
76246d0145 eapol: Don't send EAPOL-Start without EAP
Fix 1a64c4b771 by setting use_eapol_start
by default only when 8021x authentication is configured.  Otherwise we'd
be sending EAPOL-Start even for WPA2 Personal possibly after the 4-Way
Handshake success.
2017-02-27 12:04:31 -06:00
Denis Kenzior
0789c1cc4c wsc: Add support for new netdev events 2017-02-22 17:06:17 -06:00
Denis Kenzior
c60f28e685 wsc: Implement StartPin method
This implements very initial support of WPS PIN based connections.  The
scanning logic attempts to find an AP in PIN mode and tries to connect
to that AP.  We currently do not try multiple APs if available or
implement the WSC 1.0 connection logic.
2017-02-22 17:03:44 -06:00
Denis Kenzior
6c5ae87f1a netdev: Relax 4-way handshake condition
Right now the code checks for is_rsn to wait for the 4-way handshake and
sends the NETDEV_EVENT_4WAY_HANDSHAKE.  However, is_rsn condition is not
true for WSC connections since they do not set an RSN field.  Still,
they are EAP based handshakes and should be treated in the same manner.

We relax the is_rsn check to instead check for netdev->sm.  Currently
netdev->sm is only non-NULL if handshake->own_ie field is not NULL or in
the case of eap-wsc connections.
2017-02-22 16:58:12 -06:00
Denis Kenzior
bc5b84c2f1 eap-wsc: Obtain DevicePasswordId from settings 2017-02-22 11:46:40 -06:00
Denis Kenzior
7ad261fef7 util: Move mem_is_zero to util 2017-02-21 16:45:41 -06:00
Denis Kenzior
1a73854c09 wsc: Refactor slightly in preparation for PIN mode 2017-02-21 16:20:16 -06:00
Denis Kenzior
854bb11c79 dbus: Add InvalidFormat error 2017-02-21 15:46:26 -06:00
Tim Kourt
d3030acbec wiphy: Use real adapter name in path str 2017-02-21 13:34:24 -06:00
Tim Kourt
18886349df wiphy: expose the name property through DBus 2017-02-21 13:33:50 -06:00
Andrew Zaborowski
04f4e8e0a3 device: Ratelimit roam attempts and retry periodically
Define minimum delay between roam attempts and add automatic retries.
This handles a few situations:
 * roam attempt failing, then RSSI going above the threshold and below
   again -- in that case we don't want to reattempt too soon, we'll only
   reattempt after 60s.
 * roam attempt failing then RSSI staying low for longer than 60 -- in
   that case we want to reattempt after 60s too.
 * signal being low from the moment we connected -- in that case we also
   want to attempt a roam every some time.
2017-02-21 10:59:19 -06:00
Denis Kenzior
7d437241bd wsc: Implement GeneratePin() method 2017-02-17 13:43:58 -06:00
Denis Kenzior
230a4f4bab wscutil: Add wsc_pin_generate 2017-02-17 12:27:13 -06:00
Andrew Zaborowski
986b5eae60 device: Fix type passed to l_dbus_message_builder_append_basic
l_dbus_message_builder_append_basic is expecting an int16 for DBus type
'n'.
2017-02-15 14:40:50 -06:00
Denis Kenzior
94c49a4563 wscutil: Add wsc_pin_is_checksum_valid 2017-02-13 20:27:24 -06:00
Denis Kenzior
89d6b85f1d wscutil: Add wsc_is_pin_valid 2017-02-13 19:40:20 -06:00
Andrew Zaborowski
1307a815a6 device: Build MDE in a static buffer
Fix a leak of the MDE buffer.  It is now only needed for the single call
to handshake_state_set_mde which copies the bytes anyway so use a buffer
on stack.
2017-02-09 22:57:38 -06:00
Andrew Zaborowski
7006d18550 [PATCH netdev: Don't generate disconnect event in netdev_free
As discussed previously there's no point in having device.c change state
to autoconnect when device_remove will be called next.
2017-02-09 22:56:37 -06:00
Denis Kenzior
2ab67a1ee3 scan: Rearm the timer only if no pending requests 2017-02-09 10:18:50 -06:00
Andrew Zaborowski
1e70af0179 eapol: Relax GTK 1/2 msg Key Length validation
Since caab23f192085e6c8e47c41fc1ae9f795d1cbe86 hostapd is going to set
this bit to zero for RSN networks but both values will obviously be in
use.  Only check the value if is_wpa is true - in this case check the
value is exactly 16, see hostapd commit:

commit caab23f192085e6c8e47c41fc1ae9f795d1cbe86
Author: Jouni Malinen <j@w1.fi>
Date:   Sun Feb 5 13:52:43 2017 +0200

Set EAPOL-Key Key Length field to 0 for group message 1/2 in RSN

P802.11i/D3.0 described the Key Length as having value 16 for the group
key handshake. However, this was changed to 0 in the published IEEE Std
802.11i-2004 amendment (and still remains 0 in the current standard IEEE
Std 802.11-2016). We need to maintain the non-zero value for WPA (v1)
cases, but the RSN case can be changed to 0 to be closer to the current
standard.
2017-02-08 15:45:12 -06:00
Andrew Zaborowski
2756f24f0e scan: More cleanup in scan_cancel
Add sr NULL check before accessing sr->id.  Call scan_request_free on
request structure and call the destroy callback.  Cancel the netlink
TRIGGER_SCAN command if still running and try starting the next scan
in the queue.  It'll probably still fail with EBUSY but it'll be
reattempted later.
2017-02-08 15:43:52 -06:00
Andrew Zaborowski
cc6d0cf2db scan: Refactor start_next_scan_request use
Always call start_next_scan_request when a scan request has finished,
with a success or a failure, including a periodic scan attempt.  Inside
that function check if there's any work to be done, either for one-off
scan requests or periodic scan, instead of having this check only inside
get_scan_done.  Call start_next_scan_request in scan_periodic_start and
scan_periodic_timeout.
2017-02-08 15:37:31 -06:00
Andrew Zaborowski
9f19a48433 scan: Call trigger callback on netlink error
Also call the trigger callback with an error code when sending the
netlink command fails after the scan request has been queued because
another scan was in progress when the scan was requested.
2017-02-03 18:26:20 -06:00
Denis Kenzior
adfba7b2d2 scan: Fix crash
Program received signal SIGSEGV, Segmentation fault.
0x0000000000419d38 in scan_done (msg=0x692580, userdata=0x688250)
    at src/scan.c:250
250		sc->state = sr->passive ? SCAN_STATE_PASSIVE : SCAN_STATE_ACTIVE;
(gdb) bt
0  0x0000000000419d38 in scan_done (msg=0x692580, userdata=0x688250)
    at src/scan.c:250
1  0x000000000043cac0 in process_unicast (genl=0x686d60, nlmsg=0x7fffffffc3b0)
    at ell/genl.c:390
2  0x000000000043ceb0 in received_data (io=0x686e60, user_data=0x686d60)
    at ell/genl.c:506
3  0x000000000043967d in io_callback (fd=6, events=1, user_data=0x686e60)
    at ell/io.c:120
4  0x000000000043824d in l_main_run () at ell/main.c:381
5  0x000000000040303c in main (argc=1, argv=0x7fffffffe668) at src/main.c:259

The reasoning is that the logic inside scan_common is reversed.  Instead
of freeing the scan request on error, we always do it.  This causes the
trigger_scan callback to receive invalid userdata.
2017-02-03 18:05:00 -06:00
Denis Kenzior
58ec4ec1c1 wsc: Make sure the initial scan can be started
In push button mode, ensure the initial scan was actually queued
successfully.
2017-02-03 18:04:39 -06:00
Andrew Zaborowski
4e9dc77b2d scan: Cancel CMD_TRIGGER_SCAN when removing scan context
Save the ids of the netlink trigger scan commands that we send and
cancel them in scan_ifindex_remove to fix a race leading to a
segfault.  The segfault would happen every time if scan_ifindex_remove
was called in the same main loop iteration in which we sent the
command, on shutdown:

^CTerminate
src/netdev.c:netdev_free() Freeing netdev wlan3[6]
src/device.c:device_disassociated() 6
src/device.c:device_enter_state() Old State: connected, new state:
disconnected
src/device.c:device_enter_state() Old State: disconnected, new state:
autoconnect
src/scan.c:scan_periodic_start() Starting periodic scan for ifindex: 6
src/device.c:device_free()
src/device.c:bss_free() Freeing BSS 02:00:00:00:00:00
src/device.c:bss_free() Freeing BSS 02:00:00:00:01:00
Removing scan context for ifindex: 6
src/scan.c:scan_context_free() sc: 0x5555557ca290
src/scan.c:scan_notify() Scan notification 33
src/netdev.c:netdev_operstate_down_cb() netdev: 6, success: 1
src/scan.c:scan_periodic_done()
src/scan.c:scan_periodic_done() Periodic scan triggered for ifindex:
1434209520

Program received signal SIGSEGV, Segmentation fault.
0x0000000000000064 in ?? ()
(gdb) bt
 #0  0x0000000000000064 in ?? ()
 #1  0x0000555555583560 in process_unicast (nlmsg=0x7fffffffc1a0,
     genl=0x5555557c1d60) at ell/genl.c:390
 #2  received_data (io=<optimized out>, user_data=0x5555557c1d60)
     at ell/genl.c:506
 #3  0x0000555555580d45 in io_callback (fd=<optimized out>,
     events=1, user_data=0x5555557c1e60) at ell/io.c:120
 #4  0x000055555558005f in l_main_run () at ell/main.c:381
 #5  0x00005555555599c1 in main (argc=<optimized out>, argv=<optimized out>)
     at src/main.c:259
2017-02-02 12:28:28 -06:00
Andrew Zaborowski
701e5dabb9 netdev: Handle the GTK & IGTK received in a FT
Parse the GTK and IGTK FT subelements and set the keys through netlink.
2017-02-01 10:02:24 -06:00
Andrew Zaborowski
9ceca7a521 ie: Parse GTK and IGTK subelements in FTE
Parse the contents of the GTK and IGTK subelements in an FT IE instead
of working with buffers containing the whole subelement.  Some more
validation of the subelement contents.  Drop support for GTK / IGTK when
building the FTE (unused).
2017-02-01 10:02:14 -06:00
Andrew Zaborowski
e4c5b4b517 eapol: Don't start timeout if handshake already done
Don't start the handshake timeout in eapol_start if either
handshake->ptk_complete is set (handshake already done) or
handshake->have_snonce is set (steps 1&2 done).  This accounts for
eapol_start being called after a Fast Transition when a 4-Way handshake
is not expected.
2017-01-31 15:47:23 -06:00
Andrew Zaborowski
95e6623011 scan: Add flag to flush case when starting a scan
Add a flush flag to scan_parameters to tell the kernel to flush the
cache of scan results before the new scan.  Use this flag in the
active scan during roaming.
2017-01-31 12:39:16 -06:00
Andrew Zaborowski
3a4887fef4 netdev: Check GTK / IGTK buffer length before memcpying from it
Move key length checks in netdev_set_gtk/netdev_set_igtk to before we
memcpy from the buffer.
2017-01-31 12:06:05 -06:00
Denis Kenzior
c033fcbf5e handshake: Use align_len macro 2017-01-31 12:04:26 -06:00
Denis Kenzior
415c209276 handshake: Quote relevant section from 802.11
To make reading the code easier
2017-01-31 12:03:51 -06:00
Andrew Zaborowski
1f52bfb047 handshake: Add utility for decoding GTK & IGTK from FTE
handshake_decode_fte_key unwraps and validates the padding in the FTE
GTK and IGTK subelements.
2017-01-31 12:00:38 -06:00
Andrew Zaborowski
8d8b1c1baf handshake: Split the install_igtk igtk parameter in 2 buffers
Split the igtk parameter to handshake_state_install_igtk into one
parameter for the actual IGTK buffer and one for the IPN buffer instead
of requiring the caller to have them both in one continuous buffer.
With FT protocol, one is received encrypted and the other in plain text.
2017-01-31 11:59:02 -06:00
Denis Kenzior
0932157e4f util: Add align_len macro 2017-01-31 11:50:06 -06:00
Denis Kenzior
4978c31fd7 util: Remove unused msg_append_attr functions 2017-01-31 11:48:50 -06:00
Andrew Zaborowski
367f1ec798 eapol: Free sm->timeout when it expires 2017-01-31 11:45:54 -06:00
Andrew Zaborowski
e1dc53e895 netdev: More neighbor_report_req error handling
Make sure that the Neighbor Report timeout is cancelled when connection
breaks or device is being destroyed, and call the callback.  Add an
errno parameter to the callback to indicate the cause.
2017-01-23 12:59:42 -06:00
Andrew Zaborowski
2f34c87820 device: Transition to selected BSS if FT supported
With this patch an actual fast transition should happen when the signal
strength goes low but there are still various details to be fixed before
this becomes useful:

 * the kernel tends to return cached scan results and won't update the
   rssi values,
 * there's no timer to prevent too frequent transition attempts or to
   retry after some time if the signal is still low,
 * no candidate other than the top ranked BSS is tried.  With FT it
   may be impossible to try another BSS anyway although there isn't
   anything in the spec to imply this.  It would require keeping the
   handshake_state around after netdev gives up on the transition
   attempt.
2017-01-23 12:57:54 -06:00
Andrew Zaborowski
d10122c72a device: Scan target BSS candidates and process results
Trigger a scan of the selected channels or all channels if no useful
neighbor list was obtained, then process the scan results to select the
final target BSS.

The actual transition to the new BSS is not included in this patch for
readability.
2017-01-23 12:57:05 -06:00
Andrew Zaborowski
99e58db152 wiphy: Add utility to check if bss ciphers compatible
Move the BSS's supported ciphers checks from network_bss_select to a new
function in wiphy.c so we can reuse it in device.c.
2017-01-20 15:42:31 -06:00
Andrew Zaborowski
95847189ab device: Start a roaming attempt on low RSSI detection
Trigger a roam attempt when the RSSI level has been low for at least 5
seconds using the netdev RSSI LOW/HIGH events.  See if neighbor reports
are supported and if so, request and process the neighbor reports list
to restrict the number of channels to be scanned.  The scanning part is
not included in this patch for readability.
2017-01-18 17:27:35 -06:00
Andrew Zaborowski
8bacbf01e4 netdev: Handle the FT Reassociation Response message
Validate the fourth message of the fast transition sequence and save the
new keys and state as current values in the netdev object.  The
FT-specific IE validation that was already present in the initial MD
is moved to a new function.
2017-01-13 11:51:24 -06:00
Andrew Zaborowski
0854b90687 netdev: Handle the FT Authentication Response message
Parse the second message of the FT transition, validate and build the
third message, the Reassociation Request.
2017-01-12 10:33:40 -06:00
Andrew Zaborowski
d52683a2cb netdev: Implement netdev_fast_transition
Build and send the FT Authentication Request frame, the initial Fast
Transition message.

In this version the assumption is that once we start a transition attempt
there's no going back so the old handshake_state, scan_bss, etc. can be
replaced by the new objects immediately and there's no point at which both
the old and the new connection states are needed.  Also the disconnect
event for the old connection is implicit.  At netdev level the state
during a transition is almost the same with a new connection setup.

The first disconnect event on the netlink socket after the FT Authenticate
is assumed to be the one generated by the kernel for the old connection.
The disconnect event doesn't contain the AP bssid (unlike the
deauthenticate event preceding it), otherwise we could check to see if
the bssid is the one we are interested in or could check connect_cmd_id
assuming a disconnect doesn't happen before the connect command finishes.
2017-01-12 10:29:26 -06:00
Denis Kenzior
edfbd81ea2 device: Support iwd.conf mfp settings
This adds support for iwd.conf 'ManagementFrameProtection' setting.

This setting has the following semantics, with '1' being the default:
0 - MFP off, even if hardware is capable
1 - Use MFP if available
2 - MFP required.  If the hardware is not capable, no connections will
be possible.  Use at your own risk.
2017-01-06 18:28:44 -06:00
Andrew Zaborowski
3f3e60e415 eapol: Check the MSK size supplied by EAP
Despite RFC3748 mandating MSKs to be at least 256 bits some EAP methods
return shorter MSKs.  Since we call handshake_failed when the MSK is too
short, EAP methods have to be careful with their calls to set_key_material
because it may result in a call to the method's .remove method.

EAP-TLS and EAP-TTLS can't handle that currently and would be difficult to
adapt because of the TLS internals but they always set msk_len to 64 so
handshake_failed will not be called.
2017-01-06 13:24:03 -06:00
Andrew Zaborowski
c5906d1c20 mschapv2: Call set_key_material last in handle_success
Make sure that eap_set_key_material can free the whole EAP method and
EAP state machine before returning, by calling that function last.  This
relies on eap_mschapv2_handle_success being the last call in about 5
stack frames above it too.
2017-01-06 13:22:05 -06:00
Andrew Zaborowski
15f4ddfaa6 device: Drop unused device->connected_mde 2017-01-03 16:38:08 -06:00
Andrew Zaborowski
7e81dcac6f device: Move common code to device_reset_connection_state 2017-01-03 16:33:36 -06:00
Andrew Zaborowski
f73b751124 netdev: Add netdev_get_handshake
Getter for current handshake_state object.
2017-01-03 16:30:56 -06:00
Andrew Zaborowski
c36d0fcfa4 netdev: Monitor CQM RSSI level, emit RSSI LOW/HIGH events 2017-01-03 13:52:26 -06:00
Andrew Zaborowski
fbb7a72643 netdev: Register for and parse Neighbor Report responses 2017-01-03 13:11:52 -06:00
Andrew Zaborowski
dafa43fa54 netdev: Support sending Neighbor Report requests 2017-01-03 13:03:20 -06:00
Andrew Zaborowski
8646ab5bdd netdev: Handle Action Frames in netdev
Action Frames are sent by nl80211 as unicast data.  We're not receiving
any other unicast packets in iwd at this time so let netdev directly
handle all unicast data on the genl socket.
2017-01-03 12:56:36 -06:00
Andrew Zaborowski
b0f51a2527 scan: Support freq_set in scan_parameters
This way we can tell the kernel to only scan on particular frequencies
2017-01-03 12:10:07 -06:00
Andrew Zaborowski
ed1538d5bb scan: Add scan_active_full
Add a version of scan_active that accepts a struct with the scan
parameters so we can more easily add new parameters.  Since the genl
message is now built within scan_active_start the extra_ie memory
can be freed by the caller at any time.
2017-01-03 12:07:37 -06:00
Denis Kenzior
cec1546fce netdev: Fix crash on netdev_disconnect 2016-12-20 10:37:07 -06:00
Denis Kenzior
adde4e2db9 netdev: Fix typo 2016-12-20 10:31:33 -06:00
Markus Ongyerth
cd4957eb55 wscutil: Change type for va_args for clang
clang complains about enum as var_arg type
because of the argument standard conversion.
In a small test I did neither clang nor gcc can
properly warn about out of range values, so it's
purely for documentation either way.
2016-12-19 11:03:00 -06:00
Markus Ongyerth
139c8af210 wiphy: Remove useless null check on array 2016-12-19 11:02:55 -06:00
Andrew Zaborowski
27bdddf010 netdev: Emit DISCONNECT_BY_SME event on eapol failures
There are situations when a CMD_DISCONNECT or deauthenticate will be
issued locally because of an error detected locally where netdev would
not be able to emit a event to the device object.   The CMD_DISCONNECT
handler can only send an event if the disconnect is triggered by the AP
because we don't have an enum value defined for other diconnects.  We
have these values defined for the connect callback but those errors may
happen when the connect callback is already NULL because a connection
has been estabilshed.  So add an event type for local errors.

These situations may occur in a transition negotiation or in an eapol
handshake failure during rekeying resulting in a call to
netdev_handshake_failed.
2016-12-15 17:08:47 -06:00
Andrew Zaborowski
4d366df23f wsc: Handle beacon lost event
Handle the beacon loss event same as a disconnect: if any credentials
have been received try using them, otherwise fail.
2016-12-15 16:57:05 -06:00
Andrew Zaborowski
a750b7067a netdev: Drop netdev->remote_addr 2016-12-15 15:47:57 -06:00
Andrew Zaborowski
b99c89fd35 netdev: Drop separate mde parameter, simplify 2016-12-15 15:46:57 -06:00
Andrew Zaborowski
9c6643b773 netdev: Always require handshake_state with netdev_connect 2016-12-15 15:25:53 -06:00
Andrew Zaborowski
d93a44a3f0 wsc: Move eapol_sm creation to netdev_connect_wsc 2016-12-15 15:16:25 -06:00
Denis Kenzior
aca4641fad eap-mschapv2: Fixup some style issues 2016-12-14 23:07:02 -06:00
Markus Ongyerth
9afe21f86f eap-mschapv2: add code for eap method 2016-12-14 22:56:56 -06:00
Markus Ongyerth
1baa6ec04c eap-mschap: Add crypto functions for mschapv2
Add the key-derivation and hash functions required for mschapv2.
The eap-mschapv2 protocol can be implemented on top of these functions.
2016-12-14 22:46:18 -06:00
Denis Kenzior
2cd36be5ff netdev: Fixup USE_MFP atribute usage
The kernel parses NL80211_ATTR_USE_MFP to mean an enumeration
nl80211_mfp.  So instead of using a boolean, we should be using the
value NL80211_MFP_REQUIRED.
2016-12-13 09:26:42 -06:00
Denis Kenzior
221a8f9218 eapol: Fix IGTK key index extraction 2016-12-13 09:25:21 -06:00
Denis Kenzior
fea29229f3 eapol: Fix IGTK key index extraction
IGTK key index is a 2-byte little-endian field, not a bit field.  This
makes sense since IGTK key id can only be 4 or 5.
2016-12-12 22:07:31 -06:00
Rahul Rahul
c07addc4bf netdev: set NL80211_ATTR_USE_MFP if mfp is enabled 2016-12-09 11:47:14 -06:00
Tim Kourt
4a8fdc4b33 eap-wsc: Add re-transmission handler for WSC 2016-12-01 11:33:03 -06:00
Denis Kenzior
bd9e1883ee eap: Add retransmission support 2016-11-30 12:44:13 -06:00
Tim Kourt
79f4d1a9cd eap-wsc: Increment TX frag. offset only after ACK 2016-11-23 14:49:37 -06:00
Tim Kourt
b0930d8f79 eap: Extract md5 logic into eap-md5.c 2016-11-21 11:08:50 -06:00
Andrew Zaborowski
1a64c4b771 eapol: Send EAPOL-Start if AP starts 4-Way Handshake
Make the use of EAPOL-Start the default and send it when configured for
8021x and either we receive no EAPOL-EAP from from the AP before
timeout, or if the AP tries to start a 4-Way Handshake.
2016-11-18 14:10:17 -06:00
Denis Kenzior
413287d5cf eapol: Relax VERIFY_IS_ZERO condition
On certain routers, the 4-Way handshake message 3 of 4 contains a key iv
field which is not zero as it is supposed to.  This causes us to fail
the handshake.

Since the iv field is not utilized in this particular case, it is safe
to simply warn rather than fail the handshake outright.
2016-11-18 14:04:07 -06:00
Denis Kenzior
d03f23200a eap: Load MTU settings from iwd.conf 2016-11-15 16:44:07 -06:00
Denis Kenzior
ec93454e65 netdev: Send additional attributes
For fullmac drivers, these attributes are also needed
2016-11-15 15:39:55 -06:00
Denis Kenzior
d33fe385da crypto: Add AKMs 2016-11-15 15:39:55 -06:00
Tim Kourt
d0b735c73c handshake: Add getter for settings_8021x 2016-11-15 13:31:43 -06:00
Tim Kourt
92ece898d1 eap-wsc: Add RX fragmentation support 2016-11-07 16:31:47 -06:00
Tim Kourt
fe90dcaab4 eap-ttls: Fix msg size miscalculation 2016-11-07 16:27:26 -06:00
Andrew Zaborowski
e9e9358898 netdev: Add padding to netlink family headers
Use the NLMSG_ALIGN macro on the family header size (struct ifinfomsg in
this case).  The ascii graphics in include/net/netlink.h show that both
the netlink header and the family header should be padded.  The netlink
header (nlmsghdr) is already padded in ell.  To "document" this
requirementin ell what we could do is take two buffers, one for the
family header and one for the attributes.

This doesn't change anything for most people because ifinfomsg is
already 16-byte long on the usual architectures.
2016-11-07 11:43:18 -06:00
Tim Kourt
b6745000b5 eap-tls: Fix msg size miscalculation 2016-11-03 22:19:46 -05:00
Tim Kourt
2148d71264 eap-wsc: Add TX fragmentation support 2016-11-03 22:17:38 -05:00
Tim Kourt
2d73fb35fe main: Remove unnecessary initialization 2016-11-03 13:28:19 -05:00
Andrew Zaborowski
e32ffc4d98 eapol: Use handshake_state to store state
Remove the keys and other data from struct eapol_sm, update device.c,
netdev.c and wsc.c to use the handshake_state object instead of
eapol_sm.  This also gets rid of eapol_cancel and the ifindex parameter
in some of the eapol functions where sm->handshake->ifindex can be
used instead.
2016-11-03 10:23:58 -05:00
Andrew Zaborowski
061dad2ff5 Add handshake_state object
struct handshake_state is an object that stores all the key data and other
authentication state and does the low level operations on the keys.  Together
with the next patch this mostly just splits eapol.c into two layers
so that the key operations can also be used in Fast Transitions which don't
use eapol.
2016-11-03 10:23:41 -05:00
Andrew Zaborowski
19afcb3582 device: Pass FT-related data to eapol and netdev
If device_select_akm_suite selects Fast Transition association then pass
the MD IE and other bits needed for eapol and netdev to do an FT
association and 4-Way Handshake.
2016-11-03 10:15:11 -05:00
Andrew Zaborowski
a35e0c2690 netdev: FT version of association messages
If an MD IE is supplied to netdev_connect, pass that MD IE in the
associate request, then validate and handle the MD IE and FT IE in the
associate response from AP.
2016-11-03 10:12:44 -05:00
Andrew Zaborowski
d03f4d72f1 eapol: Handle FT-version of step 3 of 4-way handshake 2016-11-03 10:04:34 -05:00
Andrew Zaborowski
9d54a3082e eapol: Build FT-version step 2 of 4-way handshake
If an FT AKM suite is selected, build the FT version of the step 2
of the 4-way handshake frame.  Step 1 is same as non-FT version.
2016-11-03 10:03:45 -05:00
Andrew Zaborowski
0d2e5b9849 eapol: Add setters for the FT handshake input data
Add space in the eapol_sm struct for the pieces of information required
for the FT 4-Way Handshake and add setters for device.c and netdev.c to
be able to provide the data.
2016-11-03 10:01:41 -05:00
Andrew Zaborowski
67a5b68a16 device: Drop the bss->sha256 flag usage
Don't decide on the AKM suite to use when the bss entries are received
and processed, instead select the suite when the connection is triggered
using a new function device_select_akm_suite, similar to
wiphy_select_cipher().  Describing the AKM suite through flags will be
more difficult when more than 2 suites per security type are supported.
Also handle the wiphy_select_cipher 0 return value when no cipher can be
selected.
2016-11-03 10:00:35 -05:00
Andrew Zaborowski
1b99521e98 ie: Implement ie_parse_neighbor_report 2016-11-03 09:59:49 -05:00
Denis Kenzior
2340c7790c device: Avoid leaking memory
In case we bail out early when setting up the RSN element
2016-11-02 16:42:12 -05:00
Rahul Rahul
e6311557fe device: set mfp and group mgmt cipher if AP supports it 2016-11-02 16:39:20 -05:00
Rahul Rahul
b47c82102e network: update network_bss_select for mfp
Update network_bss_select for MFP.  Particularly the scenario when all
BSSes inside the bss_list have MFPR set, but we're not BIP capable.
2016-11-02 16:36:13 -05:00
Tim Kourt
17527d4570 main: init iwd config 2016-11-02 16:06:10 -05:00
Tim Kourt
410d34c21b iwd: Add accessor for iwd_config 2016-11-02 15:44:19 -05:00
Daniel Wagner
dee6a6f082 network: Add Type property to D-Bus API 2016-11-02 10:04:24 -05:00
Daniel Wagner
6a6f3c8865 network: Add Device property to D-Bus API 2016-11-02 10:00:30 -05:00
Daniel Wagner
d9f2d40f6f device: Add Adapter property to D-Bus API 2016-11-02 09:57:21 -05:00
Rahul Rahul
5e0b24dcb2 netdev: implement netdev_set_igtk 2016-10-31 09:53:04 -05:00
Andrew Zaborowski
424ceb58a3 eapol: Drop len parameter to eapol_sm_set_rsn/wpa
The len parameter was only used so it could be validated against ie[1],
but since it was not checked to be > 2, it must have been validated
already, the check was redundant.  In any case all users directly
passed ie[1] as len anyway.  This makes it consistent with the ie
parsers and builders which didn't require a length.
2016-10-29 23:09:10 -05:00
Andrew Zaborowski
b29f333bb4 scan: Parse the Country String IE
and save to struct scan_bss
2016-10-29 22:58:36 -05:00
Andrew Zaborowski
1720edfc0e scan: Save Neighbor Report capability bit in bss scan entry 2016-10-29 22:57:07 -05:00
Andrew Zaborowski
da435326aa scan: Save the MD IE in bss scan entry 2016-10-29 22:53:40 -05:00
Andrew Zaborowski
e4c168cc3b ie: Fast BSS Transition IE utilities 2016-10-29 22:53:14 -05:00
Andrew Zaborowski
b20f1a2d50 ie: Mobility Domain IE utilities 2016-10-28 11:28:21 -05:00
Denis Kenzior
90ea26bec5 netdev: Squash kernel warning
netlink: 16 bytes leftover after parsing attributes in
process `iwd'.
2016-10-28 09:27:02 -05:00
Rahul Rahul
c16ae02056 eapol: refactor eapol_find_kde and add install_igtk 2016-10-26 16:34:52 -05:00
Denis Kenzior
318d3a2d35 scan: Refactor bss_get_supported_ciphers
In many cases the pairwise and group cipher information is not the only
information needed from the BSS RSN/WPA elements in order to make a
decision.  For example, th MFPC/MFPR bits might be needed, or
pre-authentication capability bits, group management ciphers, etc.

This patch refactors bss_get_supported_ciphers into the more general
scan_bss_get_rsn_info function
2016-10-24 22:12:25 -05:00
Denis Kenzior
bdd676a23a wiphy: Add support for BIP in wiphy_select_cipher 2016-10-24 21:29:37 -05:00
Denis Kenzior
2899315828 wiphy: Rename pairwise_ciphers to supported_ciphers
Since the ciphers stored here are not only for pairwise, but also group
and management ciphers.
2016-10-24 21:29:03 -05:00
Denis Kenzior
13f83fda81 wiphy: Also print whether we support BIP 2016-10-24 21:25:04 -05:00
Tim Kourt
85db443b37 eap-wsc: Use header length constant for readability 2016-10-24 11:21:01 -05:00
Tim Kourt
da433a1c56 eap-wsc: Clean up packet ptr ops 2016-10-24 11:18:53 -05:00
Tim Kourt
79d5353531 src: Introduce iwd.conf 2016-10-24 11:10:26 -05:00
Tim Kourt
884ef2e15f src: Rename dbus config. file
Rename dbus config. file to avoid future configuration with the IWD
config. file.
2016-10-24 11:10:23 -05:00
Marcel Holtmann
88909947e2 build: Remove support for usage of kdbus 2016-10-16 19:41:27 +02:00
Denis Kenzior
cc2052d33e eapol: In case of timeout, mark as NULL 2016-10-15 16:26:41 -05:00
Andrew Zaborowski
c548898635 eapol: Cache early EAPoL frames until ready to process
Split eapol_start into two calls, one to register the state machine so
that the PAE read handler knows not to discard frames for that ifindex,
and eapol_start to actually start processing the frames.  This is needed
because, as per the comment in netdev.c, due to scheduling the PAE
socket read handler may trigger before the CMD_CONNECT event handler,
which needs to parse the FTE from the Associate Response frame and
supply it to the eapol SM before it can do anything with the message 1
of 4 of the FT handshake.

Another issue is that depending on the driver or timing, the underlying
link might not be marked as 'ready' by the kernel.  In this case, our
response to Message 1 of the 4-way Handshake is written and accepted by
the kernel, but gets dropped on the floor internally.  Which leads to
timeouts if the AP doesn't retransmit.
2016-10-15 16:25:37 -05:00
Denis Kenzior
d8cb8d7810 eapol: Default to EAPoL 2001 if unset
If protocol auto-detection is enabled (e.g. protocol_version is zero),
default to EAPOL 2001 version for EAPOL-Start messages.
2016-10-11 02:33:46 -05:00
Denis Kenzior
d1d08a33ab wsc: Treat disconnect_by_ap as handshake_failed 2016-10-11 01:54:32 -05:00
Denis Kenzior
eaee379e53 netdev: Allow disconnect_by_ap to be re-entrant 2016-10-11 01:53:59 -05:00
Denis Kenzior
30b7b46aa1 wsc: Tell eapol that EAPOL-Start might be needed 2016-10-11 01:36:59 -05:00
Denis Kenzior
91d35987fd eapol: Add provision to use EAPOL-Start 2016-10-11 01:36:48 -05:00
Denis Kenzior
a16abfdc92 network: Don't fail if network config file exists 2016-10-10 15:59:36 -05:00
Denis Kenzior
e7e6326179 device: honor autoconnect in device_disassociated 2016-10-10 15:38:03 -05:00
Denis Kenzior
8242e9b9aa device: on connect error use network_connect_failed 2016-10-10 14:53:01 -05:00
Denis Kenzior
63e11979ee network: free/zero psk in network_settings_close 2016-10-10 14:52:43 -05:00
Marcel Holtmann
e72b2f8daf util: Include sys/uio.h for struct iovec 2016-10-10 20:42:48 +02:00
Andrew Zaborowski
92bc1d6896 scan: Implement scan_oper_class_to_band
This function takes an Operating Channel and a Country String to convert
it into a band.  Using scan_oper_class_to_band and scan_channel_to_freq,
an Operating Channel, a Country String and a Channel Number together can
be converted into an actual frequency.  EU and US country codes based on
wpa_supplicant's tables.
2016-10-04 21:34:24 -05:00
Andrew Zaborowski
859dcf0d59 scan: Implement scan_freq_set_foreach 2016-10-04 15:15:51 -05:00
Andrew Zaborowski
c4941a82a4 scan: Implement scan_channel_to_freq
This function does the inverse of scan_freq_to_channel
2016-10-04 15:15:51 -05:00
Andrew Zaborowski
911aebc844 scan: Fix the supported rates factor in bss ranking 2016-10-04 14:20:01 -05:00
Andrew Zaborowski
09861f4ebe eapol: Free the checksum in eapol_verify_mic 2016-10-04 14:11:42 -05:00
Andrew Zaborowski
721be04f95 eapol: Pass actual PTK size to crypto_derive_pairwise_ptk()
It doesn't matter for crypto_derive_pairwise_ptk in non-SHA256 mode
but in the FT PTK derivation function, as well as in SHA256 mode all
bytes of the output do actually change with the PTK size.
2016-10-04 14:10:23 -05:00
Andrew Zaborowski
7b20f57239 network: Fix autoconnect candidate logic
Fix autoconnect trying to connect to networks never used before as found
by Tim Kourt.  Update the comments to be consistent with the use of the
is_known field and the docs, in that a Known Network is any network that
has a config file in the iwd storage, and an autoconnect candidate is a
network that has been connected to before.
2016-09-27 11:52:07 -05:00
Denis Kenzior
0eea6ad4b7 netdev: Make sure to set disconnect_cmd_id to 0 2016-09-22 21:16:19 -05:00
Denis Kenzior
a51ae8ce0e wsc: Let Cancel() abort WSC associations as well 2016-09-22 21:16:19 -05:00
Denis Kenzior
efd4b3462a wsc: trigger autoconnect if no useful credential 2016-09-22 21:16:17 -05:00
Denis Kenzior
a6cad89fbe netdev: Start eapol earlier 2016-09-22 17:34:27 -05:00
Denis Kenzior
5329ddceb8 netdev: Tweak netdev_disconnect semantics
If the handshake fails, we trigger a deauthentication prior to reporting
NETDEV_RESULT_HANDSHAKE_FAILED.  If a netdev_disconnect is invoked in
the meantime, then the caller will receive -ENOTCONN.  This is
incorrect, since we are in fact logically connected until the connect_cb
is notified.

Tweak the behavior to keep the connected variable as true, but check
whether disconnect_cmd_id has been issued in the netdev_disconnect_event
callback.
2016-09-22 17:23:49 -05:00
Denis Kenzior
9c2d61db2c wsc: Optionally disconnect before starting EAP-WSC
If the device is currently connected, we will initiate a disconnection
(or wait for the disconnection to complete) prior to starting the
WSC-EAP association.
2016-09-22 16:29:19 -05:00
Denis Kenzior
9a63ab6712 netdev: Make invoking disconnect_cb reentrant safe 2016-09-22 16:20:33 -05:00
Denis Kenzior
886ffc2edb netdev: keep track of operational state
We should not attempt to call connect_failed if we're have become
operational.  E.g. successfully associated, ran eapol if necessary and
set operstate.
2016-09-22 16:19:30 -05:00
Denis Kenzior
2d87556b6b device: destroy state watchlist after removed event 2016-09-22 15:28:56 -05:00
Denis Kenzior
42d26089e9 watchlist: Make re-entrant safe 2016-09-22 15:28:29 -05:00
Denis Kenzior
d2ccc367ef device: modify autoconnect behavior
In case Disconnect() is called for any reason, make sure autoconnect is
off.  Set autoconnect to true whenever we successfully connect.
2016-09-22 15:28:14 -05:00
Denis Kenzior
a766823ffc device: Make scanning into a bitfield 2016-09-22 13:48:05 -05:00
Denis Kenzior
ecacdd88e4 device: Add device_get_state 2016-09-22 13:48:05 -05:00
Denis Kenzior
1585ccc897 netdev: Return -EINPROGRESS if already disconnecting 2016-09-22 11:55:32 -05:00
Denis Kenzior
47fa0435ba wsc: Start walk timer
PBC mode mandates a 120-second walk timer.  The PBC transaction must be
completed within that time or be aborted.
2016-09-22 11:32:18 -05:00
Andrew Zaborowski
0ffec2e481 dbus: Switch to using org.freedesktop.DBus.Properties
Use the org.freedesktop.DBus.Properties interfaces on objects with
properties and drop the old style GetProperty/SetProperty methods on
individual interfaces.  Agent and KnownNetworks have no properties at
this time so don't add org.freedesktop.DBus.Properties interfaces.
2016-09-21 16:46:34 -05:00
Andrew Zaborowski
c6e38dacac scan: Zero destroy callback in scan_cancel
Otherwise it may be called again in get_scan_done.
2016-09-21 16:39:05 -05:00
Denis Kenzior
31ba824acc wsc: Try using credentials
We send the scan results where we obtained a PushButton target over to
device object.  If EAP-WSC transaction is successful, then the scan
results are searched to find a network/bss combination found in the
credentials obtained.  If found, the network is connected to
automatically.
2016-09-21 16:21:53 -05:00
Denis Kenzior
5fa37b9a1d wsc: Write credentials to storage 2016-09-21 16:21:28 -05:00
Denis Kenzior
3fd51c2d72 network: Add network_set_psk 2016-09-21 16:20:09 -05:00
Denis Kenzior
c380940b43 netdev: Deauthenticate prior to calling connect_cb 2016-09-21 16:19:47 -05:00
Denis Kenzior
92a51805c4 netdev: Finalize disconnects on device removal
When device is removed or otherwise freed, netdev_connect callbacks are
invoked.  Treat disconnects similarly
2016-09-21 15:23:06 -05:00
Denis Kenzior
29387e012a network: Use uint8_t instead of unsigned char 2016-09-21 14:38:43 -05:00
Denis Kenzior
954f4ebca2 network: Close settings if ineligible for autoconnect 2016-09-21 14:35:30 -05:00
Denis Kenzior
7661f1b7c0 network: Expose network_bss_select 2016-09-21 14:00:59 -05:00
Denis Kenzior
38a4a9668f wsc: Record credentials obtained from EAP-WSC
Multiple credentials can be obtained via the event, record them until we
are ready to process them.
2016-09-21 13:51:11 -05:00
Denis Kenzior
42fb2a7c0f device: Add device_set_scan_results 2016-09-19 20:35:57 -05:00
Denis Kenzior
9c9e6f6f29 network: Add network_bss_find_by_addr 2016-09-19 20:26:41 -05:00
Denis Kenzior
dc3a6a2f77 device: Add device_network_find 2016-09-19 20:19:34 -05:00
Denis Kenzior
29d5eeb3ca network: Use const char * to represent ssid
This also fixes a potential buffer overflow since the ssid was cast to a
string inside network_create.  However, ssid is a buffer of 32 bytes,
and would not be null-terminated in the case of a 32-byte SSID.
2016-09-19 20:18:53 -05:00
Denis Kenzior
12fca8b7f7 network: Make network_settings_close private 2016-09-19 17:04:51 -05:00
Denis Kenzior
a239b49707 network: Make network_load_settings static 2016-09-19 17:03:51 -05:00
Denis Kenzior
69ea4db15c wsc: Base RF freq on BSS we're connecting to 2016-09-16 12:42:58 -05:00
Denis Kenzior
099e2a028d wsc: Add support for initial WSC association 2016-09-14 21:56:20 -05:00
Denis Kenzior
15ac5c3f38 wscutil: Fix uninitialized warning
==5362== Conditional jump or move depends on uninitialised value(s)
==5362==    at 0x419B62: wsc_wfa_ext_iter_next (wscutil.c:52)
==5362==    by 0x41B869: wsc_parse_probe_response (wscutil.c:1016)
==5362==    by 0x41FD77: scan_results (wsc.c:218)
==5362==    by 0x415669: get_scan_done (scan.c:892)
==5362==    by 0x432932: destroy_request (genl.c:134)
==5362==    by 0x433245: process_unicast (genl.c:394)
==5362==    by 0x43361A: received_data (genl.c:506)
==5362==    by 0x42FDC2: io_callback (io.c:120)
==5362==    by 0x42EABE: l_main_run (main.c:381)
==5362==    by 0x402F90: main (main.c:234)
2016-09-14 21:56:18 -05:00
Denis Kenzior
9b0113018f scan: Fix running active scans
A wildcard SSID of zero length is needed
2016-09-14 21:56:18 -05:00
Denis Kenzior
a3fdb88a9a device: add device_get_netdev 2016-09-14 21:56:18 -05:00
Denis Kenzior
959ebd505b device: Free eapol_sm on netdev_connect failure 2016-09-14 21:56:18 -05:00
Denis Kenzior
09dcd78e30 device: Convert device watches to watchlist 2016-09-14 21:56:18 -05:00
Denis Kenzior
ef18c03322 device: Make device_enter_state static 2016-09-14 21:56:18 -05:00
Denis Kenzior
4419a6325a device: Add state watch api 2016-09-14 21:56:16 -05:00
Denis Kenzior
6d410b0bec watchlist: Add watchlist utilities 2016-09-14 20:26:49 -05:00
Denis Kenzior
d9c18deed7 device: Remove extra whitespace 2016-09-14 00:17:27 -05:00
Denis Kenzior
f77d363840 netdev: Add netdev_connect_wsc 2016-09-13 20:50:24 -05:00
Denis Kenzior
8a50054925 device: Make device_disassociated static 2016-09-13 20:49:36 -05:00
Denis Kenzior
db8794460f eapol: Remove io argument from eapol_start 2016-09-13 17:37:13 -05:00
Denis Kenzior
047a196c70 wscutil: Add wsc_build_association_response 2016-09-13 17:26:18 -05:00
Denis Kenzior
77abdb7d96 wscutil: add wsc_build_association_request 2016-09-13 17:23:43 -05:00
Denis Kenzior
da36b87531 wscutil: Add wsc_parse_association_request 2016-09-13 15:59:30 -05:00
Denis Kenzior
022d24474b wscutil: Add wsc_parse_association_response 2016-09-13 15:57:16 -05:00
Denis Kenzior
f3d5adfc3c wsc: report session overlap error 2016-09-13 14:55:13 -05:00
Denis Kenzior
1627b3a2bd wsc: Squash wsc_sm structure
eap-wsc now handles most of the details
2016-09-13 14:53:30 -05:00
Denis Kenzior
c60d34cd8d wiphy: Add wiphy_get_supported_bands 2016-09-13 14:36:46 -05:00
Denis Kenzior
4518394b0e eap-wsc: Send credential obtained events 2016-09-13 13:32:47 -05:00
Denis Kenzior
9fde037b8f eapol: Add eapol_sm_set_event_func 2016-09-13 13:30:54 -05:00
Denis Kenzior
1b72fe9713 eap: Add eap event_func
This is used to get arbitrary information out of the EAP method.  Needed
for EAP-WSC to signal credential information obtained from the peer.

Other uses include signaling why EAP-WSC failed (e.g. invalid PIN, etc)
and processing of M2D discovery messages.  The information in M2Ds might
be useful to external clients.
2016-09-13 11:50:52 -05:00
Denis Kenzior
baf72d7f86 eapol: Move to a single PAE socket
We used to open a socket for each wireless interface.  This patch uses a
single socket with an attached BPF to handle all EAPoL traffic via a
single file descriptor.
2016-09-12 10:02:04 -05:00
Denis Kenzior
8e50144d17 eap-wsc: Handle EAP WSC_NACK Requests
These should be responded to with a NACK as well.
2016-09-09 13:40:41 -05:00
Denis Kenzior
d2d9ce7be5 eap-wsc: implement NACK sending 2016-09-09 12:44:36 -05:00
Denis Kenzior
b93a992ed1 eap-wsc: Handle M8 messages 2016-09-08 21:59:04 -05:00
Denis Kenzior
1dc197d176 wscutil: Rename parse/build_nack
... to parse/build_wsc_nack to be more consistent with the spec naming
2016-09-08 21:34:32 -05:00
Denis Kenzior
983d598d1d wscutil: Add wsc_build_wsc_ack 2016-09-08 21:33:40 -05:00
Denis Kenzior
9c9ecfa239 wscutil: Add wsc_parse_wsc_ack 2016-09-08 21:33:20 -05:00
Denis Kenzior
aa518811b3 wscutil: Add wsc_build_wsc_done 2016-09-08 21:27:44 -05:00
Denis Kenzior
d8b8c25848 wscutil: Add wsc_parse_wsc_done 2016-09-08 21:27:18 -05:00
Andrew Zaborowski
1b1bf3cf65 eapol: On EAP success save the second 256 bits of MSK 2016-09-06 14:07:35 -05:00
Andrew Zaborowski
443e363c20 crypto: Implement crypto_derive_ft_ptk 2016-09-06 13:50:17 -05:00
Andrew Zaborowski
efbbe9870b crypto: Implement crypto_derive_pmk_r1 2016-09-06 13:48:50 -05:00
Andrew Zaborowski
994ffd94c5 crypto: Implement crypto_derive_pmk_r0 2016-09-06 13:47:18 -05:00
Andrew Zaborowski
955c88a64a ie: Consistently set group_management_cipher
RSNE_ADVANCE may return and if it is before the assignment of
info.group_management_cipher, that assignment will be dependent on where
the RSNE ends.
2016-09-05 23:10:29 -05:00
Andrew Zaborowski
316752c5e4 ie: Error in tlv_iter_next if no space to length byte
When parsing the EAPoL-Key key data field we don't strip the 0xdd /
0x00 padding from the decrypted data so there may be trailing padding
after the IE sequence and valgrind will report an invalid read of the
length byte.  Same thing may happen if we're sent garbage.
2016-09-05 23:00:01 -05:00
Denis Kenzior
b67e3f26b5 wscutil: Add wsc_parse_credential 2016-08-31 22:36:21 -05:00
Denis Kenzior
d83bf50a39 wscutil: Add wsc_parse_m8_encrypted_settings 2016-08-31 21:59:52 -05:00
Denis Kenzior
addba697da wscutil: Add wsc_build_m8 2016-08-31 14:14:11 -05:00
Denis Kenzior
ead40f0431 wscutil: Add wsc_parse_m8 2016-08-31 14:14:01 -05:00
Denis Kenzior
34ed84dc41 eap-wsc: Send M7 messages 2016-08-31 12:50:44 -05:00
Denis Kenzior
9bb4ba42dd wscutil: Add wsc_build_m7_encrypted_settings 2016-08-31 11:39:06 -05:00
Denis Kenzior
8df0f9fa28 wscutil: Add wsc_parse_m7_encrypted_settings 2016-08-31 11:38:52 -05:00
Denis Kenzior
a113cba4f2 wscutil: Add wsc_build_m7 2016-08-31 11:32:51 -05:00
Denis Kenzior
b7d44d302a wscutil: Add wsc_parse_m7 2016-08-31 11:32:21 -05:00
Denis Kenzior
6dae861ce2 eap-wsc: Handle M6 messages 2016-08-31 11:18:21 -05:00
Denis Kenzior
2ac78e1306 eap-wsc: split out R_Hash verification
So it can be used in M6 processing
2016-08-31 11:17:29 -05:00
Denis Kenzior
11550b2756 wscutil: Add wsc_m6_build_encrypted_settings 2016-08-31 11:15:35 -05:00
Denis Kenzior
3719e78094 wscutil: Add wsc_parse_m6_encrypted_settings 2016-08-31 11:15:12 -05:00
Denis Kenzior
4e0c932dc9 wscutil: Add wsc_build_m6 2016-08-31 11:14:48 -05:00
Denis Kenzior
815f685c2d wscutil: Add wsc_parse_m6 2016-08-31 11:14:48 -05:00
Denis Kenzior
ba55afa3f4 eap-wsc: Generate M5 messages 2016-08-30 23:20:24 -05:00
Denis Kenzior
c0de9d1790 eap-wsc: optionally load IV1 & IV2 for debugging
When we send M5 & M7, we need to generate a random IV.  For testing
purposes, the IV can be provided in settings, otherwise it will be
generated randomly.
2016-08-30 23:18:53 -05:00
Denis Kenzior
62623e0eb3 eap-wsc: Handle M4 messages 2016-08-30 21:52:24 -05:00
Denis Kenzior
48c3f4a55a eap-wsc: Store PSK1 & PSK2
We will need to use PSK1 & PSK2 when computing R_Hash1 & R_Hash2 when
processing M4 & M6.
2016-08-30 21:51:14 -05:00
Denis Kenzior
9a47f98ccd eap-wsc: Store M2 for future use
We need quite a bit of attributes of M2 for the duration of the WSC
handshake.  Most importantly, we need to use the peer's public key when
processing M4 and M6.  RegistrarNonce is also needed for generating any
ACK/NACK messages as needed.

Also, peer's device attributes such as Model, Manufacturer, etc might be
useful to report upon successful handshake.
2016-08-30 21:10:57 -05:00
Denis Kenzior
633389f2f4 eap-wsc: Add utility to decrypt EncryptedSettings 2016-08-30 14:43:49 -05:00
Denis Kenzior
b78bef2be8 eap-wsc: Add utility to check KeyWrapAuthenticator 2016-08-30 14:42:43 -05:00
Denis Kenzior
046c7b8994 eap-wsc: clear out intermediate key data 2016-08-30 14:41:58 -05:00
Denis Kenzior
39d6acb07d eap-wsc: Don't store AuthKey | KeyWrapKey | EMSK
AuthKey is already uploaded into auth_key_hmac.  KeyWrapKey is now
uploaded into the AES-CBC(128) cipher.  We currently have no use for
EMSK.

So we no longer need to keep the wsc_session_key structure around.
2016-08-30 14:34:03 -05:00
Denis Kenzior
24dfe6e436 wscutil: Add wsc_build_m5_encrypted_settings 2016-08-30 14:10:20 -05:00
Denis Kenzior
7bdb1a0225 wscutil: Add wsc_parse_m5_encrypted_settings 2016-08-30 14:07:53 -05:00
Denis Kenzior
d59086c791 wscutil: Add wsc_build_m4_encrypted_settings 2016-08-30 13:57:28 -05:00
Denis Kenzior
11e56031c0 wscutil: Add wsc_parse_m4_encrypted_settings 2016-08-30 13:38:08 -05:00
Denis Kenzior
757e4dbb90 wscutil: Prepare for parsing of Encrypted Settings
Encrypted Settings TLVs are structured similarly to the various WSC
messages.  However, they lack a version2 extension field and use a Key
Wrap Authenticator element instead of Authenticator.
2016-08-30 13:33:17 -05:00
Denis Kenzior
642804f9d7 wscutil: Handle Key Wrap Authenticator 2016-08-30 13:30:06 -05:00
Denis Kenzior
7810a45a9c eap-wsc: Rework state logic a bit
Mostly so repetitive code is not required
2016-08-30 10:10:11 -05:00
Denis Kenzior
a8580c7ed0 wscutil: Add wsc_build_m5 2016-08-30 09:45:39 -05:00
Denis Kenzior
0081bf4f64 wscutil: Add wsc_parse_m5 2016-08-30 09:34:34 -05:00
Denis Kenzior
05c230c46a eap-wsc: Send M3 2016-08-30 09:22:35 -05:00
Denis Kenzior
397a7d18c2 eap-wsc: Add TX message Authenticator calculation 2016-08-30 09:22:35 -05:00
Denis Kenzior
5951bc220b eap-wsc: Handle M2 messages 2016-08-30 09:22:35 -05:00
Denis Kenzior
33b0034678 eap-wsc: Add util to verify RX frame Authenticator 2016-08-30 09:22:35 -05:00
Denis Kenzior
097e775659 eap-wsc: Add basic logic to send M1 messages 2016-08-30 09:22:33 -05:00
Denis Kenzior
c2cb35b4c9 eap-wsc: store sent pdu
This is needed for authenticator computation
2016-08-29 22:16:34 -05:00
Denis Kenzior
2cbbcb7434 eap-wsc: Load settings related to DevicePassword
DevicePassword is the PIN, either static, dynamically generated or
entered by the user.  For PushButton mode, DevicePassword is set to
'00000000'.  It can also be provided via external means, such as NFC.

This patch allows DevicePassword to be externally configured into the
EAP-WSC layer.  Optionally, the secret nonce values can also be
provided for testing purposes.  If omitted, they will be generated using
l_getrandom.
2016-08-29 12:12:13 -05:00
Denis Kenzior
ce596058cd eap-wsc: Implement load_settings method
We use the load_settings method to bootstrap the internal state of the
EAP WSC state machine.  We require certain information to be provided by
the higher layers, namely:

Global Device parameters
 - Manufacturer
 - Model Name
 - Model Number
 - Serial Number
 - Device Name
 - Primary Device Type
 - OS Version

Session specific parameters
 - MAC Address
 - Configuration Methods
 - RF Bands

The following parameters are auto-generated for each new session, but
can be over-ridden if desired
 - Private Key
 - Enrollee Nonce
2016-08-28 02:47:09 -05:00
Denis Kenzior
b650b16d6f wscutil: Check authenticator more strictly
Make sure Authenticator is the last data in the WSC PDU, with no
extraneous data afterwards
2016-08-28 02:47:09 -05:00
Denis Kenzior
00dac648aa wscutil: Add wsc_build_nack 2016-08-26 17:14:36 -05:00
Denis Kenzior
334ccfce0f wscutil: Add wsc_parse_nack 2016-08-26 17:14:36 -05:00
Denis Kenzior
fdeed24591 eap-wsc: Properly set vendor-id & vendor-type 2016-08-24 21:37:42 -05:00
Denis Kenzior
887119c82f wscutil: Expose WSC WFA OUI 2016-08-24 21:35:41 -05:00
Denis Kenzior
0a314004ce eap: expanded methods start packets at opcode
Expanded EAP methods should get their packets for handling starting at
the op-code field.  They're not really interested in
type/vendor-id/vendor-type fields.
2016-08-24 21:32:16 -05:00
Denis Kenzior
63b5c60743 util: Add util_string_to_address 2016-08-24 21:31:54 -05:00
Denis Kenzior
c2b1351396 wscutil: Add WSC KDF function 2016-08-23 13:52:52 -05:00
Denis Kenzior
0a6ffdf029 netdev: Fix double-free
We should only call eapol_cancel if netdev_connect_free was not
triggered as a result of handshake failure.
2016-08-23 13:15:00 -05:00
Denis Kenzior
5d2c5b3b71 crypto: Add some missing whitespace 2016-08-22 15:54:24 -05:00
Denis Kenzior
9c457de8d5 wscutil: Add M4 builder 2016-08-19 15:24:29 -05:00
Denis Kenzior
d3ee7c71be wscutil: Add M4 parser 2016-08-19 15:14:24 -05:00
Denis Kenzior
ca41b21e15 wscutil: Add extractor for R_HASH1 & R_HASH2 2016-08-19 15:03:44 -05:00
Denis Kenzior
4e4820e2a5 wscutil: Add encrypted settings extractor 2016-08-19 15:03:25 -05:00
Denis Kenzior
f116659ab3 wscutil: Macro-ize WFA extension building 2016-08-18 18:02:08 -05:00