246 Commits

Author SHA1 Message Date
Jiang Jiang Jian
e8f2f5eceb Merge branch 'bugfix/multiple_btm_rrm_task_v43' into 'release/v4.3'
Fix race conditions in btm task deletion(v4.3)

See merge request espressif/esp-idf!24832
2023-07-18 10:49:43 +08:00
Jiang Jiang Jian
b4494e6a11 Merge branch 'bugfix/sae_crypto_optimization_esp32_v4.3' into 'release/v4.3'
esp_wifi: Optimize sae crypto operations for esp32 (v4.3)

See merge request espressif/esp-idf!24763
2023-07-17 14:58:49 +08:00
jgujarathi
8fa90c2234 fix(esp_wifi): Fix race conditions in btm task deletion.
Fix possible cases of multiple btm_rrm_t tasks due to possible race
condition during btm task deletion.
2023-07-17 10:27:04 +05:30
Kapil Gupta
b0e4888063 esp_wifi: Optimize sae crypto operations for esp32 2023-07-13 09:47:44 +05:30
jgujarathi
9451630000 fix(wpa_supplicant) : Fix occasional crash during btm roam.
Fix crash due to premature deallocation of neighbour report elements
by scan_done. Post event to btm_rrm_t task to handle scan_done serially
rather than when btm_rrm_t task is processing btm request rx frame.
2023-07-12 11:02:20 +05:30
Shreyas Sheth
5e60fb4fd4 esp_wifi: Install keys after eapol and NVS store security values
1. Bugfix store authmode security in NVS
2. Install keys after successful transmission of EAPOL 4/4 Message
2023-06-18 01:25:58 +05:30
Kapil Gupta
04e21b1af4 esp_wifi: Fix WPS issue for WPA3+WPA2 mode 2023-06-09 18:13:01 +05:30
jasta
cf14eb4a17 esp_dpp: Fix retry with esp_supp_dpp_start_listen after failure
This fixes a subtle bug in which ESP_ERR_DPP_TX_FAILURE errors would
call esp_supp_dpp_stop_listen which sets the s_dpp_stop_listening flag
to true.  Subsequent attempts to restart listening with
esp_supp_dpp_start_listen then only attempt to listen once more for
500ms before reading the s_dpp_stop_listening flag again and giving up.

This contributes greatly to #10615, but the fix here is still largely
a work-around as it sometimes requires manually retrying a couple times
before it works.  Without this fix, any number of retries by
deinit/init again will seemingly not work as the retries for currently
unknown reasons.

Signed-off-by: Shreyas Sheth <shreyas.sheth@espressif.com>

Closes https://github.com/espressif/esp-idf/pull/10865
2023-05-05 14:21:32 +05:30
jgujarathi
f87afae48d wpa_supplicant : Prevent h2e config overwrite
Current esp_wifi_get_config doesn't return correct value of h2e config which will cause h2e config to be overwritten in Station connected handler.

Add one preventative condition to take care of this.
2023-04-20 15:29:19 +05:30
Sarvesh Bodakhe
37a2cce163 esp_wifi: fix some wifi bugs
1. Move wpa_supplicant WIFI_EVENT_STA_CONNECTED and WIFI_EVENT_STA_DISCONNECTED event handlers into callbacks
2. Validate softAP interface when sending beacon frame
2023-04-20 15:29:11 +05:30
jgujarathi
cf3cf0470a wpa_supplicant : Add deinitialization of Enterprise config_methods.
Add deinitialization of config_methods as it prevents correct reinitialization
of sta in eap_peer_config_init() during reassoc.
2023-03-30 13:35:36 +00:00
jgujarathi
a09946e3c3 wpa_supplicant : Add support for unregistering wifi wpa3 callbacks.
Unregister wifi callbacks allows for disabling support for wpa3 functions when not required.
2023-03-30 13:35:36 +00:00
muhaidong
997af8de8a docs: update ftm docs 2023-02-09 15:07:37 +08:00
Shreyas Sheth
2cc790a69b esp_wifi: Add check for wps start state 2023-02-03 03:08:17 +00:00
Shreyas Sheth
b44da528db esp_wifi:Add wifi station config for enabling transition_disbale feature 2023-01-16 00:59:04 +05:30
Jiang Jiang Jian
28f66e58ee Merge branch 'bugfix/remove_sha384_hash_for_bigger_certs_v4.3' into 'release/v4.3'
esp_wifi: remove sha384 hash for cert size > 2k (v4.3)

See merge request espressif/esp-idf!21965
2023-01-10 22:42:21 +08:00
Jiang Jiang Jian
80dd246b14 Merge branch 'bugfix/sae_auth_and_pmk_issues_v4.3' into 'release/v4.3'
Fix SAE open auth and PMK issues (Backport v4.3)

See merge request espressif/esp-idf!21920
2023-01-10 19:03:10 +08:00
Kapil Gupta
21310654c7 Removed sha384 hash for certs > 2k 2023-01-09 15:58:23 +05:30
Shyamal Khachane
18052cc0fc wpa_supplicant: Set PMK from PMKSA incase of caching 2023-01-09 09:58:54 +05:30
Shyamal Khachane
ce6bcb3868 esp_wifi: Fix open auth issue after commit message exchange 2023-01-09 09:58:54 +05:30
Shreyas Sheth
c78324e407 wpa_supplicant: set cipher key_len for AES 128 CMAC 2023-01-06 14:59:03 +05:30
Shyamal Khachane
aa78c85a05 wpa_supplicant: Clear current pmksa before generating RSN IE
Also update wifi libs with below changes -
  - Fix reason codes for Invalid PMKID
  - Fix handling of Assoc Resp status codes for Station
2022-12-23 16:56:20 +05:30
Shyamal Khachane
37ce55cd3f wpa_supplicant: Fix PMK caching related regression
Fixed regression caused by commit c171f0f3
2022-12-19 19:11:37 +05:30
Shreyas Sheth
c171f0f39b wpa_supplicant:BDSA related patch updates 2022-12-16 16:14:06 +05:30
Kapil Gupta
6678e3fb8b esp_wifi: Add changes to skip SAE handshake during WPS connection 2022-12-15 12:35:26 +00:00
Kapil Gupta
9dfaf20508 esp_wifi: Flush PMK caching if bss akm has changed 2022-12-15 12:35:26 +00:00
Kapil Gupta
7c5b13f611 Correct SSID copy length during WPS scan 2022-12-15 12:35:26 +00:00
jgujarathi
d5b9fbac44 (wpa_supplicant) : Fixed a memory leak issue created when parsing scan results. 2022-11-23 10:07:01 +05:30
Shreyas Sheth
7e8cca6c2f esp_wifi: Bugfix WPA Enterprise Reauthentication issue 2022-11-14 11:12:58 +05:30
gauri patankar
929a1f8549 wpa_supplicant: Update security patches from upstream
1. Adding security patch for SAE side channel attacks
2. Adding confirm message validation in error cases
3. Adding y coordinate for PWE in SAE
2022-10-17 18:03:33 +05:30
gauri patankar
a01a64f02c wpa_supplicant: Move SAE modules into dragonfly files 2022-10-17 18:01:24 +05:30
muhaidong
6cf2fc39ce wpa_supplicant: try install gtk before send group key handshake message 2 2022-09-17 18:29:20 +08:00
Gauri Patankar
e055f5ced7 esp_wifi: WPA3 SAE H2E support for station
Mandate sta threshold wpa3 for ssid after receiving transition disable bit from AP
2022-08-19 15:09:14 +05:30
Kapil Gupta
487ef592a2 esp_wifi: Clear old keys before going for new connection 2022-08-05 15:35:44 +08:00
Kapil Gupta
dc386c71b1 wpa_supplicant: Unicast key renew in TKIP mic failure
Currently we always request group key renew for during
TKIP mic failure. Add support for unicast/multicast
key renew as per packet.
2022-08-03 14:55:56 +05:30
Kapil Gupta
77661ba436 esp_wifi: Add APIs to check BTM and RRM support of connected AP 2022-08-03 11:35:44 +05:30
Kapil Gupta
3e789d4ed4 esp_wifi: Changes to not use pmkid caching when SSID is changed 2022-08-03 11:26:40 +05:30
Kapil Gupta
eb448172e9 wpa_supplicant: Fix issues reported by coverity 2022-08-03 11:26:31 +05:30
Jiang Jiang Jian
1970d887a3 Merge branch 'bugfix/do_not_allow_unauthenticated_encrypted_key_data_release_v4.3' into 'release/v4.3'
esp_wifi: Ignore unauthenticated encrypted EAPOL-Key data and fix

See merge request espressif/esp-idf!18315
2022-07-11 16:33:30 +08:00
Hrudaynath Dhabe
7af06705d3 esp_wifi: Ignore unauthenticated encrypted EAPOL-Key data and fix handling of key RSC.
Closes https://github.com/espressif/esp-idf/issues/8401
2022-07-10 08:00:24 +00:00
chenjianxing
b4d3ed9f10 esp_wifi: Refactor key install code 2022-06-21 11:23:46 +08:00
Hrudaynath Dhabe
7ccd26eeaf esp_wifi: Fix the negotiation of method with eap server. 2022-06-14 12:34:18 +00:00
Jack
ffd68203f6 fix build error 2022-04-22 21:52:42 +08:00
Jack
81d1226f53 ESP_WIFI: Remove static analysis warnings 2022-04-22 17:17:48 +08:00
Kapil Gupta
6d3dc2e616 wpa_supplicant: Remove scan done event in task 2022-04-22 02:40:15 +00:00
Kapil Gupta
8ef2842074 wpa_supplicant: static analysis fixes 2022-04-22 02:40:15 +00:00
Kapil Gupta
bf4f9b9e41 wpa_supplicant: Add BTM security checks 2022-04-22 02:40:15 +00:00
Kapil Gupta
b1f7ad6983 esp_example: Enable MbedTLS for DPP enrollee by default 2022-04-22 02:40:15 +00:00
Kapil Gupta
fdbb3da1b4 wpa_supplicant: Correct task deletion for RRM and DPP tasks
Closes https://github.com/espressif/esp-idf/issues/7409
2022-04-22 02:40:15 +00:00
Nachiket Kukade
6fd6a8b40b esp_wifi: Always connect Station in PMF mode if possible
While using esp_wifi_set_config, flag pmf_capable defaults to 0.
Users may not bother to enable it, which prevents connection to a
WPA3 AP. Or the AP may reset into WPA3 mode failing the re-connection.
To ensure better security, deprecate the pmf_capable flag and set it to
true internally.
2022-03-10 17:16:32 +05:30