Commit graph

153 commits

Author SHA1 Message Date
Jouni Malinen
0096c42740 Do not enable bgscan when driver takes care of BSS selection
There is no need to request periodic bgscans when the driver claims
to have capability for roaming within ESS. Ignoring the bgscan
configuration allows the same configuration file to be used both
with drivers the handle roaming and with drivers that don't.
2011-09-26 15:17:01 +03:00
Jouni Malinen
22628eca34 Support driver-based BSS selection in ap_scan=1 mode
If the driver indicates that it supports BSS selection (including
roaming within an ESS) with WPA_DRIVER_FLAGS_BSS_SELECTION, modify
ap_scan=1 mode to behave like ap_scan=2 mode for BSS selection.

The initial scan is still done to avoid the need for strict
configuration of or security parameters (e.g., to figure out whether
TKIP or CCMP is being used as the group cipher). However, when
requesting the driver to connect, the bssid and freq parameters are
not provided to leave the driver in control of selecting which BSS
to use and to allow the driver to decide when to roam.
2011-09-26 14:57:23 +03:00
Edward Lu
cf546f1a03 Make sure wpa_proto gets cleared for WPS and non-WPA connections
This is needed to fix the wpa_proto association parameter for drivers
that select AP based on security parameters internally.
2011-09-08 17:51:08 +03:00
Jouni Malinen
d8a790b922 Flush PMKSA cache entries and invalidate EAP state on network changes
If a network configuration block is removed or modified, flush
all PMKSA cache entries that were created using that network
configuration. Similarly, invalidate EAP state (fast re-auth).

The special case for OKC on wpa_supplicant reconfiguration
(network_ctx pointer change) is now addressed as part of the
PMKSA cache flushing, so it does not need a separate mechanism
for clearing the network_ctx values in the PMKSA cache.
2011-09-07 17:46:00 +03:00
Jouni Malinen
64fa840a97 nl80211: Fix WPA_VERSIONS attribute for Connect command
The previous code was trying to figure out which WPA version is
used based on the extra IEs requested for Association Request. That
did not work properly in cases where non-WPA networks are used with
some extra IEs. Fix this by using more robust mechanism for passing
the WPA versions from core wpa_supplicant to the driver_ops
associate().
2011-09-02 20:40:23 +03:00
Jouni Malinen
ffad885837 P2P: Set p2p auth/assoc parameter based on connection type
Fix the previous code that was hardcoding the p2p parameter based
on the driver P2P capability regardless of whether the connection
was really used for P2P or not.
2011-07-17 20:52:49 +03:00
Jouni Malinen
7b7ce8aa13 Deauthenticate on reconfiguration
This makes sure that the old connection is not maintained if the new
configuration does not allow it anymore. In addition, it is better to
use wpa_supplicant_clear_connection() instead of just clearing
wpa_s->current_ssid here to keep things in sync.
2011-07-16 16:57:11 +03:00
Jouni Malinen
7dcdcfd68d P2P: Start GO without extra scan step
There are some corner cases, where the wpa_supplicant_req_scan() call
may end up scheduling a scan even if we are about to start a GO. Avoid
this by explicitly marking the GO network to be selected for the next
connection.
2011-06-21 11:47:03 +03:00
Jouni Malinen
38e24575c1 random: Add support for maintaining internal entropy store over restarts
This can be used to avoid rejection of first two 4-way handshakes every
time hostapd (or wpa_supplicant in AP/IBSS mode) is restarted. A new
command line parameter, -e, can now be used to specify an entropy file
that will be used to maintain the needed state.
2011-05-31 20:07:11 +03:00
Jouni Malinen
849b5dc78b Update driver country info on 'SET country <value>' 2011-04-15 17:00:01 +03:00
Jouni Malinen
95cb2d88e9 TDLS: Verify that scan results for BSS are available before using them 2011-04-14 19:50:26 +03:00
Dmitry Shmidt
67b9bd089b Make scan interval configurable
It is now possible to configure the the time in seconds that
wpa_supplicant waits before requesting a new scan after failing to find
a suitable network in scan results.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-04-11 23:14:38 +03:00
Paul Stewart
14dc00115e dbus: Add "excessive" to debug_strings
The "debug_strings" private array in dbus_new_handles.c has fallen out
of sync with wpa_debug.h. Add the new "excessive" level to the head of
the list, realigning everything.

Signed-off-by: Paul Stewart <pstew@google.com>
2011-03-31 17:38:08 +03:00
Jouni Malinen
78177a000e RSN IBSS: Restart IBSS state machines for each new IBSS
Change the old design of running a single long living RSN IBSS
instance to keep a separate instance for each IBSS connection.
This fixes number of issues in getting keys set properly for
new connections and is in general quite a bit more correct
design.
2011-03-23 21:15:46 +02:00
Jouni Malinen
d47fa330b8 random: Read /dev/random in the background with eloop read socket
This makes it more likely to be able to fetch the 20 octet seed from
/dev/random in cases where other programs may also be competing for
this.
2011-03-22 23:15:00 +02:00
Sam Leffler
78633c3709 wpa_supplicant: Parameterize BSS table expiration age + count
Replace compile-time BSS cache expiration age and scan count by config
parameters that can be set via wpa_cli and the new D-Bus API. The latter
is done with interface properties BSSExpireAge and BSSExpireCount.
2011-03-20 12:40:59 +02:00
Paul Stewart
cfe53c9aa5 wpa_supplicant: Start bgscan on COMPLETED, not ASSOCIATED
Move the code snippet to switch on bgscan over to wpa_supplicant.c
from event.c, so that it can be activated on wpa_supplicant_set_state().
Also create a centralized place to switch off bgscan. bgscan is now
turned on in COMPLETED, not ASSOCIATED.
2011-03-20 12:27:03 +02:00
Paul Stewart
5bbf9f1086 Add DBus state change notification for AuthMode property
Signed-off-by: Paul Stewart <pstew@google.com>
2011-03-15 13:54:59 +02:00
Paul Stewart
cf83fb0b5b wpa_supplicant: Add wpa_supplicant_get_eap_mode method
Signed-off-by: Paul Stewart <pstew@google.com>
2011-03-15 13:53:08 +02:00
Jouni Malinen
52c9e6f3f5 TDLS: Do not allow setup to be started if AP prohibits TDLS 2011-03-06 14:54:49 +02:00
Ganesh Prasadh
281ff0aa76 TDLS: Add initial support for TDLS (IEEE Std 802.11z-2010) 2011-03-06 14:53:49 +02:00
Jouni Malinen
9e0749737c Update copyright notices to include the new year 2011-02-27 12:50:00 +02:00
Ben Greear
48b84f18a3 Wait 1 second before (re)scanning on authentication timeout
If we timed out, the AP or the local radio may be busy.
So, wait a second until scanning again.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-02-24 17:16:16 +02:00
Ben Greear
e29853bbff SME: Add timers for authentication and asscoiation
mac80211 authentication or association operation may get stuck for some
reasons, so wpa_supplicant better use an internal timer to recover from
this.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-02-24 16:59:46 +02:00
Jouni Malinen
50b16da13f Fix CONFIG_NO_STDOUT_DEBUG=y build 2011-02-10 20:24:06 +02:00
Ben Greear
f049052b9e Use wpa_msg() instead of wpa_printf()
This converts number of debugging messages to use wpa_msg() in order
to allow the interface name to be shown with the messages.

A new function, wpa_dbg(), is introduced to allow
CONFIG_NO_STDOUT_DEBUG=y builds to remove the debug strings. This is
otherwise identical with wpa_msg(), but it gets compiled out if stdout
debugging is disabled.
2011-02-10 20:14:46 +02:00
Ben Greear
4f1495aefa Add interface name to wpa_msg() output
This makes log files much more readable if multiple interfaces
are being controlled by the same process. The interface name is
added to stdout/file/syslog entries, but not to the messages
sent to control interface monitors to avoid issues with parsing
in external programs.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-02-06 20:39:34 +02:00
Jouni Malinen
0382097ef3 Use set_key addr to distinguish default and multicast keys
Previously, both NULL and ff:ff:ff:ff:ff:ff addr were used in various
places to indicate default/broadcast keys. Make this more consistent
and useful by defining NULL to mean default key (i.e., used both for
unicast and broadcast) and ff:ff:ff:ff:ff:ff to indicate broadcast
key (i.e., used only with broadcast).
2011-01-09 19:44:28 +02:00
Jouni Malinen
da64c266e7 Use more consistent set_key seq value when nothing is being set
Use NULL instead of (u8 *) "" as the seq value and make sure the
driver wrapper implementations can handle NULL value. This was
previously already done in number of places, but not everywhere.
2011-01-09 12:09:04 +02:00
Jouni Malinen
5e8b237864 Fix CONFIG_SME build without CONFIG_IEEE80211W 2010-12-19 12:44:58 +02:00
Jouni Malinen
7d878ca769 Use SA Query procedure to recovery from AP/STA state mismatch
If a station received unprotected Deauthentication or Disassociation
frame with reason code 6 or 7 from the current AP, there may be a
mismatch in association state between the AP and STA. Verify whether
this is the case by using SA Query procedure. If not response is
received from the AP, deauthenticate.

This implementation is only for user space SME with
driver_nl80211.c.
2010-12-19 11:58:00 +02:00
Ben Greear
c577db2afd Add interface name to some debug prints
This makes it easier to figure out what is happening when controlling
multiple interfaces from a single wpa_supplicant process.
2010-11-26 21:16:36 +02:00
Jouni Malinen
871f4dd069 Allow driver wrappers to indicate whether result codes are sane
Some drivers are not providing exactly reliable error codes (e.g.,
with WEXT), but others may actually indicate reliable information.
Allow driver wrappers to indicate if that is the case and use
optimizations if so. For now, this improves nl80211 with
NL80211_CMD_CONNECT for a case where connection request fails.
2010-11-26 17:41:21 +02:00
Jouni Malinen
0fb337c121 Extend load balancing optimization in BSS blacklisting
Move the previously SME specific optimization code into generic
function that can be used from non-SME code, too, and use it to
handle disconnection events. In other words, allow disconnection
event to trigger similar optimized scanning case to handle a
common load balancing mechanism. If there is another BSS in the
same ESS when we receive a disconnection event, scan only the
known frequencies of such other BSSes on the next attempt to
speed up recovery.
2010-11-26 11:36:03 +02:00
Jouni Malinen
f47d639d49 SME: Optimize recovery from common load balancing mechanisms
When authentication or association fails when trying to connect to
a BSS in an ESS that has multiple BSSes based on previous scans,
limit the first recovery scan to only the known channels that has
been seen previously. This speeds up recovery in some of the most
commonly used load balancing mechanisms in enterprise WLAN
networks.
2010-11-25 22:51:56 +02:00
Samuel Ortiz
74b1c84a0b wpa_supplicant: Test all compiled drivers before failing
wpa_supplicant_set_driver() is returning an error if the first driver
in the driver list is not built in. It should continue through the
driver list until it finds one that's built in.
2010-11-09 16:45:27 +02:00
Felix Fietkau
99ac2913d8 wpa_supplicant: Fix port state management without IEEE8021X_EAPOL
If IEE8021X_EAPOL is not enabled in the config, wpa_drv_set_supp_port
must be called from the supplicant, otherwise port will not be
activated after association.
2010-11-09 16:31:33 +02:00
Jouni Malinen
2f9c6aa665 Fix memory leak in P2P build without MLME
The ieee80211_sta_free_hw_features() function is now used outside
the MLME code, so better make sure it gets included in the build
to avoid leaking memory.
2010-10-27 11:26:46 +03:00
Jouni Malinen
f19858f5a8 Show wpa_supplicant version number in the debug log 2010-10-22 11:50:34 +03:00
Jouni Malinen
c4ea4c5c90 P2P: Allow driver wrapper to indicate how many stations are supported
This can be used to limit the number of clients allowed to connect
to the group on the GO.
2010-09-09 07:17:21 -07:00
Jouni Malinen
eea2fd9eff P2P: Add mechanism for configuring UAPSD parameters for group
This is needed to be able to change parameters for dynamically
created interfaces between the creation of the interface and
association/start AP commands.

Following ctrl_interface commands can now be used:

P2P_SET client_apsd disable
- disable configuration (i.e., use driver default) in client mode

P2P_SET client_apsd <BE>,<BK>,<VI>,<VO>;<max SP Length>
- enable UASPD with specific trigger configuration (0/1) per AC
  (max SP Length is currently ignored)

P2P_SET go_apsd disable
- disable configuration (i.e., use driver default) in AP mode

P2P_SET go_apsd <0/1>
- disable/enable APSD in AP mode
2010-09-09 07:17:21 -07:00
Jouni Malinen
72044390f3 P2P: Add support for cross connection
If enabled, cross connection allows GO to forward IPv4 packets
using masquerading NAT from the P2P clients in the group to an
uplink WLAN connection. This is disabled by default and can be
enabled with "wpa_cli p2p_set cross_connect 1" on the P2P device
interface.
2010-09-09 07:17:20 -07:00
Jouni Malinen
4c08c0bd57 P2P: Include P2P IE in (Re)AssocReq to infra AP if it uses P2P IE
While this is not strictly speaking required by the P2P specification
for a not-P2P Managed Device, this can provide useful information for
the P2P manager AP and may be needed to pass certification tests.
2010-09-09 07:17:20 -07:00
Jouni Malinen
43a3863516 Trigger scan on reload-config only if there are enabled networks 2010-09-09 07:17:20 -07:00
Jouni Malinen
5f3a6aa0a4 P2P: Add P2P IE into (Re)Association Request frames 2010-09-09 07:17:17 -07:00
Jouni Malinen
6e3f4b89ea P2P: Let the driver wrapper know if association is for P2P group 2010-09-09 07:17:17 -07:00
Jouni Malinen
b22128efdc P2P: Add initial version of P2P Module 2010-09-09 07:17:17 -07:00
Jouni Malinen
fdadd5fe03 P2P: Do not register l2_packet on dedicated P2P device interface 2010-09-09 07:17:17 -07:00
Jouni Malinen
4dac02455a P2P: Use config block with disabled==2 to store persistent groups 2010-09-09 07:17:17 -07:00
Jouni Malinen
2c5d725c65 P2P: Add dynamic network config block parameters for P2P 2010-09-09 07:17:16 -07:00