Commit graph

2574 commits

Author SHA1 Message Date
Jouni Malinen
c5a64e2d51 GAS client: Use Protected Dual of Public Action frames with PMF
When GAS is used with PMF negotiated, Protected Dual of Public Action
frames are expected to be used instead of Public Action frames, i.e.,
the GAS/ANQP frames are expected to be encrypted. Conver Public Action
GAS queries to use Dual of Public Action frame if PMF has been
negotiated with the AP to which the frame is being sent.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-23 11:50:28 +02:00
Jouni Malinen
5ce00d09c0 GAS server: Add support for Protected Dual of Public Action frames
When GAS is used with PMF negotiated, Protected Dual of Public Action
frames are expected to be used instead of Public Action frames, i.e.,
the GAS/ANQP frames are expected to be encrypted. Add support for this
different category of Action frames being used for GAS. The payload
after the Category field is identical, so the only change is in using
the Category field based on what was received in the request frames. For
backwards compatibility, do not enforce protected dual to be used on the
AP side, i.e., follow what the station does.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-23 11:19:55 +02:00
Jouni Malinen
ea6e040c30 Clear more configuration parameters to default on FLUSH
This makes it more convenient for test scripts to change parameters for
a specific test case without having to separately clear them between
each test case.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-23 10:21:49 +02:00
Raja Mani
cf70d2981d wpa_supplicant: Schedule PNO on completion of ongoing sched_scan
When start PNO request comes from control interface, wpa_supplicant
should wait until ongoing sched_scan (triggered by wpa_supplicant)
gets cancelled. Issuing cancel sched_scan and start PNO scan
one after another from pno_start() would lead wpa_supplicant to clear
wps->sched_scanning flag while getting sched_scan stopped event
from driver for cancel sched_scan request. In fact, PNO scan will
be in progress in driver and wpa_s->sched_scanning will not be set
in such cases.

In addition to this change, RSSI threshold limit is passed as part of
start sched_scan request. This was previously set only in pno_start(),
but the same parameter should be available for generic sched_scan calls
as well and this can now be reached through the new PNO start sequence.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-22 19:41:45 +02:00
Max Stepanov
a6cff8bfa8 wpa_supplicant: Fix seg fault in wpas_ctrl_radio_work_flush() in error case
Verify wpa_s->radio pointer before accessing it. If interface addition
fails, this could get called before wpa_s->radio has been set.

The segmentation fault details:

Program received signal SIGSEGV, Segmentation fault.
0x00000000004b9591 in wpas_ctrl_radio_work_flush (wpa_s=0x77fff0) at ctrl_iface.c:5754
5754		dl_list_for_each_safe(work, tmp, &wpa_s->radio->work,

Call stack:
0  wpas_ctrl_radio_work_flush (wpa_s=0x77fff0) at ctrl_iface.c:5754
1  wpa_supplicant_deinit_iface (wpa_s=0x77fff0, notify=0, terminate=0) at wpa_supplicant.c:3619
2  wpa_supplicant_add_iface (global=0x75db10, iface=0x7fffffffe270) at wpa_supplicant.c:3691
3  wpas_p2p_add_p2pdev_interface (wpa_s=0x75dd20) at p2p_supplicant.c:3700
4  main (argc=<optimized out>, argv=<optimized out>) at main.c:317

Function:
5750	void wpas_ctrl_radio_work_flush(struct wpa_supplicant *wpa_s)
5751	{
5752		struct wpa_radio_work *work, *tmp;
5753
5754		dl_list_for_each_safe(work, tmp, &wpa_s->radio->work,
5755				      struct wpa_radio_work, list) {
5756			struct wpa_external_work *ework;
5757
5758			if (os_strncmp(work->type, "ext:", 4) != 0)

Root cause:
(gdb) p wpa_s->radio
$1 = (struct wpa_radio *) 0x0

Signed-hostap: Max Stepanov <Max.Stepanov@intel.com>
2014-01-22 19:25:22 +02:00
David Spinadel
f62a3c2fce P2P: Clone dtim_period to a new interface
Cloning dtim_period is needed for P2P GO.

Signed-hostap: David Spinadel <david.spinadel@intel.com>
2014-01-22 19:24:41 +02:00
Jouni Malinen
88a0bcab6b Update copyright years in the manpages
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-21 16:33:25 +02:00
Dan Winship
32185f541c Sync manpages and command-line options
Signed-hostap: Dan Williams <dcbw@redhat.com>
2014-01-21 16:31:50 +02:00
Dan Williams
b948e78b46 Add manpage for eapol_test
Signed-hostap: Dan Williams <dcbw@redhat.com>
2014-01-21 16:30:46 +02:00
Dan Williams
36bd29ee5e wpa_supplicant: Fix usage text based on build options
Signed-hostap: Dan Williams <dcbw@redhat.com>
2014-01-21 16:28:31 +02:00
Raja Mani
dd271857a5 Skip normal scan when PNO is already in progress
Scan request failures are observed in wpa_supplicant debug log when
Android framework starts PNO scan in driver via ctrl interface command
'set pno 1' and wpa_supplicant also tries to issue a scan request after
PNO has started in the driver.

Some drivers may reject a normal scan request when PNO is already in
progress. wpa_supplicant should consider PNO status before issuing start
scan request to the driver. Otherwise, wpa_supplicant will get failures
from driver for the scan request and it will end up rescheduling scan
request in periodic interval and get a start scan request failure for
each attempt.

In order to avoid unnecessary scan attempt when PNO scan is already
running, PNO status is checked before issuing scan request to driver.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-21 16:19:49 +02:00
Rashmi Ramanna
a2d6365760 P2P: Extend the listen time based on the active concurrent session
A P2P Device while in the Listen state waiting to respond for the
obtained group negotiation request shall give a fair chance for other
concurrent sessions to use the shared radio by inducing an idle time
between the successive listen states. However, if there are no
concurrent operations, this idle time can be reduced.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-20 22:55:09 +02:00
Dmitry Shmidt
443427e4ed P2P: Add missing direct global ctrl_iface commands for P2P
It should be noted that these commands are not exclusively used for P2P
or in the global context, so use of these commands through the global
control interface for operations that are specific to a single interface
have undefined behavior and that behavior may change in the future. As
such, these are recommend only for operations that are in the global
context (e.g., for P2P management).

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2014-01-17 11:58:36 +02:00
Jithu Jance
37b4198af4 P2P: Use GO's operating channel to optimize scan during join
Use P2P GO's operating channel information, if known, to do a single
channel scan during the join operation.

Signed-hostap: Jithu Jance <jithu@broadcom.com>
2014-01-17 11:57:07 +02:00
Arend van Spriel
a0e9d89203 Use minimal scan delay upon EVENT_INTERFACE_ADDED
This patch resets the static interface_count to zero in case of
wpa_supplicant_driver_init() call for wpa_s which is in
INTERFACE_DISABLED state. This interface_count is used for the delay of
the scan which is now minimal for dynamically added interfaces. This may
collide with a scan for another interface, but the same is true for any
chosen delay in this scenario. Also the state change to DISCONNECTED is
moved to wpa_supplicant_driver_init() so it will move from
INTERFACE_DISABLED to INACTIVE when there are no enabled networks.

Tested-by: Hante Meuleman <meuleman@broadcom.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
2014-01-17 11:50:31 +02:00
Arend van Spriel
5ddd07cb37 Reset normal_scans counter upon entering INTERFACE_DISABLED state
Depending on the implementation, the scheduled scan may not give results
quickly when in DISCONNECTED state. This patch resets
wpa_s::normal_scans upon entering to the INTERFACE_DISABLED state so a
normal scan is assured upon going to DISCONNECTED state after the
interface has been re-enabled. This mainly solves a long reconnect time
observed upon repeated kernel driver reloads, i.e., third reload
resulted in a scheduled scan.

Reviewed-by: Hante Meuleman <meuleman@broadcom.com>
Signed-hostap: Arend van Spriel <arend@broadcom.com>
2014-01-17 11:48:17 +02:00
Sunil Dutt
3ed97271ba TDLS: Pass peer's Supported channel and oper class info during sta_add
The information of the peer's supported channel and operating class
is required for the driver to do TDLS off channel operations with a
compatible peer. Pass this information to the driver when the peer
station is getting added.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-14 17:24:33 +02:00
Jouni Malinen
c48414af8f P2P: Limit join-a-group scans based on SSID from invitation
If we already know the SSID of the P2P group we are trying to join, use
that SSID to limit scan responses and BSS selection since we do not
really look for any other network in this case. In addition, this can
fix cases where the peer has just changed its SSID (e.g., started a new
group) and there may be multiple BSS entries for the same BSSID.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-13 21:39:06 +02:00
Jouni Malinen
78f0c933e0 Flush secondary device types on FLUSH command
This makes it possible to clear previously configured secondary device
types.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 22:27:30 +02:00
Jouni Malinen
2b384109f2 P2P: Allow requested device type to be specified with p2p_find
This allows filtering of P2P peers that reply to the device discovery
Probe Request frames.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 20:01:19 +02:00
Jouni Malinen
d9bb2821e7 Clear configuration blobs on FLUSH command
All te network blocks and credentials were already cleared, but
configurations blobs should also be cleared here, e.g., to get
more consistent behavior test cases using EAP-FAST PACs.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 16:42:15 +02:00
Jouni Malinen
c60ba9f7ab Skip network disabling on expected EAP failure
Some EAP methods can go through a step that is expected to fail and as
such, should not trigger temporary network disabling when processing
EAP-Failure or deauthentication. EAP-WSC for WPS was already handled as
a special case, but similar behavior is needed for EAP-FAST with
unauthenticated provisioning.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-08 16:42:15 +02:00
Ben Greear
3043b4f455 nl80211: Document how to configure for libnl 2.0 and 3.2
Reported-by: Xose Vazquez Perez <xose.vazquez@gmail.com>

Signed-hostap: Ben Greear <greearb@candelatech.com>
2014-01-07 15:35:14 +02:00
Jouni Malinen
95fb2db242 P2P: Reject group formation on WPS provisioning failure
There is no need to wait for the 15 second group formation timeout to
clear the state if WPS failure is detected during P2P group formation.
Allow the WPS exchange steps (WSC_NACK and EAP-Failure) to be completed
and remove the group to get rid of the extra wait.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:12 +02:00
Jouni Malinen
6fc61e180e Fix TX status processing during AP mode shutdown in wpa_supplicant
A TX status event could be received after the AP interface has already
been deinitialized. This needs to check for NULL pointer before trying
to indicate the event to AP functions.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:12 +02:00
Jouni Malinen
b6a9590b34 Interworking: Keep up to two pending GAS_REQUEST responses
Previously, only the last response data was kept in memory. This
increases that to hold up to two last responses to allow some more
parallel operations to be requested. In addition, the response data is
now freed as soon as the external program has fetched it.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:12 +02:00
Jouni Malinen
090b8e3d14 Update copyright notices for the new year 2014
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:12 +02:00
Jouni Malinen
356d1488c4 Interworking: Add optional freq argument to INTERWORKING_SELECT
This can be used to limit which channels are scanned using the specified
list of frequency ranges in the same format that the SCAN command uses.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:10 +02:00
Jouni Malinen
a09ffd5f2f Fix req_scan-deplete-timeout and update eloop API for this
Commit e2f5a9889a was supposed to prevent
new scan request from pushing out the old one. However, it did not
really do that since eloop_deplete_timeout() returned 0 both for the
case where the old timeout existed (and was sooner) and if the old
timeout did not exist. It returned 1 only for the case where an old
timeout did exist and was larger than the new requested value. That case
used to result in wpa_supplicant_req_scan() rescheduling the timeout,
but hew code in eloop_deplete_timeout() did the exact same thing and as
such, did not really change anything apart from the debug log message.

Extend the eloop_deplete_timeout() (and eloop_replenish_timeout() for
that matter since it is very similar) to return three different values
based on whether the timeout existed or not and if yes, whether it was
modified. This allows wpa_supplicant_req_scan() to schedule a new
timeout only in the case there was no old timeout.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:10 +02:00
Jouni Malinen
083916c022 P2P: Clear p2p_disabled and p2p_per_sta_psk on FLUSH command
The control interface FLUSH command now includes clearing of
"P2P_SET disabled 1" and "P2P_SET per_sta_psk 1".

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:10 +02:00
Jouni Malinen
3f45fc403f P2P: Clear services on FLUSH command
The control interface FLUSH command now includes the step executed by
the P2P_SERVICE_FLUSH command.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:10 +02:00
Jouni Malinen
1f965e622a Allow external programs to request wpa_radio work items
The new control interface command RADIO_WORK can be used by external
programs to request radio allocation slots from wpa_supplicant if
exclusive radio control is needed, e.g., for offchannel operations. If
such operations are done directly to the driver, wpa_supplicant may not
have enough information to avoid conflicting operations. This new
command can be used to provide enough information and radio scheduling
to avoid issues with such cases.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:10 +02:00
Jouni Malinen
6428d0a71f Do not start wpa_radio work during externally triggered scan
If an external program triggers a scan, wpa_supplicant does not have a
wpa_radio work item for this operation to protect against other
offchannel operations. This can result in operations failing, so try to
avoid damage by not starting any new wpa_radio work items during a scan
that was started by another process.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:10 +02:00
Jouni Malinen
6470f471e4 Remove unneeded scan delay on connection-in-progress
This type of protection against concurrent connection and scan
operations is now enforced through the wpa_radio work mechanism, so this
separate protection mechanism is not needed anymore.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:09 +02:00
Jouni Malinen
4bb232153f Remove unneeded GAS query delay on connection-in-progress
This type of protection against concurrent connection and offchannel GAS
operations is now enforced through the wpa_radio work mechanism, so this
separate protection mechanism is not needed anymore.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:09 +02:00
Jouni Malinen
6ac4b15ef8 Use wpa_radio work for connection
This protects against conflicting offchannel operations during
connection (authentication, association, EAP exchanges, 4-way
handshake).

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:09 +02:00
Jouni Malinen
b9e6d7001d Use radio work for GAS requests
Avoid concurrent GAS operations with any other exclusive use of the
radio by using the radio work queuing mechanism. This replaces some of
the earlier constraints on concurrent operations with the more generic
wpa_radio work concept.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:09 +02:00
Jouni Malinen
e05e130837 P2P: Use radio work to protect offchannel Action frame exchanges
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:09 +02:00
Jouni Malinen
e1d1c8e223 Use radio work for P2P Listen requests
Avoid concurrent P2P Listen operations with any other exclusive use of
the radio by using the radio work queuing mechanism. This removes some
of the earlier workarounds that postponed scans depending on other
operations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 09:45:32 +02:00
Jouni Malinen
1b5d4714dd Use radio work for P2P scan requests
Avoid concurrent P2P scan requests with any other exclusive use of the
radio by using the radio work queuing mechanism. This removes some of
the earlier workarounds that postponed scans depending on other
operations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-05 22:39:25 +02:00
Jouni Malinen
d12a51b5d2 Use radio work for scan requests
Avoid concurrent scan requests by using the radio work queuing
mechanism.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-05 22:37:50 +02:00
Jouni Malinen
b1ae396f59 Add framework for exclusive radio operations
The new radio work item concept can be used to request time for an
operation that requires exclusive radio control, e.g., a scan. Once the
radio is available, the registered callback function will be called.
radio_work_done() must be called once the exclusive radio operation has
been completed, so that the radio is freed for other operations. The
special case of deinit=1 is used to free the context data during
interface removal. That does not allow the callback function to start
the radio operation, i.e., it needs to free the allocated resources
and return.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-05 22:37:03 +02:00
Jouni Malinen
dd43aaa509 Add helper functions for cloning and freeing scan parameters
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-05 22:35:52 +02:00
Jouni Malinen
06f9acce18 Ignore externally triggered scan results with scan_res_handler
wpa_s->scan_res_handler is set only for cases where a scan operation is
requested for a specific purpose. As such, this callback should only be
called when a scan result from a scan that was triggered by
wpa_supplicant is processed.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-05 22:34:17 +02:00
Jouni Malinen
c9b5559737 Clean up ctrl_iface debug prints for monitor events
Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-05 22:34:09 +02:00
Jouni Malinen
d31b5ac778 Use cleaner debug print for ctrl_iface commands with private info
Convert this to a text string instead of ASCII hexdump to make the
debug log more convenient to use.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-05 22:33:50 +02:00
Jouni Malinen
9595151f3f Remove duplicated RX ctrl_iface hexdump
The newer wpa_dbg() print includes the same information in a more
convenient form, so remove the duplicate RX ctrl_iface hexdump in the
cases where there is no key material in the control interface commands
(the possible-key-material case is still using wpa_hexdump_ascii_key).

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-05 22:33:18 +02:00
Jouni Malinen
9b850799c1 Fix scan-cache-clearing operation to avoid unnecessary cases
wpa_drv_scan() success case was supposed to clear
wpa_s->clear_driver_scan_cache, not params->only_new_results (which
would do nothing here).

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-03 08:55:51 +02:00
Jouni Malinen
2f30cac36f Avoid unnecessary key clearing operations
Track set_key operations per-key index and clear keys on disconnection
only if the key was set (or may have been set which is the case for the
first operation after wpa_supplicant start).

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 23:49:38 +02:00
Jouni Malinen
949938aadf Ask driver to report only new scan results if requested
If the BSS table within wpa_supplicant is flushed, request the driver to
flush its own scan result table during the next scan. This can avoid
unexpected old BSS entries showing up after BSS_FLUSH or FLUSH command
in cases where the driver may maintain its internal cache of scan
results (e.g., cfg80211 BSS table persists at least for 15 seconds).

In addition to doing this automatically on BSS_FLUSH/FLUSH, a new SCAN
command argument, only_new=1, can be used to request a manual scan
request to do same. Though, it should be noted that this maintains the
BSS table within wpa_supplicant. BSS_FLUSH followed by SCAN command can
be used to clear all BSS entries from both the driver and
wpa_supplicant.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 23:03:31 +02:00
Jouni Malinen
101bdc2e8c Remove forgotten notes about already removed driver wrappers
These old driver wrappers have been removed quite some time ago, but
some of the build configuration notes were still describing how they
are configured.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 10:23:30 +02:00
Jouni Malinen
70067530b6 Update EAP-FAST note regarding OpenSSL support
This is now supported in the current OpenSSL version.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 10:13:11 +02:00
Jouni Malinen
5890fa81d8 WPS: Fix clear-from-timeout handling to avoid race condition
The 100 ms timeout to clear WPS state after EAP-Failure has been
received worked otherwise fine, but it opened a race condition on
another WPS operation starting within that wait. If that happens, the
timeout will cancel that new operation unexpectedly. Fix this by
cancelling the timeout from wpas_clear_wps().

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-01 22:00:09 +02:00
Jouni Malinen
c64e3a08a9 P2P: Send received Presence Response information to ctrl_iface monitors
The P2P_PRESENCE_REQ command did not give any easily available
indication of the response received from the GO. Make this more useful
by providing such response (if received) as a ctrl_iface monitor event
(P2P-PRESENCE-RESPONSE).

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-01 18:44:44 +02:00
Jouni Malinen
c5838683a8 Mark wpas_wps_er_nfc_handover_sel() static
This is not used outside wps_supplicant.c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-31 19:37:15 +02:00
Jouni Malinen
0187c41d88 Declare wpa_debug_* variables in src/utils/wpa_debug.h
These were somewhat more hidden to avoid direct use, but there are now
numerous places where these are needed and more justification to make
the extern int declarations available from wpa_debug.h. In addition,
this avoids some warnings from sparse.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-31 19:29:52 +02:00
Jouni Malinen
fcc61230d1 Declare wpa_drivers in src/drivers/driver.h
This avoids some warnings from sparse.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-31 19:19:37 +02:00
Jouni Malinen
0d79b50ae7 Clear EAPOL Logoff state on FLUSH command
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-31 19:03:39 +02:00
Jouni Malinen
4848a38d85 Get rid of duplicated cipher suite and AKM definitions
WPA_CIPHER_* and CIPHER_* are used for the exact same set of cipher
suites with the main difference being that the WPA_CIPHER_* version is
suitable to be used as a bitfield. Similarly, WPA_KEY_MGMT_* and
KEY_MGMT_* have similar design for AKMs. There is no need to maintain
two separate copies of the definitions since the bitfield compatible
version can be used for both needs. Get rid of the CIPHER_* and
KEY_MGMT_* versions to clean up the implementation by getting rid of
unnecessary mapping functions.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-31 09:16:27 +02:00
Jouni Malinen
ef93abded7 WPS: Clean up UUID debug print
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-30 23:35:48 +02:00
Jouni Malinen
03ed332407 Interworking: Allow cred blocks not to be saved to a file
The new cred block parameter 'temporary' can be used to indicate that a
cred block is not to be saved to wpa_supplicant configuration file
(e.g., "SET_CRED 0 temporary 1"). This is similar to the concept of
temporary network blocks and allows cred blocks to be managed outside
the wpa_supplicant config file when other parameters are still saved to
the file written by wpa_supplicant.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-30 15:43:55 +02:00
Jouni Malinen
04f7ecc686 Reset WPA parameters to default values on FLUSH command
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 19:25:05 +02:00
Jouni Malinen
152cff6ba6 P2P: Remove WPA_DRIVER_FLAGS_P2P_MGMT option
The option of handling upper layer P2P management operations within the
driver/firmware was originally planned to be used with wpa_supplicant,
but this has not really happened and there is no clear sign of this
being needed in the near term either. This functionality has not been
completed and it is certainly not being kept up-to-date or tested. As
such, it is best to remove it for now and if this or something similar
is needed in the future, it can be brought back once a clear need for it
has been demonstrated first.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 18:20:47 +02:00
Jouni Malinen
538d6f4b54 WPS: Use shorter scan interval during pre-provisioning search
Previously, the shorter scan interval was already in use for the
connection following the provisioning step, but same optimization can
also be used for the pre-provisioning scan.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 18:02:05 +02:00
Jouni Malinen
3187fd900d WPS: Replace wpas_wps_in_progress with identical wpas_wps_searching
There is no point in maintaining two different functions that do
practically the same check of WPS state.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 17:59:12 +02:00
Jouni Malinen
dbfb8e82ff Remove unnecessary EVENT_RX_ACTION
This driver event was used separately for some Action frames, but all
the driver wrappers converted to this from information that would have
been enough to indicate an EVENT_RX_MGMT event. In addition, the
received event was then converted back to a full IEEE 802.11 management
frame for processing in most cases. This is unnecessary complexity, so
get rid of the extra path and use EVENT_RX_MGMT for Action frames as
well as other management frame subtypes.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 17:18:17 +02:00
Jouni Malinen
8aaafcee9e Make local UUID available through ctrl_iface STATUS command
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 10:00:32 +02:00
Jouni Malinen
7b02375a41 Clear wps_fragment_size on FLUSH command
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 10:00:32 +02:00
Jouni Malinen
db76aa64f1 Fix PeerKey 4-way handshake
The earlier changes to buffer EAPOL frames when not associated to avoid
race conditions (especially commit
3ab35a6603 but maybe something even before
that) broke PeerKey 4-way handshake. Fix this by using a separate check
before the race condition workaround to process PeerKey 4-way handshake
EAPOL-Key messages differently.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-28 16:32:54 +02:00
Jouni Malinen
2cd0f6a429 WNM: Add Target BSSID into BSS Transition Management Response
P802.11-REVmc clarifies that the Target BSSID field is always present
hen status code is zero, so match that requirement.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-27 18:11:07 +02:00
Jouni Malinen
a8a6a35fd6 WNM: Use nonzero dialog token in BSS Transition Management Query
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-27 18:11:07 +02:00
Sudha Daram
3c1060ff8f WNM: Add debug logs to get the RSSI from the scan results
This commit adds few more debug prints to log the RSSI information from
the scanned BSSIDs and the current connected BSSID when comparing
neighbor results during WNM Transition Management Request processing.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-12-26 22:26:05 +02:00
Jouni Malinen
c511b321f3 WPS: Remove old duplicate network even if key is different
Previously, WPS credential provisioning removed duplicated network
entries only if they had identicical SSID, security parameters, and the
keys. However, it is possible that the AP has changes its keys and
leaving the old entry behind can result in connectibity issues (e.g.,
with 4-way handshake failing due to use of the old PSK). Fix this by
allowing the old network entry to be removed even if the keys
(passphrase, PSK, WEP keys) are different.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-12-26 20:50:28 +02:00
Jouni Malinen
9d2cb3ec94 Make CONFIG_TESTING_OPTIONS=y enable all testing options
This makes it easier to enable various testing parameters and
functionality in build configuration.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-12-26 20:50:28 +02:00
Jouni Malinen
662b40b16b WPS: Reduce scan wait time during WPS processing
Since the AP is expected to be available, there is no need to wait for
the full five second wait between scans during WPS connection. This
speeds up cases where the first scan misses the AP for some reason.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-12-26 20:50:28 +02:00
Jouni Malinen
015af91fea Do not use results from externally requested scan for network selection
It may not always be desirable to trigger reassociation or network
change based on scan results from externally to wpa_supplicant trigger
scan operations. Skip network selection and roaming determination if the
received scan result is known to be triggered by something external to
wpa_supplicant. The control interface SCAN command can be used to
request wpa_supplicant to determine the best network.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 20:50:28 +02:00
Jouni Malinen
1cd93ff743 Reschedule own scan request if an externally started one is in progress
This avoids some unnecessary attempts to request the driver to start a
scan while it is still busy with the scan operation that was started by
an external program.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 18:48:52 +02:00
Jouni Malinen
dc3906cb2d Show timing information about scan requests in debug log
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 18:48:52 +02:00
Jouni Malinen
d81c73be18 Optional scan id for ctrl_iface SCAN requests
This allows users of wpa_supplicant control interface to figure out when
their specific scan command has been started and completed. For example:

CTRL-EVENT-SCAN-STARTED
> scan freq=2412,2417 passive=1 use_id=1
3
CTRL-EVENT-SCAN-RESULTS
CTRL-EVENT-SCAN-STARTED id=3
CTRL-EVENT-SCAN-RESULTS id=3

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 18:48:52 +02:00
Jouni Malinen
a5f40eff18 Track whether scan was started by us or an external program
This can be used to improve scan behavior in cases external programs
request scans directly from the driver.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 18:27:48 +02:00
Jouni Malinen
88c2d48860 Allow passive scan to be requested with SCAN passive=1
This allows external programs to request wpa_supplicant to execute
a passive scan (i.e., do not send any Probe Request frames).

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 18:27:48 +02:00
Jouni Malinen
69278f7328 Remove unused last_scan_full
This parameter was not really used for anything else apart from a debug
message in the same function that set it. In addition, cfg80211 returns
the set of scanned frequencies even for the full scan, so the code that
was setting this conditionally on frequency list not being there was not
really ever entered either.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 18:27:48 +02:00
Jouni Malinen
1f5d2dd3d7 Interworking: Allow EAP-FAST to be used
This behaves like PEAP as far as Interworking network selection is
concerned.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 16:55:45 +02:00
Jouni Malinen
6ffa1687ee Add GAS-QUERY-START and GAS-QUERY-DONE event messages
External programs can use these new control interface events to better
track progress of GAS operations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 16:55:45 +02:00
Jouni Malinen
fee5234284 Allow channel list to be specified for SCAN command
The new freq=<frequency ranges> parameter to the SCAN command can be
used to request a scan to be performed on the specified set of channels
instead of on all channels. For example, "wpa_cli scan
freq=2400-2500,5180" would scan channels 1-14 and 36. Only the channels
that the driver indicates as enabled and that are within the specified
ranges are included in the request.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 16:55:44 +02:00
Jouni Malinen
98eda9c26d Move int_array helpfer functions to utils/common.c
These can be useful outside scan.c, so make them available.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 13:37:06 +02:00
Jouni Malinen
a4cfb48694 Add make lcov-html to generate code coverage report
In addition, update build rules to compile object files in the same
directory as the source code file if CONFIG_CODE_COVERAGE=y is set to
make lcov find the source code files.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 13:37:06 +02:00
Jouni Malinen
4daa011be4 Clean up cipher capability prints
Use an array of ciphers and a loop instead of copy-pasted copies of the
same printing functionality for each cipher.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-25 10:44:06 +02:00
Jouni Malinen
30675c3416 Add definitions for new cipher suites from IEEE Std 802.11ac-2013
This adds initial parts for supporting the new GCMP-256, CCMP-256,
BIP-GMAC-128, BIP-GMAC-256, and BIP-CMAC-256 cipher suites.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-24 22:21:04 +02:00
Moshe Benji
ab41595f35 wpa_supplicant: Fix crash when terminating all interfaces
In wpa_supplicant_terminate_proc(), while iterating and
terminating interfaces, after an interface is terminated,
we can no longer access its memory as it is no longer valid
and causes a crash.

Fix this by saving the pointer to the next interface before freeing
the current one to avoid accessing an invalid memory location.

Signed-hostap: Moshe Benji <moshe.benji@intel.com>
2013-12-24 08:29:28 +02:00
Johannes Berg
a12d34546a wpa_supplicant: Use monotonic time for last_scan check
This just serves to check if there was a scan within
the last 5 seconds, hence it should use monotonic time.
While at it, also use os_reltime_expired().

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-24 08:21:18 +02:00
Johannes Berg
51bffab117 WPS: Use monotonic time for AP connection attempt
This is only used for a debug message, but that message prints
the time since the last attempt, so it should use monotonic
time instead of wall clock.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-24 08:19:47 +02:00
Johannes Berg
6473e5c842 wpa_supplicant: Use relative time for TKIP Michael MIC failures
The MMIC failure code should use monotonic time to check
whether 60 seconds have elapsed or not. For type-safety,
use struct os_reltime for the timestamp variable, and
also convert to using os_reltime_expired().

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-24 08:18:47 +02:00
Johannes Berg
4e1eae1dff wpa_supplicant: Use monotonic time for temp-disabled networks
Temporarily disabled networks are disabled for a certain
duration, so the code should use monotonic time.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-24 08:01:59 +02:00
Johannes Berg
151ab808fa P2P: Use monotonic time for GO client waiting
GO activation can fail if the first client doesn't connect
within a certain time, but this should not be dependent on
wall time -- use monotonic time instead.

While at it, use os_reltime_expired().

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-24 08:00:03 +02:00
Johannes Berg
3326f19355 IBSS RSN: Use monotonic time for reinit detection
The reinit detection skips reinit when the time since the own
authentication frame TX is less than half a second, so it shouldn't
be affected by wall time and use monotonic time instead.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-24 07:58:21 +02:00
Johannes Berg
c2be937ce7 wpa_supplicant: Use monotonic time for EAPOL RX workaround
The EAPOL RX workaround checks that the events are less than 100 ms
apart, so only uses relative times and should use monotonic time.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-24 07:35:42 +02:00
Johannes Berg
e72a001b0f bgscan: Use monotonic time
The bgscan simple and learn algorithms should run regardless
of wall clock time jumps, so make them use monotonic time.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-24 07:34:43 +02:00
Johannes Berg
acb69cec6f wpa_supplicant: Use monotonic time for RX/BSS times
The BSS table, scan timeout, and related functionality should use
monotonic time since they care about relative values (age) only.
Unfortunately, these are all connected, so the patch can't be split
further. Another problem with this is that it changes the driver wrapper
API. Though, it seems only the test driver is using this.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-24 07:27:02 +02:00
Johannes Berg
46b8d4c004 wpa_supplicant: Use monotonic time for SA query timeout
The SA query timeout is just a regular timeout (currently
hard-coded to 1000 TU), so use monotonic time for it.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2013-12-24 07:17:25 +02:00