Some APs don't include a CSA IE when an ECSA IE is generated,
and mac80211 used to fail following their channel switch. Add
a testing option to hostapd to allow reproducing the behavior.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This allows the binary sizes to be reduced if no support for nl80211
vendor extensions are needed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The new no_auth_if_seen_on=<ifname> parameter can now be used to
configure hostapd to reject authentication from a station that was seen
on another radio.
This can be used with enabled track_sta_max_num configuration on another
interface controlled by the same hostapd process to reject
authentication attempts from a station that has been detected to be
capable of operating on another band, e.g., to try to reduce likelihood
of the station selecting a 2.4 GHz BSS when the AP operates both a 2.4
GHz and 5 GHz BSS concurrently.
Note: Enabling this can cause connectivity issues and increase latency for
connecting with the AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new no_probe_resp_if_seen_on=<ifname> parameter can now be used to
configure hostapd to not reply to group-addressed Probe Request from a
station that was seen on another radio.
This can be used with enabled track_sta_max_num configuration on another
interface controlled by the same hostapd process to restrict Probe
Request frame handling from replying to group-addressed Probe Request
frames from a station that has been detected to be capable of operating
on another band, e.g., to try to reduce likelihood of the station
selecting a 2.4 GHz BSS when the AP operates both a 2.4 GHz and 5 GHz
BSS concurrently.
Note: Enabling this can cause connectivity issues and increase latency
for discovering the AP.
Signed-off-by: Jouni Malinen <j@w1.fi>
hostapd can now be configured to track unconnected stations based on
Probe Request frames seen from them. This can be used, e.g., to detect
dualband capable station before they have associated. Such information
could then be used to provide guidance on which colocated BSS to use in
case of a dualband AP that operates concurrently on multiple bands under
the control of a single hostapd process.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds a new helper function wpa_ctrl_open2() that can be used
instead of wpa_ctrl_open() to override the default client socket
directory. Add optional -s<directory path> argument to hostapd_cli and
wpa_cli to allow the client socket directory to be specified.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
While the EAPOL-Key MIC derivation was already changed from SHA256 to
SHA384 for the Suite B 192-bit AKM, KDF had not been updated similarly.
Fix this by using HMAC-SHA384 instead of HMAC-SHA256 when deriving PTK
from PMK when using the Suite B 192-bit AKM.
Signed-off-by: Jouni Malinen <j@w1.fi>
This new hostapd configuration parameter can be used to enable TLS
session resumption. This commit adds the configuration parameter through
the configuration system and RADIUS/EAPOL/EAP server components. The
actual changes to enable session caching will be addressed in followup
commits.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows the new own_ie_override=<hexdump> configuration parameter to
be used to replace the normally generated WPA/RSN IE(s) for testing
purposes in CONFIG_TESTING_OPTIONS=y builds.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add support to read/configure log_level using hostapd control interface
LOG_LEVEL command similarly to what was already supported in
wpa_supplicant.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The new CONFIG_NO_RC4=y build option can be used to remove all internal
hostapd and wpa_supplicant uses of RC4. It should be noted that external
uses (e.g., within a TLS library) do not get disabled when doing this.
This removes capability of supporting WPA/TKIP, dynamic WEP keys with
IEEE 802.1X, WEP shared key authentication, and MSCHAPv2 password
changes.
Signed-off-by: Jouni Malinen <j@w1.fi>
This behaves similarly to the same option in wpa_supplicant, i.e., adds
-ldl when linking in libcrypto from OpenSSL.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is needed when enabling TLSv1.2 support for EAP-FAST since the
SSL_export_keying_material() call does not support the needed parameters
for TLS PRF and the external-to-OpenSSL PRF needs to be used instead.
Signed-off-by: Jouni Malinen <j@w1.fi>
hapd->iface->fst must not be overridden if it is already pointing to FST
instance. Without this, duplicated FST-ATTACH could result in memory
leak and process termination.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds CONFIG_ELOOP_POLL=y and CONFIG_ELOOP_EPOLL=y options to
hostapd build options similarly to how these were implemented for
wpa_supplicant.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The functions parsing configuration parameters do not modify the name of
the parameter, so mark that function argument constant. In theory, the
value should also be const, but at least for now, number of the parser
functions end up modifying this to simplify parsing.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds a new global control interface command DUP_NETWORK with the
following syntax:
DUP_NETWORK src_ifname dst_ifname param
The currently supported parameters:
wpa
wpa_key_mgmt
wpa_pairwise
rsn_pairwise
wpa_passphrase
wpa_psk
The specified configuration parameter is copied from the source
interface to the destination interface. The main use for this is to
allow cloning of security configuration without having to expose the
keys from the hostapd process.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This new mechanism can be used to combine multiple periodic AP
(including P2P GO) task into a single eloop timeout to minimize number
of wakeups for the process. hostapd gets its own periodic caller and
wpa_supplicant uses the previously added timer to trigger these calls.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
For some reason, snprintf() was not seen as sufficient to remove
potentially tainted string from fgets() before passing this to rename().
This does not make much sense, but anyway, try to get rid of the warning
by using a separate buffer for the internally written file names.
(CID 72690)
Signed-off-by: Jouni Malinen <j@w1.fi>
This can help when running multiple hostapd_cli instances
per interface and need to kill them correspondingly.
Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qti.qualcomm.com>
Depending on the number of antennas, the txbf sounding
and steering capabilites need to be extended.
Signed-off-by: Vivek Natarajan <nataraja@qti.qualcomm.com>
This patch implements global to local control interface redirection in
the same way as it's done for wpa_supplicant. Any global control
interface command beginning with "IFNAME=..." will be routed to the
corresponding local control interface handler.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The newly introduced function will be used in followup commits to handle
requests redirected from the global control interface.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit implements hostapd global control interface notifications
infrastructure. hostapd global control interface clients issue
ATTACH/DETACH commands to register and deregister with hostapd
correspondingly - the same way as for any other hostapd/wpa_supplicant
control interface.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This new control interface command "EAPOL_REAUTH <MAC address>
<parameter> <value>" can be used to implement the IEEE 802.1X PAE
Set Authenticator Configuration operation.
Signed-off-by: Jouni Malinen <j@w1.fi>
This new control interface command "EAPOL_REAUTH <MAC address>" can be
used to implement the IEEE 802.1X PAE Reauthenticate operation.
Signed-off-by: Jouni Malinen <j@w1.fi>
The IPv4 header after the Ethernet header is not 32-bit aligned and the
previous version ended up accessing 32-bit members at misaligned
addresses.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new TEST_FAIL and GET_FAIL control interface commands can be used
similarly to the earlier TEST_ALLOC_FAIL/GET_ALLOC_FAIL design. The new
version is more generic framework allowing any function to be annotated
for failure testing with the TEST_FAIL() macro. This mechanism is only
available in builds with CONFIG_WPA_TRACE_BFD=y and
CONFIG_TESTING_OPTIONS=y. For other builds, the TEST_FAIL() macro is
defined to return 0 to allow the compiler to remove the test code from
normal production builds.
As the first test site, allow os_get_random() to be marked for failing
based on call backtrace.
Signed-off-by: Jouni Malinen <j@w1.fi>
The cwmin/cwmax parameters were limited more than is needed. Allow the
full range (0..15 for wmm_ac_??_{cwmin,cwmax} and 1..32767 for
tx_queue_data?_{cwmin,cwmax}) to be used.
Signed-off-by: Jouni Malinen <j@w1.fi>
If BOARD_HOSTAPD_PRIVATE_LIB is not used on an Android build, we will
need to replace both the p2p functions *and* wpa_driver_nl80211_driver_cmd
in order to successfully link. Let's make the name more generic so it is
more obvious what it is used for.
Suggested-by: Dmitry Shmidt <dimitrysh@google.com>
Signed-off-by: Kevin Cernekee <cernekee@google.com>
When hostapd or wpa_supplicant is run in debug more with key material
prints allowed (-K on the command line), it is possible for passwords
and keying material to show up in debug prints. Since some of the debug
cases end up allocating a temporary buffer from the heap for processing
purposes, a copy of such password may remain in heap. Clear these
temporary buffers explicitly to avoid causing issues for hwsim test
cases that verify contents of memory against unexpected keys.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Instead of an int variable with magic values 0, 1, 2, use an enum that
gives clearer meaning to the values now that the original boolean type
global argument is not really a boolean anymore.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The standard hardcodes the MU Beamformee Capable subfield is hardcoded
to 0 when transmitting by an AP, so there is no need to provide a
configuration parameter for setting this to one.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
When device supports dual band operations with offloaded ACS, hw_mode
can now be set to any band (hw_mode=any) in order to allow ACS to select
the best channel from any band. After a channel is selected, the hw_mode
is updated for hostapd.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
OpenSSL is moving to use 2048-bit DH key size as the default with
dhparam. Increase the value in the hostapd.conf to match that to reduce
likelihood of ending up using a shorter key.
Signed-off-by: Jouni Malinen <j@w1.fi>
Handling of WPS RF band for 60 GHz was missing. Add it in all relevant
places and also map "AES" as the cipher to GCMP instead of CCMP when
operating on the 60 GHz band.
Signed-off-by: Hamad Kadmany <qca_hkadmany@qca.qualcomm.com>
This can be used with Proxy ARP to allow multicast NAs to be forwarded
to associated STAs using link layer unicast delivery. This used to be
hardcoded to be enabled, but it is now disabled by default and can be
enabled with na_mcast_to_ucast=1. This functionality may not be desired
in all networks and most cases work without it, so the new
default-to-disabled is more appropriate.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
By analysing objdump output some read only structures were found in
.data section. To help compiler further optimize code declare these
as const.
Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
Some USIM use shorter RES length than the 64-bit default from Milenage.
Such cases did not interoperate with the hlr_auc_gw implementation. Make
it possible to configure the RES length 4..8 octets, i.e., 32 to 64
bits) to support such USIM.
Signed-off-by: Jouni Malinen <j@w1.fi>
If NEED_AP_MLME=y is not defined, compilation might
fail under some configurations:
src/ap/drv_callbacks.c:594:2: warning: implicit declaration of
function ‘hostapd_acs_completed’ [-Wimplicit-function-declaration]
src/ap/sta_info.c:253: undefined reference to `sae_clear_retransmit_timer'
Fix these errors by adding the missing hostapd_acs_completed() stub,
and defining NEED_AP_MLME in case of CONFIG_SAE.
Signed-off-by: Eliad Peller <eliad@wizery.com>
This replaces the internal CBC mode implementation in
aes_128_cbc_encrypt() and aes_128_cbc_decrypt() with the OpenSSL
implementation for CONFIG_TLS=openssl builds.
Signed-off-by: Jouni Malinen <j@w1.fi>
This should make it more obvious to users that they have a fatal
configuration problem in hostapd authentication server.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Update ACS driver offload feature for VHT configuration. In addition,
this allows the chanlist parameter to be used to specify which channels
are included as options for the offloaded ACS case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
SChannel/CryptoAPI as a TLS/crypto library alternative was never
completed. Critical functionality is missing and there are bugs in this
implementation. Since there are no known plans of completing this
support, it is better to remove this code.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new hostapd.conf parameter radius_client_addr can now be used to
select a specific local IP address to be used as the RADIUS client
address.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new hostapd parameters auth_server_addr_replace and
acct_server_addr_replace can now be used to replace the configured IP
address instead of adding a new RADIUS server. This is mainly useful for
testing purposes where the address can be changed over control interface
during AP operation.
Signed-off-by: Jouni Malinen <j@w1.fi>
This change adds the function hostapd_config_clear_wpa_psk() that
deletes an entire wpa_psk structure, making sure to follow the linked
list and to free the allocated memory of each PSK node. This helps to
prevent memory leaks when using PSKs from multiple sources and
reconfiguring the AP during runtime.
Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
This can be used to ask Beacon frames to be updated explicitly, e.g.,
after a dynamic configuration parameter change. This can also be used to
start beaconing on an interface that was started with start_disabled=1.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The new acs_chan_bias configuration parameter is a space-separated list
of <channel>:<bias> pairs. It can be used to increase (or decrease) the
likelihood of a specific channel to be selected by the ACS algorithm.
The total interference factor for each channel gets multiplied by the
specified bias value before finding the channel with the lowest value.
In other words, values between 0.0 and 1.0 can be used to make a channel
more likely to be picked while values larger than 1.0 make the specified
channel less likely to be picked. This can be used, e.g., to prefer the
commonly used 2.4 GHz band channels 1, 6, and 11 (which is the default
behavior on 2.4 GHz band if no acs_chan_bias parameter is specified).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This parameter has been available for more than just testing purposes,
i.e., OBSS scanning has already been used to enable 20-to-40 MHz channel
changes on 2.4 GHz.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Some packages don't install its headers in the default directory
(e.g.: In Arch Linux libiberty and libn13 includes are installed)
in their own subdirectory under /usr/include) and the build fails
trying to find the headers.
This patch will allow passing extra CFLAGS values without discarding
the assignments made in the Makefile. The CFLAGS values in the Makefile
are ignored, if defined directly in the make command line.
Signed-off-by: Roger Zanoni <roger.zanoni@openbossa.org>
This replaces the implementation in aes-wrap.c and aes-unwrap.c with
OpenSSL AES_wrap_key() and AES_unwrap_key() functions when building
hostapd or wpa_supplicant with OpenSSL.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Use OpenSSL HMAC_* functions to implement HMAC-MD5 instead of depending
on the src/crypto/md5.c implementation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add the possibility to define a subset of channels used by the ACS
engine when not operating on DFS channels.
Signed-off-by: Adrien Decostre <ad.decostre@gmail.com>
This allows vendor specific information element to be used to advertise
support for VHT on 2.4 GHz band. In practice, this is used to enable use
of 256 QAM rates (VHT-MCS 8 and 9) on 2.4 GHz band.
This functionality is disabled by default, but can be enabled with
vendor_vht=1 parameter in hostapd.conf if the driver advertises support
for VHT on either 2.4 or 5 GHz bands.
Signed-off-by: Yanbo Li <yanbol@qti.qualcomm.com>
This new wpa_supplicant and hostapd control interface command can be
used to determine which TLS library is used in the build and what is the
version of that library.
Signed-off-by: Jouni Malinen <j@w1.fi>
NSS as a TLS/crypto library alternative was never completed and this
barely functional code does not even build with the current NSS version.
Taken into account that there has not been much interest in working on
this crypto wrapper over the years, it is better to just remove this
code rather than try to get it into somewhat more functional state.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new control interface command TEST_ALLOC_FAIL and GET_ALLOC_FAIL can
now be used to trigger memory allocation failures for testing purposes.
TEST_ALLOC_FAIL sets a failure conditions with
<count>:func[;func][;func]... string and GET_ALLOC_FAIL returns the
current state using the same format. Whenever an allocation is made with
a matching backtrace of calling functions, the count is decremented by
one and once zero is reached, the allocation is forced to fail.
Function names can be prefixed with either '=' or '?' to get different
matching behavior. '=' requires this specific function to be the next
one in the backtrace (i.e., do not skip any other functions in the list
which is the default behavior). '?' allows the function to be optionally
present in the backtrace.
Signed-off-by: Jouni Malinen <j@w1.fi>
If hostapd will use stdout for debugging, set stdout to be line
buffered in case its output is redirected to a file. This allows
incremental output to be viewed immediately instead of at the file
buffering interval.
Signed-hostap: Paul Stewart <pstew@chromium.org>
This converts most of the remaining perror() and printf() calls from
hostapd and wpa_supplicant to use wpa_printf().
Signed-off-by: Jouni Malinen <j@w1.fi>
Makefile always installs to /usr/local/bin and on some platforms,
/usr/local/bin is not in default search path. Modify the Makefile such
that bin path can be configurable so that build system can pass
appropriate path for installation. If bin path is not specified then by
default binaries are installed in /usr/local/bin.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This can be used to drop any pending ERP key from both the internal AP
authentication server and RADIUS server use of hostapd.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new hostapd.conf radio_measurements parameter can now be used to
configure a test build to advertise support for radio measurements with
neighbor report enabled. There is no real functionality that would
actually process the request, i.e., this only for the purpose of minimal
STA side testing for now.
Signed-off-by: Jouni Malinen <j@w1.fi>
Derive rRK and rIK on EAP server if ERP is enabled and use these keys to
allow EAP re-authentication to be used and to derive rMSK.
The new hostapd configuration parameter eap_server_erp=1 can now be used
to configure the integrated EAP server to derive EMSK, rRK, and rIK at
the successful completion of an EAP authentication method. This
functionality is not included in the default build and can be enabled
with CONFIG_ERP=y.
Signed-off-by: Jouni Malinen <j@w1.fi>
hostapd can now be configured to transmit EAP-Initiate/Re-auth-Start
before EAP-Request/Identity to try to initiate ERP. This is disabled by
default and can be enabled with erp_send_reauth_start=1 and optional
erp_reauth_start_domain=<domain>.
Signed-off-by: Jouni Malinen <j@w1.fi>
hostapd was still providing couple of parameters that were used only in
the already removed driver_test.c framework.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new hostapd control interface command can be used in automated
testing to verify how AP processes Data frames with arbitrary contents.
This is enabled only in builds with CONFIG_TESTING_OPTIONS=y.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the device-based data connectivity tests to be extended for
bridge and VLAN interface cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This replaces the use of Linux kernel header files (linux/ip.h,
linux/udp.h, linux/ipv6.h, and linux/icmpv6.h) with equivalent header
files from C library. In addition, ndisc_snoop.c is now built
conditionally on CONFIG_IPV6=y so that it is easier to handle hostapd
builds with toolchains that do not support IPv6 even if Hotspot 2.0 is
enabled in the build.
Signed-off-by: Jouni Malinen <j@w1.fi>
hostapd control interface can now be used to request transmission of a
BSS Transition Management Request frame to a specified station.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit establishes the infrastructure, and handles the Neighbor
Solicitation and Neighbor Advertisement frames. This will be extended
in the future to handle other frames.
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
New kernels in wiphy_suspend() will call cfg80211_leave_all() that will
eventually end up in cfg80211_stop_ap() unless wowlan_triggers were set.
For now, use the parameters from the station mode as-is. It may be
desirable to extend (or constraint) this in the future for specific AP
mode needs.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
The new AKM uses a different mechanism of deriving the PMKID based on
KCK instead of PMK. hostapd was already doing this after the KCK had
been derived, but wpa_supplicant functionality needs to be moved from
processing of EAPOL-Key frame 1/4 to 3/4 to have the KCK available.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds definitions for the 128-bit level Suite B AKM 00-0F-AC:11. The
functionality itself is not yet complete, i.e., this commit only
includes parts to negotiate the new AKM.
Signed-off-by: Jouni Malinen <j@w1.fi>
Number of documentation and configuration files had references to the
madwifi driver interface that was removed in the previous commit. Remove
these references as well.
Signed-off-by: Jouni Malinen <j@w1.fi>
Proxy ARP allows the AP devices to keep track of the hardware address to
IP address mapping of the STA devices within the BSS. When a request for
such information is made (i.e., ARP request, Neighbor Solicitation), the
AP will respond on behalf of the STA device within the BSS. Such
requests could originate from a device within the BSS or also from the
bridge. In the process of the AP replying to the request (i.e., ARP
reply, Neighbor Advertisement), the AP will drop the original request
frame. The relevant STA will not even know that such information was
ever requested.
This feature is a requirement for Hotspot 2.0, and is defined in IEEE
Std 802.11-2012, 10.23.13. While the Proxy ARP support code mainly
resides in the kernel bridge code, in order to optimize the performance
and simplify kernel implementation, the DHCP snooping code was added to
the hostapd.
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
Add smps_modes field, and let the driver fill it with its supported SMPS
modes (static/dynamic). This will let us start an AP with specific SMPS
mode (e.g., dynamic) that will allow it to reduce its power usage.
Signed-off-by: Eliad Peller <eliad@wizery.com>
The new "bss_load_update_period" parameter can be used to configure
hostapd to advertise its BSS Load element in Beacon and Probe Response
frames. This parameter is in the units of BUs (Beacon Units).
When enabled, the STA Count and the Channel Utilization value will be
updated periodically in the BSS Load element. The AAC is set to 0 sinze
explicit admission control is not supported. Channel Utilization is
calculated based on the channel survey information from the driver and
as such, requires a driver that supports providing that information for
the current operating channel.
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
It is now possible to run hwsim_test like data connectivity test through
wpa_supplicant/hostapd control interface if CONFIG_TESTING_OPTIONS=y is
used for the build. Test functionality is enabled/disabled at runtime
with "DATA_TEST_CONFIG <1/0>". The "DATA_TEST_TX <dst> <src> <tos>"
command can be used to request a test frame to be transmitted.
"DATA-TEST-RX <dst> <src>" event is generated when the test frame is
received.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commands are already present in ctrl_iface.c (and parsed in
hostapd_ctrl_iface_receive() function) but not in hostapd_cli.c. This
patch updates hostapd_cli.c with matching functions.
Signed-off-by: Cedric Baudelet <cedric.baudelet@intel.com>
The new openssl_cipher configuration parameter can be used to select
which TLS cipher suites are enabled when hostapd is used as an EAP
server with OpenSSL as the TLS library.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new ext_eapol_frame_io parameter can be used to configure hostapd
and wpa_supplicant to use control interface for receiving and
transmitting EAPOL frames. This makes it easier to implement automated
test cases for protocol testing. This functionality is included only in
CONFIG_TESTING_OPTIONS=y builds.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Use os_exec() to run the action script operations to avoid undesired
command line processing for control interface event strings. Previously,
it could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use. (CVE-2014-3686)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Copy-paste error ended up getting rsn_pairwise_cipher value for both
rsn_pairwise_cipher and wpa_pairwise_cipher (CID 72693).
Signed-off-by: Jouni Malinen <j@w1.fi>
The local bss variable is used only within the while loop, so no need to
assign or even make it visible outside the loop.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add NULL checks to take care of issues reported by static analyzer tool
on potentially using NULL with printf format %s (which has undefined
behavior even though many compilers end up printing "(null)").
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Currently hostapd data structures aren't ready for multi-channel BSSes,
so make the command work now at least with single-channel multi-BSS
channel switching.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
The current RADIUS server pointer was updated after each SET command
which broke parsing of multiple RADIUS servers over the control
interface. Fix this by doing the final RADIUS server pointer updates
only once the full configuration is available.
Signed-off-by: Jouni Malinen <j@w1.fi>
ctrl_ifname was not being freed and allocated consistently by using
proper functions: os_free() and os_strdup(). This can result in
segmentation fault when these OS specific wrappers use different
implementation (e.g., with CONFIG_WPA_TRACE=y).
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
clang scan-build does not seem to like the 'd' suffix on floating
constants and ends up reporting analyzer failures. Since this suffix
does not seem to be needed, get rid of it to clear such warnings.
Signed-off-by: Jouni Malinen <j@w1.fi>
The conf->channel assignment was unreachable if CONFIG_ACS was not
defined, so move that to be under #else.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This avoids large number of undesired compiler warnings since Android
build system is added -Wextra.
Signed-off-by: Greg Hackmann <ghackmann@google.com>
This was used to fill in the "PSMP support" subfield that was defined
during P802.11n development. However, this subfield was marked reserved
in the published IEEE Std 802.11n-2009 and it is not supported by
current drivers that use hostapd for SME either. As such, there is not
much point in maintaining this field as ht_capab parameter within
hostapd either.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Some of the allocated configuration parameter did not free the previous
value if a configuration file or ctrl_iface SET command updated a
previously set value.
Signed-off-by: Jouni Malinen <j@w1.fi>
pos == NULL in almost all of the error cases here, so print the full
parameter value instead of the current position.
Signed-off-by: Jouni Malinen <j@w1.fi>
ap_sta_deauthenticate() does not necessarily send a Deauthentication
frame to the STA. Use ap_sta_disconnect() to drop the association so
that the notification frame goes out.
Signed-off-by: Jouni Malinen <j@w1.fi>
"user" MACACL "password" style lines in the eap_user file can now be
used to configured user entries for RADIUS-based MAC ACL.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add support of vendor command to hostapd ctrl_iface.
Vendor command's format:
VENDOR <vendor id> <sub command id> [<hex formatted data>]
The 3rd argument will be converted to binary data and then passed as
argument to the sub command.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
This adds a pointer to hostapd.conf to using 'iw list' with the current
nl80211 drivers to determine supported interface combinations.
Signed-off-by: Jouni Malinen <j@w1.fi>
There is not much point in building devices with WPS 1.0 only supported
nowadays. As such, there is not sufficient justification for maintaining
extra complexity for the CONFIG_WPS2 build option either. Remove this by
enabling WSC 2.0 support unconditionally.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
ht_capab=[40-INTOLERANT] can now be used to advertise that the BSS is 40
MHz intolerant to prevent other 20/40 MHz co-ex compliant APs from using
40 MHz channel bandwidth.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows hostapd to set a different management group cipher than the
previously hardcoded default BIP (AES-128-CMAC). The new configuration
file parameter group_mgmt_cipher can be set to BIP-GMAC-128,
BIP-GMAC-256, or BIP-CMAC-256 to select one of the ciphers defined in
IEEE Std 802.11ac-2013.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Some of the parsing code was using a bit too complex design and could be
simplified after the earlier return-on-error cleanups.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
There is no need for trying to count the number of errors in this
function since this is not a loop anymore and the return value will be
either 0 or 1.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The configuration file parsing routines were moved to a separate
function a while back, but left at the old indentation level to avoid
showing large diffs in the commit and to avoid conflicts with parallel
development in other branches. There is never a perfect time for this
type of changes, but we might as well finally get rid of that extra
indentation now with Hotspot 2.0 Rel 2 changes pulled in.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Different channels allow different transmission power, at least in ETSI
countries. Also, ETSI requires a "channel plan" for DFS operation, and
channels should be randomly choosen from these channels.
Add a channel list configuration option for users to add channels
hostapd may pick from.
Signed-hostap: Simon Wunderlich <sw@simonwunderlich.de>
Previously, EAP-SIM/AKA/AKA' did not work with number of crypto
libraries (GnuTLS, CryptoAPI, NSS) since the required FIPS 186-2 PRF
function was not implemented. This resulted in somewhat confusing error
messages since the placeholder functions were silently returning an
error. Fix this by using the internal implementation of FIP 186-2 PRF
(including internal SHA-1 implementation) with crypto libraries that do
not implement this in case EAP-SIM/AKA/AKA' is included in the build.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This error path must not try to free the user entry since that entry was
already added to the BSS list and will be freed when BSS is freed.
Signed-off-by: Jouni Malinen <j@w1.fi>
If eap_user_file is configured to point to an SQLite database, RADIUS
server code can use that database for log information.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This extends the design already available for Access-Request packets to
the RADIUS server and Access-Accept messages. Each user entry can be
configured to add arbitrary RADIUS attributes.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 354c903f8e added setting of
driver_ap_teardown on the hostapd exit path without taking into account
that this may also be called on an error path where the interface has
not been initialized. Fix the resulting NULL pointer dereference to
allow hostapd to exit cleanly in error case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
As per IEEE Std 802.11ac-2013, 'Maximum A-MPDU Length Exponent' field
value is in the range of 0 to 7. Previous implementation assumed EXP0 to
be the maximum length (bits 23, 24 and 25 set) what is incorrect.
This patch adds options to set it up within the 0 to 7 range.
Signed-off-by: Bartosz Markowski <bartosz.markowski@tieto.com>
This commit adds an option to optimize AP teardown by leaving the
deletion of keys (including group keys) and stations to the driver.
This optimization option should be used if the driver supports stations
and keys removal when stopping an AP.
For example, the optimization option will always be used for cfg80211
drivers since cfg80211 shall always remove stations and keys when
stopping an AP (in order to support cases where the AP is disabled
without the knowledge of wpa_supplicant/hostapd).
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
The new hostapd.conf parameter subscr_remediation_url can be used to
define the URL of the Subscription Remediation Server that will be added
in a WFA VSA to Access-Accept message if the SQLite user database
indicates that the user need subscription remediation.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
hostapd can now be configured to advertise OSU Providers with the
new osu_* confgiuration parameters.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
hostapd can now be configured to provide access for icon files
(hs20_icon config file parameter) for OSU. The hs20_icon data contains
additional meta data about the icon that is not yet used, but it will be
needed for the OSU Providers list ANQP element.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If the RADIUS server includes deauthentication request in Access-Accept,
send a WNM-Notification frame to the station after 4-way handshake and
disconnect the station after configurable timeout.
A new control interface command, WNM_DEAUTH_REQ, is added for testing
purposes to allow the notification frame to sent based on local request.
This case does not disconnect the station automatically, i.e., a
separate control interface command would be needed for that.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Subscription remediation notification can now be sent from hostapd with:
hostapd_cli hs20_wnm_notif 02:00:00:00:00:00 http://example.com/foo/
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The HS 2.0 Indication element from hostapd now includes the release
number field and the new ANQP Domain ID field. This ID can be configured
with anqp_domain_id parameter in hostapd.conf.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
After adding or removing a MAC address from a list, the
corresponding station was not deauthenticated as expected.
Signed-off-by: Emanuel Taube <emanuel.taube@gmail.com>
It is already possible to add MAC addresses at runtime. This patch
allows also to remove some of them by using the prefix "-" in the
address file.
Signed-off-by: Emanuel Taube <emanuel.taube@gmail.com>
Add configuration of Spectrum Management subfield in the Capability
Information of Beacon, Probe Response, and Association Response frames.
Spectrum Management bit is set when directly requested by new
configuration option spectrum_mgmt_required=1 or when AP is running on
DFS channels. In the future, also TPC shall require this bit to be set.
Signed-hostap: Srinivasan <srinivasanb@posedge.com>
Signed-hostap: Chaitanya T K <chaitanyatk@posedge.com>
Signed-hostap: Marek Puzyniak <marek.puzyniak@tieto.com>
Add Power Constraint information element to Beacon and Probe Response
frames when hostapd is configured on 5 GHz band and Country information
element is also added. According to IEEE Std 802.11-2012 a STA shall
determine a local maximum transmit power for the current channel based
on information derived from Country and Power Constraint elements.
In order to add Power Constraint element ieee80211d option need to be
enabled and new local_pwr_constraint config option need to be set to
unsigned value in units of decibels. For now this value is statically
configured but the future goal is to implement dynamic TPC algorithm
to control local power constraint.
Signed-hostap: Srinivasan <srinivasanb@posedge.com>
Signed-hostap: Chaitanya T K <chaitanyatk@posedge.com>
Signed-hostap: Marek Puzyniak <marek.puzyniak@tieto.com>
CONFIG_MODULE_TESTS=y build option can now be used to build in module
tests into hostapd and wpa_supplicant binaries. These test cases will be
used to get better testing coverage for various details that are
difficult to test otherwise through the control interface control. A
single control interface command is used to executed these tests within
the hwsim test framework. This commit adds just the new mechanism, but no
module tests are yet integrated into this mechanism.
Signed-off-by: Jouni Malinen <j@w1.fi>
Using binutils >= 2.24.x and setting
CONFIG_WPA_TRACE/CONFIG_WPA_TRACE_BDF causes both builds to fail with
"#error config.h must be included before this header" message.
Since version 2.24.x, the bfd header checks for PACKAGE and
PACKAGE_VERSION macros.
As suggested in http://sourceware.org/bugzilla/show_bug.cgi?id=14243
projects that use bfd and don't use autotools should define a PACKAGE
macro.
Signed-off-by: Roger Zanoni <roger.zanoni@openbossa.org>
IEEE 802.11w is ratified since 2009 already, so this comment does not
seem to be valid anymore.
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
The current nfcpy version does not support new WSC connection handover
message format and the handover server fails to process the request due
to a debug print. As a temporary workaround, override
HandoverServer::_process_request() with a version that avoids pretty()
print of the handover messages. This can be removed once nfcpy has been
updated to support the new format.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
In hostapd_logger_cb(), module_str is checked for NULL (on a path that
does not get executed in practice), and then possibly dereferenced in
snprintf() anyway.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
"hostapd -u<MAC Address>" can now be used to display the UUID that will
be generated based on a MAC Address (i.e., when hostapd configuration
does not set a specific UUID).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
nfcpy does not yet support all the new message formats, so some of the
pretty() calls can result in exceptions.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If CONFIG_WPS_TESTING=y is enabled in build configuration, the new
wps_corrupt_pkhash parameter (similar to wps_testing_dummy_cred) can be
used to request public key hash to be corrupted in all generated OOB
Device Password attributes. This can be used for testing purposes to
validate public key hash validation steps.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new NFC connection handover design requires the AP/Registrar to
process the connection handover request message received from the
Enrollee. Add control interface commands for handling this.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
It is possible for the configuration to be temporarily invalid when
adding a new AP through SET commands followed by ENABLE. Avoid this
issue by using less strict validation on SET commands and perform full
configuration validation only on ENABLE. Use cases with configuration
file maintain their previous behavior, i.e., full validation after the
file has been read.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is just like the same command in wpa_supplicant, i.e., "hostapd_cli
status driver" can be used to fetch information about the driver status
and capabilities.
Signed-hostap: Jouni Malinen <j@w1.fi>
Need to use common EAP_GPSK_SHA256 define for this instead of the
server-specific EAP_SERVER_GPSK_SHA256 which was not really used
anywhere.
Signed-hostap: Jouni Malinen <j@w1.fi>
This debugging mechanism has now been deprecated by the control
interface commands that can be used to fetch same internal information
from hostapd in a more convenient way. Leave the empty USR1 signal
handler and configuration file parameter for backwards compatibility.
They can be removed in future versions of hostapd.
Signed-hostap: Jouni Malinen <j@w1.fi>
The per-STA/Supplicant state information from the EAPOL authenticator
is now available through "STA <MAC Address> eapol" command.
Signed-hostap: Jouni Malinen <j@w1.fi>
There is no need to maintain two interfaces for fetching debug
information about hostapd state. The control interface is more
convenient for number of use cases, so prefer that over the dump_file
mechanism.
Signed-hostap: Jouni Malinen <j@w1.fi>