Along with canceling queued scan, abort ongoing scan if any, this
ensures Wi-Fi interface is in usable state after disconnect is issued,
else subsequent scan after disconnect might fail with EBUSY.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Certain internet service providers transmit VLAN 0 priority tagged
EAPOL frames from the ONT towards the residential gateway. VID 0
should be ignored, and the frame processed according to the priority
set in the 802.1P bits and the encapsulated EtherType (i.e., EAPOL).
The pcap filter utilized by l2_packet_* is inadquate for this use case.
Here we modify the pcap filter on FreeBSD to accept both unencapsulated
and encapsulated (with VLAN 0) EAPOL EtherTypes. This preserves the
original filter behavior while also matching on encapsulated EAPOL.
Additional work is required to support this handling on other platforms.
We also modify the rx_receive handler to offset the packet buffer
and length when handling dot1q encapsulated frames so the existing
packet parsing code works as-is.
Signed-off-by: R. Christian McDonald <rcm@rcm.sh>
Sponsored by: Rubicon Communications, LLC ("Netgate")
If the current AP advertises disassociation imminent, move it to the
back of the candidate list so we don't select it again while other
candidates are available.
Signed-off-by: Po-Hao Huang <phhuang@realtek.com>
Some kind of race condition seemed to be hit at least in test sequence
"p2p_ext_vendor_elem_invitation pasn_comeback_after_0_sae" where the P2P
invitation response could have been received just after having scheduled
a new p2p-listen radio work, but before that work had been started. In
the case of accepted invitation, this could result in unnecessary extra
delay when that p2p-listen work ended up getting started at the exact
time that the local device was starting GO.
Avoid this race condition by removing the pending p2p-listen radio work
when P2P listen is stopped.
Signed-off-by: Jouni Malinen <j@w1.fi>
wpa_supplicant underestimates 6 GHz SNR as it assumes 2 GHz default
noise in the estimation.
Use 6 GHz default noise when estimating 6 GHz SNR.
Signed-off-by: Kaidong Wang <kaidong@chromium.org>
The range for the 5 GHz channel 118 was encoded with an incorrect
channel number.
Fixes: ed8e13decc (ACS: Extract bw40/80/160 freqs out of acs_usable_bwXXX_chan())
Signed-off-by: Michael Lee <michael-cy.lee@mediatek.com>
Add SKB tracing (which shows now why/where a frame was dropped
in the stack), and also -T for stack trace at each event.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Give the AP some time to set up stations fully (in the
kernel) so that traffic forwarding will work.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
We can't do ANQP when the STA is connected but the AP hasn't fully set
up the STA yet, so wait on the AP side before continuing.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
We need to wait for the MGMT-RX event before disabling
ext_mgmt_frame_handling again, otherwise we might be disabling it and
hostapd only receives the deauth frame after we already disable it,
defeating the purpose of the test.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
With PMF, we cannot do even deauth unless we wait for the STA to have
fully connected on the AP side, the STA thinking it has isn't sufficient
since it immediately says so after M4. Add wait_sta() before disconnect,
and also before SA_QUERY.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Before querying the PMKSA cache, wait for the STA to have appeared on
the AP side, otherwise scheduling differences may have us asking when
the STA thinks it's connected but the AP hasn't fully processed that.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
It doesn't make sense to disconnect on updates to the
network's scan_freq, and in fact doing so causes some
(timing-/scheduling-dependent) test failures.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
All processes need to have a bit of time to mark the kernel STAs
authorized, otherwise traffic may fail. Give them some time, and also
use check_connectivity() in connectivity() since it's the same check,
just different arguments.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Due to scheduling changes, we don't always now succeed to reconnect in
exactly 1 second, it might take 1.01. Give it 1.1 for a bit more leeway,
it's not clear why it should be exactly 1 second anyway.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
We should always wait_sta() so that we know we can even deauth next,
otherwise the key might not be installed yet by the time we try to
connect to the next AP.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
We need to appropriately wait for the STA to connect/disconnect before
continuing with the test, add that.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
We need to wait for the 4-way handshake to be completed on the GO side,
so the GO will actually have marked the station as authorized and will
forward packets.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Before requesting anything about the specific STA from the AP wait for
it to show up, so that things don't fail if the hostapd process didn't
yet get time to process things.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
We wait for the PASN auth to complete on the wpas side, but there's no
indication of this on the AP side. So if scheduling ordering is bad, we
can ask the AP for the PTKSA cache before it even received the frame
from the kernel and created the PTKSA entry.
To fix this, try this a few times, to see if it becomes available.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Clients could connect in a different order depending on
timing differences, don't check for the order here.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
check_beacon_req() will request from hostapd to request a beacon
report from the STA, but that only works if it already knows about
the STA. Due to scheduling issues, it may not know even if wpa_s
reports it has successfully connected, so also wait for the STA to
show up in hostapd before check_beacon_req().
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Since DPP listen is a radio work, it doesn't start immediately and
then we can end up missing whatever happens next in the test. Wait
for the radio work to start before continuing the test.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
It is valid to configure an AP to be both backhaul and
fronthaul (multi_ap=3), so we should not test for a missing
fronthaul flag but instead test directly for backhaul capability.
Signed-off-by: Stefan Schake <stefan.schake@devolo.de>
This symbol was removed in an earlier commit. Remove this leftover which
was forgotten then.
Fixes: 7d2ed8bae ("Remove CONFIG_IEEE80211W build parameter")
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
The way these checks were done for WPS enabled APs were unnecessarily
complex and missed one of the cases. Simplify this by doing the check
only once and do that earlier in the process to minimize changes to STA
state.
Fixes: a7f55f7f68 ("WPS: Enable SA Query checks for WPS AP")
Signed-off-by: Jouni Malinen <j@w1.fi>
Currently if ch_switch_vht_config is present, only ieee80211ac config
will be updated in hostapd_config and ieee80211ax/ieee80211be config may
be wrong. Fix this by adding handlings for ch_switch_he_config and
ch_switch_eht_config as well.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
free_cb can be NULL during the pmksa_cache_auth_init() from the modules
using libpasn.so. So check it explicitly before dereferencing.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
hostapd now has support for SAE in MLD cases, so there is no need to
maintain this exception that allowed the test case to pass even if the
connection failed.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
wpa_supplicant postpones expired PMKSA deletion untillassociation is
lost for SAE to avoid forced disconnection. But during this time the
driver may use the expired PMKSA for reassociation with the current
connected AP.
Remove the current PMKSA for SAE from the driver after reauth threshold
is passed when the driver takes care of BSS selection.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Increase the first group rekey timeout from 500 ms to 1000 ms when the
number of associated stations is greater than 100. This is to avoid
client disconnections due to group handshake timeout in multiclient
scenarios where it might take more than 500 ms to be able deliver Group
Key msg 1/2 to all associated STAs.
Signed-off-by: Sai Pratyusha Magam <quic_smagam@quicinc.com>
Add support for EHT phy index and maximum NSS as per IEEE P802.11be/D4.0,
9.6.7.36 and 9.4.2.313.4.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Maximum NSS calculation for HE mode checks if both Tx and Rx support
a given NSS. Modify it to instead check if either of these two support
the given NSS.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Rename the local variable mcs_nss_size to he_mcs_nss_size in
hostapd_fils_discovery_cap() and hostapd_gen_fils_discovery_nss()
to limit its usage to HE mode.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Move the phy index determination for FILS discovery frames to a new
function without changing the functionality. HE support is mandatory for
operating in the 6 GHz band hence the phy index will always be set to
FD_CAP_PHY_INDEX_HE for this band.
Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
The sae_password_entry is used in this function only if CONFIG_SAE is
defined, so declare this variable only under the same condition.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Update Wide Bandwidth Channel Switch element as per IEEE
P802.11-REVme/D4.0, 9.4.2.159 (Wide Bandwidth Channel Switch element)
and Table 9-314 (VHT Operation Information subfields).
Update New Channel Width, New Channel Center Frequency Segment 0, and
New Channel Center Frequency Segment 1 fields as per IEEE
P802.11-REVme/D4.0 for 160 MHz and 80+80 MHz bandwidth. This replaces
the use of now deprecated Channel Width 2 and 3 values with a more
backwards compatible design.
Signed-off-by: Yuvarani V <quic_yuvarani@quicinc.com>
Do not reject reauth threshold passed PMKSA indicated in successful
association event since the PMKSA is still valid.
Additionally, remove the reauth threshold passed PMKSA entry from the
driver to prevent using it further in the driver.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Wi-Fi Aware pairing responder needs to forward the derive PMK to the
framework on successful pairing setup. The framework will set
corresponding PMK while a pairing verification is initiated by the
paired peer. Since the PMK is not updated for responder's PASN context,
framework does not have a valid PMK and verification fails. Hence copy
the derived PMK to PASN context.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Currently, during association handling, if any of the iface parameters
changes due to some reason, it calls ieee802_11_set_beacons() function.
This function sets beacon for the all the BSSes in that iface even if
the beacon was not set already. This leads to setting the beacon
prematurely for some BSSes which was intentionally not started.
Fix the above issue by calling ieee802_11_update_beacons() function
instead. This function only updates the beacon if it was already set.
While at it, do the same while freeing STA entry.
Signed-off-by: Aditya Kumar Singh <quic_adisi@quicinc.com>
Based on IEEE Std 802.11-2020 Table E-3 (Operating classes in Japan) and
Table E-4 (Global operating classes), we update channel 144 for those
corresponding operating classes.
The changes applicable to the global operating classes fixes an issue of
P2P GO not starting on channel 144 (frequency 5720 MHz) in cases where
the driver supports DFS operations.
Signed-off-by: Shuibing Dai <shuibing@google.com>