Commit graph

1410 commits

Author SHA1 Message Date
Jouni Malinen
14115a1089 SME: Fix processing of Authentication timeout
The wpa_state needs to be dropped back to DISCONNECTED to allow scan
results to trigger a new authentication attempt.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-04 22:27:48 +02:00
Jouni Malinen
d00821e913 Try to reconnect to the same BSS on recoverable disconnection
If the AP disconnects us with a reason code that indicates that it has
dropped the association, but could allow us to connect again, try to
reconnect to the same BSS without going through the full scan. This can
save quite a bit of time in some common use cases, e.g., when inactivity
timeout is used on the AP (and especially, when waking up from suspend
which has likely triggered some timeout on the AP).

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-04 21:57:14 +02:00
Jouni Malinen
ed57c5907e SME: Fix processing of Authentication request failure
The wpa_state needs to be dropped back to DISCONNECTED to allow scan
results to trigger a new authentication attempt. In addition, we can use
wpas_connection_failed() instead of requesting a scan after a fixed time
to make this error case more consistent with other similar error paths
in sme.c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-04 21:04:24 +02:00
Jouni Malinen
bfba8deb8b Update internal MAC address on EVENT_INTERFACE_ENABLED events
This allows the MAC address of the interface to be changed when the
interface is set down even if the interface does not get completed
removed and re-added.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-03 13:20:40 +02:00
Johan Hedlund
f98eb880eb Update RSN supplicant MAC address on driver reinitialization
I have a test case where I remove and insert another network adapter
between two connections to AP. The interface get the same interface name
but switches macadresses between the connections. When running WPA2 I
got a failure in EAPOL negotiation and found out that the reason for
this was that the supplicant did not update the MAC address in the
correct place.
2011-12-03 13:02:57 +02:00
Szymon Bigos
9337e876ab Fix generated WPS PIN values to use zero-padding
The dynamically generated PINs are supposed to have 8 digits, but
some PIN generatation cases were not zero-padding these properly.
2011-12-02 23:04:39 +02:00
Jouni Malinen
47662f4017 Add example WPS AP mode UI for wpa_supplicant
This script shows some minimal WPS user interface requirements for
mobile AP support with wpa_supplicant.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-01 22:14:07 +02:00
Jouni Malinen
0bc134683e wpa_supplicant AP: Allows passphrase to be fetched
"wpa_cli status wps" can now be used to fetch the WPA2-Personal
passphrase from AP mode operation with wpa_supplicant to make it
easier to meet WPS requirements for legacy STA support.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-01 22:12:03 +02:00
Jouni Malinen
c0f83f3104 WPS: Disable WPS(v2) in WPA/TKIP-only configuration
When using wpa_supplicant AP mode, WPS support is enabled by default for
WPA/WPA2-Personal. Change this to enforce the WPS2 rules on not allowing
WPS to be used with WPA/TKIP-only configuration (i.e., at minimum, mixed
mode with WPA/TKIP and WPA2/CCMP has to be used for WPS to be enabled).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-01 21:46:19 +02:00
Jouni Malinen
56d24b4ee0 Call wpas_connection_failed() only if actually trying to connect
A disconnection event from the driver may end up getting delivered at a
time when wpa_supplicant is not even trying to connect (e.g., during a
scan that was already started after WPS provisioning step). In such a
case, there is not much point calling wpas_connection_failed() and
skipping this avoids confusing attempts of re-starting scanning while
the previous scan is still in progress.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-01 18:22:56 +02:00
Jouni Malinen
f7da5a9ef4 Make reconnect-on-disassoc debug prints somewhat more helpful
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-01 18:22:10 +02:00
Jouni Malinen
a9e02d593d P2P: Clear show_group_started on GO start
The show_group_started variable could be left to 1 based on an earlier
failed attempt to start P2P client operation. This can result in
unexpected P2P-GROUP-STARTED event when a GO is started without group
formation (e.g., re-invoke a persistent group or start an autonomous
GO). Avoid this by explicitly clearing show_group_start when setting up
the GO.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-01 10:49:26 +02:00
Arik Nemtsov
79b8c60f81 Set ht_capab from based on driver capabilities when in P2P GO mode
Set the HT capabilities of a P2P GO according to the wiphy supported
ones. Mask-in a white-list of HT capabilities that won't cause problems
for non-supporting stations.

Signed-hostap: Arik Nemtsov <arik@wizery.com>
2011-11-29 23:45:07 +02:00
Jouni Malinen
ea5bae4731 Increase min sched_scan interval from 2 to 10 seconds
Trying to run sched_scan round every two seconds by defaults sounds way
too frequent since dualband cards are unlikely to be able to complete
the full scan cycle in two seconds. For now, set the hardcoded value to
10 seconds to make this somewhat more reasonable.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-29 20:05:58 +02:00
Dmitry Shmidt
d70b945d4d Fix pno_start() to initialize SSID list properly
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-11-29 12:56:32 +02:00
Jouni Malinen
0b7a25c00f Use normal scan before sched_scan if that can speed up connection
When normal scan can speed up operations, use that for the first three
scan runs before starting the sched_scan to allow user space sleep more.
We do this only if the normal scan has functionality that is suitable
for this or if the sched_scan does not have better support for multiple
SSIDs.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 18:36:36 +02:00
Jouni Malinen
76a5249e52 Add broadcast SSID for sched_scan for scan_ssid=0 networks
Previously, only networks with scan_ssid=1 were included in sched_scan.
This needs to behave similarly to the normal scan where broadcast SSID
is used to find networks that are not scanned for with a specific SSID.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 18:12:38 +02:00
Jouni Malinen
5edddf4175 Use common code for disabled network case in sched_scan
There is no need to implement two copies of the iteration code here.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 18:09:37 +02:00
Jouni Malinen
86b47aaf36 Drop sched_scan filter if not enough match sets supported
Instead of including only a single SSID in the sched_scan request if
the driver does not support match sets, just drop the SSID filter and
configure more SSIDs up to the sched_scan limit.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 17:52:36 +02:00
Jouni Malinen
a8cb5a8897 Make sched_scan debug clearer on timeout use
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 17:52:02 +02:00
Jouni Malinen
6ad9c91100 Stop sched_scan on DISCONNECT command
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 16:35:30 +02:00
Jouni Malinen
b5c6831201 Add preferred network offload (PNO) functionality
"SET pno <1/0>" ctrl_iface command can now be used to start/stop PNO
with sched_scan driver commands. This will request offloading of
scanning to find any of the enabled networks in the configuration.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 16:32:44 +02:00
Jouni Malinen
7c6a266ced Fix sched_scan filter_ssids setting for no filters case
The filter_ssids pointer needs to be set to NULL if no SSID filters
are set to avoid filtering out all scan results.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 15:19:41 +02:00
Jouni Malinen
dbfdb3927c Interworking: Verify that BSS information includes SSID
Better make sure that the SSID is available before dereferencing
the pointer to the SSID element.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 23:00:37 +02:00
Jouni Malinen
48f24f93a5 wpa_passphrase: Include SHA256 objects to fix some build combinations
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 22:17:41 +02:00
Jouni Malinen
ca84eed7ad TLS: Add build configuration for TLS v1.2 support
This allows the internal TLS implementation to be built for TLS v1.2
support. In addition to the build option, this changes the TLS PRF
based on the negotiated version number. Though, this commit does not
yet complete support for TLS v1.2.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 21:45:07 +02:00
Jouni Malinen
8307489840 Add implementation of TLS v1.2 PRF (P_SHA256)
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 21:10:06 +02:00
Dmitry Shmidt
e670738ae0 wpa_cli: Add action script call on P2P-GO-NEG-FAILURE events
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-11-25 23:56:18 +02:00
Dmitry Shmidt
8a5e75f60f P2P: Send STA connected/disconnected events to parent ctrl_iface
Send the connection events from P2P group to both the group interface
and parent interface ctrl_ifaces to make it easier for external monitor
programs to see these events without having to listen to all group
interfaces when virtual group interfaces are used.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-11-25 23:56:13 +02:00
Jouni Malinen
fcd1684787 Fix sched_scan filter setting for max_match_sets == 0
The previous implementation was trying to add the first SSID
to a zero-length array. Avoid this with an explicit validation
of the array length.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-25 18:12:04 +02:00
Jouni Malinen
0bf927a03e Use wpa_key_mgmt_*() helpers
This cleans up the source code and makes it less likely that new AKM
addition misses some needed changes in the future.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-24 22:47:46 +02:00
Jouni Malinen
8e8280bd5e Do not save an invalid network block in wpa_supplicant.conf
wpa_supplicant is going to reject a configuration file that uses
WPA/WPA2-Personal (the default key_mgmt), but does not define
passphrase/PSK. Refuse to save such a configuration to avoid getting
stuck with a configuration that wpa_supplicant will reject.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-24 22:47:32 +02:00
Jouni Malinen
a769b094d7 Do not write all zeros device_type
This is the default value if device_type is not set, so do not
write it to the wpa_supplicant configuration file when saving
updated configuration.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-24 22:22:16 +02:00
Dmitry Shmidt
6ce937b8cf Add 'get country' command
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-11-24 21:33:24 +02:00
David Spinadel
9a6ade33d4 wpa_cli: Correct return value of wpa_cli_cmd_p2p_peers
Signed-off-by: David Spinadel <david.spinadel@intel.com>
2011-11-24 21:19:52 +02:00
Dmitry Shmidt
20b2161d5b Android: Move WPA_BUILD check in Android.mk
This is part of commit e61a2d6db6113da5fad91660764afdb0596dbc46 from
Android wpa_supplicant_8.git.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-11-23 17:58:44 +02:00
Jeff Brown
4482f1fbc4 Android: Remove the simulator target from all makefiles
This is commit bbda627478b0e9a312fea4662cd7cd8d6bdf82bf from
Android wpa_supplicant_8.git.
2011-11-23 17:56:41 +02:00
Kel Modderman
ef992bbd3b wpa_gui-qt4: Improve scan results signal display
Display signal strength in dBm with visual indicator in the form of a
bar for scan results displayed by wpa_gui-qt4. Any signal > -35dBm is
treated as full signal bar, signals between range of -95<->-35dBm are
displayed linearly. Convert WEXT signal level value to scale that
nl80211 typically reports in dBm. The condition which differentiates
8-bit WEXT dBm and regular dBm is probably fragile, but there is
currently no way to know what the driver is going to report for signal
strength.

Signed-off-by: Kel Modderman <kel@otaku42.de>
2011-11-19 20:10:37 +02:00
Jouni Malinen
9dbf53fe35 P2P: Send Listen state Probe Response frames without retries
Use the no-ACK send_mlme request to transmit Probe Response frames
in P2P Listen state. This reduces number of unnecessary transmissions
if the peer device has already moved away from the channel. It will most
likely go through Search state multiple times anyway, so even if the
response were to be lost, a new retry will happen at higher layer.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-19 19:15:10 +02:00
Helmut Schaa
8cfa3527e1 Allow MLME frames to be sent without expecting an ACK (no retries)
In some situations it might be benefical to send a unicast frame without
the need for getting it ACKed (probe responses for example). In order to
achieve this add a new noack parameter to the drivers send_mlme callback
that can be used to advise the driver to not wait for an ACK for this
frame.

Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
2011-11-19 19:02:05 +02:00
Jouni Malinen
3f56f3a496 Do not try to add wildcard SSID into active sched_scan
Even though scan_ssid should not really be set for wildcard SSID,
better verify that here explicitly insead of assuming that the
SSID is set.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-19 17:01:53 +02:00
Johannes Berg
dd840f793c AP: Add explicit EAPOL TX status event
The new event can be used when EAPOL TX status can't be reported as a
complete 802.11 frame but is instead reported as just the EAPOL data as
originally passed to hapd_send_eapol().

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2011-11-19 13:00:30 +02:00
Alan T. DeKok
8205c82a48 wpa_supplicant: Make objects depend on the .config file
The source code compiles into different objects depending on
the contents of .config. Therefore, the objects should depend
on .config.

Previously, only the executables depended on .config. This meant
that they were re-linked when .config changed. But that relink
process used the old (and now wrong) objects.
2011-11-19 11:46:39 +02:00
Johannes Berg
6cad95db72 P2P: Simplify code in wpas_p2p_connect()
There's some duplicated code there that can be simplified
with just a single new variable.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2011-11-18 23:32:03 +02:00
Eyal Shapira
1966e3d1b7 sched scan: Fix passive scanning
Scan wasn't initiated in case the config contained only networks without
scan_ssid. In such a case we want scan to be initiated without any SSIDs
to actively scan but include all the SSIDs in the filter list. Also
added some debug logs to easily see which SSIDs were included in which
list.

Cc: Luciano Coelho <coelho@ti.com>
Signed-off-by: Eyal Shapira <eyal@wizery.com>
2011-11-18 23:05:57 +02:00
Jouni Malinen
19df9b0761 Mark local functions static
These functions are not used outside the file in which they are defined.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-18 21:53:36 +02:00
Jouni Malinen
0c7addc32c Include wpa_supplicant_i.h to verify function prototype match
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-18 21:41:37 +02:00
Jouni Malinen
2bb747e232 P2P: Cancel previous operation before starting new p2p_listen
Some drivers do not handle concurrent remain-on-channel operation
requests, so run p2p_stop_find() prior to starting p2p_listen. This
addresses some issues with P2P_LISTEN command being issues again
while already in Listen state.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-17 16:21:11 +02:00
Vasanthakumar Thiagarajan
0399f2e4e5 wpa_supplicant: Set configured auth_algs for AP mode
In AP mode, authentication algorithm is reset in
hostapd_config_defaults_bss() and never set to the configured one. This
would pass the default auth_algs (OPEN|SHARED) to driver regardless of
what the wpa_supplicant configuration is requesting.

Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com>
2011-11-16 16:30:36 +02:00
Jouni Malinen
39185dfa54 P2P: Wait until ongoing scan completes before starting P2P find
The P2P_FIND command was failing if it was issued at the moment when
a scan operation was in progress. Avoid returning failure in this
case by scheduling the P2P find to start once the ongoing scan is
completed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-15 21:28:35 +02:00