Commit graph

1142 commits

Author SHA1 Message Date
Jouni Malinen
d054a4622c P2P: Reject multi-channel concurrent operations depending on driver
The driver wrapper can now indicate whether the driver supports
concurrent operations on multiple channels (e.g., infra STA connection
on 5 GHz channel 36 and P2P group on 2.4 GHz channel 1). If not,
P2P_CONNECT commands will be rejected if they would require
multi-channel concurrency.

The new failure codes for P2P_CONNECT:

FAIL-CHANNEL-UNAVAILABLE:
The requested/needed channel is not currently available (i.e., user has
an option of disconnecting another interface to make the channel
available).

FAIL-CHANNEL-UNSUPPORTED:
The request channel is not available for P2P.
2010-10-14 14:24:56 +03:00
Paul Stewart
174fa7898e bgscan: Add new channel condition parameters to signal change events
bgscan modules can potentially get a richer feel for the channel
condition and make better choices about scan/no-scan and roam/no-roam.
2010-10-12 20:03:36 +03:00
Jouni Malinen
3b29972c09 P2P: Limit p2p_connect .. pbc join based on BSSID
Allow only the expected P2P Interface Address as the BSSID for
the AP to avoid selecting incorrect BSS should there be another
device that is advertising active PBC mode before the target
P2P GO does.
2010-10-12 16:56:17 +03:00
Johannes Berg
6cb22d2fd1 P2P: Fix remain-on-channel abort race
When the P2P state machine requests a remain- on-channel, there's a
potential race where it can then request a stop before the r-o-c has
actually started, in which case the stop will not be processed. Fix
that.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-10-10 17:52:13 +03:00
Paul Stewart
8ee69e0633 dbus_new_handlers: Don't send NULL to dbus_message_new_error
The new DBus API helper function wpas_dbus_error_unknown_error
function can be called as a result of a failure within internal
getter calls, which will call this function with a NULL message
parameter.  However, dbus_message_new_error looks very unkindly
(i.e, abort()) on a NULL message, so in this case, we should not
call it.

I've observed this course of events during a call to
wpas_dbus_getter_bss_wpa with a faileld parse of the IE parameter.
We got here through a call to fill_dict_with_properties which
explicitly calls getters with a NULL message parameter.  Judging
from the way it is called, this could easily occur if an AP sends
out a malformed (or mis-received) probe response.  I usually run
into this problem while driving through San Francisco, so I'm
exposed to any number of base stations along this path.
2010-10-09 17:29:51 +03:00
Daniel Kurtz
556522ee09 dbus: Treat '' in SSIDs of Interface.Scan as a request for broadcast scan
This patch changes wpa_supplicant policy for handling '' in SSIDs field of
Interface.SSID DBus message. It treats '' (zero-length) SSID as a request
for a broadcast scan, instead of ignoring it.

This patch updates DBus API .Scan() logic per the test cases listed below:

1) Interface.Scan({'Type':'active', 'Channel':(2412, 20)})
   Request:     Active scan with only '' SSID (1 channel)
   Should be:   1 broadcast ProbeRequest on specified channel
   Previous:    1 broadcast ProbeRequest on specified channel
   This Patch:  1 broadcast ProbeRequest on specified channel

2) Interface.Scan({'Type':'active', 'Channel':(2412, 20), 'SSIDs':['']})
   Request:     Active scan with only '' SSID (1 channel)
   Should be:   1 broadcast ProbeRequest on specified channel
   Previous:    No ProbeRequests; passive scan results for specified channel
   This Patch:  FIXED: 1 broadcast ProbeRequest on specified channel

3) Interface.Scan({'Type':'active', 'Channel':(2412, 20), 'SSIDs':['MySSID']})
   Request:     Active scan with only non-'' SSIDs (1 channel)
   Should be:   1 directed ProbeRequest for each SSID on specified channel,
	no broadcast ProbeRequest
   Previous:    1 directed ProbeRequest for each SSID on specified channel,
	no broadcast ProbeRequest
   This Patch:  1 directed ProbeRequest for each SSID on specified channel,
	no broadcast ProbeRequest

4) Interface.Scan({'Type':'active', 'Channel':(2412, 20), 'SSIDs':['',
	'MySSID']})
   Request:     Active scan with SSIDs, including 1 '' SSID (1 channel)
   Should be:   1 broadcast ProbeRequest, 1 directed ProbeRequest for each
	non-'' SSID on specified channel
   Previous:    1 directed ProbeRequest for each non-'' SSID on specified
	channel
   This Patch:  FIXED: 1 broadcast ProbeRequest, 1 directed ProbeRequest for
	each non-'' SSID on specified channel
2010-10-09 16:27:53 +03:00
Daniel Kurtz
a7af023b84 dbus: Fix passive/active scans in some cases
Currently the DBus Interface.Scan API is counter-intuitive. It issues
ProbeRequests when doing passive scans when channels are specified, and
does not issue ProbeRequests for broadcast active scans.

This patch updates DBus API .Scan() logic per the test cases listed below:

 1) Interface.Scan({'Type':'passive'})
    Request:     Passive scan (all channels)
    Should be:   No ProbeRequests; Passive Scan results for all channels
    Previous:    1 ProbeRequest on all channels for both broadcast SSID and
	selected network (scan_ssid=1)
    This Patch:  --No change--: 1 ProbeRequest on all channels for both
	broadcast SSID and selected network (scan_ssid=1)

 2) Interface.Scan({'Type':'passive', 'Channel':(2412, 20)})
    Request:     Passive scan (1 channel)
    Should be:   No ProbeRequests; Passive Scan results for 1 channel
	(plus overlapping channels)
    Previous:    1 broadcast ProbeRequest on specified channel
    This Patch:  --Fixed--: No ProbeRequests; Passive Scan results for 1
	channel (plus overlapping channels)

 3) Interface.Scan({'Type':'active'})
    Request:     Active scan with no SSIDs (all channels)
    Should be:   1 broadcast ProbeRequest on all channels
    Previous:    No ProbeRequests;  passive scan results for all channels
    This Patch:  --Fixed--: 1 broadcast ProbeRequest on all channels

 4) Interface.Scan({'Type':'active', 'Channel':(2412, 20)})
    Request:     Active scan with no SSIDs (1 channel)
    Should be:   1 broadcast ProbeRequest on specified channel
    Previous:    No ProbeRequests; Passive scan results for specified
	channel (plus overlapping channels)
    This Patch:  --Fixed--: 1 broadcast ProbeRequest on specified channel
2010-10-09 16:22:39 +03:00
Jouni Malinen
01cf713e51 Fix .gitignore files to not ignore subdirectory matches
The previous used .gitignore files were mathing some files that
were actually already in the repository (e.g.,
hostapd/logwatch/hostapd). Avoid this by listing the conflicting
entries in the root directory .gitignore with full path.
2010-10-07 11:04:16 +03:00
Ben Greear
199716adb3 Fix wpa_supplicant build without CONFIG_WPS and CONFIG_AP 2010-10-07 10:41:58 +03:00
Johannes Berg
9919f7a22b Fix AP mode in wpa_supplicant with interface events
Needs to not trigger a scan here when the AP mode setup sets
interface down/up.
2010-10-06 17:10:07 +03:00
Jouni Malinen
d9c8a7c44c Fix build with CONFIG_WPS_OOB 2010-10-06 16:40:20 +03:00
Jouni Malinen
235f69fcd6 Mark ctrl_iface RX debug for PING commands excessive
This cleans up debug log from unnecessary entries when using
wpa_cli/hostapd_cli or other ctrl_iface monitors that PING
periodically to check connectivity.
2010-09-24 15:50:13 -07:00
Jouni Malinen
95ee81e4e7 WPS: Documented wps_er_pin MAC address option 2010-09-24 15:44:26 -07:00
Jouni Malinen
3981cb3cb8 WPS: Add wps_check_pin command for processing PIN from user input
UIs can use this command to process a PIN entered by a user and to
validate the checksum digit (if present).
2010-09-23 10:30:52 -07:00
Jouni Malinen
f648bc7d0d WPS: Use blacklist more aggressively during WPS provisioning
This allows more APs to be tried during the WPS timeout.
2010-09-22 11:50:15 -07:00
Jouni Malinen
0e2e565a44 WPS 2.0: Provide (Re)Association Response WPS IE to driver
WPS 2.0 mandates the AP to include WPS IE in (Re)Association Response
if the matching (Re)Association Request included WPS IE. Provide the
needed WPS IE information to the driver_ops API for drivers that
process association frames internally.

Note: This modifies the driver_ops API by adding a new argument to
set_ap_wps_ie().
2010-09-22 10:46:44 -07:00
Jouni Malinen
b4e34f2fdf WPS: Make testing operations configurable at runtime
Instead of build time options (CONFIG_WPS_TESTING_EXTRA_CRED and
CONFIG_WPS_EXTENSIBILITY_TESTING), use a single build option
(CONFIG_WPS_TESTING) and runtime configuration of which testing
operations are enabled. This allows a single binary to be used
for various tests.

The runtime configuration can be done through control interface
with wpa_cli/hostapd_cli commands:
Enable extensibility tests:
set wps_version_number 0x57
Disable extensibility tests (WPS2 build):
set wps_version_number 0x20
Enable extra credential tests:
set wps_testing_dummy_cred 1
Disable extra credential tests:
set wps_testing_dummy_cred 0
2010-09-21 19:51:23 -07:00
Jouni Malinen
9647120b07 WPS: Add more verbose debug info on PBC session overlap detection 2010-09-20 15:08:52 -07:00
Jouni Malinen
ff28ccafd5 WPS: Add BSSID to strict validation error messages
This makes it easier to figure out which AP is sending invalid
Beacon or Probe Response frames.
2010-09-20 14:54:22 -07:00
Jouni Malinen
7736f18bef WPS: Cancel WPS operation on PBC session overlap detection
Previously, wpa_supplicant remaining in scanning state without
trying to connect, but there is no particular need to do that.
Instead, cancel WPS operation completely whenever PBC session
overlap is detected.
2010-09-19 17:04:04 -07:00
Dan Harkins
df684d82ff EAP-pwd: Add support for EAP-pwd server and peer functionality
This adds an initial EAP-pwd (RFC 5931) implementation. For now,
this requires OpenSSL.
2010-09-14 21:51:40 -10:00
Jouni Malinen
ea184114ca Allow auto-connect to request scan in associating state
Disconnection event may be received while in associating state.
Previously, wpa_supplicant could get stuck not trying to reconnect
in that case at least with nl80211. Allow scan request in this
state to avoid the issue. This helps especially with APs that do
load balancing by sending Deauthentication frame as a response to
Reassociation Request frame after successful Authentication frame
exchange.
2010-09-14 00:07:54 -07:00
Sudhakar Swaminathan
0f66abd25b P2P: Add option for disabling intra BSS distribution
p2p_intra_bss configuration parameter can now be used to
disable/enable intra BSS distribution (bridging of frames between
the clients in a group).
2010-09-10 10:30:26 -07:00
Ardong Chen
0d0a8ca1cc Add option for disabling automatic reconnection on disconnection
ctrl_interface STA_AUTOCONNECT command can now be used to disable
automatic reconnection on receiving disconnection event. The default
behavior is for wpa_supplicant to try to reconnect automatically, i.e.,
to maintain previous behavior.
2010-09-10 10:30:26 -07:00
Ardong Chen
2049af2bd5 P2P: Fix invitation_received callback to use NULL bssid (if not known)
Previously, the storage buffer for the Group BSSID was returned
regardless of whether it was included in the invitation or not.
2010-09-10 10:30:26 -07:00
Kuko Li
4c01083400 P2P: Do not process configuration changes on non-P2P interfaces 2010-09-10 10:30:26 -07:00
Jouni Malinen
b73bf0a74b P2P: Stop connection attempt on PBC session overlap
The overlap condition cannot disappear before group formation timeout
hits, so there is no point in continuing in this case and failure can
be indicated immediately.
2010-09-10 10:30:25 -07:00
Jouni Malinen
3094d4837a P2P: Use group formation timeout (but longer one) with join-a-group
This allows the pending group interface to be removed if we fail
to join a running group. A longer than 15 second timeout is needed
here since the GO may not have authorized our connection yet.
2010-09-10 10:30:25 -07:00
Jouni Malinen
ae3e342108 P2P: Add peer timeout into group formation 15 second timeout
This adds some more time for WPS provisioning step in case the peer
takes long time to start group interface operations.
2010-09-10 10:30:25 -07:00
Ardong Chen
2f9929ffcc WPS: Allow pending WPS operation to be cancelled
A new ctrl_interface command, WPS_CANCEL, can now be used to cancel
a pending or ongoing WPS operation. For now, this is only available
with wpa_supplicant (either in station or AP mode). Similar
functionality should be added for hostapd, too.
2010-09-10 10:30:25 -07:00
Ardong Chen
014732ea81 WPS: Fix timeout event to be sent over ctrl_interface
This was supposed to be sent to external event monitors, i.e., to
use wpa_msg instead of wpa_printf.
2010-09-10 10:30:25 -07:00
Wei-Jen Lin
c0a321c519 Allow bssid parameter to be cleared through ctrl_interface
Setting bssid to an empty string, "", or any can now be used to
clear the bssid_set flag in a network block, i.e., to remove bssid
filtering.
2010-09-10 10:30:25 -07:00
Ardong Chen
876103dc6c wpa_cli action: Add WPS_EVENT_SUCCESS and WPS_EVENT_FAIL handlers 2010-09-10 10:30:25 -07:00
Ardong Chen
c481048f7c P2P: Add frequency into group started ctrl_interface events 2010-09-10 10:30:25 -07:00
Jouni Malinen
812bf56ab1 Fix build without CONFIG_P2P=y 2010-09-09 07:20:28 -07:00
Jouni Malinen
e9a7ae41fa P2P: Use SSID from GO Negotiation to limit WPS provisioning step
In order to avoid picking incorrect SSID from old scan results, use
SSID from GO Negotiation to select the AP.
2010-09-09 07:17:23 -07:00
Jouni Malinen
743ef79914 P2P: Deinit GO group data before global P2P deinit
This avoids issues with using freed memory in p2p_group_deinit().
2010-09-09 07:17:23 -07:00
Jouni Malinen
f8d0131a11 P2P: Use operating frequency from peer table as backup for join
The scan operation before Provision Discovery Request may not include
the GO. However, we are likely to have the GO in our P2P peer table,
so use that information to figure out the operating channel if BSS
table entry is not available.
2010-09-09 07:17:23 -07:00
Jouni Malinen
a482883f63 P2P: Fix connect-to-running-group if Action TX status is delayed
The following operations (scan and associate) were not run if the
Provisioning Discovery Response is received before the TX Action
status.
2010-09-09 07:17:23 -07:00
Jouni Malinen
ab218b7c72 P2P: Add some more debug information for Action frame TX 2010-09-09 07:17:22 -07:00
Jouni Malinen
1cc3a29d49 P2P: Clear pending Action TX frame on p2p_stop_find and p2p_listen
This is needed to avoid issues with the previous TX command from
stopping long Listen state.
2010-09-09 07:17:22 -07:00
Jouni Malinen
b6c79a998f Add test command for disabling/enabling A-MPDU aggregation
ctrl_iface command "SET ampdu <0/1>" can now be used to
disable/enable A-MPDU aggregation.
2010-09-09 07:17:21 -07:00
Jouni Malinen
10b9ac17cf P2P: For now, do not use channels 12-14 in P2P groups
This is needed to make sure we do not try to accidentally enable GO
in channels that may not be allowed. In addition, this may help with
some driver that do not like channel 14 even as a passive scan
channel.
2010-09-09 07:17:21 -07:00
Jouni Malinen
7fbf99aa6b P2P: Add an example p2p-action script for udhcpc/udhcpd 2010-09-09 07:17:21 -07:00
Jouni Malinen
56815b2b7d Copy WPS strings into AP configuration when using wpa_supplicant AP 2010-09-09 07:17:21 -07:00
Jouni Malinen
1c9cb49fe9 Trigger WPS configuration update on string changes
Previously, only Device Name string was handled, but similar trigger
is needed on Manufacturer, Model Name, Model Number, and Serial Number
changes.
2010-09-09 07:17:21 -07:00
Jouni Malinen
0e14267a31 P2P: Avoid segfault on AP deinit after failed AP start 2010-09-09 07:17:21 -07:00
Jouni Malinen
e1f1509bb0 P2P: Fix P2P IE generation for AssocReq when BSS info is not available
This code could segfault on NULL pointer dereference at least when
ap_scan=2 is used.
2010-09-09 07:17:21 -07:00
Jouni Malinen
c4ea4c5c90 P2P: Allow driver wrapper to indicate how many stations are supported
This can be used to limit the number of clients allowed to connect
to the group on the GO.
2010-09-09 07:17:21 -07:00
Jouni Malinen
f80a2237ca Fix AP mode wps_pin command to return the entered PIN
This command is supposed to return the PIN value that was generated
or passed in as an argument. In the AP case, the entered PIN was not
being returned.
2010-09-09 07:17:21 -07:00
Jouni Malinen
eea2fd9eff P2P: Add mechanism for configuring UAPSD parameters for group
This is needed to be able to change parameters for dynamically
created interfaces between the creation of the interface and
association/start AP commands.

Following ctrl_interface commands can now be used:

P2P_SET client_apsd disable
- disable configuration (i.e., use driver default) in client mode

P2P_SET client_apsd <BE>,<BK>,<VI>,<VO>;<max SP Length>
- enable UASPD with specific trigger configuration (0/1) per AC
  (max SP Length is currently ignored)

P2P_SET go_apsd disable
- disable configuration (i.e., use driver default) in AP mode

P2P_SET go_apsd <0/1>
- disable/enable APSD in AP mode
2010-09-09 07:17:21 -07:00
Jouni Malinen
3dfda83d9c P2P: Add Device Password ID to GO Neg Request RX event
This event indicates the Device Password ID that the peer tried
to use in GO Negotiation. For example:
P2P-GO-NEG-REQUEST 02:40:61:c2:f3:b7 dev_passwd_id=4
2010-09-09 07:17:20 -07:00
Jouni Malinen
4147a2cc64 P2P: Fix p2p_connect join with interface address
Need to fetch P2P Device Address from the peers table in case the
p2p_connect join command uses interface address.
2010-09-09 07:17:20 -07:00
Jouni Malinen
72044390f3 P2P: Add support for cross connection
If enabled, cross connection allows GO to forward IPv4 packets
using masquerading NAT from the P2P clients in the group to an
uplink WLAN connection. This is disabled by default and can be
enabled with "wpa_cli p2p_set cross_connect 1" on the P2P device
interface.
2010-09-09 07:17:20 -07:00
Jouni Malinen
aefb53bd5d P2P: Disable periodic NoA when non-P2P STA is connected
For now, this applies to the test command that can be used to set
periodic NoA (p2p_set noa). The value are stored and periodic NoA
is enabled whenever there are no non-P2P STAs connected to the GO.
2010-09-09 07:17:20 -07:00
Jouni Malinen
4c08c0bd57 P2P: Include P2P IE in (Re)AssocReq to infra AP if it uses P2P IE
While this is not strictly speaking required by the P2P specification
for a not-P2P Managed Device, this can provide useful information for
the P2P manager AP and may be needed to pass certification tests.
2010-09-09 07:17:20 -07:00
Jouni Malinen
43a3863516 Trigger scan on reload-config only if there are enabled networks 2010-09-09 07:17:20 -07:00
Jouni Malinen
d9d6a58c8f P2P: Fix invitation to active group to use correct operating channel
Invitation Request must use the current operating frequency of the
group, not the default operating channel.
2010-09-09 07:17:20 -07:00
Jouni Malinen
dcf788d1a4 WPS: Fix configuration strings on config reload
Previously, freed memory could be used as device name (and other similar
parameters) when building WPS IE after SIGHUP.
2010-09-09 07:17:20 -07:00
Jouni Malinen
af8ab1ae97 P2P: Use 'Enrollee info' WPS request type in P2P scans
This avoids setting explicit Request-to-Enrollee request when
WPS 2.0 is used.
2010-09-09 07:17:20 -07:00
Jouni Malinen
131cb37c2d P2P: Allow pre-authorization of invitation to apply to src addr
For client-invites-device case, the pre-authorization of an invitation
to running group will need to allow Invitation Request from specified
address, too. This is for testing uses only.
2010-09-09 07:17:19 -07:00
Jouni Malinen
6d4747a9a2 Add P2P Interface Address into ctrl_iface status output 2010-09-09 07:17:19 -07:00
Jouni Malinen
80c9582a5f P2P: Add test command for filtering which peers are discovered
"wpa_cli p2p_set peer_filter <MAC address>" can now be used to
only allow a single P2P Device (based on P2P Device Address) to be
discovered for testing. Setting the address to 00:00:00:00:00:00
disables the filter.
2010-09-09 07:17:19 -07:00
Jouni Malinen
6e6963ea86 P2P: Add test mode for SD to force fragmented response 2010-09-09 07:17:19 -07:00
Jouni Malinen
18708aadfc P2P: Initial support for SD fragmentation (GAS Comeback Request/Response) 2010-09-09 07:17:19 -07:00
Jouni Malinen
2a43101e48 P2P: Fix memory leak in SD service entries
Need to flush stored service entries when wpa_supplicant is being
terminated.
2010-09-09 07:17:19 -07:00
Jouni Malinen
bf608cad56 P2P: Rename SD info not available define to match with spec change 2010-09-09 07:17:19 -07:00
Jouni Malinen
706887fc28 P2P: Stop early when processing not-persistent invitation result 2010-09-09 07:17:19 -07:00
Jouni Malinen
2e062d5d74 P2P: Fix Group ID in Invitation Request from active GO
Need to get P2P Device Address, not the Interface Address.
2010-09-09 07:17:19 -07:00
Jouni Malinen
108def931e P2P: Add command for pre-authorizing an invitation to an active group
This is mainly designed for testing and allows p2p_connect join auth
to be used to accept a specific invitation to an active group that
may be received in the future.
2010-09-09 07:17:19 -07:00
Jouni Malinen
3c5126a41f P2P: Set Device Password ID in WPS M1/M2 per new rules
If the P2P client (WPS Enrollee) uses a PIN from the GO (Registrar),
Device Password ID in M1 & M2 is set to Registrar-specified.
2010-09-09 07:17:19 -07:00
Jouni Malinen
ef922c4a34 P2P: Run a scan before provision discovery in p2p_connect join
This is needed to make sure we have fresh BSS information for the GO.
2010-09-09 07:17:19 -07:00
Jouni Malinen
c381508d88 P2P: Implement power save configuration
wpa_cli p2p_set ps <0/1/2>
wpa_cli p2p_set oppps <0/1>
wpa_cli p2p_set ctwindow <0..> msec
2010-09-09 07:17:19 -07:00
Jouni Malinen
07a30a66c3 P2P: Do not schedule new remain-on-channel if waiting for drv event
The driver event for remain-on-channel may be delayed in a way that
allows management-frame-received event to be received before
wpa_supplicant knows that the driver is actually already on the
previously requested channel. We should not request a new
remain-on-channel to send a response to just a frame if we are waiting
for the driver to get to the same channel. Instead, just continue
waiting for the driver event.
2010-09-09 07:17:18 -07:00
Jouni Malinen
d6ae995057 P2P: Fix infinite loop on interface selection for Action frame TX
When the first wpa_supplicant interface is not the correct one for
transmitting an Action frame (e.g., P2P Presence Request frame
uses a group interface), the code got stuck in an infinite busy
loop. Fix the iteration to go through the interfaces properly.
2010-09-09 07:17:18 -07:00
Jouni Malinen
df91238b54 P2P: wpa_qui-qt4: Add P2P functionality into the GUI 2010-09-09 07:17:18 -07:00
Jouni Malinen
42f0101b4d P2P: wpa_cli action calls for P2P group started/removed events 2010-09-09 07:17:18 -07:00
Jouni Malinen
57faa1cee8 wpa_cli: Add P2P commands 2010-09-09 07:17:18 -07:00
Jouni Malinen
9fdd0fada7 P2P: Add disassociation/deauthentication IE notifications 2010-09-09 07:17:18 -07:00
Jouni Malinen
9bae1be0a1 P2P: Map driver events to P2P event notifications 2010-09-09 07:17:18 -07:00
Jouni Malinen
0c6b310e83 P2P: Show P2P info in ctrl_iface scan results 2010-09-09 07:17:18 -07:00
Jouni Malinen
d23bd8940f P2P: Show P2P Device Address in wpa_cli status 2010-09-09 07:17:18 -07:00
Jouni Malinen
b563b3882e P2P: Add control interface commands for P2P 2010-09-09 07:17:18 -07:00
Jouni Malinen
0817de904e P2P: Optimize scan timeouts for group formation 2010-09-09 07:17:17 -07:00
Jouni Malinen
5f3a6aa0a4 P2P: Add P2P IE into (Re)Association Request frames 2010-09-09 07:17:17 -07:00
Jouni Malinen
0e65037c27 P2P: Add P2P IE into Probe Request frames 2010-09-09 07:17:17 -07:00
Jouni Malinen
6e3f4b89ea P2P: Let the driver wrapper know if association is for P2P group 2010-09-09 07:17:17 -07:00
Jouni Malinen
e44f8bf20a P2P: Add P2P configuration and callbacks in hostapd code 2010-09-09 07:17:17 -07:00
Jouni Malinen
b22128efdc P2P: Add initial version of P2P Module 2010-09-09 07:17:17 -07:00
Jouni Malinen
fdadd5fe03 P2P: Do not register l2_packet on dedicated P2P device interface 2010-09-09 07:17:17 -07:00
Jouni Malinen
73e492693d P2P: Add TODO note for Group Formation bit use in AP selection 2010-09-09 07:17:17 -07:00
Jouni Malinen
4c2c302893 P2P: Remove 802.11b rates from wpa_supplicant AP mode operations
TODO: do this only for P2P group interface
2010-09-09 07:17:17 -07:00
Jouni Malinen
4dac02455a P2P: Use config block with disabled==2 to store persistent groups 2010-09-09 07:17:17 -07:00
Jouni Malinen
75bde05d53 P2P: Add driver operations for P2P use 2010-09-09 07:17:16 -07:00
Jouni Malinen
2ff99b3c38 P2P: Do not save temporary networks 2010-09-09 07:17:16 -07:00
Jouni Malinen
b2c5a4a3df P2P: Do not filter BSSes based on SSID during P2P Provisioning
TODO: Use group id from GO Neg instead(?)
2010-09-09 07:17:16 -07:00
Jouni Malinen
9fa243b295 P2P: Let WPS code know if it is used in a P2P group 2010-09-09 07:17:16 -07:00
Jouni Malinen
e3768e7c94 P2P: Add global configuration parameters for P2P 2010-09-09 07:17:16 -07:00
Jouni Malinen
2c5d725c65 P2P: Add dynamic network config block parameters for P2P 2010-09-09 07:17:16 -07:00
Jouni Malinen
611aea7d41 Allow ctrl_iface SET command to change global config parameters 2010-09-09 07:17:16 -07:00
Jouni Malinen
1d47214aa9 Add flag indicating which global configuration parameters have changed 2010-09-09 07:17:16 -07:00
Jouni Malinen
121adf9c2e Move global configuration parser into config.c
This makes it easier to provide support for dynamic updates of the
global configuration parameters while wpa_supplicant is running.
2010-09-09 07:17:16 -07:00
Jouni Malinen
42f50264c0 WPS: Make fragment size configurable for EAP-WSC peer
"wpa_cli set wps_fragment_size <val>" can now be used to configure the
fragment size limit for EAP-WSC.
2010-09-09 06:07:49 -07:00
Jouni Malinen
cae67937ca WPS: Fix CONFIG_WPS_STRICT build option
This was not supposed to be depending on CONFIG_WPS_NFC.
2010-09-09 06:07:49 -07:00
Jouni Malinen
ad4741183f WPS 2.0: Make sure PHY/VIRT flag gets set for PBC 2010-09-09 06:07:48 -07:00
Jouni Malinen
53587ec183 WPS 2.0: Make WSC 2.0 support to be build option (CONFIG_WPS2)
For now, the default build will only include WSC 1.0 support.
CONFIG_WPS2=y can be used to add support for WSC 2.0.
2010-09-09 06:07:48 -07:00
Jouni Malinen
54f489be45 WPS 2.0: Validate WPS attributes in management frames and WSC messages
If CONFIG_WPS_STRICT is set, validate WPS IE(s) in management frames and
reject the frames if any of the mandatory attributes is missing or if an
included attribute uses an invalid value. In addition, verify that all
mandatory attributes are included and have valid values in the WSC
messages.
2010-09-09 06:07:48 -07:00
Jouni Malinen
6a857074f4 WPS 2.0: Add virtual/physical display and pushbutton config methods 2010-09-09 06:07:47 -07:00
Jouni Malinen
31fcea931d WPS 2.0: Add support for AuthorizedMACs attribute
Advertize list of authorized enrollee MAC addresses in Beacon and
Probe Response frames and use these when selecting the AP. In order
to provide the list, the enrollee MAC address should be specified
whenever adding a new PIN. In addition, add UUID-R into
SetSelectedRegistrar action to make it potentially easier for an AP
to figure out which ER sent the action should there be multiple ERs
using the same IP address.
2010-09-09 06:07:47 -07:00
Jouni Malinen
266c828e54 bgscan learn: Fix build
Commit 9ff80a10e8 forgot to include the
new scan variable in the coded copied from bgscan_simple.c. Add that
here to fix the build.
2010-09-09 05:59:06 -07:00
Jouni Malinen
af3e1b0ec2 dbus: Verify WPA/RSN IE parser result before returning data 2010-09-04 22:01:29 +03:00
Jouni Malinen
7f5420691e wpa_supplicant AP: Make sure deauth/disassoc event is valid
Verify that the driver wrapper is using a valid deauth/disassoc
event before dereferencing the addr pointer. The address is required
to be set in AP mode, but it is safer to verify this here than to
trust on all driver wrappers doing the correct thing.
2010-09-04 21:50:12 +03:00
Jouni Malinen
a745b7a775 wpa_gui-qt4: Update copyright years to include 2010 2010-09-04 17:39:33 +03:00
Jouni Malinen
17f9f44ed8 Update WinPcap to the latest stable version 4.1.2 2010-09-04 17:37:57 +03:00
Jouni Malinen
0c80427d77 NDIS: Fix association for WPS provisioning with protected AP
Some NDIS drivers require a workaround to allow them to associate
with a WPS AP that is already using protection (Privacy field = 1).
Let driver_ndis.c know if the AP is already using Privacy and if so,
configure a dummy WEP key to force the driver to associate.
2010-09-04 13:56:12 +03:00
Jouni Malinen
687179edb5 Add libgcc_s_dw2-1.dll to the Windows installation package
This seems to be needed for wpa_gui.exe with the new Qt version.
2010-09-04 12:55:55 +03:00
Jouni Malinen
de1267d4eb winreg: Get rid of compiler warning 2010-09-02 13:22:52 +03:00
Jouni Malinen
0c703df32d Fix BSS selection with multiple configured networks
Commit d8d940b746 broke the logic on
iterating through all configured network blocks. This was supposed
to continue the loop on mismatch to allow other than the first
configured network to be found.
2010-08-28 12:04:21 +03:00
Masashi Honma
60da5e0f3f Solaris: Add support for wired IEEE 802.1X client
This patch adds support for wired IEEE 802.1X client on the Solaris.

I have tested with these:
OS : OpenSolaris 2009.06
EAP : EAP-MD5
Switch : Cisco Catalyst 2950
2010-08-28 11:40:07 +03:00
Jouni Malinen
9ff80a10e8 bgscan learn: Skip immediate scan on initial signal event
The driver is likely to indicate an immediate signal event when the
threshold value is configured. Since we do this immediately after
association, there is not much point in requesting a new scan to be
started based on this event.
2010-08-27 20:30:19 +03:00
Jouni Malinen
1e6ef6455c bgscan simple: Skip immediate scan on initial signal event
The driver is likely to indicate an immediate signal event when the
threshold value is configured. Since we do this immediately after
association, there is not much point in requesting a new scan to be
started based on this event.
2010-08-27 20:29:02 +03:00
Jouni Malinen
d8d940b746 Merge WPA and non-WPA network selection routines
This removes quite a bit of duplicated code and allows network block
priority configuration to be used to prefer unprotected networks and
also allows use on open network with good signal strength even if
scan results show a protected network with marginal signal strength
that does not allow it to be used.
2010-08-27 20:05:49 +03:00
Jouni Malinen
60a972a68d Add current signal strength into signal quality change events 2010-08-27 16:58:06 +03:00
Jouni Malinen
09f58c0984 Share common code in wpa_supplicant_{disassociate,deauthenticate}() 2010-08-26 13:43:38 +03:00
Jouni Malinen
eb0a3c7f96 Cancel authentication timeout on local deauth/disassoc request
Without this, the timeout may be left behind even when we are not
connected and may result in unwanted operation when the timeout
triggers.
2010-08-26 13:39:58 +03:00
Masashi Honma
509a39727f WPS: Fix unused variable warning
The wpa_supplicant compilation without CONFIG_WPS option results in
messages below.

scan.c: In function 'wpa_supplicant_scan':
scan.c:246: warning: unused variable 'wps'

This trivial patch erases this warning.
2010-08-20 09:44:50 +03:00
Jouni Malinen
f9cd8587fb dbus: Deauthenticate instead of disassociate on disconnect command
This clears up authentication state in the driver and in case of
cfg80211, unlocks the BSS entry for the previously used AP. The
previous commit cf4783e35f changed
only the ctrl_iface DISCONNECT command behavior; this new commit
does the same for D-Bus commands.
2010-08-18 21:27:30 +03:00
Samuel Ortiz
7e26053a2c sme: Check for prev_bssid from sme_event_disassoc
wpa_s->bssid is already cleared by mark_disassoc() when we're getting the
disassociation event for the case where wpa_supplicant requested
disassociation. wpa_s->sme.prev_bssid holds the BSSID we need to check
for, so use that instead.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2010-08-18 21:23:26 +03:00
Jouni Malinen
2e75a2b3a6 Add more debug info on deauth/disassoc events and commands 2010-08-17 21:04:38 +03:00
Samuel Ortiz
cb1583f64b sme: Try all authentication algorithms when the first one fails
When passing several authentication algorithms through auth_alg, we
should try all of them when the first one fails. The wext driver goes
through the connect nl80211 command and the retries are then handled by
the kernel. The nl80211 doesn't and we have to handle that from
userspace.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2010-08-17 16:39:33 +03:00
Jouni Malinen
77895cd937 Add a mechanism to insert notes to wpa_supplicant debug log
This can be used to insert information from external programs to the
wpa_supplicant debug log.
2010-08-11 18:07:22 +03:00
Jouni Malinen
f3f0f648d7 wpa_cli: Clean up redrawing and filter out BSS added/removed events 2010-08-11 17:58:04 +03:00
Jouni Malinen
24f7694062 Remove get-first-scan-results-before-request optimization
This has already been disabled in most use cases and can result
in problems with some drivers, so better just remove it completely.
2010-07-18 16:11:03 -07:00
Jouni Malinen
9b7124b27f Add some more debug for driver events 2010-07-17 20:33:34 -07:00
Jouni Malinen
5bc0cdb721 Ignore scan results in wpa_supplicant AP mode
This is needed to avoid trying to reassociate based on new scan
results when using wpa_supplicant to control AP mode. This could
happen if something external triggered the driver to run a scan.
2010-07-17 20:32:25 -07:00
Jouni Malinen
979b988ed6 WPS: Do not allow Label and Display config methods to be enabled
It is unclear which PIN is used if both Label and Display config
methods are advertised. Avoid this by not allowing such configuration.
2010-07-17 20:30:49 -07:00
Jouni Malinen
4436274bef SME: Do not skip initial scan request
When SME is in wpa_supplicant (mac80211), we need to make sure that
the kernel code has valid BSS entry for the AP. In some cases it
seemed to be possible to end up not having current information in
cfg80211 or mac80211 which can result to association failures. Avoid
this by always running through the scan request before initial
connection attempt.
2010-07-17 20:28:22 -07:00
Jouni Malinen
6e3f7173f1 SME: Retry scan after authentication failure
This is needed to avoid getting stuck if driver fails authentication
request for some reason.
2010-07-17 20:27:19 -07:00
Jouni Malinen
3f967fe055 Verify that l2_packet is initialized before notification call
It is possible that l2_packet is not used with wpa_supplicant
in some cases, so better make sure we do not end up notifying
l2_packet code about authentications unless it was actually
initialized in the first place.
2010-07-17 20:26:47 -07:00
Jouni Malinen
69a6b47aa0 Fix wpa_supplicant AP mode to ignore EAPOL Supplicant port callback
This is needed to avoid setting EAPOL PAE port status incorrectly
when using wpa_supplicant to control AP mode operations.
2010-07-17 20:25:41 -07:00
Jouni Malinen
79614ec55b bgscan learn: Remove forgotten debug printf 2010-07-10 19:59:31 -07:00
Jouni Malinen
3b7442e5fe bgscan learn: Mark BSSes that show up in the same scan as neighbors 2010-07-10 18:33:22 -07:00
Jouni Malinen
2e2a8d073d bgscan learn: Probe one new channel at a time to find APs
This allows APs to be found from channels that have not previously
been observed to contain APs for this ESS.
2010-07-10 18:09:41 -07:00
Jouni Malinen
fc480e88bf bgscan learn: Learn BSS information based on previous scans
Store list of all discovered BSSes in the ESS and on which frequencies
they have been seen. Use this information to dynamically generated the
list of channels for background scans.
2010-07-10 17:41:16 -07:00
Jouni Malinen
2e8d6ae32e bgscan learn: Add data file for storing learned network information 2010-07-10 16:05:31 -07:00
Jouni Malinen
c4d71c2505 bgscan: Add starting point for more advanced bgscan module: learn
This is based on the bgscan "simple" module and this initial commit
does not add any new functionality.
2010-07-10 15:55:48 -07:00
Jouni Malinen
c2594c3677 bgscan: Provide scan results to the notify_scan handler 2010-07-10 15:43:44 -07:00
Sam Leffler
3b038d7968 Fix bgscan stopping after dissassociation
Clear bgscan_ssid on disassoc event so bgscan is initialized the next
time we reach COMPLETED state.
2010-07-10 14:43:48 -07:00
Jouni Malinen
41e650ae5c WPS: Use different scan result sorting rules when doing WPS provisioning
The AP configuration may change after provisioning, so it is better
not to use the current security policy to prioritize results. Instead,
use WPS Selected Registrar attribute as the main sorting key and use
signal strength next without considering security policy or rate sets.
The non-WPS provisioning case remains as-is, i.e., this change applies
only when trying to find an AP for WPS provisioning.
2010-06-11 13:50:13 -07:00
Jouni Malinen
f62c2315f7 Show signal level and WPS support in scan results debug dump
This makes it easier to debug AP selection for WPS provisioning.
2010-06-11 13:47:33 -07:00
Jouni Malinen
d902a9c1bc Fix scan_runs counting
Addition of the background scanning mechanism in commit
60b94c9819 moved the scan trigger
into a new function that was also incrementing the scan_runs
counter, but the removal of the previous scan_runs incrementation
was forgotten from that patch. This counter should only be updated
into a single location, so remove the old one. This improves AP
selection for WPS provisioning by not skipping some of the initial
scans.
2010-06-11 11:15:16 -07:00
Jouni Malinen
7d6640a62c WPS ER: Add command for configuring an AP
wps_er_config can now be used to configure an AP. It is similar to
wps_er_learn, but instead of only learning the current AP settings,
it continues to send M8 with the new settings for the AP.
2010-05-28 00:01:48 +03:00
Jouni Malinen
3085b8052e WPS ER: Add initial documentation for External Registrar functionality 2010-05-27 15:25:18 +03:00
Jouni Malinen
15dbf1291a WPS ER: Add ctrl_iface event for learned AP settings 2010-05-27 15:24:45 +03:00
Jouni Malinen
0848668513 WPS ER: Allow AP filtering based on IP address
wps_er_start command now takes an optional parameter that can be used
to configure a filter to only allow UPnP SSDP messages from the
specified IP address. In practice, this limits the WPS ER operations
to a single AP and filters out all other devices in the network.
2010-05-27 15:23:55 +03:00
Jouni Malinen
7cc5995845 Skip D-Bus signals if the dbus_path is not yet set
This avoids an invalid D-Bus call during interface initialization.
The wpa_state change can happen before the D-Bus interface is set up,
so we must be preparted to handle this early event signal. In theory,
it should be possible to reorder initialization code to make sure
D-Bus signals are ready, but that would likely require quite a bit of
code restructuring, so it looks like a safer option for now is to just
skip the early event.
2010-05-23 20:23:11 +03:00
Jouni Malinen
25c226ea45 Fix CONFIG_AP=y build without CONFIG_IEEE8021X_EAPOL=y 2010-05-23 12:18:47 +03:00
Masashi Honma
37a86b7b36 Fix: AP mode wpa_supplicant build
The wpa_supplicant compilation with CONFIG_AP option and without
CONFIG_IEEE80211R, CONFIG_WPS, NEED_SME, CONFIG_CLIENT_MLME options
results in following messages.

../src/ap/drv_callbacks.o: In function `hostapd_notif_assoc':
../src/ap/drv_callbacks.c:59: undefined reference to
`ieee802_11_parse_elems'
gmake: *** [wpa_supplicant] Error 1
2010-05-23 12:12:40 +03:00
Jouni Malinen
8401a6b028 Add Linux rfkill support
Add a new wpa_supplicant state: interface disabled. This can be used
to allow wpa_supplicant to be running with the network interface even
when the driver does not actually allow any radio operations (e.g.,
due to rfkill).

Allow driver_nl80211.c and driver_wext.c to start while rfkill is in
blocked state (i.e., when ifconfig up fails) and process rfkill
events to block/unblock WLAN.
2010-05-23 10:27:32 +03:00
Kel Modderman
1491f8a785 wpa_gui-qt4: Fix network selection
Use regular expression matches to see if input is not the (now translated?)
string "Select any network" and is a "<network id>: <ssid>" string or the
"all" keyword where that is applicable.

Signed-off-by: Kel Modderman <kel@otaku42.de>
2010-05-02 11:17:13 +03:00
Kel Modderman
adc8d4a791 Fix enabling of networks while another network is being used
Enable a network block, even if there is a current configuration, if it
was disabled.

Signed-off-by: Kel Modderman <kel@otaku42.de>
2010-05-02 11:08:03 +03:00
Jouni Malinen
0b86f67a29 Add wpa_gui-qt4 translation files into build 2010-04-18 19:15:07 +03:00
Jouni Malinen
4fc387fce8 wpa_gui: lupdate run before release 2010-04-18 19:08:14 +03:00
Jouni Malinen
df9b245e76 wpa_gui: Fix Windows build 2010-04-18 19:06:24 +03:00
Jouni Malinen
be48214d2b Preparations for 0.7.2 release 2010-04-18 18:02:34 +03:00
Masashi Honma
5008cb5e55 Support for Solaris default shell restriction
Some shells (like Solaris default /bin/sh) doesn't allow -e
option for file existence check. Use -f instead.
2010-04-17 17:15:23 +03:00
Jouni Malinen
74e259ec7c Do not trigger initial scan if there are no enabled networks
This allows wpa_supplicant to be started quickly with an empty
configuration. If an external program wants to fetch scan results
from wpa_supplicant, it will need to request a scan explicitly
in this type of case.
2010-04-16 18:56:23 +03:00
Jouni Malinen
5fbc1f279b Fix get_interfaces() driver call to use correct drv_priv data 2010-04-14 16:38:53 +03:00
Jouni Malinen
20e26395c8 SME: Fix build without 802.11r or WPS 2010-04-12 09:39:36 +03:00
Jouni Malinen
92aaafe6bd .gitignore for generated language files 2010-04-11 23:00:51 +03:00
Stefan Oswald
7c00f6ba86 wpa_gui: Add Qt translator installation and German translation
This takes QTranslator into use and adds a German translation of
wpa_gui.
2010-04-11 22:58:08 +03:00
Stefan Oswald
0d76b1ab5f wpa_gui: Make Status strings visible to linguist
Linguist cannot see the strings coming from wpa_supplicant, so create
a function that translates these to tr() strings inside wpa_gui
source code.
2010-04-11 22:42:02 +03:00
Stefan Oswald
9086fe4466 wpa_gui: Convert strings to use tr() in user-visible text
This is in preparation for allowing wpa_gui to be translated.
2010-04-11 22:35:02 +03:00
Witold Sowa
c56ce48a6f dbus: Add new KeyMgmt interface capabilities
Add "wpa-ft-psk", "wpa-psk-sha256", "wpa-ft-eap" and "wpa-eap-sha256"
possible KeyMgmt values of interface capabilities to fit values in
BSS RSN options dictionary.
2010-04-11 21:37:28 +03:00
Jouni Malinen
0544b24248 Add BSSID and reason code (if available) to disconnect event
This adds more details into the CTRL-EVENT-DISCONNECTED event to
make it easier to figure out which network was disconnected in some
race conditions and to what could have been the reason for
disconnection. The reason code is currently only available with
the nl80211 driver wrapper.
2010-04-11 21:25:15 +03:00
Jouni Malinen
c706d5aa17 Add wpa_supplicant AP mode events for Public Action frames 2010-04-11 20:33:33 +03:00
Jouni Malinen
b3db190fa2 Started to make set_ap_wps_ie() capable of adding multiple IEs
This mechanism can be used to add various IEs to Beacon and Probe
Response frames and it should be made clear that it is not reserved
only for WPS IE.
2010-04-11 20:16:43 +03:00
Jouni Malinen
f90ceeaabf wpa_supplicant AP mode: Add function for enabling MAC address filtering
This can be used to allow only a specific station to associate.
2010-04-11 20:08:00 +03:00
Jouni Malinen
48b357a989 Make sure AP interface is initialize before accepting WPS commands 2010-04-11 20:06:12 +03:00
Jouni Malinen
7a649c7dda wpa_supplicant AP: More thorough AP mode deinit 2010-04-11 20:03:39 +03:00
Jouni Malinen
508545f3a9 Add more wpa_supplicant AP mode parameters for the driver wrapper
This makes it easier to configure AP mode for drivers that take care
of WPA/RSN IE generation.
2010-04-11 20:02:01 +03:00
Jouni Malinen
4b768ed0b2 Add registerable callback for wpa_supplicant AP mode completion 2010-04-11 19:59:33 +03:00
Jouni Malinen
1c4c9c5078 Try to start a new scan more quickly after driver rejection
This speeds up recovery from some cases where the driver may refuse
a new scan request command temporarily.
2010-04-11 19:56:23 +03:00
Jouni Malinen
8cd82735cb Add an option to request a connection without a new scan 2010-04-11 19:55:40 +03:00
Jouni Malinen
64e58f5189 Add option for overriding scan result handler for a single scan 2010-04-11 19:53:31 +03:00
Jouni Malinen
814782b9fe Allow driver wrappers to indicate maximum remain-on-channel duration 2010-04-11 19:42:37 +03:00
Jouni Malinen
6700a277a9 Avoid dropping ctrl_iface on ENOBUFS error burst
These bursts can result in control interface monitors being detached
even if the external program is still working properly. Use much larger
error threshold for ENOBUFS to avoid this.
2010-04-11 19:29:24 +03:00
Jouni Malinen
cf4783e35f Deauthenticate instead of disassociate on disconnect command
This clears up authentication state in the driver and in case of
cfg80211, unlocks the BSS entry for the previously used AP.
2010-04-11 19:27:41 +03:00
Jouni Malinen
f3585c8a85 Simplify driver_ops for virtual interface add/remove
There is no absolute requirement for separating address allocation
into separate functions, so simplify the driver wrapper interface
to use just if_add and if_remove instead of adding the new
alloc_interface_addr() and release_interface_addr() functions.

if_add() can now indicate if the driver forced a different interface
name or address on the virtual interface.
2010-04-11 19:23:09 +03:00
Jouni Malinen
977b11747f Allow sub-second resolution for scan requests
This is in preparation to use cases that may benefit from more frequent
scanning.
2010-04-11 19:10:01 +03:00
Jouni Malinen
17a4734dc4 Optimize post-WPS scan based on channel used during provisioning
Scan only the frequency that was used during provisioning during the
first five scans for the connection. This speeds up connection in the
most likely case where the AP remains on the same channel. If the AP is
not found after these initial scans, all channels will be scanned.
2010-04-11 19:06:42 +03:00
Jouni Malinen
9efc3f2a4b SME: Handle association without own extra IEs
Need to check for this before calling ieee802_11_parse_elems().
2010-04-11 12:19:02 +03:00
Jouni Malinen
86d4f806da Add ctrl_iface command for triggering a roam to a specific BSS
'wpa_cli roam <bssid>' can now be used to test roaming within an ESS
(e.g., for FT over-the-air). This command will bypass a new scan and
will select the BSS based on the specified BSSID. It is responsibility
of the caller to make sure that the target AP is in the BSS table.
This can be done, e.g., by running a scan before the roam command,
if needed.
2010-04-10 22:56:55 +03:00
Jouni Malinen
a7b6c42232 Fix error messages to print ASCII MAC address, not the parse buffer 2010-04-10 22:46:54 +03:00
Jouni Malinen
0d7b44099f SME: Do not try to use FT over-the-air if PTK is not available 2010-04-10 22:39:49 +03:00
Jouni Malinen
e7846b6859 FT: Clean up wpa_sm_set_ft_params() by using common parse
Instead of parsing the IEs in the callers, use the already existing
parser in wpa_ft.c to handle MDIE and FTIE from initial MD association
response. In addition, this provides more complete access to association
response IEs to FT code which will be needed to fix FT 4-way handshake
message 2/4.
2010-04-10 11:36:35 +03:00
Jouni Malinen
579ce77122 FT: Deauthenticate in case of Reassoc Response validation error
If validation of the Reassociation Response frame fails during FT
Protocol, do not allow association to be completed; instead, force
deauthentication.
2010-04-09 16:59:27 +03:00
Jouni Malinen
f4ec630d1b FT: Set FT Capability and Policy properly in MDIE during initial MD assoc
This field needs to be copied from the scan results for the AP
per IEEE Std 802.11r-2008, 11A.4.2.
2010-04-09 16:41:57 +03:00
Jouni Malinen
76b7981d07 FT: Copy FT Capability and Policy to MDIE from target AP
This sets the FT Capability and Policy field in the MDIE to the values
received from the target AP (if available). This fixes the MDIE contents
during FT Protocol, but the correct value may not yet be used in initial
mobility domain association.
2010-04-09 16:26:20 +03:00
Jouni Malinen
d9a27b0455 Fix SME to update WPA/RSN IE for rsn_supp module based on AssocReq
When using wpa_supplicant SME (i.e., using nl80211), the rsn_supp
module was not informed of the WPA/RSN IE that was used in
(Re)Association Request frame. This broke roaming between APs that
use different security policy (e.g., changing between WPA/TKIP and
WPA2/CCMP APs) or when using PMKSA caching.
2010-04-07 10:31:06 +03:00
Jouni Malinen
32d5295f9d Add a drop_sa command to allow 802.11w testing
This drops PTK and PMK without notifying the AP.
2010-03-29 15:42:04 -07:00
Jouni Malinen
e820cf952f MFP: Add MFPR flag into station RSN IE if 802.11w is mandatory 2010-03-29 10:48:01 -07:00
Jouni Malinen
e2f74005f5 bgscan: Add signal strength change events
This allows bgscan modules to use more information to decide on when
to perform background scans. bgscan_simple can now change between
short and long background scan intervals based on signal strength
and in addition, it can trigger immediate scans when the signal
strength is detected to be dropping.

bgscan_simple takes following parameters now:
short interval:signal strength threshold:long interval
For example:
	bgscan="simple:30:-45:300"
2010-03-28 15:32:34 -07:00
Jouni Malinen
b625473c6c Add driver command and event for signal strength monitoring 2010-03-28 15:31:04 -07:00
Jouni Malinen
b766a9a293 Add freq_list network configuration parameter
This can be used to limit which frequencies are considered when
selecting a BSS. This is somewhat similar to scan_freq, but will
also affect any scan results regardless of which program triggered
the scan.
2010-03-26 22:45:50 -07:00
Jouni Malinen
62c72d7299 FT: Process reassoc resp FT IEs when using wpa_supplicant SME 2010-03-13 21:13:18 +02:00
Jouni Malinen
2a7e7f4e4a FT: Add driver op for marking a STA authenticated
This can be used with FT-over-DS where FT Action frame exchange
triggers transition to State 2 (authenticated) without Authentication
frame exchange.
2010-03-13 18:28:15 +02:00
Jouni Malinen
fe1919856c FT: Update SME frequency info before sme_associate() call
This is needed to allow FT-over-DS to request correct channel for
the reassociation with the target AP.
2010-03-13 18:26:25 +02:00
Jouni Malinen
71024cb255 FT: Request reassociation after successful FT Action frame exchange 2010-03-13 17:14:41 +02:00
Jouni Malinen
a7918ec749 wpa_cli: Improved command parameter tab completion 2010-03-12 19:43:15 +02:00
Jouni Malinen
037f83eb44 wpa_cli: Fix detach race with forked monitor process
Need to kill the monitor process before running detach command on
the monitor connection to avoid race where the monitor process may
end up getting the detach command result.
2010-03-12 17:34:56 +02:00
Jouni Malinen
dd63f314bd wpa_cli: Redisplay readline edit after event messages 2010-03-12 17:24:50 +02:00
Jouni Malinen
036f7c4aab FT: Add preliminary processing of FT Action Response from EVENT_RX_ACTION
Previously, this was only done with userspace MLME (i.e., driver_test.c);
now, driver_nl80211.c can deliver the FT Action Response (FT-over-DS)
for processing. The reassociation after successful FT Action frame
exchange is not yet implemented.
2010-03-12 00:43:00 +02:00
Jouni Malinen
a4652ce64c wpa_gui: Remove unneeded wpa_ctrl_request() msg_cb 2010-03-07 17:28:00 +02:00
Jouni Malinen
3234cba40e Remove unnecessary ifname parameter to sta_set_flags() driver op 2010-03-07 11:45:41 +02:00
Jouni Malinen
62847751e4 Remove unnecessary ifname parameter from sta_add() driver op 2010-03-07 11:42:41 +02:00
Jouni Malinen
17557ebe30 Remove forgotten ifname parameter from set_beacon() call 2010-03-07 10:04:35 +02:00
Felix Fietkau
4c32757d22 hostapd: add ifname to the sta_set_flags callback
This fixes multi-BSS STA operations (e.g., setting AUTHORIZED flag) with
nl80211-based drivers.
2010-03-06 20:44:31 +02:00
Jouni Malinen
23e2550c0e Remove unneeded CONFIG_EAP comments
These are not needed for WPS builds since CONFIG_WPS=y enables all
the needed EAP components.
2010-03-06 16:40:53 +02:00
Dmitry Shmidt
aa53509ffe Update priority list after priority change
Despite comments in the wpa_config_update_prio_list(struct wpa_config
*config) telling that it is called "if priority for a network is
changed", it is apparently not.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2010-03-06 11:13:50 +02:00
Kel Modderman
09bd6e8cca wpa_supplicant: fix FTBFS on Debian GNU/kFreeBSD
This patch allows wpa_supplicant to compile on Debian's kfreebsd
architectures.

Patch by Stefan Lippers-Hollmann based on work done by Petr Salinger
and Emmanuel Bouthenot for 0.6.X (http://bugs.debian.org/480572).
2010-03-06 10:16:47 +02:00
Jouni Malinen
3812464cda Add optional scan result filter based on SSID
filter_ssids=1 global configuration parameter can now be used to
enable scan result filtering (with -Dnl80211 only for now) based on
the configured SSIDs. In other words, only the scan results that have
an SSID matching with one of the configured networks are included in the
BSS table. This can be used to reduce memory needs in environments that
have huge number of APs.
2010-03-05 21:42:06 +02:00
Jouni Malinen
c9c38b0996 Make maximum BSS table size configurable
New global configuration parameter bss_max_count can now be used to
change the maximum BSS table size. The old fixed size limit (200) is
used as the default value for this parameter.
2010-03-05 20:20:09 +02:00
Jouni Malinen
ac26ebd8b5 Allow roam based on preferred BSSID regardless of signal strength 2010-02-28 11:09:58 +02:00
Jouni Malinen
36d1343a4b Do not inhibit suspend even if wpa_cli command fails
There is no point in inhibiting suspend in case wpa_supplicant is
not running and as such, return success unconditionally from this
script.
2010-02-27 20:03:13 +02:00
Jouni Malinen
207ef3fb12 Add suspend/resume notifications
wpa_supplicant can now be notified of suspend/resume events, e.g.,
from pm-action scripts. This allows wpa_supplicant to clear information
that may become invalid during a suspend operation.
2010-02-27 18:46:02 +02:00
Jouni Malinen
be8be6717d Clear current_bss pointer on disassociation/deauthentication
This is needed to allow the BSS table entry for the previously used
BSS to be removed. Now wpa_bss_in_use() can return 0 for the last BSS
that was used as soon as deauthentication/disassociation event has been
received.
2010-02-27 18:40:25 +02:00
Jouni Malinen
159dd3e28a Add more debug prints to make deauth/disassoc events clearer 2010-02-27 18:39:09 +02:00
Jouni Malinen
e824cc4648 Use os_snprintf instead of snprintf 2010-02-19 19:14:41 +02:00
Jouni Malinen
94d9bfd59b Rename EAP server source files to avoid duplicate names
This makes it easier to build both EAP peer and server functionality
into the same project with some toolchains.
2010-02-19 18:54:07 +02:00
Jouni Malinen
b7a2b0b68c Add alloc_interface_addr() drv op option for specifying ifname
Some drivers may need to use a specific ifname for the virtual
interface, so allow them to do this with a new parameter passed
to the alloc_interface_addr() handler.
2010-02-16 19:34:51 +02:00
Jouni Malinen
cbf7855883 wpa_cli: Add option to use child process to receive events
CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config can be used to
configure wpa_cli build to make a version of wpa_cli that forks
a child process to receive event messages. This allows the events
to be shown immediately instead of having to wait for the next
periodic poll with PING.
2010-02-14 16:14:20 +02:00
Jouni Malinen
4a3ade4e11 wpa_gui: Use separate ctrl_iface connection for event messages 2010-02-13 21:37:35 +02:00
Kel Modderman
aff5e54d4a wpa_gui-qt4: do not show WPS AP available event tray messages
Do not show WPS event tray messages as they can happen too frequently.

Signed-off-by: Kel Modderman <kel@otaku42.de>
2010-02-13 14:03:18 +02:00
Jouni Malinen
00468b4650 Add TLS client events, server probing, and srv cert matching
This allows external programs (e.g., UI) to get more information
about server certificate chain used during TLS handshake. This can
be used both to automatically probe the authentication server to
figure out most likely network configuration and to get information
about reasons for failed authentications.

The follow new control interface events are used for this:
CTRL-EVENT-EAP-PEER-CERT
CTRL-EVENT-EAP-TLS-CERT-ERROR

In addition, there is now an option for matching the server certificate
instead of the full certificate chain for cases where a trusted CA is
not configured or even known. This can be used, e.g., by first probing
the network and learning the server certificate hash based on the new
events and then adding a network configuration with the server
certificate hash after user have accepted it. Future connections will
then be allowed as long as the same server certificate is used.

Authentication server probing can be done, e.g., with following
configuration options:
    eap=TTLS PEAP TLS
    identity=""
    ca_cert="probe://"

Example set of control events for this:
CTRL-EVENT-EAP-STARTED EAP authentication started
CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=21
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected
CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/C=US/ST=California/L=San Francisco/CN=Server/emailAddress=server@kir.nu' hash=5a1bc1296205e6fdbe3979728efe3920798885c1c4590b5f90f43222d239ca6a
CTRL-EVENT-EAP-TLS-CERT-ERROR reason=8 depth=0 subject='/C=US/ST=California/L=San Francisco/CN=Server/emailAddress=server@kir.nu' err='Server certificate chain probe'
CTRL-EVENT-EAP-FAILURE EAP authentication failed

Server certificate matching is configured with ca_cert, e.g.:
    ca_cert="hash://server/sha256/5a1bc1296205e6fdbe3979728efe3920798885c1c4590b5f90f43222d239ca6a"

This functionality is currently available only with OpenSSL. Other
TLS libraries (including internal implementation) may be added in
the future.
2010-02-13 11:14:23 +02:00
Jouni Malinen
c5674000a3 wpa_gui-qt4: Stop BSS fetch loop on error for Peers dialog
There is no need to continue the loop until the 1000 max BSS limit
if a BSS command fails.
2010-01-24 18:42:45 -08:00
Jouni Malinen
48563d86b2 Try to avoid some unnecessary roaming
When multiple APs are present in scan results with similar signal
strength, wpa_supplicant may end up bounching between them frequently
whenever new scan results are available (e.g., due to periodic scans
requested by NetworkManager). This can result in unnecessary roaming
and in case of the current cfg80211 version, to frequent network
disconnections.

Do not request a roam if the current BSS is still present in the scan
results and the selected BSS is in the same ESS and has only a slighly
stronger signal strength.
2010-01-24 18:19:50 -08:00
Jouni Malinen
b85e772449 SME: Request a new scan if SME association command fails
This handles some error cases without getting stuck waiting for new
events from the driver if association command fails for any reason.
2010-01-24 18:09:36 -08:00
Jouni Malinen
dff0f701d0 Preparations for v0.7.1 release 2010-01-16 19:04:38 +02:00
Jouni Malinen
3e674c063c Update VS 2005 project files with new/removed source files 2010-01-16 18:49:17 +02:00
Witold Sowa
7899e2f42d dbus: Change WPA/RSNIE byte array props to dicts
Expose RSN and WPA properties for BSS objects containing information
about key management and cipher suites. Get rid of WPA/RSN/WPSIE
byte array properties and add IEs byte array property with all IE data
instead.
2010-01-16 16:37:37 +02:00
Jouni Malinen
8c0906542c Fetch IEs from both Beacon and Probe Response frames if available
This allows the driver wrappers to return two sets of IEs, so that
the BSS code can use information from both Beacon and Probe Response
frames if needed. For example, some Cisco APs seem to include more
information in Wireless Provisioning Services IE when it is in the
Beacon frame.
2010-01-16 16:11:05 +02:00
Jouni Malinen
af47308823 Add deinit_ap driver op to help wpa_supplicant AP mode use 2010-01-16 12:20:51 +02:00
Jouni Malinen
e882899981 Add BSSID to TX/RX Action frame driver ops
This meets better the needs for various Public Action frame use cases.
2010-01-16 12:16:20 +02:00
Jouni Malinen
a2e4f66edc Remove completed to-do item 2010-01-16 09:44:41 +02:00
Jouni Malinen
20766f2007 Make wpa_bss_get_max_rate() a bit more readable with a local variable 2010-01-10 22:53:36 +02:00
Jouni Malinen
a416fb47eb IBSS RSN: Explicitly check addr != NULL before passing it to memcmp
idx == 0 should be enough to make sure that the addr is set, but
verify that this is indeed the case to avoid any potential issues if
auth_set_key() gets called incorrectly.
2010-01-10 21:53:17 +02:00
Jouni Malinen
6f9b5d1696 IBSS RSN: Check explicitly that WPA auth sm assoc call succeeded
Verify that association processing did not end up freeing the state
machine. This should not really happen in practice, but better verify
it anyway.
2010-01-10 21:45:44 +02:00
Jouni Malinen
f337f0e950 Remove unnecessary bss != NULL checks from sme_authenticate()
This is already verified in the beginning of the function, so no need
to repeat that multiple times.
2010-01-10 21:31:54 +02:00
Jouni Malinen
2b057028cb Fix client MLME test code for IBSS scan request
wpa_s->mlme.ssid is an array so it is always != NULL and this
comparision should really have used ssid_len instead.
2010-01-10 20:41:33 +02:00