3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-22 23:09:34 +01:00
Commit Graph

4545 Commits

Author SHA1 Message Date
Tim Kourt
dc4b7e327e peap: Add inner EAP key material into imsk calculation
For the inner EAP methods that support generation of the key material
include it into imck generation. This allows to cryptographically
bind the inner method with the tunnel.
2020-02-03 11:33:57 -06:00
Tim Kourt
c2078c703d eap-tls-common: Address PEAPv0 interoperability with Windows
Windows Server 2008 - Network Policy Server (NPS) generates an invalid
Compound MAC for Cryptobinding TLV when is used within PEAPv0 due to
incorrect parsing of the message containing TLS Client Hello.
Setting L bit and including TLS Message Length field, even for the
packets that do not require fragmentation, corrects the issue. The
redundant TLS Message Length field in unfragmented packets doesn't
seem to affect the other server implementations.
2020-02-03 11:33:02 -06:00
Denis Kenzior
0508879e2a hwsim: Use L_DBUS_PROPERTY_FLAG_AUTO_EMIT 2020-01-29 10:51:40 -06:00
Andrew Zaborowski
55f9639ee3 manager: Retry the interface setup if we get an EBUSY
Sometimes, at least with brcmfmac, the default interface apparently
takes a moment to get created after the NEW_WIPHY event.  We didn't
really consider this case in the NEW_WIPHY handler and we've got a race
condition.  It fixes the following bug for me:
https://bugs.archlinux.org/task/63912 -- tested by removing and
re-modprobing the brcmfmac module rather than rebooting.

To work around this wait for the NEW_INTERFACE event and then retry the
setup.  We still do the initial attempt directly after NEW_WIPHY to
handle cases like wiphys with no default interfaces and pre-existing
wiphys.
2020-01-28 15:10:10 -06:00
Andrew Zaborowski
aec7c0f39c manager: Make sure all interface are processed after dump
In manager_interface_dump_done use l_queue_foreach_remove instead of
l_queue_remove_if to make sure we process all of the interfaces.
2020-01-27 15:00:23 -06:00
Andrew Zaborowski
b216e98974 Document P2P dbus interfaces
Proposed minimum P2P interfaces for establishing basic connections.  The
device discovery results in creation of Peer objects.
2020-01-27 14:55:09 -06:00
Denis Kenzior
bc076834b0 wired: Update to the new ell API 2020-01-27 14:30:42 -06:00
Denis Kenzior
03ccc454b7 knownneetworks: React to mtime updates
We track mtime as the 'LastConnectedTime' of the network, and also sort
the known network list according to the last connected time.
Unfortunately we were never reacting to ATTRIB changes, and so were
never updating the network_info->connected_time whenever a network was
connected to.

Rework the logic to address this.  This also fixes a small bug where the
connected_time was not set properly prior to removal / re-insertion of
the network_info.
2020-01-27 14:28:08 -06:00
Denis Kenzior
f2af2d004d client: Make variables extern
These arrays should have been declared extern in the first place.
Newer versions of gcc now complain about this:

/usr/lib/gcc/x86_64-pc-linux-gnu/9.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: client/dbus-proxy.o:(.bss+0x0): multiple definition of `properties_yes_no_opts'; client/adapter.o:(.bss+0x0): first defined here
/usr/lib/gcc/x86_64-pc-linux-gnu/9.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: client/dbus-proxy.o:(.bss+0x20): multiple definition of `properties_on_off_opts'; client/adapter.o:(.bss+0x20): first defined here
/usr/lib/gcc/x86_64-pc-linux-gnu/9.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: client/device.o:(.bss+0x20): multiple definition of `properties_on_off_opts'; client/adapter.o:(.bss+0x20): first defined here
/usr/lib/gcc/x86_64-pc-linux-gnu/9.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: client/device.o:(.bss+0x0): multiple definition of `properties_yes_no_opts'; client/adapter.o:(.bss+0x0): first defined here
/usr/lib/gcc/x86_64-pc-linux-gnu/9.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: client/known-networks.o:(.bss+0x0): multiple definition of `properties_yes_no_opts'; client/adapter.o:(.bss+0x0): first defined here
/usr/lib/gcc/x86_64-pc-linux-gnu/9.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: client/known-networks.o:(.bss+0x20): multiple definition of `properties_on_off_opts'; client/adapter.o:(.bss+0x20): first defined here
/usr/lib/gcc/x86_64-pc-linux-gnu/9.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: client/properties.o:(.data.rel.local+0x0): multiple definition of `properties_yes_no_opts'; client/adapter.o:(.bss+0x0): first defined here
/usr/lib/gcc/x86_64-pc-linux-gnu/9.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: client/properties.o:(.data.rel.local+0x20): multiple definition of `properties_on_off_opts'; client/adapter.o:
2020-01-27 09:47:40 -06:00
Denis Kenzior
98e1d38056 monitor: Fix crash
NLMSG_OK and NLMSG_NEXT expect to operate on nlmsg_len which is an int
(signed type).  The current code uses an unsigned type which means that
it cannot detect underflows.  Such underflows can happen when NLMSG_NEXT
tries to advance nlmsg_len by a number of bytes (due to alignment) which
are greater than the current nlmsg_len itself.  This causes iwmon to
crash on certain messages.

Reported-By: Daniel Wagner <wagi@monom.org>
2020-01-22 11:52:28 -06:00
Denis Kenzior
681172a999 storage: Add ability to preserve times
We use the mtime on the network profile as the 'Last Connected Time'.
When we update any property and sync the file to disk, the mtime was not
preserved (since we were creating a new temporary file instead of
modifying the old one).  This led to LastConnectedTime property change
being emitted / updated incorrectly when a writable property on the
KnownNetwork interface was updated.
2020-01-22 11:15:19 -06:00
Torstein Husebø
759dbdd37f treewide: fix typos 2020-01-21 16:03:28 -06:00
Denis Kenzior
2a7c4a9c3d doc: Fix wrong interface name
When we moved SignalLevelAgent from Device to Station we apparently
forgot to update this particular straggler.
2020-01-18 10:58:33 -06:00
Denis Kenzior
1bc3e56431 doc: Remove empty file 2020-01-18 10:54:08 -06:00
Denis Kenzior
b00d4f4ce6 wsc: Use macros to simplify reply code a bit 2020-01-17 12:50:23 -06:00
Denis Kenzior
30ec06edcc wsc: Remove stale comment
Known networks are now automatically updated through inotify mechanisms,
so this comment is no longer needed.
2020-01-17 12:50:23 -06:00
Denis Kenzior
ec15838215 wsc: Rework wsc_enrollee_destroy
Our design preference is to not call any callbacks in the _free/_destroy
method of a class (with the exception of explicit destroy callbacks
provided, if any).

Invoking the callback in this case was unnecessary: wsc_dbus_free was
already replying to pending connect / cancel messages.  The only other
thing the callback would attempt to do is to set station back into
autoconnect mode.  This was unnecessary as well since the netdev is
already down.

This change removes the callback invocation.  Since wsc_enrollee_destroy
is now just calling wsc_enrollee_free, remove this from the API and
expose wsc_enrollee_free instead.
2020-01-17 12:50:23 -06:00
Andrew Zaborowski
1f14941011 wsc: Accept extra IEs in wsc_enrollee_new 2020-01-17 12:50:23 -06:00
Andrew Zaborowski
ce16ba3bf8 wsc: Refactor WSC D-Bus interface logic
Split the WSC D-Bus interface class (struct wsc) into a base class
common to station mode and P2P mode (struct wsc_dbus) and station-
specific logic like scanning, saving the credentials as a known network
and triggering the station-mode connection (struct wsc_station_dbus).

Make the base class and its utilities public in wsc.h for P2P use.
2020-01-17 12:50:23 -06:00
Andrew Zaborowski
b10264dcc7 wsc: Split out enrollee state machine to own object
Create struct wsc_enrollee which is allocated with wsc_enrollee_new,
taking a done callback as a parameter.  The callback is always
called so there's no need for a separate destroy callback.  The object
only lives until the done callback happens so wsc_enrollee_cancel/destroy
can only be used before this.

Looks like the rest of the file is simplified thanks to this.
2020-01-17 12:50:23 -06:00
Andrew Zaborowski
02f7d425b3 netdev: Drop the netdev_frame_watch API 2020-01-16 11:38:01 -06:00
Andrew Zaborowski
baad7e5fd8 netdev: Switch to new frame watch API 2020-01-16 11:37:59 -06:00
Andrew Zaborowski
b234a8e614 rrm: Switch to new frame watch API 2020-01-16 11:37:57 -06:00
Andrew Zaborowski
b31a23785a device: Switch to new frame watch API 2020-01-16 11:37:55 -06:00
Andrew Zaborowski
4a61620a9b ap: Switch to new frame watch API 2020-01-13 11:49:08 -06:00
Andrew Zaborowski
6484b7dbb6 Add a new frame watch API
This new API is independent of netdev.c and allows actually
unregistering from receiving notifications of frames, although with some
quirks.  The current API only allowed the callback for a registration to
be forgotten but our process and/or the kernel would still be woken up
when matching frames were received because the kernel had no frame
unregister call.  In the new API you can supply a group-id paramter when
registering frames.  If it is non-zero the frame_watch_group_remove() call
can be used to remove all frame registrations that had a given group-id
by closing the netlink socket on which the notifications would be
received.  This means though that it's a slightly costly operation.

The file is named frame-xchg.c because I'm thinking of also adding
utilities for sending frames and waiting for one of a number of replies
and handling the acked/un-acked information.
2020-01-13 11:49:08 -06:00
Andrew Zaborowski
5888f66258 unit: Add a test for building M8 encrypted settings
There's are two changes to the example raw data in m8_encrypted_settings,
one is to change the Network Index value to 1 and the other is to drop
the Network Key Index attribute:

Network Index     R     Deprecated - use fixed value 1 for
                        backwards compatibility.

Network Key       O     Deprecated. Only included by WSC 1.0
Index                   devices. Ignored by WSC 2.0 or newer
                        devices.
2020-01-09 14:07:52 -06:00
Andrew Zaborowski
c6c45e0569 wscutil: Add wsc_build_m8_encrypted_settings 2020-01-09 14:03:45 -06:00
Andrew Zaborowski
c67219a292 wscutil: Add wsc_build_credential 2020-01-09 13:57:11 -06:00
Andrew Zaborowski
0f8a49501e wsc: Refactor store_credentials / try_credentials
Instead of taking the credentials from wsc object directly, have the
caller pass these in.  This makes it more consistent with how the
done_cb was done.
2020-01-06 15:23:55 -06:00
Andrew Zaborowski
25708fbb5c wsc: Refactor to separate station-specific code
Split the interface-specific logic from the core WSC logic.  The core
WSC code is the part that we can re-use between P2P and station and
doesn't include the D-Bus code, scanning for the target BSS or the
attempt to make a station mode connection.
2020-01-06 11:50:12 -06:00
Andrew Zaborowski
a716f46573 netdev: Replace bool randomize_mac with specific address
Allow netdev_create_from_genl callers to draw a random or non-random MAC
and pass it in the parameter instead of a bool to tell us to generating
the MAC locally.  In P2P we are generating the MAC some time before
creating the netdev in order to pass it to the peer during negotiation.
2020-01-06 11:27:38 -06:00
James Prestwood
38fa76faf5 auto-t: use stand alone radius server for testFT-FILS-SHA384
This fixes the test with recent hostapd versions
2020-01-06 11:18:48 -06:00
James Prestwood
c01751c2b3 auto-t: use stand alone radius server for testFT-FILS-SHA256
This fixes the test with recent hostapd versions
2020-01-06 11:18:48 -06:00
James Prestwood
112f1f2bef auto-t: use stand alone radius server for testFILS
This fixes the test with recent hostapd versions
2020-01-06 11:18:48 -06:00
James Prestwood
c93a4d71d6 test-runner: add special radius_server key
Some test cases require (at least with recent hostapd versions) a
stand alone radius server. This is done using driver=none in the
hostapd config file. For this use case hostapd does not need any
radio since its not doing anything wireless related.

Now inside the hw.conf file, under the HOSTAPD group, you can
specify a config file as the value to 'radius_server' key. This
config file will be used without any associated radio when hostapd
is started.
2020-01-06 11:18:48 -06:00
James Prestwood
8b937f4705 doc: add CONFIG_DRIVER_NONE to hostapd config
This allows hostapd to be started as a standalone radius server
2020-01-06 11:18:48 -06:00
Marcel Holtmann
860fa4697f Release 1.4 2019-12-19 20:46:50 +01:00
Tim Kourt
d9efacfbba peap: Ignore Crypto-Binding TLVs with invalid compound MACs
Some server implementation don't seem to provide the valid compound MACs.
In the meantime, iwd will ignore the invalid Crypto-Binding TLVs as their
usage is optional.
2019-12-18 23:46:49 -06:00
James Prestwood
e2f4031a21 doc: describe hardware passthrough feature
There are wiki's floating around, but I have consolidated the steps for
USB passthrough into our internal docs.

Reviewed-By: Paul Menzel <pmenzel@molgen.mpg.de>
2019-12-18 10:27:23 -06:00
Denis Kenzior
83e535b643 netdev: Use nl80211_parse_attrs 2019-12-17 16:58:04 -06:00
Denis Kenzior
9ee2b4ea4a nl80211util: Support ATTR_MAC 2019-12-17 16:58:04 -06:00
Denis Kenzior
ab14515715 resolve: Fix invalid method name check
The intent was to check for the presence of the add_domain_name
operation, not add_dns operation.

Fixes: 930528e35e ("resolve: Add systemd-resolved domain name installer")
2019-12-17 16:58:04 -06:00
Denis Kenzior
0e49561bb7 treewide: Use l_debug with at least one argument
By convention we should be passing at least an empty string to make it
clearer that no additional debug info is being printed
2019-12-17 16:15:05 -06:00
Denis Kenzior
3607ee0c7e netdev: Allow both -EOPNOTSUPP and -ENOTSUPP
It seems that the kernel uses -EOPNOTSUPP if the change_station
operation is not implemented by the driver.  However, some drivers do
implement change_station and choose to report -ENOTSUPP instead of
-EOPNOTSUPP.

To add to the confusion, EOPNOTSUPP and -ENOTSUPP are the same on some
systems (e.g. Gentoo).  Be paranoid and allow both errors to be ignored
when sending CMD_SET_STATION.

Fixes: 0238ffb8d9 ("netdev: Use -EOPNOTSUPP instead of -ENOTSUPP")
2019-12-17 16:10:46 -06:00
Tim Kourt
1f84c3b19a manpage: Add section about IPv4 static network configuration 2019-12-17 11:30:54 -06:00
Tim Kourt
f21d1aa78b peap: Add debug statements 2019-12-17 11:07:32 -06:00
Denis Kenzior
295e42f87a resolve: Don't try to set routing domains
The intent was to treat all domains as search domains, not routing
domains.

Fixes: 930528e35e ("resolve: Add systemd-resolved domain name installer")
2019-12-17 11:01:38 -06:00
Marcel Holtmann
7e393663e7 Release 1.3 2019-12-13 10:12:41 +01:00
Marcel Holtmann
a44cb5deb8 build: Require at least version 0.27 when building with external ELL 2019-12-13 10:08:19 +01:00