At least some error paths (e.g., hitting the limit on hunt-and-peck
iterations) could have resulted in double-freeing of some memory
allocations. Avoid this by setting the pointers to NULL after they have
been freed instead of trying to free the data structure in a location
where some external references cannot be cleared. [Bug 453]
Signed-hostap: Jouni Malinen <j@w1.fi>
The previously used limit (10) is too small for practical purposes since
it can result in about 1 out of 1000 authentication attempts failing.
Increase the limit to 30 to avoid such issues. [Bug 453]
Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
os_random() may not be seeded properly, so use stronger mechanism for
generating the password id for NFC password tokens.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new hostapd ctrl_iface command WPS_NFC_TOKEN can now be used to
manage AP-as-Enrollee operations with NFC password token. WPS/NDEF
parameters to this command can be used to generate a new NFC password
token. enable/disable parameters can be used to enable/disable use of
NFC password token (instead of AP PIN) for external Registrars.
A preconfigured NFS password token can be used by providing its
parameters with new hostapd.conf fields wps_nfc_dev_pw_id,
wps_nfc_dh_pubkey, wps_nfc_dh_privkey, and wps_nfc_dev_pw. This use
will also depend on WPS_NFC_TOKEN enable/disable commands, i.e., the
configured NFS password token is disabled by default.
Signed-hostap: Jouni Malinen <j@w1.fi>
The AP PIN on wps_reg command can now be replaced with special value
"nfc-pw" to use device password from a NFC password token from the AP.
Signed-hostap: Jouni Malinen <j@w1.fi>
WPS_ER_NFC_CONFIG_TOKEN command can now be used to build a NFC
configuration token based on AP Settings learnt with WPS_ER_LEARN
or set with WPS_ER_CONFIG.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new wpa_supplicant ctrl_iface command WPS_NFC_TAG_READ can now be
used to process NFC tags read by external programs to initiate
wpa_supplicant to use NFC Configuration Token to create a new network.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new hostapd ctrl_iface command WPS_NFC_CONFIG_TOKEN can now be used
to fetch payload for an NFC configuration token so that an external
program can be used to write this on an NFC tag.
Signed-hostap: Jouni Malinen <j@w1.fi>
This adds a cleaner mechanism for handling NFC Password Tokens in the
WPS Registrar. There could be more than one active NFC Password Token in
use and as such, a list of tokens needs to be maintained. The old
WPS_OOB interface is still using the old mechanism that supports only a
single active NFC Password Token.
Signed-hostap: Jouni Malinen <j@w1.fi>
hostapd ctrl_iface can now be used to deliver payload from read
operation of an NFC tag. This allows operations without having to have
low-level NFC code within hostapd. For now, the new wps_nfc_tag_read
command can be used with NFC password tokens for the case where the AP
has an NFC device that is used to read an NFC tag from the station
Enrollee.
Signed-hostap: Jouni Malinen <j@w1.fi>
Instead of requiring low-level access to an NFC device and synchronous
operations, the new WPS_NFC_TOKEN and WPS_NFC ctrl_iface commands can be
used to build a NFC password token and initiate WPS protocol run using
that token (or pre-configured values) as separate commands. The
WPS_NFC_TOKEN output can be written to a NFC tag using an external
program, i.e., wpa_supplicant does not need to have low-level code for
NFC operations for this.
Signed-hostap: Jouni Malinen <j@w1.fi>
The OOB Device Password is passed in as a hexdump of the real Device
Password (16..32 octets of arbitrary binary data). The hexdump needs to
be converted to binary form before passing it for WPS processing.
Signed-hostap: Jouni Malinen <j@w1.fi>
Previously, only the maximum length 32 octets for OOB device password
was accepted. Since the specification allows a shorter password to be
used with limited OOB mechanism (e.g., small NFC tag), we should accept
lengths 16..32.
Signed-hostap: Jouni Malinen <j@w1.fi>
The earlier WPS 2.0 changes did not increase the wpabuf size when
adding a new attribute to the NFC password token. This could result
in aborting the application on wpabuf overflow if NFC out-of-band
mechanism is used with WPS 2.0 enabled.
Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
Some drivers may independently decide to switch channels. Handle this by
updating the hostapd and wpa_supplicant AP and GO configuration.
Signed-hostap: Thomas Pedersen <c_tpeder@qca.qualcomm.com>
Previously, the STA entry was removed only from the driver and the STA
entry within hostapd was just marked disassociated. However, this left
the WPA authenticator state machine with an entry and the session was
not terminated properly. In addition, the STA entry could have remaining
indefinitely if the STA did not reconnect after TKIP countermeasures.
Fix this by removing the STA entry from hostapd instead of just leaving
it disassociated.
Signed-hostap: Jouni Malinen <j@w1.fi>
In AP which supports WPSv2 with only virtual push button, when PBC is
called, the WSC IE should include Selected Registrar Configuration
Methods attribute with the bit of the physical push button not set.
Signed-hostap: Yoni Divinsky <yoni.divinsky@ti.com>
Without this, we can get into a tight loop because the
code in general doesn't add eloop exception handlers,
so socket reporting the POLLERR would never be read.
With this change, any socket with POLLERR or POLLHUP
asserted will be handled by the read logic.
Signed-hostap: Ben Greear <greearb@candelatech.com>
The control message received from the kernel needs some space, but
there's no need for the strange typing that breaks clang compilation.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Maintain a copy of Chargeable-User-Identity in the PMKSA cache to allow
it to be included in accounting messages even if full authentication was
not completed.
Signed-hostap: Jouni Malinen <j@w1.fi>
Calling-Station-Id, Acct-Session-Id, and User-Name attributes in a
Disconnect-Request message can now be used to indicate which station is
to be disconnected.
Signed-hostap: Jouni Malinen <j@w1.fi>
DAS will now validate Event-Timestamp value to be within an acceptable
time window (300 seconds by default; can be set using
radius_das_time_window parameter). In addition, Event-Timestamp can be
required in Disconnect-Request and CoA-Request messages with
radius_das_require_event_timestamp=1.
Signed-hostap: Jouni Malinen <j@w1.fi>
Currently, FullMAC Persistent GO can't use p2p_client_list because its
own hapd->p2p_group is NULL at ap_sta_set_authorized(). This patch
changes the processing to use sta->p2p_ie instead of
p2p_group_get_dev_addr() on FullMAC GO.
Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
The P2P Client Discoverability bit is reserved in most frames and its
value in the local P2P peer table should only be updated based on P2P
Group Info attribute from a GO. Fix this by avoiding changes to this
dev_capab bit based on other P2P frames. It would be more correct to
track this separately for each group in which the peer is a member, but
since we do not do that for the other group specific information either,
this can do for now.
It should be noted that prior to commit
18485b5469 wpa_supplicant set this bit in
all P2P frames. However, that commit changed this to match the
specification, i.e., the bit is not set in frames which are received
from P2P Device role. As such, this fix is needed to be able to figure
out that a peer supports client discoverability capability after that
commit.
Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
In the P2P specification v1.1, the P2P Client Discoverability bit is
described in Table 12 "Device Capability Bitmap definition". The table
says "Within a P2P Group Info attribute and a (Re)association request
frame the P2P Client Discoverability field shall be set to 1 when the
P2P Device supports P2P Client Discoverability, and is set to 0
otherwise. This field shall be reserved and set to 0 in all other frames
or uses.". To match with this, filter out P2P Client Discoverability bit
from frames where its use is reserved.
Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
If the peer uses an unknown reauth id, it would still be possible to use
pseudonym instead of permanent id. Allow this by changing the
AT_PERMANENT_ID_REQ to AT_FULLAUTH_ID_REQ in case unknown reauth id is
used in EAP-Response/Identity.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
There is a race condition in GO Negotiation Request frame sending and
processing that may end up with both devices sending GO Negotiation
Response. This response frame was previously accepted even if a response
had already been sent. This could result in two GO Negotiation Confirm
frames being exchanged and consequently, with two separate GO
Negotiations completing concurrently. These negotiations could result in
getting mismatching parameters (e.g., both device could believe it was
the GO).
Fix this by ignoring GO Negotiation Response from the peer if twe have
already sent a GO Negotiation Response frame and we have the higher P2P
Device Address. This is similar to the rule used to determine whether to
reply to GO Negotiation Request frame when Request was already sent,
i.e., the same direction of GO Negotiation is maintained here to enforce
that only the negotiation initiated by the device with smaller P2P
Device Address is completed.
Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
If both peers initiate GO Negotiation at about the same time, it is
possible for the GO Negotiation Request frame from the peer to be
received between the local attempt to send the GO Negotiation Request
and TX status event for that. This could result in both devices sending
GO Negotiation Response frames even though one of them should have
skipped this based which device uses a higher MAC address.
Resolve this race by incrementing go_neg_req_sent when p2p_send_action()
returns success instead of doing this from the TX status callback. If
the frame is not acknowledged, go_neg_req_sent is cleared in TX status
handler.
Signed-off-by: Neeraj Garg <neerajkg@broadcom.com>