Commit graph

5322 commits

Author SHA1 Message Date
Jouni Malinen
e241b1b4f2 eap_proxy: Fix IMSI fetch for home vs. visited network determination
Use similar mechanism to CONFIG_PCSC=y case to set the IMSI and MNC
length for eap_proxy. This allows automatic 3GPP realm comparison
against the domain list.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-20 13:12:04 +03:00
Jouni Malinen
db13605816 EAP-AKA/AKA' peer: Allow external USIM processing to be used
This allows the new external_sim=1 case to be used to perform UMTS
authentication step in EAP-AKA/AKA' peer process. Following control
interface event is used to request the operation:

CTRL-REQ-SIM-<network id>:UMTS-AUTH:<RAND>:<AUTN> needed for SSID <SSID>

Response from external processing is returned with
CTRL-RSP-SIM-<network id> UMTS-AUTH:<IK>:<CK>:<RES>
or
CTRL-RSP-SIM-<network id> UMTS-AUTS:<AUTS>

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-20 13:12:04 +03:00
Jouni Malinen
569ccf719f EAP-SIM peer: Allow external SIM processing to be used
This allows the new external_sim=1 case to be used to perform GSM
authentication step in EAP-SIM peer process. Following control interface
event is used to request the operation:

CTRL-REQ-SIM-<network id>:GSM-AUTH:<RAND1>:<RAND2>[:<RAND3>] needed
for SSID <SSID>

For example:
<3>CTRL-REQ-SIM-0:GSM-AUTH:5e3496ce7d5863b3b09f97f565513bc3:
73f0f0bc5c47bcbed6f572d07ab74056:447b784f08de80bdc2b1e100fccbb534
needed for SSID test

Response from external processing is returned with
CTRL-RSP-SIM-<network id> GSM-AUTH:<Kc1>:<SRES1>:<Kc2>:<SRES2>
[:<Kc3>:<SRES3>]

For example:
wpa_cli sim 0 GSM-AUTH:d41c76e0079247aa:2709ebfb:43baa77cfc8bcd6c:
0fa98dc1:a8ad1f6e30e

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-20 13:12:04 +03:00
Jouni Malinen
84dc137056 hlr_auc_gw: Add GSM-AUTH-REQ command
This can be used instead of SIM-REQ-AUTH to derive Kc and SRES values
from a previously assigned set of RAND values.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-20 13:12:04 +03:00
Jouni Malinen
a5d44ac083 EAP peer: Add framework for external SIM/USIM processing
The new configuration parameter external_sim=<0/1> can now be used to
configure wpa_supplicant to use external SIM/USIM processing (e.g., GSM
authentication for EAP-SIM or UMTS authentication for EAP-AKA). The
requests and responses for such operations are sent over the ctrl_iface
CTRL-REQ-SIM and CTRL-RSP-SIM commands similarly to the existing
password query mechanism.

Changes to the EAP methods to use this new mechanism will be added in
separate commits.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-20 13:12:04 +03:00
Jouni Malinen
7e8bc7d6fb eapol_test: Initialize BSS lists
This is needed to avoid issues with control interface commands that
could request BSS list during an eapol_test run. wpa_cli tries to update
its internal BSS list and that could trigger eapol_test crashes without
this.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-19 16:28:56 +03:00
Jouni Malinen
bceb843108 Send CTRL-RSP command response before processing EAPOL update
This is what the original implementation did years ago, but the move to
using separate control interface backends re-ordered the implementation
to process EAPOL notification first. Use a registered timeout to allow
the ctrl_iface response to be sent out first to get somewhat faster
response time and to avoid pending operations that could result in
ctrl_iface response and unsolicited event messages from getting mixed
up.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-19 16:26:01 +03:00
Jouni Malinen
b6077964c2 eapol_test: Fix external EAP request mechanism
The eap_param_needed callback was forgotten from eapol_test and this
prevented external EAP request processing through ctrl_iface from being
tested.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-19 13:44:39 +03:00
Jouni Malinen
94de082b39 eapol_test: Initialize wpa_s->global to fix ctrl_iface
wpa_s->global is now dereferenced in number of places and at least one
of them hits in eapol_test cases. Fix issues with this by setting the
global pointer to empty data.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-19 13:08:37 +03:00
Jouni Malinen
f07bba3255 Android: Add dfs.c into build
This fixes Android build after commit
e76da50529 that added the new dfs.c file.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 15:18:40 +03:00
Jouni Malinen
0cf0af2e29 WNM: Set Disassoc Imminent flag in ESS Disassoc Imminent frame
The Disassociation Timer field is only valid if Disassoc Imminent is set
to 1.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
f47c145285 Interworking: Add required_roaming_consortium parameter for credentials
This allows credentials to be limited from being used to connect to a
network unless the AP advertises a matching roaming consortium OI.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
a83e5749ac GAS: Update timeout from TX status handler
This allow GAS operations to be fine-tuned based what happens with GAS
query TX. Failed queries are timed out immediately and acknowledged
queries are given some more time to account for possible TX queue
latencies.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
e88060e1a7 HTTP server: Allow TCP socket to be reused
This makes it easier to handle cases where the application is restarted
and the previously used local TCP port may not have been fully cleared
in the network stack.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
9bc33868bf Add test option for specifying hardcoded BSS Load element
The new bss_load_test parameter can be used to configure hostapd to
advertise a fixed BSS Load element in Beacon and Probe Response frames
for testing purposes. This functionality is disabled in the build by
default and can be enabled with CONFIG_TESTING_OPTIONS=y.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
9c7e43a5c6 Define BSS Load element id
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
56f5af489c Interworking: Add support for QoS Mapping functionality for the STA
Indicate support for QoS Mapping and configure driver to update the QoS
Map if QoS Map Set elements is received from the AP either in
(Re)Association Response or QoS Map Configure frame.

This commit adds support for receiving the frames with nl80211 drivers,
but the actual QoS Map configuration command is still missing.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Kyeyoon Park
850e1c2579 atheros: Add support for QoS Mapping configuration
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Kyeyoon Park
c551700f1f Interworking: Add support for QoS Mapping functionality for the AP
This allows QoS Map Set element to be added to (Re)Association Response
frames and in QoS Map Configure frame. The QoS Mapping parameters are
also made available for the driver interface.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
ac1bc54948 Interworking: Add domain_suffix_match for credentials
This allow domain_suffix_match to be specified for a cred block and then
get this copied for the network blocks generated from this credential as
part of Interworking network selection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
463c8ffbd5 Interworking: Add support for multiple home FQDNs
Credentials can now be configured with more than one FQDN ('domain'
field in the cred block) to perform Domain Name List matching against
multiple home domains.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
0076a18f39 tests: Remove cred before changing domain
This is in preparation for supporting multiple domain values after which
setting the domain value does not replace the old value, but adds a new
one.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Jouni Malinen
01f809c7db Add AAA server domain name suffix matching constraint
The new domain_suffix_match (and domain_suffix_match2 for Phase 2
EAP-TLS) can now be used to specify an additional constraint for the
server certificate domain name. If set, one of the dNSName values (or if
no dNSName is present, one of the commonName values) in the certificate
must have a suffix match with the specified value. Suffix match is done
based on full domain name labels, i.e., "example.com" matches
"test.example.com" but not "test-example.com".

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 13:34:26 +03:00
Jouni Malinen
be7963b3c2 OpenSSL: Fix code indentation in OCSP processing
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 13:34:22 +03:00
Janusz Dziedzic
899cc14e10 hostapd: Add support for DFS with 160 MHz channel width
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:06:16 +03:00
Janusz Dziedzic
6de0e0c99e Mark DFS functions static and rename them
These functions are not used from outside dfs.c anymore.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:05:54 +03:00
Janusz Dziedzic
58b73e3dd9 hostapd: DFS with 40/80 MHz channel width support
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:05:44 +03:00
Janusz Dziedzic
846de15d7b DFS: Add more parameters to radar events
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:05:39 +03:00
Janusz Dziedzic
04e8003c6c nl80211: Use struct hostapd_freq_params with start_dfs_cac
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:05:31 +03:00
Janusz Dziedzic
72c753d7bb hostapd: Split hostapd_set_freq to helper function
This allows the functionality to fill in a struct hostapd_freq_params to
be shared.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:05:23 +03:00
Janusz Dziedzic
e76da50529 hostapd: Add AP DFS support
Add DFS structures/events handlers, CAC handling, and radar detection.
By default, after radar is detected or the channel became unavailable, a
random channel will be chosen.

This patches are based on the original work by Boris Presman and
Victor Goldenshtein. Most of the DFS code is moved to a new dfs.c/dfs.h
files.

Cc: Boris Presman <boris.presman@ti.com>
Cc: Victor Goldenshtein <victorg@ti.com>

Signed-hostap: Simon Wunderlich <siwu@hrz.tu-chemnitz.de>
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:05:15 +03:00
Jouni Malinen
dfe6ce4eeb tests: Make sure hlr_auc_gw exits and clean up sockets
If a test run is terminated forcefully, hlr_auc_gw could have been left
running and/or some of the control interface files could still remain.
This could result in hlr_auc_gw not starting again for the next test
run.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-17 21:05:06 +03:00
Jouni Malinen
0d4c5494bc tests: Skip EAP-SIM/AKA/AKA' if hlr_auc_gw not available
Do not fail the EAP-SIM/AKA/AKA' test cases if hlr_auc_gw is not
available since hlr_auc_gw is not considered required part for the test
setup.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-17 21:04:55 +03:00
Pontus Fuchs
5079392954 Increase buffer size and prevent write beyond buffer end
wpa_config_write_key_mgmt has a buffer size of 50. This is not enough
to fit the longest case. I used a network with "WPA-PSK WPA-EAP
WPA-NONE" and CONFIG_IEEE80211R=y + CONFIG_IEEE80211W=y to produce
a string longer than 50 chars. Increase the buffer size to 100 to
prevent truncated output.

Truncated output is not the only problem. If the buffer end is
reached when adding certain key mgmt types the function does not
return immediately. This leaves pos > end. When a second os_sprintf
is called the calculation of end - pos yields a large positive
number for buffer size. End result is a write beyond the buffer end.
Fix this by bailing out if buffer end is reached.

Signed-hostap: Pontus Fuchs <pontus.fuchs@gmail.com>
2013-10-14 20:49:26 +03:00
Helmut Schaa
ded22b5390 hostapd: Fix segfault after ACS when flushing STAs
When hostapd receives an auth frame during ACS the transmission of
the according auth response will always fail:

ACS: Automatic channel selection started, this may take a bit
[..]
send_auth_reply: send: Resource temporarily unavailable
[..]

However, a station info entry was created. Once ACS is finished
it will flush all stations even though hapd was not yet fully
initialized. This results in a segfault when trying to access
hapd->radius:

0  0x0042c1c0 in radius_client_flush_auth ()
1  0x00416a94 in ap_free_sta ()
2  0x00416cc0 in hostapd_free_stas ()
3  0x0040bce8 in hostapd_flush_old_stations ()
4  0x0040c790 in hostapd_setup_interface_complete ()
5  0x0046347c in acs_scan_complete ()
6  0x0040f834 in hostapd_wpa_event ()
7  0x0043af08 in send_scan_event.part.46 ()
8  0x00443a64 in send_scan_event ()
9  0x00443c24 in do_process_drv_event ()
10 0x004449e8 in process_global_event ()
11 0x7767d7d0 in ?? ()

Fix this by not presuming anything about the initialization state of
hapd and checking ->radius before accessing.

Signed-off-hostapd: Helmut Schaa <helmut.schaa@googlemail.com>
2013-10-14 20:44:31 +03:00
Jithu Jance
7e910b7b51 WPS NFC: Cancel scheduled scan before attempting a scan
Cancel scheduled scan (if any) before attempting to scan for the newly
received configuration/credential in WPS NFC Config token case.

Signed-hostap: Jithu Jance <jithu@broadcom.com>
2013-10-14 20:42:27 +03:00
Dmitry Shmidt
24d110dca3 Replace printf with wpa_printf debug message
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-10-14 20:40:57 +03:00
Jouni Malinen
b72e14e599 P2P: Do not allow P2P client connection without P2P IE from GO
P2P-GROUP-STARTED event depends on having enough information about the
group available. To avoid incomplete information from being delivered to
upper layers, do not accept scan results without P2P IE (e.g., from a
non-P2P scan) for P2P client association process. This can be of use for
some join-a-group cases where non-P2P scans have generated the BSS entry
for the GO.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-14 19:41:23 +03:00
Jouni Malinen
5df7414b04 P2P: Allow persistent group determination based on Beacon frame
P2P IE may be available from a Beacon frame from a GO even if we have
not yet received a Probe Response frame with P2P IE from that GO. Since
all the needed information for determining the GO's P2P Device Address
and group capabilities are available, use that information instead of
displaying incomplete group information.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-14 19:28:00 +03:00
Jouni Malinen
aaeb9c98e6 P2P: Allow GO to be discovered based on Beacon frame
This fixes some P2P-join-a-group cases where GO may have been discovered
based on passive scan or non-P2P scan. P2P IEs may have been received
from a Beacon frame in such a case and that information can be used to
create a P2P peer entry, e.g., to allow provision discovery exchange to
be completed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-14 19:25:28 +03:00
Jouni Malinen
b16696ff72 P2P: Show p2p flag in debug info for scan results
This makes it easier to confirm that P2P capabilities for a GO has been
discovered properly.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-14 19:23:38 +03:00
Jouni Malinen
bb50ae4396 P2P: Show P2P flag in BSS entries also based on Beacon frames
It is possible that a P2P GO has been discovered through a non-P2P scan
that did not return P2P IE in Probe Response frames. To cover those
cases, check also Beacon frame (if received) for P2P IE.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-14 19:22:09 +03:00
Jouni Malinen
ff57398fca P2P: Do not drop P2P IEs from BSS table on non-P2P scans
This could happen when non-P2P station interface runs a scan without P2P
IE in the Probe Request frame. P2P GO would reply to that with a Probe
Response that does not include P2P IE. Do not update the IEs in this BSS
entry to avoid such loss of information that may be needed for P2P
operations to determine group information.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-14 17:34:41 +03:00
Jouni Malinen
adeb4f59a2 P2P: Make sure wait for the first client gets stopped
If a group was removed before the wait for the first client had timed
out and the client had not yet connected, p2p_go_wait_client could have
been left set and with that, scan operations could be unnecessarily
delayed. This fixes some undesired delays from commit
c1c0b35fea.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-05 22:15:28 -07:00
Dmitry Shmidt
f22f274bbf P2P: Clone 'disable_scan_offload' parameter for p2p group
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-10-05 18:18:20 -07:00
Swaroop Golti
63ce59dea8 P2P: Increase Invitation Request timeouts
In noisy environment peer may take more time to send Invitation
Response so increase Invitation Response timeout to 500 ms in success
case and also increase Invitation Request action wait time to 500 ms.
This makes the Invitation Request case use the same timeout with GO
Negotiation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-05 18:14:33 -07:00
Deepthi Gowri
acdd0fc84f P2P: Clear p2p_group_formation and p2p_in_provisioning on group removal
Commit 41f853235f extends group formation
timeout for the first data connection to complete and resets
p2p_go_group_formation_completed flag due to which p2p_in_provisioning
and p2p_group_formation flags are not cleared when
wpas_group_formation_completed() is called. This can result in both
station scan and p2p_find failures in the case where separate P2P group
interface is not used and the client does not complete 4-way handshake.
Fix this by clearing p2p_group_formation and p2p_in_provisioning when
such a P2P group is deleted.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-05 17:54:52 -07:00
Arif Hussain
8b3b803ab9 Include Extended Capabilities element based on scan results
Add Extended Capabilities element to association request only if the AP
included this element in Beacon/Probe Response frames. This is a
workaround to address interoperability issues with some older APs that
do not seem to be able to handle Extended Capabilities element in
(Re)Association Request frames.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-02 08:09:05 -07:00
Deepthi Gowri
6903ee6f62 P2P Extend postponing of concurrent scans for persistent GO
Update the p2p_go_wait_client timestamp in p2p_go_configured() to
address the case where the group is set up without the provisioning
step.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-02 07:32:17 -07:00
Sunil Dutt
5bfd7e9168 TDLS: Do not start concurrent TDLS setup
A new TDLS request shall transmit TPK M1 frame with a unique INonce.
Thus a new explicit request would fail an ongoing TDLS negotiation with
the error "TDLS: FTIE SNonce in TPK M3 does not match with FTIE SNonce
used in TPK M1" if the peer happens to receive two M1 frames before an
M3 frame. Check for the ongoing negotiation with the peer and do not
start a new one if we are already in a setup negotiation with the peer.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-30 17:38:41 +03:00