Commit graph

9126 commits

Author SHA1 Message Date
Jouni Malinen
47ea24c13d Fix PMKSA cache timeout from Session-Timeout in WPA/WPA2 cases
Previously, WPA/WPA2 case ended up using the hardcoded
dot11RSNAConfigPMKLifetime (43200 seconds) for PMKSA cache entries
instead of using the Session-Timeout value from the RADIUS server (if
included in Access-Accept). Store a copy of the Session-Timeout value
and use it instead of the default value so that WPA/WPA2 cases get the
proper timeout similarly to non-WPA/WPA2 cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
8e1fc78e1f tests: PMKSA caching disabled on AP
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Janusz Dziedzic
dc152f32b4 wpa_supplicant: Enable HT for IBSS
Enable HT20 for IBSS when HT is supported by the driver.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-10-04 18:54:22 +03:00
Janusz Dziedzic
4ec68377ef wpa_supplicant: Use hostapd_freq_params in assoc_params
Use hostapd_freq_params instead of simple frequency parameter for driver
commands. This is preparation for IBSS configuration to allow use of
HT/VHT in IBSS.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-10-04 18:43:42 +03:00
Jouni Malinen
43f02e6ad7 wpa_ctrl: Update wpa_ctrl_recv() documentation for non-block behavior
Commit 4fdc8def88 changed the wpa_ctrl
socket to be be non-blocking, so the comment about wpa_ctrl_recv()
blocking is not valid anymore.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 18:32:57 +03:00
Tomasz Bursztyka
1274ec2329 dbus: Add an interface configuration entry to set the WPS methods
It is thus possible to restrain WPS methods to prefered ones, like PBC
only, etc.

Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
2014-10-04 18:29:33 +03:00
Jouni Malinen
393869c551 tests: External MAC address change
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 16:41:33 +03:00
Dan Williams
3e0272ca00 nl80211: Re-read MAC address on RTM_NEWLINK
Commit 97279d8d (after hostap-2.0) dropped frame events from foreign
addresses. Unfortunately this commit did not handle the case where the
interface's MAC address might be changed externally, which other
wpa_supplicant code already handled. This causes the driver to reject
any MLME event because the address from the event doesn't match the
stale address in the driver data.

Changing an interface's MAC address requires that the interface be
down, the change made, and then the interface brought back up. This
triggers an RTM_NEWLINK event which driver_nl80211.c can use to
re-read the MAC address of the interface.

Signed-hostap: Dan Williams <dcbw@redhat.com>
2014-10-04 16:41:20 +03:00
Jouni Malinen
5dfbd725a9 nl80211: Add get_bss_ifindex() helper
This can be used to fetch a BSS entry based on interface index.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 16:21:03 +03:00
Jouni Malinen
f1a613118e P2P: Use only the -m config for P2P management device
Previously, the case of non-netdev P2P management device ended up
pulling in both the main interface (e.g., wlan0) and P2P Device
interface (from command line -m argument) as configuration. Similarly,
the main interface ended up included both configuration files. This is
not really helpful for various use cases, e.g., when permanent P2P group
information is stored in the P2P Devince interface, but it gets
duplicated in the main station interface configuration.

Clean this up by changing the -m<file> argument to replace, not
concatenate, configuration information. In other words, the main station
interface will not read this configuration and the P2P Device interface
(non-netdev) does not read parameters from the station interface
configuration file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-03 22:50:21 +03:00
Jouni Malinen
c4a8c173b8 Revert "tests: Skip ap_wpa2_tdls_concurrent_init on failure"
This reverts commit bf700cc3d2. The
concurrent initialization test case is now expected to work again with
the STA entry added early enough to avoid the recently added mac80211
validation step failure.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-03 11:53:38 +03:00
Arik Nemtsov
77835ae9dd tests: Verify TDLS responder teardown in encrypted network
Older mac80211 implementations did not set the link identifier
appropriately, resulting in an incorrect teardown packet being sent the
peer. wpa_supplicant adds the FTE containing the MIC field calculated
using the correct link-identifier. This causes a MIC failure on the
other side and the teardown is discarded. Verify this case is fixed by
newer kernel and wpa_supplicant code.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2014-10-03 11:53:31 +03:00
Arik Nemtsov
08d7665c6b TDLS: Use WMM IE for propagating peer WMM capability
Relying on qos qosinfo is not enough, as it can be 0 for WMM enabled
peers that don't support U-APSD. Further, some peers don't even contain
this IE (Google Nexus 5), but do contain the WMM IE during setup.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2014-10-03 11:52:56 +03:00
Arik Nemtsov
17729b0985 TDLS: Fix concurrent setup test for mac80211 drivers
A recent mac80211 patch ("8f02e6b mac80211: make sure TDLS peer STA
exists during setup") forces the TDLS STA to exist before sending any
mgmt packets. Add the STA before sending a concurrent-setup test packet.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2014-10-03 11:52:27 +03:00
Arik Nemtsov
984dadc23a TDLS: Set the initiator during tdls_mgmt operations
Some drivers need to know the initiator of a TDLS connection in order
to generate a correct TDLS mgmt packet. It is used to determine
the link identifier IE. Pass this information to the driver.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2014-10-03 11:52:21 +03:00
Jouni Malinen
01cb5df20c Sync with wireless-testing.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2014-10-02.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-03 11:39:27 +03:00
Ilan Peer
ca3c6b4da7 nl80211: Fix compatibility with older version of libnl
Commit 97ed9a06df ('nl80211: Remove bridge
FDB entry upon sta_remove()') used nl_sock and nl_socket_* functions
which are not compatible with older versions of libnl. Fix this.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2014-10-03 11:34:51 +03:00
Jouni Malinen
d76426c3aa TDLS: Filter AID value properly for VHT peers
IEEE 802.11 standard sends AID in a field that is defined in a bit
strange way to set two MSBs to ones. That is not the real AID and those
extra bits need to be filtered from the value before passing this to the
driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-01 19:58:44 +03:00
Jouni Malinen
b5db69197a tests: Random MAC addresses while maintaining OUI
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-30 00:40:23 +03:00
Jouni Malinen
a313d17de9 Extend random MAC address support to allow OUI to be kept
mac_addr=2 and preassoc_mac_addr=2 parameters can now be used to
configure random MAC address to be generated by maintaining the OUI part
of the permanent MAC address (but with locally administered bit set to
1). Other than that, these values result in similar behavior with
mac_addr=1 and preassoc_mac_addr=1, respectively.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-30 00:40:23 +03:00
Jouni Malinen
1cbdb9d137 Add helper function for generating random MAC addresses with same OUI
random_mac_addr_keep_oui() is similar to random_mac_addr(), but it
maintains the OUI part of the source address.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-30 00:40:23 +03:00
Jouni Malinen
c1d1b6998d tests: Update server and user certificates
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-30 00:40:23 +03:00
Jouni Malinen
d1fc5736cc tests: FDB entry addition/removal
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-29 14:03:15 +03:00
Kyeyoon Park
97ed9a06df nl80211: Remove bridge FDB entry upon sta_remove()
The FDB entry removal ensures that the traffic destined for a
disassociated station's MAC address is no longer forwarded from the
bridge to the BSS.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-09-29 13:10:13 +03:00
Kyeyoon Park
39323bc16a AP: hostapd_setup_bss() code clean-up
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-09-29 13:10:13 +03:00
Ahmad Masri
1595eb93ae P2P: Add support for 60 GHz social channel
Support 60 GHz band in P2P module by selecting random social channel
from all supported social channels in 2.4 GHz and 60 GHz bands.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-29 12:01:46 +03:00
Bojan Prtvar
b6ebdfbedd Extend STATUS command with frequency information
This makes 'wpa_cli status' command more versatile.

Signed-off-by: Bojan Prtvar <bojan.prtvar@rt-rk.com>
2014-09-28 20:47:06 +03:00
Philippe De Swert
375f4a3b5a hostapd: Avoid dead code with P2P not enabled
In case P2P is not enabled the if (dev_addr) is always ignored as
dev_addr will be NULL. As this code is relevant only to P2P, it can be
moved to be the ifdef to avoid static analyzer warnings. (CID 72907)

Signed-off-by: Philippe De Swert <philippe.deswert@jollamobile.com>
2014-09-28 20:47:06 +03:00
Tomasz Bursztyka
6a60488745 dbus: Add a global property to set or unset WFD IEs
This permits to set or unset the WiFi Display subelements from DBus, by
providing the full WFD specific IE frame.

Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
2014-09-28 20:47:06 +03:00
Tomasz Bursztyka
4bd7e1614f wifi_display: Add a utility function to set WFD subelements from IEs
This will be useful to update the WFD subelements from DBus.

Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
2014-09-28 20:46:49 +03:00
Tomasz Bursztyka
d4177443d4 wifi_display: Add a utility function to get the sub-elements as IEs
This will be useful for DBus API to expose current WFD configuration.

Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
2014-09-28 19:22:23 +03:00
Bernhard Walle
a8833b84f4 util: Don't use "\e"
'\e' representing ESC (0x1b) is not C standard, it's an GNU extension.
https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes

Since the code also compiles on Windows with Microsoft compiler, we
should use '\033' instead.

Note: I didn't try to build the whole wpa_supplicant on Windows, so I
don't know if it still builds (I have no Visual Studio 2005 for a quick
test). I just needed the string conversion routines for the P"" syntax
in both directions.

Signed-off-by: Bernhard Walle <bernhard@bwalle.de>
2014-09-28 19:16:32 +03:00
Jouni Malinen
7c33a65671 tests: P2P_PROV_DISC auto
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 18:56:06 +03:00
Jouni Malinen
746327ca86 tests: P2P service discovery no protocol/match cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 18:44:24 +03:00
Jouni Malinen
06f94fd0e1 tests: Increase P2P persistent group with per-STA PSK coverage
Remove and re-start the persistent group manually to increase test
coverage to include the case of re-configuring the PSK list entries from
a stored persistent group.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 18:09:53 +03:00
Jouni Malinen
4a7d73d161 tests: Make ap_hs20_random_mac_addr more robust
If the previuous test case used a non-RSN AP and that was left in
cfg80211 scan results, it was possible for ap_hs20_random_mac_addr to
pick that old AP from the previous test and reject to connect through
Hotspot 2.0 mechanisms. Work around this test issue by requesting new
set of scan result at the beginning of the test.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 17:51:09 +03:00
Jouni Malinen
e5a79e3f93 tests: WPS while connected
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 11:03:48 +03:00
Stefan Lippers-Hollmann
8c6f4a5a50 ap_config.c: fix typo for "capabilities"
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
2014-09-28 11:03:48 +03:00
Jouni Malinen
6e252b0db3 WPS: Fix WPS-in-search check when STA_AUTOCONNECT is disabled
If "STA_AUTOCONNECT 0" has been used to disable automatic connection on
disconnection event and the driver indicates multiple disconnection
events for the disconnection from the current AP when WPS is started, it
could have been possible to hit a case where wpa_s->disconnected was set
to 1 during WPS processing and the following scan result processing
would stop the operation.

wpa_s->key_mgmt == WPA_KEY_MGMT_WPS check was trying to avoid to skip
autoconnect when WPS was in use, but that does not seem to work anymore.
Fix this by checking through wpas_wps_searching() as well to avoid
setting wpa_s->disconnect = 1 when there is an ongoing WPS operation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 11:03:48 +03:00
Eduardo Abinader
e5fdc05dce P2P: Remove unecessary sanity check for global p2p
This check is already being done on wpas_p2p_deinit_iface.
Of course, it is assumed wpa_s is not deinit when reaches
that point as a matter of fact.

Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
2014-09-28 11:03:48 +03:00
Eduardo Abinader
ee285df457 P2P: Flush services based on global p2p init and not p2p ifaces
As P2P service are not necessarily attached to a iface, when
added, proceed with same approach on p2p global deinit. Such
approach solves memory leaks ocurring upon wpa_supplicant
termination, when p2p services were registered previously.

Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
2014-09-28 11:03:48 +03:00
Constantin Musca
7139cf4a4f P2P: Decrement sd_pending_bcast_queries when sd returns success
The sd_pending_bcast_queries variable should be decremented only
in case of success. This way, the supplicant can retry if a service
discovery request fails.

Signed-off-by: Constantin Musca <constantin.musca@intel.com>
2014-09-28 11:03:48 +03:00
Janusz Dziedzic
dbdc9a1d48 nl80211: Fix memory leak on start radar detection error path
Free nlmsg if failing to start radar detection.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-09-28 11:03:48 +03:00
Janusz Dziedzic
ed8e005973 hostap: nl80211 use nl80211_put_freq_params
Use nl80211_put_freq_params when it possible. Remove
duplicated code.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-09-27 21:47:40 +03:00
Jouni Malinen
816e3df972 tests: Random MAC address use
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 20:07:55 +03:00
Jouni Malinen
c267753ba2 Add support for using random local MAC address
This adds experimental support for wpa_supplicant to assign random local
MAC addresses for both pre-association cases (scan, GAS/ANQP) and for
connections. MAC address policy for each part can be controlled
separately and the connection part can be set per network block.

This requires support from the driver to allow local MAC address to be
changed if random address policy is enabled. It should also be noted
that number of drivers would not support concurrent operations (e.g.,
P2P and station association) with random addresses in use for one or
both.

This functionality can be controlled with the global configuration
parameters mac_addr and preassoc_mac_addr which set the default MAC
address policies for connections and pre-association operations (scan
and GAS/ANQP while not connected). The global rand_addr_lifetime
parameter can be used to set the lifetime of a random MAC address in
seconds (default: 60 seconds). This is used to avoid unnecessarily
frequent MAC address changes since those are likely to result in driver
clearing most of its state. It should be noted that the random MAC
address does not expire during an ESS connection, i.e., this lifetime is
only for the case where the device is disconnected.

The mac_addr parameter can also be set in the network blocks to define
different behavior per network. For example, the global mac_addr=1 and
preassoc_mac_addr=1 settings and mac_addr=0 in a home network profile
would result in behavior where all scanning is performed using a random
MAC address while connections to new networks (e.g.,
Interworking/Hotspot 2.0) would use random address and connections to
the home network would use the permanent MAC address.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 20:07:19 +03:00
Jouni Malinen
4d8fb63799 Add helper function for generating random MAC addresses
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 19:12:02 +03:00
Jouni Malinen
fee354c74d nl80211: Add command for changing local MAC address
This can be used to allow wpa_supplicant to control local MAC address
for connections.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 19:11:24 +03:00
Jouni Malinen
321c7f6034 tests: Make ap_wps_er_add_enrollee more robust under load
The scan for WPS-AUTH validation may miss a Probe Response frame if the
hostapd process gets blocked under load, e.g., when testing with
parallel-vm.sh.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 16:17:17 +03:00
Jouni Malinen
e49cabcf87 P2P: Set timeout when starting GO Negotiation from Probe Req RX
It was possible for the p2p_go_neg_start timeout handler to get called
when there was a pending timeout from an earlier GO Negotiation start.
This could result in that old timeout expiring too early for the newly
started GO Negotiation to complete. Avoid such issues by setting a
sufficiently long timeout here just before triggering the new GO
Negotiation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 16:12:41 +03:00