Commit graph

2720 commits

Author SHA1 Message Date
Jouni Malinen
1161ff1ef5 hostapd: Allow TDLS use to be prohibited in the BSS
tdls_prohibit=1 and tdls_prohibit_chan_switch=1 and now be used to
disable use of TDLS or TDLS channel switching in the BSS using
extended cabilities IE as defined in IEEE 802.11z.
2011-01-28 19:21:59 +02:00
Jouni Malinen
9a994178f1 wlantest: Add command for adding WEP keys during run time 2011-01-28 13:33:21 +02:00
Jouni Malinen
dfaeda0492 Fix couple of compiler warnings about uninitialized variables 2011-01-26 21:29:28 +02:00
Jouni Malinen
4e062e35de wlantest: Handle missing fields in TDLS Setup Confirm error case 2011-01-24 20:51:28 +02:00
Jouni Malinen
2878cae7a7 wlantest: Handle missing fields in TDLS Setup Response error case 2011-01-24 18:16:26 +02:00
Jouni Malinen
5acf56f6a2 wlantest: Count TDLS Teardown messages 2011-01-24 17:00:28 +02:00
Jouni Malinen
9559a7f882 wlantest: Fix compiler warnings 2011-01-24 16:57:36 +02:00
Jouni Malinen
44a0486607 wlantest: Fix TDLS setup failure counting
Need to be able to handle TDLS Setup Response frame with LinkId IE
when non-zero status code is used. In addition, allow finding of a
TDLS entry based on real BSSID instead of the one used in the LinkId
to allow negative testing of different BSS.
2011-01-24 15:25:59 +02:00
Jouni Malinen
244c9303cb wlantest: Determine ping matches properly for direct link
Check ICMP echo request/response matches for both STAs to get proper
counter values for a ping from a one STA to another one using TDLS.
2011-01-24 14:50:51 +02:00
Jouni Malinen
719e7eb28d wlantest: Set direct links down on deauth/disassoc 2011-01-24 14:34:54 +02:00
Jouni Malinen
0d2e395d74 wlantest: Maintain only a single entry for an active direct link
The TDLS link itself is bidirectional, but there is explicit
initiator/responder roles. Remove the other direction of the link if it
exists when processing TDLS Setup Confirm to make sure that the link
counters are stored for the current TDLS entery.

This is also changing the control interface search for TDLS counters
to require initiator/responder addresses in the correct order instead
of matching entries regardless of the role.
2011-01-24 14:34:45 +02:00
Jouni Malinen
eb4923fdae wlantest: Add counters for TDLS setup frames 2011-01-24 14:03:03 +02:00
Jouni Malinen
8a1cf4be21 wlantest: Add TDLS entry on TDLS Setup Request
This will make the TDLS counters available even if setup fails.
2011-01-19 14:00:14 +02:00
Jouni Malinen
2caf69247b wlantest: Check WPA/RSN IE match between AssocReq and Beacon
Note unexpected WPA/RSN IE in AssocReq and ignore them if the last
Beacon/ProbeResp from the AP is not advertising support for
WPA/RSN.
2011-01-17 19:52:35 +02:00
Jouni Malinen
cbcf92b42f AP: Validate management frame length
Make sure that received management frames are long enough before
processing them. This avoids a potential segmentation fault if a
driver delivers an invalid frame all the way to hostapd.
2011-01-17 12:21:29 +02:00
Dan Harkins
e4d7b22a53 EAP-pwd: Fix some interoperability issues
The changes are:

  1. the word "and" in the hunting-and-pecking string passed to the KDF
     should be capitalized.
  2. the primebitlen used in the KDF should be a short not an int.
  3. the computation of MK in hostap is based on an older version of the
     draft and is not the way it's specified in the RFC.
  4. the group being passed into computation of the Commit was not in
     network order.
2011-01-16 13:12:07 +02:00
Jouni Malinen
b13d3d63d5 EAP-pwd: Use os_free to free memory allocated with os_malloc
The direct use of free() caused a crash with CONFIG_WPA_TRACE=y.
2011-01-16 13:02:11 +02:00
Jouni Malinen
bc8318acbc WPA: Add more info for EAPOL-Key Nonce/MIC debugging 2011-01-15 16:57:08 +02:00
Jouni Malinen
6c9a98a20d IBSS RSN: Do not start multiple Auth/Supp for same peer
This avoids an issue when a received EAPOL-Key frame from a peer
is initiating IBSS RSN Authenticator and Supplicant for the peer
and the following new-STA-in-IBSS event from the driver is adding
yet another instance of Authenticator/Supplicant. The EAPOL-Key
RX case was already checking whether an instance had been started;
the driver new-STA event needs to do same.
2011-01-15 16:55:15 +02:00
Jouni Malinen
50b05780c2 IBSS RSN: Delay setting of the initial TX GTK
The driver may get confused if we set the initial TX GTK before having
fully configured and connected to an IBSS, so better delay this
operation until the connection (join/start IBSS) has been completed.
2011-01-15 14:07:02 +02:00
Jouni Malinen
2e479416d1 wlantest: Add support for decrypting WEP frames 2011-01-14 17:43:17 +02:00
Jouni Malinen
3558c41ee7 wlantest: Add more details for CCMP MIC failures 2011-01-14 16:32:59 +02:00
Jouni Malinen
ef44a08bea wlantest: Fix masking of CCMP AAD QC field 2011-01-14 16:32:14 +02:00
Chao-Wen Yang
449adbaca9 WPS: Indicate WPS-FAIL event on EAPOL timeout-based failure callback
If the EAPOL processing times out (e.g., if the AP stops replying
to messages for some reason) during WPS negotiation, we need to
indicate WPS-FAIL event from eapol_cb since no other WPS failure is
reported for this particular case.
2011-01-13 18:04:33 +02:00
Chao-Wen Yang
c5cf0a18f1 WPS: Add mechanism for indicating non-standard WPS errors
Previously, only the Configuration Error values were indicated in
WPS-FAIL events. Since those values are defined in the specification
it is not feasible to extend them for indicating other errors. Add
a new error indication value that is internal to wpa_supplicant and
hostapd to allow other errors to be indicated.

Use the new mechanism to indicate if negotiation fails because of
WEP or TKIP-only configurations being disallows by WPS 2.0.
2011-01-13 17:50:59 +02:00
Jouni Malinen
e24cf97c0d P2P: Check GO Neg Req retransmit limit in p2p_listen_end
This needs to be done both in the more normal location in
p2p_timeout_connect_listen() (internal timeout after driver event) and
in p2p_listen_end() as a workaround for the case where the driver event
is delayed to happen after the internal timeout.
2011-01-12 13:48:55 +02:00
Jouni Malinen
8d806cc2af test-sha1: Add test vectors from RFC 6070
The test with very large iterations count is commented out since it
takes quite long to derive (it does pass, though). In addition, the
last test vector is commented out since pbkdf2_sha1() does not support
arbitrary binary passphrases (\0 inside the string).
2011-01-10 20:41:04 +02:00
Jouni Malinen
60ea8187c9 nl80211: Set NL80211_ATTR_KEY_DEFAULT_TYPES based on set_key addr
This allows mac80211 to configure default keys properly for RSN IBSS
mode.
2011-01-09 19:54:50 +02:00
Jouni Malinen
0382097ef3 Use set_key addr to distinguish default and multicast keys
Previously, both NULL and ff:ff:ff:ff:ff:ff addr were used in various
places to indicate default/broadcast keys. Make this more consistent
and useful by defining NULL to mean default key (i.e., used both for
unicast and broadcast) and ff:ff:ff:ff:ff:ff to indicate broadcast
key (i.e., used only with broadcast).
2011-01-09 19:44:28 +02:00
Jouni Malinen
8546ea1930 nl80211: Avoid infinite loop when searching a BSS
When hostapd is removing a virtual BSS interface, the loop here was
incorrectly not updating the iterator during list traversal and
ended up in an infinite loop in some cases.
2011-01-09 19:18:50 +02:00
Jouni Malinen
4d379f1243 Move hostap driver specific workaround into the driver wrapper 2011-01-09 12:50:57 +02:00
Jouni Malinen
dff99f8ec1 Do not use set_tx=1 when clearing keys with set_key 2011-01-09 12:18:36 +02:00
Jouni Malinen
260832214e Use key=NULL when clearing PTK with set_key
The key clearing operations are using NULL everywhere else, so make
this consistent with other callers.
2011-01-09 12:12:48 +02:00
Jouni Malinen
da64c266e7 Use more consistent set_key seq value when nothing is being set
Use NULL instead of (u8 *) "" as the seq value and make sure the
driver wrapper implementations can handle NULL value. This was
previously already done in number of places, but not everywhere.
2011-01-09 12:09:04 +02:00
Jouni Malinen
0a9ddd92cd wlantest: Add STA counter prot_data_tx 2011-01-07 17:09:09 +02:00
Jouni Malinen
e7ba4e2c74 wlantest: Add counters for AP deauth/disassoc while asleep/awake
These can be used to check whether the STA is in power save mode
and because of that, is not seeing disconnection notifications.
2011-01-07 16:52:56 +02:00
Jouni Malinen
7e7a57ae3f wlantest: Track station PS state 2011-01-07 15:54:58 +02:00
Jouni Malinen
01b397dd94 wlantest: Add more details for replay debug messages
These make it easier to find the frame in question when looking at
the capture in Wireshark.
2011-01-07 14:17:08 +02:00
Jouni Malinen
6c6ad81f9c WPS: Make WPS-AP-AVAILABLE* events a bit more consistent
The BSS table entries may be in more or less random order and it is
better to show the most likely WPS configuration method in a way that is
somewhat more consistent instead of just showing the method of the first
BSS entry found in the table.
2011-01-05 11:49:03 +02:00
Jouni Malinen
62a0255c1f wlantest: Skip frames inserted by wlantest when reading pcap file
This makes debug output clearer when re-reading a file that has
previously been processed and decrypted by wlantest.
2011-01-05 10:41:51 +02:00
Jouni Malinen
fb8f5fc6fd wlantest: Count number of STA ACK'ed Deauth/Disassoc frames 2011-01-03 19:28:40 +02:00
Jouni Malinen
1da4da6f76 wlantest: Add ping_ok_first_assoc STA counter
This can be used to verify whether ping goes through between
clearing of the STA counters and the first (re)association.
2011-01-03 16:54:14 +02:00
Jouni Malinen
df83fb7d00 Fix wpa_supplicant_ssid_bss_match() handler for non-WPA
The proto configuration may be left to non-zero when moving from one
configuration to another. To avoid misidentifying a network
configuration as enabling WPA, check key_mgmt field, too.
2010-12-30 18:27:33 +02:00
Shan Palanisamy
dcc8bf7808 atheros: Rename "madwifi_" prefix to "atheros_" 2010-12-30 16:14:28 +02:00
Yi Zhu
23763c6516 bsd: Fix receive buffer alignment issue
wpa_supplicant seems to crash from time to time on a NetBSD 4.0 MIPS
platform. The root cause turned out to be a MIPS alignment issue.

In my wpa_supplicant crash case, in function
wpa_driver_bsd_event_receive (from driver_bsd.c), the buf[2048] address
is started from i.e. 0x7fffd546, which is not 4 bytes aligned. Later
when it is casted to (struct if_msghdr *), and rtm->rtm_flags is used.
rtm->rtm_flags is "int" type, but its address is not 4 bytes aligned.
This is because the start address of rtm is not 4 bytes aligned.
Unfortunately in NetBSD MIPS kernel (unlike Linux MIPS kernel emulates
unaligned access in its exception handler), the default behavior is to
generate a memory fault to the application that accesses unaligned
memory address. Thus comes the early mentioned wpa_supplicant crash. An
interesting note is when I'm using the wpa_supplicant version 0.4.9, I
never saw this problem. Maybe the stack layout is different. But I
didn't look into details.

I used below patch to resolve this problem. Now it runs correctly for at
least several hours. But you might have a better fix (maybe we can use
malloc/free so that it is at least cache line aligned?). I'm also not
sure if other drivers should have the same problem.
2010-12-30 16:13:19 +02:00
Yi Zhu
9f2951d2fd Fix driver_bsd.c compile error
I got an error for WPA_KEY_RSC_LEN is not defined when compiling the
driver_bsd.c on NetBSD 4.0. Below patch fixed it.
2010-12-30 16:12:32 +02:00
Jouni Malinen
3ac17eba31 P2P: Add initial support for driver-based P2P management
This adds partial callbacks and events to allow P2P management to be
implemented in a driver/firmware. This is not yet complete and is
very much subject to change in the future.
2010-12-30 12:48:55 +02:00
Jouni Malinen
f981eabcf0 WPS: Add option to disable open networks by default
CONFIG_WPS_REG_DISABLE_OPEN=y can be used to configure wpa_supplicant
to disable open networks by default when wps_reg command is used to
learn the current AP settings. When this is enabled, there will be a
WPS-OPEN-NETWORK ctrl_iface event and the user will need to explicitly
enable the network (e.g., with "select_network <id>") to connect to
the open network.
2010-12-30 12:28:13 +02:00
Johannes Berg
5dfca53fc0 nl80211: Use driver-based off-channel TX if available
If the underlying driver supports off-channel TX, it will now be used by
the nl80211 driver wrapper, setting WPA_DRIVER_FLAGS_OFFCHANNEL_TX
accordingly.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-12-29 14:05:34 +02:00
Johannes Berg
190b9062b2 P2P: Add option for offloading off-channel TX to the driver
With the new kernel functionality coming to Linux to allow off-channel
TX, we can take advantage of that in the P2P code that currently uses
remain-on-channel. If a driver advertises support for it, it will be
asked to handle off-channel TX by itself.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-12-29 13:59:17 +02:00