Commit graph

9954 commits

Author SHA1 Message Date
Jörg Krause
736b7cb2da wpa_supplicant/Makefile: Fix libwpa_client build
Building libwpa_client requires src/utils/common.c for bin_clear_free()
else loading the library fails with:

Error relocating /usr/lib/libwpa_client.so: bin_clear_free: symbol not found

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
2015-10-31 19:15:37 +02:00
Jouni Malinen
2e38079531 TLS: Fix memory leak with multiple TLS server instances
When using CONFIG_TLS=internal and starting hostapd with multiple
configuration files that each initialize TLS server, the server
certificate and related data was not freed for all the interfaces on
exit path. Fix this by freeing the credential data that is stored
separately for each call to tls_init().

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-31 18:15:22 +02:00
Jouni Malinen
a63ebc159d tests: Fix wifi_display_parsing
Due to a typo in a function name, this test case ended up running
without the final cleanup. That could result in the following test cases
failing, e.g., when running this sequence:
wifi_display_parsing dbus_p2p_go_neg_auth

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-31 16:31:03 +02:00
Jouni Malinen
d4c3c055d5 tests: EAP-SIM DB error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-31 16:28:33 +02:00
Frederic Leroy
7b0f5500b0 eap_sim_db: Implement eap_sim_db_expire_pending()
Expire pending DB request for EAP-SIM/AKA/AKA'. Timeout defaults to 1
second and is user configurable in hostapd.conf (eap_sim_db_timeout).

Signed-off-by: Frederic Leroy <frederic.leroy@b-com.com>
2015-10-31 16:28:16 +02:00
Jouni Malinen
a6cc1e5747 tests: VHT with 160 MHz channel width and no DFS
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-30 16:15:40 +02:00
Jouni Malinen
45c3e72952 Add frequency to operating class determination for 5 GHz 100..140
This extends ieee80211_freq_to_channel_ext() with knowledge of the
operating classes for the 5 GHz channels 100..140.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-30 11:45:50 +02:00
Dan Williams
f0ef68892e tests: Add testcases for interface global properties
Signed-off-by: Dan Williams <dcbw@redhat.com>
2015-10-28 23:41:33 +02:00
Dan Williams
e50c50d5a0 dbus: Expose interface globals via D-Bus properties
All interface globals are now exposed as D-Bus properties of type
string, and parsed via the normal interface global parsing functions.

Signed-off-by: Dan Williams <dcbw@redhat.com>
2015-10-28 23:41:32 +02:00
Dan Williams
1aa0fb77ea dbus: Pass property description to getters/setters
We'll use it later for global interface properties.

Signed-off-by: Dan Williams <dcbw@redhat.com>
2015-10-28 23:40:49 +02:00
Avichal Agarwal
c93b7e1888 RSN: Check result of EAPOL-Key frame send request
Provide information on whether EAPOL-Key frame was sent successfully to
kernel for transmittion. wpa_eapol_key_send() will return
>= 0 on success and < 0 on failure. After receiving EAPOL-Key msg 3/4,
wpa_supplicant sends EAPOL-Key msg 4/4 and shows CTRL-EVENT-CONNECTED
only after verifying that the msg 4/4 was sent to kernel for
transmission successfully.

Signed-off-by: Avichal Agarwal <avichal.a@samsung.com>
Signed-off-by: Kyeong-Chae Lim <kcya.lim@samsung.com>
2015-10-28 22:42:16 +02:00
Matthias May
95be79f1f8 Allow -1 as value to disable frag_threshold
To be consistent with the internal representation of how to disable
framentation, allow -1 as a value to disable it in configuration.

Signed-off-by: Matthias May <matthias.may@neratec.com>
2015-10-28 20:53:15 +02:00
Matthias May
bc50bb0ada Extend the range of values for the RTS threshold
Since we have HT rates the maximum framesize is no longer 2346. The
usual maximum size of an A-MPDU is 65535. To disable RTS, the value -1
is already internally used. Allow it in the configuration parameter.

Signed-off-by: Matthias May <matthias.may@neratec.com>
2015-10-28 20:53:15 +02:00
Jouni Malinen
8901189c0f tests: Update hapd_ctrl_set_error_cases RTS/fragmentation threshold
The previously used invalid values will become allowed with the
following commits, so change the test case to use values that both were
and will continue to be invalid to avoid unnecessary failures.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-28 20:53:15 +02:00
Srinivasa Duvvuri
053693d266 hostapd: Add feature to start all interfaces at the same time in sync
When multiple interfaces across mutiple radios are started using a
single instance of hostapd, they all come up at different times
depending upon how long the ACS and HT scan take on each radio. This
will result in stations (that already have the AP profile) associating
with the first interfaces that comes up. For example in a dual band
radio case (2G and 5G) with ACS enabled, 2G always comes up first
because the ACS scan takes less time on 2G and this results in all
stations associating with the 2G interface first.

This feature brings up all the interfaces at the same time. The list of
interfaces specified via hostapd.conf files on the command line are all
marked as sync interfaces. All the interfaces are synchronized in
hostapd_setup_interface_complete().

This feature is turned on with '-S' commmand line option.

Signed-off-by: Srinivasa Duvvuri <sduvvuri@chromium.org>
2015-10-28 19:47:17 +02:00
Jouni Malinen
9578413455 Reserve QCA vendor specific nl80211 commands 110..114
These are reserved for QCA use.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-27 00:10:29 +02:00
Peng Xu
5d4c508969 Assign QCA commands and attributes for Tx power scaling and OTA testing
Assign nl80211vendor commands QCA_NL80211_VENDOR_SUBCMD_OTA_TEST and
QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE as well as corresponding
attributes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-27 00:07:15 +02:00
Jouni Malinen
7f2fea59ea tests: P2P device discovery and control character in Device Name
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-26 23:43:45 +02:00
Hu Wang
5d1d69a10f P2P: Filter control chars in group client device name similarly to peer
P2P device discovery can add peer entries based on a message directly
from a peer and from a Probe Response frame from a GO for all the P2P
Clients in the group. The former case for filtering out control
characters from the device name while the latter was not. Make this
consistent and filter both cases in the same way to avoid confusing
external programs using the device name of a P2P peer.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-26 23:43:45 +02:00
Sunil Dutt
f67d1a0099 TDLS: Do not send error case of TPK M3 if TX fails
There is no point in sending TPK M3 (TDLS Setup Confirm) with a failure
status if the first transmission attempt fails. Instead, just return a
failure by disabling the link rather than retransmitting the TPK M3
frame with an error status.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-26 22:54:39 +02:00
Jouni Malinen
9cd8859ed6 tests: Fix scan flush in p2ps_channel_both_connected_same
Need to do this before associating with the AP and with the correct
devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-26 00:59:07 +02:00
Jouni Malinen
e1195efd1e tests: Skip radius_acct_ipaddr if kernel does not support ProxyARP
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-26 00:47:47 +02:00
Jouni Malinen
8f3ea3175f tests: Fix build without CONFIG_ERP=y
hmac_sha256_kdf() got pulled in only if CONFIG_ERP=y is set. Fix
test_sha256() by making the test case conditional on the function being
present.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-26 00:42:14 +02:00
Lubomir Rintel
1248e58492 wpa_supplicant: Reopen debug log file upon receipt of SIGHUP signal
This is useful for logrotate to be able to rotate the file even if the
control interface is not enabled (e.g., when using DBus).

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
2015-10-25 20:45:02 +02:00
Jouni Malinen
d8fd633ebb Do not write ERROR level log entries if debug file is not used
wpa_debug_reopen_file() used to write an error message at MSG_ERROR
level if it was called with last_path == NULL (the last debug log file
path not known). This is not a fatal error, but a normal case if
wpa_debug_open_file() has not been used. Remove the error message and
return success in such case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 20:45:02 +02:00
Mohammed Shafi Shajakhan
67deaa582d l2_packet: Add build option to disable Linux packet socket workaround
Linux packet socket workaround(*) has an impact in performance when the
workaround socket needs to be kept open to receive EAPOL frames. While
this is normally avoided with a kernel that has the issue addressed by
closing the workaround packet socket when detecting a frame through the
main socket, it is possible for that mechanism to not be sufficient,
e.g., when an open network connection (no EAPOL frames) is used.

Add a build option (CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y) to disable the
workaround. This build option is disabled by default and can be enabled
explicitly on distributions which have an older kernel or a fix for the
kernel regression.

Also remove the unused variable num_rx.

(*) Linux kernel commit 576eb62598f10c8c7fd75703fe89010cdcfff596
('bridge: respect RFC2863 operational state') from 2012 introduced a
regression for using wpa_supplicant with EAPOL frames and a station
interface in a bridge.

Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qti.qualcomm.com>
2015-10-25 19:56:53 +02:00
Jouni Malinen
fde35be9b1 tests: WPA2-PSK AP with PMF required and PMF disabled on STA
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:17 +02:00
Jouni Malinen
fa46426725 RSN: Do not try to connect if PMF disabled and AP requires it
Instead of trying to associate in configuration that is known to result
in the AP rejecting the association, reject the BSS candidate based on
the MFPR=1 RSN capability when STA configuration has PMF disabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:17 +02:00
Jouni Malinen
8acbe7f2a4 WNM: Verify WNM Sleep Mode element length
This element is required to have at least four octets of actual payload.
This was not previously verified before use and the extra buffer data
after the IE might have been used instead if a received WNM-Sleep Mode
Response frame was invalid.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:17 +02:00
Jouni Malinen
dacd789f6d WNM: Mark set TFS buffer const
This moves the type cast needed for the current driver interface to
ieee802_11_set_tfs_ie() to allow the WNM-Sleep parsing routines to use
const pointers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:17 +02:00
Jouni Malinen
c4082f7839 tests: WNM Action protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:17 +02:00
Jouni Malinen
9464e0996e tests: P2P autonomous GO and no P2P IE in Probe Response scan results
autogo_scan verifies the special case where a Probe Response frame
without P2P IE has been received from a GO (e.g., due to a non-P2P
interface requesting a scan) and P2P information from a Beacon frame
needs to be used instead to determine that the group is persistent.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:17 +02:00
Jouni Malinen
9cb3413090 tests: Move P2P helper functions to a separate file
This makes it easier to import these into the P2P test scripts.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:17 +02:00
Jouni Malinen
046e63fa2b tests: Interworking network selection and ANQP format errors
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:16 +02:00
Jouni Malinen
bd886d47c5 tests: P2P protocol tests for service discovery messages
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:16 +02:00
Jouni Malinen
97f8544305 tests: P2P protocol tests for Group Info parsing
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:16 +02:00
Jouni Malinen
10649029ca tests: Wi-Fi Display extensions to P2P and special parsing cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:16 +02:00
Jouni Malinen
ceb19ff7a6 privsep: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:16 +02:00
Jouni Malinen
45a283e6d0 wext: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:16 +02:00
Jouni Malinen
336869f05a nl80211: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:35:00 +02:00
Jouni Malinen
78c8ee488f ndis: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:35:00 +02:00
Jouni Malinen
d717126aa2 hostap: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:35:00 +02:00
Jouni Malinen
d034f498ce atheros: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:35:00 +02:00
Jouni Malinen
40762fcede PCSC: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:35:00 +02:00
Jouni Malinen
80c620dbd7 SAE: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:34:59 +02:00
Jouni Malinen
f88bcad015 GAS server: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:34:59 +02:00
Jouni Malinen
1e72ba2e61 RSN auth: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:34:59 +02:00
Jouni Malinen
a5a2f252cb AP: Avoid undefined behavior in pointer arithmetic in IE parsing
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:34:59 +02:00
Jouni Malinen
de7fe64df5 RADIUS: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:34:59 +02:00
Jouni Malinen
d2eb91e08f TLS: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:34:59 +02:00