3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-22 21:22:37 +01:00
Commit Graph

6905 Commits

Author SHA1 Message Date
Neehar Vijay
c63783ee89 client: fix extra newlines in station show
This change removes duplicate calls to display_table_footer(), in
station show.

Before this change, the bug caused an extra newline to be output every
time the table updated. This only occurred when the network was
disconnected.

    $ iwctl
    [iwd]# station wlan0 show
2022-11-02 16:39:59 -05:00
James Prestwood
069d6d1d9c json: update internal type definition to match JSMN
Fixes: ceda955ba7 ("shared: Update JSMN to latest version")
2022-11-02 15:02:58 -05:00
Marcel Holtmann
ceda955ba7 shared: Update JSMN to latest version 2022-11-02 11:33:04 +01:00
Marcel Holtmann
4ffcde8125 json: Set defines before including shared/jsmn.h 2022-11-02 11:25:35 +01:00
James Prestwood
d4da6b5bec netdev: parse michael MIC failure message
This event indicates a security issue. The proper handling would be
to rekey but for now at least provide some information to the user.
2022-11-01 15:56:20 -05:00
James Prestwood
9f1fa53aae nl80211util: add key type/idx to nl80211_parse_attrs 2022-11-01 15:56:17 -05:00
James Prestwood
53469c5c0d netdev: fix key setting for authenticators
The netdev_copy_tk function was being hard coded with authenticator
set to false. This isn't important for any ciphers except TKIP but
now that AP mode supports TKIP it needs to be fixed.
2022-11-01 15:52:56 -05:00
James Prestwood
707b12abf8 netdev: add more info to key setting debug messages
Specify that the ifindex is being printed and print the key ID
as well.
2022-11-01 15:52:39 -05:00
James Prestwood
91daa22ed4 auto-t: fix testAP-no-support disabled ciphers
The disabled cipher list contained a '.' instead of ',' which prevented
the subsequent ciphers from being disabled. This was only group management
ciphers so it didn't have any effect on the test.
2022-11-01 15:51:53 -05:00
James Prestwood
802e9e5916 hwsim: add remaining ciphers to supported list
This list was not updated when adding the new ciphers which prevented
these ciphers from being disabled.
2022-11-01 15:50:41 -05:00
James Prestwood
47b6da81b4 client: show frequency with ap show 2022-11-01 15:49:12 -05:00
James Prestwood
0f95c97649 ap: add frequency to AP interface 2022-11-01 15:48:59 -05:00
Denis Kenzior
d129c54364 doc: Add Frequency property to Access Point 2022-11-01 15:48:56 -05:00
James Prestwood
99c0cdfab4 monitor: put nortnl check into nlmon_print_rtnl
Doing this allows --nortnl to work when reading pcaps.
2022-10-27 14:11:14 -05:00
Marcel Holtmann
342acc9a67 README: Update links to mailing list and its archive 2022-10-27 17:02:56 +02:00
James Prestwood
4af66b8cac auto-t: test AP mode using TKIP
This limits all supported ciphers to TKIP and verifies the AP
starts and can authenticate clients.
2022-10-27 09:40:41 -05:00
James Prestwood
81e48eaba5 hwsim: add additional ciphers to disable list
Allows these ciphers to be disabled when creating radios.
2022-10-27 09:40:32 -05:00
James Prestwood
13bdb5ee80 monitor: remove -F option
This is now handled automatically by setting read_only which
bypasses the family ID check.
2022-10-26 16:48:45 -05:00
James Prestwood
ad51250835 monitor: allow parsing pcaps without -F option
The -F option is undocumented but allows you to pass a nl80211
family ID so iwmon doesn't ignore messages which don't match the
systems nl80211 family ID (i.e. pcaps from other systems).

This is somewhat of a pain to use since its unclear what the other
system's family ID actually is until you run it though something
like wireshark. Instead iwmon can ignore the family ID when in
read mode which makes reading other systems pcap files automatic.
2022-10-26 16:48:21 -05:00
James Prestwood
5ebcc48814 monitor: pass config to nlmon_create
Expand nlmon_create to be useful for both pcaps and monitoring. Doing
this also lets iwmon filter pcaps based on --no-ies,rtnl,scan etc
flags since they are part of the config.
2022-10-26 16:47:46 -05:00
James Prestwood
5d8b86ff7c eapol: add TKIP support in AP mode
Though TKIP is deprecated and insecure its trivial to support it in
AP mode as we already do in station. This is only to allow AP mode
for old hardware that may only support TKIP. If the hardware supports
any higher level cipher that will be chosen automatically.
2022-10-26 14:20:25 -05:00
James Prestwood
98b684b417 unit: test-arc4: test RC4 both directions
Tests that the data both encrypts and decrypts.
2022-10-26 14:20:05 -05:00
James Prestwood
1f9d9e1eb1 auto-t: allow printing devices in AP mode
The __str__ function assumed station mode which throws an exception
if the device is in AP mode. Fix this as well as print out the mode
the device is in.
2022-10-26 14:19:55 -05:00
James Prestwood
8bc871ba62 auto-t: fix get_ordered_network if hostapd isn't running
This API optimizes scanning to run tests quickly by only scanning
the frequencies which hostapd is using. But if a test doesn't use
hostapd this API raises an uncaught exception.

Check if hostapd is being used, and if not just do a full scan.
2022-10-26 14:19:35 -05:00
James Prestwood
4da101da92 eapol: choose key descriptor version in AP mode
The key descriptor version was hard coded to HMAC_SHA1_AES which
is correct when using IE_RSN_AKM_SUITE_PSK + CCMP. ap.c hard
codes the PSK AKM but still uses wiphy to select the cipher. In
theory there could be hardware that only supports TKIP which
would then make IWD non-compliant since a different key descriptor
version should be used with PSK + TKIP (HMAC_MD5_ARC4).

Now use a helper to sort out which key descriptor should be used
given the AKM and cipher suite.
2022-10-26 14:18:00 -05:00
Andrew Zaborowski
639e2a6fa3 netconfig: Avoid generating events after netconfig_reset
Similarly to l_netconfig track whether IWD's netconfig is active (from
the moment of netconfig_configure() till netconfig_reset()) using a
"started" flag and avoid handling or emitting any events after "started"
is cleared.

This fixes an occasional issue with the Netconfig Agent backend where
station would reset netconfig, netconfig would issue DBus calls to clear
addresses and routes, station would go into DISCONNECTING, perhaps
finish and go into DISCONNECTED and after a while the DBus calls would
come back with an error which would cause a NETCONFIG_EVENT_FAILED
causing station to call netdev_disconnct() for a second time and
transition to and get stuck in DISCONNECTING.
2022-10-26 14:16:22 -05:00
Andrew Zaborowski
72c2a94df9 netconfig: Print addresses added and removed to debug log 2022-10-26 14:15:59 -05:00
Denis Kenzior
75ec7d8076 ap: Limit pairwise and group ciphers to CCMP|TKIP 2022-10-26 14:14:39 -05:00
Denis Kenzior
60bd973441 auto-t: Add tests for GMAC/GMAC-256/CMAC-256 2022-10-24 11:05:24 -05:00
Denis Kenzior
7584b38562 wiphy: Support more group management cipher suites 2022-10-24 11:05:24 -05:00
Denis Kenzior
d1acc80331 netdev: Support more IGTK cipher suites 2022-10-24 11:05:24 -05:00
Denis Kenzior
17131c860a ie: Support more group management cipher suites 2022-10-24 11:05:24 -05:00
Denis Kenzior
3f60bd7e63 auto-t: Add GCMP|CCMP-256 to WPA2 test 2022-10-24 11:05:24 -05:00
Denis Kenzior
2f64f0d080 doc: Document GCMP|CCMP-256 ciphers 2022-10-24 11:05:24 -05:00
Denis Kenzior
ecadc72bcd wiphy: Support GCMP|CCMP-256 cipher suites 2022-10-24 11:05:24 -05:00
Denis Kenzior
fb9bcdadec station: Use IE_CIPHER_IS_GCMP_CCMP 2022-10-24 11:05:24 -05:00
Denis Kenzior
e61cada28f ie: Add IE_CIPHER_IS_GCMP_CCMP inline
Similar to IE_AKM_IS_* functions
2022-10-24 11:05:24 -05:00
Denis Kenzior
b3c3b08785 netdev: Add support for CCMP|GCMP-256
These are similar to CCMP/GCMP, just a different key size which is
already taken care of by calling crypto_cipher_key_len
2022-10-24 11:05:24 -05:00
Denis Kenzior
5998043bd2 ie: Add support for GCMP|CCMP-256 2022-10-24 11:05:24 -05:00
Denis Kenzior
e30298d957 auto-t: Support multiple pairwise ciphers in WPA2 2022-10-24 11:05:24 -05:00
Denis Kenzior
8799d5a393 station: diagnostic: implement PairwiseCipher 2022-10-24 11:05:24 -05:00
Denis Kenzior
bf4ad7a6e7 doc: Document PairwiseCipher property
Add an additional optional PairwiseCipher property on
net.connman.iwd.StationDiagnostic interface that will hold the current
pairwise cipher in use for the connection.
2022-10-24 11:05:24 -05:00
Denis Kenzior
81b9eb515e wiphy: Support GCMP cipher suite 2022-10-24 11:05:24 -05:00
Denis Kenzior
4c30bd68ea wiphy: Generalize supported cipher dumper
To make it easier to support additional ciphers in the future.
2022-10-24 11:05:24 -05:00
Denis Kenzior
8040826079 ie: add ie_rsn_cipher_suite_to_string 2022-10-24 11:05:24 -05:00
Denis Kenzior
150856c315 ie: Add support for GCMP cipher suite 2022-10-24 11:05:24 -05:00
Denis Kenzior
d643964fed netdev: Add support for setting GCMP keys 2022-10-24 11:05:24 -05:00
Denis Kenzior
7ab97db9a9 netdev: Build RSN attributes in a common function
Both CMD_ASSOCIATE and CMD_CONNECT paths were using very similar code to
build RSN specific attributes.  Use a common function to build these
attributes to cut down on duplicated code.

While here, also start using ie_rsn_cipher_suite_to_cipher instead of
assuming that the pairwise / group ciphers can only be CCMP or TKIP.
2022-10-24 11:05:24 -05:00
Denis Kenzior
59ace1b691 ie: Skip unknown pairwise ciphers 2022-10-24 11:05:24 -05:00
Denis Kenzior
ec3085e932 crypto: Add new cipher definitions 2022-10-24 11:05:24 -05:00