Go through the received bandSupport JSON array and print its contents in
the debug log. This information might be exposed to upper layer
configuration generation/use somehow in the future.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The new hostapd and wpa_supplicant configuration parameters dpp_name and
dpp_mud_url can now be used to set a specific name and MUD URL for the
Enrollee to use in the Configuration Request. dpp_name replaces the
previously hardcoded "Test" string (which is still the default if an
explicit configuration entry is not included). dpp_mud_url can
optionally be used to add a MUD URL to describe the Enrollee device.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
A new argument to the DPP_AUTH_INIT command (conn_status=1) can now be
used to set Configurator to request a station Enrollee to report
connection result after a successfully completed provisioning step. If
the peer supports this, the DPP-CONF-SENT event indicates this with a
new argument (wait_conn_status=1) and the Configurator remains waiting
for the connection result for up to 16 seconds.
Once the Enrollee reports the result, a new DPP-CONN-STATUS-RESULT event
is generated with arguments result, ssid, and channel_list indicating
what the Enrollee reported. result=0 means success while non-zero codes
are for various error cases as specified in the DPP tech spec. If no
report is received from the Enrollee, the event with "timeout" argument
is generated locally.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This is more consistent with the use of CONFIG_DPP2 since the
Configuration Result message is sent only when using version 2 or newer.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
If only one of the allocations fails, the successful allocation needs to
be freed on the error path.
Fixes: 22f90b32f1 ("DPP2: Configuration Result message generation and processing")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The previous support in the 60 GHz band was for channels 1-4.
Add support for channels 5 and 6.
Signed-off-by: Alexei Avshalom Lazar <ailizaro@codeaurora.org>
Update the documentation of QCA_ATTR_ROAM_CONTROL_SCAN_FREQ_LIST
to make it a nested attribute to carry frequencies of type u32.
This is to be in sync with the nl80211 attribute
NL80211_ATTR_SCAN_FREQUENCIES.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Hardcode this to be defined and remove the separate build options for
PMF since this functionality is needed with large number of newer
protocol extensions and is also something that should be enabled in all
WPA2/WPA3 networks.
Signed-off-by: Jouni Malinen <j@w1.fi>
Set the max value of optional bytes inside the data structure. This
requires us to calculate the actually used size when copying the
HE capabilities and generating the IE.
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Sven Eckelmann <seckelmann@datto.com>
Track PMK-R0/PMK-R0-Name from the initial mobility domain association
and derive PMK-R1/PTK when the station uses FT protocol. This allows
frames from additional roaming cases to be decrypted.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
If FT over-the-DS case is enforced through the "FT_DS <BSSID>" control
interface command, the PMF capability check during BSS selection is not
used and that could have allowed PMF to be disabled in the over-the-DS
case even if the local network profile mandated use of PMF. Check
against this explicitly to avoid unexpected cases if the APs within the
same mobility domain are not configured consistently.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This is not used only with FT, so make the comments less confusing and
include the function in all builds to make it available for
non-FT/non-FILS builds.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add vendor command QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY_EXT
and attribute qca_wlan_vendor_attr_avoid_frequency_ext to send structured
avoid frequency data.
This new command is alternative to existing command
QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY since existing command is
using stream of bytes instead of structured data using vendor attributes.
Signed-off-by: Rajeev Kumar Sirasanagandla <rsirasan@codeaurora.org>
As a part of P802.11ax amendment, 6 GHz band operation is added.
Since the 6 GHz channel numbers are overlapping with existing 2.4 GHz
and 5 GHz channel numbers, use frequency to identify unique channel
operation instead of channel number. Channel frequency is unique across
bands.
In the existing QCA vendor interface, wherever missing, add frequency
attributes to identify unique channel operation. In addition, add
comments to document some of the previously missed attributes/values.
Note: If both channel and frequency attributes are present in vendor
command/event and
(a) If both the driver and user-space application supports 6 GHz band
then channel related attributes are deprecated and use frequency
attributes.
(b) If either driver or user-space application or both doesn't
support 6 GHz band then use channel attributes.
Signed-off-by: Rajeev Kumar Sirasanagandla <rsirasan@codeaurora.org>
Add QCA_WLAN_VENDOR_ATTR_SAP_CONFIG_CHANNEL attribute in
enum qca_wlan_vendor_attr_sap_config to use with vendor command
QCA_NL80211_VENDOR_SUBCMD_SET_SAP_CONFIG.
This new attribute is used to restart AP on given channel.
Signed-off-by: Rajeev Kumar Sirasanagandla <rsirasan@codeaurora.org>
Add a QCA vendor sub command QCA_NL80211_VENDOR_SUBCMD_ACS_POLICY
with attributes enum qca_wlan_vendor_attr_acs_config and
enum qca_acs_dfs_mode to configure ACS policy.
Signed-off-by: Rajeev Kumar Sirasanagandla <rsirasan@codeaurora.org>
This enhances the existing vendor command QCA_NL80211_VENDOR_SUBCMD_ROAM
with the following configurations:
1. Set/get/clear roam control
2. Set/get the channels on which the roaming has to be triggered.
3. Set/get the roam scan period.
4. Configure the triggers for roaming.
5. Configure the candidate selection criteria.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
qca_wlan_vendor_attr_roam_subcmd is an enum associated with the
attribute QCA_WLAN_VENDOR_ATTR_ROAMING_SUBCMD. It represents different
sub command values and these are not the attributes. Hence, rename the
enum to qca_wlan_vendor_roaming_subcmd. Accordingly, the members of this
enum are also renamed to suite the usage.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Update the version number for the build and also add the ChangeLog
entries for both hostapd and wpa_supplicant to describe main changes
between v2.7 and v2.8.
Signed-off-by: Jouni Malinen <j@w1.fi>
The KCK, PMK, and PMKID derivation fix broke SAE key derivation for all
FFC groups. Fix that by setting sae->tmp->order_len for FFC groups (it
was only set for ECC groups).
Fixes: ac734a342e ("SAE: Fix KCK, PMK, and PMKID derivation for groups 22, 23, 24")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This replaces the separately implemented ECDH operations with a single
helper function to avoid code duplication. In addition, this introduces
a workaround for strange OpenSSL behavior where the first
EVP_PKEY_derive(NULL) call to learn the size of the output shared secret
returns unexpectedly large buffer (72 octets when expected 32 octets for
group 19). It is not known what is causing this, but such behavior seems
to be showing up every now and then at least when running hwsim test
cases under UML and apparently mainly (only?) in the sigma_dut
controller cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
IEEE Std 802.11-2016 is not exactly clear on the encoding of the bit
string that is needed for KCK, PMK, and PMKID derivation, but it seems
to make most sense to encode the (commit-scalar + peer-commit-scalar)
mod r part as a bit string by zero padding it from left to the length of
the order (in full octets).
The previous implementation used the length of the prime (in full
octets). This would work for KCK/PMK, but this results in deriving all
zero PMKIDs for the groups where the size of the order is smaller than
the size of the prime. This is the case for groups 22, 23, and 24.
However, those groups have been marked as being unsuitable for use with
SAE, so this fix should not really have a practical impact anymore.
Anyway, better fix it and document this clearly in the implementation
taken into account the unclarity of the standard in this area.
Signed-off-by: Jouni Malinen <j@w1.fi>
Disable groups that use Brainpool curves for now since they leak more
timing information due to the prime not being close to a power of two.
This removes use of groups 28, 29, and 30 from SAE and EAP-pwd.
Signed-off-by: Jouni Malinen <j@w1.fi>
These SAE, OWE, DPP, and OSEN AKM suite selectors were covered in the
reverse conversion in rsn_key_mgmt_to_bitfield(), but were missing from
wpa_akm_to_suite(). Add them to make AKM suite selector reporting more
accurate in RADIUS Accounting messages (and future users of this
function).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Use a shared function to determine the k parameter, i.e., the minimum
number of iterations of the PWE derivation loop, for SAE and EAP-pwd.
This makes it easier to fine-tune the parameter based on the negotiated
group, if desired.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add attributes QCA_WLAN_VENDOR_ATTR_CONFIG_ELNA_BYPASS under
the enum qca_wlan_vendor_attr_config to support set and get
the ELNA bypass.
Signed-off-by: Paul Zhang <paulz@codeaurora.org>
Add a new vendor attribute QCA_WLAN_VENDOR_ATTR_DISCONNECT_IES
to configure disconnect IEs to the driver. Driver shall fill
these IEs in disassoc/deauth frame.
These IEs are expected to be considered only for the next
immediate disconnection (disassoc/deauth frame) originated by
the DUT, irrespective of the entity (user space/driver/firmware)
triggering the disconnection.
The host drivers are not expected to use the IEs set through
this interface for further disconnections after the first immediate
disconnection initiated post the configuration.
If the IEs are also updated through cfg80211 interface (after the
enhancement to cfg80211_disconnect), host driver is expected to
take the union of IEs from both of these interfaces and send in
further disassoc/deauth frames.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a QCA vendor sub command QCA_NL80211_VENDOR_SUBCMD_OEM_DATA
with attributes qca_wlan_vendor_attr_oem_data_params to support
OEM data. It is used to send OEM data binary blobs from
application/service to firmware. The attributes defined in enum
qca_wlan_vendor_attr_oem_data_params are used to deliver the
parameters.
Signed-off-by: Paul Zhang <paulz@codeaurora.org>
This reduces differences in timing and memory access within the
hunting-and-pecking loop for ECC groups that have a prime that is not
close to a power of two (e.g., Brainpool curves).
Signed-off-by: Jouni Malinen <j@w1.fi>
The driver automatically starts beacon reporting if it pauses the beacon
reporting for any reason other than disconnection. In specific cases,
userspace may not want the beacon reporting to be automatically resumed
after a pause. Add interface support for userspace to specify driver not
to start beacon reporting automatically after a pause.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add the following vendor attributes under the enum
qca_wlan_vendor_attr_spectral_scan to support the configuration of
Spectral DMA debug.
1. QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_DMA_RING_DEBUG
Enable/disable debug of the Spectral DMA ring
2. QCA_WLAN_VENDOR_ATTR_SPECTRAL_SCAN_CONFIG_DMA_BUFFER_DEBUG
Enable/disable debug of the Spectral DMA buffers
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a config option to allow setting a custom Basic NSS/MCS set. As a
default we use single stream HE-MCS 0-7.
Signed-off-by: Shashidhar Lakkavalli <slakkavalli@datto.com>
Signed-off-by: John Crispin <john@phrozen.org>
Process HE information in (Re)Association Request frames and add HE
elements into (Re)Association Response frames when HE is enabled in the
BSS.
Signed-off-by: Shashidhar Lakkavalli <slakkavalli@datto.com>
Signed-off-by: John Crispin <john@phrozen.org>
The HE Capibilities element has dynamic size due to the variable length
and optional fields at the end. Mask out the channel width capabilities
that are less than the configured. Only add the MCS/NSS sets for the
announced channel widths and also add the PPET elements.
Signed-off-by: Shashidhar Lakkavalli <slakkavalli@datto.com>
Signed-off-by: John Crispin <john@phrozen.org>
oper_chwidth is used for both VHT and HE here.
Signed-off-by: Shashidhar Lakkavalli <slakkavalli@datto.com>
Signed-off-by: John Crispin <john@phrozen.org>
The bandwidth values are shared between VHT and HE mode so remove the
VHT specific prefix.
Signed-off-by: Shashidhar Lakkavalli <slakkavalli@datto.com>
Signed-off-by: John Crispin <john@phrozen.org>
The bootstrapping URI format for DPP was extended during protocol design
to allow a list of channels without having to repeat the same operating
class information for each channel. That change was not included in the
initial implementation of the parser and a channel-list like
"C:81/1,6,11" would not be understood correctly (i.e., only the longer
"C:81/1,81/6,81/11" form would have been parsed correctly).
Fix this by extending the parser to accept both the shorter and longer
form for a list of channels within a single operating class.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Do not allow auth->own_protocol_key to be overridden without having
freed the previously stored key in case a test sequence in
dpp_proto_auth_conf_replaced_by_resp is used.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Do not allow auth->peer_protocol_key to be overridden without having
freed the previously stored key in case two Authentication Response
messages are received.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
