From patchwork Wed Nov 2 22:51:06 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13029111 Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com [209.85.210.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F2FAD2772F for ; Wed, 2 Nov 2022 22:51:34 +0000 (UTC) Received: by mail-pf1-f179.google.com with SMTP id k22so43359pfd.3 for ; Wed, 02 Nov 2022 15:51:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=M4Yp6AA1FXvkE6qMPo7pF3xcKK+LRYMCI/7aXmF7FFw=; b=phWEBdGHj6eyO7Ia/EqNfrlmmhC+eNu7/+LDPV/c6dEZf3bmUuYVz0SHOkq6JJ9YZd GHrZSQ5oThppvzLEJTv1CTN2ELTNBAMOpqUajSHULQfSkUaJoiudyBgCxRW726QAg8g9 gW9OGdv/Z6prBjfGo6U35FzF38hLvvtfJmZrxbc4zMt+s41Iz5bj8v5Ar5FPrP+Wmkzf uI6isk3KnC5mubKuRS13X+zr/TPUmZ2Du35Ql/BnNGBeMtRN1IR94p49Iq739VGa8zTL QRVIaE00V0gxwRmKUAWxRJWN8FeNj8JDOVC+xEUkNnaC3ILgmHQuELc3PJ3yDdZjh4NU gsig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=M4Yp6AA1FXvkE6qMPo7pF3xcKK+LRYMCI/7aXmF7FFw=; b=C4Di8e3UvtTbotpphAvrcUfhhhRSX/w+JVTqewbSj3e/BZLhggDWawjWocZzNWl4mY wStiotRnX4UAHtWSdKNT0/cBWpdU+pexp1IqpYe1Jq1v3+wFK0aPaZt+BfxJSIVxRqnF uHMjQe/ldRnG4P00xg/7fN6+2JO/7c2uHYkWKqeBLv02YYvpQjihz17FMe8jHMC+xcpk aGumB56I5s2+ObG6C2r5ebuP3vyzibDchrOiFzHsTcDtN45l71TWwAJMkOKzQkk/zW0y yPpcOnBZCc1dPbIkQWLCvRzZ9sQJZI0t8Dzq1hh6rOmVmSWuiOD9OR2F6cQURQMih48s 5ZLQ== X-Gm-Message-State: ACrzQf2yJTICKmZM8iE3YH5MZss6XF25PmVgESPNHvMhZ/Td3ciy3wTE wJogAw1UCefPaLnjlwfmfKd3CZJWv8o= X-Google-Smtp-Source: AMsMyM6hCcWGbHVjzM0g2Q8Yi1c+4NHtKFsvdP+3/+I/4+Ut+l/0AF4d+/1TXvkOBUr3FU1nyd1/rA== X-Received: by 2002:a63:fd4f:0:b0:45f:d7ef:9f94 with SMTP id m15-20020a63fd4f000000b0045fd7ef9f94mr23947910pgj.137.1667429493784; Wed, 02 Nov 2022 15:51:33 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id e18-20020a17090301d200b00186b945c0d1sm8920377plh.2.2022.11.02.15.51.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 15:51:32 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v3 01/11] wiphy: add wiphy_get_supported_ciphers Date: Wed, 2 Nov 2022 15:51:06 -0700 Message-Id: <20221102225116.297129-1-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Similar to wiphy_select_cipher but returns all supported ciphers included in the mask rather than just one. --- src/wiphy.c | 5 +++++ src/wiphy.h | 2 ++ 2 files changed, 7 insertions(+) diff --git a/src/wiphy.c b/src/wiphy.c index bb83f814..10514572 100644 --- a/src/wiphy.c +++ b/src/wiphy.c @@ -180,6 +180,11 @@ enum ie_rsn_cipher_suite wiphy_select_cipher(struct wiphy *wiphy, uint16_t mask) return 0; } +uint16_t wiphy_get_supported_ciphers(struct wiphy *wiphy, uint16_t mask) +{ + return wiphy->supported_ciphers & mask; +} + static bool wiphy_can_connect_sae(struct wiphy *wiphy) { /* diff --git a/src/wiphy.h b/src/wiphy.h index 2c6bf86b..f8de7e0e 100644 --- a/src/wiphy.h +++ b/src/wiphy.h @@ -68,6 +68,8 @@ typedef void (*wiphy_destroy_func_t)(void *user_data); enum ie_rsn_cipher_suite wiphy_select_cipher(struct wiphy *wiphy, uint16_t mask); +uint16_t wiphy_get_supported_ciphers(struct wiphy *wiphy, uint16_t mask); + enum ie_rsn_akm_suite wiphy_select_akm(struct wiphy *wiphy, const struct scan_bss *bss, enum security security, From patchwork Wed Nov 2 22:51:07 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13029112 Received: from mail-pj1-f42.google.com (mail-pj1-f42.google.com [209.85.216.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4C2A02C9C for ; Wed, 2 Nov 2022 22:51:36 +0000 (UTC) Received: by mail-pj1-f42.google.com with SMTP id k5so10040868pjo.5 for ; Wed, 02 Nov 2022 15:51:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+SgPJKR2WAcaoWEQeb3b2tErOAn7cQvPlu0P7SL7rgc=; b=PPnnhroOTHdNaZ/sevSENSAVgV9LazrSjfs55uszNWs1fzzdVQrEIp7Btrzf+9/Ice TsvvCvO/x9FsldOvmuBK/UP8Asi9HB6LenY/RlszMniVSyeIypnFJmtfrg38RFEXxfAZ FsTFT3dhmxg+nDBn61v+Wqi3QyEkgRtAT7RZG2vpcqLHpPEUsUXqH80g5d3NkDFezjnZ U5J3pFp+M/Y6H7jEeCjU9UaVHqr0MRBj79LHB3rDBvPqzmfIgOZK32s4+xIm4iVTkOyU QGpqffuN3LSlQO4AIF2NpXkcZjZw/pPMy6IW5veyveORgkw44wz3q2MULLLyRbrQO+lP Y2cQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+SgPJKR2WAcaoWEQeb3b2tErOAn7cQvPlu0P7SL7rgc=; b=3jxkOGaLjb/6QK9sapCQpsc7FQN5fYmubqqwv7b5etR74nz1Zk4dyKvwNm5mb3+rsm cR+QYNbVhwNPJQv8A4M9KhVyS6/oYnG5EapEOx0ubyWi9yAzZ2di5G91AIW1ns6oE9KG k22rxN/A6hQwxDSHxPckJOmtTkiYibrmOWDzHiAzx/VZJ9KHR2nMDuXWYVhPgwH7izJP GZcknDfRjJSuJM/fD7+fIb1k+nl1bdZJxHLVMqw5XVoLFb1lH5UFU7WkFNPeF7LrKXs0 yXqT3ANsd/gYshMvq8ZS2A+uykGjbVQnz0COKNNhcd5DVM9C5YK23uyVDq8FvR0bWydK /rsA== X-Gm-Message-State: ACrzQf2VVAyzVNqEKDyTGXOUKr/g8VShnlOxq8nlmq1IWDGA6uRdTzKB hXE/4nHENb9bdOHRSot8j9LPy8Ybl5E= X-Google-Smtp-Source: AMsMyM4ktphEsVGqiIW3LZKwV8m/FgXzGySyWcMEuGI2JqdGDFokih/WySYBAjeb+4neL8SI9ADz6Q== X-Received: by 2002:a17:90b:3c8a:b0:213:e48a:3ac5 with SMTP id pv10-20020a17090b3c8a00b00213e48a3ac5mr18870392pjb.48.1667429495171; Wed, 02 Nov 2022 15:51:35 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id e18-20020a17090301d200b00186b945c0d1sm8920377plh.2.2022.11.02.15.51.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 15:51:34 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v3 02/11] ie: add group/pairwise lists of supported ciphers Date: Wed, 2 Nov 2022 15:51:07 -0700 Message-Id: <20221102225116.297129-2-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102225116.297129-1-prestwoj@gmail.com> References: <20221102225116.297129-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The validation of these ciphers for station is done when parsing the BSS RSNE but for AP mode there is no such validation and potentially any supported cipher could be chosen, even if its incompatible for the type of key. --- src/ie.h | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/src/ie.h b/src/ie.h index 53311854..c9a6c783 100644 --- a/src/ie.h +++ b/src/ie.h @@ -401,6 +401,25 @@ static inline bool IE_CIPHER_IS_GCMP_CCMP(uint32_t cipher_suite) IE_RSN_CIPHER_SUITE_GCMP_256); } +#define IE_GROUP_CIPHERS \ +( \ + IE_RSN_CIPHER_SUITE_TKIP | \ + IE_RSN_CIPHER_SUITE_CCMP | \ + IE_RSN_CIPHER_SUITE_GCMP | \ + IE_RSN_CIPHER_SUITE_GCMP_256 | \ + IE_RSN_CIPHER_SUITE_CCMP_256 \ +) + +/* + * Since WEP is unsupported we can just use the group cipher list with + * "Use group cipher" appended + */ +#define IE_PAIRWISE_CIPHERS \ +( \ + IE_GROUP_CIPHERS | \ + IE_RSN_CIPHER_SUITE_USE_GROUP_CIPHER \ +) + #define IE_LEN(ie) \ ((ie) ? (ie)[1] + 2 : 0) From patchwork Wed Nov 2 22:51:08 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13029113 Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B693E2C9C for ; Wed, 2 Nov 2022 22:51:37 +0000 (UTC) Received: by mail-pf1-f175.google.com with SMTP id 130so26427pfu.8 for ; Wed, 02 Nov 2022 15:51:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=9uN6+aYGj6k7V4g/DCgsKy3i7CqFuahfEM74X3Yf0Sc=; b=I0PBjgY0BfGjIfIkWT8AWdWyxZDOaFA5vYyON6e5jAp7Ro1p1aL1+XRnYmd44zd/rF GlJE4jgWrx6a09OJdI6n6nlziEm3MrstXCKjVeWSWRSByYP8tL5fcoHhyzHxMDM/C9fd tcKN+zwAx+IJHSfdDIRVFFBI5dE03y8yk3YYGRP68zbtE1CRo38qcWXjJ62DZ3c7xOpf dnIEANeugTfghjarrjGTdPqSysp8aDGuvEEsx1GuIHstO2XLE2bSepMmvSN0uT1LkXfG Kpme2wJbsKuf+jOOzd4XNXmQGK+RJ4k1C812/n2VOxRXp9lzLULmjsKtlIXqRK72vVaJ VPwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=9uN6+aYGj6k7V4g/DCgsKy3i7CqFuahfEM74X3Yf0Sc=; b=CYsdRk98KR8MEfQgdMgNbwFGWtHyAr1q8x1vA5Q1uZdlvomnTCmIe3CoKaME4cpELj aO7JG+rkvhoCn7jKG+7a/7U86QgIXsuKd+4MvMg8vn879yX9JgT1KZ1Y0KGVJUcg6K/T Z8hSCntEzjMMeDEXsckV+BscnZaE+nRMwnK410+aFLoiJnCmzF+xUreeNIiZQhpQEfEl +s2JzfgZAowkAb9jOd/OxzSi1HqDehpYsyMdskjkGh+4C549fHKsBj1bKidd/o1MN+m/ 1tsEvhrvr5sC2Xuhzm7tZawI7Fax/nX97J2H/b/+DTMHR2t7VjkWUO9Imrb/l8iR/lp7 qjZg== X-Gm-Message-State: ACrzQf3PylWn12uLWXY8S/bwrrDgudPM2TcjIFXWSpfbeikf35rCdRyP k9+Uv0yT6d8Ea+kFaXtzcvbGCLR4baE= X-Google-Smtp-Source: AMsMyM4KmazMbLPnL503yQscq/XHMDy0lD/Ug5j3Fuc70e6bvcRd+UWNC2ufvLUjSV+AaZPrd/cLLQ== X-Received: by 2002:a05:6a00:1822:b0:56b:f29d:cca1 with SMTP id y34-20020a056a00182200b0056bf29dcca1mr27724835pfa.65.1667429496504; Wed, 02 Nov 2022 15:51:36 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id e18-20020a17090301d200b00186b945c0d1sm8920377plh.2.2022.11.02.15.51.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 15:51:35 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v3 03/11] ap: add profile settings PairwiseCiphers/GroupCipher Date: Wed, 2 Nov 2022 15:51:08 -0700 Message-Id: <20221102225116.297129-3-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102225116.297129-1-prestwoj@gmail.com> References: <20221102225116.297129-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 These can now be optionally provided in an AP profile and provide a way to limit what ciphers can be chosen. This still is dependent on what the hardware supports. --- src/ap.c | 89 ++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 83 insertions(+), 6 deletions(-) diff --git a/src/ap.c b/src/ap.c index ba827728..44440191 100644 --- a/src/ap.c +++ b/src/ap.c @@ -3132,12 +3132,38 @@ static bool ap_load_psk(struct ap_state *ap, const struct l_settings *config) return true; } +/* + * Note: only PTK/GTK ciphers are supported here since this is all these are + * used for. + */ +static enum ie_rsn_cipher_suite ap_string_to_cipher(const char *str) +{ + if (!strcmp(str, "UseGroupCipher")) + return IE_RSN_CIPHER_SUITE_USE_GROUP_CIPHER; + else if (!strcmp(str, "TKIP")) + return IE_RSN_CIPHER_SUITE_TKIP; + else if (!strcmp(str, "CCMP-128") || !strcmp(str, "CCMP")) + return IE_RSN_CIPHER_SUITE_CCMP; + else if (!strcmp(str, "GCMP-128") || !strcmp(str, "GCMP")) + return IE_RSN_CIPHER_SUITE_GCMP; + else if (!strcmp(str, "GCMP-256")) + return IE_RSN_CIPHER_SUITE_GCMP_256; + else if (!strcmp(str, "CCMP-256")) + return IE_RSN_CIPHER_SUITE_CCMP_256; + else + return 0; +} + static int ap_load_config(struct ap_state *ap, const struct l_settings *config, bool *out_cck_rates) { + struct wiphy *wiphy = netdev_get_wiphy(ap->netdev); size_t len; L_AUTO_FREE_VAR(char *, strval) = NULL; + _auto_(l_strv_free) char **ciphers_str = NULL; + uint16_t cipher_mask; int err; + int i; strval = l_settings_get_string(config, "General", "SSID"); if (L_WARN_ON(!strval)) @@ -3212,6 +3238,8 @@ static int ap_load_config(struct ap_state *ap, const struct l_settings *config, l_error("AP [WSC].PrimaryDeviceType format unknown"); return -EINVAL; } + + l_free(l_steal_ptr(strval)); } else { /* Make ourselves a WFA standard PC by default */ ap->wsc_primary_device_type.category = 1; @@ -3260,6 +3288,61 @@ static int ap_load_config(struct ap_state *ap, const struct l_settings *config, } else *out_cck_rates = true; + cipher_mask = wiphy_get_supported_ciphers(wiphy, IE_GROUP_CIPHERS); + + /* If the config sets a group cipher use that directly */ + strval = l_settings_get_string(config, "Security", "GroupCipher"); + if (strval) { + enum ie_rsn_cipher_suite cipher = ap_string_to_cipher(strval); + + if (!cipher || !(cipher & cipher_mask)) { + l_error("Unsupported or unknown group cipher %s", + strval); + return -ENOTSUP; + } + + ap->group_cipher = cipher; + l_free(l_steal_ptr(strval)); + } else { + /* No config override, use CCMP (or TKIP if not supported) */ + if (cipher_mask & IE_RSN_CIPHER_SUITE_CCMP) + ap->group_cipher = IE_RSN_CIPHER_SUITE_CCMP; + else + ap->group_cipher = IE_RSN_CIPHER_SUITE_TKIP; + } + + cipher_mask = wiphy_get_supported_ciphers(wiphy, IE_PAIRWISE_CIPHERS); + + ciphers_str = l_settings_get_string_list(config, "Security", + "PairwiseCiphers", ','); + for (i = 0; ciphers_str && ciphers_str[i]; i++) { + enum ie_rsn_cipher_suite cipher = + ap_string_to_cipher(ciphers_str[i]); + + /* + * Constrain list to only values in both supported ciphers and + * the cipher list provided. + */ + if (!cipher || !(cipher & cipher_mask)) { + l_error("Unsupported or unknown pairwise cipher %s", + ciphers_str[i]); + return -ENOTSUP; + } + + ap->ciphers |= cipher; + } + + if (!ap->ciphers) { + /* + * Default behavior if no ciphers are specified, disable TKIP + * for security if CCMP is available + */ + if (cipher_mask & IE_RSN_CIPHER_SUITE_CCMP) + cipher_mask &= ~IE_RSN_CIPHER_SUITE_TKIP; + + ap->ciphers = cipher_mask; + } + return 0; } @@ -3302,12 +3385,6 @@ struct ap_state *ap_start(struct netdev *netdev, struct l_settings *config, err = -EINVAL; - /* TODO: Add all ciphers supported by wiphy */ - ap->ciphers = wiphy_select_cipher(wiphy, IE_RSN_CIPHER_SUITE_TKIP | - IE_RSN_CIPHER_SUITE_CCMP); - ap->group_cipher = wiphy_select_cipher(wiphy, - IE_RSN_CIPHER_SUITE_TKIP | - IE_RSN_CIPHER_SUITE_CCMP); ap->beacon_interval = 100; ap->networks = l_queue_new(); From patchwork Wed Nov 2 22:51:09 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13029114 Received: from mail-pj1-f50.google.com (mail-pj1-f50.google.com [209.85.216.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 340932C9C for ; Wed, 2 Nov 2022 22:51:39 +0000 (UTC) Received: by mail-pj1-f50.google.com with SMTP id o7so14409672pjj.1 for ; Wed, 02 Nov 2022 15:51:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0GtnkU7i1pwS9SprIM+W5irvBVAzuS+FEN0PF4dXon4=; b=VPsKkbmwm7xIUfDOXy+0Yqf7M7GbqUTUa7+3DTnUpS7ppapHvXSU46Kr2g47Pj4Ng+ 9wmnIuaCi7OaA5SnyUf0+v5WFWWJauFRv/J/f/HspJwN03jVzTHlCEqrRgKiYezQS/qR 4y8oTTQde0yZg9RWBsNbnXIn1OsXgEIAaXb31UMehXHHnErtQ9be5MJDnqSHtku80i9T qS8dgOI3+Ydv7CPG4HTB9i84S4KBeP7Tt/UO2i3ysy2s9SKTediN4rKR9pYFXOZUYvs+ yGOkTYKPOA7ppbqUM5stQ5QDtOBn5XIqZ4nQd7A/YQc9sqyudPM5FIHcv7jbcZPPPMYv Iy1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0GtnkU7i1pwS9SprIM+W5irvBVAzuS+FEN0PF4dXon4=; b=SEPdHu0fwgNmOo8RyBTTeK45GNH1TYCrRf79mVdlwjkhqrwGcxFkCpc4gAyVQ/eW9s dbKnGkS+4Gn6BfqmZuG1Ob3IWyLylh8o4JMj3hyNLJ2Kp85U7eE3jegEm84TC16iv9Wj myY29TeXs05/DTsirh/a/xi2/LsfPcVnaiY/jyWXhybYUgH5Y6juNrIpfRZWx1j//HDl ukgFFDetF79CQNIpoR7cjg6aUxXYuSxExB2+939zkOV+XJMAegFHuOSogxW1xICRblb0 eQ4pSpn9Frc6w6AxC6OfRpl/Tzb9uslflzUXydJS9GtkU2LBYeQBtkIkE6hYWBxRAVFy DH2g== X-Gm-Message-State: ACrzQf2chr9fcNEIb4JzUwdh9hkTbSjPNsx4ehyKKVUIx2+sN8bjhsSB FPXCG1q0+xWpSA+r+owSXr2YgXXCrL8= X-Google-Smtp-Source: AMsMyM7ybzc4P1BWh5osoDtag0/C7QJ1405jX7+RBP3t0lhUoSSzdkpEdBOKv3D9r4Kjzz+16cR2Tw== X-Received: by 2002:a17:903:4ca:b0:179:d21f:f04b with SMTP id jm10-20020a17090304ca00b00179d21ff04bmr27180989plb.7.1667429498027; Wed, 02 Nov 2022 15:51:38 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id e18-20020a17090301d200b00186b945c0d1sm8920377plh.2.2022.11.02.15.51.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 15:51:36 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v3 04/11] p2p: limit ciphers to CCMP Date: Wed, 2 Nov 2022 15:51:09 -0700 Message-Id: <20221102225116.297129-4-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102225116.297129-1-prestwoj@gmail.com> References: <20221102225116.297129-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The limitation of cipher selection in ap.c was done so to allow p2p to work. Now with the ability to specify ciphers in the AP config put the burden on p2p to limit ciphers as it needs which is only CCMP according to the spec. --- src/p2p.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/p2p.c b/src/p2p.c index cfd8560a..5d96e682 100644 --- a/src/p2p.c +++ b/src/p2p.c @@ -1273,6 +1273,9 @@ static void p2p_group_start(struct p2p_device *dev) /* Enable netconfig, set maximum usable DHCP lease time */ l_settings_set_uint(config, "IPv4", "LeaseTime", 0x7fffffff); + l_settings_set_string(config, "Security", "PairwiseCiphers", "CCMP"); + l_settings_set_string(config, "Security", "GroupCipher", "CCMP"); + dev->capability.group_caps |= P2P_GROUP_CAP_GO; dev->capability.group_caps |= P2P_GROUP_CAP_GROUP_FORMATION; dev->capability.group_caps |= P2P_GROUP_CAP_IP_ALLOCATION; From patchwork Wed Nov 2 22:51:10 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13029115 Received: from mail-pl1-f180.google.com (mail-pl1-f180.google.com [209.85.214.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A297D2C9C for ; Wed, 2 Nov 2022 22:51:40 +0000 (UTC) Received: by mail-pl1-f180.google.com with SMTP id l2so212074pld.13 for ; Wed, 02 Nov 2022 15:51:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=EmqJE2bXbIJQtN26iYuRL/qRaWyyYJXjBFdvyK1zscQ=; b=KWixeBzAJLwaqjV1+egvFYBh9st0ihRi3xlK5mW25tlw80GYUf1eAmtnzteQ1LRSSZ V8Chzt2rH59jSv8KFryH0WIDHe569o6pfUeKAzT4ZpE5yBBSyEDMh9XV1X5TU/lsjKvA u75U3886VkBHRV+sIyxizmL8BdPsDyLqqqd446T/Fl6sCBRiE2zBcN5TqHSbd9fS2rPV wI79TkqKofMGQgT8D79TEAnLWoe4o8SUUZONBZUbqB/9ARe2AycrNurHmTVnImPmdPSr txooILWoOsLr9rUAFD7QU1xFH7vQZkjgHIyZoze3ZYCYR+lnNexjiy99rvBm2QKz4BJC X2kQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EmqJE2bXbIJQtN26iYuRL/qRaWyyYJXjBFdvyK1zscQ=; b=mvLATEXfi4A9gbBTeQCf4QAYqesWZ9bskDldvFNgY/M4b+3mzm0qEPHZpddcyrKZpV Mk9yV8jvavQMlPPwS9/XXCourHbw/7XyGeoPBAS9xxUHandg9cHd/q2BeLgsHOn5f+u5 xT/AGdYvNWEo2+pVjZjLs//USoTdEnsoomkskTiHeqWg87juOcusAQqNcujSlwjM7UWw 0fzT3RZXE8Iola4SiB7r4rpI9nN83ue5wLqXOKiUY/3B+OB3lG1Y2FWfqykbQ0aY6z6B uBA6+HsoF1rZVUEt1UMymhE30kNdoIEU/+VNdzg7rGdZXMzIKSmJAlctMn6c75iYJiJF z8iA== X-Gm-Message-State: ACrzQf1UdQuqnY7EqQOCDKh7l5IKW0jRB57juBawar06yIE8d8cPiEgQ NiSdzwUQcyG35DLUDn+cHAakMKe3i/8= X-Google-Smtp-Source: AMsMyM7CCGCH5og2wv134Z/Fs6EYtFaJaWzWWhbF0poMYogMeS2/hPT+UYCJ2JGhl4jWnuvEdL7XfQ== X-Received: by 2002:a17:903:11c3:b0:17a:e62:16e8 with SMTP id q3-20020a17090311c300b0017a0e6216e8mr27814219plh.137.1667429499399; Wed, 02 Nov 2022 15:51:39 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id e18-20020a17090301d200b00186b945c0d1sm8920377plh.2.2022.11.02.15.51.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 15:51:38 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v3 05/11] doc: document PairwiseCiphers/GroupCiphers AP settings Date: Wed, 2 Nov 2022 15:51:10 -0700 Message-Id: <20221102225116.297129-5-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102225116.297129-1-prestwoj@gmail.com> References: <20221102225116.297129-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- src/iwd.ap.rst | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/iwd.ap.rst b/src/iwd.ap.rst index 5fa23179..7b8844e7 100644 --- a/src/iwd.ap.rst +++ b/src/iwd.ap.rst @@ -82,6 +82,21 @@ configuration. Processed passphrase for this network in the form of a hex-encoded 32-byte pre-shared key. Either this or *Passphrase* must be present. + * - PairwiseCiphers + - Comma separated list of pairwise ciphers for the AP supports. + + Values can include: TKIP, CCMP, GCMP, GCMP-256, CCMP-256 + + The underlying hardware and IWD's AP implementation must also support the + ciphers listed + + * - GroupCipher + - Group cipher the AP uses + + A single cipher value the AP can use as the group cipher. Values are the + same as pairwise ciphers and the same restrictions apply (hardware and + IWD implementation must support the cipher) + IPv4 Network Configuration -------------------------- From patchwork Wed Nov 2 22:51:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13029116 Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C4C2F27731 for ; Wed, 2 Nov 2022 22:51:41 +0000 (UTC) Received: by mail-pf1-f175.google.com with SMTP id 130so26548pfu.8 for ; Wed, 02 Nov 2022 15:51:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=hbNujlfu+J3HoK4F5AleR1ZUeb6GBrDq4xd4MmX7zBY=; b=pRhJrGBSUDllABT2YoCd0unrWo+neSEIGolmKSH1V8S4xpaqfrVUSwhXlk2bAnTBpq JOB4Pmz/2ZH4j8f8tZGyQWy9SxV1DExPG2f9852mcKPoG/GKwoFV34jjpVtS6oYKQsCB LkOupr+T/BOLzyLnMY0I3sCc0mOC7lpNgwiEVDxftHs2z+FRKRwg7NmyCXPrNc1xVIP4 4XH790Lqg0mXDQzTr3Ula0oh9RKhDjqwDAUsu+a+MneWXOAnZXdqKzBAEiyvBu6n8SDJ rg7UR/EZCLC4uRcDR5D8MzHleYptTvYvN2KKiQAuZ8yKdIKFOnPxTZygbnCV8jZ6r5t+ 1F5A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hbNujlfu+J3HoK4F5AleR1ZUeb6GBrDq4xd4MmX7zBY=; b=4p2SYUbW5u1TBYfNMgxmVwIDHowgD/ZVRKLL0lhq8U5F9qrwRomC7fIEkqoVDhrk8y RbVpp9IWkXqC0Fkyz+1d4epntVHcDOJS8gpff0PWZKRIOx9Rk/LucVX7JSzCoEra1tTm B2DA9M/J0ZfOf9goPI7NvbzMrGyxJ4jKSPRVBSQfLQSV+KcMZqlccsVSS4QwayIGZN/W UHopMghkhJUAZlENqs6AnUM7tMDSxbPRqggB/MdYv2gz5rCIFTi5GIFuFuYWjYVzxXFw f4X6UkUe5yyoIi1Zs79NK3DczJyf+QQkq+N/AMRrXt64CM7NSF0vCUp5zAzIJSwfv8KA J07w== X-Gm-Message-State: ACrzQf3Zr7Bal9bNJuLS329T7ZzhfyCpR6c8YxnHDxItP0YWgFKD7Rez 5bKSfitHZCu+L4vD8LN5nrPJmK29n5s= X-Google-Smtp-Source: AMsMyM7UxcS72ObtBJHEe3Q2ggfNtu9T3nn/Q+0QbWDSmxGafwIdZZVGSDKblRkBFwIp0LU5aGIyvg== X-Received: by 2002:a63:c146:0:b0:46f:c9e8:777d with SMTP id p6-20020a63c146000000b0046fc9e8777dmr14872964pgi.459.1667429500781; Wed, 02 Nov 2022 15:51:40 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id e18-20020a17090301d200b00186b945c0d1sm8920377plh.2.2022.11.02.15.51.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 15:51:39 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v3 06/11] ap: add PairwiseCiphers/GroupCipher to dbus interface Date: Wed, 2 Nov 2022 15:51:11 -0700 Message-Id: <20221102225116.297129-6-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102225116.297129-1-prestwoj@gmail.com> References: <20221102225116.297129-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Expose these values on the DBus interface so clients can view them. --- src/ap.c | 73 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) diff --git a/src/ap.c b/src/ap.c index 44440191..33f2d1e4 100644 --- a/src/ap.c +++ b/src/ap.c @@ -3154,6 +3154,25 @@ static enum ie_rsn_cipher_suite ap_string_to_cipher(const char *str) return 0; } +static char *ap_ciphers_to_string(uint16_t ciphers) +{ + uint16_t i; + char **list = l_strv_new(); + char *ret; + + for (i = 0; i < 16; i++) { + if (!(ciphers & (1 << i))) + continue; + + list = l_strv_append(list, + ie_rsn_cipher_suite_to_string(1 << i)); + } + + ret = l_strjoinv(list, ','); + l_strv_free(list); + return ret; +} + static int ap_load_config(struct ap_state *ap, const struct l_settings *config, bool *out_cck_rates) { @@ -3690,6 +3709,12 @@ static void ap_if_event_func(enum ap_event_type type, const void *event_data, l_dbus_property_changed(dbus_get_bus(), netdev_get_path(ap_if->netdev), IWD_AP_INTERFACE, "Name"); + l_dbus_property_changed(dbus_get_bus(), + netdev_get_path(ap_if->netdev), + IWD_AP_INTERFACE, "PairwiseCiphers"); + l_dbus_property_changed(dbus_get_bus(), + netdev_get_path(ap_if->netdev), + IWD_AP_INTERFACE, "GroupCipher"); l_rtnl_set_linkmode_and_operstate(rtnl, netdev_get_ifindex(ap_if->netdev), @@ -3711,6 +3736,12 @@ static void ap_if_event_func(enum ap_event_type type, const void *event_data, l_dbus_property_changed(dbus_get_bus(), netdev_get_path(ap_if->netdev), IWD_AP_INTERFACE, "Frequency"); + l_dbus_property_changed(dbus_get_bus(), + netdev_get_path(ap_if->netdev), + IWD_AP_INTERFACE, "PairwiseCiphers"); + l_dbus_property_changed(dbus_get_bus(), + netdev_get_path(ap_if->netdev), + IWD_AP_INTERFACE, "GroupCipher"); l_rtnl_set_linkmode_and_operstate(rtnl, netdev_get_ifindex(ap_if->netdev), @@ -4061,6 +4092,44 @@ static bool ap_dbus_property_get_freq(struct l_dbus *dbus, return true; } +static bool ap_dbus_property_get_pairwise(struct l_dbus *dbus, + struct l_dbus_message *message, + struct l_dbus_message_builder *builder, + void *user_data) +{ + struct ap_if_data *ap_if = user_data; + char *list; + + if (!ap_if->ap || !ap_if->ap->started) + return false; + + list = ap_ciphers_to_string(ap_if->ap->ciphers); + + l_dbus_message_builder_append_basic(builder, 's', list); + l_free(list); + + return true; +} + +static bool ap_dbus_property_get_group(struct l_dbus *dbus, + struct l_dbus_message *message, + struct l_dbus_message_builder *builder, + void *user_data) +{ + struct ap_if_data *ap_if = user_data; + char *cipher; + + if (!ap_if->ap || !ap_if->ap->started) + return false; + + cipher = ap_ciphers_to_string(ap_if->ap->group_cipher); + + l_dbus_message_builder_append_basic(builder, 's', cipher); + l_free(cipher); + + return true; +} + static void ap_setup_interface(struct l_dbus_interface *interface) { l_dbus_interface_method(interface, "Start", 0, ap_dbus_start, "", @@ -4082,6 +4151,10 @@ static void ap_setup_interface(struct l_dbus_interface *interface) ap_dbus_property_get_scanning, NULL); l_dbus_interface_property(interface, "Frequency", 0, "u", ap_dbus_property_get_freq, NULL); + l_dbus_interface_property(interface, "PairwiseCiphers", 0, "s", + ap_dbus_property_get_pairwise, NULL); + l_dbus_interface_property(interface, "GroupCipher", 0, "s", + ap_dbus_property_get_group, NULL); } static void ap_destroy_interface(void *user_data) From patchwork Wed Nov 2 22:51:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13029117 Received: from mail-pg1-f177.google.com (mail-pg1-f177.google.com [209.85.215.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5BE162C9C for ; Wed, 2 Nov 2022 22:51:43 +0000 (UTC) Received: by mail-pg1-f177.google.com with SMTP id q1so102800pgl.11 for ; Wed, 02 Nov 2022 15:51:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=NeT2wjdacSrAI+WzryC6PfCCbE+OdWiuqpCt+53AIDE=; b=YeXTZsToxqBs1QHLpzIYy+s2dD+qYKss00gZJddkdIYGsvBrspJYNbmib2wp61kahU R+Kt4tpIqwpGtNyorGtXPOkR2K9/J18/i51D7ysJV45rDZ70vMxQaCEDfS03Gxkg4P9o X6WAjPmwmntbJXwbBXCgB5Gcl+RO0pQz5hygiDPwvvc9iuklPajM3jytFhfjSAFH7nwP d5YhHcVjRA2/c3dlBK/iGug+64RHMZPMW1ljpEWCbiFHwam+Tkyrstjvb3LgH3oJl0Bd 8Hszc9d4pjg6d+jSf/yAy/7wV1jS9nVJIa7TaUtz1qXJKckAG2MYZdIZTEc1hDiNWaJm EUFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NeT2wjdacSrAI+WzryC6PfCCbE+OdWiuqpCt+53AIDE=; b=JDTD70zIfglpkyyFD3ZDoNbjaO8/jNmZCDlSc8Rtw21y55BBJzsjmCgNNLiVIXQewl 37vAWXy89GZexMJ769aAz4l4tVdT7cH8FmWCmnh1edmXfA1r6RHznbcw17tND9uk99NK 7Ci4AFzRdYNpz773htYef+SjgGnJNR3x8ZfY3v0+8dRqJSbNBEWFLOo8ajPwcPp0k9U6 hnpaALKH9nKSEPWHtXPkzY/gBIeT5DfulCLoDzaT44xPYkIG8cyZeQOdcC8CBU9DChyl oSCNCQSpVImJn62Y/u/JJH/TJRW3gwPtZ1NpBGreb7o5aHbnqB/ff6TyqmtTb7onJr/w 0GMg== X-Gm-Message-State: ACrzQf2mUCj9kzUohDGtSNPSzYyYvcENhttRwasbHiwenbvMVM++P8A8 t9c3KnpgBiJl/HU3Zs40+81JqLbLFs4= X-Google-Smtp-Source: AMsMyM4Ai0RCXXic/grxSRzuqb90BpifWlBVMkSu/rr6WHA6iGDVvxcICZF14F/PCxk+HQM+ImIrOw== X-Received: by 2002:a05:6a00:8cb:b0:52c:6962:2782 with SMTP id s11-20020a056a0008cb00b0052c69622782mr27098456pfu.81.1667429502231; Wed, 02 Nov 2022 15:51:42 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id e18-20020a17090301d200b00186b945c0d1sm8920377plh.2.2022.11.02.15.51.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 15:51:41 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v3 07/11] ap: update Frequency property on started Date: Wed, 2 Nov 2022 15:51:12 -0700 Message-Id: <20221102225116.297129-7-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102225116.297129-1-prestwoj@gmail.com> References: <20221102225116.297129-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 This was forgotten when adding the property --- src/ap.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/ap.c b/src/ap.c index 33f2d1e4..9c82a545 100644 --- a/src/ap.c +++ b/src/ap.c @@ -3709,6 +3709,9 @@ static void ap_if_event_func(enum ap_event_type type, const void *event_data, l_dbus_property_changed(dbus_get_bus(), netdev_get_path(ap_if->netdev), IWD_AP_INTERFACE, "Name"); + l_dbus_property_changed(dbus_get_bus(), + netdev_get_path(ap_if->netdev), + IWD_AP_INTERFACE, "Frequency"); l_dbus_property_changed(dbus_get_bus(), netdev_get_path(ap_if->netdev), IWD_AP_INTERFACE, "PairwiseCiphers"); From patchwork Wed Nov 2 22:51:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13029118 Received: from mail-pj1-f52.google.com (mail-pj1-f52.google.com [209.85.216.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B88B82C9C for ; Wed, 2 Nov 2022 22:51:44 +0000 (UTC) Received: by mail-pj1-f52.google.com with SMTP id l22-20020a17090a3f1600b00212fbbcfb78so3505802pjc.3 for ; Wed, 02 Nov 2022 15:51:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=K5BVp7TOrkkbkapuyuqyANloReXrKYsVuuTSBHRDunE=; b=TD60O1P2jfb8n6zc1KZZSym92GwuCLpb2ZeVV7Inlo61C2ZL5eQKNtv7ALvjfjfsKM KSSA1IS0gm2P8I6qKlbSE8AgvrhypkvjLKanJsbCBo7z1zosN6FbHCH/n4y7zHI96t4w 2Pt8F1MAe2iMAT4950aOuxWuVVv2gEZtZRKp0Tai/khciXwIEp+gfatJP5owLtym7/8V lr0T8zFKRNkl+tdEM7KTcy/cgjuhUokS7M2cYma11RtfHMf26IHRabOXpfd5D+U2zQke Cn0aJGBMiCNsHuW2LW8fYG4xDj7hl1CdvkgKfXto7lk/wEMafQKV3xnJY70bi4bTCqKY CaGw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=K5BVp7TOrkkbkapuyuqyANloReXrKYsVuuTSBHRDunE=; b=WSWX6H0rQurKFlI747uqUnen5E4LJ5/8qvugRHpYh/vLx5Y8olEIOgyx6lQ3LoHmB5 Ss+2AMIGBzK2q4t5ojdt08qR0zXWxXxA01H1sXCCL62ybu61AyyWTyAky0NwevBV7mb1 fWkZstOlhWScVqq50SzH6Z6bRT0bD6WXNkxad1fDTBJzWliZaB/YGK0kF6IzKJkhPB9k sm9Vs8GoRI7PoyBUGbMOuOYLvvEbi4UB1gOC3HFnmdsgLl8dRuTD4I8ZN0yFpSm7XB8P 9RyoOT+kvgZnt7qILCSleOTAr379zAg/zfAcedhl7G+HfTkgc8JmOxH8cynjTGVOb4vA naWA== X-Gm-Message-State: ACrzQf37YJRKyenog/uaVn6Yegh25318ViCyff3Q53ayTwfd08eOZrzw qHLANAqV/hTxVEs0R4Lpo8SNwhNAY8o= X-Google-Smtp-Source: AMsMyM4sTFbQ2SY4P1eQihBcfAefHlgW1S8+3NFGpfjJZjsa60JRlYbCjZlKGiq1xKxAgw98wEJa8g== X-Received: by 2002:a17:902:720a:b0:181:150c:fcc4 with SMTP id ba10-20020a170902720a00b00181150cfcc4mr27651105plb.109.1667429503594; Wed, 02 Nov 2022 15:51:43 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id e18-20020a17090301d200b00186b945c0d1sm8920377plh.2.2022.11.02.15.51.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 15:51:42 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v3 08/11] client: add ap support for PairwiseCiphers/GroupCipher Date: Wed, 2 Nov 2022 15:51:13 -0700 Message-Id: <20221102225116.297129-8-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102225116.297129-1-prestwoj@gmail.com> References: <20221102225116.297129-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- client/ap.c | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/client/ap.c b/client/ap.c index 4ce727de..f444a12c 100644 --- a/client/ap.c +++ b/client/ap.c @@ -37,6 +37,8 @@ struct ap { char *name; bool scanning; uint32_t freq; + char *pairwise; + char *group; }; static void *ap_create(void) @@ -51,6 +53,12 @@ static void ap_destroy(void *data) if (ap->name) l_free(ap->name); + if (ap->pairwise) + l_free(ap->pairwise); + + if (ap->group) + l_free(ap->group); + l_free(ap); } @@ -151,11 +159,67 @@ static const char *get_freq_tostr(const void *data) return str; } +static void update_pairwise(void *data, struct l_dbus_message_iter *variant) +{ + struct ap *ap = data; + char *value; + + if (ap->pairwise) + l_free(ap->pairwise); + + if (!l_dbus_message_iter_get_variant(variant, "s", &value)) { + ap->pairwise = NULL; + + return; + } + + ap->pairwise = l_strdup(value); +} + +static const char *get_pairwise_tostr(const void *data) +{ + const struct ap *ap = data; + + if (!ap->pairwise) + return ""; + + return ap->pairwise; +} + +static void update_group(void *data, struct l_dbus_message_iter *variant) +{ + struct ap *ap = data; + char *value; + + if (ap->group) + l_free(ap->group); + + if (!l_dbus_message_iter_get_variant(variant, "s", &value)) { + ap->group = NULL; + + return; + } + + ap->group = l_strdup(value); +} + +static const char *get_group_tostr(const void *data) +{ + const struct ap *ap = data; + + if (!ap->group) + return ""; + + return ap->group; +} + static const struct proxy_interface_property ap_properties[] = { { "Started", "b", update_started, get_started_tostr }, { "Name", "s", update_name, get_name_tostr }, { "Scanning", "b", update_scanning, get_scanning_tostr }, { "Frequency", "u", update_freq, get_freq_tostr }, + { "PairwiseCiphers", "s", update_pairwise, get_pairwise_tostr }, + { "GroupCipher", "s", update_group, get_group_tostr }, { } }; From patchwork Wed Nov 2 22:51:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13029119 Received: from mail-pj1-f52.google.com (mail-pj1-f52.google.com [209.85.216.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1B9102C9C for ; Wed, 2 Nov 2022 22:51:46 +0000 (UTC) Received: by mail-pj1-f52.google.com with SMTP id v4-20020a17090a088400b00212cb0ed97eso131929pjc.5 for ; Wed, 02 Nov 2022 15:51:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=e8tLpd8iyFxeYQRa17NWWdw7BzwcHOdwMi5qT4vPnSk=; b=Nrv7OqrRo2nboyQ4aEHtgQyv60i4RhOgmOcuFXV4tBw0Kq5auBrGEMQv8iD+5ClQTg gLrRZQEtwV4p3YWFR+mGKqehAFyp2W2XIruC48d/y2XP6KQQX4hgxKD2pjKpAdkbCTpp MxemJ/pnVh/GYuXQkhx5yH1OWwqALsfEnbXOZKQ1CqohrRtggtXCE9RY4HKEewPam0h7 Ja8R+LqTRPdVjCgd6uQVYprzENO8zAnMpcTjYFH0BMiPLAgjvRRj4p0EqvVmu7vj+yJ5 9phYEnujWdQGVKrzWEi6HT/QId1rPQhtvvUnVOrlEWi1eIwGj6Vb5X/80I3sFLJo+fJd j1Yw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=e8tLpd8iyFxeYQRa17NWWdw7BzwcHOdwMi5qT4vPnSk=; b=5VzaMZYz8UdFv9xy7z6UkBp2xClmsKITNGlSnr10xk5KfmPN7MK3fAXh9R2/exgeDs 6zfGx/S2NeUjORASe6/hqYXp/96Ooe+GzAf4K7WfNyYmsyPt1GAgJWlGwpwLfAT+R9ot hfD5XHqem5hQHd5LxoqjEviUsMkroFl8lbaByAobW07cMH1EHSZFVobH+X/swI9WLEzu uIPsKZEzwF2VRBYsyWaKghCkxPTKG9gZlURJxG5OlCkIuPA1y6rVbqW/3rIAaxJLWeaw LaJUwttNYvHcqQtl4H1BiprbJ233Zj8C1fe7nhZ5SyPSTx3fFLfL7kAS9c3L7PxAJzeK h1RQ== X-Gm-Message-State: ACrzQf12MipXkQ0at3ahyW2IdqDWYpTXRs70z9ctYtr17YSlZ6D0Olyo jJ6WE2b0slbCP/N9jJldevEWrsm+FqA= X-Google-Smtp-Source: AMsMyM4kP0RUiKJQcqUv78uPlxfbSJyqo7LhgiN0Fvc4HLKyOCY5lHhSZe6U3b+zLlpLiLpcynS2bA== X-Received: by 2002:a17:90a:b00d:b0:212:f91d:88c7 with SMTP id x13-20020a17090ab00d00b00212f91d88c7mr28129051pjq.112.1667429504982; Wed, 02 Nov 2022 15:51:44 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id e18-20020a17090301d200b00186b945c0d1sm8920377plh.2.2022.11.02.15.51.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 15:51:43 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v3 09/11] auto-t: add proper AccessPoint object class Date: Wed, 2 Nov 2022 15:51:14 -0700 Message-Id: <20221102225116.297129-9-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102225116.297129-1-prestwoj@gmail.com> References: <20221102225116.297129-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The AP mode device APIs were hacked together and only able to start stop an AP. Now that the AP interface has more functionality its best to use the DBus class template to access the full AP interface capabilities. --- autotests/util/iwd.py | 101 ++++++++++++++++++++++++++++++++++++++---- 1 file changed, 93 insertions(+), 8 deletions(-) diff --git a/autotests/util/iwd.py b/autotests/util/iwd.py index 9e96382a..98b9ea1c 100755 --- a/autotests/util/iwd.py +++ b/autotests/util/iwd.py @@ -299,6 +299,69 @@ class DeviceProvisioning(IWDDBusAbstract): def role(self): return self._properties['Role'] +class AccessPointDevice(IWDDBusAbstract): + ''' + Class represents net.connman.iwd.AccessPoint + ''' + _iface_name = IWD_AP_INTERFACE + + def start(self, ssid, psk): + self._iface.Start(ssid, psk, reply_handler=self._success, + error_handler=self._failure) + self._wait_for_async_op() + + IWD._wait_for_object_condition(self, 'obj.started == True') + + def start_profile(self, ssid): + self._iface.StartProfile(ssid, reply_handler=self._success, + error_handler=self._failure) + self._wait_for_async_op() + + IWD._wait_for_object_condition(self, 'obj.started == True') + + def stop(self): + self._iface.Stop(reply_handler=self._success, + error_handler=self._failure) + self._wait_for_async_op() + + IWD._wait_for_object_condition(self, 'obj.started == False') + + def scan(self): + self._iface.Scan(reply_handler=self._success, + error_handler=self._failure) + self._wait_for_async_op() + + IWD._wait_for_object_condition(self, 'obj.scanning == True') + IWD._wait_for_object_condition(self, 'obj.scanning == False') + + def get_ordered_networks(self): + return self._iface.GetOrderedNetworks() + + @property + def started(self): + return self._properties['Started'] + + @property + def name(self): + return self._properties['Name'] + + @property + def scanning(self): + return self._properties['Scanning'] + + @property + def frequency(self): + return self._properties['Frequency'] + + @property + def pairwise_ciphers(self): + return self._properties['PairwiseCiphers'] + + @property + def group_cipher(self): + return self._properties['GroupCipher'] + + class Device(IWDDBusAbstract): ''' Class represents a network device object: net.connman.iwd.Device @@ -312,6 +375,7 @@ class Device(IWDDBusAbstract): self._station_props = None self._station_debug_obj = None self._dpp_obj = None + self._ap_obj = None IWDDBusAbstract.__init__(self, *args, **kwargs) @@ -354,6 +418,17 @@ class Device(IWDDBusAbstract): return self._station_debug_obj + @property + def _ap(self): + if self._properties['Mode'] != 'ap': + self._prop_proxy.Set(IWD_DEVICE_INTERFACE, 'Mode', 'ap') + + if self._ap_obj is None: + self._ap_obj = AccessPointDevice(object_path=self._object_path, + namespace=self._namespace) + + return self._ap_obj + def _station_properties(self): if self._station_props is not None: return self._station_props @@ -605,20 +680,30 @@ class Device(IWDDBusAbstract): except Exception as e: raise _convert_dbus_ex(e) - self._ap_iface = dbus.Interface(self._bus.get_object(IWD_SERVICE, - self.device_path), - IWD_AP_INTERFACE) if psk: - self._ap_iface.Start(ssid, psk, reply_handler=self._success, - error_handler=self._failure) + self._ap.start(ssid, psk) else: - self._ap_iface.StartProfile(ssid, reply_handler=self._success, - error_handler=self._failure) - self._wait_for_async_op() + self._ap.start_profile(ssid) def stop_ap(self): self._prop_proxy.Set(IWD_DEVICE_INTERFACE, 'Mode', 'station') + IWD._wait_for_object_condition(self, "obj._properties['Mode'] == 'station'") + + @property + def group_cipher(self): + if self._properties['Mode'] != 'ap': + raise Exception('group_cipher only supported in AP mode') + + return self._ap.group_cipher + + @property + def pairwise_ciphers(self): + if self._properties['Mode'] != 'ap': + raise Exception('pairwise_cipher only supported in AP mode') + + return self._ap.pairwise_ciphers + def connect_hidden_network(self, name): '''Connect to a hidden network Possible exception: BusyEx From patchwork Wed Nov 2 22:51:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13029120 Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 822B927734 for ; Wed, 2 Nov 2022 22:51:47 +0000 (UTC) Received: by mail-pl1-f181.google.com with SMTP id k7so242120pll.6 for ; Wed, 02 Nov 2022 15:51:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=YvB1DrUHh/GvKAhUP+CqVLQcsbSC2AW465JKkPFySTc=; b=E82Fc+/29F+UvRrDeVVcnp004Co3wNnJ0hTAlXvG3arNNt2UE8KwpRGIxz2XF6oCiJ 3zSaHxIgNIkGOk6xvv4RVCKmWO22HYCBbJ1ellf8xS+NjU5fV9sYbTOJT6td/Yiw5Pi0 mjjugaQbyxrDhauo52htk2jOYDSzK2mTW+Zsd9qwL0HRusRj5qlRhYUMG9VcWtd5RXQV 5N8dcYWs2FsGP2yOTcreuTTQjkWrZ6fdinCpjOSg+nMHcQncY0B/5bLCE+FY+wYb/UtV yXf3hrsirMIR0dmi0trKVasEwACI7Q9oerhKcR92PQ4U85xoAPtbkYPldMnqposf03cf VZLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YvB1DrUHh/GvKAhUP+CqVLQcsbSC2AW465JKkPFySTc=; b=fLrY/xp8nx9kqfFMpwe1AMLy/+C7Qmo6JXFeOfAvSSkzbTP9qn2MnjiI0w3xYuRy5x OnWbVXNKKumjyfPGOP+7bxcVvAu8I8QMz2kjtveO9tQH63KFfNKU69igy4cEYD28aRvD +TdG0qr1eimmhTYyNHBprpMmUDjkpphk+Og6WSIxXPCwcBC5si1JIisvPH+iUN2Ib0q2 8k3P8IrjddEUMVfwk90nuduiHEg3BlsLryIvvkQLNRT1dAN927hA1y9Ss84MbSMX+t79 ImzHKpDIc1kpjVDkJg+7GcZ6AurC51MbwVTnz3wWYn2E1DR7NkWtws0cIM7R4fkTj38o kjwA== X-Gm-Message-State: ACrzQf21losMSW0lTLFlhC/1hguI3XQFuSzFApTDijkeqOnGiOa188Eq LIcP0HYGixXBdH2/jzmQlqxUT05LsVQ= X-Google-Smtp-Source: AMsMyM5mDn2g7oDxtmdVP3Q0nRpwsC1aEvq4GKfeMRAEzDYJozGNbfU1fkGCGra+z4Ra4JegktlnHw== X-Received: by 2002:a17:90a:73ca:b0:213:c06c:7004 with SMTP id n10-20020a17090a73ca00b00213c06c7004mr23745888pjk.111.1667429506341; Wed, 02 Nov 2022 15:51:46 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id e18-20020a17090301d200b00186b945c0d1sm8920377plh.2.2022.11.02.15.51.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 15:51:45 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v3 10/11] auto-t: test AP fails to start with unsupported ciphers Date: Wed, 2 Nov 2022 15:51:15 -0700 Message-Id: <20221102225116.297129-10-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102225116.297129-1-prestwoj@gmail.com> References: <20221102225116.297129-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 If the profile lists unsupported ciphers it should fail to start with NotSupported. --- autotests/testAP-no-support/TestAP2.ap | 3 +++ autotests/testAP-no-support/connection_test.py | 15 ++++++++++++++- 2 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 autotests/testAP-no-support/TestAP2.ap diff --git a/autotests/testAP-no-support/TestAP2.ap b/autotests/testAP-no-support/TestAP2.ap new file mode 100644 index 00000000..32a242ea --- /dev/null +++ b/autotests/testAP-no-support/TestAP2.ap @@ -0,0 +1,3 @@ +[Security] +Passphrase=secret123 +PairwiseCiphers=CCMP diff --git a/autotests/testAP-no-support/connection_test.py b/autotests/testAP-no-support/connection_test.py index 9e5dccbb..d7a13f51 100644 --- a/autotests/testAP-no-support/connection_test.py +++ b/autotests/testAP-no-support/connection_test.py @@ -26,6 +26,9 @@ class Test(unittest.TestCase): dev_ap.start_ap('TestAP2', 'Password2') + self.assertTrue(dev_ap.group_cipher == 'TKIP') + self.assertTrue(dev_ap.pairwise_ciphers == 'TKIP') + ordered_network = dev_sta.get_ordered_network('TestAP2') if ordered_network.type != NetworkType.psk: @@ -41,9 +44,19 @@ class Test(unittest.TestCase): wd.unregister_psk_agent(psk_agent) + def test_no_ccmp_support(self): + wd = IWD(True) + + dev = wd.list_devices(2)[1] + + # Should fail to start since the radio doesn't support CCMP but the + # profile only lists CCMP as allowed. + with self.assertRaises(iwd.NotSupportedEx): + dev.start_ap('TestAP2') + @classmethod def setUpClass(cls): - pass + IWD.copy_to_ap('TestAP2.ap') @classmethod def tearDownClass(cls): From patchwork Wed Nov 2 22:51:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13029121 Received: from mail-pj1-f54.google.com (mail-pj1-f54.google.com [209.85.216.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CAF662C9C for ; Wed, 2 Nov 2022 22:51:48 +0000 (UTC) Received: by mail-pj1-f54.google.com with SMTP id l6so16983pjj.0 for ; Wed, 02 Nov 2022 15:51:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ZJXjzU7LwKU1HEcx49dj6B57EO2Z9OrcgO31E4f6+XY=; b=P1W5DLeKAvgX3V5YUrypOUNwnWIwAqQSF90kjHzikMMWD4gX/ojlVFBnraCEuZrdpr +3oA8ilTKeyHrNvCwxLb2RBbIhuMl0Hhz/Ay7Z8XXOZuAB5rGN6nkeVsp+13qD3y7o8t KHOeVECQByGfK8BvkZAYpbfm7R+aKV7R8zWKMwibi8UQ9ll97kMgaoaVGLmhaz1JYa3X HeFrrHObk3Qfa4GXnTthsqvAw4992cKlI5K0nkNoliQUK3U5OeEriEJ0WO3y6YSpocFS 8NaaH1iiK1vcjI/yTtB6slyuCNDMHheX4EFcGzavyOwQWGfM0lLKq2i698NRfqMowpbN 5YLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZJXjzU7LwKU1HEcx49dj6B57EO2Z9OrcgO31E4f6+XY=; b=cnZB8q5wvodykR1ZHfw0lHT/lhzIONQkAMUaQgK6yHtvfeGg1dCox6PgmBRIWN0rLc iyaNTyaW8iLeD/tr5b2iPpy2IDstGtsN9vV3gKQPB2GXoFIM0+9LCJ8R3nHFq/9JC2Lw JWVVCZbioaVie+SYbqcmS10bwebouG59n6K/mWaQ6GS8tQoAVhVTW2WtiUBn+VX4wexT BuDGfsJhwNvCBsLMtKRoWDZvO0XBjtDx54XAxaYMaeohi8dh2m+PeTDfvgcnvsnnnJkB rO66NAJHkK0U8W0BFpZ26QgfVrIuGVhqVW5HtBIDA7sCG14CUcWFbX05NdMPxSoSnfKK eulA== X-Gm-Message-State: ACrzQf1UUh33pMjwa3Kl4xbP/ddtc7lJ01FK3rxz4TNQkJxxODrpJZEC 74R3Pjmd/rARsZOJwRbASvr+DXVwCEY= X-Google-Smtp-Source: AMsMyM4U6gNTxKNGvZfbjEbXq/I6teFWihEqe2P/TlZi6n00x0OBTPJMl58dbwCIvgvsMkcqdSjTFA== X-Received: by 2002:a17:90a:cb03:b0:214:219:b2b9 with SMTP id z3-20020a17090acb0300b002140219b2b9mr13836674pjt.191.1667429507762; Wed, 02 Nov 2022 15:51:47 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id e18-20020a17090301d200b00186b945c0d1sm8920377plh.2.2022.11.02.15.51.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 15:51:46 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v3 11/11] auto-t: add AP test for all pairwise/group cipher combos Date: Wed, 2 Nov 2022 15:51:16 -0700 Message-Id: <20221102225116.297129-11-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102225116.297129-1-prestwoj@gmail.com> References: <20221102225116.297129-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Iterates through every possible cipher combination and verifies the AP can authenticate the clients. --- autotests/testAP/TestAP2.ap | 2 ++ autotests/testAP/connection_test.py | 36 +++++++++++++++++++++++++---- 2 files changed, 33 insertions(+), 5 deletions(-) create mode 100644 autotests/testAP/TestAP2.ap diff --git a/autotests/testAP/TestAP2.ap b/autotests/testAP/TestAP2.ap new file mode 100644 index 00000000..27f086cb --- /dev/null +++ b/autotests/testAP/TestAP2.ap @@ -0,0 +1,2 @@ +[Security] +Passphrase=Password2 diff --git a/autotests/testAP/connection_test.py b/autotests/testAP/connection_test.py index dff415e7..53dcfaba 100644 --- a/autotests/testAP/connection_test.py +++ b/autotests/testAP/connection_test.py @@ -1,6 +1,7 @@ #! /usr/bin/python3 import unittest +import os from iwd import IWD from config import ctx @@ -8,6 +9,8 @@ from validation import validate, client_connect class Test(unittest.TestCase): def test_connection_success(self): + IWD.copy_to_storage('TestAP1.psk') + wd = IWD(True) dev1, dev2 = wd.list_devices(2) @@ -22,6 +25,8 @@ class Test(unittest.TestCase): client_connect(wd, dev1, 'TestAP1') def test_client_start_ap(self): + IWD.copy_to_storage('TestAP1.psk') + wd = IWD(True) dev1, dev2 = wd.list_devices(2) @@ -39,12 +44,33 @@ class Test(unittest.TestCase): validate(wd, dev2, dev1, 'TestAP2', 'Password2') - @classmethod - def setUpClass(cls): - IWD.copy_to_storage('TestAP1.psk') + def test_valid_ciphers(self): + ciphers = ['TKIP', 'CCMP-128', 'GCMP-128', 'CCMP-256', 'GCMP-256'] + + for group in ciphers: + for pairwise in ciphers: + IWD.copy_to_ap('TestAP2.ap') + os.system('echo "PairwiseCiphers=%s" >> /tmp/iwd/ap/TestAP2.ap' % pairwise) + os.system('echo "GroupCipher=%s" >> /tmp/iwd/ap/TestAP2.ap' % group) + + wd = IWD(True) + + dev1, dev2 = wd.list_devices(2) + + dev1.start_ap('TestAP2') + + self.assertTrue(dev1.group_cipher == group) + self.assertTrue(dev1.pairwise_ciphers == pairwise) + + try: + validate(wd, dev2, dev1, 'TestAP2', 'Password2', ip_checks=False) + except: + raise Exception("Failed with pairwise=%s group=%s" % (pairwise, group)) + finally: + IWD.clear_storage() + del wd - @classmethod - def tearDownClass(cls): + def tearDown(self): IWD.clear_storage() if __name__ == '__main__':