Commit graph

7839 commits

Author SHA1 Message Date
Jouni Malinen
23bd3c5b67 tests: OLBC AP detection
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-02-04 13:10:57 +02:00
Jouni Malinen
47a7e44084 tests: Hidden SSID using zero octets as payload
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-02-04 13:10:57 +02:00
Jouni Malinen
084316bfd6 tests: HT40 OBSS scan and 20/40 MHz co-ex report
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-02-04 13:10:57 +02:00
Jouni Malinen
e769364b82 tests: Add test cases for various AP mode parameters
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-04 13:10:57 +02:00
Jouni Malinen
c89d9ebbc4 tests: Verify different ways of configuring passphrase/PSK
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-04 13:10:57 +02:00
Prashanth Kumar
1b56d398a7 wpa_supplicant: Fix misplaced os_free
os_free has wfd_dev_info_hex as an argument which is defined within
CONFIG_NO_STDOUT_DEBUG

Signed-hostap: Prashanth Kumar <prashanthkumar.kr@globaledgesoft.com>
2014-02-03 19:35:09 +02:00
Jouni Malinen
8597ebdbd4 Fix hostapd segfault on beacon hint event
Commit 795baf773f ('hostapd: Filter
channel list updated events after country code change') uses the
EVENT_CHANNEL_LIST_CHANGED data pointer, but it updated only one of the
callers to provide that data. NL80211_CMD_REG_BEACON_HINT event was
still sending the event without the initiator data and resulted in NULL
pointer dereference, e.g., if a scan was run while hostapd was running
and the driver was in world roaming state and enabled a channel for
active scans.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-03 19:34:59 +02:00
Masashi Honma
c69ed4dd49 bsd: Fix hostapd compiler warning
The hostapd compilation displays a below warning On NetBSD 6.1.2.

../src/drivers/driver_bsd.c:72:1: warning: 'get80211opmode' defined but not used

This patch solves it and moves other functions to appropriate position to
reduce #ifdef.

Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2014-02-03 19:34:49 +02:00
Jouni Malinen
d950477913 Fix authentication algorithm negotiation in SME code
Commit 6ac4b15ef8 (wpa_radio work for
connection) caused a regression for cases where multiple auth_alg values
are set in a network block and wpa_supplicant-based SME is supposed to
iterate through them. The connection radio work was not terminated when
receiving authentication failure and this resulted in the following
authentication attempt failing.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-02-03 19:34:33 +02:00
Janusz Dziedzic
1412beeee9 nl80211: Show DFS region info in debug messages
Print DFS region info, if provided, when printing regulatory
information.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-01-30 14:10:25 +02:00
Janusz Dziedzic
fd92413417 hostapd: Increase timeout for channel list update to 5 seconds
Before this patch, 1 second timeout was used for regulatory updates. In
some cases, specially when we reload driver modules on some slower
platforms this could take more than 1 second (about 2 seconds). This is
important specially for DFS case, where we have to have correct DFS
region before we will start CAC. In other case (unknown DFS region), CAC
will fail. 5 seconds should be enough for all cases.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-01-30 14:05:14 +02:00
Johannes Berg
ff5e1d14af nl80211: Treat RSSI as part of each sched scan matchset
The original RSSI filter semantics for scheduled scan were
really confusing - a separate matchset was created, but it
wasn't actually treated as a separate matchset in the kernel
but rather used as the global RSSI value. The RSSI matchset
thus behaved like an RSSI filter outside of the matchsets,
being ANDed rather than ORed (as normal between matchsets.)

To make this less confusing, I changed the kernel API a bit
to actually treat the RSSI inside each matchset properly,
but keeping it compatible with the old approach by using a
matchset with only an RSSI value as the default for all the
other matchsets, and adding it as a separate matchset only
if it's the only one.

The proper way for wpa_supplicant to do this then would be
to add the RSSI to each SSID matchset, and only add another
matchset without SSID if there's none with.

However, to keep compatibility with older kernels, always
keep the non-SSID matchset and only add the RSSI to all the
other matchsets. This gets close to the desired behaviour,
the only difference would be that we shouldn't add the RSSI
matchset if there are others, but stays compatible with old
and new kernels, as new ones ignore the RSSI-only matchset
if there are others and those others have an RSSI.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2014-01-30 14:03:53 +02:00
Eytan Lifshitz
04c366cb1d Fix memory leaks and wrong memory access
1. In wpa_config_process_bgscan() fix memory leak after
   calling wpa_config_parse_string()
2. In hostapd_config_defaults(), on failure to allocate bss->radius,
   conf->bss was not freed.
3. In p2p_deauth_nofif(), memory allocated in p2p_parse_ies() was not
   freed in case of NULL minor_reason_code.
4. In p2p_disassoc_nofif(), memory allocated in p2p_parse_ies() was
   not freed in case of NULL minor_reason_code.
5. In p2p_process_go_neg_conf(), memory allocated was not freed in
   case that the P2P Device interface was not waiting for a
   GO Negotiation Confirm.
6. In wpa_set_pkcs11_engine_and_module_path(), the wrong pointer was
   checked.

Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
2014-01-30 14:01:31 +02:00
Eytan Lifshitz
fd67275b85 wpa_supplicant: Fix wrong size memory allocation
Fix memory allocation in wpa_scan_clone_params(), where the
allocation request used the size of a pointer rather than the
size of the structure.

Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
2014-01-30 13:59:29 +02:00
Michal Kazior
4b0f2282cb nl80211: Fix channel switching with VHT80
It is possible for channel switch notification to be missing channel
type attribute. This is true at least for VHT80. This led to
iface->conf->secondary_channel being set to 0. This in turn made
subsequent DFS-triggered CSA to fail due to invalid frequency
parameters.

Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
2014-01-30 13:58:48 +02:00
Shital Jaju
e28f39b7e9 nl80211: Verify that ifindex attribute is included in survey
This checks if the NL80211_ATTR_IFINDEX attribute is present before
trying to get the value of interface index.

Signed-hostap: Shital Jaju <shitalj@broadcom.com>
2014-01-30 13:44:07 +02:00
Naresh Jayaram
4701f379f0 wpa_cli: Add tdls_external_control to tab completion for SET
This global configuration parameter was added in commit
800d58721c but the tab completion list for
the wpa_cli SET command in interactive mode was not updated.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-30 13:10:29 +02:00
Jouni Malinen
2e98839243 P2P: Disable DNS server from dnsmasq
This avoids issues with multiple instances of dnsmasq running, e.g.,
with one on eth0 and the other one for the P2P group.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:14 +02:00
Jouni Malinen
c07f2615a0 P2P NFC: Add script for connection handover with nfcpy
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:14 +02:00
Jouni Malinen
12288d848c WPS NFC: Protect nfcpy pretty print calls against exceptions
nfcpy does not yet support all the new message formats, so some of the
pretty() calls can result in exceptions.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:14 +02:00
Jouni Malinen
c209dd1108 WPS NFC: nfcpy script to use new connection handover design
Fetch a carrier record from wpa_supplicant instead of full handover
request. This makes it easier for external programs to build handover
request messages with multiple alternative carriers.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:14 +02:00
Jouni Malinen
6202500f6f WPS NFC: Logging level configuration to wps-nfc.py and wps-ap-nfc.py
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
1f1b5b31d7 WPS NFC: Clean up nfcpy script no-wait operations
This allows the scripts to terminate at proper point with --no-wait.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
79ede5a7e6 WPS NFC: Validate ctrl_iface response before decoding it
If the operation fails for any reason ("FAIL" response), it is cleaner
to return error clearly instead of hitting an exception in the hex
decoder.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
ab1db08c05 WPS NFC: Use argparse in the nfcpy scripts
This cleans up command line parsing and simplifies the commands.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
6f8fa6e552 WPS NFC: Update wps-nfc.py and wps-ap-nfc.py to use new nfcpy API
This moves many of the peer discovery operations into the core nfcpy.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
c8373f1015 tests: Add test cases for static handover for join-a-group
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
014f60d0eb tests: Add test cases WPS ER with NFC
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
8f96dadc9e tests: Add a test case for WPS connection handover with password token
This verifies that NFC connection handover can be used in a case where
hostapd has an enabled password token.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
fa697bb82b tests: Add test cases for public key hash mismatches
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
2108ae1e83 tests: Add a test case for NFC handover resulting in auto configuration
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
c9dc56231b tests: Add test cases for P2P+NFC
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
f8949f5f8f tests: Reset hostapd state with FLUSH between test cases
This is similar to the FLUSH command for wpa_supplicant.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 22:08:13 +02:00
Jouni Malinen
b56f6c8869 P2P NFC: Add support for freq option in NFC ctrl_iface commands
This can be used to force an operating channel for P2P group formation
triggered by NFC operations.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:31 +02:00
Jouni Malinen
91a65018d8 WPS NFC: Use BSSID and AP Channel from handover select
These optional attributes, if present, can be used to speed up the
initial connection by using a single channel scan.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:31 +02:00
Jouni Malinen
91226e0d12 WPS: Add testing option to corrupt public key hash
If CONFIG_WPS_TESTING=y is enabled in build configuration, the new
wps_corrupt_pkhash parameter (similar to wps_testing_dummy_cred) can be
used to request public key hash to be corrupted in all generated OOB
Device Password attributes. This can be used for testing purposes to
validate public key hash validation steps.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:31 +02:00
Jouni Malinen
73127764fe WPS NFC: add more debug prints for connection handover report
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:31 +02:00
Jouni Malinen
5cd4f66095 WPS NFC: Use AP Channel information from credential container
This allows NFC Configuration Token to indicate the current AP operating
channel, so that a single channel scan can be used to speed up the
initial connection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:31 +02:00
Jouni Malinen
d2f18378e1 WPS NFC: Add BSSID and AP channel info to Configuration Token
This information can help the Enrollee to find the AP more quickly with
an optimized scan.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:31 +02:00
Jouni Malinen
75dbf98157 WPS-STRICT: Update valid Device Password ID and Config Error range
Accept the new values defined for WPS NFC.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:31 +02:00
Jouni Malinen
5cd4740580 P2P NFC: WPA state machine config with driver-based BSS selection
wpa_s->current_bss was updated too late for the
wpa_supplicant_rsn_supp_set_config() call within
wpa_supplicant_select_config(). Re-order code so that current_bss gets
updated between current_ssid update and this call to set the WPA state
machine configuration, so that the new code that determines whether the
current GO support the new IP address assignment mechanism works.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:31 +02:00
Jouni Malinen
8e9f53c367 P2P NFC: Static handover with NFC Tag on client
This adds a new P2P Invitation mechanism to invite a P2P Device with an
NFC Tag to an already operating group when the GO with NFC Device reads
the NFC Tag. The P2P Device with the NFC Tag will then accept invitation
and connect to the group automatically using its OOB Device Password.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:30 +02:00
Jouni Malinen
dd87677115 P2P NFC: Enable own NFC Tag on GO Registrar
When "P2P_SET nfc_tag 1" is used to enable the own NFC Tag for P2P, also
enable it for any running GO interface.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:30 +02:00
Jouni Malinen
abe44e3ca2 P2P NFC: Add GO info into handover message when in client role
P2P Group ID can optionally be included in the connection handover
messages when acting as a P2P Client in a group. Add this information
and show it in the P2P-NFC-PEER-CLIENT event message.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:30 +02:00
Jouni Malinen
23318bea94 P2P NFC: Optimize join-a-group operation based on NFC information
When the NFC connection handover message received from a peer indicates
that the peer is operating as a GO on a specific channel, use that
information to avoid having to go through full scan. In addition, skip
the separate join-a-group scan since we already know the operating
channel, GO P2P Device Address, and SSID.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:30 +02:00
Jouni Malinen
86e320819c P2P NFC: Copy DH parameters to a separate group interface
The DH public and private key needs to be copied for the separate group
interface if that is used for a P2P group.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:30 +02:00
Jouni Malinen
d4b4d7fe3c WPS NFC: Update DH keys for ER operations
Since wpa_s->conf->wps_nfc_dh_* parameters can be set in number of code
paths, update the wps_context copy of the DH keys even if no new keys
were generated for the request. This tries to avoid some cases where
public key hash may not have matched the public key used in the ER
operation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:30 +02:00
Jouni Malinen
ac08752d28 WPS NFC: Use pubkey mismatch config error from Enrollee
This was already done for Registrar, but the Enrollee case did not
set config error properly if Registrar public key did not match the
hash received during NFC connection handover.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:30 +02:00
Jouni Malinen
59b45d1afe P2P NFC: Add processing of P2P client while NFC handover case
Instead of automatically triggering a connection, provide an indication
of one of the devices being a P2P client to upper layers to allow user
to determine what to do next.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:30 +02:00
Jouni Malinen
74df9ecd4a P2P NFC: Do not try to join peer if both devices are already GO
Send a P2P-NFC-BOTH-GO event to upper layers to determine what to
do in case both devices going through NFC connection handover are
already operating as a GO.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:30 +02:00