The ASCII hexdump is somewhat difficult to search for (especially on
Android builds), so make the debug log easier to parse by printing the
full control interface command as a text string. In addition, use
wpa_dbg() to get the interface name printed so that multi-interface
cases can be debugged.
Signed-hostap: Jouni Malinen <j@w1.fi>
Setting just ssid->passphrase is not enough to complete the network
block for the GO entry. Also the PSK needs to be derived so that the
network is considered enabled by wpas_network_disabled(). The previous
version worked as long as something else allowed the scan request to be
performed (this is needed even though the actual scan is skipped when
starting GO).
The first GO start was allowed because wpa_s->scan_req is initialized to
1 in wpa_supplicant_alloc(). However, other attempts may fail if
wpa_s->scan_req is cleared. This failure shows up as "No enabled
networkas - do not scan" in debug log followed by state change to
INACTIVE when trying to start GO.
Fix this by deriving PSK from the passphrase for GO mode.
Signed-hostap: Jouni Malinen <j@w1.fi>
Commit 30ee769235 started skipping P2P
group removal if wpa_s->current_ssid is not set and commit
0d30cc240f started clearing
wpa_s->current_ssid on disconnection. This combination broke
p2p_group_idle timeout on P2P client interface in a case where no
separate P2P group interface is used and when the disconnection is
triggered by something else than an explicit indication of GO
terminating the group.
Fix this by relaxing network block matching rules when figuring out
whether any of the configured network blocks could be in P2P use. The
p2p_group flag alone should be enough for this since temporary P2P group
network blocks are removed once the P2P group is terminated.
Signed-hostap: Jouni Malinen <j@w1.fi>
If the AP creation failed (missing freq= or driver error) the supplicant
would previously stay in SCANNING state forever. Instead, it should
handle the error a bit better and drop back to DISCONNECTED so clients
know something went wrong.
Signed-hostap: Dan Williams <dcbw@redhat.com>
intended-for: hostap-1
As long as WLAN_STA_ASSOC_REQ_OK is set in sta->flags, Class 3 frames do
not trigger a disassoc/deauth. If it is still set even after the assoc
response tx has already failed, it may take somewhat longer for clients
to realize that the connection wasn't fully established.
Signed-hostap: Felix Fietkau <nbd@openwrt.org>
Channel 14 is available only in Japan and is DSSS-only according to
IEEE 802.11-2012 19.4.3 and MIC Equipment Ordinance (EO)
for Regulating Radio Equipment article 49.20.
At the same time, P2P should avoid using DSSS modulation in normal
operation according to P2P specification v1.2 2.4.1.
Signed-hostap: Mykyta Iziumtsev <mykyta.iziumtsev@gmail.com>
intended-for: hostap-1
This avoids extra latency caused by establishing an aggregation session
and makes the initial connection attempt more reliable
Signed-hostap: Felix Fietkau <nbd@openwrt.org>
This patch fixes an issue where removing a WDS VLAN interface also
removed the main AP interface from the same bridge.
Signed-hostap: Felix Fietkau <nbd@openwrt.org>
Commit 4d32c0c44d added another use for the
local pos variable and that broke the mechanism used to determine wheter
the peer address was provided. Fix this by using a separate pointer to the
peer address.
Signed-hostap: Jouni Malinen <j@w1.fi>
When I use CONFIG_WPS_NFC=y a warning appears.
wps_supplicant.c:1872:12: warning: 'wpas_wps_add_nfc_password_token'
defined but not used [-Wunused-function]
This patch removes this warning.
Signed-hostap: Masashi Honma <masashi.honma at gmail.com>
If a connection operation is started on an interface based on scan
results, other virtual interfaces should not be information about the
results to avoid potential concurrent operations during the association
steps. Since the sibling notification of scan results received was added
as an optimization, skipping it for this type of cases is the simplest
way of avoiding unnecessary concurrent operations.
Signed-hostap: Jouni Malinen <j@w1.fi>
This makes sure that the interrupted station mode scan can be completed
after the P2P operations have had their chance of using the radio.
Signed-hostap: Jouni Malinen <j@w1.fi>
Driver could reject the new scan based on any virtual interface
running a concurrent scan. As such, mark the pending scan callback
for P2P based on any interfaces instead of just the one used for
the p2p_scan operation.
Signed-hostap: Jouni Malinen <j@w1.fi>
Since we have a global P2P module, the flag to trigger scan completion
events to it needs to be in similar context. The previous design
maintained this separately for each virtual interface and if P2P module
did not run its scan operation on the virtual interface that completed
the scan, P2P module would not be allowed to restart operations
properly.
Signed-hostap: Jouni Malinen <j@w1.fi>
The BSS pointer may change if the entry needs to be reallocated
and the new pointer has to be added to the last_scan_res array
to avoid using pointers to freed memory.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is a generic AES CCM implementation that can be used for other
purposes than just implementing CCMP, so it fits better in a separate
file in src/crypto.
Signed-hostap: Jouni Malinen <j@w1.fi>
Now that the internal AES implementation supports 256-bit keys, enable
use of the TLS cipher suites that use AES-256 regardless of which crypto
implementation is used.
Signed-hostap: Jouni Malinen <j@w1.fi>
AES uses the same 128-bit block size with 128, 192, 256 bit keys, so use
the fixed block size definition instead of trying to dynamically set the
block size based on key length. This fixes use of 192-bit and 256-bit
AES keys with crypto_cipher_*() API when using the internal AES
implementation.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is otherwise identical to aes_gcm_ae() but does not use the
plain/crypt pointers since no data is encrypted.
Signed-hostap: Jouni Malinen <j@w1.fi>
This adds 192-bit and 256-bit key support to the internal AES
implementation and extends the AES-GCM functions to accept key length to
enable longer AES key use.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is a generic AES GCM and GMAC implementation that can be used for
other purposes than just implementing GCMP, so it fits better in a
separate file in src/crypto.
Signed-hostap: Jouni Malinen <j@w1.fi>
There is no need to allocate a temporary buffer and build GHASH input
data into it. Instead, ghash() is trivial to split into update part that
can be called separately for each segment.
Signed-hostap: Jouni Malinen <j@w1.fi>
GCMP encodes length of AAD differently, so remove the unnecessary
code that got copied from the CCMP implementation.
Signed-hostap: Jouni Malinen <j@w1.fi>
This version can generate CCMP and TKIP test vectors that match with
the IEEE Std 802.11-2012, Annex M.6.3 and M.6.4.
Signed-hostap: Jouni Malinen <j@w1.fi>
The conf doesn't contain any basic rates in some cases. Most notably,
when starting a P2P GO in 5 GHz. Use the iface rates which are
initialized in hostapd_prepare_rates() to the conf rates or set to
default values if no conf values exist. This fixes a bug introduced in
commit e5693c4775.
Signed-hostap: Arik Nemtsov <arik@wizery.com>
Commit e5693c4775 added a copy of the
determined basic rate set into struct hostapd_iface, but did not
actually copy the terminating -1 value. This could be problematic if
something were to actually try to use this list since would be no way to
know what is the last entry in the list. Fix this by copying the
terminating value.
Signed-hostap: Jouni Malinen <j@w1.fi>
This driver_op can now be used in station mode, too, to fetch
information about the connection with the AP, so allow this to be used
even if wpa_supplicant is built without AP mode support.
Signed-hostap: Jouni Malinen <j@w1.fi>
The group matching should be done by comparing the P2P Interface Address
(which the group_bssid here is) to the group's BSSID and not the group
ID (which uses P2P Device Address and would have also needed the SSID).
Though, it should be noted that this case cannot really happen since a
GO in an active group would never be invited to join another group in
its GO role (i.e., if it receives an Invitation Request, it will reply
in P2P Device role). As such, this fix does not really change any
observable behavior, but anyway, it is good to keep the implementation
here consistent with the Invitation Request case.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When building the Invitation Request for WFD use cases, match the BSSID,
i.e., P2P Interface Address, of the group on the GO to avoid using
information from another group should the device be operating multiple
concurrent groups as GO.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If two BSS entries have the same HESSID and SSID, share the fetched ANQP
information between these BSS entries to save memory and GAS/ANQP
operations.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>