On the DMG (60 GHz) band, capability bits defined differently from
non-DMG ones. Adjust capability matching to cover both cases.
Also, for non-DMG bands, check ESS bit is set.
Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
When AP mode operation reject the client, nl80211 layer advertises the
connect failed event with the reason for failures (for example, max
client reached, etc.) using NL80211_CMD_CONN_FAILED.
This patch adds some debug messages whenever such an event is received
from the nl80211 layer and also the same event is posted to the upper
layer via wpa_msg().
Signed-off-by: Raja Mani <rmani@qca.qualcomm.com>
The reason code used for calculating the MIC should correspond to the
reason code with which the teardown frame is sent, as the receiver shall
use the one obtained in the frame for validating the MIC.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If an implicit TDLS set up request is obtained on an existing link or an
to be established link, the previous link was not removed. This commit
disables the existing link on a new set up request. Also,
wpa_tdls_reneg() function was invoking wpa_tdls_start() on an already
existing peer for the case of internal setup, which is incorrect. Thus
the invocation of wpa_tdls_start() is removed in wpa_tdls_reneg() and
also this function is renamed to wps_tdls_remove() as it does not
renegotiation rather shall remove the link (if any) for the case of
external setup.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
There is no need to have this check copied to each caller since this
needs to be done for every case when a new peer is being added.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Peer entries were getting added on every discover request from the peer,
thus resulting in multiple entries with the same MAC address. Ensures
that a check is done for the presence of the peer entry and reuse the
existing entry instead of adding a new one.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
GAS server used the same public_action_cb mechanism as P2P to process
Action frames. This ended up overriding P2P processing of Action frames
while running an AP/GO interface with a build that enables Interworking
(e.g., for Hotspot 2.0) and a driver that uses hostapd for AP mode
SME/MLME. Fix this by adding a separate callback registration for the
GAS server. This should really be cleaned up by supporting arbitrary
number of callback handlers, but for now, this addresses the regression
with a minimal change.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Very basic support for OpenBSD. No support for scanning yet, so this needs
ap_scan=0 and expects that the user has configured the interface manually
using ifconfig(8).
Signed-hostap: Mark Kettenis <kettenis@openbsd.org>
Commit 6aaac006af modified the
pmksa_cache_init() prototype, but forgot to update the empty wrapper
function which is used when PMKSA caching is not included in the build.
Signed-hostap: Jouni Malinen <j@w1.fi>
When scan failed, the wpa_driver_nl80211_scan method tried
to recursively call itself, but it passed in the wrong argument
for the void*, and so then it crashed accessing bad memory.
With this fix, hostapd still will not retry the scan later, but
at least it will exit cleanly and won't polute the file system
with core files.
Signed-off-by: Ben Greear <greearb@candelatech.com>
The P2P-FIND-STOPPED event was sent only in the P2P_SEARCH state, but
this needs to be send also in the new continue-search-when-ready states
P2P_CONTINUE_SEARCH_WHEN_READY and P2P_SEARCH_WHEN_READY for consistent
behavior.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Signal the start of EAP authentication as well as when additional
credentials are required to complete.
Signed-hostap: Paul Stewart <pstew@chromium.org>
This was previously included only with NL80211_CMD_ASSOCIATE, but the
information is as useful (if not even more useful) for
NL80211_CMD_CONNECT. It should be noted that cfg80211 does not yet use
this attribute with NL80211_CMD_CONNECT, but that can be added easily.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Each GO Negotiation Request is (re)tried with an unique dialog token and
a GO Negotiation Response / Confirmation from the peer with a mismatched
dialog token is ignored which could result in a failure in this group
formation attempt. Thus, the P2P device would continue retrying the GO
Negotiation Request frames till the GO Negotiation Response frame with a
matching dialog token is received. To avoid the failures due to the
dialog token mismatch in retry cases if the peer is too slow to reply
within the timeout, the same dialog token value is used for every retry
in the same group formation handshake.
It should be noted that this can result in different contents of the GO
Negotiation Request frame being sent with the same dialog token value
since the tie breaker bit in GO Intent is still toggled for each
attempt. The specification is not very clear on what would be the
correct behavior here. Tie breaker bit is not updated on
"retransmissions", but that is more likely referring to the layer 2
retransmission and not the retry at higher layer using a new MMPDU.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows even more memory to be freed when the SAE instance enters
Accepted state. This leaves only the minimal needed memory allocated
during the association which is especially helpful for the AP
implementation where multiple stations may be associated concurrently.
Signed-hostap: Jouni Malinen <j@w1.fi>
Most of the variables are not needed anymore once the SAE instance
has entered Accepted state. Free these to save memory.
Signed-hostap: Jouni Malinen <j@w1.fi>
The rand/mask values and commit scalar are derived using the exact same
operations, so only use a separate function for deriving the commit
element.
Signed-hostap: Jouni Malinen <j@w1.fi>
There is no need to postpone this validation step to a separate
processing operation for the commit message, so move the minimal
validation tasks into the parsing functions.
Signed-hostap: Jouni Malinen <j@w1.fi>
Move the bignum comparison part into the bignum library to allow a
single implementation of rand generation for both ECC and FCC based
groups.
Signed-hostap: Jouni Malinen <j@w1.fi>
The groups 22, 23, and 24 are not based on a safe prime and generate a
prime order subgroup. As such, struct dh_group is also extended to
include the order for previously defined groups (q=(p-1)/2 since these
were based on a safe prime).
Signed-hostap: Jouni Malinen <j@w1.fi>
This allows FFC groups to be used with SAE. Though, these groups are not
included in the default sae_groups value based on what is available
since the FFC groups have the additional requirement of using a safe
prime with the current implementation (or specification of the group
order).
Signed-hostap: Jouni Malinen <j@w1.fi>
The optional "reason=<reason code>" parameter to the ctrl_iface
deauthenticate and disassociate commands can now be used to change the
reason code used in the disconnection frame. This can be used, e.g., by
P2P GO to disconnect a single P2P client from the group by sending it an
indication of the group getting terminated (Deauthentication frame with
reason code 3). It needs to be noted that the peer device is still in
possession on the PSK, so it can still reconnect to the group after this
if it does not follow the group termination indication.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This commit increases the maximum buffer size for P2P Client Info
advertized by the Group Owner in the Probe Response frames.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Use of two variables to track bounds checking seems to be a bit too much
for some static analyzers, so add an extra condition for buffer padding
to avoid incorrect warnings.
Signed-hostap: Jouni Malinen <j@w1.fi>
These verify that a proper pointer type is used and in addition, seems
to get rid of some false static analyzer warnings.
Signed-hostap: Jouni Malinen <j@w1.fi>
The code initializing GMK Counter uses the group pointer value as extra
entropy and to distinguish different group instances. Some static
analyzers complain about the sizeof(pointer) with memcpy, so use a more
explicit type casting to make it more obvious what the code is doing.
Signed-hostap: Jouni Malinen <j@w1.fi>
hostapd.conf sae_groups parameter can now be used to limit the set of
groups that the AP allows for SAE. Similarly, sae_groups parameter is
wpa_supplicant.conf can be used to set the preferred order of groups. By
default, all implemented groups are enabled.
Signed-hostap: Jouni Malinen <j@w1.fi>
In addition to the trivial change in adding the new group ientifier,
this required changes to KDF and random number generation to support
cases where the length of the prime in bits is not a multiple of eight.
The binary presentation of the value needs to be shifted so that the
unused most significant bits are the zero padding rather than the extra
bits in the end of the array.
Signed-hostap: Jouni Malinen <j@w1.fi>
In addition to the mandatory group 19 (256-bit random ECP group) add
support for groups 20 (384-bit), 25 (192-bit), and 26 (224-bit).
Signed-hostap: Jouni Malinen <j@w1.fi>
The counter>200 check needs to be done before the continue-on-not-found
case to be effective in stopping this loop.
Signed-hostap: Jouni Malinen <j@w1.fi>
The buffer is set based on maximum group prime length, but pwd-value
needs to be correct length for the negotiated group.
Signed-hostap: Jouni Malinen <j@w1.fi>
This makes the SAE implementation a bit simpler by not having to build
the bignum for group order during execution.
Signed-hostap: Jouni Malinen <j@w1.fi>
hostapd can now be configured to use anti-clogging mechanism based on
the new sae_anti_clogging_threshold parameter (which is
dot11RSNASAEAntiCloggingThreshold in the standard). The token is
generated using a temporary key and the peer station's MAC address.
wpa_supplicant will re-try SAE authentication with the token included if
commit message is rejected with a token request.
Signed-hostap: Jouni Malinen <j@w1.fi>
IEEE Std 802.11-2012, 11.3.8.6.1: If there is a protocol instance for
the peer and it is in Authenticated state, the new Commit Message
shall be dropped if the peer-scalar is identical to the one used in
the existing protocol instance.
Signed-hostap: Jouni Malinen <j@w1.fi>
The enum values for struct sae_data::state now match the protocol
instance states as defined in IEEE Std 802.11-2012, 11.3.8.2.2
Signed-hostap: Jouni Malinen <j@w1.fi>
Even if the PAC file does not start with the proper header line, allow
the file to be used if it is empty. [Bug 423]
Signed-hostap: Jouni Malinen <j@w1.fi>
The PMKSA cache expiration timer was not actually ever initialized since
the only place for registering the timeout was in the timeout handler.
Fix this by initializing the timer whenever a new PMKSA cache entry is
added to the beginning of the list (i.e., when it was the first entry or
expires before the entry that was previously going to expire first).
[Bug 393]
Signed-hostap: Jouni Malinen <j@w1.fi>
Commit 4378fc14eb started using QoS Data
frames for QoS STAs. It used the correct flags value for WPA/RSN
EAPOL-Key frames, but wrong flags for IEEE 802.1X EAPOL frames. The
WPA_STA_WMM value used in driver_nl80211.c happens to be identical to
WLAN_STA_ASSOC in sta->flags and this makes driver_nl80211.c try to use
QoS header for all STAs. Fix this by properly converting the flags from
WLAN_STA_* to WPA_STA_*. [Bug 426]
Signed-hostap: Jouni Malinen <j@w1.fi>
Commit 68a41bbb44 broke fallback from
reauth id to fullauth id by not allowing a second AKA/Identity round to
be used after having received unrecognized reauth_id in the first round.
Fix this by allowing fullauth id to be requested in such a case.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 175171ac6c ensured that the PD
requests are retried in join-a-running group case and the Enrollee is
started on either receiving the PD response or after the retries. Each
PD request is retried with an unique dialog token and a PD response from
the GO with a mismatched dialog token is ignored. Thus, the P2P client
would continue retrying the PD requests till the response with a
matching dialog token is obtained. This would result in the GO getting
multiple PD requests and a corresponding user notification (POP UP) in
implementations where each PD request results in a POP UP, resulting in
a bad user experience. To avoid such behavior, the same dialog token
value is used for every retry in the same PD exchange.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
wpa_driver_nl80211_ap() returned error if set_freq failed, but left the
previously set nlmode to GO/AP. While this should not be issue for most
purposes, it leaves the interface in somewhat unexpected state and could
potentially affect operations prior to next connection attempt. Address
this by restoring the previous nlmode if AP mode cannot be started for
some reason.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This makes it easier to read the code for the two possible cases
(forced/preferred channel and automatic channel selection).
Signed-hostap: Jouni Malinen <j@w1.fi>
Since the operating channel is randomly set to 1/6/11 on init, which is
commonly included in the channel intersection, we were effectively
ignoring the set of P2P preferred channels when trying to improve
channel selection after having received peer information. Fix this by
trying to get the best channel we can, unless the user hard coded the
operating channel in the configuration file or p2p_connect command. Fall
back to the initial randomly selected channel if a better one cannot be
chosen.
Signed-hostap: Arik Nemtsov <arik@wizery.com>
Even if the peer does not accept the forced channel, we should not allow
the forced_freq parameter to be be overridden, i.e., such a case needs
to result in GO Negotiation failure.
Signed-hostap: Jouni Malinen <j@w1.fi>
Both p2p_connect and p2p_authorize use the same functionality to select
the channel preferences for GO Negotiation. The part of setting this
device flag was copied to each function, but it can also be handled by
the shared function after some reordering of code.
Signed-hostap: Jouni Malinen <j@w1.fi>
The exact same mechanism was used for determining the operating channel
at the device that becomes the GO regardless of whether this was
triggered by reception of GO Negotiation Request of Response frame. Use
a shared function to avoid duplicated implementation and potential
differences in the future.
Signed-hostap: Jouni Malinen <j@w1.fi>
