| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
The WPA/RSN IE in EAPOL-Key 2/4 is more reliable than the one in
(Re)Association Request frame. Update the STA info base don the
EAPOL-Key frame so that the correct cipher information is used
even if the (Re)Association Request frame is missing or corrupted
in the capture.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
|
| |
|
|
|
|
|
| |
Remove the GPL notification text from the files that were
initially contributed by myself.
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
|
|
|
| |
This allows info_sta command to be used to fetch the last received GTK
separately for each STA.
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
|
|
|
| |
KEK from TPTK needs to be used instead of from PTK when processing
rekeying case similarly to what was already done with KCK.
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
|
|
|
|
| |
A text file with MSK/PMK entries (one key per line in hexdump format)
can be read into wlantest (-f<path to file>) to initialize list of
known PMKs.
Signed-hostap: Jouni Malinen <j@w1.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use a temporary PTK buffer during 4-way handshake when rekeying PTK
so that the new EAPOL-Key frame MIC values are checked against the
new PTK and frames are decrypted using the old PTK. Take the new
PTK into use once msg 4/4 is processed and clear RSC counters at
that point (including moving of RSC update to avoid setting RSC
based on the msg 4/4).
In addition, add a workaround to handle supplicant implementations that
set Secure bit to one during PTK rekeying 4-way handshake in msg 2/4.
This was previously assumed to be msg 4/4, but the key data contents
can be used to figure out whether this is msg 2/4 even if the Secure
bit is set to one.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
|
| |
|
|
|
|
|
|
|
| |
These can be useful in tests involving association state mismatch
between the AP and the STA (i.e., STA assumes it is still associated
but the AP does not have association state). In such a case, the AP
would be sending out unprotected Deauthentication or Disassociation
frames with reason code 6 or 7 depending on what frame is triggering
this.
|
| |
|
|
|
|
| |
The Timeout Interval element needs to use Association Comeback time
for the case when (Re)Association Response frame uses Status Code 30.
Verify this before incrementing the (re)assocresp_comeback counters.
|
| | |
|
| |
|
|
|
| |
This is needed to be able to find the correct TDLS entry for the
frame regardless of whether a FromDS or ToDS frame is being processed.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Need to be able to handle TDLS Setup Response frame with LinkId IE
when non-zero status code is used. In addition, allow finding of a
TDLS entry based on real BSSID instead of the one used in the LinkId
to allow negative testing of different BSS.
|
| |
|
|
|
| |
Check ICMP echo request/response matches for both STAs to get proper
counter values for a ping from a one STA to another one using TDLS.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
The TDLS link itself is bidirectional, but there is explicit
initiator/responder roles. Remove the other direction of the link if it
exists when processing TDLS Setup Confirm to make sure that the link
counters are stored for the current TDLS entery.
This is also changing the control interface search for TDLS counters
to require initiator/responder addresses in the correct order instead
of matching entries regardless of the role.
|
| | |
|
| |
|
|
| |
This will make the TDLS counters available even if setup fails.
|
| |
|
|
|
|
| |
Note unexpected WPA/RSN IE in AssocReq and ignore them if the last
Beacon/ProbeResp from the AP is not advertising support for
WPA/RSN.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
These can be used to check whether the STA is in power save mode
and because of that, is not seeing disconnection notifications.
|
| | |
|
| |
|
|
|
| |
These make it easier to find the frame in question when looking at
the capture in Wireshark.
|
| |
|
|
|
| |
This makes debug output clearer when re-reading a file that has
previously been processed and decrypted by wlantest.
|
| | |
|
| |
|
|
|
| |
This can be used to verify whether ping goes through between
clearing of the STA counters and the first (re)association.
|
| | |
|
| |
|
|
| |
The TDLS special case was supposed to apply to only Data frames.
|
| |
|
|
|
|
| |
The encryption code may write a full AES block to the end of the
buffer, so make sure the temporary buffer is long enough to fit that
data.
|
| | |
|
| | |
|
| |
|
|
|
| |
This condition is already checked above when figuring out whether a key
is known and as such, there is no point in keeping this check here.
|
| |
|
|
|
|
|
| |
The use of the pcap subdirectory seems to be limited to some of the
newer Linux distros only, so use the older paths to pcap.h and
pcap-bpf.h to make wlantest bit more easier to compile on older
systems.
|
| |
|
|
|
| |
These can be used to write automated test scripts for verifying
that TDLS STAs are using correct data path.
|
| | |
|
| |
|
|
|
|
| |
This can be used by external programs (e.g., wlantest_cli) to inject
raw frames (hex dump of the frame header and body). The data can be
requested to be sent as-is or protected with the current key.
|
| |
|
|
|
| |
Derive TPK based on TDLS TPK Handshake and decrypt frames on the
direct link with TPK-TK.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
This cleans up debug logs by avoiding incorrect entries on TKIP/CCMP
replays and some state changes.
|
| | |
|
