Commit graph

2640 commits

Author SHA1 Message Date
Johannes Berg
d750b7e699 DBus: Improve error reporting
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-02 17:03:32 +02:00
Johannes Berg
6d7111418d DBus: Increase introspection buffer sizes
The P2P additions will add more data so
that the current buffers aren't big enough.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-02 17:01:29 +02:00
Johannes Berg
d1c8ac88b9 DBus: Publish provisioned keys in network properties
When the network was provisioned, we need to get the keys to be able to
reconnect without new provisioning. To be able to publish those keys but
not normally configured ones, add a new attribute to struct wpa_ssid
indicating whether or not keys may be exported.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-02 17:00:12 +02:00
Johannes Berg
0661eed204 AP: Add callback for STA authorized transitions
Add a callback for station's authorized transitions
to allow wpa_supplicant to emit events in DBus.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-02 16:56:59 +02:00
Johannes Berg
6905dcb1e0 AP: Introduce sta authorized wrappers
To enable making state change notifications on the WLAN_STA_AUTHORIZED
flag, introduce ap_sta_set_authorized(), and to reduce use of the flag
itself also add a wrapper for testing the flag: ap_sta_is_authorized().

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-02 16:52:32 +02:00
Johannes Berg
839b33ad90 P2P: Clear driver Probe Response IE on stop_listen
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-01 18:30:33 +02:00
Johannes Berg
89e07afb2c nl80211: Use max_remain_on_chan data from nl80211
If the driver advertises max_remain_on_chan data, use it instead of
the hardcoded value of 5000. Keep the default at 5000 since that is the
value used by earlier versions of cfg80211/mac80211 and not advertised
in nl80211 for those.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-01 18:18:32 +02:00
Johannes Berg
11fb02be67 P2P: Fix p2p_long_listen
There are two issues with p2p_long_listen:
 1) max_remain_on_channel is assumed to be 5 seconds,
 2) if max_remain_on_channel is not a full multiple of
    seconds, accounting breaks.

Fix these by converting p2p_long_listen to ms and
tracking it according to max_remain_on_channel.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-01 18:09:38 +02:00
Eliad Peller
f14f5141a0 nl80211: Remove excessive nl80211_set_mode() call
When authenticating, and the interface type is not already
NL80211_IFTYPE_STATION, we need to call wpa_driver_nl80211_set_mode()
only once. Remove the excessive call.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2011-02-01 16:38:38 +02:00
Jouni Malinen
7615078caf AP: Make sure ieee80211n_allowed_ht40_channel_pair() gets called
We need to call this function after having completed the neighboring
channel scan to figure out whether HT40 can be used and if so, which
channel is the secondary channel.
2011-02-01 16:09:26 +02:00
Nishant Sarmukadam
1b4d379366 AP: Ensure ieee80211n_supported_ht_capab() gets called to check ht caps
ieee80211n_supported_ht_capab is called after ieee80211n_check_40mhz in
function hostapd_check_ht_capab. ieee80211n_check_40mhz can return 1 in
a valid scenario where the initialization is completed in a callback. In
this case ieee80211n_supported_ht_capab is skipped and hostapd does not
check the ht capabilities reported by the driver. Fix this issue making
sure ieee80211n_supported_ht_capab gets called.

Signed-off-by: Nishant Sarmukadam <nishants@marvell.com>
2011-02-01 16:04:59 +02:00
Johannes Berg
d2da224948 AP: Enable WMM with default parameters by default for HT
If WMM is not disabled explicitly (wmm_enabled=0 in hostapd.conf),
enable WMM automatically whenever HT (ieee80211n) is enabled. Use
the default WMM parameters for AP TX queues and the EDCA parameters
advertised for stations in WMM IE if no overriding values are
included in the configuration.
2011-02-01 14:34:12 +02:00
Jouni Malinen
09c395b4bb FT: Configure FT XXKey as PMK for driver-based 4-way handshake
When using FT-EAP, the second half of MSK is used as the starting
point for PMK key hierarchy. Configure that instead of the first
half of MSK when using FT with driver-based 4-way handshake and
FT protocol.
2011-02-01 00:06:13 +02:00
Jouni Malinen
98ea943177 Set portValid=TRUE on association for driver-based 4-way handshake
This was previously done for WPA/WPA2-Personal as part of association
processing when the driver is implementing 4-way handshake. The
portValid needs to be done for WPA/WPA2-Enterprise to get the proper
EAPOL authentication completed callback to configure PMK to the driver.
2011-02-01 00:04:02 +02:00
Johannes Berg
9f51b11395 nl80211: use P2P interface types
We can use the P2P interface types to check if the driver supports P2P
and to tell the kernel that a given interface is going to be used for
P2P (when it is created).

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-01-31 21:49:48 +02:00
Masashi Honma
6c714cd7d4 P2P: Show "FAIL" for failed p2p_find operation
I tried these commands:

./wpa_cli -i wlan0 p2p_group_add
./wpa_cli -i wlan0 p2p_find

The second one results in following messages because it is invalid
operation.

-------
nl80211: Scan trigger failed: ret=-95 (Operation not supported)
P2P: Failed to start p2p_scan
-------

But the second one shows "OK" on control console.

This patch makes it to show "FAIL".
2011-01-31 17:29:31 +02:00
Mike Crowe
9669794dc4 hostapd: Ensure that the destination directory exists
Ensure that the destination binary directory exists before installing
into it.

Signed-off-by: Mike Crowe <mac@mcrowe.com>
2011-01-30 21:33:17 +02:00
Mike Crowe
590595edba Use DESTDIR when installing hostapd to support cross-compiling
Signed-off-by: Mike Crowe <mac@mcrowe.com>
2011-01-30 21:32:44 +02:00
Jouni Malinen
df077c6262 Remove obsolete drivers wrappers: atmel, ndiswrapper, ipw, hermes
There is no real reason to maintain these in the current development
branch anymore. If someone really needs support for the obsolete
driver interfaces, these can be found in older wpa_supplicant
branches.

driver_atmel.c
- vendor-specific interface for ATMEL AT76C5XXx cards
- for some old out-of-tree driver; not for the upstream atmel*
  drivers

driver_ndiswrapper.c
- vendor-specific interface for an out-of-tree driver
- ndiswrapper should work with driver_wext.c, too

driver_ipw.c
- vendor-specific interface for old ipw2100/2200 driver
- the upstream driver works with driver_wext.c (and does not work
  with the old interface)

driver_hermes.c
- vendor driver that was not even included in the main wpa_supplicant
  releases
2011-01-30 21:29:25 +02:00
Helmut Schaa
f1bed4a70d nl80211: Make use of the ht opmode bss attribute
In order to enable protection mechanisms for different HT opmodes the
driver needs to be aware of the current HT opmode that is calculated by
hostapd. Hence, pass the current opmode to the nl80211 driver via
the bss attribute NL80211_ATTR_BSS_HT_OPMODE.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
2011-01-30 21:16:29 +02:00
Jouni Malinen
1161ff1ef5 hostapd: Allow TDLS use to be prohibited in the BSS
tdls_prohibit=1 and tdls_prohibit_chan_switch=1 and now be used to
disable use of TDLS or TDLS channel switching in the BSS using
extended cabilities IE as defined in IEEE 802.11z.
2011-01-28 19:21:59 +02:00
Jouni Malinen
9a994178f1 wlantest: Add command for adding WEP keys during run time 2011-01-28 13:33:21 +02:00
Jouni Malinen
dfaeda0492 Fix couple of compiler warnings about uninitialized variables 2011-01-26 21:29:28 +02:00
Jouni Malinen
4e062e35de wlantest: Handle missing fields in TDLS Setup Confirm error case 2011-01-24 20:51:28 +02:00
Jouni Malinen
2878cae7a7 wlantest: Handle missing fields in TDLS Setup Response error case 2011-01-24 18:16:26 +02:00
Jouni Malinen
5acf56f6a2 wlantest: Count TDLS Teardown messages 2011-01-24 17:00:28 +02:00
Jouni Malinen
9559a7f882 wlantest: Fix compiler warnings 2011-01-24 16:57:36 +02:00
Jouni Malinen
44a0486607 wlantest: Fix TDLS setup failure counting
Need to be able to handle TDLS Setup Response frame with LinkId IE
when non-zero status code is used. In addition, allow finding of a
TDLS entry based on real BSSID instead of the one used in the LinkId
to allow negative testing of different BSS.
2011-01-24 15:25:59 +02:00
Jouni Malinen
244c9303cb wlantest: Determine ping matches properly for direct link
Check ICMP echo request/response matches for both STAs to get proper
counter values for a ping from a one STA to another one using TDLS.
2011-01-24 14:50:51 +02:00
Jouni Malinen
719e7eb28d wlantest: Set direct links down on deauth/disassoc 2011-01-24 14:34:54 +02:00
Jouni Malinen
0d2e395d74 wlantest: Maintain only a single entry for an active direct link
The TDLS link itself is bidirectional, but there is explicit
initiator/responder roles. Remove the other direction of the link if it
exists when processing TDLS Setup Confirm to make sure that the link
counters are stored for the current TDLS entery.

This is also changing the control interface search for TDLS counters
to require initiator/responder addresses in the correct order instead
of matching entries regardless of the role.
2011-01-24 14:34:45 +02:00
Jouni Malinen
eb4923fdae wlantest: Add counters for TDLS setup frames 2011-01-24 14:03:03 +02:00
Jouni Malinen
8a1cf4be21 wlantest: Add TDLS entry on TDLS Setup Request
This will make the TDLS counters available even if setup fails.
2011-01-19 14:00:14 +02:00
Jouni Malinen
2caf69247b wlantest: Check WPA/RSN IE match between AssocReq and Beacon
Note unexpected WPA/RSN IE in AssocReq and ignore them if the last
Beacon/ProbeResp from the AP is not advertising support for
WPA/RSN.
2011-01-17 19:52:35 +02:00
Jouni Malinen
cbcf92b42f AP: Validate management frame length
Make sure that received management frames are long enough before
processing them. This avoids a potential segmentation fault if a
driver delivers an invalid frame all the way to hostapd.
2011-01-17 12:21:29 +02:00
Dan Harkins
e4d7b22a53 EAP-pwd: Fix some interoperability issues
The changes are:

  1. the word "and" in the hunting-and-pecking string passed to the KDF
     should be capitalized.
  2. the primebitlen used in the KDF should be a short not an int.
  3. the computation of MK in hostap is based on an older version of the
     draft and is not the way it's specified in the RFC.
  4. the group being passed into computation of the Commit was not in
     network order.
2011-01-16 13:12:07 +02:00
Jouni Malinen
b13d3d63d5 EAP-pwd: Use os_free to free memory allocated with os_malloc
The direct use of free() caused a crash with CONFIG_WPA_TRACE=y.
2011-01-16 13:02:11 +02:00
Jouni Malinen
bc8318acbc WPA: Add more info for EAPOL-Key Nonce/MIC debugging 2011-01-15 16:57:08 +02:00
Jouni Malinen
6c9a98a20d IBSS RSN: Do not start multiple Auth/Supp for same peer
This avoids an issue when a received EAPOL-Key frame from a peer
is initiating IBSS RSN Authenticator and Supplicant for the peer
and the following new-STA-in-IBSS event from the driver is adding
yet another instance of Authenticator/Supplicant. The EAPOL-Key
RX case was already checking whether an instance had been started;
the driver new-STA event needs to do same.
2011-01-15 16:55:15 +02:00
Jouni Malinen
50b05780c2 IBSS RSN: Delay setting of the initial TX GTK
The driver may get confused if we set the initial TX GTK before having
fully configured and connected to an IBSS, so better delay this
operation until the connection (join/start IBSS) has been completed.
2011-01-15 14:07:02 +02:00
Jouni Malinen
2e479416d1 wlantest: Add support for decrypting WEP frames 2011-01-14 17:43:17 +02:00
Jouni Malinen
3558c41ee7 wlantest: Add more details for CCMP MIC failures 2011-01-14 16:32:59 +02:00
Jouni Malinen
ef44a08bea wlantest: Fix masking of CCMP AAD QC field 2011-01-14 16:32:14 +02:00
Chao-Wen Yang
449adbaca9 WPS: Indicate WPS-FAIL event on EAPOL timeout-based failure callback
If the EAPOL processing times out (e.g., if the AP stops replying
to messages for some reason) during WPS negotiation, we need to
indicate WPS-FAIL event from eapol_cb since no other WPS failure is
reported for this particular case.
2011-01-13 18:04:33 +02:00
Chao-Wen Yang
c5cf0a18f1 WPS: Add mechanism for indicating non-standard WPS errors
Previously, only the Configuration Error values were indicated in
WPS-FAIL events. Since those values are defined in the specification
it is not feasible to extend them for indicating other errors. Add
a new error indication value that is internal to wpa_supplicant and
hostapd to allow other errors to be indicated.

Use the new mechanism to indicate if negotiation fails because of
WEP or TKIP-only configurations being disallows by WPS 2.0.
2011-01-13 17:50:59 +02:00
Jouni Malinen
e24cf97c0d P2P: Check GO Neg Req retransmit limit in p2p_listen_end
This needs to be done both in the more normal location in
p2p_timeout_connect_listen() (internal timeout after driver event) and
in p2p_listen_end() as a workaround for the case where the driver event
is delayed to happen after the internal timeout.
2011-01-12 13:48:55 +02:00
Jouni Malinen
8d806cc2af test-sha1: Add test vectors from RFC 6070
The test with very large iterations count is commented out since it
takes quite long to derive (it does pass, though). In addition, the
last test vector is commented out since pbkdf2_sha1() does not support
arbitrary binary passphrases (\0 inside the string).
2011-01-10 20:41:04 +02:00
Jouni Malinen
60ea8187c9 nl80211: Set NL80211_ATTR_KEY_DEFAULT_TYPES based on set_key addr
This allows mac80211 to configure default keys properly for RSN IBSS
mode.
2011-01-09 19:54:50 +02:00
Jouni Malinen
0382097ef3 Use set_key addr to distinguish default and multicast keys
Previously, both NULL and ff:ff:ff:ff:ff:ff addr were used in various
places to indicate default/broadcast keys. Make this more consistent
and useful by defining NULL to mean default key (i.e., used both for
unicast and broadcast) and ff:ff:ff:ff:ff:ff to indicate broadcast
key (i.e., used only with broadcast).
2011-01-09 19:44:28 +02:00
Jouni Malinen
8546ea1930 nl80211: Avoid infinite loop when searching a BSS
When hostapd is removing a virtual BSS interface, the loop here was
incorrectly not updating the iterator during list traversal and
ended up in an infinite loop in some cases.
2011-01-09 19:18:50 +02:00