Commit Graph

164 Commits

Author SHA1 Message Date
gauri patankar
929a1f8549 wpa_supplicant: Update security patches from upstream
1. Adding security patch for SAE side channel attacks
2. Adding confirm message validation in error cases
3. Adding y coordinate for PWE in SAE
2022-10-17 18:03:33 +05:30
gauri patankar
a01a64f02c wpa_supplicant: Move SAE modules into dragonfly files 2022-10-17 18:01:24 +05:30
muhaidong
6cf2fc39ce wpa_supplicant: try install gtk before send group key handshake message 2 2022-09-17 18:29:20 +08:00
Gauri Patankar
e055f5ced7 esp_wifi: WPA3 SAE H2E support for station
Mandate sta threshold wpa3 for ssid after receiving transition disable bit from AP
2022-08-19 15:09:14 +05:30
Kapil Gupta
487ef592a2 esp_wifi: Clear old keys before going for new connection 2022-08-05 15:35:44 +08:00
Kapil Gupta
dc386c71b1 wpa_supplicant: Unicast key renew in TKIP mic failure
Currently we always request group key renew for during
TKIP mic failure. Add support for unicast/multicast
key renew as per packet.
2022-08-03 14:55:56 +05:30
Kapil Gupta
77661ba436 esp_wifi: Add APIs to check BTM and RRM support of connected AP 2022-08-03 11:35:44 +05:30
Kapil Gupta
3e789d4ed4 esp_wifi: Changes to not use pmkid caching when SSID is changed 2022-08-03 11:26:40 +05:30
Kapil Gupta
eb448172e9 wpa_supplicant: Fix issues reported by coverity 2022-08-03 11:26:31 +05:30
Jiang Jiang Jian
1970d887a3 Merge branch 'bugfix/do_not_allow_unauthenticated_encrypted_key_data_release_v4.3' into 'release/v4.3'
esp_wifi: Ignore unauthenticated encrypted EAPOL-Key data and fix

See merge request espressif/esp-idf!18315
2022-07-11 16:33:30 +08:00
Hrudaynath Dhabe
7af06705d3 esp_wifi: Ignore unauthenticated encrypted EAPOL-Key data and fix handling of key RSC.
Closes https://github.com/espressif/esp-idf/issues/8401
2022-07-10 08:00:24 +00:00
chenjianxing
b4d3ed9f10 esp_wifi: Refactor key install code 2022-06-21 11:23:46 +08:00
Hrudaynath Dhabe
7ccd26eeaf esp_wifi: Fix the negotiation of method with eap server. 2022-06-14 12:34:18 +00:00
Jack
ffd68203f6 fix build error 2022-04-22 21:52:42 +08:00
Jack
81d1226f53 ESP_WIFI: Remove static analysis warnings 2022-04-22 17:17:48 +08:00
Kapil Gupta
6d3dc2e616 wpa_supplicant: Remove scan done event in task 2022-04-22 02:40:15 +00:00
Kapil Gupta
8ef2842074 wpa_supplicant: static analysis fixes 2022-04-22 02:40:15 +00:00
Kapil Gupta
bf4f9b9e41 wpa_supplicant: Add BTM security checks 2022-04-22 02:40:15 +00:00
Kapil Gupta
b1f7ad6983 esp_example: Enable MbedTLS for DPP enrollee by default 2022-04-22 02:40:15 +00:00
Kapil Gupta
fdbb3da1b4 wpa_supplicant: Correct task deletion for RRM and DPP tasks
Closes https://github.com/espressif/esp-idf/issues/7409
2022-04-22 02:40:15 +00:00
Nachiket Kukade
6fd6a8b40b esp_wifi: Always connect Station in PMF mode if possible
While using esp_wifi_set_config, flag pmf_capable defaults to 0.
Users may not bother to enable it, which prevents connection to a
WPA3 AP. Or the AP may reset into WPA3 mode failing the re-connection.
To ensure better security, deprecate the pmf_capable flag and set it to
true internally.
2022-03-10 17:16:32 +05:30
Jiang Jiang Jian
ad2238d7fb Merge branch 'bugfix/eap_client_crash_v4.3' into 'release/v4.3'
wpa_supplicant: Fix memory corruption (v4.3)

See merge request espressif/esp-idf!17129
2022-02-16 04:03:49 +00:00
Kapil Gupta
7df150b3de wpa_supplicant: Fix invalid memory dereference 2022-02-12 10:32:53 +05:30
Kapil Gupta
b19424d67e wpa_supplicant: Scan resumption in PBC mode 2022-02-08 17:16:29 +05:30
Laukik Hase
46388a0741 wpa_supplicant: Saved message-type digest used in handshake for PRF operations 2022-02-02 11:00:32 +05:30
aditi_lonkar
aa044f4a63 esp_wifi: Fixes memory leak in wpa3 connection. 2022-01-26 17:33:20 +08:00
Hrudaynath Dhabe
e8196c0ff2 esp_wifi: Add support for EAP-FAST authentication method 2022-01-24 14:24:14 +08:00
Jiang Jiang Jian
25c047d2fa Merge branch 'bugfix/wpa_supplicant_logs_release_v4.3' into 'release/v4.3'
esp_wifi: Change the verbosity of wpa_supplicant logs. (Backport v4.3)

See merge request espressif/esp-idf!16348
2021-12-22 13:32:58 +00:00
Jiang Jiang Jian
39ab27d0cf Merge branch 'bugfix/wps_fixes_v4.3' into 'release/v4.3'
wpa_supplicant: Add WPS Fixes (backport V4.3)

See merge request espressif/esp-idf!16151
2021-12-22 12:20:46 +00:00
Kapil Gupta
92331a8c62 wpa_supplicant: Add WPS Fixes
Add following bugfixes

1. Station not able to connect when WPS pin is pressed first on AP.
2. PBC overlap getting detected for selected registrar PIN APs.
3. Station not considering authorised MACs for PIN method.
4. For PIN methodm If no AP is found, station will loop through
   APs in its vicinity and try to do WPS with them one by one till
   WPS timeout occurs. This is for some APs which do not set
   selected registrar correctly.
2021-12-20 22:02:53 +05:30
Hrudaynath Dhabe
d3b88a13e1 esp_wifi: Change the verbosity of wpa_supplicant logs. 2021-12-09 12:41:36 +05:30
Kapil Gupta
a63084ae3f esp_wifi: Remove scan done event for supplicant scans
Closes https://github.com/espressif/esp-idf/issues/7423
2021-11-22 14:48:32 +05:30
Kapil Gupta
9d174e7944 wpa_supplicant: Optimize BTM request scan 2021-11-22 14:45:58 +05:30
Kapil Gupta
e78d06beb2 wpa_supplicant: Update internal tls client with sha384/sha512 support
Add support for validating certificates with SHA384 and SHA512 hashes.
2021-10-28 11:07:05 +08:00
Kapil Gupta
d680db8ed3 esp_wifi: Fix interoperability issue with windows 2008 2021-10-28 11:07:05 +08:00
Kapil Gupta
c110c31957 Merge branch 'bugfix/eap_client_windows' into 'master'
wpa_supplicant: clean tls client state machine

Closes IDFGH-5702, IDFGH-5662, and IDFGH-119

Closes https://github.com/espressif/esp-idf/issues/7422
Closes https://github.com/espressif/esp-idf/issues/1297

See merge request espressif/esp-idf!14968

(cherry picked from commit e8360fe075)

d3a42d78 wpa_supplicant: clean tls client state machine
2021-09-01 19:17:53 +08:00
Axel Lin
af03dcb037 wpa_supplicant: Trivial typo fix for setting spp_sup.require
No functional change since both SPP_AMSDU_CAP_ENABLE and SPP_AMSDU_REQ_ENABLE
are defined as 1.

Signed-off-by: Axel Lin <axel.lin@gmail.com>
Signed-off-by: Sagar Bijwe <sagar@espressif.com>

Merges https://github.com/espressif/esp-idf/pull/7366
2021-08-11 16:43:35 +05:30
Axel Lin
3e1b174c53 esp_supplicant: Make esp_rrm_send_neighbor_rep_request return proper error
Current code always return 0 even though wpas_rrm_send_neighbor_rep_request()
fails. Return proper error so the caller can know what's wrong.

Signed-off-by: Axel Lin <axel.lin@gmail.com>
Signed-off-by: Sagar Bijwe <sagar@espressif.com>

Merges https://github.com/espressif/esp-idf/pull/7233
2021-08-11 16:43:23 +05:30
Axel Lin
c56aa5f34d wpa_supplicant: Fix clear WLAN_FC_STYPE_ACTION bit in esp_register_action_frame
It should clear WLAN_FC_STYPE_ACTION bit intead of WLAN_FC_STYPE_ACTION.

Signed-off-by: Axel Lin <axel.lin@gmail.com>
Signed-off-by: Sagar Bijwe <sagar@espressif.com>

Merges https://github.com/espressif/esp-idf/pull/7252
2021-08-11 16:41:21 +05:30
Axel Lin
30d6c8401c wpa_supplicant: Fix memory leak in esp_issue_scan error paths
Fix memory leak when allocate memory for params->ssid / params->bssid fails.

Fixes: 27101f9454 ("wpa_supplicant: Add initial roaming support")
Signed-off-by: Axel Lin <axel.lin@gmail.com>
Signed-off-by: Sagar Bijwe <sagar@espressif.com>

Merges https://github.com/espressif/esp-idf/pull/7240
2021-08-11 16:40:57 +05:30
Kapil Gupta
69a48e431e wpa_supplicant: Fix some issues in 11kv
1. RRM capability addition for open AP
2. Crash during scan flush
3. Station not able to connect if disassoc timer is present in BTM request
4. Memory leaks during wifi init/deinit.
2021-07-02 10:28:57 +05:30
Kapil Gupta
073b45a8aa wpa_supplicant: Fix crypto related bugs
1. Fix aes_unwrap functionality when hardware acceleration is disabled
2. Fix compilation errors when mbedTLS is disabled.
3. Disable WPA3 when mbedTLS is disabled.
2021-06-29 14:34:48 +08:00
kapil.gupta
ae35d70359 wpa_supplicant: Write Crypto API based on mbedtls
This commit add following crypto changes

1. Update current crypto code with upstream supplicant code
2. Add a proper porting layer to use mbedtls APIs for all the crypto
   operations used by supplicant.

Internal crypto will be used when USE_MBEDLTS flag is disabled
in supplicant's menuconfig.

This commit also removes the clutter in crypto files due to partial
porting of some APIs to mbedtls, all the code from those files have
been removed and rewritten in a generic way, this is inspired from
current upstream code.

This also reduces the lib size significantly, supplicant's lib
size reduces around ~567kb after this change(NB: lib size doesn't
indicate reduction in final bin size).
2021-06-29 14:34:48 +08:00
Kapil Gupta
2a09b9d91f wpa_supplicant: Add WPS strict in config option
WPS strict disables workarounds with different APs and may cause
IOT issues. Remove this as default and introduce as a config option.

Also add changes to declare esp device as single band mobile device since
WFA sniffer was not able to identify it in the certification setup.
2021-06-24 16:15:40 +08:00
Kapil Gupta
952e47d45d wpa_supplicant: Group key reinstallation fixes
This commit reverts previous commit for GTK reinstallation fix
and corrects original fix.
2021-04-23 13:45:13 +05:30
Kapil Gupta
47e4386953 wpa_supplicant: Prevent reinstallation of an already in-use group key 2021-04-21 11:41:34 +00:00
Marius Vikhammer
04df1f3a42 CI: enable example builds for C3
Enables building C3 examples in CI.

Fixes related warnings/errors and disables examples that cannot run.
2021-02-09 12:04:02 +08:00
Nachiket Kukade
f9ff3da5d4 wpa_supplicant: Fix error handling in DPP Action Rx
1. Fix error handling while receiving DPP Action frames
2. Update wifi lib to avoid forwarding Public action frames
   with NULL bss
2021-02-07 23:23:34 +08:00
Nachiket Kukade
76b2cb28d2 Add DPP Enrollee example
1. Add Example for DPP Enrollee
2. Use DPP Supplicant API's to setup connection
3. Add support for multiple channels in Bootstrapping
4. Add Unity testcase for testing Offchannel operations

Closes https://github.com/espressif/esp-idf/issues/5654
2021-01-25 13:26:33 +05:30
Nachiket Kukade
87205dc2f4 Add DPP Enrollee Support
1. Modify DPP Protocol modules for our purpose
2. Add DPP supplicant task and modules to handle DPP frames
3. Add DPP Public API's and definitions for DPP
2021-01-25 13:24:21 +05:30