Prepare for new extended capabilities bits by checking that the local
buffer is large enough to contain all the bits the driver requests. The
existing buffers are large enough to include anything defined until now,
but it would be possible to add more definitions in the future, so
increase them a bit as well to make this more future proof.
Signed-off-by: Jouni Malinen <j@w1.fi>
Instead of allowing the connection attempt to occur with an unsupported
inner method, check for that explicitly at the time the network block is
added and drop the network if the identified inner method is not
supported.
Signed-off-by: Jouni Malinen <j@w1.fi>
This cannot really be NULL in practice since cred->eap_method would
point to a valid EAP method. Anyway, to avoid false positive from
analyzers, check the pointer explicitly before printing it.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is mainly to keep static analyzers silent since it does not look
like this code path can be reached in practice due to the way
association events are handled and current_ssid is either set before
resched here or the association is rejected. Anyway, if this could be
reached, the wpa_supplicant_set_wpa_none_key() call would end up
dereferencing a NULL pointer, so add an explicit check to make sure that
does not happen.
Signed-off-by: Jouni Malinen <j@w1.fi>
If the offchannel TX frame command was offloaded to the driver in
offchannel_send_action(), we must not send another copy of the frame if
a remain-on-channel event happens to be delivered between this TX
command and the matching TX status event. It was possible for the
duplicated frame to cause problems, e.g., with P2P invitation exchange
if the same Invitation Request frame got sent twice and only the first
one getting accepted by the peer.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The dynamically allocated struct wpa_external_work contains the name of
the radio work in the type field and this is used in a debug print
within radio_work_done(). Re-order radio_work_done() and os_free() calls
on couple of paths where the memory was freed before that final user of
the buffer.
Signed-off-by: Jouni Malinen <j@w1.fi>
wpa_supplicant was giving below error when "CONFIG_MODULE_TESTS=y" and
"CONFIG_P2P=y" are in .config file:
"wpas_module_tests.c:84: undefined reference to `wps_module_tests'"
This error is coming because "CONFIG_WPS=y" is commented out in .config
file but CONFIG_WPS is getting enabled by CONFIG_P2P in Makefile.
Signed-off-by: Amit Khatri <amit.khatri@samsung.com>
For one specific case when running with Interworking enabled the
re-initialisation of the scan timer is missing. This makes auto connect
to a configured network fail.
The case is:
- Interworking credentials available, but do not match
- Auto interworking is enabled (auto_interworking=1)
- Interworking auto select is disabled (i.e., this is from
auto_interworking=1, not from INTERWORKING_SELECT auto)
- No configured (enabled and non blacklisted) networks are present
in scan results list with full match
- Interworking finds matching networks (it does not do full security
policy match)
This patch covers the case and re-initialises the scan timer to allow
search for a suitable network to continue.
Signed-off-by: Mikael Kanstrup <mikael.kanstrup@sonymobile.com>
This makes the operations more consistent when going through multiple
persistent group re-invocation sequences in a row. Each invitation needs
to be accepted separately if persistent reconnect is not enabled.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds [DMG] and [PBSS] flags for scan results and BSS table entries
using the IEEE Std 802.11ad-2012 updated definition of the Capability
field.
Signed-off-by: Boris Sorochkin <qca_bsoroc@qca.qualcomm.com>
This patch adds epoll option for the eloop implementation. This can be
selected with the CONFIG_ELOOP_EPOLL=y build option.
[merit]
See Table1.
Table1. comparison table
+--------+--------+-----------+------------+-------------+
| | add fd | remove fd | prepare fd | dispatch fd |
+--------+--------+-----------+------------+-------------+
| select | O(1) | O(1) | O(N) | O(N) |
+--------+--------+-----------+------------+-------------+
| poll | O(1) | O(1) | O(N) | O(N) |
+--------+--------+-----------+------------+-------------+
| epoll | O(1) | O(1) | 0 | O(M) |
+--------+--------+-----------+------------+-------------+
"add fd" is addition of fd by eloop_sock_table_add_sock().
"remove fd" is removal of fd by eloop_sock_table_remove_sock().
"prepare fd" is preparation of fds before wait in eloop_run().
"dispatch fd" is dispatchment of fds by eloop_sock_table_dispatch().
"N" is all watching fds.
"M" is fds which could be dispatched after waiting.
As shown in Table1, epoll option has better performance on "prepare fd" column.
Because select/poll option requires setting fds before every select()/poll().
But epoll_wait() doesn't need it.
And epoll option has also better performance on "dispatch fd" column.
Because select/poll option needs to check all registered fds to find out
dispatchable fds. But epoll option doesn't require checking all registered fds.
Because epoll_wait() returns dispatchable fd set.
So epoll option is effective for GO/AP functionality.
[demerit]
The epoll option requires additional heap memory. In case of P2P GO, it is
about 8K bytes.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
The group object is already registered on DBus at that point, thus wpa_s
structure holds its path already.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Fixes a minor mistake: the p2p_info structure should be used here
instead of the peer_handler_args one.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
These signals delivers an array of key/value pairs, thus declaring those
as it should.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
When there is a pending WPS negotiation for P2P and signal interrupt is
triggered, invalid read occurs in wpas_wps_terminate_pending() if
wpas_p2p_disconnect() removed the interface. Inverting deinit order
solves the issue.
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
The radio works for the interface get removed if interface is disabled.
This could have left P2P module in invalid state if the interface got
disabled during a p2p_find or p2p_listen operation. Clear the state in
such a case to avoid blocking following operations due to P2P module
assuming it is still in progress of doing something.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This new command can be used to simulate driver events without having to
go through the driver wrapper or kernel code for this. This enables more
testing coverage with hwsim.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It looks like there was a possible sequence for wpa_s->scan_req to be
MANUAL_SCAN_REQ at the moment a GO is to be started. This could result
in the "Request scan (that will be skipped) to start GO" to actually not
skip the scan and end up stuck waiting for something external to trigger
a scan before the GO could be started. Fix this by clearing
wpa_s->scan_req when deciding to start the GO.
This issue could be hit at least by first enabling autoscan and then
issuing P2P_GROUP_ADD. Other sequences that set wpa_s->scan_req to
MANUAL_SCAN_REQ without going through wpa_supplicant_scan() to clear it
immediately could also have similar effect (and there is even a small
window for the wpa_supplicant_scan() call to happen only after the
P2P_GROUP_ADD command is processed, so this could potentially have
happened even with SCAN + P2P_GROUP_ADD).
Signed-off-by: Jouni Malinen <j@w1.fi>
Commit 41d5ce9e0b was intended to scan for
GO on the negotiated channel for few iterations, but it did not work
correctly due to incorrect operator being used. Fix this by requiring
both conditions to be met for the single channel scan.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
On receiving CHANNEL_LIST_CHANGED event from driver, verify that local
GO (if any) is operating in valid frequency. If not, we should remove
the group and reform on valid frequency. Indicate this similarly to the
avoid-frequency notification (i.e., a control interface message for
upper layers to react to this for now; potentially CSA later).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This command allows to copy network variable from one network to
another, e.g., to clone the psk field without having to extract it from
wpa_supplicant.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Valgrind indicates reference to already freed memory if function
wpa_config_remove_network() is called prior to calling
wpa_supplicant_deauthenticate(), and this can lead to a crash.
Inverting the call order fixes the problem.
Signed-off-by: Hannu Mallat <hannu.mallat@jollamobile.com>
The new command line argument -e can be used to request the server to
send EAP-Key-Name in Access-Accept. If both the local EAP peer
implementation and server provide the EAP Session-Id, compare those
values and indicate in debug log whether a match was seen.
Signed-off-by: Jouni Malinen <j@w1.fi>
This extends Interworking network selection to enable FT-EAP as an
optional key_mgmt value to allow FT to be used instead of hardcoding
WPA2-Enterprise without FT.
Signed-off-by: Jouni Malinen <j@w1.fi>
No need to call ibss_rsn_deinit() again since it is already being called
by wpa_supplicant_mark_disassoc().
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
Do not perform extended listen period operations when either a P2P
connection is in progress. This makes the connection more robust should
an extended listen timer trigger during such an operation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
No need to use ENOBUFS within core wpa_supplicant, so just replace it
with -1 to work arounds MinGW build issues.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add a new wowlan_triggers option to wpa_supplicant.conf. The triggers in
this key will be used to configure the kernel wowlan configuration.
For now, support only simple flags. More complex triggers can be added
later on.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
This was supposed to end with a newline character so that parameters are
aligned in configuration file.
Signed-off-by: Sreenath Sharma <sreenats@broadcom.com>
The previous check for dl_list_len() or having an entry from the list is
sufficient, but some static analyzers cannot figure out that
dl_list_first() and dl_list_last() will return non-NULL in this type of
cases. Avoid invalid reports by explicitly checking for NULL.
Signed-off-by: Jouni Malinen <j@w1.fi>
The check based on last_scan_res_used is sufficient for making sure that
last_scan_res is allocated. However, it is a bit too complex for static
analyzers to notice, so add an explicit check to avoid bogus reports.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It is possible for the disconnection event from the driver to not get
delivered when interface is disabled. To maintain consistent ctrl_iface
event behavior, indicate CTRL-EVENT-DISCONNECTED in such a case if we
were in connected state.
Signed-off-by: Jouni Malinen <j@w1.fi>
If two config files are merged together, the ssid and cred blocks may
not have been processed correctly since the tail pointers were not
updated to the last entry from the first configuration file.
Signed-off-by: Jouni Malinen <j@w1.fi>
Previously, the frequency conflict was handled only during the
association flow. However, some drivers, e.g., mac80211 based
drivers, will fail an authentication request in case that there
are no available channels for use (as they might be used by
other interfaces), and thus the frequency conflict resolution
is never called.
Fix this by calling frequency conflict resolution during
authentication (SME-in-wpa_supplicant) as well.
In addition, get the shared radio frequency from the wpa_s context in
both the SME-in-driver and SME-in-wpa_supplicant cases and not from the
driver.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
The normal scan counter is used to trigger a few normal scans before a
scheduled scan is issued. The reason for doing this is that we get
results faster and some drivers support more SSIDs per normal scan
than during sched scan. After 2 normal scans, we start using
sched_scan. But the problem is that when a connection succeeds, we do
not reset this counter, so we will keep using sched scans.
To fix this, now we reset the counter when we switch to WPA_COMPLETED
state.
Signed-off-by: Luciano Coelho <luciano.coelho@intel.com>
This avoids large number of undesired compiler warnings since Android
build system is added -Wextra.
Signed-off-by: Greg Hackmann <ghackmann@google.com>
This allows the specific SIM to be identified for authentication
purposes in multi-SIM devices. This SIM number represents the index of
the SIM slot. This SIM number shall be used for the authentication using
the respective SIM for the Wi-Fi connection to the corresponding
network.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>