Commit graph

218 commits

Author SHA1 Message Date
Masashi Honma
f3e1570576 VHT: Fill VHT capability with hardware capability
Previously, VHT capability was default value (=0x0000). This makes
VHT Capabilities Info in VHT Capabilities IE in mesh peering
open/confirm frame 0x0000. This patch fills it with hardware capability.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2017-02-07 11:14:55 +02:00
Masashi Honma
4d77d80edd mesh: Add MESH_PMKSA_GET/ADD commands
These commnds are mesh version of PMKSA_GET/ADD commands. So the usage
and security risk is similar to them. Refer to
commit 3459381dd2 ('External persistent
storage for PMKSA cache entries') also.

The MESH_PMKSA_GET command requires peer MAC address or "any" as an
argument and outputs appropriate stored PMKSA cache. And the
MESH_PMKSA_ADD command receives an output of MESH_PMKSA_GET and re-store
the PMKSA cache into wpa_supplicant. By using re-stored PMKSA cache,
wpa_supplicant can skip commit message creation which can use
significant CPU resources.

The output of the MESH_PMKSA_GET command uses the following format:
<BSSID> <PMKID> <PMK> <expiration in seconds>

The example of MESH_PMKSA_ADD command is this.
MESH_PMKSA_ADD 02:00:00:00:03:00 231dc1c9fa2eed0354ea49e8ff2cc2dc cb0f6c9cab358a8146488566ca155421ab4f3ea4a6de2120050c149b797018fe 42930
MESH_PMKSA_ADD 02:00:00:00:04:00 d7e595916611640d3e4e8eac02909c3c eb414a33c74831275f25c2357b3c12e3d8bd2f2aab6cf781d6ade706be71321a 43180

This functionality is disabled by default and can be enabled with
CONFIG_PMKSA_CACHE_EXTERNAL=y build configuration option.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2017-01-14 18:07:46 +02:00
Jouni Malinen
8f315d0505 Fix country code in wpa_supplicant AP mode Country element
country[2] needs to be set to ' ' instead of left to '\0' for the case
where wpa_supplicant sets up AP mode operations and includes the Country
element. Currently, this would be only for DFS channels. Without this,
the Beacon frames would go out with incorrect third octet in the country
code.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-01-13 15:05:26 +02:00
Jouni Malinen
5e993390f6 Initialize iface->sta_seen on allocation
Previously, struct hostapd_iface sta_seen list head was initialized only
when completing interface setup. This left a window for operation that
could potentially iterate through the list before the list head has been
initialized. While the existing code checked iface->num_sta_seen to
avoid this case, it is much cleaner to initialize the list when struct
hostapd_iface is allocated to avoid any accidental missing of the extra
checks before list iteration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-09-22 00:45:24 +03:00
Lior David
d1723c5566 wpa_supplicant: Allow FTM functionality to be published
Add configuration options that control publishing of fine timing
measurement (FTM) responder and initiator functionality via bits 70, 71
of Extended Capabilities element. Typically, FTM functionality is
controlled by a location framework outside wpa_supplicant. When
framework is activated, it will use wpa_supplicant to configure the
STA/AP to publish the FTM functionality. See IEEE P802.11-REVmc/D7.0,
9.4.2.27.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2016-09-05 21:27:23 +03:00
Lior David
b94fff1d93 wpa_supplicant: Configurable EAP fragment size in AP mode
In wpa_supplicant AP mode, allow configuration of the EAP fragment size
using the fragment_size member of network block (wpa_ssid), similar to
the fragment_size in hostapd configuration. bss->fragment_size default
value of 0 is treated specially in some EAP code paths (such as MTU
initialization in eap_pwd_init). In order to preserve the existing
behavior, bss->fragment_size will only be set if the network block
specified a value different from the default which is
DEFAULT_FRAGMENT_SIZE(1398) bytes.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2016-06-24 19:02:58 +03:00
Kanchanapally, Vidyullatha
cc9a2575ca nl80211: Use extended capabilities per interface type
This adds the necessary changes to support extraction and use of the
extended capabilities specified per interface type (a recent
cfg80211/nl80211 extension). If that information is available,
per-interface values will be used to override the global per-radio
value.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2016-05-31 21:35:54 +03:00
Lior David
b6317b417f wpa_supplicant: Add wps_disabled parameter to network block
Add a new parameter wps_disabled to network block (wpa_ssid). This
parameter allows WPS functionality to be disabled in AP mode.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2016-05-14 19:43:30 +03:00
Jouni Malinen
23d71a0286 Set wpa_psk_set in wpa_supplicant AP mode is PSK is available
While this is unlikely to make any practical difference, it is better to
keep consistent with hostapd configuration parser.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-14 19:43:30 +03:00
Jouni Malinen
6641954321 Fix AP mode key_mgmt configuration in wpa_supplicant default case
If the network profile key_mgmt parameter was not set, wpa_supplicant
defaulted to enabling both WPA-PSK and WPA-EAP. This is not correct for
AP mode operations, so remove WPA-EAP in such a case to fix WPA-PSK
without explicit key_mgmt parameter.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-05-14 19:43:30 +03:00
Johannes Berg
3dd0e9e4e4 wpa_supplicant: Fix CONFIG_AP build without CTRL_IFACE
wpas_ap_pmksa_cache_list() and wpas_ap_pmksa_cache_flush() should be
under the #ifdef since they're only called for the control iface and
use functionality that otherwise isn't available.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
2016-05-13 18:31:01 +03:00
Lior David
90f14962ec wpa_supplicant: "don't care" value for pbss in ssid structure
Add a new value 2 to the pbss parameter of wpa_ssid structure, which
means "don't care". This value is used in infrastructure mode to request
connection to either AP or PCP, whichever is available in the scan
results. The value is also used in regular WPS (not P2P group formation)
to make WPS work with devices running as either AP or PCP.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2016-04-08 12:56:34 +03:00
Masashi Honma
4c522c7798 PMKSA: Flush AP/mesh PMKSA cache by PMKSA_FLUSH command
This extends the wpa_supplicant PMKSA_FLUSH control interface command to
allow the PMKSA list from the authenticator side to be flushed for AP
and mesh mode. In addition, this adds a hostapd PMKSA_FLUSH control
interface command to flush the PMKSA entries.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-03-20 17:37:53 +02:00
Masashi Honma
b8daac18a4 PMKSA: Show AP/mesh PMKSA list in PMKSA command
This extends the wpa_supplicant PMKSA control interface command to allow
the PMKSA list from the authenticator side to be listed for AP and mesh
mode. In addition, this adds a hostapd PMKSA control interface command
to show the same list for the AP case.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2016-03-20 17:37:53 +02:00
Lior David
ba307f8528 P2P: Add a separate pointer to the P2P Device instance
In many places in the code there was a reference to wpa_s->parent to get
from group interface to p2p_dev interface. These places can break if
P2P_DEVICE interface would need to be used with the primary interface as
the group interface, since the parent of the primary interface points to
itself and not the p2p_dev interface.

Fix this by adding a separate "p2pdev" pointer to wpa_supplicant,
it will be the same as parent pointer in most cases but whenever
the primary interface is used as a group interface, change it to
point to the correct p2p_dev interface.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2016-02-27 19:37:19 +02:00
Nick Lowe
98a516eae8 WPS: Use only os_get_random() for PIN generation
Remove the fallback dependency on os_random() when generating a WPS pin.
This is exceptionally unlikely to ever be called as the call to
os_get_random() is unlikely to fail. The intention is to facilitate
future removal of os_random() as it uses a low quality PRNG.

Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
2016-02-19 18:44:40 +02:00
Lior David
b907491281 wpa_supplicant: Basic support for PBSS/PCP
PBSS (Personal Basic Service Set) is a new BSS type for DMG
networks. It is similar to infrastructure BSS, having an AP-like
entity called PCP (PBSS Control Point), but it has few differences.
PBSS support is mandatory for IEEE 802.11ad devices.

Add a new "pbss" argument to network block. The argument is used
in the following scenarios:
1. When network has mode=2 (AP), when pbss flag is set will start
as a PCP instead of an AP.
2. When network has mode=0 (station), when pbss flag is set will
connect to PCP instead of AP.

The function wpa_scan_res_match() was modified to match BSS according to
the pbss flag in the network block (wpa_ssid structure). When pbss flag
is set it will match only PCPs, and when it is clear it will match only
APs.

Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
2016-02-08 22:23:56 +02:00
Avraham Stern
83fe38b011 P2P: Fall back to no VHT when starting AP/P2P GO
In cases where the bandwidth is not set when starting an AP/P2P GO,
the code tries to use 160 MHz or 80 MHz channels. As a result, the
AP/P2P GO configuration is set to use these channel widths even if
they are not available, which may results in failing to start the
AP/P2P GO.

Fix this by changing the AP/P2P GO configuration not to use VHT channels
when they are not available. In this case the AP/P2P GO will use a 40
MHz channel, if available, or a 20 MHz channel, if this is the maximum
available width.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2016-02-06 18:23:33 +02:00
Tomasz Bursztyka
d99097177a wpa_supplicant: Enable Automatic Channel Selection support for AP mode
Since hostapd supports ACS now, let's enable its support in
wpa_supplicant as well when starting AP mode.

Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
[u.oelmann@pengutronix.de: rebased series from hostap_2_1~944 to master]
[u.oelmann@pengutronix.de: adjusted added text in defconfig]
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
2015-12-24 22:24:05 +02:00
Ahmad Kholaif
c27f4c9006 P2P: Add support for VHT 80+80 MHz and 160 MHz
The new max_oper_chwidth and freq2 arguments to P2P_CONNECT, P2P_INVITE,
and P2P_GROUP_ADD control interface commands can be used to request
larger VHT operating channel bandwidth to be used than the previously
used maximum 80 MHz.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-11-25 19:01:20 +02:00
Avraham Stern
0aed3f5a80 P2P: Set CTWindow only for P2P GO
CTWindow was set for all AP interfaces if the driver supports it and
this parameter is set in wpa_supplicant configuration. This results in
failing to start an AP that is not a P2P GO as this setting is rejected
by the driver.

Fix that by setting the CTWindow only for P2P GO interface.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-10-14 21:09:41 +03:00
Andrei Otcheretianski
73afc20d40 P2P: Implement wpas_p2p_move_go_csa()
Use channel switch mechanism to move a P2P GO to a new channel,
when required. In order to be able to reconfigure the GO channel,
split wpa_supplicant_conf_ap() function, so the frequency
configuration part can be reused to find additional CSA settings.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2015-10-03 20:10:37 +03:00
Andrei Otcheretianski
55b4cc6dd7 wpa_supplicant: Fix channel switch notification with VHT
Fix a bug in wpas_ap_ch_switch() function, which didn't pass VHT
frequencies correctly to hostapd_event_ch_switch().

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2015-09-25 21:09:58 +03:00
Andrei Otcheretianski
d7ded54774 Update wpa_s->current_ssid->frequency on CS event
Update wpa_s->current_ssid->frequency when EVENT_CH_SWITCH is received.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2015-09-25 21:07:01 +03:00
Jouni Malinen
3188aabaf1 Add shared periodic cleanup function for AP mode
This new mechanism can be used to combine multiple periodic AP
(including P2P GO) task into a single eloop timeout to minimize number
of wakeups for the process. hostapd gets its own periodic caller and
wpa_supplicant uses the previously added timer to trigger these calls.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-07-20 13:33:30 +03:00
Jouni Malinen
55413ce072 P2P: Do not allow 40 MHz co-ex PRI/SEC switch to force MCC
Do not allow 40 MHz co-ex PRI/SEC switch to force us to change our PRI
channel if we have an existing connection on the selected PRI channel
since doing multi-channel concurrency is likely to cause more harm than
using different PRI/SEC selection in environment with multiple BSSes on
these two channels with mixed 20 MHz or PRI channel selection.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-28 18:14:58 +03:00
Andrei Otcheretianski
0799b3f899 P2P: Specify frequency when sending Probe Response frame
If the RX frequency of the Probe Request frame is known, specify it when
sending the Probe Response frame. This is needed when the Probe Request
frame is received on another virtual interface, for example, when a GO
or P2PS client are discoverable on the group operating channel.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
2015-06-14 23:16:55 +03:00
Max Stepanov
734ddf6125 P2P: Add rx_freq parameter to Probe Request frame handler
In some cases, Probe Request frames can be received by a peer not only
on a listen channel. In this case an additional rx_freq parameter
explitly contains a Probe Request frame RX frequency. In case rx_freq is
set to 0, a Probe Request frame RX channel is assumed to be our own
listen channel (p2p->cfg->channel).

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
2015-06-14 23:16:55 +03:00
Jouni Malinen
b79911853f Fix CONFIG_AP=y build without CONFIG_CTRL_IFACE
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-04-04 11:56:53 +03:00
Jouni Malinen
f10487e1af Send CTRL-EVENT-DISCONNECTED on wpa_supplicant AP deinit
This makes the AP mode more consistent with other modes by providing a
matching pair of CTRL-EVENT-CONNECTED and CTRL-EVENT-DISCONNECTED event
messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-14 10:05:05 +02:00
Jouni Malinen
6e9023ea49 DFS: Allow wpa_supplicant AP mode to use non-offloaded DFS
This extends the hostapd-like setup of DFS-in-userspace for
wpa_supplicant AP mode operations.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-05 17:25:13 +02:00
Ahmad Kholaif
bd0f68c473 DFS: wpa_supplicant event processing
Add radar event processing logic for AP/P2P GO. The DFS processing
functions from hostapd are now used for these wpa_supplicant cases as
well for both offloaded and non-offloaded DFS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-03-05 17:24:16 +02:00
Eliad Peller
0b8bcaa50f P2P: Allow configuring CTWindow when working as GO
Read p2p_go_ctwindow (0-127 TUs) from the config file, and pass it to
the driver on GO start.

Use p2p_go_ctwindow=0 (no CTWindow) by default.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
2015-02-21 16:07:53 +02:00
Jouni Malinen
99650cadc9 Add STOP_AP control interface command
This is mainly for testing purposes to allow beaconing to be stopped
without clearing AP state in hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-08 13:35:49 +02:00
Eyal Shapira
fd83335f29 AP: Enable HT Tx STBC for AP/GO if supported by driver
Publish support for Tx STBC in the HT capabilities of a GO and AP
controlled by wpa_supplicant in case the hardware supports it.

Signed-off-by: Eyal Shapira <eyalx.shapira@intel.com>
2015-01-20 01:57:59 +02:00
Jouni Malinen
ce52d031e5 Clear wpa_psk memory when setting up wpa_supplicant AP mode
This is more of a theoretical case since this part is done only during
setup and the structure is not allocated in practice. Anyway,
maintaining more consistent use of bin_clear_free() for structures that
may contain keys is useful.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Jouni Malinen
e77007132e Extend wpa_supplicant STA* ctrl_iface commands for mesh
Since mesh functionality uses struct hostapd_data to maintain peer
state, the existing STA* control interface commands can be used to
display information about the peers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 20:14:30 +02:00
Jouni Malinen
aaadd72733 Check os_snprintf() result more consistently - more checks
Add more os_snprintf() result validation checks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
d85e1fc8a5 Check os_snprintf() result more consistently - automatic 1
This converts os_snprintf() result validation cases to use
os_snprintf_error() where the exact rule used in os_snprintf_error() was
used. These changes were done automatically with spatch using the
following semantic patch:

@@
identifier E1;
expression E2,E3,E4,E5,E6;
statement S1;
@@

(
  E1 = os_snprintf(E2, E3, ...);
|
  int E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else if (E6)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = 0;
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else if (E6) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	E1 = os_snprintf(E2, E3, ...);
  }
)
? os_free(E4);
- if (E1 < 0 || \( E1 >= E3 \| (size_t) E1 >= E3 \| (unsigned int) E1 >= E3 \| E1 >= (int) E3 \))
+ if (os_snprintf_error(E3, E1))
(
  S1
|
{ ... }
)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jason Mobarak
5cfb672dde mesh: Enable mesh HT mode
Add a new option "mesh_ht_mode" that specifies the HT mode for the
mesh, with this option on, mesh beacons, actions frames, and probe
responses with include the appropriate HT information elements.

[original implementation by Chun-Yeow Yeoh <yeohchunyeow@gmail.com>]
[some fixes by Masashi Honma <masashi.honma@gmail.com>]
Signed-off-by: Ashok Nagarajan <ashok.dragon@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
2014-11-16 19:43:11 +02:00
Ahmad Masri
d77419d234 P2P: Support GCMP as part of 60 GHz support
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-27 17:15:09 +02:00
Eliad Peller
04ee647d58 HT: Let the driver advertise its supported SMPS modes for AP mode
Add smps_modes field, and let the driver fill it with its supported SMPS
modes (static/dynamic). This will let us start an AP with specific SMPS
mode (e.g., dynamic) that will allow it to reduce its power usage.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2014-10-24 01:25:29 +03:00
Jouni Malinen
9d4ff04af3 Add external EAPOL transmission option for testing purposes
The new ext_eapol_frame_io parameter can be used to configure hostapd
and wpa_supplicant to use control interface for receiving and
transmitting EAPOL frames. This makes it easier to implement automated
test cases for protocol testing. This functionality is included only in
CONFIG_TESTING_OPTIONS=y builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-10 18:40:57 +03:00
Janusz Dziedzic
4ec68377ef wpa_supplicant: Use hostapd_freq_params in assoc_params
Use hostapd_freq_params instead of simple frequency parameter for driver
commands. This is preparation for IBSS configuration to allow use of
HT/VHT in IBSS.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-10-04 18:43:42 +03:00
Jouni Malinen
bd10d93891 P2P: Clean up by moving ifdef CONFIG_P2P to p2p_suppplicant.h
This removes number of unnecessary #ifdef CONFIG_P2P blocks from generic
code by hiding the conditional build into p2p_supplicant.h with empty
inline functions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-15 19:31:53 +03:00
Jouni Malinen
fb5d417178 P2P: Use cleaner way of generating pointer to a field (CID 68096)
The Action code field is in a fixed location, so the IEEE80211_HDRLEN
can be used here to clean up bounds checking to avoid false reports from
static analyzer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-13 00:27:15 +03:00
Jouni Malinen
35c03184df P2P: Use cleaner way of generating pointer to a field (CID 68095)
The Action code field is in a fixed location, so the IEEE80211_HDRLEN
can be used here to clean up bounds checking to avoid false reports from
static analyzer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-13 00:27:15 +03:00
Jouni Malinen
f8b10c1770 Fix CONFIG_AP=y build without CONFIG_P2P=y
Commit ca9bc5b566 used P2P functionality
from ap.c without proper ifdef CONFIG_P2P.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-04-07 13:40:58 +03:00
Jouni Malinen
c201f93a9e WPS: Enable WSC 2.0 support unconditionally
There is not much point in building devices with WPS 1.0 only supported
nowadays. As such, there is not sufficient justification for maintaining
extra complexity for the CONFIG_WPS2 build option either. Remove this by
enabling WSC 2.0 support unconditionally.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 18:33:21 +02:00
Jouni Malinen
9a1a538fa5 wpa_supplicant AP: Allow PMF to be enabled with ieee80211w
The ieee80211w parameter was not previously copied to the hostapd BSS
structure from wpa_supplicant configuration, so PMF was practically
disabled. Allow it to be configured through the wpa_supplicant network
configuration block.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-13 18:22:25 +02:00