Commit graph

1991 commits

Author SHA1 Message Date
Jouni Malinen
5e287724ee DPP: NFC negotiated connection handover
Add new control interface commands "DPP_NFC_HANDOVER_REQ own=<id>
uri=<URI>" and "DPP_NFC_HANDOVER_SEL own=<id> uri=<URI>" to support NFC
negotiated connection handover. These commands are used to report a DPP
URI received from a peer NFC Device in Handover Request and Handover
Select messages. The commands return peer bootstrapping information ID
or FAIL on failure. The returned ID is used similarly to any other
bootstrapping information to initiate DPP authentication.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-27 20:36:09 +02:00
Jouni Malinen
65a44e849a OWE: PTK derivation workaround in AP mode
Initial OWE implementation used SHA256 when deriving the PTK for all OWE
groups. This was supposed to change to SHA384 for group 20 and SHA512
for group 21. The new owe_ptk_workaround parameter can be used to enable
workaround for interoperability with stations that use SHA256 with
groups 20 and 21. By default, only the appropriate hash function is
accepted. When workaround is enabled (owe_ptk_workaround=1), the
appropriate hash function is tried first and if that fails, SHA256-based
PTK derivation is attempted. This workaround can result in reduced
security for groups 20 and 21, but is required for interoperability with
older implementations. There is no impact to group 19 behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-24 00:47:41 +02:00
Jouni Malinen
5e32fb0170 SAE: Use Anti-Clogging Token Container element with H2E
IEEE P802.11-REVmd was modified to use a container IE for anti-clogging
token whenver H2E is used so that parsing of the SAE Authentication
frames can be simplified.

See this document for more details of the approved changes:
https://mentor.ieee.org/802.11/dcn/19/11-19-2154-02-000m-sae-anti-clogging-token.docx

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-21 13:13:56 +02:00
Jouni Malinen
e36a5894d0 SAE: Use H2E whenever Password Identifier is used
IEEE P802.11-REVmd was modified to require H2E to be used whenever
Password Identifier is used with SAE.

See this document for more details of the approved changes:
https://mentor.ieee.org/802.11/dcn/19/11-19-2154-02-000m-sae-anti-clogging-token.docx

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-21 13:13:56 +02:00
Vamsi Krishna
4bf78a79d0 ACS: Populate channel config from external ACS per documented behavior
Based on the now documented seg0/seg1 values from offloaded ACS, there
is a mismatch between the driver interface and internal hostapd use.

The value of segment0 field in ACS results is the index of the channel
center frequency for 20 MHz, 40 MHz, and 80M Hz channels. The value is
the center frequency index of the primary 80 MHz segment for 160 MHz and
80+80 MHz channels.

The value of segment1 field in ACS results is zero for 20 MHz, 40 MHz,
and 80 MHz channels. The value is the index of the channel center
frequency for 160 MHz channels and the center frequency index of the
secondary 80 MHz segment for 80+80 MHz channels.

However, in struct hostapd_config, for 160 MHz channels, the value of
the segment0 field is the index of the channel center frequency of 160
MHz channel and the value of the segment1 field is zero. Map the values
from ACS event into hostapd_config fields accordingly.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-09 20:22:12 +02:00
Vamsi Krishna
881177201a 6 GHz: Fix Channel Width value for 80+80 in 6 GHZ Operation Info field
The Channel Width field value is 0 for 20 MHz, 1 for 40 MHz, 2 for 80
MHz, and 3 for both 160 MHz and 80+80 MHz channels. The 80+80 MHz case
was not addressed previously correctly since it cannot be derived from
seg0 only.

The Channel Center Frequency Segment 0 field value is the index of
channel center frequency for 20 MHz, 40 MHz, and 80 MHz channels. The
value is the center frequency index of the primary 80 MHz segment for
160 MHz and 80+80 MHz channels.

The Channel Center Frequency Segment 1 field value is zero for 20 MHz,
40 MHz, and 80 MHz channels. The value is the index of the channel
center frequency for 160 MHz channel and the center frequency index of
the secondary 80 MHz segment for 80+80 MHz channels.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-09 17:43:28 +02:00
Jouni Malinen
b4fe37c4fa Silence compiler warning in no-NEED_AP_MLME builds
Make the dummy hostapd_hw_mode_txt() wrapper return "UNKNOWN" instead of
NULL to avoid a warning from a debug printf using %s with NULL.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-09 12:44:08 +02:00
Alexander Wetzel
a919a26035 Introduce and add key_flag
Add the new set_key() parameter "key_flag" to provide more specific
description of what type of a key is being configured. This is needed to
be able to add support for "Extended Key ID for Individually Addressed
Frames" from IEEE Std 802.11-2016. In addition, this may be used to
replace the set_tx boolean eventually once all the driver wrappers have
moved to using the new key_flag.

The following flag are defined:

  KEY_FLAG_MODIFY
    Set when an already installed key must be updated.
    So far the only use-case is changing RX/TX status of installed
    keys. Must not be set when deleting a key.

  KEY_FLAG_DEFAULT
    Set when the key is also a default key. Must not be set when
    deleting a key. (This is the replacement for set_tx.)

  KEY_FLAG_RX
    The key is valid for RX. Must not be set when deleting a key.

  KEY_FLAG_TX
    The key is valid for TX. Must not be set when deleting a key.

  KEY_FLAG_GROUP
    The key is a broadcast or group key.

  KEY_FLAG_PAIRWISE
    The key is a pairwise key.

  KEY_FLAG_PMK
    The key is a Pairwise Master Key (PMK).

Predefined and needed flag combinations so far are:

  KEY_FLAG_GROUP_RX_TX
    WEP key not used as default key (yet).

  KEY_FLAG_GROUP_RX_TX_DEFAULT
    Default WEP or WPA-NONE key.

  KEY_FLAG_GROUP_RX
    GTK key valid for RX only.

  KEY_FLAG_GROUP_TX_DEFAULT
    GTK key valid for TX only, immediately taking over TX.

  KEY_FLAG_PAIRWISE_RX_TX
    Pairwise key immediately becoming the active pairwise key.

  KEY_FLAG_PAIRWISE_RX
    Pairwise key not yet valid for TX. (Only usable with Extended Key ID
    support.)

  KEY_FLAG_PAIRWISE_RX_TX_MODIFY
    Enable TX for a pairwise key installed with KEY_FLAG_PAIRWISE_RX.

  KEY_FLAG_RX_TX
    Not a valid standalone key type and can only used in combination
    with other flags to mark a key for RX/TX.

This commit is not changing any functionality. It just adds the new
key_flag to all hostapd/wpa_supplicant set_key() functions without using
it, yet.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-01-09 12:38:36 +02:00
Gurumoorthi Gnanasambandhan
99d8c4dca3 hostapd: Support VLAN offload to the driver
If the driver supports VLAN offload mechanism with a single netdev, use
that instead of separate per-VLAN netdevs.

Signed-off-by: Gurumoorthi Gnanasambandhan <gguru@codeaurora.org>
2020-01-09 00:48:57 +02:00
Gurumoorthi Gnanasambandhan
4d3ae54fbd Add vlan_id to driver set_key() operation
This is in preparation for adding support to use a single WLAN netdev
with VLAN operations offloaded to the driver. No functional changes are
included in this commit.

Signed-off-by: Gurumoorthi Gnanasambandhan <gguru@codeaurora.org>
2020-01-09 00:48:57 +02:00
Jouni Malinen
f822546451 driver: Move set_key() parameters into a struct
This makes it more convenient to add, remove, and modify the parameters
without always having to update every single driver_*.c implementation
of this callback function.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-09 00:48:57 +02:00
Jouni Malinen
3912cbd88d SAE: A bit optimized sae_confirm_immediate=2 for testing purposes
sae_confirm_immediate=2 can now be used in CONFIG_TESTING_OPTIONS=y
builds to minimize the latency between SAE Commit and SAE Confirm by
postponing transmission of SAE Commit until the SAE Confirm frame is
generated. This does not have significant impact, but can get the frames
tiny bit closer to each other over the air to increase testing coverage.
The only difference between sae_confirm_immediate 1 and 2 is in the
former deriving KCK, PMK, PMKID, and CN between transmission of the
frames (i.e., a small number of hash operations).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2020-01-08 20:57:08 +02:00
Jouni Malinen
ccaabeaa03 driver: Remove unused send_ether() driver op
This was used only for FT RRB sending with driver_test.c and
driver_test.c was removed more than five years ago, so there is no point
in continuing to maintain this driver op.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-05 18:32:10 +02:00
Bilal Hatipoglu
3d41dd7c50 WPS: Add application extension data to WPS IE
Application Extension attribute is defined in WSC tech spec v2.07 page
104. Allow hostapd to be configured to add this extension into WPS IE in
Beacon and Probe Response frames. The implementation is very similar to
vendor extension.

A new optional entry called "wps_application_ext" is added to hostapd
config file to configure this. It enodes the payload of the Application
Extension attribute in hexdump format.

Signed-off-by: Veli Demirel <veli.demirel@airties.com>
Signed-off-by: Bilal Hatipoglu <bilal.hatipoglu@airties.com>
2020-01-04 23:39:30 +02:00
Jouni Malinen
8d84c75f7c Allow testing override for GTK/IGTK RSC from AP to STA
The new hostapd gtk_rsc_override and igtk_rsc_override configuration
parameters can be used to set an override value for the RSC that the AP
advertises for STAs for GTK/IGTK. The contents of those parameters is a
hexdump of the RSC in little endian byte order.

This functionality is available only in CONFIG_TESTING_OPTIONS=y builds.
This can be used to verify that stations implement initial RSC
configuration correctly for GTK/ and IGTK.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-04 13:05:26 +02:00
Jouni Malinen
ce01804872 Convert the only remaining send_frame() users to send_mlme()
Since send_mlme() now has support for the no_encrypt argument it is
possible to get rid of the remaining send_frame() uses.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-03 13:53:42 +02:00
Jouni Malinen
665a3007fb driver: Add no_encrypt argument to send_mlme()
This is in preparation of being able to remove the separate send_frame()
callback.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-03 13:53:32 +02:00
Jouni Malinen
3710027463 Make hostapd_drv_send_mlme() more generic
Merge hostapd_drv_send_mlme_csa() functionality into
hostapd_drv_send_mlme() to get a single driver ops handler function for
hostapd. In addition, add a new no_encrypt parameter in preparation for
functionality that is needed to get rid of the separate send_frame()
driver op.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-03 13:34:37 +02:00
Jouni Malinen
b3525dc172 P2P Manager: Use send_mlme() instead of send_frame() for Deauthentication
send_frame() is documented to be used for "testing use only" and as
such, it should not have used here for a normal production
functionality. Replace this with use of send_mlme() which is already
used for sending Deauthentication frames in other cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-03 13:22:32 +02:00
Roy Marples
a8b00423ea BSD: Use struct ip rather than struct iphdr
As we define __FAVOR_BSD use the BSD IP header.
Compile tested on NetBSD, DragonFlyBSD, and Linux.

Signed-off-by: Roy Marples <roy@marples.name>
2020-01-02 19:17:10 +02:00
Jouni Malinen
1ace2f7c09 Drop debug print level for informative debug messages
These are certainly not error conditions, but normal cases for starting
up. Drop the message from ERROR to DEBUG.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-02 18:05:12 +02:00
Jouni Malinen
b0621b083d Call hostapd_allowed_address() directly from handle_probe_req()
ieee802_11_allowed_address() did not really do anything useful for the
call from handle_probe_req(), so replace that with a direct call to
hostapd_allowed_address() and make ieee802_11_allowed_address() a static
function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-29 23:44:32 +02:00
Michael Braun
963681723f Fix possible memory leak of RADIUS data in handle_auth()
When returning from handle_auth() after ieee802_11_allowed_address()
returned HOSTAPD_ACL_ACCEPT, but before ieee802_11_set_radius_info() has
been called, identity, radius_cui, and psk might not have been consumed.

Fix this by avoiding the need to free these variables at all.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2019-12-29 23:43:55 +02:00
Michael Braun
d4ceaafc24 Make hostapd_copy_psk_list() non-static
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2019-12-29 23:34:01 +02:00
Michael Braun
29024efd18 Move the RADIUS cached attributes into a struct
This makes it easier to pass these around and to add new attributes.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2019-12-29 23:33:57 +02:00
Jouni Malinen
3cd4db231a FT: Do not deliver RRB messages locally without matching FT/SSID
For FT protocol to work, the BSSs need to be operating an FT AKM with
the same SSID and mobility domain. The previous commit covered the
mobility domain, this covers the other prerequisites. This reduces
unnecessary load from having to allocate queued messages for interfaces
that cannot have valid data.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-29 20:41:41 +02:00
Jinglin Wang
c133c785df FT: Check mobility domain when sending RRB message to local managed BSS
Fast BSS Transition requires related APs operating in the same mobility
domain. Therefore, we can check whether the local managed BSS is
operating the same mobility domain before sending multicast/unicast
messages to it. This reduces unnecessary load from having to allocate
queued messages for interfaces that cannot have valid data.

Signed-off-by: Jinglin Wang <bryanwang@synology.com>
Signed-off-by: MinHong Wang <minhongw@synology.com>
2019-12-29 20:32:07 +02:00
Jouni Malinen
a422d9b4c2 RRB: More debug prints for local delivery
This makes it easier to figure out how frames are delivered directly
between BSSs operated within a single hostapd process.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-29 20:17:57 +02:00
Jouni Malinen
7b1105afef RRB: Do not reorder locally delivered messages
Add new messages to the end of the l2_oui_queue instead of inserting
them at the beginning so that the dl_list_for_each_safe() iteration in
hostapd_oui_deliver_later() goes through the messages in the same order
they were originally queued.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-29 20:17:57 +02:00
Jinglin Wang
4834c6869d FT: Fix hostapd_wpa_auth_oui_iter() iteration for multicast packets
When using FT wildcard feature, the inter-AP protocol will send
broadcast messages to discover related APs.

For example,
12/6 16:24:43 FT: Send PMK-R1 pull request to remote R0KH address
    ff:ff:ff:ff:ff:ff
12/6 16:24:43 FT: Send out sequence number request to
    ff:ff:ff:ff:ff:ff

If you have multiple interfaces/BSSs in a single hostapd process,
hostapd_wpa_auth_oui_iter() returned 1 after the first interface was
processed. Iteration in for_each_interface() will be stopped since it
gets a non-zero return value from hostapd_wpa_auth_oui_iter().

Even worse, the packet will not be sent to ethernet because
for_each_interface() returns non-zero value. hostapd_wpa_auth_send_oui()
will then return data_len immediately.

To prevent this, hostapd_wpa_auth_oui_iter() should not return 1 after
any successful transmission to other interfaces, if the dst_addr of
packet is a multicast address.

Signed-off-by: Jinglin Wang <bryanwang@synology.com>
Signed-off-by: MinHong Wang <minhongw@synology.com>
2019-12-29 20:09:52 +02:00
Jouni Malinen
974f84bb73 Fix ignore_broadcast_ssid behavior with SSID List and Short SSID List
ignore_broadcast_ssid=1 (or 2) were practically ignored if the Probe
Request frame included the SSID List or Short SSID List elements. Fix
this by requiring exact SSID match whenever ignore_broadcast_ssid is in
use regardless how SSID parameters are set in the Probe Request frame.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-12-28 23:19:44 +02:00
Andrei Otcheretianski
1c7f652f9e AP: Support Short SSID List element in Probe Request frames
According to IEEE P802.11ax/D6.0, 11.1.4.3.4 (Criteria for sending a
response), AP should answer Probe Request frames if either SSID or Short
SSID matches. Implement this part of the Short SSID use for the BSS (the
collocated 6 GHz BSS case is not covered in this commit).

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2019-12-28 23:13:58 +02:00
Andrei Otcheretianski
522450b7b1 AP: Determine Short SSID value for the BSS
This can be used in the future to implement support for RNR and scanning
extensions using a shorter field for the SSID.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2019-12-28 22:32:14 +02:00
Zefir Kurtisi
ef48f1bfb3 Ensure authenticator session timer is applied with wired driver
We use the wired driver for wired port authentication with a slight
extension to add the port into a bridge upon successful authentication
and to remove it from the bridge when the session terminates.

Our expectation was that the Session-Timeout configuration at the RADIUS
server is respected, i.e. the session is terminated and would need
re-authentication - like it is working for WLAN sessions over the
nl80211 driver. Alas, it turned out the session is not terminated with
the wired driver.

It turned out that when ap_handle_session_timer() is executed, the
sta->flags of the wired port has only the WLAN_STA_AUTHORIZED bit set.
The WLAN_STA_AUTH bit, which is used to check whether the STA needs to
be de-authenticated, is missing.

Extend the check for any of the WLAN_STA_(AUTH | ASSOC | AUTHORIZED)
bits to solve this issue with the wired driver. That should not have any
side-effect for the WLAN cases since WLAN_STA_AUTH is expected to always
be set for those when there is an ongoing session and separate checks
for ASSOC and AUTHORIZED don't change this.

Signed-off-by: Zefir Kurtisi <zefir.kurtisi@neratec.com>
2019-12-28 20:50:05 +02:00
Ben Greear
ee48f48ba1 hostapd: Support showing neighbor list through hostapd_cli
This lets one know the current neighbor list, and could be used
to populate the neighbor list of other hostapd processes.

For instance:

$ hostapd_cli -i vap0001 show_neighbor
04:f0:21:1e:ae:b0 ssid=04f0211eaeb0af190000802809 nr=04f0211eaeb0af1900008028090603022a00
$ hostapd_cli -i vap0000 set_neighbor 04:f0:21:1e:ae:b0 ssid=04f0211eaeb0af190000802809 nr=04f0211eaeb0af1900008028090603022a00
OK
$ hostapd_cli -i vap0000 show_neighbor
04:f0:21:1e:ae:b0 ssid=04f0211eaeb0af190000802809 nr=04f0211eaeb0af1900008028090603022a00
04:f0:21:c3:b2:b0 ssid=04f021c3b2b0af190000802809 nr=04f021c3b2b0af1900008028090603022a00

Signed-off-by: Ben Greear <greearb@candelatech.com>
2019-12-26 17:59:03 +02:00
Bilal Hatipoglu
b1b62a1364 WPS: Add WPS-PIN-ACTIVE and WPS-CANCEL events
WPS_EVENT_CANCEL is added to indicate cancellation of a WPS operation
for any reason in hostapd/wpa_supplicant.

WPS_EVENT_PIN_ACTIVE is added to indicate when a PIN operation is
triggered in wpa_supplicant.

Signed-off-by: Veli Demirel <veli.demirel@airties.com>
Signed-off-by: Bilal Hatipoglu <bilal.hatipoglu@airties.com>
2019-12-25 20:58:52 +02:00
Mikael Kanstrup
307cfc3286 Strip trailing zero data in EAPOL-Key msg 1/4 when no PMKID to send
EAPOL-Key message 1/4 without PMKID KDE was sent with 22 bytes of stray
data following a zero length key data field. These 22 bytes happens to
be the exact size of an PMKID KDE. Strip these trailing bytes by
checking whether a PMKID is available and adjust pmkid_len to 0 if not.

This was seen for example in capture files created by hwsim test case
suite_b_192 but code modified to handle also the other cases without
PMKID (Suite B no-KCK, FILS without PMKID available, SAE without PMKID
available).

Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sony.com>
2019-12-23 00:26:07 +02:00
Vamsi Krishna
e5620bf025 6 GHz: Select channel width using configured op_class
Use op_class to derive channel width for the operating channel when
op_class is configured by the user in both fixed channel and ACS cases.
We can avoid using ht_capab field to derive channel width especially in
the 6 GHz band in which only HE is supported.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-20 13:38:05 +02:00
Ankita Bajaj
da8570f4c9 Allow non-PCS 6 GHz channels to be excluded from ACS
Add support to exclude non-PSC 6 GHz channels from the input frequency
list to ACS. The new acs_exclude_6ghz_non_psc=1 parameter can be used by
6 GHz only APs.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-20 13:23:13 +02:00
Ankita Bajaj
59bb72642a Allow ACS channel list to be configured as frequencies (in MHz)
The channel numbers are duplicated between 2.4 GHz / 5 GHz bands and 6
GHz band. Hence, add support to configure a list of frequencies to ACS
(freqlist) instead of a list of channel numbers (chanlist). Also, both 5
GHz and 6 GHz channels are referred by HOSTAPD_MODE_IEEE80211A. The 6
GHz channels alone can be configured by using both mode and frequency
list.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-20 13:19:52 +02:00
Ankita Bajaj
5f9b4afdfa Use frequency in HT/VHT validation steps done before starting AP
Using the channel parameter for validating allowed channel combinations
is not scalable to add 6 GHz support in the future since channel numbers
are duplicated between 2.4 GHz / 5 GHz bands and 6 GHz band. Hence use
frequency field for all channel combination validation steps done before
starting AP.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-20 13:05:39 +02:00
Ankita Bajaj
59e33b4a98 ACS: Select current hw_mode based on the selected frequency
After receiving ACS offload results, select the current hw_mode based on
the frequency selected by the ACS algorithm. The current hw_mode will be
further used during other validation steps such as HT capability
validations, DFS validation, etc.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-20 12:45:03 +02:00
Ankita Bajaj
bb781c763f AP: Populate iface->freq before starting AP
Using channel field while starting AP will cause issues with the new
6GHz band as the channel numbers are duplicated between the different
bands. Populate iface->freq before starting AP so that it can be used
instead of the channel number for all validations that need to be done
while starting AP.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-20 12:42:47 +02:00
Ankita Bajaj
41cac481a8 ACS: Use frequency params in ACS (offload) completed event interface
Replace channel fields with frequency fields in ACS completed event
interface from the driver layer. Use
QCA_WLAN_VENDOR_ATTR_ACS_PRIMARY_FREQUENCY and
QCA_WLAN_VENDOR_ATTR_ACS_SECONDARY_FREQUENCY attributes if the driver
includes them in the QCA_NL80211_VENDOR_SUBCMD_DO_ACS event, otherwise
use QCA_WLAN_VENDOR_ATTR_ACS_PRIMARY_CHANNEL and
QCA_WLAN_VENDOR_ATTR_ACS_SECONDARY_CHANNEL attributes to maintain
backwards compatibility with old drivers.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-20 12:31:01 +02:00
Ankita Bajaj
840532aea5 Search through all hw_features sets in hw_get_channel_freq()
The 5 GHz channels are stored in one hw_features set with mode
HOSTAPD_MODE_IEEE80211A while the 6 GHz channels will need to stored in
a separate hw_features set (but with same mode HOSTAPD_MODE_IEEE80211A)
due to possibility of different HE capabilities being available between
the 5 GHz and 6 GHz bands.

Search through all hw_features sets whose mode is same as the input mode
while finding channel corresponding to the input frequency in
hw_get_channel_freq().

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-20 12:21:45 +02:00
Ankita Bajaj
15d3568739 ACS: Add channels from all modes matching with configured hw mode
The 5 GHz channels are stored in one hw_features set with mode
HOSTAPD_MODE_IEEE80211A while the 6 GHz channels will need to stored in
a separate hw_features set (but with same mode HOSTAPD_MODE_IEEE80211A)
due to possibility of different HE capabilities being available between
the 5 GHz and 6 GHz bands.

Iterate through all hw_features sets and populate channels from all
hw_features sets whose hardware mode is matching the configured hardware
mode while preparing the channel list for ACS.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-20 12:21:41 +02:00
Jouni Malinen
5a563a3d34 Avoid compiler warning on shadowing a local variable
Fixes: 7fde39fb1a ("Add sae_rejected_groups to hostapd STA control interface command")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-18 13:46:59 +02:00
Jouni Malinen
7fde39fb1a Add sae_rejected_groups to hostapd STA control interface command
This is mainly for testing purposes to be able to check which groups
a STA reports as having been rejected when using SAE H2E.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 23:52:36 +02:00
Jouni Malinen
7404574458 DPP: Replace ap boolean with netRole enum in Configurator params
The netRole enum is more generic and can be extended to include new
roles (e.g., Configurator) more easily.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-12 02:33:00 +02:00
Jouni Malinen
f2c4b44b40 SAE H2E: RSNXE override in EAPOL-Key msg 3/4
This new hostapd configuration parameter rsnxe_override_eapol=<hexdump>
can be used to override RSNXE value in EAPOL-Key msg 3/4 for testing
purposes.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-12-07 17:32:17 +02:00