Commit graph

4654 commits

Author SHA1 Message Date
Jouni Malinen
6d28fb9627 Fix regression in RSN pre-authentication candidate list generation
Processing of the scan results for RSN pre-authentication candidates
was moved to happen before the network was selected. This resulted in
all candidates being dropped due to no SSID having been configured.
Fix this by moving the processing to happen after the network has
been selected. Since the raw scan results are not available at that
point, use the BSS table instead of scan results to fetch the
information.
2011-05-19 17:52:46 +03:00
Vinay Adella
86795546f7 WPS UPnP: Fix UPnP initialization for non-bridge case with some drivers
If the driver wrapper is setting up the interface up only at commit(),
UPnP initialization fails. Fix that by moving UPnP setup to happen after
the driver commit() call.
2011-05-19 12:55:47 +03:00
Jouni Malinen
fa5165586f WPS: Add a workaround for Windows 7 capability discovery for PBC
Windows 7 uses incorrect way of figuring out AP's WPS capabilities by
acting as a Registrar and using M1 from the AP. The config methods
attribute in that message is supposed to indicate only the configuration
method supported by the AP in Enrollee role, i.e., to add an external
Registrar. For that case, PBC shall not be used and as such, the
PushButton config method is removed from M1 by default. If pbc_in_m1=1
is included in the configuration file, the PushButton config method is
left in M1 (if included in config_methods parameter) to allow Windows 7
to use PBC instead of PIN (e.g., from a label in the AP).
2011-05-17 19:53:02 +03:00
Dmitry Shmidt
bcb90f750d Add TDLS support to Android.mk 2011-05-16 22:29:43 +03:00
Ben Greear
60eda5e47d Better messages when channel cannot be used in AP mode
Log messages letting user know that the channel cannot
be used because it is flagged unusable.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-05-16 22:01:11 +03:00
Jouni Malinen
5dcfb6830e Include nl80211 driver wrapper in default configuration for hostapd 2011-05-16 21:07:47 +03:00
Jouni Malinen
64f992652d P2P: Include operating class 124 (channels 149,153,157,161)
When using the p2p_oper_reg_class configuration option instead of
p2p_group_add freq parameter, the operating class 124 was not
processed correctly. Include that class in the list of 5 GHz classes
for the p2p_oper_reg_class to resolve this.
2011-05-16 21:07:05 +03:00
Jouni Malinen
eec92ec597 WPS: Remove obsolete note about lack for WPS ER support 2011-05-16 21:06:08 +03:00
Jouni Malinen
117e812d06 Update BSS table entry if roaming event indicates frequency change
This is needed to make sure the frequency in the BSS table entry
remains up-to-date if the AP changes its operating frequency.
2011-05-16 19:19:30 +03:00
Jouni Malinen
46957a9b2d nl80211: Filter out duplicated BSS table entries from scan results
cfg80211 maintains separate BSS table entries for APs if the same
BSSID,SSID pair is seen on multiple channels. wpa_supplicant does
not use frequency as a separate key in the BSS table, so filter out
duplicated entries. Prefer associated BSS entry in such a case in
order to get the correct frequency into the BSS table.
2011-05-16 19:18:42 +03:00
Jouni Malinen
f5a8d42229 nl80211: Fetch assoc_freq from scan table for connect event
When kernel-based SME is used, use the scan table to find a BSS entry
for the associated AP when processing connected event.
2011-05-16 18:35:42 +03:00
Jouni Malinen
0725cc7b7e Enable CONFIG_DRIVER_NL80211=y in the default configuration
nl80211 should be preferred over WEXT with any recent Linux kernel
version.
2011-04-21 20:41:01 +03:00
Jouni Malinen
b8281964af Add workaround for race condition with AssocResp TX status
It may take some time for the TX status to be delivered for a
(Re)Association Response frame and if any Data frames are received
during that time, they may end up getting dropped as Class 3 frames in
not-associated state. This results in a Disassociation frame being sent
to the station and it assuming that the association has been lost.

Work around the issue by remembering that the (Re)Association Request
has already been accepted and skip the Deauth/Disassoc sending because
of the possible Class 3 frames before the TX status callback is
received.
2011-04-15 19:26:28 +03:00
Dmitry Shmidt
60b24b0de4 Add 'signal_poll' command interface
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-04-15 18:52:01 +03:00
Dmitry Shmidt
746bba1a5e Prevent explicit scan command during scan or association
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-04-15 18:40:29 +03:00
Guy Eilam
5b73735ba0 hostapd: Fix interfaces.iface initialization
Set all the interfaces.iface pointers to NULL after the allocation of
that memory block for cases those pointers are accessed during each of
the interfaces initialization process (hostapd_interface_init()). One
example for such case is during WPS initialization when the code tries
to fetch the uuid from each of the interfaces.

Signed-off-by: Guy Eilam <guy@wizery.com>
2011-04-15 18:13:04 +03:00
Jouni Malinen
849b5dc78b Update driver country info on 'SET country <value>' 2011-04-15 17:00:01 +03:00
Yi Zhu
ca79385ab5 bsd: Add support for setting HT values in IFM_MMASK 2011-04-14 22:22:24 +03:00
Jouni Malinen
fe655a8402 Add sanity checks for fseek and ftell return values
In theory, these calls could fail, but it is not really likely to
happen in practice in the use case here. Anyway, check that they do
not return an error before accepting the length of the file.
2011-04-14 20:22:21 +03:00
Jouni Malinen
4a26df7107 IBSS RSN: peer->addr is an array so it cannot be NULL 2011-04-14 20:18:12 +03:00
Jouni Malinen
c8d88a145b WPS: Fix off-by-one check in vendor extension parsing 2011-04-14 20:02:31 +03:00
Jouni Malinen
35530d1472 driver_test: Check set_ssid len before trying to hexdump the SSID 2011-04-14 19:52:26 +03:00
Jouni Malinen
95cb2d88e9 TDLS: Verify that scan results for BSS are available before using them 2011-04-14 19:50:26 +03:00
Jouni Malinen
6e432d3f10 WPS: Use strict validation of (Re)AssocReq only if IEs are known 2011-04-14 02:58:35 +03:00
Jouni Malinen
5dac11e027 WPS: Use strict validation of (Re)AssocResp only if IEs are known 2011-04-14 02:57:24 +03:00
Jouni Malinen
0bdaa741cd OpenSSL: Use consistent SSL_get_app_data validation in tls_verify_cb
The returned value cannot really be NULL, but better keep this
function consistent on whether the returned value is checked or not.
2011-04-14 02:50:52 +03:00
Jouni Malinen
066608f3ff Avoid theoretical NULL pointer dereference during TLS reassemble
This function does not get called with in_data == NULL in practice, but
it seems to be at least partly prepared for that case, so better make it
consistent by handling the NULL value throughout the function.
2011-04-14 02:45:14 +03:00
Jouni Malinen
b211f3eb71 Add sanity checks to EVENT_RX_PROBE_REQ event data
Both the SA and IEs from the received Probe Request frames must be
included and the Probe Request RX callback functions may assume that
these are not NULL.
2011-04-14 02:39:25 +03:00
Jouni Malinen
2a522e7192 Avoid theoretical NULL pointer dereference from debug code
The change to use wpa_dbg() in wpa_sm_parse_own_wpa_ie() could result
in a NULL pointer dereference if the function were called when WPA
state machine has not been initialized. While this cannot really
happen in practice, it is better to be prepared for that since that
was the case before the wpa_dbg() change.
2011-04-14 02:32:07 +03:00
Jouni Malinen
f4fbba8cf9 Distinguish empty concatenated vendor-specific IE from missing one
When comparing BSS table entries, handle empty concatenated
vendor-specific IE differently from completely missing IE. This
does not change anything for the only currently compared IE that
can be fragmented (WPS IE), but it is better to have the generic
code here ready for any possible new IE that could be used in
with zero-length data.
2011-04-14 02:25:43 +03:00
Jouni Malinen
714b8b5378 P2P: Fix memory leak in UPnP service discovery request processing 2011-04-14 01:33:26 +03:00
Jouni Malinen
74727a7b32 Use type cast to get rid of implicit sign extension
The size_t value here can be 64-bit and result in implicit sign
extension. In this particular case, that gets masked out by
host_to_be32(), so there is no practical difference, but it is better
to get rid of the 64-bit variable explicitly.
2011-04-14 01:27:38 +03:00
Jouni Malinen
f8b5f7dc6b TNC: Fix TNC_{TNCC,TNCS}_ReportMessageTypes copy type
The supportedTypes parameter is a list of TNC_MessageType values
and the buffer to be copied should use size of TNC_MessageType, not
TNC_MessageTypeList. In practice, these are of same length on most
platforms, so this is not a critical issue, but anyway, the correct
type should be used.
2011-04-13 23:10:21 +03:00
Jouni Malinen
a04bf77209 TDLS: Validate FTIE length before processing it
This avoids reading past the end of the IE buffer should the FTIE
be too short. In addition, one debug hexdump was using uninitialized
pointer to the FTIE buffer, so fixed it to use the pointer from the
parse data.
2011-04-13 22:14:22 +03:00
Jouni Malinen
62c0d27ed3 P2P: Clear go_dev_addr for group started events if it is not known
Better make sure the address value included in the event message gets
cleared in case the GO Device Address is not known for some reason.
Previously, this could potentially have been some random data from
stack should we ever hit the case where wpa_s->current_ssid is not
set (which should not really happen in normal use cases).
2011-04-13 22:03:52 +03:00
Jouni Malinen
be5b1e86a3 Make the example action script less likely to result in failures
Use "=" instead of "==" and add an example statement between "then"
and "fi".
2011-04-13 19:55:34 +03:00
Yi Zhu
d4a747f006 bsd: Fix buffer size for routing socket with IPv6 disabled
AF_INET6 is not always enabled by default, so use AF_INET instead. In
addition, use the old fixed length, 2048, as a failover value if the
sysctl fails for any reason.
2011-04-12 23:09:14 +03:00
Dmitry Shmidt
67b9bd089b Make scan interval configurable
It is now possible to configure the the time in seconds that
wpa_supplicant waits before requesting a new scan after failing to find
a suitable network in scan results.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-04-11 23:14:38 +03:00
Jouni Malinen
df13a1cdff Fix WPS AP mode regression
Commit 03d3f28a69 broke initialization of
EAPOL authenticator state machines since an error value from
wpa_auth_sta_key_mgmt() (-1) was not handled properly and the fixed
wpa_key_mgmt_wpa_psk() identified the value as a PSK-based AKM because
of all bits being set to 1. The special error value needs to handled
separately to avoid skipping EAPOL state machine initialization.
2011-04-11 19:22:49 +03:00
Adam Kent
4bb3377bc5 Fix #ifdef check for older openssl versions
Small compile fix for older versions of openssl that do not have SHA256
support and hence do not define OPENSSL_NO_SHA256.
2011-04-11 18:37:12 +03:00
Per Ekman
0b04889f0d Remove references to time_t/time()/random()
Replace direct calls in AP mode code with os_*() wrappers.
2011-04-11 18:33:48 +03:00
Jouni Malinen
c2197bc9bc Return NULL instead of 0 as the pointer on error case 2011-04-08 19:16:20 +03:00
Jouni Malinen
c2f1fe41c2 Fix WPA/WPA2 AP rejection on parameter mismatch
If WPA/WPA2 was enabled in the configuration, the non-WPA exception
could allow an incorrect AP to be selected from scan results. Do
not use the exception if WPA/WPA2 is enabled in configuration.
2011-04-08 19:13:58 +03:00
Jouni Malinen
03d3f28a69 Fix wpa_key_mgmt_*() helper functions to handle multiple bits
These can be used in some cases with a bitfield having multiple
AKMs enabled (e.g., WPA-PSK and WPA-PSK-SHA256). Address those
cases by checking whether any of the matching AKM are included.
2011-04-08 19:11:54 +03:00
Mahesh Palivela
a1ca02927a atheros: Add support for IEEE 802.11w configuration 2011-04-08 12:06:27 +03:00
Jouni Malinen
3f3602386e nl80211: Add support for auth_alg auto-selection with connect command
When the SME is in the driver or cfg80211, the automatic selection
of auth_alg is done by leaving out the NL80211_ATTR_AUTH_TYPE
attribute from the NL80211_CMD_CONNECT command.
2011-04-07 14:53:40 +03:00
Jouni Malinen
d332e7083c TDLS: Disable teardown MIC validation workaround
This MIC is required to be correct if the keys are set, so reject
the message if it does not have a valid MIC.
2011-04-07 14:48:46 +03:00
Sam Leffler
9768da202b dbus: Add support to get/set the country code
Add an Interface.Country property and support to get/set the value.

Signed-off-by: Sam Leffler <sleffler@chromium.org>
2011-04-05 01:24:26 +03:00
Jouni Malinen
d9040cdb10 Fix a typo in a MIB variable in hostapd ctrl_interface 2011-04-05 01:21:27 +03:00
Jouni Malinen
e73edcaa6a wpa_s AP mode: Fix regression in P2P AP mode setup
Commit c76e5d7f9b moved the
ap_configured_cb() call into a completion callback from AP mode code.
However, this callback can be called before hostap_setup_interface()
returns. In that case, the ap_configured_cb() ended up getting
called before the wpa_supplicant connection information was updated.
Fix this by reordering code to set up everything before calling
hostapd_setup_interface().
2011-04-04 12:50:26 +03:00