From patchwork Wed Nov 2 20:53:18 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13028972 Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AD1C724F2B for ; Wed, 2 Nov 2022 20:53:37 +0000 (UTC) Received: by mail-pf1-f175.google.com with SMTP id i3so17463356pfc.11 for ; Wed, 02 Nov 2022 13:53:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=M4Yp6AA1FXvkE6qMPo7pF3xcKK+LRYMCI/7aXmF7FFw=; b=DUdkzatol/qpzR0uBltGZCd78bSYAyYMx+lBzT1r5p6oEL+dzxhwbKKQxlFwaGYASc f5SxtlHg6fX+8YFrMe0qc6On9qMVQ9uYt3UjSe0RXRKyQv3lzvzmzxXPzYN2ZxdewLYX buOK3DjkUtYpoUzfMcQHZ9YtvF63ib6pzYxFlpBuOfcDA9wHIL0rUzZ/+IeY/8gVs2+k N9XcnFhTYHoSItgtdyiGDVn3PaGe0Hlk2PToTfcibbCB20t6pq6lxuPMzygviS+erko6 mDs+F9tuxStzU02irWO7acn1XAvqf325xnVOEZnlb/IW7Izo4emJ8iU6eCI/HjmIsRml uN2Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=M4Yp6AA1FXvkE6qMPo7pF3xcKK+LRYMCI/7aXmF7FFw=; b=ozOEfNgBW5Gc3QRSgARC3zBQnYmxQutywbf2XxMeuCREB/gETxbwkYUEFNQzZ529Pg YOfVOMtCjPvZQRZV1FmHVG1ssEkwv7JwutAkd9X59J69MSfoY5XVGhsshxmPHP7GlwO/ Xi9IpB6mQ/SofJ3LyArxFoFTaaM1fa9Sn+yAMs6MrkLkrekqwjqv712TStUqmeksvg2T kjmi9lywsoR+uk6DeMpSebfZEAxCG6l93NgQavq0LHWiDQYa0+WXqVg3TnGi9vY0C4My RpeGdEqEKGdTdh25PgGNk8+tOAFiKbKYTif6Y15/2cXsPt6GkYPfbfFFs08WatfFjWNg aHNA== X-Gm-Message-State: ACrzQf3WV6Ft+BM1Jk0IgwdVBpmYEWVIS/qe+7umvbMzrCFekmnT77SG BfRDPXEFW2wn79Ly59ItyKhf+BPyBcI= X-Google-Smtp-Source: AMsMyM7wJ5Zx83j3/HfCUC3WqUu4303I/dU+ux0scXwNdeDu4RYL1nPvlo1JwRFcYXfkjgu+nb5GeQ== X-Received: by 2002:a65:4cc9:0:b0:46f:f740:3b6d with SMTP id n9-20020a654cc9000000b0046ff7403b6dmr7450042pgt.584.1667422416868; Wed, 02 Nov 2022 13:53:36 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id q14-20020a170902a3ce00b00186c6d2e7e3sm8730755plb.26.2022.11.02.13.53.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 13:53:36 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v2 01/10] wiphy: add wiphy_get_supported_ciphers Date: Wed, 2 Nov 2022 13:53:18 -0700 Message-Id: <20221102205327.268693-1-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Similar to wiphy_select_cipher but returns all supported ciphers included in the mask rather than just one. --- src/wiphy.c | 5 +++++ src/wiphy.h | 2 ++ 2 files changed, 7 insertions(+) diff --git a/src/wiphy.c b/src/wiphy.c index bb83f814..10514572 100644 --- a/src/wiphy.c +++ b/src/wiphy.c @@ -180,6 +180,11 @@ enum ie_rsn_cipher_suite wiphy_select_cipher(struct wiphy *wiphy, uint16_t mask) return 0; } +uint16_t wiphy_get_supported_ciphers(struct wiphy *wiphy, uint16_t mask) +{ + return wiphy->supported_ciphers & mask; +} + static bool wiphy_can_connect_sae(struct wiphy *wiphy) { /* diff --git a/src/wiphy.h b/src/wiphy.h index 2c6bf86b..f8de7e0e 100644 --- a/src/wiphy.h +++ b/src/wiphy.h @@ -68,6 +68,8 @@ typedef void (*wiphy_destroy_func_t)(void *user_data); enum ie_rsn_cipher_suite wiphy_select_cipher(struct wiphy *wiphy, uint16_t mask); +uint16_t wiphy_get_supported_ciphers(struct wiphy *wiphy, uint16_t mask); + enum ie_rsn_akm_suite wiphy_select_akm(struct wiphy *wiphy, const struct scan_bss *bss, enum security security, From patchwork Wed Nov 2 20:53:19 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13028973 Received: from mail-pj1-f43.google.com (mail-pj1-f43.google.com [209.85.216.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6664527702 for ; Wed, 2 Nov 2022 20:53:38 +0000 (UTC) Received: by mail-pj1-f43.google.com with SMTP id b1-20020a17090a7ac100b00213fde52d49so3001451pjl.3 for ; Wed, 02 Nov 2022 13:53:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+SgPJKR2WAcaoWEQeb3b2tErOAn7cQvPlu0P7SL7rgc=; b=HzVXMLhMBqgP4hhB6WZLhxtVk9jv0wvjnkEB6pDoNhW/FxhJa0nuEA2U7ssF+yZ2wI xgERgxcm0Mii5jY0MPqMQ01U9gZOSvBnrcffigefQfzVPzXbrOTeG4/OVjHo+tgl5myz e/dPYMrB3J7HwNtZb0EXwqlCoNRv0tMVf0xKgXF8GOW2CKiwGwAo3lm5Ow4zeMAMJ5YX HtH4yIuSdZr9Y8tWR3l2ey39/uOGg3sE9TgVaUU5FOllk0AsPFE4JFBt9IcAaJQnNJDd bcG1elMTmFtbeTrkTyIIo1eSi/ncw6ankM+MGS+iUWn1ybUVaLP5VNvYiLB+zNusJjxG O15g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+SgPJKR2WAcaoWEQeb3b2tErOAn7cQvPlu0P7SL7rgc=; b=o4w456h30fY3iVKmYqEh8yMrk8xL5IrD5oJomAlWhNZ2ZR9RqrVSreo6FzWNwWfFs1 IJeWSN3i6QrlsAjloXj9enZvBNXGZoaMi8opOB3TRiCXE2zG4cTmORkIB/FHggMklsTV 2Qw4BBHfw+C0CcK/gaG/CIHblDWvuBGieg3JCtUVuBq0jj6j8NTabHwK9CGpPdv+p1Il 2JPsownTlPnhgprnb+ynEyNUFCAs/ysxRCnaWZUcFOKF+QLbXUtdmrU1FQrnp85kshXs Uc2Z57bjPxVJ/Dfd3gBqLUwhcImO4ad9bTwdvny2otlu0F33vYJtr2YoW3j7YXgoNPjc Xx2g== X-Gm-Message-State: ACrzQf1uGh6hict41MajlquOrkPP8tKgUPU7mt5KQGONWss4T+IOoDxU 1E3U/epCicA6jkENLFGfVL4e2T8mwXY= X-Google-Smtp-Source: AMsMyM5Uh3onUc0FVJJK6AM5cxKSw7wpfTF6LRg5BBKjBnBkErWT5hYwHZ4dPHdwUIToQt/r5I6j8g== X-Received: by 2002:a17:902:e791:b0:186:eea2:49e2 with SMTP id cp17-20020a170902e79100b00186eea249e2mr26175210plb.10.1667422417655; Wed, 02 Nov 2022 13:53:37 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id q14-20020a170902a3ce00b00186c6d2e7e3sm8730755plb.26.2022.11.02.13.53.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 13:53:37 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v2 02/10] ie: add group/pairwise lists of supported ciphers Date: Wed, 2 Nov 2022 13:53:19 -0700 Message-Id: <20221102205327.268693-2-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102205327.268693-1-prestwoj@gmail.com> References: <20221102205327.268693-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The validation of these ciphers for station is done when parsing the BSS RSNE but for AP mode there is no such validation and potentially any supported cipher could be chosen, even if its incompatible for the type of key. --- src/ie.h | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/src/ie.h b/src/ie.h index 53311854..c9a6c783 100644 --- a/src/ie.h +++ b/src/ie.h @@ -401,6 +401,25 @@ static inline bool IE_CIPHER_IS_GCMP_CCMP(uint32_t cipher_suite) IE_RSN_CIPHER_SUITE_GCMP_256); } +#define IE_GROUP_CIPHERS \ +( \ + IE_RSN_CIPHER_SUITE_TKIP | \ + IE_RSN_CIPHER_SUITE_CCMP | \ + IE_RSN_CIPHER_SUITE_GCMP | \ + IE_RSN_CIPHER_SUITE_GCMP_256 | \ + IE_RSN_CIPHER_SUITE_CCMP_256 \ +) + +/* + * Since WEP is unsupported we can just use the group cipher list with + * "Use group cipher" appended + */ +#define IE_PAIRWISE_CIPHERS \ +( \ + IE_GROUP_CIPHERS | \ + IE_RSN_CIPHER_SUITE_USE_GROUP_CIPHER \ +) + #define IE_LEN(ie) \ ((ie) ? (ie)[1] + 2 : 0) From patchwork Wed Nov 2 20:53:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13028974 Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 459F227706 for ; Wed, 2 Nov 2022 20:53:39 +0000 (UTC) Received: by mail-pl1-f181.google.com with SMTP id l2so17709578pld.13 for ; Wed, 02 Nov 2022 13:53:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=bxqprtzl4R002vqUzev019k/BsECRjvS5t95ymRTLR0=; b=JD72aaQkvkTqaK30aqGkzOI417utjW4KmBkiCG/j6kNctt1HKIE7uOwA74BPll7dOl eiXgvK70RORmp40gq0bXTHL/aYtgMgbdk2265JBlItN4eyiaKaQooDHAw3EdW3OxBOWo /VEbSORPNOPjZMFOTvu8yWoR/OKflAnQcTIRDdfoppPb9gXRPk1i981Njt1YrzICtGlY akt90Gc7mbDZzRiqoYvEdFCb/Piol/Qa0Q57Uhd0t3E5S/O0j9d9luAOBiShSpnh9x36 8K1n92BIUnt0fsT9LFU+RLiT5+PqPC0CWQVaLpvqKV0zkDRHFnJxZpkc/Ak4Kb4oFnIN yN8w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bxqprtzl4R002vqUzev019k/BsECRjvS5t95ymRTLR0=; b=kOzg24mYHL1BY8dXjp8l2dLMQAwa7n7FkcMvtxhZe/fhW28mNzhylcUjXKtX+lFau/ u09Y5WNgOwMBd6nblL5aUjFyd1wqkftcWi6e0yEGka9PAv/+ne7xTr6YqKBUUTOyQKMj f50oK+0mH91SqX4dwSsdfStGNWbSiqY3M9HxYCHCDdIFBMpRP2COBwNGuH5al4eze2kz eosHzcDcdHf+e3KVRcd0Qx9dNC5ZQPWrLkdKhGSUjdOgZOBplBjlsMTY1EXOUWs6/Wjd i5kwLL/vYV9JsyrHRmmDNPF6LqVfY8pPxzmwi3iXoNMXDJEuTRYWQPVf6OFguzHxjbYv /LdA== X-Gm-Message-State: ACrzQf1fZhFuGdSJWwRdQi6+BkiNdHzYN8IVUcuaR1Bo8lUQh8DFUl4M Q38s0YBeO/gG6ToP+krtrYm0iCpW558= X-Google-Smtp-Source: AMsMyM6iun2XvDF66uXfaYtYSgUNDzT+6ktu+z0hN45kDg8qCoC50It9CgY/HXVVa5HuOto4a9OMyQ== X-Received: by 2002:a17:902:6bc5:b0:183:4bef:1b20 with SMTP id m5-20020a1709026bc500b001834bef1b20mr26219793plt.158.1667422418496; Wed, 02 Nov 2022 13:53:38 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id q14-20020a170902a3ce00b00186c6d2e7e3sm8730755plb.26.2022.11.02.13.53.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 13:53:38 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v2 03/10] ap: add profile settings PairwiseCiphers/GroupCipher Date: Wed, 2 Nov 2022 13:53:20 -0700 Message-Id: <20221102205327.268693-3-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102205327.268693-1-prestwoj@gmail.com> References: <20221102205327.268693-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 These can now be optionally provided in an AP profile and provide a way to limit what ciphers can be chosen. This still is dependent on what the hardware supports. --- src/ap.c | 89 ++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 83 insertions(+), 6 deletions(-) diff --git a/src/ap.c b/src/ap.c index ba827728..341a1662 100644 --- a/src/ap.c +++ b/src/ap.c @@ -3132,12 +3132,38 @@ static bool ap_load_psk(struct ap_state *ap, const struct l_settings *config) return true; } +/* + * Note: only PTK/GTK ciphers are supported here since this is all these are + * used for. + */ +static enum ie_rsn_cipher_suite ap_string_to_cipher(const char *str) +{ + if (!strcmp(str, "UseGroupCipher")) + return IE_RSN_CIPHER_SUITE_USE_GROUP_CIPHER; + else if (!strcmp(str, "TKIP")) + return IE_RSN_CIPHER_SUITE_TKIP; + else if (!strcmp(str, "CCMP-128") || !strcmp(str, "CCMP")) + return IE_RSN_CIPHER_SUITE_CCMP; + else if (!strcmp(str, "GCMP-128") || !strcmp(str, "GCMP")) + return IE_RSN_CIPHER_SUITE_GCMP; + else if (!strcmp(str, "GCMP-256")) + return IE_RSN_CIPHER_SUITE_GCMP_256; + else if (!strcmp(str, "CCMP-256")) + return IE_RSN_CIPHER_SUITE_CCMP_256; + else + return 0; +} + static int ap_load_config(struct ap_state *ap, const struct l_settings *config, bool *out_cck_rates) { + struct wiphy *wiphy = netdev_get_wiphy(ap->netdev); size_t len; L_AUTO_FREE_VAR(char *, strval) = NULL; + _auto_(l_strv_free) char **ciphers_str; + uint16_t cipher_mask; int err; + int i; strval = l_settings_get_string(config, "General", "SSID"); if (L_WARN_ON(!strval)) @@ -3212,6 +3238,8 @@ static int ap_load_config(struct ap_state *ap, const struct l_settings *config, l_error("AP [WSC].PrimaryDeviceType format unknown"); return -EINVAL; } + + l_free(l_steal_ptr(strval)); } else { /* Make ourselves a WFA standard PC by default */ ap->wsc_primary_device_type.category = 1; @@ -3260,6 +3288,61 @@ static int ap_load_config(struct ap_state *ap, const struct l_settings *config, } else *out_cck_rates = true; + cipher_mask = wiphy_get_supported_ciphers(wiphy, IE_GROUP_CIPHERS); + + /* If the config sets a group cipher use that directly */ + strval = l_settings_get_string(config, "Security", "GroupCipher"); + if (strval) { + enum ie_rsn_cipher_suite cipher = ap_string_to_cipher(strval); + + if (!cipher || !(cipher & cipher_mask)) { + l_error("Unsupported or unknown group cipher %s", + strval); + return -ENOTSUP; + } + + ap->group_cipher = cipher; + l_free(l_steal_ptr(strval)); + } else { + /* No config override, use CCMP (or TKIP if not supported) */ + if (cipher_mask & IE_RSN_CIPHER_SUITE_CCMP) + ap->group_cipher = IE_RSN_CIPHER_SUITE_CCMP; + else + ap->group_cipher = IE_RSN_CIPHER_SUITE_TKIP; + } + + cipher_mask = wiphy_get_supported_ciphers(wiphy, IE_PAIRWISE_CIPHERS); + + ciphers_str = l_settings_get_string_list(config, "Security", + "PairwiseCiphers", ','); + for (i = 0; ciphers_str && ciphers_str[i]; i++) { + enum ie_rsn_cipher_suite cipher = + ap_string_to_cipher(ciphers_str[i]); + + /* + * Constrain list to only values in both supported ciphers and + * the cipher list provided. + */ + if (!cipher || !(cipher & cipher_mask)) { + l_error("Unsupported or unknown pairwise cipher %s", + ciphers_str[i]); + return -ENOTSUP; + } + + ap->ciphers |= cipher; + } + + if (!ap->ciphers) { + /* + * Default behavior if no ciphers are specified, disable TKIP + * for security if CCMP is available + */ + if (cipher_mask & IE_RSN_CIPHER_SUITE_CCMP) + cipher_mask &= ~IE_RSN_CIPHER_SUITE_TKIP; + + ap->ciphers = cipher_mask; + } + return 0; } @@ -3302,12 +3385,6 @@ struct ap_state *ap_start(struct netdev *netdev, struct l_settings *config, err = -EINVAL; - /* TODO: Add all ciphers supported by wiphy */ - ap->ciphers = wiphy_select_cipher(wiphy, IE_RSN_CIPHER_SUITE_TKIP | - IE_RSN_CIPHER_SUITE_CCMP); - ap->group_cipher = wiphy_select_cipher(wiphy, - IE_RSN_CIPHER_SUITE_TKIP | - IE_RSN_CIPHER_SUITE_CCMP); ap->beacon_interval = 100; ap->networks = l_queue_new(); From patchwork Wed Nov 2 20:53:21 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13028975 Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0276927702 for ; Wed, 2 Nov 2022 20:53:39 +0000 (UTC) Received: by mail-pl1-f172.google.com with SMTP id p21so3179plr.7 for ; Wed, 02 Nov 2022 13:53:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=bOKtes0ZltwVRHNBy0LfGmRjRzyXYFUiWaVb+96yY0U=; b=Ox4B7wQRt/WLmRLRyvi0oesCc69XUiTaTkxDiKzXYweWwXLc3Eh0/C6s8KhsYgVamB 7kiLBHljGhhEZMDeFZMVS/pOmbqh//+f9f/mbGo4+Q/uvYc/LC2w0EDzJGkGt3eOoHa3 mARHM/WvYVGhL7OFVEQS5LqniMi6Fbgi1fMiz6YlnHqFwnyh0wykci/z+yNnk5EPBd5z RDhj4uo4GZ7zg1D8TPrY3IGOtM89dfFjph0XYYOBzeBjRZzmaqCWyICpmBeb/epPAtPe +2+skSaWfXhCoxeRp4Xwt4tiOUtrVeIri5cxvL64zjs8LcQvgOJEhNcNSQ1DYsTB4iv3 +c1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bOKtes0ZltwVRHNBy0LfGmRjRzyXYFUiWaVb+96yY0U=; b=p9ZM0UMJCtZHJ36p1dFp+A51NH1jILNrONqi8F7ELUaSzvDUVKfbEkM0Oz1L0wrAWo wqZuYOr0l+a97wp3hHTe1B84Xl35duDF+XjX8W9t6eoWUywUCh5u61B9S5xq9eTSJGhw hl+IDctDfdDM9cMw4LXbyYsygMoYPRIYwqWTkJ2a3c+rNdyDBn+dshdW3/FGKDMtVjYC 9y+XOFl2ei2ICvwzWWqklg9dv805jLqjcuBAkfa+FBP0vc3zgcqiLg8UX7DBP8Q4yRn3 y/f4pLU8WJXnpB+PSy5jy9wvWTLPihhEzZSrncvVemo+PHQZo4Uf0a3q/lzgkbtGaTc7 Ipwg== X-Gm-Message-State: ACrzQf0S62Fd2GUyWXR+28i6OxY+yq50qM09NKFJa0UUICbpCE4gMitJ PxiRVcyt4GIOSmOZ9zv8e23NSKsSSSs= X-Google-Smtp-Source: AMsMyM729ak0KVfB1TrKPbgfFbPVvCwVUOm/5PXnWCH8jdtFyN3pAtwVWp/4tqJBqaAt8J8yb1cfsw== X-Received: by 2002:a17:902:ab45:b0:186:7b95:f767 with SMTP id ij5-20020a170902ab4500b001867b95f767mr27365949plb.107.1667422419229; Wed, 02 Nov 2022 13:53:39 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id q14-20020a170902a3ce00b00186c6d2e7e3sm8730755plb.26.2022.11.02.13.53.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 13:53:38 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v2 04/10] p2p: limit ciphers to CCMP/TKIP Date: Wed, 2 Nov 2022 13:53:21 -0700 Message-Id: <20221102205327.268693-4-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102205327.268693-1-prestwoj@gmail.com> References: <20221102205327.268693-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The limitation of cipher selection in ap.c was done so to allow p2p to work. Now with the ability to specify ciphers in the AP config put the burden on p2p to limit ciphers as it needs. --- src/p2p.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/p2p.c b/src/p2p.c index cfd8560a..ad2ac39f 100644 --- a/src/p2p.c +++ b/src/p2p.c @@ -1234,6 +1234,8 @@ static void p2p_group_start(struct p2p_device *dev) ((uint64_t) pdt->oui[2] << 24) | ((uint64_t) pdt->oui_type << 16) | pdt->subcategory; + char *ciphers[] = { "TKIP", "CCMP", NULL }; + uint16_t cipher; l_settings_set_string(config, "General", "SSID", dev->go_group_id.ssid); l_settings_set_uint(config, "General", "Channel", dev->listen_channel); @@ -1273,6 +1275,19 @@ static void p2p_group_start(struct p2p_device *dev) /* Enable netconfig, set maximum usable DHCP lease time */ l_settings_set_uint(config, "IPv4", "LeaseTime", 0x7fffffff); + l_settings_set_string_list(config, "Security", "PairwiseCiphers", + ciphers, ','); + + /* TODO: P2P only plays nice with CCMP or TKIP ciphers currently */ + cipher = wiphy_select_cipher(dev->wiphy, IE_RSN_CIPHER_SUITE_TKIP | + IE_RSN_CIPHER_SUITE_CCMP); + if (cipher == IE_RSN_CIPHER_SUITE_CCMP) + l_settings_set_string(config, "Security", "GroupCipher", + "CCMP"); + else + l_settings_set_string(config, "Security", "GroupCipher", + "TKIP"); + dev->capability.group_caps |= P2P_GROUP_CAP_GO; dev->capability.group_caps |= P2P_GROUP_CAP_GROUP_FORMATION; dev->capability.group_caps |= P2P_GROUP_CAP_IP_ALLOCATION; From patchwork Wed Nov 2 20:53:22 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13028976 Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C26872770A for ; Wed, 2 Nov 2022 20:53:40 +0000 (UTC) Received: by mail-pf1-f176.google.com with SMTP id m6so17525552pfb.0 for ; Wed, 02 Nov 2022 13:53:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=2hOQw+JM1kFwufhWmlhEirrnvCVU7Fu5LUTGIzej0To=; b=ZEiv6zdddnkOb//qz9jwRbXeRe++lNrtdyu4fM99ROr3JRaQhMYJUDHmcgW8dsxmk8 NpqTlQ9RG3jzWkvmRlRr2YbY9m96RxpcBqbG6AY5TZNxtpje0mbbzK844j/nZfT45cWj jDwfNEF4AD4yrBbMeqq9YzO9AnUQp97ZMDQlxiQjsEQvn5IGDezJ4BsZUlmMXDy2ToDn BWedRdlNHeyHpyYihjSp9diIju9TJYJJh3AiVugT0H17YXbQh5iuQiuFOfhgZXIrQ5yu 3PFNojuHt5zs1RSjDZZ3P7DP0Mm9Ijsr/ZZeK+UXd0Iq0NJC2/kVJHCmCjNsXckI7194 RfLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2hOQw+JM1kFwufhWmlhEirrnvCVU7Fu5LUTGIzej0To=; b=ZQZbldKwtuv0FjbB9dOgC7mXbQeu5tCaA1cQIAhPLAXYMHe1gIHVYcoE+6aItbOpC9 ZqrdYHbzRSUVge0PXh8kGqdT4ru+hxokG3n3/tIXZjgiby7IUzRowd3YU2bSaErXmDGK MAoQd2/2Iq05PlzWKn6n/yXwJ2nvC3FnkTFjqGBZDz3K2xk6YtNZxa3WZF5vjaxinQoX td17gKwknR15C0VZM91/tCnIwc8mDJIZRDw46CivYBaNWoyCLzwKxjaWiWe7WEScWhdF YdFPOmLz6BwG4GnZ9Gfb2V95ZS/FxrhS9euNZcGy9vc1nUZ4LLRJdgRRE5PCjZYsoJr6 N3JQ== X-Gm-Message-State: ACrzQf3EoS5OulabDnzneDburQz5Mnytd4D2AFqe8FXEDZWcTGo5oMi4 OGPlL1udDGNZRG7KcnMqGRAwNLALL5U= X-Google-Smtp-Source: AMsMyM6fq8PKttY2AkhsasYB/CFX9nIlMZEy4pLAFF+O9oyV9BfcnALLPhQlVghw+i8jCA6QM6L2KQ== X-Received: by 2002:a63:5a08:0:b0:43c:9fcc:cc54 with SMTP id o8-20020a635a08000000b0043c9fcccc54mr23172909pgb.229.1667422420128; Wed, 02 Nov 2022 13:53:40 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id q14-20020a170902a3ce00b00186c6d2e7e3sm8730755plb.26.2022.11.02.13.53.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 13:53:39 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v2 05/10] doc: document PairwiseCiphers/GroupCiphers AP settings Date: Wed, 2 Nov 2022 13:53:22 -0700 Message-Id: <20221102205327.268693-5-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102205327.268693-1-prestwoj@gmail.com> References: <20221102205327.268693-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- src/iwd.ap.rst | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/iwd.ap.rst b/src/iwd.ap.rst index 5fa23179..ade09e07 100644 --- a/src/iwd.ap.rst +++ b/src/iwd.ap.rst @@ -82,6 +82,21 @@ configuration. Processed passphrase for this network in the form of a hex-encoded 32-byte pre-shared key. Either this or *Passphrase* must be present. + * - PairwiseCiphers + - Comma separated list of pairwise ciphers for the AP supports. + + Values can include: TKIP, CCMP, GCMP, GCMP-256, CCMP-256 + + The underlying hardware and IWD's AP implementation must also support the + ciphers listed, currently only TKIP and CCMP. + + * - GroupCipher + - Group cipher the AP uses + + A single cipher value the AP can use as the group cipher. Values are the + same as pairwise ciphers and the same restrictions apply (hardware and + IWD implementation must support the cipher) + IPv4 Network Configuration -------------------------- From patchwork Wed Nov 2 20:53:23 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13028977 Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8002E27702 for ; Wed, 2 Nov 2022 20:53:41 +0000 (UTC) Received: by mail-pl1-f179.google.com with SMTP id io19so17721785plb.8 for ; Wed, 02 Nov 2022 13:53:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=7/K6JZkLJtSnMW6gBVdZ02rslfrQETuyfaorVmLfvSg=; b=affo3uwfQH/+SnZci+By4cjc/5BH0P1ki5+8+je1XQMdGJ495A9N0pHGAE5KX1rPW2 iVPU/y/YJFplRrbTc4AHwlDI4jC7W1b4UZze2ZEI9Xc5CIwlRj/qa+gEQGqGcFKJUI+5 +33p7FTWCwKS5sOIR677h5S4o6f4o01fiHKnALR2ZjdeuV4E9Ef1xjEHXe4Ix4BpVnWJ A/O1x/FT5j0rz4T1XT68ZJoShbcIgCeSJzPvPFitbdsWUnD4zbGQZt/wFhMc9KqdJmqm zHCKgcscaYk77BCeH3DrmKqT6Ev6JuizkLD/XVszoCE2wR6n3ePV9GBBJKe0mDdivCoI sBgA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7/K6JZkLJtSnMW6gBVdZ02rslfrQETuyfaorVmLfvSg=; b=vUzElAozRkIwhdsN8uRrIcYHDQBO5SK3fcl/jwscaMPXwt7BkOgJLR8soJyn1b1ElV FvTMPi9z7WO7Q3MsWVPwRf04+50ZIQ56Cx7ieqossy/S121qkZ5ramTiuz0gphV+I5Dr AFEQDdy6kyy8jOsjNI6/bNHamExWxp7sUEEvBaDSCtmAQ58RS1KyKZ9dTbdeGTQfBEg+ Jc9Y1A+RVuA31zl4pBhrqoqRH/Dh0r92rzbT7opeKXR4J5etm1hTZN5b82z9A4OBoaLL gF4fZPTZhRi2n1ncW1cHkAC2IsHWdaWwQ4ExnRk0DvY3n4GZzV3Wr5PibvFdroWFbvfJ 0Q4Q== X-Gm-Message-State: ACrzQf2KJylv4bzC7ZNpRIk98Lms0Bt6r/NvWd8RHL6g28KJbDGY0TdS U3T7ChN2/XBBA2Lr+9R7CtpN2LuLD5k= X-Google-Smtp-Source: AMsMyM4HiezX6Vh5XXSE14NIQdo3OLiXg1zqW3DZgWBO8QVuIkneQyA+YUhbeLjFzCah0Ui7DAY7nA== X-Received: by 2002:a17:902:e803:b0:187:3a52:d262 with SMTP id u3-20020a170902e80300b001873a52d262mr9441912plg.85.1667422420803; Wed, 02 Nov 2022 13:53:40 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id q14-20020a170902a3ce00b00186c6d2e7e3sm8730755plb.26.2022.11.02.13.53.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 13:53:40 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v2 06/10] ap: add PairwiseCiphers/GroupCipher to dbus interface Date: Wed, 2 Nov 2022 13:53:23 -0700 Message-Id: <20221102205327.268693-6-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102205327.268693-1-prestwoj@gmail.com> References: <20221102205327.268693-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Expose these values on the DBus interface so clients can view them. --- src/ap.c | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) diff --git a/src/ap.c b/src/ap.c index 341a1662..bd78d2b5 100644 --- a/src/ap.c +++ b/src/ap.c @@ -3154,6 +3154,25 @@ static enum ie_rsn_cipher_suite ap_string_to_cipher(const char *str) return 0; } +static char *ap_ciphers_to_string(uint16_t ciphers) +{ + uint16_t i; + char **list = l_strv_new(); + char *ret; + + for (i = 0; i < 16; i++) { + if (!(ciphers & (1 << i))) + continue; + + list = l_strv_append(list, + ie_rsn_cipher_suite_to_string(1 << i)); + } + + ret = l_strjoinv(list, ','); + l_strv_free(list); + return ret; +} + static int ap_load_config(struct ap_state *ap, const struct l_settings *config, bool *out_cck_rates) { @@ -3690,6 +3709,15 @@ static void ap_if_event_func(enum ap_event_type type, const void *event_data, l_dbus_property_changed(dbus_get_bus(), netdev_get_path(ap_if->netdev), IWD_AP_INTERFACE, "Name"); + l_dbus_property_changed(dbus_get_bus(), + netdev_get_path(ap_if->netdev), + IWD_AP_INTERFACE, "Frequency"); + l_dbus_property_changed(dbus_get_bus(), + netdev_get_path(ap_if->netdev), + IWD_AP_INTERFACE, "PairwiseCiphers"); + l_dbus_property_changed(dbus_get_bus(), + netdev_get_path(ap_if->netdev), + IWD_AP_INTERFACE, "GroupCipher"); l_rtnl_set_linkmode_and_operstate(rtnl, netdev_get_ifindex(ap_if->netdev), @@ -4061,6 +4089,44 @@ static bool ap_dbus_property_get_freq(struct l_dbus *dbus, return true; } +static bool ap_dbus_property_get_pairwise(struct l_dbus *dbus, + struct l_dbus_message *message, + struct l_dbus_message_builder *builder, + void *user_data) +{ + struct ap_if_data *ap_if = user_data; + char *list; + + if (!ap_if->ap || !ap_if->ap->started) + return false; + + list = ap_ciphers_to_string(ap_if->ap->ciphers); + + l_dbus_message_builder_append_basic(builder, 's', list); + l_free(list); + + return true; +} + +static bool ap_dbus_property_get_group(struct l_dbus *dbus, + struct l_dbus_message *message, + struct l_dbus_message_builder *builder, + void *user_data) +{ + struct ap_if_data *ap_if = user_data; + char *cipher; + + if (!ap_if->ap || !ap_if->ap->started) + return false; + + cipher = ap_ciphers_to_string(ap_if->ap->group_cipher); + + l_dbus_message_builder_append_basic(builder, 's', cipher); + l_free(cipher); + + return true; +} + static void ap_setup_interface(struct l_dbus_interface *interface) { l_dbus_interface_method(interface, "Start", 0, ap_dbus_start, "", @@ -4082,6 +4148,10 @@ static void ap_setup_interface(struct l_dbus_interface *interface) ap_dbus_property_get_scanning, NULL); l_dbus_interface_property(interface, "Frequency", 0, "u", ap_dbus_property_get_freq, NULL); + l_dbus_interface_property(interface, "PairwiseCiphers", 0, "s", + ap_dbus_property_get_pairwise, NULL); + l_dbus_interface_property(interface, "GroupCipher", 0, "s", + ap_dbus_property_get_group, NULL); } static void ap_destroy_interface(void *user_data) From patchwork Wed Nov 2 20:53:24 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13028978 Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 454F12770A for ; Wed, 2 Nov 2022 20:53:42 +0000 (UTC) Received: by mail-pl1-f181.google.com with SMTP id c2so17710262plz.11 for ; Wed, 02 Nov 2022 13:53:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=K5BVp7TOrkkbkapuyuqyANloReXrKYsVuuTSBHRDunE=; b=Hr+Iql8xucMo1I/4zRn+5gWAxtcyfG6mcE8lMslKGppbtxC+HtkEtNOA9WlM+k4riH 6cdGPYJzaFrofzrThbU8keWqUIwV753f51W+vk+Iq3ETjrIuTktO6Z8P+EwqtDIsX47A DpAuxBO512Q1MCuZ43rjIWpsWFY1zEZpV7rTgz73sr+8GTU9Hr0VsDtS3WtXCPwamfc7 0SAz1MVRLtL6S6VcW111KclqdtjGyVlH1M5qak9JL4cei+lC+yJV7vAg2yq+m53U9Tdg WvVgbNGunAjQuK76hPo6w6eTXBm740fYeXOp5njUMb8n5yVlTfZDR2kWYp234MtcjFOf 2qGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=K5BVp7TOrkkbkapuyuqyANloReXrKYsVuuTSBHRDunE=; b=t1iZF63H0HLkxWoji3VNKXaU5WDqFkQpioqv9SEcPHJYES4g/vqQq1CPh9sBOCJ6fw Mcpvrq+gcjP7dWALkqPCA5m25r/mu1QqpJKG5GgOpDieP0Bl9kMq/pB07nlaGENu1erG D8VGYIg/gRHCpsD8bJyA0vsJ2ADgLthe5v69NKExADD0WZlOLbxaaSoGsf9VV8DWZtaR B+lydcZjrai1Zo8VoDwKyavZZ9s31QFnl1bITifuWaZGd7EwCmhEA9G0tSoZwQ7kAATQ DglIdeNR5yv9U1Ucn+yc7YRXuLBb13NpUGqJzYM60nR46kn+C6uxCy9bu6KoJytV8rCH 3N+A== X-Gm-Message-State: ACrzQf0mNgWwGPnHxJwhh74/TU2qdf3sCD6DX6JGH82yCc8j0YRHP0kj 526xCzhwCZ2vDBluPRFO0uWLWUfHRT0= X-Google-Smtp-Source: AMsMyM6Cigj/udWUChYvTt4zgOqAt6tvpWjPxg0ZwZnWBGjRtUiOghDuYBxiwb1J1xn68waFLmXo1w== X-Received: by 2002:a17:902:f691:b0:187:466a:8975 with SMTP id l17-20020a170902f69100b00187466a8975mr5556768plg.59.1667422421571; Wed, 02 Nov 2022 13:53:41 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id q14-20020a170902a3ce00b00186c6d2e7e3sm8730755plb.26.2022.11.02.13.53.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 13:53:41 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v2 07/10] client: add ap support for PairwiseCiphers/GroupCipher Date: Wed, 2 Nov 2022 13:53:24 -0700 Message-Id: <20221102205327.268693-7-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102205327.268693-1-prestwoj@gmail.com> References: <20221102205327.268693-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 --- client/ap.c | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/client/ap.c b/client/ap.c index 4ce727de..f444a12c 100644 --- a/client/ap.c +++ b/client/ap.c @@ -37,6 +37,8 @@ struct ap { char *name; bool scanning; uint32_t freq; + char *pairwise; + char *group; }; static void *ap_create(void) @@ -51,6 +53,12 @@ static void ap_destroy(void *data) if (ap->name) l_free(ap->name); + if (ap->pairwise) + l_free(ap->pairwise); + + if (ap->group) + l_free(ap->group); + l_free(ap); } @@ -151,11 +159,67 @@ static const char *get_freq_tostr(const void *data) return str; } +static void update_pairwise(void *data, struct l_dbus_message_iter *variant) +{ + struct ap *ap = data; + char *value; + + if (ap->pairwise) + l_free(ap->pairwise); + + if (!l_dbus_message_iter_get_variant(variant, "s", &value)) { + ap->pairwise = NULL; + + return; + } + + ap->pairwise = l_strdup(value); +} + +static const char *get_pairwise_tostr(const void *data) +{ + const struct ap *ap = data; + + if (!ap->pairwise) + return ""; + + return ap->pairwise; +} + +static void update_group(void *data, struct l_dbus_message_iter *variant) +{ + struct ap *ap = data; + char *value; + + if (ap->group) + l_free(ap->group); + + if (!l_dbus_message_iter_get_variant(variant, "s", &value)) { + ap->group = NULL; + + return; + } + + ap->group = l_strdup(value); +} + +static const char *get_group_tostr(const void *data) +{ + const struct ap *ap = data; + + if (!ap->group) + return ""; + + return ap->group; +} + static const struct proxy_interface_property ap_properties[] = { { "Started", "b", update_started, get_started_tostr }, { "Name", "s", update_name, get_name_tostr }, { "Scanning", "b", update_scanning, get_scanning_tostr }, { "Frequency", "u", update_freq, get_freq_tostr }, + { "PairwiseCiphers", "s", update_pairwise, get_pairwise_tostr }, + { "GroupCipher", "s", update_group, get_group_tostr }, { } }; From patchwork Wed Nov 2 20:53:25 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13028979 Received: from mail-pj1-f41.google.com (mail-pj1-f41.google.com [209.85.216.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 03B6127702 for ; Wed, 2 Nov 2022 20:53:42 +0000 (UTC) Received: by mail-pj1-f41.google.com with SMTP id q1-20020a17090a750100b002139ec1e999so3007048pjk.1 for ; Wed, 02 Nov 2022 13:53:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=e8tLpd8iyFxeYQRa17NWWdw7BzwcHOdwMi5qT4vPnSk=; b=jg8dxJcmVGqL3HxyawXbghOIqYuNQpvOjDlbUaLdqJPNqukZvaW0LTw6CLnLXAUZ3m 8rhKuuBSKMu/OnmAnW5BnOxqIl1XL73Va+1pjapzNxEsLdCk1yP9JYRoszGIg6fn08zH ZXr1Mw6/my8P46Bxt4Il/myONGqK9z00aiilKFtQOk0zc2NfhOsXiGnkcq3qjGFoasrZ TZ/vTF3WblBT2rN8svwn31W3sqdz65op7QtX60SNnSPZQFk38Zv1OPj7GziodtXpCF51 VS5ojL8jOS3XTQjg99+dOIuYB/3W+KRK9jimKw7jy/Xz0pB3AVIiYKlMuyd/hpP4P32h rL7Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=e8tLpd8iyFxeYQRa17NWWdw7BzwcHOdwMi5qT4vPnSk=; b=BetgLEf8enfb9CSyVZmdJuvRUiZXt5xRN3s9Gb/Zr2x66sJtuoGX5m228zZZoL7J3I d2flMMao0Z0EDIn/s8S0yTlwGhNPLSMvB0Rr2wg4DAkhm4qSN61j500WhxJiHqBtbkCc nKiZtKTvE1NBQG33+kmT9ZGrJVu/A8m6PsZf1ymGvUZQiYaWdJyA6xq0NHF2jXv4JH35 S+zrjMcr0YAF+GAc5WRG0jAQ/boiYjZ8niUmVzk7Z0N3bIuXqupmlO65fPr10uW7Z7tF 8NjrH/HrUyp/WevzK19mdg3fjgO9K4izkcaSCZwuSgeFsp90JK9tFJ+4H7q5W6qJ9KLq bXag== X-Gm-Message-State: ACrzQf3U5irWSqzC4vNgpTINF6JlCSi5lIeY9vltOMGE4Qgd+Owzs6W6 89Bk4nCuqcwUUC22i0JdOqMFNghK/xM= X-Google-Smtp-Source: AMsMyM7DOIi9YCTSTUTVhB69wfd4nIIPcF5AlxPxbjBu2v5lEmDnMEJJkEY6HwXGhA0rDGPgwgSjcw== X-Received: by 2002:a17:90b:1b05:b0:213:dc73:3084 with SMTP id nu5-20020a17090b1b0500b00213dc733084mr18555490pjb.13.1667422422260; Wed, 02 Nov 2022 13:53:42 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id q14-20020a170902a3ce00b00186c6d2e7e3sm8730755plb.26.2022.11.02.13.53.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 13:53:41 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v2 08/10] auto-t: add proper AccessPoint object class Date: Wed, 2 Nov 2022 13:53:25 -0700 Message-Id: <20221102205327.268693-8-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102205327.268693-1-prestwoj@gmail.com> References: <20221102205327.268693-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The AP mode device APIs were hacked together and only able to start stop an AP. Now that the AP interface has more functionality its best to use the DBus class template to access the full AP interface capabilities. --- autotests/util/iwd.py | 101 ++++++++++++++++++++++++++++++++++++++---- 1 file changed, 93 insertions(+), 8 deletions(-) diff --git a/autotests/util/iwd.py b/autotests/util/iwd.py index 9e96382a..98b9ea1c 100755 --- a/autotests/util/iwd.py +++ b/autotests/util/iwd.py @@ -299,6 +299,69 @@ class DeviceProvisioning(IWDDBusAbstract): def role(self): return self._properties['Role'] +class AccessPointDevice(IWDDBusAbstract): + ''' + Class represents net.connman.iwd.AccessPoint + ''' + _iface_name = IWD_AP_INTERFACE + + def start(self, ssid, psk): + self._iface.Start(ssid, psk, reply_handler=self._success, + error_handler=self._failure) + self._wait_for_async_op() + + IWD._wait_for_object_condition(self, 'obj.started == True') + + def start_profile(self, ssid): + self._iface.StartProfile(ssid, reply_handler=self._success, + error_handler=self._failure) + self._wait_for_async_op() + + IWD._wait_for_object_condition(self, 'obj.started == True') + + def stop(self): + self._iface.Stop(reply_handler=self._success, + error_handler=self._failure) + self._wait_for_async_op() + + IWD._wait_for_object_condition(self, 'obj.started == False') + + def scan(self): + self._iface.Scan(reply_handler=self._success, + error_handler=self._failure) + self._wait_for_async_op() + + IWD._wait_for_object_condition(self, 'obj.scanning == True') + IWD._wait_for_object_condition(self, 'obj.scanning == False') + + def get_ordered_networks(self): + return self._iface.GetOrderedNetworks() + + @property + def started(self): + return self._properties['Started'] + + @property + def name(self): + return self._properties['Name'] + + @property + def scanning(self): + return self._properties['Scanning'] + + @property + def frequency(self): + return self._properties['Frequency'] + + @property + def pairwise_ciphers(self): + return self._properties['PairwiseCiphers'] + + @property + def group_cipher(self): + return self._properties['GroupCipher'] + + class Device(IWDDBusAbstract): ''' Class represents a network device object: net.connman.iwd.Device @@ -312,6 +375,7 @@ class Device(IWDDBusAbstract): self._station_props = None self._station_debug_obj = None self._dpp_obj = None + self._ap_obj = None IWDDBusAbstract.__init__(self, *args, **kwargs) @@ -354,6 +418,17 @@ class Device(IWDDBusAbstract): return self._station_debug_obj + @property + def _ap(self): + if self._properties['Mode'] != 'ap': + self._prop_proxy.Set(IWD_DEVICE_INTERFACE, 'Mode', 'ap') + + if self._ap_obj is None: + self._ap_obj = AccessPointDevice(object_path=self._object_path, + namespace=self._namespace) + + return self._ap_obj + def _station_properties(self): if self._station_props is not None: return self._station_props @@ -605,20 +680,30 @@ class Device(IWDDBusAbstract): except Exception as e: raise _convert_dbus_ex(e) - self._ap_iface = dbus.Interface(self._bus.get_object(IWD_SERVICE, - self.device_path), - IWD_AP_INTERFACE) if psk: - self._ap_iface.Start(ssid, psk, reply_handler=self._success, - error_handler=self._failure) + self._ap.start(ssid, psk) else: - self._ap_iface.StartProfile(ssid, reply_handler=self._success, - error_handler=self._failure) - self._wait_for_async_op() + self._ap.start_profile(ssid) def stop_ap(self): self._prop_proxy.Set(IWD_DEVICE_INTERFACE, 'Mode', 'station') + IWD._wait_for_object_condition(self, "obj._properties['Mode'] == 'station'") + + @property + def group_cipher(self): + if self._properties['Mode'] != 'ap': + raise Exception('group_cipher only supported in AP mode') + + return self._ap.group_cipher + + @property + def pairwise_ciphers(self): + if self._properties['Mode'] != 'ap': + raise Exception('pairwise_cipher only supported in AP mode') + + return self._ap.pairwise_ciphers + def connect_hidden_network(self, name): '''Connect to a hidden network Possible exception: BusyEx From patchwork Wed Nov 2 20:53:26 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13028980 Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AA2072770A for ; Wed, 2 Nov 2022 20:53:43 +0000 (UTC) Received: by mail-pf1-f175.google.com with SMTP id z26so4347805pff.1 for ; Wed, 02 Nov 2022 13:53:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=YvB1DrUHh/GvKAhUP+CqVLQcsbSC2AW465JKkPFySTc=; b=pDvZLUQFVyF/YuituGlId9H6jiNjPFbes82PXr9+xh3iFGAMG9LXvCYmgMHUAwQpBg i2OPOBGREfnUsxXULkJDRDwuyw8vr3IiuHnynRq+LpN1jSdQuNtDCGp2UL6jrSjhPcfr A2+fWXavje9oP7vEqDm00pRlSTW7RWBDmNbb3lO88lGoNRbnHvXuacc4y9ADdF/m9P7y W3N3aWZZYh9b+mCmIRWJWUIniaMcQMTB1T+L2ujkmTFtDG5dbC0r5awUucMDDLNlbmwG 7NKaCm6Rj4IhVsGR2Ctl4pBZuanpsvORrktuu9umBnDbuSSvo0+U1mhNcAQ93IK4Xa3b OC/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YvB1DrUHh/GvKAhUP+CqVLQcsbSC2AW465JKkPFySTc=; b=bCz9zg7pKQh85wLRtP2bEpBIGoO5hbZRmq+Zk8/THrTZgvXawqz+fbHiAE/QR3wDdQ KSEK/dNQPjOO4i2T2S7dbC2uHJQB5LDBGRqYJyVUnrb8erY2x7lwb49vEj9W9AtiOOhW dXIIpfKN17Mu/IkXw0JgM3tfi7OkneoFR8IM3PM9k97H69U0IpjWA7fMiYJzQiq14dSM 8lztaiZJUBKlsUWb6c/ajNOo6LlXn/grTQiVm8gadboOoWR0dsfsBwixzfkn4nuE8Rt1 bpyOhA0mML4r7xGkMpa5/b5z1j6EHFcvth+oxR3QIyxf3pHq7vbn2YYYigCZdvjX7oin ZpVA== X-Gm-Message-State: ACrzQf2qqaq/kbOAjvOJGHE8h5SNSCiwCA8SOiRLB7Ivp/Yyh7vqJEMQ kFVwxIGGm0gJrBLZZU9iYtaW6bzZg1U= X-Google-Smtp-Source: AMsMyM6GCIwBluZLsWeJPZcH1MQa4bE3hASAotE63EoYu43AM06xLLUopimkBzCPipWvDo1VrySnXA== X-Received: by 2002:a63:591c:0:b0:464:bb3b:d1ad with SMTP id n28-20020a63591c000000b00464bb3bd1admr23234759pgb.146.1667422423014; Wed, 02 Nov 2022 13:53:43 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id q14-20020a170902a3ce00b00186c6d2e7e3sm8730755plb.26.2022.11.02.13.53.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 13:53:42 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v2 09/10] auto-t: test AP fails to start with unsupported ciphers Date: Wed, 2 Nov 2022 13:53:26 -0700 Message-Id: <20221102205327.268693-9-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102205327.268693-1-prestwoj@gmail.com> References: <20221102205327.268693-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 If the profile lists unsupported ciphers it should fail to start with NotSupported. --- autotests/testAP-no-support/TestAP2.ap | 3 +++ autotests/testAP-no-support/connection_test.py | 15 ++++++++++++++- 2 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 autotests/testAP-no-support/TestAP2.ap diff --git a/autotests/testAP-no-support/TestAP2.ap b/autotests/testAP-no-support/TestAP2.ap new file mode 100644 index 00000000..32a242ea --- /dev/null +++ b/autotests/testAP-no-support/TestAP2.ap @@ -0,0 +1,3 @@ +[Security] +Passphrase=secret123 +PairwiseCiphers=CCMP diff --git a/autotests/testAP-no-support/connection_test.py b/autotests/testAP-no-support/connection_test.py index 9e5dccbb..d7a13f51 100644 --- a/autotests/testAP-no-support/connection_test.py +++ b/autotests/testAP-no-support/connection_test.py @@ -26,6 +26,9 @@ class Test(unittest.TestCase): dev_ap.start_ap('TestAP2', 'Password2') + self.assertTrue(dev_ap.group_cipher == 'TKIP') + self.assertTrue(dev_ap.pairwise_ciphers == 'TKIP') + ordered_network = dev_sta.get_ordered_network('TestAP2') if ordered_network.type != NetworkType.psk: @@ -41,9 +44,19 @@ class Test(unittest.TestCase): wd.unregister_psk_agent(psk_agent) + def test_no_ccmp_support(self): + wd = IWD(True) + + dev = wd.list_devices(2)[1] + + # Should fail to start since the radio doesn't support CCMP but the + # profile only lists CCMP as allowed. + with self.assertRaises(iwd.NotSupportedEx): + dev.start_ap('TestAP2') + @classmethod def setUpClass(cls): - pass + IWD.copy_to_ap('TestAP2.ap') @classmethod def tearDownClass(cls): From patchwork Wed Nov 2 20:53:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Prestwood X-Patchwork-Id: 13028981 Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 47F9027708 for ; Wed, 2 Nov 2022 20:53:44 +0000 (UTC) Received: by mail-pl1-f176.google.com with SMTP id d24so15666pls.4 for ; Wed, 02 Nov 2022 13:53:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ZJXjzU7LwKU1HEcx49dj6B57EO2Z9OrcgO31E4f6+XY=; b=kbbtQDqOqJ+vZEoSV1wbx0howDxxoT+ooeiGdhoIwzX4ONnvGEddRlqQAKUzfljSwS UHxj9AAVYJXTvaoG3PADeH5sEgyXQC601bPfA7ueMy3NT/R6nnC3iZFdCur5eueuQE+w aztFvKsb9uPdYE1ZoYE8w+SjAvhon2IUbix/vurbLu/bNPqL2bkHAMRVguQRJPYD/cim aX+R9J/8gZhmUt/c0yroFw47/tJo59EausOWGx0P3pxmHHbQiSvKEnyUVZPz2zuvJpZc hfFl0oXCrLllJx3cwezaU179/gu0UVgKCL9agvJ0ndG5LpfQpV4p67dpPdVhkN7wLRHm lJaw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZJXjzU7LwKU1HEcx49dj6B57EO2Z9OrcgO31E4f6+XY=; b=hfFvXzHAYea42Y6U4uzsSyX4RGIPR932YZWYKY8G6C7DIv5ivT6j7eO+VLmjim51MD hxb9qbpEYN7cIlTkWlpFIxOG5W/oOOeLJxCOXY11nRQn1DCQHYWFfrK2Wx70KEkA9dJG GlBT6qTUJWFxVHWrvQlQ7cLXprx66K8Gke2S1bbLAouEy/m6qHeYgFU2DrdxAg7xenjp 6kfBYJU2fKRJ7FTgT0gxYpEomQOt3iiEZI319sOSh/HpWUzAmqG7yYGlQig2ulT9EwgD PoYsggr+0MX78RnAGxxBk3s1ff7XnIOxBD2A8GYV7ii649+wE8oNlnjBx5sgX/QNDyOS dgRA== X-Gm-Message-State: ACrzQf3ItfedwED+YHttu+hNnQHxeH+7aAqTk6k8xeLyp0YQdJtSAKZH /C9udL7l4l3CJGASc4qpcjYLjG33wIc= X-Google-Smtp-Source: AMsMyM4BjrBex43FjkSPgRZk+809aVy9reWfCtZHnCyhI5132daMQhgFfzMTPpTXid7SY2mEA2qxug== X-Received: by 2002:a17:90b:268d:b0:214:220:ecfd with SMTP id pl13-20020a17090b268d00b002140220ecfdmr13102324pjb.63.1667422423589; Wed, 02 Nov 2022 13:53:43 -0700 (PDT) Received: from jprestwo-xps.none ([50.39.160.234]) by smtp.gmail.com with ESMTPSA id q14-20020a170902a3ce00b00186c6d2e7e3sm8730755plb.26.2022.11.02.13.53.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 02 Nov 2022 13:53:43 -0700 (PDT) From: James Prestwood To: iwd@lists.linux.dev Cc: James Prestwood Subject: [PATCH v2 10/10] auto-t: add AP test for all pairwise/group cipher combos Date: Wed, 2 Nov 2022 13:53:27 -0700 Message-Id: <20221102205327.268693-10-prestwoj@gmail.com> X-Mailer: git-send-email 2.34.3 In-Reply-To: <20221102205327.268693-1-prestwoj@gmail.com> References: <20221102205327.268693-1-prestwoj@gmail.com> Precedence: bulk X-Mailing-List: iwd@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Iterates through every possible cipher combination and verifies the AP can authenticate the clients. --- autotests/testAP/TestAP2.ap | 2 ++ autotests/testAP/connection_test.py | 36 +++++++++++++++++++++++++---- 2 files changed, 33 insertions(+), 5 deletions(-) create mode 100644 autotests/testAP/TestAP2.ap diff --git a/autotests/testAP/TestAP2.ap b/autotests/testAP/TestAP2.ap new file mode 100644 index 00000000..27f086cb --- /dev/null +++ b/autotests/testAP/TestAP2.ap @@ -0,0 +1,2 @@ +[Security] +Passphrase=Password2 diff --git a/autotests/testAP/connection_test.py b/autotests/testAP/connection_test.py index dff415e7..53dcfaba 100644 --- a/autotests/testAP/connection_test.py +++ b/autotests/testAP/connection_test.py @@ -1,6 +1,7 @@ #! /usr/bin/python3 import unittest +import os from iwd import IWD from config import ctx @@ -8,6 +9,8 @@ from validation import validate, client_connect class Test(unittest.TestCase): def test_connection_success(self): + IWD.copy_to_storage('TestAP1.psk') + wd = IWD(True) dev1, dev2 = wd.list_devices(2) @@ -22,6 +25,8 @@ class Test(unittest.TestCase): client_connect(wd, dev1, 'TestAP1') def test_client_start_ap(self): + IWD.copy_to_storage('TestAP1.psk') + wd = IWD(True) dev1, dev2 = wd.list_devices(2) @@ -39,12 +44,33 @@ class Test(unittest.TestCase): validate(wd, dev2, dev1, 'TestAP2', 'Password2') - @classmethod - def setUpClass(cls): - IWD.copy_to_storage('TestAP1.psk') + def test_valid_ciphers(self): + ciphers = ['TKIP', 'CCMP-128', 'GCMP-128', 'CCMP-256', 'GCMP-256'] + + for group in ciphers: + for pairwise in ciphers: + IWD.copy_to_ap('TestAP2.ap') + os.system('echo "PairwiseCiphers=%s" >> /tmp/iwd/ap/TestAP2.ap' % pairwise) + os.system('echo "GroupCipher=%s" >> /tmp/iwd/ap/TestAP2.ap' % group) + + wd = IWD(True) + + dev1, dev2 = wd.list_devices(2) + + dev1.start_ap('TestAP2') + + self.assertTrue(dev1.group_cipher == group) + self.assertTrue(dev1.pairwise_ciphers == pairwise) + + try: + validate(wd, dev2, dev1, 'TestAP2', 'Password2', ip_checks=False) + except: + raise Exception("Failed with pairwise=%s group=%s" % (pairwise, group)) + finally: + IWD.clear_storage() + del wd - @classmethod - def tearDownClass(cls): + def tearDown(self): IWD.clear_storage() if __name__ == '__main__':