Commit graph

3533 commits

Author SHA1 Message Date
Jouni Malinen
abfc3ad9af Synchronize build config comments for wpa_supplicant
This updates number of comments in android.config to match the latest
version in defconfig and adds some of the entries that were previously
present only in android.config into defconfig.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-05-04 20:19:50 +03:00
Jouni Malinen
a01e10da68 Android: Enable WPS ER and NFC support in the build
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-05-04 20:19:47 +03:00
Jouni Malinen
0f105f9e5f HS 2.0: Move Probe Request Indication IE addition to proper place
This needs to be in wpa_supplicant_extra_ies() to get consistent
behavior for both scan and sched_scan cases.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-05-04 11:57:56 +03:00
Ilan Peer
41b1a76a96 P2P: Clone beacon_int when initializing new group interface
Signed-hostap: Ilan Peer <ilan.peer@intel.com>
2013-05-04 11:25:29 +03:00
Vinayak Kamath
741ed9fc25 WPS: Remove duplicate networks after WPS
Each attempt to connect to the same network using WPS would result
in the duplicate configuration getting added. Avoid such redundant
additions by comparing the network configuration with an already
existing one and remove the older network if the new credential
provisioned through WPS is identical.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-30 13:35:50 +03:00
Jouni Malinen
b57b560034 wpa_supplicant: Default to nl80211 instead of wext
nl80211 has obsoleted WEXT as the preferred kernel interface for
controlling wireless drivers. Update wpa_supplicant driver interface
list order so that nl80211 gets used first if both nl80211 and wext
interfaces are included in the build. In addition, update README to
reflect the fact that WEXT is obsolete.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-29 16:55:44 +03:00
Jouni Malinen
a8a7890d7c Clear extra_blacklist_count on FLUSH command
This is needed to avoid old blacklist failure counts from being valid
after state flush.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-28 22:35:15 +03:00
Jouni Malinen
5e24dc8a4b Add dup_binstr() to help common binary string tasks
There are quite a few places in the current implementation where a nul
terminated string is generated from binary data. Add a helper function
to simplify the code a bit.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-27 23:44:59 +03:00
Jouni Malinen
04382f7d6f NFC: Add no waiting and no multiple operations options for scripts
The nfcpy script used to be run in a way that left them running for
multiple operations. This is not desired for some use cases, so provide
options to request only a single operation to be performed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-27 22:15:23 +03:00
Jouni Malinen
28fcfb67c0 NFC: Increase wpa_cli command buffer size
NFC connection handover messages may be longer than 100 octets, so
increase wpa_cli buffer size to allow longer messages to be reported.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-27 22:14:45 +03:00
Jouni Malinen
e864c0aefe Use a common frequency to channel conversion function
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-27 22:11:51 +03:00
Deepthi Gowri
02db75b6c2 FT: Reset FT flag upon STA deauthentication
Reset ft_completed if STA receives deauthentication
between FT reassoc success and the subsequent initial
mobility authentication and association.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-26 17:56:24 +03:00
Jouni Malinen
dd57970477 Disable network temporarily on repeated connection failures
Previously, only explicit indications of authentication failures were
used to disable a network block temporarily. Extend this to use multiple
failed connection attempts as a sign of a possible authentication or
authorization failure to reduce the frequency of connection attempts
with a network that does not seem to allow connection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-25 17:28:50 +03:00
Jouni Malinen
06b7f58def RSN: Update preauth scan results only based on new scan results
The fast-connect optimization to skip a new scan did not update how the
RSN preauthentication callback is used. There is no point in trying to
add preauthentication candidates from cases where scan was skipped, so
skip this call, too, in such cases.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-23 18:24:00 +03:00
Jouni Malinen
18e00b5e4d Move wpa_s freeing into wpa_supplicant_deinit_iface()
All wpa_supplicant_deinit_iface() callers ended up freeing wpa_s
immediately after this call. Move os_free(wpa_s) into the deinit
function to share the same call and make the deinit sequence clearer.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-23 18:07:41 +03:00
Paul Stewart
754632c965 dbus_new: Add EAP logon/logoff
Add "EAPLogoff" and "EAPLogon" interface DBus commands which
parallel the "logoff" and "logon" wpa_ctrl commands which terminate
and restart EAP authentication.  Slightly enhance the "logon" case
by expiring any running "startWhile" timer.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2013-04-23 17:57:55 +03:00
Dmitry Shmidt
e6304cad47 wpa_supplicant: Add option -I for additional config file
This option can be used only for global parameters that are not going
to be changed from settings.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Signed-off-by: Iliyan Malchev <malchev@google.com>
2013-04-23 17:38:57 +03:00
Bruno Randolf
060605226f wpa_supplicant: Add get_capability freq
Add "get_capability freq" command to print a more verbose list of
channels and frequencies in MHz. The tag "NO_IBSS" is added, if IBSS
mode is not allowed on a channel. This allows userspace programs to get
the frequencies and limitations associated with each channel.

This extends the information already provided in "get_capability
channels" but a new interface is chosen because of backwards
compatibility considerations.

Signed-hostap: Bruno Randolf <br1@einfach.org>
2013-04-23 16:55:54 +03:00
Chris Hessing
c7a39ba4e1 Provide TLS alerts to CLI/UI over control interface
Harmonize EAP status events over control interface to provide same
functionality as existing D-Bus callback.

Signed-hostap: Chris Hessing <chris.hessing@cloudpath.net>
2013-04-23 16:46:02 +03:00
Jouni Malinen
2a07a276ec P2P: Increase GTK rekeying period to 24 hours
Strong ciphers do not need frequent rekeying, so increase the default
GTK rekeying period to 24 hours.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-23 14:11:10 +03:00
Jouni Malinen
88c8bf311e WPS NFC: Allow configuration token to be built from network block
"WPS_NFC_CONFIG_TOKEN <WPS/NDEF> <network id>" can now be used to build
an NFC configuration token from a locally configured network.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 21:28:57 +03:00
Jouni Malinen
e205401c72 WPS ER: Allow Enrollee to be specified with MAC address
wps_er_pbc and wps_er_pin can now be used with both the UUID and MAC
Address of the Enrollee.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 20:52:44 +03:00
Jouni Malinen
c44a19c1f9 WPS ER: Document additional NFC command for ER operations
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 20:36:15 +03:00
Jouni Malinen
59307b3007 WPS ER: Allow AP to be specified with BSSID
This extends the WPS ER commands that previously accepted only UUID as
an identifier for an AP to use either UUID or BSSID for this.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 20:32:09 +03:00
Jouni Malinen
5c9d63d46f WPS: Be more careful with pre-configured DH parameters
Make the implementation more robust against error cases with
pre-configured DH parameters.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 19:27:32 +03:00
Jouni Malinen
17b8995cf5 Interworking: Try to use same BSS entry for storing GAS results
There may be cases where multiple BSS entries for a single BSSID are in
the table. This is mostly in automated test cases due to the AP
configuration changes, but something similar could potentially happen as
a corner case in more realistic networks, too, e.g., when an AP changes
its operating channel. Make network selection more robust by trying to
find the exact BSS entry instead of any BSS entry with a matching BSSID
when storing GAS/ANQP response.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-01 11:44:04 +03:00
Jouni Malinen
3db5439a5f Optimize Extended Capabilities element to be of minimal length
Leave out zero octets from the end of the element.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-31 21:58:17 +03:00
Johannes Berg
8cd6b7bce8 hostapd/wpa_s: Use driver's extended capabilities
Some extended capabilities (I'm currently interested in "Operating Mode
Notification" for VHT) are implemented by the kernel driver and exported
in nl80211. Use these in hostapd/wpa_supplicant.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-03-31 21:51:44 +03:00
Jouni Malinen
acb546436a Add ctrl_iface command FLUSH for clearing wpa_supplicant state
This is mainly for testing purposes where it is convenient to have an
easy way of getting wpa_supplicant state cleared between test cases.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-31 20:31:07 +03:00
Masashi Honma
97236cee6a WPS: Skip rescanning after provisioning if AP was configured
If WPS provisioning step is completed with an AP that is in WPS
configured state, we can skip a second scan after the provisioning step
since the AP is unlikely to change its configuration in such a case.
This can speed up WPS connection a bit by removing an unneeded scan.

Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2013-03-31 20:06:42 +03:00
Jouni Malinen
4342326fc7 Add ignore_old_scan_res configuration parameter
This can be used to configure wpa_supplicant to ignore old scan results
from the driver cache in cases where such results were not updated after
the scan trigger from wpa_supplicant. This can be useful in some cases
where the driver may cache information for a significant time and the AP
configuration is changing. Many such cases are for testing scripts, but
this could potentially be useful for some WPS use cases, too.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-31 18:05:42 +03:00
Jouni Malinen
9599ccc2dd WPS: Clear after_wps on new WPS connection
The after_wps counter could have potentially be left in its old non-zero
value in some WPS sequences which could result in a single-channel scan
being used based on obsolete information. Clear after_wps in
wpas_wps_reassoc() to make sure this does not happen.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-31 18:05:42 +03:00
Jouni Malinen
702621e6dd WPS: Use latest updated BSS entry if multiple BSSID matches found
If the AP (P2P GO) has changes its channel of SSID recently, the BSS
table may have multiple entries for a BSSID. Select the one which was
most recently updated for WPS/P2P operations in such case to increase
the likelihood of using current information.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-31 18:05:42 +03:00
Jouni Malinen
2f9b66d3ab Extend ROAM command to handle multiple SSIDs per BSS
Select the BSS entry based on BSSID,SSID pairs instead of just BSSID to
avoid selecting an unexpected SSID for the ROAM command.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-30 11:49:05 +02:00
Jouni Malinen
ef8151ac57 P2P: Write p2p_ignore_shared_freq to configuration file on updates
Commit b277a2bebc added a new global
configuration parameter, but forgot to update configuration file saving
to store this.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-26 22:24:41 +02:00
Jouni Malinen
18a2eaabe3 Add ap_vendor_elements for wpa_supplicant AP/P2P GO mode
This new parameter allows wpa_supplicant AP mode operations to use
similar design to the vendor_elements parameter in hostapd to add
vendor_elements into Beacon/Probe Response IE parameters.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-21 15:52:41 +02:00
Jouni Malinen
407be00b6c P2P: Postpone P2P scan only if station mode scan is pending
sta_scan_pending was supposed to be accurate enough for determining
whether a P2P scan needs to be postponed. However, it has turned out
that there were cases where sta_scan_pending was not cleared properly.
While the known cases have now been addressed, it is possible that some
other cases may still exist. To avoid issues with P2P operationg getting
stuck, verify more carefully that there is a real pending station mode
scan (either in progress or scheduled to be requested).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-18 17:32:31 +02:00
Jouni Malinen
cfd31b5026 Use special scan result processing steps only on requesting interface
Scan result events are shared between all virtual interfaces sharing the
same radio. However, some of the steps are not really appropriate on
virtual interfaces that did not issue the scan request. Fix this by
making these steps conditional on the scan results being processed on
the interface that requested them.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-18 17:32:31 +02:00
Jouni Malinen
b1cd021e29 P2P: Re-start P2P operation if station mode scanning is stopped
There were couple of code paths that could end up stopping station mode
scanning without clearing sta_scan_pending. This could result in P2P
search getting stuck waiting for completion of station mode scan which
would never show up. Fix this by calling wpas_p2p_continue_after_scan()
in cases where station mode scans are stopped. This allows
sta_scan_pending to be cleared and P2P search operation continued.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-18 17:32:31 +02:00
Jouni Malinen
f85f545e71 P2P: Use common function for re-starting P2P scan after station scan
Make the implementation more consistent and cleaner by using a single
function for addressing all the cases where completion of a station mode
scan operation allows a P2P operation (search) to be re-started.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-18 17:32:31 +02:00
Jouni Malinen
095da179de Android: Enable WNM in the build
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-17 20:19:44 +02:00
Jouni Malinen
ce9283a401 Android: Use CONFIG_WNM mode consistently
Replace CONFIG_IEEE80211V with CONFIG_WNM to get more consistent build
options for WNM-Sleep Mode operations. This is similar to the Makefile
change in commit ad3872a372.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-17 20:13:46 +02:00
Jouni Malinen
69586aa312 Android: Fix CONFIG_WNM use in Android.mk
This code was within ifdef CONFIG_AP and did not get included unless
AP mode support was also enabled. This is similar to the Makefile
change in commit 2dfb9a447c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-17 20:10:44 +02:00
Jouni Malinen
3b335329b9 Android: Update Android.mk based on Makefile changes
This brings the Android makefiles a bit closer to the Makefile changes
that had been missed in the past.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-17 20:08:23 +02:00
Jouni Malinen
c3aa4da94d Convert WPS NFC python scripts from using wpactrl to wpaspy
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-16 21:47:10 +02:00
Partha Narasimhan
b2a12c4f93 wpa_supplicant: Fix lookup of cached PMKSA
This fixes the lookup of a usable PMKSA entry in the cache. Using
wpa_s->current_ssid often returns nothing when a usable PMKSA exists in
the cache since wpa_s->current_ssid does not necessarily point to the
correct network entry at this point in time (prior to association).

Signed-hostap: Partha Narasimhan <parthan@gmail.com>
2013-03-16 12:45:31 +02:00
Bruno Randolf
65d52fc103 Add capability flag for IBSS and add get_capability modes
Add a driver capability flag for drivers which support IBSS mode and set
it for nl80211 drivers which have set the NL80211_IFTYPE_ADHOC.

Add a new option "modes" to "get_capability" which will return "AP" and
"IBSS" if the corresponding capability flags are set.

The idea is that this can be used for UIs to find out if the driver
supports IBSS mode.

Signed-hostap: Bruno Randolf <br1@einfach.org>
2013-03-16 12:42:15 +02:00
Jouni Malinen
21f01a8e3d Fix build with CONFIG_NO_CONFIG_BLOBS
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-16 12:20:21 +02:00
Solomon Peachy
7d37a357fa Fix build without CONFIG_CTRL_IFACE or CONFIG_NO_STDOUT_DEBUG
Signed-off-by: Solomon Peachy <pizza@shaftnet.org>
2013-03-16 12:07:18 +02:00
Jouni Malinen
dbca75f82a P2P: Remove persistent group peer if it rejects invitation
If a peer replies to persistent group invitation with status code 8
(unknown group), remove the peer from the p2p_client_list if we are the
GO or remove the persistent group if we are the P2P client since it
looks like that the peer has dropped persistent group credentials and
the provisioning step needs to be executed again.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-15 16:43:06 +02:00
Jouni Malinen
b277a2bebc P2P: Allow shared interface channel preference to be ignored
p2p_ignore_shared_freq=1 in the configuration file (or "SET
p2p_ignore_shared_freq 1" on control interface) can now be used to
configure wpa_supplicant to ignore the preference on shared operating
channel when the driver support multi-channel concurrency. The default
behavior is to try to start any new P2P group on an operating channel
that is already in use on another virtual interface to avoid extra cost
from hopping between multiple channels. If this new parameter is set to
1, such preference is not used and instead, the channel for the new P2P
group is selected based on other preferences while ignoring operating
channels of any concurrent connection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-14 16:32:35 +02:00
Jouni Malinen
6cb27aa85f P2P: Fix shared frequency preference for concurrent operations
Commit 50285f5ca8 changed number of rules
in channel selection and among other things, it broke the design where
the currently used operating channel on a virtual interface that is
shared by the same radio is preferred to avoid costs related to
multi-channel concurrency. Fix this regression by making the P2P module
aware of the shared channel and using that preference as the highest
priority when re-selecting the channel during negotiation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-14 16:26:55 +02:00
Jouni Malinen
a70a52c316 P2P: Allow all channels for multi-channel concurrency (no negotiation)
Commit 79879f4ae8 enabled all channels to
be used when negotiating channel with a driver that supports
multi-channel concurrency. Extend that to cover cases where the channel
is not being negotiated (e.g., p2p_group_add to start a GO).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-14 15:38:11 +02:00
Jouni Malinen
b6714ca1bb Fix compiler warning when CONFIG_IEEE80211R is not included
Commit 6a1ce39599 moved the bssid
variable declaration to be outside CONFIG_IEEE80211R block and
triggered a compiler warning about unused variable.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-13 12:40:57 +02:00
Jouni Malinen
94d7acf3df WPS NFC: Fix build without CONFIG_WPS_ER
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-13 00:02:52 +02:00
Deepthi Gowri
ee9a95c34e Android: Enable IEEE 802.11r in wpa_supplicant builds
Signed-off-by: Deepthi Gowri <deepthi@codeaurora.org>
2013-03-12 20:09:41 +02:00
Deepthi Gowri
6a1ce39599 FT: Add support for IEEE 802.11r with driver-based SME
Add NL80211_CMD_UPDATE_FT_IES to support update of FT IEs to the
WLAN driver. Add NL80211_CMD_FT_EVENT to send FT event from the
WLAN driver. This will carry the target AP's MAC address along
with the relevant Information Elements. This event is used to
report received FT IEs (MDIE, FTIE, RSN IE, TIE, RICIE).

Signed-off-by: Deepthi Gowri <deepthi@codeaurora.org>
2013-03-12 20:08:53 +02:00
Vivek Natarajan
c9c77083b3 P2P: Clear p2p_in_provisioning flag on group removal
Commit 77dfafd07d cancels group formation
timeout on group removal case but failed to reset the
p2p_in_provisioning flag. This can lead to repeated p2p_find failures if
the group gets removed before completion of the WPS provisioning step
(e.g., GO tears down the group). Fix this by clearing
p2p_pin_provisioning when cancelling group formation.

Signed-hostap: Vivek Natarajan <nataraja@qca.qualcomm.com>
2013-03-11 20:47:24 +02:00
Chet Lanctot
9210bea172 Android: Enable IEEE 802.11w support in the build
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-11 13:52:13 +02:00
Chet Lanctot
3ee9ade6cf Allow SME SA Query to be used by all drivers
The unprotected disconnection events were previously processed only for
drivers that used the wpa_supplicant SME implementation (separate
authentication and association commands). However, this can be useful
for drivers that use the connect API, so remove the limitation and allow
the same IEEE 802.11w SA Query mechanism to be used even without full
use of the wpa_supplicant SME.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-11 13:49:40 +02:00
Jouni Malinen
5139008b51 Android: Sync makefile changes for HT/VHT overrides
CONFIG_HT_OVERRIDES and CONFIG_VHT_OVERRIDES were already mentioned in
android.config, but Android.mk did not yet know about them.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-10 18:05:40 +02:00
Johannes Berg
e9ee8dc394 wpa_supplicant: Support VHT capability overrides
Add support for VHT capability overrides to allow testing connections
with a subset of the VHT capabilities that are actually supported by
the device. The only thing that isn't currently supported (by mac80211
and this code) is the RX/TX highest rate field.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-03-10 18:04:39 +02:00
Johannes Berg
eae3a584f5 wpa_supplicant: Parse int values in different bases and reject invalid
Instead of using atoi(), use strtol() which allows checking if
the configuration values are valid integers and can understand
more than just decimal (also hexadecimal and octal). This not
only allows specifying some fields in hex (which can be useful)
but also rejecting invalid configurations, e.g.,
        disassoc_low_ack=27 * 2
which was previously read as just 27.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-03-10 17:55:24 +02:00
David Spinadel
725fc39e07 wpa_supplicant: Reschedule sched scan after network change
Stop sched scan, if running, after any disabling or removing of
a network, and request a new scan if needed.

Signed-hostap: David Spinadel <david.spinadel@intel.com>
2013-03-10 17:51:13 +02:00
Jouni Malinen
14f7907890 Remove unnecessary local variable
The ssid parameter (if NULL) can be used for the loop, too, to make the
code look a bit prettier.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-10 17:45:15 +02:00
David Spinadel
dca1a51149 wpa_supplicant: Handle enabling of one or all networks equally
Move enabling a network to a separate function. Try to reconnect if not
associated to an AP. Abort scheduled scan in any case of a new scan.

Signed-hostap: David Spinadel <david.spinadel@intel.com>
2013-03-10 17:43:00 +02:00
David Spinadel
7ed52f678b wpa_supplicant: Save prev_sched_ssid only if needed
If the whole ssid list was scanned, don't save the prev scheduled ssid
since we are going to start from beginning. Thos avoids starting sched
scan from prev_sched_ssid after scanning the full list, in case of
adding a network to ssid during scheduled scan.

Signed-hostap: David Spinadel <david.spinadel@intel.com>
2013-03-10 17:32:03 +02:00
David Spinadel
a09fc1ccf8 wpa_supplicant: Do not allow too short sched scan
In case that the ssid list is longer than max number of ssids,
ths scheduled scan aborted after timeout and rescheduled again
with shorter timeout and longer interval. In case that the timeout
is shorter than the interval, only one scan iteration will
be run. In this case, go back to the initial values.

Signed-hostap: David Spinadel <david.spinadel@intel.com>
2013-03-10 17:27:48 +02:00
Jouni Malinen
77e4e85321 P2P: Mark peer authorized for persistent group invitation
When p2p_invite persistent=<id> is used to request a persistent group to
be re-invoked, the peer may reply with status=1 (info not yet available)
if upper layer processing of the invitiation is requested. The peer is
ten expected to start another invitation exchanged within 120 seconds if
the user authorizes the connection. Allow this process to be used more
easily by automatically authorizing the peer that we tried to invite to
use this second invitation sequence even if persistent_reconnect=0.

For this mechanism to work, the device that starts the invitation needs
to start listen mode to be able to receive the invitation request from
the peer. At least for now, this is not done automatically, but future
changes could potentially enable this automatically at least if there
are no concurrent operations in progress.

Example sequence on the initiator:

cmd: P2P_INVITE persistent=1 peer=<addr>
event: P2P-INVITATION-RESULT status=1
cmd: P2P_LISTEN 120
wait for peer to start another invitiation round.. group will be
re-invoked automatically

On the peer (with persistent_reconnect=0):

event: P2P-INVITATION-RECEIVED sa=<addr> persistent=1 [freq=<MHz>]
wait for user approval
cmd: P2P_INVITE persistent=1 peer=<addr>
group will be re-invoked automatically

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-01 21:32:33 +02:00
Jouni Malinen
cd1e2309a2 P2P: Indicate frequency for upper layer invitation processing
When a device that is a GO in a persistent group receives an Invitation
Request from a P2P client and persistent_reconnect=0, upper layer is
notified of this with P2P-INVITATION-RECEIVED event. The upper layer is
supposed to run another invitation exchange is this case, but if that
does not happen and the GO is started without successful (status=0)
invitation exchange, the operating channel for the group may end up
getting set in a way that the P2P client is not able to support. Provide
optional freq parameter in the P2P-INVITATION-RECEIVED event on the GO
side. If this parameter is received and the upper layer decides to issue
P2P_GROUP_ADD command, that command should include this freq parameter
to make sure the operating channel gets selected from the set that the
peer can support.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-01 21:27:31 +02:00
Jouni Malinen
18206e02c5 Allow wpa_supplicant AP mode to configure Beacon interval
beacon_int (in TU) can now be used to configure Beacon interval for AP
mode operations (including P2P GO) in wpa_supplicant. This can be set
either in a network block or as a global parameter in the configuration
file (or with "SET beacon_int <value>" control interface command) to
apply for all networks that do not include the beacon_int parameter to
override the default.

In addition, this commits extends the dtim_period parameter to be
available as a global parameter to set the default value. dtim_period is
now stored in the configuration file, too, if it was set.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-01 20:50:08 +02:00
Jouni Malinen
5473362458 P2P: Use peer's channel list to limit GO freq on invitation
Peer device includes its list of allowed operating channels in the
Invitation Response frame. When we are becoming the GO, use that list
from the peer to filter out acceptable channels to avoid selecting a
channel that the peer is unable to use.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-01 20:01:01 +02:00
Jouni Malinen
f5877af01e P2P: Allow P2P client to specify preferred group channel
When re-invoking a persistent group in P2P client role, the new
pref=<MHz> parameter can now be used with the p2p_invite command to
indicate a preferred operating frequency. Unlike the older freq=<MHz>
parameter, this leaves GO an option to select another channel (from our
supported channels) if the GO cannot accept the channel.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-01 19:40:54 +02:00
Jouni Malinen
5de4b72177 P2P: Use shared function for setting up frequencies
p2p_connect() and p2p_invite() cases used more or less identical
implementatin. Use a shared function to avoid duplicated code.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-01 18:40:39 +02:00
Deepthi Gowri
79879f4ae8 P2P: Allow all channels in case of multi channel concurrency
If multi channel concurrency is supported, we have to populate the
p2p_channels with list of channels that we support. Use the same design
that was previously added for GO Negotiation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-01 18:40:39 +02:00
Jouni Malinen
ff48691368 Avoid partial BSS entries in control interface
Most of the print_bss_info() cases were already returning zero lenth to
avoid returning partial returns to the BSS commands, but the HS 2.0 and
Wi-Fi Display entries behaved differently. Make those consistent with
rest of the items.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-28 18:49:33 +02:00
Dmitry Shmidt
cfd42c94ee Mark last BSS entry by #### instead of ====
This allows ctrl_iface users to iterate through the BSS entries by
fetching multiple BSS entries with "BSS RANGE=N-" without having to use
one extra round to get empty return value as the indication of the last
entry having been found.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-02-28 18:46:06 +02:00
Dmitry Shmidt
c667342933 Add WPA_BSS_MASK_DELIM flag to BSS command
This flag will add ==== delimiter between to separate bss results.
Unlike the other BSS command MASK values, this delimiter is not
included by default to avoid issues with existing users of the BSS
command.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-02-28 18:43:05 +02:00
Masashi Honma
5e24beae02 Use scan results for reconnection
This patch uses existing scan results for fast connection on REASSOCIATE
and RECONNECT commands.

Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2013-02-28 16:34:08 +02:00
Masashi Honma
ad5dda8222 Interworking: Remove unused variable warnings
This patch removes these warnings.

interworking.c: In function 'interworking_credentials_available_3gpp':
interworking.c:1330:6: warning: unused variable 'ret' [-Wunused-variable]
interworking.c:1329:19: warning: unused variable 'cred' [-Wunused-variable]

Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2013-02-28 16:34:06 +02:00
Jouni Malinen
aec309c407 wpa_cli: Increase receive buffer from 2048 to 4096 bytes
wpa_supplicant uses 4096 byte buffer for control interface responses, so
wpa_cli should do the same to avoid truncating responses unnecessarily.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-27 15:59:55 +02:00
Sunil Dutt
f8361e3d68 TDLS: Pass peer's VHT Capability information during sta_add
The information of the peer's VHT capability is required for the
driver to establish a TDLS link in VHT mode with a compatible peer.
Pass this information to the driver when the peer station is
getting added.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-25 10:31:50 +02:00
Jouni Malinen
f23ce1f032 WPS: Add AP mode NFC connection handover with wpa_supplicant/nfcpy
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-24 10:57:06 +02:00
Jouni Malinen
f3f2ba2e6e WPS NFC: Add connection handover support for ER
wpa_supplicant can now generate the WPS carrier record for connection
handover response when acting as an ER. The AP whose configuration is
provided in this way is identified with an UUID as an argument to
wps-nfc.py.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-24 10:56:29 +02:00
Jouni Malinen
c39fdb8529 WPS: Add wps-er-config command for writing config token from ER
UUID of the AP is specified on the command line to select which
configuration is used.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-24 10:54:18 +02:00
Jouni Malinen
b618a469c4 Interworking: Select highest priority cred if multiple matches
Previously, the credential to use for a connection with a specific BSS
was picked arbitrary based on first found match of each matching
mechanism. While the credential priorities were used elsewhere, this did
not take into account that different mechanisms could find multiple
matching credentials. As such, the highest priority credential was not
always used in case more than one credential matched with the selected
BSS. Fix this by checking credential priorities again during connection
request.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-16 19:57:35 +02:00
Jouni Malinen
87470ea298 WPS: Fix build without CONFIG_WPS_NFC
Commit bbf41865c9 added calls to functions
that are only defined if CONFIG_WPS_NFC=y. Protect those calls properly
to avoid build issues.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 17:09:24 +02:00
Jouni Malinen
5ab9a6a53e WPS: Add support for NFC handover select generation with wpa_supplicant
When wpa_supplicant is controlling an AP mode interface, it can generate
the alternative carrier record for NFC connection handover select
message similarly to the way this is done in hostapd.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 12:34:55 +02:00
Jouni Malinen
7bfe27778b WPS: Update NFC connection handover documentation
The last couple of changes to the control interface commands for NFC
connection handover had not yet been documented.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 11:51:28 +02:00
Jouni Malinen
bbf41865c9 WPS: Add support for config token generation with wpa_supplicant
When wpa_supplicant is controlling an AP mode interface, it can generate
the NFC configuration token similarly to the way this is done in
hostapd.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 11:47:52 +02:00
Jouni Malinen
23ffcaf172 WPS: Allow password token to be written with nfcpy
This adds write-password option for the nfcpy example script for
wpa_supplicant to match hostapd wps-ap-nfc.py functionality.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 11:34:13 +02:00
Jouni Malinen
042ec551d4 WPS: Use pre-configured NFC password token instead of overriding it
"WPS_NFC_TOKEN <WPS/NDEF>" used to generate a new NFC password token
regardless of whether there was a pre-configured token in the
configuration. Change this to use the pre-configured value, if
available, instead. This allows the same command to be used to write the
password token to an NFC tag more conveniently.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 11:24:29 +02:00
Sunil Dutt
d16531c40c TDLS: Pass peer's Capability and Ext Capability info during sta_add
The contents of the peer's capability and extended capability
information is required for the driver to perform TDLS P-UAPSD and Off
Channel operations. Pass this information to the driver when the peer
station is getting added.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 21:02:34 +02:00
Sunil Dutt
189206dddb Android: Enable TDLS support in the build
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 21:01:54 +02:00
Sunil Dutt
ff4178d57c TDLS: Pass peer's HT Capability and QOS information during sta_add
The information of the peer's HT capability and the QOS information is
required for the driver to perform TDLS operations. Pass this
information to the driver when the peer station is getting added.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 21:01:50 +02:00
Jouni Malinen
b8df43dec6 TDLS: Fix add/set STA operation
Commit a9a1d0f08a added vht_capabilities
to struct hostapd_sta_add_params but forgot to update
wpa_supplicant_tdls_peer_addset() to initialize the variable to NULL.
This could result in uninitialized pointer being used in
driver_nl80211.c when adding a TDLS peer entry. Fix this by clearing the
hostapd_sta_add_params with memset.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 21:01:07 +02:00
Sunil Dutt
7b44ff2c21 TDLS: Tear down peers when disconnecting from the AP
A TDLS Teardown frame with Reason Code 3 (Deauthenticated because
sending STA is leaving (or has left) IBSS or ESS) shall be transmitted
to all TDLS peer STAs (via the AP or via the direct path) prior to
transmitting a Disassociation frame or a Deauthentication frame to the
AP.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-13 01:19:44 +02:00
Jouni Malinen
c5f10e804a Use more accurate timestamps for scan results
For various P2P use cases, it is useful to have more accurate timestamp
for the peer information update. This commit improves scan result
handling by using a single timestamp that is taken immediately after
fetching the results from the driver and then using that value to
calculate the time when the driver last updated the BSS entry. In
addition, more debug information is added for P2P peer updates to be
able to clearly see how old information is being used here.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-12 19:14:32 +02:00
Jouni Malinen
e47588279a WPS: Report NFC connection handover completion differently
Instead of reporting only one connection handover message, report
completion of NFC connection handover with carrier record from both the
request and select messages.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-11 18:43:46 +02:00
Jouni Malinen
ec01d5f6b0 P2P: Avoid concurrent scans during all steps of group formation
Previously, only some P2P states were considered to postpone concurrent
station mode scans during group formation. Especially the WPS
provisioning step was skipped due to issues to scans run on the P2P
client interface (see commit fc6997b345).
This is not ideal since a concurrent scan can slow down group formation
considerably and potentially make it time out. Enforce p2p-in-progress
through all steps of group formation on another interface to address
this.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-11 12:21:03 +02:00
Jouni Malinen
77dfafd07d P2P: Cancel group formation timeout on group removal (on client)
Group formation timeout is normally canceled when 4-way handshake is
completed (WPA_COMPLETED -> wpas_p2p_completed). However, it is possible
for the GO to stop the group before this happens (i.e., send
Deauthentication frame with reason code 3 before 4-way handshake is
completed). This resulted in the group getting removed, but the group
formation timeout left behind. The unexpected timeout may then result in
undesired termination of the following operation. Fix this by canceling
the group formation timeout in wpas_p2p_group_delete() similarly to how
group idle timeout was canceled there.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-10 23:36:52 +02:00
Jouni Malinen
bd692a8b0e WPS: Change listen time to match nfcpy default (250 ms)
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 18:49:20 +02:00
Jouni Malinen
b8dbc5d689 WPS: Report only the carrier record from NFC to wpa_supplicant
Since there could be multiple carrier records, it is cleaner to report
only the WPS carrier record instead of full NFC connection handover
select to wpa_supplicant.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 18:42:43 +02:00
Jouni Malinen
bbaaaee171 WPS: Fetch only the carrier record from wpa_supplicant for NFC
Since there could be multiple carrier records, it is cleaner to build
only the WPS carrier record instead of full NFC connection handover
request within wpa_supplicant.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 18:19:59 +02:00
Jouni Malinen
cf78e2acc8 WPS: Clean up debug prints with nfcpy
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 16:27:59 +02:00
Jouni Malinen
8414860422 WPS: Remove 0.5 sec extra wait from NFC handover with nfcpy
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 16:27:14 +02:00
Jouni Malinen
dc6bda1123 WPS: Use alternating poll/listen for NFC peer discovery with nfcpy
This is needed to find the NFC peer to avoid cases where both devices
could be using the same operation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 16:25:20 +02:00
Jouni Malinen
8140ae969b WPS: Configure logging to show nfcpy log message
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 16:20:25 +02:00
Peter Wu
a24a5ccb28 dbus: Add missing signal description for WPS (7)
Commit caff399250 added a property named
"WPS" to the dbus interface. It did not add the new
WPAS_DBUS_BSS_PROP_WPS property to the function responsible for marking
changed properties though. This cause the following messages to be
printed repeatedly to syslog:

    dbus: wpas_dbus_bss_signal_prop_changed: Unknown Property value 7

Signed-hostap: Peter Wu <lekensteyn@gmail.com>
2013-02-09 12:13:54 +02:00
Jouni Malinen
62cab3b737 eap_proxy: Add a dummy implementation for compilation testing
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-08 11:54:05 +02:00
Deepthi Gowri
bd3ca9d0bf Android: Enable EAP-AKA support in the build
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-08 11:54:03 +02:00
Deepthi Gowri
45f4a97a3a eap_proxy: Add mechanism for allowing EAP methods to be offloaded
In addition to the offload mechanism, the Android configuration and
makefiles are extended to allow this to be configured for the build by
dropping in platform specific configuration files and makefile without
having to modify any existing files.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-08 11:54:01 +02:00
Dmitry Shmidt
66fe0f703c Add 'SCAN TYPE=ONLY' functionality
Usual manual scan request may cause reassociation due to several
reasons. New command is intended to perform pure scan without taking any
automatic action based on the results.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-02-07 18:09:50 +02:00
Vladimir Kondratiev
ff3ad3c531 Capability matching for 60 GHz band
On the DMG (60 GHz) band, capability bits defined differently from
non-DMG ones. Adjust capability matching to cover both cases.

Also, for non-DMG bands, check ESS bit is set.

Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
2013-02-07 16:20:18 +02:00
Raja Mani
3140803b6d nl80211: Add ctrl_iface message for AP mode connection rejection
When AP mode operation reject the client, nl80211 layer advertises the
connect failed event with the reason for failures (for example, max
client reached, etc.) using NL80211_CMD_CONN_FAILED.

This patch adds some debug messages whenever such an event is received
from the nl80211 layer and also the same event is posted to the upper
layer via wpa_msg().

Signed-off-by: Raja Mani <rmani@qca.qualcomm.com>
2013-02-07 15:24:53 +02:00
Jouni Malinen
409ca9a84d P2P: Allow local configuration to use 5 GHz band 40 MHz channels
These channels were already enabled for P2P use, but the local
configuration parameter was not allowed to use the operating class in
which the 40 MHz channels are specified.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-07 12:51:17 +02:00
Amar Singhal
9f42d49c55 Fix BSS RANGE command for no exact id match cases
The RANGE=N1-N2 command did not return any entries in some cases where
N1 does not match with any BSS entry. Fix this by allow entries to be
fetched even without knowing the exact id values.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-07 12:27:52 +02:00
Amar Singhal
cc03d0fef3 Add "BSS LAST ..." command
Add the "BSS LAST ..." command. This command helps in fetching the scan
entries iteratively from FIRST entry to LAST entry by ID.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-06 00:31:34 +02:00
Amar Singhal
f330b4b44b Fix the "BSS FIRST.." command
The "BSS FIRST.." command fails when additional parameters (e.g., MASK)
is used since the string comparsion does not take into account the
number of characters. Fix by comparing only 5 characters as in other
commands.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-06 00:28:48 +02:00
Jouni Malinen
5ebe8c8179 HS 2.0: Fix IE buffer length for extra scan IEs
The HS 2.0 Indication element is 7 (not 6) octets. The previous
implementation could result in wpabuf validation code stopping the
program if HS 2.0 was enabled without Interworking or P2P (which would
have created a large enough buffer to avoid hitting this) being enable.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-05 17:40:09 +02:00
Sunil Dutt
3887878e53 TDLS: Remove link, if any, on an implicit set up request
If an implicit TDLS set up request is obtained on an existing link or an
to be established link, the previous link was not removed. This commit
disables the existing link on a new set up request. Also,
wpa_tdls_reneg() function was invoking wpa_tdls_start() on an already
existing peer for the case of internal setup, which is incorrect. Thus
the invocation of wpa_tdls_start() is removed in wpa_tdls_reneg() and
also this function is renamed to wps_tdls_remove() as it does not
renegotiation rather shall remove the link (if any) for the case of
external setup.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-05 13:27:56 +02:00
Jouni Malinen
2b79164f12 P2P: Fix P2P-GROUP-STARTED event for p2p_connect-join
Commit 50178335bf introduced a regression
for P2P-GROUP-STARTED event indication during p2p_connect-join when
using a separate P2P group interface. wpa_s->global->p2p_group_formation
was already set in that case to point to the group interface and this
commit changed this to point to incorrect interface. Fix this by setting
p2p_group_formation here only in case a separate group interface is not
used.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-04 15:52:53 +02:00
Jaewan Kim
391f492532 wpa_supplicant: Fix access to the freed memory when removing all networks
Commit 59ff6653aa fixed this issue for
'removing a network', and we also need to take care of 'removing all
networks'.

Signed-hostap: Jaewan Kim <jaewan at google.com>
2013-02-03 21:22:59 +02:00
Jouni Malinen
d6bbcce411 Make wpas_select_network_from_last_scan() static
Addition of wpa_supplicant_fast_associate() made it unnecessary to call
wpas_select_network_from_last_scan() directly from other files.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-03 21:13:07 +02:00
Paul Stewart
cecdddc184 wpa_supplicant: Implement fast-associate on SelectNetwork
If scan results are available when we perform a SelectNetwork, use
them to make an associate decision.  This can save an entire scan
interval-worth of time in situations where something external to
wpa_supplicant (like a connection manager) has just previously
requested a scan before calling SelectNetwork.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2013-02-03 21:08:31 +02:00
Pontus Fuchs
9e737f08d4 Update scan interval gracefully
When the scan interval is changed the new interval is effective
after the old interval timer fires off one last time. This can cause
an unacceptable long delay when updating the interval.

Change this behaviour to use MIN(left of old interval, new interval)
for the scan interval following the interval change.

Signed-hostap: Pontus Fuchs <pontus.fuchs@gmail.com>
2013-02-03 18:14:05 +02:00
Sunil Dutt
f2e698de7e TDLS: Disable the link also on driver request for teardown
The link was not disabled for the case of implicit trigger from the
driver unlike in the case of explicit trigger fromc ctrl_iface. Make the
tear down sequences match in these cases by adding the TDLS_DISABLE_LINK
tdls_oper to the driver when processing the TDLS_REQUEST_TEARDOWN event.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-01-22 14:09:54 +02:00
Jouni Malinen
dc013f1e37 eapol_test: Remove unnecessary header file inclusion
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-01-15 12:03:29 +02:00
Jouni Malinen
90d215b264 Fix wpa_priv build
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 19:06:53 +02:00
Jouni Malinen
a13e1cc345 Fix EAP-pwd server file name for wpa_supplicant AP builds
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 19:06:53 +02:00
Jouni Malinen
2ee1594da9 Updated test_wpa to use new header file for WPA authenticator
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 19:06:53 +02:00
Jouni Malinen
62769a88db Move cipher to enum wpa_cipher conversion into wpa_common.c
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 18:02:20 +02:00
Jouni Malinen
cf830c1c54 Use a helper function for selection group cipher for AP mode
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 17:41:40 +02:00
Jouni Malinen
0282a8c46a Use helper function for writing cipher suite names
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 17:31:36 +02:00
Jouni Malinen
031453265f Define allowed pairwise/group cipher suites in a header file
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 17:10:38 +02:00
Jouni Malinen
a39c78be41 Use a common function for parsing cipher suites
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 17:06:22 +02:00
Jouni Malinen
edbd2a191e Move cipher suite selection into common helper functions
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 16:58:54 +02:00
Jouni Malinen
9aadb8774e P2P: Add some more details on Service Query TLV format
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 13:43:54 +02:00
Paul Stewart
93c7e332c2 wpa_supplicant: Add more DBus EAP status
Signal the start of EAP authentication as well as when additional
credentials are required to complete.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2013-01-12 19:51:18 +02:00
Jouni Malinen
67bc1375eb Update ChangeLog files to match current implementation
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 18:04:19 +02:00
Jouni Malinen
b4fd3613d3 SAE: Free temporary buffers when moving to Accepted state
Most of the variables are not needed anymore once the SAE instance
has entered Accepted state. Free these to save memory.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:54 +02:00
Jouni Malinen
4ef34a9960 SAE: Remove duplicated SAE field debug dumps
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:54 +02:00
Jouni Malinen
fbfb0e65bf SAE: Add support for FFC groups
This allows FFC groups to be used with SAE. Though, these groups are not
included in the default sae_groups value based on what is available
since the FFC groups have the additional requirement of using a safe
prime with the current implementation (or specification of the group
order).

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:54 +02:00
Jouni Malinen
cbf61176ed Add more debug info if wpa_supplicant_set_suites() fails
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:53 +02:00
Jouni Malinen
9c75e9fb81 WPS: Verify wpa_config_set() return value more consistently
Even though this command is very unlikely to fail, in theory, it could
and the WPS connection would fail in such a case. Return more clearer
failure indication in such a case without even trying to start
reassociation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:53 +02:00
Jouni Malinen
4954c859ea SAE: Indicate used group in ctrl_iface STATUS
The new "sae_group=<id>" line will be included in the ctrl_iface STATUS
output if SAE was used for the association.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:53 +02:00
Jouni Malinen
625f202a74 SAE: Allow enabled groups to be configured
hostapd.conf sae_groups parameter can now be used to limit the set of
groups that the AP allows for SAE. Similarly, sae_groups parameter is
wpa_supplicant.conf can be used to set the preferred order of groups. By
default, all implemented groups are enabled.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:53 +02:00
Jouni Malinen
e056f93e60 Update copyright notices to include year 2013
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:53 +02:00
Jouni Malinen
a46d72d7d7 SAE: Maintain EC group context in struct sae_data
This can be used to share same EC group context through the SAE
exchange.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
aadabe7045 SAE: Use crypto wrappers instead of direct OpenSSL calls
This makes the SAE implementation independent of the crypto/bignum
library.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
d136c376f2 SAE: Add support for Anti-Clogging mechanism
hostapd can now be configured to use anti-clogging mechanism based on
the new sae_anti_clogging_threshold parameter (which is
dot11RSNASAEAntiCloggingThreshold in the standard). The token is
generated using a temporary key and the peer station's MAC address.
wpa_supplicant will re-try SAE authentication with the token included if
commit message is rejected with a token request.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
dd43026a19 SAE: Rename state variables to match IEEE 802.11 standard
The enum values for struct sae_data::state now match the protocol
instance states as defined in IEEE Std 802.11-2012, 11.3.8.2.2

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
47b55a3ef5 SAE: Use PMK in 4-way handshake
Use the PMK that is derived as part of the SAE authentication in the
4-way handshake instead of the PSK.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
f2e9818f73 SAE: Add processing of the confirm message
This adds validation of the received confirm messages for SAE.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
fb8fcc2950 SAE: Add generation of the confirm message fields
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
146f6c9a00 SAE: Add processing of the commit message
This adds validation of the received commit messages and key derivation
for SAE.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
8e31e9550a SAE: Add generation of the commit message fields
This adds derivation of PWE and the needed commit values so that the
full SAE commit message can be built.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
98efcc4176 SAE: Use a shared data structure for AP and station
This makes it easier to share common functions for both roles.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
22760dd947 Prepare for hostapd/wpa_supplicant v2.0 release
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:42:53 +02:00
Jouni Malinen
d03f1e5d63 eapol_test: Allow full RADIUS attribute length to be used
The -N and -C command line parameters can be used to add arbitrary
RADIUS attributes to the messages. However, these were truncated to
about 128 bytes when the actually message was constructed. Fix this by
using larger buffers to allow the maximum attribute length (253 octets
of payload) to be used. [Bug 458]

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 12:39:27 +02:00
Jouni Malinen
42ad72029f eapol_test: Fix extra RADIUS attribute allocation
The sizeof(ptr) use here was not correct and resulted in too small
memory block getting allocated for the -N command line argument.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 12:32:43 +02:00
Janusz Dziedzic
bca06366a9 wpa_supplicant: Save frequency configuration parameter
In case of wpa_supplicant IBSS and AP modes after we will call wpa_cli
save command we should also save configured frequency. In other case
after wpa_supplicant restart we have frequency = 0 and AP start will
fail.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-01-12 10:23:45 +02:00
Jouni Malinen
190e39d9cb Interworking: Do not schedule new scan if process is terminating
The GAS query compilation callback may happen after the wpa_supplicant
process has been requested to terminate. Avoid scheduling a new eloop
timeout for a scan in such a case.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-01-07 18:44:46 +02:00
Jouni Malinen
569d43c7ae Interworking: Do not share ANQP info if none was received
Verify that the other BSS has actually received some valid ANQP
information before sharing the results from it. This fixes potential
issues with cases where some of the APs with the same HESSID has invalid
ANQP configuration.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-01-07 18:41:51 +02:00
Jouni Malinen
d1ec319f12 Interworking: Continue ANQP fetch after TX failure
If the driver rejected any of the offchannel Action frame TX requests,
the previous implementation terminated ANQP fetch process. While the
driver should not really reject the request normally, it is possible
that a request gets rejected for some reason. Allow the fetch process to
continue with the next AP in such case to avoid breaking networking
selection. This could result, e.g., in auto_interworking=1 process
failing to connect if any the driver rejects requests to any of the APs
in the scan result even if some other APs provided suitable information.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-01-07 18:38:09 +02:00
Jouni Malinen
2cd6af9c93 Update ChangeLog files to match the current implementation
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-28 17:01:32 +02:00
Jouni Malinen
e4296380e0 Remove unused wpa_scan_get_vendor_ie_multi_beacon()
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-27 12:31:06 +02:00
Jouni Malinen
2c09af3068 Add Doxygen documentation for functionality related to scanning
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-27 12:29:05 +02:00
Jouni Malinen
2474ce4542 Document bgscan configuration options
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-25 20:43:07 +02:00
Jouni Malinen
1cfc678723 Remove reassociated_connection variable
This was used to select between "(auth)" and "(reauth)" in
CTRL-EVENT-CONNECTED events. However, the variable was not cleared
anywhere else apart from the AP deinit case. As such, it did not really
provide correct information and is not really of much use even with
proper clearing added. As such, it is cleaner to just get rid of this
altogether.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-25 19:51:04 +02:00
Jouni Malinen
6350a148c4 P2P: Be more careful with wpa_config_update_psk() call
Commit bb4d4deb4b introduced a code path
that could potentially end up calling wpa_config_update_psk() with NULL
passphrase. While that may not happen in practice, it is better to make
sure it doesn't happen since that function will dereference the
passphrase pointer unconditionally.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-25 19:35:15 +02:00
Masashi Honma
bb4d4deb4b P2P: Allow PSK to be used instead of passphrase for persistent GO
This continues optimizations for use of CPU heavy pbkdf2_sha1() in GO
setup after the earlier commit 30c371e8a5
by allowing PSK to be used instead of passphrase when creating
persistent group information manually for the GO.

It should be noted that this would not meet the requirements in the P2P
specification (GO shall maintain the passphrase), so this should be used
only when there is no need to allow manual configuration of legacy STAs
using the passphrase.

Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2012-12-25 14:15:07 +02:00
Pandiyarajan Pitchaimuthu
602c6b8340 Android: Stop/restart supplicant scan on PNO start/stop
Cancel the existing supplicant scan and start a new supplicant
scan on PNO start and stop respectively. This makes sure that
supplicant scan is in progress when the device resumes.

Signed-off-by: Pandiyarajan Pitchaimuthu <c_ppitch@qca.qualcomm.com>
2012-12-25 13:54:21 +02:00
Yoni Divinsky
3dfd0484fc P2P: Consider age for the P2P scan results
cfg80211 caches the scan results according the channel number. Due to
the 15 sec aging this might cause the user mode to see more than one
scan result with the same BSSID, e.g. - one scan result for the
P2P Device and one for the P2P GO (once it's enabled).

Fix this by updating the device entry only if the new peer entry is
newer than the one previously stored.

Signed-off-by: Yoni Divinsky <yoni.divinsky@ti.com>
Signed-off-by: Victor Goldenshtein <victorg@ti.com>
Signed-off-by: Igal Chernobelsky <igalc@ti.com>
Signed-hostap: Arik Nemtsov <arik@wizery.com>
2012-12-25 11:22:42 +02:00
Eliad Peller
d125df25e4 ctrl_iface: Check for ongoing sched_scan on SCAN command
The first "if" in the SCAN command handling didn't check properly for
sched_scan, causing the sched_scan and scan to run concurrently, instead
of cancelling the ongoing sched scan (which is handled by the "else if"
later).

Signed-hostap: Eliad Peller <eliad@wizery.com>
2012-12-23 12:52:40 +02:00
Jouni Malinen
2049a875bc WNM: Additional BSS Transition Management capability
Add some more functionality for BSS Transition Management:
- advertise support for BSS Transition Management in extended
  capabilities element
- add hostapd.conf parameter bss_transition=1 for enabling support
  for BSS Transition Management
- add "hostapd_cli disassoc_imminent <STA> <num TBTTs>" for sending
  disassociation imminent notifications for testing purposes
- wpa_supplicant: trigger a new scan to find another BSS if the
  current AP indicates disassociation imminent (TODO: the old AP needs
  to be marked to use lower priority to avoid re-selecting it)

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-22 20:27:30 +02:00
Jouni Malinen
03e47c9c3a Share a single function for building extended capabilities element
This makes it easier to update extended capabilities for all uses
within wpa_supplicant.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-22 19:17:15 +02:00
Masashi Honma
ed2e61fe91 WPS_NFC: Fix typos in comments
Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2012-12-22 15:25:51 +02:00
Jouni Malinen
27c77751f7 WNM: Fix BSS Transition Management Request processing
The WNM-Sleep Mode handler took over WNM Action frame processing without
addressing the previously implemented WNM handler. Fix this by moving
the BSs Transition Management processing into wnm_sta.c to share a
single handler function for WNM Action frames.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-22 12:02:15 +02:00
Jouni Malinen
a38fdf1c69 Document gas_query.c functions
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-22 11:59:26 +02:00
Jouni Malinen
2f3101d8df Move some P2P offchannel operations to offchannel.c
There is no need for p2p_supplicant.c to access wpa_s->pending_action_tx
so move these references to offchannel.c to get a bit cleaner interface
between the components.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-22 11:22:12 +02:00
Jouni Malinen
b4419c62ad Document offchannel Action frame TX functions
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-22 11:06:56 +02:00
Jouni Malinen
3ab35a6603 Extend EAPOL frames processing workaround for roaming cases
Commit 1ff733383f added a mechanism to
work around issues due to association events and EAPOL RX events being
getting reordered. However, this applied only for the case where
wpa_supplicant is not in associated state. The same issue can happen in
roaming case with drivers that perform BSS selection internally (or in
firmware). Handle that case similarly by delaying received EAPOL frame
processing if the source address of the EAPOL frame does not match the
current BSSID.

Since wired IEEE 802.1X do not have BSSID, make this additional
workaround conditional on BSSID match having been observed during the
previous association.

This fixes issues where the initial EAPOL frame after reassociation was
either dropped (e.g., due to replay counter not increasing) or replied
to with incorrect destination address (the BSSID of the old AP). This
can result in significantly more robust roaming behavior with drivers
that do not use wpa_supplicant for BSS selection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-21 21:35:35 +02:00
Jouni Malinen
318e772ad1 WPS: Update configuration file after re-enabling networks
Network blocks are disabled during a WPS provisioning step and 10
seconds after this to allow the newly provisioned network to be
selected. The disabled=1 flag gets written to the configuration file
when the credential is added since it happens during this process.
Update the file again after the networks have been re-enabled to avoid
leaving the configuration file into state that is not consistent with
the running configuration.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-21 20:11:26 +02:00
Sunil Dutt
6fbcbc07e4 WPS: Optimize post-WPS scan even if EAP-Failure is not received
Commit 17a4734dc4 shall optimize the
post-WPS scan based on the channel used during the provisioning only
when the EAP-Failure frame is received. In cases where the EAP-Failure
frame is missed, this optimization shall not happen resulting in the
scan in all the channels thus consuming more time for the connection.
This commit enhances this by storing the requisite information after
the M8 frame is received.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-21 15:30:39 +02:00
Jouni Malinen
2ec535fd37 WNM: Add option to disable keep-alive frames for testing purposes
"wpa_cli set no_keep_alive 1/0" can now be used to disable/enable
keep alive frames to enable testing.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-18 16:57:52 +02:00
Jouni Malinen
41014724e2 Fix CONFIG_NO_WPA build with TLS
The SHA1 and MD5 functions need to be included in builds that use TLS
even if WPA support is removed.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-18 15:16:00 +02:00
Jouni Malinen
77d7b090e0 Remove compiler warning on CONFIG_NO_WPA build
wpa_supplicant_set_rekey_offload() is used only if CONFIG_NO_WPA is not
defined.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-18 15:14:54 +02:00
Ben Greear
c8d22af88f wpa_supplicant: Document HT capability overrides
Signed-off-by: Ben Greear <greearb@candelatech.com>
2012-12-18 14:49:35 +02:00
Ben Greear
a90497f85f wpa_supplicant: Allow user to disable short guard interval (SGI)
Requires Linux kernel patch to make the SGI-20 properly disabled. SGI-40
will already work since Linux 3.4 or so.

Signed-hostap: Ben Greear <greearb@candelatech.com>
Signed-off-by: Ben Greear <greearb@candelatech.com>
2012-12-18 14:45:09 +02:00
Vladimir Kondratiev
7829894c21 Introduce 60 GHz band
Basic support for the 60 GHz band. Neither P2P nor WPS are yet taken
care off. Allows to start AP with very simple config:

network={
        ssid="test"
        mode=2
        frequency=60480
        key_mgmt=NONE
}

Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-18 11:50:35 +02:00
Jouni Malinen
058da39cc9 P2P: Add more complete description of p2p_cancel
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-18 11:13:51 +02:00
Jouni Malinen
50178335bf P2P: Allow p2p_cancel to be used to stop p2p_connect-join operation
p2p_cancel did not properly cancel a pending p2p_connect-join operation.
Address the different steps in that process: initial scan, Provision
Discovery exchange before connection, and WPS provisioning step
(including the scans before WPS).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-18 10:39:34 +02:00
Jouni Malinen
03c961e542 Interworking: Default to EAP-MSCHAPv2 with EAP-PEAP
If the NAI Realm list indicates that EAP-PEAP is used, use EAP-MSCHAPv2
as the Phase 2 method by default if the NAI Realm list does not specify
the tunneled method.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-17 23:27:15 +02:00
Jouni Malinen
953d25ca5f HS 2.0: Fix sp_type check in ctrl_iface status command
Commit e99b4f3a14 added functionality to
check whether the current association is with the home SP. This commit
did not take into account that the domain name ANQP information could be
NULL and that could result to a NULL pointer dereference. Fix that by
validation that domain_names != NULL before calling
domain_name_list_contains().

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-17 12:12:13 +02:00
Jouni Malinen
5d247692f6 Fix wpa_supplicant CONFIG_AP=y build with WNM enabled
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 19:31:36 +02:00
Jouni Malinen
14df897c7a WNM: Fix memory leak on error path
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 19:31:25 +02:00
Jouni Malinen
ad3872a372 WNM: Use CONFIG_WNM more consistently
Replace CONFIG_IEEE80211V with CONFIG_WNM to get more consistent build
options for WNM-Sleep Mode operations. Previously it was possible to
define CONFIG_IEEE80211V without CONFIG_WNM which would break the build.
In addition, IEEE 802.11v has been merged into IEEE Std 802.11-2012 and
WNM is a better term to use for this new functionality anyway.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 18:22:54 +02:00
Jouni Malinen
74b4a3606d WNM: Split WNM-Sleep Mode Response processing into separate functions
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 13:05:19 +02:00
Jouni Malinen
df80a0ccff WNM: Use defined macros for WNM-Sleep Mode Action Type values
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 12:57:38 +02:00
Jouni Malinen
0a47a6a747 WNM: Remove unnecessary extra indentation level
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 12:51:02 +02:00
Jouni Malinen
68db9ab047 WNM: Fix GTK/IGTK parsing for WNM-Sleep Mode Response frame
These fields do not use AES keywrap. Instead, they are protected with
management frame protection (and not included if PMF is disabled).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:48:34 +02:00
Jouni Malinen
e6955ba9f9 WNM: Add WNM-Sleep Mode into Extended Capabilities element
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:45:59 +02:00
Jouni Malinen
62f6fbb480 WNM: Accept GTK update version of WNM-Sleep Response status
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:33:55 +02:00
Jouni Malinen
e0c54a159b WNM: Use Dialog Token value 1 in WNM-Sleep Mode Request
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:32:53 +02:00
Jouni Malinen
cd0ef65784 WNM: Add option for passing TFS request from external programs
The optional tfs_req=<hex dump> parameter can be added for the wnm_sleep
command to specify the TFS request element to use in the WNM-Sleep Mode
Request frame.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:31:16 +02:00
Jouni Malinen
61c54976f5 WNM: Remove unnecessary path component from includes
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:29:44 +02:00
Jouni Malinen
e9199e3149 WNM: Add ctrl_iface command for sending WNM-Sleep Mode Request
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:29:10 +02:00
Jouni Malinen
2dfb9a447c WNM: Fix CONFIG_WNM use in Makefile
This code was within ifdef CONFIG_AP and did not get included unless
AP mode support was also enabled.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:28:19 +02:00
Jouni Malinen
9af431035f WNM: Remove unused variable
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:27:38 +02:00
Jouni Malinen
dbea8ac7ab Interworking: Allow SSID-based network exclusion for credentials
The new excluded_ssid parameter within a cred block can be used to
excluded networks from matching with credentials.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:01:50 +02:00
Jouni Malinen
9aae09f196 Interworking: Fix cred saving
Number of cred block fields were not saved when wpa_supplicant is
writing the configuration file.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:00:52 +02:00
Jouni Malinen
2047e596ec Interworking: Default to TTLS/MSCHAPv2 for NAI Realm list matching
If the AP does not advertize EAP parameters, default to TTLS/MSCHAPv2
when using username/password credentials.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:00:06 +02:00
Jouni Malinen
f5f37d3a4f Fix REAUTHENTICATE command after PMKSA caching
The current PMKSA cache entry needs to be clear to allow EAPOL
reauthentication to be started in case this association used PMKSA
caching.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 22:05:32 +02:00
Jouni Malinen
1a2d22a242 Remove unneeded header file inclusion
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 17:06:38 +02:00
Jouni Malinen
9796a86c23 Use a shared function for requesting a new connection
Both the ctrl_iface and D-Bus interface use similar functionality to
request a new connection. Combine these to a single function to avoid
need to maintain duplicated implementation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 16:30:30 +02:00
Jouni Malinen
c27a94f765 Remove unused function prototype
This function was not added, so the prototype should not have been here
either.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 16:27:19 +02:00
Jouni Malinen
f1a5263389 Maintain maximum blacklist count over list clear operations
wpas_connection_failed() uses the blacklist count to figure out a
suitable time to wait for the next scan. This mechanism did not work
properly in cases where the temporary blacklist gets cleared due to no
other BSSes being available. Address this by maintaining an additional
count of blacklisting values over wpa_blacklist_clear() calls. In
addition, add one more step in the count to timeout mapping to go to 10
second interval if more than four failures are seen.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 16:20:44 +02:00
Jouni Malinen
4115303bbe Document wpa_s->scan_req
Use an enum with documented values to make it easier to understand how
wpa_s->scan_req is used.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 15:55:32 +02:00
Jouni Malinen
215ae884d6 Mark sme_send_authentication() static
This function is not used outside sme.c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 15:47:43 +02:00
Jouni Malinen
5cc7032239 P2P: Avoid multi-channel scans when they are not needed
If the driver does not support multi-channel concurrency and a virtual
interface that shares the same radio with the current interface is
operating there may not be need to scan other channels apart from the
current operating channel on the other virtual interface. Filter out
other channels in case we are trying to find a connection for a station
interface when we are not configured to prefer station connection and a
concurrent operation is already in process.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 12:47:43 +02:00
Jouni Malinen
3c8e4ec012 Interworking: Enable key_mgmt WPA-EAP-SHA256 if PMF is enabled
If the global pmf=1/2 parameter is used to enable PMF for Interworking
networks, add WPA-EAP-SHA256 to the temporary network block to allow
connection to PMF required APs.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-24 22:31:17 +02:00
Jouni Malinen
62d4980331 Allow PMF to be enabled by default
Previously, PMF (protected management frames, IEEE 802.11w) could be
enabled only with a per-network parameter (ieee80211w). The new global
parameter (pmf) can now be used to change the default behavior to be PMF
enabled (pmf=1) or required (pmf=2) for network blocks that do not
override this with the ieee80211w parameter.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-24 22:21:29 +02:00
Amitkumar Karwar
368b1957a6 Allow OBSS scan and 20/40 coex reports to non-SME drivers
We enable this feature for non-SME drivers as well if
they explicitly indicate need for it.

Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
2012-11-24 18:08:48 +02:00
Robert Shade
bff954e9a2 Verify that the selected BSS has a better signal level before roaming
This prevents situations like the following where we roam to a
lesser quality BSS just because the signal level delta is over our
threshold.

wlan0: Considering within-ESS reassociation
wlan0: Current BSS: 00:24:6c:74:0a:40 level=-51
wlan0: Selected BSS: 00:24:6c:74:0a:e0 level=-64
wlan0: Request association: reassociate: 0  selected: 00:24:6c:74:0a:e0
    bssid: 00:24:6c:74:0a:40  pending: 00:00:00:00:00:00  wpa_state: COMPLETED

Signed-hostap: Robert Shade <robert.shade@gmail.com>
2012-11-24 17:17:50 +02:00
Jouni Malinen
e99b4f3a14 HS 2.0: Add Home SP FQDN and roaming/home to status command
This allows the ctrl_iface STATUS information to be used to determine
which Home SP credential (domain in the cred block) was used and whether
the network is operated by the home SP.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-24 12:24:40 +02:00
Jouni Malinen
9afe52eb92 HS 2.0: Add REMOVE_CRED sp_fqdn=<FQDN> command
This allows credential entries to be removed based on SP FQDN without
having to iterate through the configured entries from an external
program to figure out which credentials should be removed for a specific
SP.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-24 12:24:37 +02:00
Jouni Malinen
736d4f2d77 HS 2.0: Remove temporary network block on cred block removal
If the credential that was used to create a temporary HS 2.0 network
block is removed, remove the network block, too.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-24 12:24:34 +02:00
Jouni Malinen
d49ea68284 Android: Force group access to ctrl_iface directory
wpa_supplicant is started from /init.*.rc on Android and that seems
to be using umask 0077 which would leave the control interface
directory without group access. This breaks things since Wi-Fi
framework assumes that this directory can be accessed by other
applications in the wifi group. Fix this by adding group access even
if umask value would prevent this.

In most cases, this issue was not hit since the control interface
directory is normally created by that same init.*.rc file with suitable
mode and wpa_supplicant is killed in the way that does not allow it to
remove the file. However, if wpa_supplicant is allowed stop cleanly, it
will remove the directory and the next start could result with the Wi-Fi
framework not being able to use Wi-Fi (and GUI not showing Wi-Fi getting
enabled).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-23 17:06:36 +02:00
Sunil Dutt
6b947db103 P2P: Remove PD-before-join-timeout mechanism
The PD Request retry limit can be used to achieve the same behavior,
so drop this duplicated timeout mechanism and control the timeout
based on MAX_PROV_DISC_REQ_RETRIES.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-23 01:15:51 +02:00
Jouni Malinen
175171ac6c P2P: Retry PD Request in join-a-running-group case
The GO may be in sleep when we send a PD Request frame to indicate that
we are about to join a running group. Previously, this frame was not
retried more than normal low level retries. This can result in the GO
not getting the frame especially in cases where concurrent multi-channel
operations or aggressive sleep schedule is used since most drivers do
not yet synchronize with the GO's NoA before association.

Increase the likelihood of the GO receiving the PD Request frame by
retransmitting it similarly to the PD-for-GO-Negotiation case. Start
the actual join operation only after these retries have failed to get
an acknowledgment from the GO to give the connection attempt a chance
to succeed if the driver implements better NoA synchronization for it.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-23 00:53:42 +02:00
Sunil Dutt
6752716663 P2P: Set user_initiated_pd separately from the join parameter
p2p_prov_disc_req() used the join parameter to figure out whether the PD
request was a user initiated or not. This does not cover all use cases
of PD, so add a separate parameter to allow caller to indicate whether
the user requested the operation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-23 00:48:58 +02:00
Jouni Malinen
16e38f2e34 Android: Fix AP builds to include the new eap_user_db.c
This is needed to fix the builds after commit
ee431d77a5.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-21 17:55:36 +02:00
Vladimir Kondratiev
9c6f8cb9c8 Fix wpa_supplicant compilation after adding eap_user database
Commit ee431d77a5 broke wpa_supplicant
compilation:

../src/ap/ieee802_1x.o: In function `ieee802_1x_get_eap_user':
/../src/ap/ieee802_1x.c:1689: undefined reference to `hostapd_get_eap_user'
collect2: error: ld returned 1 exit status
make: *** [wpa_supplicant] Error 1

Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
2012-11-21 17:49:47 +02:00
Jouni Malinen
af1dff8c9f wpa_cli: Accept more arguments for set_network
Some network parameters, e.g., auth_alg and eap use a space separated
list of values without quotation marks. To allow these to be entered
from the interactive mode, change set_network command to allow more than
three arguments.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-19 14:04:42 +02:00
Jouni Malinen
1ae1570b5f Update ChangeLog files to match the current implementation
This commit adds description of the main changes from the forking of
hostap-1.git for 1.x releases to the current master branch snapshot.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-18 21:30:38 +02:00
Jouni Malinen
1ce0aa044c Remove unused disassociate() driver_ops
Commits 07783eaaa0 and
3da372fae8 removed the only users of the
disassociate() driver operation, so these driver wrapper functions can
also be removed now.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-15 00:06:12 +02:00
Jouni Malinen
d2901915e7 Fix forgotten no-CONFIG_WPS=y wrapper
Commit 620c783753 modified
wpas_wps_ssid_wildcard_ok() prototype, but forgot to update the
non-WPS-build wrapper. Fix that to match with the new bss parameter
type and remove the now unused declaration of wpa_scan_res.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-14 13:05:53 +02:00
Jouni Malinen
6e2020210a Allow OKC to be enabled by default
Previously, OKC (opportunistic key caching, a.k.a. proactive key
caching) could be enabled only with a per-network parameter
(proactive_key_caching). The new global parameter (okc) can now be used
to change the default behavior to be OKC enabled (okc=1) for network
blocks that do not override this with the proactive_key_caching
parameter.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-12 20:07:53 +02:00
Jouni Malinen
8713a2e6ff P2P: Avoid extra group interface creation on GO reinvocation
If separate group interfaces are used, the pending group interface got
removed unnecessarily when stopping find operations when accepting an
invitation to reinvoke the group in GO role. This resulted in the group
interfaces getting created twice. Avoid this unnecessary extra operation
by skipping removal of the pending interface in the reinvocation
sequence.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-11 20:45:27 +02:00
Pawel Kulakowski
548f100384 bgscan_learn: Prevent infinite busy looping
In highly congested network (BSSes almost on every channel
within ESS) we have hit a bug when wpa_supplicant become
completly irresponsive, infinite looping on while loop.

When probe_idx was equal 0 and we are not able to probe
new frequency, following condition were never fulfilled:
"if (!in_array(freqs, data->supp_freqs[idx]))"

Signed-hostap: Pawel Kulakowski <pawel.kulakowski@tieto.com>
2012-11-11 16:26:36 +02:00
Robert Shade
99276998fa dbus: Do not quote scan_freq and freq_list
scan_freq and freq_list are not parsed by wpa_config_parse_freqs if
quoted.

Signed-hostap: Robert Shade <robert.shade@gmail.com>
2012-11-11 16:21:16 +02:00
Jouni Malinen
c7deed7401 Fix a typo in a comment
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-11 16:09:36 +02:00
Jouni Malinen
207fb86411 WPS: Remove deprecated UFD config method and OOB ctrl_iface
The UFD (USB flash drive) configuration method was deprecated in WSC
2.0. Since this is not known to be used, remove the UFD implementation
from hostapd and wpa_supplicant to allow the WPS implementation to be
cleaned up. This removes the now unused OOB operations and ctrl_iface
commands that had already been deprecated by the new NFC operations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-11 13:01:06 +02:00
Masashi Honma
30c371e8a5 P2P: Reduce redundant PSK generation for GO
The PSK generation done by pbkdf2_sha1() is one of the longest CPU time
users according to our profiling from boot to GO started.

So I have reduced some steps.

I could boot a GO by this command sequence.
-------------
add_net
set_network 0 ssid '"DIRECT-XX"'
set_network 0 psk
'"123456789012345678901234567890123456789012345678901234567890123"'
set_network 0 proto RSN
set_network 0 key_mgmt WPA-PSK
set_network 0 pairwise CCMP
set_network 0 auth_alg OPEN
set_network 0 mode 3
set_network 0 disabled 2
p2p_group_add persistent=0 freq=2412
-------------

By this sequence, pbkdf2_sha1() was called three times and the function
calculates the same value each time. Reduce number of calls to
pbkdf2_sha1() from 3 to 1 by caching the previous result.

Signed-hostap: Masashi Honma <masashi.honma at gmail.com>
2012-11-11 11:39:24 +02:00
Paul Stewart
45ac5793fc new_dbus_handlers: Clear errno
There are a few instances where dbus handlers test the value
of errno to test whether strtoul completes successfully.
Since strtoul does not clear errno, and there's no strong
reason to suspect that errno is already clear, it is safer
to clear it right before calling strtoul.  Also, any failure
in strtoul (setting errno non-zero) should be considered a
failure.

While testing using dbus-send, I found that a malformed
network path can cause a crash due to net_id being left
NULL.  We should test for this before calling strtoul
on it.

Tested with:

dbus-send --system --dest=fi.w1.wpa_supplicant1 --print-reply \
    /fi/w1/wpa_supplicant1/Interfaces/0 \
    org.freedesktop.DBus.Properties.Get \
    string:fi.w1.wpa_supplicant1.Interface string:Networks
dbus-send --system --dest=fi.w1.wpa_supplicant1 --print-reply \
   /fi/w1/wpa_supplicant1/Interfaces/0 \
   fi.w1.wpa_supplicant1.Interface.RemoveNetwork \
   objpath:/fi/w1/wpa_supplicant1/Interfaces/0/Networks/0
dbus-send --system --dest=fi.w1.wpa_supplicant1 --print-reply \
   /fi/w1/wpa_supplicant1/Interfaces/0 \
   fi.w1.wpa_supplicant1.Interface.RemoveNetwork \
   objpath:/fi/w1/wpa_supplicant1/Interfaces/0/Networks/0
dbus-send --system --dest=fi.w1.wpa_supplicant1 --print-reply \
   /fi/w1/wpa_supplicant1/Interfaces/0 \
   fi.w1.wpa_supplicant1.Interface.RemoveNetwork \
   objpath:/fi/w1/wpa_supplicant1/Interfaces/0

Signed-hostap: Paul Stewart <pstew@chromium.org>
intended-for: hostap-1
2012-11-11 11:18:31 +02:00
Jouni Malinen
1e8a6e7553 Remove unused wpa_supplicant_disassociate()
This function is now unused after the last couple of commits that
removed the last uses, so remove this to keep code simpler since all
places that disassociate, can use deauthentication instead.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-05 17:05:37 +02:00
Jouni Malinen
07783eaaa0 Use deauthentication instead of disassociation if not associated
cfg80211/mac80211 may reject disassociation command if association has
not yet been formed. Use deauthentication in cases where it is possible
that we are associating at the moment the command is issued.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-05 16:58:00 +02:00
Jouni Malinen
42d235477f Use wpa_drv_{disassociate,deauthenticate} while waiting for connection
wpa_supplicant_{disassociate,deauthenticate}() need to inform the driver
about decision to disconnect even if this happens during the time when
the driver is still trying to complete association. During that time,
wpa_s->bssid is not set, so the code in these functions needs to figure
out the correct BSSID based on that field or wpa_s->pending_bssid. In
addition, it is possible that the BSSID is not even known at
wpa_supplicant at this point in time when using drivers that perform BSS
selection internally. In those cases, the disconnect command needs to be
sent to the driver without the BSSID.

This fixes issues where the driver (or cfg80211 in particular) may be
left in mismatching state with wpa_supplicant when disconnection (e.g.,
due to a ctrl_iface command) happens between connection request and
association event.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-05 16:57:57 +02:00
Jouni Malinen
e50d01b4f1 WPS: Add support for NFC connection handover with nfcpy
This helper script can now handle both reading of a NFC tag and
initiation of NFC connection handover if a peer NFC device is touched.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-04 16:04:42 +02:00
Jouni Malinen
dab710c4d0 WPS: Move NFC tag processing into a separate function
This makes it cleaner to add processing of other NFC operations to the
python script.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-04 15:56:46 +02:00
Jouni Malinen
ec4f5a37b8 WPS: Move wpactrl setup into a separate function
This makes it easier to share this functionality for new NFC use cases.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-04 15:53:33 +02:00
Jouni Malinen
d4f612b7dd WPS: Add an example python script for NFC operations
wps-nfc.py uses nfcpy and python-wpactrl to provide NFC tag information
to wpa_supplicant for WPS operations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-03 22:43:15 +02:00
Sven Neumann
caff399250 dbus: Add getter for WPS properties
Add "WPS" property to the DBus interface that allows to
identify the active WPS method of a BSS.

Signed-hostap: Sven Neumann <s.neumann@raumfeld.com>
2012-11-03 18:38:51 +02:00
Jouni Malinen
10737aba22 Handle assoc reject events without wpa_supplicant SME
If the driver indicates the association (or authentication) was
rejected, wpa_supplicant should handle this connection failure similarly
to other cases. Previously, this was only handled with drivers that use
wpa_supplicant SME.

In case of cfg80211-based drivers, a rejected association was actually
already handled since cfg80211 generates a deauthentication event after
indicating connection failure. However, rejected authentication resulted
in wpa_supplicant waiting for authentication timeout to expire which is
unnecessary long wait.

Fix this by calling wpas_connection_failed() to use the common mechanism
to reschedule a new connection attempt with the previously attempted
BSSID blacklisted.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-03 13:50:17 +02:00
Sasha Levitskiy
5ff2c7faed Add parameter checking and error reporting to wpa_blacklist API
Signed-off-by: Sasha Levitskiy <sanek@google.com>
2012-11-01 20:41:27 +02:00
Jouni Malinen
b363121a20 WPS: Reject invalid credential more cleanly
If WPS Registrar tries to provision a WPA/WPA2-Personal network without
including a valid Network Key, the network block cannot be used to
connect to the network. Reject such credential without adding the
network block. This makes wpa_supplicant send WSC_NACK as a response to
the invalid Credential and stop the provisioning process immediately
rather than only after trying unsuccessfully to connect to the network.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-01 16:30:35 +02:00
Jouni Malinen
8c9ad085e9 P2P: Relax Bonjour SD query matching
The DNS Name is allowed to use or not use domain name compression. To
handle both cases, check human readable DNS Name match if binary
matching does not show a hit.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-31 18:25:30 +02:00
Jouni Malinen
560f8bda8c P2P: Support multiple P2P SD Bonjour services with same key
There may be multiple Bonjour PTR matches for the same key, so extend
the P2P SD code for this to allow such entries to be added (i.e., do not
override previously added value, but add a new one). Similarly, return
multiple matches (one per Service TLV) for a query if it happens to
match more than a single configured Bonjour service.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-31 13:01:43 +02:00
Jouni Malinen
96beff11d1 P2P: Allow discoverable interval for p2p_find to be configured
The new P2P_SET parameter disc_int can now be used to configure
discoverable interval for p2p_find operations. The format of the command
for setting the values is "P2P_SET disc_int <minDiscoverableInterval>
<maxDiscoverableInterval> <max TUs for discoverable interval>". The
first two parameters are given in units of 100 TUs (102.4 ms). The third
parameter can be used to further limit the interval into a specific TU
amount. If it is set to -1, no such additional limitation is enforced.
It should be noted that the P2P specification describes the random
Listen state interval to be in units of 100 TUs, so setting the max TU
value to anything else than -1 is not compliant with the specification
and should not be used in normal cases. The default parameters can be
set with "P2P_SET disc_int 1 3 -1".

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-30 15:12:04 +02:00
Jouni Malinen
23270cd8f5 Restore wpa_s->scan_req if scan trigger fails
If the driver rejects the scan request while handling an external
requested scan (e.g., SCAN command on ctrl_iface), wpa_s->scan_req gets
cleared in wpa_supplicant_scan(). This can results in issues when the
scheduled re-try of the scan in one seconds trigger another call to this
function. If ap_scan==2 mode is used, this would result in new
association attempt instead of a new scan. Avoid this by restoring value
of wpa_s->scan_req in case the scan trigger fails and a new scan attempt
is scheduled.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-30 12:27:05 +02:00
Jouni Malinen
340f1c48f7 P2P: Clear pending_pd_before_join on PD timeout
wpas_p2p_pd_before_join_timeout() needs to clear the
pending_pd_before_join flag to match other uses of this flag prior to
calling wpas_p2p_join_start(). Without this, the flag could be left set
which can cause following P2P operations to behave in unexpected ways.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-29 16:25:02 +02:00
Jouni Malinen
d76cd41a3a P2P: Allow separate P2P group interface use to be disabled
The new p2p_no_group_iface=1 configuration parameter can now be used to
disable the default behavior of adding a separate interface for the P2P
group when driver support for concurrent interfaces is available.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-29 15:02:30 +02:00
Jouni Malinen
5fbddfdcf1 P2P: Fix default p2p_group_idle timeout for P2P client role
Commit 0d30cc240f forced
wpa_s->current_ssid to be cleared in wpa_supplicant_mark_disassoc()
which gets called from wpa_supplicant_event_disassoc(). This breaks the
P2P group idle mechanism for the case where p2p_group_idle is not set
(i.e., is the default 0) since wpas_p2p_group_idle_timeout() ignores the
timeout in that case if the interface is not recognized as a client
interface (which was based on wpa_s->current_ssid being set).

Fix this by making wpas_p2p_is_client() default to client case if
wpa_s->current_ssid is NULL. This is much more likely case since the P2P
GO mode operation would not really clear the pointer without explicit
request to disconnect.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-10-28 21:37:15 +02:00
Jouni Malinen
9f36eac6e5 WPS: Remove old OOB NFC interface
The old WPS interface for using NFC has no known deployments and even
the binary libraries referenced here are not easily available anymore.
Since the new interface for using NFC with WPS covers the same
functionality, remove the old implementation to clean up WPS
implementation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-10-28 18:20:03 +02:00
Jouni Malinen
bd3a373767 WPS: Use AP Channel attribute in credential to speed up scan
When WPS is used with NFC connection handover, the AP may indicate its
operating channel within the credential information. Use this
informatiom, if present, to speed up the scan process.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-10-28 18:02:04 +02:00
Jouni Malinen
e65552ddf2 WPS: Add preliminary NFC connection handover support for Enrollee
This commit adds new wpa_supplicant ctrl_iface commands to allow
external programs to go through NFC connection handover mechanism
with wpa_supplicant taking care of the WPS processing. This version
includes only the case where wpa_supplicant is operating as a
station/Enrollee.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-10-28 17:39:46 +02:00
Jouni Malinen
04a3e69dd1 P2P: Allow all channels with multi-channel concurrency
If the driver indicates support for multi-channel concurrency, change
the p2p_connect behavior to not force the current operating channel, but
instead, just mark it as preferred for GO Negotiation. This change
applies only for the case when the freq parameter is not used with the
p2p_connect command.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-26 18:10:46 +03:00
Jouni Malinen
f3989ced4f P2P: Add secondary device types into p2p_peer output
This allows the P2P_PEER command to be used to fetch the list of
secondary device types that each P2P peer has advertised.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-25 09:16:27 +03:00
Jouni Malinen
13ece96f70 P2P: Improve robustness against lost ctrl::ack frames
P2P includes two use cases where one of the devices is going to start a
group and likely change channels immediately after processing a frame.
This operation may be fast enough to make the device leave the current
channel before the peer has completed layer 2 retransmission of the
frame in case the ctrl::ack frame was lost. This can result in the peer
not getting TX status success notification.

For GO Negotiation Confirm frame, p2p_go_neg_conf_cb() has a workaround
that ignores the TX status failure and will continue with the group
formation with the assumption that the peer actually received the frame
even though we did not receive ctrl::ack. For Invitation Response frame
to re-invoke a persistent group, no such workaround is used in
p2p_invitation_resp_cb(). Consequently, TX status failure due to lost
ctrl::ack frame results in one of the peers not starting the group.

Increase the likelihood of layer 2 retransmission getting acknowledged
and ctrl::ack being received by waiting a short duration after having
processed the GO Negotiation Confirm and Invitation Response frames for
the re-invocation case. For the former, use 20 ms wait since this case
has been worked around in deployed devices. For the latter, use 50 ms
wait to get even higher likelihood of getting ctrl::ack through since
deployed devices (and the current wpa_supplicant implementation) do not
have a workaround to ignore TX status failure.

20 ms is long enough to include at least couple of retries and that
should increase likelihood of getting ctrl::ack through quite a bit. The
longer 50 ms wait is likely to include full set of layer 2 retries.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-13 17:33:16 +03:00
Jouni Malinen
c423708f02 WPS: Allow PIN timeout to be specified with wpa_supplicant AP/GO
Extend the wpa_cli wps_pin command to support specification of the PIN
expiration time in seconds similarly to hostapd_cli wps_pin command when
using wpa_supplicant for AP mode (including P2P GO).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-10 17:22:35 +03:00
Jouni Malinen
7a808c7eb7 P2P: Allow P2P functionality to be disabled per interface
By default, P2P is enabled globally for all virtual interfaces and this
makes wpa_supplicant include WSC and P2P IEs in Probe Request frames for
all scans even if this is for a non-P2P station connection to speed up
device discovery. If an interface is dedicated for non-P2P station mode
operations, it is now possible to disable addition of WSC and P2P IEs
into Probe Request frames with a per-interface p2p_disabled parameter.
This can be set either in the configuration file (p2p_disabled=1) or at
run time ("wpa_cli -i wlan0 set p2p_disabled 1"). Unlike the previous
mechanism ("wpa_cli p2p_set disabled 1"), the new parameter changes the
behavior only for the specified interface while other interfaces
continue to follow the global P2P enabled/disabled state.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-10 13:08:23 +03:00
Jouni Malinen
d86a33853e Do not clear PMKSA cache on all network block parameter changes
The bssid and priority parameters in a network block do not have any
effect on the validity of a PMKSA cache entry, so avoid flushing the
PMKSA cache when only these parameters are changed. This is mainly
to allow forced roaming or network selection changes without causing
a disconnection if the changes are done during RSN association that
used EAP.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-09 13:06:37 +03:00
Jouni Malinen
c9a8221800 Filter out unlikely "pre-shared key may be incorrect" messages
Add a function to filter out known cases of disconnection during 4-way
handshake that are caused by something else than mismatch in PSK. This
commit adds the case where the local end determines a mismatch in
WPA/RSN element between Beacon/Probe Response frames and EAPOL-Key msg
3/4.

This can avoid some potentially confusing "WPA: 4-Way Handshake failed -
pre-shared key may be incorrect" ctrl_iface messages.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-08 17:49:54 +03:00
Jouni Malinen
21af6d15a8 SAE: Add Finite Cyclic Group negotiation and Send-Confirm
This replaces the previously used bogus test data in SAE messages with
the first real field. The actual SAE authentication mechanism is still
missing and the Scaler, Element, and Confirm fields are not included.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-10-06 19:30:54 +03:00
Jouni Malinen
6d22a377bd P2P: Fix network removal on P2P connect to select correct block
If wpa_s->current_ssid is not set (e.g., after disconnection that
did not result in immediate group removal), an incorrect group could
have been removed since the network block iteration here could select
the network block that is used to store persistent group credentials.
Fix this by verifying that disabled != 2 to avoid picking the network
block that could not have been the temporary P2P group.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-05 20:37:49 +03:00
Sunil Dutt
ec947ffcd8 WPS: Reenable the networks disabled during wpa_wpas_reassoc
During the association for the WPS handshake all the other configured
networks are disabled. This patch makes wpa_supplicant reenable the
disabled networks after the success/failure of the WPS handshake.

Signed-hostap: Sunil Dutt Undekari <duttus@codeaurora.org>
2012-10-04 21:11:04 +03:00
Jouni Malinen
485e3a9228 Interworking: Unshare ANQP results on explicit ANQP requests
When ANQP_GET or HS20_ANQP_GET is used to request ANQP information,
unshare the ANQP information (i.e., create a per-BSS copy of it) to
make sure the information from the specified BSS is available in case
the APs provide different information within HESSID.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-03 14:17:41 +03:00
Jouni Malinen
2edcd5046a HS 2.0: Include parsed WAN Metrics in RX-HS20-ANQP event
This adds parsed version of WAN Metrics information to the control
event message as follows:

RX-HS20-ANQP 02:00:00:00:01:00 WAN Metrics 01:8000:1000:80:240:3000

format: <WAN Info>:<DL Speed>:<UL Speed>:<DL Load>:<UL Load>:<LMD>
WAN Info: B0-B1: Link Status, B2: Symmetric Link, B3: At Capabity
   (encoded as two hex digits)
Downlink Speed: Estimate of WAN backhaul link current downlink speed in kbps;
	1..4294967295; 0 = unknown
Uplink Speed: Estimate of WAN backhaul link current uplink speed in kbps
	1..4294967295; 0 = unknown
Downlink Load: Current load of downlink WAN connection (scaled to 255 = 100%)
Uplink Load: Current load of uplink WAN connection (scaled to 255 = 100%)
Load Measurement Duration: Duration for measuring downlink/uplink load in
tenths of a second (1..65535); 0 if load cannot be determined

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-03 13:58:56 +03:00
Jouni Malinen
3385647da9 Fix build without CONFIG_WPS=y
Commit 620c783753 modified
wpas_wps_ssid_bss_match() prototype but forgot to update the non-WPS
wrapper inline function. Fix that to match with the new bss parameter
type.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-10-01 16:07:07 +03:00
Arik Nemtsov
a93a15bbfd P2P: Add a conf parameter to start a GO as HT40 if allowed
When specified in the conf file this parameter will make all invocations
of p2p_group_add, p2p_connect, and p2p_invite behave as if "ht40" has
been specified on the command line. This shouldn't do harm since
regulatory constraints and driver capabilities are consulted anyway
before starting HT40 mode.

Signed-hostap: Arik Nemtsov <arik@wizery.com>
2012-09-30 20:35:51 +03:00
Jouni Malinen
c10347f246 Add initial parts for SAE
This introduces new AKM for SAE and FT-SAE and adds the initial parts
for going through the SAE Authentication frame exchange. The actual SAE
algorithm and new fields in Authentication frames are not yet included
in this commit and will be added separately. This version is able to
complete a dummy authentication with the correct authentication
algorithm and transaction values to allow cfg80211/mac80211 drivers to
be tested (all the missing parts can be handled with
hostapd/wpa_supplicant changes).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-30 19:51:07 +03:00
Dan Williams
1634ac0654 dbus: Add global capabilities property
Otherwise it's difficult to determine if the supplicant was built with
CONFIG_AP, CONFIG_IBSS_RSN, CONFIG_P2P, etc. CONFIG_AP and CONFIG_P2P
can be inferred from the introspection data of the Interface object,
but CONFIG_IBSS_RSN does not change the introspection data at all and
thus it's impossible to determine whether the supplicant supports it
without knowing its compile-time options.

Signed-hostap: Dan Williams <dcbw@redhat.com>
intended-for: hostap-1
2012-09-29 19:06:30 +03:00
Jouni Malinen
30b8038921 P2P: Fix p2p_cancel processing during group formation
The wpa_s->p2p_in_provisioning flag did not get cleared in some cases
where p2p_cancel command is used to stop group formation. This can result
in some operations (like p2p_find) failing afterwards. Fix this by using
wpas_group_formation_completed() when processing p2p_cancel for a group
that has not yet completed group formation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-09-28 22:01:48 +03:00
Jouni Malinen
93face0e06 Interworking: Support Android JB keystore with EAP-TLS
If the keystore:// prefix is used in the private_key entry, convert that
to the OpenSSL engine style configuration used for Android JB keystore.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-09-28 17:12:27 +03:00
Jouni Malinen
fa5c5b43e4 Interworking: Fix failed GAS query processing
The pending GAS entry must be removed from the list when it is removed.
This fixes an issue with potential segfault due to freed memory being
accessed if the driver fails to accept a GAS query.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-09-28 17:09:15 +03:00
Jouni Malinen
6407f4132f Add disallow_aps parameter to disallow BSSIDs/SSIDs
External programs can use this new parameter to prevent wpa_supplicant
from connecting to a list of BSSIDs and/or SSIDs. The disallowed BSSes
will still be visible in scan results and it is possible to run ANQP
operations with them, but BSS selection for connection will skip any
BSS that matches an entry in the disallowed list.

The new parameter can be set with the control interface SET command
using following syntax:

SET disallow_aps <disallow_list>
disallow_list ::= <ssid_spec> | <bssid_spec> | <disallow_list> | “”
SSID_SPEC ::= ssid <SSID_HEX>
BSSID_SPEC ::= bssid <BSSID_HEX>

For example:
wpa_cli set disallow_list "ssid 74657374 bssid 001122334455 ssid 68656c6c6f"
wpa_cli set disallow_list
(the empty value removes all entries)

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-09-27 17:36:59 +03:00
Jouni Malinen
83218d20dd P2P: Clear sta_scan_pending on group removal
It is possible for the P2P client group to be removed while waiting for
a pending scan operation (e.g., when p2p_group_idle timeout hits after
getting disconnected from the GO with something else than
Deauthentication with reason code 3). If this happens with a P2P
interface that is used both for P2P Device and group roles, scan state
could get stuck while waiting for the next scan to complete since no
more station (P2P client) mode scans are scheduled. Fix this by clearing
sta_scan_pending when removing the temporary group network block.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-09-25 02:55:20 +03:00
Jouni Malinen
2cd0758441 P2P: Allow peer to propose channel in invitation process
Make Invitation process for re-invoking a persistent group behave
similarly to GO Negotiation as far as channel negotiation is concerned.
The Operating Channel value (if present) is used as a starting point if
the local device does not have a forced operating channel (e.g., due to
concurrent use). Channel lists from devices are then compared to check
that the selected channel is in the intersection. If not, channel is
selected based on GO Negotiation channel rules (best channel preferences
etc.). Invitation Request is rejected if no common channel can be
selected.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-09-24 22:15:58 +03:00
Jouni Malinen
4c490780e2 P2P: Fix pending-sta-scan processing for concurrent operation cases
If two P2P_FIND commands and a station mode SCAN command are issued in a
sequence with the second P2P_FIND and SCAN commands started before the
initial scan from the first P2P_FIND command has completed,
sta_scan_pending may be left set without an automatic way of getting it
cleared. This can get P2P search stuck if no further station mode scan
operations are run.

Fix this by clearing the sta_scan_pending flag whenever station mode scans
are stopped due to no enabled networks resulting in INACTIVE mode getting
entered. In addition, avoid setting sta_scan_pending flag when a special
scan_res_handler is set so that this does not get enabled on the P2P
Device interface during a P2P search operation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-09-24 13:46:27 +03:00
Jouni Malinen
ac06fb12f5 P2P: Add more debug prints for GO start routines
This makes it easier to debug issues in starting GO mode.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-24 01:05:51 +03:00
Jouni Malinen
d4534bde9c Add debug print for no-enabled-networks case
If there are any disabled networks, show a debug print with the count
of those networks when no enabled networks are found. This can be
helpful in trying to figure out why scans are being skipped.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-24 01:04:00 +03:00
Jouni Malinen
b470b2bf37 Print control interface commands in easier format
The ASCII hexdump is somewhat difficult to search for (especially on
Android builds), so make the debug log easier to parse by printing the
full control interface command as a text string. In addition, use
wpa_dbg() to get the interface name printed so that multi-interface
cases can be debugged.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-24 01:01:26 +03:00
Jouni Malinen
c244dd2ec0 P2P: Fix PSK configuration for GO network
Setting just ssid->passphrase is not enough to complete the network
block for the GO entry. Also the PSK needs to be derived so that the
network is considered enabled by wpas_network_disabled(). The previous
version worked as long as something else allowed the scan request to be
performed (this is needed even though the actual scan is skipped when
starting GO).

The first GO start was allowed because wpa_s->scan_req is initialized to
1 in wpa_supplicant_alloc(). However, other attempts may fail if
wpa_s->scan_req is cleared. This failure shows up as "No enabled
networkas - do not scan" in debug log followed by state change to
INACTIVE when trying to start GO.

Fix this by deriving PSK from the passphrase for GO mode.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-24 00:56:57 +03:00
Jouni Malinen
0c802384a7 P2P: Fix p2p_group_idle in no-group-interface P2P client case
Commit 30ee769235 started skipping P2P
group removal if wpa_s->current_ssid is not set and commit
0d30cc240f started clearing
wpa_s->current_ssid on disconnection. This combination broke
p2p_group_idle timeout on P2P client interface in a case where no
separate P2P group interface is used and when the disconnection is
triggered by something else than an explicit indication of GO
terminating the group.

Fix this by relaxing network block matching rules when figuring out
whether any of the configured network blocks could be in P2P use. The
p2p_group flag alone should be enough for this since temporary P2P group
network blocks are removed once the P2P group is terminated.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-23 20:28:03 +03:00
Dan Williams
8c981d179b wpa_supplicant: Set state to DISCONNECTED on AP creation errors
If the AP creation failed (missing freq= or driver error) the supplicant
would previously stay in SCANNING state forever. Instead, it should
handle the error a bit better and drop back to DISCONNECTED so clients
know something went wrong.

Signed-hostap: Dan Williams <dcbw@redhat.com>
intended-for: hostap-1
2012-09-23 13:55:58 +03:00
Mykyta Iziumtsev
dd31eb79a2 P2P: Remove channel 14 from supported P2P channels
Channel 14 is available only in Japan and is DSSS-only according to
IEEE 802.11-2012 19.4.3 and MIC Equipment Ordinance (EO)
for Regulating Radio Equipment article 49.20.

At the same time, P2P should avoid using DSSS modulation in normal
operation according to P2P specification v1.2 2.4.1.

Signed-hostap: Mykyta Iziumtsev <mykyta.iziumtsev@gmail.com>
intended-for: hostap-1
2012-09-23 12:49:52 +03:00
Jouni Malinen
54c61e6e08 P2P: Fix p2p_ctrl_invite_persistent() to parse peer parameter
Commit 4d32c0c44d added another use for the
local pos variable and that broke the mechanism used to determine wheter
the peer address was provided. Fix this by using a separate pointer to the
peer address.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-15 22:21:46 -07:00
Masashi Honma
6df865face Remove unused function warning in WPS NFC case
When I use CONFIG_WPS_NFC=y a warning appears.

wps_supplicant.c:1872:12: warning: 'wpas_wps_add_nfc_password_token'
defined but not used [-Wunused-function]

This patch removes this warning.

Signed-hostap: Masashi Honma <masashi.honma at gmail.com>
2012-09-15 22:02:09 -07:00
Jouni Malinen
0dd5431312 Do not inform other virtual interfaces of scan results in all cases
If a connection operation is started on an interface based on scan
results, other virtual interfaces should not be information about the
results to avoid potential concurrent operations during the association
steps. Since the sibling notification of scan results received was added
as an optimization, skipping it for this type of cases is the simplest
way of avoiding unnecessary concurrent operations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-13 18:07:02 -07:00
Jouni Malinen
ab03f6da7a P2P: Schedule new scan if P2P operation delays scan
This makes sure that the interrupted station mode scan can be completed
after the P2P operations have had their chance of using the radio.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-13 18:05:55 -07:00
Jouni Malinen
58d3760e7e P2P: Check all interfaces for pending scan for p2p_scan failures
Driver could reject the new scan based on any virtual interface
running a concurrent scan. As such, mark the pending scan callback
for P2P based on any interfaces instead of just the one used for
the p2p_scan operation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-13 18:03:14 -07:00
Jouni Malinen
e665ca9a8d P2P: Move p2p_cb_on_scan_complete to global context
Since we have a global P2P module, the flag to trigger scan completion
events to it needs to be in similar context. The previous design
maintained this separately for each virtual interface and if P2P module
did not run its scan operation on the virtual interface that completed
the scan, P2P module would not be allowed to restart operations
properly.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-13 17:58:22 -07:00
Jouni Malinen
762b99db7a Fix last_scan_res update existing BSS entry is update
The BSS pointer may change if the entry needs to be reallocated
and the new pointer has to be added to the last_scan_res array
to avoid using pointers to freed memory.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-10 12:36:55 +02:00
Yuhao Zheng
dc7785f845 wpa_supplicant: Add PKTCNT_POLL command to get TX/RX packet counters
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-09-05 17:02:02 +03:00
Jouni Malinen
53c9fc1df6 Interworking: Share ANQP data within homogenous ESS
If two BSS entries have the same HESSID and SSID, share the fetched ANQP
information between these BSS entries to save memory and GAS/ANQP
operations.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-09-04 17:22:42 +03:00
Jouni Malinen
c739d7e968 Interworking: Store HESSID in BSS entry
This makes it more convenient to match BSS entries that belong to the
same homogenous ESS.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-09-04 17:08:58 +03:00
Jouni Malinen
7e414b21c2 Interworking: Allow EAP-SIM/AKA/AKA' override in cred block
The eap parameter in the cred block can now be used to override
automatic EAP-SIM/AKA/AKA' selection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-09-04 16:50:52 +03:00
Jouni Malinen
476aed355a Interworking: Move BSS ANQP information into separate struct
This is an initial step in allowing the ANQP responses to be shared
among multiple BSSes if the BSSes are determined to be operating under
identical configuration.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-09-04 16:22:35 +03:00
Deepthi Gowri
59ff6653aa Fix REMOVE_NETWORK to not run operations with invalid current_ssid
If the REMOVE_NETWORK command is used to delete the currently connected
network, some operations were run between removing the network and
clearing of wpa_s->current_ssid. This left wpa_s->current_ssid pointing
to freed memory and should any operation end up using it before the
pointer gets cleared, freed memory could be references. Avoid this by
removing the network only after having completed the operations that
clear wpa_s->current_ssid.

Signed-hostap: Deepthi Gowri <deepthi@codeaurora.org>
intended-for: hostap-1
2012-09-03 11:55:38 +03:00
Jouni Malinen
7ff833674b Interworking: Fetch only the needed ANQP information
Use configured credentials to figure out which ANQP information needs to
be fetched and only fetch those when using Interworking network
selection. The fetch_anqp command is still fetching all ANQP
information.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-02 21:05:54 +03:00
Jouni Malinen
a594e2a9ab Interworking: Skip extra scan after network auto-select
If the scan results from before ANQP fetch are fresh (less than five
seconds old), do not run a new scan when selecting the BSS after having
used Interworking network selection.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-02 20:18:48 +03:00
Jouni Malinen
620c783753 Use BSS entries instead of scan results for BSS selection
This allows the BSS selection functions to be called without having the
scan result data structure. This can be used to skip extra scans in
cases where previous results can be considered fresh.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-02 19:56:57 +03:00
Jouni Malinen
cf8baca6a5 BSS: Add wpa_bss_get_vendor_ie_multi_beacon()
This can be used to fetch vendor IEs from Beacon frames.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-02 19:54:42 +03:00
Jouni Malinen
a297201df1 Maintain list of BSS entries in last scan result order
This allows last results to be used even after they have been freed
since the information is copied to the BSS entries anyway and this new
array provides the order in which scan results were processed.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-02 19:53:15 +03:00
Jouni Malinen
20ed5e40ba Use BSS table instead of scan results in need-to-roam determination
The same information is available in the BSS table, so we can reduce the
need for using the raw scan results in wpa_supplicant_need_to_roam().

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-02 17:39:35 +03:00
Jouni Malinen
e026159a8e EAP-SIM/AKA: Store pseudonym identity in configuration
Use the anonymous_identity field to store EAP-SIM/AKA pseudonym identity
so that this can be maintained between EAP sessions (e.g., after
wpa_supplicant restart) even if fast re-authentication data was cleared.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-02 13:04:18 +03:00
Jouni Malinen
bcdf2096bd SME: Fix disconnec-while-authenticating
Commit 0d30cc240f forced
wpa_s->current_ssid to be cleared in wpa_supplicant_mark_disassoc()
which gets called from wpa_supplicant_event_disassoc(). This broke SME
disassoc-while-authenticating workaround for cfg80211. Fix this by
restoring wpa_s->current_ssid in case SME authentication is in progress.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-01 17:20:27 +03:00
Jouni Malinen
0aadd5682f Fix disconnection event processing
Commit 0d30cc240f forced
wpa_s->current_ssid and wpa_s->key_mgmt to be cleared in
wpa_supplicant_mark_disassoc() which gets called from
wpa_supplicant_event_disassoc(). This broke IEEE 802.1X authentication
failure processing and P2P deauthentication notification (group
termination).

Fix this by splitting wpa_supplicant_event_disassoc() into two parts and
make wpas_p2p_deauth_notif() indicate whether the interface was removed.
If so, the last part of disassocition event processing is skipped. Since
the wpa_supplicant_mark_disassoc() call is in the second part, the above
mentioned issues are resolved. In addition, this cleans up the P2P group
interface removal case by not trying to use fast reconnection mechanism
just before the interface gets removed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-31 22:04:41 +03:00
Jouni Malinen
6f1ca696c7 P2P: Do not fail p2p_group_remove just based on current_ssid
The wpa_s->current_ssid pointer may get cleared, e.g., when
disconnected. Commit 30ee769235 made
wpas_p2p_group_delete() exit early before removing a P2P interface in
this type of case. That can cause number of issues from p2p_group_remove
command failing to busy loop when terminating wpa_supplicant if there is
a P2P group interface in client mode and that interface happens to be in
disconnected state. Fix these issues by allowing wpas_p2p_group_delete()
remove the P2P group interface regardless of whether wpa_s->currnt_ssid
is set.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-31 21:35:32 +03:00
Jouni Malinen
4d32c0c44d P2P: Allow p2p_invite-persistent to specify channel for GO
The freq and ht40 parameters can now be used with the p2p_invite
command when reinvoking a persistent group as the GO.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-31 21:20:51 +03:00
Jouni Malinen
55d834e172 Android: Add Wi-Fi Display into the makefile
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-31 18:34:32 +03:00
Jouni Malinen
43323e43d3 Android: Include Hotspot 2.0 support in the default build
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-31 18:34:30 +03:00
Jouni Malinen
50cfe0e1cb Android: Add new keystore include path for JB
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-31 18:34:27 +03:00
Jouni Malinen
7b1aa4fe30 Move variable declaration into the beginning of function
The variables used within the #ifndef block here needs to be defined in
the beginning of the function to avoid issues with some compilers.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-30 00:37:59 +03:00
Jouni Malinen
1f3a3ec4a4 Interworking: Fix build without CONFIG_PCSC=y
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-30 00:35:53 +03:00
Jouni Malinen
6ffdc2f7bd WFD: Add preliminary WSD request processing and response
This commit does not yet address support for different device roles,
i.e., the same set of subelements are returned regardless of which
role was indicated in the request.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-29 19:51:29 +03:00
Jouni Malinen
347d6a5b76 WFD: Add support for sending Wi-Fi Display service discovery requests
wpa_cli p2p_serv_disc_req command can now be used to request WSD
request to be sent to specified or all peers who support WSD.

format: wifi-display <list of roles> <list of subelements>
examples:
p2p_serv_disc_req 00:00:00:00:00:00 wifi-display [source] 2,3,4,5
p2p_serv_disc_req 02:01:02:03:04:05 wifi-display [pri-sink] 3
p2p_serv_disc_req 00:00:00:00:00:00 wifi-display [sec-source] 2
p2p_serv_disc_req 00:00:00:00:00:00 wifi-display [source+sink] 2,3,4,5
p2p_serv_disc_req 00:00:00:00:00:00 wifi-display [source][pri-sink] 2,3,4,5

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-29 19:51:29 +03:00
Jouni Malinen
337c781f9c WFD: Add wfd_subelems hexdump in BSS ctrl_iface command output
This makes it easier to parse the WFD subelements from scan results.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-29 19:51:29 +03:00
Jouni Malinen
9675ce354a WFD: Add Wi-Fi Display support
This commit adds control interface commands and internal storage of
Wi-Fi Display related configuration. In addition, WFD IE is now added
to various P2P frames, Probe Request/Response, and (Re)Association
Request/Response frames. WFD subelements from peers are stored in the
P2P peer table.

Following control interface commands are now available:
SET wifi_display <0/1>
GET wifi_display
WFD_SUBELEM_SET <subelem> [hexdump of length+body]
WFD_SUBELEM_GET <subelem>

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-29 19:51:29 +03:00
Jouni Malinen
eb7719ff22 Add support for using GCMP cipher from IEEE 802.11ad
This allows both hostapd and wpa_supplicant to be used to derive and
configure keys for GCMP. This is quite similar to CCMP key
configuration, but a different cipher suite and somewhat different rules
are used in cipher selection. It should be noted that GCMP is not
included in default parameters at least for now, so explicit
pairwise/group configuration is needed to enable it. This may change in
the future to allow GCMP to be selected automatically in cases where
CCMP could have been used.

This commit does not included changes to WPS or P2P to allow GCMP to be
used.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-29 11:52:15 +03:00
Jouni Malinen
01335e2c8d wpa_cli: Add tab completion for p2p_find
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-28 17:38:53 +03:00
Jouni Malinen
e4f6873cce wpa_cli: Fix tab completion
Commit b49039bda9 redesigned tab
completion, but added the new call to completion functions into wrong
location. This needs to be done within the loop to find the correct
completion function.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-28 17:25:09 +03:00
Jouni Malinen
4d5bda5fca Interworking: Add optional use of network selection on normal scans
auto_interworking=1 configuration parameter can be used to request
wpa_supplicant to use Interworking network selection automatically as a
part of the normal (non-Interworking) network selection if the scan
results do not match with enabled networks. This makes scanning work
similarly to the "interworking_select auto" command.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-28 16:14:13 +03:00
Jouni Malinen
b1f122964e Add generic GAS request mechanism
The new gas_request and gas_response_get commands can be used to request
arbitary GAS queries to be performed. These can be used with ANQP or
with other (including vendor specific) advertisement protocols.

gas_request <BSSID> <AdvProtoID> [Query]
gas_response_get <addr> <dialog token> [offset,length]

For example, ANQP query for Capability list in interactive wpa_cli
session:

> gas_request 02:00:00:00:01:00 00 000102000101
<3>GAS-RESPONSE-INFO addr=02:00:00:00:01:00 dialog_token=0
status_code=0 resp_len=32
> gas_response_get 02:00:00:00:01:00 00
01011c00010102010501070108010c01dddd0c00506f9a110200020304050607
> gas_response_get 02:00:00:00:01:00 00 0,10
01011c00010102010501
> gas_response_get 02:00:00:00:01:00 00 10,10
070108010c01dddd0c00
> gas_response_get 02:00:00:00:01:00 00 20,10
506f9a11020002030405
> gas_response_get 02:00:00:00:01:00 00 30,2
0607

It should be noted that the maximum length of the response buffer is
currently 4096 bytes which allows about 2000 bytes of the response data
to be fetched with a single gas_response_get command. If the response is
longer, it can be fetched in pieces as shown in the example above.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-27 18:13:10 +03:00
Jouni Malinen
a462036a47 WPS: Allow AP that becomes active be tried immediately
Clear the possible blacklisting of a WPS AP during WPS PIN iteration if
the AP moves to selected registrar TRUE state or if it adds our MAC
address to the list of authorized MACs.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-27 13:51:35 +03:00
Jouni Malinen
f9f0526bcd WPS: Maintain more AP state during WPS PIN iteration
Maintain state of WPS APs during iteration to find the correct AP for
WPS PIN operation when no specific BSSID is specified. This information
can be used for optimizing the order in which the APs are tried. This
commit is only adding the collection of the information and more
detailed debug information to make debug logs more helpful in figuring
out how the AP selection order could be improved.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-27 13:48:11 +03:00
Jouni Malinen
0d30cc240f Clear current_ssid and key_mgmt when disconnected
This makes wpa_supplicant state somewhat cleaner since the information
from previously used connection is not maintained after getting
disconnected.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-26 23:35:08 +03:00
Jouni Malinen
00e5e3d509 Disable network block temporarily on authentication failures
If 4-way handshake fails due to likely PSK failure or if EAP
authentication fails, disable the network block temporarily. Use longer
duration if multiple consecutive failures are seen.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-26 23:35:07 +03:00
Jouni Malinen
2af4d404a8 wpa_cli: Add optional argument for the help command
"help <cmd>" can now be used to print the usage text for the
specified command (or set of commands matching the prefix).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-26 23:35:07 +03:00
Jouni Malinen
b49039bda9 wpa_cli: Add tab completion function into the command table
Instead of using a separate list of commands, use the main command table
to assign tab completion functions. In addition, use the existing BSS
and P2P peer completions functions with the commands that use BSSID or
P2P Device address the first argument.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-26 23:35:07 +03:00
Jouni Malinen
632c9458c4 Interworking: Fix home SP check with real SIM card
The NAI building routine assumed that the credential included the IMSI,
but that is not the case when using a real SIM card. Build the NAI based
on the IMSI read for the card in such a case.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-26 23:35:04 +03:00
Jouni Malinen
8f23401281 Interworking: Fix PLMN matching with multiple entries
The pos variable was not advanced when comparing PLMN entries in
3GPP Cellular Network information and as such, only the first
entry was really used.

Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-08-26 20:37:11 +03:00
Jouni Malinen
27b80b5b4c wpa_cli: Add a 'raw' command for sending unprocessed data
This can be used to test new control interface commands and to use
commands that may not yet be supported by wpa_cli.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-25 13:33:29 +03:00
Dmitry Shmidt
39ee845f92 wpa_supplicant: Add bss_flush command to invalidate scan results
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-08-25 10:23:22 +03:00
Jouni Malinen
bf428a739c P2P: Fix memory leak with driver-based P2P management
If the P2P management operations are handled within the driver, the
P2P service entries were not freed when terminating wpa_supplicant.
Fix this by calling wpas_p2p_service_flush() even if the P2P module
within wpa_supplicant has not been initialized.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-24 20:45:22 +03:00
Jouni Malinen
b4a5dfa95d P2P: Limit maximum number of stored P2P clients to 100
This limits the maximum size of the p2p_client_list parameter that
is maintained at the GO for a persistent group. In other words, only
the 100 most recently seen P2P clients are kept in the list.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-08-24 00:25:14 +03:00
Jouni Malinen
223167956c Improve p2p_client_list updates in configuration file
This list can get truncated due to too many addresses getting added.
Reorder the entries in a way that allows the most recently added values
to be maintained in the list and use better debug/error messages when
parsing the value.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-08-24 00:25:14 +03:00
Jouni Malinen
d42bc5e178 Handle long configuration file lines more gracefully
Skip the end of long configuration lines that get truncated in
wpa_config_get_line(). Without this, the rest of the file was being
parsed as another line and that resulted in an unexpected error
message (wrong line number and wrong starting point).

In addition, increase the read buffer for network blocks from 256
to 2000 since p2p_client_list parameter can have long values. These
were supposed to truncated cleanly, but the unexpected processing of
the end of the file (which is now fixed in this commit) could cause
configuration file to be rejected.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-08-23 23:52:45 +03:00
Jouni Malinen
cc8c7b8840 P2P: Remove unnecessary call in resuming p2p_find
Commit 99fcd40409 added a call to update
search delay after failed authentication attempt. This change was
supposed to be only in p2p_supplicant.c for the successful case. The
extra call does not really do anything, but it's good to remove it to
avoid any confusion in the future.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-23 20:28:04 +03:00
Jouni Malinen
99fcd40409 P2P: Allow scan operations during p2p_find
Previously, all station mode scan operations were either skipped or
delayed while any P2P operation was in progress. To make concurrent
operations easier to use, reduce this limitation by allowing a scan
operation to be completed in the middle of a p2p_find. In addition,
allow station mode association to be completed. When the station mode
operation is run to its completion (scan results not acted on,
connection to an AP completed, connection failed), resume the p2p_find
operation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-23 19:42:53 +03:00
Jouni Malinen
05a77b3b46 P2P: Use 500 ms search delay by default during concurrent operations
If the p2p_find command is used without the delay parameter, a 500 ms
default search delay will now be used when any interface using the same
radio is in an concurrent operation. "p2p_find delay=0" can be used to
enforce the old behavior in such a case if needed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-23 18:34:57 +03:00
Jouni Malinen
37448ede31 P2P: Add option for adding extra delay to p2p_find
A new optional delay=<search delay in milliseconds> parameter can now be
used with p2p_find command to request an extra delay between search
iterations. This can be used, e.g., to make p2p_find friendlier to
concurrent operations by avoiding it from taking 100% of the radio
resources.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-23 18:20:58 +03:00
Jouni Malinen
065d2895b4 Add UNAUTH-TLS vendor specific EAP type
This EAP type uses a vendor specific expanded EAP header to encapsulate
EAP-TLS with a configuration where the EAP server does not authenticate
the EAP peer. In other words, this method includes only server
authentication. The peer is configured with only the ca_cert parameter
(similarly to other TLS-based EAP methods). This method can be used for
cases where the network provides free access to anyone, but use of RSN
with a securely derived unique PMK for each station is desired.

The expanded EAP header uses the hostapd/wpa_supplicant vendor
code 39068 and vendor type 1 to identify the UNAUTH-TLS method.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-22 22:34:11 +03:00
Jouni Malinen
a8a3868ddd HS 2.0: Add preliminary documentation for Hotspot 2.0
This describes wpa_supplicant functionality for Interworking
(probe request parameters, network selection) and Hotspot 2.0.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-21 21:32:31 +03:00
Jouni Malinen
a120c3fad6 WPS: Remove unused credential handlers for 802.1X
The WPA_AUTH_WPA and WPA_AUTH_WPA2 cases have already been rejected in
this function when execution comes here. In theory, support for
WPA-Enterprise could be added, but since that has not happened over the
years, there is no good reason to keep this dead code here.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-19 19:10:40 +03:00
Jouni Malinen
392824ef10 Clean up the closed stdin/stdout/stderr workaround to close sockets
Close the workaround sockets when wpa_supplicant exists to avoid
hitting resource leak warnings.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-19 18:01:04 +03:00
Jouni Malinen
44ec48ebfd FIPS: Remove md5-non-fips.c
Commit c9e08af24f removed the only user of
the special case MD5 use that would be allowed in FIPS mode in
tls_prf_sha1_md5(). Commit 271dbf1594
removed the file from the build, but left the implementation into the
repository. To clean things up even further, remove this functionality
completely since it is not expected to be needed for FIPS mode anymore.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-19 16:53:15 +03:00
Jouni Malinen
63e5caaa6f Interworking: Do not match credentials without WPA2-Enterprise
Since we currently support only HS 2.0 networks with Interworking
network selection, do not indicate credential match unless the
network uses WPA2-Enterprise.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-19 12:55:12 +03:00
Jouni Malinen
8601b50312 Interworking: Enforce WPA2-Enterprise/CCMP
Since we currently support only HS 2.0 networks with Interworking
network selection, enforce that WPA2-Enterprise/CCMP is used on the
AP instead of allowing any WPA-Enterprise combination.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-19 12:55:12 +03:00
Jouni Malinen
4ed34f5acd HS 2.0: Do not indicate HS 2.0 status without WPA2-Enterprise
Hotspot 2.0 allows only WPA2-Enterprise to be used, so other types of
networks must not be indicated as Hotspot 2.0 networks even if they
(incorrectly) advertise HS 2.0 support.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-19 12:54:48 +03:00
Jouni Malinen
2b95f57ba5 Interworking: Do not reconnect without "auto" parameter
When there was no credential match, but an enabled network block matched
with a scan result, wpa_supplicant reconnected at the end of
interworking_select command even if "auto" parameter was not used. Fix
this by running the reconnect only if requested to automatically select
a network.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-19 12:26:21 +03:00
Jouni Malinen
9af7361b3f Document TLS options in phase1/phase2
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-17 22:27:29 +03:00
Yoni Divinsky
6409b7a715 Supply the connection scan results to bgscan after init
If bgscan is enabled, then bgscan is initiated after the connection,
with no bss scan result information. Since a scan was performed prior to
the connection, the information exists and can be used to initialize the
bgscan's cache.

Signed-hostap: Yoni Divinsky <yoni.divinsky@ti.com>
2012-08-17 20:53:44 +03:00
Jouni Malinen
26a379224c OpenSSL: Implement SHA256 HMAC functions using HMAC API
Use the OpenSSL HMAC implementation instead of the internal sha256.c
implementation of HMAC with SHA256.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 22:34:35 +03:00
Jouni Malinen
ab637dcb37 Move SHA256-based PRF function into a separate C file
This makes it easier to conditionally build in SHA256 functions based
on which TLS/crypto library is used.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 22:24:11 +03:00
Jouni Malinen
0b5e98557e FIPS: Use OpenSSL CMAC implementation instead of aes-omac1.c
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 22:19:53 +03:00
Jouni Malinen
982bafedaf FIPS: Mix in OpenSSL RAND_bytes() into random_get_bytes()
Make sure that the OpenSSL DRBG gets used when generating
random numbers in FIPS mode.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 21:49:41 +03:00
Jouni Malinen
030d062fac OpenSSL: Implement SHA1 HMAC functions using HMAC API
Use the OpenSSL HMAC implementation instead of the internal sha1.c
implementation of HMAC with SHA1.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 20:38:25 +03:00
Jouni Malinen
d6150094e0 Move SHA1-based PRF function into a separate C file
This makes it easier to conditionally build in SHA1 functions based
on which TLS/crypto library is used.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 20:26:16 +03:00
Jouni Malinen
e40c86ad27 OpenSSL: Use library function for PBKDF2 passphrase-to-PSK
Use the OpenSSL PKCS5_PBKDF2_HMAC_SHA1() function instead of the
internal implementation in sha1-pbkdf2.c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 20:26:16 +03:00
Jouni Malinen
6e6909a97e FIPS: Remove MD5 from the CONFIG_FIPS=y build
When CONFIG_FIPS=y is used, do not include MD5 in the build and disable
EAPOL-Key frames that use MD5 (WPA/TKIP and dynamic WEP with IEEE
802.1X).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 20:03:17 +03:00
Jouni Malinen
271dbf1594 FIPS: Do not build md5-non-fips.o unless really needed
This is not needed anymore when using OpenSSL keying exporter
functionality for PRF.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 19:58:15 +03:00
Jouni Malinen
c9e08af24f Do not export TLS keys in FIPS mode
Only allow the TLS library keying material exporter functionality to be
used for MSK derivation with TLS-based EAP methods to avoid exporting
internal TLS keys from the library.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 19:38:15 +03:00
Jouni Malinen
411f567050 Allow libdl to be linked in after OpenSSL
OpenSSL-based builds may need libdl in the linker line after the OpenSSL
library. CONFIG_TLS_ADD_DL=y can now be used to force that if needed.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 19:34:38 +03:00
Jouni Malinen
e001191837 Add "make fips" for wpa_supplicant builds with OpenSSL
This can be used for convenience to build wpa_supplicant with OpenSSL
FIPS object module. CONFIG_FIPS=y is expected to be used in
wpa_supplicant/.config when using this option.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-16 17:53:05 +03:00
Jouni Malinen
4f219667d7 P2P: Use larger GO config timeout if HT40 is used
Increase GO config timeout if HT40 is used since it takes some time
to scan channels for coex purposes before the BSS can be started.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-15 23:19:11 +03:00
Rajkumar Manoharan
e2308e4b45 P2P: Add optional "ht40" argument for p2p_connect
This can be used to start negotiated GO in 40 MHz channel width
in 5GHz band.

Signed-hostap: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
2012-08-15 23:07:44 +03:00
Rajkumar Manoharan
7aeac98509 P2P: Enable 40 MHz support for autonomous P2P group addition
Add optional "ht40" argument for p2p_group_add command to enable 40 MHz
in 5GHz band. This configures the secondary channel, when HT support is
enabled and if the HW supports 40 MHz channel width.

Signed-hostap: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
2012-08-15 22:53:01 +03:00
Rajkumar Manoharan
931228aa10 P2P: Move channel validation into a separate function
Signed-hostap: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
2012-08-15 22:44:34 +03:00
Jouni Malinen
87c7ba8423 wpa_cli: Use helper functions to implement commands
This simplifies wpa_cli implementation greatly and also reduces
the binary size by one third or so.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-15 22:40:07 +03:00
Jouni Malinen
0076869c62 wpa_cli: Add helper functions for building and executing commands
These helper functions can be used to implement most of the common
wpa_cli commands to simplify the implementation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-15 22:08:21 +03:00
Jouni Malinen
a3f7e5186b Allow non-WPA IEEE 802.1X to be select even if WPA is also enabled
If key_mgmt was set to allow both WPA and non-WPA IEEE 802.1X (i.e., to
IEEE8021X WPA-EAP), non-WPA IEEE 802.1X was rejected while preparing
association parameters. Allow this special case to be handled by
selecting non-WPA case if the scan results for the AP do not include
either WPA or RSN elements.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-15 19:34:04 +03:00
Eyal Shapira
a13e07ec4d Fix adding extra IEs in sched scan
Refactoring done in commit 46ee0427b1
(IEEE 802.11u: Allow Interworking and HESSID to be configured)
broke adding extra IEs in sched scan. The IEs stopped being added
to the scan params within wpa_supplicant_extra_ies() but no code
was added to add them in wpa_supplicant_req_sched_scan().
Fix this and remove unused params arg in wpa_supplicant_extra_ies().

Signed-hostap: Eyal Shapira <eyal@wizery.com>
intended-for: hostap-1
2012-08-13 21:48:55 +03:00
Jouni Malinen
1f52c2f7b5 GAS: Fix reporting of GAS query timeouts
GAS_QUERY_TIMEOUT value was used for two different things - enum for
status callback and #define for internal eloop timeout). The latter
overwrites the former and as such, the timeout reported ended up going
out with value 5 which matches with GAS_QUERY_CANCELLED instead of
GAS_QUERY_TIMEOUT. This value was not used in existing code, so this
should not modify the current behavior. Anyway, the correct reason for
the failure should be reported. Rename the internal #define for the
timeout period to avoid the name conflict. [Bug 463]

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-13 21:33:00 +03:00
Jouni Malinen
067ffa2696 Convert os_realloc() for an array to use os_realloc_array()
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-13 21:21:23 +03:00
Jouni Malinen
f9884c096a Convert os_zalloc() for an array to use os_calloc()
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-13 20:44:21 +03:00
Jouni Malinen
78372bda68 Fix memcmp use in a test program
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-13 19:57:57 +03:00
Jouni Malinen
623ecdd5a2 Remove default ACM=1 from AC_VO and AC_VI
There is no need to mandate admission control (ACM=1) by default, so
clear that flag in the case the configuration file does not specify
wmm_ac_{vo,vi}_acm value. This gets closer to the values mentioned
in the sample hostapd.conf file and reduces the need to specify WMM
parameters in the configuration file for most common use cases.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-12 11:36:45 +03:00
Yoni Divinsky
c26effe15f wpa_supplicant AP/P2P: Enable WMM param configuration
In case of P2P GO and AP mode, wpa_supplicant uses the default hostapd
parameters for WMM. In the default parameters the ACM bit for video and
voice are set to 1, meaning, P2P devices and stations which are
connected to the GO cannot pass voice or video data packets. Allow this
to be changed through wpa_supplicant configuration file with wmm_ac_*
parameters.

Signed-hostap: Yoni Divinsky <yoni.divinsky@ti.com>
2012-08-12 11:34:07 +03:00
Jouni Malinen
e485286c67 Remove unnecessary bssid_changed check
The os_memcmp of bssid and wpa_s->bssid cannot return 0 in this
code path since identical os_memcmp was already done above.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-11 17:54:43 +03:00
Masashi Honma
0a0c38f63d Do not proceed with association if get_bssid() returns failure
This is the normal flow for association:

wpa_supplicant <--(EVENT_ASSOC event )--  device driver
wpa_supplicant  --( get_bssid()      )--> device driver
wpa_supplicant <--( return BSSID     )--  device driver

However, a device driver could return EINVAL for get_bssid() because it
recognizes it has already been disconnected. When the wpa_supplicant
received EINVAL, the bssid field could be used uninitialized in the
following flow:

wpa_supplicant <--(EVENT_ASSOC event )--  device driver
                                          device driver (receive deauth)
wpa_supplicant  --( get_bssid()      )--> device driver
wpa_supplicant <--( return EINVAL    )--  device driver

Prevent this by requiring the get_bssid() call to succeed when
processing association events.
2012-08-11 17:46:58 +03:00
Arik Nemtsov
b6871ebb17 SME: Correctly check mode HT caps for enabling OBSS scan
Don't assume the 11g mode is always first in the list of mode (sometimes
it isn't). Traverse the array of modes and check the HT40 capability is
turned on for 11g.

Signed-hostap: Arik Nemtsov <arik@wizery.com>
2012-08-11 17:08:54 +03:00
Jouni Malinen
8dba4aef11 P2P: Move group removal reason to a function parameter
wpa_s->removal_reason was set only when calling wpas_p2p_group_delete()
and while couple of call places did not set this, it should really be
set in each case. As such, it works better as a function parameter than
a variable in struct wpa_supplicant.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-11 12:41:31 +03:00
Michael Naumov
30ee769235 P2P: p2p_group_remove should fail on non-P2P interface
p2p_group_remove should only attempt to remove P2P group
interfaces and fail on non-P2P group interfaces.

Signed-hostap: Michael Naumov <michael.naumov@intel.com>
Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
2012-08-11 12:06:23 +03:00
Eyal Shapira
462a7439e1 Add p2p_go_max_inactivity config option
This enables setting a different max inactivity timeout for P2P GO.
This timeout is used to detect inactive clients. In some scenarios
it may be useful to have control over this and set a shorter timeout
than the default 300s. For example when running STA and P2P GO interfaces
concurrently, the STA interface may perform scans which may cause the
GO to miss a disassoc / deauth frames from a client and keep assuming
that the client is connected until the inactivity detection kicks in.
300 secs is a bit too long for such scenarios and creates a bad user
experience.

Signed-hostap: Eyal Shapira <eyal@wizery.com>
2012-08-10 16:28:38 +03:00
Paul Stewart
6ed3117561 wpa_supplicant: Add DBus "Reassociate" command
Create a DBus command to reassociate, similar to the
ctrl-interface "reassociate" command.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2012-08-09 13:54:36 +03:00
Jouni Malinen
e100828b76 Return wpabuf from radius_msg_get_eap()
This simplifies the implementation by using the buffer type to which the
returned data will be converted anyway. This avoids one memory
allocation for each processed RADIUS message.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 18:14:42 +03:00
Jouni Malinen
e122bb70b8 hostapd: Add alternative format for configuring SSID
The new ssid2 parameter can be used as an alternative mechanism for
configuring SSID for hostapd. It uses the same formats that
wpa_supplicant uses in the configuration file for strings.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 16:27:40 +03:00
Jouni Malinen
b87d70c88a Make wpa_config_parse_string() a shared function
This will be used in future hostapd configuration parser changes.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 16:13:51 +03:00
Jouni Malinen
986de33d5c Convert remaining SSID routines from char* to u8*
This makes it more explicit that the SSID is not a null terminated
C string.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 16:07:25 +03:00
Jouni Malinen
5c4b93d72e Add support for using printf-escaped strings in configuration
P"<escaped string>" can now be used as an alternative method for
specifying non-ASCII strings (including control characters). For
example, ssid=P"abc\x00test".

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 13:50:39 +03:00
Jouni Malinen
059d3a9075 wpa_cli: Handle wpa_supplicant termination more cleanly
Process CTRL-EVENT-TERMINATING in wpa_cli interactive mode and close
ctrl_iface connection without trying to detach the monitor interface
when this happens. This avoids a timeout on the DETACH command. In
addition, print out connection lost/re-established messages without
overriding the edit line.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-05 22:27:52 +03:00
Jouni Malinen
8e897ae37b wpa_cli: Go through ifname determination on connection retries
This is needed to allow the default behavior (pick first interface) to
be used in cases where wpa_supplicant is not available when wpa_cli is
started in interactive mode.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-05 22:04:22 +03:00
Jouni Malinen
db3a03222e wpa_cli: Fix an issue in the cleanup of udp-remote commits
wpa_ctrl_get_remote_ifname() is defined only for UDP ctrl_iface socket,
so this call needs to be made conditional on build parameters.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-05 21:54:56 +03:00
Jouni Malinen
4be9f27595 wpa_cli: Use eloop during connection attempts in interactive mode
This changes the call flow to allow full eloop operations to be used
while waiting for wpa_cli to establish a connection to wpa_supplicant in
the beginning of an interactive session. This allows the cleanup steps
to be more consistent and avoid debugging issues due to unfreed memory
or other resources if wpa_cli is killed with Ctrl-c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-05 21:47:18 +03:00
Jouni Malinen
d62aaa7de1 wpa_cli: Fix resource leak on attach failures in interactive mode
When starting interactive mode, wpa_cli is trying to attach the
monitor connection. If that fails, the operation is retried, but
this was done without freeing all the resources that could have
been allocated (mainly, the command connection).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-05 20:58:44 +03:00
Janusz Dziedzic
4307bb8c85 wpa_cli: Print nice prompt when using remote UDP
When CONFIG_CTRL_IFACE=udp-remote is used, print user frendly PS in
wpa_cli. E.g.,
localhost/wlan0>
192.168.1.1/p2p-wlan-0-0>

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2012-08-05 20:50:17 +03:00
Janusz Dziedzic
2d2398a11f edit: Add support for setting prompt string
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2012-08-05 20:46:34 +03:00
Janusz Dziedzic
0eed2a8d11 wpa_cli: Add IFNAME command
This command will return wpa_s->ifname that can be used for a nice
prompt in wpa_cli.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2012-08-05 20:12:16 +03:00
Janusz Dziedzic
afadf423db wpa_supplicant: Add optional remote access for ctrl_iface
Add new option for ctrl iface: CONFIG_CTRL_IFACE=udp-remote. This
enables remote access to control interface via UDP port(s). This should
be used for testing purpose only since there is no authentication or
access control on the commands.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2012-08-05 20:01:07 +03:00
Fernando Herrera
c10fe8c1df D-Bus: Fix wpas_dbus_getter_bss_expire_count
bss_expire_count getter was getting a wrong value. Fix it to return
bss_expiration_scan_count.

intended-for: hostap-1
2012-08-05 00:43:19 +03:00
Michael Naumov
a5195e56e8 D-Bus: Remove network_object dictionary entry from signal GroupStarted
The network_object path should be returned by the NetworkAdded signal
and not by the GroupStarted Signal. Starting a Group does not
necessarily validate the network object.

Signed-hostap: Michael Naumov <michael.naumov@intel.com>
Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
intended-for: hostap-1
2012-08-05 00:26:36 +03:00
Michael Naumov
2ce7033678 P2P: Add D-Bus python script to perform Disconnect
D-Bus script using python glib is added to perform Disconnect on an
interface.

Signed-hostap: Michael Naumov <michael.naumov@intel.com>
Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
2012-08-05 00:24:40 +03:00
Michael Naumov
008d824f20 P2P: Add D-Bus python script to perform p2p_invite
D-Bus script using python glib is added to perform p2p_invite on a group
interface to invite a peer.

Signed-hostap: Michael Naumov <michael.naumov@intel.com>
Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
2012-08-05 00:20:48 +03:00
Dmitry Shmidt
35aa088a32 Add 'get_capability channels' command for ctrl_iface
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-08-04 21:17:04 +03:00
Ben Greear
481cac211e Add some debug info for config file error cases
It didn't always spit out useful stuff when reading config failed.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2012-08-04 20:38:50 +03:00
Ben Greear
4fdc8def88 Make UNIX socket non-blocking for ctrl_iface
This keeps wpa_cli from hanging forever if the other end of the socket
dies.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-08-04 20:34:27 +03:00
jim1_lin
c8b245b6a4 WPS: Update dev.config_methods in wps_update_config
dev.config_methods was not updated when wps_update_config was called.
This could lead to mismatching config methods between Probe Request and
M1 packets. Add missing part for it.
2012-08-04 20:14:59 +03:00
Paul Stewart
21270bb4b3 Fix a couple memory leaks
Found using valgrind.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2012-08-04 20:10:08 +03:00
Jouni Malinen
02af9c90fb EXT PW: Allow Interwork cred block to use external storage for password
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-03 22:15:42 +03:00
Jouni Malinen
0ebb23e340 EXT PW: Add support for password parameter from external storage
This allows the password parameter for EAP methods to be fetched
from an external storage.

Following example can be used for developer testing:

ext_password_backend=test:pw1=password|pw2=testing

network={
    key_mgmt=WPA-EAP
    eap=TTLS
    identity="user"
    password=ext:pw1
    ca_cert="ca.pem"
    phase2="auth=PAP"
}

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-03 22:15:42 +03:00
Jouni Malinen
9173b16fd1 EXT PW: Add support for psk parameter from external storage
This allows wpa_supplicant configuration file to be created without
the PSK/passphrase value included in the file when a backend for
external password storage is available.

Following example can be used for developer testing:

ext_password_backend=test:psk1=12345678
network={
    ssid="test-psk"
    key_mgmt=WPA-PSK
    psk=ext:psk1
}

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-03 22:15:42 +03:00
Jouni Malinen
306ae22556 EXT PW: Add framework for supporting external password storage
This new mechanism can be used to make wpa_supplicant using external
storage (e.g., key store in the operating system) for passwords,
passphrases, and PSKs. This commit is only adding the framework part
needed to support this, i.e., no actual configuration parameter can
yet use this new mechanism. In addition, only a simple test backend
is added to allow developer testing of the functionality.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-03 22:15:42 +03:00
Jouni Malinen
2518aad3e8 Move PSK/passphrase configuration check into use time from parsing
Instead of rejecting network blocks without PSK/passphrase at the time
the configuration file is read, allow such configuration to be loaded
and only behave as if the network block with missing PSK/passphrase is
disabled.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-03 22:15:42 +03:00
Jouni Malinen
1ecd2ada33 Interworking: Set key_mgmt parameter for the temporary network block
Previously, this was left to the default (WPA-EAP WPA-PSK) value which
could potentially result in unexpected behavior if an AP were to enable
both WPA2-Enterprise and WPA2-Personal in the same BSS. While this is
not really that likely for APs supporting Interworking, it is good to
get the PSK option removed to avoid any issues with missing
passphrase/PSK configuration parameter.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-03 22:15:42 +03:00
Jouni Malinen
955567bc09 Interworking: Add support for using Roaming Consortium OI for matching
Each cred block can now be matched based on Roaming Consortium OI as an
alternative mechanism to using NAI Realm information. This may be
optimized for efficiency in the future since Roaming Consortium
information is available in scan results without having to go through
ANQP queries. In addition, this is easier to support in case there is a
large number of realms that can be used for authentication.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-02 18:48:31 +03:00
Jouni Malinen
8ca93c59e0 Interworking: Allow pre-configuration of EAP parameters
The new cred block parameters eap, phase1, and phase2 can be used to
select which EAP method is used with network selection instead of using
the value specified in ANQP information (e.g., NAI Realm).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-02 18:40:45 +03:00
Jouni Malinen
d5b5d801e8 Interworking: Move EAP parameter setting into a separate function
This makes it easier to share the common code with other credential
matching cases in the future.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-02 18:35:18 +03:00
Xi Chen
75cad1a0d4 WNM: Add WNM-Sleep Mode for station mode
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:21:27 +03:00
Xi Chen
a884be9da1 WNM: Add placeholders for WNM driver commands and events
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:21:20 +03:00
Jay Katabathuni
19a8ad9944 HS 2.0: Add Hotspot 2.0 Indication for AP
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 18:23:38 +03:00
Thomas Pedersen
bf8d6d2430 nl80211: Support setting sched scan RSSI threshold
Allow the user to configure an RSSI threshold in dBm below which the
nl80211 driver won't report scan results. Currently only supported
during scheduled (PNO) scans.

Signed-off-by: Thomas Pedersen <c_tpeder@qca.qualcomm.com>
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-25 16:56:43 +03:00
Jouni Malinen
cae2119c86 P2P: Leave forced BSSID parameter for P2P group
P2P group is only going to use a single GO, so we can leave the fixed
BSSID parameter set for the actual data connection in addition to the
initial WPS provisionign step. This can speed up operations with drivers
that select BSS internally by allowing them to skip an extra scan when
the BSSID and frequency of the GO is already known.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-25 16:18:12 +03:00
Michael Naumov
b682d6a73d P2P: Add D-Bus python scripts to perform additional commands
Four D-Bus scripts using python glib are added to perform the following
operations: p2p_flush, p2p_group_add, p2p_listen and p2p_stop_find.

Signed-hostap: Michael Naumov <michael.naumov@intel.com>
Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
2012-07-04 21:07:53 +03:00
Cyril Brulebois
46d69fa5c6 wpa_gui: Fix compilation with gcc/g++ 4.7
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
intended-for: hostap-1
2012-07-04 21:01:04 +03:00
Jouni Malinen
b9b12d02f0 autoscan: Fix potential freeing of uninitialized pointer
Commit 7c865c6853 introduced a code
path that can skip extra_ie initialization in wpa_supplicant_scan().
This could result in semi-random crashes when using the autoscan
mechanism. Fix this by initializing extra_ie to NULL.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-03 20:54:40 +03:00
Jouni Malinen
be1514a3e9 Update license notification in signalbar implementation
This updates the license notification to use only the BSD license. The
changes were acknowledged by email (Kel Modderman <kel@otaku42.de>,
Mon, 2 Jul 2012 20:02:37 +1000).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-02 20:48:24 +03:00
Jouni Malinen
17096391c5 wpa_gui: Update licence notification text in wpa_gui
The Help|About message box was still referring to the old license
alternatives.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-02 12:11:01 +03:00
Jouni Malinen
c5a3cebfc8 Update license notification in D-Bus interface files
This updates these files to use the license notification that uses only
the BSD license. The changes were acknowledged by email (Dan Williams
<dcbw@redhat.com>, Sun, 01 Jul 2012 15:53:36 -0500).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-02 12:04:38 +03:00
Jouni Malinen
dcc3305701 Move p2p_connect PIN format validation into a separate function
This functionality could be shared for other commands, too, so move
it to a common function. In addition, implement the validation in a
bit more strict way to avoid accepting values like '-123' as a valid
PIN.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-30 21:27:32 +03:00
Masashi Honma
36ebf7a1b2 P2P: Add error message for invalid PIN
Reject invalid PIN value in p2p_connect command. Before this, typos
like "pbd" as the third parameter could have resulted in OK return
value since this parameter was interpreted as the PIN.

Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2012-06-30 21:19:12 +03:00
Jouni Malinen
10ac7ddf33 Do not share special scan results with virtual interfaces
When a special scan_res_handler is used the scan parameters may not have
been suitable for other purposes (e.g., during a p2p_find operation). As
such, do not indicate such scan results to other virtual interfaces
using the same radio.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-30 20:30:40 +03:00
Jouni Malinen
3df2f4fe99 P2P: Remove unused P2P_SCAN_SPECIFIC
This is not used anymore after the commit
e6ecfc4fd3.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-30 20:20:29 +03:00
Gary Morain
0bb1e425b5 Export disconnect reason code to dbus
In the properties changed signal, added a new property
"DisconnectReason", which carries the IEEE 802.11 reason code of the
most recent disassociation or deauthentication event. The reason code is
negative if it is locally generated. The property is sent to the DBUS
immediately so as to prevent it from being coalesced with other
disconnect events.

Signed-off-by: Gary Morain <gmorain@chromium.org>
2012-06-30 16:43:50 +03:00
Michael Naumov
acc5f4ec60 P2P: Add dbus python scripts to perform p2p_find and p2p_connect
Two DBUS scripts using python glib are added to perform p2p_find and
p2p_connect operations respectively. p2p_connect script just performs
the traditional connect to create a new p2p group. Additional updates
will be required to perform join, auth etc. al.

Signed-hostap: Michael Naumov <michael.naumov@intel.com>
Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
2012-06-30 13:11:26 +03:00
Jouni Malinen
51ca03f470 WPS: Document NFC use cases with password/config token
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 21:28:49 +03:00
Jouni Malinen
bfc62fe133 WPS: Share a single function for generating NFS password tokens
There is no need for both hostapd and wpa_supplicant to have their
own functions for this.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 21:01:37 +03:00
Jouni Malinen
40a5e3bfde WPS: Add a standalone tool for building NFC password tokens
nfc_pw_token can be used to build random NFC password token for WPS.
This tool prints out the wpa_supplicant.conf (or hostapd.conf)
parameters and the hexdump of the WPS password token (with and without
NDEF encapsulation) so that it can be written to a NFC tag with an
external program.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 21:01:37 +03:00
Jouni Malinen
72df0cd28c WPS: Use random_get_bytes() for NFC password id
os_random() may not be seeded properly, so use stronger mechanism for
generating the password id for NFC password tokens.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 20:40:16 +03:00
Jouni Malinen
e484e927a6 WPS: Allow NFC password token from AP to be used with wps_reg
The AP PIN on wps_reg command can now be replaced with special value
"nfc-pw" to use device password from a NFC password token from the AP.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 19:41:26 +03:00
Jouni Malinen
e6ea2a451c WPS ER: Add support for using NFC password token from an Enrollee
WPS_NFC_TAG_READ ctrl_iface command can now be used to add NFC password
tokens to ER.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 17:34:46 +03:00
Jouni Malinen
1cea09a9e2 WPS ER: Add support for building NFC configuration token
WPS_ER_NFC_CONFIG_TOKEN command can now be used to build a NFC
configuration token based on AP Settings learnt with WPS_ER_LEARN
or set with WPS_ER_CONFIG.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 16:35:51 +03:00
Jouni Malinen
71892384da WPS: Fix ifdef use for the new NFC mechanism in wpa_supplicant
Use CONFIG_WPS_NFC instead of CONFIG_WPS_OOB for the NFC specific
new ctrl_iface commands.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 14:07:22 +03:00
Jouni Malinen
d7645d239d WPS: Add support for NFC configuration token from external program
The new wpa_supplicant ctrl_iface command WPS_NFC_TAG_READ can now be
used to process NFC tags read by external programs to initiate
wpa_supplicant to use NFC Configuration Token to create a new network.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 13:59:29 +03:00
Jouni Malinen
5bb7ae1f0c WPS: Fix error case in NFC password token generation
Need to verify that wps_build_nfc_pw_token() returned a valid buffer
before trying to encapsulate it for NDEF.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 13:23:58 +03:00
Jouni Malinen
3f2c8ba6d3 WPS: Add new mechanism for NFC config method using password token
Instead of requiring low-level access to an NFC device and synchronous
operations, the new WPS_NFC_TOKEN and WPS_NFC ctrl_iface commands can be
used to build a NFC password token and initiate WPS protocol run using
that token (or pre-configured values) as separate commands. The
WPS_NFC_TOKEN output can be written to a NFC tag using an external
program, i.e., wpa_supplicant does not need to have low-level code for
NFC operations for this.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:12 +03:00
Jouni Malinen
99f0032409 Allow autoscan parameters to be changed in SCANNING state
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-26 20:11:25 +03:00
Jouni Malinen
c3d1223848 Reinitialize autoscan on explicit reassocciate/reconnect command
This clears the exponential scan interval back to the base value
when a reconnection is requested explicitly.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-26 20:05:51 +03:00
Jouni Malinen
d7ded75832 Cancel pending scan request on DISCONNECT command
Previously, a pending scan request could be left running when processing
DISCONNECT command from control interface. This can result in unexpected
scan, so cancel the request to avoid this.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-26 19:57:03 +03:00
Jouni Malinen
992189991c Start autoscan for first connection attempt
Use wpa_supplicant_set_state() to initialize state to DISCONNECT so that
autoscan gets initialized properly. This needs a change in
autoscan_init() to avoid extra scan request that would postpone the
first scan request when an interface is added.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-26 19:52:46 +03:00
Jouni Malinen
460b36d0c0 Fix autoscan exponential to limit interval in all cases
The first time the limit is exceeded could result in using larger
value - avoid that by limiting the interval also in that case.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-26 19:51:06 +03:00
Jouni Malinen
ccea4eb3e8 Fix autoscan exponential to start with the base value
Initial implementation used base^2 as the starting value.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-26 19:47:25 +03:00
Jouni Malinen
1aea2ca325 Write autoscan parameter to config file on updates
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-26 19:43:05 +03:00
Tomasz Bursztyka
e3659c89d2 Add a simple periodic autoscan module
This module will sets a fixed scanning interval. Thus, the parameter to
this module is following this format: <fixed interval>

Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
2012-06-26 19:28:21 +03:00
Tomasz Bursztyka
c0fba2b38d Add autoscan module named exponential
This module will compute the interval on a base exponential. Thus,
params to this module are following this format: <base>:<limit>

Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
2012-06-26 19:22:56 +03:00
Tomasz Bursztyka
2bdd834257 Add autoscan command into wpa_cli
Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
2012-06-26 19:11:17 +03:00
Tomasz Bursztyka
bc5d330ae0 Add ctrl iface command for autoscan
Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
2012-06-26 19:09:47 +03:00
Tomasz Bursztyka
67892d5c0d D-Bus: Add AutoScan interface method to set/unset autoscan parameters
Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
2012-06-26 19:05:09 +03:00
Tomasz Bursztyka
7c865c6853 Add automatic scanning support
Like bgscan, autoscan is an optional module based feature to automate
scanning but while disconnected or inactive.

Instead of requesting directly a scan, it only sets the scan_interval
and the sched_scan_interval. So, if the driver supports sched_scan,
autoscan will be able to tweak its interval. Otherwise, the tweaked
scan_interval will be used. If scan parameters needs to be tweaked, an
autoscan_params pointer in wpa_s will provide those. So req_scan /
req_sched_scan will not set the scan parameters as they usually do, but
instead will use this pointer.

Modules will not have to request a scan directly, like bgscan does.
Instead, it will need to return the interval it wants after each
notification.

Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
2012-06-26 18:55:41 +03:00
Tomasz Bursztyka
b0786fba71 Add autoscan parameters support in config file
Signed-hostap: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
2012-06-26 18:09:57 +03:00
Thomas Pedersen
1b487b8b1e nl80211: Handle CH_SWITCH event
Some drivers may independently decide to switch channels. Handle this by
updating the hostapd and wpa_supplicant AP and GO configuration.

Signed-hostap: Thomas Pedersen <c_tpeder@qca.qualcomm.com>
2012-06-25 14:45:14 +03:00
Jouni Malinen
c1c023429b Set state to DISCONNECTED on auth/assoc failures
Some of the authentication/association failure paths left wpa_state to
its previous value. This can result in unexpected behavior when
wpa_supplicant tries to find an AP to connect to since the uncleared
state can result the in the selected BSS being ignored if it is same as
the previously used BSS. This could happen, e.g., when wpa_supplicant
SME was used and the AP rejected authentication. Fix this by explicitly
setting state to DISCONNECTED on auth/assoc failures that did not yet do
this.

Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-06-25 14:23:25 +03:00
Sunil Dutt Undekari
5bda43cdee P2P: Reject p2p_find when in provisioning
A p2p_find during provisioning shall not allow the enrollee to
pick the network, hence disable p2p_find during provisioning.

Signed-hostap: Sunil Dutt Undekari <duttus@codeaurora.org>
2012-06-25 14:05:49 +03:00
Jouni Malinen
ef3e60bf22 Describe CONFIG_AP=y and CONFIG_P2P=y in defconfig
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-24 01:07:15 +03:00
Jouni Malinen
781d8e0f2b Fix a typo
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-24 00:59:06 +03:00
Aarthi Thiruvengadam
c66cf68d5c P2P: Fix fallback to GO Negotiation to avoid PD-before-join timeout
The wpas_p2p_pd_before_join_timeout could be left behind if the PD
Request in p2p_connect-auto case does not succeed. This timeout can
result in unexpected operations since it could trigger join operation
while going through GO Negotiation. Fix this by canceling the timeout
when falling back to GO Negotiation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-06-20 21:38:31 +03:00
Jithu Jance
ef35f5a0fd P2P: Add driver op for requesting GO/AP channel switch
Signed-hostap: Jithu Jance <jithu@broadcom.com>
2012-06-10 20:54:31 +03:00
Jithu Jance
b9cfc09a81 P2P: Add preference setting for concurrent use cases
Add an additional parameter to prioritize either sta or p2p connection
to resolve conflicts arising during single channel concurrency.

Signed-hostap: Jithu Jance <jithu@broadcom.com>
2012-06-10 20:53:09 +03:00
Jouni Malinen
a0227929dc P2P: Do not use reassociation after getting disassociated
This avoids issues with some APs rejecting a reassociation if the
station is not currently associated as reported by Yossi Wortzel.
The change is based on a patch from Arik Nemtsov.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-10 19:51:36 +03:00
Jouni Malinen
73ccd08378 P2P: Fix group formation timeout on GO during WPS step
Commit 361cdf3400 changed the way the
group formation timeout is used on P2P client. However, it resulted in
clearing the timeout on the GO when the GO started beaconing. This is
not correct since the timeout is supposed to be maintained until at
least the completion of the WPS provisioning step. Fix this regression
by clearing the timeout here only in the case we are not GO in group
formation phase.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-06-08 18:22:03 +03:00
Jouni Malinen
476dea24ff WPS: Cancel WPS operation also in DISCONNECTED state
It is possible for wpa_state to be WPA_DISCONNECTED when a new scan is
scheduled to be started in the future. If wpas_wps_cancel() gets called
(e.g., through control interface wps_cancel or a P2P group removal)
while in that state, the WPS operation (scan request and special network
block) were not removed. Fix this by clearing the WPS operations both in
WPA_SCANNING and WPA_DISCONNECTED states.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-06-06 22:07:11 +03:00
Jouni Malinen
5b37633364 P2P: Fix scan_res_handler setting for p2p_scan
The previous version set scan_res_handler unconditionally and then
cleared it if scan request failed. This can result in incorrect clearing
of the handler to NULL for a previously started scan that has not yet
completed. This can make p2p_find command fail to use the
start-after-scan-completion mechanism in some cases. Fix this by setting
scan_res_handler properly after having verified that the driver command
for starting the scan was successful.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-06-06 17:07:46 +03:00
Sunil Dutt Undekari
84286a227b P2P: Improve p2p_prov_disc-auto robustness
Perform addition additional scan runs on the operating channel of the GO
(if known from previous scan results) and fall back to initiate the PD
for GO Negotiation if these additional scans do not detect the peer as
GO.

Signed-hostap: Sunil Dutt Undekari <duttus@codeaurora.org>
2012-06-06 15:46:05 +03:00
Nirav Shah
ad85320234 P2P: Fix P2P Group Formation timeout registration (use parent iface)
Commit 361cdf3400 extended the use of
group formation timeout for the way handshake, but the registration was
done on the group_interface while the cancellation was done on the
parent interface. Fix the registration to set the eloop timeout on
parent to address potential issues when using a separate group
interface.

Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
2012-06-04 21:58:34 +03:00
Paul Stewart
a6b71f726a bss: Don't remove a BSS that is in use
When looking for a BSS to eject due to too many entries, never
pick one that is in use.  Otherwise, we run the risk of having
pointers to freed data.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2012-06-04 21:52:08 +03:00
Paul Stewart
dd7fec1f29 wpa_supplicant: Report EAP connection progress to DBus
Send an "EAP" signal via the new DBus interface under various
conditions during EAP authentication:

  - During method selection (ACK and NAK)
  - During certificate verification
  - While sending and receiving TLS alert messages
  - EAP success and failure messages

This provides DBus callers a number of new tools:

  - The ability to probe an AP for available EAP methods
    (given an identity).
  - The ability to identify why the remote certificate was
    not verified.
  - The ability to identify why the remote peer refused
    a TLS connection.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2012-06-04 21:10:01 +03:00
Etay Luz
fdfb1c8bcf wpa_supplicant: Support dtim_period configuration for AP mode
Signed-off-by: Etay Luz <eluz@qca.qualcomm.com>
2012-06-04 17:52:37 +03:00
Jouni Malinen
f5d4dd5ad4 WNM: Send empty IPv4 packet as keep-alive for now
Use an empty IPv4 packet as the keep-alive packet for WNM BSS max idle
period mechanism. This is not really the best possible frame to use for
this, but for now, it can do until a more suitable frame is figured out
for this (e.g., special LLC header to indicate link test purposes).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-28 14:36:23 -07:00
Jouni Malinen
597c7a8dd8 WNM: Fix build without CONFIG_SME=y
Commit b6668734ab missed #ifdef CONFIG_SME
protection around wpa_s->sme access.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-27 18:17:41 -07:00
Jouni Malinen
b6668734ab WNM: Add advertisement of BSS max idle period
If WNM is enabled for the build (CONFIG_WNM=y), add BSS max idle period
information to the (Re)Association Response frame from the AP and parse
this information on the station. For SME-in-wpa_supplicant case, add a
timer to handle periodic transmission of the keep-alive frame. The
actual request for the driver to transmit a frame is not yet
implemented.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-27 17:35:00 -07:00
Jouni Malinen
b80eb89d8e P2P: Improve handling of p2p_connect-auto fallback
Commit aa9bb7644b improved robustness
of p2p_connect-auto mechanism by using older scan results to help in
determination whether the peer was operating a GO. Improve this by
accepting new GO information from scan-for-WPS-provisioning results
even if the GO is not yet ready for WPS.

In addition, fix an issue where Provision Discovery exchange timeout
could have left offchannel TX operation in progress when the fallback
was used.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-14 22:55:43 -04:00
Dmitry Shmidt
dfb42efb34 wpa_supplicant: Make Android makefiles available under the BSD license
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-05-14 20:34:24 -04:00
Jouni Malinen
3bc462cb88 P2P: Add option for Provision Discovery before GO Negotiation
This is a workaround for interoperability issues with some deployed P2P
implementations that require a Provision Discovery exchange to be used
before GO Negotiation. The new provdisc parameter for the p2p_connect
command can be used to request this behavior without having to run a
separate p2p_prov_disc command.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-11 16:25:47 +03:00
Jouni Malinen
1cbe86e2d6 Add debug prints of scan result IEs
Excessive debug level can now be used to dump the IEs received in scan
results from both Beacon and Probe Response frames. This makes it easier
to debug issues where the driver (or well, more likely cfg80211) does
not update the IEs based on Beacon frames if even a single Probe
Response frame has been received.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-11 15:30:05 +03:00
Jouni Malinen
f15854d1e1 Fix BSSID enforcement with driver-based BSS selection
Previously, wpa_supplicant did not specify BSSID to any connection
request if the driver indicated that it will take care of BSS selection.
This is fine for most use cases, but can result to issues if the network
block has an explicit bssid parameter to select which BSS is to be used.
Fix this by setting BSSID and channel when the network block includes the
bssid parameter even if the driver indicates support for BSS selection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-05-11 15:27:46 +03:00
Jouni Malinen
2c1e557507 WPS: Fix BSSID filter handling
If WPS commands are used with a specific BSSID instead of wildcard,
the BSSID that was supposed to be used only for the provisioning step
may end up getting copied to the network block that gets provisioned
based on the WPS credentials. Fix this by clearing ssid->bssid_set
when creating the network block by replacing the block used for WPS
provisioning.

This issue could show up with the provisioned network not getting
selected properly with APs that have multiple radios. Depending on
the driver, this could result in only a single one of the available
BSSes being available or the connection failing completely.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-05-11 13:29:43 +03:00
Jouni Malinen
ec4a5d32b1 Add ChangeLog entries from v1.0 release
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-10 22:12:07 +03:00
Jouni Malinen
349493bd0c Validate WEP key lengths based on driver capabilities
The nl80211 driver interface does not allow 128-bit WEP to be used
without a vendor specific cipher suite and no such suite is defined for
this purpose. Do not accept WEP key length 16 for nl80211 driver
interface forn ow. wext-interface can still try to use these for
backwards compatibility.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-10 14:34:46 +03:00
Ben Greear
157cdad59f wpa_supplicant: Fix overlapping memcpy on WPS interface addition
I think this should fix the following valgrind complaint:

==1972== Source and destination overlap in memcpy(0x5181708, 0x5181708, 16)
==1972==    at 0x4A073BA: memcpy (mc_replace_strmem.c:602)
==1972==    by 0x45872B: wpas_wps_set_uuid (wps_supplicant.c:1116)
==1972==    by 0x4599EC: wpas_wps_update_config (wps_supplicant.c:1747)
==1972==    by 0x4C8DB0: wpa_supplicant_update_config (wpa_supplicant.c:3090)
==1972==    by 0x4C3E5E: wpa_supplicant_reload_configuration (wpa_supplicant.c:746)
==1972==    by 0x4B8B37: wpa_supplicant_ctrl_iface_process (ctrl_iface.c:4082)
==1972==    by 0x4BA39C: wpa_supplicant_ctrl_iface_receive (ctrl_iface_unix.c:168)
==1972==    by 0x4114D4: eloop_sock_table_dispatch_table (eloop.c:335)
==1972==    by 0x411541: eloop_sock_table_dispatch (eloop.c:352)
==1972==    by 0x41200D: eloop_run (eloop.c:766)
==1972==    by 0x4C8B43: wpa_supplicant_run (wpa_supplicant.c:3010)
==1972==    by 0x4D44AD: main (main.c:286)

Signed-hostap: Ben Greear <greearb@candelatech.com>
intended-for: hostap-1
2012-05-10 10:57:59 +03:00
Jouni Malinen
ab28911dbf P2P: Deinitialize global P2P context on P2P mgmt interface removal
The P2P implementation assumes that the first wpa_s interface instance
is used to manage P2P operations and the P2P module maintains a pointer
to this interface in msg_ctx. This can result in issues (e.g., use of
freed memory) when the management interface is removed. Fix this by
deinitializing global P2P data if the interface that created it is
removed. This will disable P2P until the next interface is added.

Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-05-10 10:49:22 +03:00
Jouni Malinen
2249d7149e HS 2.0: Add Hotspot 2.0 ANQP elements to Interworking queries
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-08 23:30:55 +03:00
Jouni Malinen
64855b9682 HS 2.0: Indicate Hotspot 2.0 in BSS table and status
If the AP indicates support for Hotspot 2.0, show this in the
ctrl_iface commands for BSS table and status.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-08 23:30:23 +03:00
Jouni Malinen
cb4183249f HS 2.0: Add HS 2.0 Indication element into (Re)Association Request
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-08 23:30:04 +03:00
Jay Katabathuni
c923b8a537 HS 2.0: Add Hotspot 2.0 indication into Probe Request
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-08 23:29:58 +03:00
Jay Katabathuni
a8918e86b6 HS 2.0: Add Hotspot 2.0 station ctrl_iface
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-08 23:29:52 +03:00
Jay Katabathuni
66aadbd7bf HS 2.0: Add runtime configuration of Hotspot 2.0 station
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-08 23:29:45 +03:00
Jay Katabathuni
25471fe3b9 HS 2.0: Add Hotspot 2.0 ANQP routines
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-08 23:29:40 +03:00
Jouni Malinen
8d2f05462c Remove scripts and notes related to the Windows binary package
There are no plans to continue making the Windows binary package for
wpa_supplicant for 1.x or newer releases, so remove the scripts and
notes that are related to this.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-08 20:49:33 +03:00
Jouni Malinen
6f251b6bb5 P2P: Store SSID of the group in p2p_group data
This can be used with P2P management operations that need to verify
whether the local device is operating a specific group based on
P2P Group ID attribute from a peer.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-08 17:38:57 +03:00
Jouni Malinen
aa9bb7644b P2P: Allow older scan results to improve p2p_connect-auto robustness
Previusly the peer was assumed to not be operating a GO if the BSS entry
for it was not updated in the single scan run started by
p2p_connect-auto. This is not very robust since a scan may miss the peer
if either a Probe Request or Probe Response frame is lost. Improve
robustness by assuming the peer is still operating the GO and starting
the join operation. If the GO is not found during PD-for-join or the
single-channel scans during the join, fall back to GO Negotiation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-08 17:38:57 +03:00
Jouni Malinen
fea7c3a055 Ignore network blocks that have invalid WEP key length
Do not try to associate with a network that has an invalid or incomplete
configuration because the association or at least data connection would
fail anyway. This commits adds a common function for checking whether a
network block is disabled to make it easier to check network blocks
without having to reject them during configuration file parsing (which
would prevent wpa_supplicant from starting). The only additional check
added in this commit is to verify the WEP key length. Similar checks for
other parameters can be added in future commits.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-07 13:39:33 +03:00
Jouni Malinen
d90134e748 Update copyright and license notification in D-Bus interace P2P files
This adds the copyright notice for Intel and moves to the license
notification that uses only the BSD license. The changes were
acknowledged by email ("Berg, Johannes" <johannes.berg@intel.com>,
Mon, 7 May 2012 07:33:53 +0000).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-07 13:07:22 +03:00
Jouni Malinen
4732ee3a87 Add more documentation for IEEE 802.11w/PMF configuration
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-05 16:48:23 +03:00
Jouni Malinen
3d332fe75e Fix SIM/USIM determination to support EAP-AKA'
Both EAP-AKA and EAP-AKA' use USIM. Without this change, use of real
USIM card for EAP-AKA' was not allowed to proceed, i.e., only the
software simulated USIM operations were supported.

Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-05-05 14:19:13 +03:00
Wei-Jen Lin
1298c14594 Allow pbc_in_m1 workaround to be enabled in wpa_supplicant AP mode
This workaround for Windows 7 WPS probing mechanism was previously
allowed only with hostapd, but the same interoperability issue can
happen with wpa_supplicant AP/GO mode. Allow the workaround to be
enabled in wpa_supplicant configuration for these uses.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-03 16:51:04 +03:00
Wei-Jen Lin
f571b593ba P2P: Clone max_sta_num parameter for group interfaces
This is needed to allow the max_sta_num parameter set in the main
configuration file to apply to dynamically created P2P group
interfaces.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-05-03 16:41:15 +03:00
Jouni Malinen
6434ad09d6 Scan only 2.4 GHz band for OBSS scans
Since we are reporting 20/40 BSS coex information only for 2.4 GHz band,
there is no need to run the full scan on dualband cards.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-03 15:55:42 +03:00
Rajkumar Manoharan
c3701c66a5 Add handling of OBSS scan requests and 20/40 BSS coex reports
Add support for HT STA to report 40 MHz intolerance to the associated AP.
A HT station generates a report (20/40 BSS coexistence) of channel list
if it finds a non-HT capable AP or a HT AP which prohibits 40 MHz
transmission (i.e., 40 MHz intolerant bit is set in HT capabilities IE)
from the scan results.

Parse the OBSS scan parameter from Beacon or Probe Response frames and
schedule periodic scan to generate 20/40 coexistence channel report if
requested to do so. This patch decodes Scan Interval alone from the OBSS
Scan Parameters element and triggers scan on timeout.

Signed-off-by: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-03 15:55:38 +03:00
Jouni Malinen
1f0cc27eb9 Remove unused variable if CONFIG_P2P=y is not used
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-28 18:31:01 +03:00
Jouni Malinen
d211881474 Fix D-Bus build without ctrl_iface
Commit 7de5688d68 started using
wpa_supplicant_ctrl_iface_ctrl_rsp_handle() from the D-Bus code, but
left this function in ctrl_iface.c that is included conditionally. Fix
this by moving the common function into wpa_supplicant.c so that it can
be included for builds that include only either ctrl_iface or D-Bus.

Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-04-27 21:21:31 +03:00
Jouni Malinen
23c84252a4 P2P: Add option to force SSID/passphrase for GO Negotiation
An existing persistent group information can now be used to force GO
Negotiation to use the previously used SSID/passphrase from a persistent
group if we become a GO. This can be used as an alternative to inviting
a new P2P peer to join the group (i.e., use GO Negotiation with GO
intent 15 instead of starting an autonomous GO and using invitation),
e.g., in case a GO Negotiation Request is received from a peer while we
are not running as a GO. The persistent group to use for parameters is
indicated with persistent=<network id> parameter to p2p_connect.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-27 18:25:30 +03:00
Jouni Malinen
0918c4bf3b P2P: Add p2p_prov_disc auto mechanism
wpa_supplicant can now be requested to automatically figure out whether
the indicated peer is operating as a GO and if so, use join-a-group
style PD instead of pre-GO Negotiation PD.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-26 17:13:03 +03:00
Jouni Malinen
25a94f525c P2P: Fix PD Failure event to show peer device address
The p2p_dev_addr parameter in the P2P-PROV-DISC-FAILURE event (added in
commit f65a239ba4) was supposed to the P2P
Device Address of the peer, not the local device.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-26 17:09:02 +03:00
Jouni Malinen
fcbf0b0ca9 Sync wpa_supplicant man page with README changes
The man page source was not up-to-date with removed driver wrappers,
so bring in the wpa_supplicant/README changes to make this somewhat
closer to the current state.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-21 19:17:14 +03:00
Jouni Malinen
eab6f5e04a Remove unnecessary EVENT_RX_MGMT data validation
Make wpa_supplicant_event() more consistent by not checking
data in either location handling EVENT_RX_MGMT events. This event
is required to specify the data so this pointer cannot be NULL.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-21 18:57:13 +03:00
Adrien Bustany
c9b72c257a P2P: Don't rely on dictionary ordering in wpas_dbus_handler_p2p_add_service
In most languages, DBus dictionaries are mapped to either sorted maps
or hash tables, so you can't control the actual ordering of the
generated a{sv}. Relying on ordering in this method is unnecessary and
makes it use from DBus much harder.

Signed-hostap: Adrien Bustany <adrien.bustany@nokia.com>
2012-04-21 18:28:10 +03:00
Masashi Honma
78039295e6 P2P: Remove unused variable
The "type" variable is not used in wpas_p2p_deinit_global().
So this patch removes it.

Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2012-04-21 18:21:30 +03:00
Deepthi Gowri
f65a239ba4 P2P: Add provision discovery failure event
Add provisional discovery failure ctrl_iface event
(P2P-PROV-DISC-FAILURE) to indicate to the application layer in case of
PD failure.

Signed-off-by: Deepthi Gowri <deepthi@codeaurora.org>
2012-04-17 19:44:13 +03:00
Jouni Malinen
b55aca4672 Fix sched_scan for max-num-of-scan_ssid=1 networks
When the network configuration includes exactly the number of
scan_ssid=1 networks as the driver supports for scan_sched and no
networks need wildcard SSID scan, there is no need to use sched_scan
timeout. Check this condition and optimize this case to avoid the extra
sched_scan start/stop operations.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-17 16:51:09 +03:00
Jouni Malinen
7d21a223f1 Fix sched_scan debug print regarding timeout
The debug messages were showing the opposite of what the actual
implementation was doing for sched_scan timeout.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-17 16:32:40 +03:00
Jouni Malinen
54ddd74369 Add disable_scan_offload parameter to disable automatic scan offloading
This new configuration parameter can be used to disable automatic
offloading of scan requests to the driver which was previously used
by default if the driver supported sched_scan.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-17 16:30:15 +03:00
Adrien Bustany
e56fc9e81b P2P: Allow wildcard service discovery from DBus API
Using the socket command interface, it is possible to pass a NULL dst to
wpas_p2p_sd_request, however you could not do so using the D-Bus API,
since it required a valid Peer object path. This patch changes the
behavior, so that if the "peer_object" is missing from the parameters,
a NULL dst is passed to wpas_p2p_sd_request.

Signed-hostap: Adrien Bustany <adrien.bustany@nokia.com>
intended-for: hostap-1
2012-04-14 21:06:16 +03:00
Nirav Shah
cca0060f1e P2P: Cleanup P2PDevice D-Bus interface for hostap-1 release
This patch cleans up the P2PDevice D-Bus interface for the hostap-1
release. A spelling error is corrected and P2PDeviceProperties is
renamed to clarify that this data is configuration data and not the
total collection of Properties for the P2PDevice interface.

Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
intended-for: hostap-1
2012-04-14 20:52:59 +03:00
Nirav Shah
445335fd86 P2P: Fix D-Bus property getters to default to "/" for Group, PeerGO
The D-Bus property getters should not return an error when the
properties are not valid/relevant. Returning an error breaks the
GetAll method in the dbus interface. Change Group and PeerGO
property getters to make GetAll work on P2PDevice.

Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
intended-for: hostap-1
2012-04-14 20:48:26 +03:00
Dmitry Shmidt
51a0c3d417 wpa_supplicant: Use bss_id list for 'bss FIRST' command
Command 'bss FISRT' should use bss_id list, because 'bss NEXT-N' is using
bss_id list as well.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-04-14 20:39:10 +03:00
Jouni Malinen
5f482d55fd P2P: Allow immediate group idle timeout configuration
A special value p2p_group_idle=-1 can now be used to configure the P2P
group idle mechanism to terminate a P2P client group immediately on any
disconnection after the completion of the initial 4-way handshake.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-13 17:03:27 +03:00
Jouni Malinen
361cdf3400 P2P: Extend use of group formation timeout until end of 4-way handshake
Instead of relying on the P2P group idle timeout before the group
connection has been fully established, re-start the group formation
timeout in the end of the WPS provisioning step and clear it at the
successful completion of the initial 4-way handshake. This allows the
P2P group idle timeout to be set to a small value without triggering it
during the initial scan and connection attempt.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-13 17:01:15 +03:00
Jouni Malinen
205e6474a1 P2P: Fix p2p_connect join scan handler in error cases
wpa_drv_scan() may fail for the initial p2p_connect join scan request,
e.g., if the driver happened to be scanning at the time the new
operation was initialized. Previously, a special scan result handler was
registered regardless of whether the new scan was started. This could
result in partial scan results (e.g., from p2p_find social scan) from
being used as full results for join (or now more importantly for
p2p_connect auto) purposes. Fix this by registering the new scan result
handler only if wpa_drv_scan() returns success.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-13 16:13:14 +03:00
Jouni Malinen
b31be3a0fd P2P: Add automatic GO Negotiation vs. join-a-group selection
p2p_connect command can now be used with an optional "auto" parameter
to request wpa_supplicant to determine automatically whether to use
join-a-group operation (if the peer is operating as a GO) or group
formation. This makes it easier for external programs to handle
connection type selection by offloading this to wpa_supplicant. The
previously used p2p_connect join commands can be replaced with
p2p_connect auto to use this new mechanism.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-13 16:04:36 +03:00
Vasanthakumar Thiagarajan
5cbf5fd9bd Allow disable_ht to override 11n configuration in AP mode
This is being done only for station mode, extend it to AP mode as well.

Signed-hostap: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com>
2012-04-11 16:24:03 +03:00
Jouni Malinen
86ae2e8a42 P2P: Fix shared freq check and support AP mode validation
The previous commit did not use the correct pointer in all operations
and was specific to station mode interfaces. Fix and extend it to work
with AP/GO interfaces, too.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-08 20:42:45 +03:00
Jouni Malinen
4b15620609 P2P: Abort join-group operation if concurrent group cannot be supported
If the driver does not indicate support for multi-channel concurrency,
abort join-group operation if the end result would result in use of
multiple operating frequencies with the same radio.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-08 20:12:05 +03:00
Jouni Malinen
d755e01b34 Remove forgotten GPL language from man pages and README files
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-07 13:17:20 +03:00
Jouni Malinen
705a013b60 Android: Sync build configuration with defconfig changes
This brings up the changes from defconfig into the Android configuration
file, but does not change any of the actual build parameters.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-07 13:09:20 +03:00
Jouni Malinen
763a66f471 Remove experimental Symbian build
This was never really completed and is of not much use at this point,
so clean up the repository by removing the Symbian-specific changes.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-07 13:00:30 +03:00
Dmitry Shmidt
eff1a95b97 Add RANGE=ALL|N1-N2 selection for ctrl_iface BSS command
Add ability to get information about several BSS's in one call.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-04-07 12:50:25 +03:00
Dmitry Shmidt
5f97dd1c57 Add MASK=0xH option for the ctrl_iface BSS command
This optional parameter to the BSS command can be used to select which
fields are included in the output to avoid having to parse through
unneeded information and to reduce the buffer size.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-04-07 12:50:25 +03:00
Dmitry Shmidt
61ce90857e Move ctrl_iface BSS command response generation into a separate function
This is in preparation for allowing multiple BSS entries to be fetched
with a single command.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-04-07 12:06:35 +03:00
Nirav Shah
103b8f4dea P2P: Disconnect P2P group on supplicant deinit
When a supplicant is deinited and shutting, disconnect from P2P groups.
This fixes a memory leak on variable dbus_groupobj_path on exiting
supplicant.

Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
2012-04-06 18:41:06 +03:00
Angie Chinchilla
eb6f8c2bd4 P2P: Fix crash for failure case when WSC PIN is entered incorrectly
When forming a P2P group using WSC PIN method, if the PIN is entered
incorrectly the P2P client supplicant instance will crash as a result
of cleanup happening on data that is still in use in a case where a
separate P2P group interface is used.

For example, here is the path for the first crash:
eap_wsc_process():
- creates struct wpabuf tmpbuf; on the stack
- sets data->in_buf = &tmpbuf;
- calls wps_process_msg()
- which calls wps_process_wsc_msg()
- which, in case WPS_M4: calls wps_fail_event()
- which calls wps->event_cb()
- wps->event_cb = wpa_supplicant_wps_event()
- wpa_supplicant_wps_event()
- wpa_supplicant_wps_event_fail()
- which calls wpas_clear_wps()
- which calls wpas_notify_network_removed()
- which calls wpas_p2p_network_removed()
- which calls wpas_p2p_group_formation_timeout()
- which calls wpas_group_formation_completed()
- which calls wpas_p2p_group_delete()
- which calls wpa_supplicant_remove_iface()
- which calls wpa_supplicant_deinit_iface()
- which calls wpa_supplicant_cleanup()
- which calls eapol_sm_deinit()
- ... which eventually uses the ptr data->in_buf to free tmpbuf, our
stack variable and then the supplicant crashes

If you fix this crash, you'll hit another. Fix it and then a segfault.
The way we're cleaning up and deleting data from under ourselves here
just isn't safe, so make the teardown portion of this async.

Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
intended-for: hostap-1
2012-04-06 18:22:03 +03:00
Jouni Malinen
4f920dc63e Do not write bg_scan_period value if default (-1) has not been changed
There is no need to force this configuration parameter to be written
into the configuration file for each network block that has not modified
the default value.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-06 18:11:47 +03:00
Angie Chinchilla
540609c55f Clarify comment in wpa_supplicant/defconfig
I think this comment, as originally stated, says the opposite of
what is meant. Reword to help the next guy.

Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
2012-04-06 18:07:44 +03:00
Ed Wildgoose
af548f5320 Save bgscan parameter into configuration file
Signed-off-by: Ed Wildgoose <lists@wildgooses.com>
intended-for: hostap-1
2012-04-06 17:59:34 +03:00
Neeraj Kumar Garg
c772ef43f6 P2P: Update BSS entries in P2P group interface only if P2P IE is present
For concurrency scenarios we should not update the scan results without
P2P IE to P2P group interfaces. This patch is to take care if a scan has
been requested on STA interface and scan results are getting updated
from sibling to P2P group interface. A P2P GO Probe Response for a
legacy STA scan would be without P2P IE. So it will wrongly update the
BSS list of P2P group interface too when results are updated from
sibling.

Since P2P group interfaces are used only for connecting to a P2P group,
it is fine to filter out all non-P2P entries from their BSS table.

Signed-off-by: Neeraj Garg <neerajkg@broadcom.com>
2012-04-06 14:58:22 +03:00
Ben Greear
5a49459ee8 Better wpa_cli error messages when connect fails
Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-04-06 12:15:30 +03:00
Ben Greear
9d05374796 Make bind failure messages unique
This helps someone know which part of the code is complaining.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-04-06 12:10:36 +03:00
Ben Greear
bae489d292 wpa_supplicant: Print initialization information on startup
This lets someone know if they have a log file that properly
starts at the beginning.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-04-06 11:52:17 +03:00
Johannes Berg
f05b6b18bb Add script to convert wpa_supplicant debug output to pcap
For debugging I needed to look at the frames in a wpa_supplicant debug
log. Looking at the hexdump is a bit tedious, so I wrote a quick script
to convert the nl80211 debugging output to a PCAP file that can be
opened in wireshark.

I've polished the initial raw script a bit to add error messages and to
also record the timestamps to the pcap file.

Hopefully it's useful to somebody else as well.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2012-04-05 19:49:17 +03:00
Anirban Sirkhell
71dd3b78f9 WPS: Allow vendor specific attribute to be added into M1
wps_vendor_ext_m1 configuration parameter can now be used to add a
vendor specific attribute into the WPS M1 message, e.g., for
Windows Vertical Pairing.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-04 00:08:57 +03:00
Jouni Malinen
3fc14102f8 P2P: Remove client group on Deauthentication reason code 3
The GO can indicate that the P2P Group session is ending by sending a
Deauthentication frame with reason code 3 (Deauthenticated because
sending STA is leaving) based on P2P specification section 3.2.9. Use
this reason code to remove the P2P client group without waiting for the
group idle timeout.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-03 16:45:28 +03:00
Eliad Peller
dbe7aa2225 P2P: Notify about disconnection only when needed
wpas_notify_state_changed() notified about disconnection when
new_state < WPA_ASSOCIATED, without checking the old state. This
results in extra processing which can be avoided by checking that
old_state was connected.

Signed-hostap: Eliad Peller <eliad@wizery.com>
intended-for: hostap-1
2012-04-01 21:49:03 +03:00
Eliad Peller
3c29244eb7 P2P: Add deinit_p2p_cli op to clear P2P client driver state
On P2P group removal, the GO is deinitialized correctly (and the vif
mode is set back to sta in case of nl80211), but the P2P client mode
wasn't deinitialized, and the nl80211 vif stays in P2P client mode.

Add a new deinit_p2p_cli op (similar to deinit_ap), which currently only
sets the interface back to station mode.

Signed-hostap: Eliad Peller <eliad@wizery.com>
intended-for: hostap-1
2012-04-01 21:41:23 +03:00
Jouni Malinen
e19fded66e Fix Probe Request processing in wpa_supplicant AP mode
Commit 2d43d37ff2 broke EVENT_RX_MGMT
processing in wpa_supplicant AP mode. ap_mgmt_rx() needs to be called
for Probe Request frames even if they get notified through the new
D-Bus signal mechanism.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-01 21:27:12 +03:00
Johannes Berg
2d43d37ff2 DBus: Add ability to report probe requests
Some applications require knowing about probe requests to identify
devices. This can be the case in AP mode to see the devices before they
connect, or even in P2P mode when operating as a P2P device to identify
non-P2P peers (P2P peers are identified via PeerFound signals).

As there are typically a lot of probe requests, require that an
interested application subscribes to this signal so the bus isn't always
flooded with these notifications. The notifications in DBus are then
unicast only to that application.

A small test script is also included.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2012-04-01 21:14:48 +03:00
Johannes Berg
baf513d695 Pass signal strength through, fix units
The signal strength is currently never used as the only driver reporting
it is nl80211 which uses IEEE80211_RADIOTAP_DB_ANTSIGNAL which is never
populated by the kernel. The kernel will (soon) populate
IEEE80211_RADIOTAP_DBM_ANTSIGNAL instead though, so use that.

Also, since it was never really populated, we can redefine the signal
field to be in dBm units only.

My next patch will also require knowing the signal strength of probe
requests throughout the code (where available), so add it to the
necessary APIs.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2012-04-01 18:48:12 +03:00
Mukesh Agrawal
c6e86b63d2 Create DBus getter/setter for ScanInterval
Enable control of wpa_s->scan_interval via D-Bus. This parameter
controls the delay between successive scans for a suitable AP.

Also, update dbus.doxygen with ScanInterval, and some other
parameters that were undocumented.

Signed-hostap: Mukesh Agrawal <quiche@chromium.org>
2012-04-01 18:05:22 +03:00
Jouni Malinen
ca8e039fec Fix memory leaks on radius_client_send error paths
In case this function returns an error, the RADIUS message needs to
freed in the caller.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-01 17:55:20 +03:00
Nirav Shah
024d018b55 Clean up: Replace standard lib methods with os.h ones
Some of the standard lib functions being used directly are redefined in
src/utils/os.h thus providing an abstraction. Change code to use os_*
functions instead of directly using the lib functions.

Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
2012-03-31 21:13:53 +03:00
Johannes Berg
4f68895e92 debug: Add option to log to Linux tracing
Add the option (-T) to wpa_supplicant to log all debug messages into the
kernel tracing, allowing to aggregate kernel debugging with
wpa_supplicant debugging and recording all with trace-cmd.

Since tracing has relatively low overhead and can be filtered
afterwards, record all messages regardless of log level. However, it
will honor the -K option and not record key material by default.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2012-03-31 13:55:33 +03:00
Bala Shanmugam
1f6c0ab872 Allow background scan period to be configured
A network block specific background scan period can now be configured
for drivers that implement internal background scan mechanism for
roaming and BSS selection.

Signed-hostap: Bala Shanmugam <bkamatch@qca.qualcomm.com>
2012-03-30 15:20:35 +03:00
Jouni Malinen
17218a7bab Interworking: Add realm to the anonymous identity from realm
If the username part in the credential does not include a realm,
generate one automatically based on the configured realm information.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-30 11:13:25 +03:00
Jouni Malinen
08410f08b9 Interworking: Disconnect before trying interworking reconnection
Make the connection change on Interworking network selection cases
clearer by forcing the previous association to be dropped before trying
to start a new one.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-30 11:13:17 +03:00
Jouni Malinen
83df814946 Clear previous BSSID on explicit disconnection request
There is no need to use reassociation instead of association in a case
the previous connection was explicitly disconnected.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-30 11:13:00 +03:00
Anirban Sirkhell
4c374cde2f Add wps_cancel for hostapd_cli
Implement wps_cancel for hostapd similarly to how it was already
supported in wpa_supplicant AP mode.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-30 11:11:35 +03:00
Jouni Malinen
21d996f775 P2P: Add support for preferred channel list
p2p_pref_chan configuration parameter can now be used to set the
list of preferred channel for P2P GO Negotiation. This will be used
in the priority order if the peer does not support the channel we
are trying to use as the GO (configured operating channel or the
best 2.4 GHz/5 GHz channel) for the case where a forced channel is
not used.

p2p_pref_chan=<op class:channel>,...

For example:
p2p_pref_chan=81:1,81:2,81:3,81:4,81:5,81:6

This would configure 2.4 GHz channels 1-6 as the preferred ones with
channel 1 the most preferred option.

These configuration parameters can be set in wpa_supplicant.conf and
dynamically updated with "wpa_cli set <param> <value>".

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-29 21:28:34 +03:00
Jouni Malinen
564865e1d4 Stop sched_scan if requested to run full scan
This allows the ctrl_iface SCAN command to be used to run through a scan
to collect full scan results when sched_scan is in progress. sched_scan
will be re-started automatically after the full scan.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-29 21:05:56 +03:00
Vasanthakumar Thiagarajan
07f53b8cc7 wpa_supplicant: Add provision to configure inactivity period in AP mode
This patch adds a configuration in network block, ap_max_inactivity, for
station's inactivity period when in AP mode. The time period is
configured in seconds, by default 300 seconds.

Signed-hostap: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com>
2012-03-27 20:49:44 +03:00
Jouni Malinen
8c472816fd P2P: Do not use group idle timeout during provisioning
Use the normal group formation timeout during the provisioning phase to
avoid terminating this process too early due to group idle timeout.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-27 18:04:06 +03:00
Jouni Malinen
f4329aa2d0 P2P: Validate p2p_oper_channel in p2p_group_add
If the p2p_group_add command does not specify the operating channel,
make sure the operating channel set in the configuration file meets
the P2P requirements in the same way as is done with the frequency
specified as the command parameter.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-26 22:06:48 +03:00
Todd Previte
7d39d9c9cc dbus: Make P2P group properties accessible individually
Group properties are now accessible individually. The function to retrieve
the dictionary containing the group properties is removed in favor of the
individual functions. The group member properties are removed as well as
they erroneously retrieved the group properties via the old function.

Signed-hostap: Todd Previte <toddx.a.previte@intel.com>
Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
intended-for: hostap-1
2012-03-05 17:25:08 +02:00
Eliad Peller
eb37e085a4 BSS: Fix use-after-realloc
After reallocation of the bss struct, current_bss wasn't updated and
could hold an invalid pointer (which might get dereferenced later).

Update current_bss if the pointer was changed.

Signed-hostap: Eliad Peller <eliad@wizery.com>
intended-for: hostap-1
2012-03-05 17:09:55 +02:00
Grzegorz Bajorski
28ef705d2d P2P: Filter input parameters in p2p_serv_disc_external
p2p_ctrl_serv_disc_external() can take only one parameters "0" or "1".

Signed-hostap: Grzegorz Bajorski <grzegorz.bajorski@tieto.com>
2012-03-05 16:26:19 +02:00
Jouni Malinen
25f839c6d9 Filter station mode EAPOL RX on bridge interface based on destination
If multiple station mode radios are bridged together on the same device,
it is possible for wpa_supplicant to receive EAPOL frames from the
bridge interface and then process them separately for each interface.
This can results in problems since multiple instances of supplicant side
could end up trying to process a single 4-way handshake. Avoid this
problem by filtering bridge interface EAPOL RX based on the desctination
MAC address. It should be noted that this works only when unicast
addresses are used (e.g., with WLAN) and not with the IEEE 802.1X EAPOL
group address (e.g., most wired networks).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-05 15:22:42 +02:00
Jouni Malinen
bb8b1bb0fc Fix memory leak on parsing multiple network block eap entries
Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-03-04 16:13:00 +02:00
Jouni Malinen
7f41c92bd6 Interworking: Use EAP-AKA if USIM is used
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-03-04 16:11:02 +02:00
Jouni Malinen
d7b01abd5e Interworking: Support real SIM/USIM card for network selection
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-03-04 16:02:56 +02:00
Jouni Malinen
c21246f529 Interworking: Make plmn_id_match() for generic
Use separate mnc_len parameter instead of expecting the imsi parameter
to be in special MCC|MNC|-|<MSIN> format to make this function more
generic.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-03-04 11:27:38 +02:00
Jouni Malinen
817bb3e1c1 Interworking: Fix credential block example
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-03-04 11:24:24 +02:00
Jouni Malinen
400020cbe8 Interworking: Update configuration file documentation for credentials
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-03-03 10:49:02 +02:00
Jouni Malinen
11e4f46a10 Interworking: Add support for certificate credentials (EAP-TLS)
This allows Interworking network selection to be used with EAP-TLS
(client certificate/private key based credential).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-03 10:38:10 +02:00
Jouni Malinen
10531d2166 P2P: Fix provisioning info clearing after successful WPS step
Previously, this provisioning info was cleared using the P2P Interface
Address of the GO as the key. That did not always work in the case the
where we joined an already running group. This could result in the next
connection to that same GO skipping provision discovery. Fix this by
finding the peer entry based on its P2P Device Address instead of the
P2P Interface Address which may not always be set.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-03-01 22:06:03 +02:00
Jouni Malinen
6979582ca6 Fix processing of channel list update events
Commit 6bf731e8ce broke handling of
EVENT_CHANNEL_LIST_CHANGED by introducing a cached copy of the driver
channel list that does not get updated even if driver changes its list.
Fix this by synchronizing the cacched wpa_s->hw.modes information
whenever EVENT_CHANNEL_LIST_CHANGED is processed. This fixes P2P channel
list updates based on regulatory domain hints that may trigger driver to
change its supported channel list.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-03-01 17:59:39 +02:00
Jouni Malinen
ef48ff940b Fix CTRL-EVENT-DISCONNECTED event for locally generated disconnection
When wpa_supplicant disconnects, e.g., due to authentication timeout,
we need to go through the EVENT_DISASSOC/DEAUTH processing similarly
to the driver triggered cases to get correct events delivered to the
ctrl_iface. Fix this by calling wpa_supplicant_event() in these cases
and by filtering out the confusing CTRL-EVENT-DISCONNECTED event with
all zeros BSSID.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-01 15:42:35 +02:00
Jouni Malinen
75c208b9db P2P: Fix p2p_cancel to return success if GO Negotiation is stopped
If a GO Negotiation peer is found, wpas_p2p_stop_find() stops the
negotiation and p2p_cancel can return success.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-01 01:16:06 +02:00
Jouni Malinen
85ea132a13 P2P: Use scan optimization for post-provisioning connection
Since P2P GO cannot change the SSID after WPS provisioning step, we
can use the specific SSID for the scan for data connection. In addition,
mark this as p2p_probe to avoid unnecessary use of 802.11b rates.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-29 00:34:53 +02:00
Jouni Malinen
8e64f258c6 P2P: Optimize provisioning step scan for join-a-group sequence
Copy the SSID and frequency of the selected group into go_params in
join-a-running-group case so that the scan optimization can be used for
the provisioning step similarly to the case of group formation. This
uses a specific SSID and a single channel scan to avoid unnecessary
frames during the step.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-29 00:22:58 +02:00
Jouni Malinen
a21c05db23 P2P: Use specific SSID in scan for provisioning step
Since the P2P client learns the SSID of the group during GO Negotiation,
use the specific SSID in the Probe Request frames during the
provisioning step. This helps in avoiding unnecessary Probe Response
frames from other P2P GOs or APs.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-29 00:02:34 +02:00
Jouni Malinen
360182ed7c P2P: Advertise immediate availability of WPS credential
Use Device Password ID in WSC IE of Probe Request and Probe Response
frames to advertise immediate availability of WPS credentials per P2P
specification sections 3.1.2.1.1 (Listen State), 3.1.2.1.2 (Scan Phase),
and 3.1.2.1.3 (Find Phase).

For now, the Device Password ID is set only for the case where we are
active GO Negotiation with a specific peer. In practice, this means that
the Probe Response frames during pending GO Negotiation (whenever in
Listen state) indicate availability of the credential.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-27 23:14:35 +02:00
Vivek Natarajan
e62f4ed0df Add support for hidden SSID in wpa_supplicant AP mode
This also disables WPS support if hidden SSID is enabled in AP mode.

Signed-off-by: Vivek Natarajan <nataraja@qca.qualcomm.com>
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-27 16:28:45 +02:00
Jouni Malinen
1d4839ee85 Fix CONFIG_AP + CONFIG_INTERWORKING build
Need to include gas_serv.o in the build to get all the needed symbols.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-27 16:21:50 +02:00
Jouni Malinen
f64adcd71e Allow PC/SC reader to be selected and initialized at start
New global configuration parameters pcsc_reader and pcsc_pin can now be
used to initialize PC/SC reader context at start of wpa_supplicant.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-26 13:09:30 +02:00
Dmitry Shmidt
6e2a570ec4 Android: Build wpa_supplicant.conf from a template
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-02-25 18:22:53 +02:00
Dmitry Shmidt
1e1411b04f Android: Add PLATFORM_VERSION to VERSION_STR_POSTFIX definition
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-02-25 18:22:38 +02:00
Dmitry Shmidt
5db498920f Android: Add build configuration files
These are from Android wpa_supplicant_8.git initial 0.8.X commit
8d520ff1dc2da35cdca849e982051b86468016d8 with some additional edits and
renaming of .config files to android.config.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-02-25 18:22:34 +02:00
Dmitry Shmidt
e9af53ad39 Add CONFIG_NO_ROAMING option
This can be used to disable wpa_supplicant controlled roaming. It should
be noted that the WPA_DRIVER_FLAGS_BSS_SELECTION capability is the
preferred way for this and CONFIG_NO_ROAMING should be obsoleted once
drivers support the new NL80211_ATTR_ROAM_SUPPORT capability
advertisement.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-02-25 18:22:31 +02:00
Jithu Jance
e60b295186 Add wpa_supplicant AP mode STA deauthenticate/disassociate commands
Move disassociate and deauthenticate commands to ctrl_iface_ap.c, so
that they ares accessible for wpa_supplicant AP mode and wpa_cli (with
CONFIG_AP option enabled).

Signed-hostap: Jithu Jance <jithu@broadcom.com>
2012-02-25 17:22:48 +02:00
Reinette Chatre
93d1749fe0 dbus: return NULL data for peer IEs
The org.freedesktop.DBus.Properties interface is now supported for peer
properties. Ensure that GetAll will work by having the IEs property
function return NULL data instead of a failure until it is implemented.

Signed-hostap: Reinette Chatre <reinette.chatre@intel.com>
intended-for: hostap-1
2012-02-25 10:54:11 +02:00
Reinette Chatre
ca29842700 dbus: revert changes to some peer properties
Commit 3f6e50ac28 made it possible to access
P2P peer properties using the org.freedesktop.DBus.Properties interface.

While maintaining the original intent of that patch we make two changes
to it here:

First, 3f6e50ac28 changed the type used to
represent the WPS vendor extension data from bytes to a string. In
addition to the type change the way in which the vendor extension data
was provided to the function creating the string was incorrect and would
not present the correct vendor extension data even in string format.

Revert the type change made in 3f6e50ac28
and present the WPS vendor extension data as an array of an array of
bytes as it was before.

Second, 3f6e50ac28 changes the secondary
device types representation from an array of an array of bytes to an
array of bytes. Revert that change to make secondary device types
accessible via an array of an array of bytes again.

Signed-hostap: Reinette Chatre <reinette.chatre@intel.com>
intended-for: hostap-1
2012-02-25 10:50:13 +02:00
Jayant Sane
96c4f3a707 dbus: utility to create dbus message from wpabuf array
If a wpabuf array is used to store basic typed data that we would like
to send over D-Bus then this utility will be of help when it places the
data in a variant with format aa? (array of an array of type ?, with ?
indicating any basic type).

Signed-hostap: Jayant Sane <jayant.sane@intel.com>
Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
intended-for: hostap-1
2012-02-25 10:45:17 +02:00
Jouni Malinen
dddc70455b P2P: Add more debug on group idle timeout
This makes it easier to debug issues with P2P group idle timeout.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-19 18:16:34 +02:00
Jouni Malinen
a7a30b90e5 P2P: Fix group idle timer cancellation on group removal
The wpas_p2p_group_idle_timeout was getting cancelled in the beginning
of wpas_p2p_group_delete(). However, in the case of P2P client role,
this function called wpa_supplicant_deauthenticate() next and that ended
up changing state to WPA_DISCONNECTED which resulted in
wpas_p2p_notif_disconnected() rescheduling the timeout. This left the
unexpected timeout behind after the group was removed. If another group
operation was started within P2P_MAX_CLIENT_IDLE (10) seconds, that
timeout could end up terminating the group while it was still being set
up.

Fix this by reordering wpas_p2p_group_delete() to cancel the group idle
timeout only after having called wpa_supplicant_deauthenticate(). The
group idle timeout is still rescheduled, but it gets removed immediately
afterwards when the actual group information is being cleared.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-19 18:10:20 +02:00
Jouni Malinen
2c60ca7391 Clean up array insertion to skip unnecessary memmove
The previous elements need to be moved only if we are inserting the new
network in the middle of the list. While the memmove of zero bytes at
the end of the array does not cause real problems, some static analyzers
complain about this, so in addition to slightly optimized
implementation, this removes some analyzer warnings, too.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-19 16:44:30 +02:00
Jouni Malinen
f4b2d69b07 Fix memory leak on set_cred error path
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-19 14:29:38 +02:00
Jouni Malinen
1485ec076b Fix memory leak on error path in bssid_filter setting
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-19 14:28:02 +02:00
Jouni Malinen
d8e59feab2 Interworking: Fix SIM/USIM NAI construction
Commit 9914c96feb moved sizeof(nai) to a
helper function and broke the determination of maximum buffer length.
Fix this by moving the sizeof() to the functions that define the buffer.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-19 14:24:45 +02:00
Jouni Malinen
cb6710a4a5 Use WPA_INTERFACE_DISABLED with interface removed events
This makes WPA_INTERFACE_DISABLED more consistent in indicating that
wpa_supplicant cannot currently control the interface regardless of
whether the interface is disabled or completely removed.

Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-02-18 13:16:17 +02:00
Jouni Malinen
6f3bc72be0 P2P: Allow channels to be removed from P2P use
A list of disallowed frequencies for P2P channel list can now be
configured with P2P_SET disallow_freq. The frequencies (or frequency
pairs) are comma separated. For example:
wpa_cli p2p_set disallow_freq 2462,5000-6000

The allowed P2P channel list is constructed by removing explicitly
disallowed channels from the channel list received from the driver.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-17 22:57:13 +02:00
Jouni Malinen
b8a8d6774b P2P: Do not include P2P IE in association request to non-P2P AP
This was previously fixed for most cases in commit
ffad885837, but the check here for
drivers that implement SME/MLME was missed in that commit.

This removes the P2P IE from (Re)Association Request frame with
drivers that do not use wpa_supplicant SME implementation and are
P2P cabable when associating with a non-P2P AP (i.e., not a GO or
P2P WLAN manager AP).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-02-17 11:34:56 +02:00
Jouni Malinen
5ed7880d05 Interworking: Allow network block -based connection without ANQP matches
Previously, network block -based connection could have been used to
override ANQP-based selection. However, if no ANQP-based matches were
present, no connection was started. Fix this by trying to connect if
any enabled network block has a match in the BSS table.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:38:50 +02:00
Jouni Malinen
7d86e53747 Interworking: Add verbose error message on cred block parsing errors
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:38:10 +02:00
Jouni Malinen
1a712d2fc1 Interworking: Add support for credential priorities
This allows credentials to be set with a specific priority to allow
the automatic network selection behavior to be controlled with user
preferences. The priority values are configured to the network block
and BSS selection will select the network based on priorities from
both pre-configured network blocks and credentials.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:37:21 +02:00
Jouni Malinen
d94c9ee6ad Interworking: Add ctrl_iface commands for managing credentials
New wpa_cli commands list_creds, add_cred, remove_cred, and set_cred
can now be used to manage credentials similarly to the commands used
with network blocks.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:36:00 +02:00
Jouni Malinen
f2c207515a Interworking: Write cred blocks into configuration file
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:35:10 +02:00
Jouni Malinen
1bb7b8e84c Interworking: Add support for multiple credentials
This replaces the global home_* parameters with a list of credentials
that can be configured similarly to network blocks. For example:

cred={
	realm="example.com"
	username="user@example.com"
	password="password"
	ca_cert="/etc/wpa_supplicant/ca.pem"
	domain="example.com"
}

cred={
	imsi="310026-000000000"
	milenage="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123"
}

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:34:22 +02:00
Jouni Malinen
9914c96feb Interworking: Use 3gppnetwork.org for matching home SP for SIM/USIM
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:33:31 +02:00
Jouni Malinen
61b2ed7012 Interworking: Use anonymous NAI in EAP-TTLS Phase 1
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:32:56 +02:00
Jouni Malinen
00bf219ddb Interworking: Add support for home vs. visited SP determination
Use Domain Name List (ANQP) and the new home_domain configuration
parameter to figure out whether a network is operated by the home
service provider and if so, prefer it over networks that would
require roaming.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:32:00 +02:00
Jouni Malinen
95bc2ea63d Interworking: Do not disable other network profiles
This allows previously configured network profiles to be used so
that user can indicate preference of manually configured networks.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:31:00 +02:00
Jouni Malinen
d445a5cd8e Add BSSID filter for testing purposes
wpa_supplicant can now be configured to filter out scan results based
on a BSSID filter. Space-separated set of allowed BSSIDs can be set
with wpa_cli set bssid_filter command. Filtering mechanism can be
disabled by setting this variable to an empty list. When set, only
the BSSes that have a matching entry in this list will be accepted
from scan results.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:30:13 +02:00
Jouni Malinen
b2ff168128 Allow legacy PS param to be set with SET in addition to P2P_SET
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:29:19 +02:00
Jouni Malinen
aa074a6485 Allow U-APSD parameters to be configured with SET command
This can be used in non-P2P case to set U-APSD parameters for a
station mode association.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:28:31 +02:00
Jouni Malinen
84c78f9570 Allow ENABLE_NETWORK to avoid automatic connection
Extra parameter "no-connect" can now be added to the ENABLE_NETWORK
ctrl_iface command to avoid automatic connection to the enabled
network.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:27:41 +02:00
Jouni Malinen
8b9d0bfa00 Add mechanism for disabling radio for testing purposes
"wpa_cli set radio_disabled 1/0" can be used to disable/enable
radio to simulate out-of-radio-range condition in a testbed
device.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 16:26:44 +02:00
Jouni Malinen
aa283ddd97 WPS: Do not use sched_scan for provisioning step
Normal scan is more reliable and faster for WPS operations and since
these are for short periods of time, the benefit of trying to use
sched_scan would be limited. This can fix WPS connectivity issues
with some drivers.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-02-15 20:41:42 +02:00
Antonio Quartulli
e640888c5e IBSS RSN: Support authorization
In IBSS RSN cfg80211/mac80211 now waits for userspace to authorize new
stations. This patch makes wpa_supplicant notify the driver when a
station can be considered authorized.

Signed-hostap: Antonio Quartulli <ordex@autistici.org>
2012-02-12 21:12:22 +02:00
Ben Greear
2df4c4ef2f eloop: Support poll() in eloop
When using more than around 200 virtual stations, we start hitting the
max number of file descriptors supported by select(). This patch adds
support for poll(), which has no hard upper limit.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-02-12 21:12:22 +02:00
Jouni Malinen
a565c23bf3 WPS: Fix regression in post-WPS scan optimization
Commit 3c85f144ce fixed issues with P2P
Action frame TX after disconnection by clearing wpa_s->assoc_freq.
This resulted in a regression to the post-WPS scan optimization that
used wpa_s->assoc_freq to enable fast single-channel scan. Fix this by
copying wpa_s->assoc_freq to a local variable before calling
wpa_supplicant_deauthenticate() that ends up calling
wpa_supplicant_mark_disassoc() which will clear assoc_freq.

Reported-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
intended-for: hostap-1
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-12 13:54:15 +02:00
Jouni Malinen
0f3d578efc Remove the GPL notification from files contributed by Jouni Malinen
Remove the GPL notification text from the files that were
initially contributed by myself.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 19:39:36 +02:00
Jouni Malinen
e22d4d957b Remove the GPL notification from files contributed by Atheros
Remove the GPL notification text from files that were initially
contributed by Atheros Communications or Qualcomm Atheros.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 19:39:36 +02:00
Jouni Malinen
331f89ff5b Select the BSD license terms as the only license alternative
Simplify licensing terms for hostap.git by selecting the BSD license
alternative for any future distribution. This drops the GPL v2
alternative from distribution terms and from contribution requirements.

The BSD license alternative that has been used in hostap.git (the one
with advertisement clause removed) is compatible with GPL and as such
the software in hostap.git can still be used with GPL projects. In
addition, any new contribution to hostap.git is expected to be licensed
under the BSD terms that allow the changes to be merged into older
hostap repositories that still include the GPL v2 alternative.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 19:39:31 +02:00
Dan Harkins
27c9d333d4 EAP-pwd: Describe build option for EAP-pwd
Signed-hostap: Dan Harkins <dharkins@lounge.org>
2012-02-11 12:17:58 +02:00
Flávio Ceolin
3f6e50ac28 dbus: Make the P2P peer's properties accessible separately
Since there is the method org.freedesktop.DBus.Properties.GetAll that
returns all properties from a specific interface, it makes more sense to
separate the properties to make it possible to get only a single
property using the method org.freedesktop.DBus.Properties.Get as well.

Signed-hostap: Flávio Ceolin <flavio.ceolin@profusion.mobi>
2012-02-11 11:36:50 +02:00
Piotr Nakraszewicz
d9a0f66696 P2P: Do not expire GO peer entry during group rekeying
If wpas_go_connected() is called during group rekeying the P2P GO peer
will expire. To prevent that check if group rekeying is not in progress.
2012-02-11 10:54:40 +02:00
Jouni Malinen
ad9ee4d4ca Fix CONFIG_NO_SCAN_PROCESSING=y build
This fixes a build regression from commit
cd2f4ddfb9 by moving
wpa_supplicant_assoc_update_ie() outside the no-scan-processing ifdef
block.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 10:51:31 +02:00
Jouni Malinen
a91e268c5e Show BSS entry age (seconds since last update)
The BSS ctrl_iface command can sow the age of a BSS table entry to
make it easier for external programs to figure out whether an entry
is still current depending on the use case.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-08 12:07:54 +02:00
Jouni Malinen
0a70f34f22 P2P: Allow BSS entry to be fetched based on GO P2P Device Address
"BSS p2p_dev_addr=<P2P Device Address>" can now be used to fetch a
specific BSS entry based on the P2P Device Address of the GO to avoid
having to iterate through the full BSS table when an external program
needs to figure out whether a specific peer is currently operating as
a GO.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-07 16:23:21 +02:00
Jouni Malinen
c427ac9211 P2P: Set Invitation Type to 1 for GO inviting to a persistent group
When a GO is operating a persistent group and invites a peer that has
been a P2P client in that persistent group, the Invitation Type in the
Invitation Request frame can be set to 1 to indicate that this is a
reinvocation of a persistent group. Do this based on the maintained
list of P2P clients that have been provided the credentials to this
group.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-06 21:54:36 +02:00
Jouni Malinen
f63b854215 P2P: Wait for PD-before-join response
Even though the Provision Discovery Response frame from PD-before-join
does not really provide any additional information, it can be better to
wait for it before starting the join operation. This adds a minimal
extra latency in the most common case and cleans up the sequence of
driver operations and debug log by avoiding potential processing of the
Provision Discovery Response while already running a scan for the actual
connection.

If transmission of Provision Discovery Request fails, join operation is
started without the additional wait. In addition, a new timeout is used
to start the join if Provision Discovery Response is lost for any
reason.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-05 20:52:24 +02:00
Jouni Malinen
c19316354e P2P: Skip event notification on PD Response in join-group case
Provision Discovery is used as a notification to the GO in the case we
are about join a running group. In such case, there is not much point in
indicating the provision discovery response events to external programs
especially when the PIN-to-be-displayed was different from the one
returned for the p2p_connect command. Skip this confusing event
completely for join-a-running-group case.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-05 20:20:36 +02:00
Paul Stewart
87343c2017 bgscan_simple: Refinements to fast-scan backoff
These changes account for situations where the CQM threshold
might be approximately the same as the currently received signal,
and thus CQM events are triggered often due to measurement
error/small fluctuations.  This results in scanning occurring
too frequently.

Firstly, inhibit the immediate scan when the short-scan count
is at the maximum.  This keeps bursts of CQM toggling from
causing a torrent of back-to-back scans.  This does not inhibit
immediate scans if the CQM triggers a second time (if the signal
falls lower past the hysteresis).  This reduces the scan rate in
the worst case (fast-rate toggling high/low CQM events) to the
short scan interval.

Secondly, change the behavior of the short scan count so it acts like
a "leaky bucket".  As we perform short-scans, the bucket fills until
it reaches a maximal short-scan count, at which we back-off and
revert to a long scan interval.  The short scan count decreases by
one (emptying the bucket) every time we complete a long scan interval
without a low-RSSI CQM event.

This reduces the impact of medium-rate toggling of high/low CQM
events, reducing the number of short-interval scans that occur before
returning to a long-interval if the system was recently doing
short scans.
2012-02-05 18:43:06 +02:00
Dan Williams
0f4668ceac Try fallback drivers if global init for preferred drivers fails
Driver global init was considered a hard failure. Thus if, for example,
you used the Broadcom STA driver and didn't have nl80211 or cfg80211
loaded into the kernel, and specified a driver value of "nl80211,wext",
the nl80211 driver's global init would fail with the following message:

nl80211: 'nl80211' generic netlink not found
Failed to initialize driver 'nl80211'

but since global init was a hard failure, creating the supplicant
interface would fail and the WEXT driver would not be tried.
Give other drivers a chance instead.

Signed-hostap: Dan Williams <dcbw@redhat.com>
intended-for: hostap-1
2012-02-04 20:09:51 +02:00
Todd Previte
4bb70bd80d P2P: Fix the setter function for DBus group properties
The setter function uses the same hostapd_data structure as the getter
which causes it to crash if called on a P2P client. To overcome this
issue, the role is checked to ensure it is called on a group owner and
the pointer is examined for validity. The function will return an error
if called on a non-GO system.

Signed-hostap: Todd Previte <toddx.a.previte@intel.com>
Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
intended-for: hostap-1
2012-02-04 13:13:59 +02:00
Todd Previte
aa89df5699 P2P: Fix DBus crash and return additional P2P group properties
When using DBus to get group properties, a segmentation fault is
generated on P2P clients due to a NULL pointer for the ap_iface struct.
The current implementation only returns vendor extensions when called on
a P2P group owner.

The code now checks the P2P role which allows for role-specific
information to be provided. This also fixes the crash issue by only
looking for the correct structures based on the current P2P role.

Signed-hostap: Todd Previte <toddx.a.previte@intel.com>
Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
intended-for: hostap-1
2012-02-04 13:08:12 +02:00
Jouni Malinen
96efeeb66b Use PMKSA cache entries with only a single network context
When looking for PMKSA cache entries to use with a new association, only
accept entries created with the same network block that was used to
create the cache entry.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-04 12:32:35 +02:00
Jouni Malinen
d93dfbd588 Delay scan request on select_network if disconnecting
The disconnection command results in disassociation and deauthentication
events which were previously processed during the scan in case of
select_network command being used while associated with another network.
While this works in most cases, it can result in confusing event
messages in ctrl_iface and debug log. Avoid this by using a short delay
between the disconnection and scan request to allow the disconnection
events to be processed prior to starting the new scan.

Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-02-04 12:28:16 +02:00
Jouni Malinen
d3f57d0ff1 Interworking: Fix EAP-TTLS/MSCHAP configuration
Copy-paste error ended up using CHAP when MSCHAP was supposed to be
set.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-31 16:20:43 +02:00
Jouni Malinen
32cdcf15b2 WPS: Disable AP PIN after 10 consecutive failures
While the exponential increase in the lockout period provides an
efficient mitigation mechanism against brute force attacks, this
additional trigger to enter indefinite lockout period (cleared by
restarting hostapd) will limit attacks even further by giving maximum of
10 attempts (without authorized user action) even in a very long term
attack.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-30 17:36:14 +02:00
Ben Greear
80e8a5eef1 Support HT capability overrides
This allows HT capabilities overrides on kernels that
support these features.

MCS Rates can be disabled to force to slower speeds when using HT.
Rates cannot be forced higher.

HT can be disabled, forcing an 802.11a/b/g/n station to act like
an 802.11a/b/g station.

HT40 can be disabled.

MAX A-MSDU can be disabled.
A-MPDU Factor and A-MPDU Density can be modified.

Please note that these are suggestions to the kernel. Only mac80211
drivers will work at all. The A-MPDU Factor can only be decreased and
the A-MPDU Density can only be increased currently.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-01-29 21:01:31 +02:00
Jouni Malinen
499e7286b0 Remove duplicated TERMINATING event
Now that CTRL-EVENT-TERMINATING even is sent at the end of interface
removal in case wpa_supplicant process is going to terminate, there
is no need for this duplicated event in the signal handler.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-29 20:23:07 +02:00
Dmitry Shmidt
f08115165b Move ctrl_iface deinit into the end of interface deinit
This allows TERMINATING ctrl_iface event to be sent at the end of the
deinit sequence to avoid race conditions with new operations that this
event may trigger while wpa_supplicant would still be running through
the deinitialization path.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-01-29 20:21:07 +02:00
Dmitry Shmidt
2523ff6ea4 Deinit driver before notifying interface has been removed
This avoids issues with some external program starting to use the
interface based on the interface removal event before wpa_supplicant
has completed deinitialization of the driver interface.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-01-29 20:18:48 +02:00
Dmitry Shmidt
df509539d4 Let wpa_supplicant_deinit_iface() know that process is terminating
This will be needed to be able to move ctrl_iface TERMINATING event to
the end of interface removal.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-01-29 20:15:48 +02:00
Eyal Shapira
1193dc8fd7 SME: Fix processing of Authentication timeout and failure
current_bss and pending_bssid weren't cleaned up so BSS
kept appearing in the scan results even when it was actually gone.
Use wpa_supplicant_mark_disassoc() to cleanup the wpa_s context
instead of just dropping wpa_state back to DISCONNECTED.

Reported-by: Vishal Mahaveer <vishalm@ti.com>
Signed-hostap: Eyal Shapira <eyal@wizery.com>
2012-01-29 17:44:31 +02:00
Eyal Shapira
b3aa456b3e Interleave wildcard and specific SSID scans when max_ssids=1
For drivers limited to scan a single SSID at a time, this prevents
waiting too long for a wildcard scan in case there are several
scan_ssid networks in the configuration.

Signed-hostap: Eyal Shapira <eyal@wizery.com>
2012-01-29 17:39:08 +02:00
Jouni Malinen
ea5cb06ef9 Install only the binaries into BINDIR
There is no point in installing *.service files into BINDIR.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-29 14:20:41 +02:00
Grant Erickson
b111764384 build: Fix install target parent directory prerequisites
This changes the install target such that parent directories of
installed paths area created and each path is only installed
on a dependency basis.

Signed-off-by: Grant Erickson <marathon96@gmail.com>
2012-01-29 14:18:22 +02:00
Jouni Malinen
9013edc300 dbus: Remove unused D-Bus version defines
These have not been used since commit
8ddef94bd4.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-29 12:53:12 +02:00
Antonio Quartulli
fa7187bfde IBSS RSN: Provide ibss_rsn_get_peer() helper function
This is a useful function that simplifies some code and can eventually
be used somewhere else in future.

Signed-hostap: Antonio Quartulli <ordex@autistici.org>
2012-01-29 12:23:27 +02:00
Sylvestre Gallon
3d0a843823 dbus: Fix endianness bug in Frequency and Signal properties
These properties did not work on big endian PowerPC (always 100% for
Signal and 0 for Frequency) due to endianness problem (u32 to u16 data
loss).

Signed-off-by: Sylvestre Gallon <ccna.syl@gmail.com>
2012-01-28 17:57:48 +02:00
Jouni Malinen
6897ce14a4 Rename systemd template files to avoid @ in the file name
Perforce does not like @ in the file name and since these template files
do not really need to have that in the name, make the files in
repository friendlier to Perforce. The generated *.service file will
maintain their old names.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-28 17:12:30 +02:00
Nicolas Cavallari
9e2af29f9b Support fixing the BSSID in IBSS mode
When the "bssid=" option is set for an IBSS network and ap_scan = 2,
ask the driver to fix this BSSID, if possible.

Previously, any "bssid=" option were ignored in IBSS mode when ap_scan=2.

Signed-hostap: Nicolas Cavallari <cavallar@lri.fr>
2012-01-28 11:33:47 +02:00
Paul Stewart
a4bbb6066d dbus: Create DBus getter/setter for FastReauth
Provide a means over DBus to set the conf->fast_reauth
property, which controls whether TLS session resumption
should be attempted for EAP-TLS 802.1X networks.

Signed-off-by: Paul Stewart <pstew@chromium.org>
2012-01-28 11:21:37 +02:00
Jouni Malinen
b21ff9cb20 P2P: Fix WSC IE inclusion for P2P disabled case
wpas_wps_in_use() was forcing WPS to be enabled unconditionally if P2P
support was included in the build. This is not really the correct
behavior for the case when P2P has been disabled at runtime. Change the
code here to verify runtime configuration of P2P before forcing WPS to
be enabled. This allows WSC IE to be left out from Probe Request frames
when scanning for APs without P2P or WPS being in use.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-27 21:09:34 +02:00
Jouni Malinen
b1aebbc427 P2P: Do not expire peer entry if we are connected to the peer
Even though we may not update P2P peer entry while connected to the
peer as a P2P client, we should not be expiring a P2P peer entry while
that peer is the GO in a group where we are connected as a P2P client.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-25 17:27:47 +02:00
Jouni Malinen
433cd2ce65 Stop sched_scan in number of cases where it should not be running
When a P2P group is removed, we better not leave possibly started
sched_scan running. This could happen when a separate group interface
was not used.

In addition, it looks safer to explicitly stop sched_scan before
starting P2P Listen or Find operations to make sure the offloaded
scanning is not running when doing similar P2P operations.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-23 18:26:09 +02:00
Sujith Manoharan
cd2f4ddfb9 Update WPA/RSN IE properly for driver based BSS selection
This patch fixes an issue with roaming for drivers that set
WPA_DRIVER_FLAGS_BSS_SELECTION (currently ath6kl). On moving to an AP
with a different BSSID, an EVENT_ASSOC is received and the subsequent
4-way handshake may fail because of a mismatch between the RSN IE in
message 3/4 and in Beacon/Probe Response. This happens only when the APs
use different RSN IE contents and ap_scan is set to 1, since
wpa_supplicant fails to update its cached IEs.

Initial association may fail, too, in case of multiple APs with
the same SSID, since BSSID selection is done by the driver and again
a mismatch could be seen.

Fix these two issues by clearing and updating the cached IEs on
receiving an Association event from the driver. Also, retrieve the
scan results when the new BSS information is not present locally.

Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
2012-01-23 17:34:39 +02:00
Jouni Malinen
beec9c3a1f eapol_test: Show MNC length in debug output
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-22 20:59:00 +02:00
Sam Leffler
f9121813d7 dbus: Validate SSID length in new D-Bus scan request
Validate the length of each SSID passed in a new D-Bus protocol
Scan request.
2012-01-22 12:02:09 +02:00
Jouni Malinen
6d92fa6e92 P2P: Allow Device ID to be specified for p2p_find command
dev_id=<P2P Device Addr> can now be specified as an argument to
p2p_find to request P2P find for a specific P2P device.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-08 09:25:29 -08:00
Jouni Malinen
57d38ddf6b Update copyright notices to include year 2012
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-01 18:59:16 +02:00
Jouni Malinen
3d9975d5b0 Do not trigger fast reconnection on locally generated deauth/disassoc
The deauthentication and disassociation events from nl80211 were being
processed identically regardless of whether the frame was generated by
the local STA or the AP. This resulted in fast reconnection mechanism
getting triggered even in the case where the disconnection was detected
locally (e.g., due to beacon loss) while this was supposed to happen
only in the case where the AP is sending an explicit Deauthentication
or Disassociation frame with a specific reason code.

Fix this by adding a new deauth/disassoc event variable to indicate
whether the event was generated locally.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-01 18:55:58 +02:00
Jouni Malinen
0be3542338 Fix BSS property names in the example D-Bus script
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-01 18:55:55 +02:00
Syam Sidhardhan
60d5a5a5fd dbus: Fix extra semicolon
Signed-off-by: Syam Sidhardhan <syamsidhardh@gmail.com>
2012-01-01 14:39:24 +02:00
Jouni Malinen
6fc74e5181 dbus: Increase buffer size to fix Introspect XML
Commit e9c3c1afed added a new D-Bus
method and that was enough to push the Introspect XML buffer over
the previously allocated 8000 bytes. Increase the buffer size to
make enough room for P2P interface. In addition, add a debug
message to indicate if an XML segment does not fit into the buffer
to make this types of failures somewhat easier to catch.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-31 17:40:49 +02:00
Jouni Malinen
5fd9fb2772 Remove possible authentication timeout on connection failure
The authentication timeout could be triggered after the connection has
already been known to have failed. The event at that point can be
confusing, so better cancel the timeout when processing connection
failure.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-31 13:25:37 +02:00
Jouni Malinen
1e7fb4f1b7 WPS: Use single channel scan if AP channel already known
If the BSSID of the AP is specified in the WPS command, the target
AP is likely already in the BSS table and its operating channel is
known. Use this information to speed up connection by only scanning
the known channel.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-31 13:17:20 +02:00
Michał Górny
399ec170e8 Use correct (multi-user) target when installing systemd units
The 'network.target' is special (per systemd.special(7)), and is to be
brought up indirectly when network is actually configured (i.e. through
DHCP or static address settings).

Irrelevant of that, all services should be always installed in
multi-user.target.

[Bug 427]
2011-12-29 21:39:34 +02:00
Jouni Malinen
e91829f9ac P2P: Stop remain-on-channel prior to starting join-a-group client
This fixes issues with drivers that do not handle concurrent
remain-on-channel and scan operations in a case where Provision
Discovery Response frame is not received to stop the Action frame
handshake.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-29 13:28:17 +02:00
Neeraj Kumar Garg
b8349523e4 P2P: Reject p2p_group_add if forced frequency is not acceptable
If the freq parameter is specified and we are already running legacy STA
on a different frequency with a driver that does not support
multi-channel concurrency, reject p2p_group_add. Same code already
exists in the path of P2P connection with go negotiation but is missing
for autonomous GO.

Signed-hostap: Neeraj Garg <neerajkg@broadcom.com>
2011-12-27 23:21:45 +02:00
Jouni Malinen
d7e70476f2 P2P: Use global->p2p_dev_addr instead of parent->own_addr
Start using global->p2p_dev_addr more consistently as the P2P Device
Address.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-25 23:58:03 +02:00
Bartosz Markowski
8945cc451f Add BSSID into blacklist and do not clean blacklist during countermeasures
If scanning continues during TKIP countermeasures, try to avoid selecting
the BSS that triggered the counter measures.
2011-12-25 21:09:17 +02:00
Jouni Malinen
fbdcfd577a P2P: Maintain a list of P2P Clients for persistent group on GO
Add a new persistent group network block field, p2p_client_list, to
maintain a list of P2P Clients that have connected to a persistent
group. This allows GO of a persistent group to figure out more easily
whether re-invocation of a persistent group can be used with a specific
peer device.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-22 22:47:41 +02:00
Jouni Malinen
87f841a140 P2P: Show persistent group info on P2P_PEER data
Add "persistent=<network id>" line to P2P_PEER ctrl_iface data
if a persistent group credentials are available for this peer.
This makes it easier for external programs to figure out when
a persistent group could be re-invoked with this peer.

For now, this information is only available on the P2P client,
but similar information can be added for GO once a list of P2P
clients is maintained with the persistent group data.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-22 21:45:20 +02:00
Jouni Malinen
b3ffc80b8c P2P: Move public P2P_PEER info generation into ctrl_iface
The P2P module provides access to public peer data in struct
p2p_peer_info. Use this to build the P2P_PEER information in
ctrl_iface.c instead of providing such text format data from the P2P
module.

The internal data that was previously built in p2p_get_peer_info() as
part of the text format peer data is now available through a separate
p2p_get_peer_info_txt() function. This is still included in P2P_PEER
output to maintain backwards compatibility with external programs that
could have started to use this. However, it should be noted that this
data is not really supposed to be used for anything else apart from
debugging purposes and its format is subject to change.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-22 21:26:31 +02:00
Jouni Malinen
b3bcc0f519 P2P: Replace p2p_get_peer_info with p2p_peer_known when applicable
p2p_get_peer_info() was used in multiple places just to check whether a
specific peer is known. This was not the designed use for the function,
so introduce a simpler function for that purpose to make it obvious that
the p2p_get_peer_info() function is actually used only in ctrl_iface.c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-22 21:04:41 +02:00
윤민홍
3b655312d4 P2P: Send D-Bus ServiceDiscoveryRequest signal for external SD processing
wpas_notify_p2p_sd_request() needs to be called when
p2p_sd_over_ctrl_iface is set to provide SD events over D-Bus similarly
to the ctrl_iface events.
2011-12-22 00:34:29 +02:00
Jouni Malinen
9b6f44cb63 Process EVENT_SCHED_SCAN_STOPPED partially if interface is disabled
The internal sched_scanning state needs to be cleared on this event
even if the events happen to get ordered in a way that the interface
gets disabled just prior to EVENT_SCHED_SCAN_STOPPED event.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-21 13:36:58 +02:00
Jouni Malinen
4551dd9060 Ignore disassociation event in wpa_supplicant AP mode
If the driver was associated in station mode just before the AP mode was
started, the station mode disassociation event may end up getting
delivered to wpa_supplicant only after the AP mode has been started.
This can result in unexpected attempt to reassociate back to the network
that was previously used in station mode. Avoid this by ignoring the
disassociation event.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-21 13:36:13 +02:00
Jouni Malinen
72d48a80ec P2P: Fix GO start on interface that has active station connection
The active station connection triggered wpa_supplicant AP mode startup
to try to update Beacon IEs before the AP mode was properly initialized
and that resulted in NULL pointer dereference in driver_nl80211.c. Fix
this by skipping the IE update before the AP mode is initialized.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-21 13:34:25 +02:00
Neeraj Kumar Garg
653c4893be Add AP-STA-CONNECTED and DISCONNECTED events to wpa_cli -a
Signed-hostap: Neeraj Kumar Garg <neerajkg@broadcom.com>
2011-12-20 01:07:42 +02:00
Jouni Malinen
c81066153c P2P: Use hardcoded idle timeout of 10 seconds in P2P client role
The p2p_group_idle configuration parameter is much more useful for
GO role, so use a separate hardcoded value of 10 seconds in P2P
client role. In practice, this means that the P2P client role will
automatically tear down the group when the GO tears down the group.

The 10 second timeout is enough to recover from temporary disconnections
without unnecessary tearing down the group if the GO is still present
and allows the client to connect.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-18 22:21:22 +02:00
Jouni Malinen
4c2c675173 P2P: Fix disconnect event not to increase idle timeout
When P2P client is processing a disconnection event, make sure the P2P
idle timeout does not get increased, i.e., set a new timeout only if no
timeout is in use. wpa_state changes between DISCONNECTED and SCANNING
can generate multiple calls to wpas_p2p_notif_disconnect() and
previously this was enough to force the idle timeout never hit in
practice when in P2P client role.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-18 22:18:42 +02:00
Jouni Malinen
74781dfc7b Lower RX_MGMT driver event debug level for Beacon frames
This event can be very frequent in AP mode when Beacon frames from
neighboring BSSes are delivered to user space. Drop the debug
message priority from DEBUG to EXCESSIVE for Beacon frames.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-18 21:48:25 +02:00
Jouni Malinen
1ef2f7ffcf P2P: Fix Provision Discovery channel for some join-GO cases
The Provision Discovery Request needs to be sent on the operating
channel of the GO and as such, the frequency from the BSS table
(scan results) need to override the frequency in the P2P peer
table that could be based on the Listen channel of the GO.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-18 17:21:25 +02:00
Gustavo Sverzut Barbieri
19030351b9 wpa_supplicant/dbus AP: Add support for WPS Internal Registrar
When in AP mode, wpa_supplicant is now enabling WPS (only Internal
Registrar). WPS.Start() call can be used to initiate WPS negotiation
similarly to how this is done in station mode.

This was done to ctrl_iface by Jouni Malinen on April 21, 2009 (commit
3ec97afe57)

Signed-hostap: Gustavo Sverzut Barbieri <barbieri@profusion.mobi>
2011-12-18 17:06:31 +02:00
Reinette Chatre
e5a359cf7e P2P: Make GO negotiation peer and group information available over D-Bus
The GO negotiation response is very cryptic at the moment. For a success
message we only know on which interface the negotiation succeeded, not
which peer. For a failure we know the interface also and a status code
(number).

It will be very useful for clients to know upon receipt of such a message
which peer the negotiation occurred with.

Now that the peer information is available and the API is changed
already, the function composing the D-Bus message might as well include
all GO negotiation information. This is done with a dict to make things
easier on clients if this result information changes down the line.

Signed-hostap: Reinette Chatre <reinette.chatre@intel.com>
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2011-12-18 16:52:33 +02:00
Jouni Malinen
90b8fc8f4e Fix CONFIG_NO_SCAN_PROCESSING=y build with ctrl_iface
Need to remove ROAM command processing since the needed functionality
for it gets removed with CONFIG_NO_SCAN_PROCESSING=y.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-17 18:07:58 +02:00
Antonio Quartulli
b58bcbb2ef ctrl_iface: Check for IEEE8021X_EAPOL definition
The whole wpa_supplicant_ctrl_iface_ctrl_rsp_handle() function operates
on the ssid->eap field which exists only if IEEE8021X_EAPOL has been
defined. Therefore the whole function body needs to be enclosed within
an #ifdef/endif block.

Signed-hostap: Antonio Quartulli <ordex@autistici.org>
2011-12-17 18:04:50 +02:00
Johannes Berg
457a126e29 IBSS: fix RSN key initialisation
Antonio reported that RSN IBSS failed to work.
We traced it down to a GTK failure, and he then
bisected it to commit bdffdc5ddb:
"AP: Reorder WPA/Beacon initialization".

The reason this commit broke it is that the state
machine's GInit variable is never set to false as
wpa_init_keys() never gets called, and thus new
keys are generated every time the state machine
executes.

Fix this by calling wpa_init_keys() when the new
group has been initialised.

Reported-by: Antonio Quartulli <ordex@autistici.org>
Tested-by: Antonio Quartulli <ordex@autistici.org>
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2011-12-11 19:57:50 +02:00
Jouni Malinen
d9d87c3357 Disassociate when starting WPS search
Previously, the WPS scans could have been done in associated state if we
happened to be associated when the request to use WPS was received. This
can slow down scanning and end up in unexpected state if no WPS
association is tried. Avoid these issues by disconnecting when WPS
search is started.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-11 18:30:47 +02:00
Jouni Malinen
5506d18418 Fix compiler warning with CONFIG_NO_STDOUT_DEBUG=y
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-11 18:19:24 +02:00
Jouni Malinen
5928411e91 Fix compiler warning with CONFIG_NO_SCAN_PROCESSING=y
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-11 18:14:09 +02:00
Jouni Malinen
76202aed23 Fix compiler warning with CONFIG_NO_STDOUT_DEBUG=y
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-11 18:13:51 +02:00
Jouni Malinen
7165c5dc1f P2P: Fix 32-bit compiler warnings on service discovery reference
Convert core wpa_supplicant code to use u64 instead of void * for the
P2P service discovery reference. Use uintptr_t in type casts in
p2p_supplicant.c to handle the conversion without warnings.

Note: This needs to be revisited for 128-bit CPU where sizeof(void *)
could be larger than sizeof(u64).

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-11 18:06:34 +02:00
Jouni Malinen
e3a0706b47 P2P: Fix Provision Discovery name in debug messages
Some debug messages used incorrect name for Provision Discovery.
Replace "Provisioning Discovery" with "Provision Discovery".

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-11 17:36:38 +02:00
Vitaly Wool
c3daaf3325 Skip WPS PBC overlap detection if P2P address is the same
WPS overlap detection can detect false overlap if a P2P peer
changes UUID while authentication is ongoing. Changing UUID
is of course wrong but this is what some popular devices do
so we need to work around it in order to keep compatibility
with these devices. There already is a mechanism in WPS
registrar to skip overlap detection if P2P addresses of two
sessions match but it wasn't really triggered because the
address wasn't filled in in the caller function.

Let's fill in this address and also clean up WPS PBC sessions
on WSC process completion if UUID was changed.

Signed-hostap: Vitaly Wool<vitalywool@gmail.com>
2011-12-11 12:03:18 +02:00
Arik Nemtsov
4f73d88afa Maintain internal copy of Probe Response offload capabilities
Signed-hostap: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Arik Nemtsov <arik@wizery.com>
2011-12-10 21:11:32 +02:00
Jouni Malinen
502618f7c1 P2P: Clean up group formation on network block removal
If a P2P group network block is removed for any reason (e.g., wps_cancel
command) while the interface is in group formation, remove the group
formation timeout and indicate failure immediately. Previously, this
type of operations could end up leaving the timeout running and result
in somewhat unexpected group formation failure events later.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-10 12:56:42 +02:00
Jouni Malinen
c3f4278445 P2P: Add group ifname to P2P-PROV-DISC-* events
If Provision Discovery Request is sent for GO role (i.e., P2P Group ID
attribute is included), add the group interface name to the control
interface event on the GO. This makes it easier to figure out which
ctrl_iface needs to be used for wps_pbc/wps_pin command to authorize
the joining P2P client.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-06 21:57:17 +02:00
Jithu Jance
ec437d9e74 P2P: Skip duplicated provision discovery on join
If p2p_prov_disc join command is used prior to p2p_connect join,
skip the duplicated provision discovery exchange.

Signed-hostap: Jithu Jance <jithu@broadcom.com>
2011-12-06 21:44:57 +02:00
Jithu Jance
8c5f730983 P2P: Add optional "join" argument for p2p_prov_disc command
This can be used to request Provision Discovery Request to be sent
for the purpose of joining a running group, e.g., to request the GO
to display a PIN that we can then use with p2p_connect join command.

Signed-hostap: Jithu Jance <jithu@broadcom.com>
2011-12-06 21:28:02 +02:00
Jouni Malinen
61ff2c8080 Remove documentation for label option in p2p_connect
P2P use cases do not allow use of Label config method and the earlier
code for this has already been removed, but this documentation was not
updated at the same time.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-06 21:13:54 +02:00
Jouni Malinen
14115a1089 SME: Fix processing of Authentication timeout
The wpa_state needs to be dropped back to DISCONNECTED to allow scan
results to trigger a new authentication attempt.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-04 22:27:48 +02:00
Jouni Malinen
d00821e913 Try to reconnect to the same BSS on recoverable disconnection
If the AP disconnects us with a reason code that indicates that it has
dropped the association, but could allow us to connect again, try to
reconnect to the same BSS without going through the full scan. This can
save quite a bit of time in some common use cases, e.g., when inactivity
timeout is used on the AP (and especially, when waking up from suspend
which has likely triggered some timeout on the AP).

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-04 21:57:14 +02:00
Jouni Malinen
ed57c5907e SME: Fix processing of Authentication request failure
The wpa_state needs to be dropped back to DISCONNECTED to allow scan
results to trigger a new authentication attempt. In addition, we can use
wpas_connection_failed() instead of requesting a scan after a fixed time
to make this error case more consistent with other similar error paths
in sme.c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-04 21:04:24 +02:00
Jouni Malinen
bfba8deb8b Update internal MAC address on EVENT_INTERFACE_ENABLED events
This allows the MAC address of the interface to be changed when the
interface is set down even if the interface does not get completed
removed and re-added.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-03 13:20:40 +02:00
Johan Hedlund
f98eb880eb Update RSN supplicant MAC address on driver reinitialization
I have a test case where I remove and insert another network adapter
between two connections to AP. The interface get the same interface name
but switches macadresses between the connections. When running WPA2 I
got a failure in EAPOL negotiation and found out that the reason for
this was that the supplicant did not update the MAC address in the
correct place.
2011-12-03 13:02:57 +02:00
Szymon Bigos
9337e876ab Fix generated WPS PIN values to use zero-padding
The dynamically generated PINs are supposed to have 8 digits, but
some PIN generatation cases were not zero-padding these properly.
2011-12-02 23:04:39 +02:00
Jouni Malinen
47662f4017 Add example WPS AP mode UI for wpa_supplicant
This script shows some minimal WPS user interface requirements for
mobile AP support with wpa_supplicant.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-01 22:14:07 +02:00
Jouni Malinen
0bc134683e wpa_supplicant AP: Allows passphrase to be fetched
"wpa_cli status wps" can now be used to fetch the WPA2-Personal
passphrase from AP mode operation with wpa_supplicant to make it
easier to meet WPS requirements for legacy STA support.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-01 22:12:03 +02:00
Jouni Malinen
c0f83f3104 WPS: Disable WPS(v2) in WPA/TKIP-only configuration
When using wpa_supplicant AP mode, WPS support is enabled by default for
WPA/WPA2-Personal. Change this to enforce the WPS2 rules on not allowing
WPS to be used with WPA/TKIP-only configuration (i.e., at minimum, mixed
mode with WPA/TKIP and WPA2/CCMP has to be used for WPS to be enabled).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-01 21:46:19 +02:00
Jouni Malinen
56d24b4ee0 Call wpas_connection_failed() only if actually trying to connect
A disconnection event from the driver may end up getting delivered at a
time when wpa_supplicant is not even trying to connect (e.g., during a
scan that was already started after WPS provisioning step). In such a
case, there is not much point calling wpas_connection_failed() and
skipping this avoids confusing attempts of re-starting scanning while
the previous scan is still in progress.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-01 18:22:56 +02:00
Jouni Malinen
f7da5a9ef4 Make reconnect-on-disassoc debug prints somewhat more helpful
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-01 18:22:10 +02:00
Jouni Malinen
a9e02d593d P2P: Clear show_group_started on GO start
The show_group_started variable could be left to 1 based on an earlier
failed attempt to start P2P client operation. This can result in
unexpected P2P-GROUP-STARTED event when a GO is started without group
formation (e.g., re-invoke a persistent group or start an autonomous
GO). Avoid this by explicitly clearing show_group_start when setting up
the GO.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-12-01 10:49:26 +02:00
Arik Nemtsov
79b8c60f81 Set ht_capab from based on driver capabilities when in P2P GO mode
Set the HT capabilities of a P2P GO according to the wiphy supported
ones. Mask-in a white-list of HT capabilities that won't cause problems
for non-supporting stations.

Signed-hostap: Arik Nemtsov <arik@wizery.com>
2011-11-29 23:45:07 +02:00
Jouni Malinen
ea5bae4731 Increase min sched_scan interval from 2 to 10 seconds
Trying to run sched_scan round every two seconds by defaults sounds way
too frequent since dualband cards are unlikely to be able to complete
the full scan cycle in two seconds. For now, set the hardcoded value to
10 seconds to make this somewhat more reasonable.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-29 20:05:58 +02:00
Dmitry Shmidt
d70b945d4d Fix pno_start() to initialize SSID list properly
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-11-29 12:56:32 +02:00
Jouni Malinen
0b7a25c00f Use normal scan before sched_scan if that can speed up connection
When normal scan can speed up operations, use that for the first three
scan runs before starting the sched_scan to allow user space sleep more.
We do this only if the normal scan has functionality that is suitable
for this or if the sched_scan does not have better support for multiple
SSIDs.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 18:36:36 +02:00
Jouni Malinen
76a5249e52 Add broadcast SSID for sched_scan for scan_ssid=0 networks
Previously, only networks with scan_ssid=1 were included in sched_scan.
This needs to behave similarly to the normal scan where broadcast SSID
is used to find networks that are not scanned for with a specific SSID.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 18:12:38 +02:00
Jouni Malinen
5edddf4175 Use common code for disabled network case in sched_scan
There is no need to implement two copies of the iteration code here.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 18:09:37 +02:00
Jouni Malinen
86b47aaf36 Drop sched_scan filter if not enough match sets supported
Instead of including only a single SSID in the sched_scan request if
the driver does not support match sets, just drop the SSID filter and
configure more SSIDs up to the sched_scan limit.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 17:52:36 +02:00
Jouni Malinen
a8cb5a8897 Make sched_scan debug clearer on timeout use
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 17:52:02 +02:00
Jouni Malinen
6ad9c91100 Stop sched_scan on DISCONNECT command
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 16:35:30 +02:00
Jouni Malinen
b5c6831201 Add preferred network offload (PNO) functionality
"SET pno <1/0>" ctrl_iface command can now be used to start/stop PNO
with sched_scan driver commands. This will request offloading of
scanning to find any of the enabled networks in the configuration.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 16:32:44 +02:00
Jouni Malinen
7c6a266ced Fix sched_scan filter_ssids setting for no filters case
The filter_ssids pointer needs to be set to NULL if no SSID filters
are set to avoid filtering out all scan results.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-28 15:19:41 +02:00
Jouni Malinen
dbfdb3927c Interworking: Verify that BSS information includes SSID
Better make sure that the SSID is available before dereferencing
the pointer to the SSID element.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 23:00:37 +02:00
Jouni Malinen
48f24f93a5 wpa_passphrase: Include SHA256 objects to fix some build combinations
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 22:17:41 +02:00
Jouni Malinen
ca84eed7ad TLS: Add build configuration for TLS v1.2 support
This allows the internal TLS implementation to be built for TLS v1.2
support. In addition to the build option, this changes the TLS PRF
based on the negotiated version number. Though, this commit does not
yet complete support for TLS v1.2.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 21:45:07 +02:00
Jouni Malinen
8307489840 Add implementation of TLS v1.2 PRF (P_SHA256)
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-27 21:10:06 +02:00
Dmitry Shmidt
e670738ae0 wpa_cli: Add action script call on P2P-GO-NEG-FAILURE events
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-11-25 23:56:18 +02:00
Dmitry Shmidt
8a5e75f60f P2P: Send STA connected/disconnected events to parent ctrl_iface
Send the connection events from P2P group to both the group interface
and parent interface ctrl_ifaces to make it easier for external monitor
programs to see these events without having to listen to all group
interfaces when virtual group interfaces are used.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-11-25 23:56:13 +02:00
Jouni Malinen
fcd1684787 Fix sched_scan filter setting for max_match_sets == 0
The previous implementation was trying to add the first SSID
to a zero-length array. Avoid this with an explicit validation
of the array length.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-25 18:12:04 +02:00
Jouni Malinen
0bf927a03e Use wpa_key_mgmt_*() helpers
This cleans up the source code and makes it less likely that new AKM
addition misses some needed changes in the future.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-24 22:47:46 +02:00
Jouni Malinen
8e8280bd5e Do not save an invalid network block in wpa_supplicant.conf
wpa_supplicant is going to reject a configuration file that uses
WPA/WPA2-Personal (the default key_mgmt), but does not define
passphrase/PSK. Refuse to save such a configuration to avoid getting
stuck with a configuration that wpa_supplicant will reject.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-24 22:47:32 +02:00
Jouni Malinen
a769b094d7 Do not write all zeros device_type
This is the default value if device_type is not set, so do not
write it to the wpa_supplicant configuration file when saving
updated configuration.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-24 22:22:16 +02:00
Dmitry Shmidt
6ce937b8cf Add 'get country' command
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-11-24 21:33:24 +02:00
David Spinadel
9a6ade33d4 wpa_cli: Correct return value of wpa_cli_cmd_p2p_peers
Signed-off-by: David Spinadel <david.spinadel@intel.com>
2011-11-24 21:19:52 +02:00
Dmitry Shmidt
20b2161d5b Android: Move WPA_BUILD check in Android.mk
This is part of commit e61a2d6db6113da5fad91660764afdb0596dbc46 from
Android wpa_supplicant_8.git.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-11-23 17:58:44 +02:00
Jeff Brown
4482f1fbc4 Android: Remove the simulator target from all makefiles
This is commit bbda627478b0e9a312fea4662cd7cd8d6bdf82bf from
Android wpa_supplicant_8.git.
2011-11-23 17:56:41 +02:00
Kel Modderman
ef992bbd3b wpa_gui-qt4: Improve scan results signal display
Display signal strength in dBm with visual indicator in the form of a
bar for scan results displayed by wpa_gui-qt4. Any signal > -35dBm is
treated as full signal bar, signals between range of -95<->-35dBm are
displayed linearly. Convert WEXT signal level value to scale that
nl80211 typically reports in dBm. The condition which differentiates
8-bit WEXT dBm and regular dBm is probably fragile, but there is
currently no way to know what the driver is going to report for signal
strength.

Signed-off-by: Kel Modderman <kel@otaku42.de>
2011-11-19 20:10:37 +02:00
Jouni Malinen
9dbf53fe35 P2P: Send Listen state Probe Response frames without retries
Use the no-ACK send_mlme request to transmit Probe Response frames
in P2P Listen state. This reduces number of unnecessary transmissions
if the peer device has already moved away from the channel. It will most
likely go through Search state multiple times anyway, so even if the
response were to be lost, a new retry will happen at higher layer.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-19 19:15:10 +02:00
Helmut Schaa
8cfa3527e1 Allow MLME frames to be sent without expecting an ACK (no retries)
In some situations it might be benefical to send a unicast frame without
the need for getting it ACKed (probe responses for example). In order to
achieve this add a new noack parameter to the drivers send_mlme callback
that can be used to advise the driver to not wait for an ACK for this
frame.

Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
2011-11-19 19:02:05 +02:00
Jouni Malinen
3f56f3a496 Do not try to add wildcard SSID into active sched_scan
Even though scan_ssid should not really be set for wildcard SSID,
better verify that here explicitly insead of assuming that the
SSID is set.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-19 17:01:53 +02:00
Johannes Berg
dd840f793c AP: Add explicit EAPOL TX status event
The new event can be used when EAPOL TX status can't be reported as a
complete 802.11 frame but is instead reported as just the EAPOL data as
originally passed to hapd_send_eapol().

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2011-11-19 13:00:30 +02:00
Alan T. DeKok
8205c82a48 wpa_supplicant: Make objects depend on the .config file
The source code compiles into different objects depending on
the contents of .config. Therefore, the objects should depend
on .config.

Previously, only the executables depended on .config. This meant
that they were re-linked when .config changed. But that relink
process used the old (and now wrong) objects.
2011-11-19 11:46:39 +02:00
Johannes Berg
6cad95db72 P2P: Simplify code in wpas_p2p_connect()
There's some duplicated code there that can be simplified
with just a single new variable.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2011-11-18 23:32:03 +02:00
Eyal Shapira
1966e3d1b7 sched scan: Fix passive scanning
Scan wasn't initiated in case the config contained only networks without
scan_ssid. In such a case we want scan to be initiated without any SSIDs
to actively scan but include all the SSIDs in the filter list. Also
added some debug logs to easily see which SSIDs were included in which
list.

Cc: Luciano Coelho <coelho@ti.com>
Signed-off-by: Eyal Shapira <eyal@wizery.com>
2011-11-18 23:05:57 +02:00
Jouni Malinen
19df9b0761 Mark local functions static
These functions are not used outside the file in which they are defined.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-18 21:53:36 +02:00
Jouni Malinen
0c7addc32c Include wpa_supplicant_i.h to verify function prototype match
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-18 21:41:37 +02:00
Jouni Malinen
2bb747e232 P2P: Cancel previous operation before starting new p2p_listen
Some drivers do not handle concurrent remain-on-channel operation
requests, so run p2p_stop_find() prior to starting p2p_listen. This
addresses some issues with P2P_LISTEN command being issues again
while already in Listen state.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-17 16:21:11 +02:00
Vasanthakumar Thiagarajan
0399f2e4e5 wpa_supplicant: Set configured auth_algs for AP mode
In AP mode, authentication algorithm is reset in
hostapd_config_defaults_bss() and never set to the configured one. This
would pass the default auth_algs (OPEN|SHARED) to driver regardless of
what the wpa_supplicant configuration is requesting.

Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com>
2011-11-16 16:30:36 +02:00
Jouni Malinen
39185dfa54 P2P: Wait until ongoing scan completes before starting P2P find
The P2P_FIND command was failing if it was issued at the moment when
a scan operation was in progress. Avoid returning failure in this
case by scheduling the P2P find to start once the ongoing scan is
completed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-15 21:28:35 +02:00
Jouni Malinen
7cb03b0eaf Android: Update libnl use to match with Android ICS
The libnl_2 library uses static linking and different path for
header files in the Android ICS release.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-15 18:37:10 +02:00
Jouni Malinen
c84443307b Android: Fix D-Bus P2P interface location in Android.mk
This was supposed to be in the new D-Bus interface block, not in
the old one.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-15 18:35:58 +02:00
Jouni Malinen
adc33680e3 Do not add P2P IE into Beacon/Probe Response if P2P is disabled
P2P IE was incorrectly added in wpa_supplicant AP mode even if P2P
function was not actually enabled.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-14 16:26:45 +02:00
Jouni Malinen
04ed4e984e AP: Only enable WPS for open and WPA/WPA2-Personal configuration
When wpa_supplicant AP mode is used, WPS was enabled by default
regardless of security mode. This is not desired for WEP, so change
the AP configuration to enable WPS only for open and WPA/WPA2-Personal
networks.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-14 16:16:29 +02:00
Jouni Malinen
a17539ebcd Remove unnecessary include file inclusion
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-13 22:13:04 +02:00
Jouni Malinen
c660b0c257 dbus: Remove unused default string for bridge_ifname
wpa_s->bridge_ifname is an array and cannot be NULL.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-13 20:54:44 +02:00
Jouni Malinen
9482426ede Add REAUTHENTICATE ctrl_iface command
This can be used to trigger EAPOL reauthentication which can be useful
for testing purposes.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-13 19:47:51 +02:00
Ben Greear
6c3771d7d5 Print human readable driver event names
This makes it easier to understand the event related logs.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2011-11-13 19:01:38 +02:00
Jouni Malinen
aea855d752 Move wpa_scan_results_free() into shared C file
Replace the inline helper function with a new C file that can be used
for common driver API related function.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-13 18:56:26 +02:00
Fu Yingang
a4cef16279 Correct a spelling mistake
The word "targer" in the comments for pending_bssid of
wpa_supplicant data structure should be "target".
2011-11-13 18:35:15 +02:00
Jouni Malinen
b6c8df695c Remove station functionality from hostap and madwifi driver wrappers
This has been obsoleted by the more generic Linux WEXT (driver_wext.c)
support. The hostap and madwifi driver wrappers can now be used only
with hostapd. The old station interface remains available in releases up
to 1.x.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-13 11:14:44 +02:00
Jouni Malinen
3962b65858 Remove unmaintained driver wrappers
The driver wrappers broadcom, iphone, osx, and ralink have not been
maintained for a while and it does not look like they will be in the
future either. As such, remove them from the development branch. The
previous versions will be included in older releases up to 1.x.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-13 10:57:46 +02:00
Jouni Malinen
39e7d718f6 ndis: Work around lack of C99 designated initializers in MSVC
Use a driver_ndis.c specific initialization function to fill in the
wpa_driver_ops information to make it easier to modify struct
wpa_driver_ops in the future. Being able to build driver_ndis.c
with MSVC was the only reason for having to maintain the same order
of function pointers in struct wpa_driver_ops and for having to
update driver_ndis.c for all changes in that structure.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-03 18:45:21 +02:00
Jouni Malinen
4877e1fcf9 wpa_cli: Fix compiler warnings on unused functions
Some of the parameter completion functions are only used if
CONFIG_P2P=y.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-03 18:02:28 +02:00
Jouni Malinen
67a5206482 Remove obsoleted Qt3-based wpa_gui
This code has not been maintained for years and there is no plan on
doing so either in the future. The Qt4-based wpa_gui-qt4 version can be
used as a replacement for this older wpa_gui version.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-03 17:48:31 +02:00
Jouni Malinen
2cc5ebdd33 dbus: Fix some build combination without new D-Bus interface
Include common/defs.h to get full enum definitions to avoid compiler
errors without CONFIG_CTRL_IFACE_DBUS_NEW.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-02 10:48:26 +02:00
Jouni Malinen
406edc84cb Fix Android library configuration with OpenSSL build
Commit bf9d5518d5 did not split
LOCAL_SHARED_LIBRARIES properly and ended up removing the needed
libraries.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-01 10:39:49 +02:00
Jouni Malinen
1bbff09ec5 Process RSN pre-authentication candidates when skipping roam
wpa_supplicant_rsn_preauth_scan_results() needs to be called to
update RSN pre-authentication candidates. This cannot be done before
the wpa_supplicant_connect() call on the first association, but when
trying to figure out whether to roam, it is fine to do so for the
case when roaming is skipped.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-10-30 22:37:12 +02:00
Jouni Malinen
aa820e02cc Clean up debug dump for scan results sorting
There is not much need for showing the interim qsort steps, so just show
the ordered results.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-10-30 21:08:34 +02:00
Gary Morain
577db0aedd Prefer 5 GHz networks over 2.4 GHz networks
In scan.c, merge a channel's noise value into the scan results. When
comparing scan results, compute the signal-to-noise ratio and use it
when available. Prefer a 5 GHz network if its SNR is really big (> 30)
or if its SNR is relatively close to the other network's.
2011-10-30 21:08:21 +02:00
Jouni Malinen
01a1749156 Fix TKIP countermeasures stopping in deinit paths
The eloop timeout to stop TKIP countermeasures has to be canceled
on deinit path to avoid leaving bogus timeouts behind.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-10-30 12:53:20 +02:00
Dan Williams
e9c3c1afed Implement control request replies for the D-Bus interface
Add a D-Bus mechanism for clients to respond to the NetworkRequest
signal.

Signed-off-by: Dan Williams <dcbw@redhat.com>
2011-10-30 12:04:24 +02:00
Dan Williams
7de5688d68 Make control response processing available to other control interfaces
The D-Bus interface wants to use it too, so it makes sense
to have it generic.

Signed-off-by: Dan Williams <dcbw@redhat.com>
2011-10-30 12:04:24 +02:00
Dan Williams
81c57e221d Add wpa_supplicant_ctrl_req_from_string()
Converts from a string to a control request enum when input
from a control interface is received. Will be used by a
subsequent patch.

Signed-off-by: Dan Williams <dcbw@redhat.com>
2011-10-30 12:04:24 +02:00
Dan Williams
a9022616ae dbus: Implement EAP SM control request signals
Add a D-Bus signal for EAP SM requests. This signal is emitted on the
Interface object so that clients only have to listen to one object for
requests rather than to all network objects. This signal is analogous
to the socket control interface's CTRL-REQ- request.

Signed-off-by: Dan Williams <dcbw@redhat.com>
2011-10-30 12:04:24 +02:00
Dan Williams
9ef1aaae24 Use an enum for EAP SM requests
Control requests will be extended for non-EAP uses later, so it makes
sense to have them be generic. Furthermore, having them defined as an
enum is easier for processing internally, and more generic for control
interfaces that may not use field names. The public ctrl_req_type /
field_name conversion function will be used later by the D-Bus control
interface too.

Signed-off-by: Dan Williams <dcbw@redhat.com>
2011-10-30 12:04:24 +02:00
Jouni Malinen
a6d94e1b56 Skip rate set matching if BSS frequency is not known
At least with driver_test.c, the BSS table may not include frequency
information. In such a case, we need to skip rate set matching during
BSS selection to avoid rejecting valid AP.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-10-30 11:46:13 +02:00
Jouni Malinen
d1dd48e3c9 P2P: Indicate scan during group formation as P2P probe
The interface may not yet have been set to P2P client mode immediately
after GO Negotiation when doing the scan before association request.
Consequently, the scan request in this state has to specify that the
specific P2P probe mode is used to disable IEEE 802.11b rates.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-10-29 23:02:47 +03:00
Jouni Malinen
97bcd562eb Remove disable_11b_rates() driver_ops
This function was used unconditionally if wpa_supplicant build
includes CONFIG_P2P=y. Adding a separate driver_ops for such use
is not really useful since the driver wrappers can do the same
internally. Remove this driver_ops and move matching functionality
into driver_nl80211.c which was the only driver wrapper using
this driver_ops callback.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-10-29 22:25:28 +03:00
Jouni Malinen
b106173a82 Add no_cck parameter for send_action() driver_ops
This can be used to apply the no-CCK rule conditionally depending on
which frame is being sent. The no-CCK rule applies only for P2P
management frames while SA Query and FT use cases do not have similar
restrictions.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-10-29 21:49:46 +03:00
Daniel Drake
4483f23e15 dbus: Raise PropertiesChanged on org.freedesktop.DBus.Properties
wpa_supplicant dbus objects are currently difficult to use with
GDBusProxy. This is because they do not follow the dbus standard in
emitting the PropertiesChanged signal on the standard D-Bus properties
interface, so GDBusProxy stores stale property values.

Fix this by raising PropertiesChanged on the standard interface.
For backwards compatibility, the existing custom PropertiesChanged
signals are not removed; I anticipate them being removed in a future
major release.

See
http://lists.freedesktop.org/archives/dbus/2011-August/014593.html
for more info.

Signed-off-by: Daniel Drake <dsd@laptop.org>
2011-10-29 19:26:33 +03:00
Jouni Malinen
767885423b wpa_cli: Argument completion for p2p_group_remove
Track active P2P groups and complete p2p_group_remove argument.
2011-10-28 23:59:13 +03:00
Jouni Malinen
a624f20bcd wpa_cli: Add completion functions for P2P peers and BSSes
Keep a local list of found P2P peers and BSS entries and use those
to complete arguments for p2p_peer, p2p_connect, and bss commands.
2011-10-28 23:50:37 +03:00
Jithu Jance
b49d6ccb74 P2P: Fix frequency in the P2P_EVENT_GROUP_STARTED event
P2P Client did not show correct frequency in the control interface
event P2P_EVENT_GROUP_STARTED. Fix that by using the frequency from
the BSS table or association event.
2011-10-28 22:26:30 +03:00
Jithu Jance
3074d8f12d P2P: Notify device expiry via P2P-DEVICE-LOST event
This patch will notify applications listening over control socket about
the device expiry [from p2p peer list].
2011-10-28 22:13:18 +03:00
Jouni Malinen
8271f14a4d Automatically include WPS and AP support if P2P is enabled
CONFIG_WPS=y and CONFIG_AP=y are required if CONFIG_P2P=y so
we may as well enable them automatically in that case.
2011-10-28 21:17:08 +03:00
Jithu Jance
2d4f15d683 P2P: Stop any on-going "p2p_find" on creating an Autonomous GO
This patch stops any on-going "p2p_find" on creating an Autonomous GO.
This is already taken care in case of invoking a persistent GO. GO as
such will be advertising via the beacons for other devices to discover.
So normally the GO doesn't need to do a p2p_find until and unless it
wants to invite a P2P Client. In case of Invite scenario, logically it
is better to do a explicit discover [via user intervention] after the GO
is created. This patch will help to reduce battery wastage [due to
p2p_find operations] in scenarios where user creates a GO and doesn't
initiate a connection.
2011-10-26 01:28:51 +03:00
Jithu Jance
5cbd88d921 P2P: Fix wpa_supplicant crash on P2P WPS PBC overlap case
Once PBC overlap detected when using dynamic group interfaces, the wpa_s
corresponding to P2P group interface is freed. This patch avoids
accessing the wpa_s data structure after it is freed. This fixes a
possible crash in P2P client role in such a case.
2011-10-24 23:37:39 +03:00
Jouni Malinen
acc247b260 P2P: Advertise Persistent Reconnect group capability
The persistent_reconnect configuration parameter was used to decide
whether to accept invitation to re-establish a persistent group.
However, this was not being advertised in the Group Capability bitmap.
Add the Persistent Reconnect bit based on this configuration to GO
Negotiation frames and Beacon/Probe Response frames from the GO.
2011-10-24 17:29:37 +03:00
Arik Nemtsov
2d565a61f2 TDLS: Support mgmt-frame Tx for ctrl-iface operations
Use capability information to decide whether to perform a given TDLS
operation internally or through mgmt-frame Tx.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:20:43 +03:00
Arik Nemtsov
45b722f150 TDLS: Add peer as a STA during link setup
Before commencing setup, add a new STA entry to the driver representing
the peer. Later during setup, update the STA entry using information
received from the peer.

Extend sta_add() callback for adding/modifying a TDLS peer entry and
connect it to the TDLS state machine. Implement this callback for the
nl80211 driver and send peer information to kernel.

Mark TDLS peer entries with a new flag and translate it to a
corresponding nl80211 flag in the nl80211 driver.

In addition, correct TDLS related documentation in the wpa_driver_ops
structure.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:19:35 +03:00
Arik Nemtsov
8f15f711c5 TDLS: Implement low-ack event for lost TDLS peers
Disable the direct connection when a TDLS peer stops responding
to packets, as indicated by the "LOW ACK" event coming from a driver.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:19:08 +03:00
Arik Nemtsov
7de27409a2 TDLS: Support sending a teardown frame from usermode
When a driver does not implement the TDLS_TEARDOWN operation internally,
send an explicit TDLS link teardown frame to the driver.

Change all teardown calls to use these calling semantics.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:18:49 +03:00
Arik Nemtsov
35287637cc TDLS/nl80211: Support receiving TDLS discovery response frames
Register for the TDLS discovery response public action frame in nl80211.
Print out a debug message when a Discovery Resp frame is received and
validated.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:18:35 +03:00
Arik Nemtsov
c58ab8f249 TDLS: Get TDLS related capabilities from driver
Put glue code in place to propagate TDLS related driver capabilities to
the TDLS state machine.

If the driver doesn't support capabilities, assume TDLS is supported
internally.

When TDLS is explicitly not supported, disable all user facing TDLS
operations.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:15:15 +03:00
Arik Nemtsov
ba3936d990 TDLS: Support setting CONFIG_TDLS_TESTING in .config
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
2011-10-23 22:14:31 +03:00
Jouni Malinen
edc3a7c414 Remove unused driver_ops client MLME functions
These driver_ops functions set_channel, set_ssid, set_bssid,
mlme_add_sta, and mlme_remove_sta were used with the user space
MLME implementation in wpa_supplicant. That was only for testing
purposes and was removed, but these driver_ops were forgotten.
Remove them now to remove confusing driver_ops definitions.
2011-10-23 20:07:57 +03:00
Christian Lamparter
e1e8cae3c7 wpa_supplicant: Check rate sets before joining BSS
IEEE Std 802.11-2007 7.3.2.2 demands that in order to join a BSS all
required basic rates have to be supported by the hardware.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
2011-10-23 17:21:50 +03:00
Christian Lamparter
6bf731e8ce wpa_supplicant: Unify hardware feature data
The hardware feature data is required in several different places
throughout the code. Previously, the data was acquired and freed on
demand, but with this patch wpa_supplicant will keep a single copy
around at runtime for everyone to use.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
2011-10-23 17:21:50 +03:00
Jouni Malinen
7756114f6a Postpone global_init() call until first driver instance is initialized
This avoids allocating global driver state for driver wrappers that
are built in but not used. This can save some resources and avoids
failures with driver_nl80211.c that is now initializing netlink
connections for nl80211 in global_init().
2011-10-23 13:20:52 +03:00
Grant Erickson
80267c9cec dbus: Removed unused local variable
Signed-off-by: Grant Erickson <marathon96@gmail.com>
2011-10-23 12:36:04 +03:00
Jouni Malinen
b832d34c48 Comment out scard initialization code if PCSC_FUNCS is not set 2011-10-23 12:24:36 +03:00
Jouni Malinen
17fbb751e1 Remove user space client MLME
This code was used only with driver_test.c to allow MLME operations
in hostapd to be tested without having to use a real radio. There
are no plans on extending this to any other use than testing and
mac80211_hwsim has now obsoled the need for this type of testing.
As such, we can drop this code from wpa_supplicant to clean up the
implementation of unnecessary complexity.
2011-10-22 22:45:38 +03:00
Andrii Bordunov
745e8aba69 Add CONFIG_WPS_REG_DISABLE_OPEN to defconfig 2011-10-22 22:24:34 +03:00
Andrii Bordunov
2c4f80d519 WPS: Use ifdef blocks consistently for CONFIG_WPS_REG_DISABLE_OPEN
The registrar variable is used only if this macro is defined, so no
need to set it otherwise.
2011-10-22 22:21:53 +03:00
Andrii Bordunov
d5695081c2 wpa_priv: Link in trace.o to fix CONFIG_WPA_TRACE build 2011-10-22 22:18:54 +03:00
Jouni Malinen
8d2639127f wpa_priv: Link in ieee802_11_common.o if driver_nl80211 is used 2011-10-22 22:17:41 +03:00
Andrii Bordunov
f7fcfc347c wpa_priv: Update function arguments to fix compilation 2011-10-22 22:11:40 +03:00
Jouni Malinen
9e0e6902a2 Share a single wpa_scan_results_free() implementation
There is not really a very good location for this anywhere, but the
function is small enough to live as an inline function for now.
2011-10-22 22:09:40 +03:00
Dmitry Shmidt
48f8e03622 Prevent ap_scan change during association
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-10-21 19:00:18 +03:00
Dmitry Shmidt
8f5b9aa19a Set ANDROID_LOG_NAME depending on application
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-10-21 18:59:42 +03:00
Dmitry Shmidt
9aa10e2b27 Add blacklist command
This command allows an external program manage the BSS blacklist
and display its current contents.

Note: The blacklist is considered to be internal mechanism within
wpa_supplicant and changing it can have unexpected results.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-10-21 18:59:16 +03:00
Jouni Malinen
11540c0b21 Interworking: Allow ANT to be configured for Probe Request frames
Access Network Type can now be configured (default: 15 = wildcard) to
limit which APs reply to the scan.
2011-10-21 12:44:29 +03:00
Johannes Berg
9b90955ec7 AP: Pass only bssid/addr/wds to EVENT_RX_FROM_UNKNOWN 2011-10-20 21:51:32 +03:00
Jouni Malinen
8c0d3b4fc6 Fix segfault on error path if driver initialization fails
wpa_s->wpa is NULL in this case and we better not call WPA state
machine functions.
2011-10-20 21:10:22 +03:00
Johannes Berg
bcf24348ed AP: Do station poll in driver wrapper
This offloads the station polling to driver wrappers, which may offload
it again to the driver. The hostap driver wrapper uses "real" data
frames while nl80211 uses null data frames.

Also add a specific event to indicate that a poll was successful for
future use with the nl80211 driver.
2011-10-20 21:03:08 +03:00
Jouni Malinen
7a25f29d89 Interworking: Use unsigned integer for bitfield
Signed integer with one-bit value does not make much sense, so clean
this up by using an unsigned integer instead.
2011-10-20 20:49:21 +03:00
Dmitry Shmidt
0597a5b59d Add log_level command
This can be used to display the current debugging level and to change
the log level during run time.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-10-18 22:53:46 +03:00
Jouni Malinen
67e838fd0c Android: Sync Android.mk with recent Makefile changes 2011-10-18 17:15:36 +03:00
Jouni Malinen
3c11382b6c Remove set_intra_bss() driver_ops
This has been replaced by the isolate parameter available through
set_ap() calls.
2011-10-17 23:04:27 +03:00
Jouni Malinen
062390efd4 Start deprecating various AP mode driver_ops
The preferred way of configuring AP mode will be to use set_ap() instead
of number of separate operations hostapd has collected over the years.
2011-10-17 18:35:25 +03:00
Mahesh Palivela
d4370eac2e Move SA Query mechanism into a file that can be shared more easily
This is the first step in allowing SA Query mechanism in hostapd to be
used with drivers that implement authentication and association MLME/SME
(i.e., do not use ieee802_11.c).
2011-10-17 17:33:17 +03:00
Jouni Malinen
2a4b98a912 Interworking: Document network selection parameters 2011-10-16 23:55:34 +03:00
Jouni Malinen
3b840b6748 Interworking: Support for using EAP-SIM credentials in network selection
New configuration parameters home_imsi and home_milenage can be used
to configure SIM/USIM simulator parameters for network selection based
on SIM/USIM credentials.

home_imsi=(MCC | MNC | '-' | rest of IMSI)
home_milenage=(Ki):(OPc):(SQN)

For example:
home_imsi=310026-000000000
home_milenage=90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123
2011-10-16 23:55:34 +03:00
Jouni Malinen
67e1b98463 Interworking: Support username/password based network selection
Add support for network selection for username/password credentials with
EAP-TTLS and EAP-PEAP. The new global configuration parameters
home_username, home_password, and home_ca_cert can be used to specify
credentials for network selection.
2011-10-16 23:55:34 +03:00
Jouni Malinen
73c41a8fab Interworking: Parse NAI Realms and match against home realm 2011-10-16 23:55:34 +03:00
Jouni Malinen
b02fe7ff32 Interworking: Add commands for network selection
This adds the basic mechanism for running through network selection:
scan, ANQP fetch, network selection, and connection. Actual rules for
network selection and the creation of the network block are still
missing, but will be added in separate commits.
2011-10-16 23:55:34 +03:00
Jouni Malinen
afc064fe7a Interworking: Add ANQP query requests
Add mechanism for using GAS/ANQP to query Interworking related
information from APs. The received information is stored in the BSS
table and can be viewed with ctrl_iface BSS command.

New ctrl_iface command ANQP_GET can be used to fetch ANQP elements from
a specific AP. Additional commands FETCH_ANQP and STOP_FETCH_ANQP can be
used to initiate and stop an iteration through all APs in the BSS table
that indicate support Interworking to fetch ANQP elements from them.
2011-10-16 23:55:34 +03:00
Jouni Malinen
40eac89023 wpa_cli: Make second argument to set command optional
This can be used to indicate zero length value.
2011-10-16 23:55:34 +03:00
Jouni Malinen
71269b3708 WNM: Add BSS Transition Management Request for ESS Disassoc Imminent
"hostapd_cli ess_disassoc (STA addr) (URL)" can now be used to send
an ESS Dissassociation Imminent notification to the STA. This event
is shown in wpa_supplicant ctrl_iface monitors (e.g., wpa_cli):
"WNM: ESS Disassociation Imminent - session_info_url=http://example.com/session/"
2011-10-16 23:55:34 +03:00
Jouni Malinen
92cbcf9128 Add Extended Capability element to AssocReq for Interworking
If Interworking is enabled, add Extended Capability element to
(Re)Association Request frames to indicate support for Interworking.
2011-10-16 23:55:34 +03:00
Jouni Malinen
46ee0427b1 IEEE 802.11u: Allow Interworking and HESSID to be configured
The new wpa_supplicant.conf file global parameters interworking and
hessid can be used to configure wpa_supplicant to include
Interworking element in Probe Request frames.
2011-10-16 23:55:34 +03:00
Jouni Malinen
cc81110d55 Fix location of P2P indication flag in BSS ctrl_iface output 2011-10-16 18:25:35 +03:00
Gurumoorthi Gnanasambandhan
783fcb7d03 Allow drivers to indicate WPS push button in station mode
EVENT_WPS_BUTTON_PUSHED wpa_supplicant_event can now be used in
station mode driver_*.c to indicate that a push button has been
pushed. This will activate WPS PBC mode.
2011-10-16 18:05:55 +03:00
Jouni Malinen
298716b495 Convert signed bit field to unsigned one
It's cleaner to use unsigned bit field with one bit values.
2011-10-16 13:21:54 +03:00
Jouni Malinen
b02897e70b dbus: Fix potential memory leak with unexpected p2p_find calls
Should the RequestedDeviceTypes entry show up multiple times, the
previously allocated buffer would have been leaked.
2011-10-16 13:19:33 +03:00
Jouni Malinen
86c6626c5b Remove unnecessary wpa_s == NULL validation
wpa_s cannot be NULL here (it is already dereferenced above and
all the callers pass a valid pointer anyway).
2011-10-16 13:16:21 +03:00
Luciano Coelho
6a90053cdf Add delayed scheduled scan request
When initializing, the scheduled scan code was being called before
everything is ready. With normal scans, the first scan round is
delayed, so the initialization is finished by the time it really
starts.

Add a function that can be used to request a delayed scheduled scan.
The scan will only start after the specified time has elapsed. Call
this function instead of starting the scheduled scan directly during
driver initialization.

Signed-off-by: Luciano Coelho <coelho@ti.com>
2011-10-15 18:53:14 +03:00
Luciano Coelho
b59e6f267b Add filter support to scheduled scans
Pass SSIDs to be matched in scheduled scan results. Only the SSIDs
that are included in the match lists will be reported by the driver,
so the filtering can be offloaded to the hardware and the power
consumption can be reduced.

Signed-off-by: Luciano Coelho <coelho@ti.com>
2011-10-15 18:53:14 +03:00
Luciano Coelho
a4cba8f1e2 Use sched_scan in driver init
This patch uses sched_scan, if available, when the driver is
initialized. It also adds a couple of cancel operations where
appropriate.

Signed-off-by: Luciano Coelho <coelho@ti.com>
2011-10-15 18:53:13 +03:00
Luciano Coelho
cbdf3507e9 Add scheduled scan driver operations
In new Linux kernel versions (>=3.0), nl80211 adds scheduled scan
capability. In order to use this feature to its full extent, we need
to support it in the wpa_supplicant core, so that it can also be used
by other drivers.

This commit adds initial scheduled scan support operations and events.

Signed-off-by: Luciano Coelho <coelho@ti.com>
2011-10-15 18:53:13 +03:00
Luciano Coelho
5f738a21a6 Reorganize P2P and WPS scan code
Move some code to separate functions to reorganize the P2P and WPS
handling during scans. This makes the code a bit cleaner and is
needed for the scheduled scan implementation to avoid duplicated code.

Signed-off-by: Luciano Coelho <coelho@ti.com>
2011-10-15 18:53:13 +03:00
Janusz Dziedzic
a7fd39bb5d P2P: Cleanup AP callbacks when removing the group
Clear the P2P GO callback parameters when removing the group to avoid
using these for non-P2P AP mode.

This is a fix for the bug I found in the following scenario:

A) p2p_group_add
A) p2p_group_remove wlan0
A) add_n
A) set_n 0 ssid "testap"
A) set_n 0 key_mgmt NONE
A) set_n 0 mode 2
A) set_n 0 frequency 2412
A) enable_n 0

B) try connect to testap

Authentication request will be always rejected because of
HOSTAPD_ACL_REJECT and not cleaned callbacks when group removed.
2011-10-12 21:06:39 +03:00
Mohamed Abbas
0098ce6d29 dbus: Export max scan ssids supported by driver
This is needed for network managers that want to know how
many SSIDs they can scan at the same time.
2011-10-02 13:27:09 +03:00
Jithu Jance
2a6f78fbbe Do not re-associate on SELECT_NETWORK to current network
Signed-off-by: Jithu Jance <jithu@broadcom.com>
2011-10-02 13:12:43 +03:00
Zhi Chen
7d232e23e2 Allow wildcard SSID to be used with WPA-PSK if bssid is set
This allows the AP to be selected based on the BSSID when WPA-PSK
is used with a passphrase. The PSK will be derived from the passphrase
after the SSID has been learned from scan results.
2011-09-30 22:05:44 +03:00
Jouni Malinen
24f6497c34 GAS: Use off-channel operations for requests
This separates off-channel Action frame TX/RX from P2P into a generic
implementation that can now be used both for P2P and GAS needs.
2011-09-29 22:19:51 +03:00
Jouni Malinen
04ea7b7947 GAS: Add a generic GAS query module
This implements GAS request mechanism that is aimed at being used to
replace use case specific GAS/ANQP implementations in the future.
Compared to the earlier implementation in P2P SD, this implementation
includes support for multiple concurrent requests and more thorough
validation of frames against the pending query data.

GAS header processing, including comeback and reassembly, are handled
within gas_query.c and the users of this module will only need to
provide the Query Request and process the (possibly reassembled)
Query Response.
2011-09-29 22:19:15 +03:00
Jouni Malinen
0c840c33f7 Move GAS/ANQP build routines to a separate file from P2P
GAS/ANQP is a generic protocol and in no way specific to P2P, so move
routines used to build GAS/ANQP frames to a separate file that can be
shared for other uses than just P2P service discovery.
2011-09-29 22:18:46 +03:00
Jouni Malinen
206e1f422f P2P: Provide mechanism for figuring out p2p_scan_ie() buffer need
The new function, p2p_scan_ie_buf_len(), can be used to figure out
how large a buffer needs to be allocated for p2p_scan_ie() use. This
makes it easier to add new data into the buffer without forcing all
callers to be updated to use a larger buffer.
2011-09-29 22:18:23 +03:00
Jouni Malinen
303f60d39b P2P: Do not request station mode scans during P2P operations
The P2P search mechanism depends on the same scan functionality that
is used for station mode scans. If these operations are being used
at the same time, scan result processing is not handled properly.
Avoid unexpected behavior by delaying station mode scan requests
if a P2P operation is in progress.

Among other things, this allows the station mode connection attempt
to be continued after a P2P find or group formation has been completed
if the interface is available (i.e., when the P2P group uses a
separate virtual interface).
2011-09-29 16:53:55 +03:00
Jouni Malinen
0c96fd6d03 P2P: Do not leave P2P scan handler registered if scan fails
If the initial attempt to start a scan for p2p_find fails, an error
is reported. However, the P2P scan handler and search state was
left behind. That can result in unexpected behavior when the next
non-P2P scan results are indicated. Avoid this by clearing the
P2P search state on failure.
2011-09-29 16:52:23 +03:00
Jouni Malinen
0096c42740 Do not enable bgscan when driver takes care of BSS selection
There is no need to request periodic bgscans when the driver claims
to have capability for roaming within ESS. Ignoring the bgscan
configuration allows the same configuration file to be used both
with drivers the handle roaming and with drivers that don't.
2011-09-26 15:17:01 +03:00
Jouni Malinen
22628eca34 Support driver-based BSS selection in ap_scan=1 mode
If the driver indicates that it supports BSS selection (including
roaming within an ESS) with WPA_DRIVER_FLAGS_BSS_SELECTION, modify
ap_scan=1 mode to behave like ap_scan=2 mode for BSS selection.

The initial scan is still done to avoid the need for strict
configuration of or security parameters (e.g., to figure out whether
TKIP or CCMP is being used as the group cipher). However, when
requesting the driver to connect, the bssid and freq parameters are
not provided to leave the driver in control of selecting which BSS
to use and to allow the driver to decide when to roam.
2011-09-26 14:57:23 +03:00
Jouni Malinen
fd2f2d0489 Remove EAP-TTLSv1 and TLS/IA
These protocols seem to be abandoned: latest IETF drafts have expired
years ago and it does not seem likely that EAP-TTLSv1 would be
deployed. The implementation in hostapd/wpa_supplicant was not complete
and not fully tested. In addition, the TLS/IA functionality was only
available when GnuTLS was used. Since GnuTLS removed this functionality
in 3.0.0, there is no available TLS/IA implementation in the latest
version of any supported TLS library.

Remove the EAP-TTLSv1 and TLS/IA implementation to clean up unwanted
complexity from hostapd and wpa_supplicant. In addition, this removes
any potential use of the GnuTLS extra library.
2011-09-25 21:28:32 +03:00
Jouni Malinen
5c47af9a7a TLS: Add support for TLS v1.1 (RFC 4346) with internal TLS
This is disabled by defautl and can be enabled with CONFIG_TLSV11=y
build configuration parameter.
2011-09-25 17:24:46 +03:00
Reinette Chatre
97a8cbb88d D-Bus/P2P: Treat PIN as string
wpa_supplicant returns the PIN in reply to the connect method. Treating
this value as an integer runs the risk of not returning the correct
value if the first digit(s) happens to be a zero(es). To return the
correct PIN it needs to be returned as a string.

Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
2011-09-22 01:17:09 +03:00
Janusz Dziedzic
a57db49c32 wpa_supplicant: AP mode, set drv_flags
In AP/P2P_GO mode we should have correct hostapd drv_flags.
2011-09-22 01:05:01 +03:00
Reinette Chatre
1755b61679 D-Bus/P2P: Support all discovery types
The default discovery type is to search for devices only on social
channels. Expand this to also support an initial full scan followed by the
scan of social channels as well as the progressive scan that scans through
all the channels in the Search state rounds. This does not change the
default of scanning only social channels although there is currently a
discrepancy wrt the default used by wpa_cli, which is the full scan first.

Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
2011-09-22 01:01:20 +03:00
Reinette Chatre
af9d709019 D-Bus: Fix memory leak when using array of array of bytes
When parsing a dict entry which is an array of an array of bytes the entry
representing the dict entry has DBUS_TYPE_ARRAY as its type and
WPAS_DBUS_TYPE_ARRAY as its array_type. The function freeing this parsed
data incorrectly tested the entry type for WPAS_DBUS_TYPE_ARRAY while doing
no testing of this value for array_type. This results in a memory leak
whenever a D-Bus message with this type of data is parsed.

Messages affected are:
fi.w1.wpa_supplicant1.Interface.P2PDevice
	using RequestedDeviceTypes with Find method
	using SecondaryDeviceTypes or VendorExtension with P2PDeviceProperties

fi.w1.wpa_supplicant1.Group
	using WPSVendorExtensions with Properties property

All of the above messages are parsed with the same function,
wpa_dbus_dict_get_entry, so the assignment of the entry's type and
array_type is consistent. The parsed data is also consistently freed with
the same function, wpa_dbus_dict_entry_clear, so we can use the same checks
to free the data correctly.

Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
2011-09-22 01:01:20 +03:00
Johannes Berg
3a26a2c9df P2P: Fix action done handling for driver-based off-channel TX
The action done handling needs to abort an off-channel period since one
might have been used for example for GO negotiation and after action
done the code assumes it can start a new off-channel period.

This fixes a bug I introduced when adding support for
in-kernel off-channel transmissions.

Reported-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-09-22 00:57:27 +03:00
Pavel Roskin
ffbf1eaa26 Fix typos found by codespell
Signed-off-by: Pavel Roskin <proski@gnu.org>
2011-09-22 00:43:59 +03:00
Jouni Malinen
1b414f59fc eapol_test: Add option for writing server certificate chain to a file
eapol_test command line argument -o<file> can now be used to request
the received server certificate chain to be written to the specified
file. The certificates will be written in PEM format. [Bug 391]
2011-09-17 22:42:54 +03:00
Jouni Malinen
7c444f3c12 Fix proactive_key_caching configuration to WPA code
The proactive_key_caching parameter was missed in mapping the
config_ssid data into the WPA state machine configuration. This
prevented addition of PMKSA cache entries based on PMKSA caching
candidate events.
2011-09-16 18:44:06 +03:00
Jouni Malinen
6bcb1c2ba5 wpa_supplicant AP: Set static WEP keys if configured
This is needed to configure static WEP keys to the driver through the
hostapd configuration structures.
2011-09-15 15:04:46 +03:00
Jouni Malinen
697cd03fc2 AP: Set pairwise/group cipher for non-WPA modes
This is needed to avoid confusing configuration in some nl80211
drivers that the new AP mode configuration alternatives for
setting security policy.
2011-09-15 15:02:59 +03:00
Rajkumar Manoharan
47185fc788 P2P: Remove CCK supported rates when running P2P scan
This allows drivers to disable CCK rates from Probe Request frames.
For nl80211, this is currently applying only to the supported rates
element(s), but this mechanism could be extended to address TX rate
control masking, too, to lessen need for global rate disabling.

Signed-off-by: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
2011-09-10 22:40:30 +03:00
Edward Lu
cf546f1a03 Make sure wpa_proto gets cleared for WPS and non-WPA connections
This is needed to fix the wpa_proto association parameter for drivers
that select AP based on security parameters internally.
2011-09-08 17:51:08 +03:00
Jouni Malinen
07fecd3915 P2P: Remove Label config method
The P2P specification (3.1.4.3) disallows use of the Label configuration
method between two P2P devices. This was previously enforced at upper
level, but the obsolete code can be removed from wpa_supplicant. This
adds a bit more strict enforcement of the policy, but should not result
in practical differences since no known P2P implementation uses Label
config method.
2011-09-08 16:40:03 +03:00
Jouni Malinen
d8a790b922 Flush PMKSA cache entries and invalidate EAP state on network changes
If a network configuration block is removed or modified, flush
all PMKSA cache entries that were created using that network
configuration. Similarly, invalidate EAP state (fast re-auth).

The special case for OKC on wpa_supplicant reconfiguration
(network_ctx pointer change) is now addressed as part of the
PMKSA cache flushing, so it does not need a separate mechanism
for clearing the network_ctx values in the PMKSA cache.
2011-09-07 17:46:00 +03:00
Jouni Malinen
f3857c2e6a Call wpas_notify_network_removed() on REMOVE_NETWORK
This was done for the case where all networks are being removed,
but the case where a single network is removed was forgotten.
2011-09-07 17:44:00 +03:00
Jouni Malinen
5e67037b3a Fix SIM/USIM simulator build to include AES encryption function 2011-09-07 16:17:08 +03:00
Jouni Malinen
98aa7ca5d8 WPS: Add 'wpa_cli wps_pin get' for generating random PINs
This can be used, e.g., in a UI to generate a PIN without
starting WPS (or P2P) operation.
2011-09-02 21:29:06 +03:00
Jouni Malinen
64fa840a97 nl80211: Fix WPA_VERSIONS attribute for Connect command
The previous code was trying to figure out which WPA version is
used based on the extra IEs requested for Association Request. That
did not work properly in cases where non-WPA networks are used with
some extra IEs. Fix this by using more robust mechanism for passing
the WPA versions from core wpa_supplicant to the driver_ops
associate().
2011-09-02 20:40:23 +03:00
Jouni Malinen
bf9d5518d5 Android: Include libcrypto and libssl only if CONFIG_TLS=openssl 2011-09-02 16:51:00 +03:00
Jouni Malinen
f4a0a82ca6 Reduce debug verbosity on global ctrl_iface PING command
This matches with the earlier change that did the same for the
per-interface ctrl_iface commands.
2011-09-01 18:16:37 +03:00
Bharat Chakravarty
a9355fac5f WPS: Set Probe Request config methods based on configuration
Instead of hardcoding the Config Methods attribute value in Probe
Request frames, set this based on the configured parameter
config_methods to allow correct set of methods to be advertised.
2011-09-01 15:24:45 +03:00
Bharat Chakravarty
6fb6d842bb WPS: Set RF bands based on driver capabilities
Instead of hardcoding support for both 2.4 GHz and 5 GHz bands,
use driver capabilities to figure out which bands are supported.
2011-08-31 17:53:55 +03:00
Jouni Malinen
19c3b56685 Replace set_beacon() driver op with set_ap()
This change is a first step in better supporting different driver
architectures for AP mode operations with nl80211. This commit in
itself does not add new functionality, but it makes it easier to add
new AP mode parameters to address needs of drivers that have more of
the MLME/SME in firmware or kernel.
2011-08-10 13:22:37 +03:00
Dan Williams
e9ae405907 dbus: Do not segfault if P2P is disabled
Various pieces of the P2P code assume that P2P is enabled, so make
the D-Bus code not call the P2P stuff if P2P is disabled. Also
ensures that if P2P is disabled a suitable error is returned to
the D-Bus caller.

Signed-off-by: Dan Williams <dcbw@redhat.com>
2011-08-07 11:21:52 +03:00
Jouni Malinen
3320666494 dbus: Remove separate access variable from properties
The read, write, read-write permissions can be figured out from
getter/setter function pointers, so there is no need for maintaining
that information separately.
2011-08-07 11:16:05 +03:00
Eliad Peller
d26e45a44a wpa_supplicant AP: Enable uapsd in P2P GO mode if go_apsd was set
If uapsd is explicitly enabled, set conf->bss->wmm_enabled and
conf->bss->wmm_uapsd to enable (and advertise) uapsd.

Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Arik Nemtsov <arik@wizery.com>
2011-08-06 22:08:38 +03:00
Jayant Sane
e261d5a9a6 DBus/P2P: Return Primary and Secondary device types as bytes
These properties are already correctly treated as bytes for the local
device, we need to do same for peers.

Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
2011-08-06 21:34:11 +03:00
Dan Williams
6aeeb6fa21 dbus: clean up new D-Bus interface getters and setters
A number of fixes/improvements here:

1) Remove casting of getter/setter function types which allows
us to change the prototypes in the future and not have hard-to-find
runtime segfaults

2) Instead of having the getters create a fake reply message which
then gets its arguments copied into the real reply message, and is
then disposed, just pass message iters around and have them add
their arguments to the message itself

3) For setters, just pass in the message iter positioned at the
start of the argument list, instead of each setter having to skip
over the standard interface+property name

4) Convert error handling to use DBusError and return the error
back down through the call stacks to the function that will
actually send the error back to the caller, instead of having a
fake DBusMessage of type DBUS_MESSAGE_TYPE_ERROR that then
needs to have the error extracted from it.

But most of all, this fixes various segfaults (like rh #725517
and #678625) which were caused by some functions deep down in the
getter callpaths wanting a source DBusMessage* when the getters were
used for two things: signals (which don't have a source DBusMessage)
and methods (which will have a source DBusMessage that's being
replied to).  This duality made the code fragile when handling
errors like invalid IEs over the air.

Signed-off-by: Dan Williams <dcbw@redhat.com>
2011-07-29 21:25:39 +03:00
Jouni Malinen
03948f423f Add CONFIG_IEEE80211N to wpa_supplicant defconfig
This is needed for AP mode functionality with some drivers.
2011-07-18 21:34:25 +03:00
Jouni Malinen
ffad885837 P2P: Set p2p auth/assoc parameter based on connection type
Fix the previous code that was hardcoding the p2p parameter based
on the driver P2P capability regardless of whether the connection
was really used for P2P or not.
2011-07-17 20:52:49 +03:00
Eliad Peller
2f4f73b154 nl80211: Change vif type to P2P_CLI upon P2P authentication
Currently, wpa_driver_nl80211_authenticate() changes the interface type
to station. However, in case of P2P, we need to change the interface
type to P2P_CLI.

Add p2p field to the authentication params, and consider it for choosing
the correct interface type.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2011-07-17 20:25:58 +03:00
Jouni Malinen
7b7ce8aa13 Deauthenticate on reconfiguration
This makes sure that the old connection is not maintained if the new
configuration does not allow it anymore. In addition, it is better to
use wpa_supplicant_clear_connection() instead of just clearing
wpa_s->current_ssid here to keep things in sync.
2011-07-16 16:57:11 +03:00
Jouni Malinen
018a309a94 Drop oldest unknown BSS table entries first
When the BSS table size limit has been reached, drop first the oldest
BSS entries for which there is not a matching network in the
configuration based on SSID (wildcards are ignored). This makes it
less likely to hit connection issues in environments with huge number
of visible APs.
2011-07-16 13:22:58 +03:00
Jouni Malinen
04a85e4401 P2P: Filter Probe Request frames based on DA and BSSID in Listen state
Only accept Probe Request frames that have a Wildcard BSSID and a
destination address that matches with our P2P Device Address or is the
broadcast address per P2P specification 3.1.2.1.1.
2011-07-15 20:28:46 +03:00
Johannes Berg
6cd930cb3c P2P: Fix p2p_intra_bss with nl80211
The current implementation of p2p_intra_bss doesn't work since the flag
isn't propagated into the corresponding hostapd config, so AP code will
never enable AP isolation and will in fact disable it again after it had
been enabled by the P2P code.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-07-15 17:13:44 +03:00
Jouni Malinen
0d0db41271 P2P: Remove unused SearchOnly parameter from D-Bus p2p_find 2011-07-15 16:59:05 +03:00
Jouni Malinen
263ef84d3a P2P: Fix memory leak in D-Bus p2p_find handler 2011-07-15 16:33:21 +03:00
Jouni Malinen
e24b918202 P2P: Coding style cleanup 2011-07-15 14:41:01 +03:00
Jouni Malinen
70b9a5ca6a P2P: Fix error path not to build error message twice 2011-07-15 14:40:04 +03:00
Jouni Malinen
e1739fb617 P2P: Clear entry.key to avoid use of uninitialized value on error path 2011-07-15 14:39:07 +03:00
Jouni Malinen
d87e90b646 WPS: Check malloc success on workaround path
ssid->ssid could be NULL here if malloc failed, so better check that
consistently.
2011-07-15 14:21:50 +03:00
Jouni Malinen
21fe9e757e P2P: Use consistent checking of ssid != NULL 2011-07-15 14:20:31 +03:00
Jouni Malinen
f94a85ee33 P2P: Coding style cleanup for D-Bus handlers 2011-07-15 14:18:29 +03:00
Jouni Malinen
faa9f2cf95 P2P: Fix D-Bus error path (potential NULL pointer deref)
The paths pointer could have been NULL when going through the shared
freeing path in error case. Avoid the NULL pointer dereference by
checking whether that is the case. In addition, remove unnecessary
gotos to make the function more readable.
2011-07-15 14:03:41 +03:00
Jouni Malinen
ab1dee81a2 P2P: Remove dead code from wpas_p2p_connect()
The case of joining a running group is handled before this location
and the P2P client iftype is assigned at a callback function for that
case.
2011-07-15 13:57:31 +03:00
Henry Gebhardt
f0573c7989 wpa_supplicant: Edit BINDIR in dbus and systemd service files
This is useful, since in Gentoo BINDIR=/usr/sbin.
2011-07-15 12:25:02 +03:00
Henry Gebhardt
2ecaec50c8 wpa_supplicant: Add systemd support 2011-07-15 12:13:40 +03:00
Johannes Berg
b14a210ce2 nl80211: Support GTK rekey offload
Add support to wpa_supplicant for device-based GTK rekeying. In order to
support that, pass the KEK, KCK, and replay counter to the driver, and
handle rekey events that update the latter.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-07-12 21:22:51 +03:00
Mikael Wikström
ed49fbbf3a Fix non D-Bus builds by removing 'void void' in return value 2011-07-12 15:39:33 +03:00
Hong Wu
8fd0f0f323 FT: Clear SME ft_used/ft_ies when disconnecting
Previous ft_ies needs to be removed before supplicant starts a new FT
initial association and this requires the ft_used state to be cleared
here.

Signed-off-by: Hong Wu <hong.wu@dspg.com>
2011-07-05 21:17:31 +03:00
Angie Chinchilla
2db9174503 wpa_s AP mode: Enable HT20 if driver supports it
If the driver supports HT20, set the config parameter ieee80211n
to enable it. This does not enable HT40.

Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
2011-07-05 16:49:28 +03:00
Jouni Malinen
ca62e114aa wpa_supplicant AP: Disable AP mode on disassoc paths
Regardless of how the AP mode is disabled, wpa_supplicant_ap_deinit()
must be called. Make sure this happens on all paths by calling the
deinit function from wpa_supplicant_mark_disassoc().
2011-07-05 16:38:30 +03:00
Jouni Malinen
4f525d8e5b Move peer certificate wpa_msg() calls to notify.c
This type of wpa_supplicant specific message construction does not need
to be at the EAP implementation, so better move it up to notify.c.
2011-07-05 12:40:37 +03:00
Michael Chang
ade74830b4 Add dbus signal for information about server certification
In general, this patch attemps to extend commit
00468b4650 with dbus support.

This can be used by dbus client to implement subject match text
entry with preset value probed from server. This preset value, if
user accepts it, is remembered and passed to subject_match config
for any future authentication.

Signed-off-by: Michael Chang <mchang@novell.com>
2011-07-05 12:22:32 +03:00
Paul Stewart
572a171f4f wpa_supplicant: Respect PKG_CONFIG variable if set in the environment
This is required for cross-compilation support on certain
platforms to avoid changing the pkg-config files themselves.

Signed-off-by: David James <davidjames@chromium.org>
Signed-off-by: Paul Stewart <pstew@chromium.org>
2011-07-04 20:35:38 +03:00
Marcin Klimczewski
751bc722bd wpa_cli: Add missing parameter for P2P_GROUP_ADD command
Both freq and persistent parameters of P2P_GROUP_ADD could be passed at
one time.
2011-07-04 20:32:15 +03:00
Jayant Sane
a362dc1d43 DBus/P2P: Rectified type of SecondaryDeviceTypes in device property Get
To be consistent with what it expected in corresponding Set property as
byte[][].

Signed-off-by: Jayant Sane <jayant.sane@intel.com>
2011-07-04 20:27:53 +03:00
Jayant Sane
b05fe0e557 DBus/P2P: Adding decl for PersistentGroupRemoved signal
Minor - for completeness sake.

Signed-off-by: Jayant Sane <jayant.sane@intel.com>
2011-07-04 20:24:45 +03:00
Jouni Malinen
7a2b53b4ef Fix D-Bus build without CONFIG_P2P=y 2011-06-27 21:23:22 +03:00
Jouni Malinen
20a0b03deb Clear WPA and EAPOL state machine config pointer on network removal
Make sure that the WPA and EAPOL state machines do not hold a pointer
to a network configuration that is about to be freed. This can fix
potential issues with references to freed memory.
2011-06-27 19:02:24 +03:00
Jean-Michel.Bachot
8be6450cb6 P2P: Fix WpsFailed signal in P2P D-Bus
Fix a NULL pointer dereference in commit
3734552f15 in the case of PBC overlap and
timeout case.

Signed-off-by: Jean-Michel.Bachot <jean-michelx.bachot@intel.com>
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
2011-06-25 15:29:31 +03:00
Jayant Sane
2463ba70e2 P2P: Update listen and operating channel from P2P D-Bus
Some P2PDevice properties were not updated in p2p->cfg structure:
reg_class, channel, op_reg_class, and op_channel. Hence, update p2p->cfg
parameters through p2p core calls in wpas_p2p_update_config().

Signed-off-by: Jean-Michel.Bachot <jean-michelx.bachot@intel.com>
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
2011-06-25 12:08:43 +03:00
Jayant Sane
3734552f15 P2P: Add WpsFailed signal in P2P D-Bus
Signal is triggered if an error occurs during WPS provisioning phase.

Signed-off-by: Jean-Michel.Bachot <jean-michelx.bachot@intel.com>
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
2011-06-25 11:47:04 +03:00
Jayant Sane
2855070673 P2P: More complete persistent group management over D-Bus
Extend commit c2762e410f to allow
applications to manage (add/remove) persistent groups and accepted
network object paths while invoking a persistent group.
2011-06-24 11:20:19 +03:00
Jayant Sane
5d5fe8ed08 P2P: Add dissasoc_low_ack in P2P device properties
This can be used to activate the keep alive mechanism enabled in
mac80211. Allows to trigger Peer Disconnected signal if signal is lost
on a P2P peer.

Signed-off-by: Jean-Michel Bachot <jean-michelx.bachot@linux.intel.com>
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
2011-06-23 21:35:20 +03:00
Jayant Sane
2a10959e7c P2P: Fix P2P device signal level type in D-Bus
Signed-off-by: Fabien Marotte <fabienx.marotte@intel.com>
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
2011-06-23 21:31:22 +03:00
Jayant Sane
6402fc438b P2P: Show P2P peer signal level in D-Bus P2P device properties
Move level parameter from p2p_device to p2p_device_info in order to
expose this information and modify D-Bus P2P handler to return this new
parameter through the P2P device properties.

Signed-off-by: Fabien Marotte <fabienx.marotte@intel.com>
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
2011-06-23 21:29:10 +03:00
Jayant Sane
c2762e410f P2P: Update D-Bus network object semantics during group formation
Do not emit network objects during P2P group formation since such
network objects can confuse certain apps. Instead, a persistent group
object is created to allow apps to keep track of persistent groups.
Persistent group objects only represent the info needed to recreate the
group.

Also fixes a minor bug in the handling of persistent group objects
during WPS operations.

Signed-off-by: Jayant Sane <jayant.sane@intel.com>
2011-06-23 21:25:13 +03:00
Jayant Sane
c988980d95 P2P: Enable P2P capability advertisement on D-Bus
Append "P2P" to capability information if supported by device.

Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
2011-06-23 20:51:27 +03:00
Jouni Malinen
62b98282ba Fix CONFIG_NO_WPA_PASSPHRASE=y build
Need to define CONFIG_NO_PBKDF2 even though the crypto cleanup moved
the function to a separate file since there is conditional code in
wpa_supplicant/config.c. In addition, wpa_passphrase should not be
built at all if passphrase functionality is removed.
2011-06-23 19:53:45 +03:00
Jouni Malinen
4aced422d3 Add notes for CONFIG_WPS_ER build configuration option
[Bug 407]
2011-06-23 19:30:13 +03:00
Jouni Malinen
ee8ad5d849 Use nl80211 as an example instead of WEXT 2011-06-23 19:28:14 +03:00
Jouni Malinen
29fbc52251 Fix AP selection to check privacy mismatch and IBSS with WPA/RSN IE
These checks were previously skipped if the scan result included WPA
or RSN IE. However, that can result in selecting a network that does
not match local configuration in some cases.
2011-06-23 15:39:00 +03:00
Jouni Malinen
7dcdcfd68d P2P: Start GO without extra scan step
There are some corner cases, where the wpa_supplicant_req_scan() call
may end up scheduling a scan even if we are about to start a GO. Avoid
this by explicitly marking the GO network to be selected for the next
connection.
2011-06-21 11:47:03 +03:00
Jouni Malinen
692cb2266f Fix non-P2P D-Bus build 2011-06-20 09:02:41 +03:00
Jouni Malinen
634ce80246 Fix CONFIG_AP=y build without CONFIG_P2P=y 2011-06-20 08:58:32 +03:00
Jouni Malinen
83fa07226d DBus: Fix some typos on comments 2011-06-12 15:09:32 -07:00
Johannes Berg
9abafccc0d DBus: Add support for P2P primitives
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-06-12 15:08:19 -07:00
Johannes Berg
911e97e400 DBus: Refactor array adding, add binary arrays
Some new code we're working on will require the dbus type "aay" (an
array of arrays of bytes). To add this, refactor the array code to
reduce code duplication by given a type string to the array starting
code, and also add code to create and parse such arrays from or into an
array of struct wpabuf respectively.

Since there's no unique DBus type for this, add a "fake"
WPAS_DBUS_TYPE_BINARRAY type that is separate from the regular DBus
types for parsing.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-06-12 14:47:49 -07:00
Fabien Marotte
58f80e2aeb DBus: Move wpas_dbus_new_decompose_object_path()
Moved wpas_dbus_new_decompose_object_path from dbus_new_handlers.c
to dbus_new_helpers.c.

Signed-off-by: Fabien Marotte <fabienx.marotte@linux.intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-06-12 14:41:41 -07:00
Jean-Michel Bachot
4b6baa2f5e P2P: Add group started notification
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-06-12 14:35:37 -07:00
Johannes Berg
dd8a7e0547 P2P: Add wpas_notify_p2p_provision_discovery()
Add a notification for P2P provision discovery status/result.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-06-12 14:31:56 -07:00
Jouni Malinen
38e24575c1 random: Add support for maintaining internal entropy store over restarts
This can be used to avoid rejection of first two 4-way handshakes every
time hostapd (or wpa_supplicant in AP/IBSS mode) is restarted. A new
command line parameter, -e, can now be used to specify an entropy file
that will be used to maintain the needed state.
2011-05-31 20:07:11 +03:00
Jouni Malinen
ceb34f250a Remove compiler warning for non-P2P builds 2011-05-27 19:06:05 +03:00
Jouni Malinen
6d28fb9627 Fix regression in RSN pre-authentication candidate list generation
Processing of the scan results for RSN pre-authentication candidates
was moved to happen before the network was selected. This resulted in
all candidates being dropped due to no SSID having been configured.
Fix this by moving the processing to happen after the network has
been selected. Since the raw scan results are not available at that
point, use the BSS table instead of scan results to fetch the
information.
2011-05-19 17:52:46 +03:00
Dmitry Shmidt
bcb90f750d Add TDLS support to Android.mk 2011-05-16 22:29:43 +03:00
Jouni Malinen
64f992652d P2P: Include operating class 124 (channels 149,153,157,161)
When using the p2p_oper_reg_class configuration option instead of
p2p_group_add freq parameter, the operating class 124 was not
processed correctly. Include that class in the list of 5 GHz classes
for the p2p_oper_reg_class to resolve this.
2011-05-16 21:07:05 +03:00
Jouni Malinen
eec92ec597 WPS: Remove obsolete note about lack for WPS ER support 2011-05-16 21:06:08 +03:00
Jouni Malinen
117e812d06 Update BSS table entry if roaming event indicates frequency change
This is needed to make sure the frequency in the BSS table entry
remains up-to-date if the AP changes its operating frequency.
2011-05-16 19:19:30 +03:00
Jouni Malinen
0725cc7b7e Enable CONFIG_DRIVER_NL80211=y in the default configuration
nl80211 should be preferred over WEXT with any recent Linux kernel
version.
2011-04-21 20:41:01 +03:00
Dmitry Shmidt
60b24b0de4 Add 'signal_poll' command interface
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-04-15 18:52:01 +03:00
Dmitry Shmidt
746bba1a5e Prevent explicit scan command during scan or association
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-04-15 18:40:29 +03:00
Jouni Malinen
849b5dc78b Update driver country info on 'SET country <value>' 2011-04-15 17:00:01 +03:00
Jouni Malinen
4a26df7107 IBSS RSN: peer->addr is an array so it cannot be NULL 2011-04-14 20:18:12 +03:00
Jouni Malinen
95cb2d88e9 TDLS: Verify that scan results for BSS are available before using them 2011-04-14 19:50:26 +03:00
Jouni Malinen
5dac11e027 WPS: Use strict validation of (Re)AssocResp only if IEs are known 2011-04-14 02:57:24 +03:00
Jouni Malinen
b211f3eb71 Add sanity checks to EVENT_RX_PROBE_REQ event data
Both the SA and IEs from the received Probe Request frames must be
included and the Probe Request RX callback functions may assume that
these are not NULL.
2011-04-14 02:39:25 +03:00
Jouni Malinen
f4fbba8cf9 Distinguish empty concatenated vendor-specific IE from missing one
When comparing BSS table entries, handle empty concatenated
vendor-specific IE differently from completely missing IE. This
does not change anything for the only currently compared IE that
can be fragmented (WPS IE), but it is better to have the generic
code here ready for any possible new IE that could be used in
with zero-length data.
2011-04-14 02:25:43 +03:00
Jouni Malinen
714b8b5378 P2P: Fix memory leak in UPnP service discovery request processing 2011-04-14 01:33:26 +03:00
Jouni Malinen
62c0d27ed3 P2P: Clear go_dev_addr for group started events if it is not known
Better make sure the address value included in the event message gets
cleared in case the GO Device Address is not known for some reason.
Previously, this could potentially have been some random data from
stack should we ever hit the case where wpa_s->current_ssid is not
set (which should not really happen in normal use cases).
2011-04-13 22:03:52 +03:00
Jouni Malinen
be5b1e86a3 Make the example action script less likely to result in failures
Use "=" instead of "==" and add an example statement between "then"
and "fi".
2011-04-13 19:55:34 +03:00
Dmitry Shmidt
67b9bd089b Make scan interval configurable
It is now possible to configure the the time in seconds that
wpa_supplicant waits before requesting a new scan after failing to find
a suitable network in scan results.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-04-11 23:14:38 +03:00
Jouni Malinen
c2197bc9bc Return NULL instead of 0 as the pointer on error case 2011-04-08 19:16:20 +03:00
Jouni Malinen
c2f1fe41c2 Fix WPA/WPA2 AP rejection on parameter mismatch
If WPA/WPA2 was enabled in the configuration, the non-WPA exception
could allow an incorrect AP to be selected from scan results. Do
not use the exception if WPA/WPA2 is enabled in configuration.
2011-04-08 19:13:58 +03:00
Sam Leffler
9768da202b dbus: Add support to get/set the country code
Add an Interface.Country property and support to get/set the value.

Signed-off-by: Sam Leffler <sleffler@chromium.org>
2011-04-05 01:24:26 +03:00
Jouni Malinen
e73edcaa6a wpa_s AP mode: Fix regression in P2P AP mode setup
Commit c76e5d7f9b moved the
ap_configured_cb() call into a completion callback from AP mode code.
However, this callback can be called before hostap_setup_interface()
returns. In that case, the ap_configured_cb() ended up getting
called before the wpa_supplicant connection information was updated.
Fix this by reordering code to set up everything before calling
hostapd_setup_interface().
2011-04-04 12:50:26 +03:00
Felix Fietkau
4378fc14eb nl80211: Send EAPOL frames as QoS data frames for QoS aware clients
This should fix EAPOL reauthentication and rekeying timeout issues
with Intel clients when using WMM (e.g., with IEEE 802.11n). These
stations do not seem to be able to handle EAPOL data frames as
non-QoS Data frames after the initial setup.

This adds STA flags to hapd_send_eapol() driver op to allow
driver_nl80211.c to mark the EAPOL frames as QoS Data frame
when injecting it through the monitor interface.
2011-04-02 22:03:05 +03:00
Paul Stewart
439efd1eac bgscan_simple: Reschedule first fast scan
If the scan interval switches to the short interval soon after a
scan, bgscan_simple should not immediately scan again. However,
it should also make sure that the next scan occurs no later than
the new, short scan interval.

Signed-off-by: Paul Stewart <pstew@google.com>
2011-03-31 18:06:09 +03:00
Paul Stewart
6d21d41125 bgscan_simple: Time out short scan interval
We gain diminishing returns by the short scan interval. The short
scan interval is used to hunt for a better AP if the RSSI of the
current AP drops. However, if we never roam, and the AP continues
to have low RSSI, at some point we should give up and return to
the slow background scan rate, otherwise we waste a lot of power.

Signed-off-by: Paul Stewart <pstew@google.com>
2011-03-31 18:04:48 +03:00
Paul Stewart
db03ddacff bgscan-simple: Poll for signal in init
It is not guaranteed that we will get a CQM signal shortly after setting
up monitoring. In order to establish the correct initial background
scanning rate, poll directly for the signal strength.

Signed-off-by: Paul Stewart
2011-03-31 18:02:37 +03:00
Paul Stewart
1c5c7273f5 driver: Function to directly poll signal quality
This provides a means for the supplicant to directly request signal
quality metrics from the driver. This is useful, for example for
background scan algorithms that might ask desire this information
out-of-band with CQM events.

Signed-off-by: Paul Stewart <pstew@google.com>
2011-03-31 17:56:48 +03:00
Paul Stewart
14dc00115e dbus: Add "excessive" to debug_strings
The "debug_strings" private array in dbus_new_handles.c has fallen out
of sync with wpa_debug.h. Add the new "excessive" level to the head of
the list, realigning everything.

Signed-off-by: Paul Stewart <pstew@google.com>
2011-03-31 17:38:08 +03:00
Jouni Malinen
b6e0180035 P2P: Add more WPS attributes into Listen state Probe Response
Configure more WPS attributes in the P2P module and use them
when generating WSC IE for Probe Response frames in Listen state.
2011-03-28 15:24:12 +03:00
Jouni Malinen
b8f64582e3 TDLS: Allow TDLS to be disabled at runtime for testing purposes
Control interface command 'SET tdls_disabled <1/0>' can now be used
to disable/enable TDLS at runtime. This is mainly for testing
purposes.
2011-03-24 20:44:17 +02:00
Jouni Malinen
78177a000e RSN IBSS: Restart IBSS state machines for each new IBSS
Change the old design of running a single long living RSN IBSS
instance to keep a separate instance for each IBSS connection.
This fixes number of issues in getting keys set properly for
new connections and is in general quite a bit more correct
design.
2011-03-23 21:15:46 +02:00
Jouni Malinen
d47fa330b8 random: Read /dev/random in the background with eloop read socket
This makes it more likely to be able to fetch the 20 octet seed from
/dev/random in cases where other programs may also be competing for
this.
2011-03-22 23:15:00 +02:00
Sam Leffler
78633c3709 wpa_supplicant: Parameterize BSS table expiration age + count
Replace compile-time BSS cache expiration age and scan count by config
parameters that can be set via wpa_cli and the new D-Bus API. The latter
is done with interface properties BSSExpireAge and BSSExpireCount.
2011-03-20 12:40:59 +02:00
Paul Stewart
cfe53c9aa5 wpa_supplicant: Start bgscan on COMPLETED, not ASSOCIATED
Move the code snippet to switch on bgscan over to wpa_supplicant.c
from event.c, so that it can be activated on wpa_supplicant_set_state().
Also create a centralized place to switch off bgscan. bgscan is now
turned on in COMPLETED, not ASSOCIATED.
2011-03-20 12:27:03 +02:00
Jouni Malinen
87880919ad Fix a typo in a comment 2011-03-20 12:15:02 +02:00
Sam Leffler
7c49fdd0bd dbus: Add RemoveAllNetworks to the new D-Bus API
This adds a new command to the interface to remove all configured
netblocks. Without this it's necessary to query properties on the
interface and explicitly remove each netblock.
2011-03-20 12:12:12 +02:00
Nathan Williams
bc8397822b wpa_supplicant: Search BSS list from back to front
This fixes an issue seen in our wifi testbed, where we frequently
switch the SSID of the AP. wpa_supplicant's BSS list will have, for
example both <bssid, "Check11b"> (from the previous test) and <bssid,
"Check11g"> (from the current test) - note that the bssid is the same for
both. The (old) D-Bus API for fetching scan responses from wpa_supplicant
is fetch-by-bssid, so the caller (flimflam) incorrectly believes we're
associated with <bssid, "Check11b">.
2011-03-20 12:06:36 +02:00
Sam Leffler
2b65b30da8 dbus: Add D-Bus methods to flush the BSS cache
Add an "Interface.FlushBSS" method to the new D-Bus API and a "flush"
method to the old API. Both take an age parameter that is a threshold
(in seconds) for selecting entries to evict. Setting this parameter
to zero flushes all entries from the cache.

This mechanism is useful for a connection manager to clear state at
startup and on resume (where the age parameter may be used to hold
onto recent/valid data).
2011-03-20 12:02:33 +02:00
Sam Leffler
d4c1ec56f1 dbus: Add ConfigFile to AddInterface properties
This provides feature parity with the old-style D-Bus API. Explicit
properties to control global parameters is preferred but until that
happens this allows doing things like setting pkcs11_engine_path and
pkcs11_module_path via D-Bus.
2011-03-20 11:52:57 +02:00
Jouni Malinen
fe885594ac Document CONFIG_DEBUG_SYSLOG and CONFIG_DEBUG_SYSLOG_FACILITY 2011-03-20 11:49:41 +02:00
Sam Leffler
3e1996216e Add support for setting the syslog facility from the config file
This enables setting the syslog facility at build time.
2011-03-20 11:48:42 +02:00
Johannes Berg
c76e5d7f9b wpa_s AP mode: complete only when setup is complete
The AP code might, currently only in the case of HT40, defer actual
enabling to after a scan. In this case, the wpa_s AP code gets confused.
Add a callback for it to use and make it use it to finish only when the
setup has actually completed.

With appropriate hacks in place this allows using HT40 in P2P mode.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-03-19 13:11:15 +02:00
Johannes Berg
c202f19c68 wpa_s AP mode: propagate scan event
When wpa_s scans in AP mode, it doesn't propagate the scan event to the
AP code, so that code can get stuck if it uses the callbacks there.
Simply call them where appropriate.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-03-19 13:08:08 +02:00
Jean-Michel Bachot
046ef4aa67 P2P: Add option for requested device type in P2P search/scan
With this, p2p_find can be extended to find certain requested device
types.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-03-19 12:57:46 +02:00
Jean-Michel Bachot
f95cac271b P2P: Allow adding of WPS vendor extension attributes
This adds the ability to add WPS vendor extension attributes in P2P
frames, like GO Negotiation and Probe Response frames.

Signed-off-by: Jean-Michel Bachot <jean-michelx.bachot@linux.intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-03-19 12:22:18 +02:00
Xi Chen
ea244d2156 IBSS RSN: Clear IBSS RSN peers based on peer lost events 2011-03-18 17:04:46 +02:00
Johannes Berg
2f646b6e83 WPS: Store (secondary) device type as binary
Instead of converting back and forth from the string representation,
always use the binary representation internally.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-03-17 18:50:22 +02:00
Jouni Malinen
85a821d611 WPS: Fix copying of UUID from the first interface
Use the first interface (last in the list), not the last added
interface. In addition, use the same routine to set the UUID
after reconfiguration.
2011-03-17 18:07:00 +02:00
Jouni Malinen
586bad514b Make the link process quieter unless V=1 is specified
Hide the long command lines used for linking the binaries in the
default build. "make V=1" can be used to show the actual commands
if needed.
2011-03-17 12:31:38 +02:00
Jean-Michel Bachot
a9e86bfb74 WPS: Add secondary device types into Probe Request frames
The secondary device type list is an optional attribute in the WSC IE.

Signed-off-by: Jean-Michel Bachot <jean-michelx.bachot@linux.intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-03-17 11:09:49 +02:00
Xi Chen
13579b987b IBSS RSN: Enable group rekeying every 10 minutes 2011-03-16 16:28:56 +02:00
Xi Chen
92ac6376c4 IBSS RSN: Add for_each_sta handler for authenticator 2011-03-16 16:28:32 +02:00
Xi Chen
f385833bda IBSS RSN: Add supp_get_state handler 2011-03-16 16:27:08 +02:00
Xi Chen
df41824501 IBSS RSN: Do not start if not yet connected to IBSS
This is used to avoid starting IBSS RSN processing with a peer before
the IBSS connection itself has been completed.
2011-03-16 16:26:26 +02:00
Johannes Berg
d8a43924ec wpa_s AP mode: Add notification functions for STA authorized
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-03-16 15:58:41 +02:00
Catalin Drula
5b49c9d5ed dbus: Fix interface list getter with multiple interfaces
There's a bug in the getter for the 'Interfaces' property
of /fi/w1/wpa_supplicant1 (new D-Bus interface) which causes a
'Segmentation Fault' when there are multiple interfaces.
2011-03-16 12:30:09 +02:00
Jouni Malinen
4db9f805c7 Move .config to the toplevel .gitignore 2011-03-15 17:52:13 +02:00
Jouni Malinen
8e8f849f9d Android: Use /data/system/wpa_supplicant path as default in wpa_cli 2011-03-15 15:27:17 +02:00
Jouni Malinen
c5c5817c33 wpa_cli: Allow wpa_supplicant control interface default to be changed
CONFIG_CTRL_IFACE_DIR can now be defined to modify the default directory
wpa_cli uses for the wpa_supplicant control interface.
2011-03-15 15:26:27 +02:00
Dmitry Shmidt
b1001e4c45 wpa_cli: Add Android socket support
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-03-15 15:18:07 +02:00
Paul Stewart
5bbf9f1086 Add DBus state change notification for AuthMode property
Signed-off-by: Paul Stewart <pstew@google.com>
2011-03-15 13:54:59 +02:00
Paul Stewart
ba6f267f64 dbus: Add D-Bus method for current authentication mode
Chooses between EAP and non-EAP authentication modes and
uses the appropriate method to retrieve the name.

Signed-off-by: Paul Stewart <pstew@google.com>
2011-03-15 13:53:56 +02:00
Paul Stewart
cf83fb0b5b wpa_supplicant: Add wpa_supplicant_get_eap_mode method
Signed-off-by: Paul Stewart <pstew@google.com>
2011-03-15 13:53:08 +02:00
Jouni Malinen
e17a2477db nl80211: Extend bridge add/del operations for secondary BSSes
Previously, only the main interface was added to a bridge. Extend this
to apply to all configured BSSes.
2011-03-15 13:02:49 +02:00
Chao-Wen Yang
3152ff421e WPS: Indicate PBC session overlap in wps_pbc return value
Use a specific return value, WPS-PBC-OVERLAP, to indicate a reason
for rejecting a wps_pbc command in wpa_supplicant AP mode if the
PBC mode cannot be started due to PBC session overlap having been
detected during monitor time.
2011-03-10 18:59:51 +02:00
Jouni Malinen
ab45223b1a wpa_supplicant AP: Copy generated UUID for AP configuration
If the wpa_supplicant configuration file does not specify an UUID,
we need to copy the generated UUID, not the all zeros buffer
reserved for the configured UUID.
2011-03-10 18:40:16 +02:00
Jouni Malinen
ca29141c83 WPS: Copy UUID from the first interface
Instead of generating a different UUID for each interface, use the
same UUID that was either configured of generated for the first
interface. This avoids potential issues with PBC session overlap
detection should multiple interfaces end up running a PBC scan
at the same time which may happen at least in some P2P use cases.
2011-03-10 18:36:07 +02:00
Jouni Malinen
52c9e6f3f5 TDLS: Do not allow setup to be started if AP prohibits TDLS 2011-03-06 14:54:49 +02:00
Jouni Malinen
94377fbc52 TDLS: Allow wpa_cli tdls_setup to start renegotiation
If there is already a link the requested peer, request start of
renegotiation instead of completely new link. This seems to be needed
to allow some driver to accept the trigger for a new negotiation.
2011-03-06 14:54:44 +02:00
Jouni Malinen
5b0e6ece54 TDLS: Add a special testing feature for changing TDLS behavior
These special test cases can be configured at run time with "wpa_cli
tdls_testing <value>" where <value> is an integer (either as a decimal
or as a hex value with 0x prefix) bitmap of special features with
following bits available at this point:
bit 0 = long frame (add dummy subelement to make FTIE very long)
bit 1 = use alternative RSN IE (different RSN capab value and no extra
replay counters)
bit 2 = send incorrect BSSID in Link Identifier of TDLS Setup Request
(e.g., 1 = long FTIE, 2 = different RSN IE, 3 = both of those)

This is disabled by default and can be enabled for the build by
adding the following line to .config:
CFLAGS += -DCONFIG_TDLS_TESTING
2011-03-06 14:53:54 +02:00
Ganesh Prasadh
281ff0aa76 TDLS: Add initial support for TDLS (IEEE Std 802.11z-2010) 2011-03-06 14:53:49 +02:00
Shan Palanisamy
39b08b5fc0 Indicate assoc vs. reassoc in association event
This allows driver wrappers to indicate whether the association was
done using Association Request/Response or with Reassociation
Request/Response frames.
2011-03-06 14:31:46 +02:00
Dmitry Shmidt
9fc6aa9f95 Add Android make files for hostapd and wpa_supplicant 2011-02-27 19:19:43 +02:00
Dmitry Shmidt
b3f3865e0e Use Android reserved namespace for control interface
On Android, use a special reserved namespace for the UNIX domain
socket.
2011-02-27 18:19:17 +02:00
Jouni Malinen
9e0749737c Update copyright notices to include the new year 2011-02-27 12:50:00 +02:00
Dmitry Shmidt
4e2ead7a72 Add wpa_supplicant state change event for Android network manager
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-02-26 13:20:16 +02:00
Dmitry Shmidt
fb0e5bd7df ctrl_iface: Return only finished line for scan results
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-02-26 13:16:04 +02:00
Konguraj(Raj) Kulanthaivel
43a26f606c P2P: Add wpas_notify_p2p_sd_response
Signed-off-by: Konguraj(Raj) Kulanthaivel <konguraj.kulanthaivel@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-24 22:47:34 +02:00
Konguraj(Raj) Kulanthaivel
e1653cac23 P2P: Add wpas_notify_p2p_sd_request
Signed-off-by: Konguraj(Raj) Kulanthaivel <konguraj.kulanthaivel@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-24 22:45:39 +02:00
Jean-Michel Bachot
5ccdf84f0d P2P: Add invitation result notification
Add a notification function for the result of an invitation.

Signed-off-by: Jean-Michel Bachot <jean-michelx.bachot@linux.intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-24 22:40:21 +02:00
Jayant Sane
c2641bf7cf P2P: Add GO negotiation status notification
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-24 22:34:52 +02:00
Konguraj(Raj) Kulanthaivel
32d1bce0c0 P2P: Add wpas_notify_p2p_go_neg_req
Add a notification for received GO negotiation requests.

Signed-off-by: Konguraj(Raj) Kulanthaivel <konguraj.kulanthaivel@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-24 22:30:19 +02:00
Johannes Berg
408af93ed4 P2P: Add group removed notification
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-24 22:27:23 +02:00
Johannes Berg
56eeb8f299 P2P: Add method to signal lost device
This signal is used to notify users of the P2P
state machine or wpa_supplicant of lost devices.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-24 22:22:16 +02:00
Johannes Berg
d642d2d267 P2P: Add notification for P2P device found
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-24 22:08:18 +02:00
Johannes Berg
8fd7dc1b1c P2P: Add new_device flag to dev_found callback
The DBus code will want to have perfect matching of dev_found and the
dev_lost it adds so it doesn't need to keep track internally. Enable
that with a new flag in the core that tracks whether we have already
notified about this -- the existing users can ignore it.

The part where this is always set to 1 if the new device is discovered
by a driver that has P2P in the driver is buggy -- the driver should
feed the P2P peer database and then that should feed the notification
here instead.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-24 21:59:58 +02:00
Konguraj(Raj) Kulanthaivel
c5db8e5170 P2P: Embed publically visible struct in peer info
This embeds some information about each P2P peer that will be publically
visible in a struct that is shared.

The dev_found notification function is also passed the new struct, which
requires some work for the driver-based P2P management.

Signed-off-by: Konguraj(Raj) Kulanthaivel <konguraj.kulanthaivel@intel.com>
Signed-off-by: Fabien Marotte <fabienx.marotte@linux.intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-24 21:51:17 +02:00
Jouni Malinen
9526fd293f P2P: Handle P2P-not-supported without segfaults
Previous code was assuming that the P2P module is always initialized.
However, that is not the case anymore with drivers that do not support
P2P. Add verification of whether P2P is enabled before trying to execute
P2P commands.
2011-02-24 21:13:30 +02:00
Ben Greear
48b84f18a3 Wait 1 second before (re)scanning on authentication timeout
If we timed out, the AP or the local radio may be busy.
So, wait a second until scanning again.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-02-24 17:16:16 +02:00
Ben Greear
e29853bbff SME: Add timers for authentication and asscoiation
mac80211 authentication or association operation may get stuck for some
reasons, so wpa_supplicant better use an internal timer to recover from
this.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-02-24 16:59:46 +02:00
Jouni Malinen
b89883a444 P2P: Notify WPS-M2D event on parent interface and handle PBC overlap
GO may use M2D to notify that PBC overlap was detected if the GO was
configured to allow only a specific P2P Device to connect using PBC.
We need to report the M2D message on the parent interface if a
separate group interface is used. In addition, we can stop the P2P
operation if PBC overlap was indicated similarly to what we are
already doing in th case the overlap is detected locally.
2011-02-22 12:20:16 +02:00
Jouni Malinen
a432bafbca wpa_cli: Add newline to end of responses in interactive mode
Some of the wpa_supplicant control interface commands, like WPS_PIN,
may not include a newline in the end of the response. This can result
in the response being lost when wpa_cli redraws the screen after an
event message. Add a newline after such responses in interactive mode
to avoid the problem.
2011-02-21 22:50:11 +02:00
Ben Greear
4c9695be8f WPS ER: Stop eloop only on the last terminate_cb
This allows all WPS ER instances to be cleaned up properly if more
than one interface has an active WPS ER when wpa_supplicant is being
killed.
2011-02-21 21:47:46 +02:00
Jouni Malinen
16a83d2965 FT: Set EAPOL state machined to authenticated state with FT-EAP
When FT protocol run is completed with FT-EAP, the EAPOL state machine
needs to be notified of the completed authentication to make sure it
does not try to start new authentication.
2011-02-20 21:57:53 +02:00
Ben Greear
e1504976f1 Do not propagate bad scan results to siblings sharing the radio
This decreases useless work and re-scans by siblings when a
device gets a scan failure.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-02-16 18:55:37 +02:00
Jouni Malinen
50b16da13f Fix CONFIG_NO_STDOUT_DEBUG=y build 2011-02-10 20:24:06 +02:00
Ben Greear
f049052b9e Use wpa_msg() instead of wpa_printf()
This converts number of debugging messages to use wpa_msg() in order
to allow the interface name to be shown with the messages.

A new function, wpa_dbg(), is introduced to allow
CONFIG_NO_STDOUT_DEBUG=y builds to remove the debug strings. This is
otherwise identical with wpa_msg(), but it gets compiled out if stdout
debugging is disabled.
2011-02-10 20:14:46 +02:00
Jouni Malinen
e67b55fb11 wpa_s AP: Deliver EVENT_RX_PROBE_REQ events to AP processing
This is needed to allows WPS PBC session overlap detection to work
with drivers that process Probe Request frames internally. This
code is is run in hostapd, but the wpa_supplicant AP mode did not
have call to the hostapd_probe_req_rx() function even though it
registered handlers for hostapd Probe Request RX callbacks.
2011-02-08 14:32:35 +02:00
Jouni Malinen
d601247ca9 P2P: Allow WPS_PBC command on GO to select on P2P Device Address
An optional parameter, p2p_dev_addr, can now be given to WPS_PBC
command on P2P GO to indicate that only the P2P device with the
specified P2P Device Address is allowed to connect using PBC. If
any other device tries to use PBC, a session overlap is indicated
and the negotiation is rejected with M2D. The command format for
specifying the address is "WPS_PBC p2p_dev_addr=<address>", e.g.,
WPS_PBC p2p_dev_addr=02:03:04:05:06:07

In addition, show the PBC session overlap indication as a WPS failure
event on an AP/GO interface. This particular new case shows up as
"WPS-FAIL msg=4 config_error=12".
2011-02-07 18:28:36 +02:00
Ben Greear
4f1495aefa Add interface name to wpa_msg() output
This makes log files much more readable if multiple interfaces
are being controlled by the same process. The interface name is
added to stdout/file/syslog entries, but not to the messages
sent to control interface monitors to avoid issues with parsing
in external programs.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-02-06 20:39:34 +02:00
Ben Greear
ac6912b5d1 wpa_supplicant: Support 'relog' command to re-open log files
This allows rolling log files:

mv log.txt log.txt.1
wpa_cli relog

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-02-06 20:15:19 +02:00
Johannes Berg
3103f34576 P2P: Add wpas_p2p_disconnect()
Add a new API function wpas_p2p_disconnect()
to disconnect from or dissolve a group.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-02 17:30:15 +02:00
Johannes Berg
bbeee9b0db P2P: Use a variable for generated PIN to allow multiple uses
In order to pass the same PIN to multiple notifications in the future,
generate it centrally.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-02 17:12:37 +02:00
Johannes Berg
d750b7e699 DBus: Improve error reporting
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-02 17:03:32 +02:00
Johannes Berg
6d7111418d DBus: Increase introspection buffer sizes
The P2P additions will add more data so
that the current buffers aren't big enough.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-02 17:01:29 +02:00
Johannes Berg
d1c8ac88b9 DBus: Publish provisioned keys in network properties
When the network was provisioned, we need to get the keys to be able to
reconnect without new provisioning. To be able to publish those keys but
not normally configured ones, add a new attribute to struct wpa_ssid
indicating whether or not keys may be exported.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-02 17:00:12 +02:00
Johannes Berg
839b33ad90 P2P: Clear driver Probe Response IE on stop_listen
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-01 18:30:33 +02:00
Johannes Berg
11fb02be67 P2P: Fix p2p_long_listen
There are two issues with p2p_long_listen:
 1) max_remain_on_channel is assumed to be 5 seconds,
 2) if max_remain_on_channel is not a full multiple of
    seconds, accounting breaks.

Fix these by converting p2p_long_listen to ms and
tracking it according to max_remain_on_channel.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-01 18:09:38 +02:00
Jouni Malinen
09c395b4bb FT: Configure FT XXKey as PMK for driver-based 4-way handshake
When using FT-EAP, the second half of MSK is used as the starting
point for PMK key hierarchy. Configure that instead of the first
half of MSK when using FT with driver-based 4-way handshake and
FT protocol.
2011-02-01 00:06:13 +02:00
Jouni Malinen
98ea943177 Set portValid=TRUE on association for driver-based 4-way handshake
This was previously done for WPA/WPA2-Personal as part of association
processing when the driver is implementing 4-way handshake. The
portValid needs to be done for WPA/WPA2-Enterprise to get the proper
EAPOL authentication completed callback to configure PMK to the driver.
2011-02-01 00:04:02 +02:00
Masashi Honma
6c714cd7d4 P2P: Show "FAIL" for failed p2p_find operation
I tried these commands:

./wpa_cli -i wlan0 p2p_group_add
./wpa_cli -i wlan0 p2p_find

The second one results in following messages because it is invalid
operation.

-------
nl80211: Scan trigger failed: ret=-95 (Operation not supported)
P2P: Failed to start p2p_scan
-------

But the second one shows "OK" on control console.

This patch makes it to show "FAIL".
2011-01-31 17:29:31 +02:00
Jouni Malinen
df077c6262 Remove obsolete drivers wrappers: atmel, ndiswrapper, ipw, hermes
There is no real reason to maintain these in the current development
branch anymore. If someone really needs support for the obsolete
driver interfaces, these can be found in older wpa_supplicant
branches.

driver_atmel.c
- vendor-specific interface for ATMEL AT76C5XXx cards
- for some old out-of-tree driver; not for the upstream atmel*
  drivers

driver_ndiswrapper.c
- vendor-specific interface for an out-of-tree driver
- ndiswrapper should work with driver_wext.c, too

driver_ipw.c
- vendor-specific interface for old ipw2100/2200 driver
- the upstream driver works with driver_wext.c (and does not work
  with the old interface)

driver_hermes.c
- vendor driver that was not even included in the main wpa_supplicant
  releases
2011-01-30 21:29:25 +02:00
Jouni Malinen
6c9a98a20d IBSS RSN: Do not start multiple Auth/Supp for same peer
This avoids an issue when a received EAPOL-Key frame from a peer
is initiating IBSS RSN Authenticator and Supplicant for the peer
and the following new-STA-in-IBSS event from the driver is adding
yet another instance of Authenticator/Supplicant. The EAPOL-Key
RX case was already checking whether an instance had been started;
the driver new-STA event needs to do same.
2011-01-15 16:55:15 +02:00
Jouni Malinen
50b05780c2 IBSS RSN: Delay setting of the initial TX GTK
The driver may get confused if we set the initial TX GTK before having
fully configured and connected to an IBSS, so better delay this
operation until the connection (join/start IBSS) has been completed.
2011-01-15 14:07:02 +02:00
Chao-Wen Yang
449adbaca9 WPS: Indicate WPS-FAIL event on EAPOL timeout-based failure callback
If the EAPOL processing times out (e.g., if the AP stops replying
to messages for some reason) during WPS negotiation, we need to
indicate WPS-FAIL event from eapol_cb since no other WPS failure is
reported for this particular case.
2011-01-13 18:04:33 +02:00
Chao-Wen Yang
c5cf0a18f1 WPS: Add mechanism for indicating non-standard WPS errors
Previously, only the Configuration Error values were indicated in
WPS-FAIL events. Since those values are defined in the specification
it is not feasible to extend them for indicating other errors. Add
a new error indication value that is internal to wpa_supplicant and
hostapd to allow other errors to be indicated.

Use the new mechanism to indicate if negotiation fails because of
WEP or TKIP-only configurations being disallows by WPS 2.0.
2011-01-13 17:50:59 +02:00
Jouni Malinen
0382097ef3 Use set_key addr to distinguish default and multicast keys
Previously, both NULL and ff:ff:ff:ff:ff:ff addr were used in various
places to indicate default/broadcast keys. Make this more consistent
and useful by defining NULL to mean default key (i.e., used both for
unicast and broadcast) and ff:ff:ff:ff:ff:ff to indicate broadcast
key (i.e., used only with broadcast).
2011-01-09 19:44:28 +02:00
Jouni Malinen
da64c266e7 Use more consistent set_key seq value when nothing is being set
Use NULL instead of (u8 *) "" as the seq value and make sure the
driver wrapper implementations can handle NULL value. This was
previously already done in number of places, but not everywhere.
2011-01-09 12:09:04 +02:00
Jouni Malinen
6c6ad81f9c WPS: Make WPS-AP-AVAILABLE* events a bit more consistent
The BSS table entries may be in more or less random order and it is
better to show the most likely WPS configuration method in a way that is
somewhat more consistent instead of just showing the method of the first
BSS entry found in the table.
2011-01-05 11:49:03 +02:00
Jouni Malinen
df83fb7d00 Fix wpa_supplicant_ssid_bss_match() handler for non-WPA
The proto configuration may be left to non-zero when moving from one
configuration to another. To avoid misidentifying a network
configuration as enabling WPA, check key_mgmt field, too.
2010-12-30 18:27:33 +02:00
Jouni Malinen
3ac17eba31 P2P: Add initial support for driver-based P2P management
This adds partial callbacks and events to allow P2P management to be
implemented in a driver/firmware. This is not yet complete and is
very much subject to change in the future.
2010-12-30 12:48:55 +02:00
Jouni Malinen
f981eabcf0 WPS: Add option to disable open networks by default
CONFIG_WPS_REG_DISABLE_OPEN=y can be used to configure wpa_supplicant
to disable open networks by default when wps_reg command is used to
learn the current AP settings. When this is enabled, there will be a
WPS-OPEN-NETWORK ctrl_iface event and the user will need to explicitly
enable the network (e.g., with "select_network <id>") to connect to
the open network.
2010-12-30 12:28:13 +02:00
Johannes Berg
190b9062b2 P2P: Add option for offloading off-channel TX to the driver
With the new kernel functionality coming to Linux to allow off-channel
TX, we can take advantage of that in the P2P code that currently uses
remain-on-channel. If a driver advertises support for it, it will be
asked to handle off-channel TX by itself.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-12-29 13:59:17 +02:00
Johannes Berg
0d7e5a3a29 Allow AP mode to disconnect STAs based on low ACK condition
The nl80211 driver can report low ACK condition (in fact it reports
complete loss right now only). Use that, along with a config option, to
disconnect stations when the data connection is not working properly,
e.g., due to the STA having went outside the range of the AP. This is
disabled by default and can be enabled with disassoc_low_ack=1 in
hostapd or wpa_supplicant configuration file.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-12-28 17:15:01 +02:00
Jouni Malinen
cc5e390d28 WPS: Require PBC match with wps_pbc that specifies BSSID
The WPS mode was already verified when the AP was configured for
WPA/WPA2, but this was not done with AP that was in open mode.
Fix this by allowing wpa_supplicant_ssid_bss_match() to be called
in non-WPA configuration, too. With this change, wps_pbc BSSID
command will wait until the specified target AP is in active PBC
mode before trying to connect to it.
2010-12-28 08:56:23 +02:00
Jouni Malinen
5e8b237864 Fix CONFIG_SME build without CONFIG_IEEE80211W 2010-12-19 12:44:58 +02:00
Jouni Malinen
7d878ca769 Use SA Query procedure to recovery from AP/STA state mismatch
If a station received unprotected Deauthentication or Disassociation
frame with reason code 6 or 7 from the current AP, there may be a
mismatch in association state between the AP and STA. Verify whether
this is the case by using SA Query procedure. If not response is
received from the AP, deauthenticate.

This implementation is only for user space SME with
driver_nl80211.c.
2010-12-19 11:58:00 +02:00
Johannes Berg
0423d090ce P2P: Fix some int size warnings
When u64 != unsigned long, the compiler will give
some warnings. Fix these.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-12-17 17:09:50 +02:00
Dan Williams
1e6288df6b dbus: Emit property changed events when adding/removing BSSes
The supplicant was not emitting property changed events when the BSSs
property changed.

Signed-off-by: Dan Williams <dcbw@redhat.com>
2010-12-17 15:56:01 +02:00
Johannes Berg
860fddbb41 Allow setting scan_res_handler from the callback function
Some new code I'm working on will need the scan_res_handler assigned all
the time in certain circumstances, so the easiest way is to reset it
within the handler. This is currently prevented by the way the code in
the event handler works -- change that to permit such usage.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-12-17 15:31:05 +02:00
Johannes Berg
a2810199ec dbus: Fix type in wpa_dbus_dict_begin_string_array
The array's type should be given as the proper
DBUS_TYPE_STRING_AS_STRING, but evidently it
doesn't matter since it's all packed into a
variant type.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-12-17 15:20:32 +02:00
Sudhakar Swaminathan
45fee6f090 P2P: Cancel group formation timeout on p2p_cancel 2010-12-17 15:06:48 +02:00
Sudhakar Swaminathan
231bbd0375 P2P: Unauthorize pending P2P GO Neg peer on p2p_cancel
If there is a pending GO Negotiation when p2p_cancel is used,
unauthorize the peer to avoid immediate reconnection from being
accepted without a new p2p_connect command.
2010-12-17 15:05:35 +02:00
Sudhakar Swaminathan
0a14e3ec8b P2P: Cancel group formation on PBC overlap
We should cancel group formation completely on PBC overlap instead
of just partially notifying that operations were stopped. There is
no point in waiting for the group formation timeout in this case.
2010-12-17 15:04:14 +02:00
Masashi Honma
4d2ea6a6a9 P2P: Fix wpa_cli help typo 2010-12-17 15:01:28 +02:00
Jouni Malinen
aca0160548 nl80211: Set cipher suites when using user space SME
Previously, pairwise and group cipher suites were configured only
when kernel SME (nl80211 connect API) was used. However, mac80211
needs this information even in the user space SME case for one
thing: to disable HT when TKIP/WEP is used. Add
NL80211_ATTR_CIPHER_SUITES_PAIRWISE to fix this special case with
user space SME. This allows mac80211 to disable HT properly when
the AP is configured with configuration that is not allowed.
2010-12-13 21:08:53 +02:00
Jouni Malinen
89c38e32c7 RSN IBSS: RX GTK configuration with nl80211
This add preliminary code for setting the per-STA RX GTK for
RSN IBSS when nl80211 drivers. For some reason, this does not
seem to fully work, but at least driver_nl80211.c is now aware of
what kind of key is being set and the whatever is missing from
making this key configuration go through should be specific to
nl80211/cfg80211.
2010-12-04 20:31:22 -08:00
Jouni Malinen
df4bc5091e IBSS RSN: Do not start 4-way handshake unless RSN is enabled 2010-12-04 18:17:05 -08:00
Paul Stewart
8e5f078fb9 dbus_new_handlers: Omit errant dbus_message_unref
This unref is guaranteed to be freeing a NULL pointer.

Tested manually: use dbus-send to send an invalid debug level parameter

Before change:

$ dbus-send --system --dest=fi.w1.wpa_supplicant1 --print-reply
/fi/w1/wpa_supplicant1 org.freedesktop.DBus.Properties.Set
string:fi.w1.wpa_supplicant1 string:DebugLevel variant:string:msgdumpf
Error org.freedesktop.DBus.Error.NoReply: Message did not receive a reply
(timeout by message bus)
(and then wpa_supplicant crashes)

After change:

$ dbus-send --system --dest=fi.w1.wpa_supplicant1 --print-reply
/fi/w1/wpa_supplicant1 org.freedesktop.DBus.Properties.Set
string:fi.w1.wpa_supplicant1 string:DebugLevel variant:string:msgdumpf
Error fi.w1.wpa_supplicant1.InvalidArgs: Did not receive correct message
arguments.

Signed-off-by: Paul Stewart <pstew@google.com>
2010-12-04 11:58:44 -08:00
Ben Greear
6859f1cb24 Enable sharing of scan result events among virtual interfaces
When controlling multiple virtual interfaces on the same physical
radio, share the scan results events with sibling interfaces. This
decreases the time it takes to connect many virtual interfaces.

This is currently only supported on Linux with cfg80211-based
drivers when using nl80211 or wext driver interface.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-11-26 21:46:30 +02:00
Ben Greear
c577db2afd Add interface name to some debug prints
This makes it easier to figure out what is happening when controlling
multiple interfaces from a single wpa_supplicant process.
2010-11-26 21:16:36 +02:00
Tomasz Bursztyka
1b232e479d dbus: Fix new dbus API for WPS
Start() method's optional Bssid argument needs a byte array, not an
array of arrays.
2010-11-26 19:47:24 +02:00
Jouni Malinen
871f4dd069 Allow driver wrappers to indicate whether result codes are sane
Some drivers are not providing exactly reliable error codes (e.g.,
with WEXT), but others may actually indicate reliable information.
Allow driver wrappers to indicate if that is the case and use
optimizations if so. For now, this improves nl80211 with
NL80211_CMD_CONNECT for a case where connection request fails.
2010-11-26 17:41:21 +02:00
Jouni Malinen
c05d6d188c Do not segfault on EVENT_ASSOC_REJECT without BSSID 2010-11-26 17:38:46 +02:00
Jouni Malinen
e5ad96b745 SME: Optimize recovery from assocication command failures
mac80211 can indicate this mainly because of channel selection
conflicts with other vifs. If there is another BSS on another
channel, we should try to connect to it instead.
2010-11-26 17:37:22 +02:00
Jouni Malinen
971e357f19 P2P: Add new driver option for interface allocation
WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P flag can now be used to
indicate that the initial interface (e.g., wlan0) is used for
P2P management operations and potentially non-P2P connections.
This is otherwise identical to
WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE, but the possibility of
non-P2P connections makes some operations differ.
2010-11-26 15:52:16 +02:00
Jouni Malinen
a1eca5cfd8 P2P: Rename the group interface name to use p2p- prefix
This may make it less likely for udev to rename the interface that
would previously have been called wlan0-p2p-# (now: p2p-wlan0-#).
In addition, add some workaround code to handle the case where the
main interface name is close to the IFNAMSIZ length limit to
avoid going over that for the P2P group interface.
2010-11-26 15:50:22 +02:00
Jouni Malinen
0f85ef5cf0 P2P: Use larger pending_interface_name buffer
In theory, the interface name could be longer than IFNAMSIZ in
some systems, so use the same size buffer for this field as is
used with the main interface name.
2010-11-26 15:49:26 +02:00
Jouni Malinen
afa4926c95 P2P: Use alternative way of starting dnsmasq if needed
Some other dnsmasq users (like libvirt) seem to be binding the DHCP
server to all interfaces which prevents the previously used mechanism
here from working (bind on the DHCP socket fails). If a failure is
noticed, try to start dnsmasq with -z option to avoid that.
2010-11-26 15:47:13 +02:00
Jouni Malinen
0fb337c121 Extend load balancing optimization in BSS blacklisting
Move the previously SME specific optimization code into generic
function that can be used from non-SME code, too, and use it to
handle disconnection events. In other words, allow disconnection
event to trigger similar optimized scanning case to handle a
common load balancing mechanism. If there is another BSS in the
same ESS when we receive a disconnection event, scan only the
known frequencies of such other BSSes on the next attempt to
speed up recovery.
2010-11-26 11:36:03 +02:00
Jouni Malinen
5471c3434e Blacklist BSS on first failure if only a single network is enabled
The special case of requiring blacklisting count to be 2 or higher
is only needed when more than a single network is currently enabled.
As such, we should not do that when only a single network is enabled.
This make the station more likely to follow network side load
balancing attempts where the current AP may disassociate us with
an assumption that we would move to another AP.
2010-11-26 11:23:50 +02:00
Jouni Malinen
34dbfc0cb3 Fix CONFIG_AP=y build without NEED_AP_MLME driver 2010-11-25 23:41:32 +02:00
Jouni Malinen
0fe620de7e Fix CONFIG_AP=y build without CONFIG_WPS=y 2010-11-25 23:34:56 +02:00
Jouni Malinen
f47d639d49 SME: Optimize recovery from common load balancing mechanisms
When authentication or association fails when trying to connect to
a BSS in an ESS that has multiple BSSes based on previous scans,
limit the first recovery scan to only the known channels that has
been seen previously. This speeds up recovery in some of the most
commonly used load balancing mechanisms in enterprise WLAN
networks.
2010-11-25 22:51:56 +02:00
Jouni Malinen
7e6646c794 SME: Fix re-try after auth/assoc timeout/failure
There were various issues in how the SME (i.e., nl80211-based driver
interface) handled various authentication and association timeouts and
failures. Authentication failure was not handled at all (wpa_supplicant
just stopped trying to connect completely), authentication timeout
resulted in blacklisting not working in the expected way (i.e., the same
BSS could be selected continuously), and association cases had similar
problems.

Use a common function to handle all these cases and fix the blacklist
operation. Use smaller delay before trying to scan again during the
initial cycle through the available APs to speed up connection. Add
a special case for another-BSS-in-the-same-ESS being present to
speed up recovery from networks with multiple APs doing load balancing
in various odd ways that are deployed out there.
2010-11-25 22:00:04 +02:00
Jouni Malinen
3c85f144ce P2P: Fix Action frame sending after disconnection
assoc_freq needs to be cleared when an interface gets disconnected.
This fixes an issue where P2P Action frame transmission may fail
because of missing remain-on-channel operation when using the same
interface for group operations (or non-P2P connections) and P2P
management operations.
2010-11-25 16:04:07 +02:00
Sudhakar Swaminathan
9d562b7946 P2P: Add p2p_unauthorize command
This can be used to remove authorization from a previous p2p_connect
commands that has not yet resulted in completed GO Negotiation.
2010-11-25 13:09:50 +02:00
Jouni Malinen
7a80af658d Fix CONFIG_AP=y build without CONFIG_P2P=y 2010-11-24 16:55:17 +02:00
Jouni Malinen
fe99fb74f1 Fix wpa_supplicant AP mode build after hostapd changes 2010-11-24 16:52:04 +02:00
Albert Liu
1d39378a0b P2P: Fix RX ack status on Action frames sent via interface in GO mode
The wpa_supplicant_event() EVENT_TX_STATUS ack field needs to be
converted to use wpas_send_action_tx_status()
enum p2p_send_action_result in this case, too, to avoid getting
incorrect TX status for P2P processing.
2010-11-24 14:25:33 +02:00
Jouni Malinen
bbb921daaa Maintain internal entropy pool for augmenting random number generation
By default, make hostapd and wpa_supplicant maintain an internal
entropy pool that is fed with following information:

hostapd:
- Probe Request frames (timing, RSSI)
- Association events (timing)
- SNonce from Supplicants

wpa_supplicant:
- Scan results (timing, signal/noise)
- Association events (timing)

The internal pool is used to augment the random numbers generated
with the OS mechanism (os_get_random()). While the internal
implementation is not expected to be very strong due to limited
amount of generic (non-platform specific) information to feed the
pool, this may strengthen key derivation on some devices that are
not configured to provide strong random numbers through
os_get_random() (e.g., /dev/urandom on Linux/BSD).

This new mechanism is not supposed to replace proper OS provided
random number generation mechanism. The OS mechanism needs to be
initialized properly (e.g., hw random number generator,
maintaining entropy pool over reboots, etc.) for any of the
security assumptions to hold.

If the os_get_random() is known to provide strong ramdom data (e.g., on
Linux/BSD, the board in question is known to have reliable source of
random data from /dev/urandom), the internal hostapd random pool can be
disabled. This will save some in binary size and CPU use. However, this
should only be considered for builds that are known to be used on
devices that meet the requirements described above. The internal pool
is disabled by adding CONFIG_NO_RANDOM_POOL=y to the .config file.
2010-11-24 01:29:40 +02:00
Jouni Malinen
b21e2c84f1 Include own MAC address in status info even in non-P2P builds 2010-11-21 12:35:49 +02:00
Jouni Malinen
8953e9681a edit: Move history save file specification to caller 2010-11-21 11:43:09 +02:00
Jouni Malinen
f6b25ca5b4 P2P: Add some initial documentation for P2P use 2010-11-19 13:24:45 +02:00
Jouni Malinen
ab72eb5256 P2P: Accept invitations to already running persistent group
We can automatically accept invitations that are for a persistent
group that is already running. There is no need to confirm this
separately or preparare a new group interface.
2010-11-19 12:58:31 +02:00
Jouni Malinen
9d39057c2b P2P: Stop p2p_find/p2p_listen when Invitation is accepted
When an Invitation to reinvoke a persistent group is accepted,
we need to make sure that any pending p2p_find or p2p_listen
operation gets stopped to avoid consuming all radio resources
doing device discovery while the group is being set up.
2010-11-19 12:58:03 +02:00
Jouni Malinen
6c0da49f62 P2P: Do not start multiple copies of same persistent group
When running p2p_group_add persistent=<id>, verify whether the
requested group is already running and if so, do not try to
start another copy of it.
2010-11-19 12:57:36 +02:00
Jouni Malinen
ca806fb540 P2P: Indicate WPS events from AP mode only during group formation
The duplicated WPS event in the parent interface should only be used
during P2P group formation, i.e., when the WPS operation was actually
started using the parent interface. When authorizing a client to
connect to an already running group, the WPS command is issued on
the group interface and there is no need to duplicate the event to
the parent interface.
2010-11-18 12:42:02 +02:00
Jouni Malinen
d1b024c9e5 P2P: Make sure wpa_s->global->p2p_group_formation gets cleared
This pointer is now used in number of places to check whether an
interface is in P2P Group Formation, so we better make sure it gets
cleared when group formation has been completed. This was done in
only some of the cases.
2010-11-18 12:41:27 +02:00
Jouni Malinen
9dd7d6b09c WPS: Add special AP Setup Locked mode to allow read only ER
ap_setup_locked=2 can now be used to enable a special mode where
WPS ER can learn the current AP settings, but cannot change then.
In other words, the protocol is allowed to continue past M2, but
is stopped at M7 when AP is in this mode. WPS IE does not
advertise AP Setup Locked in this case to avoid interoperability
issues.

In wpa_supplicant, use ap_setup_locked=2 by default. Since the AP PIN
is disabled by default, this does not enable any new functionality
automatically. To allow the read-only ER to go through the protocol,
wps_ap_pin command needs to be used to enable the AP PIN.
2010-11-17 16:48:39 +02:00
Jouni Malinen
70d84f11fe WPS: Add wps_ap_pin ctrl_iface command for wpa_supplicant AP mode
This can be used to control the AP PIN in wpa_supplicant AP mode
in the same way as the identical command in hostapd ctrl_iface.
2010-11-17 16:46:55 +02:00
Jouni Malinen
bb79dc720b P2P: Fix invitation-to-running-group handling
The pending_invite_ssid_id of -1 (running group, not persistent) was
being stored incorrectly in the group interface, not device interface
(i.e., parent of the group interface) and consequently, the incorrect
information was used when processing the Invitation Response.

If there was a persistent group credentials stored with network id
0, those were used instead to try to set up a persistent group
instead of using the already running group.
2010-11-16 15:22:06 +02:00
Albert Liu
5496062919 P2P: Update pending join interface address during scans
Since the P2P peer entry may not have been available at the time the
join request was issued, we need to allow the P2P Interface Address
to be updated during join-scans when the P2P peer entry for the GO
may be added.
2010-11-15 16:16:39 +02:00
Jouni Malinen
9b1ab931b1 P2P: Allow multiple scan runs to find GO for p2p_connect join
If the GO is not found, we cannot send Provisioning Discovery Request
frame and cannot really connect anyway. Since the Provisioning
Discovery is a mandatory part, it is better to continue join-scan
until the GO is found instead of moving to the next step where
normal connection scan is used (PD would not be used from there).

Use a limit of 10 scan attempts for p2p_connect join to avoid getting
in infinite loop trying to join. If the GO is not found with those
scans, indicate failure (P2P-GROUP-FORMATION-FAILURE) and stop the
join attempt.
2010-11-15 16:15:38 +02:00
Jouni Malinen
e8ecb5fb49 Move wpa_cli readline integration into src/utils/edit_readline.c
All three line editing options are now located in src/utils/edit*.c
and provide the same API to allow easy build time selection.
2010-11-14 22:37:43 +02:00
Jouni Malinen
bdc45634f0 wpa_cli: Use edit API as a wrapper for optional readline 2010-11-14 21:19:35 +02:00
Jouni Malinen
82a855bda8 Move command line editing routines into src/utils/edit*.[ch]
This allows the same routines to be shared with other programs
since these are not really specific to wpa_cli.
2010-11-14 20:59:29 +02:00
Jouni Malinen
aee680e8b2 wpa_cli: Add internal line edit implementation
CONFIG_WPA_CLI_EDIT=y can now be used to build wpa_cli with internal
implementation of line editing and history support. This can be used
as a replacement for CONFIG_READLINE=y.
2010-11-14 19:15:23 +02:00
Jouni Malinen
cd10156798 wpa_cli: Replace CONFIG_WPA_CLI_FORK design with eloop
Instead of using a separate process to receive and print event
messages, use a single-process design with eloop to simply
wpa_cli and interaction with readline.
2010-11-14 13:16:51 +02:00
Jouni Malinen
6f1c6549ed wpa_cli: Split wpa_cli_interactive() into two versions
Instead of multiple #ifdef blocks for readline within the function,
use two copies of the functions, one for readline, one without any
readline functionality.
2010-11-14 11:30:19 +02:00
Jean Trivelly
01d92811f9 P2P: Add network_added notification when p2p device becomes GO
Notification is done when you become P2P client but was missing
when you become GO.

Signed-off-by: Jean Trivelly <jeanx.trivelly@linux.intel.com>
2010-11-12 21:21:24 +02:00
Jouni Malinen
5254eb7e50 P2P: Fix HT40 secondary channel validation 2010-11-12 19:04:48 +02:00
Jouni Malinen
5122242925 P2P: Add HT40 operating classes based on driver channel flags
This allows P2P to negotiate HT40 channels. For now, only 5 GHz
HT40 operating classes are enabled.
2010-11-12 18:14:12 +02:00
Jouni Malinen
148bb37f2e P2P: Send WPS-OVERLAP-DETECTED also to the parent interface
When running "p2p_connect addr pbc join" command, send the
WPS-OVERLAP-DETECTED even also to the parent interface (i.e.,
the one on which the p2p_connect was issued) and not only the
group interface in case separate P2P group interfaces are used.
2010-11-12 11:30:58 +02:00
Jouni Malinen
aaca650540 P2P: Replace the default country with "XX" (non-country entity) 2010-11-10 16:22:22 +02:00
Anil Gathala Sudha
7cfc4ac319 P2P: Add support for automatic channel selection at GO
The driver wrapper may now indicate the preferred channel (e.g., based
on scan results) on both 2.4 GHz and 5 GHz bands (and an overall best
frequency). When setting up a GO, this preference information is used
to select the operating channel if configuration does not include
hardcoded channel. Similarly, this information can be used during
GO Negotiation to indicate preference for a specific channel based
on current channel conditions.

p2p_group_add command can now use special values (freq=2 and freq=5)
to indicate that the GO is to be started on the specified band.
2010-11-10 13:33:47 +02:00
Samuel Ortiz
74b1c84a0b wpa_supplicant: Test all compiled drivers before failing
wpa_supplicant_set_driver() is returning an error if the first driver
in the driver list is not built in. It should continue through the
driver list until it finds one that's built in.
2010-11-09 16:45:27 +02:00
Felix Fietkau
99ac2913d8 wpa_supplicant: Fix port state management without IEEE8021X_EAPOL
If IEE8021X_EAPOL is not enabled in the config, wpa_drv_set_supp_port
must be called from the supplicant, otherwise port will not be
activated after association.
2010-11-09 16:31:33 +02:00
Jouni Malinen
43882f1efc Allow TSN AP to be selected when configured for WEP
Commit d8d940b746 introduced a regression
that prevented TSN APs from being used with WEP since the AP was
rejected if it advertised WPA or RSN IE when we were configured to use
WEP. Resolve this by checking whether the AP is advertising a TSN, i.e.,
whether the AP allows WEP to be used as a group cipher. If so, allow
the AP to be selected if we are configured to use static WEP or
IEEE 802.1X (non-WPA).

It should be noted that this is still somewhat more restricted in AP
selection than earlier wpa_supplicant branches (0.7.x or older) that
ignore the WPA/RSN IE completely when configured for non-WPA.
2010-11-08 21:14:32 +02:00
Jouni Malinen
eacc12bfbb eapol_test: Unregister EAP server methods if CONFIG_AP=y
This fixes a memory leak in CONFIG_AP=y builds.
2010-11-07 11:38:26 +02:00
Jouni Malinen
09d660b9e3 P2P: Clear off_channel_freq when requesting new remain-on-channel
The driver may end up leaving the current channel when we request
a new remain-on-channel and as such, it is better not assume we can
start new operations like sending an Action frame on the previous
off-channel.
2010-11-05 18:39:42 +02:00
Jouni Malinen
8eada5ca13 P2P: Cancel pending remain-on-channel request when stopping Listen
If we have already asked the driver to start a new remain-on-channel,
we need to cancel it even if the actual remain-on-channel has not yet
started at the point when a new operation or timeout etc. triggers
Listen state to be stopped.
2010-11-05 18:39:15 +02:00
Jouni Malinen
9bcf9541a7 P2P: Do not skip call to p2p_scan_res_handled()
Even if p2p_scan_res_handler() returns 1 to indicate that scan result
iteration should be stopped, the p2p_scan_res_handled() needs to be
called to clear p2p_scan_running and to get a callback that will start
any operations that were delayed because of the running scan.
2010-11-05 18:17:42 +02:00
Jouni Malinen
b029bd33c4 P2P: Copy p2p_intra_bss setting to the group interface
This is needed to allow p2p_intra_bss take effect when using
separate group interfaces.
2010-11-04 16:53:09 +02:00
Jouni Malinen
a0a9f3b02f P2P: Allow p2p_cancel to cancel P2P client that has not yet connected
This can now be used to cancel a P2P client interface that has not
yet completed the first 4-way handshake with a GO.
2010-11-04 11:59:44 +02:00
Jouni Malinen
534525ff05 P2P: Skip extra remain-on-channel if oper channel matches
There is no need to separately move to the correct channel
for transmitting an Action frame that is using the group
interface (i.e., source address is P2P Interface Address).
This removes extra latency from P2P Action frame operations
within a P2P group.
2010-11-02 19:35:40 +02:00
Jouni Malinen
acec8d3203 Add ctrl_iface command 'GET version'
This can be used to fetch the wpa_supplicant/hostapd version
string.
2010-10-31 17:07:31 +02:00
Dmitry Shmidt
ae6e1bee67 Add WPA_IGNORE_CONFIG_ERRORS option to continue in case of bad config
This is an option to continue with wpa_supplicant and hostapd even if
config file has errors. The problem is that these daemons are the best
"candidates" for the config change, so if they can not start because
config file was let's say corrupted, you can not fix it easily.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2010-10-31 12:38:49 +02:00
Jouni Malinen
b7412dabd9 P2P: Fix random channel selection to use os_get_random
This could have been using an uninitialized variable instead of
purposefully random value in picking up the channel. There is not
much of a difference for the use case here, but anyway, we may
as well do what was initially planned here and.
2010-10-31 12:27:37 +02:00
Jouni Malinen
79222cfa61 P2P: Reorder code to avoid memory leak on error path 2010-10-31 12:24:21 +02:00
Jouni Malinen
d25f7212da Fix copy-paste bug in p2p_serv_disc_resp handling
The destination address for p2p_serv_disc_resp must always be set
to an individual MAC address unlike p2p_serv_disc_req which may use
00:00:00:00:00:00 to indicate wildcard query. As such, we should not
try to check for this special case here.
2010-10-31 12:17:30 +02:00
Jouni Malinen
d394a22f30 P2P: Add NULL pointer validation for ssid for group started event
It looks likely that ssid is not NULL here, but better keep this
consistent with other uses of ssid pointer in this function.
2010-10-31 12:12:07 +02:00
Jouni Malinen
ea78c315a2 Add ctrl_interface event for association rejected 2010-10-27 20:28:16 +03:00
Jouni Malinen
58e54293db P2P: Fix removal_reason setting to use correct pointer
The previous version triggered a NULL pointer dereference on
P2P_GROUP_REMOVE * command.
2010-10-27 11:47:41 +03:00
Jouni Malinen
0ae2aa14a5 Fix compiler warning from previous commit 2010-10-27 11:31:32 +03:00
Jouni Malinen
2f9c6aa665 Fix memory leak in P2P build without MLME
The ieee80211_sta_free_hw_features() function is now used outside
the MLME code, so better make sure it gets included in the build
to avoid leaking memory.
2010-10-27 11:26:46 +03:00
Jouni Malinen
ed159ad41b WPS ER: Add more details to wps_er_pbc failure returns
Indicate the reason for the failure when wps_er_pbc is rejected.
2010-10-25 21:59:25 +03:00
Jouni Malinen
3e7533b399 WPS ER: Show SetSelectedRegistrar events as ctrl_iface events
This makes it easier to figure out if something goes wrong in
preparing the AP for enrolling a station.
2010-10-25 21:29:22 +03:00
Jouni Malinen
c973f3868a P2P: Remove P2P group on driver resource becoming unavailable
Add a new driver event, EVENT_INTERFACE_UNAVAILABLE, for indicating
that the driver is not able to continue operating the virtual
interface in its current mode anymore, e.g., due to operating
channel for GO interface forced to a DFS channel by another virtual
interface.

When this happens for a P2P group interface, the P2P group will
be terminated and P2P-GROUP-REMOVED event shows the reason for
this as follows:
P2P-GROUP-REMOVED wlan0 GO reason=UNAVAILABLE
2010-10-25 19:16:11 +03:00
Jouni Malinen
129eb428b1 WPS: Fix wps_reg command documentation to require BSSID
Replacing the BSSID with 'any' has never worked with wps_reg
command, so better not claim it could work. In addition, reject
this is wpa_supplicant to make it clearer that the operation
fails.
2010-10-25 18:56:49 +03:00
Jouni Malinen
3071e18109 P2P: Add mechanism for timing out idle groups
A new configuration parameter, p2p_group_idle, can now be used to set
idle timeout value for P2P groups in seconds (0 = no timeout). If set,
this values is used to remove P2P group (both GO and P2P client)
interfaces after the group has been idle (no clients/GO seen) for the
configuration duration.

The P2P-GROUP-REMOVED event is now indicating the reason for group
removal when known. For example:
P2P-GROUP-REMOVED wlan0 GO reason=REQUESTED
P2P-GROUP-REMOVED wlan1 client reason=IDLE
2010-10-25 18:24:15 +03:00
Jouni Malinen
f19858f5a8 Show wpa_supplicant version number in the debug log 2010-10-22 11:50:34 +03:00
Jouni Malinen
35c5d61037 Fix crash on channel list changed event during driver init
The driver wrapper may indicate EVENT_CHANNEL_LIST_CHANGED before
completing init(). This would likely result in segfault when driver
channel list is being read as part of processing this event when
P2P is enabled.
2010-10-20 19:30:55 +03:00
Jouni Malinen
ef10f4733f WPS ER: Add wps_er_set_config to use local configuration
This command can be used to enroll a network based on a local
network configuration block instead of having to (re-)learn the
current AP settings with wps_er_learn.
2010-10-20 13:37:01 +03:00
Jouni Malinen
2af1c18735 P2P: Scan all channels if GO is not found from common channels
This is not supposed to happen, but in theory, the GO may end up
changing its channels at some point. While it would be reasonable
to use one of the common channels, GO may be forced to use another
channel. The most likely reason for this would be if the P2P client
is enforcing only a single channel to be used (e.g., to avoid
multi-channel concurrent operations).
2010-10-19 18:38:49 +03:00
Jouni Malinen
3f4ce13fde P2P: Track non-P2P members in the group and set Group Limit bit
The P2P group component is now tracking of associated stations
in the group and the Group Limit bit in the Group Capabilities
is updated based on whether there is room for new clients in
the group.
2010-10-19 18:10:28 +03:00
Jouni Malinen
de979d8fc7 Fix max_stations to apply to associated STAs, not P2P peers
This driver capability limit was supposed to indicate limit on
how many stations can associate with us in the AP mode, not how
many P2P peers are stored in the peer table.
2010-10-19 17:17:04 +03:00
Jouni Malinen
dae608d5d3 Add max_num_sta config option for wpa_supplicant AP mode
This can be used to limit the number of stations allowed to be
connected to the AP.
2010-10-19 17:08:20 +03:00
Jouni Malinen
59eba7a2b3 P2P: Add p2p_cancel command for cancelling ongoing group formation 2010-10-19 15:53:28 +03:00
Jouni Malinen
93b7ddd032 P2P: Skip GO Neg Conf ack failure workaround of send failures
The workaround to ignore no ctrl::ack received for GO Negotiation
Confirmation frame was only supposed to be used when the frame was
actually transmitted and just the ack was not received. However, due
to the way the driver failure on transmitting the frame were reported,
this ended up getting applied for all failures in sending the GO
Negotiation Confirmation frame.

Improve this by providing a mechanism to indicate whether send_action
operations fail locally before the frame was actually transmitted or
because of not receiving ack frame after having transmitted the frame.
2010-10-19 12:47:33 +03:00
Jouni Malinen
d75e880696 P2P: Try to re-create group interface if pending one is not available
This is needed to work around cases where the pending interface gets
removed, e.g., due to failed GO Negotiation. In such case, we may still
accept new GO Negotiation to be completed, but the interface did not
get created without a separate p2p_connect command.

The current implementation is not ideal since the re-created interface
may, at least in theory, get incorrect interface addrees. Though, this
would likely require that the driver supported more than one P2P group
interface and that the previous one was already taken into use for
another group.
2010-10-18 17:00:50 +03:00
Jouni Malinen
092acb5441 WPS: Add virtual flags in Config Methods for WPS 2.0 if needed
This is a workaround for incorrect configuration (missing
virtual/physical identifier for config methods) for WPS 2.0 to
allow unmodified configuration from WPS 1.0 to be used while
enforcing compliant WPS 2.0 values.
2010-10-16 12:57:47 +03:00
Jouni Malinen
b5c9da8db3 P2P: Add mechanism for updating P2P channel list based on driver events
This allows P2P channel list to be updated whenever the driver changes
its list of allowed channels, e.g., based on country code from scan
results.
2010-10-15 18:55:22 +03:00
Jouni Malinen
ac8d1011b7 P2P: Set channel list per channel instead of per band
This makes the channel list match with driver capabilities without
having to do workaround like disabling channels 12-14.
2010-10-15 18:51:37 +03:00
Jouni Malinen
4ae4650b4c P2P: Verify that forced channel is suitable for autonomous GO 2010-10-15 18:48:06 +03:00
Anil Gathala Sudha
a0dee79709 P2P: Send AP mode WPS-FAIL event to parent interface
The AP operation with wpa_supplicant requires an additional callback
to get the needed event information from hostapd side so that
wpa_msg() can be called for wpa_s->parent if needed.
2010-10-14 20:57:00 +03:00
Jouni Malinen
545cc6af25 P2P: Send WPS-FAIL event to parent interface, too
This makes it easier to figure out what went wrong during group
formation when per-group interfaces are used.
2010-10-14 20:52:31 +03:00
Jouni Malinen
81611b95ff WPS: Add Config Error into WPS-FAIL events
This makes it easier to figure out what could have failed in the
WPS protocol and potentially provide more information for the
user on how to resolve the issue.
2010-10-14 20:49:54 +03:00
Jouni Malinen
d054a4622c P2P: Reject multi-channel concurrent operations depending on driver
The driver wrapper can now indicate whether the driver supports
concurrent operations on multiple channels (e.g., infra STA connection
on 5 GHz channel 36 and P2P group on 2.4 GHz channel 1). If not,
P2P_CONNECT commands will be rejected if they would require
multi-channel concurrency.

The new failure codes for P2P_CONNECT:

FAIL-CHANNEL-UNAVAILABLE:
The requested/needed channel is not currently available (i.e., user has
an option of disconnecting another interface to make the channel
available).

FAIL-CHANNEL-UNSUPPORTED:
The request channel is not available for P2P.
2010-10-14 14:24:56 +03:00
Paul Stewart
174fa7898e bgscan: Add new channel condition parameters to signal change events
bgscan modules can potentially get a richer feel for the channel
condition and make better choices about scan/no-scan and roam/no-roam.
2010-10-12 20:03:36 +03:00
Jouni Malinen
3b29972c09 P2P: Limit p2p_connect .. pbc join based on BSSID
Allow only the expected P2P Interface Address as the BSSID for
the AP to avoid selecting incorrect BSS should there be another
device that is advertising active PBC mode before the target
P2P GO does.
2010-10-12 16:56:17 +03:00
Johannes Berg
6cb22d2fd1 P2P: Fix remain-on-channel abort race
When the P2P state machine requests a remain- on-channel, there's a
potential race where it can then request a stop before the r-o-c has
actually started, in which case the stop will not be processed. Fix
that.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-10-10 17:52:13 +03:00
Paul Stewart
8ee69e0633 dbus_new_handlers: Don't send NULL to dbus_message_new_error
The new DBus API helper function wpas_dbus_error_unknown_error
function can be called as a result of a failure within internal
getter calls, which will call this function with a NULL message
parameter.  However, dbus_message_new_error looks very unkindly
(i.e, abort()) on a NULL message, so in this case, we should not
call it.

I've observed this course of events during a call to
wpas_dbus_getter_bss_wpa with a faileld parse of the IE parameter.
We got here through a call to fill_dict_with_properties which
explicitly calls getters with a NULL message parameter.  Judging
from the way it is called, this could easily occur if an AP sends
out a malformed (or mis-received) probe response.  I usually run
into this problem while driving through San Francisco, so I'm
exposed to any number of base stations along this path.
2010-10-09 17:29:51 +03:00
Daniel Kurtz
556522ee09 dbus: Treat '' in SSIDs of Interface.Scan as a request for broadcast scan
This patch changes wpa_supplicant policy for handling '' in SSIDs field of
Interface.SSID DBus message. It treats '' (zero-length) SSID as a request
for a broadcast scan, instead of ignoring it.

This patch updates DBus API .Scan() logic per the test cases listed below:

1) Interface.Scan({'Type':'active', 'Channel':(2412, 20)})
   Request:     Active scan with only '' SSID (1 channel)
   Should be:   1 broadcast ProbeRequest on specified channel
   Previous:    1 broadcast ProbeRequest on specified channel
   This Patch:  1 broadcast ProbeRequest on specified channel

2) Interface.Scan({'Type':'active', 'Channel':(2412, 20), 'SSIDs':['']})
   Request:     Active scan with only '' SSID (1 channel)
   Should be:   1 broadcast ProbeRequest on specified channel
   Previous:    No ProbeRequests; passive scan results for specified channel
   This Patch:  FIXED: 1 broadcast ProbeRequest on specified channel

3) Interface.Scan({'Type':'active', 'Channel':(2412, 20), 'SSIDs':['MySSID']})
   Request:     Active scan with only non-'' SSIDs (1 channel)
   Should be:   1 directed ProbeRequest for each SSID on specified channel,
	no broadcast ProbeRequest
   Previous:    1 directed ProbeRequest for each SSID on specified channel,
	no broadcast ProbeRequest
   This Patch:  1 directed ProbeRequest for each SSID on specified channel,
	no broadcast ProbeRequest

4) Interface.Scan({'Type':'active', 'Channel':(2412, 20), 'SSIDs':['',
	'MySSID']})
   Request:     Active scan with SSIDs, including 1 '' SSID (1 channel)
   Should be:   1 broadcast ProbeRequest, 1 directed ProbeRequest for each
	non-'' SSID on specified channel
   Previous:    1 directed ProbeRequest for each non-'' SSID on specified
	channel
   This Patch:  FIXED: 1 broadcast ProbeRequest, 1 directed ProbeRequest for
	each non-'' SSID on specified channel
2010-10-09 16:27:53 +03:00
Daniel Kurtz
a7af023b84 dbus: Fix passive/active scans in some cases
Currently the DBus Interface.Scan API is counter-intuitive. It issues
ProbeRequests when doing passive scans when channels are specified, and
does not issue ProbeRequests for broadcast active scans.

This patch updates DBus API .Scan() logic per the test cases listed below:

 1) Interface.Scan({'Type':'passive'})
    Request:     Passive scan (all channels)
    Should be:   No ProbeRequests; Passive Scan results for all channels
    Previous:    1 ProbeRequest on all channels for both broadcast SSID and
	selected network (scan_ssid=1)
    This Patch:  --No change--: 1 ProbeRequest on all channels for both
	broadcast SSID and selected network (scan_ssid=1)

 2) Interface.Scan({'Type':'passive', 'Channel':(2412, 20)})
    Request:     Passive scan (1 channel)
    Should be:   No ProbeRequests; Passive Scan results for 1 channel
	(plus overlapping channels)
    Previous:    1 broadcast ProbeRequest on specified channel
    This Patch:  --Fixed--: No ProbeRequests; Passive Scan results for 1
	channel (plus overlapping channels)

 3) Interface.Scan({'Type':'active'})
    Request:     Active scan with no SSIDs (all channels)
    Should be:   1 broadcast ProbeRequest on all channels
    Previous:    No ProbeRequests;  passive scan results for all channels
    This Patch:  --Fixed--: 1 broadcast ProbeRequest on all channels

 4) Interface.Scan({'Type':'active', 'Channel':(2412, 20)})
    Request:     Active scan with no SSIDs (1 channel)
    Should be:   1 broadcast ProbeRequest on specified channel
    Previous:    No ProbeRequests; Passive scan results for specified
	channel (plus overlapping channels)
    This Patch:  --Fixed--: 1 broadcast ProbeRequest on specified channel
2010-10-09 16:22:39 +03:00
Jouni Malinen
01cf713e51 Fix .gitignore files to not ignore subdirectory matches
The previous used .gitignore files were mathing some files that
were actually already in the repository (e.g.,
hostapd/logwatch/hostapd). Avoid this by listing the conflicting
entries in the root directory .gitignore with full path.
2010-10-07 11:04:16 +03:00
Ben Greear
199716adb3 Fix wpa_supplicant build without CONFIG_WPS and CONFIG_AP 2010-10-07 10:41:58 +03:00
Johannes Berg
9919f7a22b Fix AP mode in wpa_supplicant with interface events
Needs to not trigger a scan here when the AP mode setup sets
interface down/up.
2010-10-06 17:10:07 +03:00
Jouni Malinen
d9c8a7c44c Fix build with CONFIG_WPS_OOB 2010-10-06 16:40:20 +03:00
Jouni Malinen
235f69fcd6 Mark ctrl_iface RX debug for PING commands excessive
This cleans up debug log from unnecessary entries when using
wpa_cli/hostapd_cli or other ctrl_iface monitors that PING
periodically to check connectivity.
2010-09-24 15:50:13 -07:00
Jouni Malinen
95ee81e4e7 WPS: Documented wps_er_pin MAC address option 2010-09-24 15:44:26 -07:00
Jouni Malinen
3981cb3cb8 WPS: Add wps_check_pin command for processing PIN from user input
UIs can use this command to process a PIN entered by a user and to
validate the checksum digit (if present).
2010-09-23 10:30:52 -07:00
Jouni Malinen
f648bc7d0d WPS: Use blacklist more aggressively during WPS provisioning
This allows more APs to be tried during the WPS timeout.
2010-09-22 11:50:15 -07:00
Jouni Malinen
0e2e565a44 WPS 2.0: Provide (Re)Association Response WPS IE to driver
WPS 2.0 mandates the AP to include WPS IE in (Re)Association Response
if the matching (Re)Association Request included WPS IE. Provide the
needed WPS IE information to the driver_ops API for drivers that
process association frames internally.

Note: This modifies the driver_ops API by adding a new argument to
set_ap_wps_ie().
2010-09-22 10:46:44 -07:00
Jouni Malinen
b4e34f2fdf WPS: Make testing operations configurable at runtime
Instead of build time options (CONFIG_WPS_TESTING_EXTRA_CRED and
CONFIG_WPS_EXTENSIBILITY_TESTING), use a single build option
(CONFIG_WPS_TESTING) and runtime configuration of which testing
operations are enabled. This allows a single binary to be used
for various tests.

The runtime configuration can be done through control interface
with wpa_cli/hostapd_cli commands:
Enable extensibility tests:
set wps_version_number 0x57
Disable extensibility tests (WPS2 build):
set wps_version_number 0x20
Enable extra credential tests:
set wps_testing_dummy_cred 1
Disable extra credential tests:
set wps_testing_dummy_cred 0
2010-09-21 19:51:23 -07:00
Jouni Malinen
9647120b07 WPS: Add more verbose debug info on PBC session overlap detection 2010-09-20 15:08:52 -07:00
Jouni Malinen
ff28ccafd5 WPS: Add BSSID to strict validation error messages
This makes it easier to figure out which AP is sending invalid
Beacon or Probe Response frames.
2010-09-20 14:54:22 -07:00
Jouni Malinen
7736f18bef WPS: Cancel WPS operation on PBC session overlap detection
Previously, wpa_supplicant remaining in scanning state without
trying to connect, but there is no particular need to do that.
Instead, cancel WPS operation completely whenever PBC session
overlap is detected.
2010-09-19 17:04:04 -07:00
Dan Harkins
df684d82ff EAP-pwd: Add support for EAP-pwd server and peer functionality
This adds an initial EAP-pwd (RFC 5931) implementation. For now,
this requires OpenSSL.
2010-09-14 21:51:40 -10:00
Jouni Malinen
ea184114ca Allow auto-connect to request scan in associating state
Disconnection event may be received while in associating state.
Previously, wpa_supplicant could get stuck not trying to reconnect
in that case at least with nl80211. Allow scan request in this
state to avoid the issue. This helps especially with APs that do
load balancing by sending Deauthentication frame as a response to
Reassociation Request frame after successful Authentication frame
exchange.
2010-09-14 00:07:54 -07:00
Sudhakar Swaminathan
0f66abd25b P2P: Add option for disabling intra BSS distribution
p2p_intra_bss configuration parameter can now be used to
disable/enable intra BSS distribution (bridging of frames between
the clients in a group).
2010-09-10 10:30:26 -07:00
Ardong Chen
0d0a8ca1cc Add option for disabling automatic reconnection on disconnection
ctrl_interface STA_AUTOCONNECT command can now be used to disable
automatic reconnection on receiving disconnection event. The default
behavior is for wpa_supplicant to try to reconnect automatically, i.e.,
to maintain previous behavior.
2010-09-10 10:30:26 -07:00
Ardong Chen
2049af2bd5 P2P: Fix invitation_received callback to use NULL bssid (if not known)
Previously, the storage buffer for the Group BSSID was returned
regardless of whether it was included in the invitation or not.
2010-09-10 10:30:26 -07:00
Kuko Li
4c01083400 P2P: Do not process configuration changes on non-P2P interfaces 2010-09-10 10:30:26 -07:00
Jouni Malinen
b73bf0a74b P2P: Stop connection attempt on PBC session overlap
The overlap condition cannot disappear before group formation timeout
hits, so there is no point in continuing in this case and failure can
be indicated immediately.
2010-09-10 10:30:25 -07:00
Jouni Malinen
3094d4837a P2P: Use group formation timeout (but longer one) with join-a-group
This allows the pending group interface to be removed if we fail
to join a running group. A longer than 15 second timeout is needed
here since the GO may not have authorized our connection yet.
2010-09-10 10:30:25 -07:00
Jouni Malinen
ae3e342108 P2P: Add peer timeout into group formation 15 second timeout
This adds some more time for WPS provisioning step in case the peer
takes long time to start group interface operations.
2010-09-10 10:30:25 -07:00
Ardong Chen
2f9929ffcc WPS: Allow pending WPS operation to be cancelled
A new ctrl_interface command, WPS_CANCEL, can now be used to cancel
a pending or ongoing WPS operation. For now, this is only available
with wpa_supplicant (either in station or AP mode). Similar
functionality should be added for hostapd, too.
2010-09-10 10:30:25 -07:00
Ardong Chen
014732ea81 WPS: Fix timeout event to be sent over ctrl_interface
This was supposed to be sent to external event monitors, i.e., to
use wpa_msg instead of wpa_printf.
2010-09-10 10:30:25 -07:00
Wei-Jen Lin
c0a321c519 Allow bssid parameter to be cleared through ctrl_interface
Setting bssid to an empty string, "", or any can now be used to
clear the bssid_set flag in a network block, i.e., to remove bssid
filtering.
2010-09-10 10:30:25 -07:00
Ardong Chen
876103dc6c wpa_cli action: Add WPS_EVENT_SUCCESS and WPS_EVENT_FAIL handlers 2010-09-10 10:30:25 -07:00
Ardong Chen
c481048f7c P2P: Add frequency into group started ctrl_interface events 2010-09-10 10:30:25 -07:00
Jouni Malinen
812bf56ab1 Fix build without CONFIG_P2P=y 2010-09-09 07:20:28 -07:00
Jouni Malinen
e9a7ae41fa P2P: Use SSID from GO Negotiation to limit WPS provisioning step
In order to avoid picking incorrect SSID from old scan results, use
SSID from GO Negotiation to select the AP.
2010-09-09 07:17:23 -07:00
Jouni Malinen
743ef79914 P2P: Deinit GO group data before global P2P deinit
This avoids issues with using freed memory in p2p_group_deinit().
2010-09-09 07:17:23 -07:00
Jouni Malinen
f8d0131a11 P2P: Use operating frequency from peer table as backup for join
The scan operation before Provision Discovery Request may not include
the GO. However, we are likely to have the GO in our P2P peer table,
so use that information to figure out the operating channel if BSS
table entry is not available.
2010-09-09 07:17:23 -07:00
Jouni Malinen
a482883f63 P2P: Fix connect-to-running-group if Action TX status is delayed
The following operations (scan and associate) were not run if the
Provisioning Discovery Response is received before the TX Action
status.
2010-09-09 07:17:23 -07:00
Jouni Malinen
ab218b7c72 P2P: Add some more debug information for Action frame TX 2010-09-09 07:17:22 -07:00
Jouni Malinen
1cc3a29d49 P2P: Clear pending Action TX frame on p2p_stop_find and p2p_listen
This is needed to avoid issues with the previous TX command from
stopping long Listen state.
2010-09-09 07:17:22 -07:00
Jouni Malinen
b6c79a998f Add test command for disabling/enabling A-MPDU aggregation
ctrl_iface command "SET ampdu <0/1>" can now be used to
disable/enable A-MPDU aggregation.
2010-09-09 07:17:21 -07:00
Jouni Malinen
10b9ac17cf P2P: For now, do not use channels 12-14 in P2P groups
This is needed to make sure we do not try to accidentally enable GO
in channels that may not be allowed. In addition, this may help with
some driver that do not like channel 14 even as a passive scan
channel.
2010-09-09 07:17:21 -07:00
Jouni Malinen
7fbf99aa6b P2P: Add an example p2p-action script for udhcpc/udhcpd 2010-09-09 07:17:21 -07:00
Jouni Malinen
56815b2b7d Copy WPS strings into AP configuration when using wpa_supplicant AP 2010-09-09 07:17:21 -07:00
Jouni Malinen
1c9cb49fe9 Trigger WPS configuration update on string changes
Previously, only Device Name string was handled, but similar trigger
is needed on Manufacturer, Model Name, Model Number, and Serial Number
changes.
2010-09-09 07:17:21 -07:00
Jouni Malinen
0e14267a31 P2P: Avoid segfault on AP deinit after failed AP start 2010-09-09 07:17:21 -07:00
Jouni Malinen
e1f1509bb0 P2P: Fix P2P IE generation for AssocReq when BSS info is not available
This code could segfault on NULL pointer dereference at least when
ap_scan=2 is used.
2010-09-09 07:17:21 -07:00
Jouni Malinen
c4ea4c5c90 P2P: Allow driver wrapper to indicate how many stations are supported
This can be used to limit the number of clients allowed to connect
to the group on the GO.
2010-09-09 07:17:21 -07:00
Jouni Malinen
f80a2237ca Fix AP mode wps_pin command to return the entered PIN
This command is supposed to return the PIN value that was generated
or passed in as an argument. In the AP case, the entered PIN was not
being returned.
2010-09-09 07:17:21 -07:00
Jouni Malinen
eea2fd9eff P2P: Add mechanism for configuring UAPSD parameters for group
This is needed to be able to change parameters for dynamically
created interfaces between the creation of the interface and
association/start AP commands.

Following ctrl_interface commands can now be used:

P2P_SET client_apsd disable
- disable configuration (i.e., use driver default) in client mode

P2P_SET client_apsd <BE>,<BK>,<VI>,<VO>;<max SP Length>
- enable UASPD with specific trigger configuration (0/1) per AC
  (max SP Length is currently ignored)

P2P_SET go_apsd disable
- disable configuration (i.e., use driver default) in AP mode

P2P_SET go_apsd <0/1>
- disable/enable APSD in AP mode
2010-09-09 07:17:21 -07:00
Jouni Malinen
3dfda83d9c P2P: Add Device Password ID to GO Neg Request RX event
This event indicates the Device Password ID that the peer tried
to use in GO Negotiation. For example:
P2P-GO-NEG-REQUEST 02:40:61:c2:f3:b7 dev_passwd_id=4
2010-09-09 07:17:20 -07:00
Jouni Malinen
4147a2cc64 P2P: Fix p2p_connect join with interface address
Need to fetch P2P Device Address from the peers table in case the
p2p_connect join command uses interface address.
2010-09-09 07:17:20 -07:00
Jouni Malinen
72044390f3 P2P: Add support for cross connection
If enabled, cross connection allows GO to forward IPv4 packets
using masquerading NAT from the P2P clients in the group to an
uplink WLAN connection. This is disabled by default and can be
enabled with "wpa_cli p2p_set cross_connect 1" on the P2P device
interface.
2010-09-09 07:17:20 -07:00
Jouni Malinen
aefb53bd5d P2P: Disable periodic NoA when non-P2P STA is connected
For now, this applies to the test command that can be used to set
periodic NoA (p2p_set noa). The value are stored and periodic NoA
is enabled whenever there are no non-P2P STAs connected to the GO.
2010-09-09 07:17:20 -07:00
Jouni Malinen
4c08c0bd57 P2P: Include P2P IE in (Re)AssocReq to infra AP if it uses P2P IE
While this is not strictly speaking required by the P2P specification
for a not-P2P Managed Device, this can provide useful information for
the P2P manager AP and may be needed to pass certification tests.
2010-09-09 07:17:20 -07:00
Jouni Malinen
43a3863516 Trigger scan on reload-config only if there are enabled networks 2010-09-09 07:17:20 -07:00
Jouni Malinen
d9d6a58c8f P2P: Fix invitation to active group to use correct operating channel
Invitation Request must use the current operating frequency of the
group, not the default operating channel.
2010-09-09 07:17:20 -07:00
Jouni Malinen
dcf788d1a4 WPS: Fix configuration strings on config reload
Previously, freed memory could be used as device name (and other similar
parameters) when building WPS IE after SIGHUP.
2010-09-09 07:17:20 -07:00
Jouni Malinen
af8ab1ae97 P2P: Use 'Enrollee info' WPS request type in P2P scans
This avoids setting explicit Request-to-Enrollee request when
WPS 2.0 is used.
2010-09-09 07:17:20 -07:00
Jouni Malinen
131cb37c2d P2P: Allow pre-authorization of invitation to apply to src addr
For client-invites-device case, the pre-authorization of an invitation
to running group will need to allow Invitation Request from specified
address, too. This is for testing uses only.
2010-09-09 07:17:19 -07:00
Jouni Malinen
6d4747a9a2 Add P2P Interface Address into ctrl_iface status output 2010-09-09 07:17:19 -07:00
Jouni Malinen
80c9582a5f P2P: Add test command for filtering which peers are discovered
"wpa_cli p2p_set peer_filter <MAC address>" can now be used to
only allow a single P2P Device (based on P2P Device Address) to be
discovered for testing. Setting the address to 00:00:00:00:00:00
disables the filter.
2010-09-09 07:17:19 -07:00
Jouni Malinen
6e6963ea86 P2P: Add test mode for SD to force fragmented response 2010-09-09 07:17:19 -07:00
Jouni Malinen
18708aadfc P2P: Initial support for SD fragmentation (GAS Comeback Request/Response) 2010-09-09 07:17:19 -07:00
Jouni Malinen
2a43101e48 P2P: Fix memory leak in SD service entries
Need to flush stored service entries when wpa_supplicant is being
terminated.
2010-09-09 07:17:19 -07:00
Jouni Malinen
bf608cad56 P2P: Rename SD info not available define to match with spec change 2010-09-09 07:17:19 -07:00
Jouni Malinen
706887fc28 P2P: Stop early when processing not-persistent invitation result 2010-09-09 07:17:19 -07:00
Jouni Malinen
2e062d5d74 P2P: Fix Group ID in Invitation Request from active GO
Need to get P2P Device Address, not the Interface Address.
2010-09-09 07:17:19 -07:00
Jouni Malinen
108def931e P2P: Add command for pre-authorizing an invitation to an active group
This is mainly designed for testing and allows p2p_connect join auth
to be used to accept a specific invitation to an active group that
may be received in the future.
2010-09-09 07:17:19 -07:00
Jouni Malinen
3c5126a41f P2P: Set Device Password ID in WPS M1/M2 per new rules
If the P2P client (WPS Enrollee) uses a PIN from the GO (Registrar),
Device Password ID in M1 & M2 is set to Registrar-specified.
2010-09-09 07:17:19 -07:00
Jouni Malinen
ef922c4a34 P2P: Run a scan before provision discovery in p2p_connect join
This is needed to make sure we have fresh BSS information for the GO.
2010-09-09 07:17:19 -07:00
Jouni Malinen
c381508d88 P2P: Implement power save configuration
wpa_cli p2p_set ps <0/1/2>
wpa_cli p2p_set oppps <0/1>
wpa_cli p2p_set ctwindow <0..> msec
2010-09-09 07:17:19 -07:00
Jouni Malinen
07a30a66c3 P2P: Do not schedule new remain-on-channel if waiting for drv event
The driver event for remain-on-channel may be delayed in a way that
allows management-frame-received event to be received before
wpa_supplicant knows that the driver is actually already on the
previously requested channel. We should not request a new
remain-on-channel to send a response to just a frame if we are waiting
for the driver to get to the same channel. Instead, just continue
waiting for the driver event.
2010-09-09 07:17:18 -07:00
Jouni Malinen
d6ae995057 P2P: Fix infinite loop on interface selection for Action frame TX
When the first wpa_supplicant interface is not the correct one for
transmitting an Action frame (e.g., P2P Presence Request frame
uses a group interface), the code got stuck in an infinite busy
loop. Fix the iteration to go through the interfaces properly.
2010-09-09 07:17:18 -07:00
Jouni Malinen
df91238b54 P2P: wpa_qui-qt4: Add P2P functionality into the GUI 2010-09-09 07:17:18 -07:00
Jouni Malinen
42f0101b4d P2P: wpa_cli action calls for P2P group started/removed events 2010-09-09 07:17:18 -07:00
Jouni Malinen
57faa1cee8 wpa_cli: Add P2P commands 2010-09-09 07:17:18 -07:00
Jouni Malinen
9fdd0fada7 P2P: Add disassociation/deauthentication IE notifications 2010-09-09 07:17:18 -07:00
Jouni Malinen
9bae1be0a1 P2P: Map driver events to P2P event notifications 2010-09-09 07:17:18 -07:00
Jouni Malinen
0c6b310e83 P2P: Show P2P info in ctrl_iface scan results 2010-09-09 07:17:18 -07:00
Jouni Malinen
d23bd8940f P2P: Show P2P Device Address in wpa_cli status 2010-09-09 07:17:18 -07:00
Jouni Malinen
b563b3882e P2P: Add control interface commands for P2P 2010-09-09 07:17:18 -07:00
Jouni Malinen
0817de904e P2P: Optimize scan timeouts for group formation 2010-09-09 07:17:17 -07:00
Jouni Malinen
5f3a6aa0a4 P2P: Add P2P IE into (Re)Association Request frames 2010-09-09 07:17:17 -07:00
Jouni Malinen
0e65037c27 P2P: Add P2P IE into Probe Request frames 2010-09-09 07:17:17 -07:00
Jouni Malinen
6e3f4b89ea P2P: Let the driver wrapper know if association is for P2P group 2010-09-09 07:17:17 -07:00
Jouni Malinen
e44f8bf20a P2P: Add P2P configuration and callbacks in hostapd code 2010-09-09 07:17:17 -07:00
Jouni Malinen
b22128efdc P2P: Add initial version of P2P Module 2010-09-09 07:17:17 -07:00
Jouni Malinen
fdadd5fe03 P2P: Do not register l2_packet on dedicated P2P device interface 2010-09-09 07:17:17 -07:00
Jouni Malinen
73e492693d P2P: Add TODO note for Group Formation bit use in AP selection 2010-09-09 07:17:17 -07:00
Jouni Malinen
4c2c302893 P2P: Remove 802.11b rates from wpa_supplicant AP mode operations
TODO: do this only for P2P group interface
2010-09-09 07:17:17 -07:00
Jouni Malinen
4dac02455a P2P: Use config block with disabled==2 to store persistent groups 2010-09-09 07:17:17 -07:00
Jouni Malinen
75bde05d53 P2P: Add driver operations for P2P use 2010-09-09 07:17:16 -07:00
Jouni Malinen
2ff99b3c38 P2P: Do not save temporary networks 2010-09-09 07:17:16 -07:00
Jouni Malinen
b2c5a4a3df P2P: Do not filter BSSes based on SSID during P2P Provisioning
TODO: Use group id from GO Neg instead(?)
2010-09-09 07:17:16 -07:00
Jouni Malinen
9fa243b295 P2P: Let WPS code know if it is used in a P2P group 2010-09-09 07:17:16 -07:00
Jouni Malinen
e3768e7c94 P2P: Add global configuration parameters for P2P 2010-09-09 07:17:16 -07:00
Jouni Malinen
2c5d725c65 P2P: Add dynamic network config block parameters for P2P 2010-09-09 07:17:16 -07:00
Jouni Malinen
611aea7d41 Allow ctrl_iface SET command to change global config parameters 2010-09-09 07:17:16 -07:00
Jouni Malinen
1d47214aa9 Add flag indicating which global configuration parameters have changed 2010-09-09 07:17:16 -07:00
Jouni Malinen
121adf9c2e Move global configuration parser into config.c
This makes it easier to provide support for dynamic updates of the
global configuration parameters while wpa_supplicant is running.
2010-09-09 07:17:16 -07:00
Jouni Malinen
42f50264c0 WPS: Make fragment size configurable for EAP-WSC peer
"wpa_cli set wps_fragment_size <val>" can now be used to configure the
fragment size limit for EAP-WSC.
2010-09-09 06:07:49 -07:00
Jouni Malinen
cae67937ca WPS: Fix CONFIG_WPS_STRICT build option
This was not supposed to be depending on CONFIG_WPS_NFC.
2010-09-09 06:07:49 -07:00
Jouni Malinen
ad4741183f WPS 2.0: Make sure PHY/VIRT flag gets set for PBC 2010-09-09 06:07:48 -07:00
Jouni Malinen
53587ec183 WPS 2.0: Make WSC 2.0 support to be build option (CONFIG_WPS2)
For now, the default build will only include WSC 1.0 support.
CONFIG_WPS2=y can be used to add support for WSC 2.0.
2010-09-09 06:07:48 -07:00
Jouni Malinen
54f489be45 WPS 2.0: Validate WPS attributes in management frames and WSC messages
If CONFIG_WPS_STRICT is set, validate WPS IE(s) in management frames and
reject the frames if any of the mandatory attributes is missing or if an
included attribute uses an invalid value. In addition, verify that all
mandatory attributes are included and have valid values in the WSC
messages.
2010-09-09 06:07:48 -07:00
Jouni Malinen
6a857074f4 WPS 2.0: Add virtual/physical display and pushbutton config methods 2010-09-09 06:07:47 -07:00
Jouni Malinen
31fcea931d WPS 2.0: Add support for AuthorizedMACs attribute
Advertize list of authorized enrollee MAC addresses in Beacon and
Probe Response frames and use these when selecting the AP. In order
to provide the list, the enrollee MAC address should be specified
whenever adding a new PIN. In addition, add UUID-R into
SetSelectedRegistrar action to make it potentially easier for an AP
to figure out which ER sent the action should there be multiple ERs
using the same IP address.
2010-09-09 06:07:47 -07:00
Jouni Malinen
266c828e54 bgscan learn: Fix build
Commit 9ff80a10e8 forgot to include the
new scan variable in the coded copied from bgscan_simple.c. Add that
here to fix the build.
2010-09-09 05:59:06 -07:00
Jouni Malinen
af3e1b0ec2 dbus: Verify WPA/RSN IE parser result before returning data 2010-09-04 22:01:29 +03:00
Jouni Malinen
7f5420691e wpa_supplicant AP: Make sure deauth/disassoc event is valid
Verify that the driver wrapper is using a valid deauth/disassoc
event before dereferencing the addr pointer. The address is required
to be set in AP mode, but it is safer to verify this here than to
trust on all driver wrappers doing the correct thing.
2010-09-04 21:50:12 +03:00
Jouni Malinen
a745b7a775 wpa_gui-qt4: Update copyright years to include 2010 2010-09-04 17:39:33 +03:00
Jouni Malinen
17f9f44ed8 Update WinPcap to the latest stable version 4.1.2 2010-09-04 17:37:57 +03:00
Jouni Malinen
0c80427d77 NDIS: Fix association for WPS provisioning with protected AP
Some NDIS drivers require a workaround to allow them to associate
with a WPS AP that is already using protection (Privacy field = 1).
Let driver_ndis.c know if the AP is already using Privacy and if so,
configure a dummy WEP key to force the driver to associate.
2010-09-04 13:56:12 +03:00
Jouni Malinen
687179edb5 Add libgcc_s_dw2-1.dll to the Windows installation package
This seems to be needed for wpa_gui.exe with the new Qt version.
2010-09-04 12:55:55 +03:00
Jouni Malinen
de1267d4eb winreg: Get rid of compiler warning 2010-09-02 13:22:52 +03:00
Jouni Malinen
0c703df32d Fix BSS selection with multiple configured networks
Commit d8d940b746 broke the logic on
iterating through all configured network blocks. This was supposed
to continue the loop on mismatch to allow other than the first
configured network to be found.
2010-08-28 12:04:21 +03:00
Masashi Honma
60da5e0f3f Solaris: Add support for wired IEEE 802.1X client
This patch adds support for wired IEEE 802.1X client on the Solaris.

I have tested with these:
OS : OpenSolaris 2009.06
EAP : EAP-MD5
Switch : Cisco Catalyst 2950
2010-08-28 11:40:07 +03:00
Jouni Malinen
9ff80a10e8 bgscan learn: Skip immediate scan on initial signal event
The driver is likely to indicate an immediate signal event when the
threshold value is configured. Since we do this immediately after
association, there is not much point in requesting a new scan to be
started based on this event.
2010-08-27 20:30:19 +03:00
Jouni Malinen
1e6ef6455c bgscan simple: Skip immediate scan on initial signal event
The driver is likely to indicate an immediate signal event when the
threshold value is configured. Since we do this immediately after
association, there is not much point in requesting a new scan to be
started based on this event.
2010-08-27 20:29:02 +03:00
Jouni Malinen
d8d940b746 Merge WPA and non-WPA network selection routines
This removes quite a bit of duplicated code and allows network block
priority configuration to be used to prefer unprotected networks and
also allows use on open network with good signal strength even if
scan results show a protected network with marginal signal strength
that does not allow it to be used.
2010-08-27 20:05:49 +03:00
Jouni Malinen
60a972a68d Add current signal strength into signal quality change events 2010-08-27 16:58:06 +03:00
Jouni Malinen
09f58c0984 Share common code in wpa_supplicant_{disassociate,deauthenticate}() 2010-08-26 13:43:38 +03:00
Jouni Malinen
eb0a3c7f96 Cancel authentication timeout on local deauth/disassoc request
Without this, the timeout may be left behind even when we are not
connected and may result in unwanted operation when the timeout
triggers.
2010-08-26 13:39:58 +03:00
Masashi Honma
509a39727f WPS: Fix unused variable warning
The wpa_supplicant compilation without CONFIG_WPS option results in
messages below.

scan.c: In function 'wpa_supplicant_scan':
scan.c:246: warning: unused variable 'wps'

This trivial patch erases this warning.
2010-08-20 09:44:50 +03:00
Jouni Malinen
f9cd8587fb dbus: Deauthenticate instead of disassociate on disconnect command
This clears up authentication state in the driver and in case of
cfg80211, unlocks the BSS entry for the previously used AP. The
previous commit cf4783e35f changed
only the ctrl_iface DISCONNECT command behavior; this new commit
does the same for D-Bus commands.
2010-08-18 21:27:30 +03:00
Samuel Ortiz
7e26053a2c sme: Check for prev_bssid from sme_event_disassoc
wpa_s->bssid is already cleared by mark_disassoc() when we're getting the
disassociation event for the case where wpa_supplicant requested
disassociation. wpa_s->sme.prev_bssid holds the BSSID we need to check
for, so use that instead.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2010-08-18 21:23:26 +03:00
Jouni Malinen
2e75a2b3a6 Add more debug info on deauth/disassoc events and commands 2010-08-17 21:04:38 +03:00
Samuel Ortiz
cb1583f64b sme: Try all authentication algorithms when the first one fails
When passing several authentication algorithms through auth_alg, we
should try all of them when the first one fails. The wext driver goes
through the connect nl80211 command and the retries are then handled by
the kernel. The nl80211 doesn't and we have to handle that from
userspace.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2010-08-17 16:39:33 +03:00
Jouni Malinen
77895cd937 Add a mechanism to insert notes to wpa_supplicant debug log
This can be used to insert information from external programs to the
wpa_supplicant debug log.
2010-08-11 18:07:22 +03:00
Jouni Malinen
f3f0f648d7 wpa_cli: Clean up redrawing and filter out BSS added/removed events 2010-08-11 17:58:04 +03:00
Jouni Malinen
24f7694062 Remove get-first-scan-results-before-request optimization
This has already been disabled in most use cases and can result
in problems with some drivers, so better just remove it completely.
2010-07-18 16:11:03 -07:00
Jouni Malinen
9b7124b27f Add some more debug for driver events 2010-07-17 20:33:34 -07:00
Jouni Malinen
5bc0cdb721 Ignore scan results in wpa_supplicant AP mode
This is needed to avoid trying to reassociate based on new scan
results when using wpa_supplicant to control AP mode. This could
happen if something external triggered the driver to run a scan.
2010-07-17 20:32:25 -07:00
Jouni Malinen
979b988ed6 WPS: Do not allow Label and Display config methods to be enabled
It is unclear which PIN is used if both Label and Display config
methods are advertised. Avoid this by not allowing such configuration.
2010-07-17 20:30:49 -07:00
Jouni Malinen
4436274bef SME: Do not skip initial scan request
When SME is in wpa_supplicant (mac80211), we need to make sure that
the kernel code has valid BSS entry for the AP. In some cases it
seemed to be possible to end up not having current information in
cfg80211 or mac80211 which can result to association failures. Avoid
this by always running through the scan request before initial
connection attempt.
2010-07-17 20:28:22 -07:00
Jouni Malinen
6e3f7173f1 SME: Retry scan after authentication failure
This is needed to avoid getting stuck if driver fails authentication
request for some reason.
2010-07-17 20:27:19 -07:00
Jouni Malinen
3f967fe055 Verify that l2_packet is initialized before notification call
It is possible that l2_packet is not used with wpa_supplicant
in some cases, so better make sure we do not end up notifying
l2_packet code about authentications unless it was actually
initialized in the first place.
2010-07-17 20:26:47 -07:00
Jouni Malinen
69a6b47aa0 Fix wpa_supplicant AP mode to ignore EAPOL Supplicant port callback
This is needed to avoid setting EAPOL PAE port status incorrectly
when using wpa_supplicant to control AP mode operations.
2010-07-17 20:25:41 -07:00
Jouni Malinen
79614ec55b bgscan learn: Remove forgotten debug printf 2010-07-10 19:59:31 -07:00
Jouni Malinen
3b7442e5fe bgscan learn: Mark BSSes that show up in the same scan as neighbors 2010-07-10 18:33:22 -07:00
Jouni Malinen
2e2a8d073d bgscan learn: Probe one new channel at a time to find APs
This allows APs to be found from channels that have not previously
been observed to contain APs for this ESS.
2010-07-10 18:09:41 -07:00
Jouni Malinen
fc480e88bf bgscan learn: Learn BSS information based on previous scans
Store list of all discovered BSSes in the ESS and on which frequencies
they have been seen. Use this information to dynamically generated the
list of channels for background scans.
2010-07-10 17:41:16 -07:00
Jouni Malinen
2e8d6ae32e bgscan learn: Add data file for storing learned network information 2010-07-10 16:05:31 -07:00
Jouni Malinen
c4d71c2505 bgscan: Add starting point for more advanced bgscan module: learn
This is based on the bgscan "simple" module and this initial commit
does not add any new functionality.
2010-07-10 15:55:48 -07:00
Jouni Malinen
c2594c3677 bgscan: Provide scan results to the notify_scan handler 2010-07-10 15:43:44 -07:00
Sam Leffler
3b038d7968 Fix bgscan stopping after dissassociation
Clear bgscan_ssid on disassoc event so bgscan is initialized the next
time we reach COMPLETED state.
2010-07-10 14:43:48 -07:00
Jouni Malinen
41e650ae5c WPS: Use different scan result sorting rules when doing WPS provisioning
The AP configuration may change after provisioning, so it is better
not to use the current security policy to prioritize results. Instead,
use WPS Selected Registrar attribute as the main sorting key and use
signal strength next without considering security policy or rate sets.
The non-WPS provisioning case remains as-is, i.e., this change applies
only when trying to find an AP for WPS provisioning.
2010-06-11 13:50:13 -07:00
Jouni Malinen
f62c2315f7 Show signal level and WPS support in scan results debug dump
This makes it easier to debug AP selection for WPS provisioning.
2010-06-11 13:47:33 -07:00
Jouni Malinen
d902a9c1bc Fix scan_runs counting
Addition of the background scanning mechanism in commit
60b94c9819 moved the scan trigger
into a new function that was also incrementing the scan_runs
counter, but the removal of the previous scan_runs incrementation
was forgotten from that patch. This counter should only be updated
into a single location, so remove the old one. This improves AP
selection for WPS provisioning by not skipping some of the initial
scans.
2010-06-11 11:15:16 -07:00
Jouni Malinen
7d6640a62c WPS ER: Add command for configuring an AP
wps_er_config can now be used to configure an AP. It is similar to
wps_er_learn, but instead of only learning the current AP settings,
it continues to send M8 with the new settings for the AP.
2010-05-28 00:01:48 +03:00
Jouni Malinen
3085b8052e WPS ER: Add initial documentation for External Registrar functionality 2010-05-27 15:25:18 +03:00
Jouni Malinen
15dbf1291a WPS ER: Add ctrl_iface event for learned AP settings 2010-05-27 15:24:45 +03:00
Jouni Malinen
0848668513 WPS ER: Allow AP filtering based on IP address
wps_er_start command now takes an optional parameter that can be used
to configure a filter to only allow UPnP SSDP messages from the
specified IP address. In practice, this limits the WPS ER operations
to a single AP and filters out all other devices in the network.
2010-05-27 15:23:55 +03:00
Jouni Malinen
7cc5995845 Skip D-Bus signals if the dbus_path is not yet set
This avoids an invalid D-Bus call during interface initialization.
The wpa_state change can happen before the D-Bus interface is set up,
so we must be preparted to handle this early event signal. In theory,
it should be possible to reorder initialization code to make sure
D-Bus signals are ready, but that would likely require quite a bit of
code restructuring, so it looks like a safer option for now is to just
skip the early event.
2010-05-23 20:23:11 +03:00
Jouni Malinen
25c226ea45 Fix CONFIG_AP=y build without CONFIG_IEEE8021X_EAPOL=y 2010-05-23 12:18:47 +03:00
Masashi Honma
37a86b7b36 Fix: AP mode wpa_supplicant build
The wpa_supplicant compilation with CONFIG_AP option and without
CONFIG_IEEE80211R, CONFIG_WPS, NEED_SME, CONFIG_CLIENT_MLME options
results in following messages.

../src/ap/drv_callbacks.o: In function `hostapd_notif_assoc':
../src/ap/drv_callbacks.c:59: undefined reference to
`ieee802_11_parse_elems'
gmake: *** [wpa_supplicant] Error 1
2010-05-23 12:12:40 +03:00
Jouni Malinen
8401a6b028 Add Linux rfkill support
Add a new wpa_supplicant state: interface disabled. This can be used
to allow wpa_supplicant to be running with the network interface even
when the driver does not actually allow any radio operations (e.g.,
due to rfkill).

Allow driver_nl80211.c and driver_wext.c to start while rfkill is in
blocked state (i.e., when ifconfig up fails) and process rfkill
events to block/unblock WLAN.
2010-05-23 10:27:32 +03:00
Kel Modderman
1491f8a785 wpa_gui-qt4: Fix network selection
Use regular expression matches to see if input is not the (now translated?)
string "Select any network" and is a "<network id>: <ssid>" string or the
"all" keyword where that is applicable.

Signed-off-by: Kel Modderman <kel@otaku42.de>
2010-05-02 11:17:13 +03:00
Kel Modderman
adc8d4a791 Fix enabling of networks while another network is being used
Enable a network block, even if there is a current configuration, if it
was disabled.

Signed-off-by: Kel Modderman <kel@otaku42.de>
2010-05-02 11:08:03 +03:00
Jouni Malinen
0b86f67a29 Add wpa_gui-qt4 translation files into build 2010-04-18 19:15:07 +03:00
Jouni Malinen
4fc387fce8 wpa_gui: lupdate run before release 2010-04-18 19:08:14 +03:00
Jouni Malinen
df9b245e76 wpa_gui: Fix Windows build 2010-04-18 19:06:24 +03:00
Jouni Malinen
be48214d2b Preparations for 0.7.2 release 2010-04-18 18:02:34 +03:00
Masashi Honma
5008cb5e55 Support for Solaris default shell restriction
Some shells (like Solaris default /bin/sh) doesn't allow -e
option for file existence check. Use -f instead.
2010-04-17 17:15:23 +03:00
Jouni Malinen
74e259ec7c Do not trigger initial scan if there are no enabled networks
This allows wpa_supplicant to be started quickly with an empty
configuration. If an external program wants to fetch scan results
from wpa_supplicant, it will need to request a scan explicitly
in this type of case.
2010-04-16 18:56:23 +03:00
Jouni Malinen
5fbc1f279b Fix get_interfaces() driver call to use correct drv_priv data 2010-04-14 16:38:53 +03:00
Jouni Malinen
20e26395c8 SME: Fix build without 802.11r or WPS 2010-04-12 09:39:36 +03:00
Jouni Malinen
92aaafe6bd .gitignore for generated language files 2010-04-11 23:00:51 +03:00
Stefan Oswald
7c00f6ba86 wpa_gui: Add Qt translator installation and German translation
This takes QTranslator into use and adds a German translation of
wpa_gui.
2010-04-11 22:58:08 +03:00
Stefan Oswald
0d76b1ab5f wpa_gui: Make Status strings visible to linguist
Linguist cannot see the strings coming from wpa_supplicant, so create
a function that translates these to tr() strings inside wpa_gui
source code.
2010-04-11 22:42:02 +03:00
Stefan Oswald
9086fe4466 wpa_gui: Convert strings to use tr() in user-visible text
This is in preparation for allowing wpa_gui to be translated.
2010-04-11 22:35:02 +03:00
Witold Sowa
c56ce48a6f dbus: Add new KeyMgmt interface capabilities
Add "wpa-ft-psk", "wpa-psk-sha256", "wpa-ft-eap" and "wpa-eap-sha256"
possible KeyMgmt values of interface capabilities to fit values in
BSS RSN options dictionary.
2010-04-11 21:37:28 +03:00
Jouni Malinen
0544b24248 Add BSSID and reason code (if available) to disconnect event
This adds more details into the CTRL-EVENT-DISCONNECTED event to
make it easier to figure out which network was disconnected in some
race conditions and to what could have been the reason for
disconnection. The reason code is currently only available with
the nl80211 driver wrapper.
2010-04-11 21:25:15 +03:00
Jouni Malinen
c706d5aa17 Add wpa_supplicant AP mode events for Public Action frames 2010-04-11 20:33:33 +03:00
Jouni Malinen
b3db190fa2 Started to make set_ap_wps_ie() capable of adding multiple IEs
This mechanism can be used to add various IEs to Beacon and Probe
Response frames and it should be made clear that it is not reserved
only for WPS IE.
2010-04-11 20:16:43 +03:00
Jouni Malinen
f90ceeaabf wpa_supplicant AP mode: Add function for enabling MAC address filtering
This can be used to allow only a specific station to associate.
2010-04-11 20:08:00 +03:00
Jouni Malinen
48b357a989 Make sure AP interface is initialize before accepting WPS commands 2010-04-11 20:06:12 +03:00
Jouni Malinen
7a649c7dda wpa_supplicant AP: More thorough AP mode deinit 2010-04-11 20:03:39 +03:00
Jouni Malinen
508545f3a9 Add more wpa_supplicant AP mode parameters for the driver wrapper
This makes it easier to configure AP mode for drivers that take care
of WPA/RSN IE generation.
2010-04-11 20:02:01 +03:00
Jouni Malinen
4b768ed0b2 Add registerable callback for wpa_supplicant AP mode completion 2010-04-11 19:59:33 +03:00
Jouni Malinen
1c4c9c5078 Try to start a new scan more quickly after driver rejection
This speeds up recovery from some cases where the driver may refuse
a new scan request command temporarily.
2010-04-11 19:56:23 +03:00
Jouni Malinen
8cd82735cb Add an option to request a connection without a new scan 2010-04-11 19:55:40 +03:00
Jouni Malinen
64e58f5189 Add option for overriding scan result handler for a single scan 2010-04-11 19:53:31 +03:00
Jouni Malinen
814782b9fe Allow driver wrappers to indicate maximum remain-on-channel duration 2010-04-11 19:42:37 +03:00
Jouni Malinen
6700a277a9 Avoid dropping ctrl_iface on ENOBUFS error burst
These bursts can result in control interface monitors being detached
even if the external program is still working properly. Use much larger
error threshold for ENOBUFS to avoid this.
2010-04-11 19:29:24 +03:00
Jouni Malinen
cf4783e35f Deauthenticate instead of disassociate on disconnect command
This clears up authentication state in the driver and in case of
cfg80211, unlocks the BSS entry for the previously used AP.
2010-04-11 19:27:41 +03:00
Jouni Malinen
f3585c8a85 Simplify driver_ops for virtual interface add/remove
There is no absolute requirement for separating address allocation
into separate functions, so simplify the driver wrapper interface
to use just if_add and if_remove instead of adding the new
alloc_interface_addr() and release_interface_addr() functions.

if_add() can now indicate if the driver forced a different interface
name or address on the virtual interface.
2010-04-11 19:23:09 +03:00
Jouni Malinen
977b11747f Allow sub-second resolution for scan requests
This is in preparation to use cases that may benefit from more frequent
scanning.
2010-04-11 19:10:01 +03:00
Jouni Malinen
17a4734dc4 Optimize post-WPS scan based on channel used during provisioning
Scan only the frequency that was used during provisioning during the
first five scans for the connection. This speeds up connection in the
most likely case where the AP remains on the same channel. If the AP is
not found after these initial scans, all channels will be scanned.
2010-04-11 19:06:42 +03:00
Jouni Malinen
9efc3f2a4b SME: Handle association without own extra IEs
Need to check for this before calling ieee802_11_parse_elems().
2010-04-11 12:19:02 +03:00
Jouni Malinen
86d4f806da Add ctrl_iface command for triggering a roam to a specific BSS
'wpa_cli roam <bssid>' can now be used to test roaming within an ESS
(e.g., for FT over-the-air). This command will bypass a new scan and
will select the BSS based on the specified BSSID. It is responsibility
of the caller to make sure that the target AP is in the BSS table.
This can be done, e.g., by running a scan before the roam command,
if needed.
2010-04-10 22:56:55 +03:00
Jouni Malinen
a7b6c42232 Fix error messages to print ASCII MAC address, not the parse buffer 2010-04-10 22:46:54 +03:00
Jouni Malinen
0d7b44099f SME: Do not try to use FT over-the-air if PTK is not available 2010-04-10 22:39:49 +03:00
Jouni Malinen
e7846b6859 FT: Clean up wpa_sm_set_ft_params() by using common parse
Instead of parsing the IEs in the callers, use the already existing
parser in wpa_ft.c to handle MDIE and FTIE from initial MD association
response. In addition, this provides more complete access to association
response IEs to FT code which will be needed to fix FT 4-way handshake
message 2/4.
2010-04-10 11:36:35 +03:00
Jouni Malinen
579ce77122 FT: Deauthenticate in case of Reassoc Response validation error
If validation of the Reassociation Response frame fails during FT
Protocol, do not allow association to be completed; instead, force
deauthentication.
2010-04-09 16:59:27 +03:00
Jouni Malinen
f4ec630d1b FT: Set FT Capability and Policy properly in MDIE during initial MD assoc
This field needs to be copied from the scan results for the AP
per IEEE Std 802.11r-2008, 11A.4.2.
2010-04-09 16:41:57 +03:00
Jouni Malinen
76b7981d07 FT: Copy FT Capability and Policy to MDIE from target AP
This sets the FT Capability and Policy field in the MDIE to the values
received from the target AP (if available). This fixes the MDIE contents
during FT Protocol, but the correct value may not yet be used in initial
mobility domain association.
2010-04-09 16:26:20 +03:00
Jouni Malinen
d9a27b0455 Fix SME to update WPA/RSN IE for rsn_supp module based on AssocReq
When using wpa_supplicant SME (i.e., using nl80211), the rsn_supp
module was not informed of the WPA/RSN IE that was used in
(Re)Association Request frame. This broke roaming between APs that
use different security policy (e.g., changing between WPA/TKIP and
WPA2/CCMP APs) or when using PMKSA caching.
2010-04-07 10:31:06 +03:00
Jouni Malinen
32d5295f9d Add a drop_sa command to allow 802.11w testing
This drops PTK and PMK without notifying the AP.
2010-03-29 15:42:04 -07:00
Jouni Malinen
e820cf952f MFP: Add MFPR flag into station RSN IE if 802.11w is mandatory 2010-03-29 10:48:01 -07:00
Jouni Malinen
e2f74005f5 bgscan: Add signal strength change events
This allows bgscan modules to use more information to decide on when
to perform background scans. bgscan_simple can now change between
short and long background scan intervals based on signal strength
and in addition, it can trigger immediate scans when the signal
strength is detected to be dropping.

bgscan_simple takes following parameters now:
short interval:signal strength threshold:long interval
For example:
	bgscan="simple:30:-45:300"
2010-03-28 15:32:34 -07:00
Jouni Malinen
b625473c6c Add driver command and event for signal strength monitoring 2010-03-28 15:31:04 -07:00
Jouni Malinen
b766a9a293 Add freq_list network configuration parameter
This can be used to limit which frequencies are considered when
selecting a BSS. This is somewhat similar to scan_freq, but will
also affect any scan results regardless of which program triggered
the scan.
2010-03-26 22:45:50 -07:00
Jouni Malinen
62c72d7299 FT: Process reassoc resp FT IEs when using wpa_supplicant SME 2010-03-13 21:13:18 +02:00
Jouni Malinen
2a7e7f4e4a FT: Add driver op for marking a STA authenticated
This can be used with FT-over-DS where FT Action frame exchange
triggers transition to State 2 (authenticated) without Authentication
frame exchange.
2010-03-13 18:28:15 +02:00
Jouni Malinen
fe1919856c FT: Update SME frequency info before sme_associate() call
This is needed to allow FT-over-DS to request correct channel for
the reassociation with the target AP.
2010-03-13 18:26:25 +02:00
Jouni Malinen
71024cb255 FT: Request reassociation after successful FT Action frame exchange 2010-03-13 17:14:41 +02:00
Jouni Malinen
a7918ec749 wpa_cli: Improved command parameter tab completion 2010-03-12 19:43:15 +02:00
Jouni Malinen
037f83eb44 wpa_cli: Fix detach race with forked monitor process
Need to kill the monitor process before running detach command on
the monitor connection to avoid race where the monitor process may
end up getting the detach command result.
2010-03-12 17:34:56 +02:00
Jouni Malinen
dd63f314bd wpa_cli: Redisplay readline edit after event messages 2010-03-12 17:24:50 +02:00
Jouni Malinen
036f7c4aab FT: Add preliminary processing of FT Action Response from EVENT_RX_ACTION
Previously, this was only done with userspace MLME (i.e., driver_test.c);
now, driver_nl80211.c can deliver the FT Action Response (FT-over-DS)
for processing. The reassociation after successful FT Action frame
exchange is not yet implemented.
2010-03-12 00:43:00 +02:00
Jouni Malinen
a4652ce64c wpa_gui: Remove unneeded wpa_ctrl_request() msg_cb 2010-03-07 17:28:00 +02:00
Jouni Malinen
3234cba40e Remove unnecessary ifname parameter to sta_set_flags() driver op 2010-03-07 11:45:41 +02:00
Jouni Malinen
62847751e4 Remove unnecessary ifname parameter from sta_add() driver op 2010-03-07 11:42:41 +02:00
Jouni Malinen
17557ebe30 Remove forgotten ifname parameter from set_beacon() call 2010-03-07 10:04:35 +02:00
Felix Fietkau
4c32757d22 hostapd: add ifname to the sta_set_flags callback
This fixes multi-BSS STA operations (e.g., setting AUTHORIZED flag) with
nl80211-based drivers.
2010-03-06 20:44:31 +02:00
Jouni Malinen
23e2550c0e Remove unneeded CONFIG_EAP comments
These are not needed for WPS builds since CONFIG_WPS=y enables all
the needed EAP components.
2010-03-06 16:40:53 +02:00
Dmitry Shmidt
aa53509ffe Update priority list after priority change
Despite comments in the wpa_config_update_prio_list(struct wpa_config
*config) telling that it is called "if priority for a network is
changed", it is apparently not.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2010-03-06 11:13:50 +02:00
Kel Modderman
09bd6e8cca wpa_supplicant: fix FTBFS on Debian GNU/kFreeBSD
This patch allows wpa_supplicant to compile on Debian's kfreebsd
architectures.

Patch by Stefan Lippers-Hollmann based on work done by Petr Salinger
and Emmanuel Bouthenot for 0.6.X (http://bugs.debian.org/480572).
2010-03-06 10:16:47 +02:00
Jouni Malinen
3812464cda Add optional scan result filter based on SSID
filter_ssids=1 global configuration parameter can now be used to
enable scan result filtering (with -Dnl80211 only for now) based on
the configured SSIDs. In other words, only the scan results that have
an SSID matching with one of the configured networks are included in the
BSS table. This can be used to reduce memory needs in environments that
have huge number of APs.
2010-03-05 21:42:06 +02:00
Jouni Malinen
c9c38b0996 Make maximum BSS table size configurable
New global configuration parameter bss_max_count can now be used to
change the maximum BSS table size. The old fixed size limit (200) is
used as the default value for this parameter.
2010-03-05 20:20:09 +02:00
Jouni Malinen
ac26ebd8b5 Allow roam based on preferred BSSID regardless of signal strength 2010-02-28 11:09:58 +02:00
Jouni Malinen
36d1343a4b Do not inhibit suspend even if wpa_cli command fails
There is no point in inhibiting suspend in case wpa_supplicant is
not running and as such, return success unconditionally from this
script.
2010-02-27 20:03:13 +02:00
Jouni Malinen
207ef3fb12 Add suspend/resume notifications
wpa_supplicant can now be notified of suspend/resume events, e.g.,
from pm-action scripts. This allows wpa_supplicant to clear information
that may become invalid during a suspend operation.
2010-02-27 18:46:02 +02:00
Jouni Malinen
be8be6717d Clear current_bss pointer on disassociation/deauthentication
This is needed to allow the BSS table entry for the previously used
BSS to be removed. Now wpa_bss_in_use() can return 0 for the last BSS
that was used as soon as deauthentication/disassociation event has been
received.
2010-02-27 18:40:25 +02:00
Jouni Malinen
159dd3e28a Add more debug prints to make deauth/disassoc events clearer 2010-02-27 18:39:09 +02:00
Jouni Malinen
e824cc4648 Use os_snprintf instead of snprintf 2010-02-19 19:14:41 +02:00
Jouni Malinen
94d9bfd59b Rename EAP server source files to avoid duplicate names
This makes it easier to build both EAP peer and server functionality
into the same project with some toolchains.
2010-02-19 18:54:07 +02:00
Jouni Malinen
b7a2b0b68c Add alloc_interface_addr() drv op option for specifying ifname
Some drivers may need to use a specific ifname for the virtual
interface, so allow them to do this with a new parameter passed
to the alloc_interface_addr() handler.
2010-02-16 19:34:51 +02:00
Jouni Malinen
cbf7855883 wpa_cli: Add option to use child process to receive events
CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config can be used to
configure wpa_cli build to make a version of wpa_cli that forks
a child process to receive event messages. This allows the events
to be shown immediately instead of having to wait for the next
periodic poll with PING.
2010-02-14 16:14:20 +02:00
Jouni Malinen
4a3ade4e11 wpa_gui: Use separate ctrl_iface connection for event messages 2010-02-13 21:37:35 +02:00
Kel Modderman
aff5e54d4a wpa_gui-qt4: do not show WPS AP available event tray messages
Do not show WPS event tray messages as they can happen too frequently.

Signed-off-by: Kel Modderman <kel@otaku42.de>
2010-02-13 14:03:18 +02:00
Jouni Malinen
00468b4650 Add TLS client events, server probing, and srv cert matching
This allows external programs (e.g., UI) to get more information
about server certificate chain used during TLS handshake. This can
be used both to automatically probe the authentication server to
figure out most likely network configuration and to get information
about reasons for failed authentications.

The follow new control interface events are used for this:
CTRL-EVENT-EAP-PEER-CERT
CTRL-EVENT-EAP-TLS-CERT-ERROR

In addition, there is now an option for matching the server certificate
instead of the full certificate chain for cases where a trusted CA is
not configured or even known. This can be used, e.g., by first probing
the network and learning the server certificate hash based on the new
events and then adding a network configuration with the server
certificate hash after user have accepted it. Future connections will
then be allowed as long as the same server certificate is used.

Authentication server probing can be done, e.g., with following
configuration options:
    eap=TTLS PEAP TLS
    identity=""
    ca_cert="probe://"

Example set of control events for this:
CTRL-EVENT-EAP-STARTED EAP authentication started
CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=21
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected
CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/C=US/ST=California/L=San Francisco/CN=Server/emailAddress=server@kir.nu' hash=5a1bc1296205e6fdbe3979728efe3920798885c1c4590b5f90f43222d239ca6a
CTRL-EVENT-EAP-TLS-CERT-ERROR reason=8 depth=0 subject='/C=US/ST=California/L=San Francisco/CN=Server/emailAddress=server@kir.nu' err='Server certificate chain probe'
CTRL-EVENT-EAP-FAILURE EAP authentication failed

Server certificate matching is configured with ca_cert, e.g.:
    ca_cert="hash://server/sha256/5a1bc1296205e6fdbe3979728efe3920798885c1c4590b5f90f43222d239ca6a"

This functionality is currently available only with OpenSSL. Other
TLS libraries (including internal implementation) may be added in
the future.
2010-02-13 11:14:23 +02:00
Jouni Malinen
c5674000a3 wpa_gui-qt4: Stop BSS fetch loop on error for Peers dialog
There is no need to continue the loop until the 1000 max BSS limit
if a BSS command fails.
2010-01-24 18:42:45 -08:00
Jouni Malinen
48563d86b2 Try to avoid some unnecessary roaming
When multiple APs are present in scan results with similar signal
strength, wpa_supplicant may end up bounching between them frequently
whenever new scan results are available (e.g., due to periodic scans
requested by NetworkManager). This can result in unnecessary roaming
and in case of the current cfg80211 version, to frequent network
disconnections.

Do not request a roam if the current BSS is still present in the scan
results and the selected BSS is in the same ESS and has only a slighly
stronger signal strength.
2010-01-24 18:19:50 -08:00
Jouni Malinen
b85e772449 SME: Request a new scan if SME association command fails
This handles some error cases without getting stuck waiting for new
events from the driver if association command fails for any reason.
2010-01-24 18:09:36 -08:00
Jouni Malinen
dff0f701d0 Preparations for v0.7.1 release 2010-01-16 19:04:38 +02:00
Jouni Malinen
3e674c063c Update VS 2005 project files with new/removed source files 2010-01-16 18:49:17 +02:00
Witold Sowa
7899e2f42d dbus: Change WPA/RSNIE byte array props to dicts
Expose RSN and WPA properties for BSS objects containing information
about key management and cipher suites. Get rid of WPA/RSN/WPSIE
byte array properties and add IEs byte array property with all IE data
instead.
2010-01-16 16:37:37 +02:00
Jouni Malinen
8c0906542c Fetch IEs from both Beacon and Probe Response frames if available
This allows the driver wrappers to return two sets of IEs, so that
the BSS code can use information from both Beacon and Probe Response
frames if needed. For example, some Cisco APs seem to include more
information in Wireless Provisioning Services IE when it is in the
Beacon frame.
2010-01-16 16:11:05 +02:00
Jouni Malinen
af47308823 Add deinit_ap driver op to help wpa_supplicant AP mode use 2010-01-16 12:20:51 +02:00
Jouni Malinen
e882899981 Add BSSID to TX/RX Action frame driver ops
This meets better the needs for various Public Action frame use cases.
2010-01-16 12:16:20 +02:00
Jouni Malinen
a2e4f66edc Remove completed to-do item 2010-01-16 09:44:41 +02:00
Jouni Malinen
20766f2007 Make wpa_bss_get_max_rate() a bit more readable with a local variable 2010-01-10 22:53:36 +02:00
Jouni Malinen
a416fb47eb IBSS RSN: Explicitly check addr != NULL before passing it to memcmp
idx == 0 should be enough to make sure that the addr is set, but
verify that this is indeed the case to avoid any potential issues if
auth_set_key() gets called incorrectly.
2010-01-10 21:53:17 +02:00
Jouni Malinen
6f9b5d1696 IBSS RSN: Check explicitly that WPA auth sm assoc call succeeded
Verify that association processing did not end up freeing the state
machine. This should not really happen in practice, but better verify
it anyway.
2010-01-10 21:45:44 +02:00
Jouni Malinen
f337f0e950 Remove unnecessary bss != NULL checks from sme_authenticate()
This is already verified in the beginning of the function, so no need
to repeat that multiple times.
2010-01-10 21:31:54 +02:00
Jouni Malinen
2b057028cb Fix client MLME test code for IBSS scan request
wpa_s->mlme.ssid is an array so it is always != NULL and this
comparision should really have used ssid_len instead.
2010-01-10 20:41:33 +02:00
Marcel Holtmann
097c5802da dbus: Fix value of BSS Privacy property
Checking for IEEE80211_CAP_PRIVACY needs to use & and not &&.
2010-01-10 18:18:08 +02:00
Jouni Malinen
728e776c09 Fix alloc validation in wpa_bss_get_bit_rates()
Need to check the value returned by os_malloc(), not the pointer to
this value.
2010-01-09 23:56:09 +02:00
Witold Sowa
8e5568f874 dbus: Change BSS, Network and some errors interface names
Remove ".Interface" part from BSS and Network objects and some
error names.
2010-01-09 11:41:09 +02:00
Masashi Honma
953f0f6333 bsd: Add support for WPA_TRACE and WPA_TRACE_BFD
On FreeBSD 8.0, WPA_TRACE and WPA_TRACE_BFD functionality build fails.
2010-01-09 11:01:12 +02:00
Jouni Malinen
d97572a40f dbus: Add a test script for D-Bus API signals 2010-01-06 21:33:54 +02:00
Jouni Malinen
c91278a5b4 dbus: Do not try to unregister not-yet-registered network object 2010-01-06 21:31:13 +02:00
Jouni Malinen
d58f4a8177 Remove forgotten script termination attempt 2010-01-06 20:23:47 +02:00
Witold Sowa
158c6c7467 dbus: Add BSS property change notifications 2010-01-06 20:03:01 +02:00
Jouni Malinen
c3299a8b74 dbus: Fix crash on property change if D-Bus API is disabled 2010-01-06 12:14:35 +02:00