Commit graph

294 commits

Author SHA1 Message Date
Arnout Vandecappelle (Essensium/Mind)
bfcdac1c8b Multi-AP: Don't reject backhaul STA on fronthaul BSS
The Multi-AP specification only specifies that information elements have
to be added to the Association Request and Association Response frame;
it doesn't specify anything about what should be done in case they are
missing. Previously, we rejected non-backhaul associations on a
backhaul-only BSS, and non-fronthaul associations on a fronthaul-only
BSS.

However, this makes WPS fail when fronthaul and backhaul are separate
SSIDs. Indeed, WPS for the backhaul link is performed on the *fronthaul*
SSID. Thus, the Association Request frmae used for WPS *will* contain
the Multi-AP IE indicating a backhaul STA. Rejecting that association
makes WPS fail.

Therefore, accept a multi-AP backhaul STA Association Request frame on a
fronthaul-only BSS. Still issue a warning about it, but only at level
DEBUG intead of INFO. Also change the condition checking to make it
clearer.

While we're at it, also fix the handling of unexpected bits in the
Multi-AP IE. 4 bits are reserved in the specification, so these
certainly have to be ignored. The specification also doesn't say that
setting one of the other bits is not allowed. Therefore, only report
unexpected values in the Multi-AP IE, don't reject because of it. Note
that a malformed IE (containing more than one byte) still triggers a
rejection.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-02-18 20:21:01 +02:00
Jouni Malinen
b0e91e3877 SAE: VLAN assignment based on SAE Password Identifier
The new sae_password parameter [|vlanid=<VLAN ID>] can now be used to
assign stations to a specific VLAN based on which SAE Password
Identifier they use. This is similar to the WPA2-Enterprise case where
the RADIUS server can assign stations to different VLANs and the
WPA2-Personal case where vlanid parameter in wpa_psk_file is used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-17 17:24:23 +02:00
Jouni Malinen
4cf5efece3 FT: Allow STA entry to be removed/re-added with FT-over-the-DS
FT-over-the-DS has a special case where the STA entry (and as such, the
TK) has not yet been configured to the driver depending on which driver
interface is used. For that case, allow add-STA operation to be used
(instead of set-STA). This is needed to allow mac80211-based drivers to
accept the STA parameter configuration. Since this is after a new
FT-over-DS exchange, a new TK has been derived after the last STA entry
was added to the driver, so key reinstallation is not a concern for this
case.

Fixes: 0e3bd7ac68 ("hostapd: Avoid key reinstallation in FT handshake")
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-04 23:22:46 +02:00
Jouni Malinen
2ea1fce3d6 OCE: RSSI-based rejection to consider Authentication frames (AP)
Try to make RSSI-based rejection of associating stations a bit less
likely to trigger false rejections by considering RSSI from the last
received Authentication frame. Association is rejected only if both the
Authentication and (Re)Association Request frames are below the RSSI
threshold.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-01-01 18:18:53 +02:00
Beni Lev
076f1ea1d9 OCE: Add RSSI based association rejection support (AP)
An AP might reject a STA association request due to low RSSI. In such
case, the AP informs the STA the desired RSSI improvement and a retry
timeout. The STA might retry to associate even if the RSSI hasn't
improved if the retry timeout expired.

Signed-off-by: Beni Lev <beni.lev@intel.com>
2019-01-01 18:18:50 +02:00
Venkateswara Naralasetty
9c06f0f6ae hostapd: Add Multi-AP protocol support
The purpose of Multi-AP specification is to enable inter-operability
across Wi-Fi access points (APs) from different vendors.

This patch introduces one new configuration parameter 'multi_ap' to
enable Multi-AP functionality and to configure the BSS as a backhaul
and/or fronthaul BSS.

Advertise vendor specific Multi-AP capabilities in (Re)Association
Response frame, if Multi-AP functionality is enabled through the
configuration parameter.

A backhaul AP must support receiving both 3addr and 4addr frames from a
backhaul STA, so create a VLAN for it just like is done for WDS, i.e.,
by calling hostapd_set_wds_sta(). Since Multi-AP requires WPA2 (never
WEP), we can safely call hostapd_set_wds_encryption() as well and we can
reuse the entire WDS condition.

To parse the Multi-AP Extension subelement, we use get_ie(): even though
that function is meant for parsing IEs, it works for subelements.

Signed-off-by: Venkateswara Naralasetty <vnaralas@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2018-12-20 01:04:14 +02:00
Mathy Vanhoef
99621dc16c OCV: Include and verify OCI in the FILS handshake
Include and verify the OCI element in FILS (Re)Association Request and
Response frames.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 15:50:12 +02:00
Mathy Vanhoef
f9da7505bf OCV: Include and verify OCI in SA Query frames
Include an OCI element in SA Query Request and Response frames if OCV
has been negotiated.

On Linux, a kernel patch is needed to let clients correctly handle SA
Query Requests that contain an OCI element. Without this patch, the
kernel will reply to the SA Query Request itself, without verifying the
included OCI. Additionally, the SA Query Response sent by the kernel
will not include an OCI element. The correct operation of the AP does
not require a kernel patch.

Without the corresponding kernel patch, SA Query Requests sent by the
client are still valid, meaning they do include an OCI element.
Note that an AP does not require any kernel patches. In other words, SA
Query frames sent and received by the AP are properly handled, even
without a kernel patch.

As a result, the kernel patch is only required to make the client properly
process and respond to a SA Query Request from the AP. Without this
patch, the client will send a SA Query Response without an OCI element,
causing the AP to silently ignore the response and eventually disconnect
the client from the network if OCV has been negotiated to be used.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-17 15:42:23 +02:00
Mathy Vanhoef
ad20a1367f Store the VHT Operation element of an associated STA
APs and mesh peers use the VHT Operation element to advertise certain
channel properties (e.g., the bandwidth of the channel). Save this
information element so we can later access this information.

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
2018-12-16 18:35:30 +02:00
Jouni Malinen
f3784a6b94 HS 2.0: Reject Hotspot 2.0 Rel 2 or newer association without PMF
Hotspot 2.0 Rel 2 requires PMF to be enabled.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-08 14:06:58 +02:00
Jouni Malinen
17adac9ef9 FILS: Do not process FILS HLP request again while previous one is pending
It is better not to process a new (most likely repeated) FILS HLP
request if a station retransmits (Re)Association Request frame before
the previous HLP response has either been received or timed out. The
previous implementation ended up doing this and also ended up
rescheduling the fils_hlp_timeout timer in a manner that prevented the
initial timeout from being reached if the STA continued retransmitting
the frame. This could result in failed association due to a timeout on
the station side.

Make this more robust by processing (and relaying to the server) the HLP
request once and then ignoring any new HLP request while the response
for the relayed request is still pending. The new (Re)Association
Request frames are otherwise processed, but they do not result in actual
state change on the AP side before the HLP process from the first
pending request is completed.

This fixes hwsim test case fils_sk_hlp_oom failures with unmodified
mac80211 implementation (i.e., with a relatively short retransmission
timeout for (Re)Association Request frame).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-12-07 16:03:40 +02:00
Jouni Malinen
8fc6d88465 OWE: Fix association rejection behavior
If association failed for any non-OWE specific reason, the previous
implementation tried to add the OWE related IEs into the (Re)Association
Response frame. This is not needed and could actually result in
dereferencing a NULL pointer. Fix this by adding those OWE related IEs
only for successful association and only if the RSN state machine has
been initialized.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-02 20:21:21 +02:00
Jouni Malinen
e0785ebbbd Use more consistent Action frame RX handling in both AP mode paths
Both handle_action() and hostapd_action_rx() are used for processing
received Action frames depending on what type of driver architecture is
used (MLME in hostapd vs. driver) and which build options were used to
build hostapd. These functions had a bit different sequence for checking
the frame and printing debug prints. Make those more consistent by
checking that the frame includes the category-specific action field and
some payload. Add a debug print for both functions to make it easier to
see which path various Action frames use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-12-01 20:30:09 +02:00
Ashok Kumar
edb28006c4 PMF: Do not start SA Query procedure if there is no association
Previous implementation ended up triggering PMF check for previous
association and SA Query procedure incorrectly in cases where there is a
STA entry in hostapd, but that STA is not in associated state. This
resulted in undesired temporary rejection of the association with status
code 30.

This ended up breaking OWE group negotiation when PMF is in use since
the check for the OWE group would have happened only after this earlier
PMF check and rejection (i.e., the station got status code 30 instead of
the expected 77).

For example, when the AP is configured with OWE group 21 and a station
tries groups 19, 20, and 21 (in this sequence), the first two
Association Request frames should be rejected with status code 77.
However, only the first one got that status code while the second one
got status code 30 due to that issue with PMF existing association
check.

Furthermore, hostapd was continuing with SA Query procedure with
unencrypted Action frames in this type of case even though there was no
existing association (and obviously, not an encryption key either).

Fix this by checking that the STA entry is in associated state before
initiating SA Query procedure based on the PMF rules.

Signed-off-by: Ashok Kumar <aponnaia@codeaurora.org>
2018-10-16 00:33:20 +03:00
Jouni Malinen
dc1b1c8db7 Drop logging priority for handle_auth_cb no-STA-match messages
This message was printed and MSG_INFO level which would be more
reasonable for error cases where hostapd has accepted authentication.
However, this is not really an error case for the cases where
authentication was rejected (e.g., due to MAC ACL). Drop this to use
MSG_DEBUG level.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-10-14 20:03:55 +03:00
Jouni Malinen
6588f71222 Reduce undesired logging of ACL rejection events from AP mode
When Probe Request frame handling was extended to use MAC ACL through
ieee802_11_allowed_address(), the MSG_INFO level log print ("Station
<addr> not allowed to authenticate") from that function ended up getting
printed even for Probe Request frames. That was not by design and it can
result in excessive logging and MSG_INFO level if MAC ACL is used.

Fix this by printing this log entry only for authentication and
association frames. In addition, drop the priority of that log entry to
MSG_DEBUG since this is not really an unexpected behavior in most MAC
ACL use cases.

Fixes: 92eb00aec2 ("Extend ACL check for Probe Request frames")
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-10-14 19:57:22 +03:00
Andreas Tobler
b5ebe5dd5b hostapd: Send an event before throwing a station on re-authentication
If you modify the WLAN-STA-AUTHORIZED bit in sta->flags, you have to
call the ap_sta_set_authorized() function to make sure the corresponding
event is sent over the control interface. Otherwise we leak entries in
the event history.

Signed-off-by: Andreas Tobler <andreas.tobler@cloudguard.ch>
2018-09-02 12:48:32 +03:00
Jouni Malinen
3a8dd390c9 SAE: Allow authentication restart on AP
In the infrastructure BSS case, the AP needs to clear pending SAE state
if a new Commit message is received when already in Committed state.
This allows the non-AP STA to negotiate a new group if it ends up trying
to go through SAE authentication again before the AP side has removed
the previous STA entry.

This fixes an issue where a kernel update changed something in SAE
timing or authentication sequence and started failing the
sae_bignum_failure hwsim test case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-20 13:04:31 +03:00
Jouni Malinen
e8d08cf378 SAE: Do not drop STA entry on reauthentication in infrastructure BSS
A new SAE Commit message should not be allowed to drop an existing STA
entry since the sender of that Commit message cannot be authenticated
before receiving the Confirm message. This is important in particular
when PMF is used since this would provide a potential new path for
forcing a connection to be dropped.

Fix this by allowing a new SAE Authentication instance to be started
when the old instance is in Accepted state and the new Commit message
does not use the same peer-scalar value (checked in
sae_parse_commit_scalar()). When PMF is used, the AP will use SA Query
procedure when receiving the (Re)Association Request frame. In theory,
that step could be skipped in case of SAE Authentication since the
non-AP STA is demonstrating knowledge of the password. Anyway, there is
no allowance for that exception in the IEEE 802.11 standard, so at least
for now, leave this using SA Query procedure just like any other PMF
case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-06-06 01:22:01 +03:00
Jouni Malinen
2cf36d6085 FT: Handle AssocResp generation failures as fatal errors
Instead of sending out a partially completed frame, abort the
association process if something unexpected happens and remove the STA
entry.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 21:50:36 +03:00
Jouni Malinen
a7968ea568 FT: FTE generation for SHA384-based AKM on AP
The MIC field is now a variable length field, so make FTE generation in
hostapd aware of the two different field lengths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-06-05 20:16:37 +03:00
Jouni Malinen
9be19d0b9c SAE: Add support for using the optional Password Identifier
This extends the SAE implementation in both infrastructure and mesh BSS
cases to allow an optional Password Identifier to be used. This uses the
mechanism added in P802.11REVmd/D1.0. The Password Identifier is
configured in a wpa_supplicant network profile as a new string parameter
sae_password_id. In hostapd configuration, the existing sae_password
parameter has been extended to allow the password identifier (and also a
peer MAC address) to be set. In addition, multiple sae_password entries
can now be provided to hostapd to allow multiple per-peer and
per-identifier passwords to be set.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-19 17:30:29 +03:00
Jouni Malinen
67cca34645 HS 2.0: Copy Roaming Consortium OI from (Re)AssocReq to Access-Request
This extends hostapd processing of (Re)Association Request frames to
store a local copy of the Consortium OI within the Roaming Consortium
Selection element, if present, and then add that in HS 2.0 Roaming
Consortium attribute into RADIUS Access-Request messages.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-17 16:40:47 +03:00
Michael Braun
13f118dc59 Convert STA session_timeout to os_reltime
This is needed to allow the remaining session time to be computed for FT
(when sending PMK-R1 to another AP).

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:48:11 +03:00
Michael Braun
17a8a9893f Fix potential memory leak with identity/radius_cui
ieee802_11_set_radius_info() might be called with a STA entry that has
already stored identity and/or radius_cui information, so make sure the
old values get freed before being replaced by the new ones.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:01:16 +03:00
Ben Greear
c6b5b9a33b hostapd: Add more authentication error case debugging
This can help one understand better why stations are failing
to authenticate.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-04-02 16:53:10 +03:00
Ben Greear
e2fc13d0ab hostapd: Add logging around Michael MIC related failures
This can help one understand better why stations are failing
to authentication/associate.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-04-02 16:51:29 +03:00
Ben Greear
e7525a2954 hostapd: Add send_auth_reply() caller info in debug logging
This can help one understand better what happens during the
authentication exchange.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2018-04-02 16:47:26 +03:00
Jouni Malinen
9d94e4bb6b SAE: Fix PMKID in EAPOL-Key msg 1/4
Previously, the association that used SAE authentication ended up
recalculating the PMKID for EAPOL-Key msg 1/4 using incorrect
PMK-to-PMKID derivation instead of using the previously derived PMKID
from SAE. The correct PMKID was used only when going through PMKSA
caching exchange with a previously derived PMKSA from SAE.

Fix this by storing the SAE PMKID into the state machine entry for the
initial SAE authentication case when there is no explicit PMKSA entry
attached to the station.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-23 18:44:48 +02:00
Jouni Malinen
8aa599d45a Add more debug prints for 20/40 BSS Coexistence Management frame Rx
This makes it easier to understand what kind of information a STA is
reporting about 20/40 MHz coexistence requirements.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-21 16:32:35 +02:00
Ashok Ponnaiah
f5701cc66e OWE: Clean up pointer check in a testing code path
Check wpa_auth_write_assoc_resp_owe() return value to keep static
analyzers happier. The code path where this could happen is not really
reachable due to the separate hapd->conf->own_ie_override check and
wpa_auth_write_assoc_resp_owe() returning NULL only in an error case in
the override path. Furthermore, clean up the pointer return value to use
a proper pointer (NULL vs. 0).

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-03-19 19:08:34 +02:00
Tamizh chelvam
92eb00aec2 Extend ACL check for Probe Request frames
Extend ACL check to deny Probe Request frames for the client which does
not pass ACL check. Skip this check for the case where RADIUS ACL is
used to avoid excessive load on the RADIUS authentication server due to
Probe Request frames. This patch add wpa_msg event for auth and assoc
rejection due to acl reject.

Signed-off-by: Tamizh chelvam <tamizhr@codeaurora.org>
2018-03-03 00:42:16 +02:00
Ashok Ponnaiah
a22e235fd0 OWE: Add testing RSNE for OWE assoc response with driver SME/MLME
Allow RSNE to be overwritten for testing purposes also in the
driver-based SME/MLME case.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-12 21:31:04 +02:00
Jouni Malinen
659ac96d7f ieee802_11_mgmt: Handle frame info more consistently
Check for the fi parameter to be non-NULL before trying to fetch the
ssi_signal information similarly to how the fi->freq was already
handled. While the meta information is supposed to be available, it
looks like there is at least one corner case where fi == NULL could be
used (Authentication frame reprocessing after RADIUS-based ACL).

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-07 12:34:41 +02:00
Ashok Ponnaiah
79ce2d519b OWE: Rename function to match use (driver-SME/MLME)
This function is used to process a (Re)Association Request frame, so
rename it appropriately to mention assoc_req instead of auth_req.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-02-06 20:27:41 +02:00
Ashok Ponnaiah
759da93a89 OWE: Check for ECDH availability before use (driver-SME/MLME)
Verify that the STA has ECDH data available before trying to use this
data to add the OWE DH Params element.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-02-06 20:25:41 +02:00
Ashok Ponnaiah
af65ef28f4 OWE: Add RSNE when not using PMKSA caching (driver-SME/MLME)
RSNE needs to be added both with and without use of PMKSA caching.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-02-06 20:22:53 +02:00
Ashok Ponnaiah
5850cba384 OWE: Support DH groups 20 and 21 with driver-SME/MLME
This was already the case with the hostapd-based SME/MLME
implementation, but the OWE DH Param element construction for the
driver-based SME/MLME needed a matching change to set the group
properly.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-02-06 20:20:22 +02:00
Ashok Ponnaiah
cd483be252 OWE: Use PMKSA caching if available with driver AP MLME
If a matching PMKSA cache entry is present for an OWE client, use it and
do not go through DH while processing Association Rquest frame.
Association Response frame will identify the PMKID in such a case and DH
parameters won't be present.

Signed-off-by: Ashok Ponnaiah <aponnaia@codeaurora.org>
2018-02-01 23:58:46 +02:00
Jouni Malinen
feba5848be Replace RSNE group key management mismatch status/reason codes
Use "cipher out of policy" value instead of invalid group cipher (which
is for the group data frame cipher) and management frame policy
violation (which is used for MFPC/MFPR mismatch).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 01:12:00 +02:00
Jouni Malinen
c5cc7a59ac Report offchannel RX frame frequency to hostapd
Not all code paths for management frame RX reporting delivered the
correct frequency for offchannel RX cases. This is needed mainly for
Public Action frame processing in some special cases where AP is
operating, but an exchange is done on a non-operational channel. For
example, DPP Initiator role may need to do this.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-08 03:37:48 +02:00
Jouni Malinen
c4fc7e31c7 SAE: Set special Sc value when moving to Accepted state
Set Sc to 2^16-1 when moving to Accepted state per IEEE Std 802.11-2016,
12.4.8.6.5 (Protocol instance behavior - Confirmed state). This allows
the peer in Accepted state to silently ignore unnecessary
retransmissions of the Confirm message.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 12:19:08 +02:00
Jouni Malinen
abcbd0604c SAE: Add Rc variable and peer send-confirm validation
This implements the behavior described in IEEE Std 802.11-2016,
12.4.8.6.6 (Protocol instance behavior - Accepted state) to silently
discard received Confirm message in the Accepted state if the new
message does not use an incremented send-confirm value or if the special
2^16-1 value is used. This avoids unnecessary processing of
retransmitted Confirm messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 12:19:08 +02:00
Jouni Malinen
9249afc8e1 SAE: Print state changes in debug log
This makes it easier to follow state changes in SAE protocol instances.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 00:07:42 +02:00
Jouni Malinen
d8b841eba8 SAE: Make dot11RSNASAESync configurable
The new hostapd.conf parameter sae_sync (default: 5) can now be used to
configure the dot11RSNASAESync value to specify the maximum number of
synchronization errors that are allowed to happen prior to
disassociation of the offending SAE peer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-26 12:46:22 +02:00
Jouni Malinen
1489fcf87d FILS: Do not leave error value in left counter
If fils_decrypt_assoc() were to fail on the AP side, the previous
implementation could have continued through the response generation
using left = -1. That could have resulted in unexpected processing if
this value were to be used as the length of the remaining (unencrypted)
IEs. Fix this by not updating left in the failure case.

Fixes: 78815f3dde ("FILS: Decrypt Association Request elements and check Key-Auth (AP)")
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-24 12:26:38 +02:00
Jouni Malinen
fe12ae777f Fix Status Code in TKIP countermeasures case
The previously used WLAN_REASON_MICHAEL_MIC_FAILURE (14) value as a
response to Authentication frame or (Re)Association Request frame is not
correct since the resp value is encoded in the Status Code (not Reason
Code) field. Status Code 14 is WLAN_STATUS_UNKNOWN_AUTH_TRANSACTION
which is really what this value would have meant in the response frames.

There is no Michael MIC failure status code, so have to use the generic
"Unspecified failure" (1) reason code for these cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
bhagavathi perumal s
65f9db6bc2 hostapd: Add extended capabilities into STA command
Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
2017-10-31 00:31:31 +02:00
bhagavathi perumal s
ba72b4b126 hostapd: Add Min/Max Transmit Power Capability into STA command
This provides access to the Minimum/Maximum Transmit Power Capabilitie
fileds (the nominal minimum/maximum transmit power with which the STA
is capable of transmitting in the current channel; signed integer in
units of decibels relative to 1 mW).

Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
2017-10-31 00:22:58 +02:00
Ashok Kumar Ponnaiah
33c8bbd8ca OWE: Add AP mode handling of OWE with drivers that implement SME
Handle OWE DH exchange and key setup when processing the association
event from a driver that implements AP SME.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-30 23:24:42 +02:00