Commit graph

1274 commits

Author SHA1 Message Date
Jouni Malinen
d6150094e0 Move SHA1-based PRF function into a separate C file
This makes it easier to conditionally build in SHA1 functions based
on which TLS/crypto library is used.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 20:26:16 +03:00
Jouni Malinen
e40c86ad27 OpenSSL: Use library function for PBKDF2 passphrase-to-PSK
Use the OpenSSL PKCS5_PBKDF2_HMAC_SHA1() function instead of the
internal implementation in sha1-pbkdf2.c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 20:26:16 +03:00
Jouni Malinen
067ffa2696 Convert os_realloc() for an array to use os_realloc_array()
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-13 21:21:23 +03:00
Jouni Malinen
f9884c096a Convert os_zalloc() for an array to use os_calloc()
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-13 20:44:21 +03:00
Yoni Divinsky
eda070f14f Move WMM AC parameter parser into a common file
This allows the same implementation to be used for wpa_supplicant, too.

Signed-hostap: Yoni Divinsky <yoni.divinsky@ti.com>
2012-08-12 11:33:00 +03:00
Mahesh Palivela
9615994ea6 VHT: Add configuration of operating center frequency
Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-08-10 19:54:54 +03:00
Mahesh Palivela
140e850a66 VHT: Add option for requiring use of VHT
Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-08-10 19:53:24 +03:00
Mahesh Palivela
6c93c38d7c VHT: Document vht_oper_chwidth and fix indentation
Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-08-10 19:44:16 +03:00
Jouni Malinen
179099e676 Replace non-ASCII characters with ASCII characters
There is no point to use non-ASCII characters in this file when
perfectly fine ASCII characters are available..

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-10 19:32:15 +03:00
Michael Braun
03a6a2e972 Add option to use netlink to create and remove VLAN interfaces
CONFIG_VLAN_NETLINK=y build option can now be used to replace the
ioctl()-based interface for creating and removing VLAN interfaces
with netlink-based interface.

Signed-hostap: M. Braun <michael-dev@fami-braun.de>
2012-08-10 14:09:05 +03:00
Michael Braun
a00237ceb8 Add hostapd configuration option to set VLAN naming scheme
Signed-hostap: M. Braun <michael-dev@fami-braun.de>
2012-08-10 14:09:03 +03:00
Dmitry Shmidt
905d699d5e Android: Enable CONFIG_IEEE80211N option for hostapd
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-08-09 23:19:12 +03:00
Jouni Malinen
e122bb70b8 hostapd: Add alternative format for configuring SSID
The new ssid2 parameter can be used as an alternative mechanism for
configuring SSID for hostapd. It uses the same formats that
wpa_supplicant uses in the configuration file for strings.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 16:27:40 +03:00
Jouni Malinen
986de33d5c Convert remaining SSID routines from char* to u8*
This makes it more explicit that the SSID is not a null terminated
C string.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 16:07:25 +03:00
Janusz Dziedzic
2d2398a11f edit: Add support for setting prompt string
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2012-08-05 20:46:34 +03:00
Xi Chen
d32d94dbf4 WNM: Add WNM-Sleep Mode implementation for AP
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:21:23 +03:00
Jay Katabathuni
26fac8b6a0 Interworking: Add Domain Name element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 22:25:19 +03:00
Jay Katabathuni
78bda93e83 Interworking: Add IP Address Type Availability element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 22:25:16 +03:00
Jay Katabathuni
550a3958f7 Interworking: Add Network Auth Type element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 22:25:14 +03:00
Jouni Malinen
8342185012 HS 2.0: Add mechanism for disabling DGAF
disable_dgaf=1 in hostapd.conf can now be used to disable downstream
group-addressed forwarding (DGAF). In this configuration, a unique
GTK (and IGTK) is provided to each STA in the BSS to make sure the
keys do not match and no STA can forge group-addressed frames.

An additional mechanism in the AP needs to be provided to handle some
group-addressed frames, e.g., by converting DHCP packets to unicast
IEEE 802.11 frames regardless of their destination IP address and by
providing Proxy ARP functionality.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 18:23:52 +03:00
Jay Katabathuni
19a8ad9944 HS 2.0: Add Hotspot 2.0 Indication for AP
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 18:23:38 +03:00
Jay Katabathuni
159c89ab4f HS 2.0: Add configuration for Hotspot 2.0 AP support
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 18:23:11 +03:00
Jouni Malinen
8494623403 Fix a typo in a comment
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-30 17:55:41 +03:00
Mahesh Palivela
532b16c7a9 hostapd: Add IEEE 802.11ac VHT IEs into Beacon/Probe Response
IEEE 802.11ac VHT changes to include VHT IEs in Beacon and Probe
Response frames.

Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-06-30 13:57:52 +03:00
Mahesh Palivela
efe45d1471 hostapd: Initial IEEE 802.11ac (VHT) definitions
Add IEEE 802.11ac definitions for config, IEEE structures, constants.

Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-06-30 13:52:13 +03:00
Jouni Malinen
51ca03f470 WPS: Document NFC use cases with password/config token
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 21:28:49 +03:00
Jouni Malinen
ffdaa05a6b WPS: Add support for NCF password token from AP
The new hostapd ctrl_iface command WPS_NFC_TOKEN can now be used to
manage AP-as-Enrollee operations with NFC password token. WPS/NDEF
parameters to this command can be used to generate a new NFC password
token. enable/disable parameters can be used to enable/disable use of
NFC password token (instead of AP PIN) for external Registrars.

A preconfigured NFS password token can be used by providing its
parameters with new hostapd.conf fields wps_nfc_dev_pw_id,
wps_nfc_dh_pubkey, wps_nfc_dh_privkey, and wps_nfc_dev_pw. This use
will also depend on WPS_NFC_TOKEN enable/disable commands, i.e., the
configured NFS password token is disabled by default.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 19:43:29 +03:00
Jouni Malinen
3cf7a59d4f WPS: Add new mechanism for generation NFC configuration token
The new hostapd ctrl_iface command WPS_NFC_CONFIG_TOKEN can now be used
to fetch payload for an NFC configuration token so that an external
program can be used to write this on an NFC tag.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 13:25:48 +03:00
Jouni Malinen
bb45b6d79a WPS: Add new mechanism for communicating NFC tag read events
hostapd ctrl_iface can now be used to deliver payload from read
operation of an NFC tag. This allows operations without having to have
low-level NFC code within hostapd. For now, the new wps_nfc_tag_read
command can be used with NFC password tokens for the case where the AP
has an NFC device that is used to read an NFC tag from the station
Enrollee.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:13 +03:00
Jouni Malinen
bde7ba6caf RADIUS DAS: Validate Event-Timestamp
DAS will now validate Event-Timestamp value to be within an acceptable
time window (300 seconds by default; can be set using
radius_das_time_window parameter). In addition, Event-Timestamp can be
required in Disconnect-Request and CoA-Request messages with
radius_das_require_event_timestamp=1.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-17 17:43:36 +03:00
Baruch Siach
17706d1c76 hostapd: Return error value on configuration check failure
Don't count errors since the number isn't used anyway.

Signed-hostap: Baruch Siach <baruch@tkos.co.il>
2012-06-16 20:30:28 +03:00
Baruch Siach
4929898dab hostapd: Remove redundant variable initialization
The 'errors' variable is initialized later anyway.

Signed-hostap: Baruch Siach <baruch@tkos.co.il>
2012-06-16 20:26:51 +03:00
Jouni Malinen
b6668734ab WNM: Add advertisement of BSS max idle period
If WNM is enabled for the build (CONFIG_WNM=y), add BSS max idle period
information to the (Re)Association Response frame from the AP and parse
this information on the station. For SME-in-wpa_supplicant case, add a
timer to handle periodic transmission of the keep-alive frame. The
actual request for the driver to transmit a frame is not yet
implemented.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-27 17:35:00 -07:00
Dmitry Shmidt
dfb42efb34 wpa_supplicant: Make Android makefiles available under the BSD license
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-05-14 20:34:24 -04:00
Jouni Malinen
ec4a5d32b1 Add ChangeLog entries from v1.0 release
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-10 22:12:07 +03:00
Jouni Malinen
b031338cf0 Add preliminary RADIUS dynamic authorization server (RFC 5176)
This adds the basic DAS mechanism to enable hostapd to be configured
to request dynamic authorization requests (Disconnect-Request and
CoA-Request). This commit does not add actual processing of the
requests, i.e., this will only receive and authenticate the requests
and NAK them regardless of what operation is requested.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-06 22:02:42 +03:00
Jouni Malinen
af35e7af7f hostapd: Allow addition of arbitrary RADIUS attributes
New configuration parameters radius_auth_req_attr and
radius_acct_req_attr can now be used to add (or override) RADIUS
attributes in Access-Request and Accounting-Request packets.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-05 20:19:56 +03:00
Jouni Malinen
86f6053aa2 hostapd: Add optional Chargeable-User-Identity request (RFC 4372)
radius_request_cui=1 configuration parameter can now be used to
configure hostapd to request CUI from the RADIUS server by including
Chargeable-User-Identity attribute into Access-Request packets.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-05 18:19:54 +03:00
Jouni Malinen
5daba48ca7 hlr_auc_gw: Use 5 bit IND for SQN updates
Change the SQN generation mechanism to use not time-based Profile 2
as described in 3GPP TS 33.102 Annex C.3.2. The previous implementation
used void IND (i.e.., all of SQN was SEQ1). The new default uses 5 bits
of SQN as IND. The length of IND can be configured on the command line
with the new -i<IND len in bits> parameter. -i0 would make hlr_auc_gw
behave in the same way as the previous implementation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-05 14:12:42 +03:00
Jouni Malinen
5336861301 hlr_auc_gw: Add support for updating Milenage file SQN
If the new command line argument -u is used, hlr_auc_gw will update
the Milenage file SQN numbers when exiting based on what was the last
SQN used during the process runtime.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-03 22:39:49 +03:00
Jouni Malinen
057a92ec5c hlr_auc_gw: Fix CONFIG_WPA_TRACE=y build
Need to initialize tracing code and use correct free() wrapper.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-03 22:05:04 +03:00
Jouni Malinen
762e4ce620 EAP-AKA': Update to RFC 5448
There was a technical change between the last IETF draft version
(draft-arkko-eap-aka-kdf-10) and RFC 5448 in the leading characters
used in the username (i.e., use unique characters for EAP-AKA' instead
of reusing the EAP-AKA ones). This commit updates EAP-AKA' server and
peer implementations to use the leading characters based on the final
RFC.

Note: This will make EAP-AKA' not interoperate between the earlier
draft version and the new version.

Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-05-02 20:45:01 +03:00
Ben Greear
9d05374796 Make bind failure messages unique
This helps someone know which part of the code is complaining.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-04-06 12:10:36 +03:00
Sujith Manoharan
1ed08baf89 hostapd: Do not allow HT in 11b mode
When the HW mode has been configured as 11b, disable HT
operations.

Signed-hostap: Sujith Manoharan <c_manoha@qca.qualcomm.com>
2012-04-03 12:03:18 +03:00
Anirban Sirkhell
4c374cde2f Add wps_cancel for hostapd_cli
Implement wps_cancel for hostapd similarly to how it was already
supported in wpa_supplicant AP mode.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-30 11:11:35 +03:00
Jouni Malinen
648cc711a5 GAS server: Add support for ANQP Venue Name element
The new venue_name configuration parameter can now be used to configure
the ANQP Venue Name values that stations can request through GAS.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-26 22:53:22 +02:00
Jay Katabathuni
dca30c3fb7 Interworking: Add GAS server support for AP mode
This adds GAS/ANQP implementation into hostapd. This commit brings in
the basic GAS/ANQP functionality, but only the ANQP Capability List
element is supported.

For testing purposes, hostapd control interface SET command can be used
to set the gas_frag_limit parameter dynamically.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-26 22:52:53 +02:00
Dmitry Shmidt
1e1411b04f Android: Add PLATFORM_VERSION to VERSION_STR_POSTFIX definition
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-02-25 18:22:38 +02:00
Dmitry Shmidt
5db498920f Android: Add build configuration files
These are from Android wpa_supplicant_8.git initial 0.8.X commit
8d520ff1dc2da35cdca849e982051b86468016d8 with some additional edits and
renaming of .config files to android.config.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-02-25 18:22:34 +02:00
Jithu Jance
e60b295186 Add wpa_supplicant AP mode STA deauthenticate/disassociate commands
Move disassociate and deauthenticate commands to ctrl_iface_ap.c, so
that they ares accessible for wpa_supplicant AP mode and wpa_cli (with
CONFIG_AP option enabled).

Signed-hostap: Jithu Jance <jithu@broadcom.com>
2012-02-25 17:22:48 +02:00
Jouni Malinen
9d23cff598 hostapd: Allow 'none' driver to be started without ifname
Commit 0dcc4dc4b3 made driver
initialization conditional on interface name being configured. This can
break hostapd-as-RADIUS-server use case where this parameter does not
really make any sense. Fix this with a special case for the none driver.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-16 23:11:29 +02:00
Jouni Malinen
07bcdbb150 Move hostapd_for_each_interface() and hapd_interfaces into src/ap
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:46:27 +02:00
Shan Palanisamy
9e7d033ef4 hostapd: Make sure ctrl_iface is not initialized multiple times
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:44:43 +02:00
Shan Palanisamy
0dcc4dc4b3 Do not call driver_init if hostapd interface is not yet configured
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:43:48 +02:00
Shan Palanisamy
c0971c561f Do not call hapd_deinit if driver was not initialized
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:42:29 +02:00
Shan Palanisamy
31b79e1197 hostapd: Allow config parameters to be set through ctrl_iface
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:36:48 +02:00
Jouni Malinen
a7f5b74d43 Split hostapd security parameter updating into a separate function
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:35:54 +02:00
Shan Palanisamy
ef45bc892d hostapd: Split config item parser into a separate function
This makes it easier to use the configuration file parser for updating
the configuration at run time.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:34:21 +02:00
Shan Palanisamy
31b540ebd5 Clear wpa_psk/passphrase when the other option is configured
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:32:48 +02:00
Jouni Malinen
0f3d578efc Remove the GPL notification from files contributed by Jouni Malinen
Remove the GPL notification text from the files that were
initially contributed by myself.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 19:39:36 +02:00
Jouni Malinen
331f89ff5b Select the BSD license terms as the only license alternative
Simplify licensing terms for hostap.git by selecting the BSD license
alternative for any future distribution. This drops the GPL v2
alternative from distribution terms and from contribution requirements.

The BSD license alternative that has been used in hostap.git (the one
with advertisement clause removed) is compatible with GPL and as such
the software in hostap.git can still be used with GPL projects. In
addition, any new contribution to hostap.git is expected to be licensed
under the BSD terms that allow the changes to be merged into older
hostap repositories that still include the GPL v2 alternative.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 19:39:31 +02:00
Dan Harkins
27c9d333d4 EAP-pwd: Describe build option for EAP-pwd
Signed-hostap: Dan Harkins <dharkins@lounge.org>
2012-02-11 12:17:58 +02:00
Jouni Malinen
57d38ddf6b Update copyright notices to include year 2012
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-01 18:59:16 +02:00
Yogesh Ashok Powar
ef01fa7bfa hostapd: Make inactivity polling configurable
hostapd uses the poll method to check if the station is alive
after the station has been inactive for ap_max_inactivity seconds.
Make the poll mechanism configurable so that user can choose to
disconnect idle clients.

This can be especially useful when some devices/firmwares have
restrictions on the number of clients that can connect to the AP
and that limit is smaller than the total number of stations trying
to use the AP.

Signed-off-by: Yogesh Ashok Powar <yogeshp@marvell.com>
Signed-off-by: Nishant Sarmukadam <nishants@marvell.com>
2011-12-25 20:57:01 +02:00
Michael Braun
05ab9712b9 Allow WPA passphrase to be fetched with RADIUS Tunnel-Password attribute
This allows per-device PSK to be configured for WPA-Personal using a
RADIUS authentication server. This uses RADIUS-based MAC address ACL
(macaddr_acl=2), i.e., Access-Request uses the MAC address of the
station as the User-Name and User-Password. The WPA passphrase is
returned in Tunnel-Password attribute in Access-Accept. This
functionality can be enabled with the new hostapd.conf parameter,
wpa_psk_radius.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2011-12-11 13:01:57 +02:00
Arik Nemtsov
4f73d88afa Maintain internal copy of Probe Response offload capabilities
Signed-hostap: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Arik Nemtsov <arik@wizery.com>
2011-12-10 21:11:32 +02:00
Ben Greear
e04a163180 AP: Convert some wpa_printf to wpa_msg/dbg
This generates better log messages when running multiple
interfaces in one process.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-12-10 16:28:14 +02:00
Jouni Malinen
505a36941e Add MSK dump mechanism into hostapd RADIUS server for testing
Testing code can now be enabled in the hostapd RADIUS server to dump
each derived MSK into a text file (e.g., to be used as an input to
wlantest). This functionality is not included in the default build
and can be enabled by adding the following line to hostapd/.config:
CFLAGS += -DCONFIG_RADIUS_TEST

The MSK dump file is specified with dump_msk_file parameter in
hostapd.conf (path to the dump file). If this variable is not set,
MSK dump mechanism is not enabled at run time.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-09 00:15:04 +02:00
Bharat Chakravarty
8e5f913456 WPS: Allow RF Bands value to be overridden
A new hostapd.conf parameter, wps_rf_bands, can now be used to fix the
RF Bands value in cases where hw_mode is not set or when operating a
dual band dual concurrent AP.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-30 17:44:43 +02:00
Jouni Malinen
ca84eed7ad TLS: Add build configuration for TLS v1.2 support
This allows the internal TLS implementation to be built for TLS v1.2
support. In addition to the build option, this changes the TLS PRF
based on the negotiated version number. Though, this commit does not
yet complete support for TLS v1.2.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 21:45:07 +02:00
Jouni Malinen
8307489840 Add implementation of TLS v1.2 PRF (P_SHA256)
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 21:10:06 +02:00
Jouni Malinen
90cba4e7ab hostapd: Define CONFIG_SHA256 for SHA256 builds
wpa_supplicant was already doing this and hostapd will need to define
this for future additions.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 21:10:06 +02:00
Jouni Malinen
0bf927a03e Use wpa_key_mgmt_*() helpers
This cleans up the source code and makes it less likely that new AKM
addition misses some needed changes in the future.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-24 22:47:46 +02:00
Dmitry Shmidt
20b2161d5b Android: Move WPA_BUILD check in Android.mk
This is part of commit e61a2d6db6113da5fad91660764afdb0596dbc46 from
Android wpa_supplicant_8.git.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-11-23 17:58:44 +02:00
Jeff Brown
4482f1fbc4 Android: Remove the simulator target from all makefiles
This is commit bbda627478b0e9a312fea4662cd7cd8d6bdf82bf from
Android wpa_supplicant_8.git.
2011-11-23 17:56:41 +02:00
Helmut Schaa
8cfa3527e1 Allow MLME frames to be sent without expecting an ACK (no retries)
In some situations it might be benefical to send a unicast frame without
the need for getting it ACKed (probe responses for example). In order to
achieve this add a new noack parameter to the drivers send_mlme callback
that can be used to advise the driver to not wait for an ACK for this
frame.

Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
2011-11-19 19:02:05 +02:00
Dan Harkins
4301163930 EAP-pwd: Document group configuration for hostapd authentication server 2011-11-19 16:32:21 +02:00
Jouni Malinen
e9447a94c0 Use a single define for maximum number of EAP methods
This cleans up the code a bit by not having to deal with theoretical
possibility of maximum number of EAP methods to be different between
various components in hostapd.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-17 20:06:33 +02:00
Jouni Malinen
895c643407 Remove unused header file inclusion
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-17 20:01:19 +02:00
Jouni Malinen
7cb03b0eaf Android: Update libnl use to match with Android ICS
The libnl_2 library uses static linking and different path for
header files in the Android ICS release.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-15 18:37:10 +02:00
Jouni Malinen
e4b8ac129b Android: Fix hostapd_cli build
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-15 18:34:57 +02:00
Jouni Malinen
dd17f3ec4f Android: Fix hostapd build
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-15 18:34:09 +02:00
Jouni Malinen
aea855d752 Move wpa_scan_results_free() into shared C file
Replace the inline helper function with a new C file that can be used
for common driver API related function.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-13 18:56:26 +02:00
Jouni Malinen
7756114f6a Postpone global_init() call until first driver instance is initialized
This avoids allocating global driver state for driver wrappers that
are built in but not used. This can save some resources and avoids
failures with driver_nl80211.c that is now initializing netlink
connections for nl80211 in global_init().
2011-10-23 13:20:52 +03:00
Jouni Malinen
4b24282a17 hostapd: Call global_init/global_deinit driver_ops
Now both wpa_supplicant and hostapd allow the driver wrappers to use the
global context similarly.
2011-10-22 12:22:59 +03:00
Dmitry Shmidt
8f5b9aa19a Set ANDROID_LOG_NAME depending on application
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-10-21 18:59:42 +03:00
Jouni Malinen
39b97072b2 Add support for Time Advertisement
This adds preliminary support for IEEE 802.11v Time Advertisement
mechanism with UTC TSF offset.
2011-10-18 00:24:16 +03:00
Jouni Malinen
4b2a77aba2 Interworking: Add support for configuring Roaming Consortium List 2011-10-17 23:55:50 +03:00
Jouni Malinen
062390efd4 Start deprecating various AP mode driver_ops
The preferred way of configuring AP mode will be to use set_ap() instead
of number of separate operations hostapd has collected over the years.
2011-10-17 18:35:25 +03:00
Mahesh Palivela
d4370eac2e Move SA Query mechanism into a file that can be shared more easily
This is the first step in allowing SA Query mechanism in hostapd to be
used with drivers that implement authentication and association MLME/SME
(i.e., do not use ieee802_11.c).
2011-10-17 17:33:17 +03:00
Jouni Malinen
71269b3708 WNM: Add BSS Transition Management Request for ESS Disassoc Imminent
"hostapd_cli ess_disassoc (STA addr) (URL)" can now be used to send
an ESS Dissassociation Imminent notification to the STA. This event
is shown in wpa_supplicant ctrl_iface monitors (e.g., wpa_cli):
"WNM: ESS Disassociation Imminent - session_info_url=http://example.com/session/"
2011-10-16 23:55:34 +03:00
Jouni Malinen
b83e3e93c8 IEEE 802.11u: Add configuration and advertisement for Interworking 2011-10-16 23:55:34 +03:00
Mukesh Agrawal
a49214d482 Fix object file list for hlr_auc_gw
If CONFIG_NO_RANDOM_POOL is unset, src/crypto/random.o is linked
into hlr_auc_gw. However, in this configuration, random.o requires
symbols defined in src/utils/eloop.o. So add eloop.o to the object
file list for hlr_auc_gw.
2011-10-15 16:52:51 +03:00
Jouni Malinen
fd2f2d0489 Remove EAP-TTLSv1 and TLS/IA
These protocols seem to be abandoned: latest IETF drafts have expired
years ago and it does not seem likely that EAP-TTLSv1 would be
deployed. The implementation in hostapd/wpa_supplicant was not complete
and not fully tested. In addition, the TLS/IA functionality was only
available when GnuTLS was used. Since GnuTLS removed this functionality
in 3.0.0, there is no available TLS/IA implementation in the latest
version of any supported TLS library.

Remove the EAP-TTLSv1 and TLS/IA implementation to clean up unwanted
complexity from hostapd and wpa_supplicant. In addition, this removes
any potential use of the GnuTLS extra library.
2011-09-25 21:28:32 +03:00
Jouni Malinen
5c47af9a7a TLS: Add support for TLS v1.1 (RFC 4346) with internal TLS
This is disabled by defautl and can be enabled with CONFIG_TLSV11=y
build configuration parameter.
2011-09-25 17:24:46 +03:00
Pavel Roskin
ffbf1eaa26 Fix typos found by codespell
Signed-off-by: Pavel Roskin <proski@gnu.org>
2011-09-22 00:43:59 +03:00
Jouni Malinen
697cd03fc2 AP: Set pairwise/group cipher for non-WPA modes
This is needed to avoid confusing configuration in some nl80211
drivers that the new AP mode configuration alternatives for
setting security policy.
2011-09-15 15:02:59 +03:00
Jouni Malinen
531e420dd7 Remove time.h include from utils/includes.h
os_*() wrappers should be used instead of functions from time.h.
Removing the header from includes.h enforces this. os_unix.c can
include this its uses are valid wrapper calls. wps_upnp.c uses
gmtime() for which there is no os_*() wrapper available yet, so
allow it to use time.h, too. Similarly, allow dump_state.c to
use time.h for ctime().
2011-09-12 22:19:26 +03:00
Jouni Malinen
17f6b90056 WPS: Wait for EAPOL-Start unless WPS 2.0 station as workaround
Extend the code that waits for the station to send EAPOL-Start before
initiating EAPOL authenticator operations to cover the case where the
station includes WPS IE in (Re)Association Request frame if that IE
does not include support for WPS 2.0. While this should not really
be needed, this may help with some deployed WPS 1.0 stations that do
not support EAPOL operations correctly and may get confused of the
EAP-Request/Identity packets that would show up twice if EAPOL-Start
is transmitted.
2011-08-28 19:16:59 +03:00
Jouni Malinen
d0df54caa9 Change example hostapd.conf to use 2.4 GHz channel
This is more likely to work if someone tests the example file with
no or minimal changes.
2011-07-31 00:47:49 +03:00
Pavel Roskin
e783c9b0e5 madwifi: Implement set_freq for hostapd, adjust hostapd.conf
Signed-off-by: Pavel Roskin <proski@gnu.org>
2011-07-29 20:51:55 +03:00
Vladimir
b5cb528d70 Fix hostapd_cli linking without CONFIG_WPA_TRACE=y 2011-07-19 08:45:33 +03:00
Jouni Malinen
4283805972 hostapd_cli: Start using src/utils/edit*.c
This brings hostapd_cli closer to the design used in wpa_cli
and allows command history and editing mechanisms to be added.
2011-07-16 17:37:18 +03:00
Jouni Malinen
cb465555d4 Allow PMKSA caching to be disabled on Authenticator
A new hostapd configuration parameter, disable_pmksa_caching=1, can now
be used to disable PMKSA caching on the Authenticator. This forces the
stations to complete EAP authentication on every association when WPA2
is being used.
2011-07-05 17:13:04 +03:00
Jouni Malinen
38e24575c1 random: Add support for maintaining internal entropy store over restarts
This can be used to avoid rejection of first two 4-way handshakes every
time hostapd (or wpa_supplicant in AP/IBSS mode) is restarted. A new
command line parameter, -e, can now be used to specify an entropy file
that will be used to maintain the needed state.
2011-05-31 20:07:11 +03:00
Jouni Malinen
fa5165586f WPS: Add a workaround for Windows 7 capability discovery for PBC
Windows 7 uses incorrect way of figuring out AP's WPS capabilities by
acting as a Registrar and using M1 from the AP. The config methods
attribute in that message is supposed to indicate only the configuration
method supported by the AP in Enrollee role, i.e., to add an external
Registrar. For that case, PBC shall not be used and as such, the
PushButton config method is removed from M1 by default. If pbc_in_m1=1
is included in the configuration file, the PushButton config method is
left in M1 (if included in config_methods parameter) to allow Windows 7
to use PBC instead of PIN (e.g., from a label in the AP).
2011-05-17 19:53:02 +03:00
Jouni Malinen
5dcfb6830e Include nl80211 driver wrapper in default configuration for hostapd 2011-05-16 21:07:47 +03:00
Guy Eilam
5b73735ba0 hostapd: Fix interfaces.iface initialization
Set all the interfaces.iface pointers to NULL after the allocation of
that memory block for cases those pointers are accessed during each of
the interfaces initialization process (hostapd_interface_init()). One
example for such case is during WPS initialization when the code tries
to fetch the uuid from each of the interfaces.

Signed-off-by: Guy Eilam <guy@wizery.com>
2011-04-15 18:13:04 +03:00
Jouni Malinen
2fee890af7 Add driver capa flag for EAPOL TX status and store capa in hostapd 2011-03-29 17:36:06 +03:00
Jouni Malinen
d47fa330b8 random: Read /dev/random in the background with eloop read socket
This makes it more likely to be able to fetch the 20 octet seed from
/dev/random in cases where other programs may also be competing for
this.
2011-03-22 23:15:00 +02:00
Jouni Malinen
cd9fc7869a hostapd: Add testing mode for RSN element extensions
CFLAGS += -DCONFIG_RSN_TESTING in .config and rsn_testing=1 in
hostapd.conf can now be used to enable a testing mode that adds
extensions to RSN element. This can be used to check whether
station implementations are incompatible with future extensions
to the RSN element.
2011-03-21 13:59:05 +02:00
Johannes Berg
2f646b6e83 WPS: Store (secondary) device type as binary
Instead of converting back and forth from the string representation,
always use the binary representation internally.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-03-17 18:50:22 +02:00
Jouni Malinen
586bad514b Make the link process quieter unless V=1 is specified
Hide the long command lines used for linking the binaries in the
default build. "make V=1" can be used to show the actual commands
if needed.
2011-03-17 12:31:38 +02:00
Jouni Malinen
61fbd3df04 Fix couple of typos in comments 2011-03-11 12:12:36 +02:00
Shan Palanisamy
d7956add9c FT: Make FT-over-DS configurable (hostapd.conf ft_over_ds=0/1) 2011-03-06 14:31:42 +02:00
Dmitry Shmidt
9fc6aa9f95 Add Android make files for hostapd and wpa_supplicant 2011-02-27 19:19:43 +02:00
Jouni Malinen
9e0749737c Update copyright notices to include the new year 2011-02-27 12:50:00 +02:00
Jouni Malinen
9d832bd07d Remove obsolete comments about libnl 1.1 being new 2011-02-21 23:41:56 +02:00
Helmut Schaa
f39b07d7ed hostapd: Allow coexistance of HT BSSes with WEP/TKIP BSSes
In multi BSS setups it wasn't possible to set up an HT BSS in
conjunction with a WEP/TKIP BSS. HT needed to be turned off entirely
to allow WEP/TKIP BSSes to be used.

In order to allow HT BSSes to coexist with non-HT WEP/TKIP BSSes add a
new BSS conf attribute "disable_11n" which disables HT capabilities on a
single BSS by suppressing HT IEs in the beacon and probe response
frames. Furthermore, mark all STAs associated to a WEP/TKIP BSS as
non-HT STAs. The disable_11n parameter is used internally; no new entry
is parsed from hostapd.conf.

This allows a non-HT WEP/TKIP BSS to coexist with a HT BSS without
having to disable HT mode entirely. Nevertheless, all STAs associated to
the WEP/TKIP BSS will only be served as if they were non-HT STAs.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
2011-02-21 17:27:16 +02:00
Jouni Malinen
2944824315 hostapd: Add require_ht configuration parameter
This can be used to configure hostapd to reject association with
any station that does not support HT PHY.
2011-02-09 15:08:47 +02:00
Jouni Malinen
d601247ca9 P2P: Allow WPS_PBC command on GO to select on P2P Device Address
An optional parameter, p2p_dev_addr, can now be given to WPS_PBC
command on P2P GO to indicate that only the P2P device with the
specified P2P Device Address is allowed to connect using PBC. If
any other device tries to use PBC, a session overlap is indicated
and the negotiation is rejected with M2D. The command format for
specifying the address is "WPS_PBC p2p_dev_addr=<address>", e.g.,
WPS_PBC p2p_dev_addr=02:03:04:05:06:07

In addition, show the PBC session overlap indication as a WPS failure
event on an AP/GO interface. This particular new case shows up as
"WPS-FAIL msg=4 config_error=12".
2011-02-07 18:28:36 +02:00
Ben Greear
379ff7b9d4 hostapd: Add iface-name wpa_msg() callback registration
This allows the interface name to be automatically
added to log file lines by the core logging logic.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-02-06 20:50:32 +02:00
Ben Greear
b41a47c03f hostapd: Allow logging to file
Also supports 'relog' CLI command to re-open the log file.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-02-06 20:24:16 +02:00
Johannes Berg
6905dcb1e0 AP: Introduce sta authorized wrappers
To enable making state change notifications on the WLAN_STA_AUTHORIZED
flag, introduce ap_sta_set_authorized(), and to reduce use of the flag
itself also add a wrapper for testing the flag: ap_sta_is_authorized().

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-02 16:52:32 +02:00
Johannes Berg
d2da224948 AP: Enable WMM with default parameters by default for HT
If WMM is not disabled explicitly (wmm_enabled=0 in hostapd.conf),
enable WMM automatically whenever HT (ieee80211n) is enabled. Use
the default WMM parameters for AP TX queues and the EDCA parameters
advertised for stations in WMM IE if no overriding values are
included in the configuration.
2011-02-01 14:34:12 +02:00
Mike Crowe
9669794dc4 hostapd: Ensure that the destination directory exists
Ensure that the destination binary directory exists before installing
into it.

Signed-off-by: Mike Crowe <mac@mcrowe.com>
2011-01-30 21:33:17 +02:00
Mike Crowe
590595edba Use DESTDIR when installing hostapd to support cross-compiling
Signed-off-by: Mike Crowe <mac@mcrowe.com>
2011-01-30 21:32:44 +02:00
Jouni Malinen
1161ff1ef5 hostapd: Allow TDLS use to be prohibited in the BSS
tdls_prohibit=1 and tdls_prohibit_chan_switch=1 and now be used to
disable use of TDLS or TDLS channel switching in the BSS using
extended cabilities IE as defined in IEEE 802.11z.
2011-01-28 19:21:59 +02:00
Johannes Berg
0d7e5a3a29 Allow AP mode to disconnect STAs based on low ACK condition
The nl80211 driver can report low ACK condition (in fact it reports
complete loss right now only). Use that, along with a config option, to
disconnect stations when the data connection is not working properly,
e.g., due to the STA having went outside the range of the AP. This is
disabled by default and can be enabled with disassoc_low_ack=1 in
hostapd or wpa_supplicant configuration file.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-12-28 17:15:01 +02:00
Jouni Malinen
51e2a27a21 hostapd_driver_ops reduction
set_sta_vlan, get_inact_sec, sta_deauth, sta_disassoc, and sta_remove
to use inline functions instead of extra abstraction.
2010-11-24 15:36:02 +02:00
Jouni Malinen
bbb921daaa Maintain internal entropy pool for augmenting random number generation
By default, make hostapd and wpa_supplicant maintain an internal
entropy pool that is fed with following information:

hostapd:
- Probe Request frames (timing, RSSI)
- Association events (timing)
- SNonce from Supplicants

wpa_supplicant:
- Scan results (timing, signal/noise)
- Association events (timing)

The internal pool is used to augment the random numbers generated
with the OS mechanism (os_get_random()). While the internal
implementation is not expected to be very strong due to limited
amount of generic (non-platform specific) information to feed the
pool, this may strengthen key derivation on some devices that are
not configured to provide strong random numbers through
os_get_random() (e.g., /dev/urandom on Linux/BSD).

This new mechanism is not supposed to replace proper OS provided
random number generation mechanism. The OS mechanism needs to be
initialized properly (e.g., hw random number generator,
maintaining entropy pool over reboots, etc.) for any of the
security assumptions to hold.

If the os_get_random() is known to provide strong ramdom data (e.g., on
Linux/BSD, the board in question is known to have reliable source of
random data from /dev/urandom), the internal hostapd random pool can be
disabled. This will save some in binary size and CPU use. However, this
should only be considered for builds that are known to be used on
devices that meet the requirements described above. The internal pool
is disabled by adding CONFIG_NO_RANDOM_POOL=y to the .config file.
2010-11-24 01:29:40 +02:00
Jouni Malinen
e5851439e3 Fix hlr_auc_gw build with CONFIG_WPA_TRACE=y 2010-11-24 01:10:48 +02:00
Jouni Malinen
3642c4313a Annotate places depending on strong random numbers
This commit adds a new wrapper, random_get_bytes(), that is currently
defined to use os_get_random() as is. The places using
random_get_bytes() depend on the returned value being strong random
number, i.e., something that is infeasible for external device to
figure out. These values are used either directly as a key or as
nonces/challenges that are used as input for key derivation or
authentication.

The remaining direct uses of os_get_random() do not need as strong
random numbers to function correctly.
2010-11-24 01:05:20 +02:00
Jouni Malinen
5bf49c346c Drop local stations on broadcast deauth/disassoc request
When hostapd_cli deauth/disassoc is used with ff:ff:ff:ff:ff:ff
address, drop all local STA entries in addition to sending out the
broadcast deauth/disassoc frame.
2010-11-10 17:09:31 +02:00
Jouni Malinen
1b6dbec626 Fix a typo in the comment 2010-11-10 14:23:57 +02:00
Yogesh Ashok Powar
6950b2caa8 hostapd: Prohibit WEP configuration when HT is enabled
WFA 11n testing does not allow WEP when IEEE 802.11n is enabled.
Reject such combination when parsing hostapd configuration file.

Signed-off-by: Yogesh Ashok Powar <yogeshp@marvell.com>
2010-11-09 16:49:03 +02:00
Helmut Schaa
f5798bf36a hostapd: Add comment about CONFIG_FULL_DYNAMIC_VLAN to defconfig
Add comment about CONFIG_FULL_DYNAMIC_VLAN to defconfig. By default
this feature is still disabled.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
2010-11-09 16:38:59 +02:00
Felix Fietkau
d3b4286967 Allow client isolation to be configured (ap_isolate=1)
Client isolation can be used to prevent low-level bridging of frames
between associated stations in the BSS. By default, this bridging is
allowed.
2010-11-09 16:27:15 +02:00
Felix Fietkau
d38ae2ea85 Add bridge handling for WDS STA interfaces
By default, add them to the configured bridge of the AP interface
(if present), but allow the user to specify a separate bridge.
2010-11-09 16:12:42 +02:00
Jouni Malinen
7e3c178142 Remove unused TX queue parameters related to Beacon frames
These are not used by any driver wrapper, i.e., only the four
data queues (BK, BE, VI, VO) are configurable. Better remove these
so that there is no confusion about being able to configure
something additional.
2010-11-05 01:23:17 +02:00
Jouni Malinen
acec8d3203 Add ctrl_iface command 'GET version'
This can be used to fetch the wpa_supplicant/hostapd version
string.
2010-10-31 17:07:31 +02:00
Dmitry Shmidt
ae6e1bee67 Add WPA_IGNORE_CONFIG_ERRORS option to continue in case of bad config
This is an option to continue with wpa_supplicant and hostapd even if
config file has errors. The problem is that these daemons are the best
"candidates" for the config change, so if they can not start because
config file was let's say corrupted, you can not fix it easily.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2010-10-31 12:38:49 +02:00
Jouni Malinen
450eddcfae hostapd: Add wps_config ctrl_interface command for configuring AP
This command can be used to configure the AP using the internal
WPS registrar. It works in the same way as new AP settings received
from an ER.
2010-10-21 16:49:41 +03:00
Jouni Malinen
2c8a4eef41 WPS: Update Beacon/ProbeResp IE on wps_version_number changes
This test command is supposed to change the WPS version number in all
places immediately, so make sure that the IEs used in management
frames get updated immediately.
2010-10-19 19:57:01 +03:00
Jouni Malinen
dce044cce5 P2P: Extend P2P manager functionality to work with driver MLME
Add P2P IE into Beacon, Probe Response, and (Re)Association Request
frames for drivers that generate this frames internally.
2010-10-08 18:16:07 +03:00
Jouni Malinen
088a225586 Fix hostapd_cli get_config not to show key when WPA is disabled
Previously, incorrectly configured passphrase or group cipher type
could be shown even if WPA was disabled.
2010-10-08 17:36:52 +03:00
Jouni Malinen
01cf713e51 Fix .gitignore files to not ignore subdirectory matches
The previous used .gitignore files were mathing some files that
were actually already in the repository (e.g.,
hostapd/logwatch/hostapd). Avoid this by listing the conflicting
entries in the root directory .gitignore with full path.
2010-10-07 11:04:16 +03:00
Jouni Malinen
235f69fcd6 Mark ctrl_iface RX debug for PING commands excessive
This cleans up debug log from unnecessary entries when using
wpa_cli/hostapd_cli or other ctrl_iface monitors that PING
periodically to check connectivity.
2010-09-24 15:50:13 -07:00
Jouni Malinen
f61039c75f WPS 2.0: Disable WPS if ignore_broadcast_ssid or WEP is used
These combinations are disallowed in WPS 2.0 (and do not work well
(or at all) with many deployed WPS 1.0 devices either).
2010-09-24 15:17:03 -07:00
Jouni Malinen
403b96fe4f WPS: Add hostapd_cli get_config command
This can be used by a WPS UI to display the current AP configuration.
2010-09-23 12:02:28 -07:00
Jouni Malinen
3981cb3cb8 WPS: Add wps_check_pin command for processing PIN from user input
UIs can use this command to process a PIN entered by a user and to
validate the checksum digit (if present).
2010-09-23 10:30:52 -07:00
Jouni Malinen
b4e34f2fdf WPS: Make testing operations configurable at runtime
Instead of build time options (CONFIG_WPS_TESTING_EXTRA_CRED and
CONFIG_WPS_EXTENSIBILITY_TESTING), use a single build option
(CONFIG_WPS_TESTING) and runtime configuration of which testing
operations are enabled. This allows a single binary to be used
for various tests.

The runtime configuration can be done through control interface
with wpa_cli/hostapd_cli commands:
Enable extensibility tests:
set wps_version_number 0x57
Disable extensibility tests (WPS2 build):
set wps_version_number 0x20
Enable extra credential tests:
set wps_testing_dummy_cred 1
Disable extra credential tests:
set wps_testing_dummy_cred 0
2010-09-21 19:51:23 -07:00
Dan Harkins
df684d82ff EAP-pwd: Add support for EAP-pwd server and peer functionality
This adds an initial EAP-pwd (RFC 5931) implementation. For now,
this requires OpenSSL.
2010-09-14 21:51:40 -10:00
Jouni Malinen
31fd64cc2f P2P: Add forgotten allow_cross_connection example 2010-09-09 07:17:20 -07:00
Jouni Malinen
962473c136 P2P: Add preliminary P2P Manager AP support for hostapd 2010-09-09 07:17:18 -07:00
Jouni Malinen
cae67937ca WPS: Fix CONFIG_WPS_STRICT build option
This was not supposed to be depending on CONFIG_WPS_NFC.
2010-09-09 06:07:49 -07:00
Jouni Malinen
53587ec183 WPS 2.0: Make WSC 2.0 support to be build option (CONFIG_WPS2)
For now, the default build will only include WSC 1.0 support.
CONFIG_WPS2=y can be used to add support for WSC 2.0.
2010-09-09 06:07:48 -07:00
Jouni Malinen
54f489be45 WPS 2.0: Validate WPS attributes in management frames and WSC messages
If CONFIG_WPS_STRICT is set, validate WPS IE(s) in management frames and
reject the frames if any of the mandatory attributes is missing or if an
included attribute uses an invalid value. In addition, verify that all
mandatory attributes are included and have valid values in the WSC
messages.
2010-09-09 06:07:48 -07:00
Jouni Malinen
6a857074f4 WPS 2.0: Add virtual/physical display and pushbutton config methods 2010-09-09 06:07:47 -07:00
Jouni Malinen
31fcea931d WPS 2.0: Add support for AuthorizedMACs attribute
Advertize list of authorized enrollee MAC addresses in Beacon and
Probe Response frames and use these when selecting the AP. In order
to provide the list, the enrollee MAC address should be specified
whenever adding a new PIN. In addition, add UUID-R into
SetSelectedRegistrar action to make it potentially easier for an AP
to figure out which ER sent the action should there be multiple ERs
using the same IP address.
2010-09-09 06:07:47 -07:00
Jouni Malinen
b070460b1a Fix hostapd build with CONFIG_IEEE80211N but without NEED_AP_MLME 2010-09-05 12:41:15 +03:00
Jouni Malinen
5a1cc30f1a WPS: Add support for dynamic AP PIN management
A new hostapd_cli command, wps_ap_pin, can now be used to manage
AP PIN at runtime. This can be used to generate a random AP PIN and
to only enable the AP PIN for short period (e.g., based on user
action on the AP device). Use of random AP PIN that is only enabled
for short duration is highly recommended to avoid security issues
with a static AP PIN.
2010-08-24 16:35:37 +03:00
Jouni Malinen
7f6ec672ea EAP server: Add support for configuring fragment size 2010-07-20 22:56:10 -07:00
Jouni Malinen
a33c5f96b8 Fix a typo in Disassociation frame building
This did not really change any behavior since Deauthentication frame
uses the same format.
2010-07-17 20:23:20 -07:00
Jouni Malinen
be48214d2b Preparations for 0.7.2 release 2010-04-18 18:02:34 +03:00
Jouni Malinen
125c74cd80 WPS: Include CONFIG_EAP automatically if WPS is enabled 2010-04-17 22:05:18 +03:00
Masashi Honma
5008cb5e55 Support for Solaris default shell restriction
Some shells (like Solaris default /bin/sh) doesn't allow -e
option for file existence check. Use -f instead.
2010-04-17 17:15:23 +03:00
Jouni Malinen
488d0934ab hostapd_cli: Add deauth/disassoc commands to usage help 2010-04-11 21:00:16 +03:00
Yogesh Ashok Powar
721abef9b3 Allow advertising of U-APSD functionality in Beacon
hostapd does not implement UAPSD functionality. However, if U-APSD
functionality is implemented outside hostapd, add support to advertise
the functionality in beacon.

Signed-off-by: yogeshp@marvell.com
2010-04-11 11:32:15 +03:00
Jouni Malinen
b242d398f8 Use more os.h wrapper functions in hostapd_cli 2010-04-07 11:40:34 +03:00
Gregory Detal
bae9217474 Add support for action scripts in hostapd_cli 2010-04-07 11:14:54 +03:00
Gregory Detal
bb437f282b AP: Add wpa_msg() events for EAP server state machine 2010-04-07 11:13:14 +03:00
Michael Buesch
2c657c8dcd hostapd: Use cp -f in make install
If hostapd is running, a make install fails with
cp: cannot create regular file `/usr/local/bin/hostapd': Text file busy

Use cp -f to avoid this error and force-override the file.

Signed-off-by: Michael Buesch <mb@bu3sch.de>
2010-04-06 17:12:17 +03:00
Jouni Malinen
b91ab76e8c Add test commands for sending deauth/disassoc without dropping state
This can be used to test 802.11w by sending a protected or unprotected
deauth/disassoc frame.

hostapd_cli deauth <dst addr> test=<0/1>
hostapd_cli disassoc <dst addr> test=<0/1>

test=0: unprotected
test=1: protected
2010-03-29 12:01:40 -07:00
Jouni Malinen
90a3206a14 Add deauthenticate/disassociate ctrl_iface commands 2010-03-29 11:14:57 -07:00
Jouni Malinen
921a278604 Fix a typo in r1kh config parameter description
The second item on the line is R1KH-ID, not R0KH-ID.
2010-03-07 21:16:42 +02:00
Jouni Malinen
23e2550c0e Remove unneeded CONFIG_EAP comments
These are not needed for WPS builds since CONFIG_WPS=y enables all
the needed EAP components.
2010-03-06 16:40:53 +02:00
Jouni Malinen
94d9bfd59b Rename EAP server source files to avoid duplicate names
This makes it easier to build both EAP peer and server functionality
into the same project with some toolchains.
2010-02-19 18:54:07 +02:00
Jouni Malinen
dff0f701d0 Preparations for v0.7.1 release 2010-01-16 19:04:38 +02:00
Jouni Malinen
94627f6cc8 hostapd: Detect bridge interface automatically
This makes the bridge parameter unnecessary for cases where the interface
is already in a bridge and sysfs is mounted to /sys so that the detection
code works.

For nl80211, the bridge parameter can be used to request the AP
interface to be added to the bridge automatically (brctl may refuse to
do this before hostapd has been started to change the interface mode).
If needed, the bridge interface is also created.
2010-01-16 15:19:58 +02:00
Jouni Malinen
73b217570c Fix linking of nt_password_hash
Need to use conditional linking of some crypto functionality and add
couple of additional object files. [Bug 343]
2010-01-16 10:38:53 +02:00
Jouni Malinen
f5455a2dbd Verify that os_get_random() success for SA Query id 2010-01-10 22:28:21 +02:00
Jouni Malinen
9a8d8b3db5 Close config file on error path 2010-01-09 22:29:41 +02:00
Masashi Honma
953f0f6333 bsd: Add support for WPA_TRACE and WPA_TRACE_BFD
On FreeBSD 8.0, WPA_TRACE and WPA_TRACE_BFD functionality build fails.
2010-01-09 11:01:12 +02:00
Jouni Malinen
d1f9c410c1 Remove src/drivers/scan_helpers.c
Most of this file was already moved into wpa_supplicant/scan.c and
we can remove the file completely by having couple of small helper
functions copied to the remaining users outside core wpa_supplicant
code.
2010-01-03 20:27:32 +02:00
Jouni Malinen
9078adfc8c hostapd: Fix deinit on initialization failure 2010-01-03 10:54:14 +02:00
Jouni Malinen
f7c4783379 Split hostapd_interface_deinit() into deinit and free parts
This allows the driver interface to be deinitialized before
struct hostapd_data instance gets freed. This needs to be done so
that the driver wrapper does not maintain a context pointer to
freed memory.
2009-12-27 21:31:13 +02:00
Jouni Malinen
81f4f6195e Include header files explicitly in *.c, not via header files 2009-12-26 00:31:51 +02:00
Jouni Malinen
6226e38d00 Rename some src/ap files to avoid duplicate file names
Doxygen and some build tools may get a bit confused about same file
name being used in different directories. Clean this up a bit by
renaming some of the duplicated file names in src/ap.
2009-12-26 00:05:40 +02:00
Jouni Malinen
1b56c26c40 Get rid of direct hostapd_for_each_interface() calls
src/ap/*.c must not call functions in hostapd or wpa_supplicant
directories directly, so avoid this by using a callback function
pointer.
2009-12-25 20:12:26 +02:00
Jouni Malinen
70db2ab308 Move rest of the generic AP mode functionality into src/ap 2009-12-25 20:06:07 +02:00
Jouni Malinen
8c5fe31fe8 Move driver deinitialization away from hostapd.c
This matches with the earlier change of moving driver initialization
and allows more control on how the driver context is managed.
2009-12-25 18:32:44 +02:00
Jouni Malinen
a4f2110934 Clean up some of the hostapd.h function prototype definitions
Not all prototypes in hostapd.h really belong there. This is an initial
step in cleaning that up.
2009-12-25 14:20:35 +02:00
Jouni Malinen
0aef3ec832 Move hostapd_prune_associations() into ap/utils.c 2009-12-25 14:06:26 +02:00
Jouni Malinen
c442055ecf Move WPA authenticator glue code into a separate file 2009-12-25 14:02:17 +02:00
Jouni Malinen
2586bc64d0 Move authentication server setup into separate file 2009-12-25 13:43:43 +02:00
Jouni Malinen
ad44e244b1 Move iapp.c into src/ap 2009-12-25 13:04:45 +02:00
Jouni Malinen
0e2d35c614 Move ctrl_iface_ap.c into src/ap 2009-12-25 12:25:55 +02:00
Jouni Malinen
e5f2b59c7e Move hostapd driver initialization away from hostapd.c
This makes it easier to customize AP mode initialization for
wpa_supplicant.
2009-12-25 12:21:11 +02:00
Jouni Malinen
bee07ce805 hostapd: Do not call eloop_terminate() on interface setup failure
The caller is able to handle the error code properly and there is no
need to forcefully stop the eloop run here.
2009-12-25 11:51:20 +02:00
Jouni Malinen
32da61d9c9 Move wps_hostapd.c into src/ap 2009-12-25 01:26:37 +02:00
Jouni Malinen
1057d78eb8 Move generic AP functionality implementation into src/ap
This code can be shared by both hostapd and wpa_supplicant and this
is an initial step in getting the generic code moved to be under the
src directories. Couple of generic files still remain under the
hostapd directory due to direct dependencies to files there. Once the
dependencies have been removed, they will also be moved to the src/ap
directory to allow wpa_supplicant to be built without requiring anything
from the hostapd directory.
2009-12-25 01:12:50 +02:00
Jouni Malinen
6d1278e998 Remove direct driver calls from tkip_countermeasures.c 2009-12-25 00:39:22 +02:00
Jouni Malinen
2ce86d9d72 Remove direct driver calls from ieee802_11.c 2009-12-25 00:35:10 +02:00
Jouni Malinen
bdee6fceb9 Remove direct driver calls from sta_info.c 2009-12-25 00:30:16 +02:00
Jouni Malinen
36592d31c1 Remove direct driver calls from vlan_init.c 2009-12-25 00:17:07 +02:00
Jouni Malinen
677449b97e Remove direct driver calls from beacon.c 2009-12-25 00:10:31 +02:00
Jouni Malinen
2f3e0bd4d4 Remove need for direct driver calls from ieee802_11_auth.c 2009-12-24 23:49:19 +02:00
Jouni Malinen
d24df7c33d Avoid direct call to hostapd_new_assoc_sta from ieee802_11.c 2009-12-24 23:42:13 +02:00
Jouni Malinen
a2de634d1c Removed hostapd_new_assoc_sta() from driver wrapper API
This is not called directly by any of the driver wrappers anymore, so
the function can be removed from driver.h and drv_callbacks.c.
2009-12-24 23:30:32 +02:00
Jouni Malinen
94709ea358 Avoid a direct call to drv_callbacks.c from beacon.c 2009-12-24 23:20:53 +02:00
Jouni Malinen
010401fe65 Move hostapd_set_drv_ieee8021x() into ap_drv_ops 2009-12-24 23:17:11 +02:00
Jouni Malinen
4c2ddda495 Move hostapd-to-driver flag mapping to be within ap_drv_ops.c 2009-12-24 23:11:16 +02:00
Jouni Malinen
d3b86aed73 Move wpa_drivers dependency into config_file.c
This cleans up config.o from driver wrapper dependencies.
2009-12-24 22:50:17 +02:00
Jouni Malinen
a3d4fafa41 Remove direct driver calls from accounting.c 2009-12-24 22:24:57 +02:00
Jouni Malinen
41d719d6e0 Move hostapd configuration parser into separate file
config.c includes now only the generic helper functions that are needed
both for hostapd and the AP mode operations in wpa_supplicant.
hostapd/config_file.c is only needed for hostapd.
2009-12-24 21:05:40 +02:00
Jouni Malinen
45cefa0bf3 Move more driver ops into struct hostapd_driver_ops
This removes need to include driver_i.h into ieee802_1x.c.
2009-12-24 20:41:30 +02:00
Jouni Malinen
579bc0e64c Move hostapd_set_privacy() call to hostapd.c
IEEE 802.1X code does not need to know about this driver configuration
mechanism and all the other calls were already in hostapd.c.
2009-12-24 20:18:55 +02:00
Jouni Malinen
c90933d2a3 Use hostapd driver op wrapper for send_mgmt_frame 2009-12-24 20:13:44 +02:00
Jouni Malinen
14f7938660 Merge driver ops set_wps_beacon_ie and set_wps_probe_resp_ie
set_ap_wps_ie() is not used to set WPS IE for both Beacon and Probe
Response frames with a single call. In addition, struct wpabuf is used
instead of separate u8* and length fields. This avoids duplicated
allocation of the IEs and simplifies code in general.
2009-12-24 19:46:06 +02:00
Jouni Malinen
bf65bc638f hostapd: Use separate driver operations abstraction
It would be bettet to avoid including driver_i.h, i.e., direct driver
operation calls from hostapd components. This is an initial step in
that direction for WPS IE updates.
2009-12-24 16:15:22 +02:00
Felix Fietkau
fbbfcbac29 hostapd: Add WDS (4-address frame) mode with per-station interfaces
This mode allows associated stations to use 4-address frames to allow
layer 2 bridging to be used. At least for the time being, this is only
supported with driver=nl80211.
2009-12-24 11:46:22 +02:00
Jouni Malinen
96603e4fe1 Comment CONFIG_WPA_TRACE_BFD=y out by default 2009-12-23 23:20:11 +02:00
Jouni Malinen
79d6c85ffd Fix memory leak in config freeing
Both supported_rates and basic_rates arrays must be freed when freeing
hostapd configuration.
2009-12-21 22:22:49 +02:00
Jouni Malinen
094393b144 Copy config_methods and device_type configuration for AP mode 2009-12-21 16:10:21 +02:00
Jouni Malinen
c0e4dd9eeb WPS: Make Config Methods configurable for wpa_supplicant
This adds config_methods configuration option for wpa_supplicant
following the design used in hostapd. In addition, the string is
now parsed in common code from src/wps/wps_common.c and the list
of configurable methods include all the defined methods from
WPS 1.0h spec.
2009-12-21 15:59:25 +02:00
Jouni Malinen
f3f2eeba01 WPS: Add option for forcing Registrar to use PSK format in Credential
The use_psk_key parameter can now be used to force the Registrar to
use PSK format instead of ASCII passphrase when building a Credential
for the Enrollee. For now, this is not enabled, but it could be enabled
either based on external (to WPS) configuration or automatically set
based on some WPS attribute values from the Enrollee.
2009-12-21 12:46:19 +02:00
Jouni Malinen
0ae687bd10 AP: Allow both WPA passphrase and PSK to be configured
Instead of dropping the configured PSK and deriving it based on
passphrase, use the provided PSK as-is and also maintain a copy of
the passphrase since it can be of use later. This allows both values
to be configured without havign to derive the PSK every time the
network is initialized.
2009-12-21 12:11:08 +02:00
Jouni Malinen
b22b41ee87 Describe tracing build options for developers 2009-12-20 23:41:06 +02:00
Jouni Malinen
f2f7d965b8 Add option libbfd support for tracing code
CONFIG_WPA_TRACE=y and CONFIG_WPA_TRACE_BFD=y can now be used to get
even more complete symbols (func/file/line and inline functions) for
backtraces.
2009-12-20 23:35:06 +02:00
Jouni Malinen
3433ed8c03 hostapd_cli: Use os_program_{init,deinit} 2009-12-19 22:26:36 +02:00
Jouni Malinen
fb4baa688b Add memory allocation analyzer to verify OS wrapper use
WPA_TRACE=y builds will now verify that memory allocation in done
consistently using os_{zalloc,malloc,realloc,strdup,free} (i.e., no
mixing of os_* functions and unwrapper functions). In addition, some
common memory allocation issues (double-free, memory leaks, etc.) are
detected automatically.
2009-12-19 21:47:56 +02:00
Jouni Malinen
80d77c31ff hostapd: Call os_program_{init,deinit}() 2009-12-19 20:55:17 +02:00
Jouni Malinen
0456ea16d8 eloop: Remove global user data pointer
This is not really needed since all signal handlers can use a context
pointer provided during signal handler registration.
2009-12-19 19:22:16 +02:00
Jouni Malinen
9969e5a46a Make hostapd_for_each_interface() take context pointer as argument
This removes need for using eloop_get_user_data().
2009-12-19 19:07:31 +02:00
Jouni Malinen
930f704aac Add backtrace support for debugging
WPA_TRACE=y can now be used to enable internal backtrace support that
will provide more details about implementation errors, e.g., when some
resources are not released correctly. In addition, this will print out
a backtrace automatically if SIGSEGV is received.
2009-12-19 18:40:54 +02:00
Jouni Malinen
1489e11a94 Make struct radius_msg private to radius.c
This is internal data structure for RADIUS message handling and
external code should not touch it directly.
2009-12-19 17:26:57 +02:00
Jouni Malinen
9e7245bdb4 Change radius_msg_free() to free the buffer
Since all callers were freeing the buffer immediately anyway, move
this operation into radius_msg_free() to reduce code size.
2009-12-19 16:34:41 +02:00
Jouni Malinen
b57e086cc1 Mark management frame processing functions to use const buffer 2009-12-13 23:25:30 +02:00
Jouni Malinen
ba091c06c5 Mark ieee802_11_parse_elems() input and parsed elems const
In addition, re-order IE pointers and u8 length so that the shorter
length fields are together to allow compiler to optimize structure size.
2009-12-13 23:11:11 +02:00
Jouni Malinen
f8b1f69561 Use generic driver events for TX status and RX reporting
Replace driver wrapper calls to hostapd_tx_status(),
hostapd_rx_from_unknown_sta(), hostapd_mgmt_rx(), and
hostapd_mgmt_tx_cb() with new generic driver events
EVENT_TX_STATUS, EVENT_RX_FROM_UNKNOWN, and EVENT_RX_MGMT.

This cleans up lot of the driver wrapper code to be less dependent
on whether it is being used within wpa_supplicant AP mode or hostapd.
2009-12-13 23:05:39 +02:00
Jouni Malinen
fcf0f87d97 Replace hostapd_button_pushed() with generic driver event 2009-12-13 21:21:10 +02:00
Jouni Malinen
f2dab64ee3 Fix EVENT_FT_RRB_RX processing 2009-12-13 21:19:02 +02:00
Jouni Malinen
1cd973d501 Replace hostapd_michael_mic_failure() with generic driver event 2009-12-13 21:17:11 +02:00
Jouni Malinen
8043e72589 Add BSS ctx to if_add() driver op
This remove the need from driver_test.c to go through internal hostapd
structures to find the appropriate BSS when reporting events on secondary
BSSes.
2009-12-13 18:54:11 +02:00
Jouni Malinen
9b5d2b8b9c Merge hostapd/sta_flags.h into sta_info.h
The separate header file is not needed since none of the driver wrappers
include it anymore. Move the WLAN_STA_* definitions back to be together
with struct sta_info definition.
2009-12-13 11:41:46 +02:00
Jouni Malinen
0de39516ae Map STA flags into values defined in driver.h
This removes need for including hostapd/sta_flags.h into driver
wrappers and removes any remaining dependencies between driver flags
and internal hostapd flags.
2009-12-13 11:35:39 +02:00
Jouni Malinen
a34325dde9 Remove unneeded hostapd_wmm_sta_config()
The WMM STA flag is already taken care of by handle_assoc_cb() and there
is no point trying to do this unless hostapd is taking care MLME
processing, so no need to call this from drv_callbacks.c.
2009-12-13 11:14:21 +02:00
Jouni Malinen
60c8cfb4fb Remove usused flags parameter from sta_add() driver op 2009-12-13 11:05:22 +02:00
Jouni Malinen
af586419fd Add more WPA/IEEE 802.1X parameters into set_ieee8021x() driver op
This gets rid of the need to touch internal hostapd data structures
directly from the driver wrappers.
2009-12-12 23:50:29 +02:00
Jouni Malinen
e3bd3912ca Change set_ieee8021x driver op to use parameters structure
This makes it easier to extent the set of parameters passed to
this driver wrapper function.
2009-12-12 23:32:44 +02:00
Jouni Malinen
08fd8c15a0 Replace direct driver call to wpa_ft_rrb_rx() with driver event
This avoids need to include hostapd/wpa.h into the driver wrappers.
2009-12-12 22:43:26 +02:00
Jouni Malinen
50b5bf4eda Remove obsolete Prism54.org driver support (driver_prism54.c)
The Prism54.org project seems have been dead for a while and it does not
look like this driver would ever be maintained again. Furthermore, it is
difficult to find a version that would work with the driver_prism54.c
wrapper and there is another driver for these card in the Linux kernel
tree.

The hostapd integration in driver_prism54.c is quite different from the
other driver wrappers and would require major effort to get it cleaned
up. Since there does not seem to be any real users for the cleaned up
version, there does not seem to be justification to spend this effort on
the wrapper. This old code is making it much more difficult to clean up
the driver interface and at this point, the best option seems to be to
remove the driver wrappers. Should someone really still need this, the
old code will continue to be available in hostapd 0.6.x.
2009-12-12 20:52:12 +02:00
Jouni Malinen
0531006644 driver_wired: Move STA entry processing away from driver wrapper
Get rid of hostapd/sta_info.h dependency by introducing a new driver
callback function for hostapd.
2009-12-12 20:39:25 +02:00
Jouni Malinen
7e683ceeb4 WPS: Handle Selected Registrar as a union of info from all Registrars
Instead of using the latest selected registrar change, collect selected
registrar information separately from all registrars and use the union
of this information when building the WPS IE for Beacon and Probe
Response frames.

Note: SetSelectedRegistrar UPnP action does not include a unique
identifier, so the ER matching routine is based only on the IP address
of the ER. In theory, there could be multiple ERs using the same IP
address (but different port or URL), so there may be some corner cases
that would not always match the correct ER entry at the AP. Anyway, this
is not really expected to occur in normal use cases and even if it did
happen, the selected registrar information is not any worse than it was
before when only the last change from any registrar for being
advertized.
2009-12-12 16:54:59 +02:00
Jouni Malinen
5e9c730a2b WPS: Remove unnecessary GetDevice and PutMessage callbacks
These callbacks can be handled internally within core WPS code, so there
is no need to go through wps_hostapd.c with a callback function that is
just calling back into the core WPS code.
2009-12-12 16:47:39 +02:00
Jouni Malinen
d0d45d8276 WPS: Remove unnecessary SetSelectedRegistrar callback
This can be handled internally within core WPS code, so there is no
need to go through wps_hostapd.c with a callback function that is just
calling back into the core WPS code.
2009-12-12 16:46:33 +02:00
Jouni Malinen
50ceddcfd6 Fix dh_groups.o build for some configurations
Need to include dh_groups.o in the build even if not all DH groups
are included. Only internal crypto build case was doing this properly.
2009-12-11 17:24:42 +02:00
Jouni Malinen
616ea674c8 Fix hostapd build without RADIUS server 2009-12-11 16:29:28 +02:00
Jouni Malinen
9008a3e44d Merge get_seqnum_igtk() driver op with get_seqnum()
IEEE 802.11w uses distinct key indexes (4 and 5) so the same
get_seqnum() handler can be used to fetch packet number for both
TKIP/CCMP and BIP(using IGTK).

Since the new get_seqnum_igtk() handler was not actually implemented by
any driver wrapper, this may also fix BIP/IGTK sequence number reporting
with driver_nl80211.c.
2009-12-11 00:15:54 +02:00
Jouni Malinen
3484a18a13 hostapd: Remove unused bridge_packets configuration option
There was code for configuring this, but no driver wrapper actually
implements the actual setting. Remove this for now to reduce potential
confusion and to simply the driver interface.
2009-12-09 22:06:43 +02:00
Jouni Malinen
fb7842aa51 Remove struct hostapd_rate_data from driver API
In addition to the bitrate, the only other variable in this structure
is used internally in hostapd. Move this structure into hostapd.h and
make the driver API use simpler data structure (array of bitrates).
2009-12-09 21:57:50 +02:00
Jouni Malinen
22a7c9d735 Merge bss_add/bss_remove drivers ops into if_add/if_remove
if_add/if_remove can now be used as the generic driver ops for adding
and removing virtual interfaces of various types. In addition,
driver_nl80211.c is now including this code unconditionally, so that
the functions are not limited only for hostapd.
2009-12-09 16:49:28 +02:00
Jouni Malinen
b5996353e7 Remove unused if_update() driver op 2009-12-09 15:47:20 +02:00
Jouni Malinen
95272a888c Fix conditional EAP-SIM/AKA DB code selection 2009-12-06 19:48:25 +02:00
Jouni Malinen
d45354be53 Move IEEE 802.11n HT management code into a separate file 2009-12-06 19:41:47 +02:00
Jouni Malinen
eb53b752df Remove unnecessary CONFIG_IEEE80211N use 2009-12-06 19:17:54 +02:00
Jouni Malinen
644a8f2208 Remove unused phytype RX info variable 2009-12-06 18:54:58 +02:00
Jouni Malinen
22a7f39f23 Remove unused hostapd reconfig code 2009-12-06 18:48:30 +02:00
Jouni Malinen
5c90d47657 Move EAP-SIM DB conditional build into hostapd 2009-12-06 18:23:53 +02:00
Jouni Malinen
74784010af Remove conditional no-RADIUS build from src/radius
Make it responsibility of the src/radius user to handle conditional
build rules.
2009-12-06 17:53:59 +02:00
Jouni Malinen
0e574b07f8 Move hlr_auc_gw into hostapd directory
This is a separate program and is used mainly with hostapd, so it is
better to move this into the hostapd subdirectory now that Milenage
code has already been moved into src/crypto. Milenage was the only
generic component in hlr_auc_gw.
2009-12-06 16:33:19 +02:00
Jouni Malinen
1a70777868 Remove unneeded CONFIG_INTERNAL_X509 and NEED_SHA256 defines 2009-12-06 16:19:13 +02:00
Jouni Malinen
be473f3f09 Split crypto_internal.c into parts to clean up build
This makes it easier to make src/libcrypto.a and only link in
code that is really used.
2009-12-06 14:37:46 +02:00
Jouni Malinen
127608152e Move EAP method registration away from src/eap_{peer,server}
This makes it easier to make a library out of EAP methods without
losing possiblity of binary size optimization by linker dropping
unreferenced code.
2009-12-06 11:28:41 +02:00
Jouni Malinen
be916e0012 Remove Milenage test from hostapd/Makefile 2009-12-05 21:27:19 +02:00
Jouni Malinen
43df4cc2ca Move milenage.[ch] into src/crypto 2009-12-05 21:00:52 +02:00
Jouni Malinen
05df8cb3f6 Fix hostapd build with WPS disabled 2009-12-04 00:29:10 +02:00
Jouni Malinen
362bd35f2d Add more Doxygen documentation for RADIUS server implementation 2009-12-02 21:29:32 +02:00
Jouni Malinen
e0e14a7bc3 Move internal EAPOL authenticator defines into their own file
This is an initial step in further cleaning up the EAPOL authenticator
use to avoid requiring direct accesses to the internal data structures.
For now, number of external files are still including the internal
definitions from eapol_auth_sm_i.h, but eventually, these direct
references should be removed.
2009-11-29 23:16:04 +02:00
Jouni Malinen
03da66bd59 Remove src/crypto from default include path
In addition, start ordering header file includes to be in more
consistent order: system header files, src/utils, src/*, same
directory as the *.c file.
2009-11-29 23:04:43 +02:00
Jouni Malinen
5586f500a0 Split handle_assoc() into number of helper functions 2009-11-29 22:14:57 +02:00
Jouni Malinen
9294bfefc7 Mark IE input to hostapd_eid_wmm_valid() const 2009-11-29 22:10:38 +02:00
Jouni Malinen
2a3c6f5077 Check AID availability before handling HT state updates on association 2009-11-29 21:11:10 +02:00
Jouni Malinen
df84268ae7 Allocate sta->ht_capabilities dynamically
This avoids need for conditional inclusion of header file into
sta_info.h and cleans up the code a bit.
2009-11-29 21:07:52 +02:00
Jouni Malinen
b60d6f61e4 Make HOSTAPD_DUMP_STATE configurable with CONFIG_NO_DUMP_STATE
This removes the hardcoded definition from Makefile and cleans up
source code by moving the mail HOSTAPD_DUMP_STATE blocks into separate
files to avoid conditional compilation within files.
2009-11-29 20:18:47 +02:00
Jouni Malinen
281c950be4 Move EAPOL authenticator state machine into src/eapol_auth
This is now completely independent from hostapd-specific code, so
it can be moved to be under the src tree.
2009-11-29 20:03:28 +02:00
Jouni Malinen
a2befd37cc Change EAPOL authenticator hapd pointers to be opaque context
This cleans up the eapol_sm.c interface to not depend on any
hostapd-specific data structures.
2009-11-29 19:49:14 +02:00
Jouni Malinen
d79b779204 Remove dependency on sta_info.h from eapol_sm.c
Instead of fetching WPS IE from struct sta_info, pass this as a
parameter to eapol_auth_alloc().
2009-11-29 19:40:47 +02:00
Jouni Malinen
ee58e87195 Make eapol_auth_initialize() static since it is internal to eapol_sm.c 2009-11-29 19:32:40 +02:00
Jouni Malinen
382942004f Add EAPOL authenticator event callback
This avoids direct calls to WPA authenticator from eapol_sm.c.
2009-11-29 19:31:50 +02:00
Jouni Malinen
c02d52b405 Get PMKSA cache status as EAPOL alloc flag
No need to have a direct call from EAPOL authenticator to WPA
authenticator to figure this out for log output.
2009-11-29 19:21:56 +02:00
Jouni Malinen
5ed1c08fcd Initialize EAPOL authenticator flags during allocation
Store both preauthentication and WPA use status with EAPOL flags.
2009-11-29 19:12:45 +02:00
Jouni Malinen
fa04fa1005 Include common/eapol_common.h explicit and fix eapol_auth_logger enum 2009-11-29 19:03:47 +02:00
Jouni Malinen
2773ca093e Replace eap_type_text() with EAP server methods function
While this may not include knowledge of all EAP methods since this
depends on build configuration, it is better to not have to include
ieee802_1x.h into eapol_sm.c.
2009-11-29 18:57:15 +02:00
Jouni Malinen
4dbfe5c58a Conver hostapd specific files to include common.h
Instead of getting this via hostapd.h, include it as the first
non-system header file in all source code files in the same way as
used in all other files.
2009-11-29 18:46:42 +02:00
Jouni Malinen
0c3abf8d22 Add driver wrapper callback for WPS push button pressed
This avoids the need to include ../hostapd/wps_hostapd.h into the
driver wrappers.
2009-11-29 18:18:02 +02:00
Jouni Malinen
bcd154c343 Include sta_flags.h explicitly, not via sta_info.h 2009-11-29 18:00:39 +02:00
Jouni Malinen
90973fb2fd Remove src/common from default header file path
This makes it clearer which files are including header from src/common.
Some of these cases should probably be cleaned up in the future not to
do that.

In addition, src/common/nl80211_copy.h and wireless_copy.h were moved
into src/drivers since they are only used by driver wrappers and do not
need to live in src/common.
2009-11-29 17:51:55 +02:00
Jouni Malinen
fc4e2d9501 HT: Remove unneeded struct ht_cap_ie wrapper
It is simpler to just use the HT Capabilities IE payload structure
as-is.
2009-11-29 13:04:21 +02:00
Jouni Malinen
3a328c8133 Remove unused/unneeded IEEE 802.11n definitions 2009-11-29 12:43:23 +02:00
Jouni Malinen
be8eb8ab3e Fix AP mode HT Capabilities IE to use A-MPDU Parameters from the driver
Instead of using hardcoded maximum A-MPDU length of 64 kB and no
restrictions on minimum MPDU Start Spacing, use the correct values
reported by the driver.
2009-11-29 12:21:26 +02:00
Jouni Malinen
a49148fd55 Rename HT Capabilities IE fields to match with IEEE Std 802.11n-2009 2009-11-29 12:02:29 +02:00
Jouni Malinen
5843e1c9a6 Move acct_interim_interval away from RADIUS client configuration
This is not used at all inside RADIUS client and as such, it belongs
into hostapd configuration.
2009-11-28 23:03:20 +02:00
Jouni Malinen
41fa8a892f Remove old wpa_supplicant/hostapd doxygen files 2009-11-28 21:24:15 +02:00
Jouni Malinen
96750ea5e5 WPS: Clean up Primary Device Type handling
Use shared functions for converting Primary Device Type between binary
and string formats. In addition, use array of eight octets instead of a
specific structure with multiple fields to reduce code complexity.
2009-11-26 11:39:29 +02:00
Jouni Malinen
73d0ad78c8 Fix internal crypto build with some configurations
crypto_internal.c requires both aes-internal-enc.o and
aes-internal-dec.o, so make sure they get included in the build when
using internal crypto.
2009-11-24 10:24:54 +02:00
Jouni Malinen
4a867032ae Remove deprecated driver_ops handlers
This gets rid of previously deprecated driver_ops handlers set_wpa,
set_drop_unencrypted, set_auth_alg, set_mode. The same functionality
can be achieved by using the init/deinit/associate handlers.
2009-11-23 20:22:38 +02:00
Jouni Malinen
642187d6bf Merge set_key and hapd_set_key driver_ops into a single function 2009-11-23 16:58:32 +02:00
Jouni Malinen
fd7a5dd15f Move HOSTAPD_MTU definition into driver_hostap.c
This moves the MTU definition into driver_hostap.c since it was really
meant to be specific to this driver. Since this was the last remaining
definition in hostapd_defs.h, remove that header file as unnecessary.
2009-11-23 16:21:07 +02:00
Jouni Malinen
d994a9b54e Move definitions away from hostapd_defs.h
Clean up definitions to reduce need to include header files from the
hostapd directory into files under the src subdirectories.
2009-11-23 16:14:39 +02:00
Jouni Malinen
5d67487244 Merge set_beacon driver_ops into a single one
Clean up driver interface by merging hostapd and wpa_supplicant
specific set_beacon driver_ops into a single one. In addition,
merge set_beacon_int into to the same operation.
2009-11-23 15:26:05 +02:00
Jouni Malinen
224f7bda79 Preparations for v0.7.0 release 2009-11-21 22:49:02 +02:00
Jouni Malinen
56360b16dc Update ChangeLog files for 0.7.0 release 2009-11-21 21:53:51 +02:00
Felix Fietkau
9510f00ff8 hostapd: Fix endian bugs in STA HT capability handling 2009-11-16 13:58:08 +02:00
Felix Fietkau
c6313c7505 hostapd: Fix BSS channel checks in 40 MHz scan 2009-11-16 13:52:12 +02:00
Jouni Malinen
c94ec09ed3 WPS: Do not use ASCII-dump on binary PutWLANResponse NewMessage 2009-11-15 18:28:59 +02:00
Jouni Malinen
00785aba71 WPS: Remove unused WFA WLANConfig Service actions
This removes following WFA WLANConfig Service actions and the related
state variables: GetAPSettings, SetAPSettings, DelAPSettings,
GetSTASettings, SetSTASettings, DelSTASettings, RebootAP,
ResetAP, RebootSTA, ResetSTA.

While WFA WLANConfig Service version 1.0 claims that some of these are
mandatory to implement for an AP, there are no known implementations
supporting these actions neither in an AP/proxy or an External Registrar
that would use them. These are unlikely to be supported in the future
either and as such, it is just simpler to get rid of them to clean up
the implementation and reduce code size.
2009-11-14 14:08:58 +02:00
Andriy Tkachuk
355d36a7bf Disassociate STA if it associated with invalid/missing WPA/RSN IE
When using drivers that process management frames internally (e.g.,
madwifi, atheros, bsd), the driver may accept association with IEs
that do not match the security policy. Instead of silently leaving
the station associated, explicitly disassociate it to clear the
driver entry immediately.
2009-11-11 17:33:55 +02:00
Jouni Malinen
dd745de384 Fix use-after-free issue with pid_file in hostapd termination 2009-11-10 17:05:28 +02:00
Jouni Malinen
e542b40f93 WPS: Fix credential processing for open network case
There is no point in comparing cred->key == NULL since cred->key is
an array (never NULL). key_len == 0 should be used instead to indicate
that no key was specified.
2009-11-10 17:01:26 +02:00
Jouni Malinen
1d68e4c7d9 Fix hlr_auc_gw build (wpabuf.o is needed now for tls_openssh) 2009-11-10 16:53:47 +02:00
Jouni Malinen
b905c4a398 WPS: Add HTTP server module
Clean up code so that UPnP implementation does not need to include all
the HTTP functionality. In addition, make it easier to share HTTP server
functionality with other components in the future.
2009-11-08 17:26:55 +02:00
Jouni Malinen
0b40d03394 WPS: Move generic UPnP XML helper functionality into a separate file 2009-11-08 14:06:01 +02:00
Jouni Malinen
092794f480 WPS: Add HTTP client module to clean up code
Instead of implementing HTTP client functionality inside
wps_upnp_event.c, use a generic HTTP client module to do this. The HTTP
client code can now be shared more easily for other purposes, too.
2009-11-08 12:35:37 +02:00
Jouni Malinen
08eb154db5 Fix MCS set field to be based on driver info
Instead of using hardcoded Rx MCS bitmask (indexes 0..15 enabled),
use the real information from the driver capabilities.
2009-11-05 12:38:47 +02:00
Jouni Malinen
f1739bac4f Move PKCS# {1,5,8} functionality into separate files
This functionality fits better with src/tls (i.e., internal TLS
implementation), so move it there to make crypto_internal.c more
of a wrapper like other crypto_*.c files.
2009-10-17 12:48:55 +03:00
Jouni Malinen
20bd9547a1 Add ctrl_iface events for AP mode STA connect/disconnect
These are used to notify ctrl_iface monitors when a STA completes
connection (the port becomes authorized) and when a STA disconnects.
2009-10-16 17:51:49 +03:00
Masashi Honma
279d859b8f Fix IEEE 802.11r/w compilation error
The hostapd/wpa_supplicant compilation failed with CONFIG_IEEE80211R=y
or CONFIG_IEEE80211W=y option if CONFIG_EAP_PSK and CONFIG_EAP_GPSK are
not used.
2009-10-13 10:04:46 +03:00
Jouni Malinen
786c4fee9d Include aes_unwrap in build when needed (FT and EAP-FAST server) 2009-10-12 09:10:24 +03:00
Jouni Malinen
bd4e9d033b Replace CONFIG_NO_AES_EXTRAS with auto-detection during build
There is no need to do this manually since it is possible to figure
out automatically which AES extra files need to be included in the
build.
2009-10-11 22:23:50 +03:00
Jouni Malinen
38b462868c Clean up crypto makefile segments
Reorganize the TLS/crypto library segments into a single set of blocks
for each library instead of multiple locations handling library-specific
operations. Group crypto functionality together and get wpa_supplicant
and hostapd Makefile closer to eachother in order to make it easier to
eventually move this into a shared makefile.
2009-10-11 22:04:29 +03:00
Jouni Malinen
7137456941 Move TLS_FUNCS and NEED_CRYPTO segment next to each other 2009-10-11 20:34:26 +03:00
Jouni Malinen
9d388d5007 Further crypto makefile unification 2009-10-11 20:31:15 +03:00
Jouni Malinen
0dba0175c5 Fix crypto config for minimal builds 2009-10-11 20:19:12 +03:00
Jouni Malinen
000bbd77c9 Cleaned up and unified some of the crypto Makefile code 2009-10-11 19:42:04 +03:00
Jouni Malinen
f042122a57 Allow the internal DH implementation to be overridden
Crypto library wrappers can now override the internal DH (group 5)
implementation. As a starting point, this is done with OpenSSL. The
new mechanism is currently available only for WPS (i.e., IKEv2 still
depends on the internal DH implementation).
2009-10-11 19:17:22 +03:00
Jouni Malinen
dd01b1ff9d Include only the used DH groups in the build
This reduces the binary size by 3 kB or so when WPS is included in
the build, but IKEv2 is not.
2009-10-11 15:24:40 +03:00
Blaž Bačnik
1066c1ee3c Fix VLAN ID validation check to use the new VLAN ID
When checking the validity of VLAN ID based on RADIUS-based ACL or
accept_mac_file, the assigned vlan_id, not the old sta->vlan_id
(likely zero) needs to be used.
2009-09-30 20:44:04 +03:00
Jouni Malinen
4f760fcc7c Fix hostapd wpa_msg() calls ctx for wpa_supplicant AP mode
Need to use wpa_s pointer, not hapd pointer, for these calls.
2009-09-29 21:25:14 +03:00
Jouni Malinen
c140a22858 Remove the STA entry on reassociation to clear STA PS state
hostapd needs to remove the old STA entry if it exists when processing
reassociation back to the same AP. This removes the potentially PS
buffered frames and allows association parameters to be updated with
mac80211.
2009-09-26 21:30:43 +03:00
Jouni Malinen
abad3ccb1e Convert WPS IE concat routine to a generic helper
This may also be needed in wpa_supplicant and potentially for other
IE types, too.
2009-09-11 16:36:59 +03:00
Jouni Malinen
ded30a6b41 Move STA list ctrl_iface handlers to a separate file
This makes it easier to share the hostapd station table query
functionality with wpa_supplicant AP mode operations.
2009-09-08 12:56:07 +03:00
Jouni Malinen
2678509dec WPS: Store device info and make it available through AP ctrl_iface
Store a copy of device attributes during WPS protocol run and make it
available for external programs via the control interface STA MIB
command for associated stations. This gives access to device name and
type which can be useful when showing user information about associated
stations.
2009-09-07 22:09:13 +03:00
Jouni Malinen
e6965d4e5d Fix WPA reconfiguration to update GTK
The group key state machine needs to be re-initialized with possible
updated GTK length when restarting WPA (e.g., when WPS was used to
reconfigure the AP).
2009-09-06 13:55:01 +03:00
Jouni Malinen
7cba52d852 Use OpenSSL for RC4 instead of internal implementation 2009-08-16 22:26:13 +03:00
Jouni Malinen
ac73690c06 Move RC4 into crypto.h as a replaceable crypto function
This allows crypto library wrappers to override the internal RC4
implementation in the same way as can already be done for other crypto
algorithms.
2009-08-16 20:13:14 +03:00
Jouni Malinen
8ef1683115 Remove rc4() wrapper
This is not really of that much use since rc4_skip() can be used as
easily. In addition, rc4 has caused some symbol conflicts in the past,
so it is easier to live without that as an exported symbol.
2009-08-16 19:57:50 +03:00
Jouni Malinen
c5f6ad5766 Verify CHAP/MSCHAPv2 return code
Check the return code in some (but not yet all) places where the
functions from ms_funcs.c are used.
2009-08-16 19:07:57 +03:00
Jouni Malinen
ce78b289c4 Fix OpenSSL build (internal SHA256 not used anymore) 2009-08-16 19:05:29 +03:00
Bjarke Istrup Pedersen
466940c55e Use LDFLAGS in all linker commands
When building hostapd and wpa_supplicant, the build system does not
respect the LDFLAGS selected in the environment in some cases. [Bug 311]
2009-08-16 09:47:56 +03:00
Jouni Malinen
cedf947308 Figure out absolute path for the pid file before daemonizing
This allows relative path to be used in the same way as was already
supported by wpa_supplicant.
2009-08-15 20:09:24 +03:00
Jouni Malinen
ba30964b60 Force rebuilding of src/drivers between hostapd and wpa_supplicant
This is a (hopefully) temporary workaround to allow the same source code
tree to be used for building hostapd and wpa_supplicant without having
to manually force recompilation of some files. Currently, some of the
driver wrapper files need to be built separately for hostapd and
wpa_supplicant (#ifdef's in the files based on AP functionality).

This is somewhat racy as far as parallel make execution is concerned,
i.e., it may be necessary to run "make -j#" twice (plain "make" works
fine. Since this is supposed to be a temporary workaround, there is not
much point in trying to fix this with any more complex make processing.
2009-08-14 20:40:37 +03:00
Johannes Berg
fe6bdb777e Replace NEED_MLME with NEED_AP_MLME
This makes it clearer that it's about the AP, not client-side MLME, even
when built into the client (wpa_supplicant).
2009-08-14 20:01:41 +03:00
Johannes Berg
e7cd16cac5 Create a common drivers makefile snippet
Instead of having all driver stuff collected across wpa_supplicant
and hostapd, create a common snippet that they both include and
that handles the build configuration.
2009-08-14 19:53:27 +03:00
Jouni Malinen
061971b5f8 Fix hlr_auc_gw build after crypto build cleanup 2009-08-13 11:50:52 +03:00
Johannes Berg
4c9e03e0b2 Crypto build cleanup: remove CONFIG_NO_AES_*
Instead of using a defines and conditional building of AES parts,
move the conditional functionality into separate files.
2009-08-13 11:40:28 +03:00
Johannes Berg
27da6d4a0e Crypto build cleanup: remove CONFIG_NO_AES_ENCRYPT
Instead of using a define and conditional building of AES parts,
move the AES encryption routines into a separate file.
2009-08-13 11:21:32 +03:00
Johannes Berg
381fcbc9f4 Crypto build cleanup: remove CONFIG_NO_AES_DECRYPT
Instead of using a define and conditional building of AES parts,
move the AES decryption routines into a separate file.
2009-08-13 11:16:21 +03:00
Johannes Berg
18abe7acb0 Crypto build cleanup: remove CONFIG_NO_PBKDF2
Instead of using a define and conditional building of sha1.c parts,
move the PBKDF2 implementation into a separate file.
2009-08-11 20:31:39 +03:00
Johannes Berg
d9feab18fc Crypto build cleanup: remove CONFIG_NO_TLS_PRF
Instead of using a define and conditional building of sha1.c parts,
move the TLS PRF implementation into a separate file.
2009-08-11 20:24:06 +03:00
Johannes Berg
6f693b5d0b Crypto build cleanup: remove CONFIG_NO_T_PRF
Instead of using a define and conditional building of sha1.c parts,
move the T-PRF implementation into a separate file.
2009-08-11 20:19:37 +03:00
Johannes Berg
05edfe2994 Crypto build cleanup: remove NEED_FIPS186_2_PRF
Instead of using a define and conditional building of crypto wrapper
parts, move the FIPS 186-2 PRF implementation into separate files.
2009-08-11 20:06:23 +03:00
Johannes Berg
ad01a5315e Crypto build cleanup: remove INTERNAL_MD5
Instead of using a define and conditional building of md5.c parts,
move the internal-MD5 into a separate file.
2009-07-28 21:36:13 +03:00
Johannes Berg
bd4e28950d Crypto build cleanup: remove INTERNAL_MD4
In addition, rename md4.c to md4-internal.c to match in style with
SHA-1 conditionally built internal implementation.
2009-07-28 21:27:02 +03:00
Johannes Berg
598a792d8c Crypto build cleanup: remove INTERNAL_SHA256
Instead of using a define and conditional building of sha256.c parts,
move the internal-SHA256 into a separate file.
2009-07-28 21:20:04 +03:00
Johannes Berg
246157cba6 Crypto build cleanup: remove INTERNAL_AES
In addition, rename aes.c to aes-internal.c to match in style with
SHA-1 conditionally built internal implementation.
2009-07-28 21:09:57 +03:00
Johannes Berg
657f038102 Crypto build cleanup: remove INTERNAL_DES
In addition, rename des.c to des-internal.c to match in style with
SHA-1 conditionally built internal implementation.
2009-07-28 21:00:44 +03:00
Johannes Berg
928a50a355 Crypto build cleanup: remove INTERNAL_SHA1
Instead of using a define and conditional building of sha1.c parts,
move the internal-SHA-1 into a separate file.
2009-07-28 20:47:04 +03:00
Johannes Berg
b2840aafaf make the build process quieter to see warnings 2009-07-28 14:37:40 +03:00
Jouni Malinen
fa16028d0f Add generic infrastructure for Probe Request callbacks
Instead of calling specific Probe Request handler functions, use a
generic mechanism that allows multiple callback functions to be
registered for getting notification on receive Probe Request frames.
2009-06-12 18:13:40 +03:00
Jouni Malinen
3fed6f2504 Replace hostapd_wps_probe_req_rx() with more generic ProbeReq notifier
The driver wrappers should not need to include wps_hostapd.h, so let's
make this easier by introducing a driver callback for reporting Probe
Request frames.
2009-06-12 17:31:43 +03:00
Jouni Malinen
36c88ec814 hostapd: EAP-AKA' needs SHA256 2009-05-29 22:35:08 +03:00
Jouni Malinen
8077a80042 Fix STA flag setting for auto-authorization if 802.1X/WPA is not used
The authorized flag needs to be added to the set_flags mask to fix
the flags_or/_and values that are now used with the new nl80211
attribute.
2009-05-28 17:37:47 +03:00
Jouni Malinen
f8e96eb6fd hostapd: Require EAPOL-Key type to match with selected protocol
Previously, we would have allowed both the WPA and RSN EAPOL-Key
types to be used regardless of whether the association is using
WPA or RSN/WPA2. This shouldn't result in any significant problems
on the Authenticator side, but anyway, we should check the type and
ignore the EAPOL-Key frames that used unexpected type.
2009-05-27 09:52:24 +03:00
Jouni Malinen
077a781f7a WPS: Add support for setting timeout for PIN
hostapd_cli wps_pin command can now have an optional timeout
parameter that sets the PIN lifetime in seconds. This can be used
to reduce the likelihood of someone else using the PIN should an
active PIN be left in the Registrar.
2009-05-26 17:44:44 +03:00
Jouni Malinen
b63303b864 hostapd: Fix internal crypto build without TLS 2009-05-26 17:09:04 +03:00
Jouni Malinen
9f64b827c3 hostapd: Fix non-802.11w build 2009-05-26 17:08:43 +03:00
Jouni Malinen
eddd8010e6 Fix WMM and MFP STA flag setting with flags_or/flags_and
These were included correctly in total_flags, but not in
flags_or/flags_and.
2009-05-11 13:49:57 +03:00
Jouni Malinen
c4e281fd91 Drop unprotected Robust Action frames from MFP STAs
These frames are delivered through mac80211 monitor interface, so we
need to filter them out in hostapd.
2009-05-08 12:51:28 +03:00
Jouni Malinen
92305c5d9a Add more debugging details for SA Query processing 2009-05-06 19:04:01 +03:00
Jouni Malinen
24c9fcebfb Reject hostapd configuration without channel for nl80211 drivers
We could use auto-channel selection here eventually, but for now,
reject the configuration since it is not going to work correctly
(Beacon and Probe Response frames use incorrect value  in DS Params).
2009-05-06 16:07:43 +03:00
Jouni Malinen
617d155547 Add code to re-use an existing ctrl_iface socket file
Port the code from wpa_supplicant to re-use an existing ctrl_iface
socket file if the file does not seem to be in use. This allows
hostapd to recover from unclean shutdown of the control interface.
2009-05-06 11:31:45 +03:00
Jouni Malinen
1fb1a6f0bf Remove unused set_broadcast_ssid() driver op
None of the driver wrappers user this. hostapd-controlled broadcast SSID
hiding can only be used with drivers that use hostapd for handling
Beacon and Probe Request/Response frames.
2009-04-22 16:15:24 +03:00
Jouni Malinen
9351257cfb Remove the unused set_ieee80211d driver op
None of the driver wrappers use this. Only the drivers that use hostapd
for Beacon and Probe Request/Response handling can now use IEEE 802.11d
properly.
2009-04-22 16:11:22 +03:00
Jouni Malinen
f55802e8bf Move default_wep_key variable into EAPOL authenticator data
With this change, eapol_sm.c does not need to dereference main hostapd
structures anymore (i.e., hostapd.h is not needed to be included).
2009-04-22 15:27:51 +03:00
Jouni Malinen
30985b8600 Remove unused set_retry() driver op 2009-04-21 18:01:43 +03:00
Jouni Malinen
61693eaa80 hostapd: Remove unused passive scan functionality
This was not really supported by any of the included driver wrappers. If
this functionality is desired in the future, this (or something similar)
can be added with the changes needed into a driver wrapper to use the
mechanism.
2009-04-17 15:47:37 +03:00
Jouni Malinen
4b9841d34c Move more multi-BSSID processing into drv_callbacks.c
This simplifies driver wrapper operations and removes last direct
struct hostapd_data dereferences from driver_nl80211.c. In addition,
some of the TX callbacks are now fixed for secondary BSSes.
2009-04-17 13:29:29 +03:00
Jouni Malinen
412036f5f0 Provide own_addr buffer in hapd_init() parameters
This reduces number of places in driver wrapper that would need to
dereference struct hostapd_data pointer directly.
2009-04-17 11:55:51 +03:00
Jouni Malinen
731723a5bd Add own_addr as a parameter to sta_deauth() and sta_disassoc()
This fixes deauth/disassoc frames in secondary BSSes when using
multi-BSSID. In addition, it reduces need to dereference
struct hostapd_data inside driver wrappers.
2009-04-17 11:37:22 +03:00
Jouni Malinen
ad1e68e6b5 Clean up HT40 scan and share nl80211 scanning code
Instead of adding a new driver_ops for fetching neighbor BSS data (that
nl80211 driver interface had to scan during initialization), share the
same scan operations that wpa_supplicant is using. This gets rid of
duplicated scan code in driver_nl80211.c (and better yet, removes large
part of old WEXT code).

hostapd interface initialization is now completed in a callback, if
needed, i.e., he_features channel/hw_mode selection can use as much time
as needed. This can also help with radar detection in the future.
2009-04-16 16:22:40 +03:00
Jouni Malinen
b4fd6fab5b Share driver beacon configuration handlers 2009-04-09 23:44:39 +03:00
Jouni Malinen
92f475b4d8 Merge hostapd driver init functions into one
Use a parameter structure to pass in information that can be more easily
extended in the future. Include some of the parameters that were
previously read directly from hapd->conf in order to reduce need for
including hostapd/config.h into driver wrappers.
2009-04-09 23:28:21 +03:00
Jouni Malinen
e785c2ba3b Share same set_country driver op for hostapd and wpa_supplicant 2009-04-09 20:01:25 +03:00
Jouni Malinen
9f324b61ba Share management frame send driver op for hostapd and wpa_supplicant
The same implementation can be shared in most cases, so better share the
same driver_ops handler function.
2009-04-09 19:57:20 +03:00
Jouni Malinen
8342130269 Remove flags parameter from send_mgmt_frame() driver op
This was not documented properly and was not really used nor would it be
suitable to be used in generic way as it was implemented. It is better
to just remove the parameter since there does not seem to be any
reasonable use for it.
2009-04-09 19:42:19 +03:00
Jouni Malinen
c3965310e6 Use common get_hw_feature_data for hostapd and wpa_supplicant
This merges the driver wrapper implementations to use the same
implementation both for hostapd and wpa_supplicant operations to avoid
code duplication.
2009-04-09 14:11:39 +03:00
Jouni Malinen
c51218372f Merge wpa_supplicant and hostapd driver wrapper implementations
This commit merges the driver_ops structures and implementations from
hostapd/driver*.[ch] into src/drivers. This is only an initial step and
there is room for number of cleanups to share code between the hostapd
and wpa_supplicant parts of the wrappers to avoid unnecessary source
code duplication.
2009-04-09 13:40:12 +03:00
Jouni Malinen
acae30ed7b nl80211: Add bridge interfaces from secondary BSSes to ifidx list
This fixes EAPOL RX for secondary BSSes that are in a bridge that does
not match with the bridge used for the primary BSS.
2009-04-03 21:17:23 +03:00
Jouni Malinen
f82ef4d8db nl80211: Fix EAPOL frame RX for secondary BSSes
Need to figure out which BSS should process the frame based on the
source address (STA/Supplicant MAC address).
2009-04-03 21:04:25 +03:00
Jouni Malinen
6143f11705 nl80211: Remove dead code
The EAPOL packet socket is not bound to a specific ifindex, so no need
to setup the address for a bind() call that is not here anyway.
2009-04-03 20:55:19 +03:00
Jouni Malinen
c043aadc40 nl80211: Remove unuset set_privacy() and set_internal_bridge() 2009-04-03 20:44:03 +03:00
Jouni Malinen
515cf93f8c Mark STA authorized if IEEE 802.1X and WPA is not used
This fixes multi-BSS configuration with driver_nl80211.c to mark STAs
that use secondary BSSes with open/static WEP without having to make
driver_nl80211.c track 802.1X configuration for each BSS.
2009-04-03 20:40:07 +03:00
Jouni Malinen
c213cc0433 Fix some multi-BSSID configuration operations
Static WEP keys were configured only for the first BSS. In addition,
STAs were flushed only for the first BSS. These operations should be in
hostapd_setup_bss(), not setup_interface().

Remove extra call to ieee802_11_set_beacon() for the first BSS. This
should only be done from hostapd_setup_bss(), i.e., once for each BSS.
2009-04-03 20:14:39 +03:00
Jouni Malinen
6caf9ca68c Share same hw_feature definitions between hostapd and wpa_supplicant 2009-04-03 19:04:20 +03:00
Jouni Malinen
6de726abb5 Remove unused driver_ops
get_rts, get_frag, get_retry, and set_key_tx_rx_threshold were not used
anywhere, so get rid of them.
2009-04-03 11:59:08 +03:00
Jouni Malinen
a9a2cb5abb Merge wireless_event_{,de}init() into {,de}init() driver op 2009-04-03 11:51:40 +03:00
Jouni Malinen
0915d02c3c wpa_supplicant AP: Add management frame RX for nl80211 2009-04-02 21:59:14 +03:00
Jouni Malinen
f1f54cb8b1 Fix RSN parameter setting for multi-BSS case
rsn_pairwise and wpa_group were set properly only for the last BSS, but
they do need to be set for all BSSes.
2009-04-02 19:54:13 +03:00
Jouni Malinen
74f2ad326f Merge set_dtim_period() into set_beacon()
No need for a separate driver_ops handler for setting DTIM period since
this is always set at the same time with the Beacon data. Beacon
interval is still set separately since it is consider per-radio
parameter (Beacon data and DTIM period are per-BSS parameters).
2009-04-02 16:05:21 +03:00
Jouni Malinen
c0a6190815 Fix SHA-256-based KDF when using CCMP as the pairwise cipher
IEEE 802.11r KDF uses key length in the derivation and as such, the PTK
length must be specified correctly. The previous version was deriving
using 512-bit PTK regardless of the negotiated cipher suite; this works
for TKIP, but not for CCMP. Update the code to use proper PTK length
based on the pairwise cipher.

This fixed PTK derivation for both IEEE 802.11r and IEEE 802.11w (when
using AKMP that specifies SHA-256-based key derivation). The fixed
version does not interoperate with the previous versions. [Bug 307]
2009-04-01 12:04:36 +03:00
Jouni Malinen
6ce4b59342 WPS: Fix hostapd runtime WPS configuration after Enrollee run
If the AP is configured with WPS, we need to update the local WPS data
in order to provide correct credentials for Enrollees.
2009-03-30 18:48:41 +03:00
Jouni Malinen
9c6d8e1db5 Make channel number available to set_freq()
Since we have the channel number, we could as well pass it to the driver
wrapper should there be drivers that use channel number instead of
frequency.
2009-03-30 17:55:37 +03:00
Jouni Malinen
0f2b2c1973 Add needed AP driver wrappers (most of which are still to-do) 2009-03-27 17:13:54 +02:00
Jouni Malinen
c813b69546 Update driver SSID and 802.1X/WPA parameters on configuration reload
This is needed for WPS AP reconfiguration with driver wrappers that do
not use hostapd MLME.
2009-03-27 16:10:14 +02:00
Masashi Honma
871bb568d2 Fix: Loop in driver selection routine
Increment an index variable not 'i' but 'j'.

(this was broken yesterday by a cleanup change
3067ac2bb8)
2009-03-27 10:49:47 +02:00
Jouni Malinen
89111f3bbc Rename struct wpa_driver_ops to hapd_driver_ops
This avoids conflicts with the wpa_supplicant structure with the same
name.
2009-03-26 20:35:49 +02:00
Jouni Malinen
b6a7859d15 Move hostapd_init() into main.c 2009-03-26 19:23:41 +02:00
Jouni Malinen
3067ac2bb8 Get rid of couple of shadowed variable warnings 2009-03-26 19:23:02 +02:00
Jouni Malinen
21db94c5dc Remove shadowed variable 2009-03-26 19:09:25 +02:00
Jouni Malinen
5c333467b3 Move main() and configuration file related functions into main.c
This makes it easier to share hostapd.c with wpa_supplicant
2009-03-26 19:06:02 +02:00
Jouni Malinen
c746331b52 Allow hostapd/config.h and wpa_supplicant/config_ssid.h coexist
Move the shared IEEE 802.11w enum definition into src/common/defs.h to
avoid redefinition when both configuration structures are included into
the same file.
2009-03-26 16:06:15 +02:00
Jouni Malinen
89d39d9d6c Move hostapd driver_ops to use similar set_key with wpa_supplicant 2009-03-25 17:49:22 +02:00
Jouni Malinen
fb86519d12 Replace deprecated add_sta() with add_sta2() 2009-03-25 16:55:09 +02:00
Jouni Malinen
909a6ef00c Remove deprecated version of set_freq() and rename the new version 2009-03-25 16:48:22 +02:00
Jouni Malinen
4f86ca6870 Remove unused set_assoc_ap() wpa_driver_ops
The need for this was removed with the experimental
hostapd-as-a-client-STA functionality.
2009-03-25 16:45:57 +02:00
Jouni Malinen
089757c6a9 Fix wpa_supplicant AP build after hostapd header file cleanup 2009-03-25 16:35:26 +02:00
Jouni Malinen
b1c0e29733 Include config.h explicitly into files that actually use it
hostapd.h does not need to include config.h.
2009-03-25 16:29:00 +02:00
Jouni Malinen
97234b5073 Move STA entry structure into sta_info.h and remove ap.h
This cleans up some of the hostapd include file usage and only includes
the needed STA flags into driver wrappers.
2009-03-25 16:13:35 +02:00
Jouni Malinen
2991469cd1 Replace sta_aid array with bitfield
The actual pointer to struct sta_info was not really used and it is
enough to use a single bit to indicate whether an AID is allocated. This
makes the BSS data take less memory while making the allocation routine
faster and removing the arbitrary MAX_AID_TABLE_SIZE limit of 128 STAs.
2009-03-25 15:54:25 +02:00
Jouni Malinen
d42a62b36c Move AID derivation into a separate function 2009-03-25 15:35:00 +02:00
Jouni Malinen
1e5839e06f Rename EAP server defines from EAP_* to EAP_SERVER_*
This allows separate set of EAP server and peer methods to be built into
a single binary.
2009-03-25 12:06:19 +02:00
Jouni Malinen
17449e213f Remove local variable shadowing to avoid a warning 2009-03-25 11:36:09 +02:00
Jouni Malinen
5ce2a4649d driver_madwifi: Fix build with old driver versions
Do not reference ie.rsn_ie in wpa_hexdump outside #ifdef MADWIFI_NG.
[Bug 302]
2009-03-22 15:54:26 +02:00
Jouni Malinen
75864b7f63 Fix UNIX domain socket address handling to be more portable
Remove all fields before sun_path before printing or comparing sun_path
contents. Using offsetof should be portable. In addition, set sun_len
for FreeBSD.
2009-03-21 22:07:14 +02:00
Jouni Malinen
7d737d6bf9 Fix FreeBSD build by not adding -ldl
Unlike Linux, FreeBSD does not use libdl.
2009-03-21 20:59:07 +02:00
Jouni Malinen
4df91b3f3f Fix driver_bsd.c build for FreeBSD 2009-03-21 20:58:27 +02:00
Jouni Malinen
8104763131 Fix CONFIG_DRIVER_RADIUS_ACL=y build 2009-03-21 20:56:39 +02:00
Jouni Malinen
4cb0dcd92d Fix IEEE 802.11r key derivation function to match with the standard
IEEE Std 802.11r-2008, 8.5.1.5.2 starts the 'i' counter from 1, not 0.
Note: this breaks interoperability with previous versions. [Bug 303]
2009-03-19 15:46:00 +02:00
Jouni Malinen
c5aaa01562 Detach ctrl_iface monitor if the client socket is removed
No need to wait for 10 errors when using UNIX domain socket; we can
detach the client immediately on ENOENT.
2009-03-17 16:56:30 +02:00
Kel Modderman
bffc384cbf hostapd: Fix some manual page formatting
lintian (Debian package lint tool) found some small deficiencies in
hostapd.8 and hostapd_cli.1.
2009-03-13 20:49:01 +02:00
Jouni Malinen
51853c899b Fix TNC with EAP-TTLS
This was broken by 510c02d4a3 which added
validation of eap_ttls_phase2_eap_init() return value. The main problem
in the code trying to initialize a new phase 2 EAP method
unconditionally; this should only happen if there is a new method in the
inner method sequence.
2009-03-13 18:20:59 +02:00
Jouni Malinen
90ac1f9fc9 Allow more complex BSSID masks to be used for multi-BSSID
If every secondary BSS is configured with a pre-set BSSID, hostapd does
not enforce the BSSID mask requirements anymore, i.e., they are used
only if hostapd is responsible for generating MAC addresses for virtual
interfaces.
2009-03-12 22:01:26 +02:00
Jouni Malinen
eb1f7446b5 Move DTIM period configuration into Beacon set operation
This is needed to make mac80211 work with multi-BSS configuration. The
previous design ended up setting DTIM period for secondary BSSes before
setting the Beacon and driver_nl80211.c was not really prepared for
that. Eventually, the Beacon configuration routines should be combined
into a single driver operation, but for now, just moving this call is
the simplest workaround.
2009-03-12 21:57:08 +02:00
Jouni Malinen
816bce98e1 nl80211: Add per-BSS data structure and enable BSS add/remove
This allows mac80211 to be used for multi-BSSID operations.
2009-03-12 21:55:42 +02:00
Jouni Malinen
f238cf9f42 FT: Add RIC Request processing and RIC Response generation
hostapd will now go through the RIC Request and process each RDIE. Only
WMM TSPEC requests are currently supported; all other request
descriptors will be declined.

RIC Response is written by hostapd and verified by wpa_supplicant (MIC
validation). wpa_supplicant does not yet have code to notify the driver
about the resource request results.
2009-03-09 22:25:58 +02:00
Jouni Malinen
babfbf15cc FT: Add RIC Request generation and validation (but not processing)
This adds first part of FT resource request as part of Reassocition
Request frame (i.e., FT Protocol, not FT Resource Request Protocol).
wpa_supplicant can generate a test resource request when driver_test.c
is used with internal MLME code and hostapd can verify the FTIE MIC
properly with the included RIC Request.

The actual RIC Request IEs are not processed yet and hostapd does not
yet reply with RIC Response (nor would wpa_supplicant be able to
validate the FTIE MIC for a frame with RIC Response).
2009-03-09 20:45:17 +02:00
Jouni Malinen
143a4bf632 WPS: Add a workaround for static WEP with Windows network probe
Windows XP and Vista clients can get confused about EAP-Identity/Request
when they probe the network with EAPOL-Start. In such a case, they may
assume the network is using IEEE 802.1X and prompt user for a
certificate while the correct (non-WPS) behavior would be to ask for the
static WEP key. As a workaround, use Microsoft Provisioning IE to
advertise that legacy 802.1X is not supported.

This seems to make Windows ask for a static WEP key when adding a new
network, but at least Windows XP SP3 was still marking IEEE 802.1X
enabled for the network. Anyway, this is better than just leaving the
network configured with IEEE 802.1X and automatic WEP key distribution.
2009-03-08 19:36:02 +02:00
Jouni Malinen
ed843aaa33 WMM-AC: Fix hostapd processing of ADDTS Request and add test code
Calculate the estimated medium time using integer variables since there
is no real need to use floating point arithmetics here. In addition,
make sure there is no division by zero regardless of how invalid the
request from the station is. Reject invalid parameters and refuse
requests that would take most of the bandwidth by themselves.

Add test code into wpa_supplicant mlme.c to allow WMM-AC negotiation to
be tested with driver_test.
2009-03-06 20:15:00 +02:00
Jouni Malinen
9cf548c082 Allow PN531_PATH to be overriden from .config 2009-03-06 16:25:48 +02:00
Masashi Honma
e1ee6b600b WPS: Add support for NFC out-of-band mechanism
The new file wps_nfc.c and ndef.c implements NFC device independent
operation, wps_nfc_pn531.c implements NFC device dependent operation.

This patch is only for the following use case:
- Enrollee = wpa_supplicant
- Registrar = hostapd internal Registrar

Following NFC methods can be used:
- Enrollee PIN with NFC
- Registrar PIN with NFC
- unencrypted credential with NFC

Encrypted credentials are not supported.

Enrollee side operation:

Registrar side operation:

Example configuration.
CONFIG_WPS=y
CONFIG_WPS_NFC=y
CONFIG_WPS_NFC_PN531=y

I used NFC device "NXP PN531". The NFC device access method is
confidential, so I used outer library. Please download below files from
https://www.saice-wpsnfc.bz/index.php

[WPS NFC Library]
WpsNfcLibrary/WpsNfc.h
WpsNfcLibrary/WpsNfcType.h
WpsNfcLibrary/WpsNfcVersion.h
WpsNfcLibrary/linux/libnfc_mapping_pn53x.dll
WpsNfcLibrary/linux/wpsnfc.dll

[NFC Reader/Writer Kernel Driver]
NFCKernelDriver-1.0.3/linux/kobj/sonyrw.ko

<WiFi test>
The hostapd/wpa_supplicant with this patch passed below tests on
"Wi-Fi WPS Test Plan Version 1.6".
4.2.5 Add device using NFC Method with password token
(I used SONY STA instead of NXP STA.)

4.2.6 Add device using NFC Method with configuration token

5.1.9 Add to AP using NFC Method with password token
through internal registrar
(I used SONY AP instead of NXP AP.)

5.1.10 Add to AP using NFC Method with configuration token
through internal registrar
2009-03-06 16:16:22 +02:00
Jouni Malinen
d85825e355 Fix UP-to-AC mapping for prio 3 (EE) to be AC_BE, not AC_VI 2009-03-05 16:37:13 +02:00
Jouni Malinen
37d8922e58 Fix non-HT STA addition
35463eaed3 broke non-HT STA add by trying
to se random HT capabilities to mac80211. Fix that by using NULL ht_cap
for non-HT case.
2009-03-05 11:25:32 +02:00
Jouni Malinen
f72750896c nl80211: Add verbose result debugging for NL80211_CMD_NEW_STATION 2009-03-05 11:24:48 +02:00
Jouni Malinen
b175bff0ce No need for including endian.h anymore 2009-03-04 16:29:36 +02:00
Jouni Malinen
317c33ebfb No need to check WMM IE OUI or type here
IE parser has already taken care of this. In addition, show QoS info
field in debug output.
2009-03-04 16:28:47 +02:00
Jouni Malinen
979be3fecf Use bit mask/shift and helper functions instead of C bit fields 2009-03-04 16:23:44 +02:00
Jouni Malinen
3ae0800c5f WMM cleanup (WME -> WMM rename, comments, etc.)
This updates the terminogy to match with the final WMM specification. In
addition, some of the WMM TSPEC structure fields were in incorrect order
and used without byte order swapping. Those are also taken care of this
cleanup patch.
2009-03-04 12:33:24 +02:00
Jouni Malinen
1c6965f7db Remove unused tsinfo() 2009-03-04 11:32:51 +02:00
vasanth
35463eaed3 Pass negotiated ht capability information after the association
This patch replaces the station's ht capability information with the
negotiated one in NL80211_CMD_NEW_STATION. This negotiated ht
capability will be needed for rate control initialization in the
driver.

Signed-off-by: vasanth <vasanth@atheros.com>
2009-03-02 19:17:35 +02:00
Jouni Malinen
1fd4b0db7c Fix EAPOL/EAP reauthentication with external RADIUS server
The EAP server state machine will need to have special code in
getDecision() to avoid starting passthrough operations before having
completed Identity round in the beginning of reauthentication. This was
broken when moving into using the full authenticator state machine from
RFC 4137 in 0.6.x.
2009-03-02 19:06:23 +02:00
Jouni Malinen
24466b188a WPS: Convert WEP key to hex
Use of hex is safer since the enrollee may configure AP with 5 or 13
random octets of binary data as the key.
2009-02-27 17:08:17 +02:00
Jouni Malinen
f4c617ee4c WPS UFD: Add entry to ChangeLog 2009-02-26 22:10:50 +02:00
Jouni Malinen
116f7bb0a3 WPS UFD: Build OOB functionality only if UFD is enabled 2009-02-26 22:10:21 +02:00
Jouni Malinen
d5e2b2d274 WPS UFD: Use pre-configured DH keys only with OOB
The old behavior of generating new DH keys can be maintained for non-OOB
cases and only OOB (in this case, with UFD) will use the pre-configured
DH keys to allow the public key hash to be checked.
2009-02-26 22:09:35 +02:00
Jouni Malinen
7cbf51bbd8 WPS UFD: Remove oob_dev pointer from wps_context
This pointer and the especially the oob_dev->device_path does not remain
valid, so better not save it any longer than it is needed.
2009-02-26 22:07:55 +02:00
Jouni Malinen
390cd3105d WPS UFD: Make build conditional on CONFIG_WPS_UFD=y
Not all embedded devices have USB interface and it is useful to be able
to remove unneeded functionality from the binary. In addition, the
current implementation has some UNIX specific calls in it which may make
it not compile cleanly on all target systems.
2009-02-26 22:01:36 +02:00
Masashi Honma
46bdb83acd WPS: Add UFD support (USBA out-of-band mechanism)
This patch is only for the following use case:
- Enrollee = wpa_supplicant
- Registrar = hostapd internal Registrar

Following UFD methods can be used:
- Enrollee PIN with UFD
- Registrar PIN with UFD
- unencrypted credential with UFD

Encrypted credentials are not supported.

Enrollee side operation:
wpa_cli -i ath0 wps_oob <device type> <mount point> <oob method>
    oob method = pin-e/pin-r/cred

wpa_cli -i ath0 wps_oob ufd /mnt/ pin-r

Registrar side operation:
./hostapd_cli -i ath0 wps_oob <device type> <mount point> <oob method>
    oob method = pin-e/pin-r/cred

hostapd_cli -i ath0 wps_oob ufd /mnt/ cred
2009-02-26 21:57:38 +02:00
Jouni Malinen
a9aca28ba3 Fix WPS in non-WPA modes with drivers that implement MLME
Need to set WLAN_STA_WPS and WLAN_STA_MAYBE_WPS flags even if WPA is not
enabled. This allows open and static WEP modes to initiate WPS
negotiation with madwifi-like drivers.
2009-02-23 20:57:07 +02:00
Jouni Malinen
6d7fb6918d Add new driver wrapper for the Atheros driver
This uses similar, but not identical, interface to madwifi. It is easier
to keep this separate to avoid conflicts with potential changes in the
driver interfaces.
2009-02-19 16:27:07 +02:00
Jouni Malinen
d3cba719ff WPS: Use WEP key index 1..4 instead of 0..3 when configuring AP 2009-02-18 20:17:47 +02:00
Sebastien Decugis
ab61c4fc36 Fix hostapd build without NEED_MLME
The following patch fixes a compilation issue when compiling hostapd to
serve as pure RADIUS authentication server.
2009-02-18 19:43:07 +02:00
Jouni Malinen
8807377fe4 nl80211: Add TX/RX packet counts into accounting information 2009-02-18 11:29:45 +02:00
Jouni Malinen
dbdf58b053 driver_nl80211: Fix STA accounting data collection
TX/RX bytes are now reported correctly (typo ended up leaving TX bytes
uninitialized and set RX bytes value to use correct TX bytes). TX/RX
packet counts are not yet available from kernel, so we have to clear the
values to avoid reporting bogus data.
2009-02-16 13:28:42 +02:00
Masashi Honma
34a6c94178 WPS: Fix clearing of WPS IE with madwifi driver
On WPS init/deinit process, the hostapd clears it's own WPS IE
with 0 length WPS IE. But it fails. Because the parameter to
ioctl is too short. Then hostapd prints a below message.

ioctl[IEEE80211_IOCTL_SET_APPIEBUF]: Invalid argument
2009-02-10 11:23:59 +02:00
Jouni Malinen
d0184cb25c UPnP: Renamed PutWLANResponse callback function to match action
No point in adding extra "event_" to the name.
2009-02-06 21:44:19 +02:00
Jouni Malinen
915c1ba3c5 WPS UPnP: Added support for multiple external Registrars
Allow more than one pending PutWLANMessage data to be stored (M2/M2D
from multiple external Registrars) and drop pending M2/M2D messages when
the Enrollee replies with M3.
2009-02-06 21:39:32 +02:00
Jouni Malinen
e1bad1cd7d UPnP: Workaround bogus NewWLANEventMAC in PutWLANResponse
It looks like Intel wsccmd may send a bogus NewWLANEventMAC
(11:22:33:44:55:66) when acting as an wired external Registrar. Work
around this by going through all STAs if the address does not match and
pick the STA that is in an ongoing WPS registration.
2009-02-06 16:39:49 +02:00
Daniel Mierswa
b77eab282a Explicitly link against libdl when including TNC support
If you don't choose OpenSSL as TLS implementation and choose to enable
CONFIG_EAP_TNC you have to link against libdl. The OpenSSL libraries
implicitly link against them, so this might be a reason why it wasn't
noticed yet. I assume the same applies to hostapd.
2009-02-05 19:24:16 +02:00
Jouni Malinen
42f1ee7d1f Fixed scan buffer increasing with WEXT
We can now handle up to 65535 byte result buffer which is the maximum
due to WEXT using 16-bit length field. Previously, this was limited to
32768 bytes in practice even through we tried with 65536 and 131072
buffers which we just truncated into 0 in the 16-bit variable.

This more or less doubles the number of BSSes we can received from scan
results.
2009-02-05 12:00:23 +02:00
Pavel Roskin
e7e9c46e55 Use better examples for MadWifi path in defconfig, clarify comments
MadWifi is unlikely to be in ../head relative to hostapd or
wpa_supplicant, as it would be inside the hostap git repository.
MadWifi sources are more likely to be in a directory called "madwifi"
and residing outside the hostap repository.  Using "madwifi" also
demonstrates that the top-level madwifi directory is needed.
2009-02-04 21:45:14 +02:00
Jouni Malinen
5eb4e3d024 802.11n: scan for overlapping BSSes before starting 20/40 MHz channel
Try to match PRI/SEC channel with neighboring 20/40 MHz BSSes per
IEEE 802.11n/D7.0 11.14.3.2. This is not yet complete implementation,
but at least some parts of the 40 MHz coex are improved.

40 MHz operation maybe rejected (i.e., fall back to using 20 MHz) or
pri/sec channels may be switched if needed.
2009-02-04 21:19:54 +02:00
Jouni Malinen
30fd5f1467 Verify that driver supports configured HT capabilities 2009-02-04 12:49:23 +02:00
Sebastien Decugis
c9c3eafacb Remove unused variable from struct hostapd_config
I think that the "radius" pointer in the structure hostapd_config is
never used; when the configuration is parsed the related data is stored
in hostapd_bss_config's "radius" var.
2009-01-30 21:21:46 +02:00
Jouni Malinen
6f4071c084 Do not use country_code default (was: US)
If country_code is not included in hostapd.conf, refuse to enable IEEE
802.11d and do not try to set the regulatory domain in kernel.
2009-01-30 12:43:19 +02:00
Jouni Malinen
c5e1522f9a Added notes about WPS UPnP support and external Registrars 2009-01-29 19:19:30 +02:00
Jouni Malinen
f620268f13 WPS: Add support for external Registrars using UPnP transport
This adds mostly feature complete external Registrar support with the
main missing part being proper support for multiple external Registrars
working at the same time and processing of concurrent registrations when
using an external Registrar.

This code is based on Sony/Saice implementation
(https://www.saice-wpsnfc.bz/) and the changes made by Ted Merrill
(Atheros) to make it more suitable for hostapd design and embedded
systems. Some of the UPnP code is based on Intel's libupnp. Copyrights
and licensing are explained in src/wps/wps_upnp.c in more detail.
2009-01-29 18:47:02 +02:00
Jouni Malinen
1e14526571 Use Data::Data only with Host AP driver; mac80211 can use Data::Nullfunc
The inactivity poll was originally supposed to use Data::Nullfunc, but
due to Prism2/2.5/3 firmware issues, this was changed to an empty
Data::Data frame. mac80211 does not have such an issue, so change the
inactivity poll frame to be Data::Nullfunc by default and use the
Data::Data workaround only with Host AP driver.
2009-01-27 16:36:27 +02:00
Jouni Malinen
f01a6b1e3e driver_nl80211: Fixed inactivity poll status processing
Previous version was discarding TX status for FromDS data frames, but
those are the exact ones that we need to check for inactivity poll to
work, i.e., they are TX status reports for injected data frames.

In addition, remove the debug printing of TX status for data frame since
that could fill up the debug output if kernel-side filtering cannot be
used with monitor interface.
2009-01-27 16:34:48 +02:00
Johannes Berg
9616af520b driver_nl80211: use Linux socket filter to improve performance
TX status information for all transmitted data frames is not going to
be sent to hostapd anymore, so the CPU load with high traffic load is
going to be significantly reduced.
2009-01-27 12:28:05 +02:00
Jouni Malinen
7ce3304ab3 Do not forget wpa_passphrase so that WPS can use it
Send ASCII passphrase instead of derived PSK if the configuration uses
the passphrase.
2009-01-24 12:51:28 +02:00
Jouni Malinen
3b2cf800af WPS: Lock AP Setup on multiple AP PIN validation failures
If a Registrar tries to configure the AP, but fails to validate the
device password (AP PIN), lock the AP setup after four failures. This
protects the AP PIN against brute force guessing attacks.
2009-01-23 21:57:43 +02:00
Jouni Malinen
4c29cae932 Added ap_settings option for overriding WPS AP Settings in M7
This optional configuration parameter can be used to override AP
Settings attributes in M7 similarly to extra_cred option for Credential
attribute(s) in M8.
2009-01-23 21:08:55 +02:00
Jouni Malinen
6296625308 Free extra_cred when freeing configuration 2009-01-23 20:51:26 +02:00
Jouni Malinen
401e039633 Allow WPS device strings to be unconfigured
Previous version was causing a NULL pointer dereference if a required
string was not set in configuration. It is better to make these
optional.
2009-01-22 21:26:14 +02:00
Jouni Malinen
695e2b48e2 Documented interface for external WPS credential processing 2009-01-21 16:42:11 +02:00
Jouni Malinen
a60e7213e1 Fixed WPS with open and shared WEP networks
Do not initialize EAPOL state machine for the STA when hostapd is
configured to use WPS with open or shared WEP networks. This allows the
STA to use EAPOL-Start to indicate it wants to start WPS in such a case
and hostapd does not end up running through EAPOL authentication timeout
and disconnecting the STA if WPS is not used.

There was already code for starting EAPOL state machines based on
received EAPOL packets, but that was not working properly since
portEnabled was not set to TRUE on that code path. This is now fixed,
too.
2009-01-21 14:18:14 +02:00
Jouni Malinen
aabe26a136 WPS: Added option to disable AP auto-config on first registration
This operation can now be moved into an external program by configuring
hostapd with wps_cred_processing=1 and skip_cred_build=1. A new
ctrl_iface message (WPS-REG-SUCCESS <Enrollee MAC addr> <UUID-E>) will
be used to notify external programs of each successful registration and
that can be used as a tricker to move from unconfigured to configured
state.
2009-01-21 13:48:10 +02:00
Jouni Malinen
d745c7cc1a Added wps_cred_processing configuration option for hostapd
This behaves like the one in wpa_supplicant, i.e., hostapd can be
configured not to process new credentials (AP settings) internally and
instead pass the WPS attributes for an external program to process over
ctrl_iface.
2009-01-21 11:54:12 +02:00
Jouni Malinen
42d16805c9 Enable wpa_msg() for hostapd
Use wpa_msg() like wpa_supplicant in order to avoid having to use direct
hostapd_ctrl_iface_send() calls.
2009-01-21 11:45:56 +02:00
Jouni Malinen
1cc84c1c6b Increased wpa_cli/hostapd_cli ping interval and made it configurable
The default interval is now 5 seconds (used to be 1 second for
interactive mode and 2 seconds for wpa_cli -a). The interval can be
changed with -G<seconds> command line option.
2009-01-20 21:12:00 +02:00
Jouni Malinen
adddffd129 Fixed MFP Association Comeback mechanism to use Timeout Interval IE
The separate Association Comeback Time IE was removed from IEEE 802.11w
and the Timeout Interval IE (from IEEE 802.11r) is used instead. The
editing on this is still somewhat incomplete in IEEE 802.11w/D7.0, but
still, the use of Timeout Interval IE is the expected mechanism.
2009-01-19 18:42:10 +02:00
Jouni Malinen
eca6e0a9a5 WPS: Provide the unparsed Credential attribute to cred_cb()
This makes it easier to pass the credential data to external programs
(e.g., Network Manager) for processing. The actual use of this data is
not yet included in hostapd/wpa_supplicant.
2009-01-17 22:17:12 +02:00
Jouni Malinen
6fa68a0ee5 Added an option to add (or override) Credential attribute(s) in M8 2009-01-16 22:50:41 +02:00
Jouni Malinen
4bb081f1b4 Renamed PMKSA cache functions to avoid duplicate symbols with supplicant
This allows hostapd/pmksa_cache.c and src/rsn_supp/pmksa_cache.c to be
linked into the same program.
2009-01-14 22:01:26 +02:00
Jouni Malinen
13268290b6 Moved rsn_pmkid() into shared code to avoid duplication 2009-01-14 21:31:47 +02:00
Jouni Malinen
010dc06853 Moved RADIUS Class attribute helpers into RADIUS module 2009-01-13 20:01:29 +02:00
Jouni Malinen
61e64e7b7f Removed dead code 2009-01-13 19:15:42 +02:00
Jouni Malinen
c77bb61aee Fixed copy-paste error in retry configuration (incorrect ioctl used) 2009-01-13 19:14:38 +02:00
Jouni Malinen
25ba219f3e Removed unused set_regulatory_domain driver function 2009-01-13 19:12:25 +02:00
Jouni Malinen
f49275c92f Fixed build without CONFIG_IEEE80211N 2009-01-12 22:08:53 +02:00
Jouni Malinen
4cdde5caf7 Fixed a typo in printf -> wpa_printf changes 2009-01-12 22:06:51 +02:00
Jouni Malinen
24bb3d9788 Fixed build with wpa_printf disabled 2009-01-12 22:06:06 +02:00
Jouni Malinen
a9843f614f Removed hw_features.o from build if hostapd MLME is not used 2009-01-12 22:03:58 +02:00
Jouni Malinen
7fd46d466f Added build option for disabling control interface (CONFIG_NO_CTRL_IFACE) 2009-01-12 21:44:57 +02:00
Jouni Malinen
30b32314eb Added build option for removing VLAN support (CONFIG_NO_VLAN) 2009-01-12 21:39:19 +02:00
Jouni Malinen
71f04b3cf9 Fixed CONFIG_NO_HOSTAPD_LOGGER build 2009-01-12 21:21:31 +02:00
Jouni Malinen
27750f29d6 Comment out RADIUS configuration parsing if RADIUS client support is
disabled in the build.
2009-01-12 16:49:39 +02:00
Jouni Malinen
10656fc23a Replaced printf() calls with wpa_printf() 2009-01-12 16:49:04 +02:00
Jouni Malinen
815d2189d9 Remove TLS-PRF from hostapd build if it is not needed 2009-01-12 15:20:12 +02:00
Jouni Malinen
03ba2cb4c6 Added CONFIG_NO_AES_EXTRAS for hostapd
This allows unneeded AES routines to be removed from the build to reduce
binary size.
2009-01-12 15:15:35 +02:00
Jouni Malinen
bc521fac13 Fixed couple of build failures with minimal configuration 2009-01-12 15:08:33 +02:00
Jouni Malinen
3904625396 Silenced some sparse warnings 2009-01-11 10:42:07 +02:00
Jouni Malinen
b7fc385071 Fixed build with 802.11n disabled 2009-01-10 21:36:41 +02:00
Jouni Malinen
5fa30f32da Cleaned up main() by splitting it into number of helper functions 2009-01-09 18:04:57 +02:00
Jouni Malinen
b5b969e9c7 Moved driver callback functions from hostapd.c to a new file 2009-01-09 17:27:03 +02:00
Jouni Malinen
81897f4c88 Moved TKIP countermeasures from hostapd.c to its own file 2009-01-09 17:12:33 +02:00
Jouni Malinen
9302c5e19c Cleanup: move related functions closer to eachother 2009-01-09 17:06:54 +02:00
Jouni Malinen
3313cea0d6 Fixed TKIP countermeasueres for drivers that do not use hostapd MLME
The Michael MIC reporting functions have to be included even when using
driver MLME.
2009-01-09 17:00:29 +02:00
Jouni Malinen
649d8890b1 Add wrapper functions for IEEE 802.11 driver calls into driver.h
These functions allow the driver_*.c wrappers not to include
ieee802_11.h.
2009-01-09 16:55:59 +02:00
Jouni Malinen
b83cbb3b3b Use a wrapper function for ieee802_1x_receive() to avoid ieee802_1x.h
Driver wrappers should not need to include ieee802_1x.h, so use a
wrapper function declared in driver.h.
2009-01-09 16:33:59 +02:00
Jouni Malinen
33eb3c4ec4 Moved disassociation processing away from driver_*.c 2009-01-09 16:27:30 +02:00
Jouni Malinen
940a0ce970 Moved association check from driver_*.c into ieee802_1x_receive() 2009-01-09 16:17:20 +02:00
Jouni Malinen
602996f8db Moved WPA setup etc. association processing away from driver_*.c
This is all details that should not need to be handled in driver_*.c.
2009-01-09 16:13:07 +02:00
Jouni Malinen
214021f585 Move RX-from-unknown-STA processing away from driver_*.c
This cleans up the driver wrapper interface by getting rid of sta_info.h
dependency in all drivers that use MLME implementation in hostapd
(driver_hostap.c and driver_nl80211.c).
2009-01-09 15:44:45 +02:00
Jouni Malinen
8607f4c31f Moved TX status processing for STA entries away from driver_*.c
Driver wrappers should not need to know about this level of core hostapd
details.
2009-01-09 15:33:36 +02:00
Jouni Malinen
76e2592190 Share the same radiotap helper implementation 2009-01-09 15:22:19 +02:00
Jouni Malinen
d200828b41 Moved rfc1042_header into driver_*.c that use it
No need to share such a small buffer and make hostapd.[ch] more complex
with it.
2009-01-09 15:06:48 +02:00
Jouni Malinen
a2f517fb93 Fixed a typo in a comment 2009-01-09 15:01:50 +02:00
Jouni Malinen
8d06da09a4 Move generic definitions away from hostapd.h
This is an initial step in trying to make hostapd.h not needed to be
included in so many files.
2009-01-08 20:14:05 +02:00
Jouni Malinen
bfddd95c9e Split hostapd/driver.h into two files
driver.h contains the definitions needed in driver wrapper
implementations (driver_*.c) and driver_i.h contains the definitions
that are used in core hostapd code to interact with the driver wrappers.
2009-01-08 20:02:56 +02:00
Jouni Malinen
f88bd28836 Added support for removing RADIUS accounting and RADIUS in general
CONFIG_NO_ACCOUNTING=y and CONFIG_NO_RADIUS=y build options can now be
used to remove RADIUS support from the hostapd build.
2009-01-08 19:15:25 +02:00
Jouni Malinen
9c584c06bd Remove MLME code from build if none of the enabled drivers need it 2009-01-08 18:40:14 +02:00
Jouni Malinen
bb305cbdcc Replaced printf() with wpa_printf() 2009-01-08 16:57:04 +02:00
Jouni Malinen
03018d3e7c Added CONFIG_NO_STDOUT_DEBUG for hostapd
This is similar to one in wpa_supplicant and can be used to reduce the
binary size by removing debugging messages.
2009-01-08 16:47:04 +02:00
Jouni Malinen
7d02e64157 Mark shared secret const in RADIUS client routines 2009-01-08 16:41:47 +02:00
Jouni Malinen
1c6e69ccda Moved documentation from developer.txt into source code files
Use Doxygen comments for functions to replace the old text file that was
not up-to-date anymore.
2009-01-08 16:33:00 +02:00
Jouni Malinen
6f78f2fb3b Preparations for 0.6.7 release 2009-01-06 20:11:15 +02:00
Jouni Malinen
f58b20ce66 Fixed IMAGE_PATH for doxygen run in root directory 2009-01-04 14:44:33 +02:00
Jouni Malinen
2eba45c8de Added endianness annotation for sparse 2009-01-03 21:00:38 +02:00
Jouni Malinen
5306f43fc3 Fixed sparse warnings about integer vs. pointer use
The configuration parsing functions seemed to have worked fine before,
but these were real bugs even if they did not show up in practice.
hostapd_ip_diff() was broken for IPv6 addresses (overwrote address and
always returned 1.
2009-01-03 20:46:32 +02:00
Jouni Malinen
d953d9ab80 Removed sparse destinations since "CC=cgcc make" works fine 2009-01-03 20:39:52 +02:00
Jouni Malinen
7e5ba1b916 Mark functions static if not used elsewhere and use proper prototypes 2009-01-03 20:38:42 +02:00
Jouni Malinen
875f6d7b93 Create all doxygen docs from root directory to get proper path names
This updated all doxygen runs to use the same style that was used for
wpa_supplicant full documents. The full vs. fast configurations are now
otherwise identical apart from fast not generating dot files or
latex/pdf version of the documentation.
2009-01-03 09:59:12 +02:00
Jouni Malinen
a17df5fb8b Fixed number of doxygen warnings 2009-01-02 22:28:04 +02:00
Jouni Malinen
a4149765a2 Added more src subdirectories into doxygen docs 2009-01-02 22:27:17 +02:00
Jouni Malinen
4be048a8a6 Updated doxygen configuration files to work with new doxygen
The doxygen run is not exactly warning free yet, but this gets a step
closer to being able to produce something useful again.
2009-01-02 21:57:51 +02:00
Jouni Malinen
862e08a9a4 Include ieee802_11_defs.h explicitly instead of assuming it gets included
Some build configurations failed to compile because this file did not
get included.
2009-01-02 21:14:21 +02:00
Jouni Malinen
79da74a20c WPS: Generate UUID based on MAC address, if not set
Generate a SHA1 hash -based UUID from the local MAC address if the UUID
was not configured. This makes it easier to prepare for WPS since there
is no need to generate an UUID.
2009-01-01 22:56:52 +02:00
Jouni Malinen
e834272f73 Include pending MFP defines in nl80211_copy.h
This can be used to get rid of the extra cpp define since we have our
local copy of wireless.h and nl80211.h.
2008-12-31 18:10:14 +02:00
Jouni Malinen
ac43f1fa39 Renamed nl80211 HT channel parameters to match with kernel 2008-12-31 17:59:13 +02:00
Jouni Malinen
df1e9601a4 Fixed SA Query Request length
Do not send extra 24 octets of random data in the end.
2008-12-31 17:50:14 +02:00
Jouni Malinen
1aa5c13471 Clear BIP keys, too, when removing broadcast keys with MFP enabled 2008-12-31 17:49:43 +02:00
Jouni Malinen
d5263983ac MFP: Remove mac80211 workaround of IGTK in monitor netdev
mac80211 can now figure out which key to use for injected frames (in
most cases), so we can remove the workaround for configuring IGTK on the
monitor interface that is used for injecting frames.
2008-12-31 17:48:13 +02:00
Jouni Malinen
88b4b4246d Added ctrl_interface command for sending a SA Query request
This can be useful for testing IEEE 802.11w functionality, so provide
means for manual request to send a SA Query request.
2008-12-30 18:04:29 +02:00
Jouni Malinen
805e6dc663 Disconnect the STA if EAP timeout is reached
There is not really much else the Authenticator can do if it does not
receive valid EAP response from the Supplicant/EAP peer. EAP-Failure
would need to be sent before trying to start again with
EAP-Request/Identity, but that is not allowed before the EAP peer
actually replies. Anyway, forcing a new association is likely to clean
up peer state, too, so it can help fixing some issues that could have
caused the peer not to be able to reply in the first place.
2008-12-29 19:16:48 +02:00
Jouni Malinen
8e09c6d253 Fixed retransmission of EAP requests if no response is received
It looks like this never survived the move from IEEE 802.1X-2001 to
IEEE 802.1X-2004 and EAP state machine (RFC 4137). The retransmission
scheduling and control is now in EAP authenticator and the
calculateTimeout() producedure is used to determine timeout for
retransmission (either dynamic backoff or value from EAP method hint).

The recommended calculations based on SRTT and RTTVAR (RFC 2988) are not
yet implemented since there is no round-trip time measurement available
yet.

This should make EAP authentication much more robust in environments
where initial packets are lost for any reason. If the EAP method does
not provide a hint on timeout, default schedule of 3, 6, 12, 20, 20, 20,
... seconds will be used.
2008-12-29 18:10:34 +02:00
Jouni Malinen
65d50f0ac6 Add RADIUS server support for identity selection hint (RFC 4284)
Previously, only the delivery option 1 from RFC 4284
(EAP-Request/Identity from the AP) was supported. Now option 3
(subsequent EAP-Request/Identity from RADIUS server) can also be used
when hostapd is used as a RADIUS server. The eap_user file will need to
have a Phase 1 user entry pointing to Identity method in order for this
to happen (e.g., "* Identity" in the end of the file). The identity hint
is configured in the same was as for AP/Authenticator case (eap_message
in hostapd.conf).
2008-12-26 20:22:12 +02:00
Andriy Tkachuk
d9f5626293 NEED_BASE64 for WPS
It looks like we need base64 routines when compiling WPS in hostapd
(used in src/wps/wps_registrar.c:910).
2008-12-26 16:40:27 +02:00
Jouni Malinen
6f5c8dbd79 Added a TODO item for sending protected Disassoc after failed SA Query 2008-12-26 15:56:30 +02:00
Jouni Malinen
cae93bdc9c Added a note about IEEE 802.11w/D7.0 update 2008-12-26 12:59:07 +02:00
Jouni Malinen
8f4617c6c4 Do not use SA Query procedure if reassociation is part of FT 2008-12-26 12:55:35 +02:00
Jouni Malinen
ff89afb77b Add Key Length field into IGTK sub-element (FTIE) per 802.11w/D7.0 2008-12-26 12:49:15 +02:00
Jouni Malinen
45c94154a6 Updated SA Query procedure to use timeouts per 802.11w/D7.0
The previous max_attempts * timeout is now replaced with two timeouts
(one for each retry, the other one for maximum wait).
2008-12-26 12:30:34 +02:00
Jouni Malinen
93b76319f1 Renamed Ping procedure into SA Query procedure per 802.11w/D7.0
This commit changes just the name and Action category per D7.0. The
retransmit/timeout processing in the AP is not yet updated with the
changes in D7.0.
2008-12-26 11:46:21 +02:00
Jouni Malinen
9a9876bf9c Fixed the MFP Status/Reason Code values per 802.11w/D7.0 2008-12-26 11:29:17 +02:00
Jouni Malinen
ff36ff00b8 Reject association if HT STA tries to use TKIP as pairwise cipher 2008-12-22 14:05:53 +02:00
Jouni Malinen
f130ba9b4a Allow HT to be enabled for a STA even without WMM
The STA won't be able to use block ACK/aggregation, but at least it
should be allowed to use MCS rates and HT40.
2008-12-22 13:05:33 +02:00
Jouni Malinen
e6f9861ace Added a note about mac80211-based drivers and nl80211 2008-12-20 13:02:29 +02:00
Jouni Malinen
a2b3a34bab IANA allocated EAP method type 51 to EAP-GPSK 2008-12-20 12:39:24 +02:00
Jouni Malinen
bae61562a4 Cleaned up EAPOL-Key timeout processing
dot11RSNAConfigGroupUpdateTimeOut and
dot11RSNAConfigPairwiseUpdateTimeOut MIB variables were only used in
draft versions of IEEE 802.11i, so rename these in order not to use
confusing name here.

Replaced EAPOL-Key timeout to use following timeouts (in
milliseconds): 100,1000,1000,1000 (this was 1000,1000,1000,0). There
is no point in sending out the final EAPOL-Key frame which would be
immediately followed by disconnection. After the change to allow
response to any pending EAPOL-Key frame, it is fine to send the first
retransmission quickly to avoid long wait in cases where Supplicant
did not receive the first frame for any reason. The new sequence will
still provide 3.1 seconds of time to get any response frame, so this
does not reduce the previous time.
2008-12-18 17:15:36 +02:00
Jouni Malinen
47f72245e2 Do not allow HT with WPA/WPA2 to be enabled without CCMP
IEEE 802.11n does not allow HT STAs to use TKIP between themselves, so
do do allow a configuration that would force this to happen if HT is
used.
2008-12-17 12:16:13 +02:00
Jouni Malinen
22a299ee9d Improve EAPOL-Key handshake stability with retransmitted frames
Accept response to any pending request, not just the last one. This
gives the Supplicant more time to reply since hostapd will now allow up
to three seconds for the reply to the first EAPOL-Key frame transmission
(and two seconds for the first retry and one second for the last) while
the previous version invalidated any old request immediately when
sending a retransmitted frame.

If the Supplicant replies to more than one request, only the first reply
to arrive at the Authenticator will be processed. As far as the
Supplicant is concerned, this behavior does not differ from the previous
one except for being less likely to cause unneeded retransmissions of
EAPOL-Key frames.

This can help in cases where power saving is used when the group key is
rekeyed or when there is excessive traffic on the channel that can delay
(or drop) EAPOL-Key frames.
2008-12-16 14:17:33 +02:00
Jouni Malinen
75fc67e97b driver_test: Handle WPS IE in non-MLME test 2008-12-12 22:52:56 +02:00
Jouni Malinen
e33bbd8f4d driver_test: Optional support for using UDP socket
driver_test can now be used either over UNIX domain socket or UDP
socket. This makes it possible to run the test over network and makes it
easier to port driver_test to Windows.

hostapd configuration: test_socket=UDP:<listen port>
wpa_supplicant configuration: driver_param=test_udp=<dst IP addr>:<port>
2008-12-12 21:35:22 +02:00
Jouni Malinen
9a6cec7bc6 Added CONFIG_IEEE80211N into defconfig (commented out) 2008-12-10 00:46:55 +02:00
Jouni Malinen
cfb7e8a086 Fixed build without CONFIG_IEEE80211N 2008-12-10 00:45:57 +02:00
Jouni Malinen
fecc01663b Updated the comment about libnl to state that version 1.1 is new enough 2008-12-09 22:41:01 +02:00
Jouni Malinen
205a372b2d Added libnl 2.0 compatibility code (CONFIG_LIBNL20=y in .config needed)
Unfortunately, at least the current libnl git snapshot changes the API
in backwards incompatible way and in a way that makes it difficult to
to allow building against the latest libnl code.
2008-12-08 22:40:58 +02:00
Jouni Malinen
d9f2b1c382 driver_test: Added support for testing WPS without use_mlme 2008-12-08 21:42:01 +02:00
Jouni Malinen
7e45830ab7 nl80211: Include copy of linux/nl80211.h with hostapd/wpa_supplicant
This makes it easier to build the packages and allows all new features
to be built into the binary regardless of which kernel is currently
used.
2008-12-08 11:04:13 +02:00
Jouni Malinen
a9d1364c5f Merged EAP-AKA' into eap_aka.c and added it to defconfig/ChangeLog 2008-12-07 19:24:56 +02:00
Jouni Malinen
bb9f45e0bb nl80211: Remove the debug print from data frame processing
This is currently happening way too frequently (mac80211 monitor
interface sends TX info for every frame) and the end result makes it
difficult to read hostapd debug log if there is large amount of data
traffic.
2008-12-04 14:20:33 +02:00
Jouni Malinen
4a7b9f885f Fixed WEP authentication (both Open System and Shared Key) with mac80211
Only one of the authentication frame types is encrypted. In order for
static WEP encryption to work properly (i.e., to not encrypt the frame),
we need to tell mac80211 about the frames that must not be encrypted.
2008-12-04 13:21:35 +02:00
Jouni Malinen
f07688e37d nl80211: Generate 802.11b mode based on 802.11g information
If the phy info from nl80211 does not include 802.11b mode, generate
that mode based on 802.11g information. This allows hw_mode=b to be used
with drivers that support 2.4 GHz band.
2008-12-03 12:42:21 +02:00
Jouni Malinen
8c37556cd1 Add a starting point for EAP-AKA' (draft-arkko-eap-aka-kdf-10)
This is just making an as-is copy of EAP-AKA server and peer
implementation into a new file and by using the different EAP method
type that is allocated for EAP-AKA' (50). None of the other differences
between EAP-AKA and EAP-AKA' are not yet included.

It is likely that once EAP-AKA' implementation is done and is found to
work correctly, large part of the EAP-AKA and EAP-AKA' code will be
shared. However, it is not reasonable to destabilize EAP-AKA
implementation at this point before it is clearer what the final
differences will be.
2008-12-02 20:12:49 +02:00
Jouni Malinen
e8ff1e594e Fixed non-HT (and GF, 20 MHz) counting
Must not count the same STA multiple times if it reassociates back to
the same AP without the old STA entry being removed.
2008-12-02 14:32:05 +02:00
Jouni Malinen
08bec36178 WPS: Added support for wildcard PINs that work with any UUID-E
Since the Registrar may not yet know the UUID-E when a new PIN is
entered, use of a wildcard PIN that works with any UUID-E can be useful.
Such a PIN will be bound to the first Enrollee trying to use it and it
will be invalidated after the first use.
2008-11-30 20:32:03 +02:00
Jouni Malinen
30f5c941aa WPS: Added note about update_config and added WPS to ChangeLog 2008-11-30 17:48:45 +02:00