Commit graph

2339 commits

Author SHA1 Message Date
Arif Hussain
8b3b803ab9 Include Extended Capabilities element based on scan results
Add Extended Capabilities element to association request only if the AP
included this element in Beacon/Probe Response frames. This is a
workaround to address interoperability issues with some older APs that
do not seem to be able to handle Extended Capabilities element in
(Re)Association Request frames.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-02 08:09:05 -07:00
Deepthi Gowri
6903ee6f62 P2P Extend postponing of concurrent scans for persistent GO
Update the p2p_go_wait_client timestamp in p2p_go_configured() to
address the case where the group is set up without the provisioning
step.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-02 07:32:17 -07:00
Sunil Dutt
f130b105ec TDLS: Clean up wpa_tdls_teardown_link() uses
Making this function be used only for external setup case simplifies the
implementation and makes core wpa_supplicant calls in ctrl_iface.c and
events.c consistent.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-30 17:10:18 +03:00
Jouni Malinen
5388dc97e0 Document use of Linux capabilities instead of privileged process
Linux capabilities cap_net_admin and cap_net_raw can be used to replace
need for running wpa_supplicant as a root process.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-29 12:04:40 +03:00
Jouni Malinen
a771c07dfc Add driver status information to control interface
STATUS-DRIVER command can now be used to fetch driver interface status
information. This is mainly for exporting low-level driver interface
information for debug purposes.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-28 17:19:30 +03:00
Jouni Malinen
298f51857d Get rid of compiler warning in no-CONFIG_CTRL_IFACE builds
no_ctrl_interface parsing was declared within ifdef CONFIG_CTRL_IFACE
block, so the parser function needs to be marked similarly.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-27 23:42:37 +03:00
Jouni Malinen
ea61aa1de1 Add no_ctrl_interface config param to clear ctrl_interface
This can be used to override previously set ctrl_interface value in a
way that clears the variable to NULL instead of empty string. The only
real use case for this is to disable per-interface ctrl_interface from
the additional control file (-I<file>) in case ctrl_interface was set in
the main configuration file. It should be noted that zero-length
ctrl_interface parameter can be used to initiate some control interface
backends, so simpler designs were not available for this.

The format of the new parameter is not exactly cleanest due to
configuration file parsing assumptions. For example:

ctrl_interface=....
no_ctrl_interface=

would end up with ctrl_interface=NULL.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-27 23:34:35 +03:00
Jouni Malinen
25b65a142d Make sure updated BSS entry does not get added twice to the list
When the BSS table is being updated based on new scan results, a BSS
entry could end up getting added into last_scan_res list multiple times
if the scan results from the driver includes duplicated values. This
should not happen with driver_nl80211.c since it filter outs duplicates,
but in theory, other driver wrappers could indicate such scan results.
Anyway, it is safer to make sure this cannot happen by explicitly
verifying the last_scan_res list before adding an updated BSS entry
there. A duplicated entry in the list could potentially result in freed
memory being used if there is large enough number of BSSes in the scan
results to cause removal of old BSS entries.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-27 16:00:50 +03:00
Jouni Malinen
a3cbf82e6d Fix possible freed-memory use in BSS table updates
If there are large number of BSSes in the scan results, BSS table update
could have added a BSS entry to the last_scan_res in a case where that
BSS entry got just deleted. This would happen only if there are more
than bss_max_count (by default 200) BSSes and if at least bss_max_count
of those BSSes are known (match a configured network). In such a case,
wpa_bss_add() could end up allocating a new BSS entry and return a
pointer to that entry even if it was the one that ended up getting freed
to keep the BSS table length within the limit. This could result in
freed memory being used and the process crashing (likely with segfault)
when trying to access information from that BSS entry.

Fix the issue by removing the oldest BSS entry before linking the new
entry to the table. This makes sure the newly added entry will never get
picked up as the one to be deleted immediately.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-27 15:56:06 +03:00
Jouni Malinen
bbc6c729a5 P2P: Use group formation timeout on persistent group GO
Previously, GO considered the group to be fully re-invoked after
starting beaconing on successful invitation exchange. This would leave
the group running until idle timeout (which may not be enabled) or
explicit removal if the client fails to connect for any reason. Since
the client is expected to connect immediately after the invitation
exchange that ends with status=0 (i.e., either client initiated the
exchange or it responded with success), extend group formation timeout
to cover that period until the first successfully completed data
connection. This allows the GO to remove the group automatically if the
client devices does not connect within
P2P_MAX_INITIAL_CONN_WAIT_GO_REINVOKE (15) seconds.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-26 21:24:09 +03:00
Jouni Malinen
41f853235f P2P: Extend group formation timeout on GO to first data connection
Previously, GO considered the group to be fully formed at the completed
of WPS provisioning step. This would leave the group running until idle
timeout (which may not be enabled) or explicit removal if the client
fails to connect for any reason. Since the client is expected to connect
immediately after the WPS provisioning step, extend group formation
timeout to cover that period until the first successfully completed data
connection. This allows the GO to remove the group automatically if the
client devices does not connect within P2P_MAX_INITIAL_CONN_WAIT_GO (10)
seconds.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-26 20:32:44 +03:00
Jouni Malinen
20625e9753 P2P: Remove P2P groups on process termination
Killing the wpa_supplicant process or using TERMINATE ctrl_iface command
resulted in the process existing without cleaning up possibly added
dynamic P2P group interfaces. Clean this up by stopping each P2P group
before stopping eloop.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-26 01:38:30 +03:00
Jouni Malinen
76fe79ef2d Register wpa_msg callback even if only global ctrl_iface is used
Previously, wpa_msg_register_cb() was called only from successful
completion of per-interface control interface initialization. This would
leave the callback unregistered in case only the global control
interface is used which would result in not delivering control interface
events on the global interface. Fix this by registering the callback
handler also from successful initialization of the global control
interface.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-26 01:31:32 +03:00
Jouni Malinen
89286e91bf Re-open ctrl_iface socket on some failure cases as a workaround
If wpa_supplicant ctrl_iface clients are misbehaving and refusing to
read replies or event messages from wpa_supplicant, the single socket
used in wpa_supplicant to send messages can reach the maximum send
buffer limit. When that happens, no more responses to any client can be
sent. Work around this by closed and reopening the socket in case such a
failure state is detected. This is obviously not desirable since it
breaks existing connected sockets, but is needed to avoid leaving
wpa_supplicant completely unable to respond to any client. Cleaner fix
for this may require more considerable changes in the ctrl_iface design
to move to connection oriented design to allow each client to be handled
separately and unreachability to be detected more reliably.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 16:23:11 +03:00
Jouni Malinen
742e715b31 Simplify ctrl_iface sendto() use
Prepare reply buffer first for all cases and then use a single sendto()
call instead of three calls depending on reply type. This allows simpler
error handling for control interface send operations.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-23 17:52:10 +03:00
Jouni Malinen
6668efda58 Clear frequency list on empty value
Allow current frequency list of be cleared with an empty string value.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-23 16:22:16 +03:00
Masashi Honma
1a9f24714e Make scan_freq field to be saved by save_config
Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2013-09-23 16:06:06 +03:00
Kamath Vinayak
3cc247a78f Use configured sched_scan interval for the PNO scan
The interval for the PNO scan did not use the configured sched_scan
interval. This commit addresses the same by using the configured value
or the default of 10 seconds if configuration parameter is not used.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-15 15:21:42 -07:00
Jouni Malinen
79986bf69e Print ctrl_iface sendto() failures into debug log
This makes it easier to debug issues with control interface operations
failing.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-14 11:25:31 -07:00
Jouni Malinen
eab2b50dc8 P2P: Cancel group formation timeout on client connection
It was possiblle for the group formation timeout to be left running even
after the P2P Client connected to the group if the WPS provisioning step
was not completed cleanly (e.g., due to WSC_Done not getting received
from the client). There is no need to remove the group in such case due
to the initial group formation timeout, so work around this by removing
that timeout on data connection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-14 11:25:10 -07:00
Jouni Malinen
00eb299396 P2P: Fix operation channel configuration update
There was already a CFG_CHANGED_P2P_OPER_CHANNEL handler function, but
this flag was not set when the p2p_oper_reg_class or p2p_oper_channel
parameters were changed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-14 11:24:56 -07:00
Vinay Krishna Eranna
b2b688d18d P2P: Fix crash when failed to create GO interface
wpa_supplicant crashes if driver configuration for AP mode interface
configuration fails after group negotiation. This is because of a
regression from commit 1075b29571 that
ends up freeing the wpa_s instance from within
wpa_supplicant_create_ap() without the caller knowing.

Fix this by using an eloop timeout to free remove the P2P group so that
wpa_supplicant_create_ap() and especially wpa_supplicant_associate()
callers do not need to know about interface getting possibly removed. In
addition, move the P2P specific code into p2p_supplicant.c where it
really belongs. This allows the already existing group formation timeout
to be used by reducing the timeout to zero.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-03 12:43:12 +03:00
Jouni Malinen
61971697bb WPS NFC: Fix build without CONFIG_AP=y
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-03 11:27:24 +03:00
Jouni Malinen
e1ae5d743f SAE: Fix build without CONFIG_AP=y
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-03 11:25:29 +03:00
Jouni Malinen
813e7b364f P2P: Remove group from timeout on PSK failure
Avoid potential issues with removing a P2P group on PSK failure directly
from the wpa_supplicant_event() call since the caller (in driver_*.c)
may not be prepared for the interface disappearing at that point in
time.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-02 16:33:42 +03:00
Jouni Malinen
5bf9a6c859 P2P: Add event messages for possible PSK failures on P2P groups
It is possible for the GO of a persistent group to change the PSK or
remove a client when per-client PSKs are used and this can happen
without the SSID changing (i.e., the group is still valid, but just not
for a specific client). If the client side of such persistent group ends
up trying to use an invalidated persistent group information, the
connection will fail in 4-way handshake. A new WPS provisioning step is
needed to recover from this.

Detect this type of case based on two 4-way handshake failures when
acting as a P2P client in a persistent group. A new
"P2P-PERSISTENT-PSK-FAIL id=<persistent group id>" event is used to
indicate when this happens. This makes it easier for upper layers to
remove the persistent group information with "REMOVE_NETWORK <persistent
group id>" if desired (e.g., based on user confirmation).

In addition to indicating the error cases for persistent groups, all
this type of PSK failures end up in the client removing the group with
the new reason=PSK_FAILURE information in the P2P-GROUP-REMOVED event.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
eac8dab87c P2P: Document per-client keys and p2p_remove_client
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
43c693c21a P2P: Do not store duplicate PSK entries for the same device
If a client joins a P2P group multiple times, replace the previous
per-client PSK entry instead of adding a new entry each time.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
f2c566027e P2P: Add a command for removing a client from all groups
The new control interface command P2P_REMOVE_CLIENT <P2P Device
Address|iface=Address> can now be used to remove the specified client
from all groups (ongoing and persistent) in which the local device is a
GO. This will remove any per-client PSK entries and deauthenticate the
device.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
01a57fe420 P2P: Maintain list of per-client PSKs for persistent groups
Record all generated per-client PSKs in the persistent group network
block and configure these for the GO Authenticator whenever re-starting
the persistent group. This completes per-client PSK support for
persistent groups.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
759fd76b7f P2P: Select PSK based on Device Address instead of Interface Address
When using per-device PSKs, select the PSK based on the P2P Device
Address of the connecting client if that client is a P2P Device. This
allows the P2P Interface Address to be changed between P2P group
connections which may happen especially when using persistent groups.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 11:30:26 +03:00
Jouni Malinen
94ddef3e72 P2P: Make peer's P2P Device Address available to authenticator
This can be used to implement per-device PSK selection based on the
peer's P2P Device Address instead of P2P Interface Address.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 11:05:19 +03:00
Jouni Malinen
52177fbb70 P2P: Store P2P Device Address in per-device PSK records
This makes the P2P Device Address of the Enrollee available with the PSK
records to allow P2P Device Address instead of P2P Interface Address to
be used for finding the correct PSK.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 10:47:34 +03:00
Jouni Malinen
05766ed8de P2P: Allow per-device PSK to be assigned
"wpa_cli p2p_set per_sta_psk <0/1>" can now be used to disable/enable
use of per-device PSKs in P2P groups. This is disabled by default.
When enabled, a default passphrase is still generated by the GO for
legacy stations, but all P2P and non-P2P devices using WPS will get
a unique PSK.

This gives more protection for the P2P group by preventing clients from
being able to derive the unicast keys used by other clients. This is
also a step towards allowing specific clients to be removed from a group
reliably without having to tear down the full group to do so.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 10:14:29 +03:00
Jouni Malinen
698e921b9e wpa_cli: Add tab completion for p2p_set field values
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-31 20:58:35 +03:00
Syed Asifful Dayyan Rafiuddeen
0b5fb86a24 P2P: Stop listen state when listen-only duration is over
Even after listen duration is over, P2P module remained in
P2P_LISTEN_ONLY state, which is blocking station mode scans. Fix this by
stopping P2P listen explicitly to update p2p_state to IDLE when listen
duration expires.

Signed-hostap: Syed Asifful Dayyan <syedd@broadcom.com>
2013-08-31 18:09:15 +03:00
Jouni Malinen
02a3e5c0d1 wpa_cli: Allow first DISCONNECTED event to be reported
wpa_cli filters out extra DISCONNECTED events from action scripts. This
ended up filtering out the first real DISCONNECT event in case wpa_cli
was started when wpa_supplicant was in connected state. Change wpa_cli
to allow the first disconnection event to be reported to the action
script in such case.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-31 17:27:20 +03:00
Jouni Malinen
731ef436d1 D-Bus: Fix per-iface object unregistration on not existing objects
If the private data for an object is not found, do not try to unregister
that object to avoid D-Bus errors.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-31 16:46:24 +03:00
Jouni Malinen
447969e034 D-Bus: Do not send network notification for all P2P groups
Previously, network added event was skipping during group formation.
However, this did not necessarily catch all cases of temporary P2P
network blocks. Check ssid->p2p_group to make this behavior more
consistent by avoiding all P2P groups.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-31 16:44:42 +03:00
Masashi Honma
eb32460029 Fix switching from EAP-SIM to EAP-AKA/AKA'
Switching EAP method from EAP-SIM to EAP-AKA fails.
wpa_cli commands are below.

------------------
sudo wpa_cli add_network
sudo wpa_cli set_network 0 ssid '"eap-sim"'
sudo wpa_cli set_network 0 key_mgmt WPA-EAP
sudo wpa_cli set_network 0 eap SIM
sudo wpa_cli set_network 0 pin '"1234"'
sudo wpa_cli set_network 0 pcsc '""'
sudo wpa_cli select_network 0

sudo wpa_cli disable_network 0
sudo wpa_cli disconnect
sudo wpa_cli remove_network 0

sudo wpa_cli add_network
sudo wpa_cli set_network 0 ssid '"eap-sim"'
sudo wpa_cli set_network 0 key_mgmt WPA-EAP
sudo wpa_cli set_network 0 eap AKA
sudo wpa_cli set_network 0 pin '"1234"'
sudo wpa_cli set_network 0 pcsc '""'
sudo wpa_cli select_network 0
------------------

Then EAP-AKA connection resulted in fail.
wpa_supplicant log is below.

------------------
wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 23 (AKA) selected
SCARD: Non-USIM card - cannot do UMTS auth
EAP-AKA: UMTS authentication failed (AUTN)
wlan0: CTRL-EVENT-EAP-FAILURE EAP authentication failed
------------------

This occurs because on the first EAP-SIM authentication, the SIM/USIM
card in the device was recognized as SIM card even if it is USIM card.

So this patch changes it to recognize as USIM card even if EAP-SIM
authentication was required.

I have tested these switching cases.
EAP-SIM -> EAP-AKA
EAP-SIM -> EAP-AKA'
EAP-AKA -> EAP-SIM
EAP-AKA -> EAP-AKA'
EAP-AKA' -> EAP-SIM
EAP-AKA' -> EAP-AKA

Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2013-08-31 16:11:48 +03:00
Sreenath Sharma
f2b3f4de49 P2P: Allow P2P functionality to be disabled per interface
By default, P2P is initialized for all driver interfaces and this makes
P2P getting initialized for non-P2P station interface if the supplicant
is started first on this interface. If an interface is dedicated for
non-P2P station mode, it is now possible to disable P2P initialization
by adding 'p2p_disabled=1' in the configuration file of non-P2P station
interface, irrespective of the order in which supplicant is started.

Signed-hostap: Sreenath Sharma <sreenats@broadcom.com>
2013-08-31 11:59:05 +03:00
Sreenath Sharma
43ee470494 P2P: Immediate group removal in GC in case of deauthentication
Right now in case of deauthentication from GO, immediate group removal will
happen in GC only if the deauthentication packet has a valid IE. However,
the IE in deauthentication packet is mandated only for managed P2P group.
So in normal P2P group the group removal is delayed and will happen later
only in group idle timeout.

This fixes a regression from commit
d7df0fa727 that changed the previous check
for data->deauth_info != NULL to data->deauth_info->ie != NULL.

Signed-hostap: Sreenath Sharma <sreenats@broadcom.com>
2013-08-31 11:11:41 +03:00
Jouni Malinen
add7add09d IBSS RSN: Add a timeout for Authentication frame exchange
It is possible for the peer device not to support Authentication frame
exchange even though this would be required functionality in the
standard. Furthermore, either Authentication frame may be lost. To
recover from cases where Authentication frame sequence 2 is not
received, start EAPOL Authenticator from one second timeout.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-27 16:26:33 +03:00
Jouni Malinen
c1c0b35fea P2P: Postpone concurrent scans when waiting for first client as GO
Previously, concurrent station mode scans were postponed during an
ongoing P2P group formation up to the point of completed WPS
provisioning step. This would allow a scan to be started before the P2P
client has completed association for the data connection if a scan
request were timed to hit the window between the provisioning step and
the following association. Avoid this by extending P2P-in-progress state
to continue until the first data connection has been completed as part
of group formation. Use a ten second timeout for this to avoid leaving
scans disabled indefinitely if the client fails to connect completely.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-08-27 12:23:10 +03:00
Jouni Malinen
6fb7b58fe4 IBSS RSN: Work around Data RX vs. Authentication RX race condition
It is possible for the driver to report EAPOL frame RX before
Authentication frame RX even if the frames arrived in the opposite
order. This can result in issues in cases where both IBSS peers initiate
Authentication frame exchange at about the same time and one of the
EAPOL sessions is started before processing Authentication frame seq=1
RX. Work around this by not re-initializing EAPOL state on
Authentication (SEQ=1) RX if own Authentication frame was transmitted
within last 500 ms.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-27 02:54:35 +03:00
Jouni Malinen
99d7c76294 P2P: Add more debug info on operating channel selection
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-08-26 14:08:03 +03:00
Jouni Malinen
8d660e04e9 P2P: Add GO negotiation results into the P2P-GO-NEG-SUCCESS event
This provides status information about the negotiated group to
wpa_supplicant control interface monitors during group formation in a
form that is easier to use than having to fetch the information
separately.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-08-26 13:35:44 +03:00
Jouni Malinen
2c6f8cf6c8 Replace perror() with wpa_printf(strerror) in ctrl_iface calls
This replaces number of perror() calls with wpa_printf() to get the
error messages embedded within rest of the debug messages in the same
stream instead of pushing these to stderr which may get directed to
another location.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-26 11:46:21 +03:00
Jouni Malinen
e743db4309 IBSS RSN: Add IBSS-RSN-COMPLETED event message
This new control interface event message is used to indicate when
both 4-way handshakes have been completed with a new IBSS peer.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-25 23:09:22 +03:00
Jouni Malinen
4c559019bd P2P: Add state info to global STATUS command
This can be used for debugging purposes to see what the current P2P
module state is.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-25 21:02:12 +03:00
Jouni Malinen
ae8c27f79d Add STATUS command to global control interface
This provides global status information that is applicable to all
interfaces (e.g., P2P state). In addition, ifname/address pairs are
listed to get information of all the interfaces that are currently
managed through this wpa_supplicant instance.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-25 20:53:58 +03:00
Jouni Malinen
42868f1486 Add SAVE_CONFIG command to global control interface
This iterates through all interfaces and saves configuration file
updates for each interface that allows it (update_config=1).

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-25 20:41:39 +03:00
Jouni Malinen
1b9b31c153 Add SET command for global control interface
This allows global parameters to be set through the global control
interface without having to use IFNAME prefix. For now, this covers
only the wifi_display parameter.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-25 20:35:19 +03:00
Jouni Malinen
25a8f9e316 Clear EAPOL supplicant configuration info on current_ssid changes
There were some code paths that allowed obsolete configuration data
pointer to be maintained within EAPOL supplicant in case a network was
removed while not connection to it (i.e., wpa_s->current_ssid not
pointing to the network that was removed). This could result in use of
freed memory, e.g., from eap_sm_notify_ctrl_attached() when a new
control interface connected prior to the EAPOL supplicant configuration
pointer got updated.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-25 19:46:57 +03:00
Avraham Stern
973622cd44 wpa_supplicant: Fix AP mode frequency initialization
In AP mode the frequency was initialized only after trying to set up the
AP which caused failure. Move AP frequency initialization to the right
place. This allows an AP mode network block without the frequency
parameter to be used with the default channel 11 being selected in that
case.

Signed-hostap: Avraham Stern <avraham.stern@intel.com>
2013-08-25 11:24:29 +03:00
Ilan Peer
d99ca89d98 P2P: Skip non-P2P interface in p2p_group_remove *
When 'p2p_group_remove *' is called while the station interface
is connected, the flow also disconnects the station interface.
Fix this by skipping non-P2P interfaces in the iteration.

Signed-hostap: Ilan Peer <ilan.peer@intel.com>
2013-08-25 11:17:14 +03:00
David Spinadel
239abaf2ab WPS: Set currently used RF band in RF Bands attribute
According to WSC specification (Ver 2.0.2, section 8.3), RF Bands
attribute should be set to the specific RF band used for the current
message. Add an option to set wanted band in wps_build_rf_bands() and
add a callback to get the current band from wpa_supplicant and hostapd.

Signed-hostap: David Spinadel <david.spinadel@intel.com>
2013-08-25 10:55:53 +03:00
Ilan Peer
e0591c3cfe wpa_supplicant: Reduce wait time for control interfaces
Reduce the wait time for the monitor control interfaces to get
messages on wpa_supplicant de-init etc., as this significantly delays
the shutdown of the wpa_supplicant.

Signed-hostap: Ilan Peer <ilan.peer@intel.com>
2013-08-25 09:48:27 +03:00
Arik Nemtsov
5046eb4e4d P2P: Allow separate interface GO to disconnect low-ack STAs
Propagate the disassoc_low_ack setting from the main P2P interface to
the group interface.

Signed-hostap: Arik Nemtsov <arik@wizery.com>
2013-08-25 09:28:50 +03:00
Jouni Malinen
a235aca316 Fix DETACH command debug prints to avoid use of freed memory
In case a control interface socket is detached because of sendmsg()
failing for the socket, function call to detach the socket uses a
pointer to the socket information in the structure to be freed. Reorder
code to print socket info before freeing the data to avoid use of freed
memory in case debug prints are enabled.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-24 23:31:06 +03:00
Jouni Malinen
8d6e035072 Make global UNIX socket non-blocking for ctrl_iface
This keeps wpa_supplicant from hanging forever if the other end of the
socket dies. This is similar to the earlier commit
4fdc8def88 to make the global control
interface befave in the same way.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-24 20:31:04 +03:00
Jouni Malinen
86bd141050 Change WEP network selection to reject WPA/WPA2 APs
Previously, wpa_supplicant behavior in WEP configuration was to try to
mimic a device that is not aware of WPA/WPA2 and as such, it tried to
connect to a WPA/WPA2 AP with the assumption that the AP could be
providing support for both WEP and WPA/WPA2 stations in the same BSS.
Such APs could have been used during transition from WEP to more secure
options, but that type of deployment have not been used in large number
and are not really of much use anymore taken into account that more or
less all new devices support WPA/WPA2. That combined with the preference
to deprecate WEP justifies removing this use case and making WEP
networking matching more strict by using the knowledge of AP advertising
WPA/WPA2 as an indication of WEP not being supported.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-08-23 19:27:25 +03:00
Jouni Malinen
2e145e91e7 WPS: Fix failure path to allow WSC_NACK and EAP-Failure to be exchanged
Commit c7a67a7719 forced disconnection
when wpas_clear_wps() is called. Call this function from a registered
timeout when processing a failure event in order to allow the WPS
handshake to be completed with WSC_NACK and EAP-Failure.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-08-23 17:49:01 +03:00
Jeffin Mammen
50396e29da WPS: Add PBC mode activated/disabled events
This makes it easier to track PBC state on the registrar.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-08-23 16:52:48 +03:00
Jouni Malinen
961750c1e8 WPS: Share a common function for error strings
This makes it easier to maintain the list of WPS_EI_* error values and
matching strings.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-08-23 16:32:34 +03:00
Jouni Malinen
85a6cdb571 Revert "P2P: Reject p2p_find while P2P connection is in progress"
This reverts commit ce970851af.

It turned out that this breaks lots of use cases where p2p_find is
issued while already in p2p_listen state. As such, we cannot reject
p2p_find this easily without checking for more specific cases.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-01 17:03:06 +03:00
Deepthi Gowri
ce970851af P2P: Reject p2p_find while P2P connection is in progress
Though p2p_find is not expected during ongoing P2P connection, it is
possible that any third party application issues a p2p_find resulting in
connection failure. Address this by rejecting any p2p_find command while
connection is in progress.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-08-01 15:39:47 +03:00
Wei-Jen Lin
a2ea8d64d1 P2P: Fix invalid remain-on-channel duration for frame TX
cfg80211 does not allow the zero duration of remain-on-channel. Instead,
use 20 ms as default waiting time when remain-on-channel is used to
schedule offchannel transmission that does not expect a response.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-07-31 23:22:04 +03:00
Sean Lin
cbf41ca796 P2P: Do not delay retries on failure during group formation
4-way handshake may fail under extremely noisy environment and if this
happens during P2P group formation, the 10 second extra delay added in
wpas_auth_failed() can result in running over the 15 second timeout.

Avoid this by skipping the delay mechanism in wpas_auth_failed() for the
P2P group formation case. The P2P formation timeout will take care of
stopping the attempts if the failure condition does not get resolved.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-07-31 23:09:34 +03:00
Ilan Peer
0d08efa447 P2P: Use the number of concurrent channels in P2P flows
Change the P2P flows to use the number of concurrent channels
supported by the device and the number of currently used channels
for the P2P flows.

Signed-hostap: Ilan Peer <ilan.peer@intel.com>
Signed-hostap: David Spinadel <david.spinadel@intel.com>
2013-07-21 20:48:09 +03:00
Jouni Malinen
a21816a933 Use wpa_drv_shared_freq() if get_radio_name() is not supported
Some driver interfaces may not support the get_radio_name() design and
get_shared_radio_freqs() needs to be aware of such possibility when
determining shared radio frequencies.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-07-21 20:48:09 +03:00
Ilan Peer
53c5dfc2c4 Change share_vif_oper_freq() to handle multiple freqs
There are devices that can operate several channels concurrently.
Change shared_vif_oper_freq() to get_shared_radio_freqs() that can
return an array of frequencies currently used by all the virtual
interfaces that share the same radio.

In addition, move it to wpa_supplicant.c, so it can be used by other
modules.

Signed-hostap: Ilan Peer <ilan.peer@intel.com>
Signed-hostap: David Spinadel <david.spinadel@intel.com>
2013-07-21 20:03:53 +03:00
Ilan Peer
4752147d88 nl80211: Report the number of concurrent support channels
Previously, drivers only reported if they support multiple concurrent
channels, but did not report the maximum number of supported channels.
Add this reporting to the driver capabilities and add the implementation
to driver_nl80211.

Signed-hostap: Ilan Peer <ilan.peer@intel.com>
Signed-hostap: David Spinadel <david.spinadel@intel.com>
2013-07-21 19:49:47 +03:00
Jouni Malinen
d7df0fa727 Clean up wpa_supplicant_event() with deauth/disassoc helper functions
wpa_supplicant_event() has grown overly large, so it is useful to split
it into smaller pieces.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-07-21 16:40:40 +03:00
Jouni Malinen
fd9f170098 Remove unnecessary nested ifdef CONFIG_AP
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-07-21 16:01:29 +03:00
Antonio Quartulli
13adc57b39 IBSS RSN: Add peer restart detection
To better support the IBSS/RSN mechanism, wpa_supplicant has to be able
to detect a possible peer reboot and in this case it should start a new
EAPOL handshake.

To perform such reboot detection wpa_supplicant has to perform an Open
Authentication by sending an Authentication frame and then replying to
it. IF an Authentication frame is received when the key have already
been exchanged, wpa_supplicant understands that the peer has rebooted
and can reset its state machine.

Whenever a new peer is added to the IBSS wpa_supplicant will start the
Open Authentication and only after having accomplished it will start the
key exchange. If the driver does not support Authentication frame
exchange initiated from user space, this step is skipped to maintain
previous behavior (just go through EAPOL-Key frame processing).

The Open Authentication was partly supported by the Linux kernel but now
wpa_supplicant can register for Authentication frames, handle it in
userspace and so avoid any possible race condition.

Signed-hostap: Nicolas Cavallari <cavallar@lri.fr>
Signed-hostap: Antonio Quartulli <antonio@open-mesh.com>
2013-07-21 15:56:53 +03:00
Jouni Malinen
ec384c566a IBSS RSN: Fix disconnect() with internal SME
Commit 1aef400bf0 implemented IBSS RSN
disconnect() call using sta_deauth() in a way that resulted in NULL
pointer dereference in driver_nl80211.c if SME was in user space. Fix
this by passing the own MAC address in the sta_deauth call.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-07-21 15:21:38 +03:00
Arend van Spriel
4ed8d954dd TDLS: Tear down TDLS using wpas_drv_tlds_oper() if not external
When the device indicates to take care of TDLS operations the TDLS
setup is done calling wpas_drv_tdls_oper(). This patch does a similar
thing for the teardown. This fixes failure of teardown:

"TDLS: Could not find peer <mac> for link Teardown"

Signed-hostap: Arend van Spriel <arend@broadcom.com>
2013-07-20 17:52:32 +03:00
Chengyi Zhao
831770bffe Cancel delayed scheduled scan when wpa_supplicant cleans up
Because a delayed scheduled scan will access the members of struct
wpa_supplicant which is freed and this can result in a crash,
wpa_supplicant needs to cancel delayed scheduled scan during cleanups.

Signed-hostap: Chengyi Zhao <chengyix.zhao@gmail.com>
2013-07-20 17:47:02 +03:00
Michal Kazior
c8ebeda406 wpa_supplicant: Add support for VHT BSS membership selector
This allows wpa_supplicant to associate to an AP that has VHT BSS
membership selector set to indicate VHT support is required for the BSS.

Without the patch it was impossible to connect to, e.g., hostapd-based
AP that has require_vht=1. wpa_supplicant was complaining with:
  hardware does not support required rate 63.0 Mbps

Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
2013-07-20 17:28:42 +03:00
Jouni Malinen
1075b29571 P2P: Report group formation failure on error to start GO mode
There is no need to wait for the 15 second group formation timeout
before indicating P2P group formation failure if GO mode cannot be
started successfully for some reason.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-07-11 17:04:46 +03:00
Jouni Malinen
b62b29ea87 Do not block on ctrl_iface monitor events
It looks like some of the global control interface cases ended up
blocking in sendmsg() when trying to send an event. Since this can block
all wpa_supplicant processing for multiple seconds, this is very
undesirable. Avoid this by requesting sendmsg() to return an error
rather than waiting for the message to be sent.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-07-11 17:04:29 +03:00
Jouni Malinen
0b9d3b22c8 Interworking: Relax 3GPP info PLMN matching for MNC
3GPP TS 24.232 Annex A.3 allows network operator to advertise only two
digits of MNC even if MNC has three digits. Allow such matches in
network selection. In addition, allow three digit matches of MNC even if
MNC length was assumed to be two to avoid missing networks if MNC length
cannot be determined reliably. Remove the '-' separator from simulated
SIM/USIM cases to allow the new matching rules to work.

Fix the PLMN List information element parsing loop to use the length of
the PLMN List instead of the length of the full 3GPP Cellular Info to
avoid unexpected matches should a new element ever be added by 3GPP.

Finally, add more debug prints from PLMN matching to make the logs
easier to understand.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-07-08 16:53:05 +03:00
Junli Zhao
c7a67a7719 WPS: Disconnect when removing existing WPS network block
wpas_clear_wps() was just clearing the current wpa_s->current_ssid
pointer when removing a WPS network block which with the device was
associated. This could leave the association up even though the network
block had already been removed. Prevent this by explicitly disconnecting
from the network instead of such clearing current_ssid.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-07-08 12:09:18 +03:00
Jouni Malinen
7e7610d788 EAP-EKE: Add peer implementation
This adds a new password-based EAP method defined in RFC 6124.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-07-07 20:30:10 +03:00
Tomasz Bursztyka
06aeff5f8f dbus: Register the AutoScan method call at the right place
Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
2013-07-01 19:11:34 +03:00
Jouni Malinen
78f79fe5fc P2P: Do not add ctrl interface for P2P_DEVICE (p2p-dev-*)
Adding a new wpa_supplicant control interface for the dedicated
P2P_DEVICE would be quite confusing for programs that manage P2P
operations. Remove this control interface and require the global control
interface to be used since it will provide consistent interface for both
the new dedicated P2P_DEVICE (non-netdev) and old style P2P management
through a netdev.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-07-01 00:36:33 +03:00
Jouni Malinen
1c42b42f6c P2P: Fix TDLS and l2_packet init without P2P Device interface
Commit c68f6200a7 made these calls
conditional on !p2p_mgmt, but forced p2p_mgmt=1 for cases where the
driver does not use the dedicated P2P Device. Fix this by making the
!p2p_mgmt condition apply only if the driver does indicate use of a
dedicated P2P Device.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-06-30 20:02:25 +03:00
Jouni Malinen
9e6a321815 Fix non-P2P build after the P2P_DEVICE changes
Commit c68f6200a7 added a call to a
function that exists only for P2P builds. Fix that with #ifdef
CONFIG_P2P.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-06-30 13:19:59 +03:00
Arend van Spriel
2e5ba4b6d1 P2P: Derive group interface name bit more sensibly
The interface name for the P2P group interface is derived from the
P2P management interface. When the P2P management interface is a
P2P Device interface, i.e., p2p-dev-wlanX, the name for the group
interface is abbreviated to p2p-X (X being group index). When the
P2P management interface starts with p2p-dev- use its postfix
instead. So P2P management interface p2p-dev-wlan3 results in group
interface name p2p-wlan3-0.

Signed-hostap: Arend van Spriel <arend@broadcom.com>
2013-06-30 10:50:14 +03:00
Arend van Spriel
c68f6200a7 P2P: Create P2P Device interface if supported
If the capability flag of the driver indicates a dedicated P2P Device is
supported, a P2P Device interface is created.

Create the P2P Device in main interface creation loop when the added
interface flags support and P2P supplicant is not yet initialized
avoiding recursion of add_interface.

Do not register l2_packet for P2P Device interface (both for EAPOL and
for TDLS).

Signed-hostap: Arend van Spriel <arend@broadcom.com>
2013-06-30 10:50:14 +03:00
Arend van Spriel
bb4028f165 P2P: Ignore p2p_no_group_iface when driver advertizes P2P_DEVICE support
Setting p2p_no_group_iface means 'use P2P management interface as P2P
connection interface' because it attempts to change the interface type.
The P2P_DEVICE is a dedicated interface and can not be changed. As such
ignore the configuration option.

Signed-hostap: Arend van Spriel <arend@broadcom.com>
2013-06-30 10:50:13 +03:00
Jouni Malinen
080585c01a Add support for OCSP stapling to validate server certificate
When using OpenSSL with TLS-based EAP methods, wpa_supplicant can now be
configured to use OCSP stapling (TLS certificate status request) with
ocsp=1 network block parameter. ocsp=2 can be used to require valid OCSP
response before connection is allowed to continue.

hostapd as EAP server can be configured to return cached OCSP response
using the new ocsp_stapling_response parameter and an external mechanism
for updating the response data (e.g., "openssl ocsp ..." command).

This allows wpa_supplicant to verify that the server certificate has not
been revoked as part of the EAP-TLS/PEAP/TTLS/FAST handshake before
actual data connection has been established (i.e., when a CRL could not
be fetched even if a distribution point were specified).

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-06-30 01:01:15 +03:00
Arend van Spriel
72950ed240 P2P: Remove a call to wpas_p2p_deinit_global()
In wpa_supplicant_deinit(), the function wpas_p2p_deinit_global()
was called. Remove it as it will be called from wpas_deinit_iface()
upon removal of the P2P management interface.

Signed-hostap: Arend van Spriel <arend@broadcom.com>
2013-06-25 13:56:28 +03:00
Chengyi Zhao
8a901d750b D-Bus: Emit signal when a station is authorized or deauthorized
Add "StaAuthorized" and "StaDeauthorized" D-Bus interface in AP mode.
After enabling the AP mode of wpa_supplicant, the other process need to
get the MAC address and authorization status of every station, so
wpa_supplicant emits signal when the station is authorized or
deauthorized.

Signed-hostap: Chengyi Zhao <chengyix.zhao@gmail.com>
2013-06-22 12:09:09 +03:00
Andrei Otcheretianski
9578329874 Add AVG_RSSI report in signal_poll
Add AVG_RSSI report to the signal_poll command if it is reported by
the kernel.

Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Signed-hostap: Ilan Peer <ilan.peer@intel.com>
2013-06-22 12:01:05 +03:00
Andrei Otcheretianski
2cc8d8f4e8 Add bandwidth and center freq info to signal_poll
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Signed-hostap: Ilan Peer <ilan.peer@intel.com>
2013-06-22 12:00:46 +03:00
Alexander Bondar
1e0e943e19 Remove 802.11b rates only in case of P2P group operation
11b rates removal have had impact on SoftAP functionality in
wpa_supplicant. This patch verifies that only in case of P2P group
operation 11b rates will be eliminated. Refer also to commit
4c2c302893.

Signed-hostap: Alexander Bondar <alexander.bondar@intel.com>
Signed-hostap: Ilan Peer <ilan.peer@intel.com>
2013-06-22 11:28:33 +03:00
Jouni Malinen
ec7b97ab00 Interworking: Add support for using eap_proxy offload
Fetch IMSI through eap_proxy for Interworking network selection if
needed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-06-19 18:42:17 +03:00
Jouni Malinen
aa20e1a1fb Remove CONFIG_NO_WPA2 build parameter
There is not much use for enabling WPA without WPA2 nowadays since most
networks have been upgraded to WPA2. Furthermore, the code size savings
from disabling just WPA2 are pretty small, so there is not much
justification for maintaining this build option. Remove it to get rid of
undesired complexity.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-06-07 20:13:25 +03:00