Commit graph

6325 commits

Author SHA1 Message Date
Jouni Malinen
8cee87ab13 P2P: Only schedule a single p2p_go_neg_start timeout at a time
It is possible for the driver to indicate multiple Probe Request frames
that would be processed in a single loop. If those frames happen to be
from a peer which with we are trying to start GO Negotiation, multiple
timeouts to start GO Negotiation (p2p_go_neg_start) could end up being
scheduled. This would result in confusing burst of multiple GO
Negotiation Request frames being sent once the RX loop finally
concludes. Avoid this by scheduling only a single eloop timeout to
trigger GO Negotiation regardless of how many Probe Request frames from
the peer is received. In addition, make sure this timeout gets canceled
in p2p_deinit().

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-26 18:07:17 +02:00
Jouni Malinen
c03e2113b6 P2P: Do not start new GO Neg on Probe Req when waiting for Confirm
If we have already sent out GO Negotiation Response and are waiting for
the peer to reply with GO Negotiation Confirm, there is no point in
re-starting GO Negotiation based on Probe Request frame from the peer.
Doing that would just result in confusing GO Negotiation exchange with
multiple sessions running at the same time.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-26 18:02:51 +02:00
Jouni Malinen
4284a0b1b0 P2P: Fail GO Negotiation on missing Group ID
The device that is selected as the GO shall incode P2P Group ID
attribute in GO Negotiation Response/Confirm message. Previously we did
not reject a message without that attribute since it was possible to
continue operations even without knowing the SSID. However, this can
potentially result in confusing results since missing P2P Group ID
attribute can be a sign of conflicting GO role determination (both
devices assuming the peer is the GO). To get clearer end result for the
GO Negotiation, reject this as a fatal error. In addition, stop GO
Negotiation if GO Negotiation Confirm indicates non-zero status since
that is also a fatal error.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-26 17:27:17 +02:00
Jouni Malinen
003c45804f P2P: Assign GO tie breaker bit at the same time with dialog token
Commit 624b4d5a64 changed GO Negotiation
to use the same Dialog Token value for all retransmissions of the GO
Negotiation Request within the same session. However, it did leave the
tie breaker bit changing for each frame. While this should not have
caused issues for most cases, it looks like there are possible sequences
where the peer may end up replying to two GO Negotiation Request frames
with different tie breaker values. If in such a case the different GO
Negotiation Response frames are used at each device, GO role
determination may result in conflicting results when same GO intent is
used.

Fix this by assigning the tie breaker value at the same time with the
dialog token (i.e., when processing the p2p_connect command instead of
for each transmitted GO Negotiation Request frame) to avoid issues with
GO selection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-26 16:56:48 +02:00
Sunil Dutt
f8361e3d68 TDLS: Pass peer's VHT Capability information during sta_add
The information of the peer's VHT capability is required for the
driver to establish a TDLS link in VHT mode with a compatible peer.
Pass this information to the driver when the peer station is
getting added.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-25 10:31:50 +02:00
Jouni Malinen
03cd173bd8 WPS: Clear sent_carrier to avoid errors in python script
This is needed to avoid errors when reporting the result of an NFC
connection handover that failed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-24 13:12:32 +02:00
Jouni Malinen
d8ed3a075a WPS: Fix OOB Device Password use in PSK1,PSK1 derivation
WSC specification 2.0 section 7.4 describes OOB password to be expressed
in ASCII format (upper case hexdump) instead of raw binary.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-24 10:57:49 +02:00
Jouni Malinen
f23ce1f032 WPS: Add AP mode NFC connection handover with wpa_supplicant/nfcpy
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-24 10:57:06 +02:00
Jouni Malinen
f3f2ba2e6e WPS NFC: Add connection handover support for ER
wpa_supplicant can now generate the WPS carrier record for connection
handover response when acting as an ER. The AP whose configuration is
provided in this way is identified with an UUID as an argument to
wps-nfc.py.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-24 10:56:29 +02:00
Jouni Malinen
c39fdb8529 WPS: Add wps-er-config command for writing config token from ER
UUID of the AP is specified on the command line to select which
configuration is used.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-24 10:54:18 +02:00
Jouni Malinen
b618a469c4 Interworking: Select highest priority cred if multiple matches
Previously, the credential to use for a connection with a specific BSS
was picked arbitrary based on first found match of each matching
mechanism. While the credential priorities were used elsewhere, this did
not take into account that different mechanisms could find multiple
matching credentials. As such, the highest priority credential was not
always used in case more than one credential matched with the selected
BSS. Fix this by checking credential priorities again during connection
request.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-16 19:57:35 +02:00
Jouni Malinen
8dabf4bb46 GAS server: Fix a regression in GAS server callback
Commit 2d9ffe1e85 broke GAS server
callback for receiving Public Action frames. The incorrect context
pointer was used in the public_action_cb2 case. Fix this to use the
correct context pointer.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-16 19:15:05 +02:00
Srinivasan B
bdaf17489a hostapd: Fix Max SP Length derivation from QoS Info
Hostapd provides QoS info of the STA (Service Period & AC mask) to the
kernel during wpa_driver_nl80211_sta_add call. Bit 5 and Bit 6 of QoS
info represents the Max SP length. Fix an issue in the code to fetch the
Max SP by shifting right the QoS info by value WMM_QOSINFO_STA_SP_SHIFT.
(operator ">" is replaced with ">>" operator).

Signed-off-by: Srinivasan <srinivasanb@posedge.com>
2013-02-16 11:15:13 +02:00
Sunil Dutt
122d16f25d nl80211: Configure STA Capabilities and Extended Capabilities
These are needed to allow drivers to implement all TDLS functionality
properly.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 23:45:48 +02:00
Jouni Malinen
542e7c406d Synchronize with wireless-testing.git include/uapi/linux/nl80211.h
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-15 23:45:02 +02:00
Jouni Malinen
87470ea298 WPS: Fix build without CONFIG_WPS_NFC
Commit bbf41865c9 added calls to functions
that are only defined if CONFIG_WPS_NFC=y. Protect those calls properly
to avoid build issues.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 17:09:24 +02:00
Jouni Malinen
5ab9a6a53e WPS: Add support for NFC handover select generation with wpa_supplicant
When wpa_supplicant is controlling an AP mode interface, it can generate
the alternative carrier record for NFC connection handover select
message similarly to the way this is done in hostapd.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 12:34:55 +02:00
Jouni Malinen
7bfe27778b WPS: Update NFC connection handover documentation
The last couple of changes to the control interface commands for NFC
connection handover had not yet been documented.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 11:51:28 +02:00
Jouni Malinen
bbf41865c9 WPS: Add support for config token generation with wpa_supplicant
When wpa_supplicant is controlling an AP mode interface, it can generate
the NFC configuration token similarly to the way this is done in
hostapd.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 11:47:52 +02:00
Jouni Malinen
23ffcaf172 WPS: Allow password token to be written with nfcpy
This adds write-password option for the nfcpy example script for
wpa_supplicant to match hostapd wps-ap-nfc.py functionality.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 11:34:13 +02:00
Jouni Malinen
042ec551d4 WPS: Use pre-configured NFC password token instead of overriding it
"WPS_NFC_TOKEN <WPS/NDEF>" used to generate a new NFC password token
regardless of whether there was a pre-configured token in the
configuration. Change this to use the pre-configured value, if
available, instead. This allows the same command to be used to write the
password token to an NFC tag more conveniently.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 11:24:29 +02:00
Sunil Dutt
d16531c40c TDLS: Pass peer's Capability and Ext Capability info during sta_add
The contents of the peer's capability and extended capability
information is required for the driver to perform TDLS P-UAPSD and Off
Channel operations. Pass this information to the driver when the peer
station is getting added.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 21:02:34 +02:00
Sunil Dutt
189206dddb Android: Enable TDLS support in the build
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 21:01:54 +02:00
Sunil Dutt
ff4178d57c TDLS: Pass peer's HT Capability and QOS information during sta_add
The information of the peer's HT capability and the QOS information is
required for the driver to perform TDLS operations. Pass this
information to the driver when the peer station is getting added.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 21:01:50 +02:00
Jouni Malinen
e4dea253b7 nl80211: Add debug prints for STA add/set operations
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 21:01:19 +02:00
Jouni Malinen
b8df43dec6 TDLS: Fix add/set STA operation
Commit a9a1d0f08a added vht_capabilities
to struct hostapd_sta_add_params but forgot to update
wpa_supplicant_tdls_peer_addset() to initialize the variable to NULL.
This could result in uninitialized pointer being used in
driver_nl80211.c when adding a TDLS peer entry. Fix this by clearing the
hostapd_sta_add_params with memset.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 21:01:07 +02:00
Jouni Malinen
cd8db7c3ba Synchronize with wireless-testing.git include/uapi/linux/nl80211.h
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-14 21:00:56 +02:00
Jouni Malinen
b4a17a6ea7 WPS: Allow Device Password to be changed from M1 to M2
Registrar is allowed to propose another Device Password ID in M2. Make
Enrollee validate Device Password ID in M2 to check if this happened.
This commit adds support for changing from NFC password token to default
PIN for the case where the AP is the Enrollee and has both the NFC
password token and AP PIN enabled at the same time.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 20:41:14 +02:00
Jouni Malinen
38a5ad6728 WPS: Fix wps_reg nfc-pw option
Commit ffdaa05a6b added support for using
NFC password token from an AP. However, it had a bug that prevented the
wpa_supplicant wps_reg command from being used with "nfc-pw" as the PIN
value. Fix string comparison to handle this correctly.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-14 19:44:54 +02:00
Sunil Dutt
7b44ff2c21 TDLS: Tear down peers when disconnecting from the AP
A TDLS Teardown frame with Reason Code 3 (Deauthenticated because
sending STA is leaving (or has left) IBSS or ESS) shall be transmitted
to all TDLS peer STAs (via the AP or via the direct path) prior to
transmitting a Disassociation frame or a Deauthentication frame to the
AP.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-13 01:19:44 +02:00
Jouni Malinen
a5b5e830a0 P2P: Do not use old scan result data for peer discovery
The driver may have cached (e.g., in cfg80211 BSS table) the scan
results for relatively long time. To avoid reporting stale information,
update P2P peers only based on results that have based on frames
received after the last p2p_find operation was started.

This helps especially in detecting when a previously operating GO stops
the group since the BSS entry for that could live for 30 seconds in the
cfg80211 cache. Running p2p_flush followed by p2p_find will now allow
wpa_supplicant to not add a P2P peer entry for that GO if the group had
been terminated just before that p2p_flush command. Previously, that GO
could have been indicated as a newly found device for up to 30 seconds
after it had stopped the group.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-12 19:25:18 +02:00
Jouni Malinen
c5f10e804a Use more accurate timestamps for scan results
For various P2P use cases, it is useful to have more accurate timestamp
for the peer information update. This commit improves scan result
handling by using a single timestamp that is taken immediately after
fetching the results from the driver and then using that value to
calculate the time when the driver last updated the BSS entry. In
addition, more debug information is added for P2P peer updates to be
able to clearly see how old information is being used here.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-12 19:14:32 +02:00
Jouni Malinen
8b2b2a70ef P2P: Postpone P2P-DEVICE-FOUND if config_methods not known
If we discover a P2P peer based on a Beacon frame from the GO role, we
do not get information about the supported configuration methods. This
can result in issues if the P2P managing entity above wpa_supplicant is
not prepared to handling config_methods=0x0. To avoid this, postpone
reporting of the P2P-DEVICE-FOUND event when this happens on one of the
social channels. It would be good to be able to this on all channels,
but that could result in issues of never indicating the event for a peer
that is operating a GO on a channel that requires passive scanning.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-12 18:24:56 +02:00
Jouni Malinen
954ee628ee P2P: Do not allow peer update to clear config_methods
It could be possible for the scan results to include two entries for a
peer, one from the Listen state and the second one from the GO role. The
latter could be based on a Beason frame. If that happens and the entry
from GO is processed last, the P2P peer config_methods value could
potentially get cleared since Beacon frames do not include this
information in either WPS or P2P element. Avoid this by allowing the
config_methods value for P2P peers to be updated only if the new value
is non-zero.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-12 18:14:48 +02:00
Jouni Malinen
e47588279a WPS: Report NFC connection handover completion differently
Instead of reporting only one connection handover message, report
completion of NFC connection handover with carrier record from both the
request and select messages.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-11 18:43:46 +02:00
Jouni Malinen
ec01d5f6b0 P2P: Avoid concurrent scans during all steps of group formation
Previously, only some P2P states were considered to postpone concurrent
station mode scans during group formation. Especially the WPS
provisioning step was skipped due to issues to scans run on the P2P
client interface (see commit fc6997b345).
This is not ideal since a concurrent scan can slow down group formation
considerably and potentially make it time out. Enforce p2p-in-progress
through all steps of group formation on another interface to address
this.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-11 12:21:03 +02:00
Jouni Malinen
77dfafd07d P2P: Cancel group formation timeout on group removal (on client)
Group formation timeout is normally canceled when 4-way handshake is
completed (WPA_COMPLETED -> wpas_p2p_completed). However, it is possible
for the GO to stop the group before this happens (i.e., send
Deauthentication frame with reason code 3 before 4-way handshake is
completed). This resulted in the group getting removed, but the group
formation timeout left behind. The unexpected timeout may then result in
undesired termination of the following operation. Fix this by canceling
the group formation timeout in wpas_p2p_group_delete() similarly to how
group idle timeout was canceled there.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-10 23:36:52 +02:00
Jouni Malinen
bd692a8b0e WPS: Change listen time to match nfcpy default (250 ms)
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 18:49:20 +02:00
Jouni Malinen
b8dbc5d689 WPS: Report only the carrier record from NFC to wpa_supplicant
Since there could be multiple carrier records, it is cleaner to report
only the WPS carrier record instead of full NFC connection handover
select to wpa_supplicant.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 18:42:43 +02:00
Jouni Malinen
bbaaaee171 WPS: Fetch only the carrier record from wpa_supplicant for NFC
Since there could be multiple carrier records, it is cleaner to build
only the WPS carrier record instead of full NFC connection handover
request within wpa_supplicant.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 18:19:59 +02:00
Jouni Malinen
51e985dd84 WPS: Update nfcpy script to support AP mode NFC connection handover
Initialize NFC connection handover as the server and reply with WPS
carrier record in connection select.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 17:24:43 +02:00
Jouni Malinen
6772a90ad0 WPS: Add command for fetching carrier record for NFC handover
Control interface command "NFC_GET_HANDOVER_SEL NDEF WPS-CR" can now be
used to fetch WPS carrier record from hostapd.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 17:12:55 +02:00
Jouni Malinen
cf78e2acc8 WPS: Clean up debug prints with nfcpy
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 16:27:59 +02:00
Jouni Malinen
8414860422 WPS: Remove 0.5 sec extra wait from NFC handover with nfcpy
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 16:27:14 +02:00
Jouni Malinen
dc6bda1123 WPS: Use alternating poll/listen for NFC peer discovery with nfcpy
This is needed to find the NFC peer to avoid cases where both devices
could be using the same operation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 16:25:20 +02:00
Jouni Malinen
8140ae969b WPS: Configure logging to show nfcpy log message
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 16:20:25 +02:00
Jouni Malinen
68f51f9af8 WPS: Add an example python script for NFC operations with hostapd
wps-ap-nfc.py uses nfcpy and python-wpactrl to support NFC operations
with hostapd for WPS operations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-09 20:44:15 +02:00
Johannes Berg
3aea5fbe3b hostapd: Do not change HT40 capability due to OBSS scan
The capability itself isn't really affected by an OBSS
scan, only the HT operation must then be restricted to
20 MHz. Change this, and therefore use the secondary
channel configuration to determine the setting of the
OP_MODE_20MHZ_HT_STA_ASSOCED flag.

This shouldn't really change anything functionally,
it just makes the code a little less confusing and
is also needed to implement more dynamic bandwidth
changes if ever desired.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-02-09 12:16:58 +02:00
Peter Wu
a24a5ccb28 dbus: Add missing signal description for WPS (7)
Commit caff399250 added a property named
"WPS" to the dbus interface. It did not add the new
WPAS_DBUS_BSS_PROP_WPS property to the function responsible for marking
changed properties though. This cause the following messages to be
printed repeatedly to syslog:

    dbus: wpas_dbus_bss_signal_prop_changed: Unknown Property value 7

Signed-hostap: Peter Wu <lekensteyn@gmail.com>
2013-02-09 12:13:54 +02:00
Jouni Malinen
9ca8427486 EAP peer: Add Session-Id derivation to more EAP methods
This commit adds Session-Id derivation for EAP-SIM, EAP-AKA, EAP-AKA',
EAP-PSK, and EAP-SAK peer methods.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-09 01:20:45 +02:00