The mesh gate is used to bridge (or route) between mesh network and
another network. For example, mesh gate acts as router between mesh
network and IEEE 802.11 BSS network.
This command makes a virtual mesh interface to be used for mesh gate.
This command expects to be used like this.
wpa_cli -i wlan0 MESH_INTERFACE_ADD ifname=mesh0
wpa_cli -i mesh0 add_network
wpa_cli -i mesh0 set_network 0 ssid '"commell_2X_mmm"'
wpa_cli -i mesh0 set_network 0 mode 5
wpa_cli -i mesh0 set_network 0 frequency 2412
wpa_cli -i mesh0 set_network 0 key_mgmt SAE
wpa_cli -i mesh0 set_network 0 psk '"01234567"'
wpa_cli -i mesh0 mesh_group_add 0
wpa_cli -i wlan0 mesh_group_remove mesh0
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
This converts os_snprintf() result validation cases to use
os_snprintf_error() in cases where success condition was used to execute
a step. These changes were done automatically with spatch using the
following semantic patch:
@@
expression E1,E2,E3;
statement S1;
@@
E1 = os_snprintf(E2, E3, ...);
- if (\( E1 >= 0 \| E1 > 0 \) && \( (size_t) E1 < E3 \| E1 < (int) E3 \| E1 < E3 \))
+ if (!os_snprintf_error(E3, E1))
S1
Signed-off-by: Jouni Malinen <j@w1.fi>
This wmm_ac_status command will show the current status for WMM AC.
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
wmm_ac_addts command will add (or update) a traffic stream and
wmm_ac_delts command will delete an existing traffic stream.
Each of the above commands will call its corresponding
ctrl_iface command.
Signed-off-by: Moshe Benji <moshe.benji@intel.com>
Signed-off-by: Eliad Peller <eliad@wizery.com>
Parse MESH_GROUP_ADD/REMOVE commands on ctrl interface and call
wpa_supplicant routines. These commands are used to start or
join and leave a mesh network.
The mesh id is given in the configuration file, therefore there is
no need to scan before joining a mesh network. We reuse the
connect_without_scan construct used by P2P for that same purpose.
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Javier Lopez <jlopex@gmail.com>
The new openssl_cipher configuration parameter can be used to select
which TLS cipher suites are enabled for TLS-based EAP methods when
OpenSSL is used as the TLS library. This parameter can be used both as a
global parameter to set the default for all network blocks and as a
network block parameter to override the default for each network
profile.
Signed-off-by: Jouni Malinen <j@w1.fi>
Use os_exec() to run the action script operations to avoid undesired
command line processing for control interface event strings. Previously,
it could have been possible for some of the event strings to include
unsanitized data which is not suitable for system() use. (CVE-2014-3686)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This extends "wpa_cli -a<action script>" functionality to work with the
global wpa_supplicant control interface. The IFNAME=<ifname> prefix is
removed from the event messages and converted to the control interface
name when present. Previously, action scripts could only be used with
the per-interface control interfaces.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Number of other buffers were already increased to this size, but the
buffer used for receiving unsolicited event messages from wpa_supplicant
(e.g., for wpa_cli action scripts) was still at the older 256 byte size.
This could result in some events getting truncated. Avoid this by using
the same 4096 byte buffer size here as in the other places receiving
messages from wpa_supplicant.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The ifname_prefix string could change during line editing and the
periodic PING command running in the background ended up getting the
latest snapshot of the command line due to the pointer being left to
point to the edit buffer. This resulted in unexpected prefix strings
getting used with the periodic PING command. Fix this by temporarily
clearing the ifname_prefix whenever running such a periodic PING.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes the p2p_find default delay value configurable as
p2p_search_delay parameter through the configuration file (and through
control interface "SET p2p_search_delay <value>" on the P2P management
interface.
This parameter controls the number milliseconds of extra delay that is
added between search iterations when there is a concurrent operation in
progress. This can be used, e.g., p2p_search_delay=100 to make p2p_find
friendlier to concurrent operations by avoiding it from taking 100% of
the radio resources. The default value is the previous default, i.e.,
500 ms. Smaller values can be used to find peers more quickly at the
cost of larger effect to concurrent operations while a larger value
leaves more time for the concurrent operations at the cost of making
device discovery take longer time.
The optional p2p_find delay argument can still be used to override the
search delay for each search operation.
Since the P2P_CONCURRENT_SEARCH_DELAY macro is not used anymore, the
driver specific build parameter for bcmdhd from Android.mk is also
removed. Similar configuration can now be achieved with
p2p_search_delay=0 in the p2p0 interface configuration file.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This command allows to copy network variable from one network to
another, e.g., to clone the psk field without having to extract it from
wpa_supplicant.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
The newer NFC_REPORT_HANDOVER command is more general version that
handles the cases where NFC_RX_HANDOVER_SEL could potentially have been
used. In addition, with the new WPS NFC design, it is important to
receive the handover request message that was used in the handover in
addition to the select message, so the NFC_RX_HANDOVER_SEL command on
its own would not be sufficient for this.
Signed-off-by: Jouni Malinen <j@w1.fi>
"GET_CRED <id> <field>" can now be used to fetch credential parameters
over the control interface. This does not allow passwords etc. private
material to be retrieved ("*" is returned for those if the value is set
regardless of the value). FAIL is returned if the requested parameter
has not been set. For cred parameters that can have multiple values,
newline separated list of values is returned.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add "reattach" command to perform single-channel single-ssid scan
instead of full scan when trying to reconnect to the currently
"connected" network (assuming old scan results are not current enough to
skip the scan completely). This allows the scan result to come back in
much faster time. In ath9k, the scan took around 12 seconds with full
background scan, and only 0.1 second with the single-channel single-ssid
scan. Thus, take much less time for the client to re-establish
connection with the currently "connected" network.
Signed-hostap: Peter Qiu <zqiu@chromium.org>
Add a callback to the driver interface that allows vendor specific
commands to be sent. In addition, a control interface command is added
to expose this new interface outside wpa_supplicant:
Vendor command's format:
VENDOR <vendor id> <sub command id> [<hex formatted data>]
The 3rd argument will be converted to binary data and then passed as
argument to the sub command.
This interface is driver independent, but for now, this is only
implemented for the nl80211 driver interface using the cfg80211 vendor
commands.
Signed-off-by: Beni Lev <beni.lev@intel.com>
The new wpa_cli fetch_osu command can be used to fetch information about
all OSU providers and write that to a text file with the icons in
separate files. cancel_osu_fetch command can be used to stop ongoing OSU
provider list fetch.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
wpa_supplicant can request OSU icon data with "hs20_icon_request <BSSID>
<icon filename>". This transmits an Icon Request ANQP element and
processes the response in Icon Binary File ANQP elements.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Subscription remediation notification WNM-Notification Request is now
shown in the following way in wpa_supplicant control interface:
<3>HS20-SUBSCRIPTION-REMEDIATION http://example.com/foo/
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The more generic NFC_REPORT_HANDOVER is now used to report completed NFC
connection handover operations in either role and NFC_RX_HANDOVER_REQ
did not have any implementation within wpa_supplicant.
Signed-off-by: Jouni Malinen <j@w1.fi>
This global configuration parameter was added in commit
800d58721c but the tab completion list for
the wpa_cli SET command in interactive mode was not updated.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new control interface command RADIO_WORK can be used by external
programs to request radio allocation slots from wpa_supplicant if
exclusive radio control is needed, e.g., for offchannel operations. If
such operations are done directly to the driver, wpa_supplicant may not
have enough information to avoid conflicting operations. This new
command can be used to provide enough information and radio scheduling
to avoid issues with such cases.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is a mechanism used in Android to extend driver interface in vendor
specific ways. This is included only for the purpose of Android
compatibility. Proper interface commands should be used for any new
functionality.
Signed-hostap: Jouni Malinen <j@w1.fi>
Add chan_switch to the control interface of wpa_supplicant and hostapd,
and also to wpa_cli and hostapd_cli.
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Add the option to ask for VHT operation similarly to the way ht40 is
configured - either by adding 'vht' param to the relevant p2p_*
commands or by configuring p2p_go_vht=1 in the configuration file.
This patch only adds the configuration option (e.g., via control
interface). The actual handling of the VHT parameter (asking the driver
to use VHT, etc.) will be done by the following patch.
Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
The new p2p_no_go_freq frequency range list (comma-separated list of
min-max frequency ranges in MHz) can now be used to configure channels
on which the local device is not allowed to operate as a GO, but on
which that device can be a P2P Client. These channels are left in the
P2P Channel List in GO Negotiation to allow the peer device to select
one of the channels for the cases where the peer becomes the GO. The
local end will remove these channels from consideration if it becomes
the GO.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new configuration parameter external_sim=<0/1> can now be used to
configure wpa_supplicant to use external SIM/USIM processing (e.g., GSM
authentication for EAP-SIM or UMTS authentication for EAP-AKA). The
requests and responses for such operations are sent over the ctrl_iface
CTRL-REQ-SIM and CTRL-RSP-SIM commands similarly to the existing
password query mechanism.
Changes to the EAP methods to use this new mechanism will be added in
separate commits.
Signed-hostap: Jouni Malinen <j@w1.fi>
STATUS-DRIVER command can now be used to fetch driver interface status
information. This is mainly for exporting low-level driver interface
information for debug purposes.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new control interface command P2P_REMOVE_CLIENT <P2P Device
Address|iface=Address> can now be used to remove the specified client
from all groups (ongoing and persistent) in which the local device is a
GO. This will remove any per-client PSK entries and deauthenticate the
device.
Signed-hostap: Jouni Malinen <j@w1.fi>
"wpa_cli p2p_set per_sta_psk <0/1>" can now be used to disable/enable
use of per-device PSKs in P2P groups. This is disabled by default.
When enabled, a default passphrase is still generated by the GO for
legacy stations, but all P2P and non-P2P devices using WPS will get
a unique PSK.
This gives more protection for the P2P group by preventing clients from
being able to derive the unicast keys used by other clients. This is
also a step towards allowing specific clients to be removed from a group
reliably without having to tear down the full group to do so.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_cli filters out extra DISCONNECTED events from action scripts. This
ended up filtering out the first real DISCONNECT event in case wpa_cli
was started when wpa_supplicant was in connected state. Change wpa_cli
to allow the first disconnection event to be reported to the action
script in such case.
Signed-hostap: Jouni Malinen <j@w1.fi>
Enable tab completion for the cases where ifname= prefix is used in
interactive mode by skipping over that prefix before running through the
per-command completion routines. The ifname= prefix itself is also
covered by adding the possible interface names to the command list.
Signed-hostap: Jouni Malinen <j@w1.fi>
Strip out the IFNAME=<ifname> prefix from commands before parsing them
through the normal processing and then add the prefix back to the
beginning of the actual control interface command to make per-interface
commands work through the global control interface without having to use
the 'raw' command.
Signed-hostap: Jouni Malinen <j@w1.fi>
Define a proper event prefix and include additional information to allow
ESS Dissassociation Imminent event to be used in a wpa_cli action
script.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The ATTACH/DETACH mechanism to request event messages from
wpa_supplicant can now be used through the global control interface,
too. This results in events from all interfaces being delivered through
a single monitor socket. "IFNAME=<ifname> " prefix is used on events
that are specific to an interface.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is mostly a corner case at this point, but if wpa_cli was started
with global control interface connection (-g) and interactive mode,
per-interface control interface was tried to be opened with the
previously opened global ctrl_iface connection gettign leaked.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new control interface command can be used to send a
BSS Transition Management Query frame to the current AP.
Signed-hostap: Vinayak Kamath <vkamat@codeaurora.org>
This makes tab completion work better in cases where wpa_cli is started
after wpa_supplicant has already discovered BSSes.
Signed-hostap: Jouni Malinen <j@w1.fi>
The old help text did not include most of the parameters and as such,
was not really helpful. Replace it with tab completion function that
includes more or less all available parameters.
Signed-hostap: Jouni Malinen <j@w1.fi>
Previously, interactive mode could not be used to enter space-separated
lists with the set command. This removes that restriction and allows
such commands to be encoded properly.
Signed-hostap: Jouni Malinen <j@w1.fi>
There are quite a few places in the current implementation where a nul
terminated string is generated from binary data. Add a helper function
to simplify the code a bit.
Signed-hostap: Jouni Malinen <j@w1.fi>
NFC connection handover messages may be longer than 100 octets, so
increase wpa_cli buffer size to allow longer messages to be reported.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Add "get_capability freq" command to print a more verbose list of
channels and frequencies in MHz. The tag "NO_IBSS" is added, if IBSS
mode is not allowed on a channel. This allows userspace programs to get
the frequencies and limitations associated with each channel.
This extends the information already provided in "get_capability
channels" but a new interface is chosen because of backwards
compatibility considerations.
Signed-hostap: Bruno Randolf <br1@einfach.org>
This is mainly for testing purposes where it is convenient to have an
easy way of getting wpa_supplicant state cleared between test cases.
Signed-hostap: Jouni Malinen <j@w1.fi>
Add a driver capability flag for drivers which support IBSS mode and set
it for nl80211 drivers which have set the NL80211_IFTYPE_ADHOC.
Add a new option "modes" to "get_capability" which will return "AP" and
"IBSS" if the corresponding capability flags are set.
The idea is that this can be used for UIs to find out if the driver
supports IBSS mode.
Signed-hostap: Bruno Randolf <br1@einfach.org>
wpa_supplicant uses 4096 byte buffer for control interface responses, so
wpa_cli should do the same to avoid truncating responses unnecessarily.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When wpa_supplicant is controlling an AP mode interface, it can generate
the NFC configuration token similarly to the way this is done in
hostapd.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Instead of reporting only one connection handover message, report
completion of NFC connection handover with carrier record from both the
request and select messages.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Usual manual scan request may cause reassociation due to several
reasons. New command is intended to perform pure scan without taking any
automatic action based on the results.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Some network parameters, e.g., auth_alg and eap use a space separated
list of values without quotation marks. To allow these to be entered
from the interactive mode, change set_network command to allow more than
three arguments.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The UFD (USB flash drive) configuration method was deprecated in WSC
2.0. Since this is not known to be used, remove the UFD implementation
from hostapd and wpa_supplicant to allow the WPS implementation to be
cleaned up. This removes the now unused OOB operations and ctrl_iface
commands that had already been deprecated by the new NFC operations.
Signed-hostap: Jouni Malinen <j@w1.fi>
The old WPS interface for using NFC has no known deployments and even
the binary libraries referenced here are not easily available anymore.
Since the new interface for using NFC with WPS covers the same
functionality, remove the old implementation to clean up WPS
implementation.
Signed-hostap: Jouni Malinen <j@w1.fi>
This commit adds new wpa_supplicant ctrl_iface commands to allow
external programs to go through NFC connection handover mechanism
with wpa_supplicant taking care of the WPS processing. This version
includes only the case where wpa_supplicant is operating as a
station/Enrollee.
Signed-hostap: Jouni Malinen <j@w1.fi>
This commit adds control interface commands and internal storage of
Wi-Fi Display related configuration. In addition, WFD IE is now added
to various P2P frames, Probe Request/Response, and (Re)Association
Request/Response frames. WFD subelements from peers are stored in the
P2P peer table.
Following control interface commands are now available:
SET wifi_display <0/1>
GET wifi_display
WFD_SUBELEM_SET <subelem> [hexdump of length+body]
WFD_SUBELEM_GET <subelem>
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Commit b49039bda9 redesigned tab
completion, but added the new call to completion functions into wrong
location. This needs to be done within the loop to find the correct
completion function.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The new gas_request and gas_response_get commands can be used to request
arbitary GAS queries to be performed. These can be used with ANQP or
with other (including vendor specific) advertisement protocols.
gas_request <BSSID> <AdvProtoID> [Query]
gas_response_get <addr> <dialog token> [offset,length]
For example, ANQP query for Capability list in interactive wpa_cli
session:
> gas_request 02:00:00:00:01:00 00 000102000101
<3>GAS-RESPONSE-INFO addr=02:00:00:00:01:00 dialog_token=0
status_code=0 resp_len=32
> gas_response_get 02:00:00:00:01:00 00
01011c00010102010501070108010c01dddd0c00506f9a110200020304050607
> gas_response_get 02:00:00:00:01:00 00 0,10
01011c00010102010501
> gas_response_get 02:00:00:00:01:00 00 10,10
070108010c01dddd0c00
> gas_response_get 02:00:00:00:01:00 00 20,10
506f9a11020002030405
> gas_response_get 02:00:00:00:01:00 00 30,2
0607
It should be noted that the maximum length of the response buffer is
currently 4096 bytes which allows about 2000 bytes of the response data
to be fetched with a single gas_response_get command. If the response is
longer, it can be fetched in pieces as shown in the example above.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
"help <cmd>" can now be used to print the usage text for the
specified command (or set of commands matching the prefix).
Signed-hostap: Jouni Malinen <j@w1.fi>
Instead of using a separate list of commands, use the main command table
to assign tab completion functions. In addition, use the existing BSS
and P2P peer completions functions with the commands that use BSSID or
P2P Device address the first argument.
Signed-hostap: Jouni Malinen <j@w1.fi>
This can be used to test new control interface commands and to use
commands that may not yet be supported by wpa_cli.
Signed-hostap: Jouni Malinen <j@w1.fi>
Add optional "ht40" argument for p2p_group_add command to enable 40 MHz
in 5GHz band. This configures the secondary channel, when HT support is
enabled and if the HW supports 40 MHz channel width.
Signed-hostap: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
These helper functions can be used to implement most of the common
wpa_cli commands to simplify the implementation.
Signed-hostap: Jouni Malinen <j@w1.fi>
Process CTRL-EVENT-TERMINATING in wpa_cli interactive mode and close
ctrl_iface connection without trying to detach the monitor interface
when this happens. This avoids a timeout on the DETACH command. In
addition, print out connection lost/re-established messages without
overriding the edit line.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is needed to allow the default behavior (pick first interface) to
be used in cases where wpa_supplicant is not available when wpa_cli is
started in interactive mode.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_ctrl_get_remote_ifname() is defined only for UDP ctrl_iface socket,
so this call needs to be made conditional on build parameters.
Signed-hostap: Jouni Malinen <j@w1.fi>
This changes the call flow to allow full eloop operations to be used
while waiting for wpa_cli to establish a connection to wpa_supplicant in
the beginning of an interactive session. This allows the cleanup steps
to be more consistent and avoid debugging issues due to unfreed memory
or other resources if wpa_cli is killed with Ctrl-c.
Signed-hostap: Jouni Malinen <j@w1.fi>
When starting interactive mode, wpa_cli is trying to attach the
monitor connection. If that fails, the operation is retried, but
this was done without freeing all the resources that could have
been allocated (mainly, the command connection).
Signed-hostap: Jouni Malinen <j@w1.fi>
When CONFIG_CTRL_IFACE=udp-remote is used, print user frendly PS in
wpa_cli. E.g.,
localhost/wlan0>
192.168.1.1/p2p-wlan-0-0>
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
WPS_ER_NFC_CONFIG_TOKEN command can now be used to build a NFC
configuration token based on AP Settings learnt with WPS_ER_LEARN
or set with WPS_ER_CONFIG.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new wpa_supplicant ctrl_iface command WPS_NFC_TAG_READ can now be
used to process NFC tags read by external programs to initiate
wpa_supplicant to use NFC Configuration Token to create a new network.
Signed-hostap: Jouni Malinen <j@w1.fi>
Instead of requiring low-level access to an NFC device and synchronous
operations, the new WPS_NFC_TOKEN and WPS_NFC ctrl_iface commands can be
used to build a NFC password token and initiate WPS protocol run using
that token (or pre-configured values) as separate commands. The
WPS_NFC_TOKEN output can be written to a NFC tag using an external
program, i.e., wpa_supplicant does not need to have low-level code for
NFC operations for this.
Signed-hostap: Jouni Malinen <j@w1.fi>
This optional parameter to the BSS command can be used to select which
fields are included in the output to avoid having to parse through
unneeded information and to reduce the buffer size.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>