Commit graph

3774 commits

Author SHA1 Message Date
Jouni Malinen
361cdf3400 P2P: Extend use of group formation timeout until end of 4-way handshake
Instead of relying on the P2P group idle timeout before the group
connection has been fully established, re-start the group formation
timeout in the end of the WPS provisioning step and clear it at the
successful completion of the initial 4-way handshake. This allows the
P2P group idle timeout to be set to a small value without triggering it
during the initial scan and connection attempt.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-13 17:01:15 +03:00
Jouni Malinen
205e6474a1 P2P: Fix p2p_connect join scan handler in error cases
wpa_drv_scan() may fail for the initial p2p_connect join scan request,
e.g., if the driver happened to be scanning at the time the new
operation was initialized. Previously, a special scan result handler was
registered regardless of whether the new scan was started. This could
result in partial scan results (e.g., from p2p_find social scan) from
being used as full results for join (or now more importantly for
p2p_connect auto) purposes. Fix this by registering the new scan result
handler only if wpa_drv_scan() returns success.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-13 16:13:14 +03:00
Jouni Malinen
b31be3a0fd P2P: Add automatic GO Negotiation vs. join-a-group selection
p2p_connect command can now be used with an optional "auto" parameter
to request wpa_supplicant to determine automatically whether to use
join-a-group operation (if the peer is operating as a GO) or group
formation. This makes it easier for external programs to handle
connection type selection by offloading this to wpa_supplicant. The
previously used p2p_connect join commands can be replaced with
p2p_connect auto to use this new mechanism.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-13 16:04:36 +03:00
Jouni Malinen
7b63c6396a P2P: Clear P2P_DEV_SD_INFO when new wildcard SD query is added
Unlike the unicast SD queries, the queries directed to all peers depend
on P2P_DEV_SD_INFO flag being cleared to allow the query to be sent to
a peer that has previously replied to any SD query.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-11 17:51:19 +03:00
Vasanthakumar Thiagarajan
5cbf5fd9bd Allow disable_ht to override 11n configuration in AP mode
This is being done only for station mode, extend it to AP mode as well.

Signed-hostap: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com>
2012-04-11 16:24:03 +03:00
Jouni Malinen
a625ff6059 AP: Reschedule ap_handle_timer event on (re)association
Previously, the timeout scheduled during the previous association was
used after reassociation if the STA entry had not yet been removed. The
next timeout does not need to happen that quickly, so reschedule it
during reassociation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-11 14:24:24 +03:00
Jouni Malinen
42ca9845be AP: Add debug information for ap_handle_timer operations
This makes it easier to figure out what exactly was done with the
ap_handle_timer registration/cancellation based on a debug log.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-11 14:24:24 +03:00
Jouni Malinen
c72bd6d49b AP: Reset STA timeout_next on driver-based-SME association
The next ap_handle_timer action was already cleared when association
is handled with user space -based SME. However, this step was missing
from the driver callback for indicating new association. This could
result in the first ap_handle_timer timeout on the new association
removing the station unexpectedly. Fix this by resetting the timeout_next
in hostapd_notif_assoc().

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-04-11 14:06:50 +03:00
Jouni Malinen
31b4961f02 Fix EAP/WPS to PSK transition on reassociation in authenticator
A station may move from EAP/WPS key_mgmt to PSK using re-association. In
practice, this can happen most likely with WPS when the station runs
through the provisioning step (EAP/WPS) followed by PSK authentication.
If a deauthentication event is missed from the station for whatever
reason, the EAPOL authenticator state machine could have been left
running.

This can result in various issues, including unexpected disconnection of
the station while both the 4-way handshake and EAPOL authenticator state
machines (EAP) are running at the same time when the supplicant is
trying to use PSK. Fix this by explicitly clearing EAPOL authenticator
state machine on (re)association if the new association does not use it.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-04-10 21:30:46 +03:00
Jithu Jance
d3bd0f057c nl80211: Extend shared_freq to handle AP/GO mode interfaces
Signed-hostap: Jithu Jance <jithu@broadcom.com>
2012-04-08 20:44:05 +03:00
Jouni Malinen
86ae2e8a42 P2P: Fix shared freq check and support AP mode validation
The previous commit did not use the correct pointer in all operations
and was specific to station mode interfaces. Fix and extend it to work
with AP/GO interfaces, too.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-08 20:42:45 +03:00
Jouni Malinen
4b15620609 P2P: Abort join-group operation if concurrent group cannot be supported
If the driver does not indicate support for multi-channel concurrency,
abort join-group operation if the end result would result in use of
multiple operating frequencies with the same radio.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-08 20:12:05 +03:00
Jouni Malinen
7fa56233ae Scan only affected frequencies for 20/40 MHz co-ex check for
When starting an AP with HT40 on 2.4 GHz, limit the set of channels
to scan for based on the affected frequency range to speed up the
AP setup.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-08 12:12:32 +03:00
Jouni Malinen
3208b5a0fe Make random_add_randomness() debug print less verbose
Mark the debug print excessive and print it only in case the entropy
collection is used since this function can get called pretty frequently.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-08 11:34:54 +03:00
Jouni Malinen
9f98810c5d TLS: Use separate TLS library context for tunneled TLS
OpenSSL wrapper was using the same certificate store for both Phase 1
and Phase 2 TLS exchange in case of EAP-PEAP/TLS, EAP-TTLS/TLS, and
EAP-FAST/TLS. This would be fine if the same CA certificates were used
in both phases, but does not work properly if different CA certificates
are used. Enforce full separation of TLS state between the phases by
using a separate TLS library context in EAP peer implementation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-07 20:57:02 +03:00
Jouni Malinen
d755e01b34 Remove forgotten GPL language from man pages and README files
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-07 13:17:20 +03:00
Jouni Malinen
705a013b60 Android: Sync build configuration with defconfig changes
This brings up the changes from defconfig into the Android configuration
file, but does not change any of the actual build parameters.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-07 13:09:20 +03:00
Jouni Malinen
763a66f471 Remove experimental Symbian build
This was never really completed and is of not much use at this point,
so clean up the repository by removing the Symbian-specific changes.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-07 13:00:30 +03:00
Dmitry Shmidt
eff1a95b97 Add RANGE=ALL|N1-N2 selection for ctrl_iface BSS command
Add ability to get information about several BSS's in one call.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-04-07 12:50:25 +03:00
Dmitry Shmidt
5f97dd1c57 Add MASK=0xH option for the ctrl_iface BSS command
This optional parameter to the BSS command can be used to select which
fields are included in the output to avoid having to parse through
unneeded information and to reduce the buffer size.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-04-07 12:50:25 +03:00
Dmitry Shmidt
61ce90857e Move ctrl_iface BSS command response generation into a separate function
This is in preparation for allowing multiple BSS entries to be fetched
with a single command.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2012-04-07 12:06:35 +03:00
Jouni Malinen
873d0fcfd3 nl80211: Skip set_mode event subscription during deinit
There is no need to subscribe to event messages during deinit process,
so skip this to avoid unnecessary operations and to keep the debug logs
a bit cleaner.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-06 18:58:44 +03:00
Nirav Shah
103b8f4dea P2P: Disconnect P2P group on supplicant deinit
When a supplicant is deinited and shutting, disconnect from P2P groups.
This fixes a memory leak on variable dbus_groupobj_path on exiting
supplicant.

Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
2012-04-06 18:41:06 +03:00
Angie Chinchilla
eb6f8c2bd4 P2P: Fix crash for failure case when WSC PIN is entered incorrectly
When forming a P2P group using WSC PIN method, if the PIN is entered
incorrectly the P2P client supplicant instance will crash as a result
of cleanup happening on data that is still in use in a case where a
separate P2P group interface is used.

For example, here is the path for the first crash:
eap_wsc_process():
- creates struct wpabuf tmpbuf; on the stack
- sets data->in_buf = &tmpbuf;
- calls wps_process_msg()
- which calls wps_process_wsc_msg()
- which, in case WPS_M4: calls wps_fail_event()
- which calls wps->event_cb()
- wps->event_cb = wpa_supplicant_wps_event()
- wpa_supplicant_wps_event()
- wpa_supplicant_wps_event_fail()
- which calls wpas_clear_wps()
- which calls wpas_notify_network_removed()
- which calls wpas_p2p_network_removed()
- which calls wpas_p2p_group_formation_timeout()
- which calls wpas_group_formation_completed()
- which calls wpas_p2p_group_delete()
- which calls wpa_supplicant_remove_iface()
- which calls wpa_supplicant_deinit_iface()
- which calls wpa_supplicant_cleanup()
- which calls eapol_sm_deinit()
- ... which eventually uses the ptr data->in_buf to free tmpbuf, our
stack variable and then the supplicant crashes

If you fix this crash, you'll hit another. Fix it and then a segfault.
The way we're cleaning up and deleting data from under ourselves here
just isn't safe, so make the teardown portion of this async.

Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
intended-for: hostap-1
2012-04-06 18:22:03 +03:00
Jouni Malinen
4f920dc63e Do not write bg_scan_period value if default (-1) has not been changed
There is no need to force this configuration parameter to be written
into the configuration file for each network block that has not modified
the default value.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-06 18:11:47 +03:00
Angie Chinchilla
540609c55f Clarify comment in wpa_supplicant/defconfig
I think this comment, as originally stated, says the opposite of
what is meant. Reword to help the next guy.

Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
2012-04-06 18:07:44 +03:00
Ed Wildgoose
af548f5320 Save bgscan parameter into configuration file
Signed-off-by: Ed Wildgoose <lists@wildgooses.com>
intended-for: hostap-1
2012-04-06 17:59:34 +03:00
Neeraj Kumar Garg
c772ef43f6 P2P: Update BSS entries in P2P group interface only if P2P IE is present
For concurrency scenarios we should not update the scan results without
P2P IE to P2P group interfaces. This patch is to take care if a scan has
been requested on STA interface and scan results are getting updated
from sibling to P2P group interface. A P2P GO Probe Response for a
legacy STA scan would be without P2P IE. So it will wrongly update the
BSS list of P2P group interface too when results are updated from
sibling.

Since P2P group interfaces are used only for connecting to a P2P group,
it is fine to filter out all non-P2P entries from their BSS table.

Signed-off-by: Neeraj Garg <neerajkg@broadcom.com>
2012-04-06 14:58:22 +03:00
Ben Greear
5a49459ee8 Better wpa_cli error messages when connect fails
Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-04-06 12:15:30 +03:00
Ben Greear
9d05374796 Make bind failure messages unique
This helps someone know which part of the code is complaining.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-04-06 12:10:36 +03:00
Ben Greear
bae489d292 wpa_supplicant: Print initialization information on startup
This lets someone know if they have a log file that properly
starts at the beginning.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-04-06 11:52:17 +03:00
Ben Greear
ce28e2795a AP: Add fuzz to idle-timer calculations
This should keep us from getting into a state where we bounce large
numbers of stations all at once. Spreading out the bounce should cause
less stress on the network as the idle stations won't all be trying to
reconnect at once.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-04-06 11:47:29 +03:00
Johannes Berg
f05b6b18bb Add script to convert wpa_supplicant debug output to pcap
For debugging I needed to look at the frames in a wpa_supplicant debug
log. Looking at the hexdump is a bit tedious, so I wrote a quick script
to convert the nl80211 debugging output to a PCAP file that can be
opened in wireshark.

I've polished the initial raw script a bit to add error messages and to
also record the timestamps to the pcap file.

Hopefully it's useful to somebody else as well.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2012-04-05 19:49:17 +03:00
Anirban Sirkhell
71dd3b78f9 WPS: Allow vendor specific attribute to be added into M1
wps_vendor_ext_m1 configuration parameter can now be used to add a
vendor specific attribute into the WPS M1 message, e.g., for
Windows Vertical Pairing.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-04 00:08:57 +03:00
Jouni Malinen
2e9f078c8d nl80211: Indicate disconnect event as deauthentication
This was previously indicated as disassociation, but the P2P group
session ending case expect a deauthentication notification. Since the
cfg80211 disconnection event does not really indicate which frame was
used, the easiest approach for now seems to be to just indicate these
as deauthentication events.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-03 17:11:22 +03:00
Jouni Malinen
3fc14102f8 P2P: Remove client group on Deauthentication reason code 3
The GO can indicate that the P2P Group session is ending by sending a
Deauthentication frame with reason code 3 (Deauthenticated because
sending STA is leaving) based on P2P specification section 3.2.9. Use
this reason code to remove the P2P client group without waiting for the
group idle timeout.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-03 16:45:28 +03:00
Jouni Malinen
52b2004285 Change reason code for AP mode BSS termination to 3
Use reason code 3 (Deauthenticated because sending STA is leaving)
instead of reason code 2 (Previous authentication ot valid) in the
Deauthentication frame sent at the time a BSS is terminated. This is
more accurate reason for the message and allows the stations to get
better understand on why they were disconnected. This can be useful
especially for P2P clients that can use this as a signal that the
P2P group session was ended per P2P specification section 3.2.9.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-03 16:17:38 +03:00
Sujith Manoharan
1ed08baf89 hostapd: Do not allow HT in 11b mode
When the HW mode has been configured as 11b, disable HT
operations.

Signed-hostap: Sujith Manoharan <c_manoha@qca.qualcomm.com>
2012-04-03 12:03:18 +03:00
Eliad Peller
dbe7aa2225 P2P: Notify about disconnection only when needed
wpas_notify_state_changed() notified about disconnection when
new_state < WPA_ASSOCIATED, without checking the old state. This
results in extra processing which can be avoided by checking that
old_state was connected.

Signed-hostap: Eliad Peller <eliad@wizery.com>
intended-for: hostap-1
2012-04-01 21:49:03 +03:00
Eliad Peller
3c29244eb7 P2P: Add deinit_p2p_cli op to clear P2P client driver state
On P2P group removal, the GO is deinitialized correctly (and the vif
mode is set back to sta in case of nl80211), but the P2P client mode
wasn't deinitialized, and the nl80211 vif stays in P2P client mode.

Add a new deinit_p2p_cli op (similar to deinit_ap), which currently only
sets the interface back to station mode.

Signed-hostap: Eliad Peller <eliad@wizery.com>
intended-for: hostap-1
2012-04-01 21:41:23 +03:00
Jouni Malinen
e19fded66e Fix Probe Request processing in wpa_supplicant AP mode
Commit 2d43d37ff2 broke EVENT_RX_MGMT
processing in wpa_supplicant AP mode. ap_mgmt_rx() needs to be called
for Probe Request frames even if they get notified through the new
D-Bus signal mechanism.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-01 21:27:12 +03:00
Johannes Berg
2d43d37ff2 DBus: Add ability to report probe requests
Some applications require knowing about probe requests to identify
devices. This can be the case in AP mode to see the devices before they
connect, or even in P2P mode when operating as a P2P device to identify
non-P2P peers (P2P peers are identified via PeerFound signals).

As there are typically a lot of probe requests, require that an
interested application subscribes to this signal so the bus isn't always
flooded with these notifications. The notifications in DBus are then
unicast only to that application.

A small test script is also included.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2012-04-01 21:14:48 +03:00
Johannes Berg
baf513d695 Pass signal strength through, fix units
The signal strength is currently never used as the only driver reporting
it is nl80211 which uses IEEE80211_RADIOTAP_DB_ANTSIGNAL which is never
populated by the kernel. The kernel will (soon) populate
IEEE80211_RADIOTAP_DBM_ANTSIGNAL instead though, so use that.

Also, since it was never really populated, we can redefine the signal
field to be in dBm units only.

My next patch will also require knowing the signal strength of probe
requests throughout the code (where available), so add it to the
necessary APIs.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2012-04-01 18:48:12 +03:00
Luciano Coelho
370b076197 hostapd: Only update already-set beacons when processing OLBC
When hostapd is about to start an AP using HT40, it starts a scan to
check whether it is allowed or not. If OLBC is detected before the
scan has completed, it sets the beacons prematurely.

To fix this, instead of setting all beacons when OLBC is detected,
only update the ones that have already been started.

Signed-off-by: Luciano Coelho <coelho@ti.com>
2012-04-01 18:12:04 +03:00
Mukesh Agrawal
c6e86b63d2 Create DBus getter/setter for ScanInterval
Enable control of wpa_s->scan_interval via D-Bus. This parameter
controls the delay between successive scans for a suitable AP.

Also, update dbus.doxygen with ScanInterval, and some other
parameters that were undocumented.

Signed-hostap: Mukesh Agrawal <quiche@chromium.org>
2012-04-01 18:05:22 +03:00
Jouni Malinen
ca8e039fec Fix memory leaks on radius_client_send error paths
In case this function returns an error, the RADIUS message needs to
freed in the caller.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-01 17:55:20 +03:00
Jouni Malinen
8c6f80e023 Remove extra linefeed from hostapd_logger message
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-01 13:41:03 +03:00
Alexander Couzens
a4e73a0e47 Fix potential double free and use of freed memory in RADIUS client
ieee802_1x_encapsulate_radius() frees the RADIUS message if
radius_client_send() returns error. This could have resulted in use of
freed memory and double freeing of the RADIUS message if send() fails
since the message is also left in the retransmit list. Avoid this by not
returning error to the caller in such a case.

Signed-off-by: Alexander Couzens <lynxis@c-base.org>
2012-04-01 13:36:52 +03:00
Johannes Berg
da873dbb06 nl80211: Report signal strength from nl80211
Report signal strength from nl80211 events to the higher layers.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2012-04-01 12:39:33 +03:00
Nirav Shah
024d018b55 Clean up: Replace standard lib methods with os.h ones
Some of the standard lib functions being used directly are redefined in
src/utils/os.h thus providing an abstraction. Change code to use os_*
functions instead of directly using the lib functions.

Signed-hostap: Nirav Shah <nirav.j2.shah@intel.com>
Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
2012-03-31 21:13:53 +03:00