3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-05 11:39:24 +01:00
Commit Graph

3255 Commits

Author SHA1 Message Date
Tim Kourt
2cb3b7cf2e auto-t: add explicit scan and completion check
The occasional race conditions used to cause the test to fail
due to the empty list of ordered networks
2018-10-02 15:10:17 -05:00
Tim Kourt
0682ddad37 ttls: change signature of the inner reset funcs 2018-10-01 17:30:29 -05:00
Tim Kourt
dc49401fc0 auto-t: test TTLS-CHAP 2018-10-01 17:30:06 -05:00
Tim Kourt
f0a86519e9 ttls: add support for tunneled CHAP 2018-10-01 17:14:19 -05:00
Tim Kourt
fac0131e7c auto-t: test TTLS-PAP 2018-10-01 17:14:05 -05:00
Tim Kourt
ba5cf86716 ttls: add support for tunneled PAP 2018-10-01 17:12:17 -05:00
Tim Kourt
aedf89ca37 ttls: remove load_settings from phase2_method 2018-10-01 17:11:39 -05:00
Tim Kourt
726ff5d2b1 ttls: exclude avp_builder_put_bytes 2018-10-01 17:11:10 -05:00
Tim Kourt
2aefd8badf ttls: improve avp build approach 2018-10-01 17:10:03 -05:00
James Prestwood
7903432e85 auto-t: Fix EAP-SIM-ofono test
Curiously this test started failing. The problem was incorrect KC/SRES
values in the sim.db file. I noticed no direct changes to this file,
but changes inside ofono, phonesim, and hostapd could have potentially
caused this.
2018-10-01 14:37:20 -05:00
Tim Kourt
e6bf22f8c9 ttls: add support for non eap auth settings 2018-09-26 17:55:44 -05:00
Tim Kourt
8f0c4a769a ttls: clear the obtained memory to prevent info leaks 2018-09-26 17:19:46 -05:00
Tim Kourt
3d77748bca ttls: change signature of the inner destroy funcs. 2018-09-26 17:19:05 -05:00
Tim Kourt
b2ec0c350a ttls: fix check on avp start 2018-09-25 16:23:40 -05:00
James Prestwood
50acc11f07 wiphy: added wiphy_select_akm
This is a replacement for station's static select_akm_suite. This was
done because wiphy can make a much more intellegent decision about the
akm suite by checking the wiphy supported features e.g. SAE support.

This allows a connection to hybrid WPA2/WPA3 AP's if SAE is not
supported in the kernel.
2018-09-25 10:58:04 -05:00
James Prestwood
272cb441cd wiphy: only connect to SAE if feature is supported 2018-09-25 10:56:06 -05:00
Andrew Zaborowski
36c441c945 ap: Set up the GTK and pass to handshake
Set a default GTK cipher type same as our current PTK type, generate a
random GTK when the first STA connects and set it up in the kernel, then
pass the values that EAPoL is going to need to the handshake_state.
2018-09-25 10:53:40 -05:00
Andrew Zaborowski
01edef9001 netdev: Reject setting powered while setting iftype
In netdev_set_powered also check that no NL80211_CMD_SET_INTERFACE is in
progress because once it returned we would overwrite
netdev->set_powered_cmd_id (could also add a check there but it seems
more logical to just disallow Powered property changes while Mode is
being changed, since we also disallow Mode changes while Powered is
being changed.)
2018-09-25 10:51:48 -05:00
Denis Kenzior
ebda2ce60f device: Remove unneeded includes 2018-09-24 19:29:40 -05:00
Denis Kenzior
87118959e6 device: Obtain station using station_find
Since device object no longer creates / destroys station objects, use
station_find inside ap directed roam events to direct these to the
station interface.
2018-09-24 19:27:04 -05:00
Andrew Zaborowski
8632b81397 eapol: Add GTK data to msg 3/4 of the handshake 2018-09-24 14:53:41 -05:00
Andrew Zaborowski
e4873dea5a handshake: Use enum handshake_kde in find_kde()
Since we have all the KDE types defined in enum handshake_kde use that
instead of uint8_t buffers containing the same values.
2018-09-24 14:24:41 -05:00
Andrew Zaborowski
7c779956ac handshake: Add handshake_util_build_gtk_kde utility 2018-09-24 14:24:41 -05:00
Andrew Zaborowski
68e612573e handshake: Add GTK data to handshake_state
Add places to store the GTK data, index and RSC in struct
handshake_state and add a setter function for these fields.  We may want
to also convert install_gtk to use these fields similar to install_ptk.
2018-09-24 14:24:41 -05:00
Denis Kenzior
7eb59602df netdev: Drop redundant netdev_get_device checks
As a consequence of the previous commit, netdev watches are always
called when the device object is valid.  As a result, we can drop the
netdev_get_device calls and checks from individual AP/AdHoc/Station/WSC
netdev watches
2018-09-24 14:12:43 -05:00
Andrew Zaborowski
916bde3a02 netdev: Don't emit events before NETDEV_WATCH_EVENT_NEW 2018-09-24 14:09:36 -05:00
Andrew Zaborowski
c96f44b2e6 station: Make station_create/station_free static
These two functions don't need to be used from outside of station.c
anymore so make them static and simplify the station_create arguments
slightly.
2018-09-24 14:07:03 -05:00
Andrew Zaborowski
567baed2c4 station: Create interface simliarly to AP, AdHoc interfaces
Instead of creating the Station interface in device.c create it directly
on the netdev watch event the same way that the AP and AdHoc interfaces
are created and freed.  This fixes some minor incosistencies, for
example station_free was previously called twice, once from device.c and
once from the netdev watch.

device.c would previously keep the pointer returned by station_create()
but that pointer was not actually useful so remove it.  Autotests still
seem to pass.
2018-09-24 14:05:03 -05:00
Andrew Zaborowski
daf248e1ba station: Disconnect netdev in station_free()
Call netdev_disconnect() to make netdev forget any of station.c's
callbacks for connections or transitions in progress or established.
Otherwise station.c will crash as soon as we're connected and try to
change interface mode:
==17601== Invalid read of size 8
==17601==    at 0x11DFA0: station_disconnect_event (station.c:775)
==17601==    by 0x11DFA0: station_netdev_event (station.c:1570)
==17601==    by 0x115D18: netdev_disconnect_event (netdev.c:868)
==17601==    by 0x115D18: netdev_mlme_notify (netdev.c:3403)
==17601==    by 0x14E287: l_queue_foreach (queue.c:441)
==17601==    by 0x1558B4: process_multicast (genl.c:469)
==17601==    by 0x1558B4: received_data (genl.c:532)
==17601==    by 0x152888: io_callback (io.c:123)
==17601==    by 0x151BCD: l_main_iterate (main.c:376)
==17601==    by 0x151C9B: l_main_run (main.c:423)
==17601==    by 0x10FE20: main (main.c:489)
2018-09-24 13:57:36 -05:00
Andrew Zaborowski
f9faeed7bb ap, adhoc: On NETDEV_WATCH_EVENT_NEW check device is UP
Since the interfaces are not supposed to exist when the device is DOWN
(we destroy the interfaces on NETDEV_WATCH_EVENT_DOWN too), don't
create the interfaces if the device hasn't been brought up yet.
2018-09-24 13:56:02 -05:00
Andrew Zaborowski
99e7e0d977 netdev: Update ifi_flags in rntl_set_powered callbacks
When we detect a new device we either bring it down and then up or only
up.  The IFF_UP flag in netdev->ifi_flags is updated before that, then
we send the two rtnl commands and then fire the NETDEV_WATCH_EVENT_NEW
event if either the bring up succeeded or -ERFKILL was returned, so the
device may either be UP or DOWN at that point.

It seems that a RTNL NEWLINK notification is usually received before
the RTNL command callback but I don't think this is guaranteed so update
the IFF_UP flag in the callbacks so that the NETDEV_WATCH_EVENT_NEW
handlers can reliably use netdev_get_is_up()
2018-09-24 13:54:24 -05:00
Andrew Zaborowski
64398f3143 test: Update the list-devices script 2018-09-24 13:42:13 -05:00
Andrew Zaborowski
175fd00c6b tests: Update the disconnect-network script 2018-09-24 13:42:10 -05:00
Andrew Zaborowski
ab6160b017 netdev: Drop DEFAULT_TYPES nl80211 attr of CMD_NEW_KEY
The NL80211_ATTR_KEY_DEFAULT_TYPES attribute is only parsed by the
kernel if either NL80211_ATTR_KEY_DEFAULT or
NL80211_ATTR_KEY_DEFAULT_MGMT are also present, however these are only
used with NL80211_CMD_SET_KEY and ignored for NEW_KEY.  As far as I
understand the default key concept only makes sense for a Tx key because
on Rx all keys can be tried, so we don't need this for client mode.  The
kernel decides whether the NEW_KEY is for unicast or multicast based on
whether NL80211_ATTR_KEY_MAC was supplied.
2018-09-24 13:14:27 -05:00
Denis Kenzior
b60e79b8dd eap-wsc: Do not leak device_password
device password was read from settings using l_settings_get_string which
returns a newly-allocated string due to un-escape semantics.  However,
when assigning wsc->device_password, we strdup-ed the password again
unnecessarily.

==1069== 14 bytes in 2 blocks are definitely lost in loss record 1 of 1
==1069==    at 0x4C2AF0F: malloc (vg_replace_malloc.c:299)
==1069==    by 0x16696A: l_malloc (util.c:62)
==1069==    by 0x16B14B: unescape_value (settings.c:108)
==1069==    by 0x16D12C: l_settings_get_string (settings.c:971)
==1069==    by 0x149680: eap_wsc_load_settings (eap-wsc.c:1270)
==1069==    by 0x146113: eap_load_settings (eap.c:556)
==1069==    by 0x12E079: eapol_start (eapol.c:2022)
==1069==    by 0x1143A5: netdev_connect_event (netdev.c:1728)
==1069==    by 0x118751: netdev_mlme_notify (netdev.c:3406)
==1069==    by 0x1734F1: notify_handler (genl.c:454)
==1069==    by 0x168987: l_queue_foreach (queue.c:441)
==1069==    by 0x173561: process_multicast (genl.c:469)
2018-09-24 12:19:27 -05:00
Denis Kenzior
2527f79670 auto-t: Add WPS tests for StartPin method
This adds two additional test scenarios (using 4 digit and 8 digit
PINs) for testing the StartPin method of the WiFiSimpleConfiguration
interface.
2018-09-24 12:19:27 -05:00
Denis Kenzior
332d4f8e61 auto-t: Add additional utilities for WPS PIN support 2018-09-24 12:19:27 -05:00
Denis Kenzior
3ca1aeb917 wsc: Don't use wsc_pin_is_checksum_valid on 4 digit PINs
wsc_pin_is_valid allows two types of PINs through:
  1. 4 digit numeric PIN
  2. 8 digit numeric PIN

The current code always calls wsc_pin_is_checksum_valid to determine
whether a DEFAULT or USER_SPECIFIED PIN is used.  However, this function
is not safe to call on 4 digit PINs and causes a buffer overflow.

Add simple checks to treat 4 digit PINs as DEFAULT PINs and do not call
wsc_pin_is_checksum_valid on these.

Reported-By: Matthias Gerstner <matthias.gerstner@suse.de>
2018-09-24 12:19:27 -05:00
Denis Kenzior
cc37018426 eap-wsc: Drop 8 digit PIN check
EAP-WSC handles 4 digit, 8 digit and out-of-band Device passwords.  The
latter in particular can be anything, so drop the mandatory minimum
password length check here.

This also has the effect of enabling 4-digit PINs to actually work as
they are intended.
2018-09-24 12:19:27 -05:00
Tim Kourt
a3cc68e61e ttls: add radius AVP builder and build response 2018-09-21 18:07:58 -05:00
Marcel Holtmann
ce91b7c27b wired: Store network basename and filter out by prefix 2018-09-21 18:07:53 -05:00
Marcel Holtmann
cf09ba9b73 test: Add utility for monitoring ead's D-Bus interface 2018-09-21 18:07:53 -05:00
Marcel Holtmann
292f9dd3f6 wired: Issue all property changed signals when link goes down 2018-09-21 18:07:53 -05:00
Marcel Holtmann
4b853f115b wired: Make sure that property changed signals are sent 2018-09-21 18:07:53 -05:00
Tim Kourt
4d8791dd3a ttls: replace old AVP processing with new 2018-09-21 15:20:18 -05:00
Tim Kourt
5d1d1ad893 ttls: add radius AVP parser 2018-09-21 15:19:13 -05:00
Tim Kourt
71ba8ac765 ttls: introduce phase2_method structure
The struct allows to support multiple types of the tunneled methods.
Previously, EAP-TTLS was supporting only the eap based ones.
This patch is also starts to move some of the phase 2 EAP
functionality into the new structure.
2018-09-21 15:19:13 -05:00
Tim Kourt
a7f5d1da21 ttls: remove unused state var 2018-09-21 12:15:28 -05:00
Tim Kourt
410ee2f6b9 eap-tls-common: introduce utility functions for eap-tls 2018-09-21 12:15:25 -05:00
James Prestwood
6f833d6cad auto-t: added autotest for FT over SAE
This test was copied from testFT-PSK-roam, but for SAE. The test behaves
as follows:

 - Connect to SAE network (full authentication)
 - Fast transition to another SAE AP
 - Fast transition to a PSK/WPA2 AP
2018-09-21 11:29:19 -05:00