From 807291d85bf857320aff6a8ade38c5f622ab9df8 Mon Sep 17 00:00:00 2001 From: Dmitry Shmidt Date: Tue, 27 Jan 2015 13:40:23 -0800 Subject: Cumulative patch from commit 3f56a2b7460a57a2b68b48b936be134bf04aa36d (DO NOT MERGE) 3f56a2b Ignore pmf=1 default if driver does not support PMF fa38860 nl80211: Fix build with libnl 1.1 937403b Update copyright notices for the new year 2015 399e613 Add Suite B AKMs to key_mgmt capability list 5e3b519 Add Suite B 192-bit AKM 97ae35a Add HMAC-SHA384 98cd3d1 Preparations for variable length KCK and KEK 30bff1d Extend AES-CMAC routines to support 256-bit keys 86f9b1c nl80211: Fix default group key management index configuration b5f045d Show supported group_mgmt capabilities 893e152 Interworking: More debug messages f45bae5 Interworking: Add logging to track nai_realm_find_eap failures 5a5aab7 Interworking: Remove unnecessary NULL check 400de9b hostapd: Debug messages for dodgy RADIUS servers ad905e4 wpa_gui: Sort frequency and signal numerically in the scan results dialog c35e35e Add passive_scan configuration parameter bff162a P2P: Fix NULL pointer dereference with SD query cancellation 630b323 nl80211: Increase netlink receive buffer size Change-Id: I32d4bd934ad76e24c646e9925bb839b1ba2a148e Signed-off-by: Dmitry Shmidt --- src/drivers/driver.h | 9 +++++++-- src/drivers/driver_nl80211.c | 36 ++++++++++++++++++++++++++++++------ src/drivers/driver_nl80211_capa.c | 6 ++++-- 3 files changed, 41 insertions(+), 10 deletions(-) (limited to 'src/drivers') diff --git a/src/drivers/driver.h b/src/drivers/driver.h index b8a7c519..c9e860f8 100644 --- a/src/drivers/driver.h +++ b/src/drivers/driver.h @@ -1,6 +1,6 @@ /* * Driver interface definition - * Copyright (c) 2003-2014, Jouni Malinen + * Copyright (c) 2003-2015, Jouni Malinen * * This software may be distributed under the terms of the BSD license. * See README for more details. @@ -1072,6 +1072,8 @@ struct wpa_driver_capa { #define WPA_DRIVER_CAPA_KEY_MGMT_FT 0x00000020 #define WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK 0x00000040 #define WPA_DRIVER_CAPA_KEY_MGMT_WAPI_PSK 0x00000080 +#define WPA_DRIVER_CAPA_KEY_MGMT_SUITE_B 0x00000100 +#define WPA_DRIVER_CAPA_KEY_MGMT_SUITE_B_192 0x00000200 /** Bitfield of supported key management suites */ unsigned int key_mgmt; @@ -2859,14 +2861,17 @@ struct wpa_driver_ops { * set_rekey_info - Set rekey information * @priv: Private driver interface data * @kek: Current KEK + * @kek_len: KEK length in octets * @kck: Current KCK + * @kck_len: KCK length in octets * @replay_ctr: Current EAPOL-Key Replay Counter * * This optional function can be used to provide information for the * driver/firmware to process EAPOL-Key frames in Group Key Handshake * while the host (including wpa_supplicant) is sleeping. */ - void (*set_rekey_info)(void *priv, const u8 *kek, const u8 *kck, + void (*set_rekey_info)(void *priv, const u8 *kek, size_t kek_len, + const u8 *kck, size_t kck_len, const u8 *replay_ctr); /** diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c index 3ed98511..d681ea63 100644 --- a/src/drivers/driver_nl80211.c +++ b/src/drivers/driver_nl80211.c @@ -1,6 +1,6 @@ /* * Driver interaction with Linux nl80211/cfg80211 - * Copyright (c) 2002-2014, Jouni Malinen + * Copyright (c) 2002-2015, Jouni Malinen * Copyright (c) 2003-2004, Instant802 Networks, Inc. * Copyright (c) 2005-2006, Devicescape Software, Inc. * Copyright (c) 2007, Johannes Berg @@ -132,6 +132,22 @@ static void nl80211_register_eloop_read(struct nl_handle **handle, eloop_sock_handler handler, void *eloop_data) { +#ifdef CONFIG_LIBNL20 + /* + * libnl uses a pretty small buffer (32 kB that gets converted to 64 kB) + * by default. It is possible to hit that limit in some cases where + * operations are blocked, e.g., with a burst of Deauthentication frames + * to hostapd and STA entry deletion. Try to increase the buffer to make + * this less likely to occur. + */ + if (nl_socket_set_buffer_size(*handle, 262144, 0) < 0) { + wpa_printf(MSG_DEBUG, + "nl80211: Could not set nl_socket RX buffer size: %s", + strerror(errno)); + /* continue anyway with the default (smaller) buffer */ + } +#endif /* CONFIG_LIBNL20 */ + nl_socket_set_nonblocking(*handle); eloop_register_read_sock(nl_socket_get_fd(*handle), handler, eloop_data, *handle); @@ -2479,7 +2495,10 @@ static int wpa_driver_nl80211_set_key(const char *ifname, struct i802_bss *bss, msg = nl80211_ifindex_msg(drv, ifindex, 0, NL80211_CMD_SET_KEY); if (!msg || nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx) || - nla_put_flag(msg, alg == WPA_ALG_IGTK ? + nla_put_flag(msg, (alg == WPA_ALG_IGTK || + alg == WPA_ALG_BIP_GMAC_128 || + alg == WPA_ALG_BIP_GMAC_256 || + alg == WPA_ALG_BIP_CMAC_256) ? NL80211_ATTR_KEY_DEFAULT_MGMT : NL80211_ATTR_KEY_DEFAULT)) goto fail; @@ -4446,7 +4465,8 @@ static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv, params->key_mgmt_suite == WPA_KEY_MGMT_OSEN || params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || params->key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 || - params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B) { + params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || + params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) { int mgmt = WLAN_AKM_SUITE_PSK; switch (params->key_mgmt_suite) { @@ -4474,6 +4494,9 @@ static int nl80211_connect_common(struct wpa_driver_nl80211_data *drv, case WPA_KEY_MGMT_IEEE8021X_SUITE_B: mgmt = WLAN_AKM_SUITE_8021X_SUITE_B; break; + case WPA_KEY_MGMT_IEEE8021X_SUITE_B_192: + mgmt = WLAN_AKM_SUITE_8021X_SUITE_B_192; + break; case WPA_KEY_MGMT_PSK: default: mgmt = WLAN_AKM_SUITE_PSK; @@ -6764,7 +6787,8 @@ static int wpa_driver_nl80211_get_survey(void *priv, unsigned int freq) } -static void nl80211_set_rekey_info(void *priv, const u8 *kek, const u8 *kck, +static void nl80211_set_rekey_info(void *priv, const u8 *kek, size_t kek_len, + const u8 *kck, size_t kck_len, const u8 *replay_ctr) { struct i802_bss *bss = priv; @@ -6779,8 +6803,8 @@ static void nl80211_set_rekey_info(void *priv, const u8 *kek, const u8 *kck, wpa_printf(MSG_DEBUG, "nl80211: Set rekey offload"); if (!(msg = nl80211_bss_msg(bss, 0, NL80211_CMD_SET_REKEY_OFFLOAD)) || !(replay_nested = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA)) || - nla_put(msg, NL80211_REKEY_DATA_KEK, NL80211_KEK_LEN, kek) || - nla_put(msg, NL80211_REKEY_DATA_KCK, NL80211_KCK_LEN, kck) || + nla_put(msg, NL80211_REKEY_DATA_KEK, kek_len, kek) || + nla_put(msg, NL80211_REKEY_DATA_KCK, kck_len, kck) || nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR, NL80211_REPLAY_CTR_LEN, replay_ctr)) { nl80211_nlmsg_clear(msg); diff --git a/src/drivers/driver_nl80211_capa.c b/src/drivers/driver_nl80211_capa.c index 6e52bdef..36c8ce2b 100644 --- a/src/drivers/driver_nl80211_capa.c +++ b/src/drivers/driver_nl80211_capa.c @@ -1,6 +1,6 @@ /* * Driver interaction with Linux nl80211/cfg80211 - Capabilities - * Copyright (c) 2002-2014, Jouni Malinen + * Copyright (c) 2002-2015, Jouni Malinen * Copyright (c) 2007, Johannes Berg * Copyright (c) 2009-2010, Atheros Communications * @@ -791,7 +791,9 @@ int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv) drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA | WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK | WPA_DRIVER_CAPA_KEY_MGMT_WPA2 | - WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK; + WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK | + WPA_DRIVER_CAPA_KEY_MGMT_SUITE_B | + WPA_DRIVER_CAPA_KEY_MGMT_SUITE_B_192; drv->capa.auth = WPA_DRIVER_AUTH_OPEN | WPA_DRIVER_AUTH_SHARED | WPA_DRIVER_AUTH_LEAP; -- cgit v1.2.3