Commit graph

7033 commits

Author SHA1 Message Date
Kel Modderman
11caae9d1f wpa_gui-qt4: desktop entry file
A desktop entry file for wpa_gui.

Signed-off-by: Kel Modderman <kel@otaku42.de>
2008-09-24 12:20:58 +03:00
Bernard Gray
99112a2d75 wpa_gui-qt4: add svg icon
Introducing an original wpa_gui icon, in svg format, with Makefile for
easy conversion to other icon formats. The icon is thanks to Bernard Gray.

Signed-off-by: Bernard Gray <bernard.gray@gmail.com>
Signed-off-by: Kel Modderman <kel@otaku42.de>
2008-09-24 12:19:31 +03:00
Jouni Malinen
7409827e35 Fixed eap_example build to match with EAP-PEAP changes 2008-09-24 08:46:05 +03:00
Jouni Malinen
6572fc0d1b IEEE 802.11w: Use comeback duration to delay association 2008-09-01 11:49:51 +03:00
Jouni Malinen
c684525947 FT: Fixed FTIE for authentication after a failed association 2008-09-01 11:38:13 +03:00
Jouni Malinen
b27f13ed28 MFP + FT: Added support for sending IGTK in FTIE 2008-09-01 11:00:59 +03:00
Jouni Malinen
565861976d Added support for using SHA256-based stronger key derivation for WPA2
IEEE 802.11w/D6.0 defines new AKMPs to indicate SHA256-based algorithms for
key derivation (and AES-CMAC for EAPOL-Key MIC). Add support for using new
AKMPs and clean up AKMP processing with helper functions in defs.h.
2008-08-31 22:57:28 +03:00
Jouni Malinen
9b71728bba Cleaned up TX callback request processing
Move the use of 802.11 header protocol field into driver_hostap.c since
this is a Host AP driver specific mechanism and other driver wrappers
should not really need to know about it.
2008-08-31 11:15:56 +03:00
Jouni Malinen
c2a714088d Moved WMM action category definition into ieee802_11_defs.h 2008-08-31 11:06:58 +03:00
Jouni Malinen
5d22a1d5aa IEEE 802.11w: Added association ping
This updates management frame protection to use the assocition ping process
from the latest draft (D6.0) to protect against unauthenticated
authenticate or (re)associate frames dropping association.
2008-08-31 11:04:47 +03:00
Jouni Malinen
1e858f69d9 Copy previous BSSID into STA data only after full validation of the request 2008-08-30 18:25:44 +03:00
Jouni Malinen
0b60b0aaad Updated MFP defines based on IEEE 802.11w/D6.0 and use new MFPC/MFPR
This adds most of the new frame format and identifier definitions from IEEE
802.11w/D6.0. In addition, the RSN IE capability field values for MFP is
replaced with the new two-bit version with MFPC (capable) and MFPR
(required) processing.
2008-08-30 14:59:39 +03:00
Jouni Malinen
b3f240bc0e Added a place for example mac80211_hwsim test cases
The tests directory and its subdirectories contain a set of configuration
files that can be used to exercise various mac80211, hostapd, and
wpa_supplicant features. The test.txt file in each test directory describes
the particular test and includes the commands needed to run the test.
2008-08-28 18:53:47 +03:00
Jouni Malinen
271d2830ff Added support for setting VLAN ID for STAs based on local MAC ACL
This allows the accept_mac_file to be used as an alternative for RADIUS
server-based configuration. This is mainly to ease VLAN testing (i.e., no
need to set up RADIUS server for this anymore).
2008-08-28 18:43:26 +03:00
Jouni Malinen
fd630bc183 Fixed WEXT scan result parser to not crash on invalid IEs (zero len buffer)
If IWEVGENIE or custom event wpa_ie/rsn_ie is received in scan with empty
buffer, the previous version ended up calling realloc(NULL, 0) which seems
to return a non-NULL value in some cases. When this return value is passed
again into realloc with realloc(ptr, 0), the returned value could be NULL.
If the ptr is then freed (os_free(data.ie) in SIOCGIWAP handling), glibc
may crash due to invalid pointer being freed (or double-freed?). The
non-NULL realloc(NULL, 0) return value from glibc looks a bit odd behavior,
but anyway, better avoid this case completely and just skip the IE events
that have an empty buffer.

This issue should not show up with drivers that produce proper scan results
since the IEs will always include the two-octet header. However, it seems
to be possible to see this when using 64-bit kernel and 32-bit userspace
with incorrect compat-ioctl processing.
2008-08-27 09:52:16 +03:00
Jouni Malinen
00ad53ef68 Send HT parameters for new STAs
This depends on a mac80211 patch to add NL80211_ATTR_HT_CAPABILITY
(which is not yet in wireless-testing).
2008-08-25 11:30:39 +03:00
Jouni Malinen
f2c290ccf4 Switched driver_nl80211 to use the new sta_add2() 2008-08-25 10:06:40 +03:00
Jouni Malinen
3d1aa251a3 Updated the OpenSSL EAP-FAST patch for the current OpenSSL 0.9.9 snapshot
sssleay.num had changed (new function allocated) and server code was
modified to call ssl3_digest_cached_records() in the start of abbreviated
handshake to avoid possible segmentation faults later in some cases when
reverting to full handshake. In addition, there is some whitespace cleanup
and added comment explaining TLS ticket processing.
2008-08-24 13:12:54 +03:00
Jouni Malinen
4d4233eaf4 Fixed internal TLSv1 server implementation for abbreviated handshake
When the TLS handshake had been completed earlier by the server in case of
abbreviated handshake, the output buffer length was left uninitialized. It
must be initialized to zero in this case. This code is used by EAP-FAST
server and the uninitialized length could have caused it to try to send a
very large frame (though, this would be terminated by the 50 roundtrip EAP
limit). This broke EAP-FAST server code in some cases when PAC was used to
establish the tunnel.
2008-08-24 13:08:15 +03:00
Jouni Malinen
1f21bc4cc3 Fixed EAP-FAST server PAC-Opaque padding
0.6.4 broke this for some peer identity lengths. The padding was supposed
to make sure that the length of PAC-Opaque is divisible by 8.
2008-08-24 12:50:12 +03:00
Jouni Malinen
f40b972690 HT: Removed unused definitions 2008-08-22 21:07:07 +03:00
Jouni Malinen
9d2a76a2c3 Moved IEEE 802.11n parameter to be per-radio instead of per-BSS 2008-08-22 21:03:31 +03:00
Jouni Malinen
edd360e170 Do not store dynamic HT IEs in configuration structures
The configuration data should only store the static configuration data and
not dynamic data. In addition, storing HT configuration and state in IEs is
not the easiest way of doing this, so use more convenient data types for
storing configuration and dynamic state. The HT IEs are then generated
based on the static configuration and dynamic state whenever needed.
2008-08-22 20:55:52 +03:00
Tomas Winkler
71b6ae1425 Add Intel copyright for files with 802.11n Intel changes
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
2008-08-22 09:15:05 +03:00
Jouni Malinen
839faf0475 Add configuration option for enabling optional use of short preamble 2008-08-21 18:36:21 +03:00
Jouni Malinen
de9289c8e9 Add preliminary IEEE 802.11n support into hostapd
This commit brings in cleaned up version of IEEE 802.11n implementation
from Intel (1). The Intel tarball includes number of other changes, too,
and only the changes specific to IEEE 802.11n are brought in here. In
addition, this does not include all the changes (e.g., some of the
configuration parameters are still missing and driver wrapper changes for
mac80211 were not included).

(1)
http://www.kernel.org/pub/linux/kernel/people/chuyee/wireless/iwl4965_ap/hostap_0_6_0_intel_0.0.13.1.tgz
2008-08-21 18:18:38 +03:00
Jouni Malinen
3c83f19c80 Added mlme_{add,remove}_sta() for userspace MLME
These functions are based on the hostapd implementation and complete
the userspace MLME code in wpa_supplicant (though, mac80211 will still need
couple of pending patches to be integrated in order to get userspace client
MLME working again).
2008-08-18 22:01:04 +03:00
Jouni Malinen
1d8ce433c9 Internal X.509/TLSv1: Support SHA-256 in X.509 certificate digest 2008-08-16 11:21:22 +03:00
Jouni Malinen
a9141cffb0 Updated EAP-TTLSv0 references to use RFC 5281 2008-08-16 10:17:22 +03:00
Jouni Malinen
1c8735848d nl80211: Preliminary code for usermode MLME support
This adds some parts needed to use usermode MLME with the current mac80211
(plus a patch to add a new cfg80211 command; not yet submitted to
wireless-testing). This version creates a monitor interface for management
frames and is able to send Probe Request frames during scan. However, it
looks like management frame reception is not yet working properly. In
addition, mlme_{add,remove}_sta() handlers are still missing.
2008-08-15 22:14:49 +03:00
Jouni Malinen
101533269f Fixed supported rates IE generation for Probe Response frames. 2008-08-15 22:10:41 +03:00
Jouni Malinen
7524cfb1a3 nl80211: Fixed re-initialization of removed and re-inserted interface
Network device ifindex will change when the interface is re-inserted.
driver_nl80211.c will need to accept netlink events from "unknown" (based
on ifindex) interfaces when a previously used card was removed earlier. If
the previously removed interface is added back, the driver_wext data need
to be updated to match with the new ifindex value. In addition, the initial
setup tasks for the card (set interface up, update ifindex, set mode, etc.)
from wpa_driver_nl80211_init() need to be run again.

This is the changes from commit 3fbda8f943
(driver_wext.c) ported for driver_nl80211.c.
2008-08-15 17:55:16 +03:00
Jouni Malinen
0a4e6cbf88 nl80211: Fixed set_mode() to actually use adhoc/station nl80211 variables 2008-08-15 17:52:37 +03:00
Jouni Malinen
c1e033b0bb IEEE Std 802.11r-2008 has been released, so update references 2008-08-15 11:25:24 +03:00
Jouni Malinen
d48ae45b73 Preparations for 0.6.4 release 2008-08-10 20:33:12 +03:00
Jouni Malinen
6724f4d07a Fixed MinGW build without CONFIG_NDIS_EVENTS_INTEGRATED defined 2008-08-10 18:11:41 +03:00
Jouni Malinen
ccb172ed75 Renamed MSG to PROC_MSG to avoid conflicts with MinGW winuser.h 2008-08-10 18:00:11 +03:00
Jouni Malinen
7b5776834b Fixed a NULL pointer dereference when driver initialization fails 2008-08-08 19:30:58 +03:00
Jouni Malinen
358921edb7 Added support for setting BSS parameters with NL80211_CMD_SET_BSS
This new cfg80211 command is used for setting CTS protect, short preamble,
and short slot time parameters for the BSS. The matching kernel change has
been submitted, but is not yet included in wireless-testing. The code here
used #ifdef to avoid compilation failures before the new command is
available.
2008-08-07 20:09:55 +03:00
Jouni Malinen
bf98f7f3bc Added support for opportunistic key caching (OKC)
This allows hostapd to share the PMKSA caches internally when multiple
BSSes or radios are being controlled by the same hostapd process.
2008-08-03 20:17:58 +03:00
Jouni Malinen
3ff77e070d Fixed opportunistic key caching (OKC)
wpa_sm_set_config() can be called even if the network block does not
change. However, the previous version ended up calling
pmksa_cache_notify_reconfig() every time and this cleared the network
context from PMKSA cache entries. This prevented OKC from ever being used.

Do not call pmksa_cache_notify_reconfig() if the network context remains
unchanged to allow OKC to be used.
2008-08-03 20:16:59 +03:00
Jouni Malinen
3fbda8f943 WEXT: Fixed re-initialization of removed and re-inserted interface
Network device ifindex will change when the interface is re-inserted.
driver_wext.c will need to accept netlink events from "unknown" (based on
ifindex) interfaces when a previously used card was removed earlier. If the
previously removed interface is added back, the driver_wext data need to be
updated to match with the new ifindex value. In addition, the initial setup
tasks for the card (set interface up, update ifindex, set mode, etc.) from
wpa_driver_wext_init() need to be run again.
2008-07-25 01:30:53 +03:00
Jouni Malinen
27e120c46d Cleaned up some of invalid documentation related to channel configuration. 2008-07-23 03:51:10 +03:00
Jouni Malinen
b0f23e11ed Fixed NULL pointer dereference on error path [Bug 273] 2008-07-18 05:57:03 +03:00
Jouni Malinen
6652b61cd4 Fixed EAP-TNC not to include extra EAP header and TNC flags
The change to support fragmentation added extra function to generate the
EAP header, but forgot to remove the original code and ended up getting two
EAP headers and TNC flags field in the generated message. These header
fields need to be added only in the function that builds the final message
(and if necessary, fragments the data).
2008-07-17 02:17:37 +03:00
Dan Williams
93ef879f0f wext: fix maxrate calculation
When scan results got moved from wpa_scan_result -> wpa_scan_res, the
'maxrate' member was dropped from wpa_scan_res.  The D-Bus interface
used 'maxrate', which was replaced with wpa_scan_get_max_rate().
Unfortunately, wpa_scan_get_max_rate() returns 802.11 rate values
directly from the IE, where 'maxrate' was the rate in bits/second.  The
supplicant internally fakes an IE for wpa_scan_res from the value of
wpa_scan_result->maxrate, but interprets ->maxrate as an 802.11 rate
index.

As a side-effect, this fixes a soft-break of the D-Bus control API since
the wpa_scan_res change was introduced.
2008-07-15 20:07:50 +03:00
Jouni Malinen
6e33ca4529 Fixed wpa_scan_get_max_rate() to clear the basicrate flag when determining
the highest rate.
2008-07-15 20:05:50 +03:00
Michael Bernhard
886a807fb5 Make proactive key caching working again
Function 'wpa_sm_set_config' used the argument 'config' as the network
context which is a pointer to a local variable of the function
'wpa_supplicant_rsn_supp_set_config'.

This is one reason why no proactive key was generated. This network
context never matched with the network context saved in the pmksa cache
entries.

The structure 'rsn_supp_config' has already a member 'network_ctx' which
is now filled in by this patch with 'ssid'.

Signed-off-by: Michael Bernhard <michael.bernhard@bfh.ch>
2008-07-06 10:50:53 +03:00
Pavel Polischouk
9d6762cfca man wpa_supplicant: Clearly state which options are given per interface
Documentation appeared a little vague about which options are global and
which are tied to a particular interface. This leads to confusion when
using certain combinations of options, e.g. the command "wpa_supplicant
-c /etc/wpa_supplican.conf -u" will not do what is intuitively expected
from it - it will not read the config file given with -c option because
no -i option was given. This command is still valid because -u option is
used. The wpa_supplicant running like this will also not listen on any
control socket, because the socket file name is usually given in the
config file. This command line also happens to be the default in Fedora 9.
This patch does not try to change any behaviour, but rather document
these nuances clearly.
2008-06-18 11:52:20 +03:00
Jouni Malinen
eb0699b6ba Add IGTK/MFP configuration (disabled by default)
Added code to use suggested nl80211/cfg80211 API for setting MFP related
parameters. This is disabled by default since the API changes has not yet
been approved. The new commands can be enabled by defining
NL80211_MFP_PENDING (this will be removed once the API changes is
approved).
2008-06-18 11:23:59 +03:00