The wpa_state needs to be dropped back to DISCONNECTED to allow scan
results to trigger a new authentication attempt.
Signed-hostap: Jouni Malinen <j@w1.fi>
If the AP disconnects us with a reason code that indicates that it has
dropped the association, but could allow us to connect again, try to
reconnect to the same BSS without going through the full scan. This can
save quite a bit of time in some common use cases, e.g., when inactivity
timeout is used on the AP (and especially, when waking up from suspend
which has likely triggered some timeout on the AP).
Signed-hostap: Jouni Malinen <j@w1.fi>
The wpa_state needs to be dropped back to DISCONNECTED to allow scan
results to trigger a new authentication attempt. In addition, we can use
wpas_connection_failed() instead of requesting a scan after a fixed time
to make this error case more consistent with other similar error paths
in sme.c.
Signed-hostap: Jouni Malinen <j@w1.fi>
This allows the MAC address of the interface to be changed when the
interface is set down even if the interface does not get completed
removed and re-added.
Signed-hostap: Jouni Malinen <j@w1.fi>
I have a test case where I remove and insert another network adapter
between two connections to AP. The interface get the same interface name
but switches macadresses between the connections. When running WPA2 I
got a failure in EAPOL negotiation and found out that the reason for
this was that the supplicant did not update the MAC address in the
correct place.
This script shows some minimal WPS user interface requirements for
mobile AP support with wpa_supplicant.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
"wpa_cli status wps" can now be used to fetch the WPA2-Personal
passphrase from AP mode operation with wpa_supplicant to make it
easier to meet WPS requirements for legacy STA support.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When using wpa_supplicant AP mode, WPS support is enabled by default for
WPA/WPA2-Personal. Change this to enforce the WPS2 rules on not allowing
WPS to be used with WPA/TKIP-only configuration (i.e., at minimum, mixed
mode with WPA/TKIP and WPA2/CCMP has to be used for WPS to be enabled).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
A disconnection event from the driver may end up getting delivered at a
time when wpa_supplicant is not even trying to connect (e.g., during a
scan that was already started after WPS provisioning step). In such a
case, there is not much point calling wpas_connection_failed() and
skipping this avoids confusing attempts of re-starting scanning while
the previous scan is still in progress.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The show_group_started variable could be left to 1 based on an earlier
failed attempt to start P2P client operation. This can result in
unexpected P2P-GROUP-STARTED event when a GO is started without group
formation (e.g., re-invoke a persistent group or start an autonomous
GO). Avoid this by explicitly clearing show_group_start when setting up
the GO.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Set the HT capabilities of a P2P GO according to the wiphy supported
ones. Mask-in a white-list of HT capabilities that won't cause problems
for non-supporting stations.
Signed-hostap: Arik Nemtsov <arik@wizery.com>
Trying to run sched_scan round every two seconds by defaults sounds way
too frequent since dualband cards are unlikely to be able to complete
the full scan cycle in two seconds. For now, set the hardcoded value to
10 seconds to make this somewhat more reasonable.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When normal scan can speed up operations, use that for the first three
scan runs before starting the sched_scan to allow user space sleep more.
We do this only if the normal scan has functionality that is suitable
for this or if the sched_scan does not have better support for multiple
SSIDs.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, only networks with scan_ssid=1 were included in sched_scan.
This needs to behave similarly to the normal scan where broadcast SSID
is used to find networks that are not scanned for with a specific SSID.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Instead of including only a single SSID in the sched_scan request if
the driver does not support match sets, just drop the SSID filter and
configure more SSIDs up to the sched_scan limit.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
"SET pno <1/0>" ctrl_iface command can now be used to start/stop PNO
with sched_scan driver commands. This will request offloading of
scanning to find any of the enabled networks in the configuration.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The filter_ssids pointer needs to be set to NULL if no SSID filters
are set to avoid filtering out all scan results.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the internal TLS implementation to be built for TLS v1.2
support. In addition to the build option, this changes the TLS PRF
based on the negotiated version number. Though, this commit does not
yet complete support for TLS v1.2.
Signed-hostap: Jouni Malinen <j@w1.fi>
Send the connection events from P2P group to both the group interface
and parent interface ctrl_ifaces to make it easier for external monitor
programs to see these events without having to listen to all group
interfaces when virtual group interfaces are used.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
The previous implementation was trying to add the first SSID
to a zero-length array. Avoid this with an explicit validation
of the array length.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This cleans up the source code and makes it less likely that new AKM
addition misses some needed changes in the future.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_supplicant is going to reject a configuration file that uses
WPA/WPA2-Personal (the default key_mgmt), but does not define
passphrase/PSK. Refuse to save such a configuration to avoid getting
stuck with a configuration that wpa_supplicant will reject.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is the default value if device_type is not set, so do not
write it to the wpa_supplicant configuration file when saving
updated configuration.
Signed-hostap: Jouni Malinen <j@w1.fi>
Display signal strength in dBm with visual indicator in the form of a
bar for scan results displayed by wpa_gui-qt4. Any signal > -35dBm is
treated as full signal bar, signals between range of -95<->-35dBm are
displayed linearly. Convert WEXT signal level value to scale that
nl80211 typically reports in dBm. The condition which differentiates
8-bit WEXT dBm and regular dBm is probably fragile, but there is
currently no way to know what the driver is going to report for signal
strength.
Signed-off-by: Kel Modderman <kel@otaku42.de>
Use the no-ACK send_mlme request to transmit Probe Response frames
in P2P Listen state. This reduces number of unnecessary transmissions
if the peer device has already moved away from the channel. It will most
likely go through Search state multiple times anyway, so even if the
response were to be lost, a new retry will happen at higher layer.
Signed-hostap: Jouni Malinen <j@w1.fi>
In some situations it might be benefical to send a unicast frame without
the need for getting it ACKed (probe responses for example). In order to
achieve this add a new noack parameter to the drivers send_mlme callback
that can be used to advise the driver to not wait for an ACK for this
frame.
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
Even though scan_ssid should not really be set for wildcard SSID,
better verify that here explicitly insead of assuming that the
SSID is set.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new event can be used when EAPOL TX status can't be reported as a
complete 802.11 frame but is instead reported as just the EAPOL data as
originally passed to hapd_send_eapol().
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
The source code compiles into different objects depending on
the contents of .config. Therefore, the objects should depend
on .config.
Previously, only the executables depended on .config. This meant
that they were re-linked when .config changed. But that relink
process used the old (and now wrong) objects.
Scan wasn't initiated in case the config contained only networks without
scan_ssid. In such a case we want scan to be initiated without any SSIDs
to actively scan but include all the SSIDs in the filter list. Also
added some debug logs to easily see which SSIDs were included in which
list.
Cc: Luciano Coelho <coelho@ti.com>
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Some drivers do not handle concurrent remain-on-channel operation
requests, so run p2p_stop_find() prior to starting p2p_listen. This
addresses some issues with P2P_LISTEN command being issues again
while already in Listen state.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
In AP mode, authentication algorithm is reset in
hostapd_config_defaults_bss() and never set to the configured one. This
would pass the default auth_algs (OPEN|SHARED) to driver regardless of
what the wpa_supplicant configuration is requesting.
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com>
The P2P_FIND command was failing if it was issued at the moment when
a scan operation was in progress. Avoid returning failure in this
case by scheduling the P2P find to start once the ongoing scan is
completed.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The libnl_2 library uses static linking and different path for
header files in the Android ICS release.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
P2P IE was incorrectly added in wpa_supplicant AP mode even if P2P
function was not actually enabled.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When wpa_supplicant AP mode is used, WPS was enabled by default
regardless of security mode. This is not desired for WEP, so change
the AP configuration to enable WPS only for open and WPA/WPA2-Personal
networks.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This has been obsoleted by the more generic Linux WEXT (driver_wext.c)
support. The hostap and madwifi driver wrappers can now be used only
with hostapd. The old station interface remains available in releases up
to 1.x.
Signed-hostap: Jouni Malinen <j@w1.fi>
The driver wrappers broadcom, iphone, osx, and ralink have not been
maintained for a while and it does not look like they will be in the
future either. As such, remove them from the development branch. The
previous versions will be included in older releases up to 1.x.
Signed-hostap: Jouni Malinen <j@w1.fi>
Use a driver_ndis.c specific initialization function to fill in the
wpa_driver_ops information to make it easier to modify struct
wpa_driver_ops in the future. Being able to build driver_ndis.c
with MSVC was the only reason for having to maintain the same order
of function pointers in struct wpa_driver_ops and for having to
update driver_ndis.c for all changes in that structure.
Signed-hostap: Jouni Malinen <j@w1.fi>
This code has not been maintained for years and there is no plan on
doing so either in the future. The Qt4-based wpa_gui-qt4 version can be
used as a replacement for this older wpa_gui version.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_supplicant_rsn_preauth_scan_results() needs to be called to
update RSN pre-authentication candidates. This cannot be done before
the wpa_supplicant_connect() call on the first association, but when
trying to figure out whether to roam, it is fine to do so for the
case when roaming is skipped.
Signed-hostap: Jouni Malinen <j@w1.fi>
In scan.c, merge a channel's noise value into the scan results. When
comparing scan results, compute the signal-to-noise ratio and use it
when available. Prefer a 5 GHz network if its SNR is really big (> 30)
or if its SNR is relatively close to the other network's.
The eloop timeout to stop TKIP countermeasures has to be canceled
on deinit path to avoid leaving bogus timeouts behind.
Signed-hostap: Jouni Malinen <j@w1.fi>
Converts from a string to a control request enum when input
from a control interface is received. Will be used by a
subsequent patch.
Signed-off-by: Dan Williams <dcbw@redhat.com>
Add a D-Bus signal for EAP SM requests. This signal is emitted on the
Interface object so that clients only have to listen to one object for
requests rather than to all network objects. This signal is analogous
to the socket control interface's CTRL-REQ- request.
Signed-off-by: Dan Williams <dcbw@redhat.com>
Control requests will be extended for non-EAP uses later, so it makes
sense to have them be generic. Furthermore, having them defined as an
enum is easier for processing internally, and more generic for control
interfaces that may not use field names. The public ctrl_req_type /
field_name conversion function will be used later by the D-Bus control
interface too.
Signed-off-by: Dan Williams <dcbw@redhat.com>
At least with driver_test.c, the BSS table may not include frequency
information. In such a case, we need to skip rate set matching during
BSS selection to avoid rejecting valid AP.
Signed-hostap: Jouni Malinen <j@w1.fi>
The interface may not yet have been set to P2P client mode immediately
after GO Negotiation when doing the scan before association request.
Consequently, the scan request in this state has to specify that the
specific P2P probe mode is used to disable IEEE 802.11b rates.
Signed-hostap: Jouni Malinen <j@w1.fi>
This function was used unconditionally if wpa_supplicant build
includes CONFIG_P2P=y. Adding a separate driver_ops for such use
is not really useful since the driver wrappers can do the same
internally. Remove this driver_ops and move matching functionality
into driver_nl80211.c which was the only driver wrapper using
this driver_ops callback.
Signed-hostap: Jouni Malinen <j@w1.fi>
This can be used to apply the no-CCK rule conditionally depending on
which frame is being sent. The no-CCK rule applies only for P2P
management frames while SA Query and FT use cases do not have similar
restrictions.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_supplicant dbus objects are currently difficult to use with
GDBusProxy. This is because they do not follow the dbus standard in
emitting the PropertiesChanged signal on the standard D-Bus properties
interface, so GDBusProxy stores stale property values.
Fix this by raising PropertiesChanged on the standard interface.
For backwards compatibility, the existing custom PropertiesChanged
signals are not removed; I anticipate them being removed in a future
major release.
See
http://lists.freedesktop.org/archives/dbus/2011-August/014593.html
for more info.
Signed-off-by: Daniel Drake <dsd@laptop.org>
P2P Client did not show correct frequency in the control interface
event P2P_EVENT_GROUP_STARTED. Fix that by using the frequency from
the BSS table or association event.
This patch stops any on-going "p2p_find" on creating an Autonomous GO.
This is already taken care in case of invoking a persistent GO. GO as
such will be advertising via the beacons for other devices to discover.
So normally the GO doesn't need to do a p2p_find until and unless it
wants to invite a P2P Client. In case of Invite scenario, logically it
is better to do a explicit discover [via user intervention] after the GO
is created. This patch will help to reduce battery wastage [due to
p2p_find operations] in scenarios where user creates a GO and doesn't
initiate a connection.
Once PBC overlap detected when using dynamic group interfaces, the wpa_s
corresponding to P2P group interface is freed. This patch avoids
accessing the wpa_s data structure after it is freed. This fixes a
possible crash in P2P client role in such a case.
The persistent_reconnect configuration parameter was used to decide
whether to accept invitation to re-establish a persistent group.
However, this was not being advertised in the Group Capability bitmap.
Add the Persistent Reconnect bit based on this configuration to GO
Negotiation frames and Beacon/Probe Response frames from the GO.
Use capability information to decide whether to perform a given TDLS
operation internally or through mgmt-frame Tx.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
Before commencing setup, add a new STA entry to the driver representing
the peer. Later during setup, update the STA entry using information
received from the peer.
Extend sta_add() callback for adding/modifying a TDLS peer entry and
connect it to the TDLS state machine. Implement this callback for the
nl80211 driver and send peer information to kernel.
Mark TDLS peer entries with a new flag and translate it to a
corresponding nl80211 flag in the nl80211 driver.
In addition, correct TDLS related documentation in the wpa_driver_ops
structure.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
Disable the direct connection when a TDLS peer stops responding
to packets, as indicated by the "LOW ACK" event coming from a driver.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
When a driver does not implement the TDLS_TEARDOWN operation internally,
send an explicit TDLS link teardown frame to the driver.
Change all teardown calls to use these calling semantics.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
Register for the TDLS discovery response public action frame in nl80211.
Print out a debug message when a Discovery Resp frame is received and
validated.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
Put glue code in place to propagate TDLS related driver capabilities to
the TDLS state machine.
If the driver doesn't support capabilities, assume TDLS is supported
internally.
When TDLS is explicitly not supported, disable all user facing TDLS
operations.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
These driver_ops functions set_channel, set_ssid, set_bssid,
mlme_add_sta, and mlme_remove_sta were used with the user space
MLME implementation in wpa_supplicant. That was only for testing
purposes and was removed, but these driver_ops were forgotten.
Remove them now to remove confusing driver_ops definitions.
IEEE Std 802.11-2007 7.3.2.2 demands that in order to join a BSS all
required basic rates have to be supported by the hardware.
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
The hardware feature data is required in several different places
throughout the code. Previously, the data was acquired and freed on
demand, but with this patch wpa_supplicant will keep a single copy
around at runtime for everyone to use.
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
This avoids allocating global driver state for driver wrappers that
are built in but not used. This can save some resources and avoids
failures with driver_nl80211.c that is now initializing netlink
connections for nl80211 in global_init().
