aboutsummaryrefslogtreecommitdiffstats
path: root/src/eapol_supp
Commit message (Collapse)AuthorAgeFilesLines
* Pass full struct to peer certificate callbacksJouni Malinen2019-06-142-14/+8
| | | | | | | | This makes it easier to add new information to the callbacks without having to modify each callback function type in EAPOL and EAP code every time. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* More robust timer_tick_enabled trackingJouni Malinen2019-03-131-6/+7
| | | | | | | | | | | | | Do not set sm->timer_tick_enabled if the eloop_register_timeout() call fails so that the next attempt to enable the timer in eapol_enable_timer_tick() can try to recover from unexpected eloop failures. This should not really be needed in practical use cases, but certain out-of-memory test cases can trigger allocation failure in eloop_register_timeout() and if that happens, the previous EAPOL supplicant state machine implementation got pretty much completely stuck for any operation needing the timer. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* eap_proxy: Fix memory leaks when using eap_peer_erp_init()Srikanth Marepalli2018-09-211-1/+5
| | | | | | | | | The external session_id and emsk from eap_proxy_get_eap_session_id() and eap_proxy_get_emsk() need to be freed consistently in all code paths within eap_peer_erp_init() and outside it in the case ERP is not initialized. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Propagate the EAP method error codeAhmed ElArabawy2018-03-312-0/+17
| | | | | | | | | | | | | | | | | | In the current implementation, upon an EAP method failure, followed by an EAP failure, the EAP Status is propagated up in wpa_supplicant with a general failure parameter string "failure". This parameter is used for a notification on the dbus. This commit reports the EAP method failure error code in a separate callback. The solution in this commit is generic to all EAP methods, and can be used by any method that need to pass its error code. However, this commit only implements the reporting for EAP-SIM and EAP-AKA methods where the Notification Code (in AT_NOTIFICATION) is used as the method specific error code value. Signed-off-by: Ahmed ElArabawy <arabawy@google.com>
* eap_proxy: Support multiple SIMs in get_imsi()Vidyullatha Kanchanapally2017-06-062-3/+4
| | | | | | | | This allows the eap_proxy mechanism to be used with multiple SIMs by following the configured sim_num to index which SIM to use for when fetching the IMSI through eap_proxy. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* eap_proxy: Build realm from IMSI for proxy based EAP methodsVidyullatha Kanchanapally2017-06-062-2/+5
| | | | | | | | | For proxy based EAP methods, the EAP identity is constructed in eap_proxy layer from IMSI when required. Realm information from identity is used to do ERP eventually, hence construct the realm for proxy based methods from IMSI in core wpa_supplicant to enable the ERP use case. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* eap_proxy: Add support for deriving ERP informationVidyullatha Kanchanapally2017-06-051-0/+15
| | | | | | | This commit adds support for deriving ERP key information in EAP Proxy based EAP method implementations. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* ERP: External control of ERP key informationVidyullatha Kanchanapally2017-04-072-0/+50
| | | | | | | This allows ERP keys to be managed by external entities, e.g., when offloading FILS shared key authentication to a driver. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* RSN: Fix pre-authentication EAPOL-Start startPeriod configurationJouni Malinen2017-02-201-0/+2
| | | | | | | | | The RSN pre-authentication case ended up ignoring the initial startPeriod value and delayed EAPOL-Start message by two seconds. Fix this by forcing the first EAPOL-Start message to be sent when running pre-authentication. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Define eapol_sm_get_eap_proxy_imsi() only with CONFIG_EAP_PROXY=yJouni Malinen2017-02-191-4/+2
| | | | | | | | | This function is called only from locations within ifdef CONFIG_EAP_PROXY, so there is no need to try to cover the not-defined case here and the function can simply be removed completely if CONFIG_EAP_PROXY=y is not used. Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove trailing whitespaceJouni Malinen2016-12-281-1/+1
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* eap_proxy: Add support for SIM state change indication from eap_proxyPurushottam Kushwaha2016-12-192-0/+22
| | | | | | | | | | | | This registers a new callback to indicate change in SIM state. This helps to do some clean up (more specifically pmksa_flush) based on the state change of the SIM. Without this, the reconnection using the cached PMKSA could happen though the SIM is changed. Currently eap_proxy_sim_state corresponds to only SIM_STATE_ERROR. This can be further extended. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* ERP: Make eap_peer_finish() callableJouni Malinen2016-10-222-0/+17
| | | | | | This is needed for FILS to process EAP-Finish/Re-auth. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* ERP: Make eap_peer_erp_reauth_start() availableJouni Malinen2016-10-222-0/+18
| | | | | | | This needs to be callable through the EAPOL supplicant wrappers to allow FILS implementation to use ERP. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Fix EAPOL reauth after FT protocol or offloaded PMKSA cache useJouni Malinen2015-11-191-0/+10
| | | | | | | | | | | | | The EAP peer state machine moved from IDLE to FAILURE state when the EAPOL Authenticator triggered reauthentication with an EAP-Request/Identity in a case where the associated started with FT protocol or offloaded PMKSA cache use (4-way handshake using a previously acquired PMK). This happened due to the altSuccess=TRUE setting being left behind and not cleared when processing the restart of authentication. Fix this by clearing altAccept and eapSuccess when going through SUPP_PAE RESTART state. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add build option to remove all internal RC4 usesJouni Malinen2015-08-021-0/+10
| | | | | | | | | | | | The new CONFIG_NO_RC4=y build option can be used to remove all internal hostapd and wpa_supplicant uses of RC4. It should be noted that external uses (e.g., within a TLS library) do not get disabled when doing this. This removes capability of supporting WPA/TKIP, dynamic WEP keys with IEEE 802.1X, WEP shared key authentication, and MSCHAPv2 password changes. Signed-off-by: Jouni Malinen <j@w1.fi>
* Send EAPOL-Start on HELD->CONNECTING transitionJouni Malinen2015-07-071-1/+2
| | | | | | | | | | Previously, only CONNECTING->CONNECTING case ended up sending out an EAPOL-Start frame to avoid sending the unnecessary initial EAPOL-Start. However, this optimization prevented new EAPOL-Start from being initiated when leaving the HELD state. Allow that case to trigger immediate EAPOL-Start transmission to speed up connection. Signed-off-by: Jouni Malinen <j@w1.fi>
* Declare all read only data structures as constMikael Kanstrup2015-04-251-1/+1
| | | | | | | | By analysing objdump output some read only structures were found in .data section. To help compiler further optimize code declare these as const. Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
* tests: Add eapol-fuzzerJouni Malinen2015-04-221-3/+13
| | | | | | | This program can be used to run fuzzing tests for areas related to EAPOL frame parsing and processing on the supplicant side. Signed-off-by: Jouni Malinen <j@w1.fi>
* eap_proxy: Callback to notify any updates from eap_proxySunil Dutt2015-03-022-0/+22
| | | | | | | | This commit introduces a callback to notify any configuration updates from the eap_proxy layer. This is used to trigger re-reading of IMSI and MNC length. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Simplify eapol_sm_notify_pmkid_attempt()Jouni Malinen2015-01-282-12/+8
| | | | | | | | Drop the unneeded 'attempt' argument. This was originally used for indicating an aborted PMKID caching attempt, but a fix in 2006 removed the only such user and since that time, only attempt == 1 has been used. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add eap_session_id to wpa_supplicant STATUS outputJouni Malinen2015-01-281-0/+5
| | | | | | This makes the current EAP Session-Id available for external programs. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add peer certificate alt subject name information to EAP eventsJouni Malinen2015-01-142-3/+7
| | | | | | | | | | | | | | | A new "CTRL-EVENT-EAP-PEER-ALT depth=<i> <alt name>" event is now used to provide information about server certificate chain alternative subject names for upper layers, e.g., to make it easier to configure constraints on the server certificate. For example: CTRL-EVENT-EAP-PEER-ALT depth=0 DNS:server.example.com Currently, this includes DNS, EMAIL, and URI components from the certificates. Similar information is priovided to D-Bus Certification signal in the new altsubject argument which is a string array of these items. Signed-off-by: Jouni Malinen <j@w1.fi>
* Check os_snprintf() result more consistently - automatic 1Jouni Malinen2014-12-081-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This converts os_snprintf() result validation cases to use os_snprintf_error() where the exact rule used in os_snprintf_error() was used. These changes were done automatically with spatch using the following semantic patch: @@ identifier E1; expression E2,E3,E4,E5,E6; statement S1; @@ ( E1 = os_snprintf(E2, E3, ...); | int E1 = os_snprintf(E2, E3, ...); | if (E5) E1 = os_snprintf(E2, E3, ...); else E1 = os_snprintf(E2, E3, ...); | if (E5) E1 = os_snprintf(E2, E3, ...); else if (E6) E1 = os_snprintf(E2, E3, ...); else E1 = 0; | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else { ... return -1; } | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else if (E6) { ... E1 = os_snprintf(E2, E3, ...); } else { ... return -1; } | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else { ... E1 = os_snprintf(E2, E3, ...); } ) ? os_free(E4); - if (E1 < 0 || \( E1 >= E3 \| (size_t) E1 >= E3 \| (unsigned int) E1 >= E3 \| E1 >= (int) E3 \)) + if (os_snprintf_error(E3, E1)) ( S1 | { ... } ) Signed-off-by: Jouni Malinen <j@w1.fi>
* ERP: Add wpa_supplicant ERP_FLUSH ctrl_iface commandJouni Malinen2014-12-042-0/+11
| | | | | | This can be used to flush all the ERP keys. Signed-off-by: Jouni Malinen <j@w1.fi>
* ERP: Add support for ERP on EAP peerJouni Malinen2014-12-041-0/+14
| | | | | | | | | | | | | | Derive rRK and rIK on EAP peer if ERP is enabled. The new wpa_supplicant network configuration parameter erp=1 can now be used to configure the EAP peer to derive EMSK, rRK, and rIK at the successful completion of an EAP authentication method. This functionality is not included in the default build and can be enabled with CONFIG_ERP=y. If EAP authenticator indicates support for re-authentication protocol, initiate this with EAP-Initiate/Re-auth and complete protocol when receiving EAP-Finish/Re-auth. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Extend startWhen to 2 if peer AP supports WPS 2.0Justin Shen2014-10-132-1/+3
| | | | | | | | | | | Increase EAPOL startWhen to 2 for the case where the AP/GO has advertised it supports WPS 2.0. This is done to make it less likely for the EAPOL-Start frame to be sent out since that is only required for WPS 1.0. Not sending it can remove one unnecessary round trip from the EAP exchange when the AP is going to start with EAP-Request/Identity immediately based on the Association Request frame. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* wpa_supplicant: Allow OpenSSL cipherlist string to be configuredJouni Malinen2014-10-122-0/+10
| | | | | | | | | | | The new openssl_cipher configuration parameter can be used to select which TLS cipher suites are enabled for TLS-based EAP methods when OpenSSL is used as the TLS library. This parameter can be used both as a global parameter to set the default for all network blocks and as a network block parameter to override the default for each network profile. Signed-off-by: Jouni Malinen <j@w1.fi>
* WPS: Set EAPOL workarounds dynamically based on associationJouni Malinen2014-09-082-7/+15
| | | | | | | | | | | | | | | | Previously, the shorter startWhen value was used based on build parameters (i.e., if WPS was enabled). This is not really ideal and the knowledge of WPS use can be provided to the EAPOL state machine to allow this (and similar WPS workarounds) to be done only when the association is for the purpose of WPS. Reduce the default startWhen value from 3 to 2 seconds for non-WPS case since WPS builds have likely received most testing for the past years with the 1 second value and there is no strong justification for forcing the longer 3 second wait should a frame be lost or something else require the EAPOL-Start to initiate operation after a connection. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* EAPOL supplicant: Use os_memcmp_const() for hash/password comparisonsJouni Malinen2014-07-021-2/+2
| | | | | | | | | This makes the implementation less likely to provide useful timing information to potential attackers from comparisons of information received from a remote device and private material known only by the authorized devices. Signed-off-by: Jouni Malinen <j@w1.fi>
* eap_proxy: Check sm != NULL more consistentlyJouni Malinen2014-06-071-1/+1
| | | | | | | | | While it does not look like that eapol_sm_get_key() would ever be called with sm == NULL, the current implementation is inconsistent on whether that is allowed or not. Check sm != NULL consistently to avoid warnings from static analyzers. Signed-off-by: Jouni Malinen <j@w1.fi>
* MACsec: Add define for EAPOL type MKAHu Wang2014-05-091-0/+7
| | | | Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add function to fetch EAP Session-Id from EAPOL supplicantHu Wang2014-05-092-0/+19
| | | | Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Skip network disabling on expected EAP failureJouni Malinen2014-01-082-4/+17
| | | | | | | | | | Some EAP methods can go through a step that is expected to fail and as such, should not trigger temporary network disabling when processing EAP-Failure or deauthentication. EAP-WSC for WPS was already handled as a special case, but similar behavior is needed for EAP-FAST with unauthenticated provisioning. Signed-hostap: Jouni Malinen <j@w1.fi>
* Remove some unnecessary EAPOL port (un)authorized callbacksJouni Malinen2014-01-021-9/+18
| | | | | | | | | | | If the port status did not change or would not need to get an update after portEnabled changes, there is no need to try to set the driver to use the same value it is already using based on the previous state. Remove such calls to reduce number of operations during reassociation. In addition, this cleans up the debug log by removing unnecessary duplicated entries. Signed-hostap: Jouni Malinen <j@w1.fi>
* Add CONFIG_CODE_COVERAGE=y option for gcovJouni Malinen2013-11-241-1/+1
| | | | | | This can be used to measure code coverage from test scripts. Signed-hostap: Jouni Malinen <j@w1.fi>
* eap_proxy: Add context data pointer to the get_imsi callNaresh Jayaram2013-10-231-1/+1
| | | | | | | This was already included in all the other calls to eap_proxy, but somehow the get_imsi call had been forgotten. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* eap_proxy: Confirm eap_proxy initialization before reading SIM infoNaresh Jayaram2013-10-232-0/+13
| | | | | | | | | Trying to access the SIM card details without checking if the eap_proxy layer has been initialized can results in a crash. Address this by sending the request for the IMSI through eapol_supp_sm.c which can verify that eap_proxy has been initialized. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* EAP peer: Add framework for external SIM/USIM processingJouni Malinen2013-10-202-0/+6
| | | | | | | | | | | | | | The new configuration parameter external_sim=<0/1> can now be used to configure wpa_supplicant to use external SIM/USIM processing (e.g., GSM authentication for EAP-SIM or UMTS authentication for EAP-AKA). The requests and responses for such operations are sent over the ctrl_iface CTRL-REQ-SIM and CTRL-RSP-SIM commands similarly to the existing password query mechanism. Changes to the EAP methods to use this new mechanism will be added in separate commits. Signed-hostap: Jouni Malinen <j@w1.fi>
* Drop EAP packet with code 10 before EAPOL state machine processingSunil Dutt2013-09-161-0/+18
| | | | | | | | | | H3C WA2620i-AGN AP may send an EAP packet with an undefined EAP code 10 after successful EAP authentication which restarts the EAPOL state machine. Drop such frames with this unrecognized code without advancing the EAPOL supplicant or EAP peer state machines to avoid interoperability issues with the AP. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* dbus_new: Add EAP logon/logoffPaul Stewart2013-04-231-0/+4
| | | | | | | | | Add "EAPLogoff" and "EAPLogon" interface DBus commands which parallel the "logoff" and "logon" wpa_ctrl commands which terminate and restart EAP authentication. Slightly enhance the "logon" case by expiring any running "startWhile" timer. Signed-hostap: Paul Stewart <pstew@chromium.org>
* eap_proxy: Add mechanism for allowing EAP methods to be offloadedDeepthi Gowri2013-02-081-0/+92
| | | | | | | | | In addition to the offload mechanism, the Android configuration and makefiles are extended to allow this to be configured for the build by dropping in platform specific configuration files and makefile without having to modify any existing files. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
* Fix EAPOL supplicant port authorization with PMKSA cachingJouni Malinen2012-10-271-4/+1
| | | | | | | | | | | | | | | | | | | | | | | | The previous eapol_sm_notify_cached() implementation forced the port to be authorized when receiving EAPOL-Key msg 1/4 that included a matching PMKID in cases when PMKSA caching is used. This is too early since the port should really be authorized only after the PTK has been configured which is the case when PMKSA caching is not used. Fix this by using the EAPOL supplicant PAE state machine to go through the AUTHENTICATING and AUTHENTICATED states instead of forcing a jump to AUTHENTICATED without performing full state machine steps. This can be achieved simply by marking eapSuccess TRUE at least with the current version of EAP and EAPOL state machines (the earlier commits in this function seemed to indicate that this may have not been that easy in the older versions due to the hacks needed here). This addresses an issue with nl80211-based driver interface when the driver depends on the STA Authorized flag being used to prevent unprotected frames from being accepted (both TX and RX) prior to PTK configuration. Signed-hostap: Jouni Malinen <j@w1.fi> intended-for: hostap-1
* EAP-SIM/AKA: Store pseudonym identity in configurationJouni Malinen2012-09-022-1/+19
| | | | | | | | Use the anonymous_identity field to store EAP-SIM/AKA pseudonym identity so that this can be maintained between EAP sessions (e.g., after wpa_supplicant restart) even if fast re-authentication data was cleared. Signed-hostap: Jouni Malinen <j@w1.fi>
* Clear idleWhile timer when EAP peer state machine is not in useJouni Malinen2012-08-261-1/+2
| | | | | | | This allows the EAPOL tick timer to be stopped more quickly when getting disconnected. Signed-hostap: Jouni Malinen <j@w1.fi>
* Disable network block temporarily on authentication failuresJouni Malinen2012-08-262-0/+13
| | | | | | | | If 4-way handshake fails due to likely PSK failure or if EAP authentication fails, disable the network block temporarily. Use longer duration if multiple consecutive failures are seen. Signed-hostap: Jouni Malinen <j@w1.fi>
* FIPS: Remove MD5 from the CONFIG_FIPS=y buildJouni Malinen2012-08-161-0/+2
| | | | | | | | When CONFIG_FIPS=y is used, do not include MD5 in the build and disable EAPOL-Key frames that use MD5 (WPA/TKIP and dynamic WEP with IEEE 802.1X). Signed-hostap: Jouni Malinen <j@w1.fi>
* Add explicit EAPOL-Key length validation in processKey()Jouni Malinen2012-08-071-2/+6
| | | | | | | | | These checks would not really be needed since eapol_sm_rx_eapol() validates the length fields. Anyway, these makes it more obvious to anyone reviewing the code that there are no integer underflow issues in processKey(). Signed-hostap: Jouni Malinen <j@w1.fi>
* Share a single definition of EAPOL-Key structure for WEP keysJouni Malinen2012-08-071-40/+0
| | | | Signed-hostap: Jouni Malinen <j@w1.fi>
* EXT PW: Add support for password parameter from external storageJouni Malinen2012-08-032-2/+17
| | | | | | | | | | | | | | | | | | | | This allows the password parameter for EAP methods to be fetched from an external storage. Following example can be used for developer testing: ext_password_backend=test:pw1=password|pw2=testing network={ key_mgmt=WPA-EAP eap=TTLS identity="user" password=ext:pw1 ca_cert="ca.pem" phase2="auth=PAP" } Signed-hostap: Jouni Malinen <j@w1.fi>