Commit graph

6582 commits

Author SHA1 Message Date
Jouni Malinen
5e24dc8a4b Add dup_binstr() to help common binary string tasks
There are quite a few places in the current implementation where a nul
terminated string is generated from binary data. Add a helper function
to simplify the code a bit.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-27 23:44:59 +03:00
Jouni Malinen
8b44ad7e16 Use os_zalloc() instead of os_malloc() + os_memset()
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-27 23:05:52 +03:00
Jouni Malinen
2c48211c49 FT RRB: Validate os_malloc() return value before using it
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-27 23:05:15 +03:00
Michael Braun
7ca902b53e Make vlan_file optional if dynamic_vlan is used
My APs generate their configuration on their own using a different
number of (vlan-enabled) bss. Currently, all my vlan_file files consist
of a single line: the wildcard line. Configuration file generation would
be easier, if the hostapd configuration file would not depend on those
simple vlan_file files.

This patch removes the need for those one-line files by using the
<device>.<vlan> naming scheme if no vlan_file is given (or that file is
empty). This should not break any existing setup, as using dynamic_vlan
with no vlan configured does not make sense anyway.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2013-04-27 22:53:34 +03:00
Jouni Malinen
bdb112d35f Add bitfield routines
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-27 22:16:40 +03:00
Jouni Malinen
04382f7d6f NFC: Add no waiting and no multiple operations options for scripts
The nfcpy script used to be run in a way that left them running for
multiple operations. This is not desired for some use cases, so provide
options to request only a single operation to be performed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-27 22:15:23 +03:00
Jouni Malinen
590160d502 tests: Add a test case for AP auto configuration on config token build
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-27 22:15:06 +03:00
Jouni Malinen
fe904963d0 WPS: Fix AP auto configuration on config token generation
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-27 22:14:56 +03:00
Jouni Malinen
28fcfb67c0 NFC: Increase wpa_cli command buffer size
NFC connection handover messages may be longer than 100 octets, so
increase wpa_cli buffer size to allow longer messages to be reported.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-27 22:14:45 +03:00
Jouni Malinen
8f7a6dd7d0 WPS NFC: Allow Device Password ID override for selected registrar
When a specific out-of-band Device Password is enabled, it can be useful
to be able to advertise that in the selected registrar information.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-27 22:14:31 +03:00
Jouni Malinen
aaecb69d87 WPS: Use generic MAC Address attribute builder
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-27 22:13:36 +03:00
Jouni Malinen
8e80dd5b0c tests: Use ignore_old_scan_res with some more WPS tests
The scan results from old test cases showing different SSID on the AP
can result in false failures, so avoid those by ignoring old scan
results from cfg80211.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-27 22:12:45 +03:00
Jouni Malinen
9ccd916504 P2P: Clean up channel--frequency conversion functions
All P2P use cases are required to use the global operating table and
there is no need to need to try to maintain some backwards compatibility
with country code -specific values. Clean up the implementation by
removing the unnecessary country parameter.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-27 22:12:13 +03:00
Jouni Malinen
e864c0aefe Use a common frequency to channel conversion function
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-27 22:11:51 +03:00
Deepthi Gowri
02db75b6c2 FT: Reset FT flag upon STA deauthentication
Reset ft_completed if STA receives deauthentication
between FT reassoc success and the subsequent initial
mobility authentication and association.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-26 17:56:24 +03:00
Jouni Malinen
f59a10d405 tests: Generate a tarball of test results if a test fails
This makes it easier to collect failure data from test servers for
further analysis.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-26 13:48:48 +03:00
Jouni Malinen
7800d45c71 P2P: Set P2P_DEV_PEER_WAITING_RESPONSE from TX status callback
Commit fb8984fd6f added a mechanism to
skip the Listen state when the peer is expected to be waiting for us to
initiate a new GO Negotiation. However, this flag was set when building
the GO Negotiation Response frame with status 1 regardless of whether we
managed to send that frame or peer receive it. This could result in GO
Negotiation failures in cases where the peer did not receive the
response and Listen channels of the devices were different. Fix this by
setting the flag only after TX status indicating success has been
received.

This fixes frequent failures shown for the test_grpform_pbc hwsim test
case.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-26 12:57:52 +03:00
Jouni Malinen
79c3cbaf12 tests: Capture hwsim0 packet dump during test run
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-26 12:36:56 +03:00
Shijie Zhang
d78d3c6190 EAP peer: Add check before calling getSessionId method
We should not call getSessionID method if it's not provided. This fixes
a regression from commit 950c563076 where
EAP methods that did not implement getSessionId resulted in NULL pointer
dereference when deriving the key.

Signed-off-by: Shijie Zhang <shijiez@qca.qualcomm.com>
2013-04-26 12:30:01 +03:00
Jouni Malinen
dd57970477 Disable network temporarily on repeated connection failures
Previously, only explicit indications of authentication failures were
used to disable a network block temporarily. Extend this to use multiple
failed connection attempts as a sign of a possible authentication or
authorization failure to reduce the frequency of connection attempts
with a network that does not seem to allow connection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-25 17:28:50 +03:00
Jouni Malinen
97279d8d1a nl80211: Drop frame events that are for foreign address
This avoids duplicate processing of events when multiple BSSes are
configured.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-24 01:02:01 +03:00
Jouni Malinen
cc2ada868e nl80211: Reduce debug on Probe Request frames
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-24 01:01:21 +03:00
Jouni Malinen
63a965c313 P2P: Fix after_scan_tx processing during ongoing operations
When Action frame TX is postponed until a pending p2p_scan completes,
there may be additional operations that need to be continued after the
postponed Action frame TX operation completes. Fix this by starting
pending operation (if any) from TX status event for after_scan_tx
frames.

This fixes common errors seen with the test_discovery hwsim test case.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-23 21:15:54 +03:00
Jouni Malinen
06b7f58def RSN: Update preauth scan results only based on new scan results
The fast-connect optimization to skip a new scan did not update how the
RSN preauthentication callback is used. There is no point in trying to
add preauthentication candidates from cases where scan was skipped, so
skip this call, too, in such cases.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-23 18:24:00 +03:00
Jouni Malinen
18e00b5e4d Move wpa_s freeing into wpa_supplicant_deinit_iface()
All wpa_supplicant_deinit_iface() callers ended up freeing wpa_s
immediately after this call. Move os_free(wpa_s) into the deinit
function to share the same call and make the deinit sequence clearer.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-23 18:07:41 +03:00
Paul Stewart
754632c965 dbus_new: Add EAP logon/logoff
Add "EAPLogoff" and "EAPLogon" interface DBus commands which
parallel the "logoff" and "logon" wpa_ctrl commands which terminate
and restart EAP authentication.  Slightly enhance the "logon" case
by expiring any running "startWhile" timer.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2013-04-23 17:57:55 +03:00
Johannes Berg
c2aff6b1d1 hostapd: Add some testing options
In order to test clients in scenarios where APs may (randomly)
drop certain management frames, introduce some testing options
into the hostapd configuration that can make it ignore certain
frames. For now, these are probe requests, authentication and
(re)association frames.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-04-23 17:51:28 +03:00
Dmitry Shmidt
e6304cad47 wpa_supplicant: Add option -I for additional config file
This option can be used only for global parameters that are not going
to be changed from settings.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Signed-off-by: Iliyan Malchev <malchev@google.com>
2013-04-23 17:38:57 +03:00
Johannes Berg
adc96dc2ad nl80211: Fix nla_nest_start conversion
Dmitry reported that the kernel could no longer parse the
scheduled scan attributes correctly after my patch to use
nla_nest_start/nla_nest_end. The reason is that the wrong
attribute is closed I accidentally made it close the full
scan config instead of just the SSID match set.

Reported-by: Dmitry Shmidt <dimitrysh@google.com>
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-04-23 17:19:20 +03:00
Bruno Randolf
060605226f wpa_supplicant: Add get_capability freq
Add "get_capability freq" command to print a more verbose list of
channels and frequencies in MHz. The tag "NO_IBSS" is added, if IBSS
mode is not allowed on a channel. This allows userspace programs to get
the frequencies and limitations associated with each channel.

This extends the information already provided in "get_capability
channels" but a new interface is chosen because of backwards
compatibility considerations.

Signed-hostap: Bruno Randolf <br1@einfach.org>
2013-04-23 16:55:54 +03:00
Chris Hessing
c7a39ba4e1 Provide TLS alerts to CLI/UI over control interface
Harmonize EAP status events over control interface to provide same
functionality as existing D-Bus callback.

Signed-hostap: Chris Hessing <chris.hessing@cloudpath.net>
2013-04-23 16:46:02 +03:00
Jouni Malinen
2a07a276ec P2P: Increase GTK rekeying period to 24 hours
Strong ciphers do not need frequent rekeying, so increase the default
GTK rekeying period to 24 hours.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-23 14:11:10 +03:00
Jouni Malinen
f2f66ad7e8 wlantest: Fix CCMP-256 cipher
TK was incorrectly truncated in a way that resulted in CCMP (128-bit
key) encryption being used in practice.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-05 22:18:25 +03:00
Jouni Malinen
75fa7d19a4 TDLS: Fix key configuration with current mac80211
A kernel commit ("mac80211: fix FT roaming") started validating that the
STA entry is marked associated when adding a key. While this is needed
to fix some FT use cases with hardware crypto, it has a side effect of
breaking TDLS key configuration. Work around this by trying to
re-configure the key for the direct link after the STA entry has been
set with all information. In addition, try to tear down the link if
anything goes wrong in key configuration (if both attempts fail) or
enabling the link in the driver.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-03 18:39:10 +03:00
Jouni Malinen
88c8bf311e WPS NFC: Allow configuration token to be built from network block
"WPS_NFC_CONFIG_TOKEN <WPS/NDEF> <network id>" can now be used to build
an NFC configuration token from a locally configured network.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 21:28:57 +03:00
Jouni Malinen
e205401c72 WPS ER: Allow Enrollee to be specified with MAC address
wps_er_pbc and wps_er_pin can now be used with both the UUID and MAC
Address of the Enrollee.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 20:52:44 +03:00
Jouni Malinen
c44a19c1f9 WPS ER: Document additional NFC command for ER operations
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 20:36:15 +03:00
Jouni Malinen
59307b3007 WPS ER: Allow AP to be specified with BSSID
This extends the WPS ER commands that previously accepted only UUID as
an identifier for an AP to use either UUID or BSSID for this.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 20:32:09 +03:00
Jouni Malinen
ea295abcd5 tests: Add test cases for NFC+WPS
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 19:34:53 +03:00
Jouni Malinen
49e160a58d WPS: Fix use of pre-configured DH keys with multiple operations
wps_build_public_key() takes the dh_ctx into use and another attempt to
use the same DH keys fails with wps->dh_ctx being set to NULL. Avoid
this by using the DH parameters only if dh_ctx is valid. This fixes
cases where a use of local pre-configured DH keys followed by an
operating using peer DH keys would faild due to unexpected attempt to
use local keys again.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 19:30:34 +03:00
Jouni Malinen
5c9d63d46f WPS: Be more careful with pre-configured DH parameters
Make the implementation more robust against error cases with
pre-configured DH parameters.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 19:27:32 +03:00
Jouni Malinen
cd61936a4a hostapd: Show more helpful message for -g and -G errors
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 18:17:24 +03:00
Jouni Malinen
17b8995cf5 Interworking: Try to use same BSS entry for storing GAS results
There may be cases where multiple BSS entries for a single BSSID are in
the table. This is mostly in automated test cases due to the AP
configuration changes, but something similar could potentially happen as
a corner case in more realistic networks, too, e.g., when an AP changes
its operating channel. Make network selection more robust by trying to
find the exact BSS entry instead of any BSS entry with a matching BSSID
when storing GAS/ANQP response.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 11:44:04 +03:00
Jouni Malinen
c7860beb52 tests: Use Wlantest class in test_autogo_tdls
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 10:37:44 +03:00
Jouni Malinen
93a06242ce tests: Add a test case for Hotspot 2.0 network selection
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 01:01:24 +03:00
Jouni Malinen
6b67117a34 tests: Stop wpa_supplicant before hostapd
Stopping the AP first was not ideal for the test cases since it could
result in wpa_supplicant trying to connect back and start a scan at the
end of a test case and cause problems for the following test case that
tried to scan in the beginning while the previously started scan was
still in progress.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 00:59:50 +03:00
Jouni Malinen
3db5439a5f Optimize Extended Capabilities element to be of minimal length
Leave out zero octets from the end of the element.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-31 21:58:17 +03:00
Johannes Berg
8cd6b7bce8 hostapd/wpa_s: Use driver's extended capabilities
Some extended capabilities (I'm currently interested in "Operating Mode
Notification" for VHT) are implemented by the kernel driver and exported
in nl80211. Use these in hostapd/wpa_supplicant.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-03-31 21:51:44 +03:00
Jouni Malinen
62d58f7ae3 tests: Use FLUSH command to clear wpa_supplicant state
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-31 20:32:33 +03:00
Jouni Malinen
acb546436a Add ctrl_iface command FLUSH for clearing wpa_supplicant state
This is mainly for testing purposes where it is convenient to have an
easy way of getting wpa_supplicant state cleared between test cases.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-31 20:31:07 +03:00