Return control flow to hostapd by calling hostapd_acs_completed()
if requesting a scan from the underlying device fails.
Signed-hostapd: Helmut Schaa <helmut.schaa@googlemail.com>
If radar was detected single BSS is notified about it. This caused only
that single BSS to be stopped and restarted. However, due to nl80211
interface combinations the BSS was not started on a new channel and
other BSSes remained operating on the old channel.
The downside is that hostapd_disable_iface() causes deauth frames to be
sent. This is undesired but on the other hand it doesn't make sense to
create workarounds that imitate CSA's 'block tx'. For proper Tx
quiescing CSA should be properly implemented.
Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
Decouple HT/VHT offset/center-freq calculations from channel lookup.
This will be necessary for further improvements on the DFS codebase.
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
The GTK rekey offload information was sent to the driver immediately
after the 4-way handshake which ended up being before the initial group
key exchange in the case of WPA (v1). This could result in even that
initial GTK handshake being offloaded and wpa_supplicant being left in
WPA_GROUP_HANDSHAKE state. Fix this by postponing the operation to
happen only after the full set of initial EAPOL-Key exchanges have been
completed (i.e., in the existing location for WPA2 and a after the group
key handshake for WPA).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Reject RELOAD control interface command if the dynamic configuration
changes have resulted into a state where the configuration is invalid.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the configuration validation routines to be called from
src/ap/*.c for runtime updates of configuration without reprocessing the
full configuration file.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This provides a new option for configuring multiple virtual interfaces
(BSS) that share a single radio. The new command line parameter
-b<phyname>:<config file name> is used to define one or more virtual
interfaces for each PHY. The first such entry for a new PHY is used to
initialize the interface structure and all consecutive parameters that
have the same PHY name will be added as virtual BSS entries to that
interface. The radio parameters in the configuration files have to be
identical.
This can be used as an alternative for the bss=<ifname> separator and
multiple BSSes in a single configuration file design while still
allowing hostapd to control the PHY (struct hostapd_iface) as a group of
virtual interfaces (struct hostapd_data) so that common radio operations
like OLBC detection and HT40 co-ex scans can be done only once per real
radio.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This makes it more convenient to move BSS configuration entries between
struct hostapd_config instances to clean up per-BSS configuration file
design.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This may be needed if the wpa_psk information for previously derived
from passphrase and either the SSID or the passphrase has changed.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Instead of duplicating the functionality and missing changes (like the
hostapd_broadcast_wep_clear() call), use the hostapd_clear_old()
function that was already used for the similar case with configuration
file reload.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Start GO with VHT support if VHT option was requested
and the appropriate channels are available.
Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
Add the option to ask for VHT operation similarly to the way ht40 is
configured - either by adding 'vht' param to the relevant p2p_*
commands or by configuring p2p_go_vht=1 in the configuration file.
This patch only adds the configuration option (e.g., via control
interface). The actual handling of the VHT parameter (asking the driver
to use VHT, etc.) will be done by the following patch.
Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
Later on, we'll consider the availability of these
channels when starting P2P GO with VHT support.
Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
Mask the remote VHT capabilities with our own capabilities, similarly
to what is done for HT capabilities.
Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
Make sure the driver supports 160/80+80 MHz VHT capabilities
before trying to configure these channels.
Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
VHT_CAP_BEAMFORMEE_STS_MAX, VHT_CAP_SOUNDING_DIMENSION_OFFSET, and
VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT were not defined properly (wrong
name/size). Fix that and update the hostapd.conf parsing accordingly.
Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
Previously the Country element contained the max TX power the local
hardware was capable of. Change this to just use the regulatory limit.
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
The new p2p_add_cli_chan=1 configuration parameter can be used to
request passive-scan channels to be included in P2P channel lists for
cases where the local end may become the P2P client in a group. This
allows more options for the peer to use channels, e.g., if the local
device is not aware of its current location and has marked most channels
to require passive scanning.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new p2p_no_go_freq frequency range list (comma-separated list of
min-max frequency ranges in MHz) can now be used to configure channels
on which the local device is not allowed to operate as a GO, but on
which that device can be a P2P Client. These channels are left in the
P2P Channel List in GO Negotiation to allow the peer device to select
one of the channels for the cases where the peer becomes the GO. The
local end will remove these channels from consideration if it becomes
the GO.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When we have CAC active and receive a radar event, we should ignore
CAC_ABORT event and handle channel switch in the radar event handler.
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
This fixes a problem when operating on non-DFS channel and receiving a
radar event for that channel. Previously, we would have decided to
switch channels.
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Add a table of available VHT80 channels. This table contains the first
available channel. We will also choose this first channel as the control
one.
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
To avoid a problem where the beacon socket occasionally
blocks, mark any sockets on the eloop as non-blocking.
The previous patch reordered the code to never send a
command after a socket was put on the eloop, but now also
invalidate the nl handle pointer while it's on there.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Abstract the handling of sockets on the eloop to avoid
destroying sockets still on the eloop and also to allow
the next patch to mark the socket non-blocking.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
The IBSS code registers the bss nl_mgmt socket for auth
frames when the join event happens, but that is too late
as then the socket is already on the eloop, which could
cause problems when other events are received at the
same time as the registration is done.
Move the auth frame registration to the initial setup
before the socket is put onto the eloop.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Some driver wrappers may implement this by writing eight octets even
though IPN is only six octets. Use a separate WPA_KEY_RSC_LEN (8) octet
buffer in the call to make sure there is enough buffer room available
for the full returned value and then copy it to IPN field.
The previous implementation used the following igtk field as the extra
buffer and then initialized that field afterwards, so this change does
not fix any real issue in behavior, but it is cleaner to use an explicit
buffer of the maximum length for get_seqnum().
Signed-hostap: Jouni Malinen <j@w1.fi>
Even though the length of this buffer is based only on locally
configured information, it is cleaner to include explicit buffer room
validation steps when adding the attributes into the buffer.
Signed-hostap: Jouni Malinen <j@w1.fi>
linux_br_get() was forcing null termination on the buffer, but did not
check whether the string could have been truncated. Make this more
strict by rejecting any truncation case.
Signed-hostap: Jouni Malinen <j@w1.fi>
The allocation of new_bss and its use was separated by a lot of code in
this function. This can be cleaned up by moving the allocation next to
the use, so that this all can be within a single #ifdef HOSTAPD block.
The i802_check_bridge() call was outside type == WPA_IF_AP_BSS case, but
in practice, it is only used for WPA_IF_AP_BSS (and if used for
something else, this would have resulted in NULL pointer dereference
anyway).
Signed-hostap: Jouni Malinen <j@w1.fi>
If SSL_CTX_new() fails in tls_init(), the per-SSL app-data allocation
could have been leaked when multiple TLS instances are allocated.
Signed-hostap: Jouni Malinen <j@w1.fi>
The VHT_CHANWIDTH_160MHZ case fell through to the default case and
printed out a debug message that was not supposed to be shown here.
Signed-hostap: Jouni Malinen <j@w1.fi>
os_strlpcy() should be used instead of os_strncpy() to guarantee null
termination. Since there are no remaining strncpy uses, remove
os_strncpy() definition.
Signed-hostap: Jouni Malinen <j@w1.fi>
This was already included in all the other calls to eap_proxy, but
somehow the get_imsi call had been forgotten.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Trying to access the SIM card details without checking if the eap_proxy
layer has been initialized can results in a crash. Address this by
sending the request for the IMSI through eapol_supp_sm.c which can
verify that eap_proxy has been initialized.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Previously ACS required valid survey data on all available channels.
This can however not be guaranteed. Instead of just failing, fall back
to the subset of channels that have valid ACS data.
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
Otherwise hostapd might hang doing nothing anymore. Propagate ACS
errors so we can fail gracefully.
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
If ACS fails we still need to call hostapd_setup_interface_complete.
Otherwise hostapd will just hang doing nothing anymore. However, pass
an error to hostapd_setup_interface_complete to allow a graceful fail.
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
This makes it easier to go through the P2P channel list operations in
the debug log without having to parse through the hexdump manually.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Incorrect nla_get variants were used to get event type and frequency.
Kernel passes both as u32. This caused issues on tinynl/big-endian hosts
- CAC finished was treated as radar detection and frequency was 0.
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
It is possible for a vif netdev to be removed by something else than
hostapd and if that happens for a virtual AP interface, if_remove()
handler should still free the local data structure to avoid memory leaks
if something external removes a netdev.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, the send_mlme->send_frame->send_frame_cmd path that could be
used when a GO sends an offchannel Action frame ended up not updating
drv->send_action_cookie. This can result in an issue with not being able
to cancel wait for the response, e.g., in invitation-to-running-group
case.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This fixes issues where a GO used offchannel-TX operation to send an
Invitation Request frame. Wait for the offchannel TX operation needs to
be stopped as soon as the Invitation Response frame has been received.
This addresses some issues where Probe Response frame from the GO
through the monitor interface may end up going out on a wrong channel
(the channel of this offchannel TX operation for invitation).
Signed-hostap: Jouni Malinen <j@w1.fi>
Join-a-group needs to force the current operating channel of the target
group as the frequency to use for the PD exchange. When the channel was
selected based on a BSS entry for the GO, this worked only for the first
PD Request frame while the retries reverted to a potentially different
channel based on a P2P peer entry. Fix this by maintaining the forced
channel through the PD retry sequence.
Signed-hostap: Jouni Malinen <j@w1.fi>
P2P Invitation Response frame is required to include the Channel List
attribute only in Status=Success case. Skip the debug message claiming
that a mandatory attribute was not included in non-Success case.
Signed-hostap: Jouni Malinen <j@w1.fi>
This allows the new external_sim=1 case to be used to perform UMTS
authentication step in EAP-AKA/AKA' peer process. Following control
interface event is used to request the operation:
CTRL-REQ-SIM-<network id>:UMTS-AUTH:<RAND>:<AUTN> needed for SSID <SSID>
Response from external processing is returned with
CTRL-RSP-SIM-<network id> UMTS-AUTH:<IK>:<CK>:<RES>
or
CTRL-RSP-SIM-<network id> UMTS-AUTS:<AUTS>
Signed-hostap: Jouni Malinen <j@w1.fi>
This allows the new external_sim=1 case to be used to perform GSM
authentication step in EAP-SIM peer process. Following control interface
event is used to request the operation:
CTRL-REQ-SIM-<network id>:GSM-AUTH:<RAND1>:<RAND2>[:<RAND3>] needed
for SSID <SSID>
For example:
<3>CTRL-REQ-SIM-0:GSM-AUTH:5e3496ce7d5863b3b09f97f565513bc3:
73f0f0bc5c47bcbed6f572d07ab74056:447b784f08de80bdc2b1e100fccbb534
needed for SSID test
Response from external processing is returned with
CTRL-RSP-SIM-<network id> GSM-AUTH:<Kc1>:<SRES1>:<Kc2>:<SRES2>
[:<Kc3>:<SRES3>]
For example:
wpa_cli sim 0 GSM-AUTH:d41c76e0079247aa:2709ebfb:43baa77cfc8bcd6c:
0fa98dc1:a8ad1f6e30e
Signed-hostap: Jouni Malinen <j@w1.fi>
The new configuration parameter external_sim=<0/1> can now be used to
configure wpa_supplicant to use external SIM/USIM processing (e.g., GSM
authentication for EAP-SIM or UMTS authentication for EAP-AKA). The
requests and responses for such operations are sent over the ctrl_iface
CTRL-REQ-SIM and CTRL-RSP-SIM commands similarly to the existing
password query mechanism.
Changes to the EAP methods to use this new mechanism will be added in
separate commits.
Signed-hostap: Jouni Malinen <j@w1.fi>
This makes it easier to handle cases where the application is restarted
and the previously used local TCP port may not have been fully cleared
in the network stack.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new bss_load_test parameter can be used to configure hostapd to
advertise a fixed BSS Load element in Beacon and Probe Response frames
for testing purposes. This functionality is disabled in the build by
default and can be enabled with CONFIG_TESTING_OPTIONS=y.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Indicate support for QoS Mapping and configure driver to update the QoS
Map if QoS Map Set elements is received from the AP either in
(Re)Association Response or QoS Map Configure frame.
This commit adds support for receiving the frames with nl80211 drivers,
but the actual QoS Map configuration command is still missing.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows QoS Map Set element to be added to (Re)Association Response
frames and in QoS Map Configure frame. The QoS Mapping parameters are
also made available for the driver interface.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new domain_suffix_match (and domain_suffix_match2 for Phase 2
EAP-TLS) can now be used to specify an additional constraint for the
server certificate domain name. If set, one of the dNSName values (or if
no dNSName is present, one of the commonName values) in the certificate
must have a suffix match with the specified value. Suffix match is done
based on full domain name labels, i.e., "example.com" matches
"test.example.com" but not "test-example.com".
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Add DFS structures/events handlers, CAC handling, and radar detection.
By default, after radar is detected or the channel became unavailable, a
random channel will be chosen.
This patches are based on the original work by Boris Presman and
Victor Goldenshtein. Most of the DFS code is moved to a new dfs.c/dfs.h
files.
Cc: Boris Presman <boris.presman@ti.com>
Cc: Victor Goldenshtein <victorg@ti.com>
Signed-hostap: Simon Wunderlich <siwu@hrz.tu-chemnitz.de>
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
When hostapd receives an auth frame during ACS the transmission of
the according auth response will always fail:
ACS: Automatic channel selection started, this may take a bit
[..]
send_auth_reply: send: Resource temporarily unavailable
[..]
However, a station info entry was created. Once ACS is finished
it will flush all stations even though hapd was not yet fully
initialized. This results in a segfault when trying to access
hapd->radius:
0 0x0042c1c0 in radius_client_flush_auth ()
1 0x00416a94 in ap_free_sta ()
2 0x00416cc0 in hostapd_free_stas ()
3 0x0040bce8 in hostapd_flush_old_stations ()
4 0x0040c790 in hostapd_setup_interface_complete ()
5 0x0046347c in acs_scan_complete ()
6 0x0040f834 in hostapd_wpa_event ()
7 0x0043af08 in send_scan_event.part.46 ()
8 0x00443a64 in send_scan_event ()
9 0x00443c24 in do_process_drv_event ()
10 0x004449e8 in process_global_event ()
11 0x7767d7d0 in ?? ()
Fix this by not presuming anything about the initialization state of
hapd and checking ->radius before accessing.
Signed-off-hostapd: Helmut Schaa <helmut.schaa@googlemail.com>
In noisy environment peer may take more time to send Invitation
Response so increase Invitation Response timeout to 500 ms in success
case and also increase Invitation Request action wait time to 500 ms.
This makes the Invitation Request case use the same timeout with GO
Negotiation.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
A new TDLS request shall transmit TPK M1 frame with a unique INonce.
Thus a new explicit request would fail an ongoing TDLS negotiation with
the error "TDLS: FTIE SNonce in TPK M3 does not match with FTIE SNonce
used in TPK M1" if the peer happens to receive two M1 frames before an
M3 frame. Check for the ongoing negotiation with the peer and do not
start a new one if we are already in a setup negotiation with the peer.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
There is no need to go through the peer list when we already have a
pointer to the specific peer entry.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This is called from number of locations and it is more efficient to use
a new helper function instead of wpa_tdls_disable_link() that would do
peer address search from the list of peers.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Making this function be used only for external setup case simplifies the
implementation and makes core wpa_supplicant calls in ctrl_iface.c and
events.c consistent.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 8a9f58f2cc ("EAP-AKA server: Store
permanent username in session data") broke AUTS processing by skipping
new authentication triplet fetch after having reported AUTS. Fix this by
started new full authentication sequence immediately after reporting
AUTS so that the updated parameters are available for the Challenge
message.
Signed-hostap: Jouni Malinen <j@w1.fi>
STATUS-DRIVER command can now be used to fetch driver interface status
information. This is mainly for exporting low-level driver interface
information for debug purposes.
Signed-hostap: Jouni Malinen <j@w1.fi>
TX frequency gets lost when going through the monitor send MLME option
and this resulted in P2P operations like invitation from a GO failing
when the driver needs monitor socket, but would support offchannel TX.
Fix this by using frame_cmd path instead in case the monitor socket
would have been hit for action frame TX.
Signed-hostap: Jouni Malinen <j@w1.fi>
Previously, IBSS mode (NL80211_IFTYPE_ADHOC) was left in drv->nlmode
when leaving IBSS. This causes issues for send_mlme() handler for P2P
Probe Response transmission in Listen state. Fix this by clearing nlmode
back to NL80211_IFTYPE_STATION on leaving IBSS so that following P2P
operations can be executed correctly. Previously, this was fixed only
when the next authentication/association attempt in station mode
occured.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
There is no need to use the bss variable which is used only within a
wpa_printf() call that can be conditionally removed from the build.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This extends hostapd global control interface command "ADD" to use a
configuration file instead of requiring configuration to be built using
SET command.
The command format is now following:
ADD <ifname> <control path|config=<path to config>>
For example:
ADD wlan0 /var/run/hostapd
ADD wlan0 config=/tmp/hostapd.conf
When using the configuration file option, ctrl_interface parameter in
the file needs to be set to allow ENABLE command to be issued on the new
interface.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
There was a comment about the the cleanup steps being from
hostapd_cleanup_iface(). However, the operations that cleared some
security parameters do not seem to exist elsewhere and do not make sense
here. Remove them to avoid changing configuration with DISABLE followed
by ENABLE.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This fixes some issues where dynamic interface enable/disable cycles
could end up trying to free resources twice and crash the process while
doing so.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This can be useful in figuring out how drv->last_mgmt_freq gets set
to debug issues with P2P frames being sent on incorrect channel.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
printf_decode() fills in a binary buffer and returns the length of
the written data. This did not use null termination since initial
use cases used the output as a binary value. However, Hotspot 2.0
cred block values are also using this for parsing strings. Those
cases could end up without proper null termination depending on what
os_malloc() ends up getting as the memory buffer. Fix these and make
printf_decode() more convenient by forcing the output buffer to be
null terminated.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When no other user preference is specified, opt to use an operating
channel that allows 5 GHz band to be used rather than 2.4 GHz.
Previously, this was already done in practice for HT40 channels since no
such channel is enabled for P2P on 2.4 GHz. This commit extends this to
apply 5 GHz preference for 20 MHz channels as well.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
H3C WA2620i-AGN AP may send an EAP packet with an undefined EAP code
10 after successful EAP authentication which restarts the EAPOL
state machine. Drop such frames with this unrecognized code without
advancing the EAPOL supplicant or EAP peer state machines to avoid
interoperability issues with the AP.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
There is no point in updating the RNonce for every obtained TPK M1 frame
(e.g., retransmission due to timeout) with the same INonce (SNonce in
FTIE). Update RNonce only if a TPK M1 is received with a different
INonce (new TDLS session) to avoid issues with two setup exchanges
getting mixed and exchange failing due to mismatching nonces ("TDLS:
FTIE ANonce in TPK M3 does not match with FTIE ANonce used in TPK M2").
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Clear the peer information and disable the created link on a
failed TDLS setup negotiation. This is needed to avoid leaving
TDLS setup pending and to return to the AP path in case anything
goes wrong during the setup attempt.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Some APs may incorrectly change Device Password ID from PBC in M1 to
Default PIN in M2 even when they are ready to continue with PBC. This
behavior used to work with earlier implementation in wpa_supplicant, but
commit b4a17a6ea7 started validating this
as part of a change that is needed to support NFC configuration method.
While this kind of AP behavior is against the WSC specification and
there could be potential use cases for moving from PBC to PIN, e.g., in
case of PBC session overlap, it is justifiable to work around this issue
to avoid interoperability issues with deployed APs. There are no known
implementations of PBC-to-PIN change from M1 to M2, so this should not
reduce available functionality in practice.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
It is possible for the GO of a persistent group to change the PSK or
remove a client when per-client PSKs are used and this can happen
without the SSID changing (i.e., the group is still valid, but just not
for a specific client). If the client side of such persistent group ends
up trying to use an invalidated persistent group information, the
connection will fail in 4-way handshake. A new WPS provisioning step is
needed to recover from this.
Detect this type of case based on two 4-way handshake failures when
acting as a P2P client in a persistent group. A new
"P2P-PERSISTENT-PSK-FAIL id=<persistent group id>" event is used to
indicate when this happens. This makes it easier for upper layers to
remove the persistent group information with "REMOVE_NETWORK <persistent
group id>" if desired (e.g., based on user confirmation).
In addition to indicating the error cases for persistent groups, all
this type of PSK failures end up in the client removing the group with
the new reason=PSK_FAILURE information in the P2P-GROUP-REMOVED event.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new control interface command P2P_REMOVE_CLIENT <P2P Device
Address|iface=Address> can now be used to remove the specified client
from all groups (ongoing and persistent) in which the local device is a
GO. This will remove any per-client PSK entries and deauthenticate the
device.
Signed-hostap: Jouni Malinen <j@w1.fi>
Record all generated per-client PSKs in the persistent group network
block and configure these for the GO Authenticator whenever re-starting
the persistent group. This completes per-client PSK support for
persistent groups.
Signed-hostap: Jouni Malinen <j@w1.fi>
When using per-device PSKs, select the PSK based on the P2P Device
Address of the connecting client if that client is a P2P Device. This
allows the P2P Interface Address to be changed between P2P group
connections which may happen especially when using persistent groups.
Signed-hostap: Jouni Malinen <j@w1.fi>
This can be used to implement per-device PSK selection based on the
peer's P2P Device Address instead of P2P Interface Address.
Signed-hostap: Jouni Malinen <j@w1.fi>
This makes the P2P Device Address of the Enrollee available with the PSK
records to allow P2P Device Address instead of P2P Interface Address to
be used for finding the correct PSK.
Signed-hostap: Jouni Malinen <j@w1.fi>
"wpa_cli p2p_set per_sta_psk <0/1>" can now be used to disable/enable
use of per-device PSKs in P2P groups. This is disabled by default.
When enabled, a default passphrase is still generated by the GO for
legacy stations, but all P2P and non-P2P devices using WPS will get
a unique PSK.
This gives more protection for the P2P group by preventing clients from
being able to derive the unicast keys used by other clients. This is
also a step towards allowing specific clients to be removed from a group
reliably without having to tear down the full group to do so.
Signed-hostap: Jouni Malinen <j@w1.fi>
Even after listen duration is over, P2P module remained in
P2P_LISTEN_ONLY state, which is blocking station mode scans. Fix this by
stopping P2P listen explicitly to update p2p_state to IDLE when listen
duration expires.
Signed-hostap: Syed Asifful Dayyan <syedd@broadcom.com>
This adds ACS support to hostapd. Currently only survey-based
algorithm is available.
To use ACS you need to enable CONFIG_ACS=y in .config and use
channel=0 (or channel=acs_survey) in hostapd.conf.
For more details see wiki page [1] or comments in src/ap/acs.c.
[1]: http://wireless.kernel.org/en/users/Documentation/acs
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
Swisscom SIM cards do not include MNC length within EF_AD, and end up
using incorrect MNC length based on the 3-digit default. Hardcode MNC
length of 2 for Switzerland, in the same manner as it was done for
Finland.
Signed-hostap: Andrejs Cainikovs <andrejs.cainikovs@sonymobile.com>
If the device that sends the GO Negotiation Confirm becomes the GO, it
may change its operating channel preference between GO Negotiation
Request and Confirm messages based on the channel list received from us.
Previously, the peer operating channel preference was not updated in
such a case and this could result in the initial scans after GO
Negotiation using incorrect operating channel and as such, extra delay
in the connection process. Fix this by updating the operating channel
information from GO Negotiation Confirm in cases where the peer becomes
the GO.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If there are no higher priority preference for the operating channel,
use the first pref_chan entry as the operating channel preference over
the pre-configured channel which is not really a good indication of
preference. This changes the behavior for GO Negotiation Request frame
operating channel preference value in cases where p2p_pref_chan list is
set.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This new control interface event message is used to indicate when
both 4-way handshakes have been completed with a new IBSS peer.
Signed-hostap: Jouni Malinen <j@w1.fi>
This adds survey dump support for all frequencies
and for specific desired frequencies. This will later
be used by ACS code for spectrum heuristics.
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
This splits up the channel checking upon initialization into a few
helpers. This should make this a bit easier to follow. This also paves
the way for some initial ACS entry code.
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
Interfaces that take one or two seconds to reconfigure the link after we
set IFF_ALLMULTI or after we bring the interface up were dropping the
initial TX EAPOL packet which caused excessive delays in authentication.
This change applies to FreeBSD/DragonFly only.
Signed-hostap: Rui Paulo <rpaulo@FreeBSD.org>
Add additional input verification for the frequency parameter in
p2p_group_add (and other P2P operations for that matter). Without this
verification invalid freq could be set and not handled properly.
Signed-hostap: Ilan Peer <ilan.peer@intel.com>
According to WSC specification (Ver 2.0.2, section 8.3), RF Bands
attribute should be set to the specific RF band used for the current
message. Add an option to set wanted band in wps_build_rf_bands() and
add a callback to get the current band from wpa_supplicant and hostapd.
Signed-hostap: David Spinadel <david.spinadel@intel.com>
It is possible that when trying to remove a dynamically added interface,
changing its type to station mode is not possible (since the kernel does
not support so in its interface combinations).
Since P2P interfaces are always dynamically added, avoid changing their
type to station in the deinit_ap() and deinit_p2p_client() nl80211
callbacks, assuming that the interface is about to be removed.
Signed-hostap: Ilan Peer <ilan.peer@intel.com>
The pad field in the RRB messages is unused, but it should be
initialized to avoid sending out arbitrary data from stack. This was
also generating number of valgrind complaints about uninitialized memory
accesses in local FT tests.
Signed-hostap: Jouni Malinen <j@w1.fi>
Commit 8e12685c43 replaced call to
nl80211_mgmt_unsubscribe() on the deinit path with a
wpa_driver_nl80211_set_mode() call. This is not enough to unregister the
bss->nl_mgmt read socket in all cases. Fix this by unconditionally
unsubscribing from the nl80211 events after having change mode to
station.
Signed-hostap: Jouni Malinen <j@w1.fi>
drv->assoc_freq was not updated during the connect command (neither
during the command's invocation nor after getting the event) unlike with
auth/assoc case where assoc_freq is updated. This resulted in
nl80211_get_link_noise() (and any other function for that matter) using
the improper drv->assoc_freq value with drivers that use the connect
API. Fix this by updating drv->assoc_freq on connect command and when
fetching the frequency from the driver.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Stop AP command can be used by the driver as an event to indicate that
AP mode has stopped operation. WLAN driver may have encountered errors
that has forced the driver to report this event or concurrent operations
on virtual interfaces may have forced AP operation to be stopped. When
in P2P GO mode, wpa_supplicant uses this event to remove P2P group to
keep in sync with the driver state.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
A transmission failure of the TDLS Setup Request frame (TPK Handshake
M1) results in no further retries and the peer entry being left in state
where all TDLS Setup Request frames from the peer with higher address
would be rejected, thus always resulting in a failure to establish a
TDLS link. Handle the failures in transmission by disabling the link
immediately to ensure the traffic to the peer goes through the AP. This
commit also handles similar transmision failures for TPK Handshake M2
and M3 frames (TDLS Setup Response and Confirm).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The nl80211 command for setting the TX index does not distinguish TDLS
vs. AP key and as such, the driver would not know what this set TX key
index operation is doing in the TDLS case. This could result in the TX
key index for AP being changed instead if static WEP is used in the AP
connection. Fix the issue by not setting TX key index when configuring a
TDLS key.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This is not used anymore after the previous commits that changed the
driver interface to use number of supported concurrent channels instead
of this flag.
Signed-hostap: Ilan Peer <ilan.peer@intel.com>
Signed-hostap: David Spinadel <david.spinadel@intel.com>
Previously, drivers only reported if they support multiple concurrent
channels, but did not report the maximum number of supported channels.
Add this reporting to the driver capabilities and add the implementation
to driver_nl80211.
Signed-hostap: Ilan Peer <ilan.peer@intel.com>
Signed-hostap: David Spinadel <david.spinadel@intel.com>
In order to correctly handle IBSS/RSN, wpa_supplicant has to register
for any incoming Authentication frmae to properly react when those are
received.
Signed-hostap: Nicolas Cavallari <cavallar@lri.fr>
Signed-hostap: Antonio Quartulli <antonio@open-mesh.com>
If the frequency is not specified the frame is now sent over
the channel used by the current BSS.
This will also log the payload of each sent CMD_FRAME.
Signed-hostap: Nicolas Cavallari <cavallar@lri.fr>
[antonio@open-mesh.com: commit message reworded]
Signed-hostap: Antonio Quartulli <antonio@open-mesh.com>
The static WEP keys have to be configured for the new VLAN
interface that is created for a 4addr WDS peer, not doing so
breaks WEP functionality in nl80211/4addr based WDS links.
Signed-hostap: Sujith Manoharan <c_manoha@qca.qualcomm.com>
This allows wpa_supplicant to associate to an AP that has VHT BSS
membership selector set to indicate VHT support is required for the BSS.
Without the patch it was impossible to connect to, e.g., hostapd-based
AP that has require_vht=1. wpa_supplicant was complaining with:
hardware does not support required rate 63.0 Mbps
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
In a AP/STA concurrent setup, if the STA interface is continually
scanning, trying to connect to a network, the AP interface
is basically broken since beaconing would be erratic.
This option can be used in a WDS setup where one AP acts as a
Client/AP-Repeater. The Repeater AP interface has to start beaconing
only after the Client interface has established a WDS link with the
"Root AP".
Signed-hostap: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Compiling hostapd with VHT enabled on a big endian machine resulted in
an undefined symbol error. Fix this by defining the missing macro.
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
Previously, there could be two disconnection events in core
wpa_supplicant when going through a case of wpa_supplicant-requested
disconnection with a driver that implements SME internally. This could
result in undesired behavior when a disconnection is followed by a new
connection attempt before the extra event has been received (e.g.,
during fast reassoc or WPS provisioning). Avoid such issues by ignoring
locally generated disconnect events after requesting cfg80211 to
disconnect.
This makes the previously used ignore_next_local_disconnect more
consistent by setting the variable within
wpa_driver_nl80211_disconnect() so that both callers get the same
behavior.
Signed-hostap: Jithu Jance <jithu@broadcom.com>
Commit 3962b65858 removed the Xcode
project files, but missed the defines in build_config.h. Remove these
since there are no users for them in the current snapshot.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new server_id parameter in hostapd.conf can now be used to specify
which identity is delivered to the EAP peer with EAP methods that
support authenticated server identity.
Signed-hostap: Jouni Malinen <j@w1.fi>
Check that SSL_clear_options and SSL_CTX_clear_options are defined
before using them to avoid compilation failures with older OpenSSL
versions that did not include these macros.
Signed-hostap: Jouni Malinen <j@w1.fi>
Since the P2P_DEVICE support indication was added to kernel before
everything was working properly, there may be kernel versions in use
with the new mechanism breaking P2P functionality (especially with
mac80211_hwsim). For now, disable P2P_DEVICE support by default and
allow it to be enabled with driver_param=p2p_device=1 in the
configuration file. This default behavior may be changed in the future
once the kernel issues has been resolved in stable releases.
Signed-hostap: Jouni Malinen <j@w1.fi>
Another function that needs the wdev id when P2P management is done
using the P2P_DEVICE interface.
Signed-hostap: Arend van Spriel <arend@broadcom.com>
With P2P Device support there will be two interfaces with their
own MAC address. The P2P Interface Address must be unique so verify
it is.
Signed-hostap: Arend van Spriel <arend@broadcom.com>
The phy name was determined using /sys/class/net/<ifname> but the P2P
Device is not listed there since it does not have an associated net
device. This patch changes name determination to obtain the name from
the wiphy information provide by nl80211.
Signed-hostap: Arend van Spriel <arend@broadcom.com>
For P2P Device the netlink message should have wdev identifier
instead of the interface index. This fixes a failure which occurred
executing the P2P_GROUP_ADD command.
Signed-hostap: Arend van Spriel <arend@broadcom.com>
When using OpenSSL with TLS-based EAP methods, wpa_supplicant can now be
configured to use OCSP stapling (TLS certificate status request) with
ocsp=1 network block parameter. ocsp=2 can be used to require valid OCSP
response before connection is allowed to continue.
hostapd as EAP server can be configured to return cached OCSP response
using the new ocsp_stapling_response parameter and an external mechanism
for updating the response data (e.g., "openssl ocsp ..." command).
This allows wpa_supplicant to verify that the server certificate has not
been revoked as part of the EAP-TLS/PEAP/TTLS/FAST handshake before
actual data connection has been established (i.e., when a CRL could not
be fetched even if a distribution point were specified).
Signed-hostap: Jouni Malinen <j@w1.fi>
When P2P Device is used as P2P management interface the creation of the
P2P group interface fails because MAC address retrieval fails for the
P2P Device interface.
Signed-hostap: Arend van Spriel <arend@broadcom.com>
For P2P an interface may be created for the P2P client/group. The
create request is done on the P2P management interface, which may
be a P2P Device interface. In that case it needs to use the wdev_id.
Signed-hostap: Arend van Spriel <arend@broadcom.com>
In order to get a P2P-DEVICE-FOUND event the supplicant needs to
see a peer device during SEARCH and LISTEN phase. The SEARCH
phase does a scan so obtaining the scan results for the P2P Device
interface needs to be supported, i.e., use the wdev_id.
Signed-hostap: Arend van Spriel <arend@broadcom.com>
For P2P Device the MAC address is determined upon .init2(). The
wpa_s for this interface retrieves this address in
wpa_supplicant_update_mac_addr() using the .get_mac_addr() callback.
Signed-hostap: Arend van Spriel <arend@broadcom.com>
The function setting the interface mode also handles management
frame subscription. Rework it so subscription is done for the
P2P Device interface.
Signed-hostap: Arend van Spriel <arend@broadcom.com>
The driver uses linux_set_iface_flags() in several places. Introduce and
use i802_set_iface_flags() which also works for P2P Device interface.
Signed-hostap: Arend van Spriel <arend@broadcom.com>
The .deinit() closes netlink for P2P Device. Before doing that remove
the P2P Device interface that was created by wpa_supplicant.
Signed-hostap: Arend van Spriel <arend@broadcom.com>
Add specific handler for creating the P2P Device to store the wdev_id as
this type of interface does not have an interface index.
Signed-hostap: Arend van Spriel <arend@broadcom.com>
To support Android the kernel may have a "p2p0" netdev for a P2P Device
even though this isn't very useful, but Android requires a netdev. To
support this in the supplicant, if the interface mode is P2P_DEVICE,
re-set it to the same instead of STATION mode.
Note that this is only possible with a kernel that creates a
netdev for the P2P Device wdev.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Add an option to pass a handler to nl80211_create_iface() and
nl80211_create_interface_once() that will be called after receiving the
message from the kernel. This handler will add the option to process the
message in different ways for different interfaces.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Add wdev_id to i802_bss. wdev_id_set indicates whether this id is
available. Use wdev_id if assigned, instead of ifindex. Use wdev_id for
events that come from the kernel to identify the relevant interface.
This commit does not assign wdev_id value for the BSS yet, i.e., this is
only preparation for the value to be used in a future commit.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Check the supported interfaces attribute to identify support for
a dedicated P2P Device interface type. If set, update the driver
capabilities flag to notify the supplicant.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Rename is_p2p_interface() to is_p2p_net_interface() since it used to
identify network P2P interfaces to disable 802.11b rates on them.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Sometimes an interface name that cannot be resolved is given to the
set_key function, so print the ifname in addition to the ifidx.
Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
Currently, hostapd_get_vlan_id_ifname() is used to determine if a given
vlan is valid *and* to actually determine the interface. This leads to
wpa_set_keys() sometimes setting the key on the wildcard interface name,
which does not make sense.
This patch therefore adds hostapd_vlan_id_valid() and makes
hostapd_get_vlan_id_ifname() not return a wildcard interface.
Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
Currently, struct hostapd_vlan is a per-BSS data structure which
also contains informations about whether to remove the bridge
or clear wlan / tagged-vlan interface from the bridge.
In a multi-interface multi-BSS setup, this can lead to the following
race condition:
1. wlan0 creates VLAN A, sets DVLAN_CLEAN_BR and DVLAN_CLEAN_VLAN_PORT
2. wlan1 creates VLAN A, does not set DVLAN_CLEAN_BR and
DVLAN_CLEAN_VLAN_PORT as already there
3. wlan0 removes VLAN A, removes tagged-interface from the bridge
but not the bridge.
Now wlan1 VLAN A is unusable due to the missing uplink.
4. wlan1 removes VLAN A, does not cleanup
Solution:
This requires an inter-BSS inter-interface data structure to track the
bridge / bridge port usage within hostapd. This data structure could
also be used to track any other device-has-been-created-by-hostapd
information or when regarding interface freeing.
Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
Currently by default, all BSS share the bridge brvlan%d.
While this is sane when no tagged-interface is given, this
is insane when different tagged interfaces are given, as
it would result in bridging those tagged interfaces.
This patch therefore uses br%s%d with %s=tagged_interface
and %d=VLAN ID as bridge name when a tagged-interface is given.
Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
Currently, when different BSS using different tagged vlan
interfaces, they are forced to share the bridge brvlan#,
which is not desirable.
This patch fixes this by making the bridge name configurable.
Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
Add AVG_RSSI report to the signal_poll command if it is reported by
the kernel.
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Signed-hostap: Ilan Peer <ilan.peer@intel.com>
Add prints for kernel event, including the event ID and event string.
Signed-hostap: David Spinadel <david.spinadel@intel.com>
Signed-hostap: Ilan Peer <ilan.peer@intel.com>
The ext_supp_rates passed to merge_byte_arrays would be invalid if not
advertized by the TDLS peer. Thus, validate the argument to avoid
crashes in such cases.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If AP mode SME/MLME within wpa_supplicant is used for processing Probe
Request frames in GO mode, drop Probe Request frames that include only
802.11b rates per P2P spec section 2.4.1.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Upon association, disable the timer that removes the dummy STA. This
timer caused the STA that associates within 5 seconds of doing an ANQP
query to disassociate, thinking it's a dummy STA. Similar call was
already there for the SME/MLME-in-hostapd case in handle_auth(), but the
SME-in-driver case was not previously addressed.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>