Even though we may not receive a Probe Response from the peer during
the connection, we should not be expiring a P2P peer entry while that
peer is connected to a group where we are the GO.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The cookie value needs to be fetched in GO mode, too, to be able to
indicate TX status callbacks with drivers that handle AP mode SME
functionality internally. This fixes issues with client discoverability
where TX status callback for GO Discoverability Request is needed to
trigger the GO to send Device Discoverability Response.
When a P2P group is removed, we better not leave possibly started
sched_scan running. This could happen when a separate group interface
was not used.
In addition, it looks safer to explicitly stop sched_scan before
starting P2P Listen or Find operations to make sure the offloaded
scanning is not running when doing similar P2P operations.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This patch fixes an issue with roaming for drivers that set
WPA_DRIVER_FLAGS_BSS_SELECTION (currently ath6kl). On moving to an AP
with a different BSSID, an EVENT_ASSOC is received and the subsequent
4-way handshake may fail because of a mismatch between the RSN IE in
message 3/4 and in Beacon/Probe Response. This happens only when the APs
use different RSN IE contents and ap_scan is set to 1, since
wpa_supplicant fails to update its cached IEs.
Initial association may fail, too, in case of multiple APs with
the same SSID, since BSSID selection is done by the driver and again
a mismatch could be seen.
Fix these two issues by clearing and updating the cached IEs on
receiving an Association event from the driver. Also, retrieve the
scan results when the new BSS information is not present locally.
Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Some SIM cards do not include MNC length with in EF_AD. Try to figure
out the MNC length based on the MCC/MNC values in the beginning of the
IMSI. This covers a prepaid Elisa/Kolumbus card that would have ended
up using incorrect MNC length based on the 3-digit default.
Signed-hostap: Jouni Malinen <j@w1.fi>
The temporary IMSI buffer can be used for this without needing the
extra memory allocation. In addition, the implementation is easier
to understand when the extra identity prefix value for EAP-SIM/AKA
is not included while fetching MCC/MNC from the IMSI.
Signed-hostap: Jouni Malinen <j@w1.fi>
The EF-AD (administrative data) file may contain information about the
length of the MNC (2 or 3 digits) in the IMSI. This can be used to
construct the realm according to 3GPP TS 23.003 during EAP-SIM or
EAP-AKA authentication.
Signed-hostap: Simon Baatz <gmbnomis@gmail.com>
This patch notifies the upper framework that an on-going discovery has
been stopped. This is useful in cases where a p2p_find with a timeout
value initiated by the upper framework has been finished or when the
framework initiated "p2p_find" is stopped by a "p2p_connect".
Signed-hostap: Jithu Jance <jithu@broadcom.com>
Some deployed station implementations seem to send msg 4/4 with
incorrect type value in WPA2 mode. Add a workaround to ignore that issue
so that such stations can interoperate with hostapd authenticator. The
validation checks were added in commit
f8e96eb6fd.
Signed-hostap: Jouni Malinen <j@w1.fi>
The Device ID attribute was already used in Listen state, but it was
ignored in GO role. Verify that there is a match with Device ID in
GO rule, too, before replying to the Probe Request frame.
Signed-hostap: Jouni Malinen <j@w1.fi>
dev_id=<P2P Device Addr> can now be specified as an argument to
p2p_find to request P2P find for a specific P2P device.
Signed-hostap: Jouni Malinen <j@w1.fi>
Some supplicant implementations (e.g., Windows XP WZC) update SNonce for
each EAPOL-Key 2/4. This breaks the workaround on accepting any of the
pending requests, so allow the SNonce to be updated even if we have
already sent out EAPOL-Key 3/4.
While the issue was made less likely to occur when the retransmit
timeout for the initial EAPOL-Key msg 1/4 was increased to 1000 ms,
this fixes the problem even if that timeout is not long enough.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Now that we can use driver_nl80211.c with non-mac80211 drivers that
implement SME/MLME internally, we may not get inactivity time from the
driver. If that is the case, we need to skip disconnection based on
maximum inactivity timeout. This fixes some unexpected disconnection
cases with ath6kl in AP mode.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The deauthentication and disassociation events from nl80211 were being
processed identically regardless of whether the frame was generated by
the local STA or the AP. This resulted in fast reconnection mechanism
getting triggered even in the case where the disconnection was detected
locally (e.g., due to beacon loss) while this was supposed to happen
only in the case where the AP is sending an explicit Deauthentication
or Disassociation frame with a specific reason code.
Fix this by adding a new deauth/disassoc event variable to indicate
whether the event was generated locally.
Signed-hostap: Jouni Malinen <j@w1.fi>
Commit e9c3c1afed added a new D-Bus
method and that was enough to push the Introspect XML buffer over
the previously allocated 8000 bytes. Increase the buffer size to
make enough room for P2P interface. In addition, add a debug
message to indicate if an XML segment does not fit into the buffer
to make this types of failures somewhat easier to catch.
Signed-hostap: Jouni Malinen <j@w1.fi>
IEEE Std 802.1X-2004 does not clear authWhile and heldWhile in this
case, but doing so allows the timer tick to be stopped more quickly when
the port is not enabled. Since these variables are used only within HELD
and RECEIVE states, clearing them on initialization does not change
actual state machine behavior. This reduces some unnecessary operations
in port disabled state and cleans up the wpa_supplicant debug log after
disconnection.
Signed-hostap: Jouni Malinen <j@w1.fi>
The authentication timeout could be triggered after the connection has
already been known to have failed. The event at that point can be
confusing, so better cancel the timeout when processing connection
failure.
Signed-hostap: Jouni Malinen <j@w1.fi>
If the BSSID of the AP is specified in the WPS command, the target
AP is likely already in the BSS table and its operating channel is
known. Use this information to speed up connection by only scanning
the known channel.
Signed-hostap: Jouni Malinen <j@w1.fi>
The 'network.target' is special (per systemd.special(7)), and is to be
brought up indirectly when network is actually configured (i.e. through
DHCP or static address settings).
Irrelevant of that, all services should be always installed in
multi-user.target.
[Bug 427]
Since wps_registrar_pbc_timeout is called to stop PBC, previously
registered wps_registrar_pbc_timeout must be canceled when canceling
the WPS operation.
Signed-off-by: Spencer Chang <jungwalk@gmail.com>
The offchanok parameter is hardcoded to one in number of paths and that
added NL80211_ATTR_OFFCHANNEL_TX_OK attribute to NL80211_CMD_FRAME
unconditional. cfg80211 rejects this with EINVAL if the driver does not
indicate support for offchannel TX. Fix this by not requesting
offchannel TX depending on driver capabilities. Remain-on-channel
operation was used for those cases anyway, so the additional attribute
was not really needed for these in the first place.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This fixes issues with drivers that do not handle concurrent
remain-on-channel and scan operations in a case where Provision
Discovery Response frame is not received to stop the Action frame
handshake.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If the freq parameter is specified and we are already running legacy STA
on a different frequency with a driver that does not support
multi-channel concurrency, reject p2p_group_add. Same code already
exists in the path of P2P connection with go negotiation but is missing
for autonomous GO.
Signed-hostap: Neeraj Garg <neerajkg@broadcom.com>
When nl80211_setup_ap() has enabled Probe Request reporting, this must
not be disabled when P2P Listen state is stopped to avoid breaking AP
mode operations. This could happen, e.g., if a Probe Request frame was
received from a P2P device that the we are trying to invite to our group
(i.e., when operating in GO role). p2p_probe_req_rx() calls
p2p_invite_start() in this case and that ends up calling
p2p->cfg->stop_listen() which calls probe_req_report() driver op.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
hostapd uses the poll method to check if the station is alive
after the station has been inactive for ap_max_inactivity seconds.
Make the poll mechanism configurable so that user can choose to
disconnect idle clients.
This can be especially useful when some devices/firmwares have
restrictions on the number of clients that can connect to the AP
and that limit is smaller than the total number of stations trying
to use the AP.
Signed-off-by: Yogesh Ashok Powar <yogeshp@marvell.com>
Signed-off-by: Nishant Sarmukadam <nishants@marvell.com>
The 100 ms timeout on retransmitting group key message can be too short
for stations that are in power save mode or if there is a large number
of association stations. While the retransmission of the EAPOL-Key frame
should allow this to be recovered from, it is useful to avoid
unnecessary frames to save soem CPU and power.
Signed-hostap: Jouni Malinen <j@w1.fi>
Drivers that use device SME in AP mode may still need to be
subscribed for Action frame RX when monitor interface is not used.
This fixes number of P2P GO operations with ath6kl.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Poll command may be enough for mac80211 to figure out whether monitor
interface is to be used, but this change did not take into account
non-mac80211 drivers that support AP mode without monitor interface.
For example, ath6kl needs to get use_monitor disabled.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Add a new persistent group network block field, p2p_client_list, to
maintain a list of P2P Clients that have connected to a persistent
group. This allows GO of a persistent group to figure out more easily
whether re-invocation of a persistent group can be used with a specific
peer device.
Signed-hostap: Jouni Malinen <j@w1.fi>
Add "persistent=<network id>" line to P2P_PEER ctrl_iface data
if a persistent group credentials are available for this peer.
This makes it easier for external programs to figure out when
a persistent group could be re-invoked with this peer.
For now, this information is only available on the P2P client,
but similar information can be added for GO once a list of P2P
clients is maintained with the persistent group data.
Signed-hostap: Jouni Malinen <j@w1.fi>
The P2P module provides access to public peer data in struct
p2p_peer_info. Use this to build the P2P_PEER information in
ctrl_iface.c instead of providing such text format data from the P2P
module.
The internal data that was previously built in p2p_get_peer_info() as
part of the text format peer data is now available through a separate
p2p_get_peer_info_txt() function. This is still included in P2P_PEER
output to maintain backwards compatibility with external programs that
could have started to use this. However, it should be noted that this
data is not really supposed to be used for anything else apart from
debugging purposes and its format is subject to change.
Signed-hostap: Jouni Malinen <j@w1.fi>
p2p_get_peer_info() was used in multiple places just to check whether a
specific peer is known. This was not the designed use for the function,
so introduce a simpler function for that purpose to make it obvious that
the p2p_get_peer_info() function is actually used only in ctrl_iface.c.
Signed-hostap: Jouni Malinen <j@w1.fi>
KEK from TPTK needs to be used instead of from PTK when processing
rekeying case similarly to what was already done with KCK.
Signed-hostap: Jouni Malinen <j@w1.fi>
