Commit graph

8099 commits

Author SHA1 Message Date
Jouni Malinen
ceb997f394 Fix ap_sta_disconnect() to clear EAPOL/WPA authenticator state
Number of places in hostapd use ap_sta_disconnect() instead of
ap_sta_disassociate() or ap_sta_deauthenticate(). There are some
differences between these functions, e.g., in the area how quickly
the EAPOL state machines get deinitialized. This can result in
somewhat unexpected events since the EAPOL/WPA authenticator
state machines could remain running after deauthentication.

Address this by forcing EAPOL/WPA authenticator state machines
to disabled state whenever ap_sta_disconnect() is called instead
of waiting for the deauthentication callback or other timeout
to clear the STA.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-25 22:32:58 +02:00
Jouni Malinen
1e49ccebf7 pcsc: Fix compiler warning on signed vs. unsigned comparison
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-25 17:41:59 +02:00
Jouni Malinen
b1aebbc427 P2P: Do not expire peer entry if we are connected to the peer
Even though we may not update P2P peer entry while connected to the
peer as a P2P client, we should not be expiring a P2P peer entry while
that peer is the GO in a group where we are connected as a P2P client.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-25 17:27:47 +02:00
Jouni Malinen
1d277f0260 P2P: Do not expire peer entry if peer is connected as a client
Even though we may not receive a Probe Response from the peer during
the connection, we should not be expiring a P2P peer entry while that
peer is connected to a group where we are the GO.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-25 17:00:59 +02:00
Deepthi Gowri
d8d6b32eec nl80211: P2P: Pass cookie parameter in send action frame
The cookie value needs to be fetched in GO mode, too, to be able to
indicate TX status callbacks with drivers that handle AP mode SME
functionality internally. This fixes issues with client discoverability
where TX status callback for GO Discoverability Request is needed to
trigger the GO to send Device Discoverability Response.
2012-01-23 20:12:06 +02:00
Jouni Malinen
433cd2ce65 Stop sched_scan in number of cases where it should not be running
When a P2P group is removed, we better not leave possibly started
sched_scan running. This could happen when a separate group interface
was not used.

In addition, it looks safer to explicitly stop sched_scan before
starting P2P Listen or Find operations to make sure the offloaded
scanning is not running when doing similar P2P operations.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-23 18:26:09 +02:00
Sujith Manoharan
cd2f4ddfb9 Update WPA/RSN IE properly for driver based BSS selection
This patch fixes an issue with roaming for drivers that set
WPA_DRIVER_FLAGS_BSS_SELECTION (currently ath6kl). On moving to an AP
with a different BSSID, an EVENT_ASSOC is received and the subsequent
4-way handshake may fail because of a mismatch between the RSN IE in
message 3/4 and in Beacon/Probe Response. This happens only when the APs
use different RSN IE contents and ap_scan is set to 1, since
wpa_supplicant fails to update its cached IEs.

Initial association may fail, too, in case of multiple APs with
the same SSID, since BSSID selection is done by the driver and again
a mismatch could be seen.

Fix these two issues by clearing and updating the cached IEs on
receiving an Association event from the driver. Also, retrieve the
scan results when the new BSS information is not present locally.

Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
2012-01-23 17:34:39 +02:00
Jouni Malinen
e6c6274947 Add preliminary MNC length determination based on IMSI
Some SIM cards do not include MNC length with in EF_AD. Try to figure
out the MNC length based on the MCC/MNC values in the beginning of the
IMSI. This covers a prepaid Elisa/Kolumbus card that would have ended
up using incorrect MNC length based on the 3-digit default.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-22 21:54:24 +02:00
Jouni Malinen
a3e0105692 Avoid unnecessary memory allocation in building of SIM realm
The temporary IMSI buffer can be used for this without needing the
extra memory allocation. In addition, the implementation is easier
to understand when the extra identity prefix value for EAP-SIM/AKA
is not included while fetching MCC/MNC from the IMSI.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-22 21:54:24 +02:00
Simon Baatz
2d7d0ab307 EAP-SIM/EAP-AKA peer: Support realms according to 3GPP TS 23.003
If the identity is derived from the SIM, use a realm according
to 3GPP TS 23.003.

Signed-hostap: Simon Baatz <gmbnomis@gmail.com>
2012-01-22 21:54:24 +02:00
Jouni Malinen
4646ee67c0 Reject too short IMSI in EAP-SIM/AKA identity generation
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-22 21:54:24 +02:00
Jouni Malinen
beec9c3a1f eapol_test: Show MNC length in debug output
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-22 20:59:00 +02:00
Simon Baatz
8ab7a37089 SIM/USIM: Add function to get the MNC length from the SIM/USIM
The EF-AD (administrative data) file may contain information about the
length of the MNC (2 or 3 digits) in the IMSI. This can be used to
construct the realm according to 3GPP TS 23.003 during EAP-SIM or
EAP-AKA authentication.

Signed-hostap: Simon Baatz <gmbnomis@gmail.com>
2012-01-22 19:28:24 +02:00
Jithu Jance
8aebb0e471 P2P: Notify upper framework on stopping the p2p_find(SEARCH)
This patch notifies the upper framework that an on-going discovery has
been stopped. This is useful in cases where a p2p_find with a timeout
value initiated by the upper framework has been finished or when the
framework initiated "p2p_find" is stopped by a "p2p_connect".

Signed-hostap: Jithu Jance <jithu@broadcom.com>
2012-01-22 17:20:53 +02:00
Jouni Malinen
74590e710f Work around interop issue with WPA type EAPOL-Key 4/4 in WPA2 mode
Some deployed station implementations seem to send msg 4/4 with
incorrect type value in WPA2 mode. Add a workaround to ignore that issue
so that such stations can interoperate with hostapd authenticator. The
validation checks were added in commit
f8e96eb6fd.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-22 12:23:28 +02:00
Sam Leffler
f9121813d7 dbus: Validate SSID length in new D-Bus scan request
Validate the length of each SSID passed in a new D-Bus protocol
Scan request.
2012-01-22 12:02:09 +02:00
Jouni Malinen
8017b538e7 P2P: Use Device ID attribute to filter Probe Request frames as GO
The Device ID attribute was already used in Listen state, but it was
ignored in GO role. Verify that there is a match with Device ID in
GO rule, too, before replying to the Probe Request frame.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-08 09:35:33 -08:00
Jouni Malinen
6d92fa6e92 P2P: Allow Device ID to be specified for p2p_find command
dev_id=<P2P Device Addr> can now be specified as an argument to
p2p_find to request P2P find for a specific P2P device.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-08 09:25:29 -08:00
Jouni Malinen
68921e24b2 Allow SNonce update after sending EAPOL-Key 3/4 if 1/4 was retransmitted
Some supplicant implementations (e.g., Windows XP WZC) update SNonce for
each EAPOL-Key 2/4. This breaks the workaround on accepting any of the
pending requests, so allow the SNonce to be updated even if we have
already sent out EAPOL-Key 3/4.

While the issue was made less likely to occur when the retransmit
timeout for the initial EAPOL-Key msg 1/4 was increased to 1000 ms,
this fixes the problem even if that timeout is not long enough.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-02 22:36:11 +02:00
Jouni Malinen
d567479153 Do not disconnect STA based on inactivity on driver failure
Now that we can use driver_nl80211.c with non-mac80211 drivers that
implement SME/MLME internally, we may not get inactivity time from the
driver. If that is the case, we need to skip disconnection based on
maximum inactivity timeout. This fixes some unexpected disconnection
cases with ath6kl in AP mode.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-02 21:27:06 +02:00
Jouni Malinen
b87346c41a Remove test-https on "make clean"
This is not included in the TESTS list, but should be removed anyway.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-01 19:09:18 +02:00
Jouni Malinen
57d38ddf6b Update copyright notices to include year 2012
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-01 18:59:16 +02:00
Jouni Malinen
3d9975d5b0 Do not trigger fast reconnection on locally generated deauth/disassoc
The deauthentication and disassociation events from nl80211 were being
processed identically regardless of whether the frame was generated by
the local STA or the AP. This resulted in fast reconnection mechanism
getting triggered even in the case where the disconnection was detected
locally (e.g., due to beacon loss) while this was supposed to happen
only in the case where the AP is sending an explicit Deauthentication
or Disassociation frame with a specific reason code.

Fix this by adding a new deauth/disassoc event variable to indicate
whether the event was generated locally.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-01 18:55:58 +02:00
Jouni Malinen
0be3542338 Fix BSS property names in the example D-Bus script
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-01 18:55:55 +02:00
Syam Sidhardhan
60d5a5a5fd dbus: Fix extra semicolon
Signed-off-by: Syam Sidhardhan <syamsidhardh@gmail.com>
2012-01-01 14:39:24 +02:00
Jouni Malinen
6fc74e5181 dbus: Increase buffer size to fix Introspect XML
Commit e9c3c1afed added a new D-Bus
method and that was enough to push the Introspect XML buffer over
the previously allocated 8000 bytes. Increase the buffer size to
make enough room for P2P interface. In addition, add a debug
message to indicate if an XML segment does not fit into the buffer
to make this types of failures somewhat easier to catch.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-31 17:40:49 +02:00
Jouni Malinen
d033694ac5 Clear EAPOL authWhile and heldWhile values when port is disabled
IEEE Std 802.1X-2004 does not clear authWhile and heldWhile in this
case, but doing so allows the timer tick to be stopped more quickly when
the port is not enabled. Since these variables are used only within HELD
and RECEIVE states, clearing them on initialization does not change
actual state machine behavior. This reduces some unnecessary operations
in port disabled state and cleans up the wpa_supplicant debug log after
disconnection.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-31 13:42:23 +02:00
Jouni Malinen
5fd9fb2772 Remove possible authentication timeout on connection failure
The authentication timeout could be triggered after the connection has
already been known to have failed. The event at that point can be
confusing, so better cancel the timeout when processing connection
failure.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-31 13:25:37 +02:00
Jouni Malinen
1e7fb4f1b7 WPS: Use single channel scan if AP channel already known
If the BSSID of the AP is specified in the WPS command, the target
AP is likely already in the BSS table and its operating channel is
known. Use this information to speed up connection by only scanning
the known channel.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-31 13:17:20 +02:00
Jouni Malinen
ee9fc67ab7 nl80211: Mark Beacon event debug excessive
This can show up way too frequently in AP mode to make debug logs
readable at debug level.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-30 14:10:15 +02:00
Michał Górny
399ec170e8 Use correct (multi-user) target when installing systemd units
The 'network.target' is special (per systemd.special(7)), and is to be
brought up indirectly when network is actually configured (i.e. through
DHCP or static address settings).

Irrelevant of that, all services should be always installed in
multi-user.target.

[Bug 427]
2011-12-29 21:39:34 +02:00
Spencer Chang
62a8ea7d01 WPS: Cancel previous registered wps_registrar_pbc_timeout
Since wps_registrar_pbc_timeout is called to stop PBC, previously
registered wps_registrar_pbc_timeout must be canceled when canceling
the WPS operation.

Signed-off-by: Spencer Chang <jungwalk@gmail.com>
2011-12-29 21:32:06 +02:00
Jouni Malinen
b9fd8ce804 nl80211: Fix NL80211_CMD_FRAME to not try offchannel without driver support
The offchanok parameter is hardcoded to one in number of paths and that
added NL80211_ATTR_OFFCHANNEL_TX_OK attribute to NL80211_CMD_FRAME
unconditional. cfg80211 rejects this with EINVAL if the driver does not
indicate support for offchannel TX. Fix this by not requesting
offchannel TX depending on driver capabilities. Remain-on-channel
operation was used for those cases anyway, so the additional attribute
was not really needed for these in the first place.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-29 14:15:31 +02:00
Jouni Malinen
e91829f9ac P2P: Stop remain-on-channel prior to starting join-a-group client
This fixes issues with drivers that do not handle concurrent
remain-on-channel and scan operations in a case where Provision
Discovery Response frame is not received to stop the Action frame
handshake.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-29 13:28:17 +02:00
Neeraj Kumar Garg
b8349523e4 P2P: Reject p2p_group_add if forced frequency is not acceptable
If the freq parameter is specified and we are already running legacy STA
on a different frequency with a driver that does not support
multi-channel concurrency, reject p2p_group_add. Same code already
exists in the path of P2P connection with go negotiation but is missing
for autonomous GO.

Signed-hostap: Neeraj Garg <neerajkg@broadcom.com>
2011-12-27 23:21:45 +02:00
Jouni Malinen
0d891981db nl80211: Do not stop AP mode Probe Request reporting on Listen stop
When nl80211_setup_ap() has enabled Probe Request reporting, this must
not be disabled when P2P Listen state is stopped to avoid breaking AP
mode operations. This could happen, e.g., if a Probe Request frame was
received from a P2P device that the we are trying to invite to our group
(i.e., when operating in GO role). p2p_probe_req_rx() calls
p2p_invite_start() in this case and that ends up calling
p2p->cfg->stop_listen() which calls probe_req_report() driver op.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-27 20:32:29 +02:00
Jouni Malinen
d7e70476f2 P2P: Use global->p2p_dev_addr instead of parent->own_addr
Start using global->p2p_dev_addr more consistently as the P2P Device
Address.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-25 23:58:03 +02:00
Bartosz Markowski
8945cc451f Add BSSID into blacklist and do not clean blacklist during countermeasures
If scanning continues during TKIP countermeasures, try to avoid selecting
the BSS that triggered the counter measures.
2011-12-25 21:09:17 +02:00
Yogesh Ashok Powar
ef01fa7bfa hostapd: Make inactivity polling configurable
hostapd uses the poll method to check if the station is alive
after the station has been inactive for ap_max_inactivity seconds.
Make the poll mechanism configurable so that user can choose to
disconnect idle clients.

This can be especially useful when some devices/firmwares have
restrictions on the number of clients that can connect to the AP
and that limit is smaller than the total number of stations trying
to use the AP.

Signed-off-by: Yogesh Ashok Powar <yogeshp@marvell.com>
Signed-off-by: Nishant Sarmukadam <nishants@marvell.com>
2011-12-25 20:57:01 +02:00
Jouni Malinen
c3daee1df5 Remove obsolete comment on removed PTK rekeying operation
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-24 13:55:03 +02:00
Jouni Malinen
00338a4fe8 Increase initial group key handshake retransmit timeout to 500 ms
The 100 ms timeout on retransmitting group key message can be too short
for stations that are in power save mode or if there is a large number
of association stations. While the retransmission of the EAPOL-Key frame
should allow this to be recovered from, it is useful to avoid
unnecessary frames to save soem CPU and power.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-24 13:50:59 +02:00
Jouni Malinen
9c3c38db1e Drop priority level of the logger message for unexpected replay counter
This can happen frequently during normal EAPOL-Key exchanges and there
is no need to log it at info level.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-24 13:39:40 +02:00
Jouni Malinen
a6cc0602dd nl80211: Fix mgmt RX for device SME in AP mode without monitor
Drivers that use device SME in AP mode may still need to be
subscribed for Action frame RX when monitor interface is not used.
This fixes number of P2P GO operations with ath6kl.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-23 18:15:07 +02:00
Jouni Malinen
536062f274 nl80211: Fix use_monitor driver capability for non-mac80211 drivers
Poll command may be enough for mac80211 to figure out whether monitor
interface is to be used, but this change did not take into account
non-mac80211 drivers that support AP mode without monitor interface.
For example, ath6kl needs to get use_monitor disabled.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-23 18:13:01 +02:00
Jouni Malinen
82554b100c nl80211: Show station flush failures in debug log
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-23 18:12:07 +02:00
Jouni Malinen
36488c054c nl80211: Add debug prints for mgmt RX subscription
This makes it easier to figure out which management frames has been
subscribed to for RX events.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-23 18:10:59 +02:00
Jouni Malinen
fbdcfd577a P2P: Maintain a list of P2P Clients for persistent group on GO
Add a new persistent group network block field, p2p_client_list, to
maintain a list of P2P Clients that have connected to a persistent
group. This allows GO of a persistent group to figure out more easily
whether re-invocation of a persistent group can be used with a specific
peer device.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-22 22:47:41 +02:00
Jouni Malinen
87f841a140 P2P: Show persistent group info on P2P_PEER data
Add "persistent=<network id>" line to P2P_PEER ctrl_iface data
if a persistent group credentials are available for this peer.
This makes it easier for external programs to figure out when
a persistent group could be re-invoked with this peer.

For now, this information is only available on the P2P client,
but similar information can be added for GO once a list of P2P
clients is maintained with the persistent group data.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-22 21:45:20 +02:00
Jouni Malinen
b3ffc80b8c P2P: Move public P2P_PEER info generation into ctrl_iface
The P2P module provides access to public peer data in struct
p2p_peer_info. Use this to build the P2P_PEER information in
ctrl_iface.c instead of providing such text format data from the P2P
module.

The internal data that was previously built in p2p_get_peer_info() as
part of the text format peer data is now available through a separate
p2p_get_peer_info_txt() function. This is still included in P2P_PEER
output to maintain backwards compatibility with external programs that
could have started to use this. However, it should be noted that this
data is not really supposed to be used for anything else apart from
debugging purposes and its format is subject to change.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-22 21:26:31 +02:00
Jouni Malinen
b3bcc0f519 P2P: Replace p2p_get_peer_info with p2p_peer_known when applicable
p2p_get_peer_info() was used in multiple places just to check whether a
specific peer is known. This was not the designed use for the function,
so introduce a simpler function for that purpose to make it obvious that
the p2p_get_peer_info() function is actually used only in ctrl_iface.c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-22 21:04:41 +02:00