Commit graph

3426 commits

Author SHA1 Message Date
Jouni Malinen
1772d348ea P2P: Fix interface deinit for failed group interface initialization
wpa_supplicant_deinit_iface() ends up removing all P2P groups if the
removed interface is the parent interface. This is correct behavior in
general, but this resulted in issues in the new group interface
initialization error path since wpa_s->parent was not assigned before
hitting this check. Fix this by assigning wpa_s->parent as part of
wpa_supplicant_add_iface().

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:53 +02:00
Jouni Malinen
3f9ebc439c P2P: Allow AP/GO interface to be started while P2P-in-progress
Do not delay the "station mode scan" that is not really a scan, but a
request to start AP/GO mode operation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 22:36:52 +02:00
Jouni Malinen
c28059091a Do not add blacklist entries based on normal disconnect request cases
There are number of cases where wpa_supplicant requests the current
connection to be disconnected before starting a new operation. Such
cases do not really indicate that there was an error in connecting or a
disconnection initiated by the AP, so do not add a temporary blacklist
entry in such sequences.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 15:54:24 +02:00
Jouni Malinen
bdf0518bb9 P2P: Direct P2P_CONNECT command to proper interface
It is possible for the P2P_CONNECT control interface command to be
issued on an incorrect interface. While the upper layer component should
really use global control interface for this, make this work by
redirecting the command to the correct context if needed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 11:54:39 +02:00
Jouni Malinen
44b9ea5bb2 P2P: Do not allow scan or normal association on cfg80211 P2P Device
The dedicated P2P management instance (wpas->p2p_mgmt == 1) using
cfg80211 P2P Device cannot be used for non-P2P uses or connection (there
is no netdev). Reject or ignore such operations to avoid unexpected
operations if enabled network blocks are configured in the
wpa_supplicant instance used to control this interface.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-03-01 11:23:09 +02:00
Jouni Malinen
9542f21f3a Clean up p2p_find command parsing and execution
There is no need to maintain three almost identical copies of the
wpas_p2p_find() call.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 21:58:38 +02:00
Daisuke Niwa
fa9f381f20 P2P: Allow a specific channel to be specified in P2P_FIND
The optional freq=<MHz> can now be used with the P2P_FIND command to
specify a single channel to scan during the first round of P2P search.
For example, this can be used to replace the full initial scan with a
single channel scan of a known operation channel.

Signed-off-by: Daichi Ueura <daichi.ueura@sonymobile.com>
2015-02-28 21:52:56 +02:00
Daichi Ueura
eb78a8d5e3 P2P: Restore P2P_SCAN_SPECIFIC
This reverts commit 3df2f4fe99 ('P2P:
Remove unused P2P_SCAN_SPECIFIC') with a modification to fit the current
code base.

Signed-off-by: Daichi Ueura <daichi.ueura@sonymobile.com>
2015-02-28 21:41:38 +02:00
Janusz Dziedzic
c3dabf5a00 Fix merge issue with IBSS VHT support
Commit 563ee1832b ('IBSS: Add support for
VHT80 configuration') got merged in incorrectly with one i/j swap
missed.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-02-28 16:48:22 +02:00
Jouni Malinen
8b2b718da9 Fix minor issue in HT40 max rate determination
Commit a1b790eb9d ('Select AP based on
estimated maximum throughput') had a copy-paste bug than ended up
leaving one of the max_ht40_rate() cases unreachable. (CID 106087)

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-28 16:40:58 +02:00
Jouni Malinen
0d2030ee20 Use estimated throughput to improve roaming selection
Previously, within-ESS roaming was skipped if the selected BSS did not
have a higher signal strength than the current BSS regardless of AP
capabilities. This could result in not moving to a BSS that would
provide higher throughput, e.g., due to larger channel bandwidth or
higher rates (HT/VHT MCS).

Use estimated throughput information from scan result processing to
allow within-ESS roaming if the selected BSS is likely to provide better
throughput even if the current BSS has larger RSSI.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-22 11:45:45 +02:00
Jouni Malinen
1d747e2a98 Add snr and est_throughput to the BSS entries
These values were previously used only for sorting the scan results, but
it may be useful to provide access to the used values through the BSS
entries.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-22 11:09:54 +02:00
Jouni Malinen
a1b790eb9d Select AP based on estimated maximum throughput
This modifies the BSS selection routines to calculate SNR and estimated
throughput for each scan result and then use the estimated throughput as
a criteria for sorting the results. This extends the earlier design by
taking into account higher throughput rates if both the AP and local
device supports HT20, HT40, or VHT80. In addition, the maximum rate is
restricted based on SNR.

In practice, this gives significantly higher probability of selecting
HT/VHT APs when there are multiple BSSes in the same ESS and SNR is not
low enough to prevent higher MCS use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-22 11:09:54 +02:00
Jouni Malinen
ab647ffea7 Add wpa_supplicant Makefile target libwpa_ctrl.a
"make -C wpa_supplicant libwpa_ctrl.a" can now be used to build a static
library that can be linked with external programs using wpa_ctrl.h. This
makes it easier to create a separate library package that does not
depend in any other hostap.git file other than src/common/wpa_ctrl.h and
the libwpa_ctrl.a built with this new make target.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-21 17:48:10 +02:00
Matthieu Mauger
71d77adb6d Update current BSS level when signal change event occurs
When an EVENT_SIGNAL_CHANGE occurs the bgscan is informed about this
change but the new RSSI value is not stored. In consequence, when
roaming candidates are evaluated, the RSSI value of the current BSS used
to compare is an old one obtained during the last scan rather than the
new one given by the signal change event. This leads sometimes to bad
decision when selecting a new BSS for roaming.

This patch solves the issue by updating the current BSS level when
receiving a signal change event in order to have a very up-to-date
current signal value when choosing an new BSS.

Signed-off-by: Matthieu Mauger <matthieux.mauger@intel.com>
2015-02-21 16:07:53 +02:00
Ilan Peer
f1609f119a wpa_supplicant: Cancel sched_scan when stopping countermeasures
When stopping the TKIP countermeasures, it would be preferable to
connect immediately. However if scheduled scan is in progress,
a connection attempt will be done only when scan results are received,
so cancel the scheduled scan to allow immediate scan and connection
attempt.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-02-21 16:07:53 +02:00
Eliad Peller
0b8bcaa50f P2P: Allow configuring CTWindow when working as GO
Read p2p_go_ctwindow (0-127 TUs) from the config file, and pass it to
the driver on GO start.

Use p2p_go_ctwindow=0 (no CTWindow) by default.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
2015-02-21 16:07:53 +02:00
ASHUTOSH NARAYAN
5ce6ac11ab Inteworking: Add support to update the ANQP Capability List into the BSS
In addition, add support for returning the capability list through
the BSS control interface command.

Signed-off-by: ASHUTOSH NARAYAN <ashutoshx.narayan@intel.com>
2015-02-21 16:07:53 +02:00
ASHUTOSH NARAYAN
185ada4770 HS 2.0: Add support to update the HS20 Capability List into the BSS
In addition, add support for returning the capability list through the
BSS control interface command.

Signed-off-by: ASHUTOSH NARAYAN <ashutoshx.narayan@intel.com>
2015-02-21 16:07:53 +02:00
Arkadiusz (Arkq) Bokowy
7fe7a3a51f wpa_gui: Debug enhancement
Instead of calling a dummy printf function use preprocessor to determine
if debugging mode is enabled. Also use native Qt debug function.

Signed-off-by: Arkadiusz Bokowy <arkadiusz.bokowy@gmail.com>
2015-02-21 16:07:53 +02:00
Jouni Malinen
2b892d442a Add forgotten network profile parameters to config file writing
Number of network profile parameters were not written to the
configuration file.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-21 16:07:53 +02:00
Janusz Dziedzic
563ee1832b IBSS: Add support for VHT80 configuration
Configure VHT80 based on driver capabilities.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-02-21 16:07:53 +02:00
Janusz Dziedzic
98479dc95e IBSS: Update operating frequency if joining an existing IBSS
If a matching IBSS is found in scan results, change requested frequency
to match and disable OBSS scan.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-02-21 16:07:53 +02:00
Janusz Dziedzic
4d9e6fba2a IBSS: Add fixed_freq network parameter
Add fixed_freq=<0/1> network block parameter and pass it to the driver
when starting or joining an IBSS. If this flag is set, IBSS should not
try to look for other IBSS networks to merge with on different channels.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-02-21 16:07:53 +02:00
Dmitry Shmidt
6f5e1b0bf6 Use priority list instead of global for PNO
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2015-02-21 16:07:52 +02:00
Rajiv Ranjan
f92446fb7d P2PS: Add P2PS interface info
This adds documentation on P2PS related interface commands and events.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-21 11:28:20 +02:00
Jouni Malinen
59b416c733 Add optional reassoc-to-same-BSS optimization
The new reassoc_same_bss_optim=1 configuration parameter can now be used
to request wpa_supplicant to bypass the unnecessary Authentication frame
exchange when reassociating back to the same BSS with which the device
is already associated. This functionality is disabled by default since
it may cause undesired interoperability issues with some APs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-19 16:35:39 +02:00
Jouni Malinen
c4da67deef Fix passive_scan config parameter writing
Commit c35e35ed81 ('Add passive_scan
configuration parameter') used incorrect parameter name when writing the
passive_scan parameter into a configuration file.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-19 16:22:47 +02:00
Ola Olsson
10263dc2a4 Add control interface commands for fetching wpa_config values
The new "DUMP" and "SET <variable>" control interface commands can be
used to fetch global wpa_supplicant configuration parameters.

Signed-off-by: Ola Olsson <ola.olsson@sonymobile.com>
2015-02-08 22:49:58 +02:00
Jouni Malinen
f91a512f1f Add INTERWORKING_ADD_NETWORK command
This can be used to provide more control to upper layers on network
blocks generated as part of Interworking network selection.
INTERWORKING_ADD_NETWORK behaves otherwise identically to
INTERWORKING_CONNECT, but it does not request a new connection after
having added the network block and it returns the network id of the
added network.

INTERWORKING_ADD_NETWORK followed by REASSOCIATE would behave more or
less identically to INTERWORKING_CONNECT, but this allows the created
network profile to be modified, if desired, and/or stored externally.
SELECT_NETWORK can also be used with the network id returned from
INTERWORKING_ADD_NETWORK to enforce that specific network profile to be
used for the next connection (though, it should be noted that this
behavior may not meet all Hotspot 2.0 requirements if there were other
enabled networks that could have higher priority).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-08 22:49:58 +02:00
Jouni Malinen
5b74e086e6 P2P: Document P2P_CONNECT-auto
Commit b31be3a0fd ('P2P: Add automatic GO
Negotiation vs. join-a-group selection') added this P2P_CONNECT 'auto'
parameter, but did not update any documentation on it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-08 13:35:50 +02:00
Jouni Malinen
99650cadc9 Add STOP_AP control interface command
This is mainly for testing purposes to allow beaconing to be stopped
without clearing AP state in hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-08 13:35:49 +02:00
Jouni Malinen
6b00512164 P2P: Add event messages for P2P_CONNECT-fallback-to-GO-Neg
This makes it easier for upper layer programs to follow progress of
P2P_CONNECT-auto operation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-08 13:35:48 +02:00
Jouni Malinen
b0e669beeb P2P: Fix P2P_CONNECT-auto fallback to GO Neg with group interface
If a separate P2P group interface was used, P2P_CONNECT-auto fallback to
GO Negotiation could result in use of freed memory and segmentation
fault. This happened in cases where the peer GO was found in some old
scans, but not in the first scan triggered by the P2P_CONNECT-auto
command ("P2P: Peer was found running GO in older scan -> try to join
the group" shows up in the debug log). In addition, the GO would still
need to reply to PD Request to allow this code path to be triggered.

When five scans for the GO were completed in this sequence, the P2P
group interface was removed as part of falling back to GO Negotiation.
However, that ended up dereferencing the freed wpa_s instance at the end
of scan event processing. Fix this by reordering code a bit and breaking
out from EVENT_SCAN_RESULTS processing if the interface could have been
removed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-08 13:35:14 +02:00
Masashi Honma
bf51f4f82b mesh: Fix remaining BLOCKED state after SAE auth failure
When SAE authentication fails, wpa_supplicant retries four times. If all
the retries result in failure, SAE state machine enters BLOCKED state.
Once it enters this state, wpa_supplicant doesn't retry connection. This
commit allow connection retries even if the state machine entered
BLOCKED state.

There could be an opinion "Is this patch needed? User could know the SAE
state machine is in the BLOCKED mode by MESH-SAE-AUTH-BLOCKED event.
Then user can retry connection. By user action, SAE state machine can
change the state from BLOCKED to another.". Yes, this is a true at the
joining mesh STA. However, a STA that is already a member of existing
mesh BSS should not retry connection because if the joining mesh STA
used wrong password, all the existing STA should do something from UI to
retry connection.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-02-08 12:43:24 +02:00
Masashi Honma
79ddb2062e mesh: Add a monitor event on SAE authentication getting blocked
Send MESH-SAE-AUTH-BLOCKED event if SAE authentication is blocked. The
BLOCK state will finish when a new peer notification event is sent for
the same MAC address.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-02-07 22:33:23 +02:00
Masashi Honma
dd2cbafc89 mesh: Add a monitor event for SAE authentication failure
SAE authentication fails likely with wrong password. This commit adds a
notification of the failure to the upper application (UI) so that the
application can notify suspection of a wrong password to the user. The
control interface monitor even for this is "MESH-SAE-AUTH-FAILURE
addr=<peer>".

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-02-07 22:23:34 +02:00
Jouni Malinen
11e2ddbcd7 mesh: Remove duplicated no_auto_peer update
Commit 07cb45ccb2 ('mesh: Add no_auto_peer
config option') added a new struct wpa_ssid argument and added an
unnecessary parsing and setting of the value in
wpa_supplicant_ctrl_iface_update_network(). This is not needed since
wpa_config_set() takes care of parsing the parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-07 16:19:53 +02:00
Jouni Malinen
1e529832a8 D-Bus: Fix network block type change
It is possible for a network profile to change its type from P2P
persistent group to a normal network and back. The D-Bus interface uses
different types of objects for those, so the object needs to
re-registered in case of type change. This fixes issues in leaving
behind an incorrect type of object and leaking memory when freeing such
a network block that has had its disabled parameter changed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-07 16:19:08 +02:00
Vinit Deshpande
663ae2f417 Don't write to wpa_supplicant.conf directly
There is a chance that wpa_supplicant may get killed during
the time it is writing config file. If this happens, user
information like SSIDs and passwords can be lost forever.

This change works around that by writing config to a
temporary file and then renaming the file to the correct name.

Signed-off-by: Vinit Deshpande <vinitd@google.com>
2015-02-07 15:37:13 +02:00
Janusz Dziedzic
d9a9bc04b4 IBSS: Do not enable HT with WEP or TKIP
We should not enable HT if WEP or TKIP is configured.
Without the patch and WEP configuration we will get message:
Association request to the driver failed

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-02-06 21:43:35 +02:00
Jouni Malinen
abe96d0605 P2P: Clean up Listen channel optimization debug prints
Do not claim to change the Listen channel in a debug message when
previously configured channel prevents this. In addition, fix a typo in
another related debug print.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 16:13:35 +02:00
Krishna Vamsi
93eca6155b P2PS: Do not remove pending interface on p2p_stop_find
The pending interface created during provision discovery should
not be removed on stopping p2p_find. This pending interface has
to be used after completing GO negotiation. Earlier the pending
interface is created just before GO negotiation so there was no
problem.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:07 +02:00
Krishna Vamsi
87d5ef5a41 P2PS: Add commands to control interface redir list
This is needed to allow P2PS related new control interface commands to
be redirected for proper context processing.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:07 +02:00
Krishna Vamsi
306aaf49f8 P2PS: Start WPS registrar upon GO formation
If P2PS config method is used for provisioning, upon forming a new GO,
start WPS registrar for the provisioned peer automatically.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:07 +02:00
Krishna Vamsi
ab8ee776b9 P2PS: Provision Discovery fail event
This extends P2P-PROV-DISC-FAILURE with adv_id and deferred_session_resp
in P2PS cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:07 +02:00
Krishna Vamsi
1300cc8e8f P2PS: PD Request processing and PD Response building
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:07 +02:00
Krishna Vamsi
5fefce2747 P2PS: Callback to send P2PS provisioning events
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:07 +02:00
Krishna Vamsi
9a58e521ac P2PS: Callback to create pending group after sending PD Response
This introduces a P2P module callback function that will be used to
create the pending P2PS group after sending PD Response and receiving
ACK status for it.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:07 +02:00
Krishna Vamsi
895d94def9 P2PS: Callback to remove stale persistent groups
When the peer device is trying to form a new group despite having
old persistent group with same roles, remove the stale persistent
group.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:07 +02:00
Krishna Vamsi
f309c18e50 P2PS: ASP provisioning commands to control interface
This adds new wpa_supplicant control interface commands
P2P_ASP_PROVISION and P2P_ASP_PROVISION_RESP.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:07 +02:00
Krishna Vamsi
6d9085145c P2PS: Process P2PS provisioning commands
This extends wpas_p2p_prov_disc() implementation to accept P2PS
parameters. None of the callers are yet using this functionality; the
following commit introduces a user.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:07 +02:00
Krishna Vamsi
369678ad14 P2PS: Add P2PS attributes into PD Request if requested
This adds a data structure for storing P2PS PD information and code to
add the related attributes into PD Request. The actual operation to
trigger this behavior will be added in a separate commit.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:07 +02:00
Krishna Vamsi
d4b43b5886 P2PS: Add support to send ASP-RESP events
Send P2P-SERV-ASP-RESP events upon receiving GAS responses with
ASP services.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:06 +02:00
Krishna Vamsi
6df08d0341 P2PS: Logic to parse GAS requests for ASP services
Add support to parse received GAS requests for ASP services and
prepare GAS responses accordingly.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:06 +02:00
Krishna Vamsi
5a4102ce0e P2PS: Add support to send ASP service requests
This extends the P2P_SERV_DISC_REQ control interface command with a new
"asp" service type. This takes service id, service string, and optional
service info as arguments.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:06 +02:00
Brian Gix
095b3c4069 P2PS: Add Application Service Info to device found events
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:06 +02:00
Krishna Vamsi
ae9d45f329 P2PS: Extend add/del services logic to support ASP
In addition, add a new P2P_SERVICE_REP command that can be used to
replace existing ASP advertisements.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-03 01:35:06 +02:00
Brian Gix
4f88fc0464 P2PS: WPS changes needed for P2PS default PIN
This provides additional WPS definitions and rules for negotiating use
of P2PS default PIN configuration method.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-02 16:55:45 +02:00
Brian Gix
5177509657 P2PS: Add option to specify seek strings into P2P_FIND
P2PS seek strings can now be specified in the P2P_FIND control interface
command with one or more optional "seek=<str>" parameters.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-02 16:55:43 +02:00
Jouni Malinen
66eaf8a2c2 Fix driver-offloaded offchannel TX done processing
It was possible for a Action frame sequence completion to stop an
ongoing offchannel remain-on-channel operation unexpectedly in cases
where TX operation was offloaded to the driver and such an operation
happened to occur during a previously started remain-on-channel (e.g.,
for P2P listen state).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-02 14:09:18 +02:00
Jouni Malinen
f2dc06e2bd P2P: Ignore remain-on-channel callback event if not waiting for one
It was possible for the previously requested remain-on-channel for P2P
listen state to get canceled before having received driver event
indicating start of that remain-on-channel operation. In such a case,
the event was able to trigger P2P module to start processing listen
timeout even though there was not supposed to be a following listen
operation anymore. Skip the driver event if we are not waiting for a new
listen state.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-02-02 14:09:18 +02:00
Mukesh Agrawal
f0d0a5d23b Improve BSS selection with default noise floor values
When noise floor measurements are not available, compute SNR
using default values for the noise floor. This helps steer us
towards 5 GHz BSSes in high signal strength environments.

In more detail...

Existing code prefers a 5 GHz BSS when the 5 GHz BSS's signal
strength is "close" to that of the 2.4 GHz BSS, or when both SNRs
are large. However, the mwifiex driver does not provide noise
floor measurements, so we can't compute SNRs.

Because mwifiex doesn't provide NF measurements, the "large SNR"
code wasn't effective. By using default values for the noise floor,
we can again compute SNRs, and decide that the SNR is high enough
that we shouldn't worry about the exact difference in SNR.

The default noise floor values (one for 2.4 GHz, and one for 5 GHz)
were chosen by measurement in a noisy environment, so they should be
conservative.

Note that while this patch is motivated by mwifiex, it affects
ath9k as well. Although ath9k provides noise floor measurements
in general, it will sometimes fail to provide a measurement for
one or more specific channels.

As a result of this patch, we'll always compare BSSes based on SNR
(either measured or estimated), rather than sometimes comparing
based on signal strength. ("Always" assumes that the
WPA_SCAN_LEVEL_DBM flag is set. It is for mwifiex and ath9k.)

While there:
- fix a whitespace issue (spaces -> tab)
- clean up existing comments
- update dump_scan_res to indicate whether the noise floor is
  measured, or default

Signed-hostap: mukesh agrawal <quiche@chromium.org>
2015-02-01 22:01:18 +02:00
Jouni Malinen
7f7bfba919 Add an option allow canned EAP-Success for wired IEEE 802.1X
For wired IEEE 802.1X authentication, phase1="allow_canned_success=1"
can now be used to configure a mode that allows EAP-Success (and
EAP-Failure) without going through authentication step. Some switches
use such sequence when forcing the port to be authorized/unauthorized or
as a fallback option if the authentication server is unreachable. By
default, wpa_supplicant discards such frames to protect against
potential attacks by rogue devices, but this option can be used to
disable that protection for cases where the server/authenticator does
not need to be authenticated.

When enabled, this mode allows EAP-Success/EAP-Failure as an immediate
response to EAPOL-Start (or even without EAPOL-Start) and EAP-Success is
also allowed immediately after EAP-Identity exchange (fallback case for
authenticator not being able to connect to authentication server).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-01 19:22:54 +02:00
Jouni Malinen
49fcc32e91 EAP-MSCHAPv2 peer: Add option to disable password retry query
wpa_supplicant used to request user to re-enter username/password if the
server indicated that EAP-MSCHAPv2 (e.g., in PEAP Phase 2)
authentication failed (E=691), but retry is allowed (R=1). This is a
reasonable default behavior, but there may be cases where it is more
convenient to close the authentication session immediately rather than
wait for user to do something.

Add a new "mschapv2_retry=0" option to the phase2 field to allow the
retry behavior to be disabled. This will make wpa_supplicant abort
authentication attempt on E=691 regardless of whether the server allows
retry.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-01 17:45:19 +02:00
Ben Greear
99805a0ea1 Interworking: Convert wpa_printf() to wpa_msg()
Also adds a few messages that helped me track down why things
were not working as expected.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-02-01 01:32:25 +02:00
Roger Zanoni
b42f539ed2 Add a variable to handle extra CFLAGS values
Some packages don't install its headers in the default directory
(e.g.: In Arch Linux libiberty and libn13 includes are installed)
in their own subdirectory under /usr/include) and the build fails
trying to find the headers.

This patch will allow passing extra CFLAGS values without discarding
the assignments made in the Makefile. The CFLAGS values in the Makefile
are ignored, if defined directly in the make command line.

Signed-off-by: Roger Zanoni <roger.zanoni@openbossa.org>
2015-02-01 00:26:17 +02:00
Jouni Malinen
e6dd8196e5 Work around Linux packet socket regression
Linux kernel commit 576eb62598f10c8c7fd75703fe89010cdcfff596 ('bridge:
respect RFC2863 operational state') from 2012 introduced a regression
for using wpa_supplicant with EAPOL frames and a station interface in a
bridge. Since it does not look like this regression is going to get
fixed any time soon (it is already two years from that commit and over
1.5 from a discussion pointing out the regression), add a workaround in
wpa_supplicant to avoid this issue.

The wpa_supplicant workaround uses a secondary packet socket to capture
all frames (ETH_P_ALL) from the netdev that is in a bridge. This is
needed to avoid the kernel regression. However, this comes at the price
of more CPU load. Some of this is avoided with use of Linux socket
filter, but still, this is less efficient than a packet socket bound to
the specific EAPOL ethertype. The workaround gets disabled
automatically, if the main packet socket interface on the bridge
interface turns out to be working for RX (e.g., due to an old kernel
version being used or a new kernel version having a fix for the
regression). In addition, this workaround is only taken into use for the
special case of running wpa_supplicant with an interface in a bridge.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-31 17:21:58 +02:00
Bob Copeland
745d93695b mesh: Create new station entry on popen frames
Currently, there is a race in open mesh networks where mesh STA A
receives a beacon from B and sends a peering open frame to initiate
peering. STA B, having not yet received a beacon from A and thus
created the corresponding station entry, will ignore all such open
frames. If the beacon interval is sufficiently long then peering
will not succeed as a result.

In fact B can simply create the station entry when the popen is
received, as is done in Linux's in-kernel MPM, avoiding the issue.

Signed-off-by: Bob Copeland <me@bobcopeland.com>
2015-01-28 13:09:31 +02:00
Bob Copeland
41bff862d9 mesh: Always free the station if peering failed
Previously, we would only free the station entry if a peering close
frame was received (freeing the station entry causes the kernel to
start sending peer candidate events again when suitable beacons are
received, triggering peering or authentication to restart).

The end result is the same in any case regardless of close reason:
if we leave holding state then peering has started again, so go
ahead and remove the station in all cases.

Signed-off-by: Bob Copeland <me@bobcopeland.com>
2015-01-28 13:09:31 +02:00
Masashi Honma
871ff0b746 mesh: Sync plink state with kernel
The plink_state exists both wpa_supplicant and kernel. Synchronize them
with wpa_mesh_set_plink_state().

Signed-off-by: Kenzoh Nishikawa <Kenzoh.Nishikawa@jp.sony.com>
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-01-28 13:09:31 +02:00
Jouni Malinen
ba4226130e Simplify eapol_sm_notify_pmkid_attempt()
Drop the unneeded 'attempt' argument. This was originally used for
indicating an aborted PMKID caching attempt, but a fix in 2006 removed
the only such user and since that time, only attempt == 1 has been used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-28 13:09:31 +02:00
Jouni Malinen
993a865407 Add eap_session_id to wpa_supplicant STATUS output
This makes the current EAP Session-Id available for external programs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-28 13:09:31 +02:00
Jouni Malinen
f19c907822 OpenSSL: Implement aes_wrap() and aes_unwrap()
This replaces the implementation in aes-wrap.c and aes-unwrap.c with
OpenSSL AES_wrap_key() and AES_unwrap_key() functions when building
hostapd or wpa_supplicant with OpenSSL.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-28 13:09:31 +02:00
Jouni Malinen
983c6a606b OpenSSL: Replace internal HMAC-MD5 implementation
Use OpenSSL HMAC_* functions to implement HMAC-MD5 instead of depending
on the src/crypto/md5.c implementation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-28 13:09:31 +02:00
Jouni Malinen
3f56a2b746 Ignore pmf=1 default if driver does not support PMF
Connection with a PMF enabled AP will fail if we try to negotiate PMF
while the local driver does not support this. Since pmf=1 does not
require PMF for a successful connection, it can be ignored in such a
case to avoid connectivity issues with invalid configuration. This makes
it somewhat easier to allow upper layer programs to use pmf=1 default
regardless of driver capabilities.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-27 12:38:52 +02:00
Jouni Malinen
937403b581 Update copyright notices for the new year 2015
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-27 01:43:55 +02:00
Jouni Malinen
399e61353a Add Suite B AKMs to key_mgmt capability list
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-27 01:43:55 +02:00
Jouni Malinen
5e3b5197cc Add Suite B 192-bit AKM
WPA-EAP-SUITE-B-192 can now be used to select 192-bit level Suite B into
use as the key management method.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-27 01:43:52 +02:00
Jouni Malinen
97ae35a848 Add HMAC-SHA384
For now, this is only implemented with OpenSSL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-27 01:26:51 +02:00
Jouni Malinen
98cd3d1c3b Preparations for variable length KCK and KEK
This modifies struct wpa_ptk to allow the length of KCK and KEK to be
stored. This is needed to allow longer keys to be used, e.g., with
Suite B 192-bit level.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-27 01:26:49 +02:00
Jouni Malinen
b5f045deee Show supported group_mgmt capabilities
This extends GET_CAPABILITY command to allow the supported group
management frame cipher suites to be listed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-24 19:37:42 +02:00
Ben Greear
893e152e64 Interworking: More debug messages
And convert some wpa_printf to wpa_msg.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-01-24 19:37:42 +02:00
Ben Greear
f45bae5b81 Interworking: Add logging to track nai_realm_find_eap failures
There are lots of reasons we can fail to match an EAP credential, so add
logging to help determine why it is happening in various cases.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2015-01-24 19:37:42 +02:00
Jouni Malinen
5a5aab7f40 Interworking: Remove unnecessary NULL check
nai_realm_find_eap() is called only in cases where the cred pointer is
not NULL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-24 19:37:42 +02:00
Adrian Nowicki
ad905e4a79 wpa_gui: Sort frequency and signal numerically in the scan results dialog
Signal strength was sorted lexically rather than numerically, which
put "-100 dBm" before "-50 dBm" if sorted in descending order.
This change fixes that. It also treats frequency in the same
manner, preparing it for the IEEE 802.11ah.

Signed-off-by: Adrian Nowicki <adinowicki@gmail.com>
2015-01-23 01:24:25 +02:00
Jouni Malinen
c35e35ed81 Add passive_scan configuration parameter
This new wpa_supplicant configuration parameter can be used to force
passive scanning to be used for most scanning cases at the cost of
increased latency and less reliably scans. This may be of use for both
testing purposes and somewhat increased privacy due to no Probe Request
frames with fixed MAC address being sent out.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-22 20:50:01 +02:00
ASHUTOSH NARAYAN
fb09ed3389 Interworking: Notify the ANQP parsing status
The ANQP verification/parsing is done only after the GAS_DONE indication
is sent over the control interface. This means that in case the ANQP
parsing fails there is no indication to the upper layers. Add an
ANQP-QUERY-DONE event that reports the status of the ANQP parsing.

Signed-off-by: ASHUTOSH NARAYAN <ashutoshx.narayan@intel.com>
2015-01-20 02:26:21 +02:00
ASHUTOSH NARAYAN
d10b01d299 HS20: Provide appropriate permission to the OSU related files
The icon files and the osu-providers.txt that are generated may not have
proper permission for external programs to access. Set the access
permissions to the same as the permissions for osu_dir.

Signed-off-by: ASHUTOSH NARAYAN <ashutoshx.narayan@intel.com>
2015-01-20 02:26:16 +02:00
Ilan Peer
dd09e424c2 Fix memory leak in wpa_supplicant global bgscan configuration
Global bgscan configuration parameter was not freed when config was
freed.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-01-20 02:10:05 +02:00
Eytan Lifshitz
30f459c098 wpa_cli: Fix NULL dereference on printf string argument
In wpa_cli_cmd_interface(), try_connection(), and main(), ctrl_ifname
may be NULL and could be dereferenced depending on the printf()
implementation.

Signed-off-by: Eytan Lifshitz <eytan.lifshitz@intel.com>
2015-01-20 02:08:58 +02:00
Ilan Peer
b72b2ad39e P2P: Stop p2p_listen/find on wpas_p2p_invite
Stop any ongoing P2P listen/find flow before starting invitation flow.
This was partially handled in p2p_invite() that called p2p_find(), but
this did not cleanly handle cases such as long_listen.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-01-20 01:57:59 +02:00
Ilan Peer
7e608d1def P2P: Use the correct wpa_s interface to handle P2P state flush
A control interface call to flush the current state used the
current wpa_s to clear the P2P state even though it might not
be the interface controlling the P2P state.

Fix it by using the correct interface to flush the P2P state.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-01-20 01:57:59 +02:00
Eyal Shapira
fd83335f29 AP: Enable HT Tx STBC for AP/GO if supported by driver
Publish support for Tx STBC in the HT capabilities of a GO and AP
controlled by wpa_supplicant in case the hardware supports it.

Signed-off-by: Eyal Shapira <eyalx.shapira@intel.com>
2015-01-20 01:57:59 +02:00
Ben Rosenfeld
d90bfa97f4 Move external_scan_running to wpa_radio
external_scan_running should be common to all interfaces that share a
radio. This fixes a case where external_scan_running was set on a single
interface, but did not block scan on other interfaces.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>
2015-01-20 01:57:59 +02:00
Ben
0c5f01fdf2 Clear reattach flag in fast associate flow
Clear the reattach flags, in case a connection request did not trigger a
scan. This needs to be done to avoid leaving the reattach flag set for
the next scan operation which may not have anything to do with the
specific request that could have been optimized using the single-channel
single-SSID scan.

Signed-off-by: Ben <ben.rosenfeld@intel.com>
2015-01-20 01:57:59 +02:00
David Spinadel
8ad8bc5c36 NFC: Redirect NFC commands on global control interface
Redirect NFC commands from global control interface to P2P device
interface.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2015-01-20 01:57:59 +02:00
David Spinadel
57ae1f5be9 P2P: Fix P2P invitation with NFC
Use interface's own NFC configuration instead of parent's one
to support a P2P device dedicated interface.

Signed-off-by: David Spinadel <david.spinadel@intel.com>
2015-01-20 00:51:36 +02:00
Matti Gottlieb
07565ab0f9 WNM: Fix the length of WNM_BSS_QUERY control interface command
The length should be 14 and not 10.
The current situation causes failure during parsing of the command.

Signed-off-by: Matti Gottlieb <matti.gottlieb@intel.com>
2015-01-20 00:47:41 +02:00
Jouni Malinen
2d9c99e37b Retry scan-for-connect if driver trigger fails
This restores some of the pre-radio work behavior for scanning by
retrying scan trigger if the driver rejects it (most likely returning
EBUSY in case of nl80211-drivers). Retry is indicated in the
CTRL-EVENT-SCAN-FAILED event with "retry=1".

For manual scans (e.g., triggered through "SCAN" control interface
command), no additional retries are performed. In other words, if upper
layers want to retry, they can do so based on the CTRL-EVENT-SCAN-FAILED
event.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-19 20:25:20 +02:00
Jouni Malinen
911942ee64 Add a test framework for various wpa_supplicant failure cases
For CONFIG_TESTING_OPTIONS=y builds, add a new test parameter than can
be used to trigger various error cases within wpa_supplicant operations
to make it easier to test error path processing. "SET test_failure
<val>" is used to set which operation fails. For now, 0 = no failures
and 1 = scan trigger fails with EBUSY. More operations can be added in
the future to extend coverage.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-19 19:34:00 +02:00
Janusz Dziedzic
95ff306988 nl80211: Allow HT/VHT to be disabled for IBSS
Allow HT/VHT overrides to be used for IBSS.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-19 02:35:43 +02:00
Masashi Honma
5a2a6de6a5 mesh: Make inactivity timer configurable
Current mesh code uses ap_max_inactivity as inactivity timer. This patch
makes it configurable.

There is another mesh inactivity timer in mac80211. The timer works even
if user_mpm=1. So this patch sets the max value to the timer for
workaround.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2015-01-19 02:35:43 +02:00
Jouni Malinen
0efcad2c30 Print in debug log whether attached monitor is for global interface
It is easier to debug issues related to the wpa_supplicant control
interfaces being left behind in attached state when the debug log file
can be used to determine whether a specific monitor socket was a global
or per-interface one.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-18 16:23:43 +02:00
Jouni Malinen
8266e6c6b4 HS 2.0: Try to use same BSS entry for storing GAS results
Commit 17b8995cf5 ('Interworking: Try to
use same BSS entry for storing GAS results') added a mechanism to try to
pair GAS request and response to a single BSS entry to cover cases where
multiple BSS entries may exists for the same BSSID. However, that commit
did not cover the Hotspot 2.0 ANQP elements. Extend this mechanism to
all ANQP elements. This can help in cases where information in the
Hotspot 2.0 specific ANQP elements got lost if a hidden SSID or some
other reason of duplicated BSS entries was present while doing ANQP
fetches.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-17 17:47:32 +02:00
Jouni Malinen
6c69991382 Make wpa_supplicant FLUSH command more likely to clear all BSS entries
Move the wpa_bss_flush() call to the end of the function to allow any
pending user of a BSS entry to be cleared before removing the unused
entries. There were number of cases where BSS entries could have been
left in the list and this resulted in some hwsim test failures.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-17 15:39:48 +02:00
Jouni Malinen
2dbe63ad53 Write reason for scan only_new_results into debug log
This can be helpful in figuring out why the driver was requested to
flush its scan results prior to starting a new scan.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-17 13:54:16 +02:00
Jouni Malinen
242b83a380 eapol_test: Fix cert_cb() function arguments
altsubject[] was added here, but the callback implementation in
eapol_test.c was forgotten from the commit.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-17 02:24:00 +02:00
Jouni Malinen
a8826b1848 Interworking: Avoid busy loop in scan result mismatch corner cases
It was possible for interworking_find_network_match() to find a possible
BSS match in a case where more thorough checks in
wpa_supplicant_select_bss() reject network. This itself is fine, in
general, but when combined with wpa_supplicant_fast_associate()
optimization and auto_interworking=1, this resulted in a busy loop of up
to five seconds and a possible stack overflow due to recursion in that
loop.

Fix this by limiting the Interworking wpa_supplicant_fast_associate()
call to be used only once per scan iteration, so that new scan
operations can be completed before going through the scan results again.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-17 01:52:07 +02:00
Jouni Malinen
edd5939a26 Interworking: Start ANQP fetch from eloop callback
Reduce maximum stack use by starting next ANQP fetch operation from an
eloop callback rather than calling interworking_next_anqp_fetch()
directly from interworking_start_fetch_anqp(). This avoids issues that
could potentially make the process run out of stack if long loops of
ANQP operations are executed in cases where automatic Interworking
network selection is used and scan results do not have a full match for
a network.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-17 01:51:47 +02:00
Jouni Malinen
783b2a977f Interworking: Fix INTERWORKING_CONNECT with zero-length SSID BSS entry
For Interworking connection to work, the SSID of the selected BSS needs
to be known to be able to associate with the AP. It was possible for the
scan results to include two BSS entries matching the BSSID when an
earlier scan with that AP has shown a hidden SSID configuration (e.g.,
when running hwsim test cases, but at least in theory, this could happen
with real use cases as well). When that happened, the incorrect BSS
entry may not have included RSN configuration and as such, it would get
rejected for Interworking connection.

Fix this by confirming that the selected BSS entry has a real SSID. If
not, try to find another BSS entry matching the same BSSID and use that,
if found with an SSID.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-15 12:24:18 +02:00
Jouni Malinen
cebee30f31 Add domain_match network profile parameter
This is similar with domain_suffix_match, but required a full match of
the domain name rather than allowing suffix match (subdomains) or
wildcard certificates.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-14 15:45:18 +02:00
Jouni Malinen
d07d3fbda2 Add peer certificate alt subject name information to EAP events
A new "CTRL-EVENT-EAP-PEER-ALT depth=<i> <alt name>" event is now used
to provide information about server certificate chain alternative
subject names for upper layers, e.g., to make it easier to configure
constraints on the server certificate. For example:
CTRL-EVENT-EAP-PEER-ALT depth=0 DNS:server.example.com

Currently, this includes DNS, EMAIL, and URI components from the
certificates. Similar information is priovided to D-Bus Certification
signal in the new altsubject argument which is a string array of these
items.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-14 15:45:18 +02:00
Jouni Malinen
98a4cd447e D-Bus: Clear cached EAP data on network profile changes
This makes D-Bus network profile Set(Properties) clear cached EAP data
similarly to how SET_NETWORK does for control interface.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-14 13:24:09 +02:00
Jouni Malinen
483dd6a5e0 Include peer certificate always in EAP events
This makes it easier for upper layer applications to get information
regarding the server certificate without having to use a special
certificate probing connection. This provides both the SHA256 hash of
the certificate (to be used with ca_cert="hash://server/sha256/<hash>",
if desired) and the full DER encoded X.509 certificate so that upper
layer applications can parse and display the certificate easily or
extract fields from it for purposes like configuring an altsubject_match
or domain_suffix_match.

The old behavior can be configured by adding cert_in_cb=0 to
wpa_supplicant configuration file.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-14 12:24:52 +02:00
Jouni Malinen
d29fa3a767 Extend VENDOR_ELEM parameters to cover non-P2P Association Request
The new VENDOR_ELEM value 13 can now be used to add a vendor element
into all (Re)Association Request frames, not just for P2P use cases like
the previous item was for.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-01-14 01:12:56 +02:00
Jouni Malinen
cf08e9b1f4 Add MESH to modes capabilities
This makes it easier for upper layer programs to figure out whether the
wpa_supplicant and and the driver supports mesh.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
db5adfe777 Add SAE to auth_alg capabilities
This makes it easier for upper layer programs to figure out whether the
wpa_supplicant and and the driver supports SAE.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
a16514516b Add "GET tls_library" to provide information on TLS library and version
This new wpa_supplicant and hostapd control interface command can be
used to determine which TLS library is used in the build and what is the
version of that library.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-12 00:19:21 +02:00
Jouni Malinen
b09baf37cf Work around Windows build issues
At least MinGW did not have ENOTCONN, EOPNOTSUPP, ECANCELED, so define
these to allow the build to go through.
wpas_rrm_send_neighbor_rep_request() is not really used on Windows, so
the exact error code values do not make any difference here.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:58:10 +02:00
Jouni Malinen
0b402479bf Remove Network Security Service (NSS) support
NSS as a TLS/crypto library alternative was never completed and this
barely functional code does not even build with the current NSS version.
Taken into account that there has not been much interest in working on
this crypto wrapper over the years, it is better to just remove this
code rather than try to get it into somewhat more functional state.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:58:10 +02:00
Jouni Malinen
e24aef10cf Fix a typo in domain_suffix_match documentation
Spell SubjectName correctly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:27:01 +02:00
Jouni Malinen
394b54732e Improve subject_match and domain_suffix_match documentation
These were already covered in both README-HS20 for credentials and in
header files for developers' documentation, but the copy in
wpa_supplicant.conf did not include all the details. In addition, add a
clearer note pointing at subject_match not being suitable for suffix
matching domain names; domain_suffix_match must be used for that.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-11 00:27:01 +02:00
Stefan Tomanek
79cd993a62 Add address masks to BSSID lists
In many applications it is useful not just to enumerate a group of well
known access points, but to use a address/mask notation to match an
entire set of addresses (ca:ff:ee:00:00:00/ff:ff:ff:00:00:00).

This change expands the data structures used by MAC lists to include a
mask indicating the significant (non-masked) portions of an address and
extends the list parser to recognize mask suffixes.

Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
2015-01-10 17:35:53 +02:00
Stefan Tomanek
b83e455451 Add network specific BSSID black and white lists
This change adds the configuration options "bssid_whitelist" and
"bssid_blacklist" used to limit the AP selection of a network to a
specified (finite) set or discard certain APs.

This can be useful for environments where multiple networks operate
using the same SSID and roaming between those is not desired. It is also
useful to ignore a faulty or otherwise unwanted AP.

Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
2015-01-10 17:35:53 +02:00
Stefan Tomanek
b3d6a0a825 Add generic parser for MAC address lists
This change generalizes the code used for parsing the configuration
option 'p2p_client_list' and makes it suitable to use it in other
contexts.

Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
2015-01-10 17:35:53 +02:00
Jouni Malinen
6dfc55723d Remove mesh_ht_mode network block parameter
There should not be a mesh-specific mechanism for setting up channel
parameters since that will just result in duplicated code. IBSS, mesh,
and AP mode can use the same data structures and parameters for setting
up such parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-10 17:35:53 +02:00
Jouni Malinen
54fe48b9dc mesh: Use the shared function with IBSS to determine channel parameters
Automatically enable HT20, HT40+, HT40-, or VHT, based on driver
capabilities. This obsoletes the mesh_ht_mode network block parameter
that was previously used to configure HT parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-10 17:35:53 +02:00
Jouni Malinen
f7e889fa2d mesh: Convert channel configuration to use common routines
Use struct hostapd_freq_params just like other modes do instead of
mesh-specific freq and ht_mode.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-10 17:35:53 +02:00
Jouni Malinen
6334330ed6 mesh: Use a separate variable to track whether HT is enabled
A network profile parameter should not be used to check whether the
currently operating mesh has HT enabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-10 17:35:53 +02:00
Janusz Dziedzic
6b8b07741a ibss/mesh: Enable HT40 if supported
Setup HT40+/HT40- if supported by driver.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-10 17:35:53 +02:00
Janusz Dziedzic
269dfe232b Introduce common hw features
Introduce wpa_supplicant/hostapd hw features.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-10 17:35:53 +02:00
Janusz Dziedzic
1830817ece IBSS: Add WPA_DRIVER_FLAGS_HT_IBSS
Add WPA_DRIVER_FLAGS_HT_IBSS driver feature flag. Some drivers could not
set this feature and next could fail when we will enable HT support for
IBSS with error message: nl80211: Join IBSS failed: ret=-22 (Invalid
argument).

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2015-01-10 17:35:53 +02:00
Bob Copeland
a206e2a175 SAE: Centralize function for sending initial COMMIT
When performing SAE authentication in mesh, one station may
initiate authentication by sending a COMMIT as soon as a peer
candidate is discovered. Previously we did this in mesh_rsn.c,
but this left some of the state initialization in a different
part of the code from the rest of the state machine, and we may
need to add other initializations here in the future, so move
that to a more central function.

Signed-off-by: Bob Copeland <me@bobcopeland.com>
2015-01-10 11:43:29 +02:00
Jouni Malinen
a354bcc886 D-Bus: Use NoMemory error message from CreateInterface
Try to be a bit more consistent by using NoMemory instead of InvalidArgs
if os_strdup() fails in the CreateInterface handler.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-09 02:32:15 +02:00
Jouni Malinen
635874b55a Handle interface disabled/enabled more consistently
It was possible for the interface not to be marked in INTERFACE_DISABLED
state in case the event was processed for P2P GO because the wpa_s
instance could have been removed in case of a separate group interface.
Change the state first to avoid leaving different state for the case
where separate group interface is not used.

Mark scan to be a normal scan on INTERFACE_ENABLED so that scanning
rules (e.g., skip scan if no networks enabled) get used consistently.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-08 22:43:48 +02:00
Jouni Malinen
8f2cf37923 P2P: Indicate reason=UNAVAILABLE for group netdev going down
There is a race condition between receiving an AP stopped event and
netdev down event. These resulted in different group removal reasons on
a GO device (UNAVAILABLE for stop AP event coming first and REQUESTED
for netdev event first). Make this more consistent by reporting
UNAVAILABLE for both possible cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-08 22:43:48 +02:00
Jouni Malinen
a156ffda61 Add support for testing memory allocation failures
The new control interface command TEST_ALLOC_FAIL and GET_ALLOC_FAIL can
now be used to trigger memory allocation failures for testing purposes.
TEST_ALLOC_FAIL sets a failure conditions with
<count>:func[;func][;func]... string and GET_ALLOC_FAIL returns the
current state using the same format. Whenever an allocation is made with
a matching backtrace of calling functions, the count is decremented by
one and once zero is reached, the allocation is forced to fail.

Function names can be prefixed with either '=' or '?' to get different
matching behavior. '=' requires this specific function to be the next
one in the backtrace (i.e., do not skip any other functions in the list
which is the default behavior). '?' allows the function to be optionally
present in the backtrace.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:43 +02:00
Jouni Malinen
52b3943c94 D-Bus: Fix interface unregistration on error path
It is possible for this function to get called even if D-Bus
registration had failed, so the path can be NULL here.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:01 +02:00
Jouni Malinen
96dc9a6d42 D-Bus (old): Fix interface unregistration on error path
It is possible for this function to be called even if D-Bus interface
registration has failed. Avoid a D-Bus assert in such a case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:01 +02:00
Jouni Malinen
ef0355780a Fix memory leak on wpa_supplicant_init_wpa() error path
If wpa_sm_init() fails, the context data needs to be freed in the
caller.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:00 +02:00
Jouni Malinen
f2d57282ad D-Bus: Fix string array dict entry parser in out-of-memory case
entry->strarray_value was left to point to freed memory in case
os_realloc_array() failed. This resulted in the following
wpa_dbus_dict_entry_clear() trying to free an already freed memory area.
In addition, the separately allocated strings in the array would have
been leaked in such a case. Furthermore, wpa_dbus_dict_entry_clear() was
not prepared for the possibility of the initial os_calloc() call failing
and entry->strarray_value being NULL without array_len being cleared to
zero. That would have resulted in reading uninitialized memory and NULL
pointer dereference.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:00 +02:00
Jouni Malinen
c61bc23aa2 D-Bus: Fix byte array dict entry parser in out-of-memory case
entry->bytearray_value was left to point to freed memory in case
os_realloc_array() failed. This resulted in the following
wpa_dbus_dict_entry_clear() trying to free an already freed memory area.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:00 +02:00
Jouni Malinen
dacf605812 D-Bus: Fix Introspect() in case of os_strdup() failure
add_interface() did not check for os_strdup() return value and could end
up dereferencing a NULL pointer if memory allocation failed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:00 +02:00
Jouni Malinen
68a866974b D-Bus (old): Fix wpsReg error message
This was supposed to return WpsRegError, not WpsPbcError.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:00 +02:00
Jouni Malinen
f0614bc6c6 D-Bus (old): Fix message handler error paths
The error reply needs to be sent out as a response. The "out" label was
in incorrect place to allow that to happen; instead, it ended up leaking
memory for the generated reply message.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:00 +02:00
Jouni Malinen
a2af1c70c5 D-Bus (old): Fix memory leak on error path
If setSmartcardModules() fails to allocate memory with os_strdup(), the
allocated items in the dict entry were not freed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-07 13:19:00 +02:00
Jouni Malinen
942b75468d tests: Add module tests for AES-SIV
This moves the AES-SIV test case from tests/test-aes.c to be part of
wpa_supplicant module testing framework with a new
src/crypto/crypto_module_tests.c component. In addition, the second test
vector from RFC 5297 is also included for additional coverage.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-05 15:50:53 +02:00
Ilan Peer
8b48e32006 wpa_cli: Add MAC address randomization in scan
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-01-04 23:06:31 +02:00
Ilan Peer
fb375883f4 ctrl_iface: Add MAC address randomization in scan processing
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-01-04 23:06:31 +02:00
Ilan Peer
56c76fa592 scan: Add MAC address randomization in scan handling
1. Supported MAC address randomization for scan.
2. Supported MAC address randomization for scheduled scan.
2. Supported MAC address randomization for pno.
4. Add functions to set and clear the MAC address randomization
   state variables.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2015-01-04 23:06:31 +02:00
Arik Nemtsov
7db53bb8c5 wpa_cli: Implement TDLS start/cancel channel switching commands
For the start operation, this includes appropriate parameters for
specifying channel and peer information. The cancel operation includes
peer information.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2015-01-04 21:46:37 +02:00
Arik Nemtsov
6b90deae4d TDLS: Propagate enable/disable channel-switch commands to driver
The supplicant code does not try to control the actual channel of the
radio at any point. It simply passes the target peer and channel
parameters to the driver. It's the driver's responsibility to
periodically initiate TDLS channel-switch operations when TDLS
channel-switching is enabled.

Allow enable/disable operations to be invoked via the control interface.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2015-01-04 20:30:11 +02:00
Arik Nemtsov
4daa572925 TDLS: Add channel-switch capability flag
Propagate a driver TDLS channel-switch support bit from nl80211 to
TDLS code.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2015-01-04 18:59:31 +02:00
Eliad Peller
8c42b36902 WMM AC: Reconfigure tspecs on reassociation to the same BSS
The specification requires the tspecs to be kept upon reassociation to
the same BSS. Save the last tspecs before such reassociation, and
reconfigure on the association notification.

Note that the current flow is not transparent to the user
(it is notified about deauth/reassoc and tspec removal/addition).

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
2015-01-04 18:41:00 +02:00
Eliad Peller
677e7a9582 WMM AC: Do not fail on unknown IEs in Association Response
Some APs add their custom (vendor-specific) IEs to the Association
Response frame. Fail WMM AC initialization only if Association Response
frame IE parsing actually failed, i.e., ignore all unknown IEs.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
2015-01-04 18:33:29 +02:00
Eliad Peller
fecc2bb5a8 WMM AC: Delete tspecs on roaming
In case of roaming, we don't get disassoc notification, but
still want to remove the existing tspecs.

Move the wmm_ac_notify_disassoc() call to the state change
function, which get called also on roaming.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
2015-01-04 18:32:59 +02:00
Eliad Peller
20fe74561c WMM AC: Print user-priority in wmm_ac_status
The UP is important property of the tspec, so print it as well.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
2015-01-04 18:31:18 +02:00
Jouni Malinen
d118a6b8c8 D-Bus: Fix WPS.Start method in AP/P2P GO mode
Previously, role="enrollee" was required to be used to allow the AP mode
WPS operation to be started. This is incorrect since the AP/GO will
operate in Registrar role. Fix this by ignoring the role parameter when
AP (including P2P GO) mode is enabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:27 +02:00
Jouni Malinen
bd47d68035 WPS: Reject station-mode WPS operations when AP mode is enabled
Start of station-mode WPS PBC/PIN/Registrar/NFC operation would result
in the AP mode getting disabled. This can be particularly confusing for
the P2P GO case where the group would need to be stopped cleanly. As
such, it is better to reject these invalid operations rather than trying
to handle all corner cases needed to allow this to work robustly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:27 +02:00
Jouni Malinen
f47a562c73 D-Bus: Move NetworkRequest signal to correct registration array
This is an interface signal, not a global signal, so move it to the
current array for registering the signal.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:27 +02:00
Jouni Malinen
afaa6d99a4 D-Bus: Remove registration of P2PStateChanged signal
This signal is not generated anywhere, so there is no point in claiming
it to be available.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:27 +02:00
Jouni Malinen
1a4efde5bd D-Bus: Make P2P Group Passphrase property getter available for P2P Client
There is no need to limit this property based on the role of the device
in the group, so return the passphrase if it is available. It will be
available in GO role and it may be available in P2P Client role based on
whether the peer GO provided it during the WPS provisioning step.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:27 +02:00
Jouni Malinen
20e1d81e09 D-Bus: Fix P2P Group PSK property getter
This was returning a byte array of the pointer to the PSK, not the
actual PSK, due to incorrect use of
wpas_dbus_simple_array_property_getter(). In addition, there is no need
to limit this property based on the role of the device in the group, so
return the PSK if it is available (which it will be for both GO and P2P
Client roles).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:27 +02:00
Jouni Malinen
a0caebf397 D-Bus: Simplify out-of-memory reporting
There is no need to have separate wpa_printf() and different error
message strings for the unlikely out-of-error messages. Use a helper
function, wpas_dbus_error_no_memory(), to get consistent behavior with a
one-line call.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:27 +02:00
Jouni Malinen
ff1d8104e2 D-Bus: Remove the obsolete notes from wpas_dbus_error_unknown_error()
Commit 6aeeb6fa21 ('dbus: clean up new
D-Bus interface getters and setters') redesigned the property
getter/setter calls in a way that made the
wpas_dbus_error_unknown_error() note about message being NULL in some
cases obsolete. All the remaining callers are from method handler
functions that must have a valid message. Remove the obsolete notes and
unnecessary messsage == NULL check.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:27 +02:00
Jouni Malinen
38279bdb35 D-Bus: Coding style cleanup
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
e3c4f0b5d5 D-Bus: Simplify message building error paths
There is no need to have multiple separate return statements for error
cases in a sequence of operations. In addition, there is not much point
in "converting" boolean return values with "if (!res) return FALSE;
return TRUE;" style constructions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
bba40b65b0 D-Bus: Fix GroupAdd, Invite, RemovePersistentGroup path validation
net_id_str can be NULL and that must be checked for to avoid NULL
pointer dereference if an invalid persistent_group_object path is used
with these methods.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
ce82168b55 D-Bus: Fix error message for Listen() failure
DBUS_ERROR_NO_MEMORY does not look like the best option for the failure
reason in case wpas_p2p_listen() fails.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
054dc3136f D-Bus: Clean up wpas_dbus_new_decompose_object_path()
None of the new D-Bus interface cases use the bssid_part in
decompose_object_path (while the old interface ones do). As such, this
is dead code and can be removed. In addition, the P2P addition here was
pretty ugly extension. Replace these with a cleaner way of passing the
separating string (e.g., "Networks") from the caller and returning the
requested item.

In addition, there is no need to allocate the returned item separately,
so use a single allocation and a pointer to that allocated memory. This
will make it easier for callers to have to free only a single
allocation. This is also fixing a memory leak in P2P invitation
persistent group case where the caller had missed the need to free the
returned values.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
b76ea413b1 D-Bus: Clean up parse_peer_object_path() uses
This helper function does not modify peer_path, so mark it const. In
addition, there is no point in callers to check separately whether
peer_path is NULL since that is taken care of by this helper function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
509618d35b D-Bus: Remove useless NULL check from static function
The entry argument cannot be NULL in this static function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
1d12c08847 D-Bus: Add debug prints for parsing dict entries
This makes it easier to figure out what happens if there are issues with
processing messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
605325fb75 D-Bus: Remove useless wpa_s->conf checks
This cannot be NULL when an interface is in use. There is not much point
in couple of functions checking this while large number of other places
do not.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
88ce7938b0 D-Bus: Write Get/Set property name in debug log
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
5485798f40 D-Bus: Add more debug prints to cover operations
This adds the message signature to the new D-Bus interface message
handler and similar prints to the old interface messages handlers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
7fbe56b018 D-Bus: Fix property change timer update
eloop_is_timeout_registered() was called with incorrect context argument
which meant that the pending timeout would have never been found.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
3a593ff5b2 D-Bus (old): Fix removeNetwork method to not use freed memory
wpa_supplicant_deauthenticate() call needs to happen before
wpa_config_remove_network(). Freed memory could be dereferenced if
removeNetwork method was issued on the currently connected network.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
f11e797d4c D-Bus: Avoid valgrind warning due to compiler optimization
It looks like both gcc and clang optimize the (entry.type != foo ||
entry.array_type != bar) in a way that ends up evaluating the second
condition even when the first one results in 0. While this is not really
what the C language requirements on short-circuit evaluation require,
the compiler likely assumes this can have no side effects and with both
type and array_type being comparable in a single 64-bit operation, this
can clearly be a bit more efficient. While the code behaves same in both
cases, valgrind does warn about use of uninitialized memory when the
second condition is evaluated (entry.array_type is not initialized if
entry.type != DBUS_TYPE_ARRAY).

To keep valgrind logs cleaner, initialize entry.array_type to
DBUS_TYPE_INVALID so that these compiler optimizations do not result in
reading uninitialized memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
19d4dab759 D-Bus: Avoid compiler warning on sometimes uninitialized variable
The logic in wpas_dbus_signal_p2p_provision_discovery() seemed to imply
that there could be a case where _signal would be used uninitized. While
that is not the case since either (request || !status) or (!request &&
status) would always be true, some compilers do not seem to be clever
enough to figure that out to avoid the warning. Make this easier for
such compilers by removing the (!request && status) condition since it
is identical to !(request || !status).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:48:30 +02:00
Jouni Malinen
bc7baaff24 D-Bus: Make WPAS_DBUS_TYPE_BINARRAY value less confusing
Commit 911e97e400 ('DBus: Refactor array
adding, add binary arrays') introduced WPAS_DBUS_TYPE_BINARRAY as an
internal fake type for array_type. However, it selected this value to be
(DBUS_NUMBER_OF_TYPES + 100) = 116 = 't'. This happens to conflict with
DBUS_TYPE_UINT64 ((int) 't'). While none of the existing array_type use
cases supported UINT64, it is much clearer if WPAS_DBUS_TYPE_BINARRAY
has a value that does not match any existing DBUS_TYPE_* value. Replace
this with '@' (64).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-01 13:51:45 +02:00
Jouni Malinen
5f3682dc6f D-Bus: Fix dict binarray getter to accept empty array of array
This is needed to allow Set(P2PDeviceConfig) to clear the
VendorExtension array (i.e., to remove all configured vendor
extensions). Previously, such an attempt was met with a D-Bus assert and
rejection of the operation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-31 13:34:52 +02:00
Jouni Malinen
54e06b4ffb D-Bus: Fix memory leak on P2PDeviceConfig::VendorExtension
The wps_vendor_ext array can be set using D-Bus Set(P2PDeviceConfig)
with the VendorExtension key in the dictionary. However, there was no
code for freeing the allocated memory when the interface is removed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-31 13:07:13 +02:00
Jouni Malinen
68bb007743 D-Bus: Fix GONegotiationSuccess signal passphrase format
Passphrase is a variable length string of (8..63 characters), not a byte
array of fixed 64 octets.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-31 11:44:42 +02:00
Jouni Malinen
3cccf0b870 D-Bus: Make wpas_dbus_error_scan_error() static
This function is not used anywhere outside this file.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-31 11:00:54 +02:00
Jouni Malinen
2544394406 D-Bus: Fix ServiceDiscoveryResponse to accept int32 dialog_token
The ServiceDiscoveryRequest signal uses int32 for encoding dialog_token
for some reason (even though this is a u8 field).
ServiceDiscoveryResponse is supposed to accept the values from the
signal as-is, so extend that to accept int32 in addition to the
previously used uint32.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-31 10:47:31 +02:00
Jouni Malinen
9c4694ce7c D-Bus: Fix memory leaks on AddService/DeleteService error paths
The query and service parameters need to be freed on all paths to avoid
memory leaks in error cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-31 01:05:46 +02:00
Jouni Malinen
b07f1ebe0f D-Bus: Fix .Group Set(WPSVendorExtensions) format
The earlier implementation seemed to require a strange extra
encapsulation with a dictionary for setting the WPSVendorExtensions
property while this was defined to have aay signature and the get
operation did indeed return and array of array of bytes without that
dictionary. Fix this to accept aay format for the setter as well. Keep
support for the old dictionary encapsulation format for backwards
compatibility.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-30 22:22:39 +02:00
Jouni Malinen
8509fb5cce D-Bus: Fix memory leak on P2P GO WPSVendorExtensions
It was possible to add WPS vendor extensions through the D-Bus
WPSVendorExtensions setter, but these extensions were not freed when the
P2P GO was stopped or when replacing previously configured extensions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-30 22:22:39 +02:00
Jouni Malinen
4e70bbf1c6 SAE: Clear keys from memory on disassociation
There is no need to keep temporary keys in memory beyond the end of the
association, so explicitly clear any SAE buffers that can contain keys
as soon as such keys are not needed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 20:00:02 +02:00
Jouni Malinen
6df1973988 Clear psk_list while freeing config_ssid instances
Previously, the main PSK entry was cleared explicitly, but psk_list
could include PSKs for some P2P use cases, so clear it as well when
freeing config_ssid instances.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Jouni Malinen
e886c88e95 Explicitly clear the temporary stack-based PSK buffer
There is no need to leave this temporary key in stack memory after
having been configured to the WPA state machine.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Jouni Malinen
658da804e5 Explicitly clear the temporary stack-based key for WPA-None
There is no need to leave this temporary key in stack memory after
having been configured to the driver.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Jouni Malinen
f42df14415 WPS ER: Explicitly clear PSK from stack after use
There is no need to leave the PSK from temporary Credential structure
that was built in stack after that Credential has been passed to the WPS
module.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Jouni Malinen
ce52d031e5 Clear wpa_psk memory when setting up wpa_supplicant AP mode
This is more of a theoretical case since this part is done only during
setup and the structure is not allocated in practice. Anyway,
maintaining more consistent use of bin_clear_free() for structures that
may contain keys is useful.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Jouni Malinen
74df9c1c43 D-Bus(old): Remove duplicated blob->data check
This was already verified to be non-NULL above and there is no point in
having an extra check after the pointer has already been dereferenced.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
8193e01e5b D-Bus(old): Remove unnecessary wpa_supplicant_state_txt() check
This function cannot return NULL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
62856ad989 D-Bus(old): Fix removeNetwork and selectNetwork error handling
wpas_dbus_decompose_object_path() may leave the network part NULL on
unexpected path. This resulted in NULL pointer dereference when
processing an invalid removeNetwork or selectNetwork call. Fix this by
explicitly verifying that the network part was included in the object
path.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
84edd136b5 D-Bus(old): Fix interface to show correct err_msg for blob removal
The "Invalid blob name" string was not shown since the zero-length name
was used regardless of first verifying that it should not be allowed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00