3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-19 02:39:29 +01:00
Commit Graph

4176 Commits

Author SHA1 Message Date
Andrew Zaborowski
d77fdd087b p2p: Scan for the provision BSS
Add the next step after Provision Discovery or GO Negotiation that is
scanning for the WSC BSS that the GO has set up for client provisioning.
2020-04-27 13:49:35 -05:00
Andrew Zaborowski
ce4b1e1fcb p2p: Add the Provision Discovery frame sequence
When connecting to an existing group, use the Provision Discovery
Request/Response frame exchange before calling
p2p_start_client_provision().
2020-04-27 13:49:03 -05:00
Andrew Zaborowski
fdf2b8a94c p2p: Respond to Probe Reqs when waiting for GO negotiation
Some devices (a Wi-Fi Display dongle in my case) will send us Probe
Requests and wait for a response before they send us the GO
Negotiation Request that we're waiting for after the peer initially
replied with "Fail: Information Not Available" to our GO Negotiation
attempt.  Curiously this specific device I tested would even accept
a Probe Response with a mangled body such that the IE sequence couldn't
be parsed.
2020-04-27 13:47:42 -05:00
Andrew Zaborowski
bb4a3e8f84 p2p: Handle the Information Not Available response code
Handle the scenario where the peer's P2P state machine doesn't know
whether a connection has been authorized by the user and needs some time
to ask the user or a higher software layer whether to accept a
connection.  In that case their GO Negotiation Response to our GO
Negotiation Request will have the status code "Fail: Information Not
Available" and we need to give the peer 120s to start a new GO
Negotiation with us.  In this patch we handle the GO Negotiation
responder side where we parse the Request frame, build and send the
Response and finally parse the Confirmation.  The existing code so far
only did the initiator side.
2020-04-27 13:44:40 -05:00
Andrew Zaborowski
bff4147d52 p2p: Handle GO Negotiation Response, send Confirmation
Parse the GO Negotiation Response frame and if no errors found send the
GO Negotiation Confirmation.  If that gets ACKed wait for the GO to set
up the group.
2020-04-27 13:43:21 -05:00
Andrew Zaborowski
3ef8688df5 p2p: Build and send the GO Negotiation Request 2020-04-27 13:43:12 -05:00
Andrew Zaborowski
1675c765a3 p2p: Add the WSC interface on peer DBus objects
Add net.connman.iwd.SimpleConfiguration interfaces to peer objects on
DBus and handle method calls.  Building and transmitting the actual
action frames to start the connection sequence is done in the following
commits.
2020-04-24 22:18:52 -05:00
Andrew Zaborowski
3d4725870d p2p: Add the Listen State
Start a remain-on-channel cmd implementing the Listen State, after each
the Scan Phase implemented as an active scan.
2020-04-24 22:16:43 -05:00
Andrew Zaborowski
6e98d8a888 p2p: Add the Scan Phase
Add some of the Device Discovery logic and the DBus API.  Device
Discovery is documented as having three states: the Scan Phase, the Find
Phase and the Listen State.

This patch adds the Scan Phase and the next patch adds the Listen State,
which will happen sequentially in a loop until discovery is stopped.

The Find Phase, which is documented as happening at the beginning of the
Discovery Phase, is incorporated into the Scan Phases.  The difference
between the two is that Find Phase scans all of the supported channels
while the Scan Phase only scans the three "social" channels.  In
practical terms the Find Phase would discover existing groups, which may
operate on any channel, while the Scan Phase will only discover P2P
Devices -- peers that are not in a group yet.  To cover existing groups,
we add a few "non-social" channels to each of our active scans
implementing the Scan Phases.
2020-04-24 11:42:46 -05:00
Andrew Zaborowski
b43e915b98 wiphy: Track regulatory domain changes
When a new wiphy is added query its regulatory domain and listen for
nl80211 regulatory notifications to be able to provide current
regulatory country code through the new wiphy_get_reg_domain_country().
2020-04-24 11:39:00 -05:00
Andrew Zaborowski
0f3f0086ae nl80211util: Parse NL80211_ATTR_REG_ALPHA2 attrs 2020-04-24 11:38:44 -05:00
Andrew Zaborowski
59cc1e27c2 p2p: Add device enable/disable logic
Implement the Enabled property on device interface.  The P2P device is
currently disabled on startup but automatically enabling the P2P device
can be considered.
2020-04-24 11:36:54 -05:00
Andrew Zaborowski
ff65e1fd9a p2p: Add main device settings
Read WSC configuration methods and the Primary Device Type from the
config file and expose device name as a property.
2020-04-24 11:35:30 -05:00
Denis Kenzior
1277a01426 wscutil: Fix dbus string using spaces 2020-04-23 14:50:33 -05:00
Andrew Zaborowski
945abadc8a p2p: Add peer WSC device type properties 2020-04-23 14:49:24 -05:00
Andrew Zaborowski
ed81fe1f4f wscutil: Add device type category/subcategory string api
FTR ie.h is included for @microsoft_oui
2020-04-23 14:41:17 -05:00
Fabrice Fontaine
c352714e61 frame-xchg.c: fix build with glibc < 2.24
SOL_NETLINK is used since commit
87a198111a resulting in the following
build failure with glibc < 2.24:

src/frame-xchg.c: In function 'frame_watch_group_io_read':
src/frame-xchg.c:328:27: error: 'SOL_NETLINK' undeclared (first use in this function)
   if (cmsg->cmsg_level != SOL_NETLINK)
                           ^

This failure is due to glibc that doesn't support SOL_NETLINK before
version 2.24 and
f9b437d5ef

Fixes:
 - http://autobuild.buildroot.org/results/3485088b84111c271bbcfaf025aa4103c6452072
2020-04-22 10:38:51 -05:00
Tim Kourt
001b9035e0 station: Fix init return type 2020-04-17 12:22:48 -05:00
Tim Kourt
749d45f58f device: Fix init return type 2020-04-17 12:22:47 -05:00
Andrew Zaborowski
358d0ca201 manager: Create/destroy P2P devices
Create a P2P device interface along with the station interface when
setting up a wiphy and handle the interface being removed.
2020-04-10 06:39:48 -05:00
Andrew Zaborowski
326a8cd6ee Add minimal p2p.c and p2p.h
Add the functions to be called by manager.c and a minimal DBus API.
2020-04-10 06:31:19 -05:00
Andrew Zaborowski
042f88e3e9 dbus: Add P2P interface name defines 2020-04-10 06:31:19 -05:00
Tim Kourt
104e6898ca main: Fix freeing invalid pointer 2020-04-08 21:47:46 -05:00
Rosen Penev
1dfc28d21a module: add void to empty argument functions
Found with clang's -Wstrict-prototypes
2020-04-08 21:03:13 -05:00
Rosen Penev
a47609acbe iwd: remove unnecessary semicolons
Found with clang's -Wextra-semi-stmt
2020-04-08 21:02:15 -05:00
Tim Kourt
a074f30edc main: Simplify config file search logic 2020-04-08 16:19:52 -05:00
Denis Kenzior
98e4f84348 main: pretty up formatting 2020-04-08 16:19:37 -05:00
Tim Kourt
19a5250b34 main: Fix failure cleanup sequence 2020-04-08 16:18:05 -05:00
Tim Kourt
f92ce9441e storage: Refactor dirs creation logic to cleanup on failure 2020-04-08 16:18:04 -05:00
Denis Kenzior
848897ec17 adhoc: Set linkmode & operstate for open networks
For PSK networks we have netdev.c taking care of setting the linkmode &
operstate.  For open adhoc networks, netdev.c was never involved which
resulted in linkmode & operstate never being set.  Fix this by invoking
the necessary magic when a connection is established.
2020-04-08 12:35:04 -05:00
Denis Kenzior
6c95933663 netdev: Use the global rtnl object 2020-04-08 12:35:04 -05:00
Denis Kenzior
520f851564 netconfig: Use the global rtnl object 2020-04-08 12:35:02 -05:00
Denis Kenzior
5ea86c98fc main: Add iwd_get_rtnl 2020-04-08 12:27:57 -05:00
Diego Santa Cruz
f5a7510a22 adhoc: segfault when exiting iwd after adhoc stop
adhoc_reset() destroys ssid and sta_states but leaves the pointers
around, athough the adhoc_state structure is not always freed.

This causes a segfault when exiting iwd after a client has done
adhoc start and adhoc stop on a device since adhoc_reset() is called
from adhoc_sta_free although it was previously called from
adhoc_leave_cb().
2020-04-06 17:17:19 -05:00
Diego Santa Cruz
d66dcc9412 adhoc: fix bogus Failed error and segfault on stop
The netdev_leave_adhoc() returns a negative errno on errors and zero
on success, but adhoc_dbus_stop() assumed the inverse when checking for
an error.

Also, the DBus message was not being referenced in adhoc->pending and
then adhoc_leave_cb() segfaulted attempting to dereference it.
2020-04-06 17:17:19 -05:00
Andrew Zaborowski
508d71e3c1 eap-wsc: Convert memsets to explicit_bzero 2020-04-06 16:21:35 -05:00
Andrew Zaborowski
0ffb96056a wsc: Clear the pin copy in wsc_generate_pin 2020-04-06 16:21:31 -05:00
Denis Kenzior
aba3da32ac netdev: work around APs that send igtk in big endian
It seems some APs send the IGTK key in big endian format (it is a
uin16).  The kernel rightly reports an -EINVAL error when iwd issues a
NEW_KEY with such a value, resulting in the connection being aborted.

Work around this by trying to detect big-endian key indexes and 'fixing'
them up.
2020-04-06 15:56:46 -05:00
Denis Kenzior
5576722d29 eapol: Make sure igtk key index is uint16_t
Fixes: 1cc7346d6a ("handshake: Change signature of (i)gtk setters")
2020-04-02 18:16:56 -05:00
Denis Kenzior
1cc7346d6a handshake: Change signature of (i)gtk setters 2020-04-02 00:41:02 -05:00
Denis Kenzior
426681aeb2 netdev: Add support for extended errors 2020-04-02 00:30:59 -05:00
James Prestwood
972762b116 handshake: fix OWE PTK derivation
This bug has been in here since OWE was written, but a similar bug also
existed in hostapd which allowed the PTK derivation to be identical.
In January 2020 hostapd fixed this bug, which now makes IWD incompatible
when using group 20 or 21.

This patch fixes the bug for IWD, so now OWE should be compatible with
recent hostapd version. This will break compatibility with old hostapd
versions which still have this bug.
2020-03-20 23:50:55 -05:00
James Prestwood
6e8b765278 wiphy: add check for CMD_AUTH/CMD_ASSOC support
If the AP only supports an AKM which requires an auth protocol
CMD_AUTHENTICATE/CMD_ASSOCIATE must be supported or else the
auth protocol cannot be run. All the auth protocols are started
assuming that the card supports these commands, but the support
was never checked when parsing supported commands.

This patch will prevent any fullMAC cards from using
SAE/FILS/OWE. This was the same behavior as before, just an
earlier failure path.
2020-03-20 18:58:55 -05:00
Andrew Zaborowski
59a7f2e681 frame-xchg: Drop l_io read destroy handler
This function was intended to catch socket errors and destroy the group
but it would leak the l_io object if that happened, and if called on
ordinary shutdown it could cause a crash.  Since we're now assuming
that the netlink socket operations never fail just remove it.
2020-03-20 10:47:53 -05:00
Andrew Zaborowski
97051da883 eap-tls: Print a hint about IWD_TLS_DEBUG on TLS errors 2020-03-20 10:23:30 -05:00
Andrew Zaborowski
264ab685ba ie: Add ie_tlv_extract_wfd_payload 2020-03-20 10:21:04 -05:00
Andrew Zaborowski
430ccf8714 p2putil: Add WFD IE parsing utilities
Only add constants for parsing the Device Information subelement as that
is the main thing we care about in P2P code.  And since our own WFD IEs
will likely only need to contain the Device Information subelement, we
don't need builder utilities.  We do need iterator utilities because we
may receive WFD IEs with more subelements.
2020-03-20 10:18:56 -05:00
Andrew Zaborowski
4abafd8eea wsc: Don't start connections until Cancel finishes
Return busy from StartPin and PushButton if the Cancel method is still
running.
2020-03-20 10:17:04 -05:00
Andrew Zaborowski
485cb4d375 wscutil: Implement wsc_build_probe_response 2020-03-20 10:16:44 -05:00
Andrew Zaborowski
e7e597c876 frame-xchg: Add frame_xchg_start 2020-03-20 10:15:50 -05:00
Andrew Zaborowski
e6de4b10ad frame-xchg: Add facility to keep retransmitting after ACK
In some cases a P2P peer will ACK our frame but not reply on the first
attempt, and other implementations seem to handle this by going back to
retransmitting the frame at a high rate until it gets ACKed again, at
which point they will again give the peer a longer time to tx the
response frame.  Implement the same logic here by adding a
retries_on_ack parameter that takes the number of additional times we
want to restart the normal retransmit counter after we received no
response frame on the first attempt.  So passing 0 maintains the
current behaviour, 1 for 1 extra attempt, etc.

In effect we may retransmit a frame about 15 * (retry_on_ack + 1) *
<in-kernel retransmit limit> times.  The kernel/driver retransmits a
frame a number of times if there's no ACK (I've seen about 20 normally)
at a high frequency, if that fails we retry the whole process 15 times
inside frame-xchg.c and if we still get no ACK at any point, we give up.
If we do get an ACK, we wait for a response frame and if we don't get
that we will optionally reset the retry counter and restart the whole
thing retry_on_ack times.
2020-03-20 10:13:42 -05:00
James Prestwood
e10c6ada12 doc: document AlwaysRandomizeAddress and AddressOverride 2020-03-18 18:15:16 -05:00
James Prestwood
f13fd9d61f netdev: honor handshake->spa if set
In order to support AlwaysRandomizeAddress and AddressOverride, station will
set the desired address into the handshake object. Then, netdev checks if
this was done and will use that address rather than generate one.
2020-03-18 18:15:16 -05:00
James Prestwood
e7777c3422 station: support full MAC randomization and override
This patch adds two new options to a network provisioning file:

AlwaysRandomizeAddress={true,false}

If true, IWD will randomize the MAC address on each connection to this
network. The address does not persists between connections, any new
connection will result in a different MAC.

AddressOverride=<MAC>

If set, the MAC address will be set to <MAC> assuming its a valid MAC
address.

These two options should not be used together, and will only take effect
if [General].AddressRandomization is set to 'network' in the IWD
config file.

If neither of these options are set, and [General].AddressRandomization
is set to 'network', the default behavior remains the same; the MAC
will be generated deterministically on a per-network basis.
2020-03-18 18:15:16 -05:00
James Prestwood
33251ccd20 util: add util_is_valid_sta_address
Checks that that address is neither broadcast or group
2020-03-18 18:15:16 -05:00
Andrew Zaborowski
66657a5706 p2putil: Tolerate GO Neg Response with empty Channel List
Work around a parse error in GO Negotiation with some P2P devices.
2020-03-18 13:50:32 -05:00
Andrew Zaborowski
22d7a3c629 frame-xchg: Optimize frame_watch_remove_by_handler scenarios
Since frame_watch_remove_by_handler only forgets a given function +
user data pointers, and doesn't remove the frame prefixes added in the
kernel, we can avoid later re-registering those prefixes with the
kernel by keeping them in our local watchlist, and only replacing the
handler pointer with a dummy function.
2020-03-18 13:49:42 -05:00
Andrew Zaborowski
9e18552fe7 watchlist: Allow watch CBs to call watchlist_destroy
If during WATCHLIST_NOTIFY{,_MATCHES,_NO_ARGS} one of the watch
notify callback triggers a call to watchlist_destroy, give up calling
remaining watches and destroy the watchlist without crashing.  This is
useful in frame-xchg.c (P2P use case) where a frame watch may trigger
a move to a new state after receiving a specific frame, and remove one
group of frame watches (including its watchlist) to create a different
group.
2020-03-18 13:49:22 -05:00
James Prestwood
a2006a3d29 doc: document AddressRandomization=network option 2020-03-18 13:10:41 -05:00
James Prestwood
5a1b1184fc netdev: support per-network MAC addresses
For privacy reasons its advantageous to randomize or mask
the MAC address when connecting to networks, especially public
networks.

This patch allows netdev to generate a new MAC address on a
per-network basis. The generated MAC will remain the same when
connecting to the same network. This allows reauthentications
or roaming to work, and not have to fully re-connect (which would
be required if the MAC changed on every connection).

Changing the MAC requires bringing the interface down. This does
lead to potential race conditions with respect to external
processes. There are two potential conditions which are explained
in a TODO comment in this patch.
2020-03-18 13:10:41 -05:00
James Prestwood
f96f8ba4a0 manager: remove warning for AddressRandomization option
Since the 'network' value is handled inside netdev we don't want this warning
being printed.
2020-03-18 13:10:41 -05:00
James Prestwood
1f14782857 wiphy: add _generate_address_from_ssid
This API is being added to support per-network MAC address
generation. The MAC is generated based on the network SSID
and the adapters permanent address using HMAC-SHA256. The
SHA digest is then constrained to make it MAC address
compliant.

Generating the MAC address like this will ensure that the
MAC remains the same each time a given SSID is connected to.
2020-03-18 13:10:41 -05:00
Andrew Zaborowski
60bb42087a frame-xchg: Allow frame_xchg_stop calls inside frame callbacks
Make sure a frame callback is free to call frame_xchg_stop without
causing a crash.  Frame callback here means the one that gets
called if our tx frame was ACKed and triggered a respone frame that
matched one of the provided prefixes, within the given time.

All in all a frame callback is allowed to call either
frame_xchg_stop or frame_xchg_startv or neither.  Same applies to
the final callback (called when no matching responses received).
2020-03-17 15:45:07 -05:00
Andrew Zaborowski
f1aa208edf frame-xchg: Allow calling frame_xchg_stop from the callback
Don't crash if the user calls frame_xchg_stop(wdev) from inside the
frame exchange's final callback.  That call is going to be redundant but
it's convenient to do this inside a cleanup function for a given wdev
without having to check whether any frame exchange was actually running.
2020-03-17 15:44:56 -05:00
Andrew Zaborowski
9147a6b726 frame-xchg: Fix frame_watch_item_remove_by_handler 2020-03-17 15:44:22 -05:00
Andrew Zaborowski
a18c75d375 frame-xchg: Actually free duplicate watches
Fix a potential leak when we need to drop an existing watch because it's
being replaced with a new one.
2020-03-17 15:44:10 -05:00
Andrew Zaborowski
9ff1c4da3a cleanup: Remove extra empty lines 2020-03-17 15:35:22 -05:00
James Prestwood
85fd9f50f7 netdev: fix auth protocols not setting ->connected
This causes netdev to think another supplicant is running when it
recieves a connect event due to an auth protocol running.
2020-03-13 23:52:26 -05:00
James Prestwood
421af060f8 netdev: update use of l_rtnl_set_mac
This API was updated to take an extra boolean which will
automatically power up the device while changing the MAC
address. Since this is what IWD does anyways we can avoid
the need for an intermediate callback and go right into
netdev_initial_up_cb.
2020-03-12 10:46:06 -05:00
Louis Whitburn
eb7845ec29 eap-tls-common: Don't fail with omitted EAP-TLS-CACert
iwd would fail to connect using EAP-TLS when no CA certificate was
provided as it checked for successful loading of the CA certificate
instead of the client certificate when attempting to load the client
certificate.
2020-03-09 22:25:33 -05:00
James Prestwood
ca9110e8c2 network: enforce max EAP/pkey password length 2020-03-06 13:08:25 -06:00
James Prestwood
d40a8d1a6d eap-gtc: limit password length to maximum
The password for EAP-GTC is directly used in an EAP response. The
response buffer is created on the stack so an overly large password
could cause a stack overflow.
2020-03-06 13:08:05 -06:00
James Prestwood
301d8473df iwd: define a maximum password length 2020-03-06 13:07:58 -06:00
James Prestwood
77cfb615e5 eap: check MTU when loading identity
If the MTU was set very low an identity could exceed the maximum.
2020-03-06 12:17:09 -06:00
Denis Kenzior
53ea9adfb5 netdev: Fix disconnect event coming out of order
mac80211 drivers seem to send the disconnect event which is triggered by
CMD_DISCONNECT prior to the CMD_DISCONNECT response.  However, some
drivers, namely brcmfmac, send the response first and then send the
disconnect event.  This confused iwd when a connection was immediately
triggered after a disconnection (network switch operation).

Fix this by making sure that connected variable isn't set until the
connect event is actually processed, and ignore disconnect events which
come after CMD_DISCONNECT has alredy succeeded.
2020-02-28 10:25:04 -06:00
Andrew Zaborowski
dd2677402a ap: React to NL80211_CMD_STOP_AP events
These events will tell use when our AP gets stopped without our request,
for example due to suspend/resume.
2020-02-17 12:27:54 -06:00
Andrew Zaborowski
87a198111a frame-xchg: Don't use l_genl for additional nl80211 sockets
For nl80211 sockets other than our main l_genl object use socket io
directly, to avoid creating many instances of l_genl.  The only reason
we use multiple sockets is to work around an nl80211 design quirk that
requires closing the socket to unregister management frame watches.
Normally there should not be a need to create multiple sockets in a
program.
2020-02-17 12:23:13 -06:00
Andrew Zaborowski
0d62b5a2fc frame-xchg: Add a frame exchange API
Add a little state machine and a related API, to simplify sending out a
frame, receiving the Ack / No-ack status and (if acked) waiting for a
response frame from the target device, one of a list of possible
frame prefixes.  The nl80211 API for this makes it complicated
enough that this new API seems to be justified, on top of that there's a
quirk when using the brcmfmac driver where the nl80211 response
(containing the operation's cookie), the Tx Status event and the response
Frame event are received from nl80211 in reverse order (not seen with
other drivers so far), further complicating what should be a pretty
simple task.
2020-02-17 10:45:40 -06:00
Andrew Zaborowski
ff7abdb89d frame-xchg: Try to call a handler only once per frame
Try to better deduplicate the frame watches.  Until now we'd check if
we'd already registered a given frame body prefix with the kernel, or a
matching more general prefix (shorter).  Now also try to check if we
have already have a watch with the same callback pointer and user_data
value, and:

 * an identical or shorter (more general) prefix, in that case ignore
   the new watch completely.

 * a longer (more specific) prefix, in that case forget the existing
   watch.

The use case for this is when we have a single callback for multiple
watches and multiple frame types, and inside that callback we're looking
at the frame body again and matching it to frame types.  In that case
we don't want that function to be called multiple times for one frame
event.
2020-02-17 10:42:55 -06:00
Daniel Wagner
a40503427e rtnlutil: Remove used rtnlutil
The rtnl code has been added to ELL. There is caller left in iwd,
therefore remove the rtnlutil file.
2020-02-17 09:08:50 -06:00
Daniel Wagner
280658c73b netconfig: Use ell's rtnl API 2020-02-17 09:08:50 -06:00
Daniel Wagner
0af1207a6c netdev: Use ell's rtnl APIs 2020-02-17 09:08:50 -06:00
Andrew Zaborowski
1896ac2d73 frame-xchg: Use both group_id and wdev_id when removing group
In frame_watch_group_remove I forgot to actually match the group to be
removed by both wdev_id and group_id.  group_ids are unique only in the
scope of one wdev.
2020-02-07 15:41:14 -06:00
Andrew Zaborowski
053c1ca2a2 frame-xchg: Add new groups to watch_groups list
I forgot to actually add new groups being created in
frame_watch_group_get to the watch_groups queue, meaning that we'd
re-create the group every time a new watch was added to the group.
2020-02-07 15:34:14 -06:00
Andrew Zaborowski
16cc2386f1 nl80211util: Handle NL80211_ATTR_ACK flag in parser
If this attribute is included in the nl80211_parse_attrs parameters, set
the corresponding bool to true if flag was present and false if not.
2020-02-07 15:26:35 -06:00
Tim Kourt
49607880fc peap: Fail auth. if invalid compound MAC is received
Since the interoperability with the Windows server has been achieved,
witch back to failing authentication if invalid compound MAC is
received.
2020-02-06 15:18:04 -06:00
Tim Kourt
bdf328320d peap: Ensure TLV uniqueness
Processing the duplicated TLVs while connecting to a malicious AP may lead
to overflow of the response buffer. This patch ensures that the
duplicated TLVs are not parsed.
2020-02-06 10:28:39 -06:00
Denis Kenzior
4f745ff930 manager: Fix initialization for blacklisted drivers
The pending wiphy state 'use_default' variable was not set early enough
in some circumstances resulting in weird behavior for blacklisted
drivers.  Fix this by adding a manager_wiphy_dump_done callback which
will properly initialize the use_default value.

Fixes: c4b2f10483 ("manager: Handle missing NEW_WIPHY events")
2020-02-05 14:27:05 -06:00
Denis Kenzior
360f66f71c manager: Also set retry when using default interfaces 2020-02-05 09:14:47 -06:00
Denis Kenzior
8530396fb3 manager: Add brcmfmac to the blacklist
brcmfmac does not allow the removal of the default / primary interface.
So there isn't much point in having iwd attempt this.

Another issue is that brcmfmac _does_ allow the deletion of non-default
interfaces.  So starting iwd on a system with a station & ap interface
active can result in iwd attempting to delete all the interfaces.  Given
the above, it succeeds in deleting the ap interface but not the station
one.  In strange circumstances it might end up thinking that the ap
interface is the 'default' and trying to use it, whereas it was just
successfully removed.
2020-02-04 16:00:46 -06:00
Denis Kenzior
f168fb2e16 manager: Fix valgrind complaint
==192== Conditional jump or move depends on uninitialised value(s)
==192==    at 0x4531D3: l_queue_find (queue.c:346)
==192==    by 0x42F1F8: manager_config_notify (manager.c:667)
==192==    by 0x45A895: process_multicast (genl.c:970)
==192==    by 0x45A895: received_data (genl.c:1037)
==192==    by 0x4577B2: io_callback (io.c:126)
==192==    by 0x456B0D: l_main_iterate (main.c:473)
==192==    by 0x456BCB: l_main_run (main.c:520)
==192==    by 0x456DDA: l_main_run_with_signal (main.c:642)
==192==    by 0x4034B0: main (main.c:497)
2020-02-04 11:05:10 -06:00
Andrew Zaborowski
fff6c97e99 frame-watch: Fix an l_queue_foreach_remove call
A pointer to the wdev_id is expected in this call inside
frame_watch_group_remove_wdev instead of a pointer to the pointer.
2020-02-04 10:46:57 -06:00
Andrew Zaborowski
1df4cb5be7 frame-watch: Actually unregister removed groups
Actually close the sockets for removed groups an free resources
2020-02-04 10:46:32 -06:00
Denis Kenzior
c4b2f10483 manager: Handle missing NEW_WIPHY events
The kernel emits NEW_WIPHY events whenever a new wiphy is registered.
Unfortunately these events are emitted under the 'legacy' semantics and
have a hard size limit of 4096 bytes.  Unfortunately, it is possible for
a NEW_WIPHY message to exceed this limit (ath10k cards seem to be
affected in particular), which results in the kernel never sending these
messages out.  This can lead to NEW_INTERFACE events being emitted with
a wiphy_id that had no corresponding NEW_WIPHY event emitted.  Such a
sequence can confuse iwd's hardware detection logic, particularly during
hot-plug or system boot.

Fix this by re-dumping the wiphy if such a condition is detected.  This
has some interaction with blacklisted wiphys, so the wiphy objects are
now always tracked and marked as blacklisted.  Before, the blacklisted
wiphys were simply not added to the iwd list of tracked wiphys.
2020-02-04 10:42:07 -06:00
Denis Kenzior
6825721535 wiphy: Add wiphy_get_id 2020-02-03 17:37:28 -06:00
Denis Kenzior
fcdddf2b72 build: Support missing rawmemchr 2020-02-03 11:54:28 -06:00
Tim Kourt
dc4b7e327e peap: Add inner EAP key material into imsk calculation
For the inner EAP methods that support generation of the key material
include it into imck generation. This allows to cryptographically
bind the inner method with the tunnel.
2020-02-03 11:33:57 -06:00
Tim Kourt
c2078c703d eap-tls-common: Address PEAPv0 interoperability with Windows
Windows Server 2008 - Network Policy Server (NPS) generates an invalid
Compound MAC for Cryptobinding TLV when is used within PEAPv0 due to
incorrect parsing of the message containing TLS Client Hello.
Setting L bit and including TLS Message Length field, even for the
packets that do not require fragmentation, corrects the issue. The
redundant TLS Message Length field in unfragmented packets doesn't
seem to affect the other server implementations.
2020-02-03 11:33:02 -06:00
Andrew Zaborowski
55f9639ee3 manager: Retry the interface setup if we get an EBUSY
Sometimes, at least with brcmfmac, the default interface apparently
takes a moment to get created after the NEW_WIPHY event.  We didn't
really consider this case in the NEW_WIPHY handler and we've got a race
condition.  It fixes the following bug for me:
https://bugs.archlinux.org/task/63912 -- tested by removing and
re-modprobing the brcmfmac module rather than rebooting.

To work around this wait for the NEW_INTERFACE event and then retry the
setup.  We still do the initial attempt directly after NEW_WIPHY to
handle cases like wiphys with no default interfaces and pre-existing
wiphys.
2020-01-28 15:10:10 -06:00
Andrew Zaborowski
aec7c0f39c manager: Make sure all interface are processed after dump
In manager_interface_dump_done use l_queue_foreach_remove instead of
l_queue_remove_if to make sure we process all of the interfaces.
2020-01-27 15:00:23 -06:00
Denis Kenzior
03ccc454b7 knownneetworks: React to mtime updates
We track mtime as the 'LastConnectedTime' of the network, and also sort
the known network list according to the last connected time.
Unfortunately we were never reacting to ATTRIB changes, and so were
never updating the network_info->connected_time whenever a network was
connected to.

Rework the logic to address this.  This also fixes a small bug where the
connected_time was not set properly prior to removal / re-insertion of
the network_info.
2020-01-27 14:28:08 -06:00
Denis Kenzior
681172a999 storage: Add ability to preserve times
We use the mtime on the network profile as the 'Last Connected Time'.
When we update any property and sync the file to disk, the mtime was not
preserved (since we were creating a new temporary file instead of
modifying the old one).  This led to LastConnectedTime property change
being emitted / updated incorrectly when a writable property on the
KnownNetwork interface was updated.
2020-01-22 11:15:19 -06:00
Torstein Husebø
759dbdd37f treewide: fix typos 2020-01-21 16:03:28 -06:00
Denis Kenzior
b00d4f4ce6 wsc: Use macros to simplify reply code a bit 2020-01-17 12:50:23 -06:00
Denis Kenzior
30ec06edcc wsc: Remove stale comment
Known networks are now automatically updated through inotify mechanisms,
so this comment is no longer needed.
2020-01-17 12:50:23 -06:00
Denis Kenzior
ec15838215 wsc: Rework wsc_enrollee_destroy
Our design preference is to not call any callbacks in the _free/_destroy
method of a class (with the exception of explicit destroy callbacks
provided, if any).

Invoking the callback in this case was unnecessary: wsc_dbus_free was
already replying to pending connect / cancel messages.  The only other
thing the callback would attempt to do is to set station back into
autoconnect mode.  This was unnecessary as well since the netdev is
already down.

This change removes the callback invocation.  Since wsc_enrollee_destroy
is now just calling wsc_enrollee_free, remove this from the API and
expose wsc_enrollee_free instead.
2020-01-17 12:50:23 -06:00
Andrew Zaborowski
1f14941011 wsc: Accept extra IEs in wsc_enrollee_new 2020-01-17 12:50:23 -06:00
Andrew Zaborowski
ce16ba3bf8 wsc: Refactor WSC D-Bus interface logic
Split the WSC D-Bus interface class (struct wsc) into a base class
common to station mode and P2P mode (struct wsc_dbus) and station-
specific logic like scanning, saving the credentials as a known network
and triggering the station-mode connection (struct wsc_station_dbus).

Make the base class and its utilities public in wsc.h for P2P use.
2020-01-17 12:50:23 -06:00
Andrew Zaborowski
b10264dcc7 wsc: Split out enrollee state machine to own object
Create struct wsc_enrollee which is allocated with wsc_enrollee_new,
taking a done callback as a parameter.  The callback is always
called so there's no need for a separate destroy callback.  The object
only lives until the done callback happens so wsc_enrollee_cancel/destroy
can only be used before this.

Looks like the rest of the file is simplified thanks to this.
2020-01-17 12:50:23 -06:00
Andrew Zaborowski
02f7d425b3 netdev: Drop the netdev_frame_watch API 2020-01-16 11:38:01 -06:00
Andrew Zaborowski
baad7e5fd8 netdev: Switch to new frame watch API 2020-01-16 11:37:59 -06:00
Andrew Zaborowski
b234a8e614 rrm: Switch to new frame watch API 2020-01-16 11:37:57 -06:00
Andrew Zaborowski
b31a23785a device: Switch to new frame watch API 2020-01-16 11:37:55 -06:00
Andrew Zaborowski
4a61620a9b ap: Switch to new frame watch API 2020-01-13 11:49:08 -06:00
Andrew Zaborowski
6484b7dbb6 Add a new frame watch API
This new API is independent of netdev.c and allows actually
unregistering from receiving notifications of frames, although with some
quirks.  The current API only allowed the callback for a registration to
be forgotten but our process and/or the kernel would still be woken up
when matching frames were received because the kernel had no frame
unregister call.  In the new API you can supply a group-id paramter when
registering frames.  If it is non-zero the frame_watch_group_remove() call
can be used to remove all frame registrations that had a given group-id
by closing the netlink socket on which the notifications would be
received.  This means though that it's a slightly costly operation.

The file is named frame-xchg.c because I'm thinking of also adding
utilities for sending frames and waiting for one of a number of replies
and handling the acked/un-acked information.
2020-01-13 11:49:08 -06:00
Andrew Zaborowski
c6c45e0569 wscutil: Add wsc_build_m8_encrypted_settings 2020-01-09 14:03:45 -06:00
Andrew Zaborowski
c67219a292 wscutil: Add wsc_build_credential 2020-01-09 13:57:11 -06:00
Andrew Zaborowski
0f8a49501e wsc: Refactor store_credentials / try_credentials
Instead of taking the credentials from wsc object directly, have the
caller pass these in.  This makes it more consistent with how the
done_cb was done.
2020-01-06 15:23:55 -06:00
Andrew Zaborowski
25708fbb5c wsc: Refactor to separate station-specific code
Split the interface-specific logic from the core WSC logic.  The core
WSC code is the part that we can re-use between P2P and station and
doesn't include the D-Bus code, scanning for the target BSS or the
attempt to make a station mode connection.
2020-01-06 11:50:12 -06:00
Andrew Zaborowski
a716f46573 netdev: Replace bool randomize_mac with specific address
Allow netdev_create_from_genl callers to draw a random or non-random MAC
and pass it in the parameter instead of a bool to tell us to generating
the MAC locally.  In P2P we are generating the MAC some time before
creating the netdev in order to pass it to the peer during negotiation.
2020-01-06 11:27:38 -06:00
Tim Kourt
d9efacfbba peap: Ignore Crypto-Binding TLVs with invalid compound MACs
Some server implementation don't seem to provide the valid compound MACs.
In the meantime, iwd will ignore the invalid Crypto-Binding TLVs as their
usage is optional.
2019-12-18 23:46:49 -06:00
Denis Kenzior
83e535b643 netdev: Use nl80211_parse_attrs 2019-12-17 16:58:04 -06:00
Denis Kenzior
9ee2b4ea4a nl80211util: Support ATTR_MAC 2019-12-17 16:58:04 -06:00
Denis Kenzior
ab14515715 resolve: Fix invalid method name check
The intent was to check for the presence of the add_domain_name
operation, not add_dns operation.

Fixes: 930528e35e ("resolve: Add systemd-resolved domain name installer")
2019-12-17 16:58:04 -06:00
Denis Kenzior
0e49561bb7 treewide: Use l_debug with at least one argument
By convention we should be passing at least an empty string to make it
clearer that no additional debug info is being printed
2019-12-17 16:15:05 -06:00
Denis Kenzior
3607ee0c7e netdev: Allow both -EOPNOTSUPP and -ENOTSUPP
It seems that the kernel uses -EOPNOTSUPP if the change_station
operation is not implemented by the driver.  However, some drivers do
implement change_station and choose to report -ENOTSUPP instead of
-EOPNOTSUPP.

To add to the confusion, EOPNOTSUPP and -ENOTSUPP are the same on some
systems (e.g. Gentoo).  Be paranoid and allow both errors to be ignored
when sending CMD_SET_STATION.

Fixes: 0238ffb8d9 ("netdev: Use -EOPNOTSUPP instead of -ENOTSUPP")
2019-12-17 16:10:46 -06:00
Tim Kourt
1f84c3b19a manpage: Add section about IPv4 static network configuration 2019-12-17 11:30:54 -06:00
Tim Kourt
f21d1aa78b peap: Add debug statements 2019-12-17 11:07:32 -06:00
Denis Kenzior
295e42f87a resolve: Don't try to set routing domains
The intent was to treat all domains as search domains, not routing
domains.

Fixes: 930528e35e ("resolve: Add systemd-resolved domain name installer")
2019-12-17 11:01:38 -06:00
James Prestwood
18c2c98ad5 rrm: fix bad sign for calculating RCPI
The first if case should be -10950, not 10950. Without the negative
this first case would get hit every time since signal strength values
are always negative.
2019-12-13 08:34:14 +01:00
Tim Kourt
8884fd8bbd peap: Add support for Crypto-Binding in PEAPv0
The Crypto Binding TLV is used to ensure that the EAP peer and the
EAP server participated in both the inner and the outer EAP
authentications of a PEAP authentication by cryptographically associating
the phase 1 and phase 2 authentications.

The usage of Crypto-Binding in PEAPv0 is optional and is triggered by
the reception of the Crypto-Binding TLV from the server.
2019-12-12 15:13:32 -06:00
Tim Kourt
8e5f838219 peap: Extend EAP Extensions to handle multiple TLVs
The handler for EAP Extensions has been modified to support multiple
TLV types instead of the single Result TLV. This will allow to handle
the other TLVs such as Crypto-Binding TLV.
2019-12-12 15:13:32 -06:00
Tim Kourt
fb338154a2 netconfig: Add IPv4 domain name helper and installer
The provided domain name helper allows to override the DHCP lease
option value with the static one from network configuration file.
2019-12-12 10:35:12 -06:00
Pinghao Wu
d510f332b6 eap-gtc: Try to auth even if request not Password
There are some server implementations that send requests that are
not "Password" but still want us send password. This commit modify
the behavior to send a warning and still try to auth with password.

This makes me able to auth with server in my school which sends
"Enter Aruba Login".

wpa_supplicant does not check if it is "Password".
2019-12-12 10:22:58 -06:00
Denis Kenzior
0238ffb8d9 netdev: Use -EOPNOTSUPP instead of -ENOTSUPP
The kernel uses -EOPNOTSUPP in the case of change_station operation not
being provided.  On most systems -EOPNOTSUPP is defined to be the same
as -ENOTSUPP, but seemingly not all systems.
2019-12-12 10:19:24 -06:00
Tim Kourt
930528e35e resolve: Add systemd-resolved domain name installer
The exposed DBus API is used to install doamin name into
sytemd-resolved.
2019-12-11 00:57:35 -06:00
Tim Kourt
1fd794a444 netconfig: Use CamelCase for IPv6 DNS setting 2019-12-11 00:57:29 -06:00
Tim Kourt
ac9c87d012 netconfig: Use CamelCase for IPv6 gateway setting 2019-12-11 00:57:29 -06:00
Tim Kourt
2414a3ae51 netconfig: Use CamelCase for IPv6 address settings 2019-12-11 00:57:29 -06:00
Tim Kourt
e7db478f97 netconfig: Use CamelCase for IPv4 DNS setting 2019-12-11 00:57:29 -06:00
Tim Kourt
994c1a4b5a netconfig: Use CamelCase for IPv4 gateway setting 2019-12-11 00:57:29 -06:00
Tim Kourt
0d9487d4ec netconfig: Use CamelCase for IPv4 address settings 2019-12-11 00:57:29 -06:00
Tim Kourt
1b483c3963 crypto: Add support for PRF+ SHA1
The PRF+ algorithm is based Internet Key Exchange (IKEv2) Protocol:
	https://www.ietf.org/rfc/rfc4306.txt
2019-12-09 01:47:11 -06:00
Tim Kourt
24b6a95366 peap: Rename AVPs to TLVs
Most of the literature seems to refer to AVPs as TLVs. Rename the
variables to follow the common nomenclature.
2019-12-09 01:39:41 -06:00
Tim Kourt
9bf0b756c8 peap: Delay key installation until success of Phase 2
Previously, the key was installed once the tunnel was created
despite the outcome of the second authentication phase. Now, the
key installation is delayed until the successful completion of
the second authentication phase. This excludes the unnecessary
operations in the case of a failure and key reinstallation with
cypro-binding in use.
2019-12-09 01:39:27 -06:00
Tim Kourt
5273a3b581 peap: Introduce PEAP state
Introduction of the state struct will allow to hold the additional
state variables related to the implementation of PEAP.
2019-12-09 01:38:59 -06:00
Andrew Zaborowski
cbbc247aa2 wsc: Declare the credentials structure in wsc.h 2019-12-08 21:48:33 -06:00
Denis Kenzior
738184d491 device/netdev: init scan in netdev instead of device
Commit 1057d8aa74 changed the device interface creation logic
from being unconditional inside netdev.c to instead use NETDEV_WATCH_*
events.  However, this broke the assumption that the device interface
was created before all others.  The effect is that the scan_wdev_add
might no longer be called prior to station interface being created.  Fix
this by moving scan_wdev_add/remove calls to netdev.c instead.

Fixes: 1057d8aa74 ("device: Move device creation from netdev.c to event watch")
2019-12-06 10:12:55 -06:00
Denis Kenzior
d2556a48b7 scan: Fix crash when scan is triggered outside iwd
#0  0x000055555558ee5d in scan_notify (msg=0x55555560b640, user_data=0x0) at src/scan.c:1706
 #1  0x00007ffff7f2c78c in ?? () from /usr/lib/libell.so.0
 #2  0x00007ffff7f299ec in ?? () from /usr/lib/libell.so.0
 #3  0x00007ffff7f28e4a in l_main_iterate () from /usr/lib/libell.so.0
 #4  0x00007ffff7f28efc in l_main_run () from /usr/lib/libell.so.0
 #5  0x00007ffff7f290b9 in l_main_run_with_signal () from /usr/lib/libell.so.0
 #6  0x00005555555639c4 in main (argc=1, argv=0x7fffffffec18) at src/main.c:497
2019-12-02 11:02:05 -06:00
Marcel Holtmann
9d8e74c1bc module: Declare functions as foo(void) instead of just foo() 2019-11-24 19:44:06 +01:00
Andrew Zaborowski
becba0dd09 scan: Add scan_bss_new_from_probe_req 2019-11-21 20:51:21 -06:00
Andrew Zaborowski
1d57ec0d46 scan: Parse P2P IEs according to frame type
Save the source frame type in struct scan_bss as it may affect how some
of the data in the struct will be parsed.  Also replace the P2P IE
payload data in that struct with a union containing pre-parsed p2p
attributes corresponding to the frame type.

This means users don't have to call the parsers in p2putil.c on that
data, which wouldn't have worked anyway because those parsers assume
input is the raw IE sequence rather than just the "payload".
2019-11-21 20:51:17 -06:00
Denis Kenzior
41ff1d2383 rrm: Remove unneeded casts 2019-11-21 20:34:06 -06:00
James Prestwood
32dfb6208d rrm: add packed struct for beacon reports
build_report_for_bss was refactored to use this packed structure rather
than l_put_* APIs.
2019-11-21 16:33:06 -06:00
Andrew Zaborowski
ce94133472 p2putil: Replace free with clear in function names
All these functions free up the resources used by the struct but don't
free the struct itself (allowing it to be static) so rename the
functions to avoid confusion.
2019-11-21 14:02:19 -06:00
James Prestwood
c86f5678b2 wsc: fix use of non-ascii apostrophe 2019-11-21 14:00:35 -06:00
James Prestwood
0381361c81 eapol: fix use of non-ascii apostrophe 2019-11-21 14:00:35 -06:00
James Prestwood
ccfe369766 rrm: include actual scan start time in report 2019-11-21 13:45:40 -06:00
James Prestwood
27af5b715e scan: parse the scan start time
The kernel sends NL80211_ATTR_SCAN_START_TIME_TSF with CMD_TRIGGER and
RRM requires this value for beacon measurement reports.

The start time is parsed during CMD_TRIGGER and set into the scan request.
A getter was added to obtain this time value for an already triggered
scan.

After making the change, the SCAN_ABORTED case was cleaned up a bit to
remove the local scan_request usage in favor of the one used for all the
other cases.
2019-11-21 13:45:40 -06:00
James Prestwood
002fdb5c10 rrm: fix non-ascii character in comment 2019-11-21 13:45:40 -06:00
Marcel Holtmann
ee864662fe module: Add missing empty line 2019-11-21 18:03:55 +01:00
Andrew Zaborowski
59b963a121 netdev: Power P2P interfaces up like other interfaces
After all we will want to power these iftypes up on init just like
station, etc.
2019-11-20 20:29:34 -06:00
Andrew Zaborowski
81be5fbae5 rtnlutil: Move rtnl_set_powered from netdev to rtnlutil
This function fits with the other utilities in rtnlutil and netdev.c
can slim down.
2019-11-20 20:28:48 -06:00
Andrew Zaborowski
3ffb645f22 device: Make functions static, drop device.h 2019-11-20 20:26:55 -06:00
Andrew Zaborowski
1057d8aa74 device: Move device creation from netdev.c to event watch
Create and destroy the device state struct and the DBus interfaces in a
way more similar to the Station, AdHoc and AP interfaces.  Drop
netdev_get_device() and the device specific code in netdev that as far
as I can tell wasn't needed.
2019-11-20 20:24:48 -06:00
Andrew Zaborowski
bc1b9ce10c anqp: Only register for frames on station interfaces
Check the iftype before registering ANQP on new interface.

Not that the check here and in rrm.c (which already checks the iftype)
may need to be extended to run on NETDEV_WATCH_EVENT_UP because a device
could be created with a different iftype and then have the iftype changed
before powering up.
2019-11-20 20:24:43 -06:00
Denis Kenzior
aa754cbb4a rrm: include actual parent TSF value
If the scan results included a parent TSF value use it.
2019-11-20 20:11:47 -06:00
James Prestwood
e92424611a scan: fix parent TSF parsing
The value coming from the kernel is in the same endianness as IWD, so
just parse it as a u64 rather than le64.
2019-11-20 20:04:30 -06:00
James Prestwood
c1c2ca5e7f rrm: remove use of floating point math
The RCPI value was using floating point values as per the spec. But instead
we can just use the signal strength coming from the kernel in mili mdm and
scale the hard coded values by a factor of 100.
2019-11-18 12:52:33 -06:00
James Prestwood
be4ab2826f scan: parse parent TSF value in scan results
RRM can include this in measurement reports if present in scans
2019-11-15 14:28:26 -06:00
James Prestwood
1b35eda3dd rrm: support scan duration and mandatory flags
Beacon requests can specify a scan duration, and set a flag which makes
this duration mandatory. The kernel supports both these values for scan
requests so we no longer need to reject requests which contain these.

Drivers which do not support EXT_FEATURE_SET_SCAN_DWELL will ignore the
duration value, but if duration mandatory is set we must reject the
request.
2019-11-15 14:12:24 -06:00
James Prestwood
dca90abdc5 scan: add duration scan_parameters
The kernel allows a scan duration and duration mandatory flag to be
set in scan requests. RRM requests can contain these values so they
have been added to scan_parameters.

Scanning with drivers which do not support EXT_FEATURE_SET_SCAN_DWELL
will not include these values in scan requests.
2019-11-15 14:11:16 -06:00
James Prestwood
4cee10ec50 scan: add scan_passive_full variant
Just like active scans, add an API for passive scans which take in
the full scan_parameters structure.
2019-11-15 14:11:16 -06:00
James Prestwood
5528403d77 rrm: fix invalid IE tag when rejecting request
The rejection report actually contained a request IE, not a report IE
2019-11-15 11:03:39 -06:00
James Prestwood
90fb7eff7d station: fail if trying to scan while connecting
If a scan is requested during the middle of a connection we should
return busy instead of attempting the scan. The kernel ends up coming
back with not supported in this case, which is misleading and
difficult to debug.
2019-11-14 15:23:03 -06:00
James Prestwood
81ac94fd01 hotspot: fix double free between hostpot and knownnetworks
The module framework was changed to call the module exit functions in
the reverse order as the init functions. This uncovered/caused known
networks to try and free the network_info structures after hotspot had
already freed them. Since known networks clean up the network_info's
anyways, we don't actually need hotspot to do any cleanup.
2019-11-13 16:37:17 -06:00
Andrew Zaborowski
95d4eea68f modules: Unload modules in reverse order from loading
Make sure a module A that is needed by B is not unloaded before B.
2019-11-11 18:29:45 -06:00
Andrew Zaborowski
083143ed05 module: Fix variable names
Apparently the intention was for the dependent module's name to appear
in the variable name resulting from using IWD_MODULE_DEPENDS, so the
dependencies all have unique names (apparently not critical).
2019-11-11 18:29:45 -06:00
Tim Kourt
96a97dc959 peap: Adjust V0 not to close tunnel on Success of Phase2
Despite that PEAPv0 spec indicates that TLS tunnel needs to be torn
down after the transmission of a secure Result response, some servers
treat this TLS close alert as a failure. This patch changes the above
behavior to explicitly torn the tunnel only in the case of
authentication failure and leave it open after the success.
2019-11-11 18:29:12 -06:00
Denis Kenzior
bc17925f3a manpage: Fix section naming
The previous refactoring somehow changed the 'Settings' section name
into 'General'

Fixes: ac53239109 ("doc: Split network configuration description into separate manpage")
2019-11-08 21:24:54 -06:00
Tim Kourt
aea6c1ccb6 scan: Separate IE attr creation into logical block
This also introduces the max IE length check and exludes the addition
of IEs for the drivers that don't support it.
2019-11-08 21:05:51 -06:00
Tim Kourt
0490c25fde scan: Fix bit checking for interworking
The checker function will later be changed to match the bit setter.
2019-11-08 21:05:39 -06:00
Tim Kourt
48570141ba scan: Improve comment 2019-11-08 20:43:16 -06:00
Tim Kourt
175bf574c6 manpage: Add route prioritization setting 2019-11-08 17:05:18 -06:00
Marcel Holtmann
ab5742bb32 module: Move declarations into separate header file 2019-11-07 23:40:13 +01:00
James Prestwood
1f01819c70 rrm: add radio resource management module
This module takes care of radio measurements which an AP can request.
There are many types of requests, and for now only beacon requests
are supported.

IWD will filter certain types of beacon requests that are NOT
supported:

 - AP channel reports. Only single channel requests will be supported
 - Autonomous measurements. Only direct requests will be supported.
   IWD will not accept requets to trigger reports under certain
   conditions (SNR/RSSI thresholds, etc.)
 - Timed measurements. Only immediate measurements will be performed.
   The accuracy for timed measurements cannot be reliably guaranteed
   due to kernel scheduling/queues.
 - Full reporting detail. The AP can request the STA return the full
   set of IEs in a beacon. IWD does not currently save all IEs, plus
   there is quite a bit of complexity involved as certain IEs get
   truncated, and there are other length limitations.

There are other limitations not specific to beacon requests:

 - IWD will support single measurement requests per report. Multiple
   measurement request IEs can be included, but the reports will be
   sent out separately.

 - IWD will limit the number of requests it responds to in a given
   amount of time. As it stands now this is hard coded to 2 requests
   per second maximum. This will prevent DoS attacks.

 - IWD will not accept any measurement requests from APs it is not
   connected to, and will not accept any requests until connected.
2019-11-07 12:26:19 -06:00
James Prestwood
63e8f146b7 wiphy: add beacon bits to RM Enabled Capabilities
This tells AP's that we support Passive, Active, and Table beacon
measurements.
2019-11-07 12:26:19 -06:00
Marcel Holtmann
754ce0d112 anqputil: Use complete path internal includes 2019-11-07 18:29:11 +01:00
Tim Kourt
259a666a76 wsc: Check capability before adding interface 2019-11-06 17:46:00 -06:00
Tim Kourt
df43470c32 wiphy: Add parser and getter for max ie len attr 2019-11-06 17:04:00 -06:00
Marcel Holtmann
c6f9e89748 doc: Add manual page for debugging information 2019-11-05 22:14:09 +01:00
Marcel Holtmann
1365fc6820 doc: Fix manual page title names 2019-11-05 22:12:22 +01:00
James Prestwood
2962a80e14 station: add APIs to get connected BSS and BSS list
For Radio Resource Management (RRM) we will need access to the currently
connected BSS as well as the last scan results in order to do certain
kinds of requested measurements.
2019-11-04 14:43:38 -06:00
Tim Kourt
597920d06c knownnetworks: Check result of setting getter
Set the value of 'is_hidden' if necessary.
2019-10-30 14:39:21 -05:00
Andrew Zaborowski
77e9df23c1 netdev: Drop unused netdev_connect_wsc 2019-10-30 14:36:23 -05:00
Andrew Zaborowski
6d3ae88a21 wsc: Replace netdev_connect_wsc with netdev_connect usage
netdev_connect can achieve the same effect as netdev_connect_wsc but is
more flexible as it allows us to supply additional association IEs.  We
will need this capability to make P2P connections.  This way we're also
moving the WSC-specific bits to wsc.c from the crowded netdev.c.
2019-10-30 14:35:10 -05:00
Andrew Zaborowski
0651c2c430 eapol: Drop unused eapol_sm_set_event_func 2019-10-30 14:34:20 -05:00
Andrew Zaborowski
dcf419ee7f eapol: Move the EAP events to handshake event handler
On EAP events, call the handshake_event handler with the new event type
HANDSHAKE_EVENT_EAP_NOTIFY isntead of the eapol_event callback.

This allows the handler to be set before calling
netdev_connect/netdev_connect_wsc.  It's also in theory more type-safe
because we don't need the cast in netdev_connect_wsc anymore.
2019-10-30 14:26:09 -05:00
Andrew Zaborowski
0cccbea904 handshake: Convert handshake event callbacks variadic functions
Convert the handshake event callback type to use variable argument
list to allow for more flexibility in event-specific arguments
passed to the callbacks.

Note the uint16_t reason code is promoted to an int when using variable
arguments so va_arg(args, int) has to be used.
2019-10-30 14:24:05 -05:00
Andrew Zaborowski
2c536ba4fa scan: Hide CCK rates if no_cck_rates set
no_cck_rates is set in the scan parameters generally to make sure
that the Probe Request frames are not sent at any of the 802.11b
rates during active scans.  With this patch we also omit those rates
from the Supported Rates IEs, which is required by the p2p spec and
also matches our flag's name.
2019-10-30 11:13:42 -05:00
Andrew Zaborowski
07cef99e5c wiphy: Add wiphy_get_supported_rates
Add code to parse the supported data rates info from the wiphy dumps and
expose it for P2P's use with a getter function.
2019-10-30 10:58:36 -05:00
Denis Kenzior
7d24edf467 manpage: Add some examples of network configurations 2019-10-28 21:50:23 -05:00
Denis Kenzior
785fd8c6eb manpage: Add James to author info 2019-10-28 21:10:37 -05:00
Denis Kenzior
480d678a85 main: Update to the new ell API 2019-10-28 15:48:36 -05:00
Denis Kenzior
ccc114fa5f dbus: Use the new /net/connman/iwd root path 2019-10-28 11:32:57 -05:00
James Prestwood
d164923e7c manpages: replace shorthand words
Replaces cases of 'certs' with 'certificates', and 8021x with IEEE 802.1x
2019-10-28 10:45:30 -05:00
Marcel Holtmann
5a473a755c doc: Minor formatting changes for the configuration documentation 2019-10-26 02:07:03 +02:00
Denis Kenzior
3b937424db nl80211util: Ensure all entries are parsed
The current logic did not make sure that each entry provided was
actually parsed.  Also add a sanity check to make sure that no duplicate
parsing occurs.
2019-10-25 13:46:58 -05:00
Andrew Zaborowski
d577036879 p2putils: Fix length in Channel List parsing 2019-10-25 13:34:37 -05:00
Andrew Zaborowski
6ee83fdca9 p2putil: Replace constants with wifi_alliance_oui 2019-10-25 13:34:05 -05:00
James Prestwood
0d7fbfe523 network: add L_WARN for known network lookup failure
When updating the network ranking there was a potential out of bounds
array access. The condition was if known_network_offset returned a
negative value, indicating the known network was not found. Since
network->info is only set for known networks this should not ever
happen as network->info is checked prior.

Though this is likely impossible, knownnetworks is complex enough that
its better to just be paranoid and put an L_WARN_ON to check the
return.
2019-10-25 13:19:31 -05:00
Denis Kenzior
cf6499387f manpage: Update networking related settings 2019-10-25 13:18:42 -05:00
Denis Kenzior
16f51f5b5e treewide: Use CamelCase for netconfig settings 2019-10-25 13:18:42 -05:00
James Prestwood
8c3c81716f manpage: add section on embedding PEMs in settings 2019-10-25 11:22:36 -05:00
Denis Kenzior
624533e9c4 manpage: Document additional [General] settings 2019-10-25 11:21:29 -05:00
Denis Kenzior
7db8cf92fe manager: Switch to CamelCase for mac_randomize 2019-10-25 11:21:04 -05:00
Denis Kenzior
8d0860ef86 wiphy: Switch to CamelCase for mac_randomize_bytes 2019-10-25 11:16:28 -05:00
Denis Kenzior
b3c08da45b manager: Use CamelCase for use_default_interface 2019-10-25 09:20:42 -05:00
Denis Kenzior
d12ee292aa treewide: Use CamelCase for disable_anqp setting 2019-10-24 23:18:23 -05:00
Denis Kenzior
27afe6c49f netdev: Use CamelCase for pae over nl80211 setting 2019-10-24 21:36:53 -05:00
Denis Kenzior
43d386bbe4 netdev: Use CamelCase for roam threshold setting 2019-10-24 21:36:53 -05:00
Denis Kenzior
1fbf64b667 station: use CamelCase for MFP setting 2019-10-24 21:36:50 -05:00
Marcel Holtmann
7abd998d00 build: Move 50-iwd.link up to 80-iwd.link for less confusion 2019-10-25 01:08:56 +02:00
Marcel Holtmann
152b56a12a treewide: Move the Intel copyright forward to 2019 2019-10-25 00:43:08 +02:00
Marcel Holtmann
2a1cf2593b doc: Add missing author names to iwd config manual page 2019-10-25 00:22:20 +02:00
Marcel Holtmann
eb4ea958c7 build: Rename iwd.conf.5 into iwd.config.5 2019-10-25 00:21:05 +02:00
Marcel Holtmann
cd0d57077e build: Add systemd network link file to disable persistent naming 2019-10-25 00:15:05 +02:00
Denis Kenzior
d4d35c7872 eapol: Use CamelCase for [EAPoL] settings 2019-10-24 15:58:08 -05:00
Denis Kenzior
3540cc5cc0 manpage: Document [Scan] settings 2019-10-24 15:58:08 -05:00
Denis Kenzior
e540978633 treewide: Use CamelCase for [Scan] settings 2019-10-24 15:58:08 -05:00
Denis Kenzior
3a0c70210d manpage: Document [Rank] settings 2019-10-24 15:58:08 -05:00
Denis Kenzior
b205d9bdf1 scan: Use CamelCase for [Rank] settings 2019-10-24 15:58:05 -05:00
Denis Kenzior
19a85a85e7 treewide: Rename EAP mtu key to MTU 2019-10-24 13:51:20 -05:00
Denis Kenzior
f6994f502b manpage: Document Blacklist settings 2019-10-24 13:39:40 -05:00
Denis Kenzior
d66139fe34 treewide: Switch to CamelCase for Blacklist settings 2019-10-24 13:38:11 -05:00
Denis Kenzior
8a1ce9e3e3 manpage: Use AutoConnect instead of Autoconnect 2019-10-24 13:04:53 -05:00
Denis Kenzior
356fadad5a hotspot: Use AutoConnect instead of Autoconnect 2019-10-24 13:04:53 -05:00
Denis Kenzior
2dec3ff1b6 knownnetworks: Use AutoConnect setting
Since the property Autoconnect was renamed to AutoConnect, change the
Autoconnect setting to match.

For now we still allow the legacy name to be used here, but a warning is
printed to remind users to update.
2019-10-24 13:04:53 -05:00
Denis Kenzior
c49893c827 knownnetworks: Use AutoConnect as property name 2019-10-24 12:49:59 -05:00
Denis Kenzior
2d2bc70b64 device: Remove support for WDS property 2019-10-24 11:41:19 -05:00
Denis Kenzior
206bfbdf3a dbus: update to use InvalidArguments error 2019-10-24 10:54:21 -05:00
Denis Kenzior
a06583ffc4 dbus: Update to the new wsc api naming 2019-10-24 10:49:13 -05:00
Tim Kourt
b096c27377 hotspot: eliminate double assignment of variable 2019-10-23 17:57:35 -05:00
Tim Kourt
d8f98a5f20 hotspot: Fix mem leak on failed hotspot config 2019-10-23 17:56:18 -05:00
Denis Kenzior
45bd459711 eap-tls-common: Relax certificate chain check
Relax the pre-check for local user certificate.  Before we used to check
that the CA provided (if any) was used to verify both the peer identity
and the local certificate chain.  However, there seem to be networks
that use different CAs to sign AP/Radius certificates and certificates
issued to users.

Drop the ca_certs argument from l_certchain_verify, but keep the call
there to make sure the certificate chain is indeed a chain as a sanity
check.
2019-10-23 09:51:29 -05:00
Andrew Zaborowski
1d29221ef0 netdev: Extend checks for P2P scenarios
Extend the iftype-based checks to handle the P2P iftypes and remove a
warning that may be triggered in normal situations in the P2P scenarios.
2019-10-21 22:35:31 -05:00
Andrew Zaborowski
cd47834d6c wiphy: Add wiphy_get_max_roc_duration
Add a function to retrieve the maximum Remain On Channel listen duration
supported by the wiphy's driver.
2019-10-21 22:07:17 -05:00
James Prestwood
a1189d64b1 sae: remove unneeded NULL pointer check
The frame was already validated, and mmpdu_body will never return
a NULL pointer.
2019-10-21 17:14:49 -05:00
James Prestwood
27d698a0c0 sae: fix incorrect length adjustment
The commit/confirm processing was incorrectly subtracting 2 from
the length when they should be subtracting 6. As with the other
similar change, the length is validated with mpdu_validate so
subtracting 6 will not cause an overflow.
2019-10-21 17:12:01 -05:00
James Prestwood
47efe17461 sae: fix inproper return value in sae_verify_accepted
This function was returning a boolean and the expected return was
a signed integer. Since this function actually returned false in
all cases the check for a success (0) return always worked.

The comment about the 'standard code path' was removed as this is
no longer valid.
2019-10-21 16:50:42 -05:00
James Prestwood
3f2b558f57 sae: fix potential integer overflow
If an authentication frame of length <= 5 is sent sae will overflow an
integer. The original cause of this was due to incorrectly using the
sizeof(struct mmpdu_header). The header can be either 24 or 28 bytes
depending on fc.order. sizeof does not account for this so 28 is always
the calculated length.

This, in addition to hostapd not including a group number when rejecting,
cause this erroneous length calculation to be worked around as seen in
the removed comment. The comment is still valid (and described again
in another location) but the actual check for len == 4 is not correct.

To fix this we now rely on mpdu_validate to check that the authentication
frame is valid, and then subtract the actual header length using
mmpdu_header_len rather than sizeof. Doing this lets us also remove the
length check since it was validated previously.
2019-10-21 16:50:42 -05:00
James Prestwood
9ec87acccf mpdu: expose mmpdu_header_len 2019-10-21 16:50:42 -05:00
Marcel Holtmann
ac53239109 doc: Split network configuration description into separate manpage 2019-10-20 19:33:53 +02:00
Marcel Holtmann
6238f9bbd7 doc: Start describing settings in main.conf 2019-10-20 10:25:51 +02:00
Marcel Holtmann
5e77e34c46 doc: Mention all available environment settings 2019-10-19 23:13:34 +02:00
Marcel Holtmann
806d36a35e doc: Minor updates to formatting and mention STATE_DIRECTORY 2019-10-19 23:00:16 +02:00
James Prestwood
0d9c9274d9 eapol: do not parse RSN for WPA1 in 1 of 4
A recent change checked the return value of ie_parse_rsne_from_data
inside the ptk 1/4 handler. This seemed safe, but actually caused
the eapol unit test to fail.

The reason was because eapol was parsing the IEs assuming they were
an RSN, when they could be a WPA IE (WPA1 not WPA2). The WPA case
does not end up using the rsn_info at all, so having rsn_info
uninitialized did not pose a problem. After adding the return value
check it was found this fails every time for WPA1.

Since the rsn_info is not needed for WPA1 we can only do the RSN
parse for WPA2 and leave rsn_info uninitialized.
2019-10-17 18:48:18 -05:00
Denis Kenzior
99923c90da util: Be more paranoid when parsing addresses
Add a check to make sure that sscanf reads all 6 bytes of the address as
well.
2019-10-17 18:22:25 -05:00
Denis Kenzior
f878ec275d scan: Fix logic error in frequency validation
The intent here was to validate that the frequency is a multiple of 5
and lies in a certain range.  Somehow the channel was checked for being
a multiple of 5 instead.
2019-10-17 18:00:33 -05:00
Denis Kenzior
9ec50c910b rtnlutil: Remove pointless conditional
gateway is checked to be !null above, so the conditional can be dropped.
2019-10-17 17:53:30 -05:00
Denis Kenzior
a533734471 p2putil: Fix logic in required attribute check
The logic here intended to check whether all required attributes were
available.  However, it set the parse_error to true instead of
have_required to false as intended.
2019-10-17 17:39:53 -05:00
Denis Kenzior
5dbccee798 network: Be extra pedantic in network_get_psk
Check that the passphrase to PSK conversion actually succeeds.
2019-10-17 17:33:56 -05:00
Denis Kenzior
a043f26134 netdev: Skip IE processing of no request IEs sent 2019-10-17 17:30:11 -05:00
Denis Kenzior
aa75b3e06e ap: Remove unneeded NULL check
sta is already dereferenced above, no need for the extra check here
2019-10-17 17:22:02 -05:00
Denis Kenzior
aba73171f6 wsc: Fix potential memory leak
If the netdev_connect_wsc call fails, handshake_state object isn't
freed.
2019-10-17 12:37:04 -05:00
Denis Kenzior
9a588944aa backtrace: Don't ignore strchr errors 2019-10-17 12:10:36 -05:00
Denis Kenzior
ef0f9ad193 backtrace: Fix a potential buffer overrun 2019-10-17 12:08:21 -05:00
James Prestwood
34560120f9 util: add bounds check to util_get_{domain,username}
Replace uses of strcpy by the safer l_strlcpy.  Note that both of these
functions can only be called with a buffer of max 253 bytes (the
identity string), so this is purely a precautionary measure.
2019-10-17 11:21:47 -05:00
James Prestwood
65f279dc1e util: Use memcpy instead of strncpy
The sub-string copied here will never have NULL terminators, so use
memcpy here to make this clearer.
2019-10-17 11:20:51 -05:00
James Prestwood
6b8f566498 ie: reorder ie_parse_osen to fix uninitialized value
RSNE_ADVANCE could result in a jump to the done label where info would
be copied without being initialized.
2019-10-16 21:25:41 -05:00
James Prestwood
de3a267d03 eapol: check return of ie_parse_rsne_from_data 2019-10-16 21:24:25 -05:00
James Prestwood
91c449d74a eapol: reorder eapol_sm_free
Technically there's no problem here as l_queue_remove does not
dereference the pointer.  Still, it confuses certain static analysis
tools in the current form. Reordering this will not change the behavior
at all.
2019-10-16 21:16:28 -05:00
James Prestwood
0ade612b3e hotspot: check if HESSID parses correctly 2019-10-16 18:40:30 -05:00
James Prestwood
87a1c55145 hotspot: fix multiple potential memory leaks 2019-10-16 18:32:46 -05:00
Denis Kenzior
b3799a9f8d owe: Fix potential memory leak 2019-10-16 18:14:17 -05:00
James Prestwood
96aa658375 sae: check return getting k_point 2019-10-16 18:09:29 -05:00
James Prestwood
ba7f7febd1 owe: fix potential uninitialized variable 2019-10-16 18:08:47 -05:00
James Prestwood
8bbfa4db49 owe: fix potential double free on error 2019-10-16 18:08:08 -05:00
James Prestwood
ab92901252 owe: check for error return getting shared_secret 2019-10-16 18:05:43 -05:00
James Prestwood
7b1e1497b7 ie: fix uninitialized rx/tx_nss values 2019-10-16 18:02:49 -05:00
James Prestwood
a8e935ee77 crypto: fix potential memory leak 2019-10-16 17:58:50 -05:00
James Prestwood
8364807938 eap-pwd: fix potential memory leak 2019-10-16 17:58:14 -05:00
James Prestwood
e31074b246 erp: check return of hkdf_expand 2019-10-16 17:57:05 -05:00
James Prestwood
81ec93fdcc anqp: fix potential NULL pointer dereference 2019-10-16 17:57:05 -05:00
Denis Kenzior
269377c92f scan: Simplify parsing using nl80211_parse_attrs 2019-10-16 16:33:40 -05:00
Tim Kourt
34cd8d5f3e eap-ttls: Fix memory leak
A very unlikely condition could result in struct phase2_method being
leaked.
2019-10-16 15:48:32 -05:00
Denis Kenzior
6917f75c6a doc: Add network configuration section to iwd.rst
Content is mostly pulled from the wiki and re-arranged slightly.
2019-10-16 15:45:58 -05:00
Florian Klink
af877978a1 doc: fix typo systemd->system
Even though this is equal on most distros, we're not quite there yet.
2019-10-14 16:38:49 -05:00
James Prestwood
fe179f96fd eap: utilize IWD_MODULE
Converts eap into an IWD module.
2019-10-11 15:45:26 -05:00
James Prestwood
8f600ee1b5 eap: remove mtu argument from eap_init
This was refactored to set the mtu via __eap_set_config rather than
passing the MTU into eap_init. This makes eap work in a similar fashion
as eapol (i.e. __eapol_set_config).

If __eap_set_config is not used, the MTU will be set to 1020, which is
the same as previously passing 0 to eap_init.
2019-10-11 15:44:38 -05:00
James Prestwood
d53dcf2334 wiphy: utilize IWD_MODULE
This converts wiphy into an IWD module. nl80211 was completely removed
from main.c as it is no longer passed with manager or wiphy.
2019-10-11 15:42:13 -05:00
James Prestwood
97bac236c8 wiphy: remove white/blacklist from wiphy_init
wiphy will now use getters for the phy white/black list.
2019-10-11 15:41:54 -05:00
Denis Kenzior
cc2d4f97e2 manager: Make sure pending_wiphys remains NULL on error 2019-10-11 15:41:16 -05:00
James Prestwood
2d8d47c9dd manager: utilize IWD_MODULE
Converts manager into an IWD module.
2019-10-11 15:38:25 -05:00
James Prestwood
87c42bccf1 manager: remove white/black list from argument
Instead we add getters for these lists that manager_init can use.
2019-10-11 15:37:58 -05:00
James Prestwood
2ab8d4bbed anqp: utilize IWD_MODULE
This converts anqp into an IWD module.
2019-10-11 15:37:33 -05:00
James Prestwood
369c5fbd0b eapol: utilize IWD_MODULE
This converts eapol to using IWD modules. The init/exit APIs did need
to remain exposed for unit tests.

Netdev was updated to depend on eapol.
2019-10-11 15:36:45 -05:00
Denis Kenzior
cb57d44cb4 netdev: Fix resource leaks in netdev_init 2019-10-11 15:34:54 -05:00
James Prestwood
d42c4a57b8 netdev: utilize IWD_MODULE
Since iwd_modules_init is now defered until nl80211_appeared, we can
assume the nl80211 object is available. This removes the need for
netdev_set_nl80211 completely.
2019-10-11 15:30:28 -05:00
James Prestwood
df8fc5f918 main: move module init into nl80211_appeared
In preparation for integrating IWD_MODULE into modules which require
nl80211 we move the module init into the nl80211_appeared callback.
This will guarentee that the nl80211 is available during module init
and allow modules to get their own copy of nl80211 rather than needing
a set function (e.g. netdev_set_nl80211).

Since the dbus name request callback happens before this as well any
dbus module can also use IWD_MODULE and simply assume the dbus object
is ready.

plugin_init was also deferred to nl80211_appeared since some plugins
depend on modules being initialized.
2019-10-11 15:21:32 -05:00
James Prestwood
046fe96537 agent: utilize IWD_MODULE
Converts agent into an IWD module. This removes the dbus dependency
on agent. Since dbus is initialized very early we can assume
dbus_get_bus is going to return a valid object.
2019-10-11 13:52:22 -05:00
Tim Kourt
3aa336cb2a resolve: Add IPv6 handler for systemd msg appender 2019-10-10 11:54:58 -05:00
Tim Kourt
8168b22233 netconfig: Don't clear IPv6 addresses on shutdown
Unlike IPv4, the IPv6 address are removed by the kernel.
2019-10-09 17:53:26 -05:00
Tim Kourt
2d02816efd station: Subscribe to netconfig event notifier 2019-10-09 17:52:36 -05:00
Tim Kourt
c4a17ed711 netconfig: Add netconfig event notifier
The notifier allows to subscribe for the netconfig events such as
‘connected’.
2019-10-09 17:51:57 -05:00
Tim Kourt
624933fab0 station: Move 'connected' logic out of enter state func
Previously, station state 'connected' used to identify an interface associated
with AP. With the introduction of netconfig, an interface is assumed to be
connected after the IP addresses have been assigned to it. If netconfig is
disabled, the behavior remains unchanged.
2019-10-09 17:05:42 -05:00
Tim Kourt
beca75830c netconfig: Split route add/del callbacks 2019-10-09 14:18:07 -05:00
Tim Kourt
48be2c0252 station: Simplify and comply with coding style 2019-10-09 14:18:02 -05:00
James Prestwood
bea1d22a5c eap-tls-common: allow embedded PEMs in settings
Refactoring was required to allow for embedded certs. The existing
eap_tls_state object was changed to hold the cert types (l_queue,
l_certchain, l_key) rather than the file path, since there may not
actually be separate PEM files.

Care was taken to properly manage the memory of these objects.
Since the TLS object takes ownership when setting auth data or the
CA certs all error cases must be handled properly to free these
objects after they are loaded and in addition they must be set to
NULL so that the cleanup doesn't double free them.

If everything goes to plan, we load all the PEMs in settings_load,
provide these objects to the TLS APIs, and then NULL out the
pointers (TLS now owns this memory). If anything fails between
settings_load and l_tls_start we must free these objects.

A special format must be used to indicate that a PEM is embedded
inside the settings file. First, the l_settings format should be
followed for the PEM itself, e.g.

[@pem@my_ca_cert]
<CA Cert data>

This PEM can then be referenced by "embed:my_ca_cert", e.g.

EAP-TLS-CACert=embed:my_ca_cert

Any other value not starting with "embed:" will be treated as a file
path.
2019-10-07 11:39:30 -05:00
Tim Kourt
e0651cf25b netconfig: Allow to override IPv6 DHCP DNSs with static addresses 2019-10-04 12:17:20 -05:00
Tim Kourt
0fdd27463e netconfig: Allow to override IPv4 DHCP DNSs with static addresses 2019-10-04 12:17:20 -05:00
Denis Kenzior
46a88744c1 netconfig: Remove unused member 2019-10-04 12:17:20 -05:00
Marcel Holtmann
6476d68aed build: Add manual page for iwd configuration file 2019-10-03 22:36:39 +02:00
Marcel Holtmann
f9f12533fc doc: Add more detailed description for iwd daemon 2019-10-03 22:35:47 +02:00
Will Dietz
44ae6a46da station: don't reset/(re)configure/destroy NULL netconfig's
Fixes crashes when `enable_network_config` is false (default).
2019-10-03 12:34:56 -05:00
Will Dietz
6672bc2a37 station: record dependency on netconfig module
The netconfig module must be initialized (netconfig_list, for example)
before station module can be used, record this to ensure that happens.
2019-10-03 12:30:43 -05:00
Will Dietz
f74e6ff2f2 crypto: fix copy size causing overruns/crashing
num_ad is already accounted for in `sizeof(iov)`
as iov has size `sizeof(struct iovec) * (num_ad+1)`.
2019-10-03 12:25:57 -05:00
Tim Kourt
3e634bfbcc netconfig: Optimize IPv4 address deletion
Decrease the queue traversals to a single pass
2019-10-03 10:56:07 -05:00
Tim Kourt
444491490e netconfig: Remove IPv6 default route
The IPv6 default route needs to be explicitly revoked. Unlike in IPv4,
there is no SRC address associated with the route and it will not be
removed on address removal.
2019-10-03 10:56:07 -05:00
Tim Kourt
eebd44cfc0 rtnlutil: Add IPv6 route deletion helper 2019-10-03 10:56:07 -05:00
Tim Kourt
cd21d4d3e7 netconfig: Fix return type for module init 2019-10-03 10:56:07 -05:00
Tim Kourt
c4ecf96942 netconfig: Install IPv6 DNS 2019-10-02 12:13:42 -05:00
Tim Kourt
95c3df3ccf netconfig: Install IPv6 default route 2019-10-02 12:10:00 -05:00
Tim Kourt
ce5e481239 netconfig: Add IPv6 static address installation/removal
The network configuration options for IPv6 are grouped under [IPv6]
and include the following:
	ip= ADDRESS/PREFIX
	gateway=ADDRESS
	dns=ADDRESS

The placeholders for DHCPv6 are placed along the way and marked
as TODO items.
2019-10-02 12:09:00 -05:00
Tim Kourt
0a293ef538 netconfig: Request all known IPv6 addresses 2019-10-02 11:58:56 -05:00
Tim Kourt
577e638be3 netconfig: Subscribe for IPv6 address changes
The IPv6 addresses changes are maintained in ifaddr_list.
2019-10-02 11:58:07 -05:00
Tim Kourt
50a112e425 netconfig: Remove roaming logic
Previously, netconfig_ipv4_select_and_install was used to install
addresses on initial connection to a network and after we have roamed.
Now for the after roaming connection scenario we have
netconfig_reconfigure. Remove roaming related code from
netconfig_ipv4_select_and_install
2019-10-02 10:53:39 -05:00
Tim Kourt
332eec9f9d netconfig: Don't re-install IPv4 address on re-configure 2019-10-02 10:53:08 -05:00
Denis Kenzior
72a417e8a3 eap-tls-common: update to new ELL TLS APIs 2019-10-02 10:36:06 -05:00
Tim Kourt
77770b9566 netconfig: Switch to internal active network settings
As part of the de-coupling from station object, switch all of
the network settings inquiries to use active_settings. active_settings
are set with netconfig_configure by the owner of netconfig object
and removed with netconfig_reset once network disconnects.
2019-09-30 15:05:12 -05:00
Tim Kourt
d7c52b8280 station: netconfig devices based on station state 2019-09-30 14:57:21 -05:00
Tim Kourt
fb65b5f92c netconfig: Decouple from station state
Instead of relying on station state changed signal, netconfig
introduces three new API calls to configure, re-configure and
reset the network configurations. The owner of netconfig object
is responsible for initiating the re-configuration of the device
depending on its state.
2019-09-30 14:57:18 -05:00
Tim Kourt
57095eaa2c rtnlutil: Add IPv6 default route helper 2019-09-30 11:08:23 -05:00
Tim Kourt
f0b3a6cf1d rtnlutil: Add IPv6 address change helpers
Implements the IPv6 helper functions to add/delete IP addresses.
2019-09-30 11:08:01 -05:00
Tim Kourt
e3e569b75b rtnlutil: Add IPv6 address dump 2019-09-30 11:07:37 -05:00
Tim Kourt
c8eb33c2c2 rtnlutil: Add parser for IPv6 RTNL packet
At this time, we are only looking for IFA_ADDRESS attribute that
represents the IPv6 IP address.
2019-09-30 11:07:37 -05:00
Tim Kourt
d954eee0cc netconfig: Change public API
As a first step to enable the usage of netconfig in ead and
prospective transition to be a part of ell, the public API for
creation and destruction of the netconfig objects has been
renamed and changed. Instead of hiding the netconfig objects inside
of netconfig module, the object is now passed back to the caller.
The internal queue of netconfig objects remains untouched, due
to limitations in ell’s implementation of rtnl. After the proper
changes are done to ell, netconfig_list is expected to be removed
from netconfig module.
2019-09-27 16:32:05 -05:00
Tim Kourt
c8dfb6061d netconfig: Rename netconfig destructor
The old name will be repurposed for the API.
2019-09-27 16:31:56 -05:00
Denis Kenzior
3b040f5c27 main: Make rfkill an IWD_MODULE 2019-09-24 10:07:40 -05:00
Marcel Holtmann
765bb92084 build: Add skeleton manual pages for all installed binaries 2019-09-22 21:57:47 +02:00
Denis Kenzior
73f6e0b43b anqp: Use nl80211_parse_attrs 2019-09-19 23:04:06 -05:00
Denis Kenzior
91784425ec wiphy: Remove wiphy_parse_id_and_name
in favor of using nl80211_parse_attrs
2019-09-19 22:55:07 -05:00
Denis Kenzior
bf7e62fafb manager: Simplify parsing using nl80211_parse_attrs 2019-09-19 22:42:25 -05:00
Denis Kenzior
d400c7f303 manager: Simplify manager_parse_wiphy_id
using nl80211_get_attrs
2019-09-19 22:42:02 -05:00
Denis Kenzior
2772845a7b manager: Simplify manager_parse_ifindex
using nl80211_parse_attrs
2019-09-19 22:42:02 -05:00
Denis Kenzior
2dbcad3185 nl80211util: Add skeleton of nl80211_parse_attrs 2019-09-19 22:41:54 -05:00
Denis Kenzior
1fc480c007 manager: Remove stale comment
setup_timeout was removed by the previous patch, so this comment no
longer applies.
2019-09-19 21:05:57 -05:00
James Prestwood
95f1fb1663 manager: dump wiphy/iface on NEW_WIPHY
A NEW_WIPHY event may not always contain all the information about a
given phy, but GET_WIPHY will. In order to get everything we must
mimic the behavior done during initalization and dump both wiphy
and interfaces when a NEW_WIPHY comes in.

Now, any NEW_WIPHY event will initialize a wiphy, but then do a
GET_WIPHY/GET_INTERFACE to obtain all the information. Because of
this we can ignore any NEW_INTERFACE notifications since we are
dumping the interface anyways.

Once some kernel changes get merged we wont need to do this anymore
so long as the 'full' NEW_WIPHY feature is supported.
2019-09-19 20:49:41 -05:00
James Prestwood
27ae3ce14d network: validate passphrase on _set_passphrase 2019-09-18 16:48:29 -05:00
James Prestwood
42e083cf9b crypto: add crypto_passphrase_is_valid
Move this check out of crypto_psk_from_passphrase so other modules
can validate a passphrase.
2019-09-18 16:48:07 -05:00
James Prestwood
7a9891dbef wsc: store plain text passphrase if available
If the AP sent us the plain passphrase we can now store that rather
than generating the PSK. This will allow WPA3 to work properly when
WPA3 + WSC is implemented.
2019-09-18 16:47:41 -05:00
James Prestwood
2c14e73f82 network: add network_set_passphrase
This lets other modules (like WSC) to set a plain text passphrase
as opposed to only allowing a PSK to be set. network_get_psk was
also updated to generate a PSK on-the-fly if required. Since WPA3
requires the raw passphrase to work, it makes sense to just store
the passphrase if we have it.
2019-09-17 16:20:28 -05:00
James Prestwood
a8187468b5 station: optimize roam scanning
If neighbor reports are unavailable, or the report yielded no
results we can quickly scan for only known frequencies. This
changes the original behavior where we would do a full scan
in this case.
2019-09-17 11:52:55 -05:00
James Prestwood
235fd2b7e6 eap-pwd: remove old EAP-PWD-Password support
This password key was deprecated in favor of the common EAP-Password
key. Its been about a year so we are now removing support entirely
for EAP-PWD-Password.
2019-09-17 11:46:19 -05:00
James Prestwood
07e6876ef5 knownnetworks: add roam frequency getter
Gets a newly created scan_freq_set containing the most recent
frequencies for the network. The currently connected BSS frequency
(passed as a parameters) will not be included in the set.
2019-09-17 11:39:12 -05:00
James Prestwood
d9e6b2263f scan: add scan_freq_set_isempty 2019-09-17 11:28:23 -05:00
James Prestwood
09d336dbdd knownnetworks: free file_path in get_uuid 2019-09-16 15:24:49 -05:00
James Prestwood
66346712e6 knownnetworks: make frequencies/UUID forgettable
Since the UUID was being generated purely on the file path, it
would never change for a given network (unless the SSID/name changed).
In the future we would like to use this unique UUID to generate a
MAC per-SSID, and if that network is forgotten we also want the UUID
to change next time the network is connected to.

Rather than only using the file path, the mtime can also be fed into
the UUID generation. Since the mtime would be changed after forgetting
and re-adding a known network we will get a new UUID.

Now, whenever a known network is removed, we lookup the UUID we have
in network_info and remove that entry in the settings file and
sync the frequency file.
2019-09-16 13:48:48 -05:00
James Prestwood
f57b73898b knownnetwork: track/optimize UUID for known networks
The UUID was being generated every time we synced which is wasteful.
Instead we can track the UUID inside network_info and only generate
it once when needed.

Two new network_info APIs were added:
network_info_set_uuid
network_info_get_uuid

The setter is used when the frequency file is loaded. If a valid UUID
is found in the frequency file this UUID is set and used.

network_info_get_uuid will not just get the UUID, but actually generate
it if one has not been set yet. This will allow other modules to
get/generate the UUID if one has no been loaded from the frequency
file.
2019-09-16 13:39:41 -05:00
James Prestwood
96998a83c5 netdev: handle QoS Map IE/Frame
The QoS Map can come in either as a management frame or via the
Associate Response. In either case this IE simply needs to be
forwarded back to the kernel.
2019-09-13 17:29:39 -05:00
James Prestwood
74aa280b56 wiphy: set QoS bit in extended capabilities 2019-09-13 17:29:39 -05:00
James Prestwood
8d3b065022 wiphy: fix bits in extended capabilities
The extended capability bits were not being set properly inside
wiphy. Since we build the IE after the wiphy dump the first 2
bytes are the IE type and length. The way we were setting the bits
did not take this into account and were actually setting the
completely wrong bits.
2019-09-13 12:37:59 -05:00
James Prestwood
ef209c305b knownnetworks: make known frequencies its own module
The known frequency file was being loaded at the end of the known
networks initialization routine. This allowed all known networks
to be properly loaded, but since hotspot depends on known networks,
its initalization would be run afterwards meaning the frequency
loading would not have been finding any hotspot networks.

To fix this a new module was added inside known networks which
depends on hotspot. This means that first known networks will
initialize, then hotspot, then the frequency file would be loaded.
2019-09-12 12:55:30 -05:00
James Prestwood
4eaf93d26a knownnetworks: rework known frequencies
The current format for the .known_networks.freq file had a hidden
limitation of not being able to handle SSID's with some special
characters. Since the provisioning file path was used as the
group name the filename was limited to only characters supported
by l_settings groups, which conflicted with allowable SSID
characters.

Instead we can generate a unique UUID for each network and use
this as the group. For this particular case the group does not
really matter, so long as its unique. But we can utilize this unique
UUID for other purposes, including using it as a seed for changing
the MAC address per-connection in the future.

The .known_networks.freq file will now have the following format:

[<UUID>]
name=/path/to/provisioning/file
list= XXXX YYYY ZZZZ
2019-09-12 11:33:00 -05:00
James Prestwood
f5db4bfea8 network: sync frequencies per-network
The existing frequency syncing was done when IWD closes. Instead we
can sync as networks are connected to or promoted to known which
will keep the FS more up to date. This also allows hotspot networks
to use the known frequency file.
2019-09-12 11:32:50 -05:00
James Prestwood
9ed5fba57b knownnetwork: add known_network_frequency_sync
This API will sync the known frequencies of a network_info object
to disk. This will allow network to sync known frequencies as
known networks are added, rather that when IWD closes.

Since this will result in more frequent syncing that before, the
known_freqs settings pointer was moved globally in knownnetworks.c
as to only parse the file one time rather than on every sync.
2019-09-12 11:28:20 -05:00
James Prestwood
3dba205de1 hotspot: implement get_file_path op 2019-09-12 11:28:20 -05:00
James Prestwood
3b49a57bda knownnetworks: add get_file_path op
Gets the provisioning file path stored on disk
2019-09-12 11:27:38 -05:00
Denis Kenzior
0c7751485d ie: Always include RSN Capabilities bytes 2019-09-11 15:28:10 -05:00
Tim Kourt
0db5f59d07 peap: Send cleartext ACK to tunneled EAP-Success
Some of the EAP-PEAP server implementations seem to require a
cleartext ACK for the tunneled EAP-Success message similar to EAP-TLS
specification, instead of simply shutting down the tunnel like
EAP-PEAPv1 requires.

ACKing the tunneled EAP-Success seems also to work for implementations
which were relying on the tunnel close event.
2019-09-11 15:27:02 -05:00
Tim Kourt
692a15368c peap: Add debug statements 2019-09-11 13:23:46 -05:00
James Prestwood
d2162a7491 station: fix NAI realms leak
After the known network refactor this string list was no longer set
into the network object. Now it should be freed in all cases after
the search.
2019-09-11 11:55:25 -05:00
James Prestwood
6aeeb9eaad knownnetworks: check for valid info before calling op 2019-09-09 19:09:50 -05:00
James Prestwood
99483489bc module: print module name/error if it fails to start 2019-09-09 15:42:09 -05:00
James Prestwood
29a05eb402 storage: fix hotspot dir creation
create_dirs was dependent on the path ending in '/' to create the
full path. The hotspot code did not include a '/' at the end so
it was not getting created, which prevented the hotspot module
from initializing.
2019-09-09 15:42:09 -05:00
James Prestwood
2b27ec26a0 build: remove hotspot.h 2019-09-09 15:37:45 -05:00
James Prestwood
18ac43c8d8 hotspot: remove hs20_get_roaming_consortium 2019-09-09 15:37:27 -05:00
James Prestwood
cff08afd14 network: remove hotspot.h include 2019-09-09 15:37:17 -05:00
James Prestwood
45c059ccf8 station: use network_get_vendor_ies
Station was building up the HS20 elements manually. Now we can
use this new API and let network take care of the complexity
of building network specific vendor IEs.
2019-09-09 15:36:53 -05:00
James Prestwood
83cba4fb1f hotspot: implement 'get_vendor_ies'
This op builds up the vendor IEs required for hotspot 2.0. The
version, and optionally the RC are provided in order to correctly
build the HS20 Indication Element and RC Selection element.
2019-09-09 15:35:29 -05:00
James Prestwood
b2bfd58378 network: add network_get_vendor_ies
This is to encapsulate any vendor IE building required for certain
network types. Currently only hotspot requries this.
2019-09-09 15:34:45 -05:00
James Prestwood
bff0740829 knownnetworks: add get_vendor_ies operation
This will provide the hotspot module with enough info for it to
build the required vendor IEs to be provided with (Re)Association.
2019-09-09 15:33:54 -05:00
James Prestwood
689fd7b92b netdev: make vendor_ies const on netdev_connect() 2019-09-09 09:55:12 -05:00
James Prestwood
af46cc0ed2 knownnetworks: get matched RC on match_roaming_consortium
The HS20 module had its own getter for returning the matched roaming
consortium. Since we already have the network_info op for matching
we might as well return the matched RC rather than just a bool. This
allows the RC to be included in (Re)Association without the need for
a specific getter.
2019-09-09 09:44:15 -05:00
Marcel Holtmann
1104d69e29 build: Add StateDirectoryMode=0700 option to systemd service 2019-09-09 06:55:22 +02:00
Marcel Holtmann
41f865d4df build: Use NotifyAccess=main feature when running under systemd 2019-09-08 20:36:57 +02:00
Marcel Holtmann
e6a99f461a build: Start using CapabilityBoundingSet option from systemd 2019-09-08 20:26:49 +02:00
Marcel Holtmann
e9c39decda storage: Fix wrong format identifier for known frequencies file 2019-09-08 20:11:15 +02:00
Marcel Holtmann
71ae0bee9c build: Add StateDirectory= option to service files 2019-09-08 19:56:21 +02:00
Marcel Holtmann
49c4f46efc knownnetworks: Use storage_get_path to get storage directory 2019-09-08 19:21:07 +02:00
Marcel Holtmann
58d5fdf6c4 hotspot: Use storage_get_hotspot_path to get storage directory 2019-09-08 19:20:37 +02:00
Marcel Holtmann
8706be6698 storage: Add support for utilizing STATE_DIRECTORY environment 2019-09-08 19:19:34 +02:00
Marcel Holtmann
45d5c67cb4 main: Move storage directory creation into storage functionality 2019-09-08 18:24:23 +02:00
Marcel Holtmann
7e5ddb15d7 main: Remove --config command line option 2019-09-08 18:18:06 +02:00
Marcel Holtmann
351e21f7c7 build: Add ConfigurationDirectory= option to service files 2019-09-08 10:25:39 +02:00
Marcel Holtmann
4c841edfb5 main: Add support for CONFIGURATION_DIRECTORY environment variable 2019-09-08 10:22:36 +02:00
Denis Kenzior
8a0c148368 ie: Handle WPA1 elements with Capability fields 2019-09-05 21:13:10 -05:00
Henrik Stokseth
008fd6c87a ie: Fix WPA1 element parsing
The memset was done after setting the defaults when it should have been
done before.
2019-09-05 20:53:57 -05:00
Antonio Quartulli
8106d82b4e fast_transition: fix crash by parsing RSN IE only if present
When performing a fast transition to another OPEN network the RSN
element won't be there and therefore the bss->rsne is gonna be NULL.

Fix crash by not accessing the rsne member when performing a fast
transition to an AP that doe snot advertise any RSN IE.

Crash caught with gdb:

 src/station.c:station_transition_start() 186, target 34:8f:27:2f:b8:fc

 Program received signal SIGSEGV, Segmentation fault.
 handshake_state_set_authenticator_ie (s=0x555555626eb0, ie=0x0) at src/handshake.c:163
 163		s->authenticator_ie = l_memdup(ie, ie[1] + 2u);
 (gdb) bt
 #0  handshake_state_set_authenticator_ie (s=0x555555626eb0, ie=0x0) at src/handshake.c:163
 #1  0x0000555555561a98 in fast_transition (netdev=0x55555562fbe0, target_bss=0x55555561f4a0,
     over_air=over_air@entry=true, cb=0x55555556d5b0 <station_fast_transition_cb>) at src/netdev.c:3164
 #2  0x0000555555565dfd in netdev_fast_transition (netdev=<optimized out>, target_bss=<optimized out>,
     cb=<optimized out>) at src/netdev.c:3232
 #3  0x000055555556ccbd in station_transition_start (bss=0x55555561f4a0, station=0x555555617da0)
     at src/station.c:1261
 #4  station_roam_scan_notify (err=<optimized out>, bss_list=<optimized out>, userdata=0x555555617da0)
     at src/station.c:1444
 #5  0x0000555555579560 in scan_finished (sc=0x55555562bf80, err=err@entry=0, bss_list=0x55555561bd90,
     sr=0x555555626b30, wiphy=<optimized out>) at src/scan.c:1234
 #6  0x0000555555579620 in get_scan_done (user=0x555555618920) at src/scan.c:1264
 #7  0x00005555555abd23 in destroy_request (data=0x55555561b000) at ell/genl.c:673
 #8  0x00005555555ac129 in process_unicast (nlmsg=0x7fffffffc310, genl=0x55555560b7a0) at ell/genl.c:940
 #9  received_data (io=<optimized out>, user_data=0x55555560b7a0) at ell/genl.c:1039
 #10 0x00005555555a8aa3 in io_callback (fd=<optimized out>, events=1, user_data=0x55555560b840)
     at ell/io.c:126
 #11 0x00005555555a7ccd in l_main_iterate (timeout=<optimized out>) at ell/main.c:473
 #12 0x00005555555a7d9c in l_main_run () at ell/main.c:520
 #13 l_main_run () at ell/main.c:502
 #14 0x00005555555a7fac in l_main_run_with_signal (callback=<optimized out>, user_data=0x0)
    at ell/main.c:642
 #15 0x000055555555e5b8 in main (argc=<optimized out>, argv=<optimized out>) at src/main.c:519
2019-08-28 14:35:06 -05:00
James Prestwood
8500b60b13 network: fix issue with WSC not connecting
After wsc_store_credentials, wsc_try_credentials is called which
sets the PSK obtained via the protocol. After the known network
refactor network_settings_load was changed to depend on the
network_info->open() call. Since there is no known network for
this initial WSC connection this always fails and the PSK is not
set into the network object (and the connection is failed).

In this case if network_settings_load fails we can just create
an empty settings object to be filled later.
2019-08-28 13:06:40 -05:00
James Prestwood
fe9376c74f hotspot: use known_network_update
If the file was modified we no longer need to completely remove
and recreate the network_info.
2019-08-28 11:41:16 -05:00
James Prestwood
ab5e83014c knownnetworks: refactor to expose known_network_update
known_network_update was being used to both update and create known
networks as they appeared on the file system. Hotspot needs updating
capabilities so known_network_update was exposed and updated with
one major difference; it no longer can be used to create new known
networks. For creation, a new API was added (known_network_new)
which will create and add to the queue.
2019-08-28 11:40:14 -05:00
James Prestwood
a3a48da542 station: allow autoconnect to hotspot networks
Since hotspot networks may require ANQP the autoconnect loop needed to
be delayed until after the ANQP results came back and the network
objects were updated. If there are hotspot networks in range ANQP will
be performed and once complete autoconnect will begin for all networks
including hotspots. If no hotspots are in range autoconnect will
proceed as it always has.

Note: Assuming hotspots are in range this will introduce some delay
in autoconnecting to any network since ANQP must come back. The full
plan is to intellegently decide when and when not to do ANQP in order
to minimize delays but since ANQP is disabled by default the behavior
introduced with this patch is acceptable.
2019-08-28 11:27:09 -05:00
James Prestwood
d33b5357ed network: check info match for unsetting hotspot info
No need to check for matching if unsetting
2019-08-28 11:25:05 -05:00
James Prestwood
b4fb60b2c5 knownnetworks: remove redundant ops->remove()
The remove op was being called inside known_networks_remove, which only
gets called from L_DIR_WATCH events. In this case the actual provisioning
has already been removed. Calling remove() again causes the op
implementation to then try and remove the file that no longer exists.
2019-08-28 11:17:50 -05:00
Denis Kenzior
6a52590687 network: Fix incorrect comment 2019-08-28 11:17:50 -05:00
Marcel Holtmann
2dc785982d netdev: Check EXT_FEATURE_CQM_RSSI_LIST before sending CMD_SET_CQM 2019-08-28 08:36:20 +02:00
James Prestwood
5661e886d8 eap-wsc: fix valgrind warning
Valgrind does not like uninitialized bytes used in a syscall. In this
case the buffer is an out buffer but since valgrind doesn't know that
it complains. Initializing to zero fixes the warning:

Syscall param socketcall.sendto(msg) points to uninitialised byte(s)
    at 0x5162C4D: send (send.c:28)
    by 0x457AF4: l_checksum_update (checksum.c:319)
    by 0x43C03C: eap_wsc_handle_m2 (eap-wsc.c:842)
    by 0x43CD33: eap_wsc_handle_request (eap-wsc.c:1048)
    by 0x43A3A7: __eap_handle_request.part.0 (eap.c:266)
    by 0x41A426: eapol_rx_packet.part.12 (eapol.c:2262)
    by 0x41B536: __eapol_rx_packet (eapol.c:2650)
    by 0x407C80: netdev_control_port_frame_event (netdev.c:3542)
    by 0x407C80: netdev_unicast_notify (netdev.c:3684)
    by 0x4598C5: dispatch_unicast_watches (genl.c:899)
    by 0x4598C5: process_unicast (genl.c:918)
    by 0x4598C5: received_data (genl.c:1039)
    by 0x456452: io_callback (io.c:126)
    by 0x45569D: l_main_iterate (main.c:473)
    by 0x45576B: l_main_run (main.c:520)
  Address 0x1ffeffe290 is on thread 1's stack
in frame #2, created by eap_wsc_handle_m2 (eap-wsc.c:797)
2019-08-27 20:58:01 -05:00
Denis Kenzior
b3881b84c1 eapol: Propagate noencrypt and use it
We were not using or taking into account the noencrypt flag obtained
from the kernel via CONTROL_PORT events.  For the most part this still
worked as the kernel would never include NO_ENCRYPT flag (due to a bug).
However, this was actually incorrect and led to loss of synchronization
between the AP and STA 4-Way handshake state machines when certain
packets were lost and had to be re-transmitted.
2019-08-27 20:50:07 -05:00
Andrew Zaborowski
9a9ff9f2f3 eapol: Don't l_queue_remove from state_machines while destroying it
We do an l_queue_destroy(state_machines, eapol_sm_destroy) so don't
l_queue_remove from state_machines inside eapol_sm_destroy.
2019-08-23 09:32:57 -05:00
Andrew Zaborowski
fc4685abec eap-tls: Add ServerDomainMask config option
Allow users to provide a glob string that the contents of the server
certificate's subject DN should be matched against as a primitive
protection against rogue APs using certificates purchased from
commercial CAs trusted by the client.  If the network uses an AP
certificate emitted by a commerical CA and the clients are configured
to trust those CAs so that the client configurations don't have to be
updated when the AP renews its certificate, this new option can be used
to check if the CN in the AP certificate's DN matches the known domain
name.  This logic assumes that the commercial CAs provide enough
assurance that only the owner of the domain can buy a certificate with
that domain in the CN field.

The format of this option is similar to apple's TLSTrustedServerNames
and wpa_supplicant's domain_match/domain_suffix_match format, the exact
syntax is documented in ell/tls.c.
2019-08-23 09:30:24 -05:00
Denis Kenzior
0ebe960daf netdev: Use the RM Enabled Capability IE from wiphy 2019-08-23 09:11:51 -05:00
Denis Kenzior
01cfcabfb4 wiphy: Setup RM Enabled Capabilities in wiphy 2019-08-23 08:55:54 -05:00
James Prestwood
41740ceabc scan: only set Interworking if capable
Checks that the extended capabilities has the Interworking
bit set before adding the IE.
2019-08-21 17:34:43 -05:00
James Prestwood
20887dfe1a wiphy: explicitly set extended capability bits
Some capability bits are required by the spec to be set for
probe requests for certain features (HS20, FILS, FT). Currently
these features work as-is, but depending on the hardware we may
be in violation of the spec if we assume the correct bits are
set when we get the wiphy dump.

Just to be safe we can explicity set these capability bits.

There are also two ways the kernel exposes these capabilities.
Per-type or globally. The hardware may expose one, or both of
these capability arrays. To combat this we are now always
creating a per-type capability array for stations. If the
wiphy dump has not produced a per-type capability array we
now create one based off the global capability array. That
way we can always assume there is a capability array for a
station iftype.
2019-08-21 17:24:16 -05:00
James Prestwood
76b73a1cf5 util: add util_set_bit
Sets a single bit in a uint8_t * bit field
2019-08-21 17:24:16 -05:00
James Prestwood
dd2daa4961 scan: add Interworking to scan requests 2019-08-21 16:15:07 -05:00
James Prestwood
a9473df555 scan: add Extended Capabilities to scan requests
This will be seen in Probe Requests. More IEs can and should
be added here depending on the support in IWD. E.g. HS20 indication,
Interworking, HT/VHT IE's etc.
2019-08-21 16:15:07 -05:00
James Prestwood
0d0377ede7 knownnetworks: use get_name/get_type for dbus
The name/type on the dbus object will now refect the values
returned from the network_info ops
2019-08-21 14:16:08 -05:00
James Prestwood
313553aadd hotspot: require 'Name' value in provisioning file
In order to implement get_name/get_type we need some value for the name
of the hotspot network. For simplicity we now require a 'Name' value
be provided inside the hotspot provisioning file. Eventually this may
change (e.g. obtained via ANQP).
2019-08-21 14:16:08 -05:00
James Prestwood
a6a77ddc07 knownnetworks: add get_name and get_type ops 2019-08-21 14:16:08 -05:00
James Prestwood
894cde987d storage: util: remove unused APIs
Both util_timespec_compare and storage_network_get_mtime
are now unused.
2019-08-21 14:16:08 -05:00
James Prestwood
4f14e4bb42 hotspot: set connected_time on network_info 2019-08-21 14:16:08 -05:00
James Prestwood
6ff86abb41 knownnetworks: use l_path_get_mtime
Rather than using timespec directly, ELL has a convenient API
to get the elapsed microseconds as a uint64_t. This can then
be used with the other l_time_ APIs for comparison.

This patch removes timespec from network_info and updates
to use l_time_* API's for sorting.
2019-08-21 14:16:08 -05:00
Will Dietz
690c9c2045 manager: Fix build
Attached, but basically replace 2-argument call to l_genl_msg_new
with what seems rather likely was intended instead: l_genl_msg_new_sized.
2019-08-21 12:29:22 -05:00
Denis Kenzior
9f1875fd3d manager: Use split wiphy dumps 2019-08-20 18:04:27 -05:00
James Prestwood
ed08bc35a3 network: update hotspots on knownnetwork changes 2019-08-19 17:47:16 -05:00
James Prestwood
610ef41578 network: remove all hotspot related getter/setters 2019-08-19 13:59:01 -05:00
James Prestwood
7313d3bad7 network: remove hotspot specific settings loading
The hotspot module now uses network_info ops 'open'
2019-08-19 13:58:27 -05:00
James Prestwood
8242b7e9f3 station: add network_info after ANQP
Once ANQP is complete we can try matching the NAI realm with any
known networks.
2019-08-19 13:58:18 -05:00
James Prestwood
8910da5836 network: find hotspot network_info when adding BSS
When adding a BSS to a network: if it is hs20_capable and no
'info' has been set we attempt to search for a matching
network_info for this network.
2019-08-19 13:51:08 -05:00
James Prestwood
f4ef431e8d knownnetworks: add matching ops to network_info
These operations will allow the hotspot module to implement
matching HESSID, Roaming Consortium, and NAI realms. This offloads
the matching details into the hotspot module.
2019-08-19 13:46:01 -05:00
Denis Kenzior
0577662c5b hotspot: Simplify path generation 2019-08-19 13:43:56 -05:00
James Prestwood
912fae6b2d hotspot: convert to using network_info
The hotspot module will now keep its own network_info objects to
be registered with known networks.
2019-08-19 13:27:57 -05:00
James Prestwood
cb149fe380 network: add getter/setter for network_info 2019-08-19 13:27:48 -05:00
Tim Kourt
894548dfd4 netconfig: Uninstall addresses on interface removal 2019-08-19 13:23:44 -05:00
Tim Kourt
e3921193f9 netconfig: Move removal of DNSs out of IPv4 specific logic
This way resolve_remove can be called once per interface and
remove IPv4 and IPv6 addresses at once.

In addition, this allows to remove the IP addresses and DNS
servers within the same main loop cycle. This will allow iwd
to make an attempt to remove the DNS servers on shutdown of iwd.
2019-08-19 13:20:48 -05:00
James Prestwood
c4771c4c5d station: introduce station_network_foreach
Iterates all networks for a given station object.
2019-08-19 12:40:18 -05:00
James Prestwood
630c487534 knownnetworks: add known_networks_{add,remove}
These two API's have been added to allow hotspot to add its
own networks to the known network list. This will allow any
added networks to behave exactly like they do now, including
all the dbus and watchlist functionality.
2019-08-19 12:21:00 -05:00
Denis Kenzior
c91bbe42a0 network: Make sure to update seen_count 2019-08-16 11:08:05 -05:00
James Prestwood
68c819053b knownnetworks: add hotspot flag to network_info
Hotspot will start adding its own known networks and other modules
need a way of differentiating between the two network types.
2019-08-16 11:04:07 -05:00
James Prestwood
28f484ddb8 network: knownnetworks: introduce network_info_ops
The known network APIs all revolved around the ssid/security matching
to do any operations on the provisioning file. In the near future
hotspot provisioning files (managed by hotspot.c) will be incorporated
into the known network list. Since these hotspot files do not use the
ssid as the file name hotspot.c will need other ways of matching.

This patch adds network_info_ops to the network object. This ops
structure will hold function pointers which operate on network_info
rather than ssid/security. This will allow hotspot and known networks
to both register their own operation routines.

For now open, touch, sync, remove, free, and get_path were added.

Wrappers were added for accessing these operations outside of
knownnetworks.c.
2019-08-16 11:03:06 -05:00
James Prestwood
5caf8796cd knownnetworks: move network_info into knownnetworks 2019-08-16 10:58:25 -05:00
Tim Kourt
1921990acd network: Refactor debug statement
This way the outcome of the decision whether to ask for the
passphrase or not can be seen.
2019-08-16 10:57:22 -05:00
Denis Kenzior
ed8a4ab931 treewide: Make global variables static 2019-08-15 15:06:59 -05:00
Denis Kenzior
9d177a63b7 nl80211cmd: Add additional commands 2019-08-15 15:06:59 -05:00
Marcel Holtmann
42cd872994 eap: Make global variable static 2019-08-15 19:39:27 +02:00
Marcel Holtmann
f41d85112e eapol: Make global variables static 2019-08-15 19:32:37 +02:00
Marcel Holtmann
884dcbab92 eapol: Remove unused global variable 2019-08-15 19:31:54 +02:00
James Prestwood
04b786ed2c knownnetworks: fix style issue, use tabs 2019-08-12 13:35:38 -05:00
Denis Kenzior
2c30a2f7ff network: Rely on known_networks added event 2019-08-09 15:45:05 -05:00
Denis Kenzior
0e77bf1c39 network: Rely on known_networks removed event
Instead of having known_networks call network_info_forget_known, instead
rely on the newly introduced KNOWN_NETWORKS_EVENT_REMOVED
2019-08-09 15:45:02 -05:00
Denis Kenzior
4fc8bea0a2 network: Add a skeleton known networks watch 2019-08-09 14:56:49 -05:00
James Prestwood
e3e641dff9 knownnetworks: add watch API's
Modules can watch for known network addition and removal.
2019-08-09 14:56:49 -05:00
Denis Kenzior
227bcce40b network: Move known_frequency queue management
Isolate the known_frequency queue management to a function and place
that function in knownnetworks.c where it now belongs.  Since we no
longer have network_info objects for unknown networks, only frequencies
for known networks are tracked
2019-08-09 14:56:49 -05:00
Denis Kenzior
67eeb0386d network: Move network_info_match to knownnetworks.c 2019-08-09 14:56:49 -05:00
Denis Kenzior
0d7f591d4f network: Move network_info_free to knownnetworks.c 2019-08-09 14:56:49 -05:00
Denis Kenzior
37f71fe4e4 network: Remove the networks queue
networks queue was intended to share basic network information between
multiple adapters running simultaneously.  The network_info object was
also serving double duty to carry known network information.  This made
things overly complicated and really didn't result in much savings.
This setup also made managing hotspot networks challenging as we would
have ended up with multiple network_info objects for each known hotspot
network.

So get rid of the networks queue and the is_known bit from the
network_info structure.
2019-08-09 14:56:49 -05:00
Denis Kenzior
037ba92894 network: Store the security type in the network object 2019-08-09 14:56:49 -05:00
Denis Kenzior
f800279814 network: Store SSID in the network object
And use network_get_ssid whenever possible to make future
transformations easier.
2019-08-09 14:56:46 -05:00
Denis Kenzior
72a8f2888a network: Move network offset calculation
network_find_rank_index was used to find the offset of the selected
network_info among known networks so as to compute a modifier based on
the rankmod table.  Instead of using known_networks_foreach for this,
moove it to knownnetworks.c where it can be coded and optimized
separately.

For now provide a simple for loop implementation.
2019-08-09 01:11:49 -05:00
Denis Kenzior
2d65a0030e module: Introduce a basic module dependency framework 2019-08-07 16:33:19 -05:00
Denis Kenzior
cf58657b37 resolve: Add a missing l_free 2019-08-07 11:13:10 -05:00
Denis Kenzior
37987757e1 resolve: rename RESOLVCONF_PATH
Since it is no longer a define, switch to using lower-case letters
2019-08-07 11:09:50 -05:00
Denis Kenzior
f6bb911d2c resolve: Search more places for resolvconf exe
Some distros put resolvconf in /usr/sbin instead of /sbin.  Do not try
to hard-code the path and instead search for it in more places.
2019-08-07 10:57:11 -05:00
Denis Kenzior
e7f16775ac main: Don't try to queue if name request fails
This in fact allows multiple instances of iwd to run.
2019-08-04 04:49:24 -05:00
Denis Kenzior
30315cba0d station: Add some additional roaming debugs 2019-08-04 04:49:24 -05:00
Denis Kenzior
188e6d1237 netdev: Tweak debugging for SET_CQM 2019-08-04 04:49:24 -05:00
Marcel Holtmann
deee526b98 manager: Make default_if_driver_list static 2019-08-04 00:35:14 +02:00
Marcel Holtmann
16c489490c build: Fix issue with incorrect ReadWritePaths in unit files 2019-08-03 09:52:28 +02:00
Marcel Holtmann
30821979f6 netconfig: Use different includes that also work on older systems 2019-08-02 20:33:43 +02:00
Tim Kourt
18c339beab resolve: Add resolvconf as DNS manager
Enable the systems that use resolvconf as DNS manager to be
configurable by iwd.
2019-08-02 06:24:00 -05:00
James Prestwood
8053152730 wsc: fix station lookup by ifindex
The station was being lookup up using the wdev ID rather than the
interface index.
2019-08-02 02:23:05 -05:00
Matthias Schoepfer
4ae5c38be8 iwd.service.in: remove PrivateDevices=true
Previously, the option PrivateDevices=true disabled access to
/dev/rfkill, which lead to:
  'iwctl adapter phy0 set-property Powered {off|on}'
to fail.

This patch explicitly allows access to /dev/rfkill
2019-08-01 01:55:12 -05:00
James Prestwood
236211af60 rtnlutil: fix compiler error
src/rtnlutil.c: In function ‘rtnl_route_add’:
./ell/util.h:248:2: error: ‘rtmmsg’ may be used uninitialized in
	this function [-Werror=maybe-uninitialized]
2019-07-31 12:39:41 -05:00
Denis Kenzior
66b5541970 netconfig: make ROUTE_PRIORITY_OFFSET a uint32_t
Also move it up into the static variable block
2019-07-31 12:38:40 -05:00
Denis Kenzior
1fd0dbb74b netconfig: Store rtm_protocol value directly
Instead of using a flag ipv4_static, just store the value of the rtm
protocol directly inside netconfig object.  This allows us to simplify
the logic quite significantly and avoid repeating the conditional
expression needlessly
2019-07-31 04:38:54 -05:00
Tim Kourt
2eded67c62 netconfig: Install connected and gateway routes
The routes are installed as a result of a successful installation
of the IP addresses. The gateway is fetched with netconfig_ipv4_get_gateway
helper function according to the origin of the installed IP address.

The route priority offset can be set in main.conf. The default value
of 300 is used if the offset isn’t set.
2019-07-31 03:53:32 -05:00
Denis Kenzior
be5219883c rtnlutil: Simplify error handling 2019-07-31 03:53:01 -05:00
Tim Kourt
cce59ad7f1 rtnlutil: Add connected and gateway route API
The API allows to add connected and gateway routes to the main
routing table.

rtnl_route_ipv4_add_gateway() is equivalent to the following
example 'ip route' command:
ip route add default via 10.0.0.1 dev wlan0 proto dhcp src 10.0.0.2 metric 339

rtnl_route_ipv4_add_connected()  is equivalent to the following
example 'ip route' command:
sudo ip route add 10.0.0.0/24 dev wlan0 proto dhcp src 10.0.0.2 scope link

The 'ip route' output from the above commands looks as follows:

rtnl_route_ipv4_add_connected():
10.0.0.0/24 dev wlan0 proto dhcp scope link src 10.0.0.2

rtnl_route_ipv4_add_gateway():
default via 10.0.0.1 dev wlan0 proto dhcp src 10.0.0.2 metric 339
2019-07-31 03:49:35 -05:00
Tim Kourt
a91136d4b9 netconfig: Install\uninstall DNS addresses
The DNS addresses are installed as a result of a successful
installation of the IP addresses. The DNS lists are fetched
with netconfig_ipv4_get_dns helper function according to the
origin of the installed IP address.
2019-07-31 03:42:53 -05:00
Tim Kourt
372240fe8c netconfig: Refactor Install/Uninstall for IPv4 addresses 2019-07-31 03:42:01 -05:00
Tim Kourt
72e6598c6e netconfig: Switch IPv4 DHCP event handler to use ifaddr helper 2019-07-31 03:41:47 -05:00
Tim Kourt
10791d02aa netconfig: Remove no longer used static address loader
Note: there will be provided the separate helper functions for
fetching gateway and dns
2019-07-31 03:39:47 -05:00
Tim Kourt
a4a7f88ace netconfig: Refactor station state changed event logic
iwd reconfigures the wireless interfaces with respective
connection events. Each supported network protocol is
reconfigured. The address for each protocol is
selected as static or dynamic based on availability.
2019-07-31 03:38:19 -05:00
Tim Kourt
dd188bf97a netconfig: Add helper for IPv4 addresses
netconfig_ipv4_get_ifaddr helper function allows to fetch IPv4
addresses from static or dynamic sources. The origin of the addresses
is noted in 'ipv4_is_static' flag.
2019-07-31 03:35:51 -05:00
Tim Kourt
c13b0971bb netconfig: Add 'ipv4' to ipv4-specific function names 2019-07-31 03:27:38 -05:00
James Prestwood
30fc736b62 network: update several APIs to be const 2019-07-30 14:47:37 -05:00
James Prestwood
e2bed192f6 util: knownnetworks: move timespec_compare into util 2019-07-30 14:44:38 -05:00
James Prestwood
3f794a1f20 iwd: netdev: deprecate ControlPortOverNL80211
control_port_over_nl80211 should now be used instead.
2019-07-30 14:41:49 -05:00
James Prestwood
37369f1d5e iwd: station: deprecate ManagementFrameProtection
management_frame_protection should now be used instead.
2019-07-30 14:41:49 -05:00
James Prestwood
1fdea9b2d3 scan: station: parse HS20 version in scan results
For (Re)Association the HS20 indication element was passed exactly as
it was found in the scan results. The spec defines what bits can be
set and what cannot when this IE is used in (Re)Association. Instead
of assuming the AP's IE conforms to the spec, we now parse the IE and
re-build it for use with (Re)Association.

Since the full IE is no longer used, it was removed from scan_bss, and
replaced with a bit for HS20 support (hs20_capable). This member is
now used the same as hs20_ie was.

The version parsed during scan results is now used when building the
(Re)Association IE.
2019-07-24 00:22:46 -05:00
James Prestwood
6088c06507 ie: add parser/builder for hotspot indication element
The parser fully parses the IE and returns the version, Domain ID,
and PPS MO ID. This is meant to be used with an IE in scan results.

The builder only takes the version number, and assumes DGAF disabled,
and no Domain ID or PPS MO ID.
2019-07-24 00:13:27 -05:00
Tim Kourt
5478034eb7 network: Check for already connected network
Check if the requested network is already connected,
if so return success.
2019-07-23 17:19:12 -05:00
Tim Kourt
d0ee923dda station: Disconnect, if needed, on a new connection attempt
Previously, iwd used to throw net.connman.iwd.Busy when connection
attempt was made while connected. The new behavior allows iwd to
seamlessly disconnect from the connected network and attempt a new
connection.
2019-07-23 17:19:12 -05:00
James Prestwood
55491f5c02 network: add boolean for hs20 support
Since NAI realms, Roaming Consortium and HESSID are defined in 802.11,
they are not a guarentee that the network is Hotspot 2.0. The indication
element in addition to these IE's gives a better idea of Hotspot 2.0
support. Now, when a BSS is added this is_hs20 boolean will get set to
true if the HS20 IE was found in the BSS.

Now, if is_hs20 is set AND one of NAI realms, roaming consortium, or
HESSID is set we know this is a hotspot 2.0 network.
2019-07-21 15:17:05 -05:00
Denis Kenzior
46b85c00c1 netconfig: Use uint32 instead of unsigned int
For consistency, the type used to obtain the new length should be the
same as the passed in len parameter, which is uint32_t
2019-07-21 07:06:17 -05:00
Denis Kenzior
d8c058f25f netconfig: Use uint32_t len instead of int 2019-07-21 07:05:51 -05:00
Tim Kourt
18119537f7 netconfig: Unify static and dynamic addressing APIs 2019-07-21 07:05:15 -05:00
Tim Kourt
2d007a25b6 netconfig: Differentiate the origin of the addresses.
The origin of the addresses is later used with the route
installations for the convenience of the user.
2019-07-21 07:05:14 -05:00
Tim Kourt
1c7e803dbb rtnlutil: Add utility to DUMP ipv4 routes 2019-07-21 07:04:32 -05:00
Tim Kourt
83db65e929 rtnlutil: Add utility to extract route attributes 2019-07-20 06:51:46 -05:00
Tim Kourt
56670755c1 netconfig: Refactor rtnl error handling
Keep the rtnl destruction code in one place as it will have a
few more usages in the future.
2019-07-20 05:53:15 -05:00
James Prestwood
fd1a267313 scan: free hs20_ie 2019-07-18 23:35:35 -05:00
James Prestwood
0241fe81df sae: check minimum anti-clogging token size
It is possible for a zero-length anti-clogging token payload to cause
IWD to abort. If the length passed into sae_process_anti_clogging was
1, l_memdup would be called with a size of -1. This will cause malloc
to abort.

Fix this by checking for a minimum packet length and dropping the
packet if the length is too small.
2019-07-18 23:34:03 -05:00
Denis Kenzior
fe3858f738 station: Fix typo 2019-07-17 09:00:39 -05:00
James Prestwood
3c27528523 scan: station: add HS20 indication element to (Re)Association
The HS20 indication element should always be included during
(Re)Association per the spec. This removes the need for a
dedicated boolean, and now the hs20_ie can be used instead.
2019-07-16 21:14:41 -05:00
Denis Kenzior
4948bfac20 station: Add support for ProtocolVersion
ProtocolVersion in the EAPoL group can be used to force a particular
EAPoL version if the RADIUS server on a given network requires it
2019-07-16 12:00:45 -05:00
James Prestwood
a1699b1587 hotspot: add length check for roaming consortium
The hotspot spec specifically mentions the roaming consortium OI be
3 or 5 bytes long. This requirement also prevents potential buffer
overflows if the user were to configure a long roaming consortium OI.
2019-07-16 12:00:35 -05:00
Denis Kenzior
0f6d1ece78 eapol: Remove eapol_sm_set_protocol_version
Handshake state will now pick reasonable defaults
2019-07-15 21:45:58 -05:00
Denis Kenzior
d984c605f7 handshake: Add handshake_state_set_protocol_version 2019-07-15 21:45:12 -05:00
Denis Kenzior
f7e23b3512 eapolutil: Add 2010 EAP protocol version 2019-07-15 21:24:05 -05:00
Denis Kenzior
7ba4f53c57 scan: Make sure to reset triggered for aborted scans
If the scan was triggered and later aborted, make sure to reset the
triggered value when the CMD_NEW_SCAN_RESULTS event comes in.

src/station.c:station_enter_state() Old State: disconnected, new state: connecting
src/scan.c:scan_notify() Scan notification 33
src/station.c:station_netdev_event() Associating
src/scan.c:scan_notify() Scan notification 34
Aborting (signal 11) [/home/denkenz/iwd-master/src/iwd]
++++++++ backtrace ++++++++
 #0  0x7efd4d6a2ef0 in /lib64/libc.so.6
 #1  0x42b20d in scan_notify() at src/scan.c:1383
2019-07-15 15:58:03 -05:00
Denis Kenzior
5ff23af29e scan: Add extra scan_cancel debugs 2019-07-15 14:53:47 -05:00
James Prestwood
2c19085ccd anqp: move ANQP parsers into anqputil
This allows monitor to use the ANQP parser utils without depending
on netdev.
2019-07-15 14:53:44 -05:00
Tim Kourt
6efc94ff5a resolve: Fix message argument
Previously, the argument was incorrectly passed by reference
instead of by value.
2019-07-15 14:06:26 -05:00
Denis Kenzior
f557c7e6cd treewide: Use nl80211cmd_to_string
Using integer ids for event notifications received was hard to debug.
Use the nl80211cmd_to_string function to prettify these.
2019-07-15 14:06:26 -05:00
Denis Kenzior
bb61e971e5 nl80211cmd: Introduce new utility 2019-07-15 14:06:26 -05:00
James Prestwood
090ac03100 ie: expose vendor OUIs
In the same fashion as the WSC WFA OUI, ie.[ch] will now expose the
other vendor OUIs to avoid duplication across multiple files in IWD
as well as used in iwmon.
2019-07-15 12:42:22 -05:00
Andrew Zaborowski
213d75b9bb scan: Process P2P IEs from scan results 2019-07-15 12:40:44 -05:00
Andrew Zaborowski
cf684fdfa1 scan: Add option to use the NO_CCK scan flag
P2P probe requests are to be sent at min 6.0 Mb/s using OFDM,
specifically the 802.11b rates are prohibited (section 2.4.1 in Wi-Fi
P2p Technical Spec v1.7), some of which use CCK modulation.  This is
already the default for 5G but for 2.4G the drivers generally do this
if we set the NL80211_ATTR_TX_NO_CCK_RATE flags with
NL80211_CMD_TRIGGER_SCAN.
2019-07-15 11:36:34 -05:00
James Prestwood
85131f4827 hotspot: make hotspot dir not hidden 2019-07-15 11:13:55 -05:00
James Prestwood
8bcb8e870e ie: fix incorrect length check for hotspot indication
The length check was incorrectly assuming that PPS MO ID or
ANQP Domain ID would be present in the IE. Both these are optional
and without then the minimum length is 5 bytes, not 7.
2019-07-12 18:51:57 -05:00
James Prestwood
993d9cbf6b station: check hs20_capable first before ANQP
If a BSS is not a hotspot 2.0 BSS then there is no reason to bother
checking configuration files.
2019-07-12 18:51:36 -05:00
James Prestwood
b406a57ca4 station: anqp: add more debug logging 2019-07-12 16:41:56 -05:00
James Prestwood
7286a12240 station: build roaming consortium IE for netdev_connect
Per the hotspot 2.0 spec, if a matching roaming consortium OI is
found it should be added to the (Re)Association request. vendor_ies
can now be provided to netdev_connect, which get appended to the IE
attribute.
2019-07-12 16:13:50 -05:00
James Prestwood
f57ba70235 netdev: Allow to send extra vendor IEs when connecting 2019-07-12 16:13:01 -05:00
James Prestwood
79a9fdf123 hotspot: add API to get a matching roaming consortium
This API will attempt to find a matching roaming consortium OI
if present in the config file. A single matching OI is returned
or NULL if one was not found.
2019-07-12 14:13:25 -05:00
James Prestwood
27d670f432 hotspot: allow roaming consortium OI matching
Hotspot 2.0 network providers allow 'roaming' between a users home
network and other providers networks, assuming they are part of the
same roaming consortium. The roaming consortium is advertised as an
IE in beacon/probe frames.

In terms of the hotspot config files this is similar to HESSID, where
if the AP advertises the roaming consortium IE, and the config file
matches we do not need to do ANQP in order to connect.
2019-07-12 14:10:57 -05:00
James Prestwood
aeae6abcbb network: add roaming consortium IE to network object
This is duplicated when the first scan_bss is added to a network
object that contains the IE. Any future BSS's added will not re-add
the IE. Its assumed that all BSS's under a network will contain the
same roaming consortium OIs.
2019-07-12 14:05:36 -05:00
James Prestwood
9dcb6946c5 scan: parse roaming consortium IE 2019-07-12 14:03:36 -05:00
James Prestwood
ac933ad966 ie: add parsing/building for roaming consortium
Parses up to 3 (the max) roaming consortium OIs out of the roaming
consortium IE. If more OIs are available via ANQP the 'num_anqp_out'
value will be set to indicate how many more OIs are available.

Builds according to the hotspot 2.0 spec using the vendor specific
IE.
2019-07-12 14:02:18 -05:00
Eduardo Abinader
094a9ecdfa main: print version arg 2019-07-12 09:36:34 -05:00
Denis Kenzior
de131b54b8 netdev: Use RRM & send RM Enabled Capabilities IE
If supported by the wiphy and if the target AP supports Radio Management
capability, then send the relevant IE and set the USE_RRM flag on
nl80211
2019-07-10 17:01:31 -05:00
Denis Kenzior
fcb2d123bc netdev: Send extended capabilities IE on connect 2019-07-10 17:01:31 -05:00
Denis Kenzior
37610cf868 wiphy: Parse driver extended capabilities 2019-07-10 17:01:31 -05:00
Denis Kenzior
eb86da3b4b wiphy: Add wiphy_rrm_capable 2019-07-10 16:46:29 -05:00
Denis Kenzior
7b48da5df2 ie: Update Capability field defines 2019-07-10 16:46:05 -05:00
Andrew Zaborowski
14a1e322b4 p2putil: Builders for P2P action frames 2019-07-08 22:08:36 -05:00
Andrew Zaborowski
cd3c0ad155 p2putil: Builders for management frames P2P payloads 2019-07-08 22:08:15 -05:00
Andrew Zaborowski
67f91605eb p2putil: Parsers for P2P action frames
Add parsers for P2P-related Action frames and Public Action frames.
2019-07-08 22:04:12 -05:00
Andrew Zaborowski
81d17b3d43 p2putil: Parsers for management frames P2P payloads 2019-07-08 22:03:53 -05:00
Andrew Zaborowski
1f637cb054 p2putil: Add P2P frame type structures and utilities
Declare structures to hold the parsed contents of the P2P IEs and WSC
IEs in P2P-related frames and add functions to free memory used by
those structures.
2019-07-08 22:03:20 -05:00
Andrew Zaborowski
42c7ab0bae p2putil: Add P2P attribute parsers
Define structs and types for most P2P attributes and p2p_parse_attrs
similar to wsc_parse_attrs -- a generic parser for attributes in a P2P
IE payload.  This parser may write into the provided buffer even on
error but it's private to p2putil.c.  The local callers will take care
of keeping the user-provided buffers untouched on error.
2019-07-08 21:39:59 -05:00
Andrew Zaborowski
614fc0261f p2putil: Add P2P-related declarations and iterator
Add enums defining the values from the spec that we're going to be using
and add an iterator for P2P payload attributes similar to wsc_attr_iter.
2019-07-08 13:58:35 -05:00
Andrew Zaborowski
79dd14cb24 wscutil: Add wsc_build_p2p_attrs
Add a utility for building the simplified WSC IEs used in P2P action
frames and public action frames.  Only three types of WSC attributes are
mandatory in those frames (but different subsets are needed by different
frame types) so add a single utility for building those IEs.  We may
need to add some more optional attributes to those IEs later.
2019-07-08 13:46:53 -05:00
Andrew Zaborowski
cc913a6ff6 wscutil: Make wsc_parse_attrs public for P2P 2019-07-08 13:45:54 -05:00
Andrew Zaborowski
f8a51fe4c1 wscutil: Make the primary device type parser public
The P2P IE parsers can take advantage of this function
2019-07-08 13:43:24 -05:00
Andrew Zaborowski
5a40c49c44 mpdu: Validate action frame minimum length
Action frames must at least have the Category byte
2019-07-08 13:42:22 -05:00
Andrew Zaborowski
3bd265e02f ie: Add ie_tlv_encapsulate_p2p_payload 2019-07-08 13:41:18 -05:00
Andrew Zaborowski
5cb07ff116 ie: Add ie_tlv_extract_p2p_payload 2019-07-08 13:37:47 -05:00
Andrew Zaborowski
b3a395091d scan: Switch all uses of ifindex to wdev_id
The ifindex is used to index the netdevs in the system (wlan, ethernet,
etc.) but we can also do wifi scanning on interfaces that have no
corresponding netdev object, like the P2P-device virtual interfaces.
Use the wdev id's to reference interfaces, the nl80211 api doesn't care
whether we use a NL80211_ATTR_IFINDEX or NL80211_ATTR_WDEV.  Only
wireless interfaces have a wdev id.
2019-07-08 11:53:00 -05:00
Andrew Zaborowski
ec60b51d01 scan: Fix sc->get_scan_cmd_id logic
Save the actual cmd_id returned from l_genl_family_dump and zero it in
the get_scan_done.  There's no need to zero it in scan_cancel because
get_scan_done gets called automatically.
2019-07-08 11:30:51 -05:00
Andrew Zaborowski
5223dee050 scan: Reference scan_context directly from scan_results
Store the scan_context pointer in scan_results directly instead of
storing the ifindex.  We now cancel ongoing GET_SCAN commands when the
scan_context is being freed so there's no point going through the extra
step of looking up the scan_context by ifindex inside the command
callback to guard against non-existent scan_contexts.
2019-07-08 11:23:21 -05:00
Andrew Zaborowski
8cada9d1fc netdev: Add netdev_get_wdev_id 2019-07-08 11:19:32 -05:00
Tim Kourt
bc45f98f36 resolve: systemd reset DNS names for interface 2019-07-03 17:10:24 -05:00
James Prestwood
5ca3c4495e resolve: fix crash in resolve_exit
method.ops is NULL, which causes method.ops->exit to crash. This
adds a check that method.ops is not NULL before dereferencing.

Fixes:

Aborting (signal 11) [/home/jprestwo/iwd/src/iwd]
++++++++ backtrace ++++++++
0  0x7f016b59cf20 in /lib/x86_64-linux-gnu/libc.so.6
1  0x432057 in resolve_exit() at /home/jprestwo/iwd/src/resolve.c:295
2  0x403b61 in iwd_modules_exit() at /home/jprestwo/iwd/src/main.c:195
3  0x7f016b57fb97 in /lib/x86_64-linux-gnu/libc.so.6
+++++++++++++++++++++++++++
2019-07-03 13:02:28 -05:00
James Prestwood
e8d91f15a1 hotspot: allow HESSID without NAIRealmNames
The original idea was to allow the provisioning file to include HESSID
without the NAIRealmNames. Configuring this way would allow for ANQP
to be skipped completely, assuming the AP advertises its HESSID.

The way the code was written still required NAIRealmNames to be
provided in the provisioning file.
2019-07-03 13:02:28 -05:00
Tim Kourt
25ec69b358 resolve: systemd set DNS names 2019-07-02 19:12:49 -05:00
Tim Kourt
c1a1828872 resolve: Add systemd plugin skeleton
Systemd plugin is using systemd-resolved Dbus service to
manage the address resolution entries.
2019-07-02 19:11:52 -05:00
Tim Kourt
01fe343825 resolve: Add framework for resolution services
The framework enables the service specific implementations
to provide its own variations for the DNS installation tasks.
The selection of the address resolution service can be done
through dns_resolve_method setting.
2019-07-02 19:11:14 -05:00
Tim Kourt
20466cd735 resolve: Introduce resolve module
The module is responsible for the configuration of the address
resolution services. It will consist of the multiple service
specific plugins such as: systemd-resolved plugin, dnsmasq
plugin, etc.
2019-07-02 19:09:57 -05:00
Denis Kenzior
bd4446070f manager: Create interfaces with a random mac
If supported by the driver, we can create an interface directly with a
random MAC if configured to do so.  If the driver does not have this
capability, then tell netdev to perform the necessary logic as part of
the interface initialization procedure.
2019-07-02 15:47:05 -05:00
Denis Kenzior
8b375e1b28 netdev: Add logic to randomize address on creation 2019-07-02 15:47:05 -05:00
Denis Kenzior
ec38545a68 rtnlutil: Add utility to set MAC address 2019-07-02 15:47:05 -05:00
Denis Kenzior
f4402ef56e wiphy: Add wiphy_generate_random_address 2019-07-02 15:47:05 -05:00
Denis Kenzior
f72d9c2999 wiphy: Add wiphy_get_name 2019-07-02 15:47:05 -05:00
Denis Kenzior
209cdce51c hotspot: Fix crash
#0  0x7f5e25e71930 in /lib64/libc.so.6
 #1  0x446faa in hs20_config_free() at src/hotspot.c:63
 #2  0x469542 in l_queue_clear() at ell/queue.c:109
 #3  0x4694e7 in l_queue_destroy() at ell/queue.c:83
 #4  0x4475c1 in hotspot_exit() at src/hotspot.c:273
 #5  0x403170 in iwd_modules_exit() at src/main.c:195
 #6  0x404085 in main() at src/main.c:531
 #7  0x7f5e25e5cbde in /lib64/libc.so.6
2019-07-02 15:47:05 -05:00
Denis Kenzior
1c22847cf2 wiphy: Obtain permanent mac address from sysfs 2019-07-02 15:47:05 -05:00
Denis Kenzior
1e9f9e61f1 wiphy: Remove unused regulatory query / notifications
Regulatory domain management is now completely handled by the kernel, so
iwd doesn't really need to query or be aware of changes to this.  This
may change in the future, but for now this code has not been used and
can be safely gotten rid of.
2019-07-02 15:47:05 -05:00
Denis Kenzior
6414be86db wiphy: Remove protocol features query
We run on newer kernels which are guaranteed to have split wiphy dump
support.  So no point in actually querying this.
2019-07-02 15:47:05 -05:00
James Prestwood
8c0e1f62fc network: allow connections to hotspot networks 2019-06-26 23:16:38 -05:00
James Prestwood
23a7a5a614 station: allow connections to Hotspot networks
After a scan, station can now pause future scans and start ANQP requests
to discover Hotspot's NAI realm. This lets us check if the AP's NAI realm
matches any stored hotspot configuration files. If so we can connect to
this network. If the network provides an HESSID and a matching one is
found in a hotspot provisioning file we can skip ANQP and directly connect
as this is expected to be our 'home network'
2019-06-26 23:16:23 -05:00
James Prestwood
99ce41b405 netdev: remove anqp_request functionality 2019-06-26 23:09:49 -05:00
James Prestwood
3979785703 main: add anqp_init/exit 2019-06-26 23:09:47 -05:00
James Prestwood
0bde59ca13 anqp: move request functionality into anqp.c
The actual ANQP request was handled by netdev, but in the case of P2P
their may be no netdev. For this reason all functionality needed for
an ANQP request has been moved into anqp.c. There are still a few netdev
references, which need to be removed when P2P is introduced. Leaving them
in for now as its still going to work as a first pass implementation
2019-06-26 23:09:23 -05:00
James Prestwood
be9e926c6a nl80211util: move CMD_FRAME builder into nl80211util
This will be needed outside of netdev
2019-06-26 22:52:56 -05:00
James Prestwood
3d1f1eb21c main: create .hotspot directory if it does not exist 2019-06-26 14:29:48 -05:00
James Prestwood
537fcd12ca anqp: rework NAI Realm parsing
The initial ANQP parser design did not work well with how the hotspot
implementation was turning out. For one, much care was taken into parsing
the EAP credentials which are not really required. The assumption is
that any hotspot network will already be provisioned, so checking that
the EAP parameters match is a bit overkill. Instead only the NAI Realms
will be checked. This greatly simplifies the NAI realm parser, as now it
can just return a string list of realms instead of the full EAP
credential info.
2019-06-26 14:28:07 -05:00
James Prestwood
a5f2710d05 hotspot: add hotspot module
This module will be in charge of managing Hotspot provisioning files
stored under the .hotspot/ directory. This includes a dir watch to
handle file changes/removal as well as an API to match a network
object to a hotspot provisioning file.
2019-06-26 14:25:11 -05:00
James Prestwood
701a5cc41e network: store HESSID and NAI Realms in network object
Hotspot networks are supposed to include an HESSID in the scan
results. This is more or less an identifier for the overall
network. In addition, the NAI Realms can be obtained via ANQP
and should be the same for each BSS. Since both HESSID and NAI
realms should be the same for a given network in range we can
store these values in the network object itself. This also allows
us to easily find hotspot configuration files by looking at
the HESSID/NAI Realms directly in the network object as opposed
to individual scan_bss's.
2019-06-26 13:23:22 -05:00
James Prestwood
d63c8290a9 scan: add suspend/resume scan APIs
In order to do ANQP efficiently IWD needs the ability to suspend scanning
temporarily. This is because both scanning and ANQP go offchannel and must
remain off channel for some amount of time. This cannot be done
simultaneously and if e.g. ANQP is requested after a scan is already
pending, the kernel will wait till that scan finishes before sending out
the frame.
2019-06-26 13:09:48 -05:00
James Prestwood
45130ec5ee scan: parse interworking element 2019-06-26 13:07:24 -05:00
Denis Kenzior
f0848cc44a rtnlutil: Don't use explicit_bzero
Use memset instead.  explicit_bzero should only be used when we're
wiping a secret just prior to the encopassing storage being freed.  The
compiler would usually optimize away the memset, leaving the secrets
around.

In rtnlutil we're simply zeroing the structure prior to filling it, so
the use of explicit_bzero is not needed and brings confusion to the
reader since no secrets are being wiped.
2019-06-26 10:43:38 -05:00
Tim Kourt
0706a357a4 station: Integrate netconfig into station creation and removal 2019-06-26 10:40:59 -05:00
Tim Kourt
56e4dc549a netconfig: Enable config. with static IPv4 addresses 2019-06-26 10:39:50 -05:00
Tim Kourt
d80d1d5f1a netconfig: Implement address installation and removal 2019-06-26 10:38:14 -05:00
Tim Kourt
6aabd80051 rtnlutil: Utils to Add/Remove IPv4 addresses 2019-06-26 10:36:59 -05:00
Tim Kourt
b70ff5d091 netconfig: Add station state watch
netconfig is interested in three station states: connected,
disconnected and connected after it has roamed. On connected
it tries to obtain a new DHCP lease, on disconnected it stops
the DHCP client and discards all addresses from interface, on
connected after roaming it will try to request a previously
issued address.
2019-06-26 10:34:35 -05:00
Tim Kourt
3d40f3a38b netconfig: Introduce IPv4 DHCP client
The client is used to obtain and configure the dynamic IPv4
addresses for the network.
2019-06-26 10:28:18 -05:00
Tim Kourt
1368851611 netconfig: Obtain all currently assigned IPv4 addresses 2019-06-26 10:27:27 -05:00
Tim Kourt
9b0838d07c netconfig: Subscribe for IPv4 link address notifications
iwd keeps track of the addresses assigned to the managed
interfaces. The list of assigned IPv4/IPv6 addresses is stored
in ifaddr_list inside of netconfig. The tracking of the IP
addresses will help to remove them from an interface once they
are no longer valid.
2019-06-26 10:27:00 -05:00
Tim Kourt
f3f343c04b rtnlutil: Add parser for ifaddrmsg struct
Its purpose is to extract interface label, ip, and
broadcast addresses out of ifaddrmsg rntl message.
2019-06-26 10:26:26 -05:00
Tim Kourt
4e3e1fbf60 netconfig: Introduce netconfig module
netconfig module will be responsible for the orchestration
of the network configuration with the IP addresses.

iwd creates one netconfig structure per interface index.
The purpose of this struct is to hold all of the interface
related addressing states such as: assigned dhcp
clients, known addresses, routes, etc.
2019-06-26 10:25:57 -05:00
Denis Kenzior
397699c9c5 manager: Fix memory leak 2019-06-21 12:22:48 -05:00
James Prestwood
2fd58141a4 scan: fix formatting in scan.h
Replaced two 8-spaced indentation to tabs.
2019-06-18 13:29:27 -05:00
James Prestwood
baf6b3ee4d netdev: optimize GAS request timeout
A not-yet-merged kernel patch will enable the FRAME_WAIT_CANCEL
event to be emitted when a CMD_FRAME duration expires. This can
shortcut the ridiculously long timeout that is required making
GAS requests with no response drastically quicker to handle.
2019-06-14 17:42:13 -05:00
James Prestwood
1e33eaa072 scan: free osen IE 2019-06-14 17:41:57 -05:00
James Prestwood
3a8b9a5d0c netdev: support basic ANQP requests
This adds a new API netdev_anqp_request which will send out a GAS
request, parses the GAS portion of the response and forwards the
ANQP response to the callers callback.
2019-06-14 17:40:39 -05:00
James Prestwood
bed116e319 scan: add new hs20_capable member to scan_bss
If the BSS is Hotspot 2.0 capable this will get set
2019-06-14 16:24:38 -05:00
James Prestwood
cb8d592b13 scan: parse Advertisement Protocol Element
This IE tells us what Advertisement Protocols the AP supports. This
is only here to look for ANQP support, so all this does is iterate
through all other Advertisement Protocol tuples looking for ANQP.
If found, anqp_capable is set in the scan_bss
2019-06-14 16:22:36 -05:00
Denis Kenzior
b8d60bb848 anqp: Fix l_strlcpy usage 2019-06-14 16:22:22 -05:00
James Prestwood
2ce5277f6d anqp: added utility for parsing ANQP responses
Currently these are geared to support the WiFi Alliance Hotspot 2.0
ANQP elements, which all fall under the vendor specific ANQP element.

anqp_iter_next behaves similar to the genl parsers, where the id, length
and data will be returned as out parameters. Currently there is only
vendor support for Hotspot 2.0. anqp_iter_is_hs20 can be used to setup
the subtype, length, and data pointer to parse any Hotspot 2.0 ANQP
elements. From here the subtype can be checked and a vendor specific
parser for that subtype can be used to parse the data, e.g.
hs20_parse_osu_provider_nai.
2019-06-14 16:09:29 -05:00
James Prestwood
77a6b49803 wiphy: parse OFFCHANNEL_TX_OK attribute
The wiphy can indicate if it supports sending offchannel frames. This
allows us to bail out of a Hotspot connection early if this is not
supported.
2019-06-14 13:33:35 -05:00
James Prestwood
e38cbcd31b station: support OSEN IE setting in handshake
The check for MFP is now skipped for OSEN as it should not be set for
this AKM.
2019-06-10 18:25:01 -05:00
James Prestwood
c62ca4e185 scan: update vendor specific IE parsing to handle WFA
The vendor specific IE was being parsed only to check if the AP supported
WPA, which used a Microsoft OUI. Hotspot/OSEN uses neither WPA or RSN
(although its nearly identical to RSN) so the we also need to check for
this Wifi-Alliance OUI and set bss->osen (new) if found.
2019-06-10 18:23:21 -05:00
James Prestwood
d3baec4eee eapol: add eapol_find_osen
The OSEN AKM uses the vendor specific IE, so when finding the RSNE
element we need to handle it specially to ensure that its both
a vendor specific element and it matches the WFA OUI since other
vendor specific elements may be included.
2019-06-10 18:22:44 -05:00
James Prestwood
058d65c686 handshake: handle OSEN AKM when setting IEs 2019-06-10 18:21:57 -05:00
James Prestwood
b09dbcd5ac ie: add parser/builder to handle OSEN
The OSEN AKM is nearly identical to the RSN IE, but differs slightly.
For one, OSEN is encapsulated into the vendor specific IE, and includes
the WFA OUI before the 'normal' RSN elements. OSEN also does not include
a WPA version, since its not technically WPA/WPA2.

Some of the RSN parsing was made common so both RSN/OSEN parsing could
use it.
2019-06-10 18:03:10 -05:00
James Prestwood
08a3775821 station: fix compiler error after bss_free change 2019-06-10 15:19:11 -05:00
James Prestwood
0ec9618b5f station: remove print in bss_free
In environments with many APs, the debug log is spammed with this print,
which isn't particularly useful to the average user.
2019-06-10 14:15:02 -05:00
James Prestwood
039ae3659b eapol: handshake: add OSEN AKM
The handshake procedure for OSEN is part of the 'AKM_DEFINED' group
of AKMs.
2019-06-07 17:10:49 -05:00
James Prestwood
5d3b37e2e4 ie: add is_ie_wfa_ie
This checks if an IE tagged as vendor specific is a WiFi-Alliance
OUI. This is similar to how is_ie_wpa_ie works.
2019-06-07 16:15:09 -05:00
James Prestwood
2e0fed3d77 ie: add IE_RSN_AKM_SUITE_OSEN 2019-06-07 16:15:07 -05:00
James Prestwood
75e6ee98f3 handshake: simplify IE setters
The handshake object had 4 setters for authenticator/supplicant IE.
Since the IE ultimately gets put into the same buffer, there really
only needs to be a single setter for authenticator/supplicant. The
handshake object can deal with parsing to decide what kind of IE it
is (WPA or RSN).
2019-06-07 14:22:36 -05:00
James Prestwood
f6df93d358 crypto: add OSEN AKM
OSEN (OSU Server-Only authenticated layer 2 Encryption Network) is
required for the WiFi Alliance Hotspot Specification.
2019-06-07 14:22:33 -05:00
James Prestwood
6ee479f022 eap-tls: add new EAP method for Anonymous TLS
This adds the WiFi Alliance 'Anonymous TLS' EAP type.
2019-06-06 13:29:11 -05:00
James Prestwood
233804d7fc eap-tls-common: allow for EAP_TYPE_EXPANDED in TLS
The Hotspot 2.0 spec introduces 'Anonymous EAP-TLS' as a new EAP method
to be used with OSEN/Hotspot. The protocol details of this aren't
relevant to this patch, but one major difference is that it uses the
expanded EAP type rather than the TLS type. Since the common TLS code
was written with only EAP_TYPE_TLS in mind the vendor ID/type cause the
EAP packet to be malformed when using the expanded EAP type.

To handle this the common TLS code now checks the EAP type, and if its
expanded we shift the payload 7 bytes further to account for the extra
header data.
2019-06-06 13:29:11 -05:00
James Prestwood
f3ad319e59 ie: add advertisement protocol definitions
802.11 defines GAS (generic advertisement service) which can be used
to query supported advertisement protocols from an AP before
authentication/association. Hotspot/OSEN only care about the ANQP
protocol, but the way the IE is structured potentially requires
iterating through several tuples before you reach the ANQP protocol
identifier. Because of this we define all protocol identifiers.
2019-06-05 16:53:11 -05:00
Denis Kenzior
c80d32a162 ap: Convert to IWD_MODULE 2019-05-28 14:43:42 -05:00
Denis Kenzior
eeac3e8f40 adhoc: Convert to IWD_MODULE 2019-05-28 14:24:37 -05:00
Denis Kenzior
a9e3b3e906 scan: Convert to IWD_MODULE 2019-05-28 14:12:25 -05:00
Denis Kenzior
d74fcfd25c storage: Use L_TFR instead of TFR 2019-05-28 14:06:22 -05:00
Denis Kenzior
57748347b0 treewide: Use L_TFR macro 2019-05-24 11:52:40 -05:00
Denis Kenzior
865492df8c ft: Fix endianness issues
The use of mmpdu_association_response members marked as __le requires
the relevant endianness conversion.
2019-05-23 16:59:34 -05:00
Denis Kenzior
360ec1488d fils: Fix endianness issues
Using mmpdu_associate_response and mmpdu_authenticate structure
members marked __le requires the relevant endianness conversion.
2019-05-23 16:59:14 -05:00
Denis Kenzior
e53bd17992 owe: Fix endianness issues
Using mmpdu_associate_response structure members marked __le requires
the relevant endianness conversion.
2019-05-23 16:58:59 -05:00
Denis Kenzior
85bd019c85 sae: Fix endianness issues
The use of mmpdu_authentication and mmpdu_association_response members
marked as __le requires the relevant endianness conversion.
2019-05-23 16:56:45 -05:00
James Prestwood
628c079e55 station: netdev: allow FILS-FT AKMs
This adds some checks for the FT_OVER_FILS AKMs in station and netdev
allowing the FILS-FT AKMs to be selected during a connection.

Inside netdev_connect_event we actually have to skip parsing the IEs
because FILS itself takes care of this (needs to handle them specially)
2019-05-23 15:27:29 -05:00
James Prestwood
e583b1d243 fils: update to handle FILS-FT
FILS unfortunately is a special case when it comes to fast transition.
We have to process the FT IEs internally since we cannot trigger the
same initial mobility association code path (via netdev).
2019-05-23 15:26:34 -05:00
James Prestwood
5ca4fa9b9e wiphy: allow both FILS-FT AKMs to be chosen 2019-05-23 15:23:46 -05:00
James Prestwood
7f7a5c861d ft: update for larger MIC/FILS-FT 2019-05-23 15:23:46 -05:00
James Prestwood
1accf534dc ie: allow 24 byte FTE MIC
FT over FILS-SHA384 uses a 24 byte FT MIC rather than the 16 byte MIC
used for all other AKMs. This change allows both the FT builder/parser
to handle both lengths of MIC. The mic length is now passed directly
into ie_parse_fast_bss_transition and ie_build_fast_bss_transition
2019-05-23 15:23:08 -05:00
James Prestwood
4097a49669 eapol: add FILS-FT AKMs to eapol_start
This will prevent FILS-FT from starting the 4-way handshake as it
does for regular FILS
2019-05-22 16:29:23 -05:00
James Prestwood
5d2b995175 handshake: update FT derivation functions for FILS-FT
FILS-FT could derive a longer PMKR0/R1 key, as well as uses a special
xxkey that it derives during FILS.
2019-05-22 16:15:23 -05:00
James Prestwood
0e9ed03e60 handshake: update key getters for FILS-FT
FILS-FT is a special case with respect to the PTK keys. The KCK getter
was updated to handle both FT-FILS AKMs, by returning the offset in
the PTK to the special KCK generated during FILS. A getter for the KCK
length was added, which handles the SHA384 variant. The PTK size was
also updated since FILS-FT can generate an additional 56 bytes of PTK
2019-05-22 16:14:51 -05:00
James Prestwood
bc381bd8c3 crypto: update FT derivation functions to use sha384
FILS-FT requires the SHA384 KDF to derive the FT keys
2019-05-22 16:14:14 -05:00
James Prestwood
aafb3fa7ed handshake: add key for FILS-FT in handshake_state
FILS derives its own FT key, for use as xxkey during fast transition.
2019-05-22 16:14:01 -05:00
James Prestwood
e109e1b1cf crypto: pass xxkey length for crypto_derive_pmk_r0
FILS-FT has a special derivation for xxkey, and depending on AKM
the key may be 32 or 48 bytes long.
2019-05-22 16:13:57 -05:00
James Prestwood
4c32dd09f6 fils: add forgotten break 2019-05-22 16:13:08 -05:00
Denis Kenzior
03ff5ef7d0 device: Convert to using IWD_MODULE 2019-05-22 10:20:10 -05:00
Denis Kenzior
978e538f81 station: Convert to use IWD_MODULE 2019-05-22 10:20:10 -05:00
Denis Kenzior
23b278ef52 wsc: Convert to use IWD_MODULE 2019-05-22 10:20:10 -05:00
Denis Kenzior
4cfcb9c88d network: Convert to use IWD_MODULE 2019-05-22 10:20:10 -05:00
Denis Kenzior
800d57d095 knownnetworks: Convert to IWD_MODULE 2019-05-22 10:20:10 -05:00
Denis Kenzior
546c3c26d3 simauth: Convert to use IWD_MODULE 2019-05-22 10:20:08 -05:00
Denis Kenzior
b8f6899f40 blacklist: Convert to use IWD_MODULE 2019-05-22 09:58:04 -05:00
Denis Kenzior
a1d9c07f2f erp: Convert to using IWD_MODULE 2019-05-19 13:07:13 -05:00
Denis Kenzior
2386fa7938 main: Add IWD_MODULE macro 2019-05-19 13:05:06 -05:00
Denis Kenzior
8dced8b7f7 main: Update to the new genl api 2019-05-17 17:10:18 -05:00
Andrew Zaborowski
08ec88671a manager: Also delete interfaces without an ifindex, cleanup 2019-05-13 14:10:49 -05:00
Andrew Zaborowski
0b109c52b7 netdev: Add missing initialization
ifaddr is not guaranteed to be initialized, I'm not sure why there was
no compiler warning.  Also replace a | with a || for boolean conditions
and merge the wiphy check with that line.
2019-05-13 14:10:49 -05:00
Andrew Zaborowski
b86af171f0 netdev: Don't warn on genl messages not matching a netdev
This is going to be a normal situation when we start using interfaces
without an ifindex.
2019-05-13 14:10:49 -05:00
Andrew Zaborowski
925095f835 netdev: Drop remaining whitelist/blacklist code 2019-05-13 14:10:49 -05:00
Andrew Zaborowski
236dc14a3d station: Cancel the roam scan in station_free
We'd remove the roam timeout but not scancel the roam scan in
station_free, instead call station_roam_state_clear which does both
things.
2019-05-10 19:19:21 -05:00
Andrew Zaborowski
b560ca6173 scan: Make sure request is unqueued in scan_cancel
We were forgetting to handle the case of scan requests that are not at the
top of the queue.
2019-05-10 19:19:07 -05:00
Andrew Zaborowski
157d5f9f47 scan: Check if an external scan flushed intermediate results
When handling a scan finished event for a scan we haven't started check
that we were not halfway through a scan request that would have its
results flushed by the external scan.
2019-05-10 19:19:02 -05:00
Marcel Holtmann
51553415bd erp: Include src/missing.h for explicit_bzero 2019-05-10 11:06:52 +02:00
Marcel Holtmann
cab0bc29c4 sae: Include src/missing.h for explicit_bzero 2019-05-10 11:01:32 +02:00
James Prestwood
c0c8faf32f ft: netdev: station: support FT-over-DS
FT-over-DS is a way to do a Fast BSS Transition using action frames for
the authenticate step. This allows a station to start a fast transition
to a target AP while still being connected to the original AP. This,
in theory, can result in less carrier downtime.

The existing ft_sm_new was removed, and two new constructors were added;
one for over-air, and another for over-ds. The internals of ft.c mostly
remain the same. A flag to distinguish between air/ds was added along
with a new parser to parse the action frames rather than authenticate
frames. The IE parsing is identical.

Netdev now just initializes the auth-proto differently depending on if
its doing over-air or over-ds. A new TX authenticate function was added
and used for over-ds. This will send out the IEs from ft.c with an
FT Request action frame.

The FT Response action frame is then recieved from the AP and fed into
the auth-proto state machine. After this point ft-over-ds behaves the
same as ft-over-air (associate to the target AP).

Some simple code was added in station.c to determine if over-air or
over-ds should be used. FT-over-DS can be beneficial in cases where the
AP is directing us to roam, or if the RSSI falls below a threshold.
It should not be used if we have lost communication to the AP all
(beacon lost) as it only works while we can still talk to the original
AP.
2019-05-09 13:38:34 -05:00
James Prestwood
a432ceeee4 netdev: modify netdev_send_action_frame for ft-over-ds
To support FT-over-DS this API needed some slight modifications:

- Instead of setting the DA to netdev->handshake->aa, it is just set to
  the same address as the 'to' parameter. The kernel actually requires
  and checks for these addresses to match. All occurences were passing
  the handshake->aa anyways so this change should have no adverse
  affects; and its actually required by ft-over-ds to pass in the
  previous BSSID, so hard coding handshake->aa will not work.

- The frequency is is also passed in now, as ft-over-ds needs to use
  the frequency of the currently connected AP (netdev->frequency get
  set to the new target in netdev_fast_transition. Previous frequency
  is also saved now).

- A new vector variant (netdev_send_action_framev) was added as well
  to support sending out the FT Request action frame since the FT
  TX authenticate function provides an iovec of the IEs. The existing
  function was already having to prepend the action frame header to
  the body, so its not any more or less copying to do the same thing
  with an iovec instead.
2019-05-09 13:32:45 -05:00
James Prestwood
03807e12e1 ft: netdev: move Authenticate IE building into ft.c
Since FT already handles processing the FT IE's (and building for
associate) it didn't make sense to have all the IE building inside
netdev_build_cmd_ft_authenticate. Instead this logic was moved into
ft.c, and an iovec is now passed from FT into
netdev_ft_tx_authenticate. This leaves the netdev command builder
unburdened by the details of FT, as well as prepares for FT-over-DS.
2019-05-09 12:22:01 -05:00
Andrew Zaborowski
36c08b9508 manager: Disable touching interfaces for some drivers
Blacklist some drivers known to crash when interfaces are deleted or
created so that we don't even attempt that before falling back to using
the default interface.
2019-05-08 11:52:52 -05:00
Andrew Zaborowski
ac2eeab570 wiphy: Add wiphy_get_driver api
Read the driver name for each wiphy from sysfs if available.  I didn't
find a better way to obtain the driver name for a phy than by reading
the dir name that the "driver" symlink points at.  For an existing
netdev this can be done using the SIOCETHTOOL ioctl.
2019-05-08 11:52:25 -05:00
Andrew Zaborowski
7ce8d9d8b6 manager: Fix iteration over wiphy setup states
manager_interface_dump_done would use manager_create_interfaces() at the
end of the loop iterating over pending_wiphys.  To prevent it from
crashing make sure manager_create_interfaces never frees the pending
wiphy state and instead make the caller check whether it needs to be
freed so it can be done safely inside loops.
2019-05-08 11:52:14 -05:00
Andrew Zaborowski
8db47ed21d scan: Use scan requests for the periodic scans, refactor
Instead of having two separate types of scans make the periodic scan
logic a layer on top of the one-off scan requests, with minimum code to
account for the lower priority of those scans and the fact that periodic
scans also receive results from external scans.  Also try to simplify
the code for both the periodic and one-off scans.  In the SCAN_RESULTS
and SCAN_ABORT add more complete checks of the current request's state
so we avoid some existing crashes related to external scans.

scan_send_next_cmd and start_next_scan_request are now just one function
since their funcionality was similar and start_next_scan_request is used
everywhere.  Also the state after the trigger command receives an EBUSY
is now the same as when a new scan is on top of the queue so we have
fewer situations to consider.

This code still does not account for fragmented scans where an external
scan between two or our fragments flushes the results and we lose some
of the results, or for fragmented scans that take over 30s and the
kernel expires some results (both situations are unlikely.)
2019-05-08 11:31:02 -05:00
James Prestwood
ce7df37132 netdev: remove in_ft checks and set_use_eapol_start
In both netdev_{authenticate,associate}_event there is no need to check
for in_ft at the start since netdev->ap will always be set if in_ft is
set.

There was also no need to set eapol_sm_set_use_eapol_start, as setting
require_handshake implies this and achieves the same result when starting
the SM.
2019-05-07 15:50:05 -05:00
James Prestwood
567f35c32f netdev: ft: refactor FT into an auth-proto
Since FT operates over Authenticate/Associate, it makes the most sense
for it to behave like the other auth-protos.

This change moves all the FT specific processing out of netdev and into
ft.c. The bulk of the changes were strait copy-pastes from netdev into
ft.c with minor API changes (e.g. remove struct netdev).

The 'in_ft' boolean unforunately is still required for a few reasons:

 - netdev_disconnect_event relies on this flag so it can ignore the
   disconnect which comes in when doing a fast transition. We cannot
   simply check netdev->ap because this would cause the other auth-protos
   to not handle a disconnect correctly.
 - netdev_associate_event needs to correctly setup the eapol_sm when
   in FT mode by setting require_handshake and use_eapol_start to false.
   This cannot be handled inside eapol by checking the AKM because an AP
   may only advertise a FT AKM, and the initial mobility association
   does require the 4-way handshake.
2019-05-07 14:19:26 -05:00
James Prestwood
87346212c9 ft: rename ftutil to ft (prep for auth-proto)
Now the 'ft' module, previously ftutil, will be used to drive FT via
the auth-proto virtual class. This renaming is in preparation as
ftutil will become obsolete since all the IE building/processing is
going to be moved out of netdev. The new ft.c module will utilize
the existing ftutil functionality, but since this is now a full blown
auth protocol naming it 'ft' is better suited.
2019-05-07 14:09:08 -05:00
James Prestwood
d1286200e9 netdev: move connect completion into netdev_connect_event
The duplicate/similar code in netdev_associate_event and
netdev_connect_event leads to very hard to follow code, especially
when you throw OWE/SAE/FILS or full mac cards into the mix.
Currently these protocols finish the connection inside
netdev_associate_event, and set ignore_connect_event. But for full
mac cards we must finish the connection in netdev_connect_event.

In attempt to simplify this, all connections will be completed
and/or the 4-way started in netdev_connect_event. This satisfies
both soft/full mac cards as well as simplifies the FT processing
in netdev_associate_event. Since the FT IEs can be processed in
netdev_connect_event (as they already are to support full mac)
we can assume that any FT processing inside netdev_associate_event
is for a fast transition, not initial mobility association. This
simplifies netdev_ft_process_associate by removing all the blocks
that would get hit if transition == false.

Handling FT this way also fixes FT-SAE which was broken after the
auth-proto changes since the initial mobility association was
never processed if there was an auth-proto running.
2019-05-07 12:12:17 -05:00
Tim Kourt
e282d1fedf netdev: use rtnlutil for linkmode/operstate 2019-05-06 13:21:36 -05:00
Tim Kourt
5104e6752f rtnlutil: Introduce rtnl utility
The rtnl utility will encapsulate a collection of functions for rtnl ops.
2019-05-06 13:21:15 -05:00
James Prestwood
b0ef0a79a8 erp: zero keys on free 2019-05-03 14:53:57 -05:00
James Prestwood
08f2ccedee sae: netdev: update to use auth_proto concepts
SAE was a bit trickier than OWE/FILS because the initial implementation
for SAE did not include parsing raw authenticate frames (netdev skipped
the header and passed just the authentication data). OWE/FILS did not
do this and parse the entire frame in the RX callbacks. Because of this
it was not as simple as just setting some RX callbacks. In addition,
the TX functions include some of the authentication header/data, but
not all (thanks NL80211), so this will require an overhaul to test-sae
since the unit test passes frames from one SM to another to test the
protocol end-to-end (essentially the header needs to be prepended to
any data coming from the TX functions for the end-to-end tests).
2019-05-03 14:42:38 -05:00
James Prestwood
34a0f833a4 owe: netdev: update to use auth_proto concepts 2019-05-03 14:37:11 -05:00
James Prestwood
869cac4bec eapol: remove eapol_set_started, no longer needed 2019-05-03 14:37:11 -05:00
James Prestwood
8317b96e7d fils: netdev: update to use auth_proto concepts 2019-05-03 14:37:11 -05:00
Denis Kenzior
f0de2516ea erp: Return const void * instead 2019-05-03 14:17:17 -05:00
James Prestwood
8c11fdabcc erp: remove 'complete' callback
Since ERP is only used for FILS and not behaving in the 'normal' ERP
fashion (dealing with actual EAP data, timeouts etc.) we can structure
ERP as a more synchronous protocol, removing the need for a complete
callback.

Now, erp_rx_packet returns a status, so FILS can decide how to handle
any failures. The complete callback was also removed in favor of a
getter for the RMSK (erp_get_rmsk). This allows FILS to syncronously
handle ERP, and potentially fail directly in fils_rx_authenticate.
2019-05-03 14:11:57 -05:00
James Prestwood
d02c038a0d eapol: allow FILS to use eapol_start
A new eapol API was added specifically for FILS (eapol_set_started). Since
either way is special cased for FILS, its a bit cleaner to just check the
AKM inside eapol_start and, if FILS, dont start any timeouts or start the
handshake (effectively what eapol_set_started was doing).
2019-05-03 14:08:28 -05:00
James Prestwood
11443c03bc auth-proto: introduce auth-proto concept
This is a new concept applying to any protocol working over authenticate
and/or associate frames (OWE/SAE/FILS). All these protocols behave
similarly enough that they can be unified into a handshake driver
structure.

Now, each protocol will initialize this auth_proto structure inside
their own internal data. The auth_proto will be returned from
the initializer which netdev can then use to manage the protocol by
forwarding authenticate/associate frames into the individual drivers.

The auth_proto consists only of function pointers:

start - starts the protocol
free  - frees the driver data
rx_authenticate - receive authenticate frame
rx_associate - receive associate frame
auth_timeout - authenticate frame timed out
assoc_timeout - associate frame timed out
2019-05-03 13:53:50 -05:00
Andrew Zaborowski
7bc553e470 manager: Add use_default_if setting
If the setting is true we'll not attempt to remove or create
interfaces on any wiphys and will only use the default interface
(if it exists).  If false, force us managing the interfaces.  Both
values override the auto logic.
2019-05-02 10:47:45 -05:00
Andrew Zaborowski
06eb3bbf6a manager: Set state->use_default in manager_rx_cmd_new_wiphy
Make sure this gets set both when we discover a wiphy through a netlink
event in runtime, and when we dump all wiphys on startup.
2019-05-02 10:47:45 -05:00
Andrew Zaborowski
922f4a30dd netdev: Check connected when handling Associate
An unexpected Associate event would cause iwd to crash when accessing
netdev->handshake->mde.  netdev->handshake is only set if we're
attempting to connect or connected somewhere so check netdev->connected
first.
2019-05-02 10:37:30 -05:00
Andrew Zaborowski
2c33cf2b33 scan: Reset sp.timeout in destroy callback 2019-05-01 11:47:50 -05:00
Andrew Zaborowski
09e31282b3 scan: Drop check that always true 2019-05-01 11:45:41 -05:00
Andrew Zaborowski
32dc69ffab scan: Add static qualifiers, remove initializers 2019-05-01 11:45:25 -05:00
Marcel Holtmann
35743fa32a eap: Use l_malloc to avoid variable-length array bound is unknown error 2019-04-30 17:11:39 +02:00
James Prestwood
6ac189315a eapol: allow FILS PTK rekeys
As with FILS GTK rekeys, the PTK rekeys use AES-SIV to encrypt and
do not use a MIC
2019-04-26 16:06:53 -05:00
James Prestwood
83212f9b23 eapol: change eapol_create_common to support FILS
FILS needs to allocate an extra 16 bytes of key data for the AES-SIV
vector. Instead of leaving it up to the caller to figure this out (as
was done with the GTK builder) eapol_create_common can allocate the
extra space since it knows the MIC length.

This also updates _create_gtk_2_of_2 as it no longer needs to create
an extra data array.
2019-04-26 14:00:12 -05:00
James Prestwood
00cbd171f1 fils: add support for PMKID derivation
FILS defines its own derivation for the PMKID, which is just a
SHA256 or SHA384 hash of the ERP data. Setting the PMKID will
allow FILS PTK rekeys.
2019-04-26 12:40:02 -05:00
James Prestwood
4f7d7684a3 eapol: add common function for AES-SIV
To avoid duplicate code in PTK/GTK rekeys a common function was
added which performs the encryption in place in the key frame.
2019-04-26 12:36:37 -05:00
James Prestwood
2fd755c285 eapol: update eapol_key_handle to work with FILS rekeys
Since FILS does not use a MIC, the 1/4 handler would always get called
for FILS PTK rekeys. We can use the fact that message 1/4 has no MIC as
well as no encrypted data to determine which packet it is. Both no MIC
and no encrypted data means its message 1/4. Anything else is 3/4.
2019-04-26 12:35:53 -05:00
James Prestwood
028e755d42 handshake: allow SHA384 PTK derivation (for FILS)
For FILS rekeys, we still derive the PTK using the 4-way handshake.
And for FILS-SHA384 we need the SHA384 KDF variant when deriving.

This change adds both FILS-SHA256 and FILS-SHA384 to the checks
for determining the SHA variant.
2019-04-26 12:28:51 -05:00
James Prestwood
62097e7d82 crypto: allow PTK derivation using SHA384
crypto_derive_pairwise_ptk was taking a boolean to decide whether to
use SHA1 or SHA256, but for FILS SHA384 may also be required for
rekeys depending on the AKM.

crypto_derive_pairwise_ptk was changed to take l_checksum_type instead
of a boolean to allow for all 3 SHA types.
2019-04-26 12:28:40 -05:00
James Prestwood
733679ff7f eapol: Update _verify_ptk_3_of_4 to work with no MIC
A similar change was made to _verify_gtk_1_of_2 in order for
verification to work when no MIC is being used (FILS rekeys)
2019-04-26 12:24:42 -05:00
James Prestwood
8ceb4a31ef ie: remove unused struct declaration 2019-04-26 12:23:36 -05:00
James Prestwood
78b5f56516 ap: update to use new TLV builder APIs
AP still relies on the get_data/set_length semantics. Its more convenient
to still use these since it avoids the need for extra temporary buffers
when building the rates IE.
2019-04-23 12:56:20 -05:00
James Prestwood
856b21d9ba fils: update TLV builder code to use new APIs 2019-04-23 12:56:20 -05:00
James Prestwood
d2e7d47c84 ie: fix ie_tlv_builder semantics
The TLV builder APIs were not very intuative, and in some (or all)
cases required access to the builder structure directly, either to
set the TLV buffer or to get the buffer at the end.

This change adds a new API, ie_tlv_builder_set_data, which both sets
the length for the current TLV and copies the TLV data in one go.
This will avoid the need for memcpy(ie_tlv_builder_get_data(...),...)

ie_tlv_builder_finalize was also changed to return a pointer to the
start of the build buffer. This will eliminate the need to access
builder.tlv after building the TLVs.

ie_tlv_builder_init was changed to take an optional buffer to hold
the TLV data. Passing NULL/0 will build the TLV in the internal
buffer. Passing in a pointer and length will build into the passed
in buffer.
2019-04-23 12:56:20 -05:00
Andrew Zaborowski
14d69873b0 wiphy: Add wiphy_create_complete
Let manager.c signal to wiphy.c when the wiphy parsing from the genl
messages is complete.  When we query for existing wiphy using the
GET_WIPHY dump command we get many genl messages per wiphy, on a
notification we only get one message.  So after wiphy_create there may
be one or many calls to wiphy_update_from_genl.  wiphy_create_complete
is called after all of them, so wiphy.c can be sure it's done with
parsing the wiphy attributes when in prints the new wiphy summary log
message, like it did before manager.c was added.

I had wrongly assumed that all the important wiphy attributes were in
the first message in the dump, but NL80211_ATTR_EXT_FEATURES was not and
wasn't being parsed which was breaking at least testRSSIAgent.
2019-04-22 16:34:51 -05:00
James Prestwood
6ea74d77cc eap-sim: derive session-ID for ERP 2019-04-22 16:31:19 -05:00
James Prestwood
2cbdc1aa43 eap-aka: derive Session-ID for ERP 2019-04-22 16:31:14 -05:00
James Prestwood
e7219cbcc5 netdev: free SAE SM once protocol has completed
SAE was behaving inconsitently with respect to freeing the state.
It was freeing the SM internally on failure, but requiring netdev
free it on success.

This removes the call to sae_sm_free in sae.c upon failure, and
instead netdev frees the SM in the complete callback in all cases
regardless of success or failure.
2019-04-22 16:26:11 -05:00
James Prestwood
ea571bc6ac netdev: free OWE SM once protocol has completed
The OWE SM is not needed once the OWE protocol completes. We can
free it immediately in netdev_owe_complete (unless retrying).
2019-04-22 16:25:31 -05:00
James Prestwood
5cc0148e7f station: enable FILS support
station will now check if ERP has cached keys for FILS when building
the handshake, as well as get the ERP cache and set it into the
handshake object.
2019-04-22 14:56:48 -05:00
James Prestwood
b125976fea netdev: add FILS support
From netdev's prospective FILS works the same as OWE/SAE where we create
a fils_sm and forward all auth/assoc frames into the FILS module. The
only real difference is we do not start EAPoL once FILS completes.
2019-04-22 14:55:41 -05:00
James Prestwood
73c9a126bd fils: implementation for FILS
FILS (Fast Initial Link Setup) allows a station to negotiate a PTK during
authentication and association. This allows for a faster connection as
opposed to doing full EAP and the 4-way. FILS uses ERP (EAP Reauth Protocol)
to achieve this, but encapsulates the ERP data into an IE inside
authenticate frames. Association is then used to verify both sides have
valid keys, as well as delivering the GTK/IGTK.

FILS will work similar to SAE/OWE/FT where netdev registers a fils_sm, and
then forwards all Auth/Assoc frame data to and from the FILS module.
2019-04-22 14:55:02 -05:00
James Prestwood
91cdd86e0d handshake: add ERP cache object to handshake
Keeping the ERP cache on the handshake object allows station.c to
handle all the ERP details and encapsulate them into a handshake.
FILS can then use the ERP cache right from the handshake rather
than getting it itself.
2019-04-22 14:55:02 -05:00
James Prestwood
bc7b12d1a4 wiphy: handle FILS AKMs
wiphy_select_akm needed to be updated to take a flag, which can be
set to true if there are known reauth keys for this connection. If
we have reauth keys, and FILS is available we will choose it.
2019-04-19 15:05:23 -05:00
James Prestwood
b829daaab7 owe: fix group renegotiation to not reauthenticate
If the AP send an associate with an unsupported group status, OWE
was completely starting over and sending out an authenticate frame
when it could instead just resend the associate frame with a
different group.
2019-04-19 13:52:28 -05:00
James Prestwood
17e3a5ee3c handshake: add setter for PTK
With FILS support coming there needs to be a way to set the PTK directly.
Other AKMs derive the PTK via the 4-way handshake, but FILS computes the
PTK on its own.
2019-04-18 10:55:24 -05:00
Denis Kenzior
b768e26f1d Revert "mschaputil: use util_get_username"
This reverts commit 1e337259ce.

Using util_get_username was wrong in this context.  MSCHAPv2 expects us
to only strip the domain name from identities of the form
domain\identity.  util_get_username would also strip identities of the
form username@domain.com.
2019-04-18 10:46:56 -05:00
James Prestwood
349acf292f eapol: fix kek length for FILS rekeys (SHA384)
FILS-SHA384 got overlooked and the kek length was being hard coded
to 32 bytes when encrypting the key data. There was also one occurence
where the kek_len was just being set incorrectly.
2019-04-17 19:33:55 -05:00
James Prestwood
e940fc9282 handshake: add handshake_state_get_kek_len 2019-04-17 19:33:51 -05:00
Denis Kenzior
89017afdb2 crypto: Skip aes-ctr decryption for in_len = 16
If the input length is 16 bytes, this means aes_siv_decrypt should
only be verifying the 16 byte SIV and not decrypting any data. If
this is the case, we can skip over the whole AES-CTR portion of
AES-SIV and only verify the SIV.
2019-04-17 18:59:27 -05:00
James Prestwood
799a29d37c eapol: only check for snonce if MIC is used
In eapol_key_handle, 'have_snonce' is checked before decrypting the
key data. For FILS, there will be no snonce so this check can be
skipped if mic_len == 0.
2019-04-17 18:40:46 -05:00
James Prestwood
c21f3cd2a4 eapol: allow FILS GTK handshake
The GTK handshake for FILS uses AES-SIV to encrypt the key data, and
does away with the MIC completely. Now, when finalizing the 2/2 GTK
packet we check the MIC length, and if zero we assume FILS is being
used and we use AES-SIV to encrypt the key data.

For FILS, there is no actual data being encrypted for GTK 2/2 (hence
why the input data length is zero). This results in only the SIV
being generated, which essentially serves the same purpose as a MIC.
2019-04-17 18:40:46 -05:00
James Prestwood
a6640f1b7a eapol: allow eapol_decrypt_key_data to work with FILS
FILS falls under the 'AKM defined' key descriptor, and uses AES-SIV.
2019-04-17 18:40:46 -05:00
James Prestwood
368d6714b9 eapol: allow _create_gtk_2_of_2 to work without MIC
FILS does not use a MIC, as well as requires encrypted data on GTK 2/2.
This updates eapol_create_gtk_2_of_2 to pass in extra data to
eapol_create_common, which will reserve room for this encrypted data.
Extra data is only reserved if mic_len == 0.
2019-04-17 18:40:46 -05:00
James Prestwood
ca63ac2342 eapol: allow eapol_create_common to work with no MIC
FILS does not use a MIC in EAPoL frames and also requires encrypted
data on all EAPoL frames. In the common builder the mic_len is now
checked and the flags are set appropriately.
2019-04-17 18:40:46 -05:00
James Prestwood
62e20ca285 eapol: pass mic_len in gtk 1/2 verify
FILS authentication does away with the MIC, so checking for key_mic
in the eapol key frame does not allow FILS to work. Now we pass in
the mic_len to eapol_verify_gtk_1_of_2, and if it is non-zero we can
check that the MIC is present in the frame.
2019-04-17 18:40:46 -05:00
James Prestwood
82eeef1c29 eapol: add eapol_set_started
FILS does not require an eapol_sm for authentication, but rekeys
are still performed using the 4-way handshake. Because of this
FILS needs to create a eapol_sm in a 'started' state, but without
calling eapol_start as this will initialize EAP and create handshake
timeouts.

This allows EAPoL to wait for any 4-way packets, and handle them
as rekeys.
2019-04-17 18:40:46 -05:00
James Prestwood
433373fe28 eapol: cache ERP keys on EAP success 2019-04-17 17:06:25 -05:00
James Prestwood
7f502ff16f main: initialize erp 2019-04-17 17:06:25 -05:00
James Prestwood
d938d362b2 erp: ERP implementation and key cache move
ERP (EAP Reauthentication Protocol) allows a station to quickly
reauthenticate using keys from a previous EAP authentication.

This change both implements ERP as well as moves the key cache into
the ERP module.

ERP in its current form is here to only support FILS. ERP is likely not
widespread and there is no easy way to determine if an AP supports ERP
without trying it. Attempting ERP with a non-ERP enabled AP will actually
result in longer connection times since ERP must fail and then full EAP
is done afterwards. For this reason ERP was separated from EAP and a
separate ERP state machine must be created. As it stands now, ERP cannot
be used on its own, only with FILS.
2019-04-17 17:06:25 -05:00
James Prestwood
5e28b314a7 crypto: add aes_siv_{encrypt,decrypt}
FILS requires AES-SIV for rekeys
2019-04-17 13:55:11 -05:00
Tim Kourt
1c04707487 station: Add quick scan
Quick scan uses a set of frequencies associated with the
known networks. This allows to reduce the scan latency.
At this time, the frequency selection follows a very simple
logic by taking all known frequencies from the top 5 most
recently connected networks.
If connection isn't established after the quick scan attempt,
we fall back to the full periodic scan.
2019-04-16 18:16:04 -05:00
Tim Kourt
5c9138ed7d knownnetworks: Add lookup API for recent frequencies
The returned scan_freq_set contains the known frequencies from
the top most recently connected networks.
2019-04-16 18:14:35 -05:00
Denis Kenzior
02b3ab6793 manager: Run an interface dump on startup
Instead of handling NEW_WIPHY events and WIHPY_DUMP events in a similar
fashion, split up the paths to optimize iwd startup time.  There's
fundamentally no reason to wait a second (and eat up file-descriptor
resources for timers unnecessarily) when we can simply start an
interface dump right after the wiphy dump.

In case a new wiphy is added in the middle of a wiphy dump, we will
likely get a new wiphy event anyway, in which case a setup_timeout will
be created and we will ignore this phy during the interface dump
processing.

This also optimizes the case of iwd being re-started, in which case
there are no interfaces present.
2019-04-16 17:51:00 -05:00
Denis Kenzior
d99242846c manager: Split up new_wiphy dumps & events
Separate out the two types of NEW_WIPHY handlers into separate paths and
factor out the common code into a utility function.

Dumps of CMD_NEW_WIPHY can be split up over several messages, while
CMD_NEW_WIPHY events (generated when a new card is plugged in) are
stuffed into a single message.

This also prepares ground for follow-on commits where we will handle the
two types of events differently.
2019-04-16 17:51:00 -05:00
Denis Kenzior
1b08602727 manager: Make sure to not leak msg on failure:wq 2019-04-16 17:51:00 -05:00
Denis Kenzior
d85e6eedff manager: Don't try to create pending_state more than once 2019-04-16 17:51:00 -05:00
Denis Kenzior
5cfc6e513d netdev: Fix crash
src/netdev.c:netdev_create_from_genl() Skipping duplicate netdev wlp2s0[3]
Aborting (signal 11) [/home/denkenz/iwd/src/iwd]
++++++++ backtrace ++++++++
 #0  0x7fc4c7a4e930 in /lib64/libc.so.6
 #1  0x40ea13 in netdev_getlink_cb() at src/netdev.c:4654
 #2  0x468cab in process_message() at ell/netlink.c:183
 #3  0x4690a3 in can_read_data() at ell/netlink.c:289
 #4  0x46681d in io_callback() at ell/io.c:126
 #5  0x4651cd in l_main_iterate() at ell/main.c:473
 #6  0x46530e in l_main_run() at ell/main.c:516
 #7  0x465626 in l_main_run_with_signal() at ell/main.c:642
 #8  0x403df8 in main() at src/main.c:513
 #9  0x7fc4c7a39bde in /lib64/libc.so.6
2019-04-16 17:51:00 -05:00
Andrew Zaborowski
467b6341d8 manager: Handle interface white/blacklists
Mirror netdev.c white/blacklist logic.  If either or both the whitelist
and the blacklist are given also fall back to not touching the existing
interface setup on the wiphy.
2019-04-16 17:51:00 -05:00
Andrew Zaborowski
9e079ba4fc manager: Fallback to old logic for some drivers
If we get an error during DEL_INTERFACE or NEW_INTERFACE we may be
dealing with a driver that doesn't implement virtual interfaces or
doesn't implement deleting the default interface.  In this case fall
back to using the first usable interface that we've detected on this
wiphy.

There's at least one full-mac driver that doesn't implement the cfg80211
.del_virtual_intf and .add_virtual_intf methods and at least one that
only allows P2P interfaces to be manipulated.  mac80211 drivers seem to
at least implement those methods but I didn't check to see if there are
driver where they'd eventually return EOPNOTSUPP.
2019-04-16 17:51:00 -05:00
Andrew Zaborowski
2ea9db9cae netdev: Drop netdev creation logic 2019-04-16 17:51:00 -05:00
Andrew Zaborowski
d907593c08 manager: Create an interface on each wiphy and register netdevs
This is probably the trickiest part in this patchset.  I'm introducing a
new logic where instead of using the interfaces that we find present
when a wiphy is detected, which would normally be the one default
interface per wiphy but could be 0 or more than one, we create one
ourselves with the socket owner attribute and use exactly one for
Station, AP and Ad-Hoc modes.  When IWD starts we delete all the
interfaces on existing wiphys that we're going to use (as determined by
the wiphy white/blacklists) or freshly hotplugged ones, and only then we
register the interface we're going to use meaning that the wiphy's
limits on the number of concurrent interfaces of each type should be at
0.  Otherwise we'd be unlikely to be abe to create the station interface
as most adapters only allow one.  After that we ignore any interfaces
that may be created by other processes as we have no use for multiple
station interfaces.

At this point manager.c only keeps local state for wiphys during
the interface setup although when we start adding P2P code we will be
creating and removing interfaces multiple times during the wiphy's
runtime and may need to track it here or in wiphy.c.  We do not
specifically check the interface number limits received during the wiphy
dump, if we need to create any interfaces and we're over the driver's
maximum for that specific iftype we'll still attempt it and report error
if it fails.

I tested this and it seems to work with my laptop's intel card and some
USB hotplug adapters.
2019-04-16 17:51:00 -05:00
Denis Kenzior
edade7f19c netdev: Fix handshake failures on FT-PSK + FullMac
The latest refactoring ended up assuming that FT related elements would
be handled in netdev_associate_event.  However, FullMac cards (that do
not generate netdev_associate_event) could still connect using FT AKMs
and perform the Initial mobility association.  In such cases the FTE
element was required but ended up not being set into the handshake.
This caused the handshake to fail during PTK 1_of_4 processing.

Fix this by making sure that FTE + related info is set into the
handshake, albeit with a lower sanity checking level since the
elements have been processed by the firmware already.

Note that it is currently impossible for actual FTs to be performed on
FullMac cards, so the extra logic and sanity checking to handle these
can be skipped.
2019-04-15 17:32:12 -05:00
Tim Kourt
c44da22470 wiphy: Add freq set constrain API 2019-04-15 12:34:36 -05:00
Tim Kourt
5be3de7484 knownnetworks: Add known frequencies
Add functionality to read and parse the known frequencies
from permanent storage on start of the service. On service
shutdown, we sync the known frequencies back to the permanent
storage.
2019-04-15 12:30:13 -05:00
Tim Kourt
c3e79a4f2a network: Introduce a concept of known frequencies
Each known network (previously connected) will have a set
of known frequencies associated with it, e.g. a set of
frequencies from all BSSs observed. The list of known
frequencies is sorted with the most recently observed
frequency in the head.
2019-04-15 12:29:48 -05:00
Tim Kourt
8881910662 station: Start removing scan results based on age
Previously, the scan results were disregarded once the new
ones were available. To enable the scan scenarios where the
new scan results are delivered in parts, we introduce a
concept of aging BSSs and will remove them based on
retention time.
2019-04-15 12:25:30 -05:00
Tim Kourt
e01368b848 scan: Add randomization of SN for probe requests 2019-04-11 16:57:07 -05:00
Tim Kourt
b1d77d52b9 scan: Use randomization flag only for active scans 2019-04-11 16:56:44 -05:00
Tim Kourt
91105768e0 knownnetworks: Enable setting Autoconnect property over DBus 2019-04-11 12:09:27 -05:00
Denis Kenzior
5a28504d9e manager: Simplify logic 2019-04-11 12:09:07 -05:00
Denis Kenzior
72158e66da main: Move manager initialization
The order of wiphy / netdev dumps matters.  So to preserve the old
behavior, move manager initialization up.
2019-04-11 12:09:07 -05:00
Andrew Zaborowski
65109ec46d wiphy: Drop wiphy creation logic 2019-04-11 11:20:04 -05:00
Andrew Zaborowski
530a449337 manager: Add new file for wiphy/interface management
Add manager.c, a new file where the wiphy and interface creation/removal
will be handled and interface use policies will be implemented.  Since
not all kernel-side nl80211 interfaces are tied to kernel-side netdevs,
netdev.c can't manage all of the interfaces that we will be using, so
the logic is being moved to a common place where all interfaces on a
wiphy will be managed according to the policy, device support for things
like P2P and user enabling/disabling/connecting with P2P which require
interfaces to be dynamically added and removed.
2019-04-11 11:17:52 -05:00
Andrew Zaborowski
4a969294f7 wiphy: Add wiphy_create/wiphy_destroy API
Add wiphy_create, wiphy_update_from_genl and wiphy_destroy that together
will let a new file command the wiphy creation, updates and deletion
with the same functionality the current config notification handler
implements in wiphy.c.
2019-04-11 11:15:10 -05:00
Andrew Zaborowski
fd0892baf0 wiphy: Make wiphy_parse_id_and_name public 2019-04-11 11:13:28 -05:00
Andrew Zaborowski
c06754a978 wiphy: Drop name_len from wiphy_parse_id_and_name
As mentioned in code comments the name is NUL-terminated so there's no
need to return the length path, which was ignored in some occasions
anyway.  Consistently treat it as NUL-terminated but also validate.
2019-04-11 11:11:52 -05:00
Andrew Zaborowski
8f910518c4 netdev: Make netdev_create_from_genl, netdev_destroy public
Make netdev_create_from_genl public and change signature to return the
created netdev or NULL.  Also add netdev_destroy that destroys and
unregisters the created netdevs.  Both will be used to move the
whole interface management to a new file.
2019-04-11 11:04:16 -05:00
Andrew Zaborowski
ceb605a2cc dbus: Add p2p iftypes in dbus_iftype_to_string 2019-04-11 11:01:09 -05:00
Tim Kourt
531bb3f0b5 knownnetworks: Load Autoconnect along with other settings
Previously, 'Autoconnect' setting was loaded only at the
connection time, this patch makes autoconnect to load along
with other settings.
2019-04-11 10:55:22 -05:00
James Prestwood
43c1bdfd62 sae: check if server point/scalar is valid
Reported-By: Mathy Vanhoef <Mathy.Vanhoef@nyu.edu>
2019-04-11 10:19:54 -05:00
James Prestwood
9192f506d3 eap-pwd: check if server point/scalar is valid
Reported-By: Mathy Vanhoef <Mathy.Vanhoef@nyu.edu>
2019-04-11 10:19:38 -05:00
James Prestwood
f9d92d6cdd eap: add eap_get_identity 2019-04-10 16:57:07 -05:00
James Prestwood
81fc6a687e handshake: add flag for FILS support
The handshake_state only holds a single AKM value. FILS depends on the AP
supporting EAP as well as FILS. The first time IWD connects, it will do a
full EAP auth. Subsequent connections (assuming FILS is supported) will use
FILS. But if the AP does not support FILS there is no reason to cache the
ERP keys.

This adds the supp_fils to the handshake_state. Now, station.c can set this
flag while building the handshake. This flag can later be checked when
caching the ERP keys.
2019-04-10 16:57:05 -05:00
James Prestwood
e963e64f9b eap: export session ID as key materials
ERP/FILS requires the session ID which is derived internally to an
EAP method.
2019-04-10 16:55:29 -05:00
James Prestwood
5df84a6933 erpcache: implementation for ERP key cache
This allows IWD to cache ERP keys after a full EAP run. Caching
allows IWD to quickly connect to the network later on using ERP or
FILS.

The cache will contain the EAP Identity, Session ID, EMSK, SSID and
optionally the ERP domain. For the time being, the cache entry
lifetimes are hard coded to 24 hours. Eventually the cache should
be written to disk to allow ERP/FILS to work after a reboot or
IWD restart.
2019-04-10 13:58:13 -05:00
James Prestwood
1e337259ce mschaputil: use util_get_username 2019-04-08 16:28:56 -05:00
Denis Kenzior
86ce4a8b09 util: Add qualifying comments 2019-04-08 16:28:37 -05:00
James Prestwood
abcc9f1647 util: add APIs to get username/domain from identity
mschaputil already had similar functionality, but ERP will need this
as well. These two functions will also handle identities with either
'@' or '\' to separate the user and domain.
2019-04-08 16:26:25 -05:00
Denis Kenzior
44ebf10bb9 eap: Make sure identity is not NULL 2019-04-08 16:25:31 -05:00
Denis Kenzior
716e3f0cda eap: Add eap_free_common
Many operations performed during an error in load_settings were the same
as the ones performed when freeing the eap object.  Add eap_free_common
to unify these.
2019-04-08 16:24:18 -05:00
James Prestwood
875c6f27e7 eap: enforce max identity lengths
EAP identites are recommended to follow RFC 4282 (The Network Access
Identifier). This RFC recommends a maximum NAI length of 253 octets.
It also mentions that RADIUS is only able to support NAIs of 253
octets.

Because of this, IWD should not allow EAP identities larger than 253
bytes. This change adds a check in eap_load_settings to verify the
identity does not exceed this limit.
2019-04-08 16:18:47 -05:00
James Prestwood
e9618d97a8 crypto: add kdf_sha384
FILS requires the SHA384 KDF variant.
2019-04-05 17:58:03 -05:00
James Prestwood
a71adcc243 netdev: skip associate event when not in OWE/FT
The associate event is only important for OWE and FT. If neither of
these conditions (or FT initial association) are happening we do
not need to continue further processing the associate event.
2019-04-05 17:35:31 -05:00
James Prestwood
c416db0708 common: fix missing PSK_SHA256 AKM
This AKM was lost while moving all the AKM checks into a the macros
2019-04-05 17:32:01 -05:00
Denis Kenzior
8f9ed66bdd mpdu: Rework validate_mgmt_ies
802.11 mandates that IEs inside management frames are presented in a
given order.  However, in the real world, many APs seem to ignore the
rules and send their IEs in seemingly arbitrary order, especially when
it comes to VENDOR tags.  Change this function to no longer be strict in
enforcing the order.

Also, drop checking of rules specific to Probe Responses.  These will
have to be handled separately (most likely by the AP module) since
802.11-2016, Section 11.1.4.3.5 essentially allows just about anything.
2019-04-05 16:31:26 -05:00
Denis Kenzior
83af5b0170 mpdu: Drop unused argument 2019-04-05 16:29:59 -05:00
James Prestwood
050db0b054 netdev: fix association failure path
In netdev_associate_event the ignore_connect_event was getting set true,
but afterwards there were still potential failure paths. Now, once in
assoc_failed we explicitly set ignore_connect_event to false so the
the failure can be handled properly inside netdev_connect_event
2019-04-05 13:41:29 -05:00
James Prestwood
5359b54c37 eap-private: add initiate/finish EAP types 2019-04-05 12:13:30 -05:00
James Prestwood
8f3627646a mpdu: add auth algorithms for FILS 2019-04-05 12:07:37 -05:00
James Prestwood
e15cb7133a handshake: handle FILS AKMs in handshake_get_key_sizes 2019-04-05 12:07:34 -05:00
James Prestwood
9b83f3d2db common: put all PSK AKM's into macro
The list of PSK/8021x AKM's in security_determine was getting long,
and difficult to keep under 80 characters. This moves them all into
two new macros, AKM_IS_PSK/AKM_IS_8021X.
2019-04-05 12:06:00 -05:00
James Prestwood
a2e711faf4 ie: crypto: add FILS AKMs
ie_rsn_info had to be updated to allow for 32 bit AKM values rather than
16 bit.
2019-04-04 16:11:07 -05:00
James Prestwood
cb9a0ed922 ie: add FILS IEs 2019-04-04 16:09:13 -05:00
James Prestwood
bde01b1826 eap-pwd: update hkdf_extract usage to cast constants
On some architectures, va_arg was behaving strangely with constant values
passed as lengths. Casting any constant lengths to size_t fixes the issue.
2019-04-04 14:01:19 -05:00
Denis Kenzior
b8dd39ded0 sae: Fix argument type passed via va_args
The function expects a size_t argument, but on some ARM systems this was
getting confused and failing.
2019-04-04 13:37:01 -05:00
James Prestwood
c985da04ca sae: fix potential infinite loop
It was assumed that the hunt-and-peck loop was guarenteed to find
a PWE. This was incorrect in terms of kernel support. If a system
does not have support for AF_ALG or runs out of file descriptors
the KDFs may fail. The loop continued to run if found == false,
which is also incorrect because we want to stop after 20 iterations
regarless of success.

This changes the loop to a for loop so it will always exit after
the set number of iterations.
2019-04-04 11:20:12 -05:00
Marcel Holtmann
23041a44dd build: Add missing HAVE_CONFIG_H guards and include config.h 2019-04-04 14:02:38 +02:00
Denis Kenzior
6ecc3a20b8 scan: Fix warning
CC       src/scan.o
src/scan.c: In function ‘scan_bss_compute_rank’:
src/scan.c:1048:4: warning: this decimal constant is unsigned only in ISO C90
    factor = factor * data_rate / 2340000000 +
2019-04-03 11:54:41 -05:00
Denis Kenzior
5c9e6b255f util: Remove container_of 2019-04-03 11:49:36 -05:00
Denis Kenzior
aca70beeff netdev: Use l_container_of 2019-04-03 11:49:36 -05:00
Denis Kenzior
b97d3f2a82 eapol: Use l_container_of 2019-04-03 11:49:36 -05:00
Marcel Holtmann
3f3e778719 build: Add support for including fallbacks for missing defines 2019-04-03 18:34:22 +02:00
Marcel Holtmann
923ac09cb6 owe: Add missing include for config.h 2019-04-03 18:33:36 +02:00
Tim Kourt
71efd05f4e eap: Rename EAP TLS type to follow common nomenclature 2019-04-02 14:34:37 -05:00
Tim Kourt
967983c638 station: Allow to disable roaming 2019-04-01 18:38:18 -05:00
Tim Kourt
734c9ad2f6 station: Split autoconnect state into two sub states
The auto-connect state will now consist of the two phases:
STATION_STATE_AUTOCONNECT_QUICK and STATION_STATE_AUTOCONNECT_FULL.
The auto-connect will always start with STATION_STATE_AUTOCONNECT_QUICK
and then transition into STATION_STATE_AUTOCONNECT_FULL if no
connection has been established. During STATION_STATE_AUTOCONNECT_QUICK
phase we take advantage of the wireless scans with the limited number
of channels on which the known networks have been observed before.
This approach allows to shorten the time required for the network
sweeps, therefore decreases the connection latency if the connection
is possible. Thereafter, if no connection has been established after
the first phase we transition into STATION_STATE_AUTOCONNECT_FULL and
do the periodic scan just like we did before the split in
STATION_STATE_AUTOCONNECT state.
2019-04-01 16:04:20 -05:00
Tim Kourt
405785cd0b scan: Add scan_freq_set_merge API 2019-04-01 15:29:33 -05:00
Tim Kourt
e5baa98a32 station: Encapsulate setter for 'scanning' property 2019-04-01 15:25:44 -05:00
Tim Kourt
33aa07e9ce station: rename scan_id to dbus_scan_id 2019-04-01 15:23:24 -05:00
Tim Kourt
395d8b9ea0 station: Refactor station_scan_destroy closer to its usage
The function is also renamed to reflect its usage
2019-04-01 15:21:12 -05:00
Tim Kourt
e4a5972b42 station: Separate scan and dbus logic 2019-04-01 15:18:51 -05:00
Tim Kourt
47900d34bc scan: Add scan_freq_set param into scan_passive 2019-04-01 15:18:37 -05:00
Tim Kourt
0d3eb7d27b scan: Make scan_freq_set_foreach const correct 2019-04-01 14:28:42 -05:00
James Prestwood
62748e567d ie: remove 80+80 column in vht_width_map
For simplicity 160Mhz and 80+80Mhz were grouped together when
parsing the VHT capabilities, but the 80+80 bits were left in
vht_widht_map. This could cause an overflow when getting the
width map.
2019-03-22 17:48:43 -05:00
Andrew Zaborowski
3ca8a18b4e network: Clear psk and passphrase copies before freeing 2019-03-22 14:04:08 -05:00
Andrew Zaborowski
05d556d493 eap-pwd: Memzero copies of secrets
Note that PK and PWE are also considered secret but their buffers
will need to be cleared in l_ecc_point_free in ell.
2019-03-22 13:04:50 -05:00
James Prestwood
588848651a wiphy: enforce MFP requirement on SAE connections
wiphy_select_akm will now check if BIP is supported, and if MFPR is
set in the scan_bss before returning either SAE AKMs. This will allow
fallback to another PSK AKM (e.g. hybrid APs) if any of the requirements
are not met.
2019-03-22 12:11:05 -05:00
Andrew Zaborowski
fa7db4be4d eap,eapol,crypto: Replace uses of memset with explicit_bzero
Replace existing uses of memset to clear secrets with explicit_bzero to
make sure it doesn't get optimized away.  This has some side effects as
documented in gcc docs but is still recommended.

In eap_secret_info_free make sure we clear both strings in the case of
EAP_SECRET_REMOTE_USER_PASSWORD secrets.
2019-03-21 20:28:14 -05:00
James Prestwood
45a51613c4 netdev: add conf option to set RSSI threshold
Environments with several AP's, all at low signal strength may
want to lower the roaming RSSI threshold to prevent IWD from
roaming excessively. This adds an option 'roam_rssi_threshold',
which is still defaulted to -70.
2019-03-21 11:03:25 -05:00
Andrew Zaborowski
970ce050fe eap-mschapv2: Check hexstring parses in load_settings
load_settings is assumed to do minimum error checking to avoid crashing
on invalid input.
2019-03-21 09:37:26 -05:00
Andrew Zaborowski
94043d6bcb eap-mschapv2: Memzero copies of secrets 2019-03-21 09:36:46 -05:00
Andrew Zaborowski
881fbd1d80 crypto: Memzero copies of secrets 2019-03-21 09:33:40 -05:00
Andrew Zaborowski
13f09be1a0 wsc: Memzero secrets after use
Also printing keys with l_debug conditional on an environment variable
as someone wanting debug logs, or leaving debug on accidentally, does
not necessarily want the keys in the logs and in memory.
2019-03-19 14:14:39 -05:00
James Prestwood
2042fe7a73 netdev: fix WPS test (with ControlPortOverNL80211 on)
At some point the connect command builder was modified, and the
control port over NL80211 check was moved to inside if (is_rsn).
For WPS, no supplicant_ie was set, so CONTROL_PORT_OVER_NL80211
was never set into CMD_CONNECT. This caused IWD to expect WPS
frames over netlink, but the kernel was sending them over the
legacy route.
2019-03-19 14:03:27 -05:00
Christian Rebischke
6e44295fe2 iwd.service: Harden systemd service file
This commit hardens the iwd.service.in template file for systemd
services. The following is a short explanation for each added directive:

+PrivateTmp=true

If true, sets up a new file system namespace for the executed processes
and mounts private /tmp and /var/tmp directories inside it that is not
shared by processes outside of the namespace.

+NoNewPrivileges=true

If true, ensures that the service process and all its children can never
gain new privileges through execve() (e.g. via setuid or setgid bits, or
filesystem capabilities).

+PrivateDevices=true

If true, sets up a new /dev mount for the executed processes and only
adds API pseudo devices such as /dev/null, /dev/zero or /dev/random (as
well as the pseudo TTY subsystem) to it, but no physical devices such as
/dev/sda, system memory /dev/mem, system ports /dev/port and others.

+ProtectHome=yes

If true, the directories /home, /root and /run/user are made
inaccessible and empty for processes invoked by this unit.

+ProtectSystem=strict

If set to "strict" the entire file system hierarchy is mounted
read-only, except for the API file system subtrees /dev, /proc and /sys
(protect these directories using PrivateDevices=,
ProtectKernelTunables=, ProtectControlGroups=).

+ReadWritePaths=/var/lib/iwd/

Sets up a new file system namespace for executed processes. These
options may be used to limit access a process might have to the file
system hierarchy. Each setting takes a space-separated list of paths
relative to the host's root directory (i.e. the system running the
service manager). Note that if paths contain symlinks, they are resolved
relative to the root directory set with RootDirectory=/RootImage=.
Paths listed in ReadWritePaths= are accessible from within
the namespace with the same access modes as from outside of
it.

+ProtectControlGroups=yes

If true, the Linux Control Groups (cgroups(7)) hierarchies accessible
through /sys/fs/cgroup will be made read-only to all processes of the
unit.

+ProtectKernelModules=yes

If true, explicit module loading will be denied. This allows module
load and unload operations to be turned off on modular kernels.

For further explanation to all directives see `man systemd.directives`
2019-03-19 14:00:46 -05:00
James Prestwood
dee6703122 sae: check group number on UNSUPP_FINITE_CYCLIC_GROUP
Hostapd has now been updated to include the group number when rejecting
the connection with UNSUPP_FINITE_CYCLIC_GROUP. We still need the existing
len == 0 check because old hostapd versions will still behave this way.
2019-03-19 13:59:29 -05:00
Andrew Zaborowski
2133e8a9fc eap-ttls: Memzero copies of secrets
The AVP buffers are cleared because some plaintext secrets get written
into them.
2019-03-19 11:46:51 -05:00
Andrew Zaborowski
14572c0f1a mschaputil: Memzero copies of secrets 2019-03-19 11:43:49 -05:00
Andrew Zaborowski
0bf3ae97d7 eap-mschapv2: Drop mschapv2_nt_password_hash, use mschap_nt_password_hash
The two functions looked identical, drop mschapv2_nt_password_hash and
update callers to use mschap_nt_password_hash from mschaputil.c/.h.
2019-03-19 11:34:23 -05:00
Denis Kenzior
570abd7bfb eapol: Convert memsets to explicit_bzero
We were wiping out certain secrets via memset.  Convert them to
explicit_bzero just in case the compiler decides to optimize them out.
2019-03-19 11:25:22 -05:00
Andrew Zaborowski
f76e10799f eapol,handshake: Memzero copies of secrets 2019-03-19 11:20:40 -05:00
Andrew Zaborowski
c682847249 eap-md5: Memzero copies of secrets 2019-03-19 11:11:16 -05:00
Andrew Zaborowski
8954c62bcf eap-sim: Memzero secrets after use
Also slightly simplify eap_aka_prf_prime and other functions.
2019-03-19 11:05:11 -05:00
Andrew Zaborowski
b1317d3984 eap-aka: Memzero secrets after use 2019-03-19 11:04:29 -05:00
Andrew Zaborowski
28840b29a8 simutil: Memzero secrets after use
Also slightly simplify eap_aka_prf_prime and other functions.
2019-03-19 11:03:33 -05:00
Andrew Zaborowski
c80b239b93 simutil: Optimize l_checksum usage
The checksum object was created / destroyed repeatedly.  It was
sufficient to simply call checksum_reset since the key was never
changed.
2019-03-19 11:02:55 -05:00
Andrew Zaborowski
aa7abb44c5 eap-gtc: Memzero copies of secrets
The single-use password is apparently sent in plaintext over the network
but at least try to prevent it from staying in the memory until we know
it's been used.
2019-03-19 10:56:24 -05:00
Andrew Zaborowski
5306e37279 eap-tls,eap-peap: Memzero copies of secrets 2019-03-19 10:54:18 -05:00
Andrew Zaborowski
a090b1ef52 netdev: Update Associate IEs with the values actually sent
station.c generates the IEs we will need to use for the
Authenticate/Associate and EAPoL frames and sets them into the
handshake_state object.  However the driver may modify some of them
during CMD_CONNECT and we need to use those update values so the AP
isn't confused about differing IEs in diffent frames from us.

Specifically the "wl" driver seems to do this at least for the RSN IE.
2019-03-19 09:46:32 -05:00
James Prestwood
a983ca0c33 eap-pwd: fix buffer overflow for larger groups
The KDF function processes data in 32 byte chunks so for groups which
primes are not divisible by 32 bytes, you will get a buffer overflow
when copying the last chunk of data.

Now l_checksum_get_digest is limited to the bytes remaining in the
buffer, or 32, whichever is the smallest.
2019-03-19 09:44:36 -05:00
James Prestwood
0288c537a2 eapol: have eapol_encrypt_key_data return length/error
Since eapol_encrypt_key_data already calculates the key data length and
encodes it into the key frame, we can just return this length and avoid
having to obtain it again from the frame.
2019-03-18 18:02:37 -05:00
James Prestwood
3863fa3670 eap-pwd: mitigate potential timing attacks in EAP-PWD
Similar to SAE, EAP-PWD derives an ECC point (PWE). It is possible
for information to be gathered from the timing of this derivation,
which could be used to to recover the password.

This change adapts EAP-PWD to use the same mitigation technique as
SAE where we continue to derive ECC points even after we have found
a valid point. This derivation loop continues for a set number of
iterations (20 in this case), so anyone timing it will always see
the same timings for every run of the protocol.
2019-03-18 11:29:40 -05:00
Tim Kourt
58522fe98f storage: Allow load/sync known freqs. to file 2019-03-15 17:50:29 -05:00
Andrew Zaborowski
2b544541bc scan: Drop notify callback's ifindex parameter
This is not used by any of the scan notify callback implementations and
for P2P we're going to need to scan on an interface without an ifindex
so without this the other changes should be mostly contained in scan.
2019-03-15 12:17:53 -05:00
Tim Kourt
5e95e30e41 scan: Fix misinterpretation of the channel as frequency 2019-03-14 20:11:32 -05:00
Andrew Zaborowski
154e9f63bc wiphy, netdev: Add enum values for P2P-related iftypes
Also add a mask parameter to wiphy_get_supported_iftypes to make sure
the SupportedModes property only contains the values that can be used
as Device.Mode.
2019-03-11 18:03:40 -05:00
Andrew Zaborowski
e344df432b wiphy: Fix printing supported iftypes
dbus_iftype_to_string returns NULL for unknown iftypes, the strdup will
also return NULL and ret[i] will be assigned a NULL.  As a result
the l_strjoinv will not print the known iftypes that might have come
after that and will the l_strfreev will leak the strduped strings.
2019-03-11 18:03:38 -05:00
Andrew Zaborowski
98623edd7d scan: Drop remaining sched scan code 2019-03-11 17:49:15 -05:00
Andrew Zaborowski
d0ccb8496a scan: Fix tracking external scans in sc->state
sc->state would get set when the TRIGGERED event arrived or when the
triggered callback for our own SCAN_TRIGGER command is received.
However it would not get reset to NOT_RUNNING when the NEW_SCAN_RESULTS
event is received, instead we'd first request the results with GET_SCAN
and only reset sc->state when that returns.  If during that command a
new scan gets triggered, the GET_SCAN callback would still reset
sc->state and clobber the value set by the new scan.

To fix that repurpose sc->state to only track that period from the
TRIGGERED signal to the NEW_SCAN_RESULTS signal.  sc->triggered can be
used to check if we're still waiting for the GET_SCAN command and
sc->start_cmd_id to check if we're waiting for the scan to get
triggered, so one of these three variables will now always indicate if
a scan is in progress.
2019-03-11 17:28:41 -05:00
Denis Kenzior
e295b73c4c netdev: Fix crash when aborting a connection
We can crash if we abort the connection, but the connect command has
already gone through.  In this case we will get a sequence of
authenticate_event, associate_event, connect_event.  The first and last
events don't crash since they check whether netdev->connected is true.
However, this causes an annoying warning to be printed.

Fix this by introducing an 'aborting' flag and ignore all connection
related events if it is set.

++++++++ backtrace ++++++++
2019-03-08 16:28:15 -06:00
Tim Kourt
4b9abde3e5 scan: Optimize frequency set foreach logic 2019-03-07 16:27:24 -06:00
James Prestwood
ef06f06cfb owe: handle all non-zero status codes in owe_rx_associate
Now that the OWE failure/retry is handled in netdev, we can catch
all associate error status' inside owe_rx_associate rather than only
catching UNSUPP_FINITE_CYCLIC_GROUP.
2019-03-05 16:20:40 -06:00
James Prestwood
e3f4bfb428 netdev: process association in netdev_associate_event
Apart from OWE, the association event was disregarded and all association
processing was done in netdev_connect_event. This led to
netdev_connect_event having to handle all the logic of both success and
failure, as well as parsing the association for FT and OWE. Also, without
checking the status code in the associate frame there is the potential
for the kernel to think we are connected even if association failed
(e.g. rogue AP).

This change introduces two flags into netdev, expect_connect_failure and
ignore_connect_event. All the FT processing that was once in
netdev_connect_event has now been moved into netdev_associate_event, as
well as non-FT associate frame processing. The connect event now only
handles failure cases for soft/half MAC cards.

Note: Since fullmac cards rely on the connect event, the eapol_start
and netdev_connect_ok were left in netdev_connect_event. Since neither
auth/assoc events come in on fullmac we shouldn't have any conflict with
the new flags.

Once a connection has completed association, EAPoL is started from
netdev_associate_event (if required) and the ignore_connect_event flag can
be set. This will bypass the connect event.

If a connection has failed during association for whatever reason, we can
set expect_connect_failure, the netdev reason, and the MPDU status code.
This allows netdev_connect_event to both handle the error, and, if required,
send a deauth telling the kernel that we have failed (protecting against the
rogue AP situation).
2019-03-05 16:02:52 -06:00
James Prestwood
5027bd3d0b ftutil: add associate parser
Helper to obtain RSNE, MDE, and FTE from associate frame.
2019-03-05 11:44:41 -06:00
James Prestwood
210b8645b7 netdev: remove OWE handling from netdev_connect_event
OWE processing can be completely taken care of inside
netdev_authenticate_event and netdev_associate_event. This removes
the need for OWE specific checks inside netdev_connect_event. We can
now return early out of the connect event if OWE is in progress.
2019-03-01 17:16:17 -06:00
James Prestwood
cd6e32bf90 station: temporarily blacklist BSS for certain status codes
Several Auth/Assoc failure status codes indicate that the connection
failed for reasons such as bandwidth issues, poor channel conditions
etc. These conditions should not result in the BSS being blacklisted
since its likely only a temporary issue and the AP is not actually
"broken" per-se.

This adds support in station.c to temporarily blacklist these BSS's
on a per-network basis. After the connection has completed we clear
out these blacklist entries.
2019-03-01 13:13:08 -06:00
James Prestwood
64dedd9aa5 network: add APIs to blacklist BSS's per-network
Certain error conditions require that a BSS be blacklisted only for
the duration of the current connection. The existing blacklist
does not allow for this, and since this blacklist is shared between
all interfaces it doesnt make sense to use it for this purpose.

Instead, each network object can contain its own blacklist of
scan_bss elements. New elements can be added with network_blacklist_add.
The blacklist is cleared when the connection completes, either
successfully or not.

Now inside network_bss_select both the per-network blacklist as well as
the global blacklist will be checked before returning a BSS.
2019-03-01 13:08:01 -06:00
James Prestwood
3af51558f2 netdev: pass event data to netdev events
Several netdev events benefit from including event data in the callback.
This is similar to how the connect callback works as well. The content
of the event data is documented in netdev.h (netdev_event_func_t).

By including event data for the two disconnect events, we can pass the
reason code to better handle the failure in station.c. Now, inside
station_disconnect_event, we still check if there is a pending connection,
and if so we can call the connect callback directly with HANDSHAKE_FAILED.
Doing it this way unifies the code path into a single switch statment to
handle all failures.

In addition, we pass the RSSI level index as event data to
RSSI_LEVEL_NOTIFY. This removes the need for a getter to be exposed in
netdev.h.
2019-02-28 18:26:45 -06:00
Tim Kourt
a5424829b6 scan: Standardize nomenclature between scan triggers 2019-02-28 18:25:44 -06:00
Tim Kourt
c5d6b70520 scan: Deprecate scan_send_start()
On successful send, scan_send_start(..) used to set msg to NULL,
therefore the further management of the command by the caller was
impossible. This patch removes wrapper around l_genl_family_send()
and lets the callers to take responsibility for the command.
2019-02-28 18:25:15 -06:00
James Prestwood
8fed50a448 netdev: station: fix status/reason code in callbacks
This change cleans up the mess of status vs reason codes. The two
types of codes have already been separated into different enumerations,
but netdev was still treating them the same (with last_status_code).

A new 'event_data' argument was added to the connect callback, which
has a different meaning depending on the result of the connection
(described inside netdev.h, netdev_connect_cb_t). This allows for the
removal of netdev_get_last_status_code since the status or reason
code is now passed via event_data.

Inside the netdev object last_status_code was renamed to last_code, for
the purpose of storing either status or reason. This is only used when
a disconnect needs to be emitted before failing the connection. In all
other cases we just pass the code directly into the connect_cb and do
not store it.

All ocurrences of netdev_connect_failed were updated to use the proper
code depending on the netdev result. Most of these simply changed from
REASON_CODE_UNSPECIFIED to STATUS_CODE_UNSPECIFIED. This was simply for
consistency (both codes have the same value).

netdev_[authenticate|associate]_event's were updated to parse the
status code and, if present, use that if their was a failure rather
than defaulting to UNSPECIFIED.
2019-02-28 13:38:36 -06:00
Andrew Zaborowski
6017dc5730 eap-ttls: Check phase2-method is non-NULL in load_settings
Even though .check_settings in our EAP method implementations does the
settings validation, .load_settings also has minimum sanity checks to
rule out segfaults if the settings have changed since the last
.check_settings call.
2019-02-28 13:02:26 -06:00
Tim Kourt
8f09a0c937 wiphy: Add accessor for supported frequencies 2019-02-28 10:53:04 -06:00
Tim Kourt
9f52036b85 scan: Let ELL to handle the message sizing 2019-02-28 10:52:53 -06:00
James Prestwood
d6abf62946 netdev: remove unneeded disconnect for OWE failure
If OWE fails in association there is no reason to send a disconnect
since its already known that we failed. Instead we can directly
call netdev_connect_failed
2019-02-27 16:29:18 -06:00
James Prestwood
51f21c1c9b mpdu: remove invalid reason codes 2019-02-27 16:16:25 -06:00
James Prestwood
e5e2922eee netdev: sae: owe: update to use new status codes 2019-02-27 16:15:23 -06:00
James Prestwood
ffd8e81774 mpdu: add new status code enum
mpdu.h reason codes were being abused as status codes for Auth/Assoc
protocols. This adds a whole new enum for status codes.
2019-02-27 16:15:12 -06:00
Tim Kourt
45e5c42726 scan: Add ref to cmd to make it reusable on failure 2019-02-27 16:14:22 -06:00
Denis Kenzior
917815e99a netdev: netdev_setting_keys_failed takes an errno
Instead of sending a reason_code to netdev_setting_keys_failed, make it
take an errno (negative) instead.  Since key setting failures are
entirely a system / software issue, and not a protocol issue, it makes
no sense to use a protocol error code.
2019-02-27 14:22:42 -06:00
Tim Kourt
8e44760c34 scan: Fix scan request retry logic
While triggering scan, we leave the scan command in the queue,
so it can be replayed in the case of a busy device.
2019-02-26 18:02:48 -06:00
Tim Kourt
8fc7c0e5c4 scan: Rename request triggered cb 2019-02-26 17:16:52 -06:00
James Prestwood
df923cd962 scan: increase rate factor range
The rate factor range was quite small. This increases the range a bit,
which should make higher throughput AP's preferred more.
2019-02-26 12:35:56 -06:00
James Prestwood
a0d8511331 scan: allow 5G factor to be user configurable
Some users may need their own control over 2.4/5GHz preference. This
adds a new user option, 'rank_5g_factor', which allows users to increase
or decrease their 5G preference.
2019-02-26 12:35:50 -06:00
James Prestwood
49b02907a8 ie: scan: use VHT rates in scan ranking
This adds support for parsing the VHT IE, which allows a BSS supporting
VHT (80211ac) to be ranked higher than a BSS supporting only HT/basic
rates. Now, with basic/HT/VHT parsing we can calculate the theoretical
maximum data rate for all three and rank the BSS based on that.
2019-02-25 15:07:41 -06:00
James Prestwood
ad2bf340a4 ie: scan: use HT rates in scan ranking
This adds HT IE parsing and data rate calculation for HT (80211n)
rates. Now, a BSS supporting HT rates will be ranked higher than
a basic rate BSS, assuming the RSSI is at an acceptable level.
2019-02-25 11:52:58 -06:00
James Prestwood
5ce6e173ba ie: make rate_rssi_map const 2019-02-25 11:47:54 -06:00
James Prestwood
7d7fcff03b ie: scan: take into account RSSI when parsing data rate
The spec dictates RSSI thresholds for different modulation schemes, which
correlate to different data rates. Until now were were ranking a BSS with
only looking at its advertised data rate, which may not even be possible
if the RSSI does not meet the threshold.

Now, RSSI is taken into consideration and the data rate returned from
parsing (Ext) Supported Rates IE(s) will reflect that.
2019-02-22 17:44:06 -06:00
James Prestwood
922e10e82c ie: add macro for calculating an IE's length
All over the place we do "ie[1] + 2" for getting the IE length. It
is much clearer to use a macro to do this. The macro also checks
for NULL, and returns zero in this case.
2019-02-22 17:41:11 -06:00
James Prestwood
c18b1289a5 ap: move ie_parse_supported_rates into ap.c
Supported rates will soon be parsed along with HT/VHT capabilities
to determine the best data rate. This will remove the need for the
supported_rates uintset element in scan_bss, as well as the single
API to only parse the supported rates IE. AP still does rely on
this though (since it only supports basic rates), so the parsing
function was moved into ap.c.
2019-02-22 17:41:01 -06:00
Andrew Zaborowski
dbd619c231 eap-tls-common: More complete certificate validation
In the methods' check_settings do a more complete early check for
possible certificate / private key misconfiguration, including check
that the certificate and the private key are always present or absent
together and that they actually match each other.  Do this by encrypting
and decrypting a small buffer because we have no better API for that.
2019-02-08 13:59:32 -06:00
Andrew Zaborowski
d9f0cc47d0 eap: Remove redundant error messages in .load_settings
A method's .check_settings method checks for inconsistent setting files
and prints readable errors so there's no need to do that again in
.load_settings, although at some point after removing the duplicate
error messages from the load_settings methods we agreed to keep minimum
checks that could cause a crash e.g. in a corner case like when the
setting file got modified between the check_settings and the
load_settings call.  Some error messages have been re-added to
load_settings after that (e.g. in
bb4e1ebd4f) but they're incomplete and not
useful so remove them.
2019-02-08 13:43:05 -06:00
Andrew Zaborowski
451a7e9b52 eap-ttls: Check Phase 2 method name is not NULL 2019-02-08 13:42:51 -06:00
Andrew Zaborowski
8dfb8e9207 handshake: Remove unused handshake_state_get_8021x_config 2019-02-08 13:42:44 -06:00
Tim Kourt
22318ebbd5 main: Ensure existence of the storage dir at startup
Previously, the storage dir has only been created after a successful
network connection, causing removal of Known Network interface from
Dbus and failure to register dir watcher until daemon is restarted.
2019-02-07 11:07:43 -06:00
Denis Kenzior
995cbc7ad3 mpdu: relax IE ordering requirements 2019-02-07 10:44:09 -06:00
Denis Kenzior
bd7f8bf613 eapol: Relax message 2 / 4 key_length check
Seems certain Apple implementations set the key length to 16, even
though it should be 0.
2019-02-07 10:13:17 -06:00
James Prestwood
bc9e70f9cd sae: fix length check and commit buffer size
A length check was still assuming the 256 bit ECC group. This
was updated to scale with the group. The commit buffer was also
not properly sized. This was changed to allow for the largest
ECC group supported.
2019-02-02 09:25:20 -06:00
James Prestwood
a4fdddc403 sae: allow other ECC groups and group negotiation
SAE was hardcoded to work only with group 19. This change fixes up the
hard coded lengths to allow it to work with group 20 since ELL supports
it. There was also good amount of logic added to support negotiating
groups. Before, since we only supported group 19, we would just reject
the connection to an AP unless it only supported group 19.

This did lead to a discovery of a potential bug in hostapd, which was
worked around in SAE in order to properly support group negotiation.

If an AP receives a commit request with a group it does not support it
should reject the authentication with code 77. According to the spec
it should also include the group number which it is rejecting. This is
not the case with hostapd. To fix this we needed to special case a
length check where we would otherwise fail the connection.
2019-02-01 15:57:26 -06:00
Denis Kenzior
c926b3fe80 eap-pwd: Remove unneeded cast 2019-01-31 12:41:58 -06:00
James Prestwood
bb28351c93 eap-pwd: Update EAP-PWD to allow larger ECC groups
Most of this work was already done after moving ECC into ELL, but
there were still a few places where the 256-bit group was assumed.
This allows the 384-bit group to be used, and theoretically any
other group added to ELL in the future.
2019-01-31 12:40:03 -06:00
James Prestwood
025ca0d4d3 network: allow network_bss_select to skip blacklist
If we have a BSS list where all BSS's have been blacklisted we still
need a way to force a connection to that network, instead of having
to wait for the blacklist entry to expire. network_bss_select now
takes a boolean 'fallback_to_blacklist' which causes the selection
to still return a connectable BSS even if the entire list was
blacklisted.

In most cases this is set to true, as these cases are initiated by
DBus calls. The only case where this is not true is inside
station_try_next_bss, where we do want to honor the blacklist.
This both prevents an explicit connect call (where all BSS's are
blacklisted) from trying all the blacklisted BSS's, as well as the
autoconnect case where we simply should not try to connect if all
the BSS's are blacklisted.

There are is some implied behavior here that may not be obvious:

On an explicit DBus connect call IWD will attempt to connect to
any non-blacklisted BSS found under the network. If unsuccessful,
the current BSS will be blacklisted and IWD will try the next
in the list. This will repeat until all BSS's are blacklisted,
and in this case the connect call will fail.

If a connect is tried again when all BSS's are blacklisted IWD
will attempt to connect to the first connectable blacklisted
BSS, and if this fails the connect call will fail. No more
connection attempts will happen until the next DBus call.
2019-01-31 12:36:58 -06:00
James Prestwood
45cc0fd918 network/station: add BSS blacklisting
If IWD fails to connect to a BSS we can attempt to connect to a different
BSS under the same network and blacklist the first BSS. In the case of an
incorrect PSK (MMPDU code 2 or 23) we will still fail the connection.

station_connect_cb was refactored to better handle the dbus case. Now the
netdev result switch statement is handled before deciding whether to send
a dbus reply. This allows for both cases where we are trying to connect
to the next BSS in autoconnect, as well as in the dbus case.
2019-01-30 13:23:38 -06:00
James Prestwood
da485179a6 station: refactor __station_connect_network
This makes __station_connect_network even less intelligent by JUST
making it connect to a network, without any state changes. This makes
the rekey logic much cleaner.

We were also changing dbus properties when setting the state to
CONNECTING, so those dbus property change calls were moved into
station_enter_state.
2019-01-30 13:23:36 -06:00
Denis Kenzior
cff0600621 station: Use station_disassociated instead
station_disconnect can trigger yet another netdev_disconnect call (which
would obviously fail since we're no longer connected)
2019-01-28 15:52:18 -06:00
Denis Kenzior
d51c3db4ce station: Simplify logic 2019-01-28 15:52:02 -06:00
James Prestwood
a2354f88a6 station/netdev: handle rekeying based on driver features
A new driver extended feature bit was added signifying if the driver
supports PTK replacement/rekeying. During a connect, netdev checks
for the driver feature and sets the handshakes 'no_rekey' flag
accordingly.

At some point the AP will decide to rekey which is handled inside
eapol. If no_rekey is unset we rekey as normal and the connection
remains open. If we have set no_rekey eapol will emit
HANDSHAKE_EVENT_REKEY_FAILED, which is now caught inside station. If
this happens our only choice is to fully disconnect and reconnect.
2019-01-28 15:49:57 -06:00
James Prestwood
8edaa23f8a eapol: emit HANDSHAKE_EVENT_REKEY_FAILED
If we receive handshake message 1/4 after we are already connected
the AP is attempting to rekey. This may not be allowed and if not
we do not process the rekey and emit HANDSHAKE_EVENT_REKEY_FAILED
so any listeners can handle accordingly.
2019-01-28 15:38:47 -06:00
James Prestwood
a76376cac4 handshake: add HANDSHAKE_EVENT_REKEY_FAILED
This event will be emitted from eapol if the AP is attempting to
rekey but the handshake object does not allow it (via no_rekey).
2019-01-28 15:37:21 -06:00
James Prestwood
2a7a756c9f handshake: add flag and setter to disallow rekeying 2019-01-28 15:36:51 -06:00
James Prestwood
e4f22f0a5d ap: fix crash when stopping AP
The AP structure was getting cleaned up twice. When the DBus stop method came
in we do AP_STOP on nl80211. In this callback the AP was getting freed in
ap_reset. Also when the DBus interface was cleaned up it triggered ap_reset.

Since ap->started gets set to false in ap_reset, we now check this and bail
out if the AP is already stopped.

Fixes:
++++++++ backtrace ++++++++
0  0x7f099c11ef20 in /lib/x86_64-linux-gnu/libc.so.6
1  0x43fed0 in l_queue_foreach() at ell/queue.c:441 (discriminator 3)
2  0x423a6c in ap_reset() at src/ap.c:140
3  0x423b69 in ap_free() at src/ap.c:162
4  0x44ee86 in interface_instance_free() at ell/dbus-service.c:513
5  0x451730 in _dbus_object_tree_remove_interface() at ell/dbus-service.c:1650
6  0x405c07 in netdev_newlink_notify() at src/netdev.c:4449 (discriminator 9)
7  0x440775 in l_hashmap_foreach() at ell/hashmap.c:534
8  0x4455d3 in process_broadcast() at ell/netlink.c:158
9  0x4439b3 in io_callback() at ell/io.c:126
10 0x442c4e in l_main_iterate() at ell/main.c:473
11 0x442d1c in l_main_run() at ell/main.c:516
12 0x442f2b in l_main_run_with_signal() at ell/main.c:644
13 0x403ab3 in main() at src/main.c:504
14 0x7f099c101b97 in /lib/x86_64-linux-gnu/libc.so.6
+++++++++++++++++++++++++++
2019-01-25 18:51:18 -06:00
James Prestwood
ed6f5ea55a blacklist: add blacklist.[ch] to build and main
This will allow for blacklisting a BSS if the connection fails. The
actual blacklist module is simple and must be driven by station. All
it does is add BSS addresses, a timestamp, and a timeout to a queue.
Entries can also be removed, or checked if they exist. The blacklist
timeout is configuratble in main.conf, as well as the blacklist
timeout multiplier and maximum timeout. The multiplier is used after
a blacklisted BSS timeout expires but we still fail to connect on the
next connection attempt. We multiply the current timeout by the
multiplier so the BSS remains in the blacklist for a larger growing
amount of time until it reaches the maximum (24 hours by default).
2019-01-24 17:29:15 -06:00
James Prestwood
475d1082d7 netdev: store mpdu status and add getter
Soon BSS blacklisting will be added, and in order to properly decide if
a BSS should be blacklisted we need the status code on a failed
connection. This change stores the status code when there is a failure
in netdev and adds a getter to retrieve later. In many cases we have
the actual status code from the AP, but in some corner cases its not
obtainable (e.g. an error sending an NL80211 command) in which case we
just default to MMPDU_REASON_CODE_UNSPECIFIED.

Rather than continue with the pattern of setting netdev->result and
now netdev->last_status_code, the netdev_connect_failed function was
redefined so its no longer used as both a NL80211 callback and called
directly. Instead a new function was added, netdev_disconnect_cb which
just calls netdev_connect_failed. netdev_disconnect_cb should not be
used for all the NL80211 disconnect commands. Now netdev_connect_failed
takes both a result and status code which it sets in the netdev object.
In the case where we were using netdev_connect_failed as a callback we
still need to set the result and last_status_code but at least this is
better than having to set those in all cases.
2019-01-24 16:54:39 -06:00
Marcel Holtmann
39ee15dbc3 build: Provide modules-load.d for loading pkcs8_key_parser module 2019-01-23 18:22:11 +01:00
Andrew Zaborowski
c9490ce657 crypto: Optimize hkdf_expand slightly
Remove an unneeded buffer and its memcpy, remove the now unneeded use of
l_checksum_digest_length and use l_checksum_reset instead of creating a
new l_checksum for each chunk.
2019-01-22 11:40:07 -06:00
James Prestwood
922506105e owe: allow group 20 + group negotiation
ELL ECC supports group 20 (P384) so OWE can also support it. This also
adds group negotiation, where OWE can choose a different group than the
default if the AP requests it.

A check needed to be added in netdev in order for the negotiation to work.
The RFC says that if a group is not supported association should be rejected
with code 77 (unsupported finite cyclic group) and association should be
started again. This rejection was causing a connect event to be emitted by
the kernel (in addition to an associate event) which would result in netdev
terminating the connection, which we didn't want. Since OWE receives the
rejected associate event it can intelligently decide whether it really wants
to terminate (out of supported groups) or try the next available group.

This also utilizes the new MIC/KEK/KCK length changes, since OWE dictates
the lengths of those keys.
2019-01-17 15:24:56 -06:00
James Prestwood
d79b2b28ec eapol: use HMAC-SHA384 for OWE in MIC calculation 2019-01-17 15:20:28 -06:00
James Prestwood
7bfaf182e6 crypto: allow hkdf_expand/extract to use different SHA's
Rather than hard coding to SHA256, we can pass in l_checksum_type
and use that SHA. This will allow for OWE/SAE/PWD to support more
curves that use different SHA algorithms for hashing.
2019-01-17 15:20:28 -06:00
James Prestwood
90c39afd61 handshake: add OWE to get_ptk_size
OWE defines KEK/KCK lengths depending on group. This change adds a
case into handshake_get_key_sizes. With OWE we can determine the
key lengths based on the PMK length in the handshake.
2019-01-17 15:20:28 -06:00
James Prestwood
532c9a5521 eapol: Add OWE cases for different key lengths
In preparation for OWE supporting multiple groups eapol needed some
additional cases to handle the OWE AKM since OWE dictates the KEK,
KCK and MIC key lengths (depending on group).
2019-01-17 15:20:28 -06:00
James Prestwood
2c82d6b223 crypto: pass PMK length to crypto_derive_pairwise_ptk
Right now the PMK is hard coded to 32 bytes, which works for the vast
majority of cases. The only outlier is OWE which can generate a PMK
of 32, 48 or 64 bytes depending on the ECC group used. The PMK length
is already stored in the handshake, so now we can just pass that to
crypto_derive_pairwise_ptk
2019-01-17 15:20:28 -06:00
James Prestwood
6771a06463 crypto/handshake/eapol: Allow other PTK lengths
The crypto_ptk was hard coded for 16 byte KCK/KEK. Depending on the
AKM these can be up to 32 bytes. This changes completely removes the
crypto_ptk struct and adds getters to the handshake object for the
kck and kek. Like before the PTK is derived into a continuous buffer,
and the kck/kek getters take care of returning the proper key offset
depending on AKM.

To allow for larger than 16 byte keys aes_unwrap needed to be
modified to take the kek length.
2019-01-17 15:20:28 -06:00
James Prestwood
374b367ba4 eapol: allow 16, 24 and 32 byte MIC lengths
The MIC length was hard coded to 16 bytes everywhere, and since several
AKMs require larger MIC's (24/32) this needed to change. The main issue
was that the MIC was hard coded to 16 bytes inside eapol_key. Instead
of doing this, the MIC, key_data_length, and key_data elements were all
bundled into key_data[0]. In order to retrieve the MIC, key_data_len,
or key_data several macros were introduced which account for the MIC
length provided.

A consequence of this is that all the verify functions inside eapol now
require the MIC length as a parameter because without it they cannot
determine the byte offset of key_data or key_data_length.

The MIC length for a given handshake is set inside the SM when starting
EAPoL. This length is determined by the AKM for the handshake.
2019-01-17 15:20:28 -06:00
Tim Kourt
80d4e9b572 station: Default to active scan if MAC randomization is present
This patch also simplifies the scan type selection logic.
2019-01-16 15:05:38 -06:00
James Prestwood
55a7e9d82a pwd/sae/owe: update to use l_ecc_curve_get_ike_group 2019-01-16 15:05:06 -06:00
Tim Kourt
71b10ab271 scan: Enable the usage of MAC randomization flag 2019-01-16 13:02:25 -06:00
Tim Kourt
81d570572e wiphy: Add MAC randomization feature check API 2019-01-16 13:01:12 -06:00
James Prestwood
37cfec01a2 crypto: add hmac_sha384
To support OWE group 20, which uses HMAC-SHA384 for hashing the PMK
2019-01-15 15:07:26 -06:00
James Prestwood
8e7da821f9 handshake: store PMK length
Non-802.11 AKMs can define their own key lengths. Currently only OWE does
this, and the MIC/KEK/KCK lengths will be determined by the PMK length so
we need to save it.
2019-01-15 14:57:53 -06:00
Andrew Zaborowski
2600c446ab netdev: Skip a memcpy when no data to copy 2019-01-15 07:40:51 -06:00
Andrew Zaborowski
52b3268b78 netdev: Allow NULL prefix in netdev_frame_watch_add
Make sure we don't pass NULLs to memcmp or l_memdup when the prefix
buffer is NULL.  There's no point having callers pass dummy buffers if
they need to watch frames independent of the frame data.
2019-01-15 07:40:51 -06:00
Andrew Zaborowski
8aa306fddc eap-wsc: Use new l_key DH helper functions
Start using l_key_generate_dh_private and l_key_validate_dh_payload to
check for the disallowed corner case values in the DH private/public
values generated/received.
2019-01-14 15:20:50 -06:00
Tim Kourt
726bf9d8e4 eap: Make Identity optional
Some of the EAP methods don't require a clear-text identity to
be sent with the Identity Response packet. The mandatory identity
filed has resulted in unnecessary transmission of the garbage
values. This patch makes the Identity field to be optional and
shift responsibility to ensure its existence to the individual
methods if the field is required. All necessary identity checks
have been previously propagated to individual methods.
2019-01-11 17:36:33 -06:00
Denis Kenzior
782bd4a7ae network: Reset connected_time when forgetting
If a network is being forgotten, then make sure to reset connected_time.
Otherwise the rank logic thinks that the network is known which can
result in network_find_rank_index returning -1.

Found by sanitizer:
src/network.c:1329:23: runtime error: index -1 out of bounds for type
	'double [64]'
2019-01-11 17:28:10 -06:00
Denis Kenzior
e256cbaba9 eapol: Don't memcpy if no extra data
As reported by the sanitizer:

src/eapol.c:574:2: runtime error: null pointer passed as argument 2,
	which is declared to never be null
2019-01-11 17:10:47 -06:00
Denis Kenzior
30cf1aa376 mpdu: Fix buffer overflow reported by asan
==25412==ERROR: AddressSanitizer: global-buffer-overflow on address 0x000000421ab0 at pc 0x000000402faf bp 0x7fffffffdb00 sp 0x7fffffffdaf0
READ of size 4 at 0x000000421ab0 thread T0
    #0 0x402fae in validate_mgmt_ies src/mpdu.c:128
    #1 0x403ce8 in validate_probe_request_mmpdu src/mpdu.c:370
    #2 0x404ef2 in validate_mgmt_mpdu src/mpdu.c:662
    #3 0x405166 in mpdu_validate src/mpdu.c:706
    #4 0x402529 in ie_order_test unit/test-mpdu.c:156
    #5 0x418f49 in l_test_run ell/test.c:83
    #6 0x402715 in main unit/test-mpdu.c:171
    #7 0x7ffff5d43ed9 in __libc_start_main (/lib64/libc.so.6+0x20ed9)
    #8 0x4019a9 in _start (/home/denkenz/iwd-master/unit/test-mpdu+0x4019a9)
2019-01-11 11:43:21 -06:00
James Prestwood
c2189bc67e sae: fix one-off error in sae_is_quadradic_residue
This fixes the valgrind warning:

==14804== Conditional jump or move depends on uninitialised value(s)
==14804==    at 0x402E56: sae_is_quadradic_residue (sae.c:218)
==14804==    by 0x402E56: sae_compute_pwe (sae.c:272)
==14804==    by 0x402E56: sae_build_commit (sae.c:333)
==14804==    by 0x402E56: sae_send_commit (sae.c:591)
==14804==    by 0x401CC3: test_confirm_after_accept (test-sae.c:454)
==14804==    by 0x408A28: l_test_run (test.c:83)
==14804==    by 0x401427: main (test-sae.c:566)
2019-01-11 11:19:17 -06:00
Tim Kourt
e57f46df30 eap-ttls: Add tunneled MSCHAPv2 support 2019-01-10 17:26:19 -06:00
Tim Kourt
fd2c34cebc eap-ttls: Use method object in phase2 reset/destroy 2019-01-10 17:23:18 -06:00
Tim Kourt
9d1e2fa85b eap-ttls: Change signature of Phase 2 reset method 2019-01-10 17:22:56 -06:00
Tim Kourt
f924974e62 eap-ttls: Allow NULL state for Phase 2 2019-01-10 17:22:42 -06:00
Tim Kourt
af297039b1 eap-ttls: Extract credentials into dedicated struct 2019-01-10 17:18:45 -06:00
Tim Kourt
bb4e1ebd4f eap-mschapv2: Warn if required fields are missing 2019-01-10 17:12:55 -06:00
Tim Kourt
bfb69e930f eap-mschapv2: Fix domain name usage in username
The domain name must be excluded from the username only for the NT
challenge calculations and left in place for everything else.
2019-01-10 17:12:28 -06:00
Tim Kourt
3a71cf458b mschaputil: Move generator of the hash of the pwd hash 2019-01-10 17:09:10 -06:00
Tim Kourt
c8f071c67c mschaputil: Rearrange ops to fail early 2019-01-10 17:07:59 -06:00
Tim Kourt
cd00416168 mschaputil: Exlude domain name from challenge generation 2019-01-10 17:07:38 -06:00
Tim Kourt
5d9d00fac3 mschaputil: Adapt mschapv2 to re-use mschap ops
In addition, it refactors code to use l_util_hexstring_upper
2019-01-10 17:04:52 -06:00
Tim Kourt
6ffa1cf58a mschaputil: Move mschapv2 funcs into common util 2019-01-10 16:48:45 -06:00
Denis Kenzior
9b722197ba ecc: Remove remaining ECC/ECDH files
ECC primitives have now been fully converted / moved to ell.
2019-01-10 16:27:09 -06:00
James Prestwood
73dd0602fd sae: verify peer element for valid point
The return from l_ecc_point_from_data was not being checked for NULL,
which would cause a segfault if the peer sent an invalid point.
This adds a check and fails the protocol if p_element is NULL, as the
spec defines.
2019-01-10 16:26:29 -06:00
James Prestwood
48f5a051bc sae: update SAE to use ELL API's 2019-01-10 14:28:02 -06:00
James Prestwood
1d66ee0dd5 eap-pwd: update to use ELL ECC API's 2019-01-10 14:27:10 -06:00
Denis Kenzior
12189fcf39 conf: Increase default eapool handshake timeout 2019-01-09 21:13:53 -06:00
Andrew Zaborowski
d242cfc9e9 owe: Update l_ecdh_generate_shared_secret parameters 2018-12-28 12:32:14 -06:00
Andrew Zaborowski
8f9408efc7 eap-tls-common: Call the new l_tls_start 2018-12-19 10:05:35 -06:00
Andrew Zaborowski
6bf365d9a4 eapol: Check handshake_state_get_pmkid return value
Don't proceed with the handshake if handshake_state_get_pmkid fails
(shouldn't happen, but it's an error situation)
2018-12-19 10:05:16 -06:00
Tim Kourt
9d9f8331fa eap-tls-common: Increase log level for the common warning 2018-12-17 14:07:07 -06:00
Tim Kourt
a98089ed65 eap-tls-common: Add missing data 2018-12-17 14:06:59 -06:00
Denis Kenzior
686f515e04 eap-ttls: Bump up buffer sizes to quiet warnings
src/eap-ttls.c:766:50: error: ‘Password’ directive output may be truncated writing 8 bytes into a region of size between 1 and 72 [-Werror=format-truncation=]
  snprintf(password_key, sizeof(password_key), "%sPassword", prefix);
                                                  ^~~~~~~~
In file included from /usr/include/stdio.h:862,
                 from src/eap-ttls.c:28:
/usr/include/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 9 and 80 bytes into a destination of size 72
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __bos (__s), __fmt, __va_arg_pack ());
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2018-12-17 11:21:55 -06:00
Andrew Zaborowski
961e6d1480 eap-tls: Replace l_pem_load_certificate() with newer functions
Stop using l_pem_load_certificate which has been removed from ell, use
the same functions to load certificate files to validate them as those
used by the TLS implementation itself.
2018-12-17 11:18:42 -06:00
Tim Kourt
cff86c8419 eap-ttls: Propagate status of challenge generator 2018-12-14 14:18:22 -06:00
James Prestwood
c2094c5e04 ecdh: remove ECDH and unit tests
ECDH was moved into ell and is no longer needed in IWD
2018-12-12 11:12:27 -06:00
James Prestwood
e11c157478 owe: updated to use ell ECDH/ECC API's 2018-12-12 11:12:24 -06:00
Tim Kourt
fb656ff87a eap-tls-common: Make databuf private 2018-12-11 17:09:51 -06:00
Andrew Zaborowski
529ae6e683 eap-tls: Check AP identity in tls ready callbck
Check that the TLS logic has verified the server is trusted by the CA if
one was configured.  This is more of an assert as ell intentionally only
allows empty certificate chains from the peer in server mode (if a CA
certficate is set) although this could be made configurable.
2018-12-10 12:04:56 -06:00
Andrew Zaborowski
57ce6d0ca5 station: Check network_get_psk/passphrase return values
Check the returned values are not NULL.
2018-12-10 12:04:53 -06:00
Tim Kourt
610f9d28f0 eap-ttls: Migrate to eap-tls-common framework
The conversion transitions EAP-TTLS implementation to use a
common Phase 1 implementation shared among all TLS based
EAP methods.
2018-12-05 22:57:36 -06:00
Tim Kourt
84eda62823 eap-tls-common: ACK first fragment with missing M bit 2018-12-05 22:55:02 -06:00
Tim Kourt
30dfe9225c eap-peap: Migrate to eap-tls-common framework
The conversion transitions EAP-PEAP implementation to use a
common Phase 1 implementation shared among all TLS based
EAP methods.
2018-12-05 22:31:17 -06:00
Tim Kourt
4b9970bd99 eap-tls-common: Add comment 2018-12-05 22:26:29 -06:00
Denis Kenzior
94b7a69146 eap-tls-common: Fix typo 2018-12-05 11:55:00 -06:00
Tim Kourt
aafa4d50bb eap-tls: Migrate to eap-tls-common framework
The conversion transitions EAP-TLS implementation to use a
common Phase 1 implementation shared among all TLS based
EAP methods.
2018-12-05 11:53:59 -06:00
Tim Kourt
645b72be06 eap-tls-common: Validate successful loading of keys/certs 2018-12-05 11:33:47 -06:00
Tim Kourt
f1f826ee81 eap-tls-common: Handle packet payload 2018-12-05 11:33:06 -06:00
Andrew Zaborowski
b375191c61 scan: Drop the wiphy_id scan callback parameter 2018-12-04 10:36:17 -06:00
Andrew Zaborowski
e4858d6da3 scan: Refactor scan request and periodic scan logic
This should not change the behaviour except for fixing a rare crash
due to scan_cancel not working correctly when cancelling the first scan
request in the queue while a periodic scan was running, and potentially
other corner cases.  To be able to better distinguish between a periodic
scan in progress and a scan request in progress add a sc->current_sr
field that points either at a scan request or is NULL when a periodic
scan is in ongoing.  Move the triggered flag from scan_request and
scan_preiodic directly to scan_context so it's there together with
start_cmd_id.  Hopefully make scan_cancel simpler/clearer.

Note sc->state and sc->triggered have similar semantics so one of them
may be easily removed.  Also the wiphy_id parameter to the scan callback
is rather useless, note I temporarily pass 0 as the value on error but
perhaps it should be dropped.
2018-12-04 10:32:57 -06:00
Tim Kourt
f07119b33a eap-tls-common: Add tunnel API for send, close 2018-12-04 10:25:24 -06:00
Tim Kourt
6490ecd615 eap-tls-common: Add accessors for variant data and ver 2018-12-04 10:23:49 -06:00
Tim Kourt
663cf9931e eap-tls-common: Expose PRF 2018-12-04 10:22:00 -06:00
Tim Kourt
8dc9276800 eap-tls-common: Make send empty response func. public 2018-12-04 10:21:28 -06:00
Tim Kourt
779f668ab9 eap-tls-common: Introduce variant data and reset API 2018-12-04 10:19:55 -06:00
Tim Kourt
bb98101bd4 eap-tls-common: Handle response retransmission 2018-12-04 10:19:20 -06:00
Tim Kourt
9df7785fee eap-tls-common: Add phase 2 failure flag
This flag is used by the extensions to signal the failure
during phase 2 execution.
2018-12-04 10:18:53 -06:00
Tim Kourt
c1f791afc4 eap-tls-common: Handle common tunnel ready cb 2018-12-04 10:18:11 -06:00
Tim Kourt
c2d3a84e3a eap-tls-common: Add method completion flag
This flag prevents methods from restarting
2018-12-04 10:16:36 -06:00
Tim Kourt
c35c91ad20 eap-tls-common: Add support for fragmented response 2018-12-04 10:14:39 -06:00
Tim Kourt
718f967d17 eap-tls-common: Add basic send response 2018-12-04 10:13:24 -06:00
Tim Kourt
802891fcc3 eap-tls-common: Add tunneled data handling 2018-12-04 10:04:07 -06:00
Tim Kourt
edfc070d96 eap-tls-common: Add tls tunnel 2018-12-04 10:03:07 -06:00
Tim Kourt
c865eaa141 eap-tls-common: Add support for the fragmented requests 2018-12-03 14:31:16 -06:00
Tim Kourt
36e2252606 eap-tls-common: Add basic request handling
This also introduces the version negotiation
2018-12-03 14:31:16 -06:00
Tim Kourt
7aa35bf6c7 eap-tls-common: Introduce eap_tls_variant_ops
eap_tls_variant_ops will allow methods such as TTLS, PEAP,
etc. to specify their own handlers for the Phase 2 operations.
2018-12-03 14:31:16 -06:00
Andrew Zaborowski
47bb5b5f72 network: Generate the PSK as soon as we have a passphrase
In the name of failing earlier try to generate the PSK from the
passphrase as soon as we receive the passphrase or read it from the
file, mainly to validate it has the right number of characters.
The passphrase length currently gets validates inside
crypto_psk_from_passphrase which will be called when we receive a new
passphrase from the agent or when the config file has no PSK in it.  We
do not do this when there's already both the PSK and the passphrase
available in the settings -- we can add that separately if needed.
2018-12-03 14:17:30 -06:00
Andrew Zaborowski
0d3f16ec5e scan: Call .destroy in scan_request_free
The main difference with this is that scan_context removal will also
trigger the .destroy calls.  Normally there won't be any requests left
during scan_context but if there were any we should call destroy on
them.
2018-12-03 11:42:32 -06:00
Denis Kenzior
5b3ae4c40c wsc: Only add WSC interface if netdev is UP 2018-11-29 11:45:20 -06:00
Denis Kenzior
9e1ba84f26 device: Restore device Powered state
After wiphy comes out of the rfkill state and is again powered, restore
the device state to Powered if needed.
2018-11-29 11:34:07 -06:00
Denis Kenzior
0dd8114970 wiphy: Add wiphy state watch add / remove 2018-11-29 11:22:50 -06:00
Denis Kenzior
9be982b460 wiphy: Introduce wiphy_new 2018-11-29 11:22:07 -06:00
Denis Kenzior
52771de1a5 eapol: Further relax PMKID check
If we haven't sent a PMKID, and we're not running EAP, then ignore
whatever PMKID the AP sends us.  Frequently the APs send us garbage in
this field.  For PSK and related AKMs, if the PMK is wrong, then we
simply fail to generate a proper MIC and the handshake would fail at a
later stage anyway.
2018-11-28 19:06:33 -06:00
Tim Kourt
0536a9bdd5 scan: Fix failure handling in common scan triggering logic
Fix incorrect usage of the caller’s scan triggered callback.
In case of a failure, destroy scan request and notify caller
about the issue by returning zero scan id instead of calling
callers’ scan triggered callback with an error code.
2018-11-26 18:16:11 -06:00
Shaleen Jain
d9c89e89c6 iwd.service: restart service on crash 2018-11-26 14:38:07 -06:00
Andreas Henriksson
b6910e1210 build: only enable backtrace(3) in maintainer mode
Using backtrace() is of no use when building with PIE (which most
distro compilers do by default) and prevents catching the coredump
for later retracing, which is needed since distros usually don't
install debug symbols by default either.

This patch thus only enables backtrace() when --enable-maintainer-mode
is passed and also tries to explicitly disable PIE.
2018-11-26 14:32:04 -06:00
Andrew Zaborowski
95c05d447b scan: Fix confusing identation 2018-11-21 11:28:48 -06:00
Denis Kenzior
e609981b61 eap-tls-common: Update to private key API changes 2018-11-21 11:28:34 -06:00
Andrew Zaborowski
299af7fc39 eap-tls, ttls, peap: Update for private key API changes 2018-11-21 11:25:03 -06:00
Tim Kourt
bdcff2cdde eap: Add accessors for the method name and type 2018-11-19 17:10:53 -06:00
Tim Kourt
87c411f816 eap-tls-common: Introduce a common tls state and load settings 2018-11-19 17:10:53 -06:00
Tim Kourt
514d442db1 eap-tls-common: Add check for phase one settings 2018-11-19 17:10:53 -06:00
Denis Kenzior
1e6df6a226 ecdh: Fix warning 2018-11-19 14:27:17 -06:00
James Prestwood
c3abfde025 ecdh: make key byte ordering consistent
ECDH was expecting the private key in LE, but the public key in BE byte ordering.
For consistency the ECDH now expect all inputs in LE byte ordering. It is up to
the caller to order the bytes appropriately.

This required adding some ecc_native2be/be2native calls in OWE
2018-11-19 13:46:28 -06:00
Andrew Zaborowski
d7dc6606de eap-tls, ttls, peap: Update for l_tls API changes 2018-11-19 13:03:38 -06:00
Denis Kenzior
53db703773 netdev: Fix style 2018-11-19 12:09:27 -06:00
Denis Kenzior
adb14dfca5 netdev: Fix typo 2018-11-19 11:53:30 -06:00
James Prestwood
576c6dc9f3 netdev/station: Add OWE support
The changes to station.c are minor. Specifically,
station_build_handshake_rsn was modified to always build up the RSN
information, not just for SECURITY_8021X and SECURITY_PSK. This is
because OWE needs this RSN information, even though it is still
SECURITY_NONE. Since "regular" open networks don't need this, a check
was added (security == NONE && akm != OWE) which skips the RSN
building.

netdev.c needed to be changed in nearly the same manor as it was for
SAE. When connecting, we check if the AKM is for OWE, and if so create
a new OWE SM and start it. OWE handles all the ECDH, and netdev handles
sending CMD_AUTHENTICATE and CMD_ASSOCIATE when triggered by OWE. The
incoming authenticate/associate events just get forwarded to OWE as they
do with SAE.
2018-11-19 11:51:02 -06:00
James Prestwood
8978f8c43f owe: added OWE module
This module is similar to SAE in that it communicates over authenticate
and associate frames. Creating a new OWE SM requires registering two TX
functions that handle sending the data out over CMD_AUTHENTICATE/ASSOCIATE,
as well as a complete function.

Once ready, calling owe_start will kick off the OWE process, first by
sending out an authenticate frame. There is nothing special here, since
OWE is done over the associate request/response.

After the authenticate response comes in OWE will send out the associate
frame which includes the ECDH public key, and then receive the AP's
public key via the associate response. From here OWE will use ECDH to
compute the shared secret, and the PMK/PMKID. Both are set into the
handshake object.

Assuming the PMK/PMKID are successfully computed the OWE complete callback
will trigger, meaning the 4-way handshake can begin using the PMK/PMKID
that were set in the handshake object.
2018-11-16 18:06:42 -06:00
James Prestwood
60555ece3b handshake: added OWE AKM to handshake_state_derive_ptk 2018-11-16 17:03:06 -06:00
James Prestwood
126993b9e3 eapol: Add OWE to MIC calculate/verify
This allows eapol to work with the OWE AKM type. Similar shortcuts were
taken as with SAE since, for now, both only support a single ECC group.
2018-11-16 17:02:13 -06:00
James Prestwood
d19b1bb85e wiphy: Handle OWE AKM for SECURITY_TYPE_NONE 2018-11-16 16:59:59 -06:00
James Prestwood
ef544dfc6e common: Classify OWE networks as open 2018-11-16 16:59:59 -06:00
James Prestwood
8740abb60e netdev: add translation for OWE AKM type 2018-11-16 16:59:59 -06:00
James Prestwood
3293bd9933 ie: add OWE AKM type
Added a new AKM suite, IE_RSN_AKM_SUITE_OWE.
2018-11-16 16:59:45 -06:00
Tim Kourt
e4a76018fd scan: Make periodic scan optional 2018-11-16 16:42:00 -06:00
James Prestwood
40685e8fe3 crypto: implement HKDF-Expand (RFC 5869)
This will be required by OWE
2018-11-16 16:38:28 -06:00
James Prestwood
0b42ca7c30 crypto: renamed hkdf_256
The RFC (5869) for this implementation defines two functions,
HKDF-Extract and HKDF-Expand. The existing 'hkdf_256' was implementing
the Extract function, so it was renamed appropriately. The name was
changed for consistency when the Expand function will be added in the
future.
2018-11-16 16:30:22 -06:00
James Prestwood
5811e72940 ecdh: added ECDH module 2018-11-16 16:25:17 -06:00
James Prestwood
9b204a8c7e ie: add IE_TYPE_OWE_DH_PARAM to IE list 2018-11-16 16:20:59 -06:00
Denis Kenzior
712a92cc4c network: Simplify is_rsn logic
In the current version SECURITY_PSK was handled inside the is_rsn block
while the SECURITY_8021X was off in its own block.  This was weird and a
bit misleading.  Simplify the code flow through the use of a goto and
decrease the nesting level.

Also optimize out unnecessary use of scan_bss_get_rsn_info
2018-11-15 11:37:20 -06:00
Denis Kenzior
5bfbdd5a01 network: Check Autoconnectable as the first condition 2018-11-15 11:31:39 -06:00
Denis Kenzior
c146490567 network: Introduce __bss_is_sae
This takes an rsn_info pointer directly so that some calls to
scan_bss_get_rsn_info can be optimized
2018-11-15 11:29:13 -06:00
Denis Kenzior
3d549e457d scan: make scan_bss_get_rsn_info const correct 2018-11-15 11:28:46 -06:00
James Prestwood
ad242a796a network: fix 8021x autoconnect
In network_autoconnect, when the network was SECURITY_8021X there was no
check (for SECURITY_PSK) before calling network_load_psk. Since the
provisioning file was for an 8021x network neither PreSharedKey or
Passphrase existed so this would always fail. This fixes the 8021x failure
in testConnectAutoconnect.
2018-11-15 11:20:06 -06:00
James Prestwood
07c870df55 station: only set 8021x config on 8021x networks
During the handshake setup, if security != SECURITY_PSK then 8021x settings
would get set in the handshake object. This didn't appear to break anything
(e.g. Open/WEP) but its better to explicitly check that we are setting up
an 8021x network.
2018-11-14 20:47:42 -06:00
Peter Seiderer
7d6e11ddd5 main: Fix __iwd_backtrace_init() availability detection
Check for HAVE_EXECINFO_H for all __iwd_backtrace_init usages.

Fixes:

  src/main.o: In function `main':
  main.c:(.text.startup+0x798): undefined reference to `__iwd_backtrace_init'
  collect2: error: ld returned 1 exit status
2018-11-10 19:09:14 +01:00
Denis Kenzior
6df62ab68e station: Update to the new GetHiddenAccessPoints API 2018-11-09 14:06:20 -06:00
Denis Kenzior
5f8c20f455 netdev: Enable ControlPortOverNL80211 by default 2018-11-09 11:52:09 -06:00
Denis Kenzior
8732a9f38a main: Add checks for asymmetric key support
Tell the user that Kernel 4.20 with asymmetric key support enabled is
required to support TLS based (EAP/PEAP/TTLS) WPA-Enterprise methods.
2018-11-09 11:50:29 -06:00
Tim Kourt
8c1992feb2 station: Introduce GetHiddenStations API call 2018-11-09 11:34:43 -06:00
Tim Kourt
f803b0439b station: Introduce an ordered list of hidden stations
A sorted list of hidden network BSSs observed in the recent scan
is kept for the informational purposes of the clients. In addition,
it has deprecated the usage of seen_hidden_networks variable.
2018-11-09 11:34:43 -06:00
Andrew Zaborowski
0b5dceab27 network: Don't require PSK if Passphrase present
Refactor the network->psk and network->passphrase loading and saving
logic to not require the PreSharedKey entry in the psk config file and
to generate network->psk lazily on request.  Still cache the computed
PSK in memory and in the .psk file to avoid recomputing it which uses
many syscalls.  While there update the ask_psk variable to
ask_passphrase because we're specifically asking for the passphrase.
2018-11-05 12:43:16 -06:00
Patrik Flykt
0b1e6cc3e5 scan: Log BSSID in messages
If there is an error with the BSSID information, log the BSSID
station address to catch the offending Access Point.
2018-11-05 12:29:41 -06:00
Patrik Flykt
7ec8fd6776 ie: Fix up broken Access Point with too many rates added
According to the specification, Supported rates IE is supposed
to have a maximum length of eight rate bytes. In the wild an
Access Point is found to add 12 bytes of data instead of placing
excess rate bytes in an Extended Rates IE.

BSS: len 480
    BSSID 44:39:C4:XX:XX:XX
    Probe Response: true
    TSF: 0 (0x0000000000000000)
    IEs: len 188
...
        Supported rates:
            1.0(B) 2.0(B) 5.5(B) 6.0(B) 9.0 11.0(B) 12.0(B) 18.0 Mbit/s
            24.0(B) 36.0 48.0 54.0 Mbit/s
            82 84 8b 8c 12 96 98 24 b0 48 60 6c              .......$.H`l
        DSSS parameter set: channel 3
            03
...

Any following IEs decode nicely, thus it seems that we can relax
Supported Rates IE length handling to support this thermostat.
2018-11-05 12:07:22 -06:00
Patrik Flykt
c68ae2f00b main: Log optimized implementations only when they exist
Log optimized implementations strings only when the hashmap contains
items in order to avoid an unnecessary line of text with no members
printed out.
2018-11-05 11:52:48 -06:00
Denis Kenzior
c4153941af netdev: Use l_genl_family_unicast_handler 2018-11-02 15:53:07 -05:00
James Prestwood
1d62f4ec0e eapol: remove unused public eapol functions from header
After moving AP EAPoL code into eapol.c there were a few functions that
no longer needed to be public API's. These were changed to static's and
the header definition was removed.
2018-11-02 14:05:44 -05:00
Marcel Holtmann
554e4f55db build: Fix includes for using with -std=c99 compiler option 2018-11-01 22:37:11 +01:00
Marcel Holtmann
72a64fa7fb build: Adjust to the latest ELL signal API changes 2018-11-01 22:09:19 +01:00
Andrew Zaborowski
e4222d0ebe eap-tls: Set upper limit on request size
Set an upper limit on a fragmented EAP-TLS request size similar to how
we do it in EAP-TTLS.  While there make the code more similar to the
EAP-TTLS flag processing to keep them closer in sync.  Note that the
spec suggests a 64KB limit but it's not clear if that is for the TLS
record or EAP request although it takes into account the whole TLS
negotiation so it might be good for both.
2018-11-01 15:04:56 -05:00
Andrew Zaborowski
0b71b034c1 eap-tls/ttls/peap: Conditionally enable TLS debugging
Print the TLS debug messages if IWD_TLS_DEBUG is set.
2018-11-01 15:04:56 -05:00
Marcel Holtmann
a011909556 main: Use l_main_run_with_signal instead of open coding it 2018-11-01 19:56:16 +01:00
Marcel Holtmann
38e831afa0 main: Make genl and nl80211 global variables static 2018-11-01 19:55:54 +01:00
Marcel Holtmann
013bae6d3d eapol: Make eapol_frame_watch_{add,remove} functions static 2018-11-01 10:27:22 +01:00
Marcel Holtmann
9335602ba0 network: Removed unneeded include for src/watchlist.h 2018-11-01 10:19:26 +01:00
Marcel Holtmann
e1c391a76b wsc: Removed unneeded include for src/watchlist.h 2018-11-01 10:17:54 +01:00
Denis Kenzior
7699c8ab1e eap-ttls: Handle redundant L flags
Some of the TTLS server implementations set the L flag in the fragment
packets other than the first one. To stay interoperable with such devices,
iwd is relaxing the L bit check.
2018-10-30 15:47:57 -05:00
Denis Kenzior
5cc60d18cc eap-md5: Add warning about deprecated settings key 2018-10-29 18:49:19 -05:00
Tim Kourt
99c685940a eap-md5: Standardize setting keys
Switch EAP-MD5 to use the common password setting key nomenclature.
The key name has been changed from PREFIX-MD5-Secret to PREFIX-Password.
Note: The old key name is supported.
In addition, this patch adds an ability to request Identity and/or
Password from user.
2018-10-29 18:46:07 -05:00
James Prestwood
b9029aaf65 adhoc: wait for both handshakes before adding peer
Adhoc was not waiting for BOTH handshakes to complete before adding the
new peer to the ConnectedPeers property. Actually waiting for the gtk/igtk
(in a previous commit) helps with this, but adhoc also needed to keep track
of which handshakes had completed, and only add the peer once BOTH were done.
This required a small change in netdev, where we memcmp the addresses from
both handshakes and only set the PTK on one.
2018-10-26 15:29:48 -05:00
James Prestwood
e678d6655f netdev: signal handshake complete after setting all keys
Currently, netdev triggers the HANDSHAKE_COMPLETE event after completing
the SET_STATION (after setting the pairwise key). Depending on the timing
this may happen before the GTK/IGTK are set which will result in group
traffic not working initially (the GTK/IGTK would still get set, but group
traffic would not work immediately after DBus said you were connected, this
mainly poses a problem with autotests).

In order to fix this, several flags were added in netdev_handshake_state:
ptk_installed, gtk_installed, igtk_installed, and completed. Each of these
flags are set true when their respective keys are set, and in each key
callback we try to trigger the handshake complete event (assuming all the
flags are true). Initially the gtk/igtk flags are set to true, for reasons
explained below.

In the WPA2 case, all the key setter functions are called sequentially from
eapol. With this change, the PTK is now set AFTER the gtk/igtk. This is
because the gtk/igtk are optional and only set if group traffic is allowed.
If the gtk/igtk are not used, we set the PTK and can immediately trigger the
handshake complete event (since gtk_installed/igtk_installed are initialized
as true). When the gtk/igtk are being set, we immediately set their flags to
false and wait for their callbacks in addition to the PTK callback. Doing it
this way handles both group traffic and non group traffic paths.

WPA1 throws a wrench into this since the group keys are obtained in a
separate handshake. For this case a new flag was added to the handshake_state,
'wait_for_gtk'. This allows netdev to set the PTK after the initial 4-way,
but still wait for the gtk/igtk setters to get called before triggering the
handshake complete event. As a precaution, netdev sets a timeout that will
trigger if the gtk/igtk setters are never called. In this case we can still
complete the connection, but print a warning that group traffic will not be
allowed.
2018-10-26 15:26:49 -05:00
Marcel Holtmann
9b2bb2723f crypto: Use full include path local includes 2018-10-26 21:35:27 +02:00
Marcel Holtmann
77710f9765 simauth: Use full include path local includes 2018-10-26 21:34:58 +02:00
Marcel Holtmann
515c130549 storage: Use full include path local includes 2018-10-26 21:34:00 +02:00
Marcel Holtmann
0b93fde3b4 wscutil: Use full include path local includes 2018-10-26 21:33:38 +02:00
Marcel Holtmann
162e6a19f6 watchlist: Use full include path local includes 2018-10-26 21:33:01 +02:00
Marcel Holtmann
1eaca1f8e1 mscaputil: Use full include path local includes 2018-10-26 21:32:20 +02:00
Marcel Holtmann
3fa63ede50 eapol: Use full include path local includes 2018-10-26 21:31:52 +02:00
Marcel Holtmann
c2d0517228 knownnetworks: Use full include path local includes 2018-10-26 21:30:44 +02:00
Marcel Holtmann
e92b976663 ecc: Use full include path local includes 2018-10-26 21:29:45 +02:00
Marcel Holtmann
42cfaeb265 sae: Use full include path local includes 2018-10-26 21:29:08 +02:00
Marcel Holtmann
785be02ee5 mpdu: Use full include path local includes 2018-10-26 21:28:10 +02:00
Marcel Holtmann
52f7f1dea2 handshake: Use full include path local includes 2018-10-26 21:27:01 +02:00
Marcel Holtmann
23a7fafec6 ie: Use full include path for local includes 2018-10-26 21:26:17 +02:00
Marcel Holtmann
be5bf7ee15 util: Only include <ell/ell.h> and use full include path 2018-10-26 21:24:20 +02:00
Denis Kenzior
a2efe2d2de eap-pwd: Warn if deprecated setting is used 2018-10-25 14:52:30 -05:00
Tim Kourt
df59d57f96 eap-pwd: Standardize setting keys
Switch EAP-PWD to use the common password setting key nomenclature.
2018-10-25 14:29:56 -05:00
Denis Kenzior
c256dbfbd8 eap-gtc: Warn if deprecated setting is used 2018-10-25 14:25:28 -05:00
Tim Kourt
c92f8231b2 eap-gtc: Standardize property keys
Switch EAP-GTC to use the common password setting key nomenclature.
2018-10-25 14:14:16 -05:00
Tim Kourt
e8de229223 ttls: add support for tunneled MS-CHAP 2018-10-24 16:33:06 -05:00
Tim Kourt
b46376980a mschaputil: Add MS CHAP utilities 2018-10-24 16:28:46 -05:00
Denis Kenzior
ae538eae7d netdev: Cancel ongoing rekey offload
We need to cancel an ongoing rekey offload in a few additional places
besides the netdev destructor.
2018-10-20 10:38:56 -05:00
Denis Kenzior
8501b2edb1 netdev: Add a TODO about Rekey Offload errors 2018-10-20 10:36:42 -05:00
Denis Kenzior
658362a349 netdev: Put command cancelation into a common function 2018-10-20 10:35:28 -05:00
Tim Kourt
e979bf97f1 netdev: add an ability to cancel hw rekey cmd
==1628== Invalid read of size 1
==1628==    at 0x405E71: hardware_rekey_cb (netdev.c:1381)
==1628==    by 0x444E5B: process_unicast (genl.c:415)
==1628==    by 0x444E5B: received_data (genl.c:534)
==1628==    by 0x442032: io_callback (io.c:126)
==1628==    by 0x4414CD: l_main_iterate (main.c:387)
==1628==    by 0x44158B: l_main_run (main.c:434)
==1628==    by 0x403775: main (main.c:489)
==1628==  Address 0x5475208 is 312 bytes inside a block of size 320 free'd
==1628==    at 0x4C2ED18: free (vg_replace_malloc.c:530)
==1628==    by 0x43D94D: l_queue_clear (queue.c:107)
==1628==    by 0x43D998: l_queue_destroy (queue.c:82)
==1628==    by 0x40B431: netdev_shutdown (netdev.c:4765)
==1628==    by 0x403B17: iwd_shutdown (main.c:81)
==1628==    by 0x4419D2: signal_callback (signal.c:82)
==1628==    by 0x4414CD: l_main_iterate (main.c:387)
==1628==    by 0x44158B: l_main_run (main.c:434)
==1628==    by 0x403775: main (main.c:489)
==1628==  Block was alloc'd at
==1628==    at 0x4C2DB6B: malloc (vg_replace_malloc.c:299)
==1628==    by 0x43CA4D: l_malloc (util.c:62)
==1628==    by 0x40A853: netdev_create_from_genl (netdev.c:4517)
==1628==    by 0x444E5B: process_unicast (genl.c:415)
==1628==    by 0x444E5B: received_data (genl.c:534)
==1628==    by 0x442032: io_callback (io.c:126)
==1628==    by 0x4414CD: l_main_iterate (main.c:387)
==1628==    by 0x44158B: l_main_run (main.c:434)
==1628==    by 0x403775: main (main.c:489)
2018-10-20 10:29:52 -05:00
Marcel Holtmann
a59e162446 knownnetworks: Use l_dir_watch instead of l_fswatch 2018-10-19 19:14:05 +02:00
Marcel Holtmann
8f8a214fbd build: Use new l_tls_prf_get_bytes and remove ell/tls-private.h usage 2018-10-19 09:30:59 +02:00
Marcel Holtmann
467d3958b4 build: Use l_tls_prf_get_bytes instead of tls_prf_get_bytes 2018-10-19 08:46:57 +02:00
Marcel Holtmann
b27edce298 build: Use include "" instead of include <> for ell/tls-private.h 2018-10-19 08:24:57 +02:00
Denis Kenzior
d22e57c994 treewide: Remove use of key-private.h 2018-10-19 00:31:41 -05:00
Denis Kenzior
6e8f10f695 eap-ttls: Use iwd's version of align_len
No need to include ell's private bits unnecessarily
2018-10-19 00:20:47 -05:00
Denis Kenzior
770f3c6049 dbus: Remove unneeded include 2018-10-19 00:20:35 -05:00
Marcel Holtmann
1ee7de15c8 ttls: Fix truncated before the last format character 2018-10-14 11:35:48 +02:00
Marcel Holtmann
a3c1fa28da build: Rename nl80211_util.[ch] into nl80211util.[ch] 2018-10-14 05:41:06 +02:00
James Prestwood
70d6c9c692 adhoc: implement setting TX GTK
Adhoc requires 2 GTK's to be set, a single TX GTK and a per-mac RX GTK.
The per-mac RX GTK already gets set via netdev_set_gtk. The single TX GTK
is created the same as AP, where, upon the first station connecting a GTK
is generated and set in the kernel. Then any subsequent stations use
GET_KEY to retrieve the GTK and set it in the handshake.
2018-10-08 21:38:30 -05:00
James Prestwood
2123d613fc nl80211: support per-mac GTK on _new_key_group
AdHoc will require a per-mac GTK to be set. For this reason
nl80211_build_new_key_group has been updated to optionally take
a MAC address.
2018-10-08 21:35:33 -05:00
James Prestwood
5e5caedb90 nl80211: added verifier/parser for GET_KEY
AdHoc will also need the same functionality to verify and parse the
key sequence from GET_KEY. This block of code was moved from AP's
GET_KEY callback into nl80211_parse_get_key_seq.
2018-10-08 21:35:24 -05:00
James Prestwood
60aba7114e nl80211: make SET_KEY/GET_KEY common
Moved AP helpers for building SET_KEY/GET_KEY commands into
nl80211_util.c
2018-10-08 21:35:12 -05:00
James Prestwood
04a9315a3c nl80211: introduce nl80211 utility API's
Netdev/AP share several NL80211 commands and each has their own
builder API's. These were moved into a common file nl80211_util.[ch].

A helper was added to AP for building NEW_STATION to make the associate
callback look cleaner (rather than manually building NEW_STATION).
2018-10-08 21:34:58 -05:00
Andrew Zaborowski
dc39c52525 station: Cancel ongoing scans in station_free
Make scan.c forget station's scan callbacks to prevent crash when
switching interface types with a scan running.
2018-10-08 11:33:53 -05:00
James Prestwood
395acc8203 netdev: simplify netdev_choose_key_address
The key address can be chosen regardless of iftype. The deciding
factor is the authenticator bit in the handshake.
2018-10-08 11:29:47 -05:00
Andrew Zaborowski
fb85b1d1a7 netdev: Check that netdev->device is not NULL
Check that netdev->device is not NULL before doing device_remove()
(which would crash) and emitting NETDEV_WATCH_EVENT_DEL.  It may be
NULL if the initial RTM_SETLINK has failed to bring device UP.
2018-10-04 20:57:33 -05:00
Andrew Zaborowski
6e70c84f8e station: Ignore ad-hoc networks in scan results
If there are Ad-hoc BSSes they should be present in the scan results
together with regular APs as far as scan.c is concerned.  But in
station mode we can't connect to them -- the Connect method will fail and
autoconnect would fail.  Since we have no property to indicate a
network is an IBSS just filter these results out for now.  There are
perhaps better solutions but the benefit is very low.
2018-10-03 16:56:19 -05:00
Tim Kourt
0682ddad37 ttls: change signature of the inner reset funcs 2018-10-01 17:30:29 -05:00
Tim Kourt
f0a86519e9 ttls: add support for tunneled CHAP 2018-10-01 17:14:19 -05:00
Tim Kourt
ba5cf86716 ttls: add support for tunneled PAP 2018-10-01 17:12:17 -05:00
Tim Kourt
aedf89ca37 ttls: remove load_settings from phase2_method 2018-10-01 17:11:39 -05:00
Tim Kourt
726ff5d2b1 ttls: exclude avp_builder_put_bytes 2018-10-01 17:11:10 -05:00
Tim Kourt
2aefd8badf ttls: improve avp build approach 2018-10-01 17:10:03 -05:00
Tim Kourt
e6bf22f8c9 ttls: add support for non eap auth settings 2018-09-26 17:55:44 -05:00
Tim Kourt
8f0c4a769a ttls: clear the obtained memory to prevent info leaks 2018-09-26 17:19:46 -05:00
Tim Kourt
3d77748bca ttls: change signature of the inner destroy funcs. 2018-09-26 17:19:05 -05:00
Tim Kourt
b2ec0c350a ttls: fix check on avp start 2018-09-25 16:23:40 -05:00
James Prestwood
50acc11f07 wiphy: added wiphy_select_akm
This is a replacement for station's static select_akm_suite. This was
done because wiphy can make a much more intellegent decision about the
akm suite by checking the wiphy supported features e.g. SAE support.

This allows a connection to hybrid WPA2/WPA3 AP's if SAE is not
supported in the kernel.
2018-09-25 10:58:04 -05:00
James Prestwood
272cb441cd wiphy: only connect to SAE if feature is supported 2018-09-25 10:56:06 -05:00
Andrew Zaborowski
36c441c945 ap: Set up the GTK and pass to handshake
Set a default GTK cipher type same as our current PTK type, generate a
random GTK when the first STA connects and set it up in the kernel, then
pass the values that EAPoL is going to need to the handshake_state.
2018-09-25 10:53:40 -05:00
Andrew Zaborowski
01edef9001 netdev: Reject setting powered while setting iftype
In netdev_set_powered also check that no NL80211_CMD_SET_INTERFACE is in
progress because once it returned we would overwrite
netdev->set_powered_cmd_id (could also add a check there but it seems
more logical to just disallow Powered property changes while Mode is
being changed, since we also disallow Mode changes while Powered is
being changed.)
2018-09-25 10:51:48 -05:00
Denis Kenzior
ebda2ce60f device: Remove unneeded includes 2018-09-24 19:29:40 -05:00
Denis Kenzior
87118959e6 device: Obtain station using station_find
Since device object no longer creates / destroys station objects, use
station_find inside ap directed roam events to direct these to the
station interface.
2018-09-24 19:27:04 -05:00
Andrew Zaborowski
8632b81397 eapol: Add GTK data to msg 3/4 of the handshake 2018-09-24 14:53:41 -05:00
Andrew Zaborowski
e4873dea5a handshake: Use enum handshake_kde in find_kde()
Since we have all the KDE types defined in enum handshake_kde use that
instead of uint8_t buffers containing the same values.
2018-09-24 14:24:41 -05:00
Andrew Zaborowski
7c779956ac handshake: Add handshake_util_build_gtk_kde utility 2018-09-24 14:24:41 -05:00
Andrew Zaborowski
68e612573e handshake: Add GTK data to handshake_state
Add places to store the GTK data, index and RSC in struct
handshake_state and add a setter function for these fields.  We may want
to also convert install_gtk to use these fields similar to install_ptk.
2018-09-24 14:24:41 -05:00
Denis Kenzior
7eb59602df netdev: Drop redundant netdev_get_device checks
As a consequence of the previous commit, netdev watches are always
called when the device object is valid.  As a result, we can drop the
netdev_get_device calls and checks from individual AP/AdHoc/Station/WSC
netdev watches
2018-09-24 14:12:43 -05:00
Andrew Zaborowski
916bde3a02 netdev: Don't emit events before NETDEV_WATCH_EVENT_NEW 2018-09-24 14:09:36 -05:00
Andrew Zaborowski
c96f44b2e6 station: Make station_create/station_free static
These two functions don't need to be used from outside of station.c
anymore so make them static and simplify the station_create arguments
slightly.
2018-09-24 14:07:03 -05:00
Andrew Zaborowski
567baed2c4 station: Create interface simliarly to AP, AdHoc interfaces
Instead of creating the Station interface in device.c create it directly
on the netdev watch event the same way that the AP and AdHoc interfaces
are created and freed.  This fixes some minor incosistencies, for
example station_free was previously called twice, once from device.c and
once from the netdev watch.

device.c would previously keep the pointer returned by station_create()
but that pointer was not actually useful so remove it.  Autotests still
seem to pass.
2018-09-24 14:05:03 -05:00
Andrew Zaborowski
daf248e1ba station: Disconnect netdev in station_free()
Call netdev_disconnect() to make netdev forget any of station.c's
callbacks for connections or transitions in progress or established.
Otherwise station.c will crash as soon as we're connected and try to
change interface mode:
==17601== Invalid read of size 8
==17601==    at 0x11DFA0: station_disconnect_event (station.c:775)
==17601==    by 0x11DFA0: station_netdev_event (station.c:1570)
==17601==    by 0x115D18: netdev_disconnect_event (netdev.c:868)
==17601==    by 0x115D18: netdev_mlme_notify (netdev.c:3403)
==17601==    by 0x14E287: l_queue_foreach (queue.c:441)
==17601==    by 0x1558B4: process_multicast (genl.c:469)
==17601==    by 0x1558B4: received_data (genl.c:532)
==17601==    by 0x152888: io_callback (io.c:123)
==17601==    by 0x151BCD: l_main_iterate (main.c:376)
==17601==    by 0x151C9B: l_main_run (main.c:423)
==17601==    by 0x10FE20: main (main.c:489)
2018-09-24 13:57:36 -05:00
Andrew Zaborowski
f9faeed7bb ap, adhoc: On NETDEV_WATCH_EVENT_NEW check device is UP
Since the interfaces are not supposed to exist when the device is DOWN
(we destroy the interfaces on NETDEV_WATCH_EVENT_DOWN too), don't
create the interfaces if the device hasn't been brought up yet.
2018-09-24 13:56:02 -05:00
Andrew Zaborowski
99e7e0d977 netdev: Update ifi_flags in rntl_set_powered callbacks
When we detect a new device we either bring it down and then up or only
up.  The IFF_UP flag in netdev->ifi_flags is updated before that, then
we send the two rtnl commands and then fire the NETDEV_WATCH_EVENT_NEW
event if either the bring up succeeded or -ERFKILL was returned, so the
device may either be UP or DOWN at that point.

It seems that a RTNL NEWLINK notification is usually received before
the RTNL command callback but I don't think this is guaranteed so update
the IFF_UP flag in the callbacks so that the NETDEV_WATCH_EVENT_NEW
handlers can reliably use netdev_get_is_up()
2018-09-24 13:54:24 -05:00
Andrew Zaborowski
ab6160b017 netdev: Drop DEFAULT_TYPES nl80211 attr of CMD_NEW_KEY
The NL80211_ATTR_KEY_DEFAULT_TYPES attribute is only parsed by the
kernel if either NL80211_ATTR_KEY_DEFAULT or
NL80211_ATTR_KEY_DEFAULT_MGMT are also present, however these are only
used with NL80211_CMD_SET_KEY and ignored for NEW_KEY.  As far as I
understand the default key concept only makes sense for a Tx key because
on Rx all keys can be tried, so we don't need this for client mode.  The
kernel decides whether the NEW_KEY is for unicast or multicast based on
whether NL80211_ATTR_KEY_MAC was supplied.
2018-09-24 13:14:27 -05:00
Denis Kenzior
b60e79b8dd eap-wsc: Do not leak device_password
device password was read from settings using l_settings_get_string which
returns a newly-allocated string due to un-escape semantics.  However,
when assigning wsc->device_password, we strdup-ed the password again
unnecessarily.

==1069== 14 bytes in 2 blocks are definitely lost in loss record 1 of 1
==1069==    at 0x4C2AF0F: malloc (vg_replace_malloc.c:299)
==1069==    by 0x16696A: l_malloc (util.c:62)
==1069==    by 0x16B14B: unescape_value (settings.c:108)
==1069==    by 0x16D12C: l_settings_get_string (settings.c:971)
==1069==    by 0x149680: eap_wsc_load_settings (eap-wsc.c:1270)
==1069==    by 0x146113: eap_load_settings (eap.c:556)
==1069==    by 0x12E079: eapol_start (eapol.c:2022)
==1069==    by 0x1143A5: netdev_connect_event (netdev.c:1728)
==1069==    by 0x118751: netdev_mlme_notify (netdev.c:3406)
==1069==    by 0x1734F1: notify_handler (genl.c:454)
==1069==    by 0x168987: l_queue_foreach (queue.c:441)
==1069==    by 0x173561: process_multicast (genl.c:469)
2018-09-24 12:19:27 -05:00
Denis Kenzior
3ca1aeb917 wsc: Don't use wsc_pin_is_checksum_valid on 4 digit PINs
wsc_pin_is_valid allows two types of PINs through:
  1. 4 digit numeric PIN
  2. 8 digit numeric PIN

The current code always calls wsc_pin_is_checksum_valid to determine
whether a DEFAULT or USER_SPECIFIED PIN is used.  However, this function
is not safe to call on 4 digit PINs and causes a buffer overflow.

Add simple checks to treat 4 digit PINs as DEFAULT PINs and do not call
wsc_pin_is_checksum_valid on these.

Reported-By: Matthias Gerstner <matthias.gerstner@suse.de>
2018-09-24 12:19:27 -05:00
Denis Kenzior
cc37018426 eap-wsc: Drop 8 digit PIN check
EAP-WSC handles 4 digit, 8 digit and out-of-band Device passwords.  The
latter in particular can be anything, so drop the mandatory minimum
password length check here.

This also has the effect of enabling 4-digit PINs to actually work as
they are intended.
2018-09-24 12:19:27 -05:00
Tim Kourt
a3cc68e61e ttls: add radius AVP builder and build response 2018-09-21 18:07:58 -05:00
Tim Kourt
4d8791dd3a ttls: replace old AVP processing with new 2018-09-21 15:20:18 -05:00
Tim Kourt
5d1d1ad893 ttls: add radius AVP parser 2018-09-21 15:19:13 -05:00
Tim Kourt
71ba8ac765 ttls: introduce phase2_method structure
The struct allows to support multiple types of the tunneled methods.
Previously, EAP-TTLS was supporting only the eap based ones.
This patch is also starts to move some of the phase 2 EAP
functionality into the new structure.
2018-09-21 15:19:13 -05:00
Tim Kourt
a7f5d1da21 ttls: remove unused state var 2018-09-21 12:15:28 -05:00
Tim Kourt
410ee2f6b9 eap-tls-common: introduce utility functions for eap-tls 2018-09-21 12:15:25 -05:00
James Prestwood
a553771ffe netdev: station: support FT over SAE
Boiled down, FT over SAE is no different than FT over PSK, apart from
the different AKM suite. The bulk of this change fixes the current
netdev/station logic related to SAE by rebuilding the RSNE and adding
the MDE if present in the handshake to match what the PSK logic does.

A common function was introduced into station which will rebuild the
handshake rsne's for a target network. This is used for both new
network connections as well as fast transitions.
2018-09-21 11:26:05 -05:00
James Prestwood
8064cb599a ie: introduce IE_AKM_IS_SAE macro
To prepare for FT over SAE, several case/if statements needed to include
IE_RSN_AKM_SUITE_FT_OVER_SAE. Also a new macro was introduced to remove
duplicate if statement code checking for both FT_OVER_SAE and SAE AKM's.
2018-09-21 11:26:05 -05:00
James Prestwood
996a18e934 network: free EAP_CACHE_NEVER secret types
When freeing a network secrets any secrets labeled with CACHE_NEVER
would get removed from the secret queue but never actually freed.
2018-09-19 14:33:23 -05:00
James Prestwood
74b8b6d65c watchlist: fix stale watchlist item processing
All the watchlist notify macros were broken in that they did not check
that the watchlist item was still valid before calling it. This only
came into play when a watchlist was being notified and one of the notify
functions removed an item from the same watchlist. It appears this was
already thought of since watchlist_remove checks 'in_notify' and will
mark the item's id as stale (0), but that id never got checked in the
notify macros.

This fixes testAdHoc valgrind warning:

==3347== Invalid read of size 4
==3347==    at 0x416612: eapol_rx_auth_packet (eapol.c:1871)
==3347==    by 0x416DD4: __eapol_rx_packet (eapol.c:2334)
==3347==    by 0x40725B: netdev_pae_read (netdev.c:3515)
==3347==    by 0x440958: io_callback (io.c:123)
==3347==    by 0x43FDED: l_main_iterate (main.c:376)
==3347==    by 0x43FEAB: l_main_run (main.c:423)
==3347==    by 0x40377A: main (main.c:489)
...
2018-09-19 14:17:26 -05:00
Denis Kenzior
ba248e028e station: Make station_rssi_level_changed static 2018-09-19 13:47:51 -05:00
Denis Kenzior
f06c3b645d station: Make station_state_to_string static 2018-09-19 13:45:49 -05:00
Tim Kourt
59c4c8ac6b scan: change scan triggered notification behavior
Do not notify the caller after the first scan_triggered event in
multi-segmented scans.
2018-09-19 11:53:36 -05:00
Tim Kourt
b5aefede95 network: add check for the existing settings
In the case of the open networks with hidden SSIDs
the settings object is already created.

Valgrind:
==4084==    at 0x4C2EB6B: malloc (vg_replace_malloc.c:299)
==4084==    by 0x43B44D: l_malloc (util.c:62)
==4084==    by 0x43E3FA: l_settings_new (settings.c:83)
==4084==    by 0x41D101: network_connect_new_hidden_network (network.c:1053)
==4084==    by 0x4105B7: station_hidden_network_scan_results (station.c:1733)
==4084==    by 0x419817: scan_finished (scan.c:1165)
==4084==    by 0x419CAA: get_scan_done (scan.c:1191)
==4084==    by 0x443562: destroy_request (genl.c:139)
==4084==    by 0x4437F7: process_unicast (genl.c:424)
==4084==    by 0x4437F7: received_data (genl.c:534)
==4084==    by 0x440958: io_callback (io.c:123)
==4084==    by 0x43FDED: l_main_iterate (main.c:376)
==4084==    by 0x43FEAB: l_main_run (main.c:423)
2018-09-19 11:52:33 -05:00
Denis Kenzior
88b2aefeed wiphy: Add missing blank 2018-09-18 17:06:07 -05:00
Denis Kenzior
e52204f46f station: Fix scan_pending assignment
In case an error occurs starting a scan, the scan_pending variable is
never cleared and message is never unrefed.
2018-09-18 13:58:52 -05:00
Denis Kenzior
d347100ac2 device: Remove the rest of the legacy Device properties 2018-09-14 21:53:01 -05:00
Denis Kenzior
42e5dbf6f8 device: Remove legacy GetOrderedNetworks 2018-09-14 21:49:13 -05:00
Denis Kenzior
b2e0a82225 device: Remove Scan method 2018-09-14 21:21:47 -05:00
Denis Kenzior
c47db2635f device: Remove Disconnect method 2018-09-14 21:20:33 -05:00
Marcel Holtmann
804ce5944b dbus: Make the g_dbus global variable static 2018-09-14 23:01:32 +02:00
Marcel Holtmann
2606bc73ad build: Add DAEMON_ prefix to CONFIGDIR and STORAGEDIR 2018-09-14 17:58:44 +02:00
Marcel Holtmann
1e37ef31fe eapol: Move eapol_key_validate() into eapolutil helper 2018-09-14 17:31:42 +02:00
Marcel Holtmann
c40be7a7d5 monitor: Add EAP dummy method to keep linker happy 2018-09-14 17:12:47 +02:00
Marcel Holtmann
502aac073f tools: Add configure option and D-Bus policy file for hwsim utility 2018-09-14 15:24:15 +02:00
Marcel Holtmann
5126459ecc main: Fix the order of --help and -h option handling 2018-09-14 15:19:06 +02:00
Marcel Holtmann
0c5b6e4da3 dbus: Fix policy entries and add access for group wheel 2018-09-14 15:04:15 +02:00
Denis Kenzior
b181604c18 main: Don't init nl80211 until dbus name is owned 2018-09-11 20:06:00 -05:00
Denis Kenzior
95896c10ff device: Fix crashes when outside of Station mode 2018-09-10 20:01:35 -05:00
Denis Kenzior
0a42f63d42 station: Update GetOrderedNetworks API implementation
The Station interface GetOrderedNetworks signature now matches the API
documentation.  Device.GetOrderedNetworks still uses the legacy
signature.
2018-09-08 10:34:52 -05:00
Andrew Zaborowski
854ce2b062 station: Emit PropertiesChanged on the Station interface too 2018-09-07 21:23:41 -05:00
Tim Kourt
18aa744099 eap: clarify warning message 2018-09-07 12:31:03 -05:00
Tim Kourt
bb5997c4ea peap: fix typo and add labels 2018-09-07 12:30:05 -05:00
Tim Kourt
2735e32b10 peap: handle redundant usage of the L flag
Some of the PEAP server implementations set the L flag along with
redundant TLS Message Length field for the un-fragmented packets.
This patch allows to identify and handle such occasions.
2018-09-07 12:26:23 -05:00
Tim Kourt
958bd12624 peap: accept EAP type 33 as termination mechanism for PEAPv1
EAP Extensions type 33 is used in PEAPv0 as a termination
mechanism for the tunneled EAP methods. In PEAPv1
the regular EAP-Success/Failure packets must be used to terminate
the method. Some of the server implementations of PEAPv1
rely on EAP Extensions method to terminate the conversation
instead of the required Success/Failure packets. This patch
makes iwd interoperable with such devices.
2018-09-06 18:23:24 -05:00
James Prestwood
397bf9c0bd crypto: pwd: sae: Made H function common
The "H" function used by SAE and EAP-PWD was effectively the same
function, EAP-PWD just used a zero key for its calls. This removes
the duplicate implementations and merges them into crypto.c as
"hkdf_256".

Since EAP-PWD always uses a zero'ed key, passing in a NULL key to
hkdf_256 will actually use a 32 byte zero'ed array as the key. This
avoids the need for EAP-PWD to store or create a zero'ed key for
every call.

Both the original "H" functions never called va_end, so that was
added to hkdf_256.
2018-09-05 11:12:54 -05:00
Denis Kenzior
5db022041c station: Fix up some printf type inconsistencies
The ifindex as reported by netdev is unsigned, so make sure that it is
printed as such.  It is astronomically unlikely that this causes any
actual issues, but lets be paranoid.
2018-09-05 11:09:35 -05:00
Denis Kenzior
0f34e1a0c1 station: Expose ConnectedNetwork, Scanning and State
These properties will temporarily be exposed on both interfaces
until tools such as test runner, iwctl and NetworkManager/ConnMan
are ported over.
2018-09-05 11:09:35 -05:00
Denis Kenzior
2f2ec71a6c station: Expose Scan, Disconnect, GetOrderedNetworks
These methods will temporarily be exposed on both interfaces until tools
such as test runner, iwctl and NetworkManager/ConnMan are ported over.
2018-09-05 11:09:35 -05:00
Denis Kenzior
b650a5d492 station: Move ConnectHiddenNetwork to station 2018-09-05 11:09:35 -05:00
Denis Kenzior
f61747f011 device: Allow switching mode even if station is busy
Since device will no longer be aware of what is happening on the station
interface, we should allow switching modes in any situation
2018-09-04 23:57:14 -05:00
Denis Kenzior
25f36f5644 station: Move remaining connect/re-connect/roam logic 2018-09-04 23:57:14 -05:00
Denis Kenzior
cdfcb902e4 station: move signal level agent logic from device 2018-09-04 23:57:14 -05:00
Denis Kenzior
ac83a35b97 station: Register skeleton dbus interface 2018-09-04 23:57:14 -05:00
Denis Kenzior
f3d326b0fd adhoc: Fix comment 2018-09-04 23:57:14 -05:00
Denis Kenzior
4c8b39da3b station: Move device_disconnect_event to station 2018-09-04 23:57:14 -05:00
Denis Kenzior
d8617a5000 station: Move device_disassociate to station 2018-09-04 23:57:14 -05:00
Denis Kenzior
520d3ad6b2 station: move GetSortedNetworks implementation 2018-09-04 23:57:14 -05:00
Denis Kenzior
77b006b4e9 station: Move dbus disconnection logic from device 2018-09-04 23:57:14 -05:00
Denis Kenzior
12ce9debec station: Move device_disconnect to station 2018-09-04 23:57:14 -05:00
Denis Kenzior
ee91cfcb7e station: Move hidden network code from device 2018-09-04 23:57:14 -05:00
Denis Kenzior
e65c3e63be station: Move state reset code from device 2018-09-04 23:57:14 -05:00
Denis Kenzior
f8b724d3ba wsc/device: Use station_set_autoconnect 2018-09-04 23:57:14 -05:00
Denis Kenzior
b49ec9461b station: move the remaining scanning code from device 2018-09-04 23:57:14 -05:00
Denis Kenzior
58c8243114 device: Get rid of device_list queue 2018-09-04 23:57:14 -05:00
Denis Kenzior
553a8c1bae device/wsc: Use station_set_scan_results 2018-09-04 23:57:14 -05:00
Denis Kenzior
187ea7f5d1 device/network: Use station_is_busy 2018-09-04 23:57:14 -05:00
Denis Kenzior
f996bea880 station: Add station_is_busy 2018-09-04 23:57:14 -05:00
Denis Kenzior
5e2cce2e0b device: Remove unused device_get_connected_network 2018-09-04 23:57:14 -05:00
Denis Kenzior
1962549152 device: Remove device_network_find
Switch to using station_network_find instead
2018-09-04 23:57:14 -05:00
Denis Kenzior
dcfdd0ccde network: Use station_foreach
Instead of __iwd_device_foreach api, use the newly introduced
station_foreach API
2018-09-04 23:57:14 -05:00
Denis Kenzior
d576c28d9f device: Remove device_get_path
Use netdev_get_path instead
2018-09-04 23:57:14 -05:00
Denis Kenzior
993a69cef8 network: Make network station centric 2018-09-04 23:57:14 -05:00
Denis Kenzior
0650707eea station: Add station_get_connected_network 2018-09-04 23:57:14 -05:00
Denis Kenzior
d0ec5fcf77 station: Add station_get_netdev 2018-09-04 23:57:14 -05:00
Denis Kenzior
5837e65c40 station: Add station_get_wiphy 2018-09-04 23:57:14 -05:00
Denis Kenzior
738faa7657 network: Pass connected state to network_rank_update 2018-09-04 23:57:14 -05:00
Denis Kenzior
b69f938879 device: Get rid of connected_bss member 2018-09-04 23:57:14 -05:00
Denis Kenzior
e6c6e4f0ae device: Get rid of connected_network member 2018-09-04 23:57:14 -05:00
Denis Kenzior
575d0fa554 station: Move roam triggering & scanning code
Move the roam initiation (signal loss, ap directed roaming) and scanning
details into station from device.  Certain device functions have been
exposed temporarily to make this possible.
2018-09-04 23:57:14 -05:00
Denis Kenzior
966cad3696 network: Remove unused function 2018-09-04 23:57:14 -05:00
Denis Kenzior
e028b7019c station: Move state tracking from device 2018-09-04 23:57:14 -05:00
Denis Kenzior
69f1c3321a station: Add station_find 2018-09-04 23:57:14 -05:00
Denis Kenzior
1378a3c945 station: Move scanning code from device 2018-09-04 23:57:14 -05:00
Denis Kenzior
1b22af2052 scan: Add scan_bss_addr_cmp/eq 2018-09-04 23:57:14 -05:00
Denis Kenzior
9b574b5931 station: Move autoconnect logic from device 2018-09-04 23:57:14 -05:00
Denis Kenzior
977b817f3c device: Modify signature of device_set_scan_results
WSC was using this to set the scan results.  However it never needed the
autoconnect paths, so modify the signature to make this explicit.
2018-09-04 23:57:14 -05:00
Denis Kenzior
345485c506 device: Split process_bss
process_bss performs two main operations.  It adds a seen BSS to a
network object (existing or new) and if the device is in the autoconnect
state, it adds an autoconnect entry as needed.  Split this operation
into two separate & independent steps.
2018-09-04 23:57:14 -05:00
Denis Kenzior
e6060c1026 station: Move handshake setup code from device
For now we temporarily create the station object from within device so
that the code can be moved over in a more manageable manner.
2018-08-31 20:25:23 -05:00
Denis Kenzior
641e71a02f station: Add skeleton 2018-08-31 20:24:15 -05:00
Denis Kenzior
839053c952 device: Get rid of timestamp parameter in process_bss
This is no longer being used
2018-08-31 14:53:56 -05:00
James Prestwood
35231a1b2c adhoc: removed unneeded check for !sta->addr
sta->addr is is guarenteed to be valid (assuming sta is valid).
2018-08-29 12:49:06 -05:00
Andrew Zaborowski
5f3cdc2093 handshake: Rename own_ie/ap_ie and related setters
To avoid confusion in case of an authenticator side handshake_state
structure and eapol_sm structure, rename own_ie to supplicant_ie and
ap_ie to authenticator_ie.  Also rename
handshake_state_set_{own,ap}_{rsn,wpa} and fix when we call
handshake_state_setup_own_ciphers.  As a result
handshake_state_set_authenticator, if needed, should be called before
handshake_state_set_{own,ap}_{rsn,wpa}.
2018-08-27 11:42:45 -05:00
Andrew Zaborowski
ddbc49538e ap: Drop a RSNE check
After EAPOL logic was moved to eapol.c a check was added to
ap_associate_sta_cb to bitwise compare the AP's RSNE to the RSNE
received in the (Re)Association frame.  There is as far as I know no
reason for them to be the same (although they are in our autotest) and
if there was a reason we'd rather validate the (Re)Association RSNE
immediately when received.  We also must set different RSNEs as the
"own" (supplicant) and "ap" RSNEs in the handshake_state for validation
of step 2/4 in eapol.c (fixes wpa_supplicant's and MS Windows
connections being rejected)
2018-08-23 22:03:38 -05:00
Andrew Zaborowski
cb04fb6314 ap: Stop EAPOL negotiation on Disassociation
Make sure we interrupt eapol traffic (4-way handshake) if we receive a
Disassociation from station.  Actually do this in ap_del_station because
it's called from both ap_disassoc_cb and ap_success_assoc_resp_cb and
seems to make sense in both cases.
2018-08-23 21:49:53 -05:00
Andrew Zaborowski
f460a7e12c ap: eapol_sm lifecycle fixes
On one hand when we're called with HANDSHAKE_EVENT_FAILED or
HANDSHAKE_EVENT_SETTING_KEYS_FAILED the eapol_sm will be freed in
eapol.c, fix a double-free by setting it to NULL before ap_free_sta
is called.
On the other hand make sure we call eapol_sm_free before setting
sta->sm to NULL in ap_drop_rsna to avoid potential leak and avoid
the eapol_sm continuing to use the handshake_state we freed.
2018-08-23 21:45:41 -05:00
Andrew Zaborowski
c0a70cc9b7 device: Drop now unused start/stop_ap_pending fields 2018-08-23 21:43:33 -05:00
Andrew Zaborowski
58f91a741b knownnetworks: Fix timestamps comparison
timespec_compare wanted to receive network_info structures as arguments
to compare connected_time timestamps but in one instance we were passing
actual timespec structures.  Add a new function to compare plain timespec
values and switch the names for readability.
2018-08-23 21:43:30 -05:00
James Prestwood
9c71d56444 sae: fix endianness issues
Replaced all calls of l_get_u16 with l_get_le16. This fixes
failures on big-endian hardware.
2018-08-23 12:23:59 -05:00
Denis Kenzior
99253a8689 sae: Fix Wformat warning
src/sae.c:714:3: warning: format ‘%ld’ expects argument of type ‘long
int’, but argument 6 has type ‘size_t’ [-Wformat=]
2018-08-21 10:19:39 -05:00
Andrew Zaborowski
da96b5c51c network: Use is_known to save queue lookups
Now that the is_known field is back use it instead of searching the
"networks" queue where possible.
2018-08-20 11:37:07 -05:00
Denis Kenzior
7e7bf126d3 device: Remove device_get_netdev 2018-08-19 23:37:29 -05:00
Denis Kenzior
8d6f3021e3 adhoc: Do not use device
Ad-Hoc only uses information from the netdev object and doesn't really
depend on the device object.
2018-08-19 23:36:24 -05:00
Denis Kenzior
92e7e63af5 device: Remove device_get_ifindex 2018-08-19 23:30:06 -05:00
Denis Kenzior
1ad22021d2 device: Remove device_get_address 2018-08-19 23:28:58 -05:00
Denis Kenzior
e068c97409 wsc: Make WSC netdev centric 2018-08-19 23:28:07 -05:00
Denis Kenzior
2e0638d51b ap: Make AP use netdev instead of device
The information is always on the netdev object anyway, so this just
makes it explicit.
2018-08-19 23:12:29 -05:00
Denis Kenzior
0ad8f7e0d6 netdev: Add netdev_get_path 2018-08-19 23:12:14 -05:00
Denis Kenzior
a277a424f3 device: Remove unneeded typedefs/enums 2018-08-19 23:10:27 -05:00
Denis Kenzior
9ca72b9527 netdev: Issue initial SET_CQM when in STATION mode 2018-08-19 22:52:52 -05:00
Denis Kenzior
99b5c67c88 device: Update State when Mode is changed 2018-08-19 22:41:07 -05:00
Denis Kenzior
5a6c19988c device/netdev: Properly implement mode switching 2018-08-19 22:07:15 -05:00
Denis Kenzior
3628003296 wsc: Do not check device mode
There's no longer a need to do that since WSC is only created in station
mode.
2018-08-19 22:06:02 -05:00
Denis Kenzior
cc9fc8de67 knownnetworks: Fix leak of fswatch
==7330== 112 bytes in 1 blocks are still reachable in loss record 1 of 1
==7330==    at 0x4C2CF8F: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==7330==    by 0x14CF7D: l_malloc (util.c:62)
==7330==    by 0x152A25: l_io_new (io.c:172)
==7330==    by 0x16B217: l_fswatch_init (fswatch.c:171)
==7330==    by 0x16B217: l_fswatch_new (fswatch.c:198)
==7330==    by 0x13B9D9: known_networks_init (knownnetworks.c:401)
==7330==    by 0x110020: main (main.c:439)
2018-08-19 22:05:31 -05:00
Denis Kenzior
93985103bb device: Use netdev->iftype instead of device_mode 2018-08-19 20:39:37 -05:00
Denis Kenzior
ae223fe06c netdev: Don't bother switching iftype on shutdown 2018-08-19 20:16:16 -05:00
Denis Kenzior
52e0a7ce83 netdev: Remove redundant typedefs
Unify command specific typedefs which had the same signature into a
single netdev_command_cb_t
2018-08-19 18:25:23 -05:00
Denis Kenzior
f6eb571b67 device: Set autoconnect only if triggered via D-Bus 2018-08-18 00:41:25 -05:00
Denis Kenzior
b7fd5023f0 device: Honor autoconnect setting on power up
If the device Powered state is toggled, honor the autoconnect setting
instead of always going into AUTOCONNECT mode
2018-08-18 00:40:45 -05:00
Denis Kenzior
996a6d2546 netdev/device: Combine watches
There was somewhat overlapping functionality in the device_watch
infrastructure as well as the netdev_event_watch.  This commit combines
the two into a single watch based on the netdev object and cleans up the
various interface additions / removals.

With this commit the interfaces are created when the netdev/device is
switched to Powered=True state AND when the netdev iftype is also in the
correct state for that interface.  If the device is brought down, then
all interfaces except the .Device interface are removed.

This will make it easy to implement Device.Mode property properly since
most nl80211 devices need to be brought into Powered=False state prior
to switching the iftype.
2018-08-18 00:38:56 -05:00
Denis Kenzior
da52bcd109 netdev: Rework netdev_init/exit 2018-08-17 23:47:20 -05:00
Denis Kenzior
b3e937e11a main: Rework initialization order
Group together all the configuration settings / reading code together
for more readability.

Initialize eap, eapol and rfkill before device
2018-08-17 23:35:09 -05:00
Denis Kenzior
c5b19dc747 main: Don't call wsc_exit twice 2018-08-17 16:45:05 -05:00
Denis Kenzior
28916dc5ca netdev: Add netdev_get_device 2018-08-17 14:59:01 -05:00
Denis Kenzior
3788156f39 netdev: Don't use device_get_ifindex in join_adhoc
This is pointless as the ifindex is already available on the netdev
object.
2018-08-17 14:42:07 -05:00
Denis Kenzior
3c28c5c24c netdev: Don't crash on operstate callbacks
The way that netdev_set_linkmode_and_operstate was used resulted in
potential crashes when the netdev was destroyed.  This is because netdev
was given as data to l_netlink_send and could be destroyed between the
time of the call and the callback.  Since the result of calls to
netdev_set_linkmode_and_operstate is inconsequential, it isn't really
worthwhile tracking these calls in order to cancel them.

This patch simplies the handling of these rtnl calls, makes sure that
netdev isn't passed as user data and rewrites the
netdev_set_linkmode_and_operstate signature to be more consistent with
rtnl_set_powered.
2018-08-17 14:10:13 -05:00
Denis Kenzior
ec437661b8 netdev: Don't set userdata for getlink 2018-08-17 14:10:13 -05:00
Denis Kenzior
015e8625bf netdev: Make sure set_powered calls are cancelable
Since all netdevs share the rtnl l_netlink object, it was possible for
netdevs to be destroyed with outstanding commands still executing on the
rtnl object.  This can lead to crashes and other nasty situations.

This patch makes sure that Powered requests are always tracked via
set_powered_cmd_id and the request is canceled when netdev is destroyed.
This also implies that netdev_set_powered can now return an -EBUSY error
in case a request is already outstanding.
2018-08-17 14:10:13 -05:00
Denis Kenzior
c530667ed1 device: Send .Aborted error if property set fails
If a property setting is canceled before the callback is generated, then
generate an .Aborted error the the method return
2018-08-17 14:10:13 -05:00
Denis Kenzior
3a9b1f2e38 device: Return an error if netdev_set_powered fails
netdev_set_powered could in theory return an error.  So handle this
case by returning an error from the property set call.
2018-08-17 14:10:13 -05:00
James Prestwood
b9fac0fd14 sae: fix sae to not hard code peer address
SAE is meant to work in a peer-to-peer fashion where neither side acts
as a dedicated authenticator or supplicant. This was not the case with
the current code. The handshake state authenticator address was hard
coded as the destination address for all packets, which will not work
when mesh comes into play. This also made unit testing the full SAE
procedure with two sae_sm's impossible.

This patch adds a peer address element to sae_sm which is filled with
either aa/spa based on the value of handshake->authenticator
2018-08-15 13:26:45 -05:00
James Prestwood
986f66a3c6 eapol: removed authenticator bit and auth register
This removes the authenticator bit in eapol_sm as well as unifies
eapol_register_authenticator and eapol_register. Taking advantage
of the handshake state authenticator bit we no longer have a need
for 2 separate register functions.

ap, and adhoc were also updated to set the authenticator bit in
the handshake and only use eapol_register to register their sm's.

netdev was updated to use the authenticator bit when choosing the
correct key address for adhoc.
2018-08-15 12:40:38 -05:00
James Prestwood
2036d36313 handshake: introduce authenticator bit
Both SAE and adhoc can benefit from knowing whether the handshake state
is an authenticator or a supplicant. It will allow both to easily
obtain the remote address rather than sorting out if aa/spa match the
devices own address.
2018-08-15 12:40:35 -05:00
Denis Kenzior
1f512ff85c device: Move device_init/device_exit to iwd.h 2018-08-14 14:57:19 -05:00
Denis Kenzior
47beec30f9 network: Implement Network.KnownNetwork property 2018-08-14 14:57:16 -05:00
Denis Kenzior
1c27aa5f1d knownnetworks: move known_networks_init/exit to iwd.h 2018-08-14 13:36:48 -05:00
Denis Kenzior
e6b3691c9e knownnetworks: Expose known_network_get_path
So that it can be used to implement Network.KnownNetwork property
2018-08-14 13:35:23 -05:00
James Prestwood
dd1885de11 sae: remove double sc increment
The send confirm counter is incremented before calling sae_send_confirm
in all cases, but the function itself was also incrementing sc after
sending the packet. This isn't critical to the successful execution of
SAE as the AP just uses the sc value in the packet but it did violate
the 802.11 spec.
2018-08-14 13:13:50 -05:00
James Prestwood
fd8671e9c5 netdev: added sae functionality to netdev
In order to plug SAE into the existing connect mechanism the actual
CMD_CONNECT message is never sent, rather sae_register takes care
of sending out CMD_AUTHENTICATE. This required some shuffling of
code in order to handle both eapol and sae. In the case of non-SAE
authentication everything behaves as it did before. When using SAE
an sae_sm is created when a connection is attempted but the eapol_sm
is not. After SAE succeeds it will start association and then create
the eapol_sm and start the 4-way handshake.

This change also adds the handshake SAE events to device and
initializes SAE in main.
2018-08-14 10:37:52 -05:00
James Prestwood
220fb61128 sae: implementation
SAE (Simultaneous Authentication of Equals) takes place during
authentication, and followed by EAPoL/4-way handshake. This
module handles the entire SAE commit/confirm exchange. This was
done similar to eapol.

SAE begins when sae_register is called. At this point a commit
message will be created and sent out which kicks off the SAE
authentication procedure.

The commit/confirm exchange is very similar to EAP-PWD, so all
the ecc utility functions could be re-used as-is. A few new ecc
utility functions were added to conform to the 80211 'blinding'
technique for computing the password element.
2018-08-13 20:40:59 -05:00
James Prestwood
920b307431 network: require Passphrase on psk files
For an SAE network, the raw passphrase is required. For this reason,
known network psk files should now always contain a 'Passphrase' entry.

If a psk file is found without a Passphrase entry the agent will be asked
for the Passphrase before connecting. This will update the legacy psk
file with the Passphrase entry.
2018-08-13 20:40:59 -05:00
Denis Kenzior
70acf2dcb4 device: rename SignalLevelChanged to Changed 2018-08-13 20:40:59 -05:00
Denis Kenzior
51c6d2d391 storage: use rename instead of unlink, link, unlink 2018-08-10 14:42:33 -05:00
Denis Kenzior
cbc149c7ed knownnetworks: Avoid unnecessary known object removal
Due to the quirk in how storage_network_sync implements file writing,
iwd was generating unnecessary KnownNetwork removal events (and
preventing certain test cases from passing successfully)

storage_network_sync tries to perform atomic writes by writing to a
temporary storage location first, unlinking the existing file and
renaming the tmp file as the original.

This generates a set of inotify events which confuses the current
implementation.
2018-08-10 12:17:40 -05:00
Denis Kenzior
c38b77d0c0 network: Fix syncing the PSK on 1st connection
The previous change did not consider the case of the PSK being written
for the very first time.  In this case storage_network_open would return
NULL and an empty file would be written.

Change this so that if storage_network_open fails, then the current
network settings are written to disk and not a temporary.
2018-08-10 12:13:44 -05:00
Andrew Zaborowski
abeed797c0 network: Reload settings in network_sync_psk
Reload the network settings from disk before calling
storage_network_sync in network_sync_psk to avoid potentially
overwriting changes made to the storage by user since the connection
attempt started.  This won't account for all situations but it
covers some of them and doesn't cost us much.
2018-08-10 09:44:16 -05:00
Andrew Zaborowski
3065e0768c knownnetworks: Add KnownNetwork.Hidden boolean property 2018-08-10 09:43:31 -05:00
Denis Kenzior
14693065d7 netdev: Use EAPoL over nl80211 if CONTROL_PORT set
Our logic would set CONTROL_PORT_OVER_NL80211 even in cases where
CONTROL_PORT wasn't used (e.g. for open networks).  While the kernel
ignored this attribute in this case, it is nicer to set this only if
CONTROL_PORT is intended to be used.
2018-08-09 15:20:27 -05:00
James Prestwood
d2d2b59f25 netdev: break out FT associate into common function
SAE will require some of the same CMD_ASSOCIATE building code that
FT currently uses. This breaks out the common code from FT into
netdev_build_cmd_associate_common.
2018-08-09 15:20:10 -05:00
James Prestwood
43b70b37d9 eapol: added key description type 0
This also required passing in the akm suite in case the key description
version was zero. In the zero case the akm must be checked. For now this
only supports the SAE akm.
2018-08-09 15:05:56 -05:00
James Prestwood
d256e97b32 device: added SUITE_SAE_SHA256 to _select_akm_suite 2018-08-09 14:57:41 -05:00
Jordan Glover
87d74db156 net.connman.iwd.service: Change SystemdService name to iwd.service
This allows to activate iwd service through dbus even when service
isn't enabled.
2018-08-09 10:45:16 -05:00
Andrew Zaborowski
4b4875e6cf knownnetworks: Watch filesystem events in STORAGEDIR
Update the known networks list and network properties on file creations,
removals and modifications.  We watch for these filesystem events using
ell's fswatch and react accordingly.
2018-08-09 10:35:37 -05:00
Andrew Zaborowski
ca270e9de2 network: Drop actions to be handled by filesystem watch 2018-08-09 10:27:28 -05:00
Andrew Zaborowski
5f79acfd8d storage: Expose get_network_file_path in the header 2018-08-09 10:25:56 -05:00
Andrew Zaborowski
549021b5dd eap-gtc: Fix reading secret from settings
This makes testEAP-PEAP-GTC pass for me by re-adding the check for the
GTC-Secret setting which was replaced with the check for the secrets
list in 3d2285ec7e.
2018-08-08 19:43:08 -05:00
Andrew Zaborowski
4ffb97faa1 eap: Add secret cache policy types
eap_append_secret now takes a new cache_policy parameter which can be
used by the EAP method to signal that the value received from the agent
is to never be cached, i.e. each value can only be used once.  The
parameter value should be EAP_CACHE_NEVER for this and we use this in
value EAP-GTC where the secret tokens are one time use.  The
EAP_CACHE_TEMPORARY value is used in other methods, it preserves the
default behaviour where a secret can be cached for as long as the
network stays in range (this is the current implementation more than a
design choice I believe, I didn't go for a more specific enum name as
this may still change I suppose).
2018-08-08 19:43:05 -05:00
James Prestwood
f68cca43da handshake: add setter for PMKID
SAE generates the PMKID during the authentication process, rather than
generating it on-the-fly using the PMK. For this reason SAE needs to be
able to set the PMKID once its generated. A new flag was also added
(has_pmkid) which signifies if the PMKID was set or if it should be
generated.
2018-08-08 16:03:17 -05:00
James Prestwood
0b452b9200 ecc: added Y^2 and legendre API's
SAE requires checking a values legendre symbol. Also added a helper
for computing Y^2, or, calculating the sum for the X side of the
equation.
2018-08-07 17:40:55 -05:00
James Prestwood
35278ae108 network: save passphrase in network
SAE needs access to the raw passphrase, not the PSK which network
saves. This changes saves the passphrase in network and handshake
objects, as well as adds getters to both objects so SAE can retrieve
the passphrase.
2018-08-07 17:39:16 -05:00
Denis Kenzior
7da345a9a5 mpdu: Also update comment to reflect 2016 spec 2018-08-07 17:23:26 -05:00
James Prestwood
4f8a722580 mpdu: added reason codes from more recent (2016) spec 2018-08-07 17:20:14 -05:00
James Prestwood
ff197edfc4 main: reordered plugin init/exit
This fixes improper cleanup when ofono leaves the bus after a simauth
instance has been cleaned up. The problem was that the plugin
exit was being called after the simauth module, causing there to
be stale simauth instances that were no longer valid. Now plugins
cleanup before simauth.

This fix fixes the print seen when iwd exits:

"Auth provider queue was not empty on exit!"
2018-08-07 17:18:23 -05:00
Denis Kenzior
8102b33634 wiphy: Support Adapter.SupportedModes property 2018-08-07 17:10:26 -05:00
Denis Kenzior
33e83b8c7c wiphy: Parse & report supported interface types 2018-08-07 16:45:17 -05:00
Denis Kenzior
6e6797cbde dbus: Add dbus_iftype_to_string 2018-08-07 16:19:39 -05:00
Denis Kenzior
9c6f3ef5c0 netdev: synchronize iftypes with nl80211
Make sure the netdev iftype enumeration is the same as nl80211
2018-08-07 16:12:12 -05:00
Denis Kenzior
6f2fbe32f9 wiphy: Add wiphy_supports_adhoc_rsn 2018-08-07 15:38:15 -05:00
Denis Kenzior
59697ead34 dbus: Remove unused functions 2018-08-07 15:38:15 -05:00
Jordan Glover
ed59c1af7f iwd.service: Order iwd before network.target
This ensures the unit will be stopped after network.target on shutdown
and any network filesystems will be unmounted before iwd is killed.
2018-08-06 15:46:19 -05:00
Marcel Holtmann
28573c90d1 build: Add support for systemd D-Bus activation 2018-08-06 22:37:22 +02:00
Andreas Henriksson
0573c6b5fb src: Fix spelling errors spotted by lintian
The debian package checking tool lintian spotted a bunch
of spelling errors in the built binaries.
2018-08-06 12:29:06 -05:00
Andrew Zaborowski
17c35dd1bc knownnetworks: Add back removing network files
This step apparently got lost during the refactoring in
97913c6f9a.
2018-08-01 10:32:32 -05:00
Andrew Zaborowski
e1634baae4 storage: Take enum security instead of string as parameter
Make the network_storage_* functions uniformly accept an enum value
instead of a string so that he conversion to string doesn't need to
happen in all callers.
2018-08-01 09:38:52 -05:00
Andrew Zaborowski
ac527d88c6 network: Actually remove the seen_time field 2018-08-01 09:32:41 -05:00
James Prestwood
3d2285ec7e eap-gtc: added support for agent in gtc
Now, EAP-GTC behaves similar to MSCHAPv2 where check_settings allows
for missing EAP-Identity and GTC-Secret fields. Either or both can be
missing and the agent will request the missing fields.
2018-07-31 14:35:36 -05:00
Andrew Zaborowski
00a643f093 knownnetworks: Drop the old KnownNetworks DBus interface 2018-07-31 11:52:38 -05:00
Andrew Zaborowski
e7e6cc3064 knownnetworks: Move ForgetNetwork() to KnownNetwork object
Remove the KnownNetworks.ForgetNetwork(ssid, security) method and add a
KnownNetwork.Forget() method on Known Network's DBus objects.
2018-07-31 11:52:35 -05:00
Andrew Zaborowski
c651bed28f knownnetworks: DBus objects for KnownNetworks
Add ObjectManager objects with properties for each Known Network so that
signals are emitted for creation or removal of a Known Network and a
Property Changed is emitted on LastConnectedTime change.  Remove the
ListKnownNetworks method from the old KnownNetworks interface.

Note this breaks clients that used the known networks interface.
2018-07-31 10:58:03 -05:00
Andrew Zaborowski
319b6416de network: Stop tracking network last seen times
Drop the corresponding network_info field, function and D-Bus property.
The last seen times didn't seem useful but if a client needs them it can
probably implement the same logic with the information already available
through DBus.
2018-07-31 10:55:32 -05:00
Denis Kenzior
6be0f55d85 ap/adhoc: Don't crash on eapol_sm_free
If the sm object (or the handshake object) is NULL, don't call the
corresponding function.

0  0x7fb6cd37da80 in /lib64/libc.so.6
1  0x414764 in eapol_sm_destroy() at eapol.c:673
2  0x42e402 in ap_sta_free() at ap.c:97
3  0x439dbe in l_queue_clear() at /home/parallels/wrk/iwd/ell/queue.c:109
4  0x439e09 in l_queue_destroy() at /home/parallels/wrk/iwd/ell/queue.c:83
5  0x42e4bf in ap_reset() at ap.c:132
6  0x42e519 in ap_free() at ap.c:147
7  0x447456 in interface_instance_free() at /home/parallels/wrk/iwd/ell/dbus-service.c:513
8  0x449be0 in _dbus_object_tree_remove_interface() at /home/parallels/wrk/iwd/ell/dbus-service.c:1595
9  0x449ced in _dbus_object_tree_object_destroy() at /home/parallels/wrk/iwd/ell/dbus-service.c:787
10 0x40fb8c in device_free() at device.c:2717
11 0x405cdb in netdev_free() at netdev.c:605
12 0x439dbe in l_queue_clear() at /home/parallels/wrk/iwd/ell/queue.c:109
13 0x439e09 in l_queue_destroy() at /home/parallels/wrk/iwd/ell/queue.c:83
14 0x40aac2 in netdev_shutdown() at netdev.c:4483
15 0x403b75 in iwd_shutdown() at main.c:80
16 0x43d9f3 in signal_callback() at /home/parallels/wrk/iwd/ell/signal.c:83
17 0x43d4ee in l_main_iterate() at /home/parallels/wrk/iwd/ell/main.c:376
18 0x43d5ac in l_main_run() at /home/parallels/wrk/iwd/ell/main.c:419
19 0x40379b in main() at main.c:454
20 0x7fb6cd36788a in /lib64/libc.so.6
2018-07-30 09:07:58 -05:00
Tim Kourt
ece63270e7 adhoc: expose property 'Started' property on the Dbus 2018-07-30 09:00:57 -05:00
Tim Kourt
dda350a93d ap: expose property 'Started' property on the Dbus 2018-07-30 09:00:57 -05:00
Andrew Zaborowski
215162a49e network: Don't free known networks in network_info_put
Fix a double free resulting from network.c freeing a known network when
it goes out of range due to a missing check.
2018-07-30 08:55:27 -05:00
Andrew Zaborowski
97913c6f9a network: Refactor and move Known Networks management
Until now network.c managed the list of network_info structs including
for known networks and networks that are seen in at least one device's
scan results, with the is_known flag to distinguish known networks.
Each time the list was processed though the code was either interested
in one subset of networks or the other.  Split the list into a Known
Networks list and the list of other networks seen in scans.  Move all
code related to Known Networks to knownnetworks.c, this simplifies
network.h.  It also gets rid of network_info_get_known which actually
returned the list of all network_infos (not just for known networks),
which logically should have been private to network.c.  Update device.c
and scan.c to use functions specific to Known Networks instead of
filtering the lists by the is_known flag.

This will also allow knownnetworks.c to export DBus objects and/or
properties for the Known Networks information because it now knows when
Known Networks are added, removed or modified by IWD.
2018-07-25 09:40:14 -05:00
Andrew Zaborowski
c2abc212ad network: Make networks_connected return void
The return value from network_connected is not checked and even if one
of the storage operations fails the function should probably continue
so only print a message on error.
2018-07-23 11:46:49 -05:00
Andrew Zaborowski
ea2b83e5a7 ap: Remove unused psk field 2018-07-23 11:46:15 -05:00
James Prestwood
a68e958f29 ap: fixed crash in AP
If the device mode it toggled from 'ap' back to 'station' without actually
starting the access point ap_free attempts to zero out the psk, which
causes a crash because it had never been allocated (Start() never was
called). Since ap->psk is actually never used this was removed. Also added
a memset to zero out the pmk on cleanup.

This is the crash observed:

++++++++ backtrace ++++++++
0  0x7f6ffe978a80 in /lib64/libc.so.6
1  0x7f6ffe9d6766 in /lib64/libc.so.6
2  0x42dd51 in memset() at /usr/include/bits/string3.h:90
3  0x42ddd9 in ap_free() at src/ap.c:144
4  0x445ec6 in interface_instance_free() at ell/dbus-service.c:513
5  0x448650 in _dbus_object_tree_remove_interface() at ell/dbus-service.c:1595
6  0x40d980 in device_set_mode_sta() at src/device.c:2113
7  0x447d4c in properties_set() at ell/dbus-service.c:1861
8  0x448a33 in _dbus_object_tree_dispatch() at ell/dbus-service.c:1691
9  0x442587 in message_read_handler() at ell/dbus.c:285
10 0x43cac9 in io_callback() at ell/io.c:123
11 0x43bf5e in l_main_iterate() at ell/main.c:376
12 0x43c01c in l_main_run() at ell/main.c:419
13 0x40379d in main() at src/main.c:460
14 0x7f6ffe96288a in /lib64/libc.so.6
+++++++++++++++++++++++++++
2018-07-19 11:21:43 -05:00
Denis Kenzior
46a797043a ie: Add AKMs from 802.11-2016 2018-07-19 11:09:08 -05:00
Denis Kenzior
c4a2654703 ie: Split RSN & WPA akm suite builders 2018-07-19 10:56:46 -05:00
Denis Kenzior
438af4aebc ie: Don't fail RSNE parsing with unknown AKMs 2018-07-19 10:36:18 -05:00
Denis Kenzior
c37146d403 wsc: Rework wsc_init & wsc_exit
- wsc module does not need nl80211 any longer, so remove it.
- Move wsc_init & wsc_exit declarations to iwd.h and remove wsc.h
- re-arrange how wsc_init & wsc_exit is called inside main.c.
2018-07-17 19:19:09 -05:00
Denis Kenzior
17bfbbd397 main: Re-arrange _exit order
The plugin_exit was in the wrong place, it should be triggered in case
genl creation fails.  Also adhoc_exit was in the wrong sequence compared
to _init()
2018-07-17 19:15:08 -05:00
Denis Kenzior
6b58ab1a08 main: Simplify sim_auth_init
There's no real reason why sim_auth_init should fail, so simplify the
procedure and move declarations to iwd.h
2018-07-17 19:12:48 -05:00
James Prestwood
8cf44499d1 device: added DEVICE_EVENT_MODE_CHANGED
Rather than have device.c manage the creation/removal of
AP/AdHoc interfaces this new event was introduced. Now
anyone can listen for device events and if the mode changes
handle accordingly. This fixes potential memory leaks
in WSC when switching modes as well.
2018-07-17 18:52:59 -05:00
James Prestwood
bf3a171e3a device: added ad-hoc mode
As with station/ap, a new mode was added for ad-hoc
2018-07-17 16:55:59 -05:00
James Prestwood
682c844239 main: added adhoc init to main 2018-07-17 16:46:21 -05:00
James Prestwood
55cb9aa2e9 adhoc: adhoc implementation 2018-07-17 16:46:18 -05:00
James Prestwood
88bd69269e netdev: add join_adhoc/leave_adhoc API's
These will issue a JOIN/LEAVE_IBSS to the kernel. There is
a TODO regarding network configuration. For now, only the
SSID is configurable. This configuration is also required
for AP, but needs to be thought out. Since the current
AP Dbus API has nothing related to configuration items
such as freq/channel or RSN elements they are hard coded,
and will be for Ad-Hoc as well (for now).
2018-07-17 16:25:33 -05:00
James Prestwood
e10d79b53f netdev: ensure proper iftype on connect/disconnect
Now that the device mode can be changed, netdev must check that
the iftype is correct before starting a connection or disconnecting.
netdev_connect, netdev_connect_wsc, and netdev_disconnect now check
that the iftype is station before continuing.
2018-07-17 16:16:17 -05:00
James Prestwood
515985afed netdev: choose correct address on NEW_KEY/SET_STATION
With the introduction of Ad-Hoc, its not as simple as choosing
aa/spa addresses when setting the keys. Since Ad-Hoc acts as
both the authenticator and supplicant we must check how the netdev
address relates to the particular handshake object as well as
choose the correct key depending on the value of the AA/SPA address.
802.11 states that the higher of the two addresses is to be used
to set the key for the Ad-Hoc connection.

A simple helper was added to choose the correct addressed based on
netdev type and handshake state. netdev_set_tk also checks that
aa > spa in the handshake object when in Ad-Hoc mode. If this is
true then the keys from that handshake are used, otherwise return
and the other handshake key will be used (aa will be > spa).

The station/ap mode behaves exactly the same as before.
2018-07-17 11:13:53 -05:00
James Prestwood
27430287ab dbus: added Ad-Hoc dbus interface 2018-07-17 10:53:08 -05:00
James Prestwood
42fe517d4e netdev: added station watch
For Ad-Hoc networks, the kernel takes care of auth/assoc
and issues a NEW_STATION event when that is complete. This
provides a way to notify when NEW_STATION events occur as
well as forward the MAC of the station to Ad-Hoc.

The two new API's added:
 - netdev_station_watch_add()
 - netdev_station_watch_remove()
2018-07-17 10:50:34 -05:00
James Prestwood
54cd428c94 netdev: Add IFTYPE_ADHOC interface type
netdev_set_iftype and get_iftype were also changed to
account for all three interface types.
2018-07-17 10:49:10 -05:00
Denis Kenzior
efecce772f eapol: Fix memory allocation issues
When the EAPOL-Key data field is encrypted using AES Wrap, check
that the data field is large enough before calculating the expected
plaintext length.

Previously, if the encrypted data field was smaller than 8 bytes, an
integer underflow would occur when calculating the expected plaintext
data length. This would cause iwd to try to allocate a huge amount of
memory, which causes it to abort and terminate. If the data field was
equal to 8 bytes, iwd would try to allocate 0 bytes of memory, making
l_new return NULL, which subsequently causes iwd to crash on a NULL
pointer deference.

Reported-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-07-16 10:51:13 -05:00
Denis Kenzior
57c3aa2589 scan: Fix triggered flag setting
triggered flag was being reset to false in all cases.  However, due to
how scan_finished logic works, it should have remained true if no more
commands were left to be sent (e.g. the scan was finished).
2018-07-13 12:34:59 -05:00
Tim Kourt
d83dda410d device: fix incomplete variable replacement 2018-07-13 11:41:49 -05:00
Christian Hesse
22e5ba2133 device: make the output less verbose
Having hidden SSIDs or SSIDs with non-UTF8 characters around make iwd
flood the logs with messages. Make iwd less verbose and show these
messages with enabled debug output only.
2018-07-13 10:39:02 -05:00
Tim Kourt
9ff2e59e40 scan: add hidden networks into periodic scan
In addition, the periodic scan can now alternate between the
active or passive modes. The active mode is enabled by existence of
the known hidden networks and observation of them in the
previous scan result.
2018-07-11 17:29:47 -05:00
Tim Kourt
ec8afb0af1 scan: add todo comment for randomization flag 2018-07-11 17:24:17 -05:00
Denis Kenzior
48e9f2aee0 scan: Break up logic into utility functions
Some fairly common logic was duplicated across functions.  Split it up
into common utilities
2018-07-11 17:20:06 -05:00
Denis Kenzior
dfe74ea8ff scan: Use a cast instead of an extra function 2018-07-11 16:30:45 -05:00
Tim Kourt
c33deb7a0a scan: add hidden networks into the scan requests
To support an auto-connect for the hidden networks and having
a limited number of SSIDs that can be appended into a probe
request, introduced a concept of a command batch. Now, scan request
may consist of a series of commands. The commands in the batch
are triggered sequentially. Once we are notified about the
results from a previous command, a consequent command in the
batch is triggered. The collective results are reported once
the batch is complete. On a command failure, the batch
processing is canceled and scan request is removed
2018-07-11 16:30:41 -05:00
Denis Kenzior
87108984bc network: set Hidden=true for new hidden networks 2018-07-11 16:09:42 -05:00
Denis Kenzior
d744915534 device: Rework device_hidden_network_scan_results
Rework the logic slightly to simplify the need for error labels.  Also
the connect_pending variable might not have been properly reset to NULL
in case of error, so make sure we reset it prior to calling into
network_connect_new_hidden_network
2018-07-11 15:59:51 -05:00
Tim Kourt
d8c8ebdf3a device: enable connection to the hidden networks
1) Change signature of process_bss to return a confirmation
   that bss has been added to a network otherwise we can
   discard it.

2) Implements logic for the discovery and connection to
   a hidden network.
2018-07-11 15:36:14 -05:00
Tim Kourt
72c6862255 network: add network info accessors
This adds the accessors for the hidden field in network
info. In addition, it provides a lookup of the network infos
by ssid and security type.
2018-07-11 15:20:55 -05:00
Tim Kourt
d2feb535a5 network: implement a counter for the hidden networks 2018-07-11 10:36:40 -05:00
Tim Kourt
f7a30106bf scan: initial support for the direct probe request
This enables the discovery of the hidden networks
2018-07-11 10:25:24 -05:00
Tim Kourt
d1a8e191e9 network: introduce connect API for the hidden nets 2018-07-11 10:19:43 -05:00
James Prestwood
bbad6b4ec9 ap: use netdev_del_station API
Removes del station code from AP in favor of netdev_del_station.
2018-07-03 16:45:29 -05:00
James Prestwood
4a2b80ee97 netdev: expose netdev_del_station
This removes the need for duplicate code in AP/netdev for issuing
a DEL_STATION command. Now AP can issue a DEL_STATION with
netdev_del_station, and specify to either disassociate or deauth
depending on state.
2018-07-03 16:45:29 -05:00
James Prestwood
b2f27f3abe netdev: fixed key setting failure
If netdev fails to set the keys, there was no way for device/ap to
know. A new handshake event was added for this. The key setting
failure function was also fixed to support both AP/station iftypes.
It will now automatically send either a disconnect or del_station
depending on the interface type.

In similar manner, netdev_handshake_failed was also modified to
support both AP/station iftypes. Now, any handshake event listeners
should call netdev_handshake_failed upon a handshake failure
event, including AP.
2018-07-03 16:45:25 -05:00
James Prestwood
d4e521027b device: add debug prints for mode switching
Its useful to know when the device has switched modes
2018-07-03 16:15:54 -05:00
Denis Kenzior
5b8f052524 device: Don't return an error on no state change
If device is already disconnected or in autoconnect mode, don't return
an error if .Disconnect is called.  Instead simply silently return
success after disabling autoconnect.
2018-07-03 16:13:39 -05:00
Denis Kenzior
73e0394d7f device: Use dbus_error_from_errno in .Disconnect 2018-07-03 16:12:04 -05:00
Denis Kenzior
8bbe85787c device: Fix memory leak when aborting a connection
==1058== 231 (32 direct, 199 indirect) bytes in 1 blocks are definitely lost in loss record 10 of 10
==1058==    at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==1058==    by 0x452472: l_malloc (util.c:62)
==1058==    by 0x456324: l_settings_new (settings.c:83)
==1058==    by 0x427D45: storage_network_open (storage.c:262)
==1058==    by 0x42806C: network_settings_load (network.c:75)
==1058==    by 0x428C2F: network_autoconnect (network.c:490)
==1058==    by 0x4104E9: device_autoconnect_next (device.c:194)
==1058==    by 0x410E38: device_set_scan_results (device.c:393)
==1058==    by 0x410EFA: new_scan_results (device.c:414)
==1058==    by 0x424A6D: scan_finished (scan.c:1012)
==1058==    by 0x424B88: get_scan_done (scan.c:1038)
==1058==    by 0x45DC67: destroy_request (genl.c:134)
2018-07-03 15:45:29 -05:00
Tim Kourt
5f69aba32b eap-peap: add warning for the missing M flag 2018-07-02 20:28:08 -05:00
James Prestwood
9e32ea5e80 ap: removed unused ap_event enum 2018-07-02 15:34:26 -05:00
Denis Kenzior
fb1296e9c0 network: Add network_info_get_known 2018-07-02 13:03:03 -05:00
James Prestwood
8ed043533a wsc: register for handshake events
This is a fixup for the AP code merge. wsc.c never registered
for handshake events, so in case of failure it was never calling
netdev_handshake_failed, which caused a double free.
2018-07-02 12:29:08 -05:00
Denis Kenzior
057b019550 network: Use __device_connect_network
In network_autoconnect, use the low-level version of
device_connect_network
2018-07-02 12:28:10 -05:00
Denis Kenzior
a1a6c2d7d6 device: Introduce __device_connect_network
The version with '__' prefix is the raw version that returns errnos.
The version without '__' prefix deals with D-Bus error conversion.
2018-07-02 12:25:47 -05:00
Denis Kenzior
31081f98e7 dbus: Add dbus_error_from_errno 2018-07-02 12:24:33 -05:00
Denis Kenzior
7f844a2520 eapol: Relax key_iv checks
Many APs don't send properly zerod key_iv elements in EAPoL-Key frames.
In the past iwd has complained, but this broken behavior is so
prevalent, that it is likely a lost cause.

This patch takes out these warnings
2018-07-01 20:57:38 -05:00
Denis Kenzior
1c9a1ea46d eapol: Handle all zero PMKID 2018-07-01 20:48:11 -05:00
Denis Kenzior
7676aa2107 netdev: Allow iwd.conf to specify PAE over NL80211
Right now iwd uses Control Port over NL80211 feature if the kernel /
driver supports it.  On some kernels this feature is still buggy, so add
an iwd.conf entry to allow the user to override id.

For now the default is to disable this feature until it is more stable.
2018-07-01 20:41:34 -05:00
James Prestwood
fd79297553 device/ap: Moved AP dbus interface into ap.c
Now, a user can setup an AP as follows:

- Set device "Mode" to ap (ap interface will appear on bus)
- call "Start()" on AP interface

Issuing "Stop()" on the AP interface will stop and cleanup
the internal AP structures, but the AP interface will remain
up. To shutdown completely the device Mode must be switched
back to station. If the AP interface is running, the Mode can
directly be switched to station without calling Stop; this
has the same effect and will take down the AP interface.
2018-06-29 18:28:28 -05:00
Tim Kourt
9976007dd8 eap-peap: Relax the M bit requirement
Some of the PEAP server implementation brake the protocol
and don’t set the M flag for the first packet during the
fragmented transmission. To stay compatible with such
devices, we relax this requirement in iwd.
2018-06-29 17:39:50 -05:00
James Prestwood
d5dd1a4e90 wsc: fixed comment typo 2018-06-29 16:41:13 -05:00
James Prestwood
1d8869fbb7 dbus: define AccessPoint interface
net.connman.iwd.AccessPoint interface was added
2018-06-29 14:26:07 -05:00
Tim Kourt
1fff705160 device: use direct probe request in roam scans
This takes care of the roaming for the hidden networks.
In addition, it limits the noise responses from the
other networks.
2018-06-29 13:53:39 -05:00
Tim Kourt
5ded4890a6 network: introduce the concept of hidden networks 2018-06-29 13:51:12 -05:00
Tim Kourt
1ffc99c343 scan: add ssid parameter
ssid – is used for the direct probe requests
2018-06-29 13:48:09 -05:00
Tim Kourt
d91b81bc11 dbus: add AlreadyProvisioned and NotHidden errors 2018-06-29 13:46:33 -05:00
Tim Kourt
28c6a37db0 scan: rename scan triggered callback 2018-06-28 15:56:46 -05:00
Tim Kourt
27e305c9d2 device: change scan command logic
This patch allows alternating between the passive and active
scans taking into consideration an existence of the known
hidden networks and previous observation of them in the scan
results, as well as an ability to randomize the MAC address.
2018-06-28 15:44:57 -05:00
Denis Kenzior
5828073cd5 scan: Add randomize_mac_addr_hint
This will be used by the scanning code to enable mac address
randomization if supported by the hardware / kernel.
2018-06-28 15:41:29 -05:00
Tim Kourt
ef5110869b network: Add stub for network_info_has_hidden 2018-06-28 15:06:11 -05:00
Denis Kenzior
961c3e849d eap-peap: Print alert number 2018-06-28 13:23:13 -05:00
Tim Kourt
8ea4f82166 device: introduce seen_hidden_networks flag
This flag indicates whether the hidden networks were
observed in the scan results. We drop the hidden network BSSs
after the flag is set.
2018-06-28 11:37:10 -05:00
Tim Kourt
3781c157db util: Add util_ssid_is_hidden 2018-06-28 11:37:06 -05:00
Tim Kourt
a681e845a6 scan: change signature of scan_build_cmd
This allows scan_build_cmd to take advantage of a full
scan context. For example to check the feature availability
of wiphy, etc.
2018-06-28 11:25:30 -05:00
Tim Kourt
bece39619b scan: fix scan state check
The state of scan is split between the two variables sc->state
and sc->start_cmd_id. Not checking start_cmd_id used to cause
sending a scan request while periodic scan was just triggered
resulting in EBUSY.
2018-06-28 11:13:45 -05:00
James Prestwood
93a113f551 ap: remove ap_error_deauth_sta
Instead of manually sending a deauth/disassociate to a station
during an error or removal, the kernel can do it automatically
with DEL_STATION by including the MGMT_SUBTYPE attribute. This
removes the need for ap_error_deauth_sta and introduces
ap_deauthenticate_sta. Now AP can be explicit when it chooses
to deauth or disassociate.
2018-06-28 11:12:11 -05:00
Tim Kourt
48b7ed1e47 dbus: Add error msg for the service set overlap
The intended usage of this error is to notify a client
application about the presence of the multiple overlapping
network sessions.
2018-06-27 19:37:30 -05:00
James Prestwood
92f1ceb3ce netdev/eapol: removed eapol deauthenticate
This removes the need for the eapol/netdev deauthenticate function.
netdev_handshake_failed was exposed so device.c could issue the
disconnect.
2018-06-27 16:17:14 -05:00
James Prestwood
4ed30ff661 ap: removed code that was moved to eapol
All handshake packet handling has been removed from ap and
moved to eapol. After association, the AP registers a new
authenticator state machine which handles the AP side of
the handshake. AP will receive a handshake event once the
4-way handshake is complete.
2018-06-27 14:21:16 -05:00
James Prestwood
9d4f1b4ca6 eapol: moved AP authenticator into eapol
Includes:
 - support for handling ptk 2/4 and 4/4. Also sending 1/4 and 3/4.
 - new API to register an authenticator SM. This automatically
   sends 1/4 to kick off authentication with an sta.
2018-06-22 14:40:20 -05:00
James Prestwood
b81a9482b4 netdev: added checks for station/ap iftype
These checks allow both a station and authenticator to use
the same netdev key install functions. For NEW_KEY and
SET_STATION, the iftype is checked and either handshake->aa
or ->spa is used as the station address for the KEY/STATION
commands. Also, in the failure cases, a disconnect command
is issued only if the iftype is station as this doesn't
apply to AP.
2018-06-22 14:33:32 -05:00
James Prestwood
aac00bf33a handshake: remove handshake related netdev events
Handshake related netdev events were removed in favor of
handshake events. Now events will be emitted on the handshake
object related to the 4-way handshake and key settings. Events
are:

HANDSHAKE_EVENT_STARTED
HANDSHAKE_EVENT_SETTING_KEYS
HANDSHAKE_EVENT_COMPLETE
HANDSHAKE_EVENT_FAILED

Right now, since netdev only operates in station mode, nothing
listens for COMPLETE/FAILED, as device/wsc gets notified by the
connect_cb when the connection was successful. The COMPLETE/
FAILED were added in preperation for AP moving into eapol/netdev.
2018-06-22 14:21:50 -05:00
Denis Kenzior
c5893f7da8 network: Fix memory leak in network_set_psk
==1057== 32 bytes in 1 blocks are definitely lost in loss record 1 of 1
==1057==    at 0x4C2AF0F: malloc (vg_replace_malloc.c:299)
==1057==    by 0x15E9A2: l_malloc (util.c:62)
==1057==    by 0x15EA9D: l_memdup (util.c:121)
==1057==    by 0x133D9A: network_set_psk (network.c:350)
==1057==    by 0x13BD29: wsc_try_credentials (wsc.c:136)
==1057==    by 0x13C121: wsc_connect_cb (wsc.c:220)
==1057==    by 0x110FAF: netdev_connect_failed (netdev.c:525)
==1057==    by 0x16AAF4: process_unicast (genl.c:390)
==1057==    by 0x16AF03: received_data (genl.c:509)
==1057==    by 0x166CB6: io_callback (io.c:123)
==1057==    by 0x16580D: l_main_iterate (main.c:376)
==1057==    by 0x16594B: l_main_run (main.c:423)
2018-06-21 20:14:00 -05:00
Denis Kenzior
3df790e3c5 handshake: Switch to superclass api 2018-06-21 20:10:07 -05:00
Denis Kenzior
b5e01226cb netdev: Remove un-needed pairwise set_key call
This seems to be no longer needed as the kernel looks up the key by the
sta specific key index.
2018-06-21 20:10:07 -05:00
James Prestwood
2177b22caa handshake: Add utility to generate a new anonce
AP EAPoL state machine will need to generate the anonce, so as
with snonce, an API was added to do that.
2018-06-20 14:04:54 -05:00
James Prestwood
b059a699ab netdev: refactored code to prep for AP code
Added several helpers for code that will be reused by AP
2018-06-20 14:02:07 -05:00
Denis Kenzior
d76cf840ed eap-ttls: Rename eap to phase2_eap for clarity 2018-06-20 13:55:15 -05:00
Denis Kenzior
a217b4f8b9 eap-ttls: Remove eap_new calls after load_settings
load_settings ensures that ttls->eap is correctly initialized.  So this
code should be treated as an error condition.

We also do not support EAP chaining, so remove that logic as well
2018-06-20 13:55:15 -05:00
Denis Kenzior
2fe2ed61e1 netdev: Set netdev->type to NL80211 enum 2018-06-20 08:23:22 -05:00
James Prestwood
0b5a3da2ef netdev: fixed netdev_set_iftype
While this would issue a SET_INTERFACE to the kernel it would
not actually set netdev->type, so netdev_get_iftype would
return incorrectly.
2018-06-19 16:13:39 -05:00
Antonio Quartulli
1de8d18883 main: don't crash if DBus is not running
dbus_init() currently does not check for the g_dbus object being
properly initialized and this leads to crashes when dbus is not yet
running.

Ensure g_dbus is properly initialized and return false otherwise.
In this case the caller can understand that something went wrong and
stop the initialization procedure.

Program received signal SIGSEGV, Segmentation fault.
0x00005555555bc089 in l_dbus_add_service_watch (dbus=0x0,
name=0x5555555e5b0a "org.ofono",
    connect_func=0x5555555aa81e <ofono_found>,
disconnect_func=0x5555555aa8e6 <ofono_disappeared>,
    user_data=0x0, destroy=0x0) at ell/dbus.c:1621
1621		if (!dbus->name_cache)
(gdb) bt
name=0x5555555e5b0a "org.ofono",
    connect_func=0x5555555aa81e <ofono_found>,
disconnect_func=0x5555555aa8e6 <ofono_disappeared>,
    user_data=0x0, destroy=0x0) at ell/dbus.c:1621
user_data=0x0) at ell/plugin.c:115
function=0x5555555b40fd <plugin_start>,
    user_data=0x0) at ell/queue.c:441
version=0x0) at ell/plugin.c:201
src/plugin.c:82
src/main.c:417
2018-06-15 10:59:07 -05:00
Denis Kenzior
8112806aca eap-mschapv2: Fix uninitialized use of memory
When the response structure is generated, not all of the memory was
initialized to 0.

==1045== Syscall param socketcall.sendto(msg) points to uninitialised byte(s)
==1045==    at 0x5134D52: send (in /lib64/libc-2.25.so)
==1045==    by 0x168AB5: l_checksum_update (checksum.c:338)
==1045==    by 0x186777: tls_write_mac (tls-record.c:58)
==1045==    by 0x1869D1: tls_tx_record_plaintext (tls-record.c:120)
==1045==    by 0x186DEA: tls_tx_record (tls-record.c:201)
==1045==    by 0x185A3B: l_tls_write (tls.c:2064)
==1045==    by 0x14584F: eap_ttls_eap_tx_packet (eap-ttls.c:321)
==1045==    by 0x14236C: eap_send_response (eap.c:165)
==1045==    by 0x147904: eap_mschapv2_send_response (eap-mschapv2.c:468)
==1045==    by 0x147A10: eap_mschapv2_handle_challenge (eap-mschapv2.c:492)
==1045==    by 0x147E9A: eap_mschapv2_handle_request (eap-mschapv2.c:615)
==1045==    by 0x142693: __eap_handle_request (eap.c:240)
==1045==  Address 0x1ffeffe7f9 is on thread 1's stack
==1045==  in frame #4, created by tls_tx_record (tls-record.c:177)
==1045==  Uninitialised value was created by a stack allocation
==1045==    at 0x1477AE: eap_mschapv2_send_response (eap-mschapv2.c:443)
==1045==
==1045== Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s)
==1045==    at 0x5134E3B: sendmsg (in /lib64/libc-2.25.so)
==1045==    by 0x17F691: operate_cipher (cipher.c:356)
==1045==    by 0x17F9D8: l_cipher_encrypt (cipher.c:446)
==1045==    by 0x186BAA: tls_tx_record_plaintext (tls-record.c:152)
==1045==    by 0x186DEA: tls_tx_record (tls-record.c:201)
==1045==    by 0x185A3B: l_tls_write (tls.c:2064)
==1045==    by 0x14584F: eap_ttls_eap_tx_packet (eap-ttls.c:321)
==1045==    by 0x14236C: eap_send_response (eap.c:165)
==1045==    by 0x147904: eap_mschapv2_send_response (eap-mschapv2.c:468)
==1045==    by 0x147A10: eap_mschapv2_handle_challenge (eap-mschapv2.c:492)
==1045==    by 0x147E9A: eap_mschapv2_handle_request (eap-mschapv2.c:615)
==1045==    by 0x142693: __eap_handle_request (eap.c:240)
==1045==  Address 0x1ffeffe7f9 is on thread 1's stack
==1045==  in frame #4, created by tls_tx_record (tls-record.c:177)
==1045==  Uninitialised value was created by a stack allocation
==1045==    at 0x1477AE: eap_mschapv2_send_response (eap-mschapv2.c:443)
==1045==
2018-06-15 07:55:41 -05:00
Denis Kenzior
38952813dd storage: Simplify storage_network_open 2018-06-14 20:53:39 -05:00
Denis Kenzior
a2d8054218 eap: Separate private bits into eap-private.h 2018-06-14 20:01:19 -05:00
Denis Kenzior
f04869c3cf network: Use network_load_psk in network_connect_psk 2018-06-14 19:22:29 -05:00
Denis Kenzior
c25499a118 network: Rework autoconnect logic 2018-06-14 19:21:44 -05:00
Denis Kenzior
786365e2c7 eap: Add __eap_check_settings
Since PEAP & TTLS expect to use eap_check_settings recursively, make
them use a private version of that API that does not perform cleanup and
can contain side-effects.

eap_check_settings itself will guarantee that no side effects happen on
error.  It is meant to be used by code outside of the eap subsystem.
2018-06-14 19:21:44 -05:00
Denis Kenzior
e24d6b54d2 eap: Ensure that we don't return an empty queue 2018-06-14 17:02:09 -05:00
Denis Kenzior
250568025c network: Fix a bunch of double-frees
Missing secrets are freed by eap_send_agent_req() even in case of
failure, so it was erroneous to try to free them on error.

==1048== Invalid read of size 8
==1048==    at 0x1603EC: l_queue_clear (queue.c:101)
==1048==    by 0x1603B8: l_queue_destroy (queue.c:82)
==1048==    by 0x135328: network_connect_8021x (network.c:943)
==1048==    by 0x1354C4: network_connect (network.c:987)
==1048==    by 0x178DD2: _dbus_object_tree_dispatch (dbus-service.c:1690)
==1048==    by 0x16D32A: message_read_handler (dbus.c:285)
==1048==    by 0x166EC3: io_callback (io.c:123)
==1048==    by 0x165A1A: l_main_iterate (main.c:376)
==1048==    by 0x165B58: l_main_run (main.c:423)
==1048==    by 0x1102DA: main (main.c:458)
==1048==  Address 0x5461850 is 0 bytes inside a block of size 24 free'd
==1048==    at 0x4C2C13B: free (vg_replace_malloc.c:530)
==1048==    by 0x15ED03: l_free (util.c:136)
==1048==    by 0x1603C4: l_queue_destroy (queue.c:83)
==1048==    by 0x134BD5: eap_secret_request_free (network.c:719)
==1048==    by 0x134EF9: eap_send_agent_req (network.c:817)
==1048==    by 0x1352F7: network_connect_8021x (network.c:936)
==1048==    by 0x1354C4: network_connect (network.c:987)
==1048==    by 0x178DD2: _dbus_object_tree_dispatch (dbus-service.c:1690)
==1048==    by 0x16D32A: message_read_handler (dbus.c:285)
==1048==    by 0x166EC3: io_callback (io.c:123)
==1048==    by 0x165A1A: l_main_iterate (main.c:376)
==1048==    by 0x165B58: l_main_run (main.c:423)
2018-06-14 17:00:52 -05:00
Denis Kenzior
75b492eacc eap-peap: Fix double free 2018-06-14 16:01:50 -05:00
Denis Kenzior
eb1a183277 eap-ttls: Fix double free 2018-06-14 15:58:43 -05:00
Denis Kenzior
86fef093c0 eap-mschapv2: Optimize away some allocs/frees 2018-06-14 15:19:50 -05:00
Andrew Zaborowski
1a465aed4a eap: Allow methods to request the Identity from agent
In eap_check_settings move the check for the EAP-Identity setting so
that the method's check_setting call back has a chance to request it
from the agent.  Note the check can be also moved to the EAP methods
so that they are free to skip it if not NULL identity is ok.
2018-06-13 21:49:24 -05:00
Andrew Zaborowski
b9aaab9c63 eap-mschapv2: Drop unneeded UTF-8 validation
As report by Denis those strings have already gone through validation.
2018-06-13 21:49:07 -05:00
Andrew Zaborowski
66e332fd4a eap: Use l_settings_get_string where needed
Replace usages of l_settings_get_value with l_settings_get_string, which
will make sure the returned strings are unescaped but also allocates
memeory and forces us to use l_free on most of the strings.  Some of
these strings we explicitly set with l_settings_set_string() in our code
so when we retrieved them with l_settings_get_value() we would receive a
different string if there were any escapable characters in the string.
I didn't replace any of the l_settings_get_value() uses where we're just
checking whether a setting is present, or those which are hexstrings or
EAP method names assuming that they can't have any special characters,
although this isn't future proof.  I did use l_settings_get_string() for
file paths though.
2018-06-13 21:41:43 -05:00
Andrew Zaborowski
b8fde0c166 eap: Accept a second id parameter in eap_append_secret
Accept two setting IDs in eap_append_secret, first for the username and
second for the password in case of the EAP_SECRET_REMOTE_USER_PASSWORD
EAP secret type.  In all other cases only the first setting is used.
Until now for EAP_SECRET_REMOTE_USER_PASSWORD secrets we'd generate the
two setting names by adding different suffixes to the ID parameter.

Using the two different setting names automatically fixes the issues
with using the EAP Identity returned by the agent in EAP-MSCHAPv2 and
EAP-PWD.
2018-06-13 21:34:25 -05:00
Denis Kenzior
7877be328b netdev: Fix unneeded error negation
device.c expects errors to be negative for both set_powered and
set_4addr.
2018-06-13 21:25:01 -05:00
Antonio Quartulli
b415858698 device: add dbus interface for WDS property
The WDS dbus property of a Device directly maps to the 4ADDR property
of a real netdevice. It can be activated or deactivated at any point
in time.

The name WDS comes from the fact that this feature allows a STA
interface to be bridged and thus create a Wireless Distribution
System (the same name is used in OpenWRT and hostapd).

To implement this feature, the 'powered callback' data structure has
been renamed and re-used.
2018-06-13 21:16:22 -05:00
Antonio Quartulli
9476f78e2d netdev: add helper to set/unset 4ADDR property 2018-06-13 21:12:53 -05:00
Andrew Zaborowski
17ad048c8c device: On lost beacon always set roam_no_orig_ap
Even if we're already roaming or preparing to roam, setting this flag
may still affect some step of the roam sequence so set it anyway.
2018-06-13 12:13:45 -05:00
Andrew Zaborowski
660f321c3d eap-mschapv2: Fix password hash validation 2018-06-13 11:59:49 -05:00
Antonio Quartulli
896aa41082 netdev: handle netlink events on bridge ports
When a wifi interface is added/removed to/from a bridge, a
RTM_NEW/DELLINK event is issued. This is the same event used to signal
when an interface is created/deleted.

For this reason the event generated by the bridge code has to be
properly distinguished and handled accordingly. Failing to do so will
result in inconsistencies in iwd which will think an interface has been
deleted when it was actually not.

Detect incoming NEW/DELLINK bridge events and reacts accordingly. For
now, this simply means printing a simple message, as there is no
special logic in iwd for this yet.
2018-06-13 08:31:46 -05:00
James Prestwood
96374f47e5 eap-aka: added EAP reset_state 2018-06-12 11:09:10 -05:00
James Prestwood
789eb08bc9 eap-sim: added EAP reset_state 2018-06-12 11:09:10 -05:00
Denis Kenzior
e4bc7149c3 eap-tls: Implement reset_state method 2018-06-07 19:58:56 -05:00
Denis Kenzior
092ccb4372 eap-ttls: Add reset_state method 2018-06-07 19:53:42 -05:00
Denis Kenzior
1f3b120467 eap-peap: Add reset_state method 2018-06-07 19:43:25 -05:00
Denis Kenzior
6e242acddb eap-mschapv2: Implement reset_state 2018-06-07 17:10:59 -05:00
Denis Kenzior
ff7a581d36 eap: Don't destroy method on completion
Let the upper layers decide what to do when a method completes
2018-05-30 22:36:41 -05:00
Denis Kenzior
9bcb2b75ac eapol: On success, reset EAP state
Instead of destroying the EAP object, just reset its state in case the
EAP process completed successfully.  This allows EAP Reauthentication to
work.
2018-05-30 15:09:42 -05:00
Denis Kenzior
2722990e61 eap-pwd: Add .reset_state method 2018-05-30 15:04:20 -05:00
Denis Kenzior
5894051d6c eap: Introduce state reset
This is meant to reset the EAP state back to its original state without
affecting any state variables obtained through load_settings.  This can
be useful for EAP Reauthentication triggered by the AP.
2018-05-30 14:52:22 -05:00
Denis Kenzior
4c59569f0c scan: Move scan_get_security to common.c 2018-05-24 19:22:16 -05:00
Denis Kenzior
7c18e3cdfe iwd: Move network_init & network_exit to iwd.h 2018-05-24 19:22:12 -05:00
Denis Kenzior
e4ddf4cf19 ie: Add missing #include and forward declaration 2018-05-24 15:54:32 -05:00
Tim Kourt
c0daec7e8d scan: add wiphy into scan context
The added wiphy will later be used by the scan command
builder to identify the available features and get properties
2018-05-24 15:24:33 -05:00
Tim Kourt
8f17186666 scan: rename callback for the triggered scan 2018-05-24 15:24:33 -05:00
Denis Kenzior
3b4cc1bfe2 wiphy: Rename get_ext_feature API
to has_ext_feature
2018-05-24 15:24:16 -05:00
Tim Kourt
933eabb6ef wiphy: added accessor for the feature flags 2018-05-24 13:10:56 -05:00
Tim Kourt
367522fe8f netdev: added accessor for wiphy
Added an accessor to get wiphy associated with a network device
2018-05-24 13:07:00 -05:00
Denis Kenzior
e6adb36621 iwd.service: Use multi-user target 2018-05-22 11:28:02 -05:00
Denis Kenzior
2aba2f3ba9 main: Disable debug output by default
Instead use '-d' command line option.  This option uses an optional
argument.  Without an argument, '*' is assumed.  Otherwise you can
specify a glob string to match.  Any debug output that matches the glob
string will be printed.  e.g.:

src/iwd -d '*eap*'
2018-05-19 18:29:28 -05:00
James Prestwood
d54a8e56d3 netdev: print error if frame watch fails
The frame watch API had no callback, so if there was a failure
it would silently continue.
2018-05-18 12:54:40 -05:00
Denis Kenzior
6db257b937 eap: Dump unhandled EAP packets 2018-05-18 10:29:58 -05:00
Denis Kenzior
450ed03e21 eap: Fix crash
Some EAP servers might try to send us packets after the EAP connection
has been established.  When EAP succeeds we destroy the EAP object.  If
a new EAP request arrives we create a temporary EAP object to handle the
request (most likely to NAK it).  However, if the packet is not destined
to a particular method (e.g. it is a notification) the current logic can
result in a crash.

src/netdev.c:netdev_set_gtk() 3
==4300== Invalid read of size 8
==4300==    at 0x14204B: __eap_handle_request (eap.c:203)
==4300==    by 0x142339: eap_rx_packet (eap.c:287)
==4300==    by 0x12AEF9: eapol_rx_packet (eapol.c:1622)
==4300==    by 0x12BBBC: __eapol_rx_packet (eapol.c:2018)
==4300==    by 0x116D1E: netdev_pae_read (netdev.c:3121)
==4300==    by 0x16672B: io_callback (io.c:123)
==4300==    by 0x165239: l_main_iterate (main.c:376)
==4300==    by 0x16537D: l_main_run (main.c:423)
==4300==    by 0x10F95C: main (main.c:447)
==4300==  Address 0x30 is not stack'd, malloc'd or (recently) free'd
==4300==
2018-05-18 10:27:42 -05:00
Denis Kenzior
56eeaf7b7a eap: Fix invalid access
When the server sends an identity prompt or a notification, we were
trying to print from our local buffer, not from the actual packet.  The
relevant valgrind trace is:

src/netdev.c:netdev_mlme_notify() MLME notification 64
==4300== Conditional jump or move depends on uninitialised value(s)
==4300==    at 0x4C3006E: strnlen (vg_replace_strmem.c:425)
==4300==    by 0x508C513: vfprintf (vfprintf.c:1643)
==4300==    by 0x508EB75: buffered_vfprintf (vfprintf.c:2329)
==4300==    by 0x508C1A1: vfprintf (vfprintf.c:1301)
==4300==    by 0x167051: log_stderr (log.c:145)
==4300==    by 0x16756E: l_log_with_location (log.c:293)
==4300==    by 0x142173: __eap_handle_request (eap.c:235)
==4300==    by 0x142339: eap_rx_packet (eap.c:287)
==4300==    by 0x12AEF9: eapol_rx_packet (eapol.c:1622)
==4300==    by 0x12BBBC: __eapol_rx_packet (eapol.c:2018)
==4300==    by 0x116D1E: netdev_pae_read (netdev.c:3121)
==4300==    by 0x16672B: io_callback (io.c:123)
==4300==
EAP identity prompt: ""
2018-05-18 09:46:12 -05:00
John Zimmermann
3b4c1dd4d3 build: check for existence of execinfo.h
GLIBC is not necessarily the only library that provides execinfo.
With libexecinfo execinfo can be used also in other Libraries.
The patch lets the configure check the existence of the header
and the libexecinfo Library and uses them if avaible.

(also fixes compilation if execinfo is not avaible)
2018-05-17 17:42:28 -05:00
Tim Kourt
42c5d96219 network: load settings for the open networks
iwd was auto-connecting to the open networks despite having
Autoconnect=false flag set in the network configuration file.
This patch enables iwd to load the configuration files for the
open networks during the auto-connect attempt to take advantage
of the Autoconnect flag.
2018-05-10 12:47:40 -05:00
Tim Kourt
46abfc7813 wiphy: add support for MAX_NUM_SCAN_SSIDS 2018-05-08 19:17:40 -05:00
James Prestwood
2f0c37dae6 eap-pwd: use ecc byte conversion API's 2018-05-04 19:33:55 -05:00
James Prestwood
db690ebe73 ecc: added byte conversion functions
EAP-PWD was hard coded to only work on LE architectures. This
adds 2 conversion functions to go from network byte order (BE)
to any native architecture, and vise versa.
2018-05-04 19:33:55 -05:00
James Prestwood
71902e2291 eap-pwd: fix 32 bit build warnings from debug prints
Printing size_t as %lu works on 64 bit architectures but shows a
compile warning on 32 bit. The %zu modifier fixes this.
2018-05-04 12:48:02 -05:00
James Prestwood
322f32295d eap-pwd: fixup some minor bounds checking issues 2018-05-03 14:46:29 -05:00
Denis Kenzior
6a28cd5527 main: Check and print missing kernel options 2018-05-03 14:45:26 -05:00
Denis Kenzior
bfe4fcffd3 eap-mschapv2: Check for MD4 support 2018-05-03 14:45:00 -05:00
Denis Kenzior
a65e5e0800 eap-pwd: Don't leak on failure 2018-05-03 12:57:23 -05:00
Denis Kenzior
5cf358cd4f eap-pwd: Fixup minor style issues 2018-05-03 12:55:45 -05:00
James Prestwood
d10369cf60 eap-pwd: core EAP-PWD code 2018-05-03 10:50:30 -05:00
James Prestwood
fdee72dffc ecc: added ecc implementation for EAP-PWD
The file, src/ecc.c was taken from the bluez project:
https://git.kernel.org/pub/scm/bluetooth/bluez.git/tree/src/shared/ecc.c

There were minor changes made, e.g. changing some functions to globals
for access in EAP-PWD as well as removing some unneeded code. There was
also some code appended which allows for point addition, modulus inverse
as well as a function to compute a Y value given an X.
2018-05-03 10:27:53 -05:00
Denis Kenzior
b8c80060d3 wiphy: Update ext_features size 2018-05-01 20:46:06 -05:00
Denis Kenzior
92cf0446a1 netdev: Print handshake failure reason code 2018-05-01 20:46:06 -05:00
Denis Kenzior
9e8850c423 ap: Use EAPoL over NL80211 if available 2018-05-01 20:46:06 -05:00
Denis Kenzior
5d0f1bbb31 netdev: Handle Control Port TX path 2018-05-01 20:46:06 -05:00
Denis Kenzior
b5d48da4c7 netdev: Open PAE transport if needed
If Control Port over NL80211 is not supported, open up a PAE socket and
stuff it into an l_io on the netdev object.  Install a read handler on
the l_io and call __eapol_rx_packet as needed.
2018-05-01 20:46:03 -05:00
Denis Kenzior
ebc4e2cdf0 netdev: React to CONTROL_PORT unicast 2018-05-01 20:46:01 -05:00
Denis Kenzior
c31cf5d383 eapol: Fully separate eapol transport details
With the introduction of Control Port Over NL80211 feature, the
transport details need to be moved out of eapol and into netdev.c.
Whether a given WiFi hardware supports transfer of Control Port packets
over NL80211 is Wiphy and kernel version related, so the transport
decisions need to be made elsewhere.
2018-05-01 11:14:04 -05:00
Andrew Zaborowski
008965882d eap-mschapv2: Fix string start calculation 2018-04-30 10:47:31 -05:00
Andrew Zaborowski
b1d4db7cc8 eap: Return specific error when check_settings fails
Change the check_settings eap functions to return a negative errno and
return more granular Dbus error from the Connect method.
2018-04-30 10:45:28 -05:00
James Prestwood
071ef356db eap: add EAP-PWD method type 2018-04-27 11:14:30 -05:00
Andrew Zaborowski
56d3d40f30 eap: Wipe passphrase memory in TLS, TTLS, EAP
Wipe the passphrase memory in more places before freeing.
2018-04-26 11:27:22 -05:00
Andrew Zaborowski
6dc5d2c3ec eap-mschapv2: Load credentials obtained from agent
If needed load the username and password obtained from the agent and
received in the settings object.
2018-04-26 11:23:29 -05:00
Andrew Zaborowski
cb775819b8 network: Pass secrets to EAP methods
On connect add any secrets we've received through the agent to the
l_settings objects which the EAP methods will process in load_settings.
The settings object is modified but is never written to storage.  If
this was to change because some settings need to be saved to storage,
a new l_settings object might be needed with the union of the settings
from the file and the secrets so as to avoid saving the sensitive data.
2018-04-26 11:23:29 -05:00
James Prestwood
d1a13036d2 eap: fix EAP-SIM/AKA/AKA' after settings change
These EAP methods do not store the identity inside the settings file
since it is obtained from the SIM card, then provided to IWD via
get_identity method. If the get_identity method is implemented, do
not fail the settings check when EAP-Identity is missing.
2018-04-20 14:36:52 -05:00
Andrew Zaborowski
2382dc7ffa network: Validate 8021x settings and request passwords
Use eap_check_settings directly from network.c before we start the
connection attempt at netdev.c level, to obtain all of the required
passwords/passphrases through the agent.  This is in network.c because
here we can decide the policies for whether to call the agent in
autoconnect or only if we had a request from the user, also whether we
want to save any of that for later re-use (either password data or
kernel-side key serial), etc.

In this patch we save the credentials for the lifetime of the network
object in memory, and we skip the network if it requires any passphrases
we don't have while in autoconnect, same as with PSK networks where the
PSK isn't given in the settings.  Note that NetworkManager does pop up
the password window for PSK or EAP passwords even in autoconnect.

If EAP needs multiple passwords we will call the agent sequentially for
each.
2018-04-19 14:05:20 -05:00
Andrew Zaborowski
7541b595f9 eap-peap: Implement .check_settings
Confirm that the PEM file paths that we'll be passing to the l_tls
object are loading Ok and request/validate the private key passphrase
if needed.  Then also call eap_check_settings to validate the inner
method's settings.
2018-04-19 13:23:03 -05:00
Andrew Zaborowski
86aa4e8af1 eap-gtc: Implement .check_settings
Only do the same validation that .load_settings would do for GTC.
2018-04-19 13:14:37 -05:00
Andrew Zaborowski
8650bddcfe eap-aka: Implement .check_settings
Also it seems aka->identity could not have been set at the time
it was used in the error message so I changed that error message
slightly.
2018-04-19 13:14:25 -05:00
Andrew Zaborowski
200312c4e5 eap-sim: Implement .check_settings 2018-04-19 13:13:58 -05:00
Andrew Zaborowski
d27b0d5b1e eap-ttls: Implement .check_settings
Confirm that the PEM file paths that we'll be passing to the l_tls
object are loading Ok and request/validate the private key passphrase
if needed.  Then also call eap_check_settings to validate the inner
method's settings.
2018-04-19 13:13:07 -05:00
Andrew Zaborowski
8eea2c39d1 eap-tls: Implement .check_settings
Confirm that the PEM file paths that we'll be passing to the l_tls
object are loading Ok and request/validate the private key passphrase
if needed.
2018-04-19 13:11:39 -05:00
Andrew Zaborowski
3b2b194170 eap-mschapv2: Implement .check_settings
Move the settings validation from .load_settings plus allow the
username/password to be supplied in the secrets l_queue instead of
in the l_settings.
2018-04-19 13:01:58 -05:00
Andrew Zaborowski
9134743a97 eap-md5: Implement .check_settings
Only do the same validation that .load_settings would do for MD5.
2018-04-19 13:00:44 -05:00
Andrew Zaborowski
246e76c7b0 eap: Validate settings, report passwords needed
With the goal of requesting the required passwords/passphrases, such as
the TLS private key passphrase, from the agent, add a static method
eap_check_settings to validate the settings and calculate what passwords
are needed for those settings, if any.  This is separate from
eap_load_settings because that can only be called later, once we've
got an eap state machine object.  We need to get all the needed EAP
credentials from the user before we even start connecting.

While we do this, we also validate the settings and output any error
messages through l_error (this could be changed so the messages go
somewhere else in the future), so I removed the error messages from
eap_load_settings and that method now assumes that eap_check_settings
has been called before.

eap_check_settings calls the appropriate method's .check_settings method
if the settings are complete enough to contain the method name.  The
policy is that any data can be provided inside the l_settings object
(from the network provisioning/config file), but some of the more
sensitive fields, like private key passwords, can be optionally omitted
and then the UI will ask for them and iwd will be careful with
caching them.

Within struct eap_secret_info, "id" is mainly for the EAP method to
locate the info in the list.  "value" is the actual value returned
by agent.  "parameter" is an optional string to be passed to the agent.
For a private key passphrase it may be the path to the key file, for a
password it may be the username for which the password is requested.
2018-04-19 13:00:12 -05:00
Andrew Zaborowski
15a037f633 agent: Add new request types
Add new agent.h methods and corresponding DBus methods to request
the 3 different EAP credential types from user.
2018-04-19 11:49:41 -05:00
Andrew Zaborowski
b862fd8fe1 agent: Check if callback has sent a new request
In agent_receive_reply we first call the callback for the pending
request (agent_finalize_pending) then try to send the next request
in the queue.  Check that the next request has not been sent already
which could happen if it has been just queued by the callback.
2018-04-19 11:45:03 -05:00
Andrew Zaborowski
c6e3140b38 device: Handle disconnect by AP and by SME events same way
The difference in the handlers was that in the
NETDEV_EVENT_DISCONNECT_BY_AP case we would make sure to reply
to a pending dbus Connect call.  We also need to do that for
NETDEV_EVENT_DISCONNECT_BY_SME.  This happens if another process
sends an nl80211 disconnect command while we're connecting.
2018-04-19 10:36:18 -05:00
Andrew Zaborowski
32d846470b device: Use active scans when connected
When we're connected we're advertising our hardware address anyway so
there's no benefit from using passive scanning.
2018-04-10 00:19:33 -05:00
Andrew Zaborowski
d9ae78b780 device: Drop unsupported bands from roam scan frequency set
The kernel will reject the TRIGGER_SCAN commands that include
frequencies not supported by the wiphy.
2018-04-10 00:19:30 -05:00
James Prestwood
c0739c1965 eap-gtc: add EAP-GTC method implementation 2018-04-04 09:42:28 -05:00
James Prestwood
d1c7f360d2 eap: add EAP_TYPE_GTC (6) type 2018-04-04 09:40:05 -05:00
James Prestwood
88a1520dbd main: set eapol config 2018-04-02 13:54:25 -05:00
James Prestwood
50eae9bf87 eapol: process config setting for handshake timeout
The eapol handshake timeout can now be configured in main.conf
(/etc/iwd/main.conf) using the key eapol_handshake_timeout. This
allows the user to configure a long timeout if debugging.
2018-04-02 13:54:25 -05:00
Andrew Zaborowski
5a17c2275f eapol: Make sure rsn_info is initialized in eapol_handle_ptk_1_of_4
After an EAP exchange rsn_info would be uninitialized and in the FT case
we'd use it to generate the step 2 IEs which would cause an RSNE
mismatch during FT handshake.
2018-03-15 11:40:17 -05:00
Andrew Zaborowski
8b534ba067 eapol: In FT-EAP use all 64 bytes of the MSK
Until now we'd save the second 32 bytes of the MSK as the PMK and use
that for the PMK-R0 as well as the PMKID calculation.  The PMKID
actually uses the first 32 bytes of the PMK while the PMK-R0's XXKey
input maps to the second 32 bytes.  Add a pmk_len parameter to
handshake_state_set_pmk to handle that.  Update the eapol_eap_results_cb
802.11 quotes to the 2016 version.
2018-03-15 11:40:17 -05:00
Tim Kourt
436e95d599 peap: Postpone cleanup on phase two failure 2018-03-01 09:13:17 -06:00
Andrew Zaborowski
d2247c3a3f netdev: Avoid calling netdev_connect_ok twice in FT
handshake_state_install_ptk triggers a call to
netdev_set_pairwise_key_cb which calls netdev_connect_ok, so don't call
netdev_connect_ok after handshake_state_install_ptk.  This doesn't fix
any specific problem though.
2018-02-26 09:59:58 -06:00
Tim Kourt
9783e236a1 peap: handle completion of phase two 2018-02-23 15:19:52 -06:00
Tim Kourt
97980c0315 eap: allow to discard EAP-Success/EAP-Failure pkts 2018-02-23 12:48:40 -06:00
Tim Kourt
ad94752170 eap: add accessor for method success 2018-02-21 20:14:50 -06:00
Andrew Zaborowski
7fd6803c7a agent: Fix cancelling running request
If the request being cancelled by agent_request_cancel has already been
sent over dbus we need to reset pending_id, the timeout, call l_dbus_cancel
to avoid the agent_receive_reply callback (and crash) and perhaps start
the next request.  Alternatively we could only reset the callback and not
free the request, then wait until the agent method to return before starting
the next request.
2018-02-20 11:07:00 -06:00
Tim Kourt
55e8d7fdcc peap: add retransmission support 2018-02-15 13:00:22 -06:00
Tim Kourt
78270bc39e eap: interoperability support for Success/Failure pkts 2018-02-15 12:59:45 -06:00
Tim Kourt
91ec5cff8c peap: add phase two eap tx/rx handlers 2018-02-14 21:34:21 -06:00
Tim Kourt
1ece3b13e4 peap: introduce and configure phase two eap method 2018-02-14 21:31:24 -06:00
Tim Kourt
50b7a01f87 peap: handle send for phase two data 2018-02-14 21:30:33 -06:00
Tim Kourt
8ae6e7c3de peap: switch tx_pdu_buf to use databuf struct 2018-02-14 21:28:03 -06:00
Tim Kourt
93d0dac77b peap: handle receive for phase two data 2018-02-14 21:26:54 -06:00
Tim Kourt
487c5cbafc peap: send ack on established tunnel 2018-02-14 17:37:19 -06:00
Tim Kourt
43c650a2b4 peap: add specification reference by the version 2018-02-14 17:36:08 -06:00
Tim Kourt
5b19d0454a eap: make eap_handle_request public 2018-02-14 15:09:27 -06:00
Andrew Zaborowski
7e8e8b2ac2 eapol: Stop eapol timeout after step 3/4
Move the cancelling of the eapol timeout from the end of step 1 to
step 3 to guard the whole handshake.  At the end of step 1 stop the
EAPOL-Start timeout for the case of 802.1X authentication + a cached
PMKSA (not used yet.)
2018-02-13 12:46:27 -06:00
Andrew Zaborowski
0abab92cac scan: Add new Operating Classes from 802.11-2016 2018-02-13 11:59:42 -06:00
Andrew Zaborowski
d42e848567 device: Workaround for 0 oper class in Neighbor Report
Some APs respond to Neighbor Report Requests with neighbor reports that
have a zero operating class value and a non-zero channel number.  This
does not mean that the channel is in the same band that the reporting
AP operates in.  Try to guess the band that the channel refers to out of
2.4 and 5GHz -- the bands supported by those APs.

wpa_supplicant also has this workaround in place.
2018-02-13 11:58:38 -06:00
Marcel Holtmann
c31244ddec build: Add support for installing systemd service unit 2018-02-10 18:42:43 +01:00
James Prestwood
41936468ed netdev: basic support for receiving SA Query requests 2018-02-08 10:34:53 -06:00
Tim Kourt
8c1b175b8b peap: derive and install eap key material 2018-02-02 14:27:05 -06:00
Tim Kourt
c5ec12e0e4 peap: response fragmentation support 2018-02-02 12:58:28 -06:00
Tim Kourt
71ebb7c1d5 peap: send response pkts 2018-02-01 22:09:12 -06:00
Tim Kourt
84be0eb8d3 peap: handle fragmented request 2018-02-01 22:08:13 -06:00
James Prestwood
f3cc96499c netdev: added support for SA Query
SA Query procedure is used when an unprotected disassociate frame
is received (with frame protection enabled). There are two code
paths that can occur when this disassociate frame is received:

1. Send out SA Query and receive a response from the AP within a
   timeout. This means that the disassociate frame was not sent
   from the AP and can be ignored.

2. Send out SA Query and receive no response. In this case it is
   assumed that the AP went down ungracefully and is now back up.
   Since frame protection is enabled, you must re-associate with
   the AP.
2018-02-01 11:33:47 -06:00
Tim Kourt
362771577b peap: introduce basic request-response flow 2018-02-01 10:47:26 -06:00
Tim Kourt
40898deb8b peap: handle Start flag 2018-02-01 10:43:16 -06:00
James Prestwood
ce0d5858da util: added macros to print mac addresses 2018-02-01 10:12:09 -06:00
Marcel Holtmann
64dcf11042 main: Rephrase warning when optional configuration file is missing 2018-01-29 02:25:28 -08:00
Marcel Holtmann
0cf589e13d build: Don't provide iwd/main.conf during make install 2018-01-29 02:20:52 -08:00
Marcel Holtmann
980f6f3645 main: Rename iwd/iwd.conf into iwd/main.conf 2018-01-29 02:13:41 -08:00
Tim Kourt
1d1bbb83eb eap-peap: add version validation 2018-01-24 11:23:50 -06:00
Tim Kourt
ba8857d2f4 eap-peap: configure Protected EAP 2018-01-24 11:22:16 -06:00
Tim Kourt
20e74e8679 eap-peap: Introduce Protected EAP support 2018-01-24 11:19:56 -06:00
Tim Kourt
b33486a7c7 eap: add eap type 25 - peap 2018-01-24 11:19:12 -06:00
Tim Kourt
3230cee2a1 network: add check for autoconnect flag in settings 2018-01-23 14:13:00 -06:00
Tim Kourt
91b6efaf66 eap: add NULL checks
1. Enforce implementation of handle_request function

2. In case of unimplemented handle_retransmit try to use
   handle_request instead and rely on method specific
   mechanism to restart the conversation if necessary

3. Make method->free implementation unrequired
2018-01-23 14:12:24 -06:00
Tim Kourt
4ed442b8b8 eap: add eap type 33 - extensions 2018-01-22 17:12:16 -06:00
Andrew Zaborowski
0ac0c6b129 device: Update Scanning on periodic scan stop
When we call scan_periodic_stop and a periodic scan is in progress (i.e.
the trigger callback has been called already) we get no new callback
from scan.c and the device Scanning property remains True forever so set
it to False.

The change from scan_periodic_stop to periodic_scan_stop looks silly but
it's consistent with our naming :)
2018-01-22 10:35:33 -06:00
Denis Kenzior
0930814aba device: Change #define names to be more descriptive 2018-01-22 10:27:14 -06:00
James Prestwood
38e9a67da8 device: Add support for AP directed roaming
This patch adds a watcher/parser for the frame event associated with
an AP directed BSS transition (AP roaming). When the AP sends a BSS
transition request, this will parse out the BSS candidate list
(neighbor report) and initiate a roam scan. After this point the
existing roaming code path is reused.
2018-01-18 15:32:42 -06:00
Andrew Zaborowski
fb8063f37f netdev: Make sure we send SET_STATION after FT
Make sure that we set the AUTHORIZED sta flag after an FT in
netdev_set_pairwise_key_cb, I broke this in
a03839f8ef.
2018-01-16 11:13:54 -06:00
Andrew Zaborowski
69b852126d device: Remove unnecessary assignment 2018-01-16 11:12:10 -06:00
James Prestwood
f82c2253ce eap-aka/sim: Automatically prefix identities
The identity retrieved from simauth was required to include the
prefix for SIM/AKA/AKA', but in reality a real SIM would not
include that prefix in the IMSI. Now the correct prefix is
prepended onto the identity depending on the EAP method.
2017-12-14 16:23:40 -06:00
James Prestwood
f7a9caef2b simauth: remove unregister API
The unregister simauth API was unused and not required, this
also fixes a double free when freeing the NAI.
2017-12-14 16:22:09 -06:00
James Prestwood
5f3bf1dbac eap-aka: support for synchronization error
If the SQN in AUTN is incorrect the simauth module will return
the AUTS parameter, which is sent back to the server and the
servers SQN number is updated.
2017-12-13 17:13:29 -06:00
James Prestwood
3de239ed9e simutil: removed milenage algorithm from simutil
The simauth module now checks the milenage values
2017-12-13 17:13:29 -06:00
James Prestwood
1fa218fc8d eap-aka: Updated EAP-AKA to use simauth module 2017-12-13 16:16:32 -06:00
James Prestwood
80aa03edd8 eap-sim: Updated EAP-SIM to use simauth module 2017-12-13 16:14:59 -06:00
James Prestwood
a1ceb34bec simauth: fixup to add proper return values
The GSM and Milenage API's should return an integer which
can be used to cancel the request, they were returning bool.
2017-12-13 16:12:24 -06:00
James Prestwood
36804b1b5c simauth: add register/unregister API's
Forcing a plugin to create and register simauth at once is sometimes
inconvenient. This patch separates the creation and registration
into two API's, and also adds several others to add the required simauth
data incrementally (identity, driver data, sim/aka support). This also
allows for the driver to unregister the auth provider without freeing
up the simauth object itself e.g. if the driver temporarily becomes
unavailable, but will come back sometime in the future.

The simauth watch API's were also renamed. Watchers will now get a
callback when the provider has been unregistered, so they have been
renamed to sim_auth_unregistered_watch_[add|remove].
2017-12-11 23:36:43 -06:00
James Prestwood
1a975a1168 simauth: fixup, destroy watchlist was not being removed 2017-11-30 12:44:06 -06:00
Denis Kenzior
777c7c3dae simauth: Fix compiler warning
src/simauth.c:163:6: error: no previous declaration for ‘sim_auth_cancel_request’ [-Werror=missing-declarations]
 void sim_auth_cancel_request(struct iwd_sim_auth *auth, int id)
      ^~~~~~~~~~~~~~~~~~~~~~~
2017-11-30 08:56:10 -06:00
James Prestwood
a595587b65 main: start simauth module 2017-11-30 08:49:49 -06:00
James Prestwood
e030151f7d main: start up plugin module
iwd now supports plugin loading, whitelisting and blacklisting.  Both
the whitelist and the blacklist support multiple patterns separated by a
',' character.
2017-11-28 13:32:36 -06:00
James Prestwood
09de4433ad plugins: module to load ell plugins 2017-11-28 13:30:06 -06:00
James Prestwood
517df48101 make: plugin system for build
Preperation for ell plugins. New plugins can be added to
builtin_sources/builtin_modules, which will be added
to src/builtin.h when it is generated.
2017-11-28 13:20:33 -06:00
Andrew Zaborowski
016dcd52d8 device: Fix an autoconnect corner case
Make sure device->autoconnect is set when entering the autoconnect state
after netdev UP event.  Otherwise the next time
device_set_autoconnect(device, false) is called it will exit early seeing
that device->autoconnect is false and not switch the device state.
2017-11-27 09:56:04 -06:00
James Prestwood
46c1e8fa60 simauth: new module to handle EAP-SIM/AKA auth
This is the core module that takes care of registering
authentication drivers. EAP-SIM/AKA will be able to acquire
a driver that supports the required algorithms. The driver
implementation (hardcoded/ofono etc.) is isolated into
separate plugin modules.
2017-11-22 11:59:13 -06:00
James Prestwood
1d119d58c1 watchlist: added macro for notifying with no args
The macros currently did not support notifying a watchlist with
no extra arguments.
2017-11-16 14:10:47 -06:00
James Prestwood
c0fe2b78c4 eap: new method API for getting EAP-Identity
EAP-SIM/AKA/AKA' retrieve the EAP-Identity off the SIM card
not from the settings file. This adds a new EAP method API
which can optionally be implemented to retrieve the identity.
If get_identity is implemented, the EAP layer will use it to
retrieve the identity rather than looking in the settings file.
2017-11-13 11:09:37 -06:00
Tim Kourt
f4f1450880 network: Start checking outcomes of setting loads 2017-10-31 17:46:28 -05:00
Tim Kourt
e7d1b779e7 storage: provide proper feedback on failures
network_settings_load expects NULL value to be returned
on failed attempts to read the settings files inside of
storage_network_open. At the same time storage_network_open
used to always return an initialized l_settings
structure despite the outcome of the read operations,
indicating a success.
2017-10-31 17:45:47 -05:00
Tim Kourt
adc203184b netdev: fail early on unsuccessful eapol_start 2017-10-30 08:51:59 -05:00
Tim Kourt
3f4b5a98f5 eapol: provide feedback from eapol_start, refactor 2017-10-30 08:51:28 -05:00
Tim Kourt
3b6d7e94f8 dbus: Add NotConfigured dbus exception 2017-10-26 16:00:21 -05:00
Andrew Zaborowski
4dba9e37dd netdev: Track the id of the SET_STATION netlink command
This way we make sure it gets cancelled any sort of connect abort of
netdev removal and don't leak the message on error.
2017-10-23 11:17:11 -05:00
Andrew Zaborowski
a03839f8ef netdev: Send SET STATION in pairwise key callback
When the 4-Way Handshake is done eapol.c calls netdev_set_tk, then
optionally netdev_set_gtk and netdev_set_igtk.  To support the no group
key option send the final SET STATION enabling the controlled port
inside the callback for the netdev_set_tk operation which always means
the end of a 4-Way Handshake rather than in the netdev_set_gtk callback.
The spec says exactly that the controlled port is enabled at the end of
the 4-Way Handshake.

The netlink operations will still be queued in the same order because
the netdev_set_tk/netdev_set_gtk/netdev_set_igtk calls happen in one
main loop iteration but even if the order changed it wouldn't matter.
On failure of any of the three operations netdev_setting_keys_failed
gets called and the remaining operations are cancelled.
2017-10-23 11:17:08 -05:00
Andrew Zaborowski
ffcda135d2 eapol: Check for "No Group Traffic" group cipher suite 2017-10-23 11:14:40 -05:00
Denis Kenzior
2c565019c7 eapol: Silence uninitialized var warnings 2017-10-20 07:41:56 -05:00
Denis Kenzior
7f8f45220e eapol: Do not install the same GTK/IGTK
Track the contents and size of the GTK and IGTK and if the Authenticator
(or an adversary) tries to set the same GTK/IGTK, process the packet
normally but do not resubmit the GTK/IGTK to the kernel.
2017-10-19 16:47:35 -05:00
Denis Kenzior
cd7af67aac eapol: Tighten up GTK/IGTK KDE validation
GTK KDE was being checked for being a minimum of 6 bytes.  Not quite
sure why since the minimum GTK key length is 16 bytes for CCMP.
Similarly make sure that the maximum length is not more than 32, which
is currently the largest key size (TKIP)
2017-10-19 16:47:35 -05:00
Denis Kenzior
c93a52c066 eapol: Handle retransmissions 2017-10-19 16:47:29 -05:00
Denis Kenzior
f07164b2ef eapol: Remove unneeded {} 2017-10-18 20:40:10 -05:00
Denis Kenzior
ac5d8c2b34 eapol: Reword comment 2017-10-18 20:39:31 -05:00
Denis Kenzior
bee04b179e eapol: Fail handshake if MIC calculation fails
This is a bizarre case since MIC calculation succeeded for the incoming
packet.  But just in case MIC calculation fails for the outgoing packet,
kill the handshake.
2017-10-18 20:38:54 -05:00
Denis Kenzior
c1a0e844b0 eapol: Tighten up replay counter handling 2017-10-18 20:31:49 -05:00
Denis Kenzior
5b6c18fadd watchlist: Fix memory leak 2017-10-18 19:29:24 -05:00
James Prestwood
8ce787557f simutil: fixup adding const to data pointer
eap_sim_add_attribute() was not taking a const uint8_t * as
it should.
2017-10-18 11:18:26 -05:00
Denis Kenzior
ffbf10fa31 eapol: Remove erroneous comments
The comments quoted sections of the specification that indicated STA
behavior for verifying Message 3 of 4 or GTK 1 of 2.  But in reality the
code directly below simply calculated the MIC for Message 4 of 4 or GTK
2 of 2.
2017-10-16 14:41:57 -05:00
Andrew Zaborowski
dae0abbac8 eapol: Use frame watches for preauth_sm 2017-10-12 11:14:59 -05:00
Andrew Zaborowski
cc4da26f69 eapol: Use frame watches for eapol_sm, refactor
Use eapol_frame_watch_add/eapol_frame_watch_remove in eapol_sm, while
there simplify the early_frame logic and confirm sender address for
received frames.
2017-10-12 11:13:51 -05:00
Andrew Zaborowski
47ae8571c1 ap: Drop unneeded ap_deauth_cb cleanup step
ap_free_sta() later in ap_deauth_cb already cancels the command.
2017-10-12 10:55:02 -05:00
Andrew Zaborowski
69687bedd1 ap: Implement Deauthentication on error 2017-10-12 10:54:45 -05:00
Andrew Zaborowski
375e2262f2 ap: Implement Reassociation
Add some form of the Reassociation procedure with comment on the
interpretation choice.
2017-10-12 10:54:24 -05:00
Andrew Zaborowski
a26ca0fb66 ap: Simplify ap_common_rates
If we've checked that the STA has included our Basic Rate we've already
found one common rate, no need for further checks.
2017-10-12 10:53:07 -05:00