Commit graph

2540 commits

Author SHA1 Message Date
Sven Eckelmann
a5e1eb2092 nl80211: Run TKIP countermeasures in correct hostapd_data context
hostapd can run with different VIF when using nl80211. Events about MIC
failures have to be processed in context of the VIF which received it
and not in context of the primary VIF. Otherwise the station belonging
to this VIF may not be found in the primary VIF station hash and
therefore no countermeasures are started or the countermeasures are
started for the wrong VIF.

Signed-hostap: Sven Eckelmann <sven@open-mesh.com>
Signed-hostap: Simon Wunderlich <simon@open-mesh.com>
2012-12-22 16:19:52 +02:00
Jouni Malinen
8b24861154 Add Acct-Session-Id into Access-Request messages
This optional attribute may make it easier to bind together the
Access-Request and Accounting-Request messages. The accounting session
identifier is now generated when the STA associates instead of waiting
for the actual session to start after successfull authentication.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-18 18:13:31 +02:00
Vladimir Kondratiev
7829894c21 Introduce 60 GHz band
Basic support for the 60 GHz band. Neither P2P nor WPS are yet taken
care off. Allows to start AP with very simple config:

network={
        ssid="test"
        mode=2
        frequency=60480
        key_mgmt=NONE
}

Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-18 11:50:35 +02:00
Sven Eckelmann
f1b44874c2 Fix initialization of ap_table_{max_size,expiration_time}
The config says that the default for ap_table_max_size is 255 and the
default for ap_table_expiration_time is 60. But the code doesn't reflect
the default values mentioned in the sample config file.

These variables completely disable the code for Overlapping Legacy BSS
Condition by default when they are not correctly initialized. WFA
certification requires this feature and therefore an AP would have
failed the certification process unless they were initialized manually
using the configuration file.

Signed-hostap: Sven Eckelmann <sven@open-mesh.com>
Signed-hostap: Simon Wunderlich <simon@open-mesh.com>
2012-12-17 17:54:21 +02:00
Jouni Malinen
9904ff876a WPS: Add RF bands attribute conditionally to Probe Response frame
WSC IE in Beacon and Probe Response frames should behave consistently
as far as the RF Bands attribute is concerned. Use the same dualband
condition for adding this into Probe Response frames since the value
is not really needed if the AP is not a dualband AP.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-17 16:08:23 +02:00
Jouni Malinen
cd6be5c246 WPS: Use wps_rf_bands parameter to determine dualband functionality
If separate hostapd processes are used for different RF bands, the
dualband parameter for WPS was not set correctly. Allow dualband
indication (mainly, addition of RF bands attribute for PBC session
overlap detection) also based on wps_rf_bands value (if set to "ag").

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-17 16:06:10 +02:00
Jouni Malinen
0a66ce3c49 WNM: Add support for SSID List element matching
This allows Probe Request frame processing to compare the configured
SSID to the SSID List element in addition to the SSID element.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 21:22:24 +02:00
Jouni Malinen
b93c8509cc Add support for advertising UTF-8 SSID extended capability
This field can be used to indicate that UTF-8 encoding is used in the
SSID field.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 20:46:51 +02:00
Jouni Malinen
a8e93a1a01 WNM: Skip os_memcpy in wnmtfs_ie is NULL
It is cleaner to skip the memcpy call instead of trusting on the
length parameter being 0 in this case.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 19:48:39 +02:00
Jouni Malinen
835822d404 WNM: Fix GTK/IGTK encoding in WNM-Sleep Mode Exit frame
These subelements do not use AES key wrap (MFP is used instead).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 19:46:10 +02:00
Jouni Malinen
4da10640a7 WNM: Fix AP logic on when to include GTK/IGTK in WNM-Sleep Mode exit
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 19:27:09 +02:00
Jouni Malinen
615a5d559d WNM: Use defined macros for WNM-Sleep Mode Action Type values (AP)
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 19:24:06 +02:00
Jouni Malinen
c79938a584 WNM: Enable WNM-Sleep Mode configuration with hostapd SME/MLME
This allows hostapd to process WNM-Sleep Mode Request when using the
internal SME/MLME.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 19:16:17 +02:00
Jouni Malinen
ad3872a372 WNM: Use CONFIG_WNM more consistently
Replace CONFIG_IEEE80211V with CONFIG_WNM to get more consistent build
options for WNM-Sleep Mode operations. Previously it was possible to
define CONFIG_IEEE80211V without CONFIG_WNM which would break the build.
In addition, IEEE 802.11v has been merged into IEEE Std 802.11-2012 and
WNM is a better term to use for this new functionality anyway.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 18:22:54 +02:00
Jouni Malinen
df80a0ccff WNM: Use defined macros for WNM-Sleep Mode Action Type values
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 12:57:38 +02:00
Jouni Malinen
68db9ab047 WNM: Fix GTK/IGTK parsing for WNM-Sleep Mode Response frame
These fields do not use AES keywrap. Instead, they are protected with
management frame protection (and not included if PMF is disabled).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:48:34 +02:00
Jouni Malinen
bd896433af nl80211: Register to process WNM-Sleep Mode Response frames
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-16 12:42:26 +02:00
Dan Williams
0639970d89 PMKSA: Clear current cache entry on disassociation
Signed-hostap: Dan Williams <dcbw@redhat.com>
2012-11-25 21:53:55 +02:00
Dan Williams
6aaac006af PMKSA: Make deauthentication due to cache entry removal more granular
Expiry can always trigger a deauthentication, but otherwise,
deauthentication should only happen when the *current* cache entry is
removed and not being replaced. It should not happen when the current
PMK just happens to match the PMK of the entry being removed, since
multiple entries can have the same PMK when OKC is used and these
entries are often removed at different times.

This fixes an issue where eviction of the oldest inactive entry due to
adding a newer entry to a full cache caused a deauthentication when the
entry being removed had the same PMK as the current entry.

Signed-hostap: Dan Williams <dcbw@redhat.com>
2012-11-25 21:39:19 +02:00
Jouni Malinen
b7593d35c1 Remove unnecessary PMKSA cache list modification
pmksa_cache_free_entry() takes care of updated the list head pointer
(pmksa->pmksa), so no need to do this change in the caller.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 19:45:54 +02:00
Jouni Malinen
f2a14be798 Use a shared function for freeing PSK list
There is no need to duplicate this code in multiple locations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 18:01:55 +02:00
Jouni Malinen
fc5550a1c2 Use RADIUS shared secret consistently in RX handler
Use the shared_secret pointer from RADIUS client implementation instead
of getting this from hostapd configuration data.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 17:57:16 +02:00
Michael Braun
5ee56c4e19 Keep and use list of PSKs per station for RADIUS-based PSK
This adds support for multiple PSKs per station when using a RADIUS
authentication server to fetch the PSKs during MAC address
authentication step. This can be useful if multiple users share a
device but each user has his or her own private passphrase.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2012-11-25 17:57:16 +02:00
Michael Braun
2ad3e6c858 Cache a list of PSK entries for RADIUS-based PSK delivery
Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2012-11-25 17:57:16 +02:00
Michael Braun
14e919478e Extend radius_msg_get_tunnel_password() to support multiple passwords
The new function parameter can now be used to specify which password to
return.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2012-11-25 17:19:04 +02:00
Jouni Malinen
1a2d22a242 Remove unneeded header file inclusion
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 17:06:38 +02:00
Jouni Malinen
13e1d2e292 Indicate if PMF was negotiated for the connection
Add pmf=1/2 to wpa_supplicant STATUS command output to indicate that PMF
was negotiated for the connect (1 = optional in this BSS, 2 = required
in this BSS).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-24 22:45:17 +02:00
Jouni Malinen
62d4980331 Allow PMF to be enabled by default
Previously, PMF (protected management frames, IEEE 802.11w) could be
enabled only with a per-network parameter (ieee80211w). The new global
parameter (pmf) can now be used to change the default behavior to be PMF
enabled (pmf=1) or required (pmf=2) for network blocks that do not
override this with the ieee80211w parameter.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-24 22:21:29 +02:00
Amitkumar Karwar
368b1957a6 Allow OBSS scan and 20/40 coex reports to non-SME drivers
We enable this feature for non-SME drivers as well if
they explicitly indicate need for it.

Signed-off-by: Amitkumar Karwar <akarwar@marvell.com>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
2012-11-24 18:08:48 +02:00
Jouni Malinen
3d83a6b9b6 Sync with linux/nl80211.h in wireless-testing.git
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-24 18:04:55 +02:00
Johannes Berg
3117ad4283 hostapd: Add second VHT frequency segment config
Add the configuration option vht_oper_centr_freq_seg1_idx
for the second segment of an 80+80 MHz channel and use it
when building the VHT operation IE.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2012-11-24 18:02:29 +02:00
Johannes Berg
202d97d477 hostapd: Add VHT PHY selector if VHT is required
If VHT is required, add the VHT PHY selector to
the (extended) supported rates IE.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2012-11-24 17:27:16 +02:00
Pontus Fuchs
fb660a9431 Do not double free cfg struct if netlink_init() fails
If netlink_init() fails on socket create or bind the cfg struct
provided as parameter is freed by netlink_init(). Callers of
netlink_init() also free this struct on their error paths leading
to double free.

Signed-hostap: Pontus Fuchs <pontus.fuchs@gmail.com>
2012-11-24 16:47:20 +02:00
Jouni Malinen
f403dcd648 HS 2.0: Maintain a copy of HS 2.0 Indication from Association Request
This allows the AP to figure out whether a station is a HS 2.0 STA
during the association and access any information that the STA may have
included in this element.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-24 12:24:31 +02:00
Sunil Dutt
ffa45a1343 P2P: Increase the maximum number of PD Request retries
Change the maximum retry limit from 10 to 120 to match the behavior
used with GO Negotiation Request frames when trying to start GO
Negotiation with a peer that does not acknowledge frames (e.g., due
to being in sleep or on another channel most of the time).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-23 01:15:51 +02:00
Jouni Malinen
175171ac6c P2P: Retry PD Request in join-a-running-group case
The GO may be in sleep when we send a PD Request frame to indicate that
we are about to join a running group. Previously, this frame was not
retried more than normal low level retries. This can result in the GO
not getting the frame especially in cases where concurrent multi-channel
operations or aggressive sleep schedule is used since most drivers do
not yet synchronize with the GO's NoA before association.

Increase the likelihood of the GO receiving the PD Request frame by
retransmitting it similarly to the PD-for-GO-Negotiation case. Start
the actual join operation only after these retries have failed to get
an acknowledgment from the GO to give the connection attempt a chance
to succeed if the driver implements better NoA synchronization for it.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-23 00:53:42 +02:00
Sunil Dutt
6752716663 P2P: Set user_initiated_pd separately from the join parameter
p2p_prov_disc_req() used the join parameter to figure out whether the PD
request was a user initiated or not. This does not cover all use cases
of PD, so add a separate parameter to allow caller to indicate whether
the user requested the operation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-23 00:48:58 +02:00
Jouni Malinen
ee431d77a5 Add preliminary support for using SQLite for eap_user database
CONFIG_SQLITE=y option can now be used to allow the eap_user_file text
file to be replaced with a SQLite database
(eap_user_file=sqlite:/path/to/sqlite.db). hostapd.eap_user_sqlite
shows an example of how the database tables can be created for this
purpose. This commit does not yet include full functionality of the
text file format, but at least basic EAP-TTLS/MSCHAPv2 style
authentication mechanisms with plaintext passwords can be used for
tests.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-21 00:47:47 +02:00
Jouni Malinen
6201b052c8 nl80211: Add support for TDLS request event from the driver
The NL80211_CMD_TDLS_OPER command can be used as an event based on a
recent cfg80211 commit, so add code to map that to internal
wpa_supplicant event to request TDLS link setup/teardown.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-19 17:00:07 +02:00
Jouni Malinen
c772d054c2 hostapd: Fix a regression in TKIP countermeasures processing
Commit 296a34f0c1 changed hostapd to
remove the internal STA entry at the beginning of TKIP countermeasures.
However, this did not take into account the case where this is triggered
by an EAPOL-Key error report from a station. In such a case, WPA
authenticator state machine may continue processing after having
processed the error report. This could result in use of freed memory.
Fix this by stopping WPA processing if the STA entry got removed.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-18 13:06:03 +02:00
Jouni Malinen
6366a17ce3 WPS: Add a workaround for PBC session overlap detection
Some deployed station implementations implement WPS incorrectly and
end up causing PBC session overlap issues by indicating active PBC
mode in a scan after the WPS provisioning step. Work around this by
ignoring active PBC indication in a Probe Request from a station that
completed PBC provisioning during the last five seconds.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-15 19:59:04 +02:00
Jouni Malinen
1ce0aa044c Remove unused disassociate() driver_ops
Commits 07783eaaa0 and
3da372fae8 removed the only users of the
disassociate() driver operation, so these driver wrapper functions can
also be removed now.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-15 00:06:12 +02:00
Jouni Malinen
0779c227af Hide strict-aliasing warning with gcc 4.7
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-11 20:29:20 +02:00
Jouni Malinen
9d7a63dc20 nl80211: Avoid strict-aliasing warning with gcc 4.7
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-11 20:28:27 +02:00
Christopher Wiley
a8c5b43ad3 nl80211: Roam correctly through cfg80211 without SME
Change the nl80211 driver in wpa_supplicant to correctly handle
connecting to a new AP through cfg80211 without SME capability. As
before, the driver will disconnect from the previously associated AP,
but now we attempt to immediately connect to our intended AP. This
prevents us from blacklisting the AP we were trying to connect to
because of a semantic mismatch between cfg80211 and wpa_supplicant. The
disconnect/connect patch generates a local disconnect nl80211 event
which we discard because we're already correctly tracking the pending
association request.

In detail:

cfg80211 does not support connecting to a new BSS while already
connected to another BSS, if the underlying driver doesn't support
separate authenticate and associate commands. wpa_supplicant is written
to expect that this is a supported operation, except for a little error
handling that disconnects from the current BSS when roaming fails and
relies on autoconnect logic to reconnect later. However, this failure to
connect is incorrectly attributed to the new AP we attempted to
associate with, rather than a local condition in cfg80211.

The combined effect of these two conditions is that full-mac drivers
accessible through cfg80211 but without SME capability take a long time
to roam across BSS's because wpa_supplicant will:
1) Fail to associate for local reasons
2) Disconnect and return that the association request failed
3) Blacklist the association target (incorrectly)
4) Do a scan
5) Pick a less desirable AP to associate with

Signed-hostap: Christoper Wiley <wiley@chromium.org>
2012-11-11 16:15:29 +02:00
Baruch Siach
b49019dd3d atheros: Remove redundant l2_packet_get_own_addr call
Commit deca6eff74 added a redundant call
to l2_packet_get_own_addr. Use the information we already have in
atheros_init.

Signed-hostap: Baruch Siach <baruch@tkos.co.il>
2012-11-11 16:07:28 +02:00
Jouni Malinen
58fd49c05d EAP-SIM/AKA server: Fix memory leak in error path
If identity round limit is reached, EAP-SIM/AKA session is terminated.
This needs to free the allocated message.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-11 13:15:49 +02:00
Jouni Malinen
8cd93a01a9 Check hapd_iface more consistently in hostapd_disable_iface()
There is no point in the hapd_iface == NULL validate after this pointer
has been dereferences, so move the code dereferencing hapd_iface after
the check.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-11 13:11:15 +02:00
Jouni Malinen
207fb86411 WPS: Remove deprecated UFD config method and OOB ctrl_iface
The UFD (USB flash drive) configuration method was deprecated in WSC
2.0. Since this is not known to be used, remove the UFD implementation
from hostapd and wpa_supplicant to allow the WPS implementation to be
cleaned up. This removes the now unused OOB operations and ctrl_iface
commands that had already been deprecated by the new NFC operations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-11 13:01:06 +02:00
Masashi Honma
30c371e8a5 P2P: Reduce redundant PSK generation for GO
The PSK generation done by pbkdf2_sha1() is one of the longest CPU time
users according to our profiling from boot to GO started.

So I have reduced some steps.

I could boot a GO by this command sequence.
-------------
add_net
set_network 0 ssid '"DIRECT-XX"'
set_network 0 psk
'"123456789012345678901234567890123456789012345678901234567890123"'
set_network 0 proto RSN
set_network 0 key_mgmt WPA-PSK
set_network 0 pairwise CCMP
set_network 0 auth_alg OPEN
set_network 0 mode 3
set_network 0 disabled 2
p2p_group_add persistent=0 freq=2412
-------------

By this sequence, pbkdf2_sha1() was called three times and the function
calculates the same value each time. Reduce number of calls to
pbkdf2_sha1() from 3 to 1 by caching the previous result.

Signed-hostap: Masashi Honma <masashi.honma at gmail.com>
2012-11-11 11:39:24 +02:00