Commit graph

242 commits

Author SHA1 Message Date
Jouni Malinen
3b2cf800af WPS: Lock AP Setup on multiple AP PIN validation failures
If a Registrar tries to configure the AP, but fails to validate the
device password (AP PIN), lock the AP setup after four failures. This
protects the AP PIN against brute force guessing attacks.
2009-01-23 21:57:43 +02:00
Jouni Malinen
a609915233 Allow WPS APs for PIN enrollment even without Selected Registrar
Some WPS APs do not set Selected Registrar attribute to 1 properly when
using an external Registrar. Allow such an AP to be selected for PIN
registration after couple of scan runs that do not find APs marked with
Selected Registrar = 1. This allows wpa_supplicant to iterate through
all APs that advertise WPS support without delaying connection with
implementations that set Selected Registrar = 1 properly.
2009-01-23 13:10:58 +02:00
Jouni Malinen
695e2b48e2 Documented interface for external WPS credential processing 2009-01-21 16:42:11 +02:00
Jouni Malinen
1cc84c1c6b Increased wpa_cli/hostapd_cli ping interval and made it configurable
The default interval is now 5 seconds (used to be 1 second for
interactive mode and 2 seconds for wpa_cli -a). The interval can be
changed with -G<seconds> command line option.
2009-01-20 21:12:00 +02:00
Jouni Malinen
adddffd129 Fixed MFP Association Comeback mechanism to use Timeout Interval IE
The separate Association Comeback Time IE was removed from IEEE 802.11w
and the Timeout Interval IE (from IEEE 802.11r) is used instead. The
editing on this is still somewhat incomplete in IEEE 802.11w/D7.0, but
still, the use of Timeout Interval IE is the expected mechanism.
2009-01-19 18:42:10 +02:00
Jouni Malinen
476621644c WPS: Add configurable option for processing credentials externally
The wps_cred_process option can be used to configure wpa_supplicant to
send received Credential attributes for external processing over
ctrl_iface and dbus. This allows external programs to update their
configuration when WPS is used to provision new networks.
2009-01-18 12:27:12 +02:00
Jouni Malinen
eca6e0a9a5 WPS: Provide the unparsed Credential attribute to cred_cb()
This makes it easier to pass the credential data to external programs
(e.g., Network Manager) for processing. The actual use of this data is
not yet included in hostapd/wpa_supplicant.
2009-01-17 22:17:12 +02:00
Jouni Malinen
f286077de2 WPS: Ignore credentials for unsupported authentication type
The current implementation does not support WPA/WPA2-Enterprise
credentials. Ignore any credential that is using unsupported
authentication type to avoid potential issues with partially configured
network blocks.
2009-01-17 21:45:51 +02:00
Jouni Malinen
7aab82b3fe Fixed WPS credential conversion to wpa_supplicant configuration
Must not set pairwise_cipher/group_cipher for non-WPA/WPA2 networks
since the configuration parser is going to reject such values. In
addition, should not limit group_cipher to just TKIP or TKIP|CCMP just
in case the AP is using WEP as the group cipher. Default group_cipher
value can be used for all cases.
2009-01-17 21:37:15 +02:00
Jouni Malinen
98f14041d0 IBSS RSN: Added key configuration 2009-01-17 18:14:41 +02:00
Jouni Malinen
0f057fb2c7 Added a separate ctx pointer for wpa_msg() calls in WPA supp
This is needed to allow IBSS RSN to use per-peer context while
maintaining support for wpa_msg() calls to get *wpa_s as the pointer.
2009-01-17 17:54:40 +02:00
Jouni Malinen
b9a2e577b4 IBSS RSN: Set the PSK based on network configuration 2009-01-17 17:47:25 +02:00
Jouni Malinen
4691fc7bc8 IBSS RSN: Set more hardcoded RSN IEs for now
This allows 4-way handshakes to be completed successfully.
2009-01-17 17:39:57 +02:00
Jouni Malinen
3146b2b961 IBSS RSN: Added couple of required WPA supplicant callback functions 2009-01-17 17:31:21 +02:00
Jouni Malinen
8be1844071 Process received EAPOL frames in IBSS RSN code if in IBSS mode 2009-01-17 17:25:11 +02:00
Jouni Malinen
53895c3b60 Disable per-BSSID authentication for RSN IBSS
RSN IBSS uses authentication per-STA and that is initialized separately,
so there is no need to enable the per-BSS like authentication that is
used with APs.
2009-01-17 16:41:47 +02:00
Jouni Malinen
a5da9c64c9 Save and restore wpa_gui state when session manager restarts the app
This makes wpa_gui remember whether it was only in the tray when the
session was terminated and starts only in the tray if session manager
restarts it automatically.
2009-01-17 13:45:05 +02:00
Jouni Malinen
da3c6a5e2b Fixed auth_send_eapol() to use correct ctx structure 2009-01-16 01:18:11 +02:00
Jouni Malinen
d0fc6e1211 Use a hardcoded RSN IE for testing to start Authenticator
This needs to be replaced with proper RSN IE from the peer STA (e.g.,
from Probe Response).
2009-01-16 01:11:50 +02:00
Jouni Malinen
e2d492dd08 Implement EAPOL sending callbacks for IBSS RSN 2009-01-16 00:56:31 +02:00
Jouni Malinen
11ef8d3578 Added initial step for IBSS RSN support
This commit adds a new build option, CONFIG_IBSS_RSN=y, that can be used
to enable RSN support for IBSS. This links in RSN Authenticator code
from hostapd and adds code for managing per-peer information for IBSS. A
new wpa_cli command or driver event can be used to request RSN
authentication with an IBSS peer. New RSN Authenticator and Supplicant
will be allocated for each peer.

The basic state machine setup code is included in this commit, but the
state machines are not properly started yet. In addition, some of the
callback functions are not yet complete.
2009-01-15 01:21:55 +02:00
Jouni Malinen
676ea3413d eapol_test: Allow generated RADIUS attributes to be replaced
Do not add the automatically generated RADIUS attributes NAS-IP-Address,
Calling-Station-Id, Framed-MTU, NAS-Port-Type, and Connect-Info if -N
option is used with the same attribute type. This allows these
attributes to be replaced without causing duplicate entries.
2009-01-13 21:33:09 +02:00
Jouni Malinen
540264a721 Removed wpa_sm dereference from pmksa_cache_list() 2009-01-13 20:22:42 +02:00
Jouni Malinen
93ea8ed034 Partial fix for test_wpa build 2009-01-13 19:37:22 +02:00
Kel Modderman
e0f6d3d9b5 wpa_gui-qt4: silence compile warning + wpsTab enable/disable
Fix compile warning by renaming gridLayout to wpsGridLayout in
wpagui.ui, it seems to be used internally.

/usr/bin/uic-qt4 eventhistory.ui -o .ui/ui_eventhistory.h
/usr/bin/uic-qt4 scanresults.ui -o .ui/ui_scanresults.h
/usr/bin/uic-qt4 wpagui.ui -o .ui/ui_wpagui.h
Warning: name gridLayout is already used
/usr/bin/uic-qt4 userdatarequest.ui -o .ui/ui_userdatarequest.h
/usr/bin/uic-qt4 networkconfig.ui -o .ui/ui_networkconfig.h

Also disable WPS tab if the running supplicant doesn't support that,
just as the WPS action menu is.

Signed-off-by: Kel Modderman <kel@otaku42.de>
2009-01-11 21:44:07 +02:00
Jouni Malinen
76e2592190 Share the same radiotap helper implementation 2009-01-09 15:22:19 +02:00
Jouni Malinen
8383da8009 Fixed eapol_test build after RADIUS API changes (const) 2009-01-09 13:27:56 +02:00
Jouni Malinen
6f78f2fb3b Preparations for 0.6.7 release 2009-01-06 20:11:15 +02:00
Eygene Ryabinkin
dfa141b1b0 wpa_cli: Embed command usage into the wpa_cli_commands array
It is better to have command description around the command definitions:
the chances for omitting usage, forgotting to change/delete them, etc.
are smaller than for the separate usage statement. [Bug 290]

Signed-off-by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
2009-01-05 21:33:34 +02:00
Eygene Ryabinkin
40fd868c09 wpa_cli: Improve sensitive command detection for readline history
I had added flags to the every command description: just now the only
meaningful flag tells that this command has sensitive arguments and it
shouldn't be written to the disk.  I rewrote the logics for the search
for the sensitive commands: special procedure is now loops over all
commands and tries to see if command has sensitive data. [Bug 289]

Signed-off-by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
2009-01-05 21:07:54 +02:00
Eygene Ryabinkin
413653e839 wpa_cli: fix readline history cleaning
First of all, the history had not been written to the disk, since almost
all commands were cleaned up due to the error in the history cleaning:
the return value of the last os_strncasecmp() call was not compared to
zero, but was rather used as is.  So the condition was almost always
true and most commands were removed from the history.

The second problem was that the evaluation of the potentially sensitive
commands was started at the entry number 1, instead of very first entry.
2009-01-05 20:48:45 +02:00
Jouni Malinen
2c04820d80 Fixed a typo in usage help 2009-01-04 22:13:34 +02:00
Tomasz Wolniewicz
db803a3607 eapol_test: Add a universal way of adding extra RADIUS attributes
This change replaces -I and -i options (Chargeable-User-Identity) with a
new -N option that can add any RADIUS attribute into the Access-Request
messages without having to modify eapol_test for each new attribute.
2009-01-04 22:10:56 +02:00
Jouni Malinen
b39d1280a7 Silenced number of Doxygen warnings 2009-01-04 15:07:54 +02:00
Jouni Malinen
f565d71ac9 Remove wpa_gui from doxygen documentations
The *.ui.h were causing number of warnings and they do not need to be
included in documentation.
2009-01-04 14:58:47 +02:00
Jouni Malinen
f58b20ce66 Fixed IMAGE_PATH for doxygen run in root directory 2009-01-04 14:44:33 +02:00
Jouni Malinen
cd7aacbed4 Remove temporary Qt build directories from Doxygen run 2009-01-04 14:28:20 +02:00
Jouni Malinen
842e11d0bd Remove unwanted wpa_supplicant -> struct wpa_supplicant links
Replace " wpa_supplicant" with " %wpa_supplicant" except for
"struct wpa_supplicant". This makes it easier to write Doxygen comments
since there is no need to add the ugly '%' prefix to each instance of
wpa_supplicant text showing up.
2009-01-04 14:25:58 +02:00
Jouni Malinen
e857fb05df Resolve a Doxygen warning 2009-01-04 14:06:13 +02:00
Jouni Malinen
f1a3e81098 Fixed Doxygen function links
No need to use explicit @link command, but must include () after
function name (and in couple of cases, use the current function name).
2009-01-04 13:54:07 +02:00
Jouni Malinen
dcc03dbe78 Use NULL, not 0, when comparing a pointer 2009-01-03 21:01:20 +02:00
Jouni Malinen
d953d9ab80 Removed sparse destinations since "CC=cgcc make" works fine 2009-01-03 20:39:52 +02:00
Jouni Malinen
7e5ba1b916 Mark functions static if not used elsewhere and use proper prototypes 2009-01-03 20:38:42 +02:00
Jouni Malinen
c5adf528a2 Moved WPS Registrar initialization from EAP peer to wps_supplicant.c
This matches the style used in hostapd, i.e., Registrar is initialized
only once and callbacks are now processed in wps_supplicant.c.
2009-01-03 20:18:35 +02:00
Jouni Malinen
f90c86d4a3 Added Doxygen documentation for WPS code 2009-01-03 19:50:49 +02:00
Jouni Malinen
875f6d7b93 Create all doxygen docs from root directory to get proper path names
This updated all doxygen runs to use the same style that was used for
wpa_supplicant full documents. The full vs. fast configurations are now
otherwise identical apart from fast not generating dot files or
latex/pdf version of the documentation.
2009-01-03 09:59:12 +02:00
Jouni Malinen
a17df5fb8b Fixed number of doxygen warnings 2009-01-02 22:28:04 +02:00
Jouni Malinen
a4149765a2 Added more src subdirectories into doxygen docs 2009-01-02 22:27:17 +02:00
Jouni Malinen
4be048a8a6 Updated doxygen configuration files to work with new doxygen
The doxygen run is not exactly warning free yet, but this gets a step
closer to being able to produce something useful again.
2009-01-02 21:57:51 +02:00
Jouni Malinen
243869858a Initialize wpa_ie_len to 0 if WPA IE is not set on all paths
The new WPS code was not setting this in error case.
2009-01-02 21:50:22 +02:00