Commit graph

3991 commits

Author SHA1 Message Date
Jouni Malinen
ab93fdebf1 hostapd: Add INTERFACE-ENABLED and INTERFACE-DISABLED events
These can be convenient for upper layer programs to determine if the
hostapd interface gets disabled/re-enabled, e.g., due to rfkill
block/unblock.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-26 10:52:54 +02:00
Ilan Peer
1170239efa P2P: Save group common frequencies in invitation result
Save the group common frequencies when starting a GO due to
an invitation signaling requesting to re-invoke a persistent GO.

To do so, move the code that handles the translation of p2p_channels to
frequency list into a public function so it can be re-used both when GO
Negotiation is done and invitation signaling is done.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2014-10-26 01:24:28 +03:00
Ilan Peer
f64d3f0e15 WPS: Add missing device types
Add missing device category and device sub category definitions.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2014-10-26 01:24:08 +03:00
Ilan Peer
9bc5cfa338 nl80211: Clear beacon_set when deleting a beacon from deinit_ap()
When a beacon was deleted from the kernel in
wpa_driver_nl80211_deinit_ap(), bss->beacon_set was not cleared so
restarting the AP again was not possible.

Fix this by clearing the variable once the beacon was deleted.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2014-10-26 01:24:03 +03:00
Ilan Peer
ea6bf29ea3 nl80211: Add indoor only and GO concurrent flags
Add the following channel flags:

* INDOOR_ONLY: The channel can be used if and only if there is a clear
  assessment that the device is operating in an indoor environment, i.e.,
  it is AC power.

* CONCURRENT_GO: The channel can be used for instantiating a GO if and
  only if there is an additional station interface that is currently
  connected to an AP on the same channel or on the same U-NII band
  (assuming that the AP is an authorized master).

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2014-10-26 01:23:46 +03:00
Ilan Peer
0a44358055 wpa_supplicant: Use the 'no_ir' notation
Use the 'no_ir' notation instead of the 'passive scan' and
'no_ibss' notations to match the earlier change in nl80211.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2014-10-26 01:23:43 +03:00
Constantin Musca
a902d5a64b P2P: Stop driver listen in p2p_state_timeout()
When a P2P timeout occurs and p2p_state_timeout is executed, the
stop_listen function can be called besides setting in_listen to zero in
cases where the driver is still in ROC. That should not really happen in
normal cases, but it is possible for some drivers to extend the ROC
duration. If that happens, the next start_listen request may get
rejected with "P2P: Reject start_listen since p2p_listen_work already
exists".

Signed-off-by: Constantin Musca <constantin.musca@intel.com>
2014-10-25 21:37:18 +03:00
Javier Lopez
01e2231fdc hostapd: Skip some configuration steps for mesh cases
Modify hostapd.c logic to add checks for valid mconf data structure:

- For hostapd_setup_bss we don't need to flush old stations in case
  we're rejoining a mesh network.

- In hostapd_setup_interface_complete, we don't need to setup the
  interface until we join the mesh (same reasoning for
  hostapd_tx_queue_params).

Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
2014-10-25 17:45:36 +03:00
Bob Copeland
f3e9899e02 mesh: Accept Action frames without BSSID match
[original patch by: Thomas Pedersen <thomas@noack.us>]
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-10-25 17:45:35 +03:00
Thomas Pedersen
476e6bb68d mesh: Add mesh mode config option
Modify network mode to support mode number 5 when CONFIG_MESH is
enabled.

Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Thomas Pedersen <thomas@noack.us>
2014-10-25 17:45:35 +03:00
Bob Copeland
5f92659d88 mesh: Add mesh peering manager
The mesh peering manager establishes and maintains links among
mesh peers, tracking each peer link via a finite state machine.

This implementation supports open mesh peerings.

[assorted fixes from Yu Niiro <yu.niiro@gmail.com>]
[more fixes from Masashi Honma <masashi.honma@gmail.com>]
Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Ashok Nagarajan <ashok.dragon@gmail.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-hostap: Bob Copeland <me@bobcopeland.com>
2014-10-25 17:45:31 +03:00
Thomas Pedersen
8319e3120d mesh: Add mesh mode routines
Add routines to (de)initialize mesh interface data structures and
join and leave mesh networks.

Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Thomas Pedersen <thomas@noack.us>
2014-10-25 17:43:20 +03:00
Bob Copeland
5551bc9cb2 nl80211: Do not try to change supported rates
For mesh mode to work properly, set supported rates only once.

Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-10-25 15:54:57 +03:00
Bob Copeland
7a228b5c3f nl80211: Add STA flag WPA_STA_AUTHENTICATED
This is needed for managing STA entries for mesh use cases.

Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-10-25 15:54:47 +03:00
Bob Copeland
7c7e7877fc nl80211: Add plink_action_field to hostapd_sta_add_params
Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-10-25 15:54:38 +03:00
Bob Copeland
0d391b03e7 nl80211: Reject deauth/disassoc for mesh interface
sta_info call these to send out the disassoc and deauth frame
which are both not relevent to mesh. So don't send them.

Signed-off-by: Chun-Yeow Yeoh <yeohchunyeow@gmail.com>
Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-10-25 13:47:48 +03:00
Bob Copeland
afb0550a39 nl80211: Register to receive mesh frames
Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-10-25 13:47:12 +03:00
Jouni Malinen
aed8d4d1ff nl80211: Write channel type in debug log on channel switch event
This makes it easier to understand what kind of channel switch was
indicated by the driver.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-25 11:28:56 +03:00
Jouni Malinen
5de748187e Fix channel switch to disable VHT with HT
If both HT and VHT was enabled on AP and channel switch event from the
driver indicated that HT was disabled, VHT was left enabled. This
resulted in the following channel configuration failing. Fix this by
disabling VHT if HT gets disabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-25 11:27:48 +03:00
Eliad Peller
da1080d721 nl80211: Advertise and configure SMPS modes
Advertise static/dynamic SMPS mode support (according to the wiphy
feature bits) and pass the configured smps_mode when starting the AP.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2014-10-24 01:29:08 +03:00
Eliad Peller
8f461b50cf HT: Pass the smps_mode in AP parameters
The driver needs to know what SMPS mode it should use.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2014-10-24 01:27:31 +03:00
Eliad Peller
04ee647d58 HT: Let the driver advertise its supported SMPS modes for AP mode
Add smps_modes field, and let the driver fill it with its supported SMPS
modes (static/dynamic). This will let us start an AP with specific SMPS
mode (e.g., dynamic) that will allow it to reduce its power usage.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2014-10-24 01:25:29 +03:00
Jouni Malinen
4db207518d P2P: Stop TX wait on SD query TX status failure
The previous TX operation could be on another channel if there are
multiple peers with pending SD queries. To avoid failing to send the
following query, stop the last one to allow any Listen channel to be
used for the following query during p2p_find iteration.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-23 21:52:05 +03:00
Jouni Malinen
44abecbf02 P2P: Limit number of SD retries during find
Commit 7139cf4a4f ('P2P: Decrement
sd_pending_bcast_queries when sd returns success') added support for
retrying P2P SD queries. However, it did this without limiting how many
retries are allowed. This can result in excessive number of retries if a
peer device does not show up on its Listen channel and there is a
pending SD query to it. Limit the maximum number of SD retries to 100
per p2p_find operation for each peer to avoid unlimited retries.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-23 21:51:48 +03:00
Jouni Malinen
e706b8c8e5 P2P: Iterate through all peers in pending pre-find operation
Commit 7139cf4a4f ('P2P: Decrement
sd_pending_bcast_queries when sd returns success') changed P2P SD
behavior in a way that the P2P search loop ended up in continuing with
the first peer entry until it acknowledged receipt of a pending
broadcast SD request while the previous design went through all peers
once. While it is reasonable to retry SD, getting stuck with the first
peer is not really desirable. Change the p2p_continue_find() loop to
continue from the next peer in each iteration to allow progress through
all peers that have pending operations if any other peer is not
acknowledging frames (e.g., due to not being on Listen channel).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-23 21:30:32 +03:00
Chet Lanctot
b41f26845a Add support for offloading key management operations to the driver
This commit introduces a QCA vendor command and event to provide an
option to use extended versions of the nl80211 connect/roam operations
in a way that allows drivers to offload key management operations to the
driver/firmware.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-23 18:38:50 +03:00
Jouni Malinen
a6b1215769 GAS: Do not reply to P2P SD query from generic GAS/ANQP server
This avoids an issue where a wpa_supplicant build with CONFIG_P2P=y and
CONFIG_HS20=y ended up processing a P2P SD query twice when operating as
a GO and sending out two replies. Only the P2P SD implementation should
reply to P2P SD query in such a case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-22 19:21:42 +03:00
Johannes Berg
97752f7930 Revert "nl80211: Do not indicate P2P_DEVICE support by default"
This reverts commit 851b0c5581.

The kernel now has full support for this (and it is turned off
by default for hwsim) so wpa_supplicant should really go back
to autodetecting this so clients don't have to figure out what
to do.

Also add a debug message stating that P2P_DEVICE support is used.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-10-22 10:54:02 +03:00
Jouni Malinen
ccf79ab256 browser-android: Use execv() directly instead of os_exec()
This allows the URL to be passed as a single argument to the program
instead of getting split into multiple by os_exec(). This makes the
operation more robust for cases where the URL could have been received
from an external source and could potentially add extra arguments to the
command line.

In addition, fix the /system/bin/input execution by using system() for
it instead of execv() through os_exec(). /system/bin/input is a script
that execv() won't be able to run. Since the full command line is
specified, system() can be used for this. The keycode is also changed
from 3 to KEYCODE_HOME to make this work with current Android version.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-21 23:32:17 +03:00
Jouni Malinen
c94382259d browser-wpadebug: Use execv() directly instead of os_exec()
This allows the URL to be passed as a single argument to the program
instead of getting split into multiple by os_exec(). This makes the
operation more robust for cases where the URL could have been received
from an external source and could potentially add extra arguments to the
command line.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-21 23:32:17 +03:00
Jouni Malinen
22444bb246 browser-system: Use execv() directly instead of os_exec()
This allows the URL to be passed as a single argument to the program
instead of getting split into multiple by os_exec(). This makes the
operation more robust for cases where the URL could have been received
from an external source and could potentially add extra arguments to the
command line.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-21 23:32:17 +03:00
Kyeyoon Park
ec8f36afca AP: Add support for BSS load element (STA Count, Channel Utilization)
The new "bss_load_update_period" parameter can be used to configure
hostapd to advertise its BSS Load element in Beacon and Probe Response
frames. This parameter is in the units of BUs (Beacon Units).

When enabled, the STA Count and the Channel Utilization value will be
updated periodically in the BSS Load element. The AAC is set to 0 sinze
explicit admission control is not supported. Channel Utilization is
calculated based on the channel survey information from the driver and
as such, requires a driver that supports providing that information for
the current operating channel.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-10-21 23:25:48 +03:00
Jouni Malinen
4a6cc86272 Add data test functionality
It is now possible to run hwsim_test like data connectivity test through
wpa_supplicant/hostapd control interface if CONFIG_TESTING_OPTIONS=y is
used for the build. Test functionality is enabled/disabled at runtime
with "DATA_TEST_CONFIG <1/0>". The "DATA_TEST_TX <dst> <src> <tos>"
command can be used to request a test frame to be transmitted.
"DATA-TEST-RX <dst> <src>" event is generated when the test frame is
received.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-19 20:51:45 +03:00
Andrei Otcheretianski
d66873f5cf Do not start CSA flow when CSA is not supported by the driver
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2014-10-19 15:39:59 +03:00
Bob Copeland
a52024c976 nl80211: Add new peer candidate event for mesh
Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-10-19 12:58:13 +03:00
Bob Copeland
7e31703e4d nl80211: Add support for sta_add flags_mask
Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-10-19 12:58:13 +03:00
Bob Copeland
6c1664f605 nl80211: Add new commands to support mesh interfaces
Create init_mesh, mesh_join, and mesh_leave actions to kernel.

Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-10-19 12:58:13 +03:00
Bob Copeland
24bd4e0be5 nl80211: Add driver flag to indicate mesh support
Convert the driver flags variable to u64 since there was no room for
more flags.

Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-10-19 12:58:13 +03:00
Bob Copeland
f7072600be Implement RFC 5297 AES-SIV
Add an implementation of Synthetic Initialization Vector (SIV)
Authenticated Encryption Using the Advanced Encryption Standard (AES).

This mode of AES is used to protect peering frames when using
the authenticated mesh peering exchange.

Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-10-19 12:43:38 +03:00
Bob Copeland
6293f9ed07 mesh: Parse mesh-related information elements
Add support for parsing mesh id, mesh config, mesh peering,
AMPE and MIC information elements.

Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-10-19 11:20:05 +03:00
Thomas Pedersen
3e7b032f83 mesh: Add mesh protocol definitions
Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-hostap: Thomas Pedersen <thomas@noack.us>
2014-10-19 11:20:05 +03:00
Mikael Kanstrup
a0a5f73e62 P2P: Include passive channels in invitation response
Patch 51e9f22809 added the option
p2p_add_cli_chan to allow P2P GC to connect on passive channels
assuming the GO should know whether allowed to send on these channels.
This patch adds missing cli_channels to invitation response messages
to allow re-connecting to a persistent group as GC on passive
channels.

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
2014-10-18 17:00:57 +03:00
Jouni Malinen
bc26ac50dd SAE: Add support for PMKSA caching on the station side
This makes wpa_supplicant SME create PMKSA cache entries from SAE
authentication and try to use PMKSA caching if an entry is found for the
AP. If the AP rejects the attempt, fall back to SAE authentication is
used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-18 13:02:02 +03:00
Jouni Malinen
f299117093 SAE: Add support for PMKSA caching on the AP side
This makes hostapd create PMKSA cache entries from SAE authentication
and allow PMKSA caching to be used with the SAE AKM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-18 13:00:29 +03:00
Jouni Malinen
fcc306e3cc Add Acct-Multi-Session-Id into RADIUS Accounting messages
This allows multiple sessions using the same PMKSA cache entry to be
combined more easily at the server side. Acct-Session-Id is still a
unique identifier for each association, while Acct-Multi-Session-Id will
maintain its value for all associations that use the same PMKSA.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-18 10:38:17 +03:00
Jouni Malinen
aff039fada Remove duplicated Acct-Session-Id from Accounting-Request
Commit 8b24861154 ('Add Acct-Session-Id
into Access-Request messages') added Acct-Session-Id building into the
helper function shared between authentication and accounting messages.
However, it forgot to remove the same code from the generation of
accounting messages and as such, ended up with Accounting-Request
messages containing two copies of this attribute. Fix this by removing
the addition of this attribute from the accounting specific function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-18 10:35:33 +03:00
Jouni Malinen
0ffe7a5481 RADIUS: Define new attributes from RFC 5580
This adds definition and names for the RADIUS attributes defined in RFC
5580 (Carrying Location Objects in RADIUS and Diameter).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-18 09:30:35 +03:00
Justin Shen
3f7ac05878 WPS: Extend startWhen to 2 if peer AP supports WPS 2.0
Increase EAPOL startWhen to 2 for the case where the AP/GO has
advertised it supports WPS 2.0. This is done to make it less likely for
the EAPOL-Start frame to be sent out since that is only required for WPS
1.0. Not sending it can remove one unnecessary round trip from the EAP
exchange when the AP is going to start with EAP-Request/Identity
immediately based on the Association Request frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-13 12:24:17 +03:00
Jouni Malinen
54a800dd51 netlink: Fix RTM_SETLINK padding at the end of the message
While the kernel seems to have accepted the message to set linkmode and
operstate without the final attribute getting padded to 32-bit length,
it is better to get this cleaned up to match expected format. The double
NLMSG_ALIGN() followed by RTA_LENGTH() did not make much sense here.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-12 19:27:16 +03:00
Jouni Malinen
3eafc494d8 Fix CONFIG_NO_SCAN_PROCESSING=y build
ht_supported() was used but not defined in such a case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-12 17:02:23 +03:00
Toby Gray
3cea004d3c Make wpa_ctrl_get_remote_ifname declaration conditional.
The definition of wpa_ctrl_get_remote_ifname is conditional on
CONFIG_CTRL_IFACE_UDP. This change makes the header declaration of
this function also conditional on the same define.

Signed-off-by: Toby Gray <toby.gray@realvnc.com>
2014-10-12 16:51:02 +03:00
Toby Gray
f5c649b769 Fix warning about unused parameter if CONFIG_DEBUG_FILE is not defined.
This change adds a cast to void to indicate that the path parameter is
unused when CONFIG_DEBUG_FILE is not defined. This fixes a compiler
warning about unused parameters.

Signed-off-by: Toby Gray <toby.gray@realvnc.com>
2014-10-12 16:49:12 +03:00
Jean Trivelly
4b32f6a5ec P2P: Inform upper layer when WFD-IE field of a P2P device has changed
When WFD IE of a P2P device changes, the field is locally updated in P2P
supplicant but upper layer is not informed about this change.

Signed-off-by: Jean Trivelly <jean.trivelly@intel.com>
2014-10-12 16:34:24 +03:00
Jouni Malinen
07e2de3193 wpa_supplicant: Allow OpenSSL cipherlist string to be configured
The new openssl_cipher configuration parameter can be used to select
which TLS cipher suites are enabled for TLS-based EAP methods when
OpenSSL is used as the TLS library. This parameter can be used both as a
global parameter to set the default for all network blocks and as a
network block parameter to override the default for each network
profile.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-12 11:55:13 +03:00
Jouni Malinen
f8995f8f1c hostapd: Allow OpenSSL cipherlist string to be configured
The new openssl_cipher configuration parameter can be used to select
which TLS cipher suites are enabled when hostapd is used as an EAP
server with OpenSSL as the TLS library.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-12 11:52:05 +03:00
Jouni Malinen
b7328434f7 OpenSSL: Add a mechanism to configure cipher suites
This extends the TLS wrapper code to allow OpenSSL cipherlist string to
be configured. In addition, the default value is now set to
DEFAULT:!EXP:!LOW to ensure cipher suites with low and export encryption
algoriths (40-64 bit keys) do not get enabled in default configuration
regardless of how OpenSSL build was configured.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-12 11:45:21 +03:00
Jouni Malinen
7c0e5b58f9 DFS: Check os_get_random() result
This use does not really need a strong random number, so fall back to
os_random() if a theoretical error case occurs. (CID 72682)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 19:43:36 +03:00
Jouni Malinen
24661bbadc AP: Check os_get_random() return value more consistently
While this specific case does not really care what value is used, the
the theoretical error case can be handled more consistently. (CID 72684)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 19:43:36 +03:00
Jouni Malinen
8c5dfc79a5 EAP-MSCHAPv2 server: Check ms_funcs results more consistently
This makes the code more consistent by checking the somewhat theoretical
error cases more consistently (CID 72685).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 19:43:36 +03:00
Jouni Malinen
08ef4426a7 EAP-IKEv2: Fix the payload parser
The payload lengths were not properly verified and the first check on
there being enough buffer for the header was practically ignored. The
second check for the full payload would catch length issues, but this is
only after the potential read beyond the buffer. (CID 72687)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 19:22:30 +03:00
Jouni Malinen
683b408a9e WPS UPnP: Check os_get_random() result more consistently
While the value here would not matter much, make the implementation more
consistent (CID 72692).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 19:08:30 +03:00
Jouni Malinen
e7b96ecdb3 TLS client: Make DH parameter parsing easier for static analyzers
The dh_p_len, dh_g_len, and dh_ys_len parameters were validated against
the received message structure, but that did not seem to be done in a
way that some static analyzers would understand this (CID 72699).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 19:04:00 +03:00
Jouni Malinen
92b5b371b6 WPS UPnP: Check os_get_random() result
This makes the implementation more consistent (CID 72705).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:58:17 +03:00
Jouni Malinen
533d7fb7b7 MACsec: Check os_get_random() return value
This makes the MACsec implementation more consistent with rest of
wpa_supplicant. (CID 72677, CID 72695, CID 72701, CID 72709, CID 72711)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:54:43 +03:00
Jouni Malinen
93da049851 nl80211: Be more consistent with linux_set_iface_flags() result
Check the return value and write a debug message if this operation
failes (CID 74146).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:43:30 +03:00
Jouni Malinen
6c9f74deaf EAP-PAX server: Remove unused assignment
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:14:42 +03:00
Jouni Malinen
918bd0fe78 EAP-SIM DB: Remove unused assignment
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:13:32 +03:00
Jouni Malinen
6f577c5e45 EAP-FAST server: Remove unused assignment
Commit e8c08c9a36 ('EAP-FAST server: Fix
potential read-after-buffer (by one byte)') changed the while loop
design in a way that does not require the pos variable to be updated
anymore. Remove that unneeded code to clean up static analyzer warnings
about unused assignments.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:11:14 +03:00
Jouni Malinen
e9471493ef EAP-FAST server: Remove unused write
next_type is not used in case m->check() results in ignoring the packet.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:10:27 +03:00
Jouni Malinen
58b992489c RADIUS: Remove unused write
There is no need to update the left variable when breaking out from the
loop.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:06:52 +03:00
Jouni Malinen
4aa01d38f5 IAPP: Avoid warnings on unused write
The hlen and len variables are identical here, but only the hlen was
used in the end. Change this to use the len variable to avoid
unnecessary static analyzer warnings about unused writes.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:03:38 +03:00
Jouni Malinen
01b3bbfc66 test: Remove driver_test.c
The driver_test.c driver wrapper (-Dtest in wpa_supplicant and
driver=test in hostapd) was previously used for testing without real
Wi-Fi hardware. mac80211_hwsim-based tests have practically replaced all
these needs and there has been no improvements or use for driver_test.c
in a long while. Because of this, there has not really been any effort
to maintain this older test tool and no justification to change this
either. Remove the obsoleted test mechanism to clean up the repository.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 17:46:04 +03:00
Jouni Malinen
e41e4f9ee3 Simplify memory allocation/freeing for static analyzers
It looks like the use of sm->wpa == WPA_VERSION_WPA2 in two locations
within the function was a bit too much for clang static analyzer to
understand. Use a separate variable for storing the allocated memory so
that it can be freed unconditionally. The kde variable can point to
either stack memory or temporary allocation, but that is now const
pointer to make the design clearer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 17:29:50 +03:00
Jouni Malinen
f4452cc2b1 Add a workaround to clanc static analyzer warning
dl_list_del() followed by dl_list_add() seemed to confuse clang static
analyzer somehow, so explicitly check for the prev pointer to be
non-NULL to avoid an incorrect warning.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 17:18:02 +03:00
Jouni Malinen
3e9fa3be62 WPS UPnP: Make dl_list_first() use easier for static analyzer
The preceding dl_list_len() check guarantees that dl_list_first()
returns an entry and not NULL. However, that seems to be a bit too
difficult path to follow for static analyzers, so add an explicit check
for the dl_list_first() return value to be non-NULL to avoid warnings.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 13:45:25 +03:00
Jouni Malinen
e635efb407 P2P: Clean up coding style and indentation level
The multi-line for loop body and incorrect indentation level on the
return statement looked pretty confusing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 12:05:27 +03:00
Jouni Malinen
59d7148ad7 nl80211: Provide subtype and reason code for AP SME drivers
This allows drivers that implement AP SME internally to generate a
Deauthentication or Disassociation frame with the specified reason code.
This was already done with drivers that use hostapd/wpa_supplicant for
AP SME.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-10 20:05:37 +03:00
Jouni Malinen
9d4ff04af3 Add external EAPOL transmission option for testing purposes
The new ext_eapol_frame_io parameter can be used to configure hostapd
and wpa_supplicant to use control interface for receiving and
transmitting EAPOL frames. This makes it easier to implement automated
test cases for protocol testing. This functionality is included only in
CONFIG_TESTING_OPTIONS=y builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-10 18:40:57 +03:00
Sunil Dutt
61fc90483f P2P: Handle improper WPS termination on GO during group formation
A P2P Client may be able to connect to the GO even if the WPS
provisioning step has not terminated cleanly (e.g., P2P Client does not
send WSC_Done). Such group formation attempt missed the event
notification about started group on the GO and also did not set the
internal state corresponding to the successful group formation.

This commit addresses the missing part by completing GO side group
formation on a successful first data connection if WPS does not complete
cleanly. Also, this commit reorders the STA authorization indications to
ensure that the group formation success notification is given prior to
the first STA connection to handle such scenarios.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-10 18:40:57 +03:00
Jouni Malinen
51465a0b5c The master branch is now used for v2.4 development
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-09 20:36:53 +03:00
Jouni Malinen
724fce8fff Change version information for the 2.3 release
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-09 17:41:31 +03:00
Jouni Malinen
2b28ef6ca8 browser-wpadebug: Use more robust mechanism for starting browser
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 17:38:25 +03:00
Jouni Malinen
3d8a3ffcf0 browser-android: Use more robust mechanism for starting browser
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 17:38:25 +03:00
Jouni Malinen
17dc39a8bc browser-system: Use more robust mechanism for starting browser
Use os_exec() to run the external browser to avoid undesired command
line processing for control interface event strings. Previously, it
could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 17:38:25 +03:00
Jouni Malinen
89de07a944 Add os_exec() helper to run external programs
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 17:38:25 +03:00
Jouni Malinen
4a274f487a DFS: Allow 80+80 MHz be configured for VHT
This allows cases where neither 80 MHz segment requires DFS to be
configured. DFS CAC operation itself does not yet support 80+80, though,
so if either segment requires DFS, the AP cannot be brought up.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 14:25:55 +03:00
Jouni Malinen
d5fe4e6c18 Reserve QCA vendor specific nl80211 commands 34..49
These are reserved for QCA use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-07 20:08:47 +03:00
Jouni Malinen
a256506ddc AES: Extend key wrap implementation to support longer data
This extends the "XOR t" operation in aes_wrap() and aes_unwrap() to
handle up to four octets of the n*h+i value instead of just the least
significant octet. This allows the plaintext be longer than 336 octets
which was the previous limit.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-07 14:57:10 +03:00
Jouni Malinen
eefec1e40b AES: Extend key wrap design to support longer AES keys
This adds kek_len argument to aes_wrap() and aes_unwrap() functions and
allows AES to be initialized with 192 and 256 bit KEK in addition to
the previously supported 128 bit KEK.

The test vectors in test-aes.c are extended to cover all the test
vectors from RFC 3394.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-07 14:57:06 +03:00
Jouni Malinen
98a1571d88 OpenSSL: Clean up one part from the BoringSSL patch
The (int) typecast I used with sk_GENERAL_NAME_num() to complete the
BoringSSL compilation was not really the cleanest way of doing this.
Update that to use stack_index_t variable to avoid this just like the
other sk_*_num() calls.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-07 11:49:20 +03:00
Adam Langley
a8572960a9 Support building with BoringSSL
BoringSSL is Google's cleanup of OpenSSL and an attempt to unify
Chromium, Android and internal codebases around a single OpenSSL.

As part of moving Android to BoringSSL, the wpa_supplicant maintainers
in Android requested that I upstream the change. I've worked to reduce
the size of the patch a lot but I'm afraid that it still contains a
number of #ifdefs.

[1] https://www.imperialviolet.org/2014/06/20/boringssl.html

Signed-off-by: Adam Langley <agl@chromium.org>
2014-10-07 01:18:03 +03:00
Jouni Malinen
a61fcc131a Clean up authenticator PMKSA cache implementation
This makes the implementation somewhat easier to understand.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
cb129db34c Clear PMKSA cache entry data when freeing them
Avoid leaving the PMK information unnecessarily in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
8c8d26aada Remove unnecessary PMKSA cache freeing step
_pmksa_cache_free_entry() is a static function that is never called with
entry == NULL, so there is no need to check for that.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
9c829900bb Fix authenticator OKC fetch from PMKSA cache to avoid infinite loop
If the first entry in the PMKSA cache did not match the station's MAC
address, an infinite loop could be reached in pmksa_cache_get_okc() when
trying to find a PMKSA cache entry for opportunistic key caching cases.
This would only happen if OKC is enabled (okc=1 included in the
configuration file).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
47ea24c13d Fix PMKSA cache timeout from Session-Timeout in WPA/WPA2 cases
Previously, WPA/WPA2 case ended up using the hardcoded
dot11RSNAConfigPMKLifetime (43200 seconds) for PMKSA cache entries
instead of using the Session-Timeout value from the RADIUS server (if
included in Access-Accept). Store a copy of the Session-Timeout value
and use it instead of the default value so that WPA/WPA2 cases get the
proper timeout similarly to non-WPA/WPA2 cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Janusz Dziedzic
4ec68377ef wpa_supplicant: Use hostapd_freq_params in assoc_params
Use hostapd_freq_params instead of simple frequency parameter for driver
commands. This is preparation for IBSS configuration to allow use of
HT/VHT in IBSS.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-10-04 18:43:42 +03:00
Jouni Malinen
43f02e6ad7 wpa_ctrl: Update wpa_ctrl_recv() documentation for non-block behavior
Commit 4fdc8def88 changed the wpa_ctrl
socket to be be non-blocking, so the comment about wpa_ctrl_recv()
blocking is not valid anymore.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 18:32:57 +03:00
Dan Williams
3e0272ca00 nl80211: Re-read MAC address on RTM_NEWLINK
Commit 97279d8d (after hostap-2.0) dropped frame events from foreign
addresses. Unfortunately this commit did not handle the case where the
interface's MAC address might be changed externally, which other
wpa_supplicant code already handled. This causes the driver to reject
any MLME event because the address from the event doesn't match the
stale address in the driver data.

Changing an interface's MAC address requires that the interface be
down, the change made, and then the interface brought back up. This
triggers an RTM_NEWLINK event which driver_nl80211.c can use to
re-read the MAC address of the interface.

Signed-hostap: Dan Williams <dcbw@redhat.com>
2014-10-04 16:41:20 +03:00
Jouni Malinen
5dfbd725a9 nl80211: Add get_bss_ifindex() helper
This can be used to fetch a BSS entry based on interface index.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 16:21:03 +03:00
Arik Nemtsov
08d7665c6b TDLS: Use WMM IE for propagating peer WMM capability
Relying on qos qosinfo is not enough, as it can be 0 for WMM enabled
peers that don't support U-APSD. Further, some peers don't even contain
this IE (Google Nexus 5), but do contain the WMM IE during setup.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2014-10-03 11:52:56 +03:00
Arik Nemtsov
17729b0985 TDLS: Fix concurrent setup test for mac80211 drivers
A recent mac80211 patch ("8f02e6b mac80211: make sure TDLS peer STA
exists during setup") forces the TDLS STA to exist before sending any
mgmt packets. Add the STA before sending a concurrent-setup test packet.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2014-10-03 11:52:27 +03:00
Arik Nemtsov
984dadc23a TDLS: Set the initiator during tdls_mgmt operations
Some drivers need to know the initiator of a TDLS connection in order
to generate a correct TDLS mgmt packet. It is used to determine
the link identifier IE. Pass this information to the driver.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2014-10-03 11:52:21 +03:00
Jouni Malinen
01cb5df20c Sync with wireless-testing.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2014-10-02.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-03 11:39:27 +03:00
Ilan Peer
ca3c6b4da7 nl80211: Fix compatibility with older version of libnl
Commit 97ed9a06df ('nl80211: Remove bridge
FDB entry upon sta_remove()') used nl_sock and nl_socket_* functions
which are not compatible with older versions of libnl. Fix this.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2014-10-03 11:34:51 +03:00
Jouni Malinen
d76426c3aa TDLS: Filter AID value properly for VHT peers
IEEE 802.11 standard sends AID in a field that is defined in a bit
strange way to set two MSBs to ones. That is not the real AID and those
extra bits need to be filtered from the value before passing this to the
driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-01 19:58:44 +03:00
Jouni Malinen
1cbdb9d137 Add helper function for generating random MAC addresses with same OUI
random_mac_addr_keep_oui() is similar to random_mac_addr(), but it
maintains the OUI part of the source address.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-30 00:40:23 +03:00
Kyeyoon Park
97ed9a06df nl80211: Remove bridge FDB entry upon sta_remove()
The FDB entry removal ensures that the traffic destined for a
disassociated station's MAC address is no longer forwarded from the
bridge to the BSS.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-09-29 13:10:13 +03:00
Kyeyoon Park
39323bc16a AP: hostapd_setup_bss() code clean-up
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-09-29 13:10:13 +03:00
Ahmad Masri
1595eb93ae P2P: Add support for 60 GHz social channel
Support 60 GHz band in P2P module by selecting random social channel
from all supported social channels in 2.4 GHz and 60 GHz bands.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-29 12:01:46 +03:00
Philippe De Swert
375f4a3b5a hostapd: Avoid dead code with P2P not enabled
In case P2P is not enabled the if (dev_addr) is always ignored as
dev_addr will be NULL. As this code is relevant only to P2P, it can be
moved to be the ifdef to avoid static analyzer warnings. (CID 72907)

Signed-off-by: Philippe De Swert <philippe.deswert@jollamobile.com>
2014-09-28 20:47:06 +03:00
Bernhard Walle
a8833b84f4 util: Don't use "\e"
'\e' representing ESC (0x1b) is not C standard, it's an GNU extension.
https://gcc.gnu.org/onlinedocs/gcc/Character-Escapes.html#Character-Escapes

Since the code also compiles on Windows with Microsoft compiler, we
should use '\033' instead.

Note: I didn't try to build the whole wpa_supplicant on Windows, so I
don't know if it still builds (I have no Visual Studio 2005 for a quick
test). I just needed the string conversion routines for the P"" syntax
in both directions.

Signed-off-by: Bernhard Walle <bernhard@bwalle.de>
2014-09-28 19:16:32 +03:00
Stefan Lippers-Hollmann
8c6f4a5a50 ap_config.c: fix typo for "capabilities"
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
2014-09-28 11:03:48 +03:00
Constantin Musca
7139cf4a4f P2P: Decrement sd_pending_bcast_queries when sd returns success
The sd_pending_bcast_queries variable should be decremented only
in case of success. This way, the supplicant can retry if a service
discovery request fails.

Signed-off-by: Constantin Musca <constantin.musca@intel.com>
2014-09-28 11:03:48 +03:00
Janusz Dziedzic
dbdc9a1d48 nl80211: Fix memory leak on start radar detection error path
Free nlmsg if failing to start radar detection.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-09-28 11:03:48 +03:00
Janusz Dziedzic
ed8e005973 hostap: nl80211 use nl80211_put_freq_params
Use nl80211_put_freq_params when it possible. Remove
duplicated code.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-09-27 21:47:40 +03:00
Jouni Malinen
4d8fb63799 Add helper function for generating random MAC addresses
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 19:12:02 +03:00
Jouni Malinen
fee354c74d nl80211: Add command for changing local MAC address
This can be used to allow wpa_supplicant to control local MAC address
for connections.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 19:11:24 +03:00
Jouni Malinen
e49cabcf87 P2P: Set timeout when starting GO Negotiation from Probe Req RX
It was possible for the p2p_go_neg_start timeout handler to get called
when there was a pending timeout from an earlier GO Negotiation start.
This could result in that old timeout expiring too early for the newly
started GO Negotiation to complete. Avoid such issues by setting a
sufficiently long timeout here just before triggering the new GO
Negotiation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 16:12:41 +03:00
Jouni Malinen
7549c178ac P2P: Clear pending_listen_freq when starting GO Neg/Invite
Previously, it was possible for the p2p->pending_listen_freq to be left
at non-zero value if Probe Request frame was received from a peer with
which we were waiting to start GO Negotiation/Invite process. That could
result in the following Listen operation getting blocked in some
operation sequences if the peer did not acknowledge the following P2P
Public Action frame.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 16:12:41 +03:00
Jouni Malinen
b497a21267 nl80211: Ignore auth/assoc events when testing driver-SME
Previously, extra connect/roam events were ignored when user space SME
was used to avoid confusing double events for association. However,
there was no matching code for ignoring auth/assoc events when using
driver SME. Such events would not normally show up since the driver SME
case would not generated them. However, when testing forced connect
command with force_connect_cmd=1 driver param, these events are
indicated.

Ignore the extra events in testing cases to make the hwsim test cases
match more closely the real code path for driver SME. In addition, this
resolves some test case failures where double association event could
end up causing a failure, e.g., when doing PMKSA caching in
pmksa_cache_oppurtunistic_connect.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 16:12:41 +03:00
Sunil Dutt
c53a9bf818 Check for driver's DFS offload capability before handling DFS
This fixes couple of code paths where the WPA_DRIVER_FLAGS_DFS_OFFLOAD
flag was not checked properly and unexpected DFS operations were
initiated (and failed) in case the driver handles all these steps.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-22 16:50:28 +03:00
Dan Williams
7a4a93b959 dbus: Add SignalPoll() method to report current signal properties
Analogous to the control interface's SIGNAL_POLL request.

Signed-hostap: Dan Williams <dcbw@redhat.com>
2014-09-13 17:21:54 +03:00
Jouni Malinen
df2508d7a8 P2P: Check os_get_random() return value more consistently
In theory, this call could fail, so check the return value before using
the received data. These specific cases would not really care much about
the failures, but this keeps the code more consistent and keeps static
analyzer warnings more useful. (CID 72678, CID 72679, CID 72680,
CID 72683, CID 72689, CID 72698, CID 72703)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-13 16:27:52 +03:00
Jouni Malinen
54461f3e03 RADIUS server: Remove unreachable code
The previous break will already stop the loop, so this unnecessary check
can be removed (CID 72708).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-13 16:22:16 +03:00
Darshan Paranji Sri
e4474c1c20 FT: Fix hostapd with driver-based SME to authorize the STA
The driver-based SME case did not set STA flags properly to the kernel
in the way that hostapd-SME did in ieee802_11.c. This resulted in the FT
protocol case not marking the STA entry authorized. Fix that by handling
the special WLAN_AUTH_FT case in hostapd_notif_assoc() and also add the
forgotten hostapd_set_sta_flags() call to synchronize these flag to the
driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-12 18:46:56 +03:00
Jouni Malinen
0800f9ee6c nl80211: Add roaming policy update using QCA vendor command
This allows updating roaming policy for drivers that select the BSS
internally so that wpa_supplicant (based on bssid parameter
configuration) and the driver remain in sync.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-11 15:59:42 +03:00
Jouni Malinen
0ef023e478 Add support for driver command to update roaming policy
The network block bssid parameter can be used to force a specific BSS to
be used for a connection. It is also possible to modify this parameter
during an association. Previously, that did not result in any
notification to the driver which was somewhat problematic with drivers
that take care of BSS selection. Add a new mechanism to allow
wpa_supplicant to provide a driver update if the bssid parameter change
for the current connection modifies roaming policy (roaming
allowed/disallowed within ESS).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-11 15:59:42 +03:00
Jouni Malinen
0cd9846c63 nl80211: Print debug info on STA flag changes
This makes it easier to follow how kernel STA flags are managed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-11 11:25:04 +03:00
Jouni Malinen
17e2091279 P2P: Fix radio work issue with wait-for-peer GO Negotiation
If a TX status event and RX event for a GO Negotiation frame gets
delayed long enough to miss the initial wait, it was possible for
reception of a GO Negotiation Response frame with status 1 to try to
initiate a new p2p-listen work item to wait for the peer to become ready
while a previous p2p-listen was already in progress due to that earlier
timeout while waiting for peer. This would result in the new
start_listen request getting rejected ("P2P: Reject start_listen since
p2p_listen_work already exists") and the negotiation not proceeding.

Work around this by using P2P_WAIT_PEER_CONNECT state instead of
P2P_WAIT_PEER_IDLE if P2P_CONNECT_LISTEN state has already been entered
when processing this special GO Negotiation Response status=1 case. This
can avoid double-scheduling of p2p-listen and as such, completion of the
GO negotiation even if the driver event or peer response are not
received in time (the response is supposed to be there within 100 ms per
spec, but there are number of deployed devices that do not really meet
this requirement).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-09 18:00:42 +03:00
Jouni Malinen
b08d5fa793 WPS: Set EAPOL workarounds dynamically based on association
Previously, the shorter startWhen value was used based on build
parameters (i.e., if WPS was enabled). This is not really ideal and the
knowledge of WPS use can be provided to the EAPOL state machine to allow
this (and similar WPS workarounds) to be done only when the association
is for the purpose of WPS.

Reduce the default startWhen value from 3 to 2 seconds for non-WPS case
since WPS builds have likely received most testing for the past years
with the 1 second value and there is no strong justification for forcing
the longer 3 second wait should a frame be lost or something else
require the EAPOL-Start to initiate operation after a connection.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-08 17:16:04 +03:00
Jouni Malinen
8511a0f67b WPS: Extend internal entropy pool help for key/snonce derivation
The internal entropy pool was previously used to prevent 4-way handshake
in AP mode from completing before sufficient entropy was available to
allow secure keys to be generated. This commit extends that workaround
for boards that do not provide secure OS level PRNG (e.g., /dev/urandom
does not get enough entropy) for the most critical WPS operations by
rejecting AP-as-enrollee case (use of AP PIN to learn/modify AP
configuration) and new PSK/passphrase generation. This does not have any
effect on devices that have an appropriately working OS level PRNG
(e.g., /dev/random and /dev/urandom on Linux).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-08 12:54:18 +03:00
Eduardo Abinader
3ee18569f5 nl80211: Register eloop after hs20 action frame
Even when hs20 action frame is unable to be registered,
for whatever reason, it should be possible to register
event handle for received driver messages. This patch also
avoids a segmentation fault, when p2p and hs20 were enabled
and GO NEG was unable to create p2p iface, the destroy eloop
was crashing by reading an invalid handle.

Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
2014-09-07 19:22:49 +03:00
Masashi Honma
5c61d214ad openssl: Fix memory leak in openssl ec deinit
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-09-07 19:14:18 +03:00
Jouni Malinen
3a413e0ed8 RADIUS client: Check getsockname() return value
In theory, this function could fail, so check the return value before
printing out the RADIUS local address debug message (CID 72700).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-07 18:35:46 +03:00
Jouni Malinen
9c196f7703 HTTP: Fix OCSP status check
Due to a missing curly brackets, the OCSP status checking was not
working in the expected way. Instead of allowing optional-OCSP
configuration to accept connection when OCSP response was ready, all
such cases were marked as hard failures. In addition, the debug prints
were not necessarily accurate for the mandatory-OCSP-but-no-response
case (CID 72694, CID 72704).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-07 18:30:58 +03:00
Jouni Malinen
c9cd78e5a1 RADIUS server: Fix IPv6 radiusAuthClientAddress mask
Incorrect buffer was used when writing the IPv6 mask for RADIUS server
MIB information (CID 72707).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-07 18:25:04 +03:00
Jouni Malinen
6473e80ea4 EAP-PAX server: Add explicit CID length limit
Instead of using implicit limit based on 16-bit unsigned integer having
a maximum value of 65535, limit the maximum length of a CID explicitly
to 1500 bytes. This will hopefully help in reducing false warnings from
static analyzers (CID 72712).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-07 17:10:33 +03:00
Jouni Malinen
6a6566c7af Remove unnecessarily shadowed local variable
The same local X509 *cert variable can be used for both the X509_dup()
calls.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-07 16:40:33 +03:00
Sunil Dutt
e47abdb9db TDLS: Decline Setup Request with status code 37 if BSSID does not match
TDLS Setup Request frame has to be rejected with status code 37 ("The
request has been declined"), if the BSSID in the received Link
Identifier does not match the current BSSID per IEEE Std 802.11-2012,
10.22.4 ('TDLS direct-link establishment') step (b). The previously used
status code 7 ('Not in same BSS') is described to used only when
processing TPK Handshake Message 2 in TDLS Setup Response frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-02 18:06:58 +03:00
Mahesh A Saptasagar
ce2002acca TDLS: Add RSN and Timeout interval IEs in TDLS Discovery Response frame
If RSN is enabled, add RSN and Timeout interval elements in TDLS
Discovery Response frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-02 17:11:42 +03:00
Jouni Malinen
f2e9083549 nl80211: Add more RTM_NEWLINK/DELLINK debug messages
This makes it easier to figure out what operations are generating each
RTM_DELLINK message.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-01 16:18:01 +03:00
Jouni Malinen
728ff2f469 nl80211: Fix RTM_DELLINK processing for bridge events
When a netdev is removed from a bridge, RTM_DELLINK message is received
with ifname (IFLA_IFNAME) pointing to the main netdev event though that
netdev is not deleted. This was causing issues with P2P GO interface
getting disabled when the netdev was removed from a bridge. Fix this by
filtering RTM_DELLINK events that are related to the bridge when
indicating interface status changes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-01 16:14:07 +03:00
Jouni Malinen
04a258e7c5 hostapd: Check that EVENT_ASSOC data is present before using it
While hostapd should not really receive the EVENT_ASSOC message for
IBSS, driver_nl80211.c could potentially generate that if something
external forces the interface into IBSS mode and the IBSS case does not
provide the struct assoc_info data. Avoid the potential NULL pointer
dereference by explicitly verifying for the event data to be present.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-08-26 17:23:02 +03:00
Avinash Patil
b8d87ed296 nl80211: Disable Probe Request reporting for static AP during deinit
Disable Probe Request reporting for statically created AP interfaces
during de-initialization. We will enable it again while starting AP
operations.

Signed-off-by: Avinash Patil <avinashapatil@gmail.com>
2014-08-10 11:22:30 +03:00
Avinash Patil
bf144cf649 nl80211: Do not change iftype for static AP interface
Some devices have limitations which do not allow changing virtual
interface mode from AP to station or vice versa. To work around this,
check if such AP interface is not dynamic. If such an interface is
enumarated, just set ifmode to AP and avoid setting nlmode to default
station mode on deinit.

Signed-off-by: Avinash Patil <avinashapatil@gmail.com>
2014-08-10 11:19:11 +03:00
Jean-Marie Lemetayer
61157afb1c wext: Add signal_poll callback
Add a basic implementation of a signal_poll callback for wext drivers.

Signed-off-by: Jean-Marie Lemetayer <jeanmarie.lemetayer@gmail.com>
2014-08-10 11:07:05 +03:00
Jouni Malinen
6c460eaf7e Add RSN cipher/AKM suite attributes into RADIUS messages
This adds hostapd support for the new WLAN-Pairwise-Cipher,
WLAN-Group-Cipher, WLAN-AKM-Suite, and WLAN-Group-Mgmt-Pairwise-Cipher
attributes defined in RFC 7268. These attributes are added to RADIUS
messages when the station negotiates use of WPA/RSN.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-31 19:55:29 +03:00
Jouni Malinen
cdffd72173 Add WLAN-HESSID into RADIUS messages
This adds hostapd support for the new WLAN-HESSID attribute defined in
RFC 7268. This attribute contains the HESSID and it is added whenever
Interworking is enabled and HESSID is configured.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-31 19:55:29 +03:00
Jouni Malinen
69002fb0a8 Add Mobility-Domain-Id into RADIUS messages
This adds hostapd support for the new Mobility-Domain-Id attribute
defined in RFC 7268. This attribute contains the mobility domain id and
it is added whenever the station negotiates use of FT.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-31 19:55:29 +03:00