Suppose we have multiple peers and we have peers advertising SD
capability, but no services registered for advertising. In this case,
even if there are multiple broadcast queries set, we might end up
sending only the lastly added broadcast query to the same device (since
SD_INFO won't get set for the first broadcast query). Add support for
multiple wildcard queries to be tracked to enable this type of use
case.
Some times it is seen that before advancing to next device in the list,
the scan results come and update SD_SCHEDULE flag. This will result in
sending the already sent query to the same device without giving chance
to other devices. This issue again is seen with peer devices advertising
SD capability without any services registered.
Signed-off-by: Jithu Jance <jithu@broadcom.com>
These can be used to disable TLSv1.1 and TLSv1.2 as a workaround for AAA
servers that have issues interoperating with newer TLS versions.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Using binutils >= 2.24.x and setting
CONFIG_WPA_TRACE/CONFIG_WPA_TRACE_BDF causes both builds to fail with
"#error config.h must be included before this header" message.
Since version 2.24.x, the bfd header checks for PACKAGE and
PACKAGE_VERSION macros.
As suggested in http://sourceware.org/bugzilla/show_bug.cgi?id=14243
projects that use bfd and don't use autotools should define a PACKAGE
macro.
Signed-off-by: Roger Zanoni <roger.zanoni@openbossa.org>
Since P2P specification mandates P2P GO to support WMM-PS with legacy
STAs, enable this automatically if the driver indicates support for
U-APSD in AP mode. The "P2P_SET go_apsd 0" command can still be used to
disable this if needed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
While testing rfkill blocking of a scanning interface, it
was seen that the ongoing scan never completes. This happens
since EVENT_SCAN_RESULTS is discarded on a disabled interface.
Fix this and also other possible radio work completion issues
by removing all the radio works (including started) of the
disabled interface.
To be able to remove already started radio works, make their
callbacks be reentrant with deinit flag (when the work
is started), so each radio work should be able to handle
its own termination.
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
The more generic NFC_REPORT_HANDOVER is now used to report completed NFC
connection handover operations in either role and NFC_RX_HANDOVER_REQ
did not have any implementation within wpa_supplicant.
Signed-off-by: Jouni Malinen <j@w1.fi>
The current nfcpy version does not support new WSC connection handover
message format and the handover server fails to process the request due
to a debug print. As a temporary workaround, override
HandoverServer::_process_request() with a version that avoids pretty()
print of the handover messages. This can be removed once nfcpy has been
updated to support the new format.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Initialize flag variable explicitly to avoid [-Wmaybeuninitialized]
compiler warning in wpas_p2p_verify_channel().
Signed-hostap: Max Stepanov <Max.Stepanov@intel.com>
Memory allocated by calling function ieee802_11_vendor_ie_concat()
was not freed on an error path int ctrl_iface BSS command.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
This uses the new nl80211 attributes to allow the connect command to
provide bssid and freq hints to the driver without limiting roaming to
the specific BSS/frequency. This can be used by drivers that perform
internal BSS selection (WPA_DRIVER_FLAGS_BSS_SELECTION) as a candidate
for initial association.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
p2p-nfc.py allowed an NFC Tag to be read and reported to wpa_supplicant
even in cases where it was explicitly asked to initiate negotiated
connection handover and return after completing this operation. The new
command line argument can be used to disable NFC Tag read operations
when a negotiated connection handover is expected.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If wpa_supplicant reports a failure when trying to generate a handover
request, detect that before trying to decode the response as a hex
string.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
P2P persistent connection may fail due to 802.11d channel change event
invalidating support of the operating frequency sent in the invitation
request, before receiving the invitation response. If the operating
frequency is invalid at the time the invitation response is processed
and there is no forced frequency provided by user, allow frequency
re-selection.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If P2P was disabled (e.g., due to driver not supporting it or through
p2p_disabled=1 configuration), setting Wi-Fi Display parameters could
result in segmentation fault when the WFD IE is updated without the P2P
module being initialized. Fix this by skipping the update if P2P module
is not in use. In addition, show Wi-Fi Display as disabled in "GET
wifi_display" and refuse to enable it with "SET wifi_display 1" if P2P
is not enabled.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_supplicant_create_ap() is only called for AP mode, so there is no
point in trying to address station (infra/IBSS) modes.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Commit bd3a373767 added a mechanism to use
AP Channel attribute from within a Credential attribute to optimize
scans. However, this design is not actually used with the WPS NFC use
cases. With configuration token, the AP Channel attribute is in the same
container with the Credential attribute (and that was also handled in
the previous implementation). With connection handover, AP Channel
information is outside the Credential attribute as well.
Simplify implementation by removing the AP Channel within Credential
case. This allows wpas_wps_use_cred() to get the AP Channel from the
container instead of having to find this during credential iteration.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
os_free has wfd_dev_info_hex as an argument which is defined within
CONFIG_NO_STDOUT_DEBUG
Signed-hostap: Prashanth Kumar <prashanthkumar.kr@globaledgesoft.com>
Commit 6ac4b15ef8 (wpa_radio work for
connection) caused a regression for cases where multiple auth_alg values
are set in a network block and wpa_supplicant-based SME is supposed to
iterate through them. The connection radio work was not terminated when
receiving authentication failure and this resulted in the following
authentication attempt failing.
Signed-hostap: Jouni Malinen <j@w1.fi>
1. In wpa_config_process_bgscan() fix memory leak after
calling wpa_config_parse_string()
2. In hostapd_config_defaults(), on failure to allocate bss->radius,
conf->bss was not freed.
3. In p2p_deauth_nofif(), memory allocated in p2p_parse_ies() was not
freed in case of NULL minor_reason_code.
4. In p2p_disassoc_nofif(), memory allocated in p2p_parse_ies() was
not freed in case of NULL minor_reason_code.
5. In p2p_process_go_neg_conf(), memory allocated was not freed in
case that the P2P Device interface was not waiting for a
GO Negotiation Confirm.
6. In wpa_set_pkcs11_engine_and_module_path(), the wrong pointer was
checked.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
Fix memory allocation in wpa_scan_clone_params(), where the
allocation request used the size of a pointer rather than the
size of the structure.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
This global configuration parameter was added in commit
800d58721c but the tab completion list for
the wpa_cli SET command in interactive mode was not updated.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This avoids issues with multiple instances of dnsmasq running, e.g.,
with one on eth0 and the other one for the P2P group.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
nfcpy does not yet support all the new message formats, so some of the
pretty() calls can result in exceptions.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Fetch a carrier record from wpa_supplicant instead of full handover
request. This makes it easier for external programs to build handover
request messages with multiple alternative carriers.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If the operation fails for any reason ("FAIL" response), it is cleaner
to return error clearly instead of hitting an exception in the hex
decoder.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This can be used to force an operating channel for P2P group formation
triggered by NFC operations.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
These optional attributes, if present, can be used to speed up the
initial connection by using a single channel scan.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If CONFIG_WPS_TESTING=y is enabled in build configuration, the new
wps_corrupt_pkhash parameter (similar to wps_testing_dummy_cred) can be
used to request public key hash to be corrupted in all generated OOB
Device Password attributes. This can be used for testing purposes to
validate public key hash validation steps.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows NFC Configuration Token to indicate the current AP operating
channel, so that a single channel scan can be used to speed up the
initial connection.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
wpa_s->current_bss was updated too late for the
wpa_supplicant_rsn_supp_set_config() call within
wpa_supplicant_select_config(). Re-order code so that current_bss gets
updated between current_ssid update and this call to set the WPA state
machine configuration, so that the new code that determines whether the
current GO support the new IP address assignment mechanism works.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This adds a new P2P Invitation mechanism to invite a P2P Device with an
NFC Tag to an already operating group when the GO with NFC Device reads
the NFC Tag. The P2P Device with the NFC Tag will then accept invitation
and connect to the group automatically using its OOB Device Password.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When "P2P_SET nfc_tag 1" is used to enable the own NFC Tag for P2P, also
enable it for any running GO interface.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
P2P Group ID can optionally be included in the connection handover
messages when acting as a P2P Client in a group. Add this information
and show it in the P2P-NFC-PEER-CLIENT event message.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When the NFC connection handover message received from a peer indicates
that the peer is operating as a GO on a specific channel, use that
information to avoid having to go through full scan. In addition, skip
the separate join-a-group scan since we already know the operating
channel, GO P2P Device Address, and SSID.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The DH public and private key needs to be copied for the separate group
interface if that is used for a P2P group.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Since wpa_s->conf->wps_nfc_dh_* parameters can be set in number of code
paths, update the wps_context copy of the DH keys even if no new keys
were generated for the request. This tries to avoid some cases where
public key hash may not have matched the public key used in the ER
operation.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Instead of automatically triggering a connection, provide an indication
of one of the devices being a P2P client to upper layers to allow user
to determine what to do next.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Send a P2P-NFC-BOTH-GO event to upper layers to determine what to
do in case both devices going through NFC connection handover are
already operating as a GO.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
