I have a test case where I remove and insert another network adapter
between two connections to AP. The interface get the same interface name
but switches macadresses between the connections. When running WPA2 I
got a failure in EAPOL negotiation and found out that the reason for
this was that the supplicant did not update the MAC address in the
correct place.
This script shows some minimal WPS user interface requirements for
mobile AP support with wpa_supplicant.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
"wpa_cli status wps" can now be used to fetch the WPA2-Personal
passphrase from AP mode operation with wpa_supplicant to make it
easier to meet WPS requirements for legacy STA support.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When using wpa_supplicant AP mode, WPS support is enabled by default for
WPA/WPA2-Personal. Change this to enforce the WPS2 rules on not allowing
WPS to be used with WPA/TKIP-only configuration (i.e., at minimum, mixed
mode with WPA/TKIP and WPA2/CCMP has to be used for WPS to be enabled).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
A disconnection event from the driver may end up getting delivered at a
time when wpa_supplicant is not even trying to connect (e.g., during a
scan that was already started after WPS provisioning step). In such a
case, there is not much point calling wpas_connection_failed() and
skipping this avoids confusing attempts of re-starting scanning while
the previous scan is still in progress.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The show_group_started variable could be left to 1 based on an earlier
failed attempt to start P2P client operation. This can result in
unexpected P2P-GROUP-STARTED event when a GO is started without group
formation (e.g., re-invoke a persistent group or start an autonomous
GO). Avoid this by explicitly clearing show_group_start when setting up
the GO.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Set the HT capabilities of a P2P GO according to the wiphy supported
ones. Mask-in a white-list of HT capabilities that won't cause problems
for non-supporting stations.
Signed-hostap: Arik Nemtsov <arik@wizery.com>
Trying to run sched_scan round every two seconds by defaults sounds way
too frequent since dualband cards are unlikely to be able to complete
the full scan cycle in two seconds. For now, set the hardcoded value to
10 seconds to make this somewhat more reasonable.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When normal scan can speed up operations, use that for the first three
scan runs before starting the sched_scan to allow user space sleep more.
We do this only if the normal scan has functionality that is suitable
for this or if the sched_scan does not have better support for multiple
SSIDs.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, only networks with scan_ssid=1 were included in sched_scan.
This needs to behave similarly to the normal scan where broadcast SSID
is used to find networks that are not scanned for with a specific SSID.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Instead of including only a single SSID in the sched_scan request if
the driver does not support match sets, just drop the SSID filter and
configure more SSIDs up to the sched_scan limit.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
"SET pno <1/0>" ctrl_iface command can now be used to start/stop PNO
with sched_scan driver commands. This will request offloading of
scanning to find any of the enabled networks in the configuration.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The filter_ssids pointer needs to be set to NULL if no SSID filters
are set to avoid filtering out all scan results.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the internal TLS implementation to be built for TLS v1.2
support. In addition to the build option, this changes the TLS PRF
based on the negotiated version number. Though, this commit does not
yet complete support for TLS v1.2.
Signed-hostap: Jouni Malinen <j@w1.fi>
Send the connection events from P2P group to both the group interface
and parent interface ctrl_ifaces to make it easier for external monitor
programs to see these events without having to listen to all group
interfaces when virtual group interfaces are used.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
The previous implementation was trying to add the first SSID
to a zero-length array. Avoid this with an explicit validation
of the array length.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This cleans up the source code and makes it less likely that new AKM
addition misses some needed changes in the future.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_supplicant is going to reject a configuration file that uses
WPA/WPA2-Personal (the default key_mgmt), but does not define
passphrase/PSK. Refuse to save such a configuration to avoid getting
stuck with a configuration that wpa_supplicant will reject.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is the default value if device_type is not set, so do not
write it to the wpa_supplicant configuration file when saving
updated configuration.
Signed-hostap: Jouni Malinen <j@w1.fi>
Display signal strength in dBm with visual indicator in the form of a
bar for scan results displayed by wpa_gui-qt4. Any signal > -35dBm is
treated as full signal bar, signals between range of -95<->-35dBm are
displayed linearly. Convert WEXT signal level value to scale that
nl80211 typically reports in dBm. The condition which differentiates
8-bit WEXT dBm and regular dBm is probably fragile, but there is
currently no way to know what the driver is going to report for signal
strength.
Signed-off-by: Kel Modderman <kel@otaku42.de>
Use the no-ACK send_mlme request to transmit Probe Response frames
in P2P Listen state. This reduces number of unnecessary transmissions
if the peer device has already moved away from the channel. It will most
likely go through Search state multiple times anyway, so even if the
response were to be lost, a new retry will happen at higher layer.
Signed-hostap: Jouni Malinen <j@w1.fi>
In some situations it might be benefical to send a unicast frame without
the need for getting it ACKed (probe responses for example). In order to
achieve this add a new noack parameter to the drivers send_mlme callback
that can be used to advise the driver to not wait for an ACK for this
frame.
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
Even though scan_ssid should not really be set for wildcard SSID,
better verify that here explicitly insead of assuming that the
SSID is set.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new event can be used when EAPOL TX status can't be reported as a
complete 802.11 frame but is instead reported as just the EAPOL data as
originally passed to hapd_send_eapol().
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
The source code compiles into different objects depending on
the contents of .config. Therefore, the objects should depend
on .config.
Previously, only the executables depended on .config. This meant
that they were re-linked when .config changed. But that relink
process used the old (and now wrong) objects.
Scan wasn't initiated in case the config contained only networks without
scan_ssid. In such a case we want scan to be initiated without any SSIDs
to actively scan but include all the SSIDs in the filter list. Also
added some debug logs to easily see which SSIDs were included in which
list.
Cc: Luciano Coelho <coelho@ti.com>
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Some drivers do not handle concurrent remain-on-channel operation
requests, so run p2p_stop_find() prior to starting p2p_listen. This
addresses some issues with P2P_LISTEN command being issues again
while already in Listen state.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
In AP mode, authentication algorithm is reset in
hostapd_config_defaults_bss() and never set to the configured one. This
would pass the default auth_algs (OPEN|SHARED) to driver regardless of
what the wpa_supplicant configuration is requesting.
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com>
The P2P_FIND command was failing if it was issued at the moment when
a scan operation was in progress. Avoid returning failure in this
case by scheduling the P2P find to start once the ongoing scan is
completed.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The libnl_2 library uses static linking and different path for
header files in the Android ICS release.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
P2P IE was incorrectly added in wpa_supplicant AP mode even if P2P
function was not actually enabled.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When wpa_supplicant AP mode is used, WPS was enabled by default
regardless of security mode. This is not desired for WEP, so change
the AP configuration to enable WPS only for open and WPA/WPA2-Personal
networks.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This has been obsoleted by the more generic Linux WEXT (driver_wext.c)
support. The hostap and madwifi driver wrappers can now be used only
with hostapd. The old station interface remains available in releases up
to 1.x.
Signed-hostap: Jouni Malinen <j@w1.fi>
The driver wrappers broadcom, iphone, osx, and ralink have not been
maintained for a while and it does not look like they will be in the
future either. As such, remove them from the development branch. The
previous versions will be included in older releases up to 1.x.
Signed-hostap: Jouni Malinen <j@w1.fi>
Use a driver_ndis.c specific initialization function to fill in the
wpa_driver_ops information to make it easier to modify struct
wpa_driver_ops in the future. Being able to build driver_ndis.c
with MSVC was the only reason for having to maintain the same order
of function pointers in struct wpa_driver_ops and for having to
update driver_ndis.c for all changes in that structure.
Signed-hostap: Jouni Malinen <j@w1.fi>
This code has not been maintained for years and there is no plan on
doing so either in the future. The Qt4-based wpa_gui-qt4 version can be
used as a replacement for this older wpa_gui version.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_supplicant_rsn_preauth_scan_results() needs to be called to
update RSN pre-authentication candidates. This cannot be done before
the wpa_supplicant_connect() call on the first association, but when
trying to figure out whether to roam, it is fine to do so for the
case when roaming is skipped.
Signed-hostap: Jouni Malinen <j@w1.fi>
In scan.c, merge a channel's noise value into the scan results. When
comparing scan results, compute the signal-to-noise ratio and use it
when available. Prefer a 5 GHz network if its SNR is really big (> 30)
or if its SNR is relatively close to the other network's.
The eloop timeout to stop TKIP countermeasures has to be canceled
on deinit path to avoid leaving bogus timeouts behind.
Signed-hostap: Jouni Malinen <j@w1.fi>
Converts from a string to a control request enum when input
from a control interface is received. Will be used by a
subsequent patch.
Signed-off-by: Dan Williams <dcbw@redhat.com>
Add a D-Bus signal for EAP SM requests. This signal is emitted on the
Interface object so that clients only have to listen to one object for
requests rather than to all network objects. This signal is analogous
to the socket control interface's CTRL-REQ- request.
Signed-off-by: Dan Williams <dcbw@redhat.com>
Control requests will be extended for non-EAP uses later, so it makes
sense to have them be generic. Furthermore, having them defined as an
enum is easier for processing internally, and more generic for control
interfaces that may not use field names. The public ctrl_req_type /
field_name conversion function will be used later by the D-Bus control
interface too.
Signed-off-by: Dan Williams <dcbw@redhat.com>
At least with driver_test.c, the BSS table may not include frequency
information. In such a case, we need to skip rate set matching during
BSS selection to avoid rejecting valid AP.
Signed-hostap: Jouni Malinen <j@w1.fi>
The interface may not yet have been set to P2P client mode immediately
after GO Negotiation when doing the scan before association request.
Consequently, the scan request in this state has to specify that the
specific P2P probe mode is used to disable IEEE 802.11b rates.
Signed-hostap: Jouni Malinen <j@w1.fi>
This function was used unconditionally if wpa_supplicant build
includes CONFIG_P2P=y. Adding a separate driver_ops for such use
is not really useful since the driver wrappers can do the same
internally. Remove this driver_ops and move matching functionality
into driver_nl80211.c which was the only driver wrapper using
this driver_ops callback.
Signed-hostap: Jouni Malinen <j@w1.fi>
This can be used to apply the no-CCK rule conditionally depending on
which frame is being sent. The no-CCK rule applies only for P2P
management frames while SA Query and FT use cases do not have similar
restrictions.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_supplicant dbus objects are currently difficult to use with
GDBusProxy. This is because they do not follow the dbus standard in
emitting the PropertiesChanged signal on the standard D-Bus properties
interface, so GDBusProxy stores stale property values.
Fix this by raising PropertiesChanged on the standard interface.
For backwards compatibility, the existing custom PropertiesChanged
signals are not removed; I anticipate them being removed in a future
major release.
See
http://lists.freedesktop.org/archives/dbus/2011-August/014593.html
for more info.
Signed-off-by: Daniel Drake <dsd@laptop.org>
P2P Client did not show correct frequency in the control interface
event P2P_EVENT_GROUP_STARTED. Fix that by using the frequency from
the BSS table or association event.
This patch stops any on-going "p2p_find" on creating an Autonomous GO.
This is already taken care in case of invoking a persistent GO. GO as
such will be advertising via the beacons for other devices to discover.
So normally the GO doesn't need to do a p2p_find until and unless it
wants to invite a P2P Client. In case of Invite scenario, logically it
is better to do a explicit discover [via user intervention] after the GO
is created. This patch will help to reduce battery wastage [due to
p2p_find operations] in scenarios where user creates a GO and doesn't
initiate a connection.
Once PBC overlap detected when using dynamic group interfaces, the wpa_s
corresponding to P2P group interface is freed. This patch avoids
accessing the wpa_s data structure after it is freed. This fixes a
possible crash in P2P client role in such a case.
The persistent_reconnect configuration parameter was used to decide
whether to accept invitation to re-establish a persistent group.
However, this was not being advertised in the Group Capability bitmap.
Add the Persistent Reconnect bit based on this configuration to GO
Negotiation frames and Beacon/Probe Response frames from the GO.
Use capability information to decide whether to perform a given TDLS
operation internally or through mgmt-frame Tx.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
Before commencing setup, add a new STA entry to the driver representing
the peer. Later during setup, update the STA entry using information
received from the peer.
Extend sta_add() callback for adding/modifying a TDLS peer entry and
connect it to the TDLS state machine. Implement this callback for the
nl80211 driver and send peer information to kernel.
Mark TDLS peer entries with a new flag and translate it to a
corresponding nl80211 flag in the nl80211 driver.
In addition, correct TDLS related documentation in the wpa_driver_ops
structure.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
Disable the direct connection when a TDLS peer stops responding
to packets, as indicated by the "LOW ACK" event coming from a driver.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
When a driver does not implement the TDLS_TEARDOWN operation internally,
send an explicit TDLS link teardown frame to the driver.
Change all teardown calls to use these calling semantics.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
Register for the TDLS discovery response public action frame in nl80211.
Print out a debug message when a Discovery Resp frame is received and
validated.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
Put glue code in place to propagate TDLS related driver capabilities to
the TDLS state machine.
If the driver doesn't support capabilities, assume TDLS is supported
internally.
When TDLS is explicitly not supported, disable all user facing TDLS
operations.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
These driver_ops functions set_channel, set_ssid, set_bssid,
mlme_add_sta, and mlme_remove_sta were used with the user space
MLME implementation in wpa_supplicant. That was only for testing
purposes and was removed, but these driver_ops were forgotten.
Remove them now to remove confusing driver_ops definitions.
IEEE Std 802.11-2007 7.3.2.2 demands that in order to join a BSS all
required basic rates have to be supported by the hardware.
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
The hardware feature data is required in several different places
throughout the code. Previously, the data was acquired and freed on
demand, but with this patch wpa_supplicant will keep a single copy
around at runtime for everyone to use.
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
This avoids allocating global driver state for driver wrappers that
are built in but not used. This can save some resources and avoids
failures with driver_nl80211.c that is now initializing netlink
connections for nl80211 in global_init().
This code was used only with driver_test.c to allow MLME operations
in hostapd to be tested without having to use a real radio. There
are no plans on extending this to any other use than testing and
mac80211_hwsim has now obsoled the need for this type of testing.
As such, we can drop this code from wpa_supplicant to clean up the
implementation of unnecessary complexity.
This command allows an external program manage the BSS blacklist
and display its current contents.
Note: The blacklist is considered to be internal mechanism within
wpa_supplicant and changing it can have unexpected results.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
This offloads the station polling to driver wrappers, which may offload
it again to the driver. The hostap driver wrapper uses "real" data
frames while nl80211 uses null data frames.
Also add a specific event to indicate that a poll was successful for
future use with the nl80211 driver.
This can be used to display the current debugging level and to change
the log level during run time.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
This is the first step in allowing SA Query mechanism in hostapd to be
used with drivers that implement authentication and association MLME/SME
(i.e., do not use ieee802_11.c).
New configuration parameters home_imsi and home_milenage can be used
to configure SIM/USIM simulator parameters for network selection based
on SIM/USIM credentials.
home_imsi=(MCC | MNC | '-' | rest of IMSI)
home_milenage=(Ki):(OPc):(SQN)
For example:
home_imsi=310026-000000000
home_milenage=90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123
Add support for network selection for username/password credentials with
EAP-TTLS and EAP-PEAP. The new global configuration parameters
home_username, home_password, and home_ca_cert can be used to specify
credentials for network selection.
This adds the basic mechanism for running through network selection:
scan, ANQP fetch, network selection, and connection. Actual rules for
network selection and the creation of the network block are still
missing, but will be added in separate commits.
Add mechanism for using GAS/ANQP to query Interworking related
information from APs. The received information is stored in the BSS
table and can be viewed with ctrl_iface BSS command.
New ctrl_iface command ANQP_GET can be used to fetch ANQP elements from
a specific AP. Additional commands FETCH_ANQP and STOP_FETCH_ANQP can be
used to initiate and stop an iteration through all APs in the BSS table
that indicate support Interworking to fetch ANQP elements from them.
"hostapd_cli ess_disassoc (STA addr) (URL)" can now be used to send
an ESS Dissassociation Imminent notification to the STA. This event
is shown in wpa_supplicant ctrl_iface monitors (e.g., wpa_cli):
"WNM: ESS Disassociation Imminent - session_info_url=http://example.com/session/"
The new wpa_supplicant.conf file global parameters interworking and
hessid can be used to configure wpa_supplicant to include
Interworking element in Probe Request frames.
EVENT_WPS_BUTTON_PUSHED wpa_supplicant_event can now be used in
station mode driver_*.c to indicate that a push button has been
pushed. This will activate WPS PBC mode.
When initializing, the scheduled scan code was being called before
everything is ready. With normal scans, the first scan round is
delayed, so the initialization is finished by the time it really
starts.
Add a function that can be used to request a delayed scheduled scan.
The scan will only start after the specified time has elapsed. Call
this function instead of starting the scheduled scan directly during
driver initialization.
Signed-off-by: Luciano Coelho <coelho@ti.com>
Pass SSIDs to be matched in scheduled scan results. Only the SSIDs
that are included in the match lists will be reported by the driver,
so the filtering can be offloaded to the hardware and the power
consumption can be reduced.
Signed-off-by: Luciano Coelho <coelho@ti.com>
This patch uses sched_scan, if available, when the driver is
initialized. It also adds a couple of cancel operations where
appropriate.
Signed-off-by: Luciano Coelho <coelho@ti.com>
In new Linux kernel versions (>=3.0), nl80211 adds scheduled scan
capability. In order to use this feature to its full extent, we need
to support it in the wpa_supplicant core, so that it can also be used
by other drivers.
This commit adds initial scheduled scan support operations and events.
Signed-off-by: Luciano Coelho <coelho@ti.com>
Move some code to separate functions to reorganize the P2P and WPS
handling during scans. This makes the code a bit cleaner and is
needed for the scheduled scan implementation to avoid duplicated code.
Signed-off-by: Luciano Coelho <coelho@ti.com>
Clear the P2P GO callback parameters when removing the group to avoid
using these for non-P2P AP mode.
This is a fix for the bug I found in the following scenario:
A) p2p_group_add
A) p2p_group_remove wlan0
A) add_n
A) set_n 0 ssid "testap"
A) set_n 0 key_mgmt NONE
A) set_n 0 mode 2
A) set_n 0 frequency 2412
A) enable_n 0
B) try connect to testap
Authentication request will be always rejected because of
HOSTAPD_ACL_REJECT and not cleaned callbacks when group removed.
This allows the AP to be selected based on the BSSID when WPA-PSK
is used with a passphrase. The PSK will be derived from the passphrase
after the SSID has been learned from scan results.
This implements GAS request mechanism that is aimed at being used to
replace use case specific GAS/ANQP implementations in the future.
Compared to the earlier implementation in P2P SD, this implementation
includes support for multiple concurrent requests and more thorough
validation of frames against the pending query data.
GAS header processing, including comeback and reassembly, are handled
within gas_query.c and the users of this module will only need to
provide the Query Request and process the (possibly reassembled)
Query Response.
GAS/ANQP is a generic protocol and in no way specific to P2P, so move
routines used to build GAS/ANQP frames to a separate file that can be
shared for other uses than just P2P service discovery.
The new function, p2p_scan_ie_buf_len(), can be used to figure out
how large a buffer needs to be allocated for p2p_scan_ie() use. This
makes it easier to add new data into the buffer without forcing all
callers to be updated to use a larger buffer.
The P2P search mechanism depends on the same scan functionality that
is used for station mode scans. If these operations are being used
at the same time, scan result processing is not handled properly.
Avoid unexpected behavior by delaying station mode scan requests
if a P2P operation is in progress.
Among other things, this allows the station mode connection attempt
to be continued after a P2P find or group formation has been completed
if the interface is available (i.e., when the P2P group uses a
separate virtual interface).
If the initial attempt to start a scan for p2p_find fails, an error
is reported. However, the P2P scan handler and search state was
left behind. That can result in unexpected behavior when the next
non-P2P scan results are indicated. Avoid this by clearing the
P2P search state on failure.
There is no need to request periodic bgscans when the driver claims
to have capability for roaming within ESS. Ignoring the bgscan
configuration allows the same configuration file to be used both
with drivers the handle roaming and with drivers that don't.
If the driver indicates that it supports BSS selection (including
roaming within an ESS) with WPA_DRIVER_FLAGS_BSS_SELECTION, modify
ap_scan=1 mode to behave like ap_scan=2 mode for BSS selection.
The initial scan is still done to avoid the need for strict
configuration of or security parameters (e.g., to figure out whether
TKIP or CCMP is being used as the group cipher). However, when
requesting the driver to connect, the bssid and freq parameters are
not provided to leave the driver in control of selecting which BSS
to use and to allow the driver to decide when to roam.
These protocols seem to be abandoned: latest IETF drafts have expired
years ago and it does not seem likely that EAP-TTLSv1 would be
deployed. The implementation in hostapd/wpa_supplicant was not complete
and not fully tested. In addition, the TLS/IA functionality was only
available when GnuTLS was used. Since GnuTLS removed this functionality
in 3.0.0, there is no available TLS/IA implementation in the latest
version of any supported TLS library.
Remove the EAP-TTLSv1 and TLS/IA implementation to clean up unwanted
complexity from hostapd and wpa_supplicant. In addition, this removes
any potential use of the GnuTLS extra library.
wpa_supplicant returns the PIN in reply to the connect method. Treating
this value as an integer runs the risk of not returning the correct
value if the first digit(s) happens to be a zero(es). To return the
correct PIN it needs to be returned as a string.
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
The default discovery type is to search for devices only on social
channels. Expand this to also support an initial full scan followed by the
scan of social channels as well as the progressive scan that scans through
all the channels in the Search state rounds. This does not change the
default of scanning only social channels although there is currently a
discrepancy wrt the default used by wpa_cli, which is the full scan first.
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
When parsing a dict entry which is an array of an array of bytes the entry
representing the dict entry has DBUS_TYPE_ARRAY as its type and
WPAS_DBUS_TYPE_ARRAY as its array_type. The function freeing this parsed
data incorrectly tested the entry type for WPAS_DBUS_TYPE_ARRAY while doing
no testing of this value for array_type. This results in a memory leak
whenever a D-Bus message with this type of data is parsed.
Messages affected are:
fi.w1.wpa_supplicant1.Interface.P2PDevice
using RequestedDeviceTypes with Find method
using SecondaryDeviceTypes or VendorExtension with P2PDeviceProperties
fi.w1.wpa_supplicant1.Group
using WPSVendorExtensions with Properties property
All of the above messages are parsed with the same function,
wpa_dbus_dict_get_entry, so the assignment of the entry's type and
array_type is consistent. The parsed data is also consistently freed with
the same function, wpa_dbus_dict_entry_clear, so we can use the same checks
to free the data correctly.
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
The action done handling needs to abort an off-channel period since one
might have been used for example for GO negotiation and after action
done the code assumes it can start a new off-channel period.
This fixes a bug I introduced when adding support for
in-kernel off-channel transmissions.
Reported-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
eapol_test command line argument -o<file> can now be used to request
the received server certificate chain to be written to the specified
file. The certificates will be written in PEM format. [Bug 391]
The proactive_key_caching parameter was missed in mapping the
config_ssid data into the WPA state machine configuration. This
prevented addition of PMKSA cache entries based on PMKSA caching
candidate events.
This allows drivers to disable CCK rates from Probe Request frames.
For nl80211, this is currently applying only to the supported rates
element(s), but this mechanism could be extended to address TX rate
control masking, too, to lessen need for global rate disabling.
Signed-off-by: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
The P2P specification (3.1.4.3) disallows use of the Label configuration
method between two P2P devices. This was previously enforced at upper
level, but the obsolete code can be removed from wpa_supplicant. This
adds a bit more strict enforcement of the policy, but should not result
in practical differences since no known P2P implementation uses Label
config method.
If a network configuration block is removed or modified, flush
all PMKSA cache entries that were created using that network
configuration. Similarly, invalidate EAP state (fast re-auth).
The special case for OKC on wpa_supplicant reconfiguration
(network_ctx pointer change) is now addressed as part of the
PMKSA cache flushing, so it does not need a separate mechanism
for clearing the network_ctx values in the PMKSA cache.
The previous code was trying to figure out which WPA version is
used based on the extra IEs requested for Association Request. That
did not work properly in cases where non-WPA networks are used with
some extra IEs. Fix this by using more robust mechanism for passing
the WPA versions from core wpa_supplicant to the driver_ops
associate().
Instead of hardcoding the Config Methods attribute value in Probe
Request frames, set this based on the configured parameter
config_methods to allow correct set of methods to be advertised.
This change is a first step in better supporting different driver
architectures for AP mode operations with nl80211. This commit in
itself does not add new functionality, but it makes it easier to add
new AP mode parameters to address needs of drivers that have more of
the MLME/SME in firmware or kernel.
Various pieces of the P2P code assume that P2P is enabled, so make
the D-Bus code not call the P2P stuff if P2P is disabled. Also
ensures that if P2P is disabled a suitable error is returned to
the D-Bus caller.
Signed-off-by: Dan Williams <dcbw@redhat.com>
The read, write, read-write permissions can be figured out from
getter/setter function pointers, so there is no need for maintaining
that information separately.
If uapsd is explicitly enabled, set conf->bss->wmm_enabled and
conf->bss->wmm_uapsd to enable (and advertise) uapsd.
Signed-off-by: Eliad Peller <eliad@wizery.com>
Signed-off-by: Arik Nemtsov <arik@wizery.com>
These properties are already correctly treated as bytes for the local
device, we need to do same for peers.
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
A number of fixes/improvements here:
1) Remove casting of getter/setter function types which allows
us to change the prototypes in the future and not have hard-to-find
runtime segfaults
2) Instead of having the getters create a fake reply message which
then gets its arguments copied into the real reply message, and is
then disposed, just pass message iters around and have them add
their arguments to the message itself
3) For setters, just pass in the message iter positioned at the
start of the argument list, instead of each setter having to skip
over the standard interface+property name
4) Convert error handling to use DBusError and return the error
back down through the call stacks to the function that will
actually send the error back to the caller, instead of having a
fake DBusMessage of type DBUS_MESSAGE_TYPE_ERROR that then
needs to have the error extracted from it.
But most of all, this fixes various segfaults (like rh #725517
and #678625) which were caused by some functions deep down in the
getter callpaths wanting a source DBusMessage* when the getters were
used for two things: signals (which don't have a source DBusMessage)
and methods (which will have a source DBusMessage that's being
replied to). This duality made the code fragile when handling
errors like invalid IEs over the air.
Signed-off-by: Dan Williams <dcbw@redhat.com>
Fix the previous code that was hardcoding the p2p parameter based
on the driver P2P capability regardless of whether the connection
was really used for P2P or not.
Currently, wpa_driver_nl80211_authenticate() changes the interface type
to station. However, in case of P2P, we need to change the interface
type to P2P_CLI.
Add p2p field to the authentication params, and consider it for choosing
the correct interface type.
Signed-off-by: Eliad Peller <eliad@wizery.com>
This makes sure that the old connection is not maintained if the new
configuration does not allow it anymore. In addition, it is better to
use wpa_supplicant_clear_connection() instead of just clearing
wpa_s->current_ssid here to keep things in sync.
When the BSS table size limit has been reached, drop first the oldest
BSS entries for which there is not a matching network in the
configuration based on SSID (wildcards are ignored). This makes it
less likely to hit connection issues in environments with huge number
of visible APs.
Only accept Probe Request frames that have a Wildcard BSSID and a
destination address that matches with our P2P Device Address or is the
broadcast address per P2P specification 3.1.2.1.1.
The current implementation of p2p_intra_bss doesn't work since the flag
isn't propagated into the corresponding hostapd config, so AP code will
never enable AP isolation and will in fact disable it again after it had
been enabled by the P2P code.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
The paths pointer could have been NULL when going through the shared
freeing path in error case. Avoid the NULL pointer dereference by
checking whether that is the case. In addition, remove unnecessary
gotos to make the function more readable.
Add support to wpa_supplicant for device-based GTK rekeying. In order to
support that, pass the KEK, KCK, and replay counter to the driver, and
handle rekey events that update the latter.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Previous ft_ies needs to be removed before supplicant starts a new FT
initial association and this requires the ft_used state to be cleared
here.
Signed-off-by: Hong Wu <hong.wu@dspg.com>
If the driver supports HT20, set the config parameter ieee80211n
to enable it. This does not enable HT40.
Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
Regardless of how the AP mode is disabled, wpa_supplicant_ap_deinit()
must be called. Make sure this happens on all paths by calling the
deinit function from wpa_supplicant_mark_disassoc().
In general, this patch attemps to extend commit
00468b4650 with dbus support.
This can be used by dbus client to implement subject match text
entry with preset value probed from server. This preset value, if
user accepts it, is remembered and passed to subject_match config
for any future authentication.
Signed-off-by: Michael Chang <mchang@novell.com>
This is required for cross-compilation support on certain
platforms to avoid changing the pkg-config files themselves.
Signed-off-by: David James <davidjames@chromium.org>
Signed-off-by: Paul Stewart <pstew@chromium.org>
Make sure that the WPA and EAPOL state machines do not hold a pointer
to a network configuration that is about to be freed. This can fix
potential issues with references to freed memory.
Fix a NULL pointer dereference in commit
3734552f15 in the case of PBC overlap and
timeout case.
Signed-off-by: Jean-Michel.Bachot <jean-michelx.bachot@intel.com>
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
Some P2PDevice properties were not updated in p2p->cfg structure:
reg_class, channel, op_reg_class, and op_channel. Hence, update p2p->cfg
parameters through p2p core calls in wpas_p2p_update_config().
Signed-off-by: Jean-Michel.Bachot <jean-michelx.bachot@intel.com>
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
Signal is triggered if an error occurs during WPS provisioning phase.
Signed-off-by: Jean-Michel.Bachot <jean-michelx.bachot@intel.com>
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
Extend commit c2762e410f to allow
applications to manage (add/remove) persistent groups and accepted
network object paths while invoking a persistent group.
This can be used to activate the keep alive mechanism enabled in
mac80211. Allows to trigger Peer Disconnected signal if signal is lost
on a P2P peer.
Signed-off-by: Jean-Michel Bachot <jean-michelx.bachot@linux.intel.com>
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
Move level parameter from p2p_device to p2p_device_info in order to
expose this information and modify D-Bus P2P handler to return this new
parameter through the P2P device properties.
Signed-off-by: Fabien Marotte <fabienx.marotte@intel.com>
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
Do not emit network objects during P2P group formation since such
network objects can confuse certain apps. Instead, a persistent group
object is created to allow apps to keep track of persistent groups.
Persistent group objects only represent the info needed to recreate the
group.
Also fixes a minor bug in the handling of persistent group objects
during WPS operations.
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
Append "P2P" to capability information if supported by device.
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Jayant Sane <jayant.sane@intel.com>
Need to define CONFIG_NO_PBKDF2 even though the crypto cleanup moved
the function to a separate file since there is conditional code in
wpa_supplicant/config.c. In addition, wpa_passphrase should not be
built at all if passphrase functionality is removed.
These checks were previously skipped if the scan result included WPA
or RSN IE. However, that can result in selecting a network that does
not match local configuration in some cases.
There are some corner cases, where the wpa_supplicant_req_scan() call
may end up scheduling a scan even if we are about to start a GO. Avoid
this by explicitly marking the GO network to be selected for the next
connection.
Some new code we're working on will require the dbus type "aay" (an
array of arrays of bytes). To add this, refactor the array code to
reduce code duplication by given a type string to the array starting
code, and also add code to create and parse such arrays from or into an
array of struct wpabuf respectively.
Since there's no unique DBus type for this, add a "fake"
WPAS_DBUS_TYPE_BINARRAY type that is separate from the regular DBus
types for parsing.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Moved wpas_dbus_new_decompose_object_path from dbus_new_handlers.c
to dbus_new_helpers.c.
Signed-off-by: Fabien Marotte <fabienx.marotte@linux.intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This can be used to avoid rejection of first two 4-way handshakes every
time hostapd (or wpa_supplicant in AP/IBSS mode) is restarted. A new
command line parameter, -e, can now be used to specify an entropy file
that will be used to maintain the needed state.
Processing of the scan results for RSN pre-authentication candidates
was moved to happen before the network was selected. This resulted in
all candidates being dropped due to no SSID having been configured.
Fix this by moving the processing to happen after the network has
been selected. Since the raw scan results are not available at that
point, use the BSS table instead of scan results to fetch the
information.
When using the p2p_oper_reg_class configuration option instead of
p2p_group_add freq parameter, the operating class 124 was not
processed correctly. Include that class in the list of 5 GHz classes
for the p2p_oper_reg_class to resolve this.
Both the SA and IEs from the received Probe Request frames must be
included and the Probe Request RX callback functions may assume that
these are not NULL.
When comparing BSS table entries, handle empty concatenated
vendor-specific IE differently from completely missing IE. This
does not change anything for the only currently compared IE that
can be fragmented (WPS IE), but it is better to have the generic
code here ready for any possible new IE that could be used in
with zero-length data.
Better make sure the address value included in the event message gets
cleared in case the GO Device Address is not known for some reason.
Previously, this could potentially have been some random data from
stack should we ever hit the case where wpa_s->current_ssid is not
set (which should not really happen in normal use cases).
It is now possible to configure the the time in seconds that
wpa_supplicant waits before requesting a new scan after failing to find
a suitable network in scan results.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
If WPA/WPA2 was enabled in the configuration, the non-WPA exception
could allow an incorrect AP to be selected from scan results. Do
not use the exception if WPA/WPA2 is enabled in configuration.
Commit c76e5d7f9b moved the
ap_configured_cb() call into a completion callback from AP mode code.
However, this callback can be called before hostap_setup_interface()
returns. In that case, the ap_configured_cb() ended up getting
called before the wpa_supplicant connection information was updated.
Fix this by reordering code to set up everything before calling
hostapd_setup_interface().
This should fix EAPOL reauthentication and rekeying timeout issues
with Intel clients when using WMM (e.g., with IEEE 802.11n). These
stations do not seem to be able to handle EAPOL data frames as
non-QoS Data frames after the initial setup.
This adds STA flags to hapd_send_eapol() driver op to allow
driver_nl80211.c to mark the EAPOL frames as QoS Data frame
when injecting it through the monitor interface.
If the scan interval switches to the short interval soon after a
scan, bgscan_simple should not immediately scan again. However,
it should also make sure that the next scan occurs no later than
the new, short scan interval.
Signed-off-by: Paul Stewart <pstew@google.com>
We gain diminishing returns by the short scan interval. The short
scan interval is used to hunt for a better AP if the RSSI of the
current AP drops. However, if we never roam, and the AP continues
to have low RSSI, at some point we should give up and return to
the slow background scan rate, otherwise we waste a lot of power.
Signed-off-by: Paul Stewart <pstew@google.com>
It is not guaranteed that we will get a CQM signal shortly after setting
up monitoring. In order to establish the correct initial background
scanning rate, poll directly for the signal strength.
Signed-off-by: Paul Stewart
This provides a means for the supplicant to directly request signal
quality metrics from the driver. This is useful, for example for
background scan algorithms that might ask desire this information
out-of-band with CQM events.
Signed-off-by: Paul Stewart <pstew@google.com>
The "debug_strings" private array in dbus_new_handles.c has fallen out
of sync with wpa_debug.h. Add the new "excessive" level to the head of
the list, realigning everything.
Signed-off-by: Paul Stewart <pstew@google.com>
Change the old design of running a single long living RSN IBSS
instance to keep a separate instance for each IBSS connection.
This fixes number of issues in getting keys set properly for
new connections and is in general quite a bit more correct
design.
Replace compile-time BSS cache expiration age and scan count by config
parameters that can be set via wpa_cli and the new D-Bus API. The latter
is done with interface properties BSSExpireAge and BSSExpireCount.
Move the code snippet to switch on bgscan over to wpa_supplicant.c
from event.c, so that it can be activated on wpa_supplicant_set_state().
Also create a centralized place to switch off bgscan. bgscan is now
turned on in COMPLETED, not ASSOCIATED.
This adds a new command to the interface to remove all configured
netblocks. Without this it's necessary to query properties on the
interface and explicitly remove each netblock.
This fixes an issue seen in our wifi testbed, where we frequently
switch the SSID of the AP. wpa_supplicant's BSS list will have, for
example both <bssid, "Check11b"> (from the previous test) and <bssid,
"Check11g"> (from the current test) - note that the bssid is the same for
both. The (old) D-Bus API for fetching scan responses from wpa_supplicant
is fetch-by-bssid, so the caller (flimflam) incorrectly believes we're
associated with <bssid, "Check11b">.
Add an "Interface.FlushBSS" method to the new D-Bus API and a "flush"
method to the old API. Both take an age parameter that is a threshold
(in seconds) for selecting entries to evict. Setting this parameter
to zero flushes all entries from the cache.
This mechanism is useful for a connection manager to clear state at
startup and on resume (where the age parameter may be used to hold
onto recent/valid data).
This provides feature parity with the old-style D-Bus API. Explicit
properties to control global parameters is preferred but until that
happens this allows doing things like setting pkcs11_engine_path and
pkcs11_module_path via D-Bus.
The AP code might, currently only in the case of HT40, defer actual
enabling to after a scan. In this case, the wpa_s AP code gets confused.
Add a callback for it to use and make it use it to finish only when the
setup has actually completed.
With appropriate hacks in place this allows using HT40 in P2P mode.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
When wpa_s scans in AP mode, it doesn't propagate the scan event to the
AP code, so that code can get stuck if it uses the callbacks there.
Simply call them where appropriate.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This adds the ability to add WPS vendor extension attributes in P2P
frames, like GO Negotiation and Probe Response frames.
Signed-off-by: Jean-Michel Bachot <jean-michelx.bachot@linux.intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Instead of converting back and forth from the string representation,
always use the binary representation internally.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
The secondary device type list is an optional attribute in the WSC IE.
Signed-off-by: Jean-Michel Bachot <jean-michelx.bachot@linux.intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
There's a bug in the getter for the 'Interfaces' property
of /fi/w1/wpa_supplicant1 (new D-Bus interface) which causes a
'Segmentation Fault' when there are multiple interfaces.
Chooses between EAP and non-EAP authentication modes and
uses the appropriate method to retrieve the name.
Signed-off-by: Paul Stewart <pstew@google.com>