Commit graph

2434 commits

Author SHA1 Message Date
Jouni Malinen
e1925bde36 eloop: Remove eloop_none.c
This was supposed to be a minimal sample of eloop wrapper, but it is
unclear whether this is of that much use and the file has not been kept
up-to-date. Remove this file to reduce maintenance effort. The other
eloop*.c files can be used as a starting point if something new is
needed.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-17 16:48:20 +02:00
Dmitry Shmidt
f6c2b8c367 Android: Add state message sent after 'status' command
This triggers re-transmission of CTRL-EVENT-STATE-CHANGE and
CTRL-EVENT-CONNECTED events on STATUS command for Android framework
specific processing.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-17 16:47:56 +02:00
Dmitry Shmidt
6b49907665 Android: Add SSID in supplicant change event
In addition, change wpa_s->pending_bssid to wpa_s->bssid for the BSSID
value in the event.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-17 16:47:45 +02:00
Masashi Honma
22cf7d7324 SCARD: Clean up SIM/USIM selection
Commit eb32460029 left an unneeded
sim_type argument to scard_init(). Remove that unnecessary argument to
clean up the implementation.

Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2013-11-17 16:47:38 +02:00
Paul Stewart
cea97a04f9 dbus_new: Add DBus TDLS methods
Add DBus methods for TDLS operations similar to those available
for the control interface. This includes Discover, Setup, and
Teardown commands. While here, add a method to query the TDLS
link status and add a DBus method for it.

Tested with CONFIG_TDLS enabled, on a TDLS-enabled host and
peer capable of TDLS:

    dbus-send --system --dest=fi.w1.wpa_supplicant1 --print-reply \
        /fi/w1/wpa_supplicant1/Interfaces/0 \
        fi.w1.wpa_supplicant1.Interface.TDLSStatus string:<peer-mac-address>

    yields: string "peer does not exist"

    dbus-send --system --dest=fi.w1.wpa_supplicant1 --print-reply \
        /fi/w1/wpa_supplicant1/Interfaces/0 \
        fi.w1.wpa_supplicant1.Interface.TDLSDiscover string:<peer-mac-address>

    yields no error

    dbus-send --system --dest=fi.w1.wpa_supplicant1 --print-reply \
        /fi/w1/wpa_supplicant1/Interfaces/0 \
        fi.w1.wpa_supplicant1.Interface.TDLSSetup string:<peer-mac-address>

    yields no error

    dbus-send --system --dest=fi.w1.wpa_supplicant1 --print-reply \
        /fi/w1/wpa_supplicant1/Interfaces/0 \
        fi.w1.wpa_supplicant1.Interface.TDLSStatus string:<peer-mac-address>

    yields: string "connected" after TDLS completes

    dbus-send --system --dest=fi.w1.wpa_supplicant1 --print-reply \
        /fi/w1/wpa_supplicant1/Interfaces/0 \
        fi.w1.wpa_supplicant1.Interface.TDLSTeardown string:<peer-mac-address>

    yields no error

    dbus-send --system --dest=fi.w1.wpa_supplicant1 --print-reply \
        /fi/w1/wpa_supplicant1/Interfaces/0 \
        fi.w1.wpa_supplicant1.Interface.TDLSStatus string:<peer-mac-address>

    yields: string "peer not connected"

Signed-hostap: Paul Stewart <pstew@chromium.org>
2013-11-17 16:47:32 +02:00
Jithu Jance
cc4952ad63 Request new scan only for the original interface
Request new scan only for the interface for which the original scan
request and results has come. Otherwise while sharing scan results along
with P2P interfaces, the new scan will be requested on P2P interfaces.

Signed-hostap: Jithu Jance <jithu@broadcom.com>
2013-11-17 16:47:22 +02:00
Jouni Malinen
fa58da2e6c Remove old mechanism of skipping scan request rescheduling
Since eloop_deplete_timeout() is doing practically same in
wpa_supplicant_req_scan(), revert the old mechanism from commit
7e1488494e to avoid unnecessary work in
this function.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-17 16:47:13 +02:00
Dmitry Shmidt
e2f5a9889a Deplete scan request if new time is less than remaining
This avoids pushing out previous scheduled scan requests based on new
events.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-17 16:46:58 +02:00
Vinay Krishna Eranna
dcd25d4c3b P2P: Use negotiated channel from invitation for persistent GO
During persistent group re-invocation, GO may end up using a different
channel as the operation channel compared to what was indicated in the
invitation frames. This may break the connection if the peer device ends
up scanning the GO only on the channel from the invitation frame. Fix
this by using the negotiated channel (if available) on the GO as the
operating channel instead of the channel that was provided in the
p2p_invite command to start negotiation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-16 18:05:28 +02:00
Sunil Dutt
800d58721c TDLS: Provide external control to specify the peers for setup
There are use cases requesting the host driver to initiate the TDLS
setup with the peer only when configured by the external applications.
Thus, enable this control by tdls_external_control=1 and pass the
requisite information for the specific TDLS operation to the driver
on the request from such use cases.

This operation mode expects the driver to initiate TDLS link
automatically based on signal strength and traffic to a peer and tear
down links whenever they are not used or suitable due to signal strength
etc. The list of peers with which such operations are to be performed
are provided with the TDLS driver operations.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-15 03:02:08 +02:00
Dmitry Shmidt
58d6f91d16 Android: Reset MD5OBJS value before += operation
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-09 15:30:46 +02:00
Jouni Malinen
890b3a44cb Android: Sync Android.mk with Makefile
This brings in commit 411f567050 changes
to allow libdl to be linked in after OpenSSL.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-08 13:04:51 +02:00
Dmitry Shmidt
736abfc166 Android: Set proper path to keystore include dir
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 13:04:51 +02:00
Dmitry Shmidt
5e42035ed9 Android: Fix CONFIG_EAP_PROXY option and move it to right place
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 11:47:00 +02:00
Dmitry Shmidt
643fab30a0 Android: Add CONFIG_IEEE80211AC option to makefile
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 11:47:00 +02:00
Dmitry Shmidt
4ba83096e2 Android: Add CONFIG_EAP_UNAUTH_TLS option to makefile
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 11:47:00 +02:00
Ying Wang
53414a7e35 Android: Add liblog
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 11:46:59 +02:00
Kenny Root
1d415f1fcc Android: Switch keystore to binder
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 11:46:53 +02:00
Joe Onorato
4e5a4d3e57 Android: Get rid of LOCAL_MODULE_TAGS := user
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 11:41:05 +02:00
Kenny Root
206d81319e Android: Restore OpenSSL ENGINE support
We now use an OpenSSL ENGINE to support keystore functionality.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 11:40:13 +02:00
Dmitry Shmidt
b7997e01db Android: Remove obsolete WPA_UNICODE_SSID define
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-08 00:22:32 +02:00
Dmitry Shmidt
60cdfd7e25 Android: Fix compilation without BOARD_WPA_SUPPLICANT_DRIVER
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-07 14:04:30 +02:00
Dmitry Shmidt
e40634e654 Prohibit PNO start during assoc process and in connect state
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-07 14:01:33 +02:00
Dmitry Shmidt
3526ff0fad Android: Add ANDROID_P2P define under BOARD_WLAN_DEVICE
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-07 14:01:28 +02:00
Dmitry Shmidt
d0b2735240 Android: Fix CFLAGS -> L_CFLAGS
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-11-07 14:01:23 +02:00
Jouni Malinen
9ec876662b P2P: Allow GO P2P Device Address to be used for scan result matching
This is a better way of matching P2P groups based on the unique P2P
Device Address (e.g., from P2P Group ID) and SSID pair instead of using
the not necessarily unique P2P Interface Address.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-07 13:49:01 +02:00
Jouni Malinen
08b2677974 Interworking: Use SSID from the BSS entry
There is no need to parse the IE buffer again to find the SSID of the
BSS since that information is already stored in struct wpa_bss.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-07 00:17:48 +02:00
Jouni Malinen
50589751bf Interworking: Reject BSS based on disallow_aps
If a BSS is disallowed temporarily with disallow_aps, the network
connection is going to fail. As such, there is not much point in
allowing Interworking network selection to try to connect with such BSS.
As such, do not consider disallowed networks for automatic network
selection and reject requests to connect to them through
INTERWORKING_CONNECT.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-07 00:12:30 +02:00
Jouni Malinen
6ede8a7e4d Interworking: Avoid duplicated network blocks
Do not add multiple network blocks for the same network from a single
credential. INTERWORKING_CONNECT used to generate a new network block
for each instance regardless of what network blocks have already been
configured. While this allows the connection to go through, it is not
efficient to leave behind potentially large number of network blocks
with the same contents (or worse, changed contents). Address this by
removing an older network block for the same credential before adding a
new one.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-07 00:12:30 +02:00
Jouni Malinen
d28f4e44f1 Interworking: Do not reconnect if already connected
If we are already connected to the selected AP with a network block
that was created based on the selected credential, do not force a
reconnection or network block update.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-07 00:12:30 +02:00
Jouni Malinen
217cf4991d P2P: Add more debug prints for frequency selection
This prints out get_shared_radio_freqs() results and related information
from P2P operations to make debug logs more helpful for figuring out
issues related to multi-channel concurrency.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-05 11:07:51 +02:00
Ilan Peer
4dd3f86834 P2P: Fix bug in GO frequency selection
When trying to choose a frequency that can be used for GO instantiation,
properly check if there are free channels that can be used.

Signed-hostap: Ilan Peer <ilan.peer@intel.com>
2013-11-05 10:55:22 +02:00
Ilan Peer
9804873e53 wpa_supplicant: Fix bug in get_shared_radio_freqs
The idx variable was mistakenly set to 0 at the beginning of the
interface iteration. This could result in the operating channel of the
interface calling the function from being removed from the returned
frequency array if other interfaces were operating.

Signed-hostap: Ilan Peer <ilan.peer@intel.com>
2013-11-05 10:55:22 +02:00
Haim Dreyfuss
3139270903 bgscan: Add global bgscan configuration
This option can be used to globally configure bgscan parameters
for all the network blocks.

Note that this configuration will not override a network block
specific bgscan settings, but will only be used in case that
the network block does not have a valid bgscan configuration.

Signed-hostap: Haim Dreyfuss <haim.dreyfuss@intel.com>
2013-11-05 10:26:31 +02:00
Naresh Jayaram
efc58df29c eap_proxy: Re-read IMSI from proxy in Interworking functionality
Try to read the IMSI values through the eap_proxy layer for Interworking
functionality again if the value was not available at startup.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-05 10:12:14 +02:00
Jouni Malinen
18ca733248 SAE: Fix group selection
Number of regressions had shown up in wpa_supplicant implementation of
SAE group selection due to different integer array termination (-1 in
hostapd, 0 in wpa_supplicant) being used for SAE groups. The
default_groups list did not seem to use any explicit termination value.
In addition, the sae_group_index was not cleared back to 0 properly
whenever a new SAE session was started.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-02 18:07:49 +02:00
Jouni Malinen
65015b2d8e Replace unnecessary UTF-8 characters with ASCII versions
There is no need for using UTF-8 in these files when perfectly fine
ASCII versions of these characters exist.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-02 16:01:32 +02:00
Jouni Malinen
c092d83e26 P2P: Clear pending group formation data on group removal
It was possible for the wpa_s->show_group_started and wpa_s->go_params
to be left set when a P2P group was removed before group formation had
completed. In case a separate P2P group interface was not used, this
could rsult in all future scans using the hardcoded DIRECT-* SSID and as
such, not find the network they were trying to find. Fix this by
clearing these P2P parameters on group removal.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-01 10:31:55 +02:00
Jouni Malinen
9100b6607b P2P: Debug print reason for specific SSID for scan
It can be useful to see whether the specific P2P SSID was used for scan
based on p2p_in_provisioning or show_group_started when debugging issues
where this case shows up unexpectedly.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-01 10:30:50 +02:00
Jouni Malinen
2aec4f3c0c Allow add-BSS operation to re-use existing netdev
When removing and re-adding the first wlan# netdev to hostapd
dynamically, the netdev is already present and should not be removed and
re-added to maintain its state as not-added-by-hostapd so that it does
not get removed automatically.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-31 22:34:25 +02:00
Vinay Krishna Eranna
731ca6364e Update regulatory change to all virtual interface for the phy
wpas_p2p_setup_channels function uses the per interface information
(wpa_s->hw.modes) for setting up the available channel list for P2P
operation, but if a separate P2P interface is used (e.g., p2p0 on
Android), the wpa_s instance for that interface may not get an updated
channel list. This can result in some operations, like "P2P_SET
disallow_freq", using old channel list information (e.g., world roaming
information with passive-scan/no-ibss flags) which was initialized
during the start-up. This could result in P2P functionality using
conflicting or obsolete channel information.

To resolve this issue, update channel list information on regulatory
change events to all of the virtual interfaces sharing the same phy for
which the event is received.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-29 23:03:23 +02:00
Jouni Malinen
ebd79f07c4 hostapd: Make hostapd_config::bss array of pointers
This makes it more convenient to move BSS configuration entries between
struct hostapd_config instances to clean up per-BSS configuration file
design.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-29 16:58:21 +02:00
Jouni Malinen
7617388ea3 Interworking: Report STATUS:sp_type even if domain is not configured
This allows sp_type={home,roaming,unknown} to be used to determine
network type with SIM-based credentials even if the domain name
parameter is not configured explicitly.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-29 13:57:02 +02:00
Jouni Malinen
c20bc9d464 P2P: Remove compiler warning without CONFIG_IEEE80211N
Commit ca9bc5b566 added wpas_conf_ap_vht()
as a static function with the caller within CONFIG_IEEE80211N, but the
function outside. This resulted in a compiler warning for wpa_supplicant
AP/P2P builds when CONFIG_IEEE80211N=y was not used. Fix that by using
matching conditional block around the function.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-27 20:46:19 +02:00
Eliad Peller
ca9bc5b566 P2P: Add VHT support
Start GO with VHT support if VHT option was requested
and the appropriate channels are available.

Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
2013-10-27 20:08:36 +02:00
Eliad Peller
20ea1ca406 P2P: Add VHT parameter to P2P operations
Add the option to ask for VHT operation similarly to the way ht40 is
configured - either by adding 'vht' param to the relevant p2p_*
commands or by configuring p2p_go_vht=1 in the configuration file.

This patch only adds the configuration option (e.g., via control
interface). The actual handling of the VHT parameter (asking the driver
to use VHT, etc.) will be done by the following patch.

Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
2013-10-27 19:46:17 +02:00
Eliad Peller
f2112b2ac8 wpa_supplicant: Add CONFIG_IEEE80211AC
In order to support P2P GO with 11ac support, add CONFIG_IEEE80211AC
config option support to the Makefile.

Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
2013-10-27 19:32:03 +02:00
Jouni Malinen
4d9fb08d23 WPS: Clear known_wps_freq in addition to after_wps
Both of these variables can result in optimized WPS scans, so better
clear these more consistently to avoid unexpected single-channel scans.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-27 12:56:56 +02:00
Jouni Malinen
d20c340f7e Interworking: Clear known_wps_freq for network selection
This was forgotten from the previous commit which allowed some cases to
trigger single-channel scan incorrectly if an optimized WPS scan had not
yet been completed at the time network selection was started.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-27 12:55:09 +02:00
Jouni Malinen
1bd05d0423 Interworking: Force normal scan for network selection
Make sure special optimized scans (like WPS-single-channel or
sched_scan) do not get used during the network selection scan. This
could have been hit in cases where a previous operation has been stopped
in a state where special scan parameters were going to be used.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-27 11:26:58 +02:00
Jouni Malinen
51e9f22809 P2P: Add option to allow additional client channels
The new p2p_add_cli_chan=1 configuration parameter can be used to
request passive-scan channels to be included in P2P channel lists for
cases where the local end may become the P2P client in a group. This
allows more options for the peer to use channels, e.g., if the local
device is not aware of its current location and has marked most channels
to require passive scanning.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-26 17:49:10 +03:00
Jouni Malinen
556b30daca P2P: Add option to remove channels from GO use
The new p2p_no_go_freq frequency range list (comma-separated list of
min-max frequency ranges in MHz) can now be used to configure channels
on which the local device is not allowed to operate as a GO, but on
which that device can be a P2P Client. These channels are left in the
P2P Channel List in GO Negotiation to allow the peer device to select
one of the channels for the cases where the peer becomes the GO. The
local end will remove these channels from consideration if it becomes
the GO.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-26 17:49:10 +03:00
Jouni Malinen
e7ecab4a3b Use ARRAY_SIZE() macro
Replace the common sizeof(a)/sizeof(a[0]) constructions with a more
readable version.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-26 17:49:05 +03:00
Jouni Malinen
29179b881e Stop ctrl_iface monitor send loop on reinit failure
There is no point trying to continue sending messages with sendmsg() if
socket reinitialization fails.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-26 15:55:59 +03:00
Jouni Malinen
a2a535f897 Remove unnecessary wpa_s->conf checks
wpa_s->conf cannot be NULL because wpa_supplicant_init_iface() would not
allow wpa_supplicant_add_iface() to return wpa_s instance in such state.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-26 15:55:52 +03:00
Jouni Malinen
41c526f357 P2P: Fix snprintf buffer length for group ifname backup
Commit 2e5ba4b6d1 moved this to a function
and updated one of the os_snprintf() calls to use the len parameter, but
forgot the other one.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-24 21:22:30 +03:00
Naresh Jayaram
07041c6f99 eap_proxy: Confirm eap_proxy initialization before reading SIM info
Trying to access the SIM card details without checking if the eap_proxy
layer has been initialized can results in a crash. Address this by
sending the request for the IMSI through eapol_supp_sm.c which can
verify that eap_proxy has been initialized.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-23 20:51:39 +03:00
Po-Lun Lai
47d986e6ff P2P: Check Action frame payload match before accepted TX status
It is possible for there to be two pending off-channel TX frames, e.g.,
when two devices initiate GO Negotiation at more or less the same time.
This could result in the TX status report for the first frame clearing
wpa_s->pending_action_tx that included the newer frame that has not yet
been transmitted (i.e., is waiting to be sent out). Avoid losing that
frame by confirming that the TX status payload matches the pending frame
before clearing the pending frame and reporting the TX status callback.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-23 17:47:40 +03:00
Jouni Malinen
d259249762 Fix ENABLE_NETWORK not to reconnect in disconnected state
DISCONNECT followed by ENABLE_NETWORK ended up starting a scan for a new
connection due to wpa_supplicant_enable_one_network() setting
wpa_s->reassociate = 1. This was done regardless of wpa_s->disconnected
being 1 which should imply that wpa_supplicant should not try to connect
before asked explicitly with REASSOCIATE or RECONNECT.

Fix this by making ENABLE_NETWORK setting of reassociate = 1 and
starting of scans for connection conditional on wpa_s->disconnected ==
0. This will make ENABLE_NETWORK trigger a connection only if
wpa_supplicant is already in a state where it would try to connect if
there are any enabled networks.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-23 12:09:46 +03:00
Jouni Malinen
af8a827b90 Make frequency range list routines more general
This allows the frequency range list implementation to be shared for
other purposes.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-23 00:44:07 +03:00
Dan Williams
538922a628 dbus: Add boolean AllowRoam option to Scan() method options dictionary
To disallow roaming when a scan request's results are read, callers
of the D-Bus Scan() method may add a new "AllowRoam" boolean key
to the scan options dictionary and set that key's value to FALSE.

Signed-hostap: Dan Williams <dcbw@redhat.com>
2013-10-22 16:09:46 +03:00
Pontus Fuchs
c6f5dec9c1 Don't start second scan when changing scan interval
If a scan is currently running and the scan interval is changed, a
second scan will be started before the current has finished. This will
in turn, if no networks are configured, cause wpa_s->state to be
forced to WPA_INACTIVE before the first scan has finished.

Signed-hostap: Pontus Fuchs <pontus.fuchs@gmail.com>
2013-10-22 15:57:21 +03:00
Jouni Malinen
313424d46e GAS: Add support for multiple pending queries for the same destination
Need to use the pointer to the current ongoing query instead of matching
from the pending list based on the destination address so that we get
the correct query instance when processing the TX status report.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-21 14:37:37 +03:00
Jouni Malinen
cbc5484892 GAS: Do not start new scan operation during an ongoing GAS query
These operations can have conflicting offchannel requirements, so wait
with a new scan trigger until a pending GAS query has been completed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-21 13:20:38 +03:00
Kyeyoon Park
c377514337 GAS: Delay GAS query Tx while scanning/connecting
Offchannel operations needed for a GAS query can conflict with ongoing
scan/connection progress, so delay GAS queries if such an operation is
in progress on the current interface or any virtual interface sharing
the same radio.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-21 13:15:45 +03:00
Kyeyoon Park
24c694b465 GAS: Delay GAS query Tx while another query is in progress
It would be possible to issue another GAS query when a previous one is
still in progress and this could result in conflicting offchannel
operations. Prevent that by delaying GAS query initiation until the
previous operation has been completed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-21 13:13:42 +03:00
Jouni Malinen
7255983b59 WPS: Clear after_wps from number of new locations
This makes it less likely to forget WPS single-channel scan optimization
in effect after having completed the WPS operation or in case WPS
operating gets cancelled.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-20 21:38:02 +03:00
Jouni Malinen
73b54d63fc P2P: Fix Operating Channel in Invitation Request for operating group
When a GO or P2P Client invites a peer device to join an already
operating group, the Operating Channel in Invitation Request needs to be
forced to the current operating channel of the group.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-20 21:38:02 +03:00
Jouni Malinen
0c92963656 D-Bus: Clean up debug print for P2P invitation result
wpa_printf() does not need '\n' so remove the extra newline. In
addition, drop the priority of this message from MSG_INFO to MSG_DEBUG
since this is in no way exceptional operation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-20 21:38:02 +03:00
Jouni Malinen
d2858883b0 P2P: Add GO BSS entry details to debug log on join-a-group
This makes it easier to debug issues related to selecting GO information
from the latest updated BSS table entry.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-20 21:38:01 +03:00
Jouni Malinen
e241b1b4f2 eap_proxy: Fix IMSI fetch for home vs. visited network determination
Use similar mechanism to CONFIG_PCSC=y case to set the IMSI and MNC
length for eap_proxy. This allows automatic 3GPP realm comparison
against the domain list.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-20 13:12:04 +03:00
Jouni Malinen
a5d44ac083 EAP peer: Add framework for external SIM/USIM processing
The new configuration parameter external_sim=<0/1> can now be used to
configure wpa_supplicant to use external SIM/USIM processing (e.g., GSM
authentication for EAP-SIM or UMTS authentication for EAP-AKA). The
requests and responses for such operations are sent over the ctrl_iface
CTRL-REQ-SIM and CTRL-RSP-SIM commands similarly to the existing
password query mechanism.

Changes to the EAP methods to use this new mechanism will be added in
separate commits.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-20 13:12:04 +03:00
Jouni Malinen
7e8bc7d6fb eapol_test: Initialize BSS lists
This is needed to avoid issues with control interface commands that
could request BSS list during an eapol_test run. wpa_cli tries to update
its internal BSS list and that could trigger eapol_test crashes without
this.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-19 16:28:56 +03:00
Jouni Malinen
bceb843108 Send CTRL-RSP command response before processing EAPOL update
This is what the original implementation did years ago, but the move to
using separate control interface backends re-ordered the implementation
to process EAPOL notification first. Use a registered timeout to allow
the ctrl_iface response to be sent out first to get somewhat faster
response time and to avoid pending operations that could result in
ctrl_iface response and unsolicited event messages from getting mixed
up.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-19 16:26:01 +03:00
Jouni Malinen
b6077964c2 eapol_test: Fix external EAP request mechanism
The eap_param_needed callback was forgotten from eapol_test and this
prevented external EAP request processing through ctrl_iface from being
tested.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-19 13:44:39 +03:00
Jouni Malinen
94de082b39 eapol_test: Initialize wpa_s->global to fix ctrl_iface
wpa_s->global is now dereferenced in number of places and at least one
of them hits in eapol_test cases. Fix issues with this by setting the
global pointer to empty data.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-19 13:08:37 +03:00
Jouni Malinen
f07bba3255 Android: Add dfs.c into build
This fixes Android build after commit
e76da50529 that added the new dfs.c file.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 15:18:40 +03:00
Jouni Malinen
f47c145285 Interworking: Add required_roaming_consortium parameter for credentials
This allows credentials to be limited from being used to connect to a
network unless the AP advertises a matching roaming consortium OI.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
a83e5749ac GAS: Update timeout from TX status handler
This allow GAS operations to be fine-tuned based what happens with GAS
query TX. Failed queries are timed out immediately and acknowledged
queries are given some more time to account for possible TX queue
latencies.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
56f5af489c Interworking: Add support for QoS Mapping functionality for the STA
Indicate support for QoS Mapping and configure driver to update the QoS
Map if QoS Map Set elements is received from the AP either in
(Re)Association Response or QoS Map Configure frame.

This commit adds support for receiving the frames with nl80211 drivers,
but the actual QoS Map configuration command is still missing.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
ac1bc54948 Interworking: Add domain_suffix_match for credentials
This allow domain_suffix_match to be specified for a cred block and then
get this copied for the network blocks generated from this credential as
part of Interworking network selection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
463c8ffbd5 Interworking: Add support for multiple home FQDNs
Credentials can now be configured with more than one FQDN ('domain'
field in the cred block) to perform Domain Name List matching against
multiple home domains.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
01f809c7db Add AAA server domain name suffix matching constraint
The new domain_suffix_match (and domain_suffix_match2 for Phase 2
EAP-TLS) can now be used to specify an additional constraint for the
server certificate domain name. If set, one of the dNSName values (or if
no dNSName is present, one of the commonName values) in the certificate
must have a suffix match with the specified value. Suffix match is done
based on full domain name labels, i.e., "example.com" matches
"test.example.com" but not "test-example.com".

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 13:34:26 +03:00
Janusz Dziedzic
e76da50529 hostapd: Add AP DFS support
Add DFS structures/events handlers, CAC handling, and radar detection.
By default, after radar is detected or the channel became unavailable, a
random channel will be chosen.

This patches are based on the original work by Boris Presman and
Victor Goldenshtein. Most of the DFS code is moved to a new dfs.c/dfs.h
files.

Cc: Boris Presman <boris.presman@ti.com>
Cc: Victor Goldenshtein <victorg@ti.com>

Signed-hostap: Simon Wunderlich <siwu@hrz.tu-chemnitz.de>
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:05:15 +03:00
Pontus Fuchs
5079392954 Increase buffer size and prevent write beyond buffer end
wpa_config_write_key_mgmt has a buffer size of 50. This is not enough
to fit the longest case. I used a network with "WPA-PSK WPA-EAP
WPA-NONE" and CONFIG_IEEE80211R=y + CONFIG_IEEE80211W=y to produce
a string longer than 50 chars. Increase the buffer size to 100 to
prevent truncated output.

Truncated output is not the only problem. If the buffer end is
reached when adding certain key mgmt types the function does not
return immediately. This leaves pos > end. When a second os_sprintf
is called the calculation of end - pos yields a large positive
number for buffer size. End result is a write beyond the buffer end.
Fix this by bailing out if buffer end is reached.

Signed-hostap: Pontus Fuchs <pontus.fuchs@gmail.com>
2013-10-14 20:49:26 +03:00
Jithu Jance
7e910b7b51 WPS NFC: Cancel scheduled scan before attempting a scan
Cancel scheduled scan (if any) before attempting to scan for the newly
received configuration/credential in WPS NFC Config token case.

Signed-hostap: Jithu Jance <jithu@broadcom.com>
2013-10-14 20:42:27 +03:00
Jouni Malinen
b72e14e599 P2P: Do not allow P2P client connection without P2P IE from GO
P2P-GROUP-STARTED event depends on having enough information about the
group available. To avoid incomplete information from being delivered to
upper layers, do not accept scan results without P2P IE (e.g., from a
non-P2P scan) for P2P client association process. This can be of use for
some join-a-group cases where non-P2P scans have generated the BSS entry
for the GO.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-14 19:41:23 +03:00
Jouni Malinen
5df7414b04 P2P: Allow persistent group determination based on Beacon frame
P2P IE may be available from a Beacon frame from a GO even if we have
not yet received a Probe Response frame with P2P IE from that GO. Since
all the needed information for determining the GO's P2P Device Address
and group capabilities are available, use that information instead of
displaying incomplete group information.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-14 19:28:00 +03:00
Jouni Malinen
aaeb9c98e6 P2P: Allow GO to be discovered based on Beacon frame
This fixes some P2P-join-a-group cases where GO may have been discovered
based on passive scan or non-P2P scan. P2P IEs may have been received
from a Beacon frame in such a case and that information can be used to
create a P2P peer entry, e.g., to allow provision discovery exchange to
be completed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-14 19:25:28 +03:00
Jouni Malinen
b16696ff72 P2P: Show p2p flag in debug info for scan results
This makes it easier to confirm that P2P capabilities for a GO has been
discovered properly.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-14 19:23:38 +03:00
Jouni Malinen
bb50ae4396 P2P: Show P2P flag in BSS entries also based on Beacon frames
It is possible that a P2P GO has been discovered through a non-P2P scan
that did not return P2P IE in Probe Response frames. To cover those
cases, check also Beacon frame (if received) for P2P IE.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-14 19:22:09 +03:00
Jouni Malinen
ff57398fca P2P: Do not drop P2P IEs from BSS table on non-P2P scans
This could happen when non-P2P station interface runs a scan without P2P
IE in the Probe Request frame. P2P GO would reply to that with a Probe
Response that does not include P2P IE. Do not update the IEs in this BSS
entry to avoid such loss of information that may be needed for P2P
operations to determine group information.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-14 17:34:41 +03:00
Jouni Malinen
adeb4f59a2 P2P: Make sure wait for the first client gets stopped
If a group was removed before the wait for the first client had timed
out and the client had not yet connected, p2p_go_wait_client could have
been left set and with that, scan operations could be unnecessarily
delayed. This fixes some undesired delays from commit
c1c0b35fea.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-05 22:15:28 -07:00
Dmitry Shmidt
f22f274bbf P2P: Clone 'disable_scan_offload' parameter for p2p group
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-10-05 18:18:20 -07:00
Deepthi Gowri
acdd0fc84f P2P: Clear p2p_group_formation and p2p_in_provisioning on group removal
Commit 41f853235f extends group formation
timeout for the first data connection to complete and resets
p2p_go_group_formation_completed flag due to which p2p_in_provisioning
and p2p_group_formation flags are not cleared when
wpas_group_formation_completed() is called. This can result in both
station scan and p2p_find failures in the case where separate P2P group
interface is not used and the client does not complete 4-way handshake.
Fix this by clearing p2p_group_formation and p2p_in_provisioning when
such a P2P group is deleted.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-05 17:54:52 -07:00
Arif Hussain
8b3b803ab9 Include Extended Capabilities element based on scan results
Add Extended Capabilities element to association request only if the AP
included this element in Beacon/Probe Response frames. This is a
workaround to address interoperability issues with some older APs that
do not seem to be able to handle Extended Capabilities element in
(Re)Association Request frames.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-02 08:09:05 -07:00
Deepthi Gowri
6903ee6f62 P2P Extend postponing of concurrent scans for persistent GO
Update the p2p_go_wait_client timestamp in p2p_go_configured() to
address the case where the group is set up without the provisioning
step.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-02 07:32:17 -07:00
Sunil Dutt
f130b105ec TDLS: Clean up wpa_tdls_teardown_link() uses
Making this function be used only for external setup case simplifies the
implementation and makes core wpa_supplicant calls in ctrl_iface.c and
events.c consistent.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-30 17:10:18 +03:00
Jouni Malinen
5388dc97e0 Document use of Linux capabilities instead of privileged process
Linux capabilities cap_net_admin and cap_net_raw can be used to replace
need for running wpa_supplicant as a root process.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-29 12:04:40 +03:00
Jouni Malinen
a771c07dfc Add driver status information to control interface
STATUS-DRIVER command can now be used to fetch driver interface status
information. This is mainly for exporting low-level driver interface
information for debug purposes.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-28 17:19:30 +03:00