3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-21 03:32:42 +01:00
Commit Graph

7245 Commits

Author SHA1 Message Date
Denis Kenzior
cfb468e44d monitor: Move iwmon reading logic into main.c
To support multiple nlmon sources, move the logic that reads from iwmon
device into main.c instead of nlmon.  nlmon.c now becomes agnostic of
how the packets are actually obtained.  Packets are fed in via
high-level APIs such as nlmon_print_rtnl, nlmon_print_genl,
nlmon_print_pae.
2024-01-02 10:59:38 -06:00
Denis Kenzior
a5f5578a61 monitor: Use nlmon_print_* inside nlmon_receive
The current implementation inside nlmon_receive is asymmetrical.  RTNL
packets are printed using nlmon_print_rtnl while GENL packets are
printed using nlmon_message.

nlmon_print_genl and nlmon_print_rtnl already handle iterating over data
containing multiple messages, and are used by nlmon started in reader
mode.  Use these for better symmetry inside nlmon_receive.

While here, move store_netlink() call into nlmon_print_rtnl.  This makes
handling of PCAP output symmetrical for both RTNL and GENL packets.
This also fixes a possibility where only the first message of a
multi-RTNL packet would be stored.
2024-01-02 10:59:36 -06:00
Denis Kenzior
cc371641ed monitor: Remove unused PACKET_AUXDATA handling 2024-01-02 10:59:34 -06:00
Denis Kenzior
9ba6dac066 monitor: Remove unused code path
nlmon_print_genl invokes genl_ctrl when a generic netlink control
message is encountered.  genl_ctrl() tries to filter nl80211 family
appearance messages and setup nlmon->id with the extracted family id.
However, the id is already provided inside main.c by using nlmon_open,
and no control messages are processed by nlmon in 'capture' mode (-r
command line argument not passed) since all genl messages go through
nlmon_message() path instead.
2024-01-02 10:59:20 -06:00
Sam James
ba9717d445 configure.ac: fix bashism
configure scripts need to be runnable with a POSIX-compliant /bin/sh.

On many (but not all!) systems, /bin/sh is provided by Bash, so errors
like this aren't spotted. Notably Debian defaults to /bin/sh provided
by dash which doesn't tolerate such bashisms as '+='.

This retains compatibility with bash. Just copy the expanded append like
we do on the line above.

Fixes warnings like:
```
./configure: 13352: CFLAGS+= -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2: not found
```
2023-12-31 20:35:26 -06:00
Denis Kenzior
e89ba32d30 build: Fix build with openssl 3.2
make --no-print-directory all-am
openssl req -new -extensions cert_ext \
		-config ./unit/gencerts.cnf \
		-subj '/O=Foo Example Organization/CN=Foo Example Organization/emailAddress=foo@mail.example' \
		-key unit/cert-server-key.pem -out unit/cert-server.csr
Error adding request extensions from section cert_ext
4057AC4D6F7F0000:error:11000079:X509 V3 routines:v2i_AUTHORITY_KEYID:no issuer certificate:crypto/x509/v3_akid.c:156:
4057AC4D6F7F0000:error:11000080:X509 V3 routines:X509V3_EXT_nconf_int:error in extension:crypto/x509/v3_conf.c:48:section=cert_ext, name=authorityKeyIdentifier, value=keyid:always,issuer:always
make[1]: *** [Makefile:3962: unit/cert-server.csr] Error 1
2023-12-31 11:02:04 -06:00
Marcel Holtmann
a938313cba Release 2.12 2023-12-27 13:31:43 +01:00
James Prestwood
390fd58cad auto-t: increase RAM when running with valgrind (UML)
This was done for QEMU but not for UML. Running more than a few
tests with --valgrind will generally thrown an OOM error pretty
quick.
2023-12-19 19:48:51 -06:00
James Prestwood
0f1d9685e7 auto-t: add DPP tests to check extra settings are applied
In order to test that extra settings are applied prior to connecting
two tests were added for hidden networks as well as one testing if
there is already an existing profile after DPP.

The reason hidden networks were used was due to the requirement of
the "Hidden" settings in the profile. If this setting doesn't get
sync'ed to disk the connection will fail.
2023-12-19 19:48:45 -06:00
James Prestwood
8f5109c439 dpp: fix extra settings not being used when connecting
Before this change DPP was writing the credentials both to disk
and into the network object directly. This allowed the connection
to work fine but additional settings were not picked up due to
network_set_passphrase/psk loading the settings before they were
written.

Instead DPP can avoid setting the credentials to the network
object entirely and just write them to disk. Then, wait for
known networks to notify that the profile was either created
or updated then DPP can proceed to connecting. network_autoconnect()
will take care of loading the profile that DPP wrote and remove the
need for DPP to touch the network object at all.

One thing to note is that an idle callback is still needed from
within the known networks callback. This is because a new profile
requires network.c to set the network_info which is done in the
known networks callback. Rather than assume that network.c will be
called into before dpp.c an l_idle was added.
2023-12-19 12:41:50 -06:00
James Prestwood
7a76385ec9 knownnetworks: Add UPDATED event
If a known network is modified on disk known networks does not have
any way of notifying other modules. This will be needed to support a
corner case in DPP if a profile exists but is overwritten after DPP
configuration. Add this event to known networks and handle it in
network.c (though nothing needs to be done in that case).
2023-12-19 12:41:36 -06:00
Sergei Trofimovich
688d277008 dpp: fix data corruption around prf_plus() call
Without the change test-dpp fails on aarch64-linux as:

    $ unit/test-dpp
    TEST: DPP test responder-only key derivation
    TEST: DPP test mutual key derivation
    TEST: DPP test PKEX key derivation
    test-dpp: unit/test-dpp.c:514: test_pkex_key_derivation: Assertion `!memcmp(tmp, __tmp, 32)' failed.

This happens due to int/size_t type mismatch passed to vararg
parameters to prf_plus():

    bool prf_plus(enum l_checksum_type type, const void *key, size_t key_len,
               void *out, size_t out_len,
               size_t n_extra, ...)
    {
       // ...
       va_start(va, n_extra);

       for (i = 0; i < n_extra; i++) {
               iov[i + 1].iov_base = va_arg(va, void *);
               iov[i + 1].iov_len = va_arg(va, size_t);
       // ...

Note that varargs here could only be a sequence of `void *` / `size_t`
values.

But in src/dpp-util.c `iwd` attempted to pass `int` there:

   prf_plus(sha, prk, bytes, z_out, bytes, 5,
            mac_i, 6, // <- here
            mac_r, 6, // <- and here
            m_x, bytes,
            n_x, bytes,
            key, strlen(key));

aarch64 stores only 32-bit value part of the register:

    mov     w7, #0x6
    str     w7, [sp, #...]

and loads full 64-bit form of the register:

    ldr     x3, [x3]

As a result higher bits of `iov[].iov_len` contain unexpected values and
sendmsg sends a lot more data than expected to the kernel.

The change fixes test-dpp test for me.

While at it fixed obvious `int` / `size_t` mismatch in src/erp.c.

Fixes: 6320d6db0f ("crypto: remove label from prf_plus, instead use va_args")
2023-12-18 22:14:45 -06:00
James Prestwood
5af1fe34b6 network: remove 'path' from settings_load_pt_ecc
The path argument was used purely for debugging. It can be just as
informational printing just the SSID of the profile that failed to
parse the setting without requiring callers allocate a string to
call the function.
2023-12-15 10:21:44 -06:00
James Prestwood
63e35dbd88 auto-t: throw exception if executable is missing
Certain tests may require external processes to work
(e.g. testNetconfig) and if missing the test will just hang until
the maximum test timeout. Check in start_process if the exe
actually exists and if not throw an exception.
2023-12-15 10:21:01 -06:00
James Prestwood
60e165095a auto-t: add H2E password identifier test
In order to support identifiers the test profiles needed to be
reworked due to hostapd allowing multiple password entires. You
cannot just call set_value() with a new entry as the old ones
still exist. Instead use a unique password for the identifier and
non-identifier use cases.

After adding this test the failure_test started failing due to
hostapd not starting up. This was due to the group being unsupported
but oddly only when hostapd was reloaded (running the test
individually worked). To fix this the group number was changed to 21
which hostapd does support but IWD does not.
2023-12-15 10:21:01 -06:00
James Prestwood
da94b2c6a9 doc: document [Security].PasswordIdentifier 2023-12-15 10:21:01 -06:00
James Prestwood
3349cdd5f4 network: add support for SAE password identifiers
Adds a new network profile setting [Security].PasswordIdentifier.
When set (and the BSS enables SAE password identifiers) the network
and handshake object will read this and use it for the SAE
exchange.

Building the handshake will fail if:
 - there is no password identifier set and the BSS sets the
   "exclusive" bit.
 - there is a password identifier set and the BSS does not set
   the "in-use" bit.
2023-12-15 10:21:01 -06:00
Marcel Holtmann
e8e5d91e5a Release 2.11 2023-12-14 00:00:17 +01:00
James Prestwood
0979ff697a netdev: station: remove NETDEV_EVENT_FT_ROAMED
The notification for roaming success/failure is now handled with
the connect callback.
2023-12-13 10:12:53 -06:00
James Prestwood
393b6ee87b ft: remove ft_associate and helpers
The reassociation is done through netdev directly, these are no
longer needed.
2023-12-13 10:12:41 -06:00
James Prestwood
56dac6744b station: use netdev_ft_reassociate
Using this will provide netdev with a connect callback and unify the
roaming result notification between FT and reassociation. Both paths
will now end up in station_reassociate_cb.

This also adds another return case for ft_handshake_setup which was
previously ignored by ft_associate. Its likely impossible to actually
happen but should be handled nevertheless.

Fixes: 30c6a10f28 ("netdev: Separate connect_failed and disconnected paths")
2023-12-13 10:12:08 -06:00
James Prestwood
7b0cda76a9 netdev: add netdev_ft_reassociate
Essentially exposes (and renames) netdev_ft_tx_associate in order to
be called similarly to netdev_reassociate/netdev_connect where a
connect callback can be provided. This will fix the current bug where
if association times out during FT IWD will hang and never transition
to disconnected.

This also removes the calling of the FT_ROAMED event and instead just
calls the connect callback (since its now set). This unifies the
callback path for reassociation and FT roaming.
2023-12-13 10:10:46 -06:00
James Prestwood
4efd1a1702 ft: add ft_handshake_setup
This will be called from station after FT-authentication has
finished. It sets up the handshake object to perform reassociation.

This is essentially a copy-paste of ft_associate without sending
the actual frame.
2023-12-13 10:09:52 -06:00
James Prestwood
cf137f4199 ft: add FTE/RSNE building to ft_prepare_handshake
In preparation to remove ft_associate build the FTE/RSNE in
ft_prepare_handshake and set into the handshake object directly.
2023-12-13 10:09:03 -06:00
James Prestwood
0a0a257e1e handshake: remove handshake_state_set_fte
Replaced by set_authenticator_fte
2023-12-13 10:08:53 -06:00
James Prestwood
4f80e8baef unit: use authenticator_fte 2023-12-13 10:08:44 -06:00
James Prestwood
6b677e8db0 handshake: use authenticator_fte instead of 'fte' 2023-12-13 10:08:06 -06:00
James Prestwood
a7fe6a9c12 handshake: add setters for authenticator/supplicant_fte
In general only the authenticator FTE is used/validated but with
some FT refactoring coming there needs to be a way to build the
supplicants FTE into the handshake object. Because of this there
needs to be separate FTE buffers for both the authenticator and
supplicant.
2023-12-13 10:07:28 -06:00
James Prestwood
d756e60f24 auto-t: only call set_value for changed values in default()
The default() method was added for convenience but was extending the
test times significantly when the hostapd config was lengthy. This
was because it called set_value for every value regardless if it
had changed. Instead store the current configuration and in default()
only reset values that differ.
2023-12-13 10:07:23 -06:00
James Prestwood
65a03d8049 auto-t: add association timeout test
This tests ensures IWD disconnects after receiving an association
timeout event. This exposes a current bug where IWD does not
transition to disconnected after an association timeout when
FT-roaming.
2023-12-13 10:07:20 -06:00
James Prestwood
5a426433dd auto-t: add explicit stop() to IWD class
If tests end in an unknown state it is sometimes required that IWD
be stopped manually in order for future tests to run. Add a stop()
method so test tearDown() methods can explicitly stop IWD.
2023-12-13 10:07:18 -06:00
James Prestwood
84d018e722 auto-t: fix SignalAgent Release arguments
The path for IWD to call this doesn't ever happen in autotests
but during debugging of the DPP agent it was noticed that the
DBus signature was incorrect and would always result in an error
when calling from IWD.
2023-12-13 10:06:32 -06:00
James Prestwood
0dd2f0000e dpp: set "" arguments to Release method call
Without this the DBus message does not initialize the message
correctly which causes future DBus calls to fail.
2023-12-13 10:06:07 -06:00
James Prestwood
ded1a35c41 sae: add debugging for incorrect password identifier
If the AP rejects the auth because of an unknown identifier catch
this and log the error.
2023-12-06 10:58:44 -06:00
James Prestwood
3524b5ef43 mpdu: add unknown password identifier status 2023-12-06 10:58:38 -06:00
James Prestwood
737ebf437f sae: include password identifier IE in commit
Include the IE if a password identifier is being used. This is only
supported by H2E as required by 802.11.
2023-12-06 10:58:13 -06:00
James Prestwood
c1d40e2263 handshake: add password identifier/setter 2023-12-06 10:52:28 -06:00
James Prestwood
62dad5e792 network: pass scan_bss into network_load_psk
For adding SAE password identifiers the capability bits need to be
verified when loading the identifier from the profile. Pass the
BSS object in to network_load_psk rather than the 'need_passphrase'
boolean.
2023-12-06 10:45:46 -06:00
James Prestwood
2d26304663 scan: parse password identifier/exclusive bits
These bits are used to communicate to the station that SAE password
identifiers are used or required.
2023-12-06 10:44:45 -06:00
Denis Kenzior
195d1f8720 netdev: Remove vendor_ies from netdev_connect signature
The vendor IEs are now passed in the handshake_state object instead.
2023-11-30 17:10:01 -06:00
Denis Kenzior
0bb181a368 wsc: Use handshake to pass vendor ies
Instead of passing them directly via netdev_connect
2023-11-30 17:09:57 -06:00
Denis Kenzior
788c7ed010 p2p: Use handshake to pass vendor ies
Instead of passing them directly via netdev_connect
2023-11-30 17:09:45 -06:00
Denis Kenzior
fda946e070 netdev: iov_ie_append: Support iovecs with multiple IEs
iov_ie_append assumed that a single IE was being added and thus the
length of the IE could be extracted directly from the element.  However,
iov_ie_append was used on buffers which could contain multiple IEs
concatenated together, for example in handshake_state::vendor_ies.  Most
of the time this was safe since vendor_ies was NULL or contained a
single element, but would result in incorrect behavior in the general
case.  Fix that by changing iov_ie_append signature to take an explicit
length argument and have the caller specify whether the element is a
single IE or multiple.

Fixes: 7e9971661b ("netdev: Append any vendor IEs from the handshake")
2023-11-30 17:08:03 -06:00
Denis Kenzior
ba0d35ff38 p2p: Simplify cleanup of ies
Use an _auto_ variable to cleanup IEs allocated by
p2p_build_association_req().  While here, take out unneeded L_WARN_ON
since p2p_build_association_req cannot fail.
2023-11-30 17:06:14 -06:00
Denis Kenzior
305c4113e8 p2p: Simplify handshake_state cleanup 2023-11-30 17:06:12 -06:00
Denis Kenzior
78a39e926f handshake: Add cleanup function for handshake_state
To allow _auto_(handshake_state_free) variables to be used.
2023-11-30 17:06:11 -06:00
Marcel Holtmann
52e6a7c2ee Release 2.10 2023-11-27 16:58:45 +01:00
Marcel Holtmann
8ab24b423b build: Require at least version 0.61 when building with external ELL 2023-11-27 16:33:34 +01:00
James Prestwood
e3b5522769 station: fix crash when deauth comes before FT work completes
If the FT-Authenticate frame has been sent then a deauth is received
the work item for sending the FT-Associate frame is never canceled.
When this runs station->connected_network is NULL which causes a
crash:

src/station.c:station_try_next_transition() 7, target xx:xx:xx:xx:xx:xx
src/wiphy.c:wiphy_radio_work_insert() Inserting work item 5843
src/wiphy.c:wiphy_radio_work_insert() Inserting work item 5844
src/wiphy.c:wiphy_radio_work_done() Work item 5842 done
src/wiphy.c:wiphy_radio_work_next() Starting work item 5843
src/netdev.c:netdev_mlme_notify() MLME notification Remain on Channel(55)
src/ft.c:ft_send_authenticate()
src/netdev.c:netdev_mlme_notify() MLME notification Frame TX Status(60)
src/netdev.c:netdev_link_notify() event 16 on ifindex 7
src/netdev.c:netdev_mlme_notify() MLME notification Del Station(20)
src/netdev.c:netdev_mlme_notify() MLME notification Deauthenticate(39)
src/netdev.c:netdev_deauthenticate_event()
src/netdev.c:netdev_mlme_notify() MLME notification Disconnect(48)
src/netdev.c:netdev_disconnect_event()
Received Deauthentication event, reason: 7, from_ap: true
src/station.c:station_disconnect_event() 7
src/station.c:station_disassociated() 7
src/station.c:station_reset_connection_state() 7
src/station.c:station_roam_state_clear() 7
src/netconfig.c:netconfig_event_handler() l_netconfig event 2
src/netconfig-commit.c:netconfig_commit_print_addrs() removing address: yyy.yyy.yyy.yyy
src/resolve.c:resolve_systemd_revert() ifindex: 7
[DHCPv4] l_dhcp_client_stop:1264 Entering state: DHCP_STATE_INIT
src/station.c:station_enter_state() Old State: connected, new state: disconnected
src/station.c:station_enter_state() Old State: disconnected, new state: autoconnect_quick
src/wiphy.c:wiphy_radio_work_insert() Inserting work item 5845
src/netdev.c:netdev_mlme_notify() MLME notification Cancel Remain on Channel(56)
src/wiphy.c:wiphy_radio_work_done() Work item 5843 done
src/wiphy.c:wiphy_radio_work_next() Starting work item 5844

"Program terminated with signal SIGSEGV, Segmentation fault.",
"#0  0x0000565359ee3f54 in network_bss_find_by_addr ()",
"#0  0x0000565359ee3f54 in network_bss_find_by_addr ()",
"#1  0x0000565359ec9d23 in station_ft_work_ready ()",
"#2  0x0000565359ec0af0 in wiphy_radio_work_next ()",
"#3  0x0000565359f20080 in offchannel_mlme_notify ()",
"#4  0x0000565359f4416b in received_data ()",
"#5  0x0000565359f40d90 in io_callback ()",
"#6  0x0000565359f3ff4d in l_main_iterate ()",
"#7  0x0000565359f4001c in l_main_run ()",
"#8  0x0000565359f40240 in l_main_run_with_signal ()",
"#9  0x0000565359eb3888 in main ()"
2023-11-27 09:23:26 -06:00
Denis Kenzior
bdaae53cf8 erp: Fix buffer overflow for 32 byte SSIDs
ssid is declared as a 32 byte field in handshake_state, hence using it
as a string which is assumed to be nul-terminated will fail for SSIDs
that are 32 bytes long.

Fixes: d938d362b2 ("erp: ERP implementation and key cache move")
Fixes: 433373fe28 ("eapol: cache ERP keys on EAP success")
2023-11-27 11:27:26 +01:00