3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-23 07:29:28 +01:00
Commit Graph

2513 Commits

Author SHA1 Message Date
Denis Kenzior
04506c9afa netdev: Update to the new watchlist API 2017-09-06 14:29:33 -05:00
Denis Kenzior
0fa0d49adc device: Update to the new watchlist API 2017-09-06 14:29:01 -05:00
Denis Kenzior
2071fb7836 watchlist: Support polymorphic watchlist_items 2017-09-06 11:54:45 -05:00
Denis Kenzior
4a9d8278b4 util: Add container_of macro 2017-09-06 11:50:15 -05:00
Marcel Holtmann
af22a75fbb monitor: Include OUI value for AVM 2017-09-06 03:50:30 -07:00
Marcel Holtmann
fa98cee942 monitor: Fix minor typo 2017-09-06 03:15:46 -07:00
Denis Kenzior
023ba1ea32 mpdu: Fix error
src/mpdu.c: In function ‘mpdu_validate’:
src/mpdu.c:180:9: error: ‘mmpdu’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
   mmpdu = (const struct mmpdu_header *) mmpdu;
         ^
2017-08-31 18:23:47 -05:00
Denis Kenzior
ba54fded0b netdev: Simplify event watches using watchlist 2017-08-31 18:18:41 -05:00
Andrew Zaborowski
fd661d5e9f unit: Use new mpdu.h structs 2017-08-31 15:13:31 -05:00
Andrew Zaborowski
c8854d9a4c hwsim: Use new mpdu.h structs 2017-08-31 15:13:09 -05:00
Andrew Zaborowski
76dd86d816 monitor: Use new mpdu.h structs
This may also fix displaying authentication and deauthentication frames.
2017-08-31 15:12:49 -05:00
Andrew Zaborowski
303683c89f mpdu: Refactor mpdu structs
Refactor management frame structures to take into account optional
presence of some parts of the header:
 * drop the single structure for management header and body since
   the body offset is variable.
 * add mmpdu_get_body to locate the start of frame body.
 * drop the union of different management frame type bodies.
 * prefix names specific to management frames with "mmpdu" instead
   of "mpdu" including any enums based on 802.11-2012 section 8.4.
 * move the FC field to the mmpdu_header structure.
2017-08-31 15:11:30 -05:00
Andrew Zaborowski
66325e8c9b eapol: Implement eapol_encrypt_key_data
Add a function to do the inverse of eapol_decrypt_key_data to be used in
eapol server.  Only AES-based versions supported.
2017-08-31 13:21:05 -05:00
Denis Kenzior
da029bead8 unit: Use overlapped in/out buffers
Since aes_wrap & aes_unwrap advertise support for overlapped in/out
buffers, make sure that the unit test actually tests this as well.
valgrind will complain if the memory is overlapped and memcpy is used
instead of memmove.
2017-08-31 13:16:28 -05:00
Denis Kenzior
9da2d64980 unit: Add check that AES is present 2017-08-31 13:15:15 -05:00
Andrew Zaborowski
ef652642b5 unit: Test aes_wrap and aed_unwrap in test-crypto 2017-08-31 13:10:47 -05:00
Denis Kenzior
6d6fa57550 crypto: Make aes_unwrap look similar to aes_wrap
Running basic performance testing on x86 shows new and old code within a
few percent of each other.  The main penalty is the AES AF_ALG
invocation.
2017-08-31 13:00:46 -05:00
Andrew Zaborowski
4f865ba9f8 crypto: Implement aes_wrap
Add the inverse of aes_unwrap for eapol server usage.
2017-08-31 12:53:53 -05:00
Andrew Zaborowski
f66ae1e481 crypto: remove unneeded assignments in aes_unwrap
A is present in the specification but in practice B always contains A so
drop A.
2017-08-30 22:47:08 -05:00
Andrew Zaborowski
f659265000 netdev: Clarify the PTK->TK to MIC key mapping
Cite 802.11 in the comments and use nl80211.h constants to map the tx
and rx keys correctly.
2017-08-30 22:45:28 -05:00
Andrew Zaborowski
092ede1147 eapol: Stricter length check in eapol_decrypt_key_data
The plaintext key_data + padding must be at least 16 bytes so the
AES-encrypted key_data must be at least 24 bytes.
2017-08-30 22:42:20 -05:00
James Prestwood
a0cde90814 autotest: Added autotest for EAP-AKA' 2017-08-30 21:01:45 -05:00
James Prestwood
1c34452a7b eap-aka: RAND and AUTN were not being checked
When processing the challenge, the AT_RAND and AT_AUTN attributes
were never being checked if they were present.
2017-08-30 21:01:35 -05:00
James Prestwood
5d98c7adcf aka-prime: EAP-AKA' implementation
This EAP method uses nearly all the logic from EAP-AKA. The major
difference is it uses the new key derivation functions for AKA' as
well as the SHA256 MAC calculation.
2017-08-30 21:01:22 -05:00
James Prestwood
83995b5099 unit: update SIM unit tests to derive MAC changes 2017-08-30 17:31:43 -05:00
James Prestwood
e29d0dd69c simutil: updated EAP-SIM/AKA MAC API's to take type
EAP-AKA' uses SHA256 rather than SHA1 to generate the packet MAC's.
This updates the derive MAC API to take the EAP method type and
correctly use the right SHA variant to derive the MAC.
2017-08-30 17:31:39 -05:00
Denis Kenzior
44463389f1 wscutil: Fix invalid type conversion
We should be assigning to an enum type instead of a uint8.  This showed
up on PowerPC where the endianness affected the result.
2017-08-30 16:58:14 -05:00
James Prestwood
af0e432e0f eap: added EAP-AKA' method type 2017-08-30 16:43:38 -05:00
James Prestwood
8b575103b6 unit: Added unit tests for EAP-AKA' API's
This adds unit tests for the new key derivation functions
in simutil.c. The test data was obtained from RFC 5448
(case 1 and 2).
2017-08-30 16:39:10 -05:00
James Prestwood
c6bb0eb32d simutil: Added new key/prf functions for EAP-AKA'
This is the core key generation code for the AKA' method which
follows RFC 5448. Two new functions are implemented, one for
deriving CK'/IK' and the other for deriving the encryption keys
using CK'/IK'.
2017-08-30 16:39:10 -05:00
Marcel Holtmann
5cbd0aa1d9 build: Make sure iwd-dbus.conf gets included in the distribution 2017-08-30 23:37:19 +02:00
Marcel Holtmann
aa668df7c9 build: Remove readline/readline.h and readline/history.h from SOURCES 2017-08-30 23:29:18 +02:00
Marcel Holtmann
c0a77f32c1 test-runner: Add support for Qemu on PowerPC 32-bit and 64-bit 2017-08-30 14:25:03 -07:00
Marcel Holtmann
f41fa52f99 client: Set saveptr argument of strtok_r to NULL for initial invocation 2017-08-30 23:17:53 +02:00
Marcel Holtmann
d8d7a31f74 build: Use PKG_PROG_PKG_CONFIG to ensure $PKG_CONFIG is set 2017-08-30 23:09:42 +02:00
Marcel Holtmann
1db66dbe51 monitor: Use extra unsigned variable to make NLMSG_OK macro happy 2017-08-30 22:56:23 +02:00
Marcel Holtmann
e578b7071d build: Add missing unit/test-eap-sim to .gitignore 2017-08-30 20:50:51 +02:00
Andrew Zaborowski
eda160de12 eapol: Set a timeout for preauthentication
Wait 1 second for the first EAP frame to be received, after that wait up
to 3 seconds for all of EAP to complete.
2017-08-25 11:26:26 -05:00
Tim Kourt
9bb19526d9 client: Exclude unnecessary checks
Arrays are guaranteed to be initialized during
the compilation time.
2017-08-23 16:26:05 -05:00
Tim Kourt
4d626d6576 monitor: Fix casting error
Fix for the cros-compilation with Chromium OS’s toolchain
that uses GCC 4.9
2017-08-23 16:26:05 -05:00
Andrew Zaborowski
d3cf79ed12 autotests: Restore AP beacons after timeout in testFT-PSK-roam
In the beacon loss test try to simulate a periodic communication problem
because we don't support roaming if the AP goes away completely.
2 seconds seems to be enough to consistently trigger the beacon_loss
event without triggering a disconnect by the linux kernel or hiding the AP
from the roam scan.  Also set the RSSI for that AP lower so that it is
not reselected by iwd.
2017-08-23 13:26:58 -05:00
Andrew Zaborowski
b66d55c52c doc: Add hwsim.Rule.Drop property 2017-08-23 13:26:58 -05:00
Andrew Zaborowski
bf86081eba hwsim: Add Rule.Drop property
Add a way to have matching packets dropped by the hwsim medium.
2017-08-23 13:26:58 -05:00
Andrew Zaborowski
07b04e180f agent: Add a destroy function parameter for agent requests 2017-08-22 23:28:36 -05:00
Andrew Zaborowski
452e174802 netdev: RSSI polling support for less capable drivers
If the kernel device driver or the kernel nl80211 version doesn't
support the new RSSI threshold list CQM monitoring, implement similar
logic in iwd with periodic polling.  This is only active when an RSSI
agent is registered to receive the events.  I tested this with the same
testRSSIAgent autotests that tests the driver-side rssi monitoring
except with all timeouts multiplied by ~20.
2017-08-22 22:51:34 -05:00
James Prestwood
417367e272 eap-sim: Fix EAP-SIM version list length checks
The AT_VERSION_LIST attribute length was not being properly
checked. The actual length check did not include possible padding
bytes, so align_len() was added to ensure it was padded properly.
The comment about the padding being included in the Master Key
generation was not correct (padding is NOT included), and was removed.
2017-08-22 12:40:22 -05:00
Andrew Zaborowski
23af935e7b eapol: Add eapol_sm_set_require_handshake
Function to allow netdev.c to explicitly tell eapol.c whether to expect
EAP / 4-Way handshake.  This is to potentially make the code more
descriptive, until now we'd look at sm->handshake->ptk_complete to see
if a new PTK was needed.

A 4-Way handshake is required on  association to an AP except after FT.
2017-08-21 18:35:00 -05:00
James Prestwood
14dcda4d59 autotest: EAP-AKA autotest
Implemented milenage algorithm in hlrauc.py. Unlike EAP-SIM, the
authentication center must compute several values to give back
to the server (hostapd). This was already done by IWD as the peer
in EAP-AKA, but was also needed on the server side (HLR AuC).
2017-08-21 18:22:28 -05:00
James Prestwood
6aaa917dde aka: EAP-AKA protocol implementation 2017-08-21 18:20:10 -05:00
James Prestwood
7c61d0365e autotest: EAP-SIM autotest
Included an HLR AuC python implementation that is required by
hostapd. This is what hostapd uses to retrieve SIM card values
over a UNIX socket.
2017-08-21 18:04:52 -05:00