Commit Graph

167 Commits

Author SHA1 Message Date
Jack
be2779818b fix build error 2022-04-23 01:11:29 +08:00
Jack
fdf79ce300 ESP_WIFI: Remove static analysis warnings 2022-04-23 00:54:30 +08:00
Kapil Gupta
dc87416df0 wpa_supplicant: static analysis fixes 2022-04-23 00:33:34 +08:00
Kapil Gupta
a26b0dbaab wpa_supplicant: Add BTM security checks 2022-04-23 00:26:08 +08:00
Kapil Gupta
eec9d6db94 wpa_supplicant: Fix invalid memory dereference 2022-02-12 10:36:00 +05:30
Kapil Gupta
eb90d9bf18 wpa_supplicant: Add WPS Fixes
Add following bugfixes

1. Station not able to connect when WPS pin is pressed first on AP.
2. PBC overlap getting detected for selected registrar PIN APs.
3. Station not considering authorised MACs for PIN method.
4. For PIN methodm If no AP is found, station will loop through
   APs in its vicinity and try to do WPS with them one by one till
   WPS timeout occurs. This is for some APs which do not set
   selected registrar correctly.
2022-02-08 17:13:01 +05:30
aditi_lonkar
459674c444 esp_wifi: Fixed null pointer dereference 2022-01-14 15:00:52 +08:00
aditi_lonkar
0b98671385 esp_wifi: Fixes memory leak in wpa3 connection. 2021-12-28 11:37:23 +05:30
Jiang Jiang Jian
0c15051452 Merge branch 'bugfix/wpa_supplicant_logs_release_v4.2' into 'release/v4.2'
esp_wifi: Change the verbosity of wpa_supplicant logs. (Backport v4.2)

See merge request espressif/esp-idf!16347
2021-12-21 03:36:28 +00:00
nishanth.radja
69ca323a74 esp_wifi: Add support for EAP-FAST authentication method 2021-12-14 12:37:26 +05:30
Hrudaynath Dhabe
c3e66a4ba2 esp_wifi: Change the verbosity of wpa_supplicant logs. 2021-12-09 12:55:32 +05:30
Axel Lin
721fe216e7 wpa_supplicant: Fix wps_free_pins to remove all pins
Current code does not correctly free all pins in wps_free_pins due to the
semicolon at the end of dl_list_for_each_safe(). Fix it.

Signed-off-by: Axel Lin <axel.lin@gmail.com>
2021-12-03 14:35:55 +08:00
Kapil Gupta
345fe24460 wpa_supplicant: Add missing cflag for legacy makefile 2021-10-28 17:03:06 +05:30
Kapil Gupta
7c402bd790 wpa_supplicant: Update internal tls client with sha384/sha512 support 2021-10-28 17:02:51 +05:30
Kapil Gupta
73933d50e8 esp_wifi: Fix interoperability issue with windows 2008 2021-10-28 16:07:33 +08:00
Kapil Gupta
80a4d20462 Merge branch 'bugfix/eap_client_windows' into 'master'
wpa_supplicant: clean tls client state machine

Closes IDFGH-5702, IDFGH-5662, and IDFGH-119

Closes https://github.com/espressif/esp-idf/issues/7422
Closes https://github.com/espressif/esp-idf/issues/1297

See merge request espressif/esp-idf!14968

(cherry picked from commit e8360fe075)

d3a42d78 wpa_supplicant: clean tls client state machine
2021-09-01 19:16:31 +08:00
David Cermak
9b23491339 wpa_supplicant: Temporarily disable write-string warning
Since some assignment of a string literal to `char *` variables were
added and not caught by the CI.
2021-08-18 19:29:32 +08:00
Zim Kalinowski
87e9908506 Merge branch 'bugfix/fix_supplicant_log_v4.2' into 'release/v4.2'
wpa_supplicant: Fix compilation when debug prints are enabled

See merge request espressif/esp-idf!14227
2021-07-27 12:04:50 +00:00
aditi_lonkar
6f016def84 wpa_supplicant: Fix compilation when debug prints are enabled. 2021-07-26 09:38:21 +08:00
aditi_lonkar
71b9121c7d wpa_supplicant: Add WPS strict in config option
WPS strict disables workarounds with different APs and may cause
IOT issues. Remove this as default and introduce as a config option.

Also declare esp device as single band mobile device otherwise
WFA sniffer was not able to identify it in the certification setup.
2021-07-26 09:37:28 +08:00
Hrudaynath Dhabe
31d05a5072 wpa_supplicant: Group key reinstallation fixes
This commit reverts previous commit for GTK reinstallation fix
and corrects original fix.
2021-05-13 12:30:44 +08:00
aditi_lonkar
c9f2790474 wpa_supplicant: Fix some memory leak issues by coverity static analyzer. 2021-03-23 11:09:52 +05:30
xiehang
1ef10dc284 esp_wifi: Modify ESP_IF_WIFI_STA to WIFI_IF_STA 2021-03-22 09:09:58 +00:00
zhangyanjiao
3acd9861bf wpa_supplicant: Use WPA3 flag to reduce code size
Flag ESP32_WIFI_ENABLE_WPA3_SAE from Menuconfig is used to
control the stack size required by WPA3. Use the same flag
to compile out the WPA3 code and control the code size.
With this flag disabled code footprint reduces by about 7.7kB
in libwpa_supplicant.a
Update WiFi libs with added checks to cleanly handle disabling
of WPA3 callbacks.
2020-12-22 15:50:52 +08:00
kapil.gupta
33c296b78e wpa_supplicant: Replace internal RSA APIs by mbedtls APIs
Curretly wpa_supplicant uses internal APIs for RSA operations
which internally uses lots of big num operations.

Big num operations are CPU expensive and can take a lot of time
which can cause watchdog timer to tigger.

This can be optimize by using mbedtls APIs which uses
hardware blocks for big num operations.

To fix this, write new crypto_mbedtls-rsa.c which has APIs
similar to crypto_internal-rsa.c but uses mbedtls APIs.
2020-12-22 15:37:38 +08:00
kapil.gupta
9fce81f9af esp_wifi: Update WiFi lib
1. Fixes the issue when PMF packets are not sent after mode change.
2. Add support for 802.1x sha256 auth key mode
2020-12-14 14:51:52 +08:00
Nachiket Kukade
2343aab4da wpa_supplicant: Increase PMK Lifetime to a very high value
For WPA3 connection nearing PMK lifetime expiry, PMK Cache
needs a re-authentication or the cache will expire. After
current expiry of 12 hours Station ends up sending a deauth
to the AP. An SAE re-authentication also cannot occur without
a disconnection with current implementation. So increase the
PMK lifetime to 100 days for now.
2020-11-09 15:40:08 +05:30
Jiang Jiang Jian
a5c3bd3d04 Merge branch 'bugfix/wpa_supplicant_link_depth_v4.2' into 'release/v4.2'
wpa_supplicant: Fix failure to link under some circumstances (v4.2)

See merge request espressif/esp-idf!10976
2020-10-27 18:45:17 +08:00
Nachiket Kukade
c59eb27698 esp_wifi: Update wifi lib
1. Add STA checks during STA PMF operations
2. Fix WPA2-Ent issue with Open AP
3. Skip WPA-TKIP profile if PMF is required
4. Skip & clear Supplicant PMK Cache with mismatching AP config
2020-10-26 15:55:54 +08:00
Angus Gratton
5170ead2e6 wpa_supplicant: Fix failure to link under some circumstances
Depending on CMake internals, the wpa_supplicant library may need to be repeated
multiple times in the linker command line.

Closes https://github.com/espressif/esp-idf/issues/5641
2020-10-26 15:12:48 +11:00
kapil.gupta
379624de53 esp_wifi: Add WPS Reason code in all failures 2020-10-21 17:09:36 +05:30
Jiang Jiang Jian
c4f4e15cc7 Merge branch 'cherry-pick-4dcaa0e6-3' into 'release/v4.2'
wpa_supplicant: Deinit wpa2 states in wifi deinit(backport v4.2)

See merge request espressif/esp-idf!10163
2020-09-15 12:06:49 +08:00
Nachiket Kukade
d17e6a75e0 espnow/pmf: Implement ESPNOW + PMF Co-existance
H/W decryption of Mgmt frames was disabled for PMF and done through
S/W. If ESPNOW packets go through this path, it affects backward
compatibility since method of decrypting Mgmt packets is different in H/W.

To address PMF + ESPNOW Co-existance, CCMP decryption method is modified
for ESPNOW packets so that they can be decrypted correctly. Since Tx
of ESPNOW packets can still be done in H/W alongside PMF, no change
required in encryption method in S/W.

Co-Authored-By: Nachiket Kukade <nachiket.kukade@espressif.com>
Co-Authored-By: zhangyanjiao <zhangyanjiao@espressif.com>
Co-Authored-By: kapil.gupta <kapil.gupta@espressif.com>
2020-09-02 15:06:51 +08:00
Jiang Jiang Jian
e050feeb26 Merge branch 'bugfix/clean_wpa2_wifi_deinit' into 'master'
wpa_supplicant: Deinit wpa2 states in wifi deinit

See merge request espressif/esp-idf!10103

(cherry picked from commit 4dcaa0e6f4)

06bc7f1d wpa_supplicant: Deinit wpa2 states in wifi deinit
2020-08-26 16:55:04 +08:00
Nachiket Kukade
21dc9fcb5d wpa_supplicant: Fix WPA3 and WPA2 transition related failures
1. If Device is connected to AP in WPA3-PSK mode, AP switching
security to WPA2-PSK causes connection failures even after reset.
Fix is to not store WPA3's PMK in NVS for caching.

2. AP switching back to WPA3 causes even more connection failures.
This is due to device not clearing Supplicant level PMK Cache when
it is no longer valid. Fix is to clear the Cache when 4-way handshake
fails and to check Key Mgmt of Cache before using.

3. When AP switches from WPA3 to WPA2, device's PMF config in
Supplicant remains enabled. This may cause failures during
4-way handshake. So clear PMF config in when PMF is no longer used.
2020-08-10 09:05:48 +00:00
Jiang Jiang Jian
501ca00178 Merge branch 'feature/esp_tls_for_supplicant_v4.2' into 'release/v4.2'
wpa_supplicant: Support for mbedtls tls handshake(backport v4.2)

See merge request espressif/esp-idf!9821
2020-08-07 14:01:54 +08:00
Jiang Jiang Jian
33dab9d165 Merge branch 'bugfix/fix_softap_mode_wpa_memory_leak_issue_v4.2' into 'release/v4.2'
bugfix: fix softap mode wpa memory leak (backport v4.2)

See merge request espressif/esp-idf!9845
2020-07-31 16:45:38 +08:00
ronghulin
157ecfaf43 bugfix: fix softap mode wpa memory leak 2020-07-29 14:14:35 +08:00
Nachiket Kukade
3af4b51a5c Fix handling of multiple AP credentials in WPS
WPS can send multiple AP credentials, while existing implementation
will only use the first credentials which could be for the 5G band.
Fix this by passing these credentials to the App and attempting
to connect using each of those. Older Apps will remain compatible
without breaking WPS, but the issue will remain.
2020-07-27 21:41:20 +08:00
kapil.gupta
ebd1bb9a12 wpa_supplicant: Fix IOT issue with latest freeradius
Fix inter operability issue with freeradius version 3.0.21
and openssl 1.1.1f when internal tls client is used which
requires extension elements in client hello.

closes https://github.com/espressif/esp-idf/issues/5273
closes https://github.com/espressif/esp-idf/issues/5627
2020-07-27 18:49:47 +05:30
kapil.gupta
89ef69cbd0 wpa_supplicant: Fix invalid pointer deference and memleak
Add following changes as part of this:

1. EAP client will crash during validation of key size when CA
certs and keys not present. Add changes to validate it first.
2. Free memory allocated in TLS context
2020-07-27 18:49:07 +05:30
kapil.gupta
4b7c8d4a2d wpa_supplicant: Support for mbedtls tls handshake
Add support for mbedtls based tls handshake, this removes
dependency from internal implementation of EAP client.
2020-07-27 18:47:27 +05:30
Angus Gratton
c69210c0f2 wpa_supplicant: Allow building with mbedTLS integration but no hardware MPI
Also disable the relevant function in bignum.h based on config, so fails at
compile not link time.

Closes https://github.com/espressif/esp-idf/issues/5321
2020-06-02 13:35:48 +10:00
Jiang Jiang Jian
af97a5abc3 Merge branch 'workaround/wps_iot_fixes' into 'master'
wpa_supplicant: WPS Inter operatability Fixes

See merge request espressif/esp-idf!8654
2020-05-20 11:32:34 +08:00
kapil.gupta
fb53a454b9 ESP-WIFI: Optimize 4way handshake failure time
In case of wrong passpharse, AP will keep on sending 1/4 multiple
times which may take around 10 secs to disconnect and detect
wrong password event.

Add changes to reject EAPOL1 after 3 consecutive reception
2020-05-19 16:55:42 +05:30
kapil.gupta
76335b2558 wpa_supplicant: WPS Inter operatability Fixes
Add WPS IOT fixes under config option

Current fixes under this flag.
1. Allow NULL-padded WPS attributes.
2. Bypass WPS-Config method validation
2020-05-19 08:05:52 +00:00
Nachiket Kukade
c643d0a611 wpa_supplicant: Allow NULL-padded WPS attributes
Some AP's keep NULL-padding at the end of some variable length WPS
Attributes. This is not as par the WPS2.0 specs, but to avoid interop
issues, ignore the padding by reducing the attribute length by 1.
2020-05-19 08:05:52 +00:00
Nachiket Kukade
b302b4bb43 wpa_supplicant: Fix memory leaks in WPA3 connection
1. Buffers for SAE messages are not freed after the handshake.
   This causes memory leak, free buffers after SAE handshake.
2. SAE global data is not freed until the next WPA3 connection
   takes place, holding up heap space without reason. Free this
   data after SAE handshake is complete or event fails.
3. Update wifi lib which includes memory leak fix during BIP
   encryption/decryption operations.
2020-05-13 22:54:03 +05:30
Nachiket Kukade
f36455052d wpa_supplicant: Fix formatting of file esp_wpa3.c
Replace tabs with spaces in esp_wpa3.c.
2020-05-13 22:54:03 +05:30
Jiang Jiang Jian
5f2be35525 Merge branch 'bugfix/supplicant_general_fixes' into 'master'
wpa_supplicant: Fix some memleaks and invalid memory access

Closes IDF-1335

See merge request espressif/esp-idf!8201
2020-05-12 11:03:14 +08:00