This allows drivers that build the WPA/RSN IEs internally to use similar
design for building the OSEN IE.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
There is not much point in building devices with WPS 1.0 only supported
nowadays. As such, there is not sufficient justification for maintaining
extra complexity for the CONFIG_WPS2 build option either. Remove this by
enabling WSC 2.0 support unconditionally.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Use P2P group formation timeout to wait for the 4-way handshake to
complete on a persistent reinvocation on a P2P Client.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Scan for GO on the negotiated operating channel for few iterations
before searching on all the supported channels during persistent group
reinvocation. In addition, use the already known SSID of the group in
the scans. These optimizations reduce group formation time.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes it easier to debug wpa_supplicant behavior when reporting
20/40 MHz co-ex information based on OBSS scans.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The 40 MHz intolerant bit needs to be checked before skipping the BSS
based on the channel already being in the lost (which could have
happened due to another BSS that does not indicate 40 MHz intolerant).
This fixed the 20/40 MHz co-ex report to indicate 20 MHz request
properly if there are both 40 MHz tolerant and intolerant BSSes on the
same channel.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
It does return something: the reference of the request, as an integer,
which can be used then with ServiceDiscoveryCancelRequest to get
canceled.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
p2p_sd_cancel_request returns -1 in case of error, so does
wpas_p2p_sd_cancel_request.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Whenever an ongoing GO Neg has failed, due to interface init, the P2P
Device should cancel timeouts and issue wpas_p2p_group_formation_failed,
so the other peer detects faster group formation has failed.
Signed-off-by: Eduardo Abinader <eduardo.abinader@openbossa.org>
Some old device need to set p2p_no_group_iface=1 to set up a P2P
connection, so add a D-Bus interface to configure it.
Signed-off-by: Guoqiang Liu <guoqiang.liu@archermind.com>
"SET blob <name> <hexdump>" can now be used to set a configuration blob
through the wpa_supplicant control interface.
Signed-off-by: Jouni Malinen <j@w1.fi>
The radio_work type was stored within the dynamically allocated
wpa_radio_work buffer and that buffer ended up getting freed before the
final use of the type string within radio_work_done(). This resulted in
freed memory being used for a debug print. Avoid this by freeing the
wpa_external_work instance after having completed radio_work_done() for
the related work.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This allows hostapd to set a different management group cipher than the
previously hardcoded default BIP (AES-128-CMAC). The new configuration
file parameter group_mgmt_cipher can be set to BIP-GMAC-128,
BIP-GMAC-256, or BIP-CMAC-256 to select one of the ciphers defined in
IEEE Std 802.11ac-2013.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If a group interface is present and the command was issued on the group
interface, enable the token for that interface instead of creating a new
one.
Signed-off-by: Manish <manish.bansal@broadcom.com>
A previous patch "Support VHT capability overrides" missed one
place where HT overrides were being applied and where it would
also be useful to apply VHT overrides.
Signed-hostap: Paul Stewart <pstew@chromium.org>
The ieee80211w parameter was not previously copied to the hostapd BSS
structure from wpa_supplicant configuration, so PMF was practically
disabled. Allow it to be configured through the wpa_supplicant network
configuration block.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add "reattach" command to perform single-channel single-ssid scan
instead of full scan when trying to reconnect to the currently
"connected" network (assuming old scan results are not current enough to
skip the scan completely). This allows the scan result to come back in
much faster time. In ath9k, the scan took around 12 seconds with full
background scan, and only 0.1 second with the single-channel single-ssid
scan. Thus, take much less time for the client to re-establish
connection with the currently "connected" network.
Signed-hostap: Peter Qiu <zqiu@chromium.org>
This makes stations associate much faster when using lots of stations.
In addition, this avoids delaying the initial scan continuously for
dynamic interface removal/addition cases.
Signed-hostap: Ben Greear <greearb@candelatech.com>
When a sched_scan_stopped event is received and there is a pending PNO,
it used regular scheduled scan parameters instead of PNO specific
parameters. Change it by calling wpas_start_pno().
Signed-off-by: Alexander Bondar <alexander.bondar@intel.com>
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Move pno_start() and pno_stop() to scan.c as a more relevant location
and rename them to wpas_start_pno()/wpas_stop_pno().
Signed-off-by: Alexander Bondar <alexander.bondar@intel.com>
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Previously, EAP-SIM/AKA/AKA' did not work with number of crypto
libraries (GnuTLS, CryptoAPI, NSS) since the required FIPS 186-2 PRF
function was not implemented. This resulted in somewhat confusing error
messages since the placeholder functions were silently returning an
error. Fix this by using the internal implementation of FIP 186-2 PRF
(including internal SHA-1 implementation) with crypto libraries that do
not implement this in case EAP-SIM/AKA/AKA' is included in the build.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This enables more convenient protocol testing of AP and P2P
functionality in various error cases and unexpected sequences without
having to implement each test scenario within wpa_supplicant.
ext_mgmt_frame_handle parameter can be set to 1 to move all management
frame processing into an external program through control interface
events (MGMT-RX and MGMT-TX-STATUS) and command (MGMT_TX). This is
similar to the test interface that was added to hostapd previously, but
allows more control on offchannel operations and more direct integration
with the internal P2P module.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add an option to specify a configuration file that can be used to hold
the P2P_DEVICE configuration parameters. If this option is not used, the
P2P_DEVICE configuration parameters will be read from interface
configuration file.
Note that it is advised to use this option in some cases such as:
If a P2P_DEVICE is supported by the driver, the wpa_supplicant creates a
dedicated P2P Device interface, where the configuration file used for
the main interface is used. As a consequence, if the configuration file
includes network definition etc., the wpa_supplicant will try to perform
station specific flows on the P2P Device interface which will fail.
If a P2P_DEVICE is supported by the driver and update_config is used,
the P2P Device configuration data will override the main interface
configuration data.
Signed-hostap: Ilan Peer <ilan.peer@intel.com>
wpa_supplicant already allowed beacon interval to be configured for AP
mode operations, but this was not passed to the driver for IBSS even
though the same parameter can used for that case. Add this for the
nl80211 driver interface to allow beacon interval to be controlled for
IBSS as well.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit adds an option to optimize AP teardown by leaving the
deletion of keys (including group keys) and stations to the driver.
This optimization option should be used if the driver supports stations
and keys removal when stopping an AP.
For example, the optimization option will always be used for cfg80211
drivers since cfg80211 shall always remove stations and keys when
stopping an AP (in order to support cases where the AP is disabled
without the knowledge of wpa_supplicant/hostapd).
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
wpa_supplicant started delayed sched scan also on P2P Device interfaces,
resulting in erroneous scans and connection attempts. Skip that on
driver init when the interface is dedicated only for P2P management
purposes.
Signed-off-by: Eliad Peller <eliadx.peller@intel.com>
As a P2P group has a unique SSID and one security domain, it does
not make sense to enable background scanning for roaming purposes.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Do not initialize bgscan if the user explicitly set bgscan to an empty
string. Without this patch wpa_supplicant tries to initialize bgscan to
the first option if the string is empty.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Add a callback to the driver interface that allows vendor specific
commands to be sent. In addition, a control interface command is added
to expose this new interface outside wpa_supplicant:
Vendor command's format:
VENDOR <vendor id> <sub command id> [<hex formatted data>]
The 3rd argument will be converted to binary data and then passed as
argument to the sub command.
This interface is driver independent, but for now, this is only
implemented for the nl80211 driver interface using the cfg80211 vendor
commands.
Signed-off-by: Beni Lev <beni.lev@intel.com>
Passing a pointer to an error reply message is not very robust since
memory allocation could fail even for that error message. Instead, use a
separate error value as the return value from get_peer_hwaddr_helper()
and return a pointer to the error message through a pointer-to-pointer
so that the error case will always be clear.
Signed-off-by: Jouni Malinen <j@w1.fi>
The pos pointer can be compared to the start of the buffer pointer to
determine whether the entry is the first one in the list. This gets rid
of some static analyzer warnings about unused variable writes.
Signed-off-by: Jouni Malinen <j@w1.fi>
The group name is not used on these paths, so just remove it from the
directory name without updating gid_str to point to the unused group
name.
Signed-off-by: Jouni Malinen <j@w1.fi>
The scan result comparison routine would not make much sense without
current BSS level known, so return from the function without going
through the iteration that could have dereferenced the pointer if
wpa_s->current_bss == NULL.
Signed-off-by: Jouni Malinen <j@w1.fi>
The special case of non-zero status code used in a GAS Comeback Response
frame to indicate that additional delay is needed before the response is
available was not working properly. This case needs to allow the status
code check to be bypassed for the comeback case prior to having received
any response data.
Signed-off-by: Jouni Malinen <j@w1.fi>
The simulated SIM/USIM case uses a separate milenage cred parameter, so
this cred password parameter was unused for this credential type.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commits 7ef6947993 and
533536d82a added this temporarily
disabling case, but those commits were merged in without having been
converted to the new os_reltime design used for ssid->disabled_until.
Consequently, they ended up disabling the network for 44 years or so too
long time (depending on what values the relative timestamp had
accummulated so far). Fix this by using relative timestamps
consistently.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Commit d28f4e44f1 optimized Interworking
network selection in a case where the operation is run while already
connected to the selected network by skipping the reconnection. However,
this did not take into account that a higher priority network may have
shown up in the new scan results.
Fix this by checking whether network selection based on the latest scan
results (the ones from the interworking_select operation) would result
in a network with higher priority being selected. If so, skip the
optimization and force normal network connection (which will select this
newly found higher priority network). This fixes cases where a
non-Hotspot 2.0 network with higher priority (e.g., home network) shows
up while connected to a Hotspot 2.0 network with lower priority.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 3d910ef497 tried to make
last-network selection behave more consistently with Interworking
network selection preferences. However, it did not take into account
that other network block may have higher priority. In such cases, the
last added network from Interworking network selection should actually
not be selected for the next connection. Fix this by limiting the
last-network preference to work only within a priority class.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>