3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-03 17:49:24 +01:00
Commit Graph

4253 Commits

Author SHA1 Message Date
James Prestwood
294426b450 dpp: allow PKEX configurators to run without multicast RX support
Since IWD enrollees can send unicast frames, a PKEX configurator could
still run without multicast support. Using this combination basically
allows any driver to utilize DPP/PKEX assuming the MAC address can
be communicated using some out of band mechanism.
2024-08-27 21:25:15 -05:00
James Prestwood
4482b8dc24 dpp: add Address/Frequency as parameters to PKEX enrollees
The DPP spec allows for obtaining frequency and MAC addresses up
to the implementation. IWD already takes advantage of this by
first scanning for nearby APs and using only those frequencies.
For further optimization an enrollee may be able to determine the
configurators frequency and MAC ahead of time which would make
finding the configurator much faster.
2024-08-27 21:24:48 -05:00
James Prestwood
bf2441e311 dpp: factor out key derivation and starting PKEX into functions
This will make things a bit easier in future patches, and reduces
some of the length/complexity of these functions.
2024-08-27 21:24:33 -05:00
James Prestwood
95a9e052de scan: remove legacy "Ghz" band modifier settings 2024-08-27 21:23:46 -05:00
James Prestwood
5c7777ff0f manager: deprecate UseDefaultInterface 2024-08-27 21:22:54 -05:00
James Prestwood
d223f49fbc doc: deprecate UseDefaultInterface in docs 2024-08-27 21:22:49 -05:00
Denis Kenzior
5f74ed75e7 nl80211util: Add builder for CMD_EXTERNAL_AUTH
This is for sending status from the STA to the driver
2024-08-23 11:18:15 -05:00
Denis Kenzior
17fbab110c nl80211util: support attributes in CMD_EXTERNAL_AUTH 2024-08-23 11:18:10 -05:00
Denis Kenzior
e565b75032 defs: Add defs.h to hold certain global definitions
This will help to get rid of magic number use throughout the project.
The definitions should be limited to global magic numbers that are used
throughout the project, for example SSID length, MAC address length,
etc.
2024-08-23 11:17:20 -05:00
James Prestwood
db9c0480ef station: emit property changed for ConnectedAccessPoint
This was missed in a prior patch set. When station is connecting
or disconnecting ConnectedAccessPoint property change should be
emitted.
2024-08-23 11:09:59 -05:00
James Prestwood
1a3a035404 network: add back network_bss_list_clear
Rename network_bss_update_start back to network_bss_list_clear, since
this is what its now doing again.
2024-08-19 11:43:24 -05:00
James Prestwood
6d94599977 network: remove BasicServiceSet DBus registration code
This was moved into station.
2024-08-19 11:43:24 -05:00
James Prestwood
c639bf0b19 station: move BasicServiceSet DBus management into station
Due to an unnoticed bug after adding the BasicServiceSet object into
network, it became clear that since station already owns the scan_bss
objects it makes sense for it to manage the associated DBus objects
as well. This way network doesn't have to jump through hoops to
determine if the scan_bss object was remove, added, or updated. It
can just manage its list as it did prior.

From the station side this makes things very easy. When scan results
come in we either update or add a new DBus object. And any time a
scan_bss is freed we remove the DBus object.
2024-08-19 11:43:24 -05:00
James Prestwood
514e483bc3 network: add __network_path_append_bss
To reduce code duplication and prepare for moving the BSS interface
to station, add a new API so station can create a BSS path without
a network object directly.
2024-08-19 11:43:24 -05:00
Denis Kenzior
7604762013 eapol: Fix bogus warning
src/eapol.c:1041:9: error: ‘buf’ may be used uninitialized [-Werror=maybe-uninitialized]
 1041 |         l_put_be16(0, &frame->header.packet_len);
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This warning is bogus since the buffer is initialized through use of
eapol_frame members.  EAPoL-Start is a very simple frame.
2024-08-19 11:43:24 -05:00
James Prestwood
1455988efb sae: support default group for H2E
This was seemingly trivial at face value but doing so ended up
pointing out a bug with how group_retry is set when forcing
the default group. Since group_retry is initialized to -1 the
increment in the force_default_group block results in it being
set to zero, which is actually group 20, not 19. This did not
matter for hunt and peck, but H2E actually uses the retry value
to index its pre-generated points which then breaks SAE if
forcing the default group with H2E.

To handle H2E and force_default_group, the group selection
logic will always begin iterating the group array regardless of
SAE type.
2024-08-12 13:13:00 -05:00
James Prestwood
a73b877c5b station: add ConnectedAccessPoint property
This property is a path that corresponds to a BasicServiceSet
object, the one the station is currently connected to.
2024-08-12 12:10:44 -05:00
James Prestwood
68e1d055dd network: remove network_bss_list_clear 2024-08-12 12:10:40 -05:00
James Prestwood
aca92df19b network: add ExtendedServiceSet DBus property
This contains a list of all BasicServiceSet objects (paths) that
exist for a network.
2024-08-12 12:10:28 -05:00
James Prestwood
560ad581ad station: use network_bss_{start,stop}_update
This will tell network the BSS list is being updated and it can
act accordingly as far as the BSS DBus registrations/unregistration.

In addition any scan_bss object needing to be freed has to wait
until after network_bss_stop_update() because network has to be able
to iterate its old list and unregister any BSS's that were not seen
in the scan results. This is done by pushing each BSS needing to be
freed into a queue, then destroying them after the BSS's are all
added.
2024-08-12 12:10:10 -05:00
James Prestwood
fe2a91ae11 network: Add BasicServiceSet object
This adds a new DBus object/interface for tracking BSS's for
a given network. Since scanning replaces scan_bss objects some
new APIs were added to avoid tearing down the associated DBus
object for each BSS.

network_bss_start_update() should be called before any new BSS's
are added to the network object. This will keep track of the old
list and create a new network->bss_list where more entries can
be added. This is effectively replacing network_bss_list_clear,
except it keeps the old list around until...

network_bss_stop_update() is called when all BSS's have been
added to the network object. This will then iterate the old list
and lookup if any BSS DBus objects need to be destroyed. Once
completed the old list is destroyed.
2024-08-12 12:01:57 -05:00
James Prestwood
cd1507620f dbus: Add net.connman.iwd.BasicServiceSet interface 2024-08-12 12:01:34 -05:00
Denis Kenzior
7ee7848a96 netdev: Simplify FILS handling in netdev_connect_common 2024-08-05 09:07:02 -05:00
Denis Kenzior
be7b19d587 fils: Ensure capability checks are consistent
iwd supports FILS only on softmac drivers.  Ensure the capability check
is consistent between wiphy and netdev, both the softmac and the
relevant EXT_FEATURE bit must be checked.

CMD_EXTERNAL_AUTH could potentially be used for FILS for FullMAC cards,
but no hardware supporting this has been identified yet.
2024-08-05 09:06:54 -05:00
Denis Kenzior
16f5bbc20a netdev: Create owe_sm for fullmac connections
Somehow this ability was lost in the refactoring.  OWE was intended to
be used on fullmac cards, but the state machine is only actually created
if the connection type ends up being softmac.

Fixes: 8b6ad5d3b9 ("owe: netdev: refactor to remove OWE as an auth-proto")
2024-08-05 09:06:43 -05:00
Denis Kenzior
8a27cff8c0 ie: Add IE_AKM_IS_OWE
Similarly to IE_AKM_IS_SAE, IE_AKM_IS_FILS, etc
2024-08-05 09:06:39 -05:00
Denis Kenzior
d43f05224d wiphy: Fix use of wiphy_has_feature
Features with the _EXT_ in the name must be queried using the
wiphy_has_ext_feature method.

Fixes: bc7b12d1a4 ("wiphy: handle FILS AKMs")
2024-08-05 09:06:31 -05:00
James Prestwood
d500a44ff3 station: improve zero oper class neighbor report workaround
The workaround for Cisco APs reporting an operating class of zero
is still a bug that remains in Cisco equipment. This is made even
worse with the introduction of 6GHz where the channel numbers
overlap with both 2.4 and 5GHz bands. This makes it impossible to
definitively choose a frequency given only a channel number.

To improve this workaround and cover the 6GHz band we can calculate
a frequency for each band and see what is successful. Then append
each frequency we get to the list. This will result in more
frequencies scanned, but this tradeoff is better than potentially
avoiding a roam to 6GHz or high order 5ghz channel numbers.
2024-08-05 09:05:49 -05:00
Denis Kenzior
e33fa63243 netdev: Update to the new l_netlink_send API 2024-07-26 17:37:29 -05:00
James Prestwood
eff2a2afcf dpp: explicitly disconnect station if enrollee is started
Prior to now the DPP state was required to be disconnected before
DPP would start. This is inconvenient for the user since it requires
extra state checking and/or DBus method calls. Instead model this
case like WSC and issue a disconnect to station if DPP is requested
to start.

The other conditions on stopping DPP are also preserved and no
changes to the configurator role have been made, i.e. being
disconnected while configuring still stops DPP. Similarly any
connection made during enrolling will stop DPP.

It should also be noted that station's autoconfigure setting is also
preserved and set back to its original value upon DPP completing.
2024-07-24 15:25:31 -05:00
James Prestwood
5cdad6ab86 station: add station_get_autoconnect
Gets the current autoconenct setting. This is not the current
autoconnect state. Will be used in DPP to reset station's autoconnect
setting back to what it was prior to DPP, in case of failure.
2024-07-24 15:25:28 -05:00
James Prestwood
30ca00d2c4 dpp: factor out PKEX/DPP start prep into function
In order to slightly rework the DPP state machine to handle
automatically disconnecting (for enrollees) functions need to be
created that isolate everything needed to start DPP/PKEX in case
a disconnect needs to be done first.
2024-07-24 15:25:25 -05:00
James Prestwood
64d68b4f08 scan: fix invalid read when canceling an ongoing scan
When the survey code was added it neglected to add the same
cancelation logic that existed for the GET_SCAN call, i.e. if
a scan was canceled and there was a pending GET_SURVEY to the
kernel that needs to be canceled, and the request cleaned up.

Fixes: 35808debae ("scan: use GET_SURVEY for SNR calculation in ranking")
2024-07-24 09:12:42 -05:00
James Prestwood
d2cda84383 station: add handshake-started debug event 2024-07-18 16:08:32 -05:00
James Prestwood
af1b017003 eapol: move HANDSHAKE_STARTED_EVENT to eapol_start()
This event is not used anywhere and can be leveraged in autotesting.
Move the event to eapol_start() so it gets called unconditionally
when the 4-way handshake is started.
2024-07-18 16:08:17 -05:00
James Prestwood
556f90ec28 netdev: handle disconnect event during a connection
If a disconnect arrives at any point during the 4-way handshake or
key setting this would result in netdev sending a disconnect event
to station. If this is a reassociation this case is unhandled in
station and causes a hang as it expects any connection failure to
be handled via the reassociation callback, not a random disconnect
event.

To handle this case we can utilize netdev_disconnected() along with
the new NETDEV_RESULT_DISCONNECTED result to ensure the connect
callback gets called if it exists (indicating a pending connection)

Below are logs showing the "Unexpected disconnect event" which
prevents IWD from cleaning up its state and ultimately results in a
hang:

Jul 16 18:16:13: src/station.c:station_transition_reassociate()
Jul 16 18:16:13: event: state, old: connected, new: roaming
Jul 16 18:16:13: src/wiphy.c:wiphy_radio_work_done() Work item 65 done
Jul 16 18:16:13: src/wiphy.c:wiphy_radio_work_next() Starting work item 66
Jul 16 18:16:13: src/netdev.c:netdev_mlme_notify() MLME notification Del Station(20)
Jul 16 18:16:13: src/netdev.c:netdev_link_notify() event 16 on ifindex 6
Jul 16 18:16:13: src/netdev.c:netdev_mlme_notify() MLME notification Deauthenticate(39)
Jul 16 18:16:13: src/netdev.c:netdev_deauthenticate_event()
Jul 16 18:16:13: src/netdev.c:netdev_mlme_notify() MLME notification New Station(19)
Jul 16 18:16:13: src/station.c:station_netdev_event() Associating
Jul 16 18:16:13: src/netdev.c:netdev_mlme_notify() MLME notification Authenticate(37)
Jul 16 18:16:13: src/netdev.c:netdev_authenticate_event()
Jul 16 18:16:13: src/netdev.c:netdev_mlme_notify() MLME notification Associate(38)
Jul 16 18:16:13: src/netdev.c:netdev_associate_event()
Jul 16 18:16:13: src/netdev.c:netdev_link_notify() event 16 on ifindex 6
Jul 16 18:16:13: src/netdev.c:netdev_mlme_notify() MLME notification Connect(46)
Jul 16 18:16:13: src/netdev.c:netdev_connect_event()
Jul 16 18:16:13: src/netdev.c:netdev_connect_event() aborting and ignore_connect_event not set, proceed
Jul 16 18:16:13: src/netdev.c:netdev_connect_event() expect_connect_failure not set, proceed
Jul 16 18:16:13: src/netdev.c:parse_request_ies()
Jul 16 18:16:13: src/netdev.c:netdev_connect_event() Request / Response IEs parsed
Jul 16 18:16:13: src/netdev.c:netdev_get_oci()
Jul 16 18:16:13: src/netdev.c:netdev_link_notify() event 16 on ifindex 6
Jul 16 18:16:13: src/netdev.c:netdev_link_notify() event 16 on ifindex 6
Jul 16 18:16:13: src/netdev.c:netdev_link_notify() event 16 on ifindex 6
Jul 16 18:16:13: src/netdev.c:netdev_get_oci_cb() Obtained OCI: freq: 5220, width: 3, center1: 5210, center2: 0
Jul 16 18:16:13: src/eapol.c:eapol_start()
Jul 16 18:16:13: src/netdev.c:netdev_unicast_notify() Unicast notification Control Port Frame(129)
Jul 16 18:16:13: src/netdev.c:netdev_control_port_frame_event()
Jul 16 18:16:13: src/eapol.c:eapol_handle_ptk_1_of_4() ifindex=6
Jul 16 18:16:13: src/netdev.c:netdev_mlme_notify() MLME notification Control Port TX Status(139)
Jul 16 18:16:14: src/netdev.c:netdev_mlme_notify() MLME notification Notify CQM(64)
Jul 16 18:16:14: src/netdev.c:netdev_cqm_event() Signal change event (above=1 signal=-60)
Jul 16 18:16:17: src/netdev.c:netdev_link_notify() event 16 on ifindex 6
Jul 16 18:16:17: src/netdev.c:netdev_mlme_notify() MLME notification Del Station(20)
Jul 16 18:16:17: src/netdev.c:netdev_mlme_notify() MLME notification Deauthenticate(39)
Jul 16 18:16:17: src/netdev.c:netdev_deauthenticate_event()
Jul 16 18:16:17: src/netdev.c:netdev_mlme_notify() MLME notification Disconnect(48)
Jul 16 18:16:17: src/netdev.c:netdev_disconnect_event()
Jul 16 18:16:17: Received Deauthentication event, reason: 15, from_ap: true
Jul 16 18:16:17: src/wiphy.c:wiphy_radio_work_done() Work item 66 done
Jul 16 18:16:17: src/station.c:station_disconnect_event() 6
Jul 16 18:16:17: Unexpected disconnect event
Jul 16 18:16:17: src/netdev.c:netdev_link_notify() event 16 on ifindex 6
Jul 16 18:16:17: src/wiphy.c:wiphy_reg_notify() Notification of command Reg Change(36)
Jul 16 18:16:17: src/wiphy.c:wiphy_update_reg_domain() New reg domain country code for (global) is XX
2024-07-18 16:07:41 -05:00
James Prestwood
22f238706c station: update logic for handshake failure
After adding the NETDEV_RESULT_DISCONNECTED enum, handshake failures
initiated by the AP come in via this result so the existing logic
to call network_connect_failed() was broken. We could still get a
handshake failure generated internally, so that has been preserved
(via NETDEV_RESULT_HANDSHAKE_FAILED) but a check for a 4-way
handshake timeout reason code was also added.
2024-07-18 16:06:41 -05:00
James Prestwood
906afefbf3 station: handle NETDEV_RESULT_DISCONNECTED
This new event is sent during a connection if netdev recieves a
disconnect event. This patch cleans up station to handle this
case and leave the existing NETDEV_EVENT_DISCONNECTED_BY_{AP,SME}
handling only for CONNECTED, NETCONFIG, and FW_ROAMING states.
2024-07-18 16:05:37 -05:00
James Prestwood
38c36ff145 netdev: add NETDEV_RESULT_DISCONNECTED
This new result is meant to handle cases where a disconnect
event (deauth/disassoc) was received during an ongoing connection.
Whether that's during authentication, association, the 4-way
handshake, or key setting.
2024-07-18 16:05:14 -05:00
James Prestwood
9ea0117dc4 station: print unknown channel number in neighbor report
If the channel number resulted in a failure to parse the neighbor
report entry, print it for debugging.
2024-07-18 16:05:01 -05:00
Kasper Kantz
4f81953338 p2putil: remove static from const strlen
src/p2putil.c: In function 'p2p_get_random_string':
 src/p2putil.c:2641:37: error: initializer element is not constant     2641 |
        static const int set_size = strlen(CHARSET);         |
                     ^~~~~~
2024-07-12 16:24:00 -05:00
Steve Schrock
ffc6d6325d main: update usage with logger option 2024-07-12 11:58:51 -05:00
Steve Schrock
6d46698494 main: set the identity in the logger
This causes "iwd" to be output in each message sent to syslog to help
quickly identify iwd messages.
2024-07-11 17:13:43 -05:00
James Prestwood
71dc347582 station: add debug event prior to sending an FT-auth frame 2024-06-26 09:38:06 -05:00
James Prestwood
d92e4c5663 station: add auth/assoc debug events
These will be useful to trigger behavior around authentication and
association.
2024-06-26 09:38:06 -05:00
James Prestwood
300f0ddac5 netdev: reuse NETDEV_EVENT_{AUTHENTICATING,ASSOCIATING}
The authenticating event was not used anymore and the associating
event use was questionable (after the CMD_CONNECT callback).

No other modules actually utilize these events but they are useful
for autotests. Move these events around to map 1:1 when the kernel
sends the auth/assoc events.
2024-06-26 09:38:06 -05:00
James Prestwood
77cf621f15 nl80211util: use nl80211_parse_attrs/nested for get_key_seq
This really reduces the number of checks needed and overall function
length by using the helper APIs.
2024-06-26 09:38:06 -05:00
James Prestwood
5c824cc24e netdev: use nl80211_parse_attrs for deauth event
Especially for parsing a single attribute, nl80211_parse_attrs
makes the most sense to use here.
2024-06-26 09:38:06 -05:00
James Prestwood
3fd5250c0d station: refactor the printing of scan results, print SNR/load
There are a few values which are nice to see in debug logs. Namely
the BSS load and SNR. Both of these values may not be available
either due to the AP or local hardware limiations. Rather than print
dummy values for these refactor the print so append the values only
if they are set in the scan result.
2024-06-20 10:51:00 -05:00
James Prestwood
8de70b1952 scan: add flag if BSS load was advertised
For ranking purposes the utilization was defaulted to a valid (127)
which would not change the rank if that IE was not found in the
scan results. Historically this was printed (debug) as part of the
scan results but that was removed as it was somewhat confusing. i.e.
did the AP _really_ have a utilization of 127? or was the IE not
found?

Since it is useful to see the BSS load if that is advertised add a
flag to the scan_bss struct to indicate if the IE was present which
can be checked.
2024-06-20 10:51:00 -05:00
James Prestwood
35808debae scan: use GET_SURVEY for SNR calculation in ranking
This issues a GET_SURVEY dump after scan results are available and
populates the survey information within the scan results. Currently
the only value obtained is the noise for a given frequency but the
survey results structure was created if in the future more values
need to be added.

From the noise, the SNR can be calculated. This is then used in the
ranking calculation to help lower BSS ranks that are on high noise
channels.
2024-06-20 10:51:00 -05:00
James Prestwood
43d5e89fac scan: fixed flush flag parsing
Parsing the flush flag for external scans was not done correctly
as it was not parsing the ATTR_SCAN_FLAGS but instead the flag
bitmap. Fix this by parsing the flags attribute, then checking if
the bit is set.
2024-06-20 10:51:00 -05:00
James Prestwood
88a71eca72 nl80211util: add ATTR_SCAN_FLAGS 2024-06-20 10:51:00 -05:00
James Prestwood
b4983fdcae nl80211util: add nl80211_parse_nested
Add a nested attribute parser. For the first supported attribute
add NL80211_ATTR_SURVEY_INFO.

This allows parsing of nested attributes in the same convenient
way as nl80211_parse_attrs but allows for support of any level of
nested attributes provided that a handler is added for each.
2024-06-20 10:51:00 -05:00
James Prestwood
16a05316b2 nl80211util: refactor nl80211_parse_attrs for nested variant
To prep for adding a _nested() variant of this function refactor
this to act on an l_genl_attr object rather than the message itself.
In addition a handler specific to the attribute being parsed is
now passed in, with the current "handler_for_type" being renamed to
"handler_for_nl80211" that corresponds to root level attributes.
2024-06-20 10:51:00 -05:00
James Prestwood
1dda441b85 nl80211util: add ATTR_SURVEY_INFO to parse_attrs 2024-06-20 10:51:00 -05:00
James Prestwood
5cf826c73a netdev: downgrade L_WARN_ON for ensure_eapol_registered
This warning is guaranteed to happen for SAE networks where there are
multiple netdev_authenticate_events. This should just be a check so
we don't register eapol twice, not a warning.
2024-06-20 10:51:00 -05:00
Laura Peeters
03645acf4f eap-tls: Allow tls_msg_len to be zero
EAP-TTLS Start packets are empty by default, but can still be sent with
the L flag set. When attempting to reassemble a message we should not
fail if the length of the message is 0, and just treat it as any other
unfragmented message with the L flag set.
2024-05-31 16:23:15 -05:00
Denis Kenzior
b3e7b7539e watchlist: Remove unused APIs
watchlist_new and watchlist_free were never used.  Get rid of them.
2024-05-29 17:52:23 -05:00
James Prestwood
70d1d71612 band: support band lookup fallback for buggy APs
Its been seen that some vendors incorrectly set the 3rd byte of the
country code which causes the band lookup to fail with the provided
operating class. This isn't compliant with the spec, but its been
seen out in the wild and it causes IWD to behave poorly, specifically
with roaming since it cannot parse neighbor reports. This then
requires IWD to do a full scan on each roam.

Instead of a hard rejection, IWD can instead attempt to determine
the band by ignoring that 3rd byte and only use the alpha2 string.
This makes IWD slightly less strict but at the advantage of not being
crippled when exposed to poor AP configurations.
2024-05-14 10:27:36 -05:00
James Prestwood
8a1f8d1a9a ie: remove is_ie_default_sae_group_oui
This is no longer used and instead a generic option was added
rather than referencing a static OUI list.
2024-05-14 10:26:11 -05:00
James Prestwood
b05c1cafcd scan: remove force_default_sae_group from scan_bss
This was added to support a single buggy AP model that failed to
negotiate the SAE group correctly. This may still be a problem but
since then the [Network].UseDefaultEccGroup option has been added
which accomplishes the same thing.

Remove the special handling for this specific OUI and rely on the
user setting the new option if they have problems.
2024-05-14 10:25:46 -05:00
John Brandt
5fb3ac5937 eapol: include IGTK in 4-way handshake as AP
When SAE with MFP is being used, include the IGTK in message 3 of the
4-way handshake.
2024-05-07 11:19:51 -05:00
John Brandt
9274f70fec handshake: add functions to save and set IGTK
To add MFP support in the AP mode, add utility functions to save the
IGTK and to add the IGTK to handshake messages.
2024-05-07 11:15:25 -05:00
John Brandt
78bdb26296 eapol: encrypt key data for AKM-defined ciphers
Support encrypting key data when the cipher is AKM-defined. This is
needed to support SAE in AP mode.
2024-05-07 11:03:45 -05:00
John Brandt
3132e9f595 eapol: support PTK derivation with SHA256
Support PTK derivation in case the negotiated AKM requires SHA256. This
is needed to support SAE in AP mode.
2024-05-07 10:52:20 -05:00
John Brandt
b9e4dfbd40 sae: support reception of Confirm frame by AP
Experimental AP-mode support for receiving a Confirm frame when in the
COMMITTED state. The AP will reply with a Confirm frame.

Note that when acting as an AP, on reception of a Commit frame, the AP
only replies with a Commit frame. The protocols allows to also already
send the Confirm frame, but older clients may not support simultaneously
receiving a Commit and Confirm frame.
2024-05-07 10:50:39 -05:00
John Brandt
2e80a09184 sae: refactor and add function sae_calculate_keys
Refactor code by moving code to the new function sae_calculate_keys.
This will make it easier in the next commits to add SAE support for AP
mode.
2024-05-07 10:50:39 -05:00
Marcel Holtmann
be3f6a2ca0 udev: Add module for checking interface renaming actions 2024-04-16 14:57:57 +02:00
James Prestwood
e5816b024f band: return -ENETUNREACH for HE rate estimation
This was overlooked in a prior patch and causes warnings to be
printed when the RSSI is too low to estimate an HE data rate or
due to incompatible local capabilities (e.g. MCS support).

Similar to the other estimations, return -ENETUNREACH if the IE
was valid but incompatible.
2024-04-15 16:51:54 -05:00
James Prestwood
9cdc726dc1 wiphy: handle -ENETUNREACH for rate estimation
If the RSSI is too low or the local capabilities were not
compatible to estimate the rate don't warn but instead treat
this the same as -ENOTSUP and drop down to the next capability
set.
2024-04-15 16:51:54 -05:00
James Prestwood
e196cb1178 wiphy: include MAC of BSS with invalid HE capabilities
The prior print was not very descriptive, and now will log the
MAC of the offending BSS.
2024-04-15 16:51:54 -05:00
Ed Smith
da13aab419 Register EAPOL frame listeners earlier
If we register the main EAPOL frame listener as late as the associate
event, it may not observe ptk_1_of_4. This defeats handling for early
messages in eapol_rx_packet, which only sees messages once it has been
registered.

If we move registration to the authenticate event, then the EAPOL
frame listeners should observe all messages, without any possible
races. Note that the messages are not actually processed until
eapol_start() is called, and we haven't moved that call site. All
that's changing here is how early EAPOL messages can be observed.
2024-03-28 17:41:07 -05:00
James Prestwood
ccd702f7da netdev: use CMD_DEAUTHENTICATE when needed on disconnect
netdev_disconnect() was unconditionally sending CMD_DISCONNECT which
is not the right behavior when IWD has not associated. This means
that if a connection was started then immediately canceled with
the Disconnect() method the kernel would continue to authenticate.

Instead if IWD has not yet associated it should send a deauth
command which causes the kernel to correctly cleanup its state and
stop trying to authenticate.

Below are logs showing the behavior. Autoconnect is started followed
immediately by a DBus Disconnect call, yet the kernel continues
sending authenticate events.

event: state, old: autoconnect_quick, new: connecting (auto)
src/scan.c:scan_cancel() Trying to cancel scan id 1 for wdev 7d
src/wiphy.c:wiphy_radio_work_done() Work item 1 done
src/wiphy.c:wiphy_radio_work_next() Starting work item 2
src/netdev.c:netdev_mlme_notify() MLME notification New Station(19)
src/station.c:station_dbus_disconnect()
src/station.c:station_reset_connection_state() 85
src/station.c:station_roam_state_clear() 85
event: state, old: connecting (auto), new: disconnecting
src/wiphy.c:wiphy_radio_work_done() Work item 2 done
src/station.c:station_connect_cb() 85, result: 5
src/station.c:station_disconnect_cb() 85, success: 1
event: state, old: disconnecting, new: disconnected
src/netdev.c:netdev_mlme_notify() MLME notification Authenticate(37)
src/netdev.c:netdev_authenticate_event()
Unexpected connection related event -- is another supplicant running?
src/netdev.c:netdev_mlme_notify() MLME notification Authenticate(37)
src/netdev.c:netdev_authenticate_event()
Unexpected connection related event -- is another supplicant running?
src/netdev.c:netdev_mlme_notify() MLME notification Authenticate(37)
src/netdev.c:netdev_authenticate_event()
Unexpected connection related event -- is another supplicant running?
src/netdev.c:netdev_mlme_notify() MLME notification Del Station(20)
src/netdev.c:netdev_mlme_notify() MLME notification Authenticate(37)
src/netdev.c:netdev_authenticate_event()
Unexpected connection related event -- is another supplicant running?
2024-03-28 17:16:37 -05:00
James Prestwood
6365c1f6de wiphy: add better handling for rate estimation errors
In most cases any failure here is likely just due to the AP not
supporting the feature, whether its HE/VHT/HE. This should result
in the estimation returning -ENOTSUP in which case we move down
the list. Any other non-zero return we will now warn to make it
clear the IEs did exist, but were not properly formatted.

All length check failures were changed to continue instead of
fail. This will now treat invalid lengths as if the IE did not
exist.

In addition HE specifically has an extra validation function which,
if failed, was bailing out of the estimation function entirely.
Instead this is now treated as if there was no HE capabilities and
the logic can move down to VHT, HT, or basic rates.
2024-03-28 10:21:08 -05:00
James Prestwood
2f2b5740da band: make HE/no-HT rate estimators return more descriptive
If the IEs were not provided return -ENOTSUP rather than -EINVAL
or -EBADMSG since this just means the AP doesn't support those
capabilities.
2024-03-28 10:20:53 -05:00
James Prestwood
eb3345b51b eap-mschapv2: Check Password-Hash exists when loading settings
Caught by static analysis, the Password-Hash was never validated so
it could end up memcpying from a NULL pointer.
2024-03-11 22:08:02 -05:00
James Prestwood
795f57e816 p2p: check connected peer before processing request
Caught by static analysis, the dev->conn_peer pointer was being
dereferenced very early on without a NULL check, but further it
was being NULL checked. If there is a possibility of it being NULL
the check should be done much earlier.
2024-03-11 22:07:37 -05:00
James Prestwood
71a7190ed2 eap-mschapv2: remove unneeded initialization 2024-03-04 13:48:08 -06:00
James Prestwood
405b897687 dpp: check wrapped data exists in authenticate response 2024-03-04 13:48:08 -06:00
James Prestwood
62e2a3535d files: remove unneeded initialization 2024-03-04 13:48:08 -06:00
James Prestwood
d9aaf6c842 ie: remove unneeded initialization 2024-03-04 13:48:08 -06:00
James Prestwood
c2ad0006eb ap: bail in ap_del_station if AP is going down
Caught by static analysis, if this condition is met the AP is going
down so we cannot continue further accessing the ap object.
2024-02-29 14:37:49 -06:00
James Prestwood
5fcfb430b2 ap: verify ATTR_MAC exists in NEW_STATION
Caught by static analysis, if ATTR_MAC was not in the message there
would be a memcpy with uninitialized bytes. In addition there is no
reason to memcpy twice. Instead 'mac' can be a const pointer which
both verifies it exists and removes the need for a second memcpy.
2024-02-29 14:37:42 -06:00
James Prestwood
3a17c8e3c5 nl80211util: check l_genl_attr_recurse return in extract_nested
Caught by static analysis, the recurse operation return was not being
checked.
2024-02-29 14:37:29 -06:00
James Prestwood
6febe5bed1 ap: allow va_end to get called in ap_handshake_event
Caught by static analysis, va_end was never being called since the
REKEY_COMPLETE event was returning early.
2024-02-29 14:37:19 -06:00
James Prestwood
338577bb3a ap: check that the last band_freq_attrs was set
Static analysis complains that 'last' could be NULL which is true.
This really could only happen if every frequency was disabled which
likely is impossible but in any case, check before dereferencing
the pointer.
2024-02-29 14:37:01 -06:00
James Prestwood
83c032a583 p2putil: check length of client info description
A length check was missing which could cause a out of bounds read.

Co-authored-by: Alex Radocea <alex@supernetworks.org>
2024-02-29 14:36:16 -06:00
James Prestwood
d34b4e16e0 p2putil: initialize all parsing structures to zero
Since these are all stack variables they are not zero initialized.
If parsing fails there may be invalid pointers within the structures
which can get dereferenced by p2p_clear_*
2024-02-29 14:33:23 -06:00
James Prestwood
52a47c9fd4 p2putil: fix crash/remove side effect parsing adv service info
The input queue pointer was being initialized unconditionally so if
parsing fails the out pointer is still set after the queue is
destroyed. This causes a crash during cleanup.

Instead use a temporary pointer while parsing and only after parsing
has finished do we set the out pointer.

Reported-By: Alex Radocea <alex@supernetworks.org>
2024-02-29 14:32:53 -06:00
Denis Kenzior
aef394895d netconfig: Fix copy-paste error
netconfig_domains_update() was setting dns_list instead of the domains
member.
2024-02-28 11:51:33 -06:00
Denis Kenzior
52c6a6b8ea eap-wsc: Zero authenticator bytes to fix static analysis warning
static analysis complains that authenticator is used uninitialized.
This isn't strictly true as memory region is reserved for the
authenticator using the contents of the passed in structure.  This
region is then overwritten once the authenticator is actually computed
by authenticator_put().  Silence this warning by explicitly setting
authenticator bytes to 0.

Reviewed-by: Paul Menzel <pmenzel@molgen.mpg.de>
2024-02-28 09:13:30 -06:00
James Prestwood
42273fd122 station: warn on missing scan_bss in station_transition_start
This shouldn't be possible in theory since the roam_bss_list being
iterated is a subset of entire scan_bss list station/network has
but to be safe, and catch any issues due to future changes warn on
this condition.
2024-02-27 16:04:11 -06:00
James Prestwood
14aa333a39 crypto: fix uninitialized variable coverity warning
Same as for aes_siv_decrypt, check num_ads before calling memcpy.
2024-02-27 16:04:11 -06:00
James Prestwood
ee52968043 crypto: fix uninitialized variable coverity warning
For some encrypt operations DPP passes no AD iovecs (both are
NULL/0). But since the iovec itself is on the stack 'ad' is a
valid pointer from within aes_siv_encrypt. This causes memcpy
to be called which coverity complains about. Since the copy
length is zero it was effectively a no-op, but check num_ad to
prevent the call.
2024-02-27 14:33:33 -06:00
James Prestwood
fba4ee90d0 netdev: add NETDEV_EVENT_ECC_GROUP_RETRY, handle in station
In order to complete the learned default group behavior station needs
to be aware of when an SAE/OWE connection retried. This is all
handled within netdev/sae so add a new netdev event so station can
set the appropriate network flags to prevent trying the non-default
group again.
2024-02-27 13:55:37 -06:00
James Prestwood
a559bd7c40 sae: remove sae_sm_set_force_group_19, use handshake
Use the flag set into the handshake to force the default ECC group
2024-02-27 13:55:37 -06:00
James Prestwood
988f68e916 network: set use default ECC group in handshake setup
If either the settings specify it, or the scan_bss is flagged, set
the use_default_ecc_group flag in the handshake.

This also renames the flag to cover both OWE and SAE
2024-02-27 13:55:37 -06:00
James Prestwood
b38f71f221 network: retain default ECC group for OWE after setting
There is special handling for buggy OWE APs which set a network flag
to use the default OWE group. Utilize the more persistent setting
within known-networks as well as the network object (in case there
is no profile).

This also renames the get/set APIs to be generic to ECC groups rather
than only OWE.
2024-02-27 13:55:37 -06:00
James Prestwood
3f04bc427d knownnetworks: add option to force a default ECC group
This adds the option [Settings].UseDefaultEccGroup which allows a
network profile to specify the behavior when using an ECC-based
protocol. If unset (default) IWD will learn the behavior of the
network for the lifetime of its process.

Many APs do not support group 20 which IWD tries first by default.
This leads to an initial failure followed by a retry using group 19.
This option will allow the user to configure IWD to use group 19
first or learn the network capabilities, if the authentication fails
with group 20 IWD will always use group 19 for the process lifetime.
2024-02-27 13:55:37 -06:00