Commit graph

3709 commits

Author SHA1 Message Date
Samuel Tan
3b49719130 Android: Use libdbus rather than dbus-1
The upstream wpa_supplicant uses the dbus-1 library when it is compiled
with D-Bus support. In Android, we imported the D-Bus shared libraries
under the name "libdbus", so use this shared library instead of dbus-1
when compiling wpa_supplicant with D-Bus support.

Signed-off-by: Samuel Tan <samueltan@google.com>
2015-11-15 19:26:49 +02:00
Ben Greear
5b75ecead3 Document passive_scan option for wpa_supplicant.conf
This should save the next person to need this behavior some time.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-11-15 19:25:05 +02:00
Purushottam Kushwaha
2d0fe6bc4e dbus: Add SaveConfig to update configuration file
This is similar to SAVE_CONFIG on control interface, which allow users
to update the configuration file.

Signed-off-by: Purushottam Kushwaha <p.kushwaha@samsung.com>
Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
2015-11-15 19:04:15 +02:00
Purushottam Kushwaha
fb7e7daeff dbus: Fix a copy-paste error in debug print
Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
2015-11-15 18:53:51 +02:00
Jouni Malinen
03ed0a5239 WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode has not been used
The AP is not expected to send out a WNM-Sleep Mode Response frame
without the STA trying to use WNM-Sleep Mode. Drop such unexpected
responses to reduce unnecessary processing of the frame.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-10 18:40:54 +02:00
Jouni Malinen
2cb28a4c75 WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use
WNM Sleep Mode Response frame is used to update GTK/IGTK only if PMF is
enabled. Verify that PMF is in use before using this field on station
side to avoid accepting unauthenticated key updates. (CVE-2015-5310)

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-10 18:40:54 +02:00
Max Stepanov
73ed03f333 wpa_supplicant: Add GTK RSC relaxation workaround
Some APs may send RSC octets in EAPOL-Key message 3 of 4-Way Handshake
or in EAPOL-Key message 1 of Group Key Handshake in the opposite byte
order (or by some other corrupted way). Thus, after a successful
EAPOL-Key exchange the TSC values of received multicast packets, such as
DHCP, don't match the RSC one and as a result these packets are dropped
on replay attack TSC verification. An example of such AP is Sapido
RB-1732.

Work around this by setting RSC octets to 0 on GTK installation if the
AP RSC value is identified as a potentially having the byte order issue.
This may open a short window during which older (but valid)
group-addressed frames could be replayed. However, the local receive
counter will be updated on the first received group-addressed frame and
the workaround is enabled only if the common invalid cases are detected,
so this workaround is acceptable as not decreasing security
significantly. The wpa_rsc_relaxation global configuration property
allows the GTK RSC workaround to be disabled if it's not needed.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
2015-11-01 21:00:22 +02:00
Jouni Malinen
ea6030c77f Restore previous wpa_state in scan-only result handler
The SCAN TYPE=ONLY results do not trigger a connection operation
automatically. As such, there was no explicit operation that would
change wpa_state after such a scan-only operation and WPA_SCANNING state
could have been left in effect until the next operation is triggered by
an external command. This is not desirable, so restore the wpa_state
that was in use when the scan was started in case WPA_SCANNING state is
still set when the scan operation completes.

This was triggered by the following mac80211_hwsim test sequence:
dbus_wps_oom scan_trigger_failure

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-01 20:26:35 +02:00
Jouni Malinen
1e74ae4de9 WNM: Clear BSS TM data if already associated with preferred candidate
Previously, wnm_deallocate_memory() was called only if we decided to
move to another BSS at the completion of an accepted BSS Transition
Management Request. This resulted in the candidate information being
left in effect for the following scan operation if we were already
associated with the preferred candidate. This could result in unexpected
behavior in the following connection attempt.

Fix this by clearing the candidate information even if we do not need to
roam to another BSS.

This was triggered with mac80211_hwsim test cases in this sequence:
wnm_bss_tm ap_track_sta_force_2ghz

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-01 20:09:11 +02:00
Jouni Malinen
a34eace204 dbus: Remove unused dict helper functions
There are no callers for these helper functions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-01 00:16:57 +02:00
Purushottam Kushwaha
cdcb2d0e7f wpa_cli: Add support for vendor_elem_* commands
Signed-off-by: Purushottam Kushwaha <p.kushwaha@samsung.com>
Signed-off-by: Avichal Agarwal <avichal.a@samsung.com>
Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
2015-10-31 21:56:59 +02:00
Jouni Malinen
1f1e619282 Add test programs for checking libwpa_client linking
libwpa_test1 and libwpa_test2 targets can now be used to check
libwpa_client linking for static and shared library cases respectively.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-31 21:56:59 +02:00
Jörg Krause
736b7cb2da wpa_supplicant/Makefile: Fix libwpa_client build
Building libwpa_client requires src/utils/common.c for bin_clear_free()
else loading the library fails with:

Error relocating /usr/lib/libwpa_client.so: bin_clear_free: symbol not found

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
2015-10-31 19:15:37 +02:00
Dan Williams
e50c50d5a0 dbus: Expose interface globals via D-Bus properties
All interface globals are now exposed as D-Bus properties of type
string, and parsed via the normal interface global parsing functions.

Signed-off-by: Dan Williams <dcbw@redhat.com>
2015-10-28 23:41:32 +02:00
Dan Williams
1aa0fb77ea dbus: Pass property description to getters/setters
We'll use it later for global interface properties.

Signed-off-by: Dan Williams <dcbw@redhat.com>
2015-10-28 23:40:49 +02:00
Jouni Malinen
8f3ea3175f tests: Fix build without CONFIG_ERP=y
hmac_sha256_kdf() got pulled in only if CONFIG_ERP=y is set. Fix
test_sha256() by making the test case conditional on the function being
present.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-26 00:42:14 +02:00
Lubomir Rintel
1248e58492 wpa_supplicant: Reopen debug log file upon receipt of SIGHUP signal
This is useful for logrotate to be able to rotate the file even if the
control interface is not enabled (e.g., when using DBus).

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
2015-10-25 20:45:02 +02:00
Mohammed Shafi Shajakhan
67deaa582d l2_packet: Add build option to disable Linux packet socket workaround
Linux packet socket workaround(*) has an impact in performance when the
workaround socket needs to be kept open to receive EAPOL frames. While
this is normally avoided with a kernel that has the issue addressed by
closing the workaround packet socket when detecting a frame through the
main socket, it is possible for that mechanism to not be sufficient,
e.g., when an open network connection (no EAPOL frames) is used.

Add a build option (CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y) to disable the
workaround. This build option is disabled by default and can be enabled
explicitly on distributions which have an older kernel or a fix for the
kernel regression.

Also remove the unused variable num_rx.

(*) Linux kernel commit 576eb62598f10c8c7fd75703fe89010cdcfff596
('bridge: respect RFC2863 operational state') from 2012 introduced a
regression for using wpa_supplicant with EAPOL frames and a station
interface in a bridge.

Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qti.qualcomm.com>
2015-10-25 19:56:53 +02:00
Jouni Malinen
fa46426725 RSN: Do not try to connect if PMF disabled and AP requires it
Instead of trying to associate in configuration that is known to result
in the AP rejecting the association, reject the BSS candidate based on
the MFPR=1 RSN capability when STA configuration has PMF disabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:17 +02:00
Jouni Malinen
8acbe7f2a4 WNM: Verify WNM Sleep Mode element length
This element is required to have at least four octets of actual payload.
This was not previously verified before use and the extra buffer data
after the IE might have been used instead if a received WNM-Sleep Mode
Response frame was invalid.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:17 +02:00
Jouni Malinen
dacd789f6d WNM: Mark set TFS buffer const
This moves the type cast needed for the current driver interface to
ieee802_11_set_tfs_ie() to allow the WNM-Sleep parsing routines to use
const pointers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 19:37:17 +02:00
Jouni Malinen
f758ae7665 P2P SD: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:34:59 +02:00
Jouni Malinen
619fdfacc4 HS 2.0: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:34:59 +02:00
Jouni Malinen
904e977bc7 Avoid undefined behavior in pointer arithmetic in scan result IE parsing
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:34:59 +02:00
Jouni Malinen
bdce45b83e WNM: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-25 15:34:59 +02:00
Jouni Malinen
1f32a23962 Avoid undefined behavior in pointer arithmetic in BSS IE parsing
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-24 21:43:54 +03:00
Jouni Malinen
67fea55ca2 Interworking: Avoid undefined behavior in pointer arithmetic
Reorder terms in a way that no invalid pointers are generated with
pos+len operations. end-pos is always defined (with a valid pos pointer)
while pos+len could end up pointing beyond the end pointer which would
be undefined behavior.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-24 21:43:54 +03:00
Jouni Malinen
ca33a5e895 Add "git describe" based version string postfix
If hostapd or wpa_supplicant is built from a git repository, add a
VERSION_STR postfix from the current git branch state. This is from "git
describe --dirty=+". VERSION_STR will thus look something like
"2.6-devel-hostap_2_5-132-g4363c0d+" for development builds from a
modified repository.

This behavior is enabled automatically if a build within git repository
is detected (based on ../.git existing). This can be disabled with
CONFIG_NO_GITVER=y in wpa_supplicant/.config and hostapd/.config.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-16 22:20:55 +03:00
Jouni Malinen
4363c0d6f5 eapol_test: Add -v for displaying version information
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-16 22:00:11 +03:00
Avraham Stern
932267ad67 P2P: Add P2P_ASSOC_RESP to P2P vendor elements
Vendor specific IEs added to frame type P2P_ASSOC_RESP are saved in
the interface context, but as they are added as part of the P2P IEs,
they need to be saved in the global P2P context.

Fix this by directing vendor specific IEs added to P2P_ASSOC_RESP
frame type to the P2P context.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-10-16 20:47:41 +03:00
Jouni Malinen
e699a7a9b3 P2P: Add more debug prints for Action frame TX clearing steps
This makes it easier to analyze debug logs for issues related to
multiple pending Action TX frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-15 21:20:22 +03:00
Avraham Stern
1a21fd37f9 Do not expire scan results based on aborted scan
Do not expire scan results entries based on scan results from a scan
that was aborted. The aborted scan did not scan all the requested
channels or SSIDs, so the fact that a BSS is missing from the scan
results does not mean it is not available.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-10-14 21:12:28 +03:00
Avraham Stern
0aed3f5a80 P2P: Set CTWindow only for P2P GO
CTWindow was set for all AP interfaces if the driver supports it and
this parameter is set in wpa_supplicant configuration. This results in
failing to start an AP that is not a P2P GO as this setting is rejected
by the driver.

Fix that by setting the CTWindow only for P2P GO interface.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2015-10-14 21:09:41 +03:00
Ningyuan Wang
c143c3b72a D-Bus: Add a dbus handler for expected disconnection
Add a global D-Bus handler ExpectDisconnect for setting
wpa_s->own_disconnect_req flag. This flag will prevent wpa_supplicant
from adding blacklists and requesting incomplete scan upon the incoming
disconnection. This is mainly meant for a case where suspend/resume is
used and some external component knows about that and can provide the
information to wpa_supplicant before the disconnection happens.

Signed-off-by: Ningyuan Wang <nywang@google.com>
2015-10-12 18:03:11 +03:00
Jouni Malinen
a8412ec9d0 Clear own_disconnect_req on new connection attempt
It was possible for wpa_s->own_disconnect_req to be left set to 1 from a
disconnection attempt from a prior connection. This could then prevent
proper connection failure processing with the new connection in
wpas_connection_failed(). This was triggered by the following hwsim test
case sequence: wpas_mesh_secure sae_no_ffc_by_default. In this sequence,
the SAE failure due to unsupported group did not result in proper
wpas_connection_failed() processing and retry.

Fix this by clearing wpa_s->own_disconnect_req in
wpa_supplicant_associate() before starting a new connection.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-12 14:24:06 +03:00
Max Stepanov
cd571e14dd P2PS: Fix persistent group reporting in wpas_p2ps_prov_complete()
When one peer doesn't include a persistent group info in PD Request
the other peer shouldn't report a persistent group usage with this
peer even if such a persistent group exists locally. This condition
could be violated in the previous implementation.

In case a local persistent group exists and the
wpas_p2ps_prov_complete() function is called with persist_ssid parameter
set to NULL, wpa_supplicant reported P2PS-PROV-DONE with persist=<idx>
instead of conncap=<role> parameter.

This happened because the wpas_p2p_get_persistent() function was called
without verification whether the persist_ssid was set to NULL. In this
case the wpas_p2p_get_persistent() returns the first existing persistent
group matching the P2P Device Address without verifying the group's
SSID. After that the group ID is used as persist=<idx> parameter of
P2PS-PROV-DONE event.

Fix the issue by adding persist_ssid and persist_ssid_size verification
as a condition for the wpas_p2p_get_persistent() call.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
2015-10-11 21:42:03 +03:00
Ilan Peer
8bb8e6edb8 P2PS: Indicate the chosen operating frequency
On successful P2P PD, report the chosen frequency in case the local
device is going to be the P2P GO, so in can later be used to instantiate
the new P2P GO, etc.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-10-11 21:42:03 +03:00
Ilan Peer
ebd32943cb P2PS: Add channel policy to PD Request
Add operating channel selection and channel list processing similar to
that done when building GO Negotiation Request, i.e., consider the
currently used channels, configured channels, etc.

P2PS introduces a flow where a responder needs to provide channel data
without being previously aware of the current constraints, i.e., the
channels currently in use by other interfaces. To handle this, extend
the get_group_capability() callback to also handle channel selection
aspects of group capabilities.

In case there is an active P2P GO that is going to be used for the P2PS
PD, force its current operating frequency in the PD attributes.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-10-11 21:42:03 +03:00
Ilan Peer
f8a80e39b3 P2PS: Change connection capability handling
Change the connection capability handling so that in case there are no
active roles, the peer has an active GO, and the advertisement supports
operation as a client, the returned connection capability is set to
client.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-10-07 17:07:21 +03:00
Ilan Peer
ab804bcb6f P2PS: Re-factor p2ps_group_capability()
The code was iterating all the interfaces, and for each interface
iterated all the network blocks to count active P2P GO and P2P Client
interfaces.

Change the code to reuse wpas_p2p_get_go_group() to get a P2P GO
interface and add wpas_p2p_get_cli_group() and use it to find a
P2P Client interface, and use these objects when evaluating the
group capability.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-10-07 17:07:21 +03:00
Ilan Peer
8d5e73290f P2PS: Re-factor wpas_p2p_get_go_group() and wpas_p2p_group_go_ssid()
Re-factor wpas_p2p_get_go_group() to:

1. Skip the dedicated P2P Device management interface if it is used.
2. Instead of iterating all the interface configured networks,
   only access the current_ssid pointer to check if the current
   interface is acting as a persistent P2P GO.

To avoid code duplication, also re-factor wpas_p2p_group_go_ssid()
to call wpas_p2p_get_go_group().

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-10-07 17:07:21 +03:00
Jouni Malinen
876e74aa5f Interworking: Fix wpa_supplicant build without CONFIG_HS20=y
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-07 17:07:21 +03:00
Jouni Malinen
8c4a1026b8 Interworking: Support unknown ANQP-elements in BSS table
This allows wpa_supplicant to expose internally unknown ANQP-elements in
the BSS command. For example, "ANQP_GET <BSSID> 265" can be used to
fetch the AP Geospatial Location ANQP-element and if the AP has this
information, the "BSS <BSSID>" command will include the response as
"anqp[265]=<hexdump>".

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-07 17:07:21 +03:00
Adam Langley
aeeb0bca71 Android: Fix keystore-backed keys with BoringSSL
The switch to BoringSSL broke keystore-backed keys because
wpa_supplicant was using the dynamic ENGINE loading to load
the keystore module.
The ENGINE-like functionality in BoringSSL is much simpler
and this change should enable it.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2015-10-06 23:10:17 +03:00
Bob Copeland
681753f23c mesh: Generate proper AID for peer
IEEE Std 802.11-2012 13.3.1 states that the AID should be generated on
the local node for each peer. Previously, we were using the peer link ID
(generated by the peer) which may not be unique among all peers. Correct
this by reusing the AP AID generation code.

Signed-off-by: Bob Copeland <me@bobcopeland.com>
2015-10-06 01:27:29 +03:00
Jouni Malinen
12ea4cff6b Add forgotten list entry removal for control interface deinit
dl_list_del() must be called before freeing the list entries. Neither of
these cases caused problems because the full list data structure was
freed, but still, it is better to do this properly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-04 18:52:38 +03:00
Jouni Malinen
3fdaaa8fc4 Throttle control interface event message bursts
Some operations like a new scan result processing can result in large
number of wpa_supplicant control interface messages being generated.
Especially with multiple control interface monitors, this could result
in hitting the output queue length maximum and event messages getting
dropped. In worst case, that could even result in hitting ten
consecutive sendto() errors which could result in an attached monitor
socket getting detached.

Avoid this type of issues by throttling monitor event transmission based
on the output queue length. If more than half of the maximum send buffer
is used, postpone sending of following event messages until the pending
output queue has dropped below the limit.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-04 18:52:15 +03:00
Jouni Malinen
a530fe778b Add wpa_supplicant EVENT_TEST control interface command
This testing command makes it easier to debug bursts of event message.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-04 11:45:13 +03:00
Luciano Coelho
7d82170aba Set channel and operating class in hostapd_fill_csa_settings()
The CSA channel and operating class values need to be set for all types
of channel switch (i.e., either if it's triggered by the control
interfaces or due to the GO-follows-STA flow). To do so, move the code
that sets them from the GO-follows-STA flow to the more generic
hostapd_fill_csa_settings() function.

Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
2015-10-03 21:26:23 +03:00
Andrei Otcheretianski
2d3943ce5b nl80211: Specify CSA offsets in send_mlme() driver op
Some management frames contain CSA counters which should be updated by
kernel. Change driver op send_mlme() allowing to send a frame,
specifying an array of offsets to the CSA counters which should be
updated. For example, CSA offsets parameters should be specified when
sending Probe Response frames during CSA period.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2015-10-03 21:07:35 +03:00
Ilan Peer
61f121d925 Handle channel switch notification for other interface types
Channel switch notification was handled only for AP/GO interfaces. As
the notification can be sent on other interface types as well, extend
the handling to handle other interface types.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-10-03 21:01:49 +03:00
Andrei Otcheretianski
98b0508121 P2P: Implement P2P_GO_FREQ_MOVE_SCM_ECSA policy
Add new GO frequency move policy. The P2P_GO_FREQ_MOVE_SCM_ECSA prefers
SCM if all the clients advertise eCSA support and the candidate
frequency is one of the group common frequencies.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2015-10-03 20:30:40 +03:00
Andrei Otcheretianski
3bafb0d842 P2P: Trigger channel selection correctly during CSA
Do not consider moving GOs to a new channel if one of them is in the
middle of CSA. In addition, call wpas_p2p_update_channel_list() after
EVENT_CH_SWITCH is handled.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2015-10-03 20:22:09 +03:00
Ilan Peer
23dcb302eb P2P: Relax wpas_p2p_init_go_params() for P2P GO CSA
wpas_p2p_move_go_csa() uses wpas_p2p_init_p2p_params() to select the
frequency to move to. However, it is possible that all the channels are
already used, so the selection of a new frequency would fail, although
the frequency used by the P2P GO should not be considered as used if it
is the only one using it.

To overcome this, allow the frequency selection to continue even if all
the frequencies are in use, but the frequency used by the P2P GO is not
used by any station interface.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-10-03 20:16:51 +03:00
Andrei Otcheretianski
73afc20d40 P2P: Implement wpas_p2p_move_go_csa()
Use channel switch mechanism to move a P2P GO to a new channel,
when required. In order to be able to reconfigure the GO channel,
split wpa_supplicant_conf_ap() function, so the frequency
configuration part can be reused to find additional CSA settings.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2015-10-03 20:10:37 +03:00
David du Colombier
33bce0e732 wpa_cli: Fix static linking with readline
The readline library depends on ncurses, so it should be set before
ncurses on the linker command line to be able to be statically linked
successfully.

Signed-off-by: David du Colombier <0intro@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
2015-10-01 20:49:54 +03:00
Jouni Malinen
b658547dd5 nl80211: Add build option for QCA vendor extensions
This allows the binary sizes to be reduced if no support for nl80211
vendor extensions are needed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-01 12:45:27 +03:00
Kanchanapally, Vidyullatha
e903d32d41 Parallelize distinct radio work operations
This commit contains the necessary changes to parallelize
distinct radio work operations which are different in type and
the band used, only when the underlying driver is capable of
supporting such simultaneous offchannel operations.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-01 01:41:46 +03:00
Kanchanapally, Vidyullatha
adcd7c4b0b nl80211: Support vendor scan together with normal scan
Allow wpa_supplicant to use vendor scan (if supported by the driver)
together with the normal nl80211 scan and handling external scan events.
Since this results in possibility of concurrent scan operations, some of
the operations related to scan results need to check more carefully when
an event is relevant for a specific interface.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-01 01:41:46 +03:00
Jouni Malinen
49c36b708e Add ChangeLog entries for v2.5
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-27 22:02:05 +03:00
Maneesh Jain
be5ab8d4ab D-Bus: Add InvitationReceived Signal
This is equivalent to the P2P_EVENT_INVITATION_RECEIVED signal on the
control interface. It can be used to sent the Invitation Received signal
to applications written using D-Bus.

Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>
2015-09-27 15:55:11 +03:00
Saurav Babu
0a7b2a02eb D-Bus: Add Signal to notify WPS PBC Overlap event
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
2015-09-27 12:52:34 +03:00
Saurav Babu
893e2cf961 D-Bus: Add signal to notify WPS timeout event
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
2015-09-27 12:47:47 +03:00
Andrei Otcheretianski
55b4cc6dd7 wpa_supplicant: Fix channel switch notification with VHT
Fix a bug in wpas_ap_ch_switch() function, which didn't pass VHT
frequencies correctly to hostapd_event_ch_switch().

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2015-09-25 21:09:58 +03:00
Andrei Otcheretianski
d7ded54774 Update wpa_s->current_ssid->frequency on CS event
Update wpa_s->current_ssid->frequency when EVENT_CH_SWITCH is received.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2015-09-25 21:07:01 +03:00
Andrei Otcheretianski
22264b3c61 Fix get_shared_radio_freqs_data() used-by flags setting
Fix an iteration bug in get_shared_radio_freqs_data when building
freqs_data array. Only the last used-by flag was maintained instead of
making this a bitfield of all found uses.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2015-09-25 21:02:55 +03:00
Masashi Honma
241c33335b mesh: Add support for scanning only the current frequency
This patch enables scan_cur_freq=1 on VIF based mesh network.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-09-25 20:59:32 +03:00
Nishant Chaprana
fd7d3c495e D-BUS: dev_passwd_id should be "q" because it uses DBUS_TYPE_UINT16
This corrects the type of dev_passwd_id in GONegotiationRequest event.
This field is packed as DBUS_TYPE_UINT16 but in
wpas_dbus_interface_signals it was "i" which is DBUS_TYPE_INT32.

Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
2015-09-25 20:54:11 +03:00
Jouni Malinen
de78844b33 Fix EAP-EKE peer build rules
NEED_AES_CBC is needed for EAP-EKE builds.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-25 19:43:44 +03:00
Alan T. DeKok
939471b9eb Linker changes for building eapol_test on OS X
Signed-off-by: Alan DeKok <aland@freeradius.org>
2015-09-25 19:32:14 +03:00
Sunil Dutt
c9cfa6a9af Android: Avoid same per-iface and global ctrl socket
Android platform assigns the same socket id if the socket identifier in
conf->ctrl_interface and global->params.ctrl_interface (parameter for
android_get_control_socket) point to the same Android specific control
socket. This ends up having two eloop socket handlers registered for the
same file descriptor and thus, two attempt to receive and process each
command. This can result in unexpected failure, e.g., the prefix IFNAME=
for any command is valid for global socket handler, but results in
UNKNOWN COMMAND response from the per-interface ctrl socket handler).

Since it might be possible to end up with this type of invalid
configuration in OTA upgrade, compare the socket identifiers and do not
open the ctrl socket on the respective interface if both point to same.
This allows the Wi-Fi framework to use the global control interface.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-09-24 13:10:10 +03:00
Jouni Malinen
5a1d9d1a8e Avoid reconnection on ENABLE_NETWORK if already connected
This was already the case for most command sequences, but it was
possible for wpa_s->reassociate to be set to 1 when CTRL-RSP-* commands
were used to set identity, password, or passphrase for EAP
authentication. In such cases, ENABLE_NETWORK issued after the
connection was completed could result in a new connection attempt
(likely reconnection back to the same BSS).

Fix this by checking whether an actual connection is already present
even if wpa_s->reassociate is set when processing the ENABLE_NETWORK
command.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-09-22 11:55:54 +03:00
Sunil Dutt
ce7d0eb184 Update AP WPA/RSN IE on all associations if driver can select BSS
It is possible for driver-based BSS selection to end up reassociating
back to the current AP. If wpa_supplicant preferred another BSS, it
would have updated the internal knowledge of the AP's WPA/RSN IE when
requesting a new connection. In the special case of existing association
and new association being with the same BSS that is different from the
wpa_supplicant preference, association event processing skipped the
WPA/RSN IE update. This could result in the following 4-way handshake
getting rejected due to incorrectly detected mismatch with AP's RSN/WPA
IE between Beacon/Probe Response frame and EAPOL-Key msg 3/4.

Fix this by updating the AP WPA/RSN IE on all association events when
driver-based BSS selection is used regardless of whether the BSSID
changes. This could also cover a theoretical case of the AP changing its
RSN/WPA IE at the very moment we try to reassociate back to the same
BSS.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-09-17 17:40:40 +07:00
Jouni Malinen
43fa110b0b Drop some control interface debug print verbosity for send operations
These prints were at DEBUG level (-d), but they can be very frequent, so
drop them to MSGDUMP (-dd). This allows the prints to be suppressed in
common debugging cases while still leaving them easily enablable to
debug control interface issues without having to enable excessive
debugging.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-09-10 11:19:44 +03:00
Jouni Malinen
8db9a79d41 Reduce debug verbosity for read-only control interface commands
Commands like BSS and GET_NETWORK are used in some cases very frequently
and those can increase the amount of debug information from
wpa_supplicant without significant benefit. These were logged at the
DEBUG level (-d). Move logging of such read-only commands (i.e., no new
wpa_supplicant operation is started based on it) to EXCESSIVE level
(-ddd) which was already used for the PING command.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-09-10 11:17:19 +03:00
Nishant Chaprana
2a95fac944 P2P: Add D-Bus signal GroupFormationFailure
This is similar to the control interface event
P2P-GROUP-FORMATION-FAILURE.

Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
2015-09-05 23:01:20 +03:00
Jouni Malinen
6f416c7867 RSN IBSS: Fix segfault on error path
If wpa_init() fails, wpa_deinit(NULL) must not be called to avoid
hitting a NULL pointer dereference.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-05 21:35:16 +03:00
Masashi Honma
449d63d6b7 mesh: Fix memory leak on error path
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-09-05 21:31:25 +03:00
Masashi Honma
a5d2bf2473 mesh: Fix segfault on error path
When wpa_init() in __mesh_rsn_auth_init() failed, empty rsn->auth caused
segmentation fault due to NULL pointer dereference when wpa_deinit() was
called. Fix this by checking the pointer before executing deinit steps.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-09-05 21:31:25 +03:00
Masashi Honma
f029c44cf2 mesh: Add RSN IE to Mesh Peering Open/Confirm frames
The RSN IE is required by IEEE Std 802.11-2012 on SAE use case:
Table 8-262 Mesh Peering Open frame Action field format
Table 8-263 Mesh Peering Confirm frame Action field format

Add the RSN IE to these frames.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-09-05 21:19:25 +03:00
Masashi Honma
8a51dcbc2f mesh: Rename IE field to clarify its use
This is used only for RSNE.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-09-05 21:15:53 +03:00
Jouni Malinen
dcc8bc82e0 Add BSS operating frequency to more debug messages
This makes it easier to analyze debug logs when figuring out channel
related issues.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-05 20:40:44 +03:00
Jouni Malinen
c4f0c4d67d wpa_gui: Increase control interface message buffer for LIST_NETWORKS
Double the buffer length from 2048 to 4096 to match the length used
currently in wpa_supplicant. This allows wpa_gui to retrieve information
for more networks than previously.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-05 19:28:56 +03:00
Jouni Malinen
ec4387f9c9 Indicate CTRL-EVENT-AUTH-REJECT event on authentication rejection
This allows control interface monitors to get more detailed information
in cases where wpa_supplicant-based SME receives an Authentication frame
with non-zero status code.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-05 19:11:02 +03:00
Jouni Malinen
6ebe816be0 wpa_priv: Add authentication command and event
These are needed to work with nl80211 driver interface.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-05 13:21:17 +03:00
Jouni Malinen
06f52b12f9 wpa_priv: Add support for EVENT_SCAN_STARTED
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-05 12:39:11 +03:00
Jouni Malinen
d01136a06e wpa_priv: Print unsupported driver event name in debug log
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-05 12:35:59 +03:00
Jouni Malinen
c968f2d56c wpa_priv: Clear extended_capa pointers
For now, there is no support for passing extended_capa pointers through
the driver_privsep.c interface from wpa_priv. Avoid leaving bogus
pointers by explicitly clearing these on both wpa_priv and
wpa_supplicant sides.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-05 12:32:58 +03:00
Jouni Malinen
20396ab8e4 wpa_priv: Add support for global driver interface context
This is needed with driver_nl80211.c to be able to use the newer
wpa_driver_ops::init2() alternative.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-05 12:03:18 +03:00
Jouni Malinen
85f4381e14 wpa_priv: allow l2_packet to be opened for ethertype 0x890d
This is needed to initialize TDLS functionality.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-05 11:54:06 +03:00
Jouni Malinen
bd1f06aaa8 wpa_priv: Add -c argument to usage text
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-05 11:44:34 +03:00
Jouni Malinen
ebf05623c4 wpa_priv: Fix early exit path
eloop_destroy() cannot be called before eloop_init() have been called
successfully.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-05 11:41:49 +03:00
Jouni Malinen
8406cd3515 Make it clearer that ap_scan=2 mode should not be used with nl80211
Add more details into configuration comments and a runtime info message
if ap_scan=2 is used with the nl80211 driver interface.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-09-05 01:04:29 +03:00
Manikandan Mohan
4ae7120919 Allow wpa_cli/hostapd_cli client socket directory to be specified
This adds a new helper function wpa_ctrl_open2() that can be used
instead of wpa_ctrl_open() to override the default client socket
directory. Add optional -s<directory path> argument to hostapd_cli and
wpa_cli to allow the client socket directory to be specified.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-09-01 11:17:43 +03:00
Jouni Malinen
fc078be2dd Allow BSS to return information for AP that uses an invalid WSC IE
Previously, the BSS command returned an error if the WSC IE(s) in scan
results could not be parsed. This may be not ideal for all cases, to
instead of rejecting the command completely, return all other
information apart from the WPS information in such a case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-30 00:01:48 +03:00
MAYANK HAARIT
80bb38742c dbus: Fix a typo in function comment
Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
Signed-off-by: Dilshad Ahmad <dilshad.a@samsung.com>
2015-08-28 00:23:23 +03:00
Jiří Klimeš
98da137545 dbus: Do not quote scan_freq and freq_list in dbus_old_handlers.c
scan_freq and freq_list are not parsed correctly by
wpa_config_parse_int_array() if quoted.

Patch for dbus_old_handlers.c, the same change as done by Robert Shade
<robert.shade@gmail.com> for dbus_new_handlers.c in commit
99276998fa ('dbus: Do not quote scan_freq
and freq_list').

Signed-off-by: Jiří Klimeš <jklimes@redhat.com>
2015-08-28 00:13:26 +03:00
Jouni Malinen
d9c807cab1 Fix key derivation for Suite B 192-bit AKM to use SHA384
While the EAPOL-Key MIC derivation was already changed from SHA256 to
SHA384 for the Suite B 192-bit AKM, KDF had not been updated similarly.
Fix this by using HMAC-SHA384 instead of HMAC-SHA256 when deriving PTK
from PMK when using the Suite B 192-bit AKM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-27 20:42:14 +03:00
Mitchell Wills
a218e1ded4 Make sure configuration is saved to storage device
Config file is written to a temp file and then it is renamed to the
original config file. However, it is possible that the rename operation
will be commited to storage while file data will be still in cache
causing original config file to be empty or partially written in case of
a system reboot without a clean shutdown. Make this less likely to occur
by forcing the data to be written to the storage device before renaming
the file.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2015-08-27 18:06:05 +03:00
Jingxiang Ge
3008d0a6b8 Do not mark BSS entry in use if SSID has changed
This allows a BSS entry to be expired if the AP has changed its SSID
while maintaining the same BSSID and we are associated with the BSS.
Previously, the same BSSID was enough to mark all BSS entries from the
BSSID as in use regardless of the SSID and as such, they could remain in
the wpa_supplicant BSS table indefinitely as long as the association
remaining.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-26 16:46:28 +03:00
Jouni Malinen
137b293963 Remove unnecessary NULL check from LOG_LEVEL handler
cmd cannot be NULL here, so there is no need to check it before calling
os_strlen().

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-22 00:22:12 +03:00
Jouni Malinen
941cd3ec70 P2P: Request fresh scan results after GO Negotiation
The P2P group is not yet operating when going through GO Negotiation
exchange. Previously, an old cached scan result could be used to skip
the scan immediately after the GO Negotiation. While this is quite
unlikely to happen in practice, we can easily force a scan here now with
the generic scan_min_time mechanism. Do that to avoid any corner cases
that a previous instance of the group could have if found in cached scan
results.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-22 00:22:12 +03:00
Jouni Malinen
dfaf11d648 P2P: Require fresh scan results for persistent group re-invocation
The P2P group is not yet operating when going through invitation
exchange for re-invocation. Previously, an old cached scan result could
be used to skip the scan immediately after the invitation exchange.
While this may result in the fastest possible connection, it does have
some issues with cases where the GO takes some time to start up. It
would also be at least theoretically possible for some of the BSS
parameters to be different, so having a fresh scan result from the new
GO instance may be desired in any case.

Add a mechanism to skip scan results that have been last updated before
a specific point in time and as the first user for this mechanism,
require chan results to be more recent than the invitation message
exchange for the P2P Client role in persistent group re-invocation case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-22 00:22:12 +03:00
Jouni Malinen
8493fe3457 eapol_test: Add an example controller script for RADIUS testing
This new script can be used as an example of load testing for RADIUS
authentication servers. It can control multiple eapol_test processes
over the control interface to run EAP-TLS authentication. As an example,
the following commands would run eight instances of eapol_test
concurrently:

for i in 0 1 2 3 4 5 6 7; do
    ./eapol_test -T /tmp/eapol_test -i $i > eapol_test.log$i &
done

time ./eapol_test.py --ctrl /tmp/eapol_test --num 8 --iter 100
0: PASS 100
1: PASS 100
2: PASS 100
3: PASS 100
4: PASS 100
5: PASS 100
6: PASS 100
7: PASS 100

real	0m0.339s

time ./eapol_test.py --ctrl /tmp/eapol_test --num 8 --iter 100 --no-fast-reauth
0: PASS 100
1: PASS 100
2: PASS 100
3: PASS 100
4: PASS 100
5: PASS 100
6: PASS 100
7: PASS 100

real	0m1.876s

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-22 00:22:09 +03:00
Jouni Malinen
048d084d45 eapol_test: Add a new operation mode for control interface use
The -T<ctrl_iface> command line argument can now be used to start
eapol_test in mode where the configuration file is not needed and the
authentication operations are started through the control interface.
Network profile is also managed through the control interface in this
case. This can be used to provide more control for scripted RADIUS
authentication server testing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-21 00:48:29 +03:00
Jouni Malinen
3b3677b3bc eapol_test: Allow interface name to be specified
The new -i<ifname> command line argument can be used to specify the name
of the interface to use. This is mainly to allow unique control
interface names to be defined without having to use multiple
directories.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-20 23:13:33 +03:00
Jouni Malinen
812f28b79c BoringSSL: Allow internal AES key wrap to be used with "OpenSSL" build
It looks like BoringSSL has removed the AES_wrap_key(), AES_unwrap_key()
API. This broke wpa_supplicant/hostapd build since those functions from
OpenSSL were used to replace the internal AES key wrap implementation.
Add a new build configuration option
(CONFIG_OPENSSL_INTERNAL_AES_WRAP=y) to allow the internal
implementation to be used with CONFIG_OPENSSL=y build to allow build
against the latest BoringSSL version.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-18 01:56:02 +03:00
Jouni Malinen
35d403096e Set NORMAL_SCAN_REQ on SELECT_NETWORK/ENABLE_NETWORK
wpa_s->scan_req needs to be set in these cases to get correct scanning
behavior. This is mainly needed for starting of AP mode operation
immediately in ap_scan=2 case.

This fixes an issue that was found with mac80211_hwsim test cases in the
following sequence: dbus_autoscan dbus_ap_scan_2_ap_mode_scan

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-17 00:18:32 +03:00
Andrei Otcheretianski
d494ca0be4 P2PS: Consider WPS P2PS method when joining a group
If P2PS PD concludes to use default P2PS method wpas_p2p_scan_res_join()
ignores this value and tries to perform a redundant legacy PD.
Fix this by considering WPS_P2PS method too.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
2015-08-14 23:56:12 +03:00
Mike Gilbert
cda3a40fce systemd: Order wpa_supplicant before network.target
Ordering the units before network.target causes them to be stopped
after network.target on shutdown. This ensures that any network
filesystems will be unmounted before wpa_supplicant is killed.

Adding Wants=network.target ensures that network.target will be included
in the active dependency graph. This is typical of units which are
involved in networking setup functions.

Signed-off-by: Mike Gilbert <floppym@gentoo.org>
2015-08-14 23:16:14 +03:00
Jouni Malinen
2e95cfc188 Add debug prints for wpa_supplicant ctrl_iface socket send operations
This makes it easier to track the output queue state on a control
interface socket and determine what could be causing issues with running
out of space in the buffer.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-14 21:18:43 +03:00
Mahesh A Saptasagar
0d0f7ecbb1 Do not stop ongoing PNO sched_scan on association/disconnection
PNO was stopped by the wpa_supplicant during the connection attempts or
while handling disassociation indication. External entities, mainly, the
Android Wi-Fi framework, does not expects PNO to be stopped by other
modules. Hence, do not stop the sched_scan in these scenarios if it is
triggered externally for PNO.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-13 21:10:16 +03:00
Jouni Malinen
0a34b62be9 Do not allow ap_scan=2 scan processing to stop AP mode operation
wpa_supplicant_assoc_try() would result in the currently operating AP to
get stopped if wpa_supplicant_scan() ends up getting triggered without
MANUAL_SCAN_REQ while operating an AP. With ap_scan=2, this could
resulted in unintentional stopping of AP mode operations, so check
explicitly for that case and skip the wpa_supplicant_assoc_try() call if
needed to avoid this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-11 21:46:38 +03:00
Jouni Malinen
1fbff0b5c4 D-Bus: Set last_scan_req to MANUAL_SCAN_REQ on Scan() trigger paths
The D-Bus Scan() handler was setting wpa_s->scan_req = MANUAL_SCAN_REQ
on the code path that used wpa_supplicant_req_scan(). However, it did
not do anything similar for the cases where
wpa_supplicant_trigger_scan() is called directly. This could result in
unexpected wpa_s->last_scan_req value and incorrect behavior especially
when using ap_scan=2 and running a scan while operating in AP mode. Fix
this by explicitly setting wpa_s->last_scan_req = MANUAL_SCAN_REQ when
using wpa_supplicant_trigger_scan() from the Scan() handler.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-11 21:44:31 +03:00
Ahmad Kholaif
fbcddaed9a P2P: Support driver preferred freq list for invitation case
When using P2P invitation to re-invoke a persistent P2P group without
specifying the operating channel, query the driver for the preferred
frequency list, and use it to select the operating channel of the group.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-11 19:04:45 +03:00
Hu Wang
6108536d7d Drop connection attempt if network is disabled before radio work starts
With the radio work design, it is possible for a network entry to get
disabled (e.g., DISABLE_NETWORK <id>) during the time the connect or
sme-connect radio work waits to start. Previously, only the validity of
the BSS entry and BSSID/SSID was verified when starting the actual
connection step. Add call to wpas_network_disabled() to those checks to
catch the case where the network profile is disabled.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-10 22:16:19 +03:00
Ahmad Kholaif
8e84921efe P2P: Support driver preferred freq list for Autonomous GO case
When starting an autonomous GO without specifying the operating channel,
query the driver for the preferred frequency list, and use it to select
the operating channel of the GO (if supported).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-10 21:27:42 +03:00
Andrei Otcheretianski
b9da88d6c1 P2PS: Authorize any peer for P2PS method if interface address not known
When P2PS PD with default P2PS method is done, the peer that becomes GO
should authorize the client. However, P2PS specification doesn't require
the client to include its intended interface address in PD
Request/Response. As a result, the P2P Client's interface address may not
be known and any address may need to be authorized.

Previously, client's P2P Device Address was used for authorization,
which is not correct when a dedicated interface is used for P2P Client.
This is not resulting in a connection failure, however it causes a
significant delay (until WPS_PIN_TIME_IGNORE_SEL_REG elapses). Fix this
by authorizing the intended interface address, if known; or any address,
if not known.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2015-08-06 20:45:15 +03:00
Jouni Malinen
2a098e3668 P2PS: Clean up intended interface address passing to p2ps_prov_complete
Use NULL to indicate if the address is not available instead of fixed
00:00:00:00:00:00. wpas_p2ps_prov_complete() already had code for
converting NULL to that all zeros address for event messages.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-06 20:45:15 +03:00
Max Stepanov
93f22b4583 P2PS: Fix PD PIN event notifications
Change P2PS P2P-PROV-SHOW-PIN/P2P-PROV-ENTER-PIN event notifications
on PD Request/Response handling to meet required P2PS behavior.

The new implemented scheme:
1. For a legacy P2P provision discovery the event behavior remains
   without changes
2. P2PS PD, advertiser method: DISPLAY, autoaccept: TRUE:
   Advertiser: SHOW-PIN on PD request replied with a status SUCCESS
   Seeker: ENTER-PIN on PD response received with a status SUCCESS
3. P2PS PD, advertiser method: DISPLAY, autoaccept: FALSE:
   Advertiser: SHOW-PIN on PD request replied with a status
     INFO_CURRENTLY_UNAVAILABLE
   Seeker: ENTER-PIN on Follow-on PD request with a status
     SUCCESS_DEFERRED
4. P2PS PD, advertiser method: KEYPAD, autoaccept: TRUE/FALSE:
   Advertiser: ENTER-PIN on PD request replied with a status
     INFO_CURRENTLY_UNAVAILABLE
   Seeker: SHOW-PIN on PD response received with a status
     INFO_CURRENTLY_UNAVAILABLE

This change in behavior breaks the existing test cases
p2ps_connect_keypad_method_nonautoaccept and
p2ps_connect_display_method_nonautoaccept. Those will be fixed in a
followup commit.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>
2015-08-06 13:56:01 +03:00
Ilan Peer
85e152b646 P2P: Fix P2P_FLUSH clearing of p2p_go_avoid_freq
P2P_FLUSH command did not cleanly clear the p2p_go_avoid_freq data
structure, and left it in an inconsistent state, where the range field
was NULL but the num field was not 0. This would have resulted in an
invalid memory access in freq_range_list_includes().

Fix this.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-08-04 18:59:59 +03:00
Ilan Peer
3a8f008a24 P2P: Do not perform P2P GO CS in some cases
A P2P GO channel switch should not be triggered in all cases that
require channel list update. Specifically, a P2P GO CS should not
be triggered in case that the P2P GO state changed or in case that
that the P2P GO has just completed a CS.

To fix this, add reason code to wpas_p2p_channel_list_update() and
trigger CS flow only for the relevant cases.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-08-04 18:34:47 +03:00
Ilan Peer
dae4c82c95 P2P: Disallow GO CS immediately after GO Negotiation or invitation
A newly created GO might move to another channel before the client was
able to connect to it. This creates a situation where the client
searches the GO on the channel agreed upon during GO Negotiation or
invitation signaling, while the GO is on another channel. This in turn
might lead to delayed connection or connection failure and group
removal.

Fix this by disallowing a GO CS as long as there is some activity that
should delay the switch. If a GO move is not allowed, set a timeout to
re-attempt the move.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-08-04 16:14:30 +03:00
Ilan Peer
c2675c87c3 P2P: Consider channel optimizations for additional cases
Re-factor the code, so channel optimizations would be also triggered
upon the following changes: channel updates from the kernel,
disallow_freq interface, etc.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-08-04 16:09:21 +03:00
Arik Nemtsov
0f4bccdbbe Refactor channel list update event in wpa_supplicant
Update hardware features for all interfaces inside the loop, don't treat
the calling wpa_s instance specially. Perform the P2P channel list
updates after the hardware features are updated. This will prevent P2P
from relying on stale information.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2015-08-04 16:04:52 +03:00
Ilan Peer
b130812100 P2P: Modify wpas_p2p_init_go_params()
Not all paths in wpas_p2p_init_go_params() verified that the candidate
frequency can be used for GO purposes. Fix this, and in addition
re-factor the code to put better emphasis on the frequency selection
priorities.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-08-04 00:38:54 +03:00
Ilan Peer
a7160f7ede P2P: Remove GO handling in avoid frequency event
Remove the code that considers removing GOs from their current
channel due to frequency interference, as this is already handled
as part of the P2P channels update.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-08-04 00:32:36 +03:00
Ilan Peer
e280110d17 P2P: Move a GO to a frequency that is also supported by the client
A P2P GO interface that was instantiated after a GO Negotiation or
Invitation holds the intersection of frequencies between the GO and the
client. In case the GO is going to move to another frequency, allow it
to move only to a frequency that is also supported by the client.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-08-04 00:27:13 +03:00
Ilan Peer
5e1f480500 P2P: Add a function to compute the group common freqs
Add a function to compute the group common frequencies, and
use it to update the group_common_frequencies as part of the
channel switch flows.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-08-04 00:18:51 +03:00
Ilan Peer
1a471ff081 P2P: Move a GO from its operating frequency
Upon any change in the currently used channels evaluate if a GO should
move to a different operating frequency, where the possible scenarios:

1. The frequency that the GO is currently using is no longer valid,
   due to regulatory reasons, and thus the GO must be moved to some
   other frequency.
2. Due to Multi Concurrent Channel (MCC) policy considerations, it would
   be preferable, based on configuration settings, to prefer Same
   Channel Mode (SCM) over concurrent operation in multiple channels.
   The supported policies:

   - prefer SCM: prefer moving the GO to a frequency used by some other
     interface.
   - prefer SCM if Peer supports: prefer moving the GO to a frequency
     used by some other station interface iff the other station
     interface is using a frequency that is common between the local and
     the peer device (based on the GO Negotiation/Invitation signaling).
   - Stay on the current frequency.

Currently, the GO transition to another frequency is handled by a
complete tear down and re-setup of the GO. Still need to add CSA flow to
the considerations.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-08-04 00:14:41 +03:00
Jouni Malinen
ab62f96f55 Move debug level string conversion functions to wpa_debug.c
This makes it possible to use these helper functions from hostapd as
well as the current use in wpa_supplicant.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-03 17:44:55 +03:00
Jouni Malinen
84bcb4e7a9 FST: Mark fst_ies buffer const
This buffer is owned by the FST module, so mark it const in the
set_ies() callback to make it clearer which component is responsible for
modifying and freeing this.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-03 17:40:30 +03:00
Daichi Ueura
2665c26f91 Android: Handle STATUS-NO_EVENTS command in wpa_cli
NO_EVENTS parameter was added to STATUS command by commit
a6ab82d7b4 ('Android: Add NO_EVENTS
parameter to status command'). This patch adds handling of the new
parameter in wpa_cli so that "status no_events" can be used to specify
this parameter.

Signed-off-by: Daichi Ueura <daichi.ueura@sonymobile.com>
2015-08-02 21:37:10 +03:00
Daichi Ueura
884c649e26 Android: Make wpa_cli work on wifi.interface without extra params
Currently wpa_cli connects to global control interface if -i/-p
parameters are not specified. wpa_cli on global control interface
is not useful since the prefix like "IFNAME=wlan0 " needs to be
added to some commands like "IFNAME=wlan0 scan". And, specifying
-i/-p parameters every time is annoying. To improve efficiency of
debugging, this patch enables to make wpa_cli work without extra
parameters.

If you still want to connect to global control interface,
the following command can be used instead:

 $ wpa_cli -g@android:wpa_wlan0 (or -gwlan0)

Signed-off-by: Daichi Ueura <daichi.ueura@sonymobile.com>
2015-08-02 21:37:10 +03:00
Masashi Honma
ecd40fef74 mesh: Fix mesh SAE auth on low spec devices
The mesh SAE auth often fails with master branch. By bisect I found
commit eb5fee0bf5 ('SAE: Add side-channel
protection to PWE derivation with ECC') causes this issue. This does not
mean the commit has a bug. This is just a CPU resource issue.

After the commit, sae_derive_pwe_ecc() spends 101(msec) on my PC (Intel
Atom N270 1.6GHz). But dot11RSNASAERetransPeriod is 40(msec). So
auth_sae_retransmit_timer() is always called and it can causes
continuous frame exchanges. Before the commit, it was 23(msec).

On the IEEE 802.11 spec, the default value of dot11RSNASAERetransPeriod
is defined as 40(msec). But it looks short because generally mesh
functionality will be used on low spec devices. Indeed Raspberry Pi B+
(ARM ARM1176JZF-S 700MHz) requires 287(msec) for new
sae_derive_pwe_ecc().

So this patch makes the default to 1000(msec) and makes it configurable.

This issue does not occur on infrastructure SAE because the
dot11RSNASAERetransPeriod is not used on it.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-08-02 21:37:10 +03:00
Michael Olbrich
be11a59486 P2P: Cancel group formation when deleting a group during group formation
Otherwise P2P remains in provisioning state and continues to skip
extended listening forever.

Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
2015-08-02 21:37:09 +03:00
Purushottam Kushwaha
86e2dcf5a6 P2P: Fix update of listen_reg_class and listen_channel
Allow proper update for listen_reg_class and listen_channel with
changed_parameters [CFG_CHANGED_P2P_LISTEN_CHANNEL] configuration for
command received through ctrl_interface. Without this, "set
p2p_listen_channel" and "set p2p_listen_reg_class" do not update the
listen channel. The D-Bus version was already setting these flags.

Signed-off-by: Purushottam Kushwaha <p.kushwaha@samsung.com>
2015-08-02 21:37:09 +03:00
Jouni Malinen
9f59fe8dc8 P2P: Do not clear wpa_s->go_dev_addr before group removal
This variable is needed to figure out whether a wpa_supplicant interface
is for a P2P group that is (or was) connected to a specific GO. The
previous implementation was able to find such a case only when there was
an association with the GO. However, this may be needed even if there is
a temporary disconnection from the GO. Keep the GO device address
information over such temporary disconnections and only remove it on
group termination. This fixes an issue with D-Bus Peer PropertiesChanged
signals for the Groups property in case a P2P group gets removed due to
group idle timeout instead of explicit group termination command (local
request) or GO notification.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-02 21:37:09 +03:00
Gautam
d4e597959c P2P: Fix P2P configuration file name
The P2P configuration file is wrongly set as STA configuration file,
even though a separate configuration file is mentioned with '-m' option.
Add initialization and deallocation of global.params->conf_p2p_dev to
fix this.

Signed-off-by: Gautam <gautams@broadcom.com>
2015-08-02 21:37:09 +03:00
Jouni Malinen
7cb53ded11 Add build option to remove all internal RC4 uses
The new CONFIG_NO_RC4=y build option can be used to remove all internal
hostapd and wpa_supplicant uses of RC4. It should be noted that external
uses (e.g., within a TLS library) do not get disabled when doing this.

This removes capability of supporting WPA/TKIP, dynamic WEP keys with
IEEE 802.1X, WEP shared key authentication, and MSCHAPv2 password
changes.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-02 16:52:56 +03:00
Jouni Malinen
1e4f7bf5d0 Add 'GET_CAPABILITY fips' to enable runtime check for CONFIG_FIPS=y
This can be used to check whether the running wpa_supplicant version was
built with CONFIG_FIPS=y.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-02 16:52:56 +03:00
Jouni Malinen
835c89a16b EAP-TTLS: Disable CHAP, MSCHAP, and MSCHAPV2 in CONFIG_FIPS=y builds
FIPS builds do not include support for MD4/MD5, so disable
EAP-TTLS/CHAP, MSCHAP, and MSCHAPV2 when CONFIG_FIPS=y is used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-01 21:07:44 +03:00
Jouni Malinen
276a3c44dd OpenSSL: Implement aes_wrap/aes_unwrap through EVP for CONFIG_FIPS=y
The OpenSSL internal AES_wrap_key() and AES_unwrap_key() functions are
unfortunately not available in FIPS mode. Trying to use them results in
"aes_misc.c(83): OpenSSL internal error, assertion failed: Low level API
call to cipher AES forbidden in FIPS mode!" and process termination.
Work around this by reverting commit
f19c907822 ('OpenSSL: Implement aes_wrap()
and aes_unwrap()') changes for CONFIG_FIPS=y case. In practice, this
ends up using the internal AES key wrap/unwrap implementation through
the OpenSSL EVP API which is available in FIPS mode. When CONFIG_FIPS=y
is not used, the OpenSSL AES_wrap_key()/AES_unwrap_key() API continues
to be used to minimize code size.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-01 16:56:59 +03:00
Ahmad Kholaif
fc71f7d99d P2P: Expose driver preferred frequency list fetch to P2P
This adds a callback function that can be used from the P2P module to
request the current preferred list of operating channels from the
driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-07-30 22:13:48 +03:00
Ahmad Kholaif
370017d968 P2P: Use preferred frequency list from the local driver
If the driver supports the preferred frequency list extension, use this
information from the driver when no explicitly configured preference
list (p2p_pref_chan) is present for P2P operating channel selection.
This commit adds this for GO Negotiation and Invitation use cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-07-30 22:13:48 +03:00
Jouni Malinen
34c5267bbc Return error from wpa_drv_get_pref_freq_list() if no driver support
Commit 983422088f ('nl80211: Add means to
query preferred channels') return success if no driver wrapper callback
was provided for fetching the preferred channel list. That is
problematic since the *num argument is not updated and uninitialized
freq_list could end up getting used with arbitrary frequency values. Fix
this by returning error in case the values were not available due to
driver wrapper not implementing the function. This matches the style
used in the driver_nl80211.c implementation for the case where the
driver does not support such fetch operation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-07-30 22:13:47 +03:00
Ahmad Kholaif
983422088f nl80211: Add means to query preferred channels
Extend the QCA vendor specific nl80211 interface to query the preferred
frequency list from driver and add a new wpa_cli command to query this
information.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-07-29 19:46:31 +03:00
Ahmad Kholaif
7c813acf9c P2P: Inform driver of the operating channel following group formation
Upon GO Negotiation completion, if the remote peer becomes GO, send a
hint event over QCA vendor specific interface to inform the driver of
the likely operating channel of the P2P GO.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-07-29 19:10:16 +03:00
Srinivas Dasari
844dfeb804 QCA vendor command support to set band to driver
Add vendor command to pass SET setband command to the driver and read
the updated channel list from driver when this notification succeeds.
This allows the driver to update its internal channel lists based on
setband configuration.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-07-28 21:00:18 +03:00
Jouni Malinen
16bc3b8935 OpenSSL: Add SHA256 support in openssl_tls_prf() for TLSv1.2
This is needed when enabling TLSv1.2 support for EAP-FAST since the
SSL_export_keying_material() call does not support the needed parameters
for TLS PRF and the external-to-OpenSSL PRF needs to be used instead.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-28 21:00:17 +03:00