As a P2P group has a unique SSID and one security domain, it does
not make sense to enable background scanning for roaming purposes.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Do not initialize bgscan if the user explicitly set bgscan to an empty
string. Without this patch wpa_supplicant tries to initialize bgscan to
the first option if the string is empty.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Add a callback to the driver interface that allows vendor specific
commands to be sent. In addition, a control interface command is added
to expose this new interface outside wpa_supplicant:
Vendor command's format:
VENDOR <vendor id> <sub command id> [<hex formatted data>]
The 3rd argument will be converted to binary data and then passed as
argument to the sub command.
This interface is driver independent, but for now, this is only
implemented for the nl80211 driver interface using the cfg80211 vendor
commands.
Signed-off-by: Beni Lev <beni.lev@intel.com>
Passing a pointer to an error reply message is not very robust since
memory allocation could fail even for that error message. Instead, use a
separate error value as the return value from get_peer_hwaddr_helper()
and return a pointer to the error message through a pointer-to-pointer
so that the error case will always be clear.
Signed-off-by: Jouni Malinen <j@w1.fi>
The pos pointer can be compared to the start of the buffer pointer to
determine whether the entry is the first one in the list. This gets rid
of some static analyzer warnings about unused variable writes.
Signed-off-by: Jouni Malinen <j@w1.fi>
The group name is not used on these paths, so just remove it from the
directory name without updating gid_str to point to the unused group
name.
Signed-off-by: Jouni Malinen <j@w1.fi>
The scan result comparison routine would not make much sense without
current BSS level known, so return from the function without going
through the iteration that could have dereferenced the pointer if
wpa_s->current_bss == NULL.
Signed-off-by: Jouni Malinen <j@w1.fi>
The special case of non-zero status code used in a GAS Comeback Response
frame to indicate that additional delay is needed before the response is
available was not working properly. This case needs to allow the status
code check to be bypassed for the comeback case prior to having received
any response data.
Signed-off-by: Jouni Malinen <j@w1.fi>
The simulated SIM/USIM case uses a separate milenage cred parameter, so
this cred password parameter was unused for this credential type.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commits 7ef6947993 and
533536d82a added this temporarily
disabling case, but those commits were merged in without having been
converted to the new os_reltime design used for ssid->disabled_until.
Consequently, they ended up disabling the network for 44 years or so too
long time (depending on what values the relative timestamp had
accummulated so far). Fix this by using relative timestamps
consistently.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Commit d28f4e44f1 optimized Interworking
network selection in a case where the operation is run while already
connected to the selected network by skipping the reconnection. However,
this did not take into account that a higher priority network may have
shown up in the new scan results.
Fix this by checking whether network selection based on the latest scan
results (the ones from the interworking_select operation) would result
in a network with higher priority being selected. If so, skip the
optimization and force normal network connection (which will select this
newly found higher priority network). This fixes cases where a
non-Hotspot 2.0 network with higher priority (e.g., home network) shows
up while connected to a Hotspot 2.0 network with lower priority.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Commit 3d910ef497 tried to make
last-network selection behave more consistently with Interworking
network selection preferences. However, it did not take into account
that other network block may have higher priority. In such cases, the
last added network from Interworking network selection should actually
not be selected for the next connection. Fix this by limiting the
last-network preference to work only within a priority class.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Scan operation is not that reliable, so try couple of times if no
OSU provider matches are found during fetch_osu command.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This new parameter can be used to configure credentials to mandate use
of OCSP stapling for AAA server authentication.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This new priority parameter can be used to specify priorities between
credentials provisioned by the same SP. cred->priority is checked first
and if it is same and the provisioning_sp parameter matches, the new
sp_priority is used to order the credentials. It should be noted that
the order of priorities is different (higher 'priority' value indicates
higher priority of the credential, while higher 'sp_priority' indicates
lower priority of the credential).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
There is no need to keep the separate local variable for tracking the
highest selected priority since we track a pointer to the selected
credential with that information.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This is needed to limit the number of consecutive authentication
attempts to no more than 10 within a 10-minute interval to avoid
unnecessary load on the authentication server. In addition, use a random
component in the delay to avoid multiple stations hitting the same
timing in case of simultaneous disconnection from the network.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Move excluded SSID filtering step to the end of credential validation
process and return list of BSSes that would otherwise have matching
credentials, but have an excluded SSID. Automatic network selection will
not select such a network, but interworking_connect command can be used
to pick excluded networks.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new credential parameter req_conn_capab can be used to specify
restrictions on roaming networks providing connectivity for a set of
protocols/ports.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new credential parameter max_bss_load can be used to specify
restrictions on BSS Load in the home network.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new credential parameters min_{dl,ul}_bandwidth_{home,roaming} can
be used to specify restrictions on available backhaul bandwidth.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new provisioning_sp cred field can now be used to track which SP
provisioned the credential. This makes it easier to find the matching
PPS MO from the management tree (./Wi-Fi/<provisioning_sp>).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new wpa_cli fetch_osu command can be used to fetch information about
all OSU providers and write that to a text file with the icons in
separate files. cancel_osu_fetch command can be used to stop ongoing OSU
provider list fetch.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
wpa_supplicant can request OSU icon data with "hs20_icon_request <BSSID>
<icon filename>". This transmits an Icon Request ANQP element and
processes the response in Icon Binary File ANQP elements.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Subscription remediation notification WNM-Notification Request is now
shown in the following way in wpa_supplicant control interface:
<3>HS20-SUBSCRIPTION-REMEDIATION http://example.com/foo/
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The HS 2.0 Indication element from wpa_supplicant now includes the
release number field and wpa_supplicant shows the release number of the
AP in STATUS command (hs20=1 replaced with hs20=<release>).
The new update_identifier field in the cred block can now be used to
configure the PPS MO ID so that wpa_supplicant adds it to the Indication
element in Association Request frames.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new roaming_partner parameter within a cred block can be used to
configure priorities for roaming partners.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This parameter was actually used in some testing cases in a way that did
not really work well with the FLUSH command ending up disabling PMF.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, it would have been possible for the network to be marked
disabled and that marking to be ignored if a recoverable disconnection
reason event were processed. Avoid this by verifying network status
before trying to reconenct back to the same BSS.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, any network block could be used to select the BSS to connect
to when processing scan results after Interworking network selection.
This can result in somewhat unexpected network selection in cases where
credential preferences indicated that a specific network was selected,
but another network ended up getting used for the connection. While the
older networks continue to be valid, add special processing for this
initial post-interworking-connect case to get more consistent network
selection to match with the Interworking network selection result.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
wpa_config_write() is defined as a dummy function even if actual
operation to write the configuration file are commented out from the
build. This cleans up the code a bit and removed a compiler warning on
set-only variable.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This fixes a copy-paste error in the function name in
wpa_supplicant_global_ctrl_iface_process() documentation.
Signed-off-by: Purushottam Kushwaha <p.kushwaha@samsung.com>
Add IPv6 support when using udp/udp-remote control interface using the
following new build configuration options:
CONFIG_CTRL_IFACE=udp6
CONFIG_CTRL_IFACE=udp6-remote
This is useful for testing, while we don't need to assign IPv4 address
(static or using DHCP) and can just use auto configured IPv6 addresses
(link local, which is based on the MAC address). Also add scope id
support for link local case.
For example,
./wpa_cli
./wpa_cli -i ::1,9877
./wpa_cli -i fe80::203:7fff:fe05:69%wlan0,9877
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
It was possible for the connect or sme-connect radio work to get
re-scheduled while an earlier request was still pending, e.g.,
select_network is issued at the moment a scan radio work is in progress
and the old scan results are recent enough for starting the connection.
This could result in unexpected attempt to re-associate immediately
after completing the first connection.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
CONFIG_MODULE_TESTS=y build option can now be used to build in module
tests into hostapd and wpa_supplicant binaries. These test cases will be
used to get better testing coverage for various details that are
difficult to test otherwise through the control interface control. A
single control interface command is used to executed these tests within
the hwsim test framework. This commit adds just the new mechanism, but no
module tests are yet integrated into this mechanism.
Signed-off-by: Jouni Malinen <j@w1.fi>
It looks like discovery_dev_id test case can still fail and based on the
previously added debug prints, this is happening since the P2P module
believes it is not in Listen state even when a P2P_LISTEN was issued.
p2p_listen_cb() did not get called on remain-on-channel event for some
reason, so lets add more debug to find out why this can happen.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Suppose we have multiple peers and we have peers advertising SD
capability, but no services registered for advertising. In this case,
even if there are multiple broadcast queries set, we might end up
sending only the lastly added broadcast query to the same device (since
SD_INFO won't get set for the first broadcast query). Add support for
multiple wildcard queries to be tracked to enable this type of use
case.
Some times it is seen that before advancing to next device in the list,
the scan results come and update SD_SCHEDULE flag. This will result in
sending the already sent query to the same device without giving chance
to other devices. This issue again is seen with peer devices advertising
SD capability without any services registered.
Signed-off-by: Jithu Jance <jithu@broadcom.com>
These can be used to disable TLSv1.1 and TLSv1.2 as a workaround for AAA
servers that have issues interoperating with newer TLS versions.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Using binutils >= 2.24.x and setting
CONFIG_WPA_TRACE/CONFIG_WPA_TRACE_BDF causes both builds to fail with
"#error config.h must be included before this header" message.
Since version 2.24.x, the bfd header checks for PACKAGE and
PACKAGE_VERSION macros.
As suggested in http://sourceware.org/bugzilla/show_bug.cgi?id=14243
projects that use bfd and don't use autotools should define a PACKAGE
macro.
Signed-off-by: Roger Zanoni <roger.zanoni@openbossa.org>
Since P2P specification mandates P2P GO to support WMM-PS with legacy
STAs, enable this automatically if the driver indicates support for
U-APSD in AP mode. The "P2P_SET go_apsd 0" command can still be used to
disable this if needed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
While testing rfkill blocking of a scanning interface, it
was seen that the ongoing scan never completes. This happens
since EVENT_SCAN_RESULTS is discarded on a disabled interface.
Fix this and also other possible radio work completion issues
by removing all the radio works (including started) of the
disabled interface.
To be able to remove already started radio works, make their
callbacks be reentrant with deinit flag (when the work
is started), so each radio work should be able to handle
its own termination.
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
The more generic NFC_REPORT_HANDOVER is now used to report completed NFC
connection handover operations in either role and NFC_RX_HANDOVER_REQ
did not have any implementation within wpa_supplicant.
Signed-off-by: Jouni Malinen <j@w1.fi>
The current nfcpy version does not support new WSC connection handover
message format and the handover server fails to process the request due
to a debug print. As a temporary workaround, override
HandoverServer::_process_request() with a version that avoids pretty()
print of the handover messages. This can be removed once nfcpy has been
updated to support the new format.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Initialize flag variable explicitly to avoid [-Wmaybeuninitialized]
compiler warning in wpas_p2p_verify_channel().
Signed-hostap: Max Stepanov <Max.Stepanov@intel.com>
Memory allocated by calling function ieee802_11_vendor_ie_concat()
was not freed on an error path int ctrl_iface BSS command.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
This uses the new nl80211 attributes to allow the connect command to
provide bssid and freq hints to the driver without limiting roaming to
the specific BSS/frequency. This can be used by drivers that perform
internal BSS selection (WPA_DRIVER_FLAGS_BSS_SELECTION) as a candidate
for initial association.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
p2p-nfc.py allowed an NFC Tag to be read and reported to wpa_supplicant
even in cases where it was explicitly asked to initiate negotiated
connection handover and return after completing this operation. The new
command line argument can be used to disable NFC Tag read operations
when a negotiated connection handover is expected.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If wpa_supplicant reports a failure when trying to generate a handover
request, detect that before trying to decode the response as a hex
string.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
P2P persistent connection may fail due to 802.11d channel change event
invalidating support of the operating frequency sent in the invitation
request, before receiving the invitation response. If the operating
frequency is invalid at the time the invitation response is processed
and there is no forced frequency provided by user, allow frequency
re-selection.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If P2P was disabled (e.g., due to driver not supporting it or through
p2p_disabled=1 configuration), setting Wi-Fi Display parameters could
result in segmentation fault when the WFD IE is updated without the P2P
module being initialized. Fix this by skipping the update if P2P module
is not in use. In addition, show Wi-Fi Display as disabled in "GET
wifi_display" and refuse to enable it with "SET wifi_display 1" if P2P
is not enabled.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_supplicant_create_ap() is only called for AP mode, so there is no
point in trying to address station (infra/IBSS) modes.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Commit bd3a373767 added a mechanism to use
AP Channel attribute from within a Credential attribute to optimize
scans. However, this design is not actually used with the WPS NFC use
cases. With configuration token, the AP Channel attribute is in the same
container with the Credential attribute (and that was also handled in
the previous implementation). With connection handover, AP Channel
information is outside the Credential attribute as well.
Simplify implementation by removing the AP Channel within Credential
case. This allows wpas_wps_use_cred() to get the AP Channel from the
container instead of having to find this during credential iteration.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
os_free has wfd_dev_info_hex as an argument which is defined within
CONFIG_NO_STDOUT_DEBUG
Signed-hostap: Prashanth Kumar <prashanthkumar.kr@globaledgesoft.com>
Commit 6ac4b15ef8 (wpa_radio work for
connection) caused a regression for cases where multiple auth_alg values
are set in a network block and wpa_supplicant-based SME is supposed to
iterate through them. The connection radio work was not terminated when
receiving authentication failure and this resulted in the following
authentication attempt failing.
Signed-hostap: Jouni Malinen <j@w1.fi>
1. In wpa_config_process_bgscan() fix memory leak after
calling wpa_config_parse_string()
2. In hostapd_config_defaults(), on failure to allocate bss->radius,
conf->bss was not freed.
3. In p2p_deauth_nofif(), memory allocated in p2p_parse_ies() was not
freed in case of NULL minor_reason_code.
4. In p2p_disassoc_nofif(), memory allocated in p2p_parse_ies() was
not freed in case of NULL minor_reason_code.
5. In p2p_process_go_neg_conf(), memory allocated was not freed in
case that the P2P Device interface was not waiting for a
GO Negotiation Confirm.
6. In wpa_set_pkcs11_engine_and_module_path(), the wrong pointer was
checked.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
Fix memory allocation in wpa_scan_clone_params(), where the
allocation request used the size of a pointer rather than the
size of the structure.
Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
This global configuration parameter was added in commit
800d58721c but the tab completion list for
the wpa_cli SET command in interactive mode was not updated.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This avoids issues with multiple instances of dnsmasq running, e.g.,
with one on eth0 and the other one for the P2P group.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
nfcpy does not yet support all the new message formats, so some of the
pretty() calls can result in exceptions.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Fetch a carrier record from wpa_supplicant instead of full handover
request. This makes it easier for external programs to build handover
request messages with multiple alternative carriers.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If the operation fails for any reason ("FAIL" response), it is cleaner
to return error clearly instead of hitting an exception in the hex
decoder.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This can be used to force an operating channel for P2P group formation
triggered by NFC operations.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
These optional attributes, if present, can be used to speed up the
initial connection by using a single channel scan.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If CONFIG_WPS_TESTING=y is enabled in build configuration, the new
wps_corrupt_pkhash parameter (similar to wps_testing_dummy_cred) can be
used to request public key hash to be corrupted in all generated OOB
Device Password attributes. This can be used for testing purposes to
validate public key hash validation steps.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows NFC Configuration Token to indicate the current AP operating
channel, so that a single channel scan can be used to speed up the
initial connection.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
wpa_s->current_bss was updated too late for the
wpa_supplicant_rsn_supp_set_config() call within
wpa_supplicant_select_config(). Re-order code so that current_bss gets
updated between current_ssid update and this call to set the WPA state
machine configuration, so that the new code that determines whether the
current GO support the new IP address assignment mechanism works.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This adds a new P2P Invitation mechanism to invite a P2P Device with an
NFC Tag to an already operating group when the GO with NFC Device reads
the NFC Tag. The P2P Device with the NFC Tag will then accept invitation
and connect to the group automatically using its OOB Device Password.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When "P2P_SET nfc_tag 1" is used to enable the own NFC Tag for P2P, also
enable it for any running GO interface.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
P2P Group ID can optionally be included in the connection handover
messages when acting as a P2P Client in a group. Add this information
and show it in the P2P-NFC-PEER-CLIENT event message.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When the NFC connection handover message received from a peer indicates
that the peer is operating as a GO on a specific channel, use that
information to avoid having to go through full scan. In addition, skip
the separate join-a-group scan since we already know the operating
channel, GO P2P Device Address, and SSID.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The DH public and private key needs to be copied for the separate group
interface if that is used for a P2P group.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>