3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-29 13:12:50 +01:00
Commit Graph

6959 Commits

Author SHA1 Message Date
Denis Kenzior
d643964fed netdev: Add support for setting GCMP keys 2022-10-24 11:05:24 -05:00
Denis Kenzior
7ab97db9a9 netdev: Build RSN attributes in a common function
Both CMD_ASSOCIATE and CMD_CONNECT paths were using very similar code to
build RSN specific attributes.  Use a common function to build these
attributes to cut down on duplicated code.

While here, also start using ie_rsn_cipher_suite_to_cipher instead of
assuming that the pairwise / group ciphers can only be CCMP or TKIP.
2022-10-24 11:05:24 -05:00
Denis Kenzior
59ace1b691 ie: Skip unknown pairwise ciphers 2022-10-24 11:05:24 -05:00
Denis Kenzior
ec3085e932 crypto: Add new cipher definitions 2022-10-24 11:05:24 -05:00
Denis Kenzior
f1a713a0fa ie: Simplify implementation
Instead of copy-pasting the same basic operation (memcpy & assignment),
use a goto and a common path instead.  This should also make it easier
for the compiler to optimize this function.
2022-10-24 11:05:24 -05:00
Denis Kenzior
94ecdc799a ie: Rename _BIP to _BIP_CMAC 2022-10-24 11:05:24 -05:00
Denis Kenzior
201b85e8da crypto: Rename BIP to BIP_CMAC
To match the spec more closely.  Several additional BIP algorithms are
being introduced, including BIP_GMAC_128|256 and BIP_CMAC_256.
2022-10-24 11:05:24 -05:00
Denis Kenzior
b85b92b3ee eapol: More strictly validate key_descriptor_version 2022-10-24 11:05:24 -05:00
Denis Kenzior
7f2aa40bba ap: Fix spurious warning message
The warning message would be printed even if no setting was present

Fixes: ac976c6f71 ("ap: Remove support for deprecated APRanges setting")
2022-10-24 11:05:24 -05:00
James Prestwood
72d35fc491 monitor: use int64_t type for NLMSG_NEXT length
Commit c7640f8346 was meant to fix a sign compare warning
in clang because NLMSG_NEXT internally compares the length
with nlmsghdr->nlmsg_len which is a u32. The problem is the
NLMSG_NEXT can underflow an unsigned value, hence why it
expects an int type to be passed in.

To work around this we can instead pass a larger sized
int64_t which the compiler allows since it can upgrade the
unsigned nlmsghdr->nlmsg_len. There is no underflow risk
with an int64_t either because the buffer used is much
smaller than what can fit in an int64_t.

Fixes: c7640f8346 ("monitor: fix integer comparison error (clang)")
2022-10-14 09:49:13 -05:00
James Prestwood
dc6575130e client: fix missing character for line breaks without spaces
In nearly all cases the auto-line breaks can be on spaces in the
string. The only exception (so far) is DPP which displays a very
long URI without any spaces. When this is displayed a single
character was lost on each break. This was due to the current line
being NULL terminated prior to the next line string being returned.

To handle both cases the next line is copied prior to terminating
the current line. The offsets were modified slightly so the line
will be broken *after* the space, not on the space. This leaves
the space at the end of the current line which is invisible to the
user but allows the no-space case to also work without loss of
the last character (since that last character is where the space
normally would be).
2022-10-12 13:55:57 -05:00
James Prestwood
9d042ca321 client: fix not accounting for color escapes after line break
Each color escape is tracked and the new_width is adjusted
accordingly. But if the color escape comes after a space which breaks
the line, the adjusted width ends up being too long since that escape
sequence isn't appearing on the current line. This causes the next
column to be shifted over.
2022-10-12 13:55:47 -05:00
James Prestwood
ea82616b6b client: add extra parameter for new width when printing rows
The old 'max' parameter was being used both as an input and output
parameter which was confusing. Instead have next_line take the
column width as input, and output a new width which includes any
color escapes and wide characters.
2022-10-12 13:52:40 -05:00
James Prestwood
5010ca2c99 client: validate utf-8 before displaying row
In theory any input to this function should have valid utf-8 but
just in case the strings should be validated. This removes the
need to check the return of l_utf8_get_codepoint which is useful
since there is no graceful failure path at this point.
2022-10-12 13:52:10 -05:00
Denis Kenzior
216b232946 AUTHORS: Mention Pinghao's contributions 2022-10-12 11:37:48 -05:00
Pinghao Wu
d82869c346 client: handle wide chars for table rows
Find out printing width of wide chars via wcwidth().
2022-10-12 11:26:01 -05:00
James Prestwood
ba6a48018c station: constrain known frequencies before roam scan
The known frequency list may include frequencies that once were
allowed but are now disabled due to regulatory restrictions. Don't
include these frequencies in the roam scan.
2022-10-11 14:31:20 -05:00
James Prestwood
887073b5d9 station: skip disabled frequencies in neighbor report
Use the disabled frequency list to check if the neighbor report is
including a frequency which IWD cannot use.
2022-10-11 14:30:43 -05:00
Peter Shkenev
6b81b6e46a station: remove excess if clause
No functional changes are intended.
2022-10-10 13:41:29 -05:00
James Prestwood
f9b7e32c2d client: better support utf-8 for table rows
The utf-8 bytes were being counted as normal ascii so the
width maximum was not being increased to include
non-printable bytes like it is for color escape sequences.
This lead to the row not printing enough characters which
effected the text further down the line.

Fix this by increasing 'max' when non-codepoint utf-8
characters are found.
2022-10-07 22:24:03 -05:00
James Prestwood
0c8f06441e auto-t: speed up testScan
This test was taking about 5 minutes to run, specifically
the requested scan test. One slight optimization is to
remove the duplicate hidden network, since there is no
need for two. In addition the requested scan test was
changed so it does not periodic scan and only issues a dbus
scan.
2022-10-06 14:41:26 -05:00
James Prestwood
2acbe26684 auto-t: speed up testHiddenNetworks
The CI was sometimes taking ~10-15 minutes to run just this
test. This is likely due to the test having 7 radios and
which is a lot of beacons/probes to process.

Disabling the unused hostapd instances drops the runtime down
to about 1 minute.
2022-10-06 14:41:04 -05:00
James Prestwood
bc3722060e monitor: parse DPP frame types
Parses the type of frame for easier debugging.
2022-10-06 09:01:42 -05:00
James Prestwood
1d3455ba16 auto-t: add two tests for new FT behavior
These tests ensure proper behavior if FT fails to authenticate
2022-10-06 09:01:38 -05:00
James Prestwood
7d1968b086 auto-t: remove old debug print from wpas.py 2022-10-06 09:01:32 -05:00
James Prestwood
1f044b8f45 auto-t: remove rekey timeouts from autotests
Any autotest which rekeys will do so explicitly. There is no need
to potentially introduce an unexpected rekey.
2022-10-06 09:01:24 -05:00
James Prestwood
e31d6296d8 hwsim: fix early bail out processing rules
If a rule was disabled it would cause hwsim to not continue processing
frames using rules further in the queue. _Most_ tests only use one
rule so this shouldn't have changed their behavior but others which
use multiple rules may be effected and the tests have not been
running properly.
2022-10-06 09:01:08 -05:00
James Prestwood
3bc5728815 station: add two debug events for FT
These events are sent if IWD fails to authentiate
(ft-over-air-roam-failed) or if it falls back to over air after
failing to use FT-over-DS (try-ft-over-air)
2022-10-06 09:00:53 -05:00
Andrew Zaborowski
5abf980b70 autotests: Add a stateless DHCPv6 test case 2022-10-04 12:45:07 -05:00
James Prestwood
615e57c289 monitor: change Port ID to %u print
The port ID is a u32 so print with %u rather than %d
2022-10-03 10:39:46 -05:00
James Prestwood
47e11dea58 test-runner: write out individual test results
The --results option only wrote PASS/FAIL for the entire run.
Instead write out each individual test result.
2022-10-03 10:39:40 -05:00
Andrew Zaborowski
72e7d3ceb8 station: Handle NETCONFIG_EVENT_FAILED
If IPv4 setup fails and the netconfig logic gives up, continue as if the
connection had failed at earlier stages so that autoconnect can try the
next available network.
2022-10-03 10:29:54 -05:00
Andrew Zaborowski
afa9a1261c doc: Drop proposed and unimplemented API doc 2022-10-03 10:29:21 -05:00
Denis Kenzior
ac976c6f71 ap: Remove support for deprecated APRanges setting
In preparation for 2.0 release, remove settings that were marked
deprecated during 1.x cycle.
2022-09-29 12:59:16 -05:00
James Prestwood
bead4745ac ap: include PROBE_RESP attribute if required by driver
Certain drivers support/require probe response offloading which
IWD did not check for or properly handle. If probe response
offloading is required the probe response frame watch will not
be added and instead the ATTR_PROBE_RESP will be included with
START_AP.

The head/tail builders were reused but slightly modified to check
if the probe request frame is NULL, since it will be for use with
START_AP.
2022-09-28 16:23:12 -05:00
James Prestwood
06ec89d6b8 wiphy: add wiphy_supports_probe_resp_offload
Parse the AP probe response offload attribute during the dump. If
set this indicates the driver expects the probe response attribute
to be included with START_AP.
2022-09-28 16:23:00 -05:00
James Prestwood
59d36cf24f ft: optimize clearing authentications
Clearing all authentications during ft_authenticate was a very large
hammer and may remove cached authentications that could be used if
the current auth attempt fails.

For example the best BSS may have a problem and fail to authenticate
early with FT-over-DS, then fail with FT-over-Air. But another BSS
may have succeeded early with FT-over-DS. If ft_authenticate clears
all ft_infos that successful authentication will be lost.
2022-09-28 16:20:16 -05:00
James Prestwood
edf556cc7b station: add two new roaming states (FT/FW)
This adds two new station states to differentiate between
reassociation (ROAMING), Fast transition (FT_ROAMING) or a firmare
based roam (FW_ROAMING).
2022-09-28 16:19:24 -05:00
James Prestwood
174e9f2fe9 auto-t: add a no candidate test to testAPRoam
This tests the new behavior where the roam request does not
indicate disassociation is imminent. In this case if no
candidates are found IWD should not roam.
2022-09-28 12:36:20 -05:00
James Prestwood
cd258df337 auto-t: update uses of wait_for_object_change
This removes waiting for DeviceState.roaming, which is now done
automatically by wait_for_object_change.
2022-09-28 12:36:16 -05:00
James Prestwood
23a22edaed auto-t: change wait_for_object_change behavior
Instead of requiring the initial condition be met when calling
wait_for_object_change, wait for it.

This is how every caller of this function uses it, specifically
with roaming where we first wait for DeviceState.roaming, then
call wait_for_object_change. This can be simplified for the caller
so the initial condition is first waited for.
2022-09-28 12:36:14 -05:00
James Prestwood
9efcea3604 station: check disassociation bits for AP roaming
AP roaming was structured such that any AP roam request would
force IWD to roam (assuming BSS's were found in scan results).
This isn't always the best behavior since IWD may be connected
to the best BSS in range.

Only force a roam if the AP includes one of the 3 disassociation/
termination bits. Otherwise attempt to roam but don't set the
ap_directed_roaming flag which will allows IWD to stay with the
current BSS if no better candidates are found.
2022-09-28 12:35:45 -05:00
James Prestwood
0f6d461779 auto-t: set disassociation imminent for bss transitions
Allow the caller to set the disassociation imminent bit when
sending the BSS transition request.
2022-09-28 12:35:41 -05:00
James Prestwood
f3b31e48e0 station: reorder AP roam logic
There are a few checks that can be done prior to parsing the
request, in addition the explicit check for preparing_roam was
removed since this is taken care of by station_cannot_roam().
2022-09-28 12:35:06 -05:00
James Prestwood
8d224624fc ft: fix ft_associate to verify if authentication succeeded
ft_associate was only checking the presence of the info structure,
not if it actually succeeded to authenticate.
2022-09-28 12:34:08 -05:00
James Prestwood
ae0fa6207e ft: clear ft_info inside offchannel destroy
Once offchannel completes we can check if the info structure was
parsed, indicating authentication succeeded. If not there is no
reason to keep it around since IWD will either try another BSS or
fail.
2022-09-28 12:32:49 -05:00
James Prestwood
8758cc8948 station: handle ROAMING state in disconnect event
This both adds proper handling to the new roaming logic and fixes
a potential bug with firmware roams.

The new way roaming works doesn't use a connect callback. This
means that any disconnect event or call to netdev_connect_failed
will result in the event handler being called, where before the
connect callback would. This means we need to handle the ROAMING
state in the station disconnect event so IWD properly disassociates
and station goes out of ROAMING.

With firmware roams netdev gets an event which transitions station
into ROAMING. Then netdev issues GET_SCAN. During this time a
disconnect event could come in which would end up in
station_disconnect_event since there is no connect callback. This
needs to be handled the same and let IWD transition out of the
ROAMING state.
2022-09-28 12:24:03 -05:00
James Prestwood
5181d20986 ft: remove auth-proto/ft_sm
This is no longer used.
2022-09-27 17:28:37 -05:00
James Prestwood
5e731527e5 netdev: remove FT auth proto
This removes the FT auth-proto from netdev and all associated helpers
and APIs.
2022-09-27 17:28:17 -05:00
James Prestwood
ad59fb6249 netdev: ft: complete FT refactor
This finalizes the refactor by moving all the handshake prep
into FT itself (most was already in there). The netdev-specific
flags and state were added into netdev_ft_tx_associate which
now avoids any need for a netdev API related to FT.

The NETDEV_EVENT_FT_ROAMED event is now emitted once FT completes
(netdev_connect_ok). This did require moving the 'in_ft' flag
setting until after the keys are set into the kernel otherwise
netdev_connect_ok has no context as to if this was FT or some
other connection attempt.

In addition the prev_snonce was removed from netdev. Restoring
the snonce has no value once association begins. If association
fails it will result in a disconnect regardless which requires
a new snonce to be generated
2022-09-27 17:18:38 -05:00