Previously, when wpa_supplicant received bgscan results with a preferred
network, it connected to that network without disconnecting from the
previous one. This might result in an inconsistent state of upper
layers.
Fix this by disconnecting from the current AP before connecting to the
new one when the network profile changes and there is an existing
connection.
Signed-off-by: Ayala Beker <ayala.beker@intel.com>
If scan results arrive during the connection process, the network
selection function was called, interrupting the current connection.
While a regular scan is mutually exclusive with connection establishment
via the nature of radio work, there's no such protection for scheduled
scan. Prevent network selection while a connection is in progress.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Fix wpas_p2p_invite() to call p2p_set_own_pref_freq_list() after the
NULL check, to avoid NULL pointer dereference if P2P initialization were
to have failed or P2P module getting deinitialized.
Signed-off-by: Ayala Beker <ayala.beker@intel.com>
The full VHT channel information was not set in the hostapd data
structures which resulted in incorrect information (all zeros) being
used when building the VHT Operation element for peering messages while
the actual driver mode was set with the full details. We did not seem to
use the VHT information from peering messages, so this does not change
behavior with another wpa_supplicant-based mesh implementation. Anyway,
these elements should match the ones used in Beacon frames.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the internal TLS client implementation to accept
CertificateStatus message from the server when trying to use OCSP
stapling. The actual OCSPResponse is not yet processed in this commit,
but the CertificateStatus message is accepted to allow the TLS handshake
to continue.
Signed-off-by: Jouni Malinen <j@w1.fi>
This adds support for optional functionality to validate server
certificate chain in TLS-based EAP methods in an external program.
wpa_supplicant control interface is used to indicate when such
validation is needed and what the result of the external validation is.
This external validation can extend or replace the internal validation.
When ca_cert or ca_path parameter is set, the internal validation is
used. If these parameters are omitted, only the external validation is
used. It needs to be understood that leaving those parameters out will
disable most of the validation steps done with the TLS library and that
configuration is not really recommend.
By default, the external validation is not used. It can be enabled by
addingtls_ext_cert_check=1 into the network profile phase1 parameter.
When enabled, external validation is required through the CTRL-REQ/RSP
mechanism similarly to other EAP authentication parameters through the
control interface.
The request to perform external validation is indicated by the following
event:
CTRL-REQ-EXT_CERT_CHECK-<id>:External server certificate validation needed for SSID <ssid>
Before that event, the server certificate chain is provided with the
CTRL-EVENT-EAP-PEER-CERT events that include the cert=<hexdump>
parameter. depth=# indicates which certificate is in question (0 for the
server certificate, 1 for its issues, and so on).
The result of the external validation is provided with the following
command:
CTRL-RSP-EXT_CERT_CHECK-<id>:<good|bad>
It should be noted that this is currently enabled only for OpenSSL (and
BoringSSL/LibreSSL). Due to the constraints in the library API, the
validation result from external processing cannot be reported cleanly
with TLS alert. In other words, if the external validation reject the
server certificate chain, the pending TLS handshake is terminated
without sending more messages to the server.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new wpa_supplicant control interface command "TEST_ASSOC_IE
<hexdump>" can now be used to override the WPA/RSN IE for Association
Request frame and following 4-way handshake to allow protocol testing of
AP side processing of WPA/RSN IE.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new methods are
1. VendorElemAdd "i" "ay" i=integer ay=array of bytes
2. VendorElemGet "i" i=integer (output array of bytes)
3. VendorElemRem "i" "ay" i=integer ay=array of bytes
These provide functionality similar to the control interface commands
VENDOR_ELEM_ADD, VENDOR_ELEM_GET, and VENDOR_ELEM_REMOVE.
Signed-off-by: Avichal Agarwal <avichal.a@samsung.com>
Signed-off-by: Purushottam Kushwaha <p.kushwaha@samsung.com>
Signed-off-by: Kyeong-Chae Lim <kcya.lim@samsung.com>
Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
Signed-off-by: Dilshad Ahmad <dilshad.a@samsung.com>
[VendorElemGet to return array of bytes instead of string; cleanup]
Signed-off-by: Jouni Malinen <j@w1.fi>
This was already working for the case where a separate group interface
is used due to the recent commit
328f49acfe ('P2P: Complete group formation
on client data connection'). However, the case of no separate group
interface was used did not clear the interface state properly on data
connection. Fix this by setting the group formation information in
wpas_start_p2p_client().
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Commit f05cee9714 ('P2P: Clear
p2p_in_invitation on cancel') added a wpas_p2p_cancel() case to call
wpas_p2p_group_formation_failed() if wpa_s->p2p_in_invitation is set.
This is done in a loop going through wpa_s->next pointers. However, the
call here can result in removing the interface and freeing wpa_s. The
following attempt to read wpa_s->next is from freed memory and that can
result in process termination when using a separate P2P group interface
and issuing P2P_CANCEL on a group that was started through re-invocation
of a persistent group.
The recent commit 328f49acfe ('P2P:
Complete group formation on client data connection') "fixed" this by
accident since wpa_s->p2p_in_invitation gets cleared in the sequence
that could hit this issue and this results in P2P_CANCEL getting
rejected. However, the real bug here is in the loop that continues after
possible wpa_s instance deletion. Fix that by breaking out of the loop.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes it easier to share the OCSP implementation needed for
BoringSSL outside tls_openssl.c. For now, this is mainly for
http_curl.c.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This was already the case in the GO role where the first client
connection is waited before marking
wpa_s->p2p_go_group_formation_completed = 1 and clearing
wpa_s->global->p2p_group_formation. However, in the P2P Client role,
that was done already at the completion of the WPS exchange. This can be
problematic since group formation timeout may still try to clear the
group and with wpa_s->global->p2p_group_formation == NULL, the correct
group interface may not be found.
Fix this by postponing clearing of wpa_s->global->p2p_group_formation on
the P2P Client side until the data connection has been completed and
group is declared started.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the control interface SET command to be used to update the
sched_scan_plans parameter at runtime. In addition, an empty string can
be used to clear the previously configured plan.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add the option to configure scheduled scan plans in the config file.
Each scan plan specifies the interval between scans and the number
of scan iterations. The last plan will run infinitely and thus
specifies only the interval between scan iterations.
usage:
sched_scan_plans=<interval:iterations> <interval2:iterations2> ... <interval>
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Add 'scan plans' to driver scan parameters for scheduled scan.
Each 'scan plan' specifies the number of iterations to run the scan
request and the interval between iterations. When a scan plan
finishes (i.e., it was run for the specified number of iterations),
the next scan plan is executed. The last scan plan will run
infinitely.
The maximum number of supported scan plans, the maximum number of
iterations for a single scan plan and the maximum scan interval
are advertised by the driver.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
A hwsim test sequence was able to hit a SIGSEGV in
p2p_go_save_group_common_freqs() called by p2p_go_configured() callback
in a case where a non-P2P AP mode operation is started in wpa_supplicant
(wpas_ap_wep test case). This callback should not have happened for
non-P2P case and the debug logs did not make it clear how this could
happen. In addition, it is unclear how this could be reproduced.
To avoid this type of issues, clear the wpa_s->ap_configured_cb pointer
as soon as the first call to the function happens. In addition, verify
that wpa_s->go_params is available before processing the GO configured
callback.
Signed-off-by: Jouni Malinen <j@w1.fi>
These will be used with the internal TLS implementation to extend hash
algorithm support for new certificates and TLS v1.2.
Signed-off-by: Pali Rohár <pali.rohar@gmail.com>
This may speed up some hwsim test case sequencies by avoiding a wait for
a scan at the end of a test case to complete.
Signed-off-by: Jouni Malinen <j@w1.fi>
Connect radio work is sometimes delayed for a considerable duration if
there is an ongoing scan radio work. To avoid these delays abort the
ongoing scan on that interface before queuing a connect request. Upon a
scan done indication from the driver, connect radio work will be
scheduled.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds the driver interface commands for issuing a request to abort
an ongoing scan operation.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This is needed to avoid hitting WEP/TKIP detection in
ibss_mesh_setup_freq() if the previous connection used WEP or TKIP.
Previously, that could have resulted in VHT and HT getting disabled for
the mesh connection.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
A new network profile configuration parameter max_oper_chwidth=3 can be
used to specify preference to enable 80+80 MHz VHT channel for IBSS. If
that is set, the first 80 MHz segment is specified based on the
frequency parameter in the network profile and the second segment is
selected automatically (which will practically be limited to a single
possibility due to DFS requirements in most countries).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The new max_oper_chwidth and freq2 arguments to P2P_CONNECT, P2P_INVITE,
and P2P_GROUP_ADD control interface commands can be used to request
larger VHT operating channel bandwidth to be used than the previously
used maximum 80 MHz.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This extends the previous design that covered only the VHT 80 MHz cases
for VHT channel flags. New functions are introduced to allow 160 MHz
bandwidth cases to determine the center channel and check availability
of a 160 MHz channel.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This adds definitions for the global operating classes 129 and 130 for
VHT 80+80 MHz and 160 MHz use cases.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, MB IEs were parsed only from association event. Try to get
MB IEs from other management frames like Probe Response frames. The MB
IEs from the association event may not be up-to-date and in some cases
may actually be missing and updating the information based on other
frames can improve robustness of FST exchanges.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
There was only a single file remaining in this directory. All the other
old test functionality has been moved under the top level tests
directory. Move the remaining file to the wpa_supplicant directory to
get rid of the subdirectory.
Signed-off-by: Jouni Malinen <j@w1.fi>
The old wpa_supplicant/Makefile target test-eap_sim_common did not work
anymore and anyway, this test is better placed in the newer hwsim
framework to make sure the test case gets executed automatically.
Signed-off-by: Jouni Malinen <j@w1.fi>
These wpa_supplicant test programs have not been maintained for years
and it would take significant effort to get these into working state.
Since there does not seem to be any real need for these based on lack of
maintenance, it is easier to just drop these tools for now.
Signed-off-by: Jouni Malinen <j@w1.fi>
Number of places were calling functions that are not included in
CONFIG_NO_WPA=y build anymore. Comment out such calls. In addition, pull
in SHA1 and MD5 for config_internal.c, if needed.
Signed-off-by: Jouni Malinen <j@w1.fi>
When an invitation to join an existing group is accepted by the
peer device, set p2p_go_wait_client to the current time so
that wpas_p2p_in_progress() would return != 0, thus preventing
P2P CSA, scanning etc., that would interfere with the peer
device connection.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Some drivers do not support having two station interfaces, so the fact
that wpa_supplicant always creates a new interface in station mode, even
if it will be used as another type of interface, may prevent
wpa_supplicant from creating new interfaces. Allow setting the interface
type when a new interface is created so that interfaces of supported
types can be created.
Currently supported types are station ("sta") and AP ("ap"). If the
interface type is not specified, a station interface will be created.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
When an AP interface it created, it is also setup and subscribes
for management frames etc. However, when the interface is added by
wpa_supplicant, setting up for AP operations is redundant because
it will be done by wpa_supplicant on wpa_drv_init() when setting
the interface mode to AP.
In addition, it may cause wpa_supplicant to fail initializing the
interface as it will try to subscribe for management frames on this
interface but the interface is already registered.
Change this, so when adding an AP interface, make setting up the AP
optional, and use it only when the interface is added by hostapd but not
when it is added by wpa_supplicant.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
When clearing pending TX action to start a new P2P operation like
P2P_FIND or P2P_LISTEN, wpas_p2p_action_tx_clear() was used to clear
the send action work. However, in cases where the action work has wait
time, it is not cleared immediately but only after the wait time ends.
This may cause delay in starting the P2P operation.
Fix that by always clearing the send action work immediately on these
P2P commands that result in immediate P2P state change and practically
stopping a previous operation, if one was pending.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
This allows offloaded roaming to inform user space of the change in IP
subnet post roaming. The device may have roamed to a network which is in
a different subnet which will result in IP connectivity loss. Indicating
the change in subnet enables the user space to refresh the IP address or
to perform IP subnet validation if unknown status is indicated.
The driver indication is reported with a new event from wpa_supplicant
in the following format:
CTRL-EVENT-SUBNET-STATUS-UPDATE status=<0/1/2>
where
0 = unknown
1 = IP subnet unchanged (can continue to use the old IP address)
2 = IP subnet changed (need to get a new IP address)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 2a6f78fbbe ('Do not re-associate on
SELECT_NETWORK to current network') started skipping all SELECT_NETWORK
connection steps if the selected network had already been selected
previously. This happened regardless of whether the connection was
already established. This is not necessarily desirable for all cases
where there is no immediate action to even try to connect (e.g., long
wait for the next scan).
Speed this up by allowing the SELECT_NETWORK operation to get started if
there is no connection or ongoing connection attempt with the selected
network.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Mesh Points themselves have capability to support VHT as long as
hardware supports it. However, supporting VHT in mesh mode was disabled
because no one had clearly tested and confirmed its functionality. Since
VHT80 has now been verified to work with ath10k QCA988X driver and
mac80211_hwsim, enable VHT support in mesh mode.
Signed-off-by: Peter Oh <poh@qca.qualcomm.com>
Set WLAN_STA_WMM flag to Mesh STA by default since Mesh STAs are QoS
STAs. Mesh STA's HT capabilities won't be parsed properly without the
flag.
Signed-off-by: Peter Oh <poh@qca.qualcomm.com>
If "STA_AUTOCONNECT 0" has been used to disable automatic connection on
disconnection event and the driver indicates a failure for the data
connection after successful WPS handshake, it is possible to hit a case
where wpa_s->disconnected is set to 1 and further attempts to connect
shall stop.
While "STA_AUTOCONNECT 0" is used to disable automatic reconnection
attempts in general, this specific WPS case can benefit from trying
again even with that configuration for a short period of time. Extend
the wpa_supplicant re-enable-networks-after-WPS 10 second timeout to
apply for ignoring disabled STA_AUTOCONNECT immediately after a WPS
provisioning step.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Free the message after message send in
wpas_dbus_signal_p2p_invitation_received() to avoid leaking memory.
Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
Signed-off-by: Avichal Agarwal <avichal.a@samsung.com>
The upstream wpa_supplicant uses the dbus-1 library when it is compiled
with D-Bus support. In Android, we imported the D-Bus shared libraries
under the name "libdbus", so use this shared library instead of dbus-1
when compiling wpa_supplicant with D-Bus support.
Signed-off-by: Samuel Tan <samueltan@google.com>
This is similar to SAVE_CONFIG on control interface, which allow users
to update the configuration file.
Signed-off-by: Purushottam Kushwaha <p.kushwaha@samsung.com>
Signed-off-by: Mayank Haarit <mayank.h@samsung.com>