path: root/wlantest
Commit message (Collapse)AuthorAgeFilesLines
* wlantest: Avoid unaligned iphdr pointersBrian Norris12 days1-17/+18
| | | | | | | | Buffers passed to rx_data_ip() may not be naturally-aligned, and so we get unpredictable behavior when we cast that to an IP header. In particular, this code may crash on ARM. Signed-off-by: Brian Norris <briannorris@chromium.org>
* wlantest: Add new key_mgmt and rsn_capab values for BSS/STA debug printsJouni Malinen2021-02-072-5/+27
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Add more details about protected FTM framesJouni Malinen2021-02-071-15/+139
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Recognize the FTM bit in the CCMP Key ID octetJouni Malinen2021-02-071-1/+8
| | | | | | | | | This previously reserved bit is now used in FTM to help select the appropriate replay counter. Silence the warning about use of a reserved bit for this. wlantest does not yet support the actual replay counter processing for FTM. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Process Action No Ack frames like Action framesJouni Malinen2021-02-072-7/+19
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Support TK list for Management frame decryptionJouni Malinen2021-02-074-24/+80
| | | | | | | | Use the TKs from the PTK file (-T command line argument) to try to decrypt encrypted Management frames if no BSS/STA key can be found based on addresses. Signed-off-by: Jouni Malinen <j@w1.fi>
* FILS: Extend the fils_pmk_to_ptk() function to also derive KDKIlan Peer2021-01-251-1/+1
| | | | | | | Extend the fils_pmk_to_ptk() to also derive Key Derivation Key (KDK) which can later be used for secure LTF measurements. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
* FT: Extend the wpa_pmk_r1_to_ptk() function to also derive KDKIlan Peer2021-01-252-3/+4
| | | | | | | Extend the wpa_pmk_r1_to_ptk() to also derive Key Derivation Key (KDK), which can later be used for secure LTF measurements. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
* WPA: Extend the wpa_pmk_to_ptk() function to also derive KDKIlan Peer2021-01-251-1/+1
| | | | | | | | | | | | Extend the wpa_pmk_to_ptk() to also derive Key Derivation Key (KDK), which can later be used for secure LTF measurements. Update the wpa_supplicant and hostapd configuration and the corresponding WPA and WPA Auth state machine, to allow enabling of KDK derivation. For now, use a testing parameter to control whether KDK is derived. Signed-off-by: Ilan Peer <ilan.peer@intel.com>
* wlantest: Include PASN into buildIlan Peer2021-01-251-0/+1
| | | | Signed-off-by: Ilan Peer <ilan.peer@intel.com>
* wlantest: Allow missing RSNE in S1G beaconThomas Pedersen2020-12-041-2/+6
| | | | | | | | S1G beacons save a few bytes by not requiring the RSNE in beacon if RSN BSS is configured. Handle this in wlantest by only clearing RSNE from the BSS info if frame is a Probe Response frame. Signed-off-by: Thomas Pedersen <thomas@adapt-ip.com>
* gitignore: Clean up a bitJohannes Berg2020-10-111-0/+4
| | | | | | | | Now that we no longer leave build artifacts outside the build folder, we can clean up the gitignore a bit. Also move more things to per-folder files that we mostly had already anyway. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* build: Put archive files into build/ folder tooJohannes Berg2020-10-111-7/+2
| | | | | | | | | | | | | | | | This is something I hadn't previously done, but there are cases where it's needed, e.g., building 'wlantest' and then one of the tests/fuzzing/*/ projects, they use a different configuration (fuzzing vs. not fuzzing). Perhaps more importantly, this gets rid of the last thing that was dumped into the source directories, apart from the binaries themselves. Note that due to the use of thin archives, this required building with absolute paths. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* build: Put object files into build/ folderJohannes Berg2020-10-101-3/+7
| | | | | | | | | | | | | | | | Instead of building in the source tree, put most object files into the build/ folder at the root, and put each thing that's being built into a separate folder. This then allows us to build hostapd and wpa_supplicant (or other combinations) without "make clean" inbetween. For the tests keep the objects in place for now (and to do that, add the build rule) so that we don't have to rewrite all of that with $(call BUILDOBJS,...) which is just noise there. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* build: Add a common-clean targetJohannes Berg2020-10-101-3/+2
| | | | | | | | Clean up in a more common fashion as well, initially for ../src/. Also add $(Q) to the clean target in src/ Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* build: Pull common fragments into a build.rules fileJohannes Berg2020-10-101-34/+1
| | | | | | | Some things are used by most of the binaries, pull them into a common rule fragment that we can use properly. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* wlantest: Fix EAPOL-Key Key Data padding removalJouni Malinen2020-09-291-1/+0
| | | | | | | | | | | The case where a single 0xdd octet without any 0x00 octets is used as padding was addressed incorrectly and that ended up truncating one octet of the actual plaintext version of the Key Data value. Fix this by removing the unnecessary change to the p pointer before calculating the new length since p is already pointing to one past the last octet of the full plaintext. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* wlantest: Avoid heap-overflow on unexpected dataBrian Norris2020-08-221-2/+2
| | | | | | | | | | We're doing a sort of bounds check, based on the previous loop, but only after we've already tried to read off the end. This squashes some ASAN errors I'm seeing when running the ap_ft hwsim test module. Signed-off-by: Brian Norris <briannorris@chromium.org>
* wlantest: Fix RSNE check in FT 4-way handshake msg 3/4Jouni Malinen2020-05-251-1/+14
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Validate FT elements in Reassociation Response frameJouni Malinen2020-05-231-10/+437
| | | | | | | | Verify that RSNE, MDE, and FTE have valid information in FT Reassociation Response frames. In addition, decrypt GTK, IGTK, and BIGTK from the frame. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Validate FT elements in Reassociation Request frameJouni Malinen2020-05-232-4/+180
| | | | | | | Verify that RSNE, MDE, and FTE have valid information in FT Reassociation Request frames. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Store PMK-R1 in STA entryJouni Malinen2020-05-233-27/+24
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Store PMK-R0 length explicitlyJouni Malinen2020-05-233-10/+17
| | | | | | PMK-R0 is not of fixed length, so store its length explicitly. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Handle FT over-the-DS association state update cleanlyJouni Malinen2020-05-232-3/+5
| | | | | | | | | It is expected for the STA entry on the target AP to move directly from State 1 to State 3 when performing FT over-the-DS (i.e., FT Action Request/Response frame exchange through the old AP followed by Reassociation Request/Response frame exchange with the target AP). Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Do not include rt library for OS X buildsJouni Malinen2020-04-051-0/+4
| | | | | | | That is not needed or available by default, so simply drop it from the build. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Link without libwlantestJouni Malinen2020-04-051-26/+9
| | | | | | | | The ar operations with embedded libraries were not exactly portable or strictly speaking necessary. Drop that library completely to make this more portable. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Comment out Linux packet socket from OS X buildJouni Malinen2020-04-051-0/+24
| | | | | | | For now, allow wlantest to be built on OS X without support for live sniffer capturing. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Comment out ICMP processing from OS X buildsJouni Malinen2020-04-051-0/+6
| | | | | | For now, allow this to be compiled without ICMP support. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Use BSD compatible UDP header structJouni Malinen2020-04-051-3/+3
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Add frame number fo replay detected messagesJouni Malinen2020-04-031-4/+4
| | | | | | This makes it easier to find the relevant frames. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Remove duplicate PN/RSC prints from replay casesJouni Malinen2020-04-031-4/+0
| | | | | | | | The PN and RSC are already printed in the "replay detected" debug message so there is no point in having separate hexdumps of the same values immediately after that. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Add debug print with frame number for decryption failuresJouni Malinen2020-04-031-3/+14
| | | | | | | This makes it more convenient to find the frames that could not be decrypted. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Do not report decryption failures for WEP keys if no keysJouni Malinen2020-04-031-2/+3
| | | | | | | If no WEP keys are available, there is not going to be an attempt to decrypt the frame, so don't claim decryption failed. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Update PTK after rekeying even if EAPOL-Key msg 4/4 is missingJouni Malinen2020-04-011-12/+39
| | | | | | | | | Update TPTK to PTK if a valid EAPOL-Key msg 2/4 and 3/4 are available, but 4/4 is missing. This avoids certain cases where the new TK could be derived, but it was not being used to try to decrypt following encrypted frames. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* wlantest: Do not report decryption keys when checking only zero TKJouni Malinen2020-04-011-2/+4
| | | | | | | | | All the "Failed to decrypt frame" debug prints were confusing since those were not supposed to be shown unless there were one or more real TKs available. The recently added check for zero TK added these notes for that case which is not really correct, so get rid of them. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* wlantest: Check for zero TK even when the real PTK is not knownJouni Malinen2020-03-231-4/+19
| | | | | | | This makes it easier to analyze certain encryption issues. Also print out an error at the default INFO debug verbosity with the frame number. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* wlantest: Basic Extended Key ID supportAlexander Wetzel2020-03-153-5/+14
| | | | Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
* wlantest: Do not report PMF failure without BSS supporting PMFJouni Malinen2020-03-141-1/+2
| | | | | | | | | | Previously, missing CCMP protection on Robust Management frames was reported based on the STA having indicated MFPC=1. That is not accurate since the AP/BSS may have MFPC=0. Report this failure only if both the AP and STA have indicated MFPC=1, i.e., when PMF has been negotiated for the association. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Detect and report plaintext payload in protected framesJouni Malinen2020-03-143-0/+21
| | | | Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Try to decrypt frame with zero TKJouni Malinen2020-02-281-21/+48
| | | | | | | If none of the known PTKs have a working TK, check whether an encrypted frame is encrypted with all zeros TK. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Add more notes about decryption into pcapngJouni Malinen2020-02-271-16/+57
| | | | | | | Note the used TK/GTK and KeyID in frame notes when writing decrypted frames to a PCAPNG file. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Update BSS IEs based on EAPOL-Key msg 3/4Jouni Malinen2020-02-275-24/+49
| | | | | | | If no Beacon or Probe Response frame has been seen in the capture, use the IEs from EAPOL-Key msg 3/4 to set up BSS information. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Get STA IEs based on EAPOL-Key msg 2/4 before PTK derivationJouni Malinen2020-02-273-31/+31
| | | | | | | | | | | | | The previous implementation tried to update STA IE information based on EAPOL-Key msg 2/4 to be able to handle captures that do not include the (Re)Association Request frame. This was not sufficient (OSEN was not included) and was done too late (the parsed information is needed for PMK-to-PTK derivation). Move the IE update step to happen before trying to derive the PTK if no (Re)Association Request frame has been seen. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: BIGTK fetching and Beacon protection validationJouni Malinen2020-02-213-3/+132
| | | | | | | Fetch the BIGTK from EAPOL-Key msg 3/4 and use it to validate MME in Beacon frames when the AP uses Beacon protection. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* wlantest: Add PTK derivation support with SAE, OWE, DPPJouni Malinen2020-02-101-0/+4
| | | | | | | | | wlantest build did not define build options to determine key management values for SAE, OWE, and DPP. Add those and the needed SHA512 functions to be able to decrypt sniffer captures with PMK available from an external source. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* BSD: Use struct ip rather than struct iphdrRoy Marples2020-01-022-34/+35
| | | | | | | As we define __FAVOR_BSD use the BSD IP header. Compile tested on NetBSD, DragonFlyBSD, and Linux. Signed-off-by: Roy Marples <roy@marples.name>
* wlantest: Ethernet interface captureJouni Malinen2019-12-274-9/+20
| | | | | | | | Allow option (command line argument -e) to capture Ethernet headers instead of IEEE 802.11 so that wlantest can be used as a replacement for tcpdump/dumpcap for capturing. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Process VLAN tagged Data framesJouni Malinen2019-09-201-0/+27
| | | | | | | This allows Data frames to be fully processed for the case where VLAN tags are used on the wireless link. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
* Remove CONFIG_IEEE80211W build parameterJouni Malinen2019-09-081-1/+0
| | | | | | | | | Hardcode this to be defined and remove the separate build options for PMF since this functionality is needed with large number of newer protocol extensions and is also something that should be enabled in all WPA2/WPA3 networks. Signed-off-by: Jouni Malinen <j@w1.fi>
* wlantest: Derive PMK-R1 and PTK for FT protocol casesJouni Malinen2019-08-223-10/+234
| | | | | | | | Track PMK-R0/PMK-R0-Name from the initial mobility domain association and derive PMK-R1/PTK when the station uses FT protocol. This allows frames from additional roaming cases to be decrypted. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>