Commit graph

668 commits

Author SHA1 Message Date
Veerendranath Jakkam
8e16372cff Indicate link reconfiguration with QCA vendor interface
Add support to indicate link reconfiguration event reported by the QCA
vendor interface to the wpa_supplicant control interface.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2023-06-01 18:21:13 +03:00
Shivani Baranwal
7b9070229d Indicate TID to link mapping changes with QCA vendor interface
Add support to indicate TID-to-link mapping changes reported by the QCA
vendor interface to the wpa_supplicant control interface.

Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
2023-06-01 18:12:03 +03:00
Veerendranath Jakkam
df2f22faf9 MLD STA: Use AP MLD address as previous BSSID for reassociation requests
The Linux kernel expects to use the AP MLD address in
NL80211_ATTR_PREV_BSSID for reassociation requests when the current
association is MLO capable.

Previously, wpa_supplicant was using the BSSID value in
NL80211_ATTR_PREV_BSSID even if the connection is MLO capable. Fix this
by sending the AP MLD address in NL80211_ATTR_PREV_BSSID for
reassociation requests when MLO is used.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2023-05-25 18:06:50 +03:00
Nick Hainke
f45cf609c7 wpa_supplicant: Fix compiling without IEEE8021X_EAPOL
If IEEE8021X_EAPOL is not defined wpa_supplicant will not compile with
following error:

  events.c: In function 'wpa_supplicant_connect':
  events.c:1827:14: warning: implicit declaration of function 'eap_is_wps_pbc_enrollee' [-Wimplicit-function-declaration]
   1827 |         if ((eap_is_wps_pbc_enrollee(&ssid->eap) &&
        |              ^~~~~~~~~~~~~~~~~~~~~~~
  events.c:1827:43: error: 'struct wpa_ssid' has no member named 'eap'
   1827 |         if ((eap_is_wps_pbc_enrollee(&ssid->eap) &&
        |                                           ^~

Add ifdef statements around the calling function to fix the issue.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-04-28 20:59:30 +03:00
Veerendranath Jakkam
8bc84fceeb Allow MLO disabled connection to legacy open/WPA2-Personal-only AP MLDs
wpa_supplicant was skipping MLD APs from network selection when the AP
advertise legacy open, WPA2-Personal-only (PSK without SAE), or PMF
disabled. However, there are already some early Wi-Fi 7 APs in the
market which advertise legacy open, WPA2-Personal-only, or PMF disabled
even though these combinations are unlikely to be allowed for Wi-Fi 7 in
the end.

To avoid connectivity issues with such APs, allow stations to connect
with MLO disabled when an AP MLD is detected to advertise legacy open,
WPA2-Personal-only (PSK without SAE), or PMF disabled.

This reverts commit 7d8b96dcfd ("wpa_supplicant: Apply same
restrictions for MLD as for 6 GHz BSS") except WEP and TKIP checks,
i.e., AP MLDs which advertise only WEP or TKIP are still skipped from
network selection.

For the SME-in-wpa_supplicant case, skip configuring MLD parameters to
the driver if the STA can connect only in legacy open,
WPA2-Personal-only, or PMF disabled mode. For the SME-in-driver case, it
is the driver's responsibility to initiate connection with MLO disabled
with such APs.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2023-04-25 17:04:44 +03:00
Jouni Malinen
b9c3b57a99 Update AP RSNE/RSNXE to RSN state machine on driver-selected BSS cases
The driver-initiated BSS selection case and the "Network configuration
found for the current AP" case ended up clearing the RSN state machine
information on AP RSNE/RSNXE. That could result in incorrect behavior if
some key management operations depended on accurate information. For
example, this could result in not deriving the KDK as part of the PTK
derivation and failing to complete 4-way handshake if both the AP and
the STA indicated support for Secure LTF.

If the scan results for the selected BSS are available, use those to
update the RSN state machine AP RSNE/RSNXE similarly to the way this is
done with wpa_supplicant selects the BSS instead of clearing that
information in the RSN state machine.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-04-25 13:30:08 +03:00
Jouni Malinen
6972b0fa2b OWE: Update transition mode information on selecting a new BSS
It is possible for a new BSS entry to be added for the
hidden-SSID-OWE-BSS when running a new scan after having previously
learned the hidden SSID during a previous OWE connection attempt. That
new entry would not necessarily have the WPA_BSS_OWE_TRANSITION flag set
and that would result in not being able to recognize the appropriate OWE
profile when checking the association event against the transition mode
configuration.

Fix this by updating the BSS entry for OWE transition mode information
for the cases where this might happen.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-04-25 12:04:01 +03:00
Aloka Dixit
e3621867c5 EHT: Process puncturing bitmap from channel switch event
Retrieve the puncturing bitmap sent by the driver in channel switch
events and add a new member punct_bitmap in struct ch_switch to store
it.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2023-03-17 19:49:57 +02:00
Veerendranath Jakkam
b2bf7e39ec Update PMK in wpa_sm when roam+auth event indicated with authorized flag
Currently, the PMK used by the driver is not updated to wpa_sm when
roaming is completed by the driver with the cached PMKSA and the
roam+auth event is indicated with the authorized flag.

To fix this, identify the PMKSA entry from the PMKID sent in
Reassociation Request frame and update the correct PMK to wpa_sm from
the PMKSA entry.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2023-02-23 13:16:52 +02:00
Matthew Wang
0430756e65 P2P: Optimize join scan frequency
Allow clients to specify the BSSID of an auto GO. If the auto GO has been
discovered on another interface, optimize scan frequency by performing
a single channel scan first. Android and ChromeOS use this to streamline
auto GO discovery.

Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
2023-02-22 13:40:21 +02:00
Yichen Yu
a678a510fb dbus: Add D-Bus signal for PSK mismatch heuristics
As a workup action during disassociation, wpa_supplicant checks if the
disconnection could have been caused by PSK mismatch during WPA 4-way
handshake with function could_be_psk_mismatch() in event.c. A MSG_INFO
message will be sent on the control interface when there could be a PSK
mismatch, and this heuristic can be useful to indicate if the
disconnection is caused by a wrong passphrase provided by the user.
Here, propagate a new D-Bus signal 'PskMismatch' to notify other
applicantions.

Signed-off-by: Yichen Yu <yichenyu@chromium.org>
2023-02-21 11:24:06 +02:00
Konstantinos Natsakis
8085a7e656 wpa_supplicant: Add option to explicitly set 4addr mode
Add a new network profile option enable_4addr_mode=1 that puts an
interface in 4addr mode, for interfaces meant to be added to a bridge.

Signed-off-by: Konstantinos Natsakis <infradead.org@aleph-0.net>
2023-02-21 00:00:07 +02:00
Kaidong Wang
1ffc7d1c65 Apply bias towards 6 GHz in roaming
wpa_supplicant_need_to_roam_within_ess() applies bias to the minimum
difference of the signal level required to roam if the roam is from 2.4
GHz to higher band, but doesn't apply bias if the roam is from a lower
band to 6 GHz. Add bias towards 6 GHz, as 6 GHz networks usually provide
higher throughput.

Signed-off-by: Kaidong Wang <kaidong@chromium.org>
2023-02-20 23:52:18 +02:00
Veerendranath Jakkam
8c4790cef8 MLD STA: Store PMKSA with AP MLD address for MLO connection event
Store PMKSA with AP MLD address while processing connect event for OWE
and FILS when the connection is MLO capable.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2023-01-31 11:19:41 +02:00
Jouni Malinen
37f8257c4f SAE: Extend automatic enabling of H2E on 6 GHz to additional cases
Commit 3a0edb2cd8 ("SAE: Enable H2E for 6 GHz BSS") started enabling
H2E automatically for SAE use on the 6 GHz band, but it did not update
these steps in verifying whether the STA has matching configuration for
a BSS that mandates use of H2E and whether to use PT for SAE in SME.
Update these to be aware of automatic H2E enabling.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-01-30 23:21:06 +02:00
Jouni Malinen
89377c6b9c OCV: Fix build without CONFIG_OCV=y
ssid->ocv is defined within CONFIG_OCV block, so the use for it needs to
match.

Fixes: dc7e330e0b ("Set OCV capability based on Association Request frame RSNE")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-01-30 11:23:35 +02:00
Aleti Nageshwar Reddy
dc7e330e0b Set OCV capability based on Association Request frame RSNE
Currently, OCV self-capability is being set into the RSN supplicant
state machine only during the initial connection and never getting
updated. But for the driver-SME cases the driver may enable/disable OCV
in (Re)Association Request frame RSNE based on the AP chosen to roam.
This will lead to missing synchronization between wpa_supplicant and the
driver. Thus, update OCV self-capability in the wpa_supplicant RSN state
machine based on the (Re)Association Request frame RSNE indicated in the
connect response.

Signed-off-by: Aleti Nageshwar Reddy <quic_anageshw@quicinc.com>
2023-01-25 23:47:33 +02:00
Jouni Malinen
831be65149 WPS: Do not indicate incorrect PBC overlap based on partner link
The check for PBC overlap on a partner link should not be done unless
the current interface is actually in active PBC mode. Furthermore, the
wpa_s->wps_overlap variable needs to be cleared in additional places to
avoid leaving it set indefinitely.

This was found with the following test case sequence:
dbus_wps_pbc_overlap dbus_p2p_two_groups

Fixes: b43e19f3f3 ("WPS: Cross band overlap detection with multiple interfaces")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-01-20 19:08:07 +02:00
Matthew Wang
093bedc059 P2P: Allow persistent group join retry limit to be configured via D-Bus
Android and ChromeOS use this to limit retries for auto GO join
operation.

Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
2022-12-18 17:37:08 +02:00
Andrei Otcheretianski
8f89661df5 SME: Add support for handling authentication with MLD
In case both the local driver and the AP support MLD, request an MLD
authentication from the driver. When processing the authentication event
from the driver verify that the MLD address in the authentication data
matches that of the requested AP.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-17 17:31:41 +02:00
Vinayak Yadawad
870edfd67e WPA3: Update transition disable bitmap based on port authorized event
In case of drivers that offload the 4-way handshake to the driver, there
was no way of updating wpa_supplicant about the transition disable
bitmap received as a part of EAPOL-Key msg 3/4.

With latest provisions in cfg80211_port_authorized(), the TD bitmap can
be sent to the upper layer. Parse that as a part of the port authorized
event and set the transition disable information accordingly.

Signed-off-by: Vinayak Yadawad <vinayak.yadawad@broadcom.com>
2022-12-17 14:21:54 +02:00
Johannes Berg
ed0a7b4809 wpa_supplicant: Implement HE membership selector check
Check the HE membership selector and don't use the BSS
if required but not supported by HW.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-16 20:31:14 +02:00
Andrei Otcheretianski
7d8b96dcfd wpa_supplicant: Apply same restrictions for MLD as for 6 GHz BSS
Though not explicitely forced by IEEE 802.11be draft yet, it makes sense
to apply the same logic for MLD as for 6 GHz BSSs. Change
wpa_supplicant_ssid_bss_match() accordingly.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-03 17:43:46 +02:00
Andrei Otcheretianski
32b7454485 wpa_supplicant: Make valid_links u16
MAX_NUM_MLD_LINKS is 15, thus u8 isn't enough for the bitmap. Fix it.
While at it, clean MLO information better.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-03 17:20:13 +02:00
David Ruth
7a7ce95746 dbus: Emit more information over D-Bus
Allows informing the connection manager of additional information on CQM
events. Allows the connection manager to request the same information
on demand by using the existing "SignalPoll" method.

* Add new property "SignalChange"
        * Add storage for wpa_signal_info into wpa_supplicant context
          object
        * Copy memory from event to context object on CQM Event
* Write a common conversion method to be used by both "SignalPoll" and
  this property

Signed-off-by: David Ruth <druth@chromium.org>
2022-12-03 10:59:44 +02:00
David Ruth
ad4fa5dd3c Add more nl80211 info to struct wpa_signal_info
Facilitate emitting more station information over D-Bus for use by the
connection manager.

* Add storage for more NL80211_STA_INFO_* fields to data structures, and
  move them through the system.
* Reorder NL80211_STA_INFO_* fields in driver_nl80211.c to match the
  ordering in nl80211.h.
* Convert signal field to an integer to support holding WPA_INVALID_NOISE
  and avoid changing logging.

* Add fields to hostap_sta_driver_data to capture more information
	* fcs_error_count
	* beacon_loss_count
	* expected_throughput
	* rx_drop_misc
	* rx_mpdus
	* rx_hemcs
	* tx_hemcs
	* rx_he_nss
	* tx_he_nss
	* avg_signal
	* avg_beacon_signal
	* avg_ack_signal
* Add struct hostap_sta_driver_data to struct wpa_signal_info and remove
  redundant fields and redundant attribute parsing
	* Change logging when printing txrate to handle unsigned long
	  value

Signed-off-by: David Ruth <druth@chromium.org>
2022-12-03 10:42:16 +02:00
Jouni Malinen
bbd5a4689b SAE: Add an enum for defining sae_pwe parameter values
Make this more readable by replacing magic numbers with enum values.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-29 20:37:23 +02:00
Sai Pratyusha Magam
b43e19f3f3 WPS: Cross band overlap detection with multiple interfaces
When WPS is running simultaneously on multiple per-band radios (e.g., a
separate 2.4 GHz and 5 GHz band radios in an AP device), handle
synchronization of scan results, detect PBC session overlap, and cancel
WPS for enrollees on both interface, if the UUID of the registrars on
different bands differ.

Signed-off-by: Sai Pratyusha Magam <quic_smagam@quicinc.com>
2022-11-29 17:05:21 +02:00
Vinayak Yadawad
4163860605 Mark authorization completed on driver indication during 4-way HS offload
In case of drivers supporting 4-way handshake offload, mark port
authorized and state completion only if the driver advertizes authorized
state in the connect event. Otherwise there are fair chances of the
driver port authorization API getting called while 4-way handshake is in
progress at the lower layer.

In order to avoid this possible race condition always update port
authorization and supplicant state WPA_COMPLETED setting from
EVENT_PORT_AUTHORIZED context when the driver is done with the 4-way
handshake.

Signed-off-by: Vinayak Yadawad <vinayak.yadawad@broadcom.com>
2022-11-27 14:18:53 +02:00
Jouni Malinen
65c8633d90 Allow a lower priority BSS to be tried after network disabling
If a higher priority BSS has invalid security parameters, e.g., an
invalid SAE password, and a lower priority BSS is discovered only after
the local network profile has been temporarily disabled, the BSSID
ignoring mechanism is not sufficient to allow the lower priority BSS to
be tried and all consecutive attempts will continue to use the higher
priority BSS. This might prevent connection in some unexpected cases
with invalid network configuration.

Extend BSSID ignoring mechanism to work in this type of a case by
ignoring the BSSID that resulted in disabling the SSID temporarily
during the first connection attempt after having re-enabled the SSID.
This allows a lower priority BSS, if any is available in scan results,
to be tried next to see if it might have working security parameters.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-24 12:03:01 +02:00
Jouni Malinen
9ff778fa4b Check for own address (SPA) match when finding PMKSA entries
This prevents attempts of trying to use PMKSA caching when the existing
entry was created using a different MAC address than the one that is
currently being used. This avoids exposing the longer term PMKID value
when using random MAC addresses for connections.

In practice, similar restriction was already done by flushing the PMKSA
cache entries whenever wpas_update_random_addr() changed the local
address or when the interface was marked down (e.g., for an external
operation to change the MAC address).

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-10 21:13:05 +02:00
Utkarsh Soni
b92f61885c Don't use default RSNE/RSNXE when the driver indicates cross SSID roaming
During cross SSID roaming wpa_supplicant ended up using the default
RSNE/RSNXE in EAPOL-Key msg 2/4 though the driver indicated
(Re)Association Request frame elements without RSNE/RSNXE. This causes
RSNE/RSNXE mismatch between (Re)Association Request frame and EAPOL-Key
msg 2/4.

To avoid this skip copying the default RSNE/RSNXE if the driver
indicates the actually used (Re)Association Request frame elements in
the association event.

Signed-off-by: Utkarsh Soni <quic_usoni@quicinc.com>
2022-11-08 16:01:12 +02:00
Veerendranath Jakkam
08512e5f35 MLD STA: Extend key configuration functions to support Link ID
Add support to specify a Link ID for set key operation for MLO
connection. This does not change the existing uses and only provides the
mechanism for extension in following commits.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-11-06 23:36:49 +02:00
Veerendranath Jakkam
472a0b8d60 MLD STA: Set MLO connection info to wpa_sm
Update the following MLO connection information to wpa_sm:
- AP MLD address and link ID of the (re)association link.
- Bitmap of requested links and accepted links
- Own link address for each requested link
- AP link address, RSNE and RSNXE for each requested link

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-11-06 18:04:09 +02:00
Qiwei Cai
6f3efa21c2 MLD STA: Fix crash caused by NULL wpa_s->current_ssid
For wpa_supplicant_get_new_bss(), wpa_s->current_ssid can be NULL in
some cases. Add a NULL check before accessing it to avoid NULL pointer
dereference errors.

Fixes: 7784964cbe ("MLD STA: Fetch MLO connection info into core wpa_supplicant")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-03 17:39:49 +02:00
Jouni Malinen
90cef4f211 MLD STA: Fully clear MLO info to avoid use of uninitialized members
The initial wpa_drv_get_mlo_info() implementation cleared only the
valid_links information within struct driver_sta_mlo_info before trying
to fetch the information from the driver. While this is likely going to
work fine in practice, this can result in static analyzer warnings on
use of uninitialized memory (e.g., mlo.assoc_link_id could have been
read if wpa_s->valid_links was set to a nonzero value). In any case, it
is better to avoid such unnecessary warnings by clearing the full data
structure before using it.

Fixes: 7784964cbe ("MLD STA: Fetch MLO connection info into core wpa_supplicant")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-02 11:56:46 +02:00
Veerendranath Jakkam
17ae988736 MLD STA: Support processing of M1 received before association event
EAPOL-Key msg 1/4 indication can be received before association
indication from the driver. For MLO connection, the source address check
of such frames should be against the AP MLD address instead of the
associated link BSSID.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-10-31 17:18:31 +02:00
Veerendranath Jakkam
73f540b6a7 MLD STA: Fetch MLO association Link ID info to core wpa_supplicant
Fetch the MLO association Link ID info from the driver to the
wpa_supplicant instance of the corresponding MLD STA interface. This
info is needed when setting the MLO connection info to wpa_sm.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-10-31 12:07:41 +02:00
Veerendranath Jakkam
1b6f3b5850 MLD STA: Indicate per link channel switch
Parse link id info from channel switch events and indicate the info to
control interface using new per link channel switch events. If channel
switch happens on the link which used during association both legacy
and new per-link channel switch events will be reported.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-09-15 16:00:51 +03:00
Shivani Baranwal
7784964cbe MLD STA: Fetch MLO connection info into core wpa_supplicant
Add support to fetch MLO connection info from the driver to the
wpa_supplicant instance of corresponding MLD STA interface. In addition,
return true for BSSs associated with MLO links from wpa_bss_in_use() to
avoid getting them cleared from scan results.

Co-authored-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
2022-09-15 05:55:40 +03:00
Vinay Gannevaram
74d894a2ea PASN: Offload handshake for multiple peers from the driver
This brings in the functionality to hold multiple peers and perform PASN
authentication with each peer at a time and send the PASN response to
the driver. PASN parameters such as AKMP and cipher suite are obtained
from the BSS information of the cached scan results. Also add
functionality to trigger deauthentication to the peer for which PASN
request with action PASN_ACTION_DELETE_SECURE_RANGING_CONTEXT is
received.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-09-02 16:18:12 +03:00
Veerendranath Jakkam
5de45546d5 Add support to send multi AKM connect request when driver's SME in use
Add support to configure SAE, PSK, and PSK-SHA256 AKMs in connect
request when driver's SME in use. This is needed for implementing
WPA3-Personal transition mode correctly with any driver that handles
roaming internally.

Send additional AKMs configured in network block to driver based on
the maximum number of AKMs allowed by driver in connect request. Keep
first AKM in the list AKMs in the connect request as AKM selected by
wpa_supplicant to maintain backwards compatibility.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-08-26 17:54:12 +03:00
Veerendranath Jakkam
48c620829c Update PSK after cross AKM roaming to WPA-PSK when driver's SME in use
4-way handshake was failing after the driver roam from SAE to WPA-PSK
due to wpa_sm having an old PMK which was generated during previous SAE
connection.

To fix this update PSK to wpa_sm when AKM changes from SAE to WPA-PSK
for the target AP to have a correct PMK for 4-way handshake. Also,
update PSK to the driver when key management offload is enabled.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-08-26 17:27:45 +03:00
Jouni Malinen
18c0ac8901 Provide information about the encryption status of received EAPOL frames
This information was already available from the nl80211 control port RX
path, but it was not provided to upper layers within wpa_supplicant and
hostapd. It can be helpful, so parse the information from the driver
event.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-05-07 21:37:03 +03:00
Veerendranath Jakkam
696ad5c2d7 EHT: Indicate wifi_generation=7 in wpa_supplicant STATUS output
This adds wifi_generation=7 line to the STATUS output if the driver
reports (Re)Association Request frame and (Re)Association Response frame
information elements in the association or connection event with EHT
capability IEs.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-05-05 13:21:04 +03:00
Kuan-Chung Chen
734fa392f7 MBO: Check association disallowed in Beacon frames, if newer
When a station receives either a Beacon frame or a Probe Response frame
from an AP that contains an MBO element with the Association Disallowed
attribute, the station should prevent association to that AP. When using
passive scanning, it is possible for the scan results to contain the
latest information in the Beacon frame elements instead of the Probe
Response frame elements. That could result in using old information and
not noticing the AP having changed its state to disallowing new
associations.

Make it more likely to follow the AP's change to disallow associations
by checking the Beacon frame elements instead of Probe Response frame
elements if the scan results are known to contain newer information for
the Beacon frame.

Signed-off-by: Kuan-Chung Chen <damon.chen@realtek.com>
2022-04-24 12:12:21 +03:00
Ilan Peer
3467a701cd wpa_supplicant: Do not associate on 6 GHz with forbidden configurations
On the 6 GHz band the following is not allowed (see IEEE Std
802.11ax-2021, 12.12.2), so do not allow association with an AP using
these configurations:

- WEP/TKIP pairwise or group ciphers
- WPA PSK AKMs
- SAE AKM without H2E

In addition, do not allow association if the AP does not advertise a
matching RSNE or does not declare that it is MFP capable.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-04-07 00:47:31 +03:00
Xin Deng
a9c90475bb FT: Update current_bss to target AP before check for SME-in-driver
STA needs to check AP's information after receive reassociation
response. STA uses connected AP's Beacon/Probe Response frame to compare
with Reassociation Response frame of the target AP currently. However,
if one AP supports OCV and the other AP doesn't support OCV, STA will
fail to verify RSN capability, then disconnect. Update current_bss to
the target AP before check, so that STA can compare correct AP's RSN
information in Reassociation Response frame.

Signed-off-by: Xin Deng <quic_deng@quicinc.com>
2022-04-01 12:22:47 +03:00
Jouni Malinen
a6d157b6f6 DPP: Start a listen operation for GAS server if needed
Instead of depending on the TX-wait-response-time to be sufficient to
cover the full GAS exchange, start an ongoing listen operation on the
negotiation channel (if no such listen operation is already in place) to
allow the configuration exchange to take longer amount of time. This is
needed for cases where the conf=query is used to request Configurator
parameters from upper layers and that upper layer processing (e.g., user
interaction) takes significant amount of time.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-02-04 00:23:19 +02:00
Matthew Wang
e480321f8c Revert "STA OBSS: Add check for overlapping BSSs"
This reverts commit 3204795d7a.

The commit adds an additional check that checks for overlapping BSSs in
addition to the existing 40 MHz intolerance subfield checks. The commit
cites IEEE Std 802.11-2016, 11.16.12, which defines the proper behavior
for a 20/40 MHz HT STA and AP, but the standard actually doesn't say
anything about overlapping BSSs. Specifically, the standard states that
the only BSSs that belong in the Intolerant channel report are those
that satisfy trigger event A, defined as channels with BSSs that don't
contain the HT capabilities element (which wpa_supplicant already did
before). Note that we also include channels with BSSs that have the 40
MHz intolerance bit set in the Intolerant channel report.

Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
2021-12-11 13:05:47 +02:00