path: root/src/ap/wpa_auth_glue.c
Commit message (Collapse)AuthorAgeFilesLines
* OWE: Support DH groups 20 (NIST P-384) and 21 (NIST P-521) in AP modeJouni Malinen2017-10-081-2/+8
| | | | | | | This extends OWE support in hostapd to allow DH groups 20 and 21 to be used in addition to the mandatory group 19 (NIST P-256). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* SAE: Fix PMKSA caching behavior in AP modeJouni Malinen2017-09-041-0/+5
| | | | | | | | Add PMKID into EAPOL-Key 1/4 when using SAE and fix the PMK-from-PMKSA selection in some cases where PSK (from passphrase) could have been used. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FT: Add support for wildcard R0KH/R1KHMichael Braun2017-05-031-2/+6
| | | | | | | | | | | | | | | | | | | | | | | Enable use of FT RRB without configuring each other AP locally. Instead, broadcast messages are exchanged to discover APs within the local network. When an R0KH or R1KH is discovered, it is cached for one day. When a station uses an invalid or offline r0kh_id, requests are always broadcast. In order to avoid this, if r0kh does not reply, a temporary blacklist entry is added to r0kh_list. To avoid blocking a valid r0kh when a non-existing pmk_r0_name is requested, r0kh is required to always reply using a NAK. Resend requests a few times to ensure blacklisting does not happen due to small packet loss. To free newly created stations later, the r*kh_list start pointer in conf needs to be updateable from wpa_auth_ft.c, where only wconf is accessed. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* FT RRB: Add msg replay and msg delay protectionMichael Braun2017-05-031-0/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | This adds a counter and adds sequence numbering to FT RRB packets. The sequence number is checked against r0kh/r1kh sequence number cache. Special attention is needed in case the remote AP reboots and thus loses its state. I prefer it to recover automatically even without synchronized clocks. Therefore an identifier called dom is generated randomly along the initial sequence number. If the dom transmitted does not match or the sequence number is not in the range currently expected, the sender is asked for a fresh confirmation of its currently used sequence numbers. The packet that triggered this is cached and processed again later. Additionally, in order to ensure freshness, the remote AP includes an timestamp with its messages. It is then verified that the received messages are indeed fresh by comparing it to the older timestamps received and the time elapsed since then. Therefore FT_RRB_TIMESTAMP is no longer needed. This assigns new OUI 00:13:74 vendor-specific subtype 0x0001 subtypes: 4 (SEQ_REQ) and 5 (SEQ_RESP). This breaks backward compatibility, i.e., hostapd needs to be updated on all APs at the same time to allow FT to remain functional. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* FT: Replace inter-AP protocol with use of OUI Extended EthertypeMichael Braun2017-05-031-3/+214
| | | | | | | | | | | | | | | | | | Replace the previously used extension of IEEE 802.11 managed Ethertype 89-0d (originally added for Remote Request/Response in IEEE 802.11r) with Ethertype 88-b7 (OUI Extended EtherType) for FT inter-AP communication. The new design uses a more properly assigned identifier for the messages. This assigns the OUI 00:13:74 vendor-specific subtype 0x0001 for the new hostapd AP-to-AP communication purposes. Subtypes 1 (PULL), 2 (RESP), and 3 (PUSH) are also assigned in this commit for the R0KH-R1KH protocol. This breaks backward compatibility, i.e., hostapd needs to be updated on all APs at the same time to allow FT to remain functional. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* FT: Schedule wpa_ft_rrb_rx() through eloop in intra-process communicationMichael Braun2017-04-011-14/+64
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | With AP-AP communication, when hapd0 sends a packet, hapd1 can receive it immediately and send a response. But hapd0 will only read and process the response after it has returned from the sending context, that is entered eloop again. So one does not need to consider the RX function of the reply to run for the request sending hapd before the send calling function has returned. Previously, with intra-process communication, the packet is not scheduled through eloop. Thus the RX handler of the reply might be run while the sending context of the original request has not returned. This might become problematic, e.g., when deferring a management frame processing until an RRB response is received and then have the request restarted and finished before the original request handling has been stopped. I'm not aware of any concrete bug this is currently triggering but came across it while thinking of FT RRB AP-AP sequence numbering. I think the non-eloop scheduling approach might be error-prone and thus propose to model it more closely to the way the message would be received from a socket. Additionally, this ensures that the tests model AP-AP communication more closely to real world. Solution: queue these packets through eloop. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* OWE: Process Diffie-Hellman Parameter element in AP modeJouni Malinen2017-03-121-0/+6
| | | | | | | | This adds AP side processing for OWE Diffie-Hellman Parameter element in (Re)Association Request frame and adding it in (Re)Association Response frame. Signed-off-by: Jouni Malinen <j@w1.fi>
* FILS: Find PMKSA cache entries on AP based on FILS Cache IdentifierJouni Malinen2017-02-211-0/+5
| | | | | | | | This allows PMKSA cache entries to be shared between all the BSSs operated by the same hostapd process when those BSSs use the same FILS Cache Identifier value. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add hostapd options wpa_group_update_count and wpa_pairwise_update_countGünther Kelleter2017-02-061-0/+2
| | | | | | | | | | | | | | | wpa_group_update_count and wpa_pairwise_update_count can now be used to set the GTK and PTK rekey retry limits (dot11RSNAConfigGroupUpdateCount and dot11RSNAConfigPairwiseUpdateCount). Defaults set to current hardcoded value (4). Some stations may suffer from frequent deauthentications due to GTK rekey failures: EAPOL 1/2 frame is not answered during the total timeout period of currently ~3.5 seconds. For example, a Galaxy S6 with Android 6.0.1 appears to go into power save mode for up to 5 seconds. Increasing wpa_group_update_count to 6 fixed this issue. Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>
* wpa_auth: Make struct wpa_auth_callbacks constJohannes Berg2017-01-291-23/+22
| | | | | | | | | Instead of copying the struct wpa_auth_callbacks, just keep a pointer to it, keep the context pointer separate, and let the user just provide a static const structure. This reduces the attack surface of heap overwrites, since the function pointers move elsewhere. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* FT: Differentiate between FT for station and for AP in buildIlan Peer2016-10-291-14/+14
| | | | | | | | | | | | | | Previously, CONFIG_IEEE80211R enabled build that supports FT for both station mode and AP mode. However, in most wpa_supplicant cases only station mode FT is required and there is no need for AP mode FT. Add support to differentiate between station mode FT and AP mode FT in wpa_supplicant builds by adding CONFIG_IEEE80211R_AP that should be used when AP mode FT support is required in addition to station mode FT. This allows binary size to be reduced for builds that require only the station side FT functionality. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
* FT: Allow PMK-R0 and PMK-R1 for FT-PSK to be generated locallyMichael Braun2016-10-091-0/+1
| | | | | | | | | | | | | | | | | | Station should be able to connect initially without ft_pmk_cache filled, so the target AP has the PSK available and thus the same information as the origin AP. Therefore neither caching nor communication between the APs with respect to PMK-R0 or PMK-R1 or VLANs is required if the target AP derives the required PMKs locally. This patch introduces the generation of the required PMKs locally for FT-PSK. Additionally, PMK-R0 is not stored (and thus pushed) for FT-PSK. So for FT-PSK networks, no configuration of inter-AP communication is needed anymore when using ft_psk_generate_local=1 configuration. The default behavior (ft_psk_generate_local=0) remains to use the pull/push protocol. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* FT: Fix RRB for FT over-the-air caseGünther Kelleter2016-04-181-1/+1
| | | | | | | | | | Commit 66d464067d626cc64c5a543a8f91fe58727f4e5e ('FT: Register RRB l2_packet only if FT-over-DS is enabled') disabled RRB l2_packet socket if ft_over_ds is disabled, but this socket is required for FT over-the-air, too (FT key distribution). Enable the socket regardless of ft_over_ds setting if FT is enabled. Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>
* FT: Check destination MAC address on RRB receiveMichael Braun2016-02-281-0/+3
| | | | | | | | | | | | | | As the Linux variant of l2_packet_init() does not use its own_addr argument and l2_packet_receive() does not filter on destination MAC address, this needs to be checked in the callback. If there are multiple BSSes listening for FT RRB packets, all their BSSIDs need to be local to the bridge interface. As l2_packet_init() is going to receive all of them going for any local address, those RRB messages started turning up on BSSes that were not destinated for and cluttering logs. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* Defer passphrase-to-PSK hashing out of 802.11 authentication ACL checkMichael Braun2016-02-281-0/+8
| | | | | | | | | | | | | | Hashing takes quite some time (can be about one second on a low-power CPU for each passphrase provided), so hostapd can easily hit the 900 ms Wi-Fi client authentication deadline (mac80211 uses 3x 300 ms). This can be fixed by storing the passphrase instead of PSK with the STA and defer the hashing into the WPA/RSN 4-way handshake, when enumerating all PSKs. This applies for the case where a RADIUS server is used to store the per-STA passphrases and this passphrase is delivered as part of the MAC ACL check during IEEE 802.11 Authentication frame processing. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* FT: Check hapd->wpa_auth before RRB internal deliveryMichael Braun2016-02-281-0/+2
| | | | | | | | | | | | | A malicious station could try to do FT-over-DS with a non WPA-enabled BSS. When this BSS is located in the same hostapd instance, internal RRB delivery will be used and thus the FT Action Frame will be processed by a non-WPA enabled BSS. This processing used to crash hostapd as hapd->wpa_auth is NULL. If the target BSS is on a different hostapd instance, it will not listen for these packets and thus not crash. Fix this by checking hapd->wpa_auth before delivery. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* hostapd: Fix WPA, IEEE 802.1X, and WPS deinit in cases where init failsJouni Malinen2015-10-141-2/+3
| | | | | | | | | | | | With driver wrappers that implement set_privacy(), set_generic_elem(), set_ieee8021x(), or set_ap_wps_ie(), it was possible to hit a NULL pointer dereference in error cases where interface setup failed and the network configuration used WPA/WPA2, IEEE 802.1X, or WPS. Fix this by skipping the driver operations in case the driver interface is not initialized. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* hostapd: Add testing option to override own WPA/RSN IE(s)Jouni Malinen2015-08-081-0/+7
| | | | | | | | This allows the new own_ie_override=<hexdump> configuration parameter to be used to replace the normally generated WPA/RSN IE(s) for testing purposes in CONFIG_TESTING_OPTIONS=y builds. Signed-off-by: Jouni Malinen <j@w1.fi>
* FT: Register RRB l2_packet only if FT-over-DS is enabledJouni Malinen2015-07-171-1/+2
| | | | | | | There is no need to waste resources for this packet socket if FT-over-DS is disabled or when operating P2P GO or AP mode in wpa_supplicant. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Replace SSID_LEN with SSID_MAX_LENJouni Malinen2015-04-221-2/+2
| | | | | | This makes source code more consistent. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add a AP mode event message for possible PSK/passphrase mismatchJouni Malinen2015-03-191-0/+10
| | | | | | | | | | If the AP/Authenticator receives an EAPOL-Key msg 2/4 for an association that negotiated use of PSK and the EAPOL-Key MIC does not match, it is likely that the station is trying to use incorrect PSK/passphrase. Report this with "AP-STA-POSSIBLE-PSK-MISMATCH <STA addr>" control interface event. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* hostapd: Debug messages for dodgy RADIUS serversBen Greear2015-01-221-2/+7
| | | | | | | These were helpful when tracking down why hostapd did not work properly with a RADIUS server. Signed-hostap: Ben Greear <greearb@candelatech.com>
* Add external EAPOL transmission option for testing purposesJouni Malinen2014-10-101-0/+30
| | | | | | | | | | The new ext_eapol_frame_io parameter can be used to configure hostapd and wpa_supplicant to use control interface for receiving and transmitting EAPOL frames. This makes it easier to implement automated test cases for protocol testing. This functionality is included only in CONFIG_TESTING_OPTIONS=y builds. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Allow management group cipher to be configuredJouni Malinen2014-03-141-0/+1
| | | | | | | | | | This allows hostapd to set a different management group cipher than the previously hardcoded default BIP (AES-128-CMAC). The new configuration file parameter group_mgmt_cipher can be set to BIP-GMAC-128, BIP-GMAC-256, or BIP-CMAC-256 to select one of the ciphers defined in IEEE Std 802.11ac-2013. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* HS 2.0R2 AP: Add OSEN implementationJouni Malinen2014-02-251-0/+13
| | | | Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Add support for IP address assignment in 4-way handshakeJouni Malinen2014-01-271-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | This new mechanism allows P2P Client to request an IPv4 address from the GO as part of the 4-way handshake to avoid use of DHCP exchange after 4-way handshake. If the new mechanism is used, the assigned IP address is shown in the P2P-GROUP-STARTED event on the client side with following new parameters: ip_addr, ip_mask, go_ip_addr. The assigned IP address is included in the AP-STA-CONNECTED event on the GO side as a new ip_addr parameter. The IP address is valid for the duration of the association. The IP address pool for this new mechanism is configured as global wpa_supplicant configuration file parameters ip_addr_go, ip_addr_mask, ip_addr_star, ip_addr_end. For example: ip_addr_go= ip_addr_mask= ip_addr_start= ip_addr_end= DHCP mechanism is expected to be enabled at the same time to support P2P Devices that do not use the new mechanism. The easiest way of managing the IP addresses is by splitting the IP address range into two parts and assign a separate range for wpa_supplicant and DHCP server. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Include driver.h in hostapd.hAndrei Otcheretianski2013-12-241-1/+0
| | | | | | | This allows use of structs (and not only pointers) defined in drivers.h. Remove also some not needed forward declarations and redundant includes. Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
* hostapd: Fix couple of deinit path cases to clear pointersJouni Malinen2013-09-251-0/+1
| | | | | | | | This fixes some issues where dynamic interface enable/disable cycles could end up trying to free resources twice and crash the process while doing so. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* P2P: Select PSK based on Device Address instead of Interface AddressJouni Malinen2013-09-011-1/+2
| | | | | | | | | When using per-device PSKs, select the PSK based on the P2P Device Address of the connecting client if that client is a P2P Device. This allows the P2P Interface Address to be changed between P2P group connections which may happen especially when using persistent groups. Signed-hostap: Jouni Malinen <j@w1.fi>
* P2P: Make peer's P2P Device Address available to authenticatorJouni Malinen2013-09-011-1/+1
| | | | | | | This can be used to implement per-device PSK selection based on the peer's P2P Device Address instead of P2P Interface Address. Signed-hostap: Jouni Malinen <j@w1.fi>
* hostapd: Add Key MIC in group EAPOL-Key frames corruption test optionJohannes Berg2013-05-041-2/+7
| | | | | | | | | For some testing it can be useful to force the Key MIC in group EAPOL-Key frames to be corrupt. Add an option to allow setting a probability for corrupting the Key MIC and use it in the WPA code, increasing the first byte of the MIC by one to corrupt it if desired. Signed-hostap: Johannes Berg <johannes.berg@intel.com>
* SAE: Use PMK in 4-way handshakeJouni Malinen2013-01-121-2/+13
| | | | | | | Use the PMK that is derived as part of the SAE authentication in the 4-way handshake instead of the PSK. Signed-hostap: Jouni Malinen <j@w1.fi>
* Keep and use list of PSKs per station for RADIUS-based PSKMichael Braun2012-11-251-3/+11
| | | | | | | | | This adds support for multiple PSKs per station when using a RADIUS authentication server to fetch the PSKs during MAC address authentication step. This can be useful if multiple users share a device but each user has his or her own private passphrase. Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
* hostapd: Fix a regression in TKIP countermeasures processingJouni Malinen2012-11-181-2/+2
| | | | | | | | | | | | Commit 296a34f0c1730416bf2a61ab78690be43d82a3c0 changed hostapd to remove the internal STA entry at the beginning of TKIP countermeasures. However, this did not take into account the case where this is triggered by an EAPOL-Key error report from a station. In such a case, WPA authenticator state machine may continue processing after having processed the error report. This could result in use of freed memory. Fix this by stopping WPA processing if the STA entry got removed. Signed-hostap: Jouni Malinen <j@w1.fi>
* Move hostapd global callback functions into hapd_interfacesJouni Malinen2012-08-251-7/+9
| | | | | | | | These function pointers are going to be the same for each interface so there is no need to keep them in struct hostapd_iface. Moving them to struct hapd_interfaces makes it easier to add interfaces at run time. Signed-hostap: Jouni Malinen <j@w1.fi>
* Fix endless loop in PSK fetching with PSK-from-RADIUSMichael Braun2012-08-041-3/+9
| | | | | | | | | | | | Commit 05ab9712b9977192b713f01f07c3b14ca4d1ba78 added support for fetching WPA PSK from an external RADIUS server and changed hostapd_wpa_auth_get_psk() to always return the RADIUS supplied PSK (if set) and ignore the prev_psk parameter for iteration. Fix this by appending the RADIUS supplied PSK to the list iterated by hostapd_get_psk and thus returning NULL when prev_psk == sta->psk (RADIUS). Signed-hostap: M. Braun <michael-dev@fami-braun.de>
* FT: Add FT AP support for drivers that manage MLME internallyShan Palanisamy2012-08-011-0/+14
| | | | Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* HS 2.0: Add mechanism for disabling DGAFJouni Malinen2012-07-301-0/+3
| | | | | | | | | | | | | | disable_dgaf=1 in hostapd.conf can now be used to disable downstream group-addressed forwarding (DGAF). In this configuration, a unique GTK (and IGTK) is provided to each STA in the BSS to make sure the keys do not match and no STA can forge group-addressed frames. An additional mechanism in the AP needs to be provided to handle some group-addressed frames, e.g., by converting DHCP packets to unicast IEEE 802.11 frames regardless of their destination IP address and by providing Proxy ARP functionality. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Remove the GPL notification from files contributed by Jouni MalinenJouni Malinen2012-02-111-8/+2
| | | | | | | Remove the GPL notification text from the files that were initially contributed by myself. Signed-hostap: Jouni Malinen <j@w1.fi>
* Allow WPA passphrase to be fetched with RADIUS Tunnel-Password attributeMichael Braun2011-12-111-0/+3
| | | | | | | | | | | | This allows per-device PSK to be configured for WPA-Personal using a RADIUS authentication server. This uses RADIUS-based MAC address ACL (macaddr_acl=2), i.e., Access-Request uses the MAC address of the station as the User-Name and User-Password. The WPA passphrase is returned in Tunnel-Password attribute in Access-Accept. This functionality can be enabled with the new hostapd.conf parameter, wpa_psk_radius. Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
* Allow MLME frames to be sent without expecting an ACK (no retries)Helmut Schaa2011-11-191-1/+1
| | | | | | | | | | In some situations it might be benefical to send a unicast frame without the need for getting it ACKed (probe responses for example). In order to achieve this add a new noack parameter to the drivers send_mlme callback that can be used to advise the driver to not wait for an ACK for this frame. Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
* Include wpa_auth_glue.h to verify function prototypesJouni Malinen2011-11-181-0/+1
| | | | Signed-hostap: Jouni Malinen <j@w1.fi>
* Fix TKIP countermeasures stopping in deinit pathsJouni Malinen2011-10-301-0/+1
| | | | | | | The eloop timeout to stop TKIP countermeasures has to be canceled on deinit path to avoid leaving bogus timeouts behind. Signed-hostap: Jouni Malinen <j@w1.fi>
* Fix WPA authenticator configuration to not leave uninitialized fieldsJouni Malinen2011-10-281-0/+1
| | | | | | | | hostapd_wpa_auth_conf() is called on uninitialized memory and the conditional blocks in this function may leave some fields into uninitialized state. This can result in unexpected behavior elsewhere since some of the variables may be used without matching #ifdef blocks. Fix this by zeroing the memory.
* Fix hostapd_wpa_auth_send_ether() return valueJouni Malinen2011-10-231-1/+1
| | | | | This was not currently used for anything, but better return the correct value instead of hardcoded -1.
* Allow PMKSA caching to be disabled on AuthenticatorJouni Malinen2011-07-051-0/+1
| | | | | | | A new hostapd configuration parameter, disable_pmksa_caching=1, can now be used to disable PMKSA caching on the Authenticator. This forces the stations to complete EAP authentication on every association when WPA2 is being used.
* nl80211: Send EAPOL frames as QoS data frames for QoS aware clientsFelix Fietkau2011-04-021-1/+8
| | | | | | | | | | | This should fix EAPOL reauthentication and rekeying timeout issues with Intel clients when using WMM (e.g., with IEEE 802.11n). These stations do not seem to be able to handle EAPOL data frames as non-QoS Data frames after the initial setup. This adds STA flags to hapd_send_eapol() driver op to allow driver_nl80211.c to mark the EAPOL frames as QoS Data frame when injecting it through the monitor interface.
* Work around SNonce updates on EAPOL-Key 1/4 retransmissionJouni Malinen2011-03-291-0/+2
| | | | | | | | | | | | | | | | | | | | Some deployed supplicants update their SNonce for every receive EAPOL-Key message 1/4 even when these messages happen during the same 4-way handshake. Furthermore, some of these supplicants fail to use the first SNonce that they sent and derive an incorrect PTK using another SNonce that does not match with what the authenticator is using from the first received message 2/4. This results in failed 4-way handshake whenever the EAPOL-Key 1/4 retransmission timeout is reached. The timeout for the first retry is fixed to 100 ms in the IEEE 802.11 standard and that seems to be short enough to make it difficult for some stations to get the response out before retransmission. Work around this issue by increasing the initial EAPOL-Key 1/4 timeout by 1000 ms (i.e., total timeout of 1100 ms) if the station acknowledges reception of the EAPOL-Key frame. If the driver does not indicate TX status for EAPOL frames, use longer initial timeout (1000 ms) unconditionally.
* FT: Make FT-over-DS configurable (hostapd.conf ft_over_ds=0/1)Shan Palanisamy2011-03-061-0/+1
* FT: Specify source MAC address for RRB messagesJouni Malinen2011-02-201-12/+27
| | | | | | | | Use l2_packet with Ethernet header included so that the source address for RRB packets can be forced to be the local BSSID. This fixes problems where unexpected bridge interface address may end up getting used and the recipient of the frame dropping it as unknown R0KH/R1KH.