This allows a subset of channels to be specified for the scan used to
find the network when the SELECT_NETWORK ctrl_iface command is issued.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
"GET_CRED <id> <field>" can now be used to fetch credential parameters
over the control interface. This does not allow passwords etc. private
material to be retrieved ("*" is returned for those if the value is set
regardless of the value). FAIL is returned if the requested parameter
has not been set. For cred parameters that can have multiple values,
newline separated list of values is returned.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Following events are now sent to ctrl_iface monitors to indicate if
credential blocks have been added, modified, or removed:
CRED-ADDED <id>
CRED-MODIFIED <id> <field>
CRED-REMOVE <id>
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows a single ANQP query to be used to fetch both IEEE 802.11
defined ANQP elements and Hotspot 2.0 vendor specific elements.
ANQP_GET <addr> <info id>[,<info id>]...
[,hs20:<subtype>][...,hs20:<subtype>]
For example:
ANQP_GET 00:11:22:33:44:55:66 258,268,hs20:3,hs20:4
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
There is not much point in building devices with WPS 1.0 only supported
nowadays. As such, there is not sufficient justification for maintaining
extra complexity for the CONFIG_WPS2 build option either. Remove this by
enabling WSC 2.0 support unconditionally.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
"SET blob <name> <hexdump>" can now be used to set a configuration blob
through the wpa_supplicant control interface.
Signed-off-by: Jouni Malinen <j@w1.fi>
The radio_work type was stored within the dynamically allocated
wpa_radio_work buffer and that buffer ended up getting freed before the
final use of the type string within radio_work_done(). This resulted in
freed memory being used for a debug print. Avoid this by freeing the
wpa_external_work instance after having completed radio_work_done() for
the related work.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add "reattach" command to perform single-channel single-ssid scan
instead of full scan when trying to reconnect to the currently
"connected" network (assuming old scan results are not current enough to
skip the scan completely). This allows the scan result to come back in
much faster time. In ath9k, the scan took around 12 seconds with full
background scan, and only 0.1 second with the single-channel single-ssid
scan. Thus, take much less time for the client to re-establish
connection with the currently "connected" network.
Signed-hostap: Peter Qiu <zqiu@chromium.org>
Move pno_start() and pno_stop() to scan.c as a more relevant location
and rename them to wpas_start_pno()/wpas_stop_pno().
Signed-off-by: Alexander Bondar <alexander.bondar@intel.com>
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
This enables more convenient protocol testing of AP and P2P
functionality in various error cases and unexpected sequences without
having to implement each test scenario within wpa_supplicant.
ext_mgmt_frame_handle parameter can be set to 1 to move all management
frame processing into an external program through control interface
events (MGMT-RX and MGMT-TX-STATUS) and command (MGMT_TX). This is
similar to the test interface that was added to hostapd previously, but
allows more control on offchannel operations and more direct integration
with the internal P2P module.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add a callback to the driver interface that allows vendor specific
commands to be sent. In addition, a control interface command is added
to expose this new interface outside wpa_supplicant:
Vendor command's format:
VENDOR <vendor id> <sub command id> [<hex formatted data>]
The 3rd argument will be converted to binary data and then passed as
argument to the sub command.
This interface is driver independent, but for now, this is only
implemented for the nl80211 driver interface using the cfg80211 vendor
commands.
Signed-off-by: Beni Lev <beni.lev@intel.com>
The pos pointer can be compared to the start of the buffer pointer to
determine whether the entry is the first one in the list. This gets rid
of some static analyzer warnings about unused variable writes.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new provisioning_sp cred field can now be used to track which SP
provisioned the credential. This makes it easier to find the matching
PPS MO from the management tree (./Wi-Fi/<provisioning_sp>).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new wpa_cli fetch_osu command can be used to fetch information about
all OSU providers and write that to a text file with the icons in
separate files. cancel_osu_fetch command can be used to stop ongoing OSU
provider list fetch.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
wpa_supplicant can request OSU icon data with "hs20_icon_request <BSSID>
<icon filename>". This transmits an Icon Request ANQP element and
processes the response in Icon Binary File ANQP elements.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The HS 2.0 Indication element from wpa_supplicant now includes the
release number field and wpa_supplicant shows the release number of the
AP in STATUS command (hs20=1 replaced with hs20=<release>).
The new update_identifier field in the cred block can now be used to
configure the PPS MO ID so that wpa_supplicant adds it to the Indication
element in Association Request frames.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This parameter was actually used in some testing cases in a way that did
not really work well with the FLUSH command ending up disabling PMF.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, any network block could be used to select the BSS to connect
to when processing scan results after Interworking network selection.
This can result in somewhat unexpected network selection in cases where
credential preferences indicated that a specific network was selected,
but another network ended up getting used for the connection. While the
older networks continue to be valid, add special processing for this
initial post-interworking-connect case to get more consistent network
selection to match with the Interworking network selection result.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
CONFIG_MODULE_TESTS=y build option can now be used to build in module
tests into hostapd and wpa_supplicant binaries. These test cases will be
used to get better testing coverage for various details that are
difficult to test otherwise through the control interface control. A
single control interface command is used to executed these tests within
the hwsim test framework. This commit adds just the new mechanism, but no
module tests are yet integrated into this mechanism.
Signed-off-by: Jouni Malinen <j@w1.fi>
While testing rfkill blocking of a scanning interface, it
was seen that the ongoing scan never completes. This happens
since EVENT_SCAN_RESULTS is discarded on a disabled interface.
Fix this and also other possible radio work completion issues
by removing all the radio works (including started) of the
disabled interface.
To be able to remove already started radio works, make their
callbacks be reentrant with deinit flag (when the work
is started), so each radio work should be able to handle
its own termination.
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
The more generic NFC_REPORT_HANDOVER is now used to report completed NFC
connection handover operations in either role and NFC_RX_HANDOVER_REQ
did not have any implementation within wpa_supplicant.
Signed-off-by: Jouni Malinen <j@w1.fi>
Memory allocated by calling function ieee802_11_vendor_ie_concat()
was not freed on an error path int ctrl_iface BSS command.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
P2P persistent connection may fail due to 802.11d channel change event
invalidating support of the operating frequency sent in the invitation
request, before receiving the invitation response. If the operating
frequency is invalid at the time the invitation response is processed
and there is no forced frequency provided by user, allow frequency
re-selection.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If P2P was disabled (e.g., due to driver not supporting it or through
p2p_disabled=1 configuration), setting Wi-Fi Display parameters could
result in segmentation fault when the WFD IE is updated without the P2P
module being initialized. Fix this by skipping the update if P2P module
is not in use. In addition, show Wi-Fi Display as disabled in "GET
wifi_display" and refuse to enable it with "SET wifi_display 1" if P2P
is not enabled.
Signed-hostap: Jouni Malinen <j@w1.fi>
This can be used to force an operating channel for P2P group formation
triggered by NFC operations.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
These optional attributes, if present, can be used to speed up the
initial connection by using a single channel scan.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If CONFIG_WPS_TESTING=y is enabled in build configuration, the new
wps_corrupt_pkhash parameter (similar to wps_testing_dummy_cred) can be
used to request public key hash to be corrupted in all generated OOB
Device Password attributes. This can be used for testing purposes to
validate public key hash validation steps.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When the NFC connection handover message received from a peer indicates
that the peer is operating as a GO on a specific channel, use that
information to avoid having to go through full scan. In addition, skip
the separate join-a-group scan since we already know the operating
channel, GO P2P Device Address, and SSID.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The device with the NFC Tag can be configured to enable NFC to be used
with "P2P_SET nfc_tag 1" and "P2P_LISTEN" commands to allow static
handover to be used.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
"NFC_REPORT_HANDOVER {INIT,RESP} P2P <req> <sel>" can now be used to
report completed NFC negotiated connection handover in which the P2P
alternative carrier was selected.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
"NFC_GET_HANDOVER_{REQ,SEL} NDEF P2P-CR" can now be used to build P2P
alternative carrier record for NFC connection handover request/select
messages.
Static connection handover case can be enabled by configuring the DH
parameters (either with wps_nfc_* configuration parameters or with
WPS_NFC_TOKEN command at run time. The NFC Tag contents can be generated
with "NFC_GET_HANDOVER_SEL NDEF P2P-CR-TAG" after having configured
Listen channel (p2p_listen_reg_class/p2p_listen_channel).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
New functionality is needed for this with the update NFC connection
handover design that depends on the AP side using the public key hash
from the handover request.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
It is more useful to be able to build a single NFC carrier record
instead of the full connection handover request message to allow
external components to decide whether to negotiate which alternative
carrier is used. This updates the carrier record contents to the new
design to include Enrollee public key hash and provides this as a
carrier record instead of full message. An external program is expected
to be used to build the full NFC connection handover message with
potentially other alternative carrier records included.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If the SSID of the WPS AP is known, it should be possible to limit AP
selection based on this when searching for an active WPS AP. This commit
adds a mechanism to specify SSID for this type of uses.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Since the Enrollee can now get the public key hash from the Registrar,
there is need to validate this during the WPS protocol run.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This makes it more convenient for test scripts to change parameters for
a specific test case without having to separately clear them between
each test case.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When start PNO request comes from control interface, wpa_supplicant
should wait until ongoing sched_scan (triggered by wpa_supplicant)
gets cancelled. Issuing cancel sched_scan and start PNO scan
one after another from pno_start() would lead wpa_supplicant to clear
wps->sched_scanning flag while getting sched_scan stopped event
from driver for cancel sched_scan request. In fact, PNO scan will
be in progress in driver and wpa_s->sched_scanning will not be set
in such cases.
In addition to this change, RSSI threshold limit is passed as part of
start sched_scan request. This was previously set only in pno_start(),
but the same parameter should be available for generic sched_scan calls
as well and this can now be reached through the new PNO start sequence.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Verify wpa_s->radio pointer before accessing it. If interface addition
fails, this could get called before wpa_s->radio has been set.
The segmentation fault details:
Program received signal SIGSEGV, Segmentation fault.
0x00000000004b9591 in wpas_ctrl_radio_work_flush (wpa_s=0x77fff0) at ctrl_iface.c:5754
5754 dl_list_for_each_safe(work, tmp, &wpa_s->radio->work,
Call stack:
0 wpas_ctrl_radio_work_flush (wpa_s=0x77fff0) at ctrl_iface.c:5754
1 wpa_supplicant_deinit_iface (wpa_s=0x77fff0, notify=0, terminate=0) at wpa_supplicant.c:3619
2 wpa_supplicant_add_iface (global=0x75db10, iface=0x7fffffffe270) at wpa_supplicant.c:3691
3 wpas_p2p_add_p2pdev_interface (wpa_s=0x75dd20) at p2p_supplicant.c:3700
4 main (argc=<optimized out>, argv=<optimized out>) at main.c:317
Function:
5750 void wpas_ctrl_radio_work_flush(struct wpa_supplicant *wpa_s)
5751 {
5752 struct wpa_radio_work *work, *tmp;
5753
5754 dl_list_for_each_safe(work, tmp, &wpa_s->radio->work,
5755 struct wpa_radio_work, list) {
5756 struct wpa_external_work *ework;
5757
5758 if (os_strncmp(work->type, "ext:", 4) != 0)
Root cause:
(gdb) p wpa_s->radio
$1 = (struct wpa_radio *) 0x0
Signed-hostap: Max Stepanov <Max.Stepanov@intel.com>
It should be noted that these commands are not exclusively used for P2P
or in the global context, so use of these commands through the global
control interface for operations that are specific to a single interface
have undefined behavior and that behavior may change in the future. As
such, these are recommend only for operations that are in the global
context (e.g., for P2P management).
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
All te network blocks and credentials were already cleared, but
configurations blobs should also be cleared here, e.g., to get
more consistent behavior test cases using EAP-FAST PACs.
Signed-hostap: Jouni Malinen <j@w1.fi>
Previously, only the last response data was kept in memory. This
increases that to hold up to two last responses to allow some more
parallel operations to be requested. In addition, the response data is
now freed as soon as the external program has fetched it.
Signed-hostap: Jouni Malinen <j@w1.fi>
This can be used to limit which channels are scanned using the specified
list of frequency ranges in the same format that the SCAN command uses.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new control interface command RADIO_WORK can be used by external
programs to request radio allocation slots from wpa_supplicant if
exclusive radio control is needed, e.g., for offchannel operations. If
such operations are done directly to the driver, wpa_supplicant may not
have enough information to avoid conflicting operations. This new
command can be used to provide enough information and radio scheduling
to avoid issues with such cases.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new radio work item concept can be used to request time for an
operation that requires exclusive radio control, e.g., a scan. Once the
radio is available, the registered callback function will be called.
radio_work_done() must be called once the exclusive radio operation has
been completed, so that the radio is freed for other operations. The
special case of deinit=1 is used to free the context data during
interface removal. That does not allow the callback function to start
the radio operation, i.e., it needs to free the allocated resources
and return.
Signed-hostap: Jouni Malinen <j@w1.fi>
The newer wpa_dbg() print includes the same information in a more
convenient form, so remove the duplicate RX ctrl_iface hexdump in the
cases where there is no key material in the control interface commands
(the possible-key-material case is still using wpa_hexdump_ascii_key).
Signed-hostap: Jouni Malinen <j@w1.fi>
If the BSS table within wpa_supplicant is flushed, request the driver to
flush its own scan result table during the next scan. This can avoid
unexpected old BSS entries showing up after BSS_FLUSH or FLUSH command
in cases where the driver may maintain its internal cache of scan
results (e.g., cfg80211 BSS table persists at least for 15 seconds).
In addition to doing this automatically on BSS_FLUSH/FLUSH, a new SCAN
command argument, only_new=1, can be used to request a manual scan
request to do same. Though, it should be noted that this maintains the
BSS table within wpa_supplicant. BSS_FLUSH followed by SCAN command can
be used to clear all BSS entries from both the driver and
wpa_supplicant.
Signed-hostap: Jouni Malinen <j@w1.fi>
These were somewhat more hidden to avoid direct use, but there are now
numerous places where these are needed and more justification to make
the extern int declarations available from wpa_debug.h. In addition,
this avoids some warnings from sparse.
Signed-hostap: Jouni Malinen <j@w1.fi>
This makes it easier to enable various testing parameters and
functionality in build configuration.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows users of wpa_supplicant control interface to figure out when
their specific scan command has been started and completed. For example:
CTRL-EVENT-SCAN-STARTED
> scan freq=2412,2417 passive=1 use_id=1
3
CTRL-EVENT-SCAN-RESULTS
CTRL-EVENT-SCAN-STARTED id=3
CTRL-EVENT-SCAN-RESULTS id=3
Signed-hostap: Jouni Malinen <j@w1.fi>
This allows external programs to request wpa_supplicant to execute
a passive scan (i.e., do not send any Probe Request frames).
Signed-hostap: Jouni Malinen <j@w1.fi>
The new freq=<frequency ranges> parameter to the SCAN command can be
used to request a scan to be performed on the specified set of channels
instead of on all channels. For example, "wpa_cli scan
freq=2400-2500,5180" would scan channels 1-14 and 36. Only the channels
that the driver indicates as enabled and that are within the specified
ranges are included in the request.
Signed-hostap: Jouni Malinen <j@w1.fi>
Use an array of ciphers and a loop instead of copy-pasted copies of the
same printing functionality for each cipher.
Signed-hostap: Jouni Malinen <j@w1.fi>
This adds initial parts for supporting the new GCMP-256, CCMP-256,
BIP-GMAC-128, BIP-GMAC-256, and BIP-CMAC-256 cipher suites.
Signed-hostap: Jouni Malinen <j@w1.fi>
The BSS table, scan timeout, and related functionality should use
monotonic time since they care about relative values (age) only.
Unfortunately, these are all connected, so the patch can't be split
further. Another problem with this is that it changes the driver wrapper
API. Though, it seems only the test driver is using this.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
This is a mechanism used in Android to extend driver interface in vendor
specific ways. This is included only for the purpose of Android
compatibility. Proper interface commands should be used for any new
functionality.
Signed-hostap: Jouni Malinen <j@w1.fi>
While starting from PNO start context, the scheduled scan was not
setting the flag wpa_s->scanning. This was resulting in the subsequent
SCAN command to proceed further and send command to nl80211/cfg80211.
The expected behavior of cancelling sched_scan was not happening here.
While sched_scan is in progress and a legacy scan comes on the
cli/socket, the sched_scan is cancelled and normal scan is allowed to
continue. However, sometimes sched_scan cancelled event comes a bit
delayed and we will send out the scan command before the wpa_s->scanning
is cleared. Instead, reschedule the incoming scan req if the
wpa_s->scanning shows that it is still in progress.
Signed-hostap: Jithu Jance <jithu@broadcom.com>
Add chan_switch to the control interface of wpa_supplicant and hostapd,
and also to wpa_cli and hostapd_cli.
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
This triggers re-transmission of CTRL-EVENT-STATE-CHANGE and
CTRL-EVENT-CONNECTED events on STATUS command for Android framework
specific processing.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
There are use cases requesting the host driver to initiate the TDLS
setup with the peer only when configured by the external applications.
Thus, enable this control by tdls_external_control=1 and pass the
requisite information for the specific TDLS operation to the driver
on the request from such use cases.
This operation mode expects the driver to initiate TDLS link
automatically based on signal strength and traffic to a peer and tear
down links whenever they are not used or suitable due to signal strength
etc. The list of peers with which such operations are to be performed
are provided with the TDLS driver operations.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows sp_type={home,roaming,unknown} to be used to determine
network type with SIM-based credentials even if the domain name
parameter is not configured explicitly.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Add the option to ask for VHT operation similarly to the way ht40 is
configured - either by adding 'vht' param to the relevant p2p_*
commands or by configuring p2p_go_vht=1 in the configuration file.
This patch only adds the configuration option (e.g., via control
interface). The actual handling of the VHT parameter (asking the driver
to use VHT, etc.) will be done by the following patch.
Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
Both of these variables can result in optimized WPS scans, so better
clear these more consistently to avoid unexpected single-channel scans.
Signed-hostap: Jouni Malinen <j@w1.fi>
This makes it less likely to forget WPS single-channel scan optimization
in effect after having completed the WPS operation or in case WPS
operating gets cancelled.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is what the original implementation did years ago, but the move to
using separate control interface backends re-ordered the implementation
to process EAPOL notification first. Use a registered timeout to allow
the ctrl_iface response to be sent out first to get somewhat faster
response time and to avoid pending operations that could result in
ctrl_iface response and unsolicited event messages from getting mixed
up.
Signed-hostap: Jouni Malinen <j@w1.fi>
Credentials can now be configured with more than one FQDN ('domain'
field in the cred block) to perform Domain Name List matching against
multiple home domains.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
It is possible that a P2P GO has been discovered through a non-P2P scan
that did not return P2P IE in Probe Response frames. To cover those
cases, check also Beacon frame (if received) for P2P IE.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
STATUS-DRIVER command can now be used to fetch driver interface status
information. This is mainly for exporting low-level driver interface
information for debug purposes.
Signed-hostap: Jouni Malinen <j@w1.fi>
Previously, GO considered the group to be fully re-invoked after
starting beaconing on successful invitation exchange. This would leave
the group running until idle timeout (which may not be enabled) or
explicit removal if the client fails to connect for any reason. Since
the client is expected to connect immediately after the invitation
exchange that ends with status=0 (i.e., either client initiated the
exchange or it responded with success), extend group formation timeout
to cover that period until the first successfully completed data
connection. This allows the GO to remove the group automatically if the
client devices does not connect within
P2P_MAX_INITIAL_CONN_WAIT_GO_REINVOKE (15) seconds.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The interval for the PNO scan did not use the configured sched_scan
interval. This commit addresses the same by using the configured value
or the default of 10 seconds if configuration parameter is not used.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new control interface command P2P_REMOVE_CLIENT <P2P Device
Address|iface=Address> can now be used to remove the specified client
from all groups (ongoing and persistent) in which the local device is a
GO. This will remove any per-client PSK entries and deauthenticate the
device.
Signed-hostap: Jouni Malinen <j@w1.fi>
"wpa_cli p2p_set per_sta_psk <0/1>" can now be used to disable/enable
use of per-device PSKs in P2P groups. This is disabled by default.
When enabled, a default passphrase is still generated by the GO for
legacy stations, but all P2P and non-P2P devices using WPS will get
a unique PSK.
This gives more protection for the P2P group by preventing clients from
being able to derive the unicast keys used by other clients. This is
also a step towards allowing specific clients to be removed from a group
reliably without having to tear down the full group to do so.
Signed-hostap: Jouni Malinen <j@w1.fi>
This provides global status information that is applicable to all
interfaces (e.g., P2P state). In addition, ifname/address pairs are
listed to get information of all the interfaces that are currently
managed through this wpa_supplicant instance.
Signed-hostap: Jouni Malinen <j@w1.fi>
This iterates through all interfaces and saves configuration file
updates for each interface that allows it (update_config=1).
Signed-hostap: Jouni Malinen <j@w1.fi>
This allows global parameters to be set through the global control
interface without having to use IFNAME prefix. For now, this covers
only the wifi_display parameter.
Signed-hostap: Jouni Malinen <j@w1.fi>
When the device indicates to take care of TDLS operations the TDLS
setup is done calling wpas_drv_tdls_oper(). This patch does a similar
thing for the teardown. This fixes failure of teardown:
"TDLS: Could not find peer <mac> for link Teardown"
Signed-hostap: Arend van Spriel <arend@broadcom.com>
Add AVG_RSSI report to the signal_poll command if it is reported by
the kernel.
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Signed-hostap: Ilan Peer <ilan.peer@intel.com>
This is needed to get wpa_supplicant into clean state during testing if
a test case triggers countermeasures.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This can be useful for some test cases, so allow wpa_supplicant to be
built with special test functionality to expose the current (last
configured) GTK. This is disabled by default and can be enabled by
adding following line into .config:
CFLAGS += -DCONFIG_TESTING_GET_GTK
The GTK can then be fetched with "wpa_cli get gtk".
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The P2P management operations like P2P_FIND and P2P_CONNECT are not
really specific to any network interface. These are P2P Device level
operations that are in more global device context. Allow those to be
sent through the global control interface without IFNAME parameter.
For now, these commands are directed within wpa_supplicant to the
network interface that initialized the global P2P context. This may
change in the future if a special context is added for P2P operations.
Anyway, such changes can now be done internally within wpa_supplicant
without affecting this global control interface design from external
view point.
Signed-hostap: Jouni Malinen <j@w1.fi>
"IFNAME=<ifname> " prefix can now be used on the wpa_supplicant global
control interface to direct a command to a specific interface instead of
having to use an interface specific control interface for this. This
allows a single socket to be used for controlling multiple virtual
interfaces.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new control interface command can be used to send a
BSS Transition Management Query frame to the current AP.
Signed-hostap: Vinayak Kamath <vkamat@codeaurora.org>
Add "get_capability freq" command to print a more verbose list of
channels and frequencies in MHz. The tag "NO_IBSS" is added, if IBSS
mode is not allowed on a channel. This allows userspace programs to get
the frequencies and limitations associated with each channel.
This extends the information already provided in "get_capability
channels" but a new interface is chosen because of backwards
compatibility considerations.
Signed-hostap: Bruno Randolf <br1@einfach.org>
"WPS_NFC_CONFIG_TOKEN <WPS/NDEF> <network id>" can now be used to build
an NFC configuration token from a locally configured network.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is mainly for testing purposes where it is convenient to have an
easy way of getting wpa_supplicant state cleared between test cases.
Signed-hostap: Jouni Malinen <j@w1.fi>
Select the BSS entry based on BSSID,SSID pairs instead of just BSSID to
avoid selecting an unexpected SSID for the ROAM command.
Signed-hostap: Jouni Malinen <j@w1.fi>
Add a driver capability flag for drivers which support IBSS mode and set
it for nl80211 drivers which have set the NL80211_IFTYPE_ADHOC.
Add a new option "modes" to "get_capability" which will return "AP" and
"IBSS" if the corresponding capability flags are set.
The idea is that this can be used for UIs to find out if the driver
supports IBSS mode.
Signed-hostap: Bruno Randolf <br1@einfach.org>
Stop sched scan, if running, after any disabling or removing of
a network, and request a new scan if needed.
Signed-hostap: David Spinadel <david.spinadel@intel.com>
Peer device includes its list of allowed operating channels in the
Invitation Response frame. When we are becoming the GO, use that list
from the peer to filter out acceptable channels to avoid selecting a
channel that the peer is unable to use.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When re-invoking a persistent group in P2P client role, the new
pref=<MHz> parameter can now be used with the p2p_invite command to
indicate a preferred operating frequency. Unlike the older freq=<MHz>
parameter, this leaves GO an option to select another channel (from our
supported channels) if the GO cannot accept the channel.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Most of the print_bss_info() cases were already returning zero lenth to
avoid returning partial returns to the BSS commands, but the HS 2.0 and
Wi-Fi Display entries behaved differently. Make those consistent with
rest of the items.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows ctrl_iface users to iterate through the BSS entries by
fetching multiple BSS entries with "BSS RANGE=N-" without having to use
one extra round to get empty return value as the indication of the last
entry having been found.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
This flag will add ==== delimiter between to separate bss results.
Unlike the other BSS command MASK values, this delimiter is not
included by default to avoid issues with existing users of the BSS
command.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
wpa_supplicant can now generate the WPS carrier record for connection
handover response when acting as an ER. The AP whose configuration is
provided in this way is identified with an UUID as an argument to
wps-nfc.py.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When wpa_supplicant is controlling an AP mode interface, it can generate
the alternative carrier record for NFC connection handover select
message similarly to the way this is done in hostapd.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When wpa_supplicant is controlling an AP mode interface, it can generate
the NFC configuration token similarly to the way this is done in
hostapd.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Instead of reporting only one connection handover message, report
completion of NFC connection handover with carrier record from both the
request and select messages.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Since there could be multiple carrier records, it is cleaner to build
only the WPS carrier record instead of full NFC connection handover
request within wpa_supplicant.
Signed-hostap: Jouni Malinen <j@w1.fi>
Usual manual scan request may cause reassociation due to several
reasons. New command is intended to perform pure scan without taking any
automatic action based on the results.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
The RANGE=N1-N2 command did not return any entries in some cases where
N1 does not match with any BSS entry. Fix this by allow entries to be
fetched even without knowing the exact id values.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Add the "BSS LAST ..." command. This command helps in fetching the scan
entries iteratively from FIRST entry to LAST entry by ID.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The "BSS FIRST.." command fails when additional parameters (e.g., MASK)
is used since the string comparsion does not take into account the
number of characters. Fix by comparing only 5 characters as in other
commands.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If an implicit TDLS set up request is obtained on an existing link or an
to be established link, the previous link was not removed. This commit
disables the existing link on a new set up request. Also,
wpa_tdls_reneg() function was invoking wpa_tdls_start() on an already
existing peer for the case of internal setup, which is incorrect. Thus
the invocation of wpa_tdls_start() is removed in wpa_tdls_reneg() and
also this function is renamed to wps_tdls_remove() as it does not
renegotiation rather shall remove the link (if any) for the case of
external setup.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 59ff6653aa fixed this issue for
'removing a network', and we also need to take care of 'removing all
networks'.
Signed-hostap: Jaewan Kim <jaewan at google.com>
The new "sae_group=<id>" line will be included in the ctrl_iface STATUS
output if SAE was used for the association.
Signed-hostap: Jouni Malinen <j@w1.fi>
Cancel the existing supplicant scan and start a new supplicant
scan on PNO start and stop respectively. This makes sure that
supplicant scan is in progress when the device resumes.
Signed-off-by: Pandiyarajan Pitchaimuthu <c_ppitch@qca.qualcomm.com>
The first "if" in the SCAN command handling didn't check properly for
sched_scan, causing the sched_scan and scan to run concurrently, instead
of cancelling the ongoing sched scan (which is handled by the "else if"
later).
Signed-hostap: Eliad Peller <eliad@wizery.com>
Basic support for the 60 GHz band. Neither P2P nor WPS are yet taken
care off. Allows to start AP with very simple config:
network={
ssid="test"
mode=2
frequency=60480
key_mgmt=NONE
}
Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The optional tfs_req=<hex dump> parameter can be added for the wnm_sleep
command to specify the TFS request element to use in the WNM-Sleep Mode
Request frame.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The current PMKSA cache entry needs to be clear to allow EAPOL
reauthentication to be started in case this association used PMKSA
caching.
Signed-hostap: Jouni Malinen <j@w1.fi>
Both the ctrl_iface and D-Bus interface use similar functionality to
request a new connection. Combine these to a single function to avoid
need to maintain duplicated implementation.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpas_connection_failed() uses the blacklist count to figure out a
suitable time to wait for the next scan. This mechanism did not work
properly in cases where the temporary blacklist gets cleared due to no
other BSSes being available. Address this by maintaining an additional
count of blacklisting values over wpa_blacklist_clear() calls. In
addition, add one more step in the count to timeout mapping to go to 10
second interval if more than four failures are seen.
Signed-hostap: Jouni Malinen <j@w1.fi>
This allows the ctrl_iface STATUS information to be used to determine
which Home SP credential (domain in the cred block) was used and whether
the network is operated by the home SP.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows credential entries to be removed based on SP FQDN without
having to iterate through the configured entries from an external
program to figure out which credentials should be removed for a specific
SP.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If the credential that was used to create a temporary HS 2.0 network
block is removed, remove the network block, too.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The UFD (USB flash drive) configuration method was deprecated in WSC
2.0. Since this is not known to be used, remove the UFD implementation
from hostapd and wpa_supplicant to allow the WPS implementation to be
cleaned up. This removes the now unused OOB operations and ctrl_iface
commands that had already been deprecated by the new NFC operations.
Signed-hostap: Jouni Malinen <j@w1.fi>
cfg80211/mac80211 may reject disassociation command if association has
not yet been formed. Use deauthentication in cases where it is possible
that we are associating at the moment the command is issued.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new P2P_SET parameter disc_int can now be used to configure
discoverable interval for p2p_find operations. The format of the command
for setting the values is "P2P_SET disc_int <minDiscoverableInterval>
<maxDiscoverableInterval> <max TUs for discoverable interval>". The
first two parameters are given in units of 100 TUs (102.4 ms). The third
parameter can be used to further limit the interval into a specific TU
amount. If it is set to -1, no such additional limitation is enforced.
It should be noted that the P2P specification describes the random
Listen state interval to be in units of 100 TUs, so setting the max TU
value to anything else than -1 is not compliant with the specification
and should not be used in normal cases. The default parameters can be
set with "P2P_SET disc_int 1 3 -1".
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The old WPS interface for using NFC has no known deployments and even
the binary libraries referenced here are not easily available anymore.
Since the new interface for using NFC with WPS covers the same
functionality, remove the old implementation to clean up WPS
implementation.
Signed-hostap: Jouni Malinen <j@w1.fi>
This commit adds new wpa_supplicant ctrl_iface commands to allow
external programs to go through NFC connection handover mechanism
with wpa_supplicant taking care of the WPS processing. This version
includes only the case where wpa_supplicant is operating as a
station/Enrollee.
Signed-hostap: Jouni Malinen <j@w1.fi>
This allows the P2P_PEER command to be used to fetch the list of
secondary device types that each P2P peer has advertised.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Extend the wpa_cli wps_pin command to support specification of the PIN
expiration time in seconds similarly to hostapd_cli wps_pin command when
using wpa_supplicant for AP mode (including P2P GO).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The bssid and priority parameters in a network block do not have any
effect on the validity of a PMKSA cache entry, so avoid flushing the
PMKSA cache when only these parameters are changed. This is mainly
to allow forced roaming or network selection changes without causing
a disconnection if the changes are done during RSN association that
used EAP.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When specified in the conf file this parameter will make all invocations
of p2p_group_add, p2p_connect, and p2p_invite behave as if "ht40" has
been specified on the command line. This shouldn't do harm since
regulatory constraints and driver capabilities are consulted anyway
before starting HT40 mode.
Signed-hostap: Arik Nemtsov <arik@wizery.com>
External programs can use this new parameter to prevent wpa_supplicant
from connecting to a list of BSSIDs and/or SSIDs. The disallowed BSSes
will still be visible in scan results and it is possible to run ANQP
operations with them, but BSS selection for connection will skip any
BSS that matches an entry in the disallowed list.
The new parameter can be set with the control interface SET command
using following syntax:
SET disallow_aps <disallow_list>
disallow_list ::= <ssid_spec> | <bssid_spec> | <disallow_list> | “”
SSID_SPEC ::= ssid <SSID_HEX>
BSSID_SPEC ::= bssid <BSSID_HEX>
For example:
wpa_cli set disallow_list "ssid 74657374 bssid 001122334455 ssid 68656c6c6f"
wpa_cli set disallow_list
(the empty value removes all entries)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The ASCII hexdump is somewhat difficult to search for (especially on
Android builds), so make the debug log easier to parse by printing the
full control interface command as a text string. In addition, use
wpa_dbg() to get the interface name printed so that multi-interface
cases can be debugged.
Signed-hostap: Jouni Malinen <j@w1.fi>
Commit 4d32c0c44d added another use for the
local pos variable and that broke the mechanism used to determine wheter
the peer address was provided. Fix this by using a separate pointer to the
peer address.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is an initial step in allowing the ANQP responses to be shared
among multiple BSSes if the BSSes are determined to be operating under
identical configuration.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If the REMOVE_NETWORK command is used to delete the currently connected
network, some operations were run between removing the network and
clearing of wpa_s->current_ssid. This left wpa_s->current_ssid pointing
to freed memory and should any operation end up using it before the
pointer gets cleared, freed memory could be references. Avoid this by
removing the network only after having completed the operations that
clear wpa_s->current_ssid.
Signed-hostap: Deepthi Gowri <deepthi@codeaurora.org>
intended-for: hostap-1
The freq and ht40 parameters can now be used with the p2p_invite
command when reinvoking a persistent group as the GO.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
wpa_cli p2p_serv_disc_req command can now be used to request WSD
request to be sent to specified or all peers who support WSD.
format: wifi-display <list of roles> <list of subelements>
examples:
p2p_serv_disc_req 00:00:00:00:00:00 wifi-display [source] 2,3,4,5
p2p_serv_disc_req 02:01:02:03:04:05 wifi-display [pri-sink] 3
p2p_serv_disc_req 00:00:00:00:00:00 wifi-display [sec-source] 2
p2p_serv_disc_req 00:00:00:00:00:00 wifi-display [source+sink] 2,3,4,5
p2p_serv_disc_req 00:00:00:00:00:00 wifi-display [source][pri-sink] 2,3,4,5
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This commit adds control interface commands and internal storage of
Wi-Fi Display related configuration. In addition, WFD IE is now added
to various P2P frames, Probe Request/Response, and (Re)Association
Request/Response frames. WFD subelements from peers are stored in the
P2P peer table.
Following control interface commands are now available:
SET wifi_display <0/1>
GET wifi_display
WFD_SUBELEM_SET <subelem> [hexdump of length+body]
WFD_SUBELEM_GET <subelem>
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows both hostapd and wpa_supplicant to be used to derive and
configure keys for GCMP. This is quite similar to CCMP key
configuration, but a different cipher suite and somewhat different rules
are used in cipher selection. It should be noted that GCMP is not
included in default parameters at least for now, so explicit
pairwise/group configuration is needed to enable it. This may change in
the future to allow GCMP to be selected automatically in cases where
CCMP could have been used.
This commit does not included changes to WPS or P2P to allow GCMP to be
used.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new gas_request and gas_response_get commands can be used to request
arbitary GAS queries to be performed. These can be used with ANQP or
with other (including vendor specific) advertisement protocols.
gas_request <BSSID> <AdvProtoID> [Query]
gas_response_get <addr> <dialog token> [offset,length]
For example, ANQP query for Capability list in interactive wpa_cli
session:
> gas_request 02:00:00:00:01:00 00 000102000101
<3>GAS-RESPONSE-INFO addr=02:00:00:00:01:00 dialog_token=0
status_code=0 resp_len=32
> gas_response_get 02:00:00:00:01:00 00
01011c00010102010501070108010c01dddd0c00506f9a110200020304050607
> gas_response_get 02:00:00:00:01:00 00 0,10
01011c00010102010501
> gas_response_get 02:00:00:00:01:00 00 10,10
070108010c01dddd0c00
> gas_response_get 02:00:00:00:01:00 00 20,10
506f9a11020002030405
> gas_response_get 02:00:00:00:01:00 00 30,2
0607
It should be noted that the maximum length of the response buffer is
currently 4096 bytes which allows about 2000 bytes of the response data
to be fetched with a single gas_response_get command. If the response is
longer, it can be fetched in pieces as shown in the example above.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If 4-way handshake fails due to likely PSK failure or if EAP
authentication fails, disable the network block temporarily. Use longer
duration if multiple consecutive failures are seen.
Signed-hostap: Jouni Malinen <j@w1.fi>
If the p2p_find command is used without the delay parameter, a 500 ms
default search delay will now be used when any interface using the same
radio is in an concurrent operation. "p2p_find delay=0" can be used to
enforce the old behavior in such a case if needed.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
A new optional delay=<search delay in milliseconds> parameter can now be
used with p2p_find command to request an extra delay between search
iterations. This can be used, e.g., to make p2p_find friendlier to
concurrent operations by avoiding it from taking 100% of the radio
resources.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Hotspot 2.0 allows only WPA2-Enterprise to be used, so other types of
networks must not be indicated as Hotspot 2.0 networks even if they
(incorrectly) advertise HS 2.0 support.
Signed-hostap: Jouni Malinen <j@w1.fi>
Add optional "ht40" argument for p2p_group_add command to enable 40 MHz
in 5GHz band. This configures the secondary channel, when HT support is
enabled and if the HW supports 40 MHz channel width.
Signed-hostap: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
Allow the user to configure an RSSI threshold in dBm below which the
nl80211 driver won't report scan results. Currently only supported
during scheduled (PNO) scans.
Signed-off-by: Thomas Pedersen <c_tpeder@qca.qualcomm.com>
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This functionality could be shared for other commands, too, so move
it to a common function. In addition, implement the validation in a
bit more strict way to avoid accepting values like '-123' as a valid
PIN.
Signed-hostap: Jouni Malinen <j@w1.fi>
Reject invalid PIN value in p2p_connect command. Before this, typos
like "pbd" as the third parameter could have resulted in OK return
value since this parameter was interpreted as the PIN.
Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
WPS_ER_NFC_CONFIG_TOKEN command can now be used to build a NFC
configuration token based on AP Settings learnt with WPS_ER_LEARN
or set with WPS_ER_CONFIG.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new wpa_supplicant ctrl_iface command WPS_NFC_TAG_READ can now be
used to process NFC tags read by external programs to initiate
wpa_supplicant to use NFC Configuration Token to create a new network.
Signed-hostap: Jouni Malinen <j@w1.fi>
Instead of requiring low-level access to an NFC device and synchronous
operations, the new WPS_NFC_TOKEN and WPS_NFC ctrl_iface commands can be
used to build a NFC password token and initiate WPS protocol run using
that token (or pre-configured values) as separate commands. The
WPS_NFC_TOKEN output can be written to a NFC tag using an external
program, i.e., wpa_supplicant does not need to have low-level code for
NFC operations for this.
Signed-hostap: Jouni Malinen <j@w1.fi>
Previously, a pending scan request could be left running when processing
DISCONNECT command from control interface. This can result in unexpected
scan, so cancel the request to avoid this.
Signed-hostap: Jouni Malinen <j@w1.fi>
Use wpa_supplicant_set_state() to initialize state to DISCONNECT so that
autoscan gets initialized properly. This needs a change in
autoscan_init() to avoid extra scan request that would postpone the
first scan request when an interface is added.
Signed-hostap: Jouni Malinen <j@w1.fi>
Add an additional parameter to prioritize either sta or p2p connection
to resolve conflicts arising during single channel concurrency.
Signed-hostap: Jithu Jance <jithu@broadcom.com>
This is a workaround for interoperability issues with some deployed P2P
implementations that require a Provision Discovery exchange to be used
before GO Negotiation. The new provdisc parameter for the p2p_connect
command can be used to request this behavior without having to run a
separate p2p_prov_disc command.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The nl80211 driver interface does not allow 128-bit WEP to be used
without a vendor specific cipher suite and no such suite is defined for
this purpose. Do not accept WEP key length 16 for nl80211 driver
interface forn ow. wext-interface can still try to use these for
backwards compatibility.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If the AP indicates support for Hotspot 2.0, show this in the
ctrl_iface commands for BSS table and status.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Do not try to associate with a network that has an invalid or incomplete
configuration because the association or at least data connection would
fail anyway. This commits adds a common function for checking whether a
network block is disabled to make it easier to check network blocks
without having to reject them during configuration file parsing (which
would prevent wpa_supplicant from starting). The only additional check
added in this commit is to verify the WEP key length. Similar checks for
other parameters can be added in future commits.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 7de5688d68 started using
wpa_supplicant_ctrl_iface_ctrl_rsp_handle() from the D-Bus code, but
left this function in ctrl_iface.c that is included conditionally. Fix
this by moving the common function into wpa_supplicant.c so that it can
be included for builds that include only either ctrl_iface or D-Bus.
Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
An existing persistent group information can now be used to force GO
Negotiation to use the previously used SSID/passphrase from a persistent
group if we become a GO. This can be used as an alternative to inviting
a new P2P peer to join the group (i.e., use GO Negotiation with GO
intent 15 instead of starting an autonomous GO and using invitation),
e.g., in case a GO Negotiation Request is received from a peer while we
are not running as a GO. The persistent group to use for parameters is
indicated with persistent=<network id> parameter to p2p_connect.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
wpa_supplicant can now be requested to automatically figure out whether
the indicated peer is operating as a GO and if so, use join-a-group
style PD instead of pre-GO Negotiation PD.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>