Commit graph

1446 commits

Author SHA1 Message Date
Chao-Wen Yang
c5cf0a18f1 WPS: Add mechanism for indicating non-standard WPS errors
Previously, only the Configuration Error values were indicated in
WPS-FAIL events. Since those values are defined in the specification
it is not feasible to extend them for indicating other errors. Add
a new error indication value that is internal to wpa_supplicant and
hostapd to allow other errors to be indicated.

Use the new mechanism to indicate if negotiation fails because of
WEP or TKIP-only configurations being disallows by WPS 2.0.
2011-01-13 17:50:59 +02:00
Jouni Malinen
e24cf97c0d P2P: Check GO Neg Req retransmit limit in p2p_listen_end
This needs to be done both in the more normal location in
p2p_timeout_connect_listen() (internal timeout after driver event) and
in p2p_listen_end() as a workaround for the case where the driver event
is delayed to happen after the internal timeout.
2011-01-12 13:48:55 +02:00
Jouni Malinen
60ea8187c9 nl80211: Set NL80211_ATTR_KEY_DEFAULT_TYPES based on set_key addr
This allows mac80211 to configure default keys properly for RSN IBSS
mode.
2011-01-09 19:54:50 +02:00
Jouni Malinen
0382097ef3 Use set_key addr to distinguish default and multicast keys
Previously, both NULL and ff:ff:ff:ff:ff:ff addr were used in various
places to indicate default/broadcast keys. Make this more consistent
and useful by defining NULL to mean default key (i.e., used both for
unicast and broadcast) and ff:ff:ff:ff:ff:ff to indicate broadcast
key (i.e., used only with broadcast).
2011-01-09 19:44:28 +02:00
Jouni Malinen
8546ea1930 nl80211: Avoid infinite loop when searching a BSS
When hostapd is removing a virtual BSS interface, the loop here was
incorrectly not updating the iterator during list traversal and
ended up in an infinite loop in some cases.
2011-01-09 19:18:50 +02:00
Jouni Malinen
4d379f1243 Move hostap driver specific workaround into the driver wrapper 2011-01-09 12:50:57 +02:00
Jouni Malinen
dff99f8ec1 Do not use set_tx=1 when clearing keys with set_key 2011-01-09 12:18:36 +02:00
Jouni Malinen
260832214e Use key=NULL when clearing PTK with set_key
The key clearing operations are using NULL everywhere else, so make
this consistent with other callers.
2011-01-09 12:12:48 +02:00
Jouni Malinen
da64c266e7 Use more consistent set_key seq value when nothing is being set
Use NULL instead of (u8 *) "" as the seq value and make sure the
driver wrapper implementations can handle NULL value. This was
previously already done in number of places, but not everywhere.
2011-01-09 12:09:04 +02:00
Shan Palanisamy
dcc8bf7808 atheros: Rename "madwifi_" prefix to "atheros_" 2010-12-30 16:14:28 +02:00
Yi Zhu
23763c6516 bsd: Fix receive buffer alignment issue
wpa_supplicant seems to crash from time to time on a NetBSD 4.0 MIPS
platform. The root cause turned out to be a MIPS alignment issue.

In my wpa_supplicant crash case, in function
wpa_driver_bsd_event_receive (from driver_bsd.c), the buf[2048] address
is started from i.e. 0x7fffd546, which is not 4 bytes aligned. Later
when it is casted to (struct if_msghdr *), and rtm->rtm_flags is used.
rtm->rtm_flags is "int" type, but its address is not 4 bytes aligned.
This is because the start address of rtm is not 4 bytes aligned.
Unfortunately in NetBSD MIPS kernel (unlike Linux MIPS kernel emulates
unaligned access in its exception handler), the default behavior is to
generate a memory fault to the application that accesses unaligned
memory address. Thus comes the early mentioned wpa_supplicant crash. An
interesting note is when I'm using the wpa_supplicant version 0.4.9, I
never saw this problem. Maybe the stack layout is different. But I
didn't look into details.

I used below patch to resolve this problem. Now it runs correctly for at
least several hours. But you might have a better fix (maybe we can use
malloc/free so that it is at least cache line aligned?). I'm also not
sure if other drivers should have the same problem.
2010-12-30 16:13:19 +02:00
Yi Zhu
9f2951d2fd Fix driver_bsd.c compile error
I got an error for WPA_KEY_RSC_LEN is not defined when compiling the
driver_bsd.c on NetBSD 4.0. Below patch fixed it.
2010-12-30 16:12:32 +02:00
Jouni Malinen
3ac17eba31 P2P: Add initial support for driver-based P2P management
This adds partial callbacks and events to allow P2P management to be
implemented in a driver/firmware. This is not yet complete and is
very much subject to change in the future.
2010-12-30 12:48:55 +02:00
Jouni Malinen
f981eabcf0 WPS: Add option to disable open networks by default
CONFIG_WPS_REG_DISABLE_OPEN=y can be used to configure wpa_supplicant
to disable open networks by default when wps_reg command is used to
learn the current AP settings. When this is enabled, there will be a
WPS-OPEN-NETWORK ctrl_iface event and the user will need to explicitly
enable the network (e.g., with "select_network <id>") to connect to
the open network.
2010-12-30 12:28:13 +02:00
Johannes Berg
5dfca53fc0 nl80211: Use driver-based off-channel TX if available
If the underlying driver supports off-channel TX, it will now be used by
the nl80211 driver wrapper, setting WPA_DRIVER_FLAGS_OFFCHANNEL_TX
accordingly.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-12-29 14:05:34 +02:00
Johannes Berg
190b9062b2 P2P: Add option for offloading off-channel TX to the driver
With the new kernel functionality coming to Linux to allow off-channel
TX, we can take advantage of that in the P2P code that currently uses
remain-on-channel. If a driver advertises support for it, it will be
asked to handle off-channel TX by itself.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-12-29 13:59:17 +02:00
Johannes Berg
0d7e5a3a29 Allow AP mode to disconnect STAs based on low ACK condition
The nl80211 driver can report low ACK condition (in fact it reports
complete loss right now only). Use that, along with a config option, to
disconnect stations when the data connection is not working properly,
e.g., due to the STA having went outside the range of the AP. This is
disabled by default and can be enabled with disassoc_low_ack=1 in
hostapd or wpa_supplicant configuration file.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-12-28 17:15:01 +02:00
Jouni Malinen
d3e01b9d71 Re-initialize EAP ClientTimeout on for each session
ClientTimeout changes from EAP peer methods were not supposed to
change behavior for other EAP peer methods or even other sessions
of the same method. Re-initialize ClientTimeout whenever an EAP
peer method is initialized to avoid this. This addresses problems
where WPS (EAP-WSC) reduces the timeout and consecutive EAP runs
may fail due to too small timeout.
2010-12-28 12:09:14 +02:00
Fabien Marotte
9dac8c3eaf P2P: Limit the retransmission of GO Negotiation request to 120
If the peer you want to connect to is no longer available (does not
acknowledge frames) when wpa_supplicant sends GO Negotition Request
frames, retransmission of this frame is done until the associated
p2p_device  structure is removed on timeout. In that case, no signal
is emitted to  inform the GO Negotiation has failed.

When sending an Invitation Request frame, the same retransmission
mechanism is in place but limit the transmission to 100 and hitting
the limit generates an event.

This patch adds the same mechanism as the one in place for Invitation
Request, but with limit of 120 to match the existing wait_count for
for GO Negotiation.
2010-12-28 11:48:58 +02:00
Jouni Malinen
d19f5fc881 WPS: Include all Config Methods in Probe Request
Do not use active PBC state to figure out which ConfigMethods are
included in Probe Request; instead, include all supported ones.
2010-12-20 12:54:10 +02:00
Jouni Malinen
79c3124ce5 nl80211: Remove extra \n from debug messages 2010-12-19 12:00:24 +02:00
Jouni Malinen
7d878ca769 Use SA Query procedure to recovery from AP/STA state mismatch
If a station received unprotected Deauthentication or Disassociation
frame with reason code 6 or 7 from the current AP, there may be a
mismatch in association state between the AP and STA. Verify whether
this is the case by using SA Query procedure. If not response is
received from the AP, deauthenticate.

This implementation is only for user space SME with
driver_nl80211.c.
2010-12-19 11:58:00 +02:00
Johannes Berg
5efa9e2a4b P2P: Allow access to group members
Some new code will require access to P2P group members, so add API to
retrieve the number of members and iterate the members themselves.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-12-17 18:34:16 +02:00
Sudhakar Swaminathan
231bbd0375 P2P: Unauthorize pending P2P GO Neg peer on p2p_cancel
If there is a pending GO Negotiation when p2p_cancel is used,
unauthorize the peer to avoid immediate reconnection from being
accepted without a new p2p_connect command.
2010-12-17 15:05:35 +02:00
Masashi Honma
2136f48020 nl80211: Stop driver init sooner if the interface does not exist 2010-12-17 13:55:13 +02:00
Jouni Malinen
2397086869 nl80211: Add forgotten deinit code on failure path 2010-12-17 13:49:38 +02:00
Jouni Malinen
278ef89f3f nl80211: Sync definitions with wireless-testing.git 2010-12-17 13:07:32 +02:00
Jouni Malinen
b3a6d9d400 wlantest: Add send command for injecting raw frames
This can be used by external programs (e.g., wlantest_cli) to inject
raw frames (hex dump of the frame header and body). The data can be
requested to be sent as-is or protected with the current key.
2010-12-16 16:11:54 +02:00
Jouni Malinen
b993e77b5b Removed unused variable from non-Linux builds 2010-12-14 17:10:39 +02:00
Jouni Malinen
aca0160548 nl80211: Set cipher suites when using user space SME
Previously, pairwise and group cipher suites were configured only
when kernel SME (nl80211 connect API) was used. However, mac80211
needs this information even in the user space SME case for one
thing: to disable HT when TKIP/WEP is used. Add
NL80211_ATTR_CIPHER_SUITES_PAIRWISE to fix this special case with
user space SME. This allows mac80211 to disable HT properly when
the AP is configured with configuration that is not allowed.
2010-12-13 21:08:53 +02:00
Jouni Malinen
b39f58347d wlantest: Add support for decrypting TDLS frames
Derive TPK based on TDLS TPK Handshake and decrypt frames on the
direct link with TPK-TK.
2010-12-13 11:20:55 +02:00
Jouni Malinen
89c38e32c7 RSN IBSS: RX GTK configuration with nl80211
This add preliminary code for setting the per-STA RX GTK for
RSN IBSS when nl80211 drivers. For some reason, this does not
seem to fully work, but at least driver_nl80211.c is now aware of
what kind of key is being set and the whatever is missing from
making this key configuration go through should be specific to
nl80211/cfg80211.
2010-12-04 20:31:22 -08:00
Jouni Malinen
18d2ba083b nl80211: Generate EVENT_IBSS_RSN_START events
This is needed to trigger start of 4-way handshake when a new STA is
detected in an RSN IBSS.
2010-12-04 18:17:58 -08:00
Jouni Malinen
1df492df34 Do not send Deauth/Disassoc to unknown STA if SA is invalid
The frame needs to be sent from an individual (non-group) address,
so drop invalid frames before sending Deauth/Disassoc frames to
not associated STAs.
2010-12-04 17:40:36 -08:00
Jouni Malinen
c4d7fc90a2 Fix EAP-FAST PAC file writer to avoid crash with multiple PACs
One of the pointers to the PAC buffer was not updated after realloc
and if the realloc ended up returning new pointer, the *pos pointer
was still pointing at the old location (i.e., freed memory at
this point).
2010-12-04 11:37:41 -08:00
Jouni Malinen
482856c8ba nl80211: Fix compiler warnings on non-P2P build 2010-11-27 13:05:37 +02:00
Ben Greear
6859f1cb24 Enable sharing of scan result events among virtual interfaces
When controlling multiple virtual interfaces on the same physical
radio, share the scan results events with sibling interfaces. This
decreases the time it takes to connect many virtual interfaces.

This is currently only supported on Linux with cfg80211-based
drivers when using nl80211 or wext driver interface.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2010-11-26 21:46:30 +02:00
Jouni Malinen
f2ed8023c4 nl80211: Track used interfaces and support multiple P2P groups
Track all the P2P group interfaces within driver_nl80211.c to make
it easier to generate unique P2P Interface Addresses.
2010-11-26 18:14:51 +02:00
Jouni Malinen
871f4dd069 Allow driver wrappers to indicate whether result codes are sane
Some drivers are not providing exactly reliable error codes (e.g.,
with WEXT), but others may actually indicate reliable information.
Allow driver wrappers to indicate if that is the case and use
optimizations if so. For now, this improves nl80211 with
NL80211_CMD_CONNECT for a case where connection request fails.
2010-11-26 17:41:21 +02:00
Jouni Malinen
df89c1c8d1 nl80211: Add BSSID to NL80211_CMD_CONNECT assoc reject event 2010-11-26 17:40:10 +02:00
Jouni Malinen
ce04af5a74 nl80211: Fix NL80211_CMD_CONNECT with WPA/WPS networks 2010-11-26 17:39:31 +02:00
Jouni Malinen
c55f774d00 nl80211: Add preliminary code for testing separate P2P group interface
driver_param=use_p2p_group_interface=1 can now be used to test
nl80211-drivers with separate P2P group interface. In other words,
the main interface (e.g., wlan0) is reserved for P2P management
operations and non-P2P connections and a new group interface (e.g.,
p2p-wlan0-0) is created for the P2P group.

This implementation is very minimal, i.e., it only support address
allocation for a single P2P group interface (if the driver does not
handle this internally). In addition, not all functionality has yet
been tested, so for now, this is disabled by default and needs that
special driver_param to enable.
2010-11-26 15:54:53 +02:00
Jouni Malinen
971e357f19 P2P: Add new driver option for interface allocation
WPA_DRIVER_FLAGS_P2P_MGMT_AND_NON_P2P flag can now be used to
indicate that the initial interface (e.g., wlan0) is used for
P2P management operations and potentially non-P2P connections.
This is otherwise identical to
WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE, but the possibility of
non-P2P connections makes some operations differ.
2010-11-26 15:52:16 +02:00
Jouni Malinen
805253d820 random: Fix a compiler warning about unused variable
In CONFIG_NO_STDOUT_DEBUG=y case, the error variable was not used.
2010-11-25 23:32:17 +02:00
Sudhakar Swaminathan
9d562b7946 P2P: Add p2p_unauthorize command
This can be used to remove authorization from a previous p2p_connect
commands that has not yet resulted in completed GO Negotiation.
2010-11-25 13:09:50 +02:00
Jouni Malinen
7392f11e96 Convert most commonly used drv ops to real function calls
Getting rid of these inline functions seems to reduce the code size
quite a bit, so convert the most commonly used hostapd driver ops to
function calls.
2010-11-24 17:01:21 +02:00
Jouni Malinen
0e8a96a911 Get rid of struct hostapd_driver_ops abstraction
This is not needed anymore and just makes things more difficult
to understand, so move the remaining function pointers to direct
function calls and get rid of the struct hostapd_driver_ops.
2010-11-24 16:50:06 +02:00
Jouni Malinen
3acdf771b8 hostapd_driver_ops reduction
send_eapol, set_key, read_sta_data, sta_clear_stats,
set_radius_acl_auth, set_radius_acl_expire, and set_beacon
to use inline functions instead of extra abstraction.
2010-11-24 16:34:49 +02:00
Jouni Malinen
51e2a27a21 hostapd_driver_ops reduction
set_sta_vlan, get_inact_sec, sta_deauth, sta_disassoc, and sta_remove
to use inline functions instead of extra abstraction.
2010-11-24 15:36:02 +02:00
Jouni Malinen
b5b1b18f39 hostapd_driver_ops reduction: set_countermeasures 2010-11-24 15:26:44 +02:00