3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-28 12:12:32 +01:00
Commit Graph

2216 Commits

Author SHA1 Message Date
James Prestwood
ebc3304264 plugins: added ofono plugin
Implements a sim auth driver that communicates with ofono to handle
GSM/UMTS authentication algorithms. This plugin takes care of
disovering ofono, the modem, IMSI, and SIM capabilities i.e. what
algorithms are supported.
2017-12-13 11:53:42 -06:00
James Prestwood
3eb0083170 plugins: updated sim_hardcoded with simauth changes 2017-12-11 23:37:04 -06:00
James Prestwood
36804b1b5c simauth: add register/unregister API's
Forcing a plugin to create and register simauth at once is sometimes
inconvenient. This patch separates the creation and registration
into two API's, and also adds several others to add the required simauth
data incrementally (identity, driver data, sim/aka support). This also
allows for the driver to unregister the auth provider without freeing
up the simauth object itself e.g. if the driver temporarily becomes
unavailable, but will come back sometime in the future.

The simauth watch API's were also renamed. Watchers will now get a
callback when the provider has been unregistered, so they have been
renamed to sim_auth_unregistered_watch_[add|remove].
2017-12-11 23:36:43 -06:00
Denis Kenzior
dd867a1e13 build: Add new dbus-client.[ch] files from ell 2017-12-06 15:05:06 -06:00
James Prestwood
074fb7df56 make: added hardcoded SIM plugin to build 2017-12-06 15:04:07 -06:00
James Prestwood
48800e2a7a plugins: hardcoded SIM plugin
Provides a driver for hardcoding EAP-SIM/AKA keys. The driver
expects the environment variable IWD_SIM_KEYS to point to a
valid config file with IMSI, Kc, SRES for SIM or IMSI, KI, OPC,
AMF for AKA. To use this driver '--plugin=sim_hardcoded' must
be supplied when IWD starts.
2017-12-06 15:03:53 -06:00
James Prestwood
1a975a1168 simauth: fixup, destroy watchlist was not being removed 2017-11-30 12:44:06 -06:00
Denis Kenzior
777c7c3dae simauth: Fix compiler warning
src/simauth.c:163:6: error: no previous declaration for ‘sim_auth_cancel_request’ [-Werror=missing-declarations]
 void sim_auth_cancel_request(struct iwd_sim_auth *auth, int id)
      ^~~~~~~~~~~~~~~~~~~~~~~
2017-11-30 08:56:10 -06:00
James Prestwood
a595587b65 main: start simauth module 2017-11-30 08:49:49 -06:00
James Prestwood
6c95faf88f make: added simauth source to build 2017-11-30 08:49:49 -06:00
James Prestwood
e030151f7d main: start up plugin module
iwd now supports plugin loading, whitelisting and blacklisting.  Both
the whitelist and the blacklist support multiple patterns separated by a
',' character.
2017-11-28 13:32:36 -06:00
James Prestwood
8c6099fb9e plugins: added plugin module to build 2017-11-28 13:30:44 -06:00
James Prestwood
09de4433ad plugins: module to load ell plugins 2017-11-28 13:30:06 -06:00
James Prestwood
517df48101 make: plugin system for build
Preperation for ell plugins. New plugins can be added to
builtin_sources/builtin_modules, which will be added
to src/builtin.h when it is generated.
2017-11-28 13:20:33 -06:00
Andrew Zaborowski
016dcd52d8 device: Fix an autoconnect corner case
Make sure device->autoconnect is set when entering the autoconnect state
after netdev UP event.  Otherwise the next time
device_set_autoconnect(device, false) is called it will exit early seeing
that device->autoconnect is false and not switch the device state.
2017-11-27 09:56:04 -06:00
James Prestwood
46c1e8fa60 simauth: new module to handle EAP-SIM/AKA auth
This is the core module that takes care of registering
authentication drivers. EAP-SIM/AKA will be able to acquire
a driver that supports the required algorithms. The driver
implementation (hardcoded/ofono etc.) is isolated into
separate plugin modules.
2017-11-22 11:59:13 -06:00
James Prestwood
1d119d58c1 watchlist: added macro for notifying with no args
The macros currently did not support notifying a watchlist with
no extra arguments.
2017-11-16 14:10:47 -06:00
James Prestwood
c0fe2b78c4 eap: new method API for getting EAP-Identity
EAP-SIM/AKA/AKA' retrieve the EAP-Identity off the SIM card
not from the settings file. This adds a new EAP method API
which can optionally be implemented to retrieve the identity.
If get_identity is implemented, the EAP layer will use it to
retrieve the identity rather than looking in the settings file.
2017-11-13 11:09:37 -06:00
Tim Kourt
ec0aab7829 auto-t: connect, auto-connect scenarios
Exercise connect, auto connect scenarios for the open,
psk, 8021x networks
2017-10-31 17:46:41 -05:00
Tim Kourt
f4f1450880 network: Start checking outcomes of setting loads 2017-10-31 17:46:28 -05:00
Tim Kourt
e7d1b779e7 storage: provide proper feedback on failures
network_settings_load expects NULL value to be returned
on failed attempts to read the settings files inside of
storage_network_open. At the same time storage_network_open
used to always return an initialized l_settings
structure despite the outcome of the read operations,
indicating a success.
2017-10-31 17:45:47 -05:00
Tim Kourt
f6ae59e48e tools: add DES cipher algorithm support 2017-10-31 16:53:00 -05:00
Tim Kourt
adc203184b netdev: fail early on unsuccessful eapol_start 2017-10-30 08:51:59 -05:00
Tim Kourt
3f4b5a98f5 eapol: provide feedback from eapol_start, refactor 2017-10-30 08:51:28 -05:00
Tim Kourt
569be488d0 doc: add NotConfigured exception to Connect() 2017-10-26 16:07:43 -05:00
Tim Kourt
774cfba1c4 auto-t: add NotConfigured dbus exception 2017-10-26 16:00:42 -05:00
Tim Kourt
3b6d7e94f8 dbus: Add NotConfigured dbus exception 2017-10-26 16:00:21 -05:00
Denis Kenzior
3012623c76 TODO: Add SA Query/SA Response tasks 2017-10-23 11:48:20 -05:00
Denis Kenzior
b801f5b47f TODO: Mark 'Group Traffic not Allowed' as done 2017-10-23 11:40:00 -05:00
Andrew Zaborowski
828b8b7708 autotests: Add the AP mode test 2017-10-23 11:17:14 -05:00
Andrew Zaborowski
4dba9e37dd netdev: Track the id of the SET_STATION netlink command
This way we make sure it gets cancelled any sort of connect abort of
netdev removal and don't leak the message on error.
2017-10-23 11:17:11 -05:00
Andrew Zaborowski
a03839f8ef netdev: Send SET STATION in pairwise key callback
When the 4-Way Handshake is done eapol.c calls netdev_set_tk, then
optionally netdev_set_gtk and netdev_set_igtk.  To support the no group
key option send the final SET STATION enabling the controlled port
inside the callback for the netdev_set_tk operation which always means
the end of a 4-Way Handshake rather than in the netdev_set_gtk callback.
The spec says exactly that the controlled port is enabled at the end of
the 4-Way Handshake.

The netlink operations will still be queued in the same order because
the netdev_set_tk/netdev_set_gtk/netdev_set_igtk calls happen in one
main loop iteration but even if the order changed it wouldn't matter.
On failure of any of the three operations netdev_setting_keys_failed
gets called and the remaining operations are cancelled.
2017-10-23 11:17:08 -05:00
Andrew Zaborowski
ffcda135d2 eapol: Check for "No Group Traffic" group cipher suite 2017-10-23 11:14:40 -05:00
Denis Kenzior
2c565019c7 eapol: Silence uninitialized var warnings 2017-10-20 07:41:56 -05:00
Denis Kenzior
e17d5abc70 TODO: Add EAP-OTP and EAP-GTC tasks 2017-10-19 20:43:26 -05:00
Denis Kenzior
a8a9eb4a1c TODO: Add EAP-LEAP task 2017-10-19 20:36:08 -05:00
Denis Kenzior
e74caf3c80 TODO: Add WiFi P2P tasks 2017-10-19 20:33:23 -05:00
Denis Kenzior
3a74286949 TODO: Mark RRM task as done 2017-10-19 20:25:16 -05:00
Denis Kenzior
d5e0882938 TODO: Mark Fast Transition over Air task as Done 2017-10-19 20:20:06 -05:00
Denis Kenzior
4df406b99c TODO: Mark Preauthentication task as done 2017-10-19 20:17:55 -05:00
Denis Kenzior
f49b5ed742 TODO: Mark SOCKET_OWNER task as done 2017-10-19 20:07:06 -05:00
Denis Kenzior
a1f4a9901d unit: Add EAPoL retransmission test 2017-10-19 16:47:35 -05:00
Denis Kenzior
7f8f45220e eapol: Do not install the same GTK/IGTK
Track the contents and size of the GTK and IGTK and if the Authenticator
(or an adversary) tries to set the same GTK/IGTK, process the packet
normally but do not resubmit the GTK/IGTK to the kernel.
2017-10-19 16:47:35 -05:00
Denis Kenzior
cd7af67aac eapol: Tighten up GTK/IGTK KDE validation
GTK KDE was being checked for being a minimum of 6 bytes.  Not quite
sure why since the minimum GTK key length is 16 bytes for CCMP.
Similarly make sure that the maximum length is not more than 32, which
is currently the largest key size (TKIP)
2017-10-19 16:47:35 -05:00
Denis Kenzior
c93a52c066 eapol: Handle retransmissions 2017-10-19 16:47:29 -05:00
Denis Kenzior
f07164b2ef eapol: Remove unneeded {} 2017-10-18 20:40:10 -05:00
Denis Kenzior
ac5d8c2b34 eapol: Reword comment 2017-10-18 20:39:31 -05:00
Denis Kenzior
bee04b179e eapol: Fail handshake if MIC calculation fails
This is a bizarre case since MIC calculation succeeded for the incoming
packet.  But just in case MIC calculation fails for the outgoing packet,
kill the handshake.
2017-10-18 20:38:54 -05:00
Denis Kenzior
c1a0e844b0 eapol: Tighten up replay counter handling 2017-10-18 20:31:49 -05:00
Denis Kenzior
5b6c18fadd watchlist: Fix memory leak 2017-10-18 19:29:24 -05:00