Commit graph

1102 commits

Author SHA1 Message Date
Adrien Decostre
1648cc6427 ACS: Allow subset of channels to be configured
Add the possibility to define a subset of channels used by the ACS
engine when not operating on DFS channels.

Signed-off-by: Adrien Decostre <ad.decostre@gmail.com>
2015-01-19 02:35:43 +02:00
Yanbo Li
e7d0e97bdb hostapd: Add vendor specific VHT extension for the 2.4 GHz band
This allows vendor specific information element to be used to advertise
support for VHT on 2.4 GHz band. In practice, this is used to enable use
of 256 QAM rates (VHT-MCS 8 and 9) on 2.4 GHz band.

This functionality is disabled by default, but can be enabled with
vendor_vht=1 parameter in hostapd.conf if the driver advertises support
for VHT on either 2.4 or 5 GHz bands.

Signed-off-by: Yanbo Li <yanbol@qti.qualcomm.com>
2015-01-14 00:59:22 +02:00
Jouni Malinen
a16514516b Add "GET tls_library" to provide information on TLS library and version
This new wpa_supplicant and hostapd control interface command can be
used to determine which TLS library is used in the build and what is the
version of that library.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
0b402479bf Remove Network Security Service (NSS) support
NSS as a TLS/crypto library alternative was never completed and this
barely functional code does not even build with the current NSS version.
Taken into account that there has not been much interest in working on
this crypto wrapper over the years, it is better to just remove this
code rather than try to get it into somewhat more functional state.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:58:10 +02:00
Janusz Dziedzic
269dfe232b Introduce common hw features
Introduce wpa_supplicant/hostapd hw features.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-10 17:35:53 +02:00
Jouni Malinen
86a7fbb2c1 Verify that eloop_register_read_sock() succeeds for ctrl_iface setup
This allows faster detection of a case where a memory allocation fails
within eloop.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-08 02:34:08 +02:00
Jouni Malinen
a156ffda61 Add support for testing memory allocation failures
The new control interface command TEST_ALLOC_FAIL and GET_ALLOC_FAIL can
now be used to trigger memory allocation failures for testing purposes.
TEST_ALLOC_FAIL sets a failure conditions with
<count>:func[;func][;func]... string and GET_ALLOC_FAIL returns the
current state using the same format. Whenever an allocation is made with
a matching backtrace of calling functions, the count is decremented by
one and once zero is reached, the allocation is forced to fail.

Function names can be prefixed with either '=' or '?' to get different
matching behavior. '=' requires this specific function to be the next
one in the backtrace (i.e., do not skip any other functions in the list
which is the default behavior). '?' allows the function to be optionally
present in the backtrace.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:43 +02:00
Jouni Malinen
77a2c3941e crypto: Clear temporary heap allocations before freeing
This reduces the time private keys may remain in heap memory after use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-06 02:49:13 +02:00
Paul Stewart
de27bc7673 hostapd: Set stdout line-buffered
If hostapd will use stdout for debugging, set stdout to be line
buffered in case its output is redirected to a file. This allows
incremental output to be viewed immediately instead of at the file
buffering interval.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2014-12-29 15:49:05 +02:00
Jouni Malinen
010fa245bd Add QUIET=1 option for make
This can be used to reduce verbosity for build messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
a193231dfb Clean up debug prints to use wpa_printf()
This converts most of the remaining perror() and printf() calls from
hostapd and wpa_supplicant to use wpa_printf().

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-26 13:20:57 +02:00
Prashanth Bhatta
9108ea09f2 hostapd: Make install path configurable
Makefile always installs to /usr/local/bin and on some platforms,
/usr/local/bin is not in default search path. Modify the Makefile such
that bin path can be configurable so that build system can pass
appropriate path for installation. If bin path is not specified then by
default binaries are installed in /usr/local/bin.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-19 12:32:50 +02:00
Jouni Malinen
2c6411edd0 ERP: Add ERP_FLUSH for hostapd
This can be used to drop any pending ERP key from both the internal AP
authentication server and RADIUS server use of hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
0629eeb490 RRM: Add AP mode minimal advertisement support for testing
The new hostapd.conf radio_measurements parameter can now be used to
configure a test build to advertise support for radio measurements with
neighbor report enabled. There is no real functionality that would
actually process the request, i.e., this only for the purpose of minimal
STA side testing for now.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-12 20:45:31 +02:00
Jouni Malinen
eeab4f2fda Check os_snprintf() result more consistently - automatic 3
This converts os_snprintf() result validation cases to use
os_snprintf_error() where the comparison was 'res > size' instead of
'res >= size - 1'. These changes were done automatically with spatch
using the following semantic patch:

@@
identifier E1;
expression E2,E3,E4,E5,E6;
statement S1;
@@

(
  E1 = os_snprintf(E2, E3, ...);
|
  int E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else if (E6)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = 0;
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else if (E6) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	E1 = os_snprintf(E2, E3, ...);
  }
)
? os_free(E4);
- if (E1 < 0 || (size_t) E1 >= E3 - 1)
+ if (os_snprintf_error(E3, E1))
(
  S1
|
{ ... }
)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
d85e1fc8a5 Check os_snprintf() result more consistently - automatic 1
This converts os_snprintf() result validation cases to use
os_snprintf_error() where the exact rule used in os_snprintf_error() was
used. These changes were done automatically with spatch using the
following semantic patch:

@@
identifier E1;
expression E2,E3,E4,E5,E6;
statement S1;
@@

(
  E1 = os_snprintf(E2, E3, ...);
|
  int E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else if (E6)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = 0;
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else if (E6) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	E1 = os_snprintf(E2, E3, ...);
  }
)
? os_free(E4);
- if (E1 < 0 || \( E1 >= E3 \| (size_t) E1 >= E3 \| (unsigned int) E1 >= E3 \| E1 >= (int) E3 \))
+ if (os_snprintf_error(E3, E1))
(
  S1
|
{ ... }
)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
d3bddd8b84 ERP: Add support for ERP on EAP server and authenticator
Derive rRK and rIK on EAP server if ERP is enabled and use these keys to
allow EAP re-authentication to be used and to derive rMSK.

The new hostapd configuration parameter eap_server_erp=1 can now be used
to configure the integrated EAP server to derive EMSK, rRK, and rIK at
the successful completion of an EAP authentication method. This
functionality is not included in the default build and can be enabled
with CONFIG_ERP=y.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-04 12:16:27 +02:00
Jouni Malinen
2a5156a66c ERP: Add optional EAP-Initiate/Re-auth-Start transmission
hostapd can now be configured to transmit EAP-Initiate/Re-auth-Start
before EAP-Request/Identity to try to initiate ERP. This is disabled by
default and can be enabled with erp_send_reauth_start=1 and optional
erp_reauth_start_domain=<domain>.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-04 12:08:56 +02:00
Jouni Malinen
0ecff8d7c3 Add hostapd driver_params config parameter
This is mainly for development testing purposes to allow driver_nl80211
behavior to be modified.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-29 13:24:42 +02:00
Jouni Malinen
ebd557288c Remove forgotten driver_test.c variables
hostapd was still providing couple of parameters that were used only in
the already removed driver_test.c framework.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-29 12:49:55 +02:00
Jouni Malinen
85660d312a Add DATA_TEST_FRAME for testing Data frame processing on AP side
The new hostapd control interface command can be used in automated
testing to verify how AP processes Data frames with arbitrary contents.
This is enabled only in builds with CONFIG_TESTING_OPTIONS=y.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:37:05 +02:00
Jouni Malinen
527d2378ac hostapd: Allow DATA_TEST_CONFIG to configure ifname
This allows the device-based data connectivity tests to be extended for
bridge and VLAN interface cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-27 14:02:18 +02:00
Jouni Malinen
378dec5af9 Android: Add Hotspot 2.0 into hostapd makefile
This makes the Android.mk for hostapd match the Makefile changes for
optional Hotspot 2.0 support.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-25 17:09:50 +02:00
Jouni Malinen
a437378f98 proxyarp: Use C library header files and CONFIG_IPV6
This replaces the use of Linux kernel header files (linux/ip.h,
linux/udp.h, linux/ipv6.h, and linux/icmpv6.h) with equivalent header
files from C library. In addition, ndisc_snoop.c is now built
conditionally on CONFIG_IPV6=y so that it is easier to handle hostapd
builds with toolchains that do not support IPv6 even if Hotspot 2.0 is
enabled in the build.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-25 16:58:21 +02:00
Jouni Malinen
a30dff07fb Add BSS_TM_REQ command to send BSS Transition Management Request
hostapd control interface can now be used to request transmission of a
BSS Transition Management Request frame to a specified station.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-22 16:34:34 +02:00
Kyeyoon Park
bd00c4311c AP: Add Neighbor Discovery snooping mechanism for Proxy ARP
This commit establishes the infrastructure, and handles the Neighbor
Solicitation and Neighbor Advertisement frames. This will be extended
in the future to handle other frames.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-11-19 16:47:06 +02:00
Kyeyoon Park
c127355cb8 AP: Add a generic "x_snoop" infrastructure for Proxy ARP
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-11-19 16:14:02 +02:00
Dmitry Shmidt
88cb27c7a5 hostapd: Add wowlan_triggers config param
New kernels in wiphy_suspend() will call cfg80211_leave_all() that will
eventually end up in cfg80211_stop_ap() unless wowlan_triggers were set.
For now, use the parameters from the station mode as-is. It may be
desirable to extend (or constraint) this in the future for specific AP
mode needs.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2014-11-16 17:09:11 +02:00
Jouni Malinen
087a1f4efd Suite B: PMKID derivation for AKM 00-0F-AC:11
The new AKM uses a different mechanism of deriving the PMKID based on
KCK instead of PMK. hostapd was already doing this after the KCK had
been derived, but wpa_supplicant functionality needs to be moved from
processing of EAPOL-Key frame 1/4 to 3/4 to have the KCK available.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-16 17:09:11 +02:00
Jouni Malinen
666497c8e6 Suite B: Add AKM 00-0F-AC:11
This adds definitions for the 128-bit level Suite B AKM 00-0F-AC:11. The
functionality itself is not yet complete, i.e., this commit only
includes parts to negotiate the new AKM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-16 13:20:51 +02:00
Jouni Malinen
01b32d5e36 Remove references to madwifi from various files
Number of documentation and configuration files had references to the
madwifi driver interface that was removed in the previous commit. Remove
these references as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-01 16:15:53 +02:00
Kyeyoon Park
7d597d4617 AP: Add support for Proxy ARP, DHCP snooping mechanism
Proxy ARP allows the AP devices to keep track of the hardware address to
IP address mapping of the STA devices within the BSS. When a request for
such information is made (i.e., ARP request, Neighbor Solicitation), the
AP will respond on behalf of the STA device within the BSS. Such
requests could originate from a device within the BSS or also from the
bridge. In the process of the AP replying to the request (i.e., ARP
reply, Neighbor Advertisement), the AP will drop the original request
frame. The relevant STA will not even know that such information was
ever requested.

This feature is a requirement for Hotspot 2.0, and is defined in IEEE
Std 802.11-2012, 10.23.13. While the Proxy ARP support code mainly
resides in the kernel bridge code, in order to optimize the performance
and simplify kernel implementation, the DHCP snooping code was added to
the hostapd.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-10-28 01:08:29 +02:00
Eliad Peller
04ee647d58 HT: Let the driver advertise its supported SMPS modes for AP mode
Add smps_modes field, and let the driver fill it with its supported SMPS
modes (static/dynamic). This will let us start an AP with specific SMPS
mode (e.g., dynamic) that will allow it to reduce its power usage.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2014-10-24 01:25:29 +03:00
Kyeyoon Park
ec8f36afca AP: Add support for BSS load element (STA Count, Channel Utilization)
The new "bss_load_update_period" parameter can be used to configure
hostapd to advertise its BSS Load element in Beacon and Probe Response
frames. This parameter is in the units of BUs (Beacon Units).

When enabled, the STA Count and the Channel Utilization value will be
updated periodically in the BSS Load element. The AAC is set to 0 sinze
explicit admission control is not supported. Channel Utilization is
calculated based on the channel survey information from the driver and
as such, requires a driver that supports providing that information for
the current operating channel.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-10-21 23:25:48 +03:00
Jouni Malinen
4a6cc86272 Add data test functionality
It is now possible to run hwsim_test like data connectivity test through
wpa_supplicant/hostapd control interface if CONFIG_TESTING_OPTIONS=y is
used for the build. Test functionality is enabled/disabled at runtime
with "DATA_TEST_CONFIG <1/0>". The "DATA_TEST_TX <dst> <src> <tos>"
command can be used to request a test frame to be transmitted.
"DATA-TEST-RX <dst> <src>" event is generated when the test frame is
received.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-19 20:51:45 +03:00
Cedric Baudelet
a6938b79b4 hostapd_cli: Add CLI commands enable, reload, and disable
Commands are already present in ctrl_iface.c (and parsed in
hostapd_ctrl_iface_receive() function) but not in hostapd_cli.c. This
patch updates hostapd_cli.c with matching functions.

Signed-off-by: Cedric Baudelet <cedric.baudelet@intel.com>
2014-10-12 19:27:13 +03:00
Jouni Malinen
f8995f8f1c hostapd: Allow OpenSSL cipherlist string to be configured
The new openssl_cipher configuration parameter can be used to select
which TLS cipher suites are enabled when hostapd is used as an EAP
server with OpenSSL as the TLS library.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-12 11:52:05 +03:00
Jouni Malinen
8e3e0b3f57 Report sendto() failures for hostapd ctrl_iface
This makes issues with control interface operations more easily
debuggable (CID 72681, CID 72686).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 19:43:26 +03:00
Jouni Malinen
9d4ff04af3 Add external EAPOL transmission option for testing purposes
The new ext_eapol_frame_io parameter can be used to configure hostapd
and wpa_supplicant to use control interface for receiving and
transmitting EAPOL frames. This makes it easier to implement automated
test cases for protocol testing. This functionality is included only in
CONFIG_TESTING_OPTIONS=y builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-10 18:40:57 +03:00
Jouni Malinen
5cb1440361 Update ChangeLog files for v2.3
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-09 17:41:31 +03:00
Jouni Malinen
5d4fa2a29b hostapd_cli: Use os_exec() for action script execution
Use os_exec() to run the action script operations to avoid undesired
command line processing for control interface event strings. Previously,
it could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use. (CVE-2014-3686)

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 17:38:25 +03:00
Jouni Malinen
10e7948f76 Fix hostapd GET_CONFIG wpa_pairwise_cipher value
Copy-paste error ended up getting rsn_pairwise_cipher value for both
rsn_pairwise_cipher and wpa_pairwise_cipher (CID 72693).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-07 18:40:05 +03:00
Jouni Malinen
df756b374e hostapd: Remove unused variable assignment
The local bss variable is used only within the while loop, so no need to
assign or even make it visible outside the loop.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-03 15:37:58 +03:00
Srinivas Girigowda
db9418bb1b Add printf NULL checks to silence static analyzer
Add NULL checks to take care of issues reported by static analyzer tool
on potentially using NULL with printf format %s (which has undefined
behavior even though many compilers end up printing "(null)").

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-08-28 18:25:32 +03:00
Michal Kazior
ccac7c61cf hostapd: Make chan_switch command per-interface not per-BSS
Currently hostapd data structures aren't ready for multi-channel BSSes,
so make the command work now at least with single-channel multi-BSS
channel switching.

Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
2014-06-28 11:06:44 +03:00
Jouni Malinen
6a98f67369 ChangeLog entries for v2.2
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-06-04 16:08:37 +03:00
Jouni Malinen
5d67bf1566 hostapd: Fix configuration of multiple RADIUS servers with SET
The current RADIUS server pointer was updated after each SET command
which broke parsing of multiple RADIUS servers over the control
interface. Fix this by doing the final RADIUS server pointer updates
only once the full configuration is available.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-30 20:40:11 +03:00
Eduardo Abinader
cc0b7cb188 hostapd_cli: Fix segmentation fault with interface command
ctrl_ifname was not being freed and allocated consistently by using
proper functions: os_free() and os_strdup(). This can result in
segmentation fault when these OS specific wrappers use different
implementation (e.g., with CONFIG_WPA_TRACE=y).

Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
2014-05-30 10:22:29 +03:00
Dmitry Shmidt
959214b260 Android: Use extended P2P functionality (ANDROID_P2P) for all vendors
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2014-04-29 18:59:12 +03:00
Jouni Malinen
06df2aa60a Remove floating constant suffix 'd' from test coee
clang scan-build does not seem to like the 'd' suffix on floating
constants and ends up reporting analyzer failures. Since this suffix
does not seem to be needed, get rid of it to clear such warnings.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-29 12:52:10 +03:00
Jouni Malinen
9670f8773b ACS: Clean up ifdef CONFIG_ACS to avoid unreachable code
The conf->channel assignment was unreachable if CONFIG_ACS was not
defined, so move that to be under #else.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-04-29 12:52:10 +03:00
Greg Hackmann
9176ec066e Android: Disable unused parameter warnings
This avoids large number of undesired compiler warnings since Android
build system is added -Wextra.

Signed-off-by: Greg Hackmann <ghackmann@google.com>
2014-04-24 12:15:32 +03:00
Jouni Malinen
1dde5b5cdd Remove PSMP option from ht_capab
This was used to fill in the "PSMP support" subfield that was defined
during P802.11n development. However, this subfield was marked reserved
in the published IEEE Std 802.11n-2009 and it is not supported by
current drivers that use hostapd for SME either. As such, there is not
much point in maintaining this field as ht_capab parameter within
hostapd either.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-04-07 22:02:14 +03:00
Jouni Malinen
5784b9a41b Fix memory leaks in hostapd configuration updates
Some of the allocated configuration parameter did not free the previous
value if a configuration file or ctrl_iface SET command updated a
previously set value.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-05 20:42:12 +03:00
Jouni Malinen
5cfc87b771 Make hs20_wan_metrics parser error print more helpful
pos == NULL in almost all of the error cases here, so print the full
parameter value instead of the current position.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-30 17:25:17 +03:00
Jouni Malinen
4be20bf9aa Fix validation of anqp_3gpp_cell_net configuration parameter
The "< '0' && > '9'" part would not match any character.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-30 17:22:23 +03:00
Jouni Malinen
23587e3999 Remove duplicated vht_capab parser entry
[VHT160-80PLUS80] was parsed twice with the second copy not really doing
anything useful.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-30 17:06:34 +03:00
Jouni Malinen
18a8e55fcd Notify STA of disconnection based on ACL change
ap_sta_deauthenticate() does not necessarily send a Deauthentication
frame to the STA. Use ap_sta_disconnect() to drop the association so
that the notification frame goes out.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-30 17:06:34 +03:00
Jouni Malinen
8943cc998a RADIUS server: Add support for MAC ACL
"user" MACACL "password" style lines in the eap_user file can now be
used to configured user entries for RADIUS-based MAC ACL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 19:31:56 +02:00
Avraham Stern
3ae8b7b7a2 hostapd: Add vendor command support
Add support of vendor command to hostapd ctrl_iface.
Vendor command's format:
VENDOR <vendor id> <sub command id> [<hex formatted data>]

The 3rd argument will be converted to binary data and then passed as
argument to the sub command.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-03-27 15:28:44 +02:00
Jouni Malinen
978c673052 Add a note on using 'iw list' to determine multi-BSS support
This adds a pointer to hostapd.conf to using 'iw list' with the current
nl80211 drivers to determine supported interface combinations.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-25 23:58:22 +02:00
Jouni Malinen
c201f93a9e WPS: Enable WSC 2.0 support unconditionally
There is not much point in building devices with WPS 1.0 only supported
nowadays. As such, there is not sufficient justification for maintaining
extra complexity for the CONFIG_WPS2 build option either. Remove this by
enabling WSC 2.0 support unconditionally.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 18:33:21 +02:00
Jouni Malinen
b7a8d67f5b Allow hostapd to advertise 40 MHz intolerant HT capability
ht_capab=[40-INTOLERANT] can now be used to advertise that the BSS is 40
MHz intolerant to prevent other 20/40 MHz co-ex compliant APs from using
40 MHz channel bandwidth.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-23 23:50:37 +02:00
Jouni Malinen
be4e5af741 Add SAE and FT-SAE key_mgmt to hostapd GET_CONFIG
These options were missing from the current key_mgmt values.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-22 19:01:34 +02:00
Jouni Malinen
8b6b6d8238 Fix hostapd.conf description of HT40+
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-21 20:04:01 +02:00
Jouni Malinen
8dd9f9cdde Allow management group cipher to be configured
This allows hostapd to set a different management group cipher than the
previously hardcoded default BIP (AES-128-CMAC). The new configuration
file parameter group_mgmt_cipher can be set to BIP-GMAC-128,
BIP-GMAC-256, or BIP-CMAC-256 to select one of the ciphers defined in
IEEE Std 802.11ac-2013.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-14 21:58:45 +02:00
Jouni Malinen
b4c26ef997 Clean up hostapd_config_fill() parsers
Some of the parsing code was using a bit too complex design and could be
simplified after the earlier return-on-error cleanups.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-12 01:09:21 +02:00
Jouni Malinen
b2e32cde83 Fix memory leaks on wpa_config_parse_string() error paths
hostapd configuration parser did not free the temporary buffer on some
error paths.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-12 01:09:21 +02:00
Jouni Malinen
a0b728b7e2 Simplify hostapd_config_fill() error reporting
There is no need for trying to count the number of errors in this
function since this is not a loop anymore and the return value will be
either 0 or 1.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-12 01:09:21 +02:00
Jouni Malinen
599f40db7d Remove extra indentation level from hostapd_config_fill()
The configuration file parsing routines were moved to a separate
function a while back, but left at the old indentation level to avoid
showing large diffs in the commit and to avoid conflicts with parallel
development in other branches. There is never a perfect time for this
type of changes, but we might as well finally get rid of that extra
indentation now with Hotspot 2.0 Rel 2 changes pulled in.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-12 01:09:15 +02:00
Ben Greear
cfc393a645 hostapd: Document interworking realm EAP Method types
Add link to the EAP type definitions document.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2014-03-11 19:27:55 +02:00
Simon Wunderlich
70ee1be248 hostapd: Add config option chanlist for DFS channels
Different channels allow different transmission power, at least in ETSI
countries. Also, ETSI requires a "channel plan" for DFS operation, and
channels should be randomly choosen from these channels.

Add a channel list configuration option for users to add channels
hostapd may pick from.

Signed-hostap: Simon Wunderlich <sw@simonwunderlich.de>
2014-03-11 18:59:40 +02:00
Jouni Malinen
09eef142ea Use internal FIPS 186-2 PRF if needed
Previously, EAP-SIM/AKA/AKA' did not work with number of crypto
libraries (GnuTLS, CryptoAPI, NSS) since the required FIPS 186-2 PRF
function was not implemented. This resulted in somewhat confusing error
messages since the placeholder functions were silently returning an
error. Fix this by using the internal implementation of FIP 186-2 PRF
(including internal SHA-1 implementation) with crypto libraries that do
not implement this in case EAP-SIM/AKA/AKA' is included in the build.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-11 16:44:22 +02:00
Jouni Malinen
4fb363c62b Fix error path handling on radius_accept_attr
This error path must not try to free the user entry since that entry was
already added to the BSS list and will be freed when BSS is freed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-10 00:44:26 +02:00
Jouni Malinen
8a57da7e28 RADIUS server: Add option for storing log information to SQLite DB
If eap_user_file is configured to point to an SQLite database, RADIUS
server code can use that database for log information.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-09 18:21:13 +02:00
Jouni Malinen
d0ee16edc8 Allow arbitrary RADIUS attributes to be added into Access-Accept
This extends the design already available for Access-Request packets to
the RADIUS server and Access-Accept messages. Each user entry can be
configured to add arbitrary RADIUS attributes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-08 11:35:08 +02:00
Jouni Malinen
49021c1cb6 Fix hostapd error path regression
Commit 354c903f8e added setting of
driver_ap_teardown on the hostapd exit path without taking into account
that this may also be called on an error path where the interface has
not been initialized. Fix the resulting NULL pointer dereference to
allow hostapd to exit cleanly in error case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-07 22:37:03 +02:00
Bartosz Markowski
905828fea4 hostapd: Fix vht_capab 'Maximum A-MPDU Length Exponent' handling
As per IEEE Std 802.11ac-2013, 'Maximum A-MPDU Length Exponent' field
value is in the range of 0 to 7. Previous implementation assumed EXP0 to
be the maximum length (bits 23, 24 and 25 set) what is incorrect.

This patch adds options to set it up within the 0 to 7 range.

Signed-off-by: Bartosz Markowski <bartosz.markowski@tieto.com>
2014-03-06 00:09:37 +02:00
Moshe Benji
354c903f8e AP/GO interface teardown optimization
This commit adds an option to optimize AP teardown by leaving the
deletion of keys (including group keys) and stations to the driver.

This optimization option should be used if the driver supports stations
and keys removal when stopping an AP.

For example, the optimization option will always be used for cfg80211
drivers since cfg80211 shall always remove stations and keys when
stopping an AP (in order to support cases where the AP is disabled
without the knowledge of wpa_supplicant/hostapd).

Signed-off-by: Moshe Benji <moshe.benji@intel.com>
2014-03-05 23:57:02 +02:00
Jouni Malinen
b61e70c4f3 HS 2.0R2: Add WFA server-only EAP-TLS server method
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:25 +02:00
Jouni Malinen
8d2a9921af HS 2.0R2: RADIUS server support to request Subscr Remediation
The new hostapd.conf parameter subscr_remediation_url can be used to
define the URL of the Subscription Remediation Server that will be added
in a WFA VSA to Access-Accept message if the SQLite user database
indicates that the user need subscription remediation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:25 +02:00
Jouni Malinen
ae6d15c722 HS 2.0R2 AP: Add OSU Providers list ANQP element
hostapd can now be configured to advertise OSU Providers with the
new osu_* confgiuration parameters.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:25 +02:00
Jouni Malinen
f7bd7a01a8 HS 2.0R2 AP: Add Icon Request and Icon binary File ANQP elements
hostapd can now be configured to provide access for icon files
(hs20_icon config file parameter) for OSU. The hs20_icon data contains
additional meta data about the icon that is not yet used, but it will be
needed for the OSU Providers list ANQP element.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:25 +02:00
Jouni Malinen
8e1146d9da HS 2.0R2 AP: Add support for deauthentication request
If the RADIUS server includes deauthentication request in Access-Accept,
send a WNM-Notification frame to the station after 4-way handshake and
disconnect the station after configurable timeout.

A new control interface command, WNM_DEAUTH_REQ, is added for testing
purposes to allow the notification frame to sent based on local request.
This case does not disconnect the station automatically, i.e., a
separate control interface command would be needed for that.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:24 +02:00
Jouni Malinen
a14896e8bb HS 2.0R2 AP: Add OSEN implementation
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:24 +02:00
Jouni Malinen
3fb17a9530 HS 2.0R2 AP: Add WNM-Notification Request for Subscription Remediation
Subscription remediation notification can now be sent from hostapd with:
hostapd_cli hs20_wnm_notif 02:00:00:00:00:00 http://example.com/foo/

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:24 +02:00
Jouni Malinen
d5d24784e6 HS 2.0R2 AP: Update HS 2.0 Indication element to Release 2
The HS 2.0 Indication element from hostapd now includes the release
number field and the new ANQP Domain ID field. This ID can be configured
with anqp_domain_id parameter in hostapd.conf.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:24 +02:00
Jouni Malinen
a5d75636f9 HS 2.0R2: Add common OSEN definitions
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:23 +02:00
Emanuel Taube
e2364d162a hostapd: Deauthenticate clients forbidden by maclist changes
After adding or removing a MAC address from a list, the
corresponding station was not deauthenticated as expected.

Signed-off-by: Emanuel Taube <emanuel.taube@gmail.com>
2014-02-25 16:18:48 +02:00
Emanuel Taube
1748f1da3d hostapd: Make it possible to remove addresses from maclists
It is already possible to add MAC addresses at runtime. This patch
allows also to remove some of them by using the prefix "-" in the
address file.

Signed-off-by: Emanuel Taube <emanuel.taube@gmail.com>
2014-02-25 16:10:29 +02:00
Chaitanya T K
3d7ad2f681 hostapd: Configure spectrum management capability
Add configuration of Spectrum Management subfield in the Capability
Information of Beacon, Probe Response, and Association Response frames.
Spectrum Management bit is set when directly requested by new
configuration option spectrum_mgmt_required=1 or when AP is running on
DFS channels. In the future, also TPC shall require this bit to be set.

Signed-hostap: Srinivasan <srinivasanb@posedge.com>
Signed-hostap: Chaitanya T K <chaitanyatk@posedge.com>
Signed-hostap: Marek Puzyniak <marek.puzyniak@tieto.com>
2014-02-25 00:54:59 +02:00
Srinivasan B
e0392f825d hostapd: Add Power Constraint element
Add Power Constraint information element to Beacon and Probe Response
frames when hostapd is configured on 5 GHz band and Country information
element is also added. According to IEEE Std 802.11-2012 a STA shall
determine a local maximum transmit power for the current channel based
on information derived from Country and Power Constraint elements.

In order to add Power Constraint element ieee80211d option need to be
enabled and new local_pwr_constraint config option need to be set to
unsigned value in units of decibels. For now this value is statically
configured but the future goal is to implement dynamic TPC algorithm
to control local power constraint.

Signed-hostap: Srinivasan <srinivasanb@posedge.com>
Signed-hostap: Chaitanya T K <chaitanyatk@posedge.com>
Signed-hostap: Marek Puzyniak <marek.puzyniak@tieto.com>
2014-02-24 23:51:23 +02:00
Jouni Malinen
ea449b5bfe tests: Add a module test integration to hwsim tests
CONFIG_MODULE_TESTS=y build option can now be used to build in module
tests into hostapd and wpa_supplicant binaries. These test cases will be
used to get better testing coverage for various details that are
difficult to test otherwise through the control interface control. A
single control interface command is used to executed these tests within
the hwsim test framework. This commit adds just the new mechanism, but no
module tests are yet integrated into this mechanism.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-21 13:08:08 +02:00
Roger Zanoni
848905b12a Avoid undefined references with CONFIG_WPA_TRACE_BFD=y
libdl, libiberty, and libzlib are dependencies for libbfd.

Signed-off-by: Roger Zanoni <roger.zanoni@openbossa.org>
2014-02-20 16:32:26 +02:00
Dmitry Shmidt
ac494fcce4 Android: Use external libnl 2.0 dynamic library
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2014-02-19 14:10:12 +02:00
Roger Zanoni
b7cac41254 Fix hostapd and wpa_supplicant build with binutils >= 2.24.x
Using binutils >= 2.24.x and setting
CONFIG_WPA_TRACE/CONFIG_WPA_TRACE_BDF causes both builds to fail with
"#error config.h must be included before this header" message.

Since version 2.24.x, the bfd header checks for PACKAGE and
PACKAGE_VERSION macros.

As suggested in http://sourceware.org/bugzilla/show_bug.cgi?id=14243
projects that use bfd and don't use autotools should define a PACKAGE
macro.

Signed-off-by: Roger Zanoni <roger.zanoni@openbossa.org>
2014-02-19 14:10:12 +02:00
Jouni Malinen
a1dd890a85 RADIUS: Add minimal accounting server support
This can be used to test RADIUS Accounting in hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 16:26:48 +02:00
Jouni Malinen
9aab81145a Fix nt_password_hash build
This needs librt on some systems for clock_gettime().

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 11:49:40 +02:00
Helmut Schaa
d9dd86be1d hostapd: Enable IEEE 802.11w in defconfig
IEEE 802.11w is ratified since 2009 already, so this comment does not
seem to be valid anymore.

Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
2014-02-14 19:21:42 +02:00
Jouni Malinen
7ae7a84eef NFC: Workaround nfcpy message debug exception
The current nfcpy version does not support new WSC connection handover
message format and the handover server fails to process the request due
to a debug print. As a temporary workaround, override
HandoverServer::_process_request() with a version that avoids pretty()
print of the handover messages. This can be removed once nfcpy has been
updated to support the new format.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-13 16:37:43 +02:00
Eytan Lifshitz
1e2ffc608b Fix theoretical NULL dereference in debug printf
In hostapd_logger_cb(), module_str is checked for NULL (on a path that
does not get executed in practice), and then possibly dereferenced in
snprintf() anyway.

Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
2014-02-13 15:58:15 +02:00
Jouni Malinen
d6bfaaac69 NFC: Add summary and success file options for nfcpy scripts
These can be used to get updates on NFC operation status and success for
external programs.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-12 16:44:05 +02:00
Jouni Malinen
b0d18bc2a1 WPS: Make UUID-from-MAC Address easily available
"hostapd -u<MAC Address>" can now be used to display the UUID that will
be generated based on a MAC Address (i.e., when hostapd configuration
does not set a specific UUID).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-11 15:44:13 +02:00
Jouni Malinen
44f967c729 Update ChangeLog files to match current implementation
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-04 13:23:35 +02:00
Jouni Malinen
12288d848c WPS NFC: Protect nfcpy pretty print calls against exceptions
nfcpy does not yet support all the new message formats, so some of the
pretty() calls can result in exceptions.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:14 +02:00
Jouni Malinen
6202500f6f WPS NFC: Logging level configuration to wps-nfc.py and wps-ap-nfc.py
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
1f1b5b31d7 WPS NFC: Clean up nfcpy script no-wait operations
This allows the scripts to terminate at proper point with --no-wait.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
ab1db08c05 WPS NFC: Use argparse in the nfcpy scripts
This cleans up command line parsing and simplifies the commands.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
6f8fa6e552 WPS NFC: Update wps-nfc.py and wps-ap-nfc.py to use new nfcpy API
This moves many of the peer discovery operations into the core nfcpy.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
91226e0d12 WPS: Add testing option to corrupt public key hash
If CONFIG_WPS_TESTING=y is enabled in build configuration, the new
wps_corrupt_pkhash parameter (similar to wps_testing_dummy_cred) can be
used to request public key hash to be corrupted in all generated OOB
Device Password attributes. This can be used for testing purposes to
validate public key hash validation steps.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:31 +02:00
Jouni Malinen
3189ca055d WPS NFC: Add AP mode connection handover report
The new NFC connection handover design requires the AP/Registrar to
process the connection handover request message received from the
Enrollee. Add control interface commands for handling this.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:10:55 +02:00
Dmitry Shmidt
b19ef32bf9 Android: Remove hostapd dump_file functionality
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2014-01-14 17:08:04 +02:00
Jouni Malinen
08081ad8ef hostapd: Skip full AP configuration validation on SET command
It is possible for the configuration to be temporarily invalid when
adding a new AP through SET commands followed by ENABLE. Avoid this
issue by using less strict validation on SET commands and perform full
configuration validation only on ENABLE. Use cases with configuration
file maintain their previous behavior, i.e., full validation after the
file has been read.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 20:23:56 +02:00
Ben Greear
3043b4f455 nl80211: Document how to configure for libnl 2.0 and 3.2
Reported-by: Xose Vazquez Perez <xose.vazquez@gmail.com>

Signed-hostap: Ben Greear <greearb@candelatech.com>
2014-01-07 15:35:14 +02:00
Jouni Malinen
090b8e3d14 Update copyright notices for the new year 2014
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:12 +02:00
Jouni Malinen
f0cbb986ff Add DRIVER-STATUS command for hostapd
This is just like the same command in wpa_supplicant, i.e., "hostapd_cli
status driver" can be used to fetch information about the driver status
and capabilities.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:12 +02:00
Jouni Malinen
7271ee8769 Fix EAP-GPSK server compilation for SHA256 cipher suite
Need to use common EAP_GPSK_SHA256 define for this instead of the
server-specific EAP_SERVER_GPSK_SHA256 which was not really used
anywhere.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:11 +02:00
Jouni Malinen
a1a31b6c3f Remove hostapd dump_file functionality
This debugging mechanism has now been deprecated by the control
interface commands that can be used to fetch same internal information
from hostapd in a more convenient way. Leave the empty USR1 signal
handler and configuration file parameter for backwards compatibility.
They can be removed in future versions of hostapd.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 18:15:07 +02:00
Jouni Malinen
ea23df652a Make EAPOL dump data available through ctrl_iface STA command
The per-STA/Supplicant state information from the EAPOL authenticator
is now available through "STA <MAC Address> eapol" command.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 17:49:48 +02:00
Jouni Malinen
96ea74b866 Convert EAPOL authenticator dump into easier to parse format
Use name=value entries one per each line and rename the state
entries to have unique names.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 17:37:21 +02:00
Jouni Malinen
ca3b71c14f Remove hostapd dump_file data that is available through ctrl_iface
There is no need to maintain two interfaces for fetching debug
information about hostapd state. The control interface is more
convenient for number of use cases, so prefer that over the dump_file
mechanism.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 17:20:51 +02:00
Jouni Malinen
4c03a2b3e1 Make RADIUS server MIB available through control interface
"MIB radius_server" control interface can now be used to fetch the
RADIUS server MIB data from hostapd.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 17:19:04 +02:00
Jouni Malinen
70067530b6 Update EAP-FAST note regarding OpenSSL support
This is now supported in the current OpenSSL version.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 10:13:11 +02:00
Jouni Malinen
0187c41d88 Declare wpa_debug_* variables in src/utils/wpa_debug.h
These were somewhat more hidden to avoid direct use, but there are now
numerous places where these are needed and more justification to make
the extern int declarations available from wpa_debug.h. In addition,
this avoids some warnings from sparse.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-31 19:29:52 +02:00
Jouni Malinen
fcc61230d1 Declare wpa_drivers in src/drivers/driver.h
This avoids some warnings from sparse.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-31 19:19:37 +02:00
Jouni Malinen
8d321a7d4c WNM: Move disassociation imminent sending to wnm_ap.c
This gets all WNM BSS Transition Management frame building and sending
within hostapd into the same location.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-27 19:57:47 +02:00
Jouni Malinen
b76f4c2763 hostapd: Make STA flags available through ctrl_iface STA command
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-27 19:35:12 +02:00
Jouni Malinen
121f2ab49a Remove unused STA flags
These three flags were only displayed, but never set or used for
anything else.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-27 19:35:12 +02:00
Jouni Malinen
3578e665bf WNM: Add STA flag to indicate the current WNM-Sleep-Mode state
This can be useful for displaying the current STA state and also for
determining whether some operations are likely to fail or need
additional delay.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-27 19:35:12 +02:00
Jouni Malinen
2025cad9b8 WNM: Move ESS Disassoc Imminent sending to a helper function
This makes it easier to trigger the ESS Disassociation Imminent
operation from different sources.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-12-27 18:48:04 +02:00
Jouni Malinen
9d2cb3ec94 Make CONFIG_TESTING_OPTIONS=y enable all testing options
This makes it easier to enable various testing parameters and
functionality in build configuration.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-12-26 20:50:28 +02:00
Jouni Malinen
93827f456a hostapd: Allow external management frame processing or testing
This enables more convenient protocol testing of station side
functionality in various error cases and unexpected sequences without
having to implement each test scenario within hostapd.
ext_mgmt_frame_handle parameter can be set to 1 to move all management
frame processing into an external program through control interface
events (MGMT-RX and MGMT-TX-STATUS) and command (MGMT_TX).

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 16:55:45 +02:00
Jouni Malinen
a4cfb48694 Add make lcov-html to generate code coverage report
In addition, update build rules to compile object files in the same
directory as the source code file if CONFIG_CODE_COVERAGE=y is set to
make lcov find the source code files.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 13:37:06 +02:00
Jouni Malinen
7feff06567 Add CONFIG_CODE_COVERAGE=y option for gcov
This can be used to measure code coverage from test scripts.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-24 19:16:12 +02:00
Johannes Berg
594516b4c2 Use monotonic clock for relative time for eloop if available
Relative time shouldn't be calculated based on gettimeofday
because that clock can jump (e.g., when the time is adjusted
by the system administrator.)

On systems where that is available, use CLOCK_BOOTTIME (on
fairly recent Linux systems, this clock takes into account
the time spend suspended) or CLOCK_MONOTONIC (on Linux and
some POSIX systems, this clock is just freely running with
no adjustments.)

Reported-by: Holger Schurig <holgerschurig@gmail.com>
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-11-20 23:52:56 +02:00
Andrei Otcheretianski
334bf36ac5 Add chan_switch to ctrl interface of wpa_supplicant and hostapd
Add chan_switch to the control interface of wpa_supplicant and hostapd,
and also to wpa_cli and hostapd_cli.

Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2013-11-17 17:12:58 +02:00
Jouni Malinen
10222ca192 Android: Sync Android.mk with Makefile
This brings in commit 0648c3b8f5 changes
to add Linux tracing option for hostapd.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-08 13:05:55 +02:00
Jouni Malinen
aebfbcb9ac Android: Sync Android.mk with Makefile
This brings in commit fd2f2d0489 changes
to remove optional gnutls-extra dependency.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-08 13:04:51 +02:00
Dmitry Shmidt
736abfc166 Android: Set proper path to keystore include dir
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 13:04:51 +02:00
Dmitry Shmidt
bbd84e5f42 Android: Add CONFIG_ACS option to makefile
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 13:04:51 +02:00
Ying Wang
53414a7e35 Android: Add liblog
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 11:46:59 +02:00
Kenny Root
206d81319e Android: Restore OpenSSL ENGINE support
We now use an OpenSSL ENGINE to support keystore functionality.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 11:40:13 +02:00
Dmitry Shmidt
b7997e01db Android: Remove obsolete WPA_UNICODE_SSID define
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 00:22:32 +02:00
Jeff Johnson
2d39a4d8a5 hostapd: Allow hostapd_cli to work on Android
Add definitions of the Android specific directories used for control
interface sockets so that hostapd_cli can connect to the Android
hostapd.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-08 00:22:32 +02:00
Paul Stewart
c101bb9d23 hostapd: Add option to send OBSS scan params
Add a parameter to send the overlapping BSS scan parameter
information element. This will require clients to perform
background scans to check for neigbors overlapping this
HT40 BSS. Since the implementation is incomplete it should
only be used for testing.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2013-11-07 14:05:41 +02:00
Dmitry Shmidt
3526ff0fad Android: Add ANDROID_P2P define under BOARD_WLAN_DEVICE
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-07 14:01:28 +02:00
Dmitry Shmidt
d0b2735240 Android: Fix CFLAGS -> L_CFLAGS
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-07 14:01:23 +02:00
Jouni Malinen
8540e0b520 hostapd: Fix DETACH command debug prints to avoid use of freed memory
In case a control interface socket is detached because of sendmsg()
failing for the socket, function call to detach the socket uses a
pointer to the socket information in the structure to be freed. Reorder
code to print socket info before freeing the data to avoid use of freed
memory in case debug prints are enabled.

This is similar to the earlier wpa_supplicant fix in commit
a235aca316.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-06 01:15:28 +02:00
Jouni Malinen
2b6623ab13 hostapd: Do not terminate process on dynamic interface add failure
Limit the calls to eloop_terminate() to happen only for the
initialization failure from the interfaces that we specified on the
command line. This allows hostapd process to continue operating even if
a dynamically added interface fails to start up. This allows the upper
layer software to fix a configuration error and retry.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-05 17:35:11 +02:00
Jouni Malinen
0dfd2c61a5 Document AP mode startup functions
This provides some more details on how interfaces and BSSes are
initialized during hostapd startup.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 21:30:31 +02:00