Commit graph

2763 commits

Author SHA1 Message Date
Jouni Malinen
80d5a3db9a WPS: Start EAPOL immediately even without WPA on WPS association
Previously, the immediate EAPOL authenticator startup was scheduled
without having received EAPOL-Start only for the case where WPA/WPA2 was
enabled. This can be extended to speed up non-WPA/WPA2 cases as well if
the STA includes WPS IE in Association Request frame.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
71f1d1e54d hostapd: Fix memory leak on dynamic add-BSS error path
If "ADD bss_config=" command failed in driver_init() or
hostapd_setup_interface(), some of the allocated resources were not
freed properly.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 17:42:23 +02:00
Jouni Malinen
369d07afc1 FT: Make aes_wrap() call easier to analyze
Using aes_wrap() to initialize a data structure seemed to be too much
for some static analyzers to understand. Make it obvious that the target
is not just the single struct member. (CID 68111)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 12:16:32 +02:00
Jouni Malinen
7696760388 FT: Make aes_unwrap() calls easier to analyze
Using aes_unwrap() to initialize a data structure seemed to be too much
for some static analyzers to understand. Make it obvious that the target
is initialized and that the target is not just the single struct member.
In addition, clean up the design to avoid removal of const with a
typecast. (CID 68112, CID 68134, CID 68135, CID 68136)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 12:16:32 +02:00
Jouni Malinen
5085ffb8f8 hostapd: Fix HT40 determination for ACS offload
Commit 16689c7cfc ('hostapd: Allow ACS to
be offloaded to the driver') used incorrect operator to determine
whether HT40 was configured. Fix that to mask the ht_capab bit
correctly. (CID 77286)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-05 01:08:40 +02:00
Jouni Malinen
d3bddd8b84 ERP: Add support for ERP on EAP server and authenticator
Derive rRK and rIK on EAP server if ERP is enabled and use these keys to
allow EAP re-authentication to be used and to derive rMSK.

The new hostapd configuration parameter eap_server_erp=1 can now be used
to configure the integrated EAP server to derive EMSK, rRK, and rIK at
the successful completion of an EAP authentication method. This
functionality is not included in the default build and can be enabled
with CONFIG_ERP=y.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-04 12:16:27 +02:00
Jouni Malinen
2a5156a66c ERP: Add optional EAP-Initiate/Re-auth-Start transmission
hostapd can now be configured to transmit EAP-Initiate/Re-auth-Start
before EAP-Request/Identity to try to initiate ERP. This is disabled by
default and can be enabled with erp_send_reauth_start=1 and optional
erp_reauth_start_domain=<domain>.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-04 12:08:56 +02:00
Peng Xu
16689c7cfc hostapd: Allow ACS to be offloaded to the driver
Using QCA vendor command, allow ACS function to be offloaded to the
driver. Once channels are selected, hostapd is notified to perform OBSS
operation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-03 22:31:53 +02:00
Jouni Malinen
631739b361 Clear WLAN_STA_ASSOC_REQ_OK on AP-initiated deauthentication
This flag was left in the STA entry for the short duration after the STA
gets deauthenticated. If the STA sends a Class 2 or 3 frame during that
short time, the AP would not have replied with Deauthentication frame
indicating no association is present.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-29 13:31:54 +02:00
Jouni Malinen
0ecff8d7c3 Add hostapd driver_params config parameter
This is mainly for development testing purposes to allow driver_nl80211
behavior to be modified.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-29 13:24:42 +02:00
Jouni Malinen
ebd557288c Remove forgotten driver_test.c variables
hostapd was still providing couple of parameters that were used only in
the already removed driver_test.c framework.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-29 12:49:55 +02:00
Jouni Malinen
bcb132e185 proxyarp: Validate IPv4 header total length value in dhcp_snoop
This field needs to be validated in addition to validating the total
length of the received frame to avoid reading beyond the frame buffer.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:41:26 +02:00
Jouni Malinen
8c5043b42c proxyarp: Relax frame length limit for RA and NA
Only the NS frames should be checked to be long enough to cover all the
fields used in the NS data structure. This allows shorter RA and NA
frames to be processed for multicast-to-unicast rules.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:37:05 +02:00
Jouni Malinen
ef3ea80c68 proxyarp: Fix x_snoop multicast-to-unicast debug print
l2_packet_send() returns >= 0 on success, i.e., non-zero value does not
mean failure. Fix this debug print to show up only on negative return
values.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:37:05 +02:00
Jouni Malinen
89052e9952 proxyarp: Add debug log entry on multicast-to-unicast conversion
This makes it easier to debug operations. The debug message is marked
EXCESSIVE, though, to avoid filling the logs with too much information
in default debugging cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:37:05 +02:00
Jouni Malinen
df131d4597 proxyarp: Try multicast-to-unicast conversion only for authorized STAs
There is no point in trying to send the unicast converted version to a
STA that is not in authorized state since the driver would be expected
to drop normal TX Data frames in such state.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-28 22:36:56 +02:00
Jouni Malinen
a6b4ee217a proxyarp: Print learned IPv6 address in debug log
This makes it easier to debug issues related to IPv6 address snooping.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-26 01:09:54 +02:00
Jouni Malinen
a7fb5ea463 proxyarp: Fix DHCP and ND message structures
These need to be marked packed to avoid issues with compilers
potentially adding padding between the fields (e.g., gcc on 64-bit
seemed to make struct icmpv6_ndmsg two octets too long which broke IPv6
address discovery).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-26 01:09:54 +02:00
Jouni Malinen
a437378f98 proxyarp: Use C library header files and CONFIG_IPV6
This replaces the use of Linux kernel header files (linux/ip.h,
linux/udp.h, linux/ipv6.h, and linux/icmpv6.h) with equivalent header
files from C library. In addition, ndisc_snoop.c is now built
conditionally on CONFIG_IPV6=y so that it is easier to handle hostapd
builds with toolchains that do not support IPv6 even if Hotspot 2.0 is
enabled in the build.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-25 16:58:21 +02:00
Masashi Honma
a959a3b69d SAE: Fix Anti-Clogging Token request frame format
This commit inserts Finite Cyclic Group to Anti-Clogging Token request
frame because IEEE Std 802.11-2012, Table 8-29 says "Finite Cyclic Group
is present if Status is zero or 76".

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-11-25 16:08:53 +02:00
Masashi Honma
872b754512 mesh: Fix SAE anti-clogging functionality for mesh
The mesh anti-clogging functionality is implemented partially. This
patch fixes to parse anti-clogging request frame and use anti-clogging
token.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-11-25 15:33:04 +02:00
Jouni Malinen
5c6787a6ca PeerKey: Clean up EAPOL-Key Key Data processing on AP
This extends the earlier PeerKey station side design to be used on the
AP side as well by passing pointer and already validated length from the
caller rather than parsing the length again from the frame buffer. This
avoids false warnings from static analyzer (CID 62870, CID 62871,
CID 62872).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-23 21:03:40 +02:00
Jouni Malinen
5351480047 Add BSS-TM-RESP ctrl_iface event
This event allows external monitors to track STA response to BSS
Transition Management Request.

BSS-TM-RESP <STA addr> status_code=<#> bss_termination_delay=<#>
[target_bssid=<BSSID>]

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-22 16:34:34 +02:00
Jouni Malinen
a30dff07fb Add BSS_TM_REQ command to send BSS Transition Management Request
hostapd control interface can now be used to request transmission of a
BSS Transition Management Request frame to a specified station.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-22 16:34:34 +02:00
Jouni Malinen
f23c5b17e1 AP: Extend EAPOL-Key msg 1/4 retry workaround for changing SNonce
If the 4-way handshake ends up having to retransmit the EAPOL-Key
message 1/4 due to a timeout on waiting for the response, it is possible
for the Supplicant to change SNonce between the first and second
EAPOL-Key message 2/4. This is not really desirable due to extra
complexities it causes on the Authenticator side, but some deployed
stations are doing this.

This message sequence looks like this:
AP->STA: EAPOL-Key 1/4 (replay counter 1, ANonce)
AP->STA: EAPOL-Key 1/4 (replay counter 2, ANonce)
STA->AP: EAPOL-Key 2/4 (replay counter 1, SNonce 1)
AP->STA: EAPOL-Key 3/4 (replay counter 3, ANonce)
STA->AP: EAPOL-Key 2/4 (replay counter 2, SNonce 2)
followed by either:
STA->AP: EAPOL-Key 4/4 (replay counter 3 using PTK from SNonce 1)
or:
AP->STA: EAPOL-Key 3/4 (replay counter 4, ANonce)
STA->AP: EAPOL-Key 4/4 (replay counter 4, using PTK from SNonce 2)

Previously, Authenticator implementation was able to handle the cases
where SNonce 1 and SNonce 2 were identifical (i.e., Supplicant did not
update SNonce which is the wpa_supplicant behavior) and where PTK
derived using SNonce 2 was used in EAPOL-Key 4/4. However, the case of
using PTK from SNonce 1 was rejected ("WPA: received EAPOL-Key 4/4
Pairwise with unexpected replay counter" since EAPOL-Key 3/4 TX and
following second EAPOL-Key 2/4 invalidated the Replay Counter that was
used previously with the first SNonce).

This commit extends the AP/Authenticator workaround to keep both SNonce
values in memory if two EAPOL-Key 2/4 messages are received with
different SNonce values. The following EAPOL-Key 4/4 message is then
accepted whether the MIC has been calculated with the latest SNonce (the
previously existing behavior) or with the earlier SNonce (the new
extension). This makes 4-way handshake more robust with stations that
update SNonce for each transmitted EAPOL-Key 2/4 message in cases where
EAPOL-Key message 1/4 needs to be retransmitted.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-21 17:02:00 +02:00
Jouni Malinen
db099951cb Print EAPOL-Key Replay Counter in Authenticator debug log
This makes it easier to debug issues relared to EAPOL-Key
retransmissions.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-11-21 15:35:19 +02:00
Kyeyoon Park
47261405d7 AP: Add support for multicast-to-unicast conversion for DGAF Disable
When DGAF Disable is on, perform multicast-to-unicast for DHCP packets
and Router Advertisement packets. This is a requirement for Hotspot 2.0.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-11-19 16:47:06 +02:00
Kyeyoon Park
bd00c4311c AP: Add Neighbor Discovery snooping mechanism for Proxy ARP
This commit establishes the infrastructure, and handles the Neighbor
Solicitation and Neighbor Advertisement frames. This will be extended
in the future to handle other frames.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-11-19 16:47:06 +02:00
Kyeyoon Park
5c58944d08 AP: Add multicast-to-unicast conversion send for "x_snoop"
Multicast-to-unicast conversion send will be needed in various part of
Proxy ARP and DGAF Disable.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-11-19 16:25:13 +02:00
Kyeyoon Park
ed4ddb6d77 AP: Extend the BSS bridge neighbor entry management to support IPv6
This allows adding/deleting an IPv6 neighbor entry to/from the bridge,
to which the BSS belongs. This commit adds the needed functionality in
driver_nl80211.c for the Linux bridge implementation. In theory, this
could be shared with multiple Linux driver interfaces, but for now, only
the main nl80211 interface is supported.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-11-19 16:23:38 +02:00
Kyeyoon Park
1d783762cf AP: Convert "dhcp_snoop" to use the generic "x_snoop"
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-11-19 16:14:15 +02:00
Kyeyoon Park
c127355cb8 AP: Add a generic "x_snoop" infrastructure for Proxy ARP
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-11-19 16:14:02 +02:00
Ilan Peer
38cb0a2db6 AP: Drop retransmitted auth/assoc/action frames
It is possible that a station device might miss an ACK for an
authentication, association, or action frame, and thus retransmit the
same frame although the frame is already being processed in the stack.
While the duplicated frame should really be dropped in the kernel or
firmware code where duplicate detection is implemented for data frames,
it is possible that pre-association cases are not fully addressed (which
is the case at least with mac80211 today) and the frame may be delivered
to upper layer stack.

In such a case, the local AP will process the retransmitted frame although
it has already handled the request, which might cause the station to get
confused and as a result disconnect from the AP, blacklist it, etc.

To avoid such a case, save the sequence control of the last processed
management frame and in case of retransmissions drop them.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2014-11-19 15:20:47 +02:00
Jouni Malinen
afbe57d981 DFS: Fix hostapd operation without hw_mode driver data
If DFS implementation was built in, some configurations with drivers
that do not provide mode information could end up dereferencing a NULL
pointer. Fix this by skipping DFS operations in such cases since not
having information about modes and channels means that hostapd could not
perform DFS anyway (i.e., either this is not a wireless driver or the
driver takes care of DFS internally).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-17 01:14:35 +02:00
Jouni Malinen
e9b783d58c Fix hostapd operation without hw_mode driver data
Commit 7f0303d5b0 ('hostapd: Verify VHT
160/80+80 MHz driver support') added couple of hapd->iface->current_mode
dereferences of which the one in hostapd_set_freq() can be hit with some
configuration files when using driver wrappers that do not have hw_mode
data, i.e., when current_mode is NULL. This could result in segmentation
fault when trying to use driver=wired. Fix this by checking that
current_mode is not NULL before dereferencing it to get vht_capab.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-17 01:08:04 +02:00
Masashi Honma
e609679984 mesh: Make plink params configurable
This patch makes four MIB variables for plink configurable and sets the
correct default values based on IEEE Std 802.11s-2011.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-11-16 19:43:11 +02:00
Chun-Yeow Yeoh
c596f3f083 mesh: Add timer for SAE authentication in RSN mesh
Add timer to do SAE re-authentication with number of tries defined
by MESH_AUTH_RETRY and timeout defined by MESH_AUTH_TIMEOUT.

Ignoring the sending of reply message on "SAE confirm before commit"
to avoid "ping-pong" issues with other mesh nodes. This is obvious when
number of mesh nodes in MBSS reaching 6.

Signed-off-by: Chun-Yeow Yeoh <yeohchunyeow@gmail.com>
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-11-16 19:43:11 +02:00
Bob Copeland
c50d94f1f8 mesh: Start mesh peering after successful authentication
[original patch by: Thomas Pedersen <thomas@noack.us>]
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-11-16 19:43:11 +02:00
Bob Copeland
e96da42b0e SAE: Enhance AP implementation to handle auth for mesh interfaces
Add state transition logic to the SAE frame handling in order to more
fully implement the state machine from the IEEE 802.11 standard. Special
cases are needed for infrastructure BSS case to avoid unexpected
Authentication frame sequence by postponing transmission of the second
Authentication frame untile the STA sends its Confirm.

[original patch by: Thomas Pedersen <thomas@noack.us>]
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-11-16 19:43:11 +02:00
Thomas Pedersen
0f950df029 mesh: Add mesh robust security network
This implementation provides:

- Mesh SAE authentication mechanism
- Key management (set/get PSK)
- Cryptographic key establishment
- Enhanced protection mechanisms for robust management frames

Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Thomas Pedersen <thomas@noack.us>
2014-11-16 19:43:06 +02:00
Dmitry Shmidt
88cb27c7a5 hostapd: Add wowlan_triggers config param
New kernels in wiphy_suspend() will call cfg80211_leave_all() that will
eventually end up in cfg80211_stop_ap() unless wowlan_triggers were set.
For now, use the parameters from the station mode as-is. It may be
desirable to extend (or constraint) this in the future for specific AP
mode needs.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2014-11-16 17:09:11 +02:00
Jouni Malinen
929a2ea5df Suite B: Select EAPOL-Key integrity and key-wrap algorithms based on AKM
This adds support for AKM 00-0F-AC:11 to specify the integrity and
key-wrap algorithms for EAPOL-Key frames using the new design where
descriptor version is set to 0 and algorithms are determined based on
AKM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-16 17:09:11 +02:00
Jouni Malinen
087a1f4efd Suite B: PMKID derivation for AKM 00-0F-AC:11
The new AKM uses a different mechanism of deriving the PMKID based on
KCK instead of PMK. hostapd was already doing this after the KCK had
been derived, but wpa_supplicant functionality needs to be moved from
processing of EAPOL-Key frame 1/4 to 3/4 to have the KCK available.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-16 17:09:11 +02:00
Jouni Malinen
666497c8e6 Suite B: Add AKM 00-0F-AC:11
This adds definitions for the 128-bit level Suite B AKM 00-0F-AC:11. The
functionality itself is not yet complete, i.e., this commit only
includes parts to negotiate the new AKM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-16 13:20:51 +02:00
Yanbo Li
e3a8ad4405 hostapd: Change drv_flags from unsigned int to u64
Some flag already using a bit larger than 32, so extend the hostapd
drv_flags type similarly to the earlier wpa_supplicant change to get the
full flag content.

Signed-off-by: Yanbo Li <yanbol@qti.qualcomm.com>
2014-11-14 12:55:53 +02:00
Jouni Malinen
0f812c993b Remove unused EVENT_FT_RRB_RX
This was used in hostapd driver_test.c, but that driver wrapper has been
removed and there are no remaining or expected users for
EVENT_FT_RRB_RX.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-11-01 19:27:48 +02:00
Kyeyoon Park
7d597d4617 AP: Add support for Proxy ARP, DHCP snooping mechanism
Proxy ARP allows the AP devices to keep track of the hardware address to
IP address mapping of the STA devices within the BSS. When a request for
such information is made (i.e., ARP request, Neighbor Solicitation), the
AP will respond on behalf of the STA device within the BSS. Such
requests could originate from a device within the BSS or also from the
bridge. In the process of the AP replying to the request (i.e., ARP
reply, Neighbor Advertisement), the AP will drop the original request
frame. The relevant STA will not even know that such information was
ever requested.

This feature is a requirement for Hotspot 2.0, and is defined in IEEE
Std 802.11-2012, 10.23.13. While the Proxy ARP support code mainly
resides in the kernel bridge code, in order to optimize the performance
and simplify kernel implementation, the DHCP snooping code was added to
the hostapd.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-10-28 01:08:29 +02:00
Kyeyoon Park
7565752d47 AP: Add support for setting bridge network parameter
This allows setting a network parameter on the bridge that the BSS
belongs to.

This commit adds the needed functionality in driver_nl80211.c for the
Linux bridge implementation. In theory, this could be shared with
multiple Linux driver interfaces, but for now, only the main nl80211
interface is supported.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-10-28 01:08:29 +02:00
Kyeyoon Park
73d2294fbe AP: Add support for setting bridge port attributes
This allows setting a bridge port attribute. Specifically, the bridge
port in this context is the port to which the BSS belongs.

This commit adds the needed functionality in driver_nl80211.c for the
Linux bridge implementation. In theory, this could be shared with
multiple Linux driver interfaces, but for now, only the main nl80211
interface is supported.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-10-28 01:08:29 +02:00
Kyeyoon Park
71103bed42 AP: Add support for IPv4 neighbor entry management to the BSS bridge
This allows adding/deleting an IPv4 neighbor entry to/from the bridge,
to which the BSS belongs. This commit adds the needed functionality in
driver_nl80211.c for the Linux bridge implementation. In theory, this
could be shared with multiple Linux driver interfaces, but for now, only
the main nl80211 interface is supported.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-10-28 01:08:29 +02:00
Ahmad Masri
d77419d234 P2P: Support GCMP as part of 60 GHz support
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-27 17:15:09 +02:00
Jouni Malinen
2f06bcb361 Write human readable version of channel width to CSA event debug log
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-26 11:36:14 +02:00
Jouni Malinen
ab93fdebf1 hostapd: Add INTERFACE-ENABLED and INTERFACE-DISABLED events
These can be convenient for upper layer programs to determine if the
hostapd interface gets disabled/re-enabled, e.g., due to rfkill
block/unblock.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-26 10:52:54 +02:00
Ilan Peer
0a44358055 wpa_supplicant: Use the 'no_ir' notation
Use the 'no_ir' notation instead of the 'passive scan' and
'no_ibss' notations to match the earlier change in nl80211.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2014-10-26 01:23:43 +03:00
Javier Lopez
01e2231fdc hostapd: Skip some configuration steps for mesh cases
Modify hostapd.c logic to add checks for valid mconf data structure:

- For hostapd_setup_bss we don't need to flush old stations in case
  we're rejoining a mesh network.

- In hostapd_setup_interface_complete, we don't need to setup the
  interface until we join the mesh (same reasoning for
  hostapd_tx_queue_params).

Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
2014-10-25 17:45:36 +03:00
Bob Copeland
f3e9899e02 mesh: Accept Action frames without BSSID match
[original patch by: Thomas Pedersen <thomas@noack.us>]
Signed-off-by: Bob Copeland <me@bobcopeland.com>
2014-10-25 17:45:35 +03:00
Bob Copeland
5f92659d88 mesh: Add mesh peering manager
The mesh peering manager establishes and maintains links among
mesh peers, tracking each peer link via a finite state machine.

This implementation supports open mesh peerings.

[assorted fixes from Yu Niiro <yu.niiro@gmail.com>]
[more fixes from Masashi Honma <masashi.honma@gmail.com>]
Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Ashok Nagarajan <ashok.dragon@gmail.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-hostap: Bob Copeland <me@bobcopeland.com>
2014-10-25 17:45:31 +03:00
Thomas Pedersen
8319e3120d mesh: Add mesh mode routines
Add routines to (de)initialize mesh interface data structures and
join and leave mesh networks.

Signed-off-by: Javier Lopez <jlopex@gmail.com>
Signed-off-by: Javier Cardona <javier@cozybit.com>
Signed-off-by: Jason Mobarak <x@jason.mobarak.name>
Signed-off-by: Thomas Pedersen <thomas@noack.us>
2014-10-25 17:43:20 +03:00
Jouni Malinen
5de748187e Fix channel switch to disable VHT with HT
If both HT and VHT was enabled on AP and channel switch event from the
driver indicated that HT was disabled, VHT was left enabled. This
resulted in the following channel configuration failing. Fix this by
disabling VHT if HT gets disabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-25 11:27:48 +03:00
Eliad Peller
8f461b50cf HT: Pass the smps_mode in AP parameters
The driver needs to know what SMPS mode it should use.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2014-10-24 01:27:31 +03:00
Eliad Peller
04ee647d58 HT: Let the driver advertise its supported SMPS modes for AP mode
Add smps_modes field, and let the driver fill it with its supported SMPS
modes (static/dynamic). This will let us start an AP with specific SMPS
mode (e.g., dynamic) that will allow it to reduce its power usage.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2014-10-24 01:25:29 +03:00
Jouni Malinen
a6b1215769 GAS: Do not reply to P2P SD query from generic GAS/ANQP server
This avoids an issue where a wpa_supplicant build with CONFIG_P2P=y and
CONFIG_HS20=y ended up processing a P2P SD query twice when operating as
a GO and sending out two replies. Only the P2P SD implementation should
reply to P2P SD query in such a case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-22 19:21:42 +03:00
Kyeyoon Park
ec8f36afca AP: Add support for BSS load element (STA Count, Channel Utilization)
The new "bss_load_update_period" parameter can be used to configure
hostapd to advertise its BSS Load element in Beacon and Probe Response
frames. This parameter is in the units of BUs (Beacon Units).

When enabled, the STA Count and the Channel Utilization value will be
updated periodically in the BSS Load element. The AAC is set to 0 sinze
explicit admission control is not supported. Channel Utilization is
calculated based on the channel survey information from the driver and
as such, requires a driver that supports providing that information for
the current operating channel.

Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-10-21 23:25:48 +03:00
Jouni Malinen
4a6cc86272 Add data test functionality
It is now possible to run hwsim_test like data connectivity test through
wpa_supplicant/hostapd control interface if CONFIG_TESTING_OPTIONS=y is
used for the build. Test functionality is enabled/disabled at runtime
with "DATA_TEST_CONFIG <1/0>". The "DATA_TEST_TX <dst> <src> <tos>"
command can be used to request a test frame to be transmitted.
"DATA-TEST-RX <dst> <src>" event is generated when the test frame is
received.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-19 20:51:45 +03:00
Andrei Otcheretianski
d66873f5cf Do not start CSA flow when CSA is not supported by the driver
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2014-10-19 15:39:59 +03:00
Jouni Malinen
f299117093 SAE: Add support for PMKSA caching on the AP side
This makes hostapd create PMKSA cache entries from SAE authentication
and allow PMKSA caching to be used with the SAE AKM.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-18 13:00:29 +03:00
Jouni Malinen
fcc306e3cc Add Acct-Multi-Session-Id into RADIUS Accounting messages
This allows multiple sessions using the same PMKSA cache entry to be
combined more easily at the server side. Acct-Session-Id is still a
unique identifier for each association, while Acct-Multi-Session-Id will
maintain its value for all associations that use the same PMKSA.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-18 10:38:17 +03:00
Jouni Malinen
aff039fada Remove duplicated Acct-Session-Id from Accounting-Request
Commit 8b24861154 ('Add Acct-Session-Id
into Access-Request messages') added Acct-Session-Id building into the
helper function shared between authentication and accounting messages.
However, it forgot to remove the same code from the generation of
accounting messages and as such, ended up with Accounting-Request
messages containing two copies of this attribute. Fix this by removing
the addition of this attribute from the accounting specific function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-18 10:35:33 +03:00
Jouni Malinen
f8995f8f1c hostapd: Allow OpenSSL cipherlist string to be configured
The new openssl_cipher configuration parameter can be used to select
which TLS cipher suites are enabled when hostapd is used as an EAP
server with OpenSSL as the TLS library.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-12 11:52:05 +03:00
Jouni Malinen
7c0e5b58f9 DFS: Check os_get_random() result
This use does not really need a strong random number, so fall back to
os_random() if a theoretical error case occurs. (CID 72682)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 19:43:36 +03:00
Jouni Malinen
24661bbadc AP: Check os_get_random() return value more consistently
While this specific case does not really care what value is used, the
the theoretical error case can be handled more consistently. (CID 72684)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 19:43:36 +03:00
Jouni Malinen
4aa01d38f5 IAPP: Avoid warnings on unused write
The hlen and len variables are identical here, but only the hlen was
used in the end. Change this to use the len variable to avoid
unnecessary static analyzer warnings about unused writes.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 18:03:38 +03:00
Jouni Malinen
e41e4f9ee3 Simplify memory allocation/freeing for static analyzers
It looks like the use of sm->wpa == WPA_VERSION_WPA2 in two locations
within the function was a bit too much for clang static analyzer to
understand. Use a separate variable for storing the allocated memory so
that it can be freed unconditionally. The kde variable can point to
either stack memory or temporary allocation, but that is now const
pointer to make the design clearer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-11 17:29:50 +03:00
Jouni Malinen
9d4ff04af3 Add external EAPOL transmission option for testing purposes
The new ext_eapol_frame_io parameter can be used to configure hostapd
and wpa_supplicant to use control interface for receiving and
transmitting EAPOL frames. This makes it easier to implement automated
test cases for protocol testing. This functionality is included only in
CONFIG_TESTING_OPTIONS=y builds.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-10 18:40:57 +03:00
Sunil Dutt
61fc90483f P2P: Handle improper WPS termination on GO during group formation
A P2P Client may be able to connect to the GO even if the WPS
provisioning step has not terminated cleanly (e.g., P2P Client does not
send WSC_Done). Such group formation attempt missed the event
notification about started group on the GO and also did not set the
internal state corresponding to the successful group formation.

This commit addresses the missing part by completing GO side group
formation on a successful first data connection if WPS does not complete
cleanly. Also, this commit reorders the STA authorization indications to
ensure that the group formation success notification is given prior to
the first STA connection to handle such scenarios.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-10 18:40:57 +03:00
Jouni Malinen
4a274f487a DFS: Allow 80+80 MHz be configured for VHT
This allows cases where neither 80 MHz segment requires DFS to be
configured. DFS CAC operation itself does not yet support 80+80, though,
so if either segment requires DFS, the AP cannot be brought up.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-10-09 14:25:55 +03:00
Jouni Malinen
eefec1e40b AES: Extend key wrap design to support longer AES keys
This adds kek_len argument to aes_wrap() and aes_unwrap() functions and
allows AES to be initialized with 192 and 256 bit KEK in addition to
the previously supported 128 bit KEK.

The test vectors in test-aes.c are extended to cover all the test
vectors from RFC 3394.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-07 14:57:06 +03:00
Jouni Malinen
a61fcc131a Clean up authenticator PMKSA cache implementation
This makes the implementation somewhat easier to understand.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
cb129db34c Clear PMKSA cache entry data when freeing them
Avoid leaving the PMK information unnecessarily in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
8c8d26aada Remove unnecessary PMKSA cache freeing step
_pmksa_cache_free_entry() is a static function that is never called with
entry == NULL, so there is no need to check for that.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
9c829900bb Fix authenticator OKC fetch from PMKSA cache to avoid infinite loop
If the first entry in the PMKSA cache did not match the station's MAC
address, an infinite loop could be reached in pmksa_cache_get_okc() when
trying to find a PMKSA cache entry for opportunistic key caching cases.
This would only happen if OKC is enabled (okc=1 included in the
configuration file).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
47ea24c13d Fix PMKSA cache timeout from Session-Timeout in WPA/WPA2 cases
Previously, WPA/WPA2 case ended up using the hardcoded
dot11RSNAConfigPMKLifetime (43200 seconds) for PMKSA cache entries
instead of using the Session-Timeout value from the RADIUS server (if
included in Access-Accept). Store a copy of the Session-Timeout value
and use it instead of the default value so that WPA/WPA2 cases get the
proper timeout similarly to non-WPA/WPA2 cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Kyeyoon Park
39323bc16a AP: hostapd_setup_bss() code clean-up
Signed-off-by: Kyeyoon Park <kyeyoonp@qca.qualcomm.com>
2014-09-29 13:10:13 +03:00
Philippe De Swert
375f4a3b5a hostapd: Avoid dead code with P2P not enabled
In case P2P is not enabled the if (dev_addr) is always ignored as
dev_addr will be NULL. As this code is relevant only to P2P, it can be
moved to be the ifdef to avoid static analyzer warnings. (CID 72907)

Signed-off-by: Philippe De Swert <philippe.deswert@jollamobile.com>
2014-09-28 20:47:06 +03:00
Stefan Lippers-Hollmann
8c6f4a5a50 ap_config.c: fix typo for "capabilities"
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
2014-09-28 11:03:48 +03:00
Sunil Dutt
c53a9bf818 Check for driver's DFS offload capability before handling DFS
This fixes couple of code paths where the WPA_DRIVER_FLAGS_DFS_OFFLOAD
flag was not checked properly and unexpected DFS operations were
initiated (and failed) in case the driver handles all these steps.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-22 16:50:28 +03:00
Darshan Paranji Sri
e4474c1c20 FT: Fix hostapd with driver-based SME to authorize the STA
The driver-based SME case did not set STA flags properly to the kernel
in the way that hostapd-SME did in ieee802_11.c. This resulted in the FT
protocol case not marking the STA entry authorized. Fix that by handling
the special WLAN_AUTH_FT case in hostapd_notif_assoc() and also add the
forgotten hostapd_set_sta_flags() call to synchronize these flag to the
driver.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-12 18:46:56 +03:00
Jouni Malinen
04a258e7c5 hostapd: Check that EVENT_ASSOC data is present before using it
While hostapd should not really receive the EVENT_ASSOC message for
IBSS, driver_nl80211.c could potentially generate that if something
external forces the interface into IBSS mode and the IBSS case does not
provide the struct assoc_info data. Avoid the potential NULL pointer
dereference by explicitly verifying for the event data to be present.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-08-26 17:23:02 +03:00
Jouni Malinen
6c460eaf7e Add RSN cipher/AKM suite attributes into RADIUS messages
This adds hostapd support for the new WLAN-Pairwise-Cipher,
WLAN-Group-Cipher, WLAN-AKM-Suite, and WLAN-Group-Mgmt-Pairwise-Cipher
attributes defined in RFC 7268. These attributes are added to RADIUS
messages when the station negotiates use of WPA/RSN.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-31 19:55:29 +03:00
Jouni Malinen
cdffd72173 Add WLAN-HESSID into RADIUS messages
This adds hostapd support for the new WLAN-HESSID attribute defined in
RFC 7268. This attribute contains the HESSID and it is added whenever
Interworking is enabled and HESSID is configured.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-31 19:55:29 +03:00
Jouni Malinen
69002fb0a8 Add Mobility-Domain-Id into RADIUS messages
This adds hostapd support for the new Mobility-Domain-Id attribute
defined in RFC 7268. This attribute contains the mobility domain id and
it is added whenever the station negotiates use of FT.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-31 19:55:29 +03:00
Jouni Malinen
c0e46bb7d4 DFS: Remove dead assignment
set_dfs_state() return value is not currently checked anywhere, so
remove the dead assignment to avoid static analyzer complaints.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-03 00:51:47 +03:00
Jouni Malinen
b7175b4d02 Clear hostapd configuration keys explicitly
Use an explicit memset call to clear any hostapd configuration parameter
that contains private information like keys or identity. This brings in
an additional layer of protection by reducing the length of time this
type of private data is kept in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-02 12:38:48 +03:00
Jouni Malinen
164a453f9b FT: Debug print extra response data
This shows any extra data from FT response and also avoids a static
analyzer warning on dead increment.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-02 12:38:48 +03:00
Jouni Malinen
0233dcac5b SAE: Use os_memcmp_const() for hash/password comparisons
This makes the implementation less likely to provide useful timing
information to potential attackers from comparisons of information
received from a remote device and private material known only by the
authorized devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-02 12:38:48 +03:00
Jouni Malinen
34ef46ce54 WEP shared key: Use os_memcmp_const() for hash/password comparisons
This makes the implementation less likely to provide useful timing
information to potential attackers from comparisons of information
received from a remote device and private material known only by the
authorized devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-02 12:38:48 +03:00
Jouni Malinen
870834a19b RSN authenticator: Use os_memcmp_const() for hash/password comparisons
This makes the implementation less likely to provide useful timing
information to potential attackers from comparisons of information
received from a remote device and private material known only by the
authorized devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-02 12:38:47 +03:00
Michal Kazior
5841958f26 hostapd: Use channel switch fallback on error
It's worth giving a try to fallback to re-starting BSSes at least once
hoping it works out instead of just leaving BSSes disabled.

Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
2014-06-28 11:13:11 +03:00
Michal Kazior
8974620e3e hostapd: Perform multi-BSS CSA for DFS properly
Currently hostapd data structures aren't ready for multi-channel BSSes,
so make DFS work now at least with single-channel multi-BSS channel
switching.

Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
2014-06-28 11:08:16 +03:00
Michal Kazior
6782b6846b hostapd: Move CSA parameters to hostapd_data
This prepares CSA structure and logic in hostapd for multi-BSS channel
switching.

Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
2014-06-28 11:02:39 +03:00
Pontus Fuchs
dedfa440ed Print frame type name in debug output
"stype=4" becomes "stype=4 (WLAN_FC_STYPE_PROBE_REQ)" etc.

Signed-off-by: Pontus Fuchs <pontus.fuchs@gmail.com>
2014-06-22 00:51:39 +03:00
Jouni Malinen
35cbadbb14 VHT: Remove useless validation code from Operating Mode Notification
This was added by commit 8a45811638
('hostapd: Add Operating Mode Notification support'), but the validation
steps cannot be true either for the channel width (which is a two-bit
subfield that cannot encode more than the list four values) or Rx NSS
(which cannot encode a value larger 7). Furthermore, the VHT_CHANWIDTH_*
defines do not match the definition of the Channel Width subfield
values.

Since this check cannot ever match, it is better to remove it to make
the code easier to understand and to avoid getting complaints about dead
code from static analyzers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-18 00:45:48 +03:00
Amarnath Hullur Subramanyam
cf1600ace4 hostapd: Configure driver ACL even if MAC address list is empty
Earlier commit related to MAC address based access control list
offloaded to the driver was not sending ACL configuration to the driver
if the MAC address list was empty. Remove this check as empty access
control list is a valid use case and sending ACL parameters should not
be dependent on whether the list is empty.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-06-16 16:22:36 +03:00
Jouni Malinen
da995b2e11 WNM: Use cleaner way of generating pointer to a field (CID 68099)
The Action code field is in a fixed location, so the IEEE80211_HDRLEN
can be used here to clean up bounds checking to avoid false reports from
static analyzer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-13 00:27:15 +03:00
Jouni Malinen
062833c67c GAS server: Fix request frame length validation (CID 68098)
There seemed to be an off-by-one error in the validation of GAS request
frames. If a Public Action frame without the Action code field would
have reached this function, the length could have been passed as
(size_t) -1 which would likely have resulted in a crash due to reading
beyond the buffer. However, it looks like such frame would not be
delivered to hostapd at least with mac80211-based drivers. Anyway, this
function better be more careful with length validation should some other
driver end up reporting invalid Action frames.

In addition, the Action code field is in a fixed location, so the
IEEE80211_HDRLEN can be used here to clean up bounds checking to avoid
false reports from static analyzer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-13 00:27:15 +03:00
Jouni Malinen
5ce3ae4c8f HT: Use cleaner way of generating pointer to a field (CID 68097)
The Action code field is in a fixed location, so the IEEE80211_HDRLEN
can be used here to clean up bounds checking to avoid false reports from
static analyzer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-13 00:27:15 +03:00
Jouni Malinen
1fde15a20a GAS server: Explicitly check that home realm is available
This makes the code easier to understand for static analyzers to avoid
false reports.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-07 19:05:33 +03:00
Jouni Malinen
aff0bee78a GAS server: Remove unused function parameter
This parameter was not used at all, so just remove the argument instead
of passing NULL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-07 19:04:17 +03:00
Jouni Malinen
bc32bb70d7 Make a code path easier for static analyzers to understand
prev cannot be NULL here in the hostapd_eid_country_add() call since
prev is set whenever start becomes non-NULL. That seems to be a bit too
difficult for some static analyzers, so check the prev pointer
explicitly to avoid false warnings.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-07 15:37:31 +03:00
Darshan Paranji Sri
95b6bca66d Add rsn_pairwise bits to set_ieee8021x() driver_ops
This fixes an issue where a driver using the deprecated set_ieee8021x()
callback did not include rsn_pairwise bits in the driver configuration
even if mixed WPA+WPA2 configuration was used. This could result, e.g.,
in CCMP not being enabled properly when wpa_pairwise=TKIP and
rsn_pairwise=CCMP was used in the configuration. Fix this by using
bitwise OR of the wpa_pairwise and rsn_pairwise values to allow the
driver to enable all pairwise ciphers.

In addition, make the newer set_ap() driver_ops use the same bitwise OR
design instead of picking between rsn_pairwise and wpa_pairwise. This
makes the code paths consistent and can also fix issues with mixed mode
configuration with set_ap().

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-06-03 13:59:22 +03:00
Jouni Malinen
3d4d2348c0 FT: Fix GTK rekeying after FT protocol
Move to PTKINITDONE state and mark PTK valid after successful completion
of FT protocol. This allows the AP/Authenticator to start GTK rekeying
when FT protocol is used. Previously, the station using FT protocol did
not get the new GTK which would break delivery of group addressed
frames.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-01 13:21:40 +03:00
Jouni Malinen
d92bdf9602 hostapd: Make sure hapd->drv_priv gets cleared on driver deinit
Couple of code paths in hostapd.c could have left hapd->drv_priv
pointing to memory that was freed in driver_nl80211.c when a secondary
BSS interface is removed. This could result in use of freed memory and
segfault when the next driver operation (likely during interface
deinit/removal). Fix this by clearing hapd->drv_priv when there is
reason to believe that the old value is not valid within the driver
wrapper anymore.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-31 17:11:04 +03:00
Jouni Malinen
438e13339d hostapd: Use helper function to avoid duplicate deinit calls
These three calls were used already in three different paths. Use a
helper function to avoid adding even more copies of this.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-31 15:57:36 +03:00
Michal Kazior
ac1a224092 hostapd: Clean up if interface setup fails
If for some reason interface setup fails mid-way when setting up
multi-BSS AP it was possible to get segmentation fault because driver
was not properly cleaned up.

One possible trigger, when using nl80211 driver, was udev renaming an
interface created by hostapd causing, e.g., linux_set_iface_flags() to
fail.

Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
2014-05-31 15:53:56 +03:00
Michal Kazior
81c4fca100 hostapd: Reset hapd->interface_add properly
This variable is updated when calling hostapd_if_add(), so it makes
sense to do the same thing when calling hostapd_if_remove().

Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
2014-05-31 15:49:38 +03:00
Michal Kazior
3fbd036ea9 hostapd: Prevent double interface disabling from segfaulting
Performing, e.g. `wpa_cli -p /var/run/hostapd raw DISABLE` twice led to
hostapd segmentation fault if multiple BSSes were configured. Fix this
by checking if there is anything to disable at all before trying.

Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
2014-05-31 15:46:45 +03:00
Jouni Malinen
5d67bf1566 hostapd: Fix configuration of multiple RADIUS servers with SET
The current RADIUS server pointer was updated after each SET command
which broke parsing of multiple RADIUS servers over the control
interface. Fix this by doing the final RADIUS server pointer updates
only once the full configuration is available.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-30 20:40:11 +03:00
Jouni Malinen
d73c7b9626 GAS: Send error response if no room for pending dialog context
Instead of silently dropping the response that requires fragmentation,
send an error response to the station to make it aware that no full
response will be available.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-26 17:21:43 +03:00
Jouni Malinen
10b58b5029 TNC: Allow TNC to be enabled dynamically
Previously, hostapd had to be started with at least one of the
configuration files enabling TNC for TNC to be usable. Change this to
allow TNC to be enabled when the first interface with TNC enabled gets
added during runtime.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-05-17 20:05:55 +03:00
Rajkumar Manoharan
f41d55da02 hostapd: Check for overlapping 20 MHz BSS before starting 20/40 MHz BSS
Before starting a 20/40 MHz BSS on the 2.4 GHz band, a 40-MHz-capable HT
AP is required by the rules defined in IEEE Std 802.11-2012 10.15.5 to
examine the channels of the current operational regulatory domain to
determine whether the operation of a 20/40 MHz BSS might unfairly
interfere with the operation of existing 20 MHz BSSs. The AP (or some of
its associated HT STAs) is required to scan all of the channels of the
current regulatory domain in order to ascertain the operating channels
of any existing 20 MHz BSSs and 20/40 MHz BSSs. (IEEE 802.11-2012 S.5.2
Establishing a 20/40 MHz BSS).

Add the check for an overlapping 20 MHz BSS to the initial AP scan for
the P == OT_i case in 10.15.3.2.

Signed-off-by: Rajkumar Manoharan <rmanohar@qti.qualcomm.com>
2014-05-16 01:14:01 +03:00
Petar Koretic
c78c6b73fa WPS: Fix return value when context is not valid
If WPS isn't enabled, hostapd_cli returns 'OK' even though WPS doesn't
get activated because WPS context is not valid:

$ hostapd_cli wps_pbc
Selected interface 'wlan0'
OK

$ hostapd_cli wps_cancel
Selected interface 'wlan0'
OK

Fix this by returning appropriate error when WPS fails to activate:

$ hostapd_cli wps_pbc
Selected interface 'wlan0'
FAIL

$ hostapd_cli wps_cancel
Selected interface 'wlan0'
FAIL

Signed-off-by: Petar Koretic <petar.koretic@sartura.hr>
CC: Luka Perkov <luka.perkov@sartura.hr>
2014-05-16 00:58:48 +03:00
Jouni Malinen
c0333c8dd5 Check rx_mgmt::frame more consistently against NULL
If a driver wrapper misbehaves and does not indicate a frame body in the
event, core hostapd code should handle this consistently since that case
was already checked for in one location.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-29 12:52:10 +03:00
Jouni Malinen
d6c6b1fb9d Make sta NULL-check easier for static analyzers
sta == NULL check is already done above based on category !=
WLAN_ACTION_PUBLIC, but that seems to be too complex for some static
analyzers, so avoid invalid reports by explicitly checking for this
again in the WLAN_ACTION_FT case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-29 12:52:10 +03:00
Jouni Malinen
ee4fefc015 Remove duplicated variable zeroing
It's enough to do this once as part of the for loop.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-29 12:52:10 +03:00
Jouni Malinen
4a9d0ebe4a Make PMKID check easier for static analyzers
Checking sm->pmksa is sufficient here, but that seems to be too
difficult for static analyzers to follow, so avoid false reports by
explicitly checking pmkid as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-29 12:52:10 +03:00
Jouni Malinen
06df2aa60a Remove floating constant suffix 'd' from test coee
clang scan-build does not seem to like the 'd' suffix on floating
constants and ends up reporting analyzer failures. Since this suffix
does not seem to be needed, get rid of it to clear such warnings.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-29 12:52:10 +03:00
Peng Xu
5f0bca77a8 Retry initial 20/40 MHz co-ex scan if the driver is busy
This makes the initial OBSS scans in AP mode before starting 40 MHz BSS
more robust. In addition, HT20 can be used as a backup option if none of
the scans succeed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-04-29 12:52:09 +03:00
Peng Xu
587d60d2b7 Add AP mode support for HT 20/40 co-ex Action frame
If a 2.4 GHz band AP receives a 20/40 Coexistence management frame from
a connected station with 20/40 BSS Intolerant Channel Report element
containing the channel list in which any legacy AP are detected or AP
with 40 MHz intolerant bit set in HT Cap IE is detected in the affected
range of the BSS, the BSS will be moved from 40 to 20 MHz channel width.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-04-29 12:52:09 +03:00
Peng Xu
9c47f6a2a6 hostapd: Extend support for HT 20/40 coexistence feature
Extend the minimal HT 20/40 co-ex support to include dynamic changes
during the lifetime of the BSS. If any STA connects to a 2.4 GHz AP with
40 MHz intolerant bit set then the AP will switch to 20 MHz operating
mode.

If for a period of time specified by OBSS delay factor and OBSS scan
interval AP does not have any information about 40 MHz intolerant STAs,
the BSS is switched from HT20 to HT40 mode.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-04-29 12:52:09 +03:00
Peng Xu
196c9c7cd2 Make channel parameters available in set_ap() driver operation
This provides information to allow the driver to be configured for
updated channel parameters, e.g., when dynamically changing HT20/HT40
bandwidth.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-04-29 12:16:51 +03:00
Maxime Bizon
2aa82e52da Interworking: Don't filter probe requests when interworking is disabled
With hidden SSID (ignore_broadcast_ssid), an IOS device trying to
connect to the AP will send a probe request with ANT == 2. If
interworking support is just compiled (not enabled), we will drop the
probe request since default ANT is 0.

Check that interworking is enabled before filtering based on ANT or
HESSID to match the behavior of code without CONFIG_INTERWORKING.

Signed-off-by: Maxime Bizon <mbizon@freebox.fr>
2014-04-24 12:15:32 +03:00
Marek Puzyniak
8a0f3bf613 AP: Fix checking if DFS is required
Sometimes function hostapd_is_dfs_required() returns -1 which indicates
that it was not possible to check if DFS was required. This happens for
channels from the 2.4 GHz band where DFS checking should not happen.
This can be fixed by returning DFS-not-required for mode different from
IEEE80211A and when DFS support is not available (ieee80211h not set).

Signed-off-by: Marek Puzyniak <marek.puzyniak@tieto.com>
2014-04-17 17:12:52 +03:00
Jouni Malinen
5583b8d1eb Document and rename HT Capability/Operation fields
This makes the definitions match the terminology used in IEEE Std
802.11-2012 and makes it easier to understand how the HT Operation
element subfields are used.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-04-07 22:45:11 +03:00
Jouni Malinen
1dde5b5cdd Remove PSMP option from ht_capab
This was used to fill in the "PSMP support" subfield that was defined
during P802.11n development. However, this subfield was marked reserved
in the published IEEE Std 802.11n-2009 and it is not supported by
current drivers that use hostapd for SME either. As such, there is not
much point in maintaining this field as ht_capab parameter within
hostapd either.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-04-07 22:02:14 +03:00
Jouni Malinen
dc39004318 WPS: Remove unused WEP related functionality
Now that WPS 2.0 support is enabled unconditionally, WEP and Shared auth
type are not allowed. This made some of the older code unused and that
can now be removed to clean up the implementation. There is still one
place where WEP is allowed for testing purposes: wpa_supplicant as
Registrar trying to configure an AP to use WEP. That is now only allowed
in CONFIG_TESTING_OPTIONS=y builds, though.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-04-06 12:31:45 +03:00
Jouni Malinen
8943cc998a RADIUS server: Add support for MAC ACL
"user" MACACL "password" style lines in the eap_user file can now be
used to configured user entries for RADIUS-based MAC ACL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 19:31:56 +02:00
Jouni Malinen
dc87541e1e Clean up debug print for PSK file search
p2p_dev_addr was not NULL, so the all zeros case was printed as well.
Clean this up by printing p2p_dev_addr in debug prints only if it is a
real P2P Device Address.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-29 09:50:51 +02:00
Janusz Dziedzic
bbbacbf2f8 DFS: Print CAC info in ctrl_iface STATUS command
Print CAC time and CAC left time in control interface STATUS command.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-03-28 23:02:45 +02:00
Avraham Stern
3ae8b7b7a2 hostapd: Add vendor command support
Add support of vendor command to hostapd ctrl_iface.
Vendor command's format:
VENDOR <vendor id> <sub command id> [<hex formatted data>]

The 3rd argument will be converted to binary data and then passed as
argument to the sub command.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-03-27 15:28:44 +02:00
Pawel Kulakowski
74a1319e50 Fix issue with incorrect secondary_channel in HT40/HT80
When primary and secondary channel were switched and config was
reloaded, secondary channel was incorrectly overwritten.

Proceed as for other settings that should not be changed and don't
allow to overwrite.

Signed-off-by: Pawel Kulakowski <pawel.kulakowski@tieto.com>
2014-03-27 15:22:39 +02:00
Jouni Malinen
c201f93a9e WPS: Enable WSC 2.0 support unconditionally
There is not much point in building devices with WPS 1.0 only supported
nowadays. As such, there is not sufficient justification for maintaining
extra complexity for the CONFIG_WPS2 build option either. Remove this by
enabling WSC 2.0 support unconditionally.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 18:33:21 +02:00
Jouni Malinen
4d1e38be9e ACS: Fix number of error path issues
Especially when multiple BSSes are used with ACS, number of the error
paths were not cleaning up driver initialization properly. This could
result in using freed memory and crashing the process if ACS failed.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-25 13:12:29 +02:00
Jouni Malinen
692ec3058b FT: Add support for postponing FT response
If the PMK-R1 needs to be pulled for the R0KH, the previous
implementation ended up rejecting the over-the-air authentication and
over-the-DS action frame unnecessarily while waiting for the RRB
response. Improve this by postponing the Authentication/Action frame
response until the pull response is received.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-23 18:31:06 +02:00
Jouni Malinen
70c35233ae WPS: Comment out unused AP WEP config write with WPS 2.0
The main WPS code rejects WEP parameters, so this code is not used and
can be commented out from WPS 2.0 builds. This is similar to the earlier
commit that commented out in-memory update.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-22 23:31:39 +02:00
Amar Singhal
70634eec0c hostapd: Check driver DFS offload capability for channel disablement
If the driver supports full offloading of DFS operations, do not disable
a channel marked for radar detection. The driver will handle the needed
operations for such channels.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-22 21:31:15 +02:00
Jouni Malinen
a500f3102f WPS: Comment out unused AP WEP config update with WPS 2.0
The main WPS code rejects WEP parameters, so this code is not used and
can be commented out from WPS 2.0 builds.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-22 19:22:10 +02:00
Jouni Malinen
1d4fe3bcbc Remove unnecessary parameter validation
This is dead code since this helper function is always called with
non-NULL pointer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-22 16:25:28 +02:00
Pawel Kulakowski
513dcec656 Don't overwrite channel on hostapd config reload
There was possibility that the current channel in Beacon information
element was incorrectly set. This problem was easily observed when
primary and secondary channel were switched and then some of hostapd
settings (for example password) were changed using WPS External
Registrar. This caused hostapd_reload_config() function overwrite the
current channel information from config file.

This patch prevents this situation and does not allow to overwrite
channel and some other settings when config is reloaded.

Signed-off-by: Pawel Kulakowski <pawel.kulakowski@tieto.com>
2014-03-21 23:30:57 +02:00
Jouni Malinen
20ff2642e1 WPS: Clear WPS data on init failure
It was possible for hapd->wps_beacon_ie and hapd->wps_probe_resp_ie to
be set if WPS initialization in hostapd failed after having set these
parameters (e.g., during UPnP configuration). In addition, many of the
other WPS configuration parameters that were allocated during the first
part of the initialization were not properly freed on error paths.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-21 13:23:23 +02:00
Jouni Malinen
f4e3860f8a Fix AP mode default TXOP Limit values for AC_VI and AC_VO
These were previous set to 3.0 and 1.5 ms which ended up using values 93
and 46 in 36 usec inits. However, the default values for these are
actually defined as 3.008 ms and 1.504 ms (94/47) and those values are
also listed in the hostapd.conf example.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-17 18:48:40 +02:00
Michal Kazior
c3722e1241 ACS: Fix VHT20
The center segment0 calculation for VHT20 ACS was incorrect. This caused
ACS to fail with: "Could not set channel for kernel driver".

Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
2014-03-15 19:04:31 +02:00
Jouni Malinen
49b74430d9 Fix HT40 co-ex scan for some pri/sec channel switches
Secondary channel was compared incorrectly (-4/4 vs. actual channel
number) which broke matching neighboring 40 MHz BSSes and only the
no-beacons-on-secondary-channel rule was applied in practice. Once
sec_chan was fixed, this triggered another issue in this function where
both rules to switch pri/sec channels could end up getting applied in a
way that effectively canceled the switch.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-15 19:04:31 +02:00
Jouni Malinen
5bdac4abce Remove unused STA entry information
previous_ap and last_assoc_req were not really used for anything
meaninful, so get rid of them to reduce the size of per-STA memory
allocation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-15 09:57:10 +02:00
Jouni Malinen
c9d9ee94e5 Fix hostapd_add_iface error path to deinit partially initialized BSS
It was possible for the control interface and some of the BSS setup to
be left partially initialized in failure cases while the BSS structures
were still freed. Fix this by properly cleaning up anything that may
have passed initialization successfully before freeing memory.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-14 21:58:46 +02:00
Jouni Malinen
8dd9f9cdde Allow management group cipher to be configured
This allows hostapd to set a different management group cipher than the
previously hardcoded default BIP (AES-128-CMAC). The new configuration
file parameter group_mgmt_cipher can be set to BIP-GMAC-128,
BIP-GMAC-256, or BIP-CMAC-256 to select one of the ciphers defined in
IEEE Std 802.11ac-2013.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-14 21:58:45 +02:00
Paul Stewart
db63757dbc hostapd: Supply default parameters for OBSS scan
For some client OBSS implementations that are performed in
firmware, all OBSS parameters need to be set to valid values.
Do this, as well as supplying the "20/40 Coex Mgmt Support"
flag in the extended capabilities IE.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2014-03-14 21:49:08 +02:00
Johannes Berg
67e1a402df hostapd: For VHT 20/40, allow center segment 0 to be zero
The 802.11ac amendment specifies that that the center segment 0 field
is reserved, so it should be zero. Hostapd previously required it to
be set, which is likely a good idea for interoperability, but allow it
to be unset. However, don't allow it to be set to a random value, only
allow zero and the correct channel.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2014-03-14 17:07:17 +02:00
Jouni Malinen
d0bf06f2d9 GAS server: Remove incomplete remote ANQP processing
Some of the remote ANQP server concepts were introduces into gas_serv.c,
but these were not completed. Remote the unused implementation for now.
It can be added back if support for remote ANQP server is added at some
point.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-13 21:12:39 +02:00
Jouni Malinen
ce6b9cd482 Allow reason code to be specified for DEAUTH/DISASSOC test frame
hostapd DEAUTHENTICATE and DISASSOCIATE control interface commands
accepted both a test=<0/1> and reason=<val> parameters, but these were
not supported in the same command as a combination. Move the code around
a bit to allow that as well since it can be helpful for automated test
scripts.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-13 01:26:09 +02:00
Jouni Malinen
0f23a5e7d6 Mark AP disabled if initialization steps fail
Previously, some of the last initialization steps could fail without
clearly marking the interface disabled. For example, configuring the
channel to the driver could fail, but hostapd would not clearly identify
as the interface not being in functional state apart from not moving it
to the ENABLED state. Send an AP-DISABLED event and mark interface state
DISABLED if such a setup operation fails.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-12 13:55:05 +02:00
Ben Greear
7450c1287d DFS: Add extra debugging messages
This might help someone realize why their hostapd config isn't working
properly.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2014-03-11 19:26:48 +02:00
Simon Wunderlich
1d91f504e4 hostapd: Process management frames only once per BSS
At least in nl80211, broadcast management frames like Probe Request
frames, may be processed multiple times per BSS if multi-BSS is active
and NL80211_CMD_FRAME event is used to deliver them. In the case of
Probe Request frames, hostapd will create multiple redundant Probe
Response frames which are problematic when many BSS are on one channel.

This problem is caused by driver_nl80211 generating an event for
wpa_supplicant_event() for each BSS, and hostapd_mgmt_rx() calls
ieee802_11_mgmt() for each BSS, too.

Fix this by processing broadcast events only for the BSS the driver
intended to. The behavior is not changed for drivers not setting a BSS.

Signed-hostap: Simon Wunderlich <simon@open-mesh.com>
2014-03-11 19:07:25 +02:00
Simon Wunderlich
e070051207 hostapd: Allow to switch to usable DFS channels
If channels are "available", change to "usable" DFS channels as a
fallback, too. This requires CAC, but it is still better to do that
instead of stopping service completely.

Signed-hostap: Simon Wunderlich <sw@simonwunderlich.de>
2014-03-11 19:04:15 +02:00
Simon Wunderlich
01b99998bd hostapd: Allow to switch to DFS channels if available
If DFS channels are marked as "available", an AP can switch to them
immediately without performing CAC. Therefore, the channel selection
function should consider these channels even though these are radar
channels.

Signed-hostap: Simon Wunderlich <sw@simonwunderlich.de>
2014-03-11 19:01:44 +02:00
Simon Wunderlich
70ee1be248 hostapd: Add config option chanlist for DFS channels
Different channels allow different transmission power, at least in ETSI
countries. Also, ETSI requires a "channel plan" for DFS operation, and
channels should be randomly choosen from these channels.

Add a channel list configuration option for users to add channels
hostapd may pick from.

Signed-hostap: Simon Wunderlich <sw@simonwunderlich.de>
2014-03-11 18:59:40 +02:00
Jouni Malinen
3b9c5176d1 Fix PTK derivation for CCMP-256 and GCMP-256
Incorrect PTK length was used in PMK-to-PTK derivation and the Michael
MIC TX/RX key swapping code was incorrectly executed for these ciphers
on supplicant side.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-11 15:00:09 +02:00
Jouni Malinen
b465f5d3a1 Remove unused hostapd_wep_key_cmp()
The only user was removed five years ago in commit
fb6d357532.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-10 10:27:58 +02:00
Jouni Malinen
8a57da7e28 RADIUS server: Add option for storing log information to SQLite DB
If eap_user_file is configured to point to an SQLite database, RADIUS
server code can use that database for log information.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-09 18:21:13 +02:00
Jouni Malinen
ec33bc67f8 Enable RADIUS message dumps with excessive debug verbosity
Previously, this was enabled only at msgdump verbosity level, but any
level that is more verbose than it should also be included.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-08 11:35:08 +02:00
Jouni Malinen
226e3579f9 Revert "bridge: Track inter-BSS usage"
This reverts commit 4345fe963e. That
introduced number of memory leaks and since the rest of the VLAN changes
did not yet go in, it is easier to revert this for now and bring back
the changes after fixes if there is sufficient interest for them in the
future.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-08 11:35:08 +02:00
Jouni Malinen
d0ee16edc8 Allow arbitrary RADIUS attributes to be added into Access-Accept
This extends the design already available for Access-Request packets to
the RADIUS server and Access-Accept messages. Each user entry can be
configured to add arbitrary RADIUS attributes.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-08 11:35:08 +02:00
Jouni Malinen
0ac3876627 Fix PMF protect disconnection on session timeout
Request the driver to send a Deauthentication frame before doing
any other disconnection steps on the session timeout path. This is
needed when PMF is negotiated for the association since the driver
will need to find the STA entry and the PTK for it to be able to
protect the robust Deauthentication frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-07 23:24:54 +02:00
Pawel Kulakowski
185677b74c Disable interface if ACS fails
In case of Automatic Channel Selection (ACS) failure, we do not have a
real fallback path. Interface still remains in ACS state. To reflect we
did not succeed with ACS, simply disable the interface and indicate this
to user/upper layer entity so that a suitable recovery or error
notification can be performed.

Signed-off-by: Pawel Kulakowski <pawel.kulakowski@tieto.com>
2014-03-06 23:12:33 +02:00
Jouni Malinen
95faa36ad9 HS 2.0R2: Check for OSEN when determining whether to authorize STA
handle_assoc_cb() got this addition, but the check in
hostapd_new_assoc_sta() was not modified to be aware of the OSEN special
case for EAPOL state machines to be used for marking a STA authorized.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-06 22:48:37 +02:00
Sunil Dutt Undekari
113318ad57 Set the station to authorized on assoc event for open authentication
This was done in handle_assoc_cb() in ieee802_11.c for drivers that use
hostapd SME/MLME. However, drivers that include SME/MLME implementation
do not use that function and the STA flag needs to be set when
processing the association notification. This is needed to get the STA
entry into showing the proper authorized state and to get the
AP-STA-CONNECTED/DISCONNECTED events on the control interface.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-03-06 22:45:15 +02:00
Bartosz Markowski
905828fea4 hostapd: Fix vht_capab 'Maximum A-MPDU Length Exponent' handling
As per IEEE Std 802.11ac-2013, 'Maximum A-MPDU Length Exponent' field
value is in the range of 0 to 7. Previous implementation assumed EXP0 to
be the maximum length (bits 23, 24 and 25 set) what is incorrect.

This patch adds options to set it up within the 0 to 7 range.

Signed-off-by: Bartosz Markowski <bartosz.markowski@tieto.com>
2014-03-06 00:09:37 +02:00
Michal Kazior
89de64c5c0 ACS: Fix VHT80 segment picking
For example, the previous implementation considered [44, 48, 52, 56] to
be a valid VHT80 channel -- which it is not. This resulted in, e.g.,
failure to start CAC when channels on overlapped segments included DFS
channels.

Add a check similar to the HT40 one to prevent that. The check is
performed this way as the ACS implementation assumes the primary channel
to be the first channel in a given segment.

Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
2014-03-06 00:01:29 +02:00
Janusz Dziedzic
1f37483416 DFS: Print error in case CAC fails
Previously, we printed this message as a debug one, which was confusing
in case verbose debug messages were disabled. User could think CAC
started but never ended. Add more parameterss to DFS_EVENT_CAC_START, so
external programs can more easily check what was wrong in case of
errors.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-03-05 23:59:04 +02:00
Moshe Benji
354c903f8e AP/GO interface teardown optimization
This commit adds an option to optimize AP teardown by leaving the
deletion of keys (including group keys) and stations to the driver.

This optimization option should be used if the driver supports stations
and keys removal when stopping an AP.

For example, the optimization option will always be used for cfg80211
drivers since cfg80211 shall always remove stations and keys when
stopping an AP (in order to support cases where the AP is disabled
without the knowledge of wpa_supplicant/hostapd).

Signed-off-by: Moshe Benji <moshe.benji@intel.com>
2014-03-05 23:57:02 +02:00
Rahul Jain
8bc4372f37 Use P2P_IE_VENDOR_TYPE more consistently
Previously, both this and combination of OUI_WFA and P2P_OUI_TYPE were
used. Using the full 32-bit value as a single operation saves a bit in
code size, so start moving towards using it more consistently when
writing or finding the P2P vendor specific element.

Signed-off-by: Rahul Jain <rahul.jain@samsung.com>
2014-03-05 23:36:54 +02:00
Jouni Malinen
5f7e1c06cd Redirect more frames with ext_mgmt_frame_handling=1
This allows Action frames from not-associated stations to be processed
by external test tools.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-02 17:15:12 +02:00
Jouni Malinen
78789d95b4 Remove unnecessary variable initialization
The following if statements set the new_op_mode value in all cases,
so there is no need to initialize this to 0 first. This removes a
static analyzer warning.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-02 17:15:12 +02:00
Jouni Malinen
e997bc75dd Remove a static analyzer warning about unused variable write
The pos variable was not used between its first and second assignment.
Clean this up by using the pos variables instead of the buf (start of
the buffer).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-02 17:15:12 +02:00
Jouni Malinen
7b6e81575f Clean up hostapd add_iface error path operations
If hapd_iface->bss[i] == NULL, this could have resulted in NULL pointer
dereference in the debug print. Avoid this by skipping the message in
case of NULL pointer. In addition, clear iface->bss[i] to NULL for
additional robustness even though this array gets freed immediately.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-02 17:15:12 +02:00
Jouni Malinen
3d91a0470f DFS: Make sure center frequency is always initialized for VHT
This seemed to be fine on most code paths, but the code was complex
enough to make the analysis difficult (and a bit too much for static
analyzers). There is no harm in forcing these parameters to be
initialized, so do that to make sure they cannot be left uninitialized.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-02 17:15:12 +02:00
Jouni Malinen
ca412c7a38 Remove unreachable return statement
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-02 10:35:33 +02:00
Jouni Malinen
b908c50a81 Clear hostapd bss entry to NULL on add-interface-failure
It looks like leaving behind the freed pointed at the end of the array
could end up in a crash triggered by double free in some cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-03-01 00:38:04 +02:00
Jouni Malinen
8d2a9921af HS 2.0R2: RADIUS server support to request Subscr Remediation
The new hostapd.conf parameter subscr_remediation_url can be used to
define the URL of the Subscription Remediation Server that will be added
in a WFA VSA to Access-Accept message if the SQLite user database
indicates that the user need subscription remediation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:25 +02:00
Jouni Malinen
ae6d15c722 HS 2.0R2 AP: Add OSU Providers list ANQP element
hostapd can now be configured to advertise OSU Providers with the
new osu_* confgiuration parameters.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:25 +02:00
Jouni Malinen
f7bd7a01a8 HS 2.0R2 AP: Add Icon Request and Icon binary File ANQP elements
hostapd can now be configured to provide access for icon files
(hs20_icon config file parameter) for OSU. The hs20_icon data contains
additional meta data about the icon that is not yet used, but it will be
needed for the OSU Providers list ANQP element.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:25 +02:00
Jouni Malinen
97596f8ed4 HS 2.0R2 AP: Add support for Session Info URL RADIUS AVP
If the authentication server includes the WFA HS 2.0 Session Info URL
AVP in Access-Accept, schedule ESS Disassociation Imminent frame to be
transmitted specified warning time prior to session timeout.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:24 +02:00
Jouni Malinen
8e1146d9da HS 2.0R2 AP: Add support for deauthentication request
If the RADIUS server includes deauthentication request in Access-Accept,
send a WNM-Notification frame to the station after 4-way handshake and
disconnect the station after configurable timeout.

A new control interface command, WNM_DEAUTH_REQ, is added for testing
purposes to allow the notification frame to sent based on local request.
This case does not disconnect the station automatically, i.e., a
separate control interface command would be needed for that.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:24 +02:00
Jouni Malinen
a14896e8bb HS 2.0R2 AP: Add OSEN implementation
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:24 +02:00
Jouni Malinen
6ca0853d18 HS 2.0R2 AP: Use Subscr Remediation request from RADIUS server
If the RADIUS server includes the WFA RADIUS VSA in Access-Accept to
indicate need for subscription remediation, copy the server URL from
the message and send it to the station after successfully completed
4-way handshake (i.e., after PTK is set to allow PMF to work) in a
WNM-Notification.

AP must not allow PMKSA caching to be used after subscription
remediation association, so do not add the PMKSA cache entry whenever
the authentication server is indicating need for subscription
remediation. This allows station reassociation to use EAP authentication
to move to non-remediation connection.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:24 +02:00
Jouni Malinen
7bc9c25d1f HS 2.0R2 AP: Add STA's Hotspot 2.0 Release Number into Access-Request
If the station indicated support for Hotspot 2.0, send its release
number and PPS MO ID in Access-Request messages using the WFA RADIUS
VSA.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:24 +02:00
Jouni Malinen
76579ec75f HS 2.0R2 AP: Add AP Hotspot 2.0 Release Number as WFA RADIUS VSA
The Access-Request frames are used to inform the RADIUS server about the
Hotspot 2.0 release number supported by the AP.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:24 +02:00
Jouni Malinen
3fb17a9530 HS 2.0R2 AP: Add WNM-Notification Request for Subscription Remediation
Subscription remediation notification can now be sent from hostapd with:
hostapd_cli hs20_wnm_notif 02:00:00:00:00:00 http://example.com/foo/

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:24 +02:00
Jouni Malinen
d5d24784e6 HS 2.0R2 AP: Update HS 2.0 Indication element to Release 2
The HS 2.0 Indication element from hostapd now includes the release
number field and the new ANQP Domain ID field. This ID can be configured
with anqp_domain_id parameter in hostapd.conf.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-26 01:24:24 +02:00
Jouni Malinen
8c9cb81fb7 DFS: Fix coding style (missing whitespace)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-25 16:47:22 +02:00
Janusz Dziedzic
4f1e01b8e3 DFS: Add VHT160 available channels
Add VHT160 available channels we can choose from when having detected a
radar event.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-02-25 16:46:17 +02:00
Janusz Dziedzic
b8058a69b0 hostapd: DFS allow mixed channels
Allow mixed DFS and non-DFS channels, e.g., VHT160 on channels 36-64.
This is useful for testing VHT160 with mac80211_hwsim.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-02-25 16:45:11 +02:00
Jouni Malinen
c1151e47d5 Force OFDM/HT/VHT to be disabled on channel 14
The regulatory rules in Japan do not allow OFDM to be used on channel
14. While this was to some extend assumed to be enforced by drivers
(many of which apparently don't), it is safer to make hostapd enforce
this by disabling any OFDM-related functionality. This tries to avoid
backwards compatibility issues by downgrading the mode rather than
rejecting the invalid configuration.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-25 13:55:10 +02:00
Chaitanya T K
3d7ad2f681 hostapd: Configure spectrum management capability
Add configuration of Spectrum Management subfield in the Capability
Information of Beacon, Probe Response, and Association Response frames.
Spectrum Management bit is set when directly requested by new
configuration option spectrum_mgmt_required=1 or when AP is running on
DFS channels. In the future, also TPC shall require this bit to be set.

Signed-hostap: Srinivasan <srinivasanb@posedge.com>
Signed-hostap: Chaitanya T K <chaitanyatk@posedge.com>
Signed-hostap: Marek Puzyniak <marek.puzyniak@tieto.com>
2014-02-25 00:54:59 +02:00
Srinivasan B
e0392f825d hostapd: Add Power Constraint element
Add Power Constraint information element to Beacon and Probe Response
frames when hostapd is configured on 5 GHz band and Country information
element is also added. According to IEEE Std 802.11-2012 a STA shall
determine a local maximum transmit power for the current channel based
on information derived from Country and Power Constraint elements.

In order to add Power Constraint element ieee80211d option need to be
enabled and new local_pwr_constraint config option need to be set to
unsigned value in units of decibels. For now this value is statically
configured but the future goal is to implement dynamic TPC algorithm
to control local power constraint.

Signed-hostap: Srinivasan <srinivasanb@posedge.com>
Signed-hostap: Chaitanya T K <chaitanyatk@posedge.com>
Signed-hostap: Marek Puzyniak <marek.puzyniak@tieto.com>
2014-02-24 23:51:23 +02:00
Jouni Malinen
cb10c7d12d RADIUS DAS: Add support for NAS identification attributes
This allows NAS-IP-Address, NAS-Identifier, and NAS-IPv6-Address to be
included in the Disconnect-Request packets.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-20 13:55:36 +02:00
Jouni Malinen
0d7c5e1dfc RADIUS DAS: Remove PMKSA entry on Disconnect-Request
When a station is disconnected based on Disconnect-Request, it is better
to force the station to go through full EAP authentication if it tries
to reconnect.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-20 13:26:22 +02:00
Jouni Malinen
d87a6acdf5 WPS: Fix STA state validation when processing PutWLANResponse
It is possible for an ER to send an unexpected PutWLANResponse action
when the destination STA is in disassociated, but not fully
deauthenticated state. sta->eapol_sm can be NULL in such state and as
such, it would be possible to hit a NULL pointer dereference in the
eapol_auth_eap_pending_cb() call at the end of the
hostapd_wps_probe_req_rx() when trying to proxy the WPS message to the
station. Fix this by validating that sta->eapol_sm is set before
processing the message.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-19 23:51:55 +02:00
Jouni Malinen
a1dd890a85 RADIUS: Add minimal accounting server support
This can be used to test RADIUS Accounting in hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-02-15 16:26:48 +02:00
Marek Kwaczynski
8a45811638 hostapd: Add Operating Mode Notification support
Handle Operating Mode Notification received in (Re)Association Request
frames.

Signed-hostap: Marek Kwaczynski <marek.kwaczynski@tieto.com>
2014-02-14 19:30:05 +02:00
Eytan Lifshitz
6ceb95c950 Avoid NULL dereference in ieee802_1x_get_mib_sta() printf
In function ieee802_1x_get_mib_sta(), eap_server_get_name() may return
NULL, and it could be dereferenced immidiately by os_snprintf() (if the
snprintf implementation does not handle NULL pointer).

Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
2014-02-13 15:58:21 +02:00
Eytan Lifshitz
93a1caece0 Remove unnecessary NULL check
In send_assoc_resp(), sta was checked for NULL, although it can't be
NULL.

Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
2014-02-13 15:58:17 +02:00
Max Stepanov
5479ff906c DFS: Avoid compiler warnings in src/ap/dfs.c
Initialize variables explicitly to avoid [-Wmaybeuninitialized] compiler
warning in hostapd_handle_dfs() and
hostapd_dfs_start_channel_switch_cac() functions.

Signed-hostap: Max Stepanov <Max.Stepanov@intel.com>
2014-02-13 15:44:37 +02:00
Jouni Malinen
b64afe22aa Fix SAE state validation on AP
Confirm-before-commit validation step allowed execution to continue on
error case. This could result in segfault in sae_check_confirm() if the
temporary SAE data was not available (as it would not be, e.g., in case
of an extra SAE confirm message being received after successful
exchange). Fix this by stopping SAE processing immediately after
detecting unexpected state for confirm message. In addition, make the
public sae.c functions verify sae->tmp before dereferencing it to make
this type of bugs less likely to result in critical issues.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-12 17:46:33 +02:00
Jouni Malinen
d7a15d5953 WPS: Indicate current AP settings in M7 in unconfigurated state
Previously, unconfigured state was forcing the best supported
authentication and encryption state to be shown in WPS messages,
including AP Settings in M7 in case the AP acts as an Enrollee. This is
not really correct for the AP Settings case, so change that one to
indicate the currently configured state.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-02-07 19:33:19 +02:00
Jouni Malinen
334ec001bb Fix Beacon RX before AP setup completion
It is possible for the driver to report Beacon RX prior to hostapd
having completed AP mode setup, e.g., when changing country code. Beacon
frame processing for OLBC was not prepared for this and could trigger
segfault due to NULL pointer dereference. Fix this by ignoring the
Beacon frames received prior to completing interface setup when
determining OLBC updates.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-02-06 15:22:06 +02:00
Jouni Malinen
b37d582eaf Replace ieee802_11_print_ssid() with wpa_ssid_txt()
There is no need to maintain two different functions for printing out
ASCII text version of SSID.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-02-04 13:23:35 +02:00
Janusz Dziedzic
fd92413417 hostapd: Increase timeout for channel list update to 5 seconds
Before this patch, 1 second timeout was used for regulatory updates. In
some cases, specially when we reload driver modules on some slower
platforms this could take more than 1 second (about 2 seconds). This is
important specially for DFS case, where we have to have correct DFS
region before we will start CAC. In other case (unknown DFS region), CAC
will fail. 5 seconds should be enough for all cases.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-01-30 14:05:14 +02:00
Eytan Lifshitz
04c366cb1d Fix memory leaks and wrong memory access
1. In wpa_config_process_bgscan() fix memory leak after
   calling wpa_config_parse_string()
2. In hostapd_config_defaults(), on failure to allocate bss->radius,
   conf->bss was not freed.
3. In p2p_deauth_nofif(), memory allocated in p2p_parse_ies() was not
   freed in case of NULL minor_reason_code.
4. In p2p_disassoc_nofif(), memory allocated in p2p_parse_ies() was
   not freed in case of NULL minor_reason_code.
5. In p2p_process_go_neg_conf(), memory allocated was not freed in
   case that the P2P Device interface was not waiting for a
   GO Negotiation Confirm.
6. In wpa_set_pkcs11_engine_and_module_path(), the wrong pointer was
   checked.

Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
2014-01-30 14:01:31 +02:00
Jouni Malinen
d2f18378e1 WPS NFC: Add BSSID and AP channel info to Configuration Token
This information can help the Enrollee to find the AP more quickly with
an optimized scan.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:31 +02:00
Jouni Malinen
25ef8529c1 P2P: Add support for IP address assignment in 4-way handshake
This new mechanism allows P2P Client to request an IPv4 address from the
GO as part of the 4-way handshake to avoid use of DHCP exchange after
4-way handshake. If the new mechanism is used, the assigned IP address
is shown in the P2P-GROUP-STARTED event on the client side with
following new parameters: ip_addr, ip_mask, go_ip_addr. The assigned IP
address is included in the AP-STA-CONNECTED event on the GO side as a
new ip_addr parameter. The IP address is valid for the duration of the
association.

The IP address pool for this new mechanism is configured as global
wpa_supplicant configuration file parameters ip_addr_go, ip_addr_mask,
ip_addr_star, ip_addr_end. For example:

ip_addr_go=192.168.42.1
ip_addr_mask=255.255.255.0
ip_addr_start=192.168.42.2
ip_addr_end=192.168.42.100

DHCP mechanism is expected to be enabled at the same time to support P2P
Devices that do not use the new mechanism. The easiest way of managing
the IP addresses is by splitting the IP address range into two parts and
assign a separate range for wpa_supplicant and DHCP server.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:44:26 +02:00
Jouni Malinen
14d8645f63 WPS NFC: Allow BSSID and channel to be included in handover select
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:10:55 +02:00
Jouni Malinen
068cdb1d98 WPS NFC: New style connection handover select from AP/Registrar
The contents of the WPS connection handover select message was modified
to include the Registrar public key hash instead of the credential.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:10:55 +02:00
Jouni Malinen
3189ca055d WPS NFC: Add AP mode connection handover report
The new NFC connection handover design requires the AP/Registrar to
process the connection handover request message received from the
Enrollee. Add control interface commands for handling this.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-27 21:10:55 +02:00
Jouni Malinen
5ce00d09c0 GAS server: Add support for Protected Dual of Public Action frames
When GAS is used with PMF negotiated, Protected Dual of Public Action
frames are expected to be used instead of Public Action frames, i.e.,
the GAS/ANQP frames are expected to be encrypted. Add support for this
different category of Action frames being used for GAS. The payload
after the Category field is identical, so the only change is in using
the Category field based on what was received in the request frames. For
backwards compatibility, do not enforce protected dual to be used on the
AP side, i.e., follow what the station does.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-23 11:19:55 +02:00
Jouni Malinen
7b2c42f8b9 hostapd: Fix PMF robust Action frame processing rules
Due to misplaced parenthesis, unprotected not-Robust Action frames
(e.g., Public Action frames) were dropped in handle_assoc() when such
frames were received during an association that had negotiated use of
PMF. This is not correct since only unprotected Robust Action frames
were supposed to be handled in this way.

This would have broken any Public Action frame use during PMF
association, but such frames were not really supposed to be used
currently (ANQP as the only possible use case should really use
protected dual option in such case).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2014-01-23 10:24:21 +02:00
Ilan Peer
a487b35572 hostapd: Fix segmentation fault when calling hostapd_cli all_sta
While iterating over the stations hostapd_ctrl_iface_sta_mib()
might be called with sta == NULL. Fix this.

Signed-hostap: Ilan Peer <ilan.peer@intel.com>
2014-01-22 19:28:57 +02:00
Janusz Dziedzic
eed65aad14 hostapd: DFS setup seg0 correctly for HT40-
Fix seg0 calculation for HT40+/HT40-.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-01-14 17:14:13 +02:00
Janusz Dziedzic
25592b236b hostapd: DFS/CSA check if CSA in progress
Check if CSA is already in progress, before triggering a new channel
switch.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2014-01-14 17:13:50 +02:00
Jouni Malinen
08081ad8ef hostapd: Skip full AP configuration validation on SET command
It is possible for the configuration to be temporarily invalid when
adding a new AP through SET commands followed by ENABLE. Avoid this
issue by using less strict validation on SET commands and perform full
configuration validation only on ENABLE. Use cases with configuration
file maintain their previous behavior, i.e., full validation after the
file has been read.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 20:23:56 +02:00
Jouni Malinen
f0cbb986ff Add DRIVER-STATUS command for hostapd
This is just like the same command in wpa_supplicant, i.e., "hostapd_cli
status driver" can be used to fetch information about the driver status
and capabilities.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:12 +02:00
Jouni Malinen
a09ffd5f2f Fix req_scan-deplete-timeout and update eloop API for this
Commit e2f5a9889a was supposed to prevent
new scan request from pushing out the old one. However, it did not
really do that since eloop_deplete_timeout() returned 0 both for the
case where the old timeout existed (and was sooner) and if the old
timeout did not exist. It returned 1 only for the case where an old
timeout did exist and was larger than the new requested value. That case
used to result in wpa_supplicant_req_scan() rescheduling the timeout,
but hew code in eloop_deplete_timeout() did the exact same thing and as
such, did not really change anything apart from the debug log message.

Extend the eloop_deplete_timeout() (and eloop_replenish_timeout() for
that matter since it is very similar) to return three different values
based on whether the timeout existed or not and if yes, whether it was
modified. This allows wpa_supplicant_req_scan() to schedule a new
timeout only in the case there was no old timeout.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-07 10:45:10 +02:00
Jouni Malinen
a1a31b6c3f Remove hostapd dump_file functionality
This debugging mechanism has now been deprecated by the control
interface commands that can be used to fetch same internal information
from hostapd in a more convenient way. Leave the empty USR1 signal
handler and configuration file parameter for backwards compatibility.
They can be removed in future versions of hostapd.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 18:15:07 +02:00
Jouni Malinen
ea23df652a Make EAPOL dump data available through ctrl_iface STA command
The per-STA/Supplicant state information from the EAPOL authenticator
is now available through "STA <MAC Address> eapol" command.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 17:49:48 +02:00
Jouni Malinen
f538be3e82 Add more STA information into the ctrl_iface STA command
This adds TX/RX statistics and information about association into the
per-STA data that is available through the hostapd control interface. In
addition, information about the EAP method is now included with the IEEE
802.1X data.

Signed-hostap: Jouni Malinen <j@w1.fi>
2014-01-02 16:58:14 +02:00
Jouni Malinen
f7fb676633 ACS: Mark acs_fail() static
This function is not used outside acs.c.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-31 22:30:49 +02:00
Jouni Malinen
5ace51a48a WNM: Clean up le16 variable use to avoid sparse warnings
intval is marked le16 and should be used through proper byte order
conversion functions even if it ended up getting set correctly due to
the two operations cancelling each other.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-31 19:41:47 +02:00
Jouni Malinen
8cf1e68c02 Move declaration of hostapd_acs_completed() into correct header file
This function is in hw_features.c and as such, should be declared in
hw_features.h.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-31 19:34:43 +02:00
Jouni Malinen
0187c41d88 Declare wpa_debug_* variables in src/utils/wpa_debug.h
These were somewhat more hidden to avoid direct use, but there are now
numerous places where these are needed and more justification to make
the extern int declarations available from wpa_debug.h. In addition,
this avoids some warnings from sparse.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-31 19:29:52 +02:00
Jouni Malinen
fcc61230d1 Declare wpa_drivers in src/drivers/driver.h
This avoids some warnings from sparse.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-31 19:19:37 +02:00
Jouni Malinen
dbfb8e82ff Remove unnecessary EVENT_RX_ACTION
This driver event was used separately for some Action frames, but all
the driver wrappers converted to this from information that would have
been enough to indicate an EVENT_RX_MGMT event. In addition, the
received event was then converted back to a full IEEE 802.11 management
frame for processing in most cases. This is unnecessary complexity, so
get rid of the extra path and use EVENT_RX_MGMT for Action frames as
well as other management frame subtypes.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 17:18:17 +02:00
Jouni Malinen
912b34f000 Do not process Action frames twice in hostapd SME/MLME
Commit 88b32a99d3 added support for using
some Action frame processing in hostapd for drivers that handle most of
SME/MLME internally (it added FT, this has since be extended for SA
Query and WNM). However, this was added in a way that ended up getting
both the hostapd_rx_action() and hostapd_action_rx() called for Action
frames. This could result in an attempt to process FT, SA Query, and WNM
Action frames twice.

There is need for more significant cleanup in Action frame processing in
hostapd depending on the driver type, but as a simple step to avoid
issues, skip the hostapd_action_rx() call if hostapd_rx_action()
processed the frame.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 11:25:59 +02:00
Jouni Malinen
006309b546 Fix whitespace style
Commit 88b32a99d3 added couple of lines
with incorrect indentation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 11:25:59 +02:00
Jouni Malinen
0e22b8dd4c WPS: Make sure reconfiguration timeout is not left behind on deinit
Even though this is a short timeout, it is at least theoretically
possible for the interface to be removed while waiting for
reconfiguration to start. Avoid issues with this by cancelling the
timeout on any WPS interface deinit. In theory, this should be postponed
until interface removal, but that does not fit very nicely to the
current wps_hostapd.c style.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 10:00:32 +02:00
Jouni Malinen
aa189ac9dd Enable FT with SAE
It was already possible to configure hostapd and wpa_supplicant to use
FT-SAE for the key management, but number of places were missing proper
AKM checks to allow FT to be used with the new AKM.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 10:00:31 +02:00
Jouni Malinen
2d2ecf51aa nl80211: Fix protected Action frame reporting for AP mode
Action frame RX report through EVENT_RX_ACTION did not indicate whether
the frame was protected or not even though that information is available
in mlme_event_mgmt(). hostapd_rx_action() has a workaround for setting
the protected flag for SA Query frames, but that did not apply for other
frames, like FT Action. This broke FT-over-DS when PMF is enabled with
newer kernel versions (i.e., the ones that do not use monitor interface
for receiving management frames).

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-29 10:00:31 +02:00
Jouni Malinen
8d321a7d4c WNM: Move disassociation imminent sending to wnm_ap.c
This gets all WNM BSS Transition Management frame building and sending
within hostapd into the same location.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-27 19:57:47 +02:00
Jouni Malinen
b76f4c2763 hostapd: Make STA flags available through ctrl_iface STA command
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-27 19:35:12 +02:00
Jouni Malinen
aa03dbd517 Remove IEEE80211_REQUIRE_AUTH_ACK
This is not really needed for anything and the standard does not require
such validation step to be made for Authentication frame transmission.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-27 19:35:12 +02:00
Jouni Malinen
121f2ab49a Remove unused STA flags
These three flags were only displayed, but never set or used for
anything else.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-27 19:35:12 +02:00
Jouni Malinen
3578e665bf WNM: Add STA flag to indicate the current WNM-Sleep-Mode state
This can be useful for displaying the current STA state and also for
determining whether some operations are likely to fail or need
additional delay.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-27 19:35:12 +02:00
Jouni Malinen
477689788c WNM: Fix AP processing without wnm_oper driver callback
hostapd_drv_wnm_oper() needs to indicate an error if the driver callback
function is not implemented. Without this, the buf_len argument could
have been left uninitialized which could result in crashing the process.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-27 18:48:04 +02:00
Jouni Malinen
2025cad9b8 WNM: Move ESS Disassoc Imminent sending to a helper function
This makes it easier to trigger the ESS Disassociation Imminent
operation from different sources.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-12-27 18:48:04 +02:00
Jouni Malinen
28ab64af9b WNM: Minimal processing of BSS Transition Management Query/Response
This adds first steps at processing a BSS Transition Management Query on
the AP side. Mainly, the message is parsed and printed out in the debug
log and a minimal BSS Transition Management Request frame is sent as a
response. BSS Transition Management Response frame is also parsed and
details printed out in the debug log.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-27 18:11:07 +02:00
Jouni Malinen
629edfef81 WNM: Fix Sleep Mode AP processing in open network
The previous version could end up calling WPA authenticator routines
even though the authenticator had not been initialized and this could
result in NULL pointer dereference.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 22:26:05 +02:00
Jouni Malinen
7b75c30109 WPS: Reschedule AP configuration reload on EAP completion
Reduce race condition of the station trying to reconnect immediately
after AP reconfiguration through WPS by rescheduling the reload
timeout to happen after EAP completion rather than the originally
scheduled 100 ms after new configuration became known.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-12-26 20:50:28 +02:00
Jouni Malinen
93827f456a hostapd: Allow external management frame processing or testing
This enables more convenient protocol testing of station side
functionality in various error cases and unexpected sequences without
having to implement each test scenario within hostapd.
ext_mgmt_frame_handle parameter can be set to 1 to move all management
frame processing into an external program through control interface
events (MGMT-RX and MGMT-TX-STATUS) and command (MGMT_TX).

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-26 16:55:45 +02:00
Jouni Malinen
5f9c134ab4 Remove obsolete license notifications
These files have been distributed only under the BSD license option
since February 2012. Clarify the license statements in the files to
match that to avoid confusion.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-24 22:59:52 +02:00
Jouni Malinen
bad5cdf491 Verify that beacon setup succeeds before proceeding
There is no point in starting the AP operations unless
the driver can be successfully configured to beacon.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-24 22:46:20 +02:00
Jouni Malinen
7d7f7be2e5 Verify group key configuration for WPA group
If configuration of the group key to the driver fails, move the WPA
group into failed state and indication group setup error to avoid cases
where AP could look like it is working even through the keys are not set
correctly.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-24 22:38:16 +02:00
Jouni Malinen
30675c3416 Add definitions for new cipher suites from IEEE Std 802.11ac-2013
This adds initial parts for supporting the new GCMP-256, CCMP-256,
BIP-GMAC-128, BIP-GMAC-256, and BIP-CMAC-256 cipher suites.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-24 22:21:04 +02:00
Jouni Malinen
13b24a766f VHT: Use status code 104 to indicate VHT required
IEEE Std 802.11ac-2013 defines a status code for this, so use that
instead of the unspecified reason.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-12-24 21:19:45 +02:00
Andrei Otcheretianski
76aab0305c Add secondary channel IE for CSA
If secondary channel is provided for CSA, advertise it in the Secondary
Channel Offset element in Beacon and Probe Response frames.

Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2013-12-24 08:27:28 +02:00
Andrei Otcheretianski
8f4713c5c9 Store entire CS freq_params and not only freq
When CSA flow starts, store the entire struct hostapd_freq_params and
not only CS frequency as it was before. The additional freq_params are
required to advertise CS supplementary IEs such as secondary channel,
wide bandwidth CS, etc.

Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2013-12-24 08:23:40 +02:00
Andrei Otcheretianski
13daed58c7 Include driver.h in hostapd.h
This allows use of structs (and not only pointers) defined in drivers.h.
Remove also some not needed forward declarations and redundant includes.

Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2013-12-24 08:22:37 +02:00
Johannes Berg
7ffe7d222a AP: Use monotonic time for MMIC failure/TKIP countermeasures
Wall time jumps shouldn't affect MMIC failure/TKIP countermeasures,
so use monotonic time. Change the michael_mic_failure variable to
struct os_reltime for type-safety.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-24 07:13:34 +02:00
Johannes Berg
dd4e32bae4 AP: Use monotonic time for PMKSA cache
Since the PMKSA cache only uses relative time, use the monotonic time
functions instead of wall time to be correct when the clock jumps.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-24 07:01:07 +02:00
Johannes Berg
0fc545aee5 AP: Use monotonic time for STA accounting
For type-safety, make sta->acct_session_start a struct os_reltime
and then use monotonic time for accounting. For RADIUS reporting,
continue to use wall clock time as specified by RFC 2869, but for
the session time use monotonic time.

Interestingly, RFC 2869 doesn't specify a timezone, so the value
is somewhat arbitrary.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-24 06:57:53 +02:00
Marek Kwaczynski
493ba877c3 hostapd: Clear interface_added flag on error path
If more BSSes are added in config file than are supported by the driver,
segmentation fault can appear. For this case, the interface_added flag
needs to be cleared if adding a new BSS fails.

Signed-hostap: Marek Kwaczynski <marek.kwaczynski@tieto.com>
2013-12-14 21:13:52 -08:00
Janusz Dziedzic
f7154ceef7 DFS: Use channel switch when radar is detected
Until now DFS was simply restarting the AP when radar was detected. Now
CSA is used to perform smooth switch to the new channel. Stations not
supporting CSA will behave as before.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
2013-12-07 20:50:15 -08:00
Janusz Dziedzic
6c6c58d157 hostapd: Make hostapd_set_freq_params() public
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-12-07 20:50:15 -08:00
Michal Kazior
b72f949b07 DFS: Allow skipping radar channels
This is needed for AP CSA. Since CSA must happen immediately after radar
is detected there's no time to perform CAC. Thus, radar channels must be
disabled when looking for a new channel to escape to after a radar is
detected.

Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
2013-12-07 20:50:15 -08:00
Janusz Dziedzic
8d1fdde7f0 nl80211/hostapd: Extend channel switch notify handling
Adds support for VHT by parsing bandwidth and center_freq{1,2}.

Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-12-07 20:50:15 -08:00
Johannes Berg
10e694a618 AP: Use monotonic clock for SA query timeout
The usual, any timeouts should be using monotonic time.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-07 20:50:15 -08:00
Johannes Berg
af5389610b Use monotonic clock for RADIUS cache timeouts
Use monotonic clock for both cache and query timeouts.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-07 20:50:15 -08:00
Johannes Berg
fe52c210cf Use monotonic clock for last_sae_token_key_update
Just the usual, with a new function os_reltime_initialized()
thrown in that checks whether time has ever been retrieved
(time can't be completely zero).

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-07 20:50:15 -08:00
Johannes Berg
100298e896 AP: Use monotonic time for AP list
Use the new monotonic time to keep track of when an AP
entry expires.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-07 20:50:15 -08:00
Johannes Berg
b3493fa110 AP: Use monotonic time for STA connected time
Connected time is relative, so should be using monotonic time
rather than time of day.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-12-07 20:50:14 -08:00
Jouni Malinen
7feff06567 Add CONFIG_CODE_COVERAGE=y option for gcov
This can be used to measure code coverage from test scripts.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-24 19:16:12 +02:00
Jouni Malinen
59d343858d EAP server: Initialize TLS context based on private_key
It is possible for the authentication server to be configured with a
PKCS #12 file that includes a private key, a server certificate, and a
CA certificate. This combination could result in server_cert and ca_cert
parameters not being present and that should still result in TLS context
getting initialized.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-24 18:08:45 +02:00
Mohammed Shafi Shajakhan
336167c80e AP: Fix inactivity STA timer trigger for driver offload case
Some non-mac80211 drivers, such as ath6kl, support STA inactivity timer
in firmware and may not provide connected stations' idle time to the
userspace. If the driver indicates support for offloaded operation, do
not start the inactivity timer in the hostapd.

Signed-hostap: Mohammed Shafi Shajakhan <mohammed@qca.qualcomm.com>
2013-11-24 12:01:55 +02:00
Janusz Dziedzic
80ed037f00 Clear beacon_data before usage
struct beacon_data contains a lot of pointers. Make sure it gets cleared
to zero if hostapd_build_beacon_data() gets called from a path that does
not clear the structure first.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-11-22 23:21:43 +02:00
Marek Kwaczynski
92ecda40e0 hostapd: Set proper VHT capabilities
Set VHT capabilities defined in config file instead only supported
by the driver.

Signed-hostap: Marek Kwaczynski <marek.kwaczynski@tieto.com>
2013-11-22 18:03:04 +02:00
Marek Kwaczynski
77a3e796e1 hostapd: Fix set beacon in multiple BSSID scenario
Check if the BSS interface has started before setting beacon.
Lack of this condition can cause segmantation fault.

Signed-hostap: Marek Kwaczynski <marek.kwaczynski@tieto.com>
2013-11-22 18:02:56 +02:00
Jouni Malinen
cc14091eab VHT: Fix memory leak in STA entry
Commit de3cdf354a adding copying of the
STA's VHT capabilities into the STA entry on the AP. This was done in
allocated memory, but that new memory allocation was not freed anywhere.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-22 17:46:22 +02:00
Jouni Malinen
461e3ebe43 Fix and work around some MinGW compilation issues
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-20 23:12:33 +02:00
Michal Kazior
68d628accd hostapd: Fix interface enabling/disabling and DFS
The 'started' state was tracked incorrectly. It also broke DFS
as it was using hostapd_enable/disable_iface() functions.

Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
2013-11-20 22:29:35 +02:00
Andrei Otcheretianski
334bf36ac5 Add chan_switch to ctrl interface of wpa_supplicant and hostapd
Add chan_switch to the control interface of wpa_supplicant and hostapd,
and also to wpa_cli and hostapd_cli.

Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2013-11-17 17:12:58 +02:00
Andrei Otcheretianski
bf281c129f Add AP channel switch mechanism
Build CSA settings and call the driver to perform the switch. Construct
Beacon, Probe Response, and (Re)Association Response frames both for CSA
period and for the new channel. These frames are built based on the
current configuration. Add CSA IE in Beacon and Probe Response frames.

Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2013-11-17 17:12:58 +02:00
Andrei Otcheretianski
e44a384b68 Move AP parameter filling into a helper function
Signed-hostap: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2013-11-17 17:12:58 +02:00
Abhishek Singh
795baf773f hostapd: Filter channel list updated events after country code change
We were not filtering the EVENT_CHANNEL_LIST_CHANGED events based on the
regulatory hint initiator. So wait for EVENT_CHANNEL_LIST_CHANGED event
after our own change was triggered even when regulatory hint initiator
was the driver. This could result in the wait for the channel list to be
updated to be terminated before the real change has occurred and as
such, old channel list remaining in use when configuring
hostapd/wpa_supplicant country parameter. Fix this by filtering the
hints according to the initiator and only regulatory hints initiated by
user will be used to stop the wait.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-15 02:59:55 +02:00
Kyeyoon Park
91f9e6078f GAS: Replenish AP station session timer to 5 seconds
If remaining AP session timeout is less than 5 seconds
for an existing station, replenish the timeout to 5 seconds.
This allows stations to be able to recycle a dialog token
value beyond 5 seconds for GAS exchange.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-08 00:22:32 +02:00
Paul Stewart
c101bb9d23 hostapd: Add option to send OBSS scan params
Add a parameter to send the overlapping BSS scan parameter
information element. This will require clients to perform
background scans to check for neigbors overlapping this
HT40 BSS. Since the implementation is incomplete it should
only be used for testing.

Signed-hostap: Paul Stewart <pstew@chromium.org>
2013-11-07 14:05:41 +02:00
Jouni Malinen
b6881b5218 WPS NFC: Add more debug for NFC Password Token matching
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-07 13:48:49 +02:00
Jouni Malinen
5e1a4565f8 hostapd: Do not start secondary BSS unless interface is enabled
It is possible for additional BSSs to be added while the primary
interface is still in the process of determining channel parameters (HT
co-ex scan, ACS, DFS). Do not enable secondary interfaces in such state
immediately, but instead, wait for the pending operation on the primary
interface to complete. Once that's done, the added extra BSSs will also
be enabled in hostapd_setup_interface_complete().

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-06 15:41:05 +02:00
Jouni Malinen
36501a22a4 hostapd: Verify hostapd_setup_bss calls
Reject multiple calls to hostapd_setup_bss() for any specific interface.
hostapd_cleanup() must have been called first before trying to restart a
BSS.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-06 15:41:05 +02:00
Jouni Malinen
54246f8d44 hostapd: Share a single function for BSS deinit
hostapd_bss_deinit() takes care of freeing the associated stations and
calling hostapd_cleanup() to deinit per-BSS services.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-06 12:48:24 +02:00
Jouni Malinen
6d1ca81ee8 Remove unused hostapd_cleanup_iface_pre()
This has not been used in years and can be removed to clean up the
hostapd deinit path a bit.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-06 12:44:54 +02:00
Jouni Malinen
747c85f932 hostapd: Add more debug prints to deinit path
This makes it easier to follow the various interface/BSS deinit
operations.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-06 12:42:20 +02:00
Jouni Malinen
6023a7880b Restore hapd->interface_added tracking to core hostapd
This reverts parts of commit 390e489c0d
that tried to enable removal of the first BSS. Since that operation is
now forced to remove all BSSs, these changes are not needed. The
hostapd_if_remove() operation in hostapd_free_hapd_data() is problematic
for the first BSS since it ends up freeing driver wrapper information
that is needed later when deinitializing the driver wrapper.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-06 01:38:17 +02:00
Jouni Malinen
486d2ff0eb hostapd: Deinit ctrl_iface in case of add interface failure
Since the control interface is now initialized as part of
hostapd_setup_interface(), it needs to be deinitialized on the error
path.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-06 01:32:55 +02:00
Jouni Malinen
cdf3fb1f1c Fix removal of a BSS that has not yet been fully initialized
If a secondary BSS is removed while it is waiting for the primary BSS to
complete channel setup (e.g., due to HT co-ex scan, ACS, or DFS), the
hostapd_data instance has not yet been initialized. Fix the BSS removal
code to take this special case into account and not try to deinitialize
the hostapd_data instance that has not yet been started.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-06 00:57:38 +02:00
Jouni Malinen
2f99d90726 Remove all BSSs on removal of the first one
The changes in commit 5592065850 to allow
any BSS to be removed were a bit too early since there are still number
of areas that use the first BSS as a special case. Especially the
driver_ops API is going to require quite a bit of cleanup before removal
of the first BSS without the other BSSes of the same radio can be done
safely.

For now, force all BSSs to be removed in case the first one is removed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-06 00:43:10 +02:00
Jouni Malinen
2b6623ab13 hostapd: Do not terminate process on dynamic interface add failure
Limit the calls to eloop_terminate() to happen only for the
initialization failure from the interfaces that we specified on the
command line. This allows hostapd process to continue operating even if
a dynamically added interface fails to start up. This allows the upper
layer software to fix a configuration error and retry.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-05 17:35:11 +02:00
Jouni Malinen
d4f1a347ce Allow AP mode configuration with VHT enabled on 2.4 GHz
hostapd_set_freq_param() rejected the 20 MHz channel case with
vht_enabled due to the existing validation step including only 5 GHz (to
be more exact, only >= 5000 MHz). While the behavior may not be fully
defined for 2.4 GHz, we can enable this based on driver capability
advertisement to fix automatic VHT selection for P2P use cases.
mac80211_hwsim advertises VHT for 2.4 GHz band and that resulted in
failures when trying to start GO on that band with vht=1 parameter.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-11-04 11:51:56 +02:00
Jouni Malinen
bb337ddac2 DFS: Do not use cf1 to override freq for 20 MHz channels
NL80211_ATTR_CENTER_FREQ1 is defined to be used for anything but 20 MHz
bandwidth, so it could be unset for 20 MHz channels. Do not use it to
override center frequency from NL80211_ATTR_WIPHY_FREQ (if available)
for 20 MHz channels to avoid clearing frequency.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 21:50:48 +02:00
Jouni Malinen
0dfd2c61a5 Document AP mode startup functions
This provides some more details on how interfaces and BSSes are
initialized during hostapd startup.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 21:30:31 +02:00
Jouni Malinen
fee947bfc0 hostapd: Use correct wpa_printf verbosity level for message
This configuration file message is informative and MSG_INFO should be
used instead of MSG_ERROR.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 20:12:36 +02:00
Jouni Malinen
e4ba031531 hostapd: Use start_ctrl_iface() from hostapd_add_iface()
Better share the same function for initializing control interface from
the two possible paths that can add a new interface to hostapd.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
bf7f09bd24 Fix AP mode QoS Map configuration to be per-BSS
This is a per-BSS configuration parameter and as such, needs to be
configured to the driver from hostapd_setup_bss() instead of
hostapd_driver_init().

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
dc036d9ee0 DFS: Convert hostapd_data use to hostapd_iface
DFS operations are specific to the interface (radio/wiphy), not BSS
(netdev/vif), so hostapd_iface is the appropriate element to use in
them.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
2db938e8de hostapd: Fill in phyname automatically
If per-BSS configuration enabling did not provide a phy name, iface->phy
was left empty. It can be helpful to set this up automatically, so fill
that when initializing the interface.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
5ae6449ca2 hostapd: Add ctrl_iface STATUS command
This can be used to fetch runtime information about hostapd interfaces.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
afadaff976 Optimize 40 MHz HT co-ex scan on AP
Only scan the affected channels instead of all enabled channels when
determining whether the primary and secondary channel for HT40 needs to
be swapped. This speed up HT40 setup considerably on 5 GHz band.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
7d6d73701e hostapd: Add AP-ENABLED/DISABLED ctrl_iface events
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
e1c5faf007 hostapd: Track interface state
The new hostapd_iface::state enum is used to track the current state of
the hostapd interface (a radio/wiphy).

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
f0793bf191 hostapd: Wait for channel list update after country code change
If hostapd is requested to set the country code and the previous country
code differs from the new one, the channel list information from the
driver may change. This change may not be instant, so wait for an
EVENT_CHANNEL_LIST_CHANGED event before continuing interface setup with
fetching of the channel list information. This fixes issues where the
selected channel is not available based on the previous regulatory data
and update through CRDA takes some time.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
ae134e1d2b hostapd: Add ctrl_iface events for ACS
These give status information to external observers from automatic
channel selection operations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
ad08e1413b hostapd: Move ctrl_iface initialization to happen earlier
Channel determination may take considerable time when ACS or DFS is
used, so it is useful to be able to observe this process through the
control interface. Move the initialization of the control interfaces to
happen before channel determination so that this can be achieved.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
4a5deb9b9d hostapd: Simplify interface initialization
Use hostapd_interface_init2() for all interfaces instead of the
previously used different paths for per-interface-config and
per-BSS-config cases. This moves the calls to hostapd_driver_init() and
hostapd_setup_interface() to happen after all configuration files have
been read.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 19:51:06 +02:00
Jouni Malinen
186c905912 DFS: Add control interface events for various DFS events
These can be useful for external programs that track the current state
of the AP.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 11:31:48 +02:00
Jouni Malinen
71cdf6b624 hostapd: Fix ENABLE failure to not remove interface
Previously, ENABLE command ended up freeing the hostapd_iface context on
initialization failures, but did not even remove the interface from the
list of available interfaces. This resulted in use of freed memory with
any following operation on the same interface. In addition, removing the
interface on initialization failure does not seem like the best
approach. Fix both of these issues by leaving the interface instance in
memory, but in disabled state so that the configuration can be fixed and
ENABLE used again to enable the interface or REMOVE used to remove the
interface.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-03 11:31:48 +02:00
Jouni Malinen
61323e70e1 Convert perror/printf calls to wpa_printf
This makes debug and error logging more consistent and allows them to be
directed to a file more easily.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-11-02 12:58:33 +02:00
Jouni Malinen
2aec4f3c0c Allow add-BSS operation to re-use existing netdev
When removing and re-adding the first wlan# netdev to hostapd
dynamically, the netdev is already present and should not be removed and
re-added to maintain its state as not-added-by-hostapd so that it does
not get removed automatically.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-31 22:34:25 +02:00
Jouni Malinen
5592065850 hostapd: Allow a single BSS to be removed from an interface
The global control interface command "REMOVE <ifname>" can now be used
to remove a single virtual interface (BSS) without affecting other
virtual interfaces on the same radio.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-31 22:30:15 +02:00
Kyeyoon Park
2e2fff37e9 hostapd: Allow a single BSS to be added to an interface
The global control interface command "ADD
bss_config=<phyname>:<config file>" can now be used to add a single
virtual interface (BSS) to an interface.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-31 22:30:15 +02:00
Kyeyoon Park
a1fb5692af hostapd: Make hostapd_interface_init_bss() available externally
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-31 22:00:31 +02:00
Kyeyoon Park
66936c6af8 hostapd: Make hostapd_init() available externally
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-31 22:00:31 +02:00
Kyeyoon Park
390e489c0d hostapd: Allow the first BSS in a multi-BSS setup to be removed
This moves the vif added check from core hostapd to the driver wrapper
(only driver_nl80211.c uses this) and reorders operations a bit to allow
the first BSS (vif) to be removed from a multi-BSS setup.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-31 22:00:31 +02:00
Kyeyoon Park
33b0b330ce hostapd: Fix error path in hostapd_add_iface()
Incorrect count variable was used in freeing up the BSS data.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-31 15:59:12 +02:00
Helmut Schaa
770ecdf27c ACS: Do not get stuck while failing to do a subsequent scan
Return control flow to hostapd by calling hostapd_acs_completed()
if requesting a scan from the underlying device fails.

Signed-hostapd: Helmut Schaa <helmut.schaa@googlemail.com>
2013-10-31 15:12:21 +02:00
Michal Kazior
813d4bac5a DFS: Add support for multi-BSS
If radar was detected single BSS is notified about it. This caused only
that single BSS to be stopped and restarted. However, due to nl80211
interface combinations the BSS was not started on a new channel and
other BSSes remained operating on the old channel.

The downside is that hostapd_disable_iface() causes deauth frames to be
sent. This is undesired but on the other hand it doesn't make sense to
create workarounds that imitate CSA's 'block tx'. For proper Tx
quiescing CSA should be properly implemented.

Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
2013-10-31 15:12:17 +02:00
Michal Kazior
954e71d270 DFS: Reset cac_started properly
If CAC was stopped but hostapd was not terminated cac_started would
remain set to 1.

Signed-off-by: Michal Kazior <michal.kazior@tieto.com>
2013-10-31 14:49:38 +02:00
Michal Kazior
6a398ddc9a DFS: Sanitize channel availability checks
Fixes corner case of holes in channel list and simplifies availability
checks.

Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
2013-10-31 14:49:06 +02:00
Michal Kazior
32595da608 DFS: Fix HT40/VHT calculation
Decouple HT/VHT offset/center-freq calculations from channel lookup.
This will be necessary for further improvements on the DFS codebase.

Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
2013-10-31 14:49:03 +02:00
Jouni Malinen
6f2db2fbdd hostapd: Validate configuration parameters on RELOAD command
Reject RELOAD control interface command if the dynamic configuration
changes have resulted into a state where the configuration is invalid.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-29 16:58:21 +02:00
Jouni Malinen
eff0fd1ee8 hostapd: Move generic configuration functions into src/ap
This allows the configuration validation routines to be called from
src/ap/*.c for runtime updates of configuration without reprocessing the
full configuration file.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-29 16:58:21 +02:00
Jouni Malinen
5afaa067d9 hostapd: Allow per-BSS (vif) configuration files
This provides a new option for configuring multiple virtual interfaces
(BSS) that share a single radio. The new command line parameter
-b<phyname>:<config file name> is used to define one or more virtual
interfaces for each PHY. The first such entry for a new PHY is used to
initialize the interface structure and all consecutive parameters that
have the same PHY name will be added as virtual BSS entries to that
interface. The radio parameters in the configuration files have to be
identical.

This can be used as an alternative for the bss=<ifname> separator and
multiple BSSes in a single configuration file design while still
allowing hostapd to control the PHY (struct hostapd_iface) as a group of
virtual interfaces (struct hostapd_data) so that common radio operations
like OLBC detection and HT40 co-ex scans can be done only once per real
radio.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-29 16:58:21 +02:00
Jouni Malinen
ebd79f07c4 hostapd: Make hostapd_config::bss array of pointers
This makes it more convenient to move BSS configuration entries between
struct hostapd_config instances to clean up per-BSS configuration file
design.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-29 16:58:21 +02:00
Jouni Malinen
a781e211f9 hostapd: Force PSK to be derived again on BSS reload
This may be needed if the wpa_psk information for previously derived
from passphrase and either the SSID or the passphrase has changed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-29 16:58:20 +02:00
Jouni Malinen
9f104b0324 hostapd: Reuse hostapd_clear_old() for RELOAD command
Instead of duplicating the functionality and missing changes (like the
hostapd_broadcast_wep_clear() call), use the hostapd_clear_old()
function that was already used for the similar case with configuration
file reload.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-29 16:09:34 +02:00
Eliad Peller
6b02335a96 hostapd: Mask out not-supported VHT capabilities
Mask the remote VHT capabilities with our own capabilities, similarly
to what is done for HT capabilities.

Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
2013-10-27 19:28:40 +02:00
Eliad Peller
7f0303d5b0 hostapd: Verify VHT 160/80+80 MHz driver support
Make sure the driver supports 160/80+80 MHz VHT capabilities
before trying to configure these channels.

Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
2013-10-27 19:17:23 +02:00
Eliad Peller
c781eb8428 hostapd: Verify VHT capabilities are supported by driver
Make sure the defined VHT capabilities are supported by the driver.

Signed-hostap: Eliad Peller <eliadx.peller@intel.com>
2013-10-27 19:11:29 +02:00
Jouni Malinen
e7ecab4a3b Use ARRAY_SIZE() macro
Replace the common sizeof(a)/sizeof(a[0]) constructions with a more
readable version.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-26 17:49:05 +03:00
Janusz Dziedzic
2e946249b1 DFS: Handle radar event when CAC actived correctly
When we have CAC active and receive a radar event, we should ignore
CAC_ABORT event and handle channel switch in the radar event handler.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-26 17:48:55 +03:00
Janusz Dziedzic
5eaf240af5 DFS: Fix overlapped() function to check only DFS channels
This fixes a problem when operating on non-DFS channel and receiving a
radar event for that channel. Previously, we would have decided to
switch channels.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-26 17:48:46 +03:00
Janusz Dziedzic
345276a6b5 DFS: Adjust center freq correctly for VHT20/VHT40
Setup correct seg0 for VHT with 20/40 MHz width (VHT_CHANWIDTH_USE_HT).

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-26 17:48:41 +03:00
Janusz Dziedzic
1dc17db34a DFS: Fix available channels list for VHT80
Add a table of available VHT80 channels. This table contains the first
available channel. We will also choose this first channel as the control
one.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-26 17:48:36 +03:00
Jouni Malinen
03610ad28d Clean up get_seqnum() use for IPN
Some driver wrappers may implement this by writing eight octets even
though IPN is only six octets. Use a separate WPA_KEY_RSC_LEN (8) octet
buffer in the call to make sure there is enough buffer room available
for the full returned value and then copy it to IPN field.

The previous implementation used the following igtk field as the extra
buffer and then initialized that field afterwards, so this change does
not fix any real issue in behavior, but it is cleaner to use an explicit
buffer of the maximum length for get_seqnum().

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-26 15:56:07 +03:00
Jouni Malinen
35f836375d DFS: Add forgotten break statement
The VHT_CHANWIDTH_160MHZ case fell through to the default case and
printed out a debug message that was not supposed to be shown here.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-10-26 15:55:09 +03:00
Helmut Schaa
677cf19091 hostapd: Select any supported channel if ACS fails
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
2013-10-23 00:44:48 +03:00
Helmut Schaa
20f9cb1842 hostapd: Allow ACS to deal with partial survey data
Previously ACS required valid survey data on all available channels.
This can however not be guaranteed. Instead of just failing, fall back
to the subset of channels that have valid ACS data.

Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
2013-10-23 00:44:41 +03:00
Helmut Schaa
3645fd5aae hostapd: Propagate ACS errors to iface setup
Otherwise hostapd might hang doing nothing anymore. Propagate ACS
errors so we can fail gracefully.

Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
2013-10-23 00:44:36 +03:00
Helmut Schaa
0e1d0b370f hostapd: Don't get stuck after failed ACS
If ACS fails we still need to call hostapd_setup_interface_complete.
Otherwise hostapd will just hang doing nothing anymore. However, pass
an error to hostapd_setup_interface_complete to allow a graceful fail.

Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
2013-10-23 00:44:30 +03:00
Jouni Malinen
9bc33868bf Add test option for specifying hardcoded BSS Load element
The new bss_load_test parameter can be used to configure hostapd to
advertise a fixed BSS Load element in Beacon and Probe Response frames
for testing purposes. This functionality is disabled in the build by
default and can be enabled with CONFIG_TESTING_OPTIONS=y.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Kyeyoon Park
c551700f1f Interworking: Add support for QoS Mapping functionality for the AP
This allows QoS Map Set element to be added to (Re)Association Response
frames and in QoS Map Configure frame. The QoS Mapping parameters are
also made available for the driver interface.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-10-18 14:13:45 +03:00
Janusz Dziedzic
899cc14e10 hostapd: Add support for DFS with 160 MHz channel width
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:06:16 +03:00
Janusz Dziedzic
6de0e0c99e Mark DFS functions static and rename them
These functions are not used from outside dfs.c anymore.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:05:54 +03:00
Janusz Dziedzic
58b73e3dd9 hostapd: DFS with 40/80 MHz channel width support
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:05:44 +03:00
Janusz Dziedzic
04e8003c6c nl80211: Use struct hostapd_freq_params with start_dfs_cac
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:05:31 +03:00
Janusz Dziedzic
72c753d7bb hostapd: Split hostapd_set_freq to helper function
This allows the functionality to fill in a struct hostapd_freq_params to
be shared.

Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:05:23 +03:00
Janusz Dziedzic
e76da50529 hostapd: Add AP DFS support
Add DFS structures/events handlers, CAC handling, and radar detection.
By default, after radar is detected or the channel became unavailable, a
random channel will be chosen.

This patches are based on the original work by Boris Presman and
Victor Goldenshtein. Most of the DFS code is moved to a new dfs.c/dfs.h
files.

Cc: Boris Presman <boris.presman@ti.com>
Cc: Victor Goldenshtein <victorg@ti.com>

Signed-hostap: Simon Wunderlich <siwu@hrz.tu-chemnitz.de>
Signed-hostap: Janusz Dziedzic <janusz.dziedzic@tieto.com>
2013-10-17 21:05:15 +03:00
Helmut Schaa
ded22b5390 hostapd: Fix segfault after ACS when flushing STAs
When hostapd receives an auth frame during ACS the transmission of
the according auth response will always fail:

ACS: Automatic channel selection started, this may take a bit
[..]
send_auth_reply: send: Resource temporarily unavailable
[..]

However, a station info entry was created. Once ACS is finished
it will flush all stations even though hapd was not yet fully
initialized. This results in a segfault when trying to access
hapd->radius:

0  0x0042c1c0 in radius_client_flush_auth ()
1  0x00416a94 in ap_free_sta ()
2  0x00416cc0 in hostapd_free_stas ()
3  0x0040bce8 in hostapd_flush_old_stations ()
4  0x0040c790 in hostapd_setup_interface_complete ()
5  0x0046347c in acs_scan_complete ()
6  0x0040f834 in hostapd_wpa_event ()
7  0x0043af08 in send_scan_event.part.46 ()
8  0x00443a64 in send_scan_event ()
9  0x00443c24 in do_process_drv_event ()
10 0x004449e8 in process_global_event ()
11 0x7767d7d0 in ?? ()

Fix this by not presuming anything about the initialization state of
hapd and checking ->radius before accessing.

Signed-off-hostapd: Helmut Schaa <helmut.schaa@googlemail.com>
2013-10-14 20:44:31 +03:00
Dmitry Shmidt
24d110dca3 Replace printf with wpa_printf debug message
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2013-10-14 20:40:57 +03:00
Jouni Malinen
0249c12596 Avoid compiler warning with CONFIG_NO_STDOUT_DEBUG=y
There is no need to use the bss variable which is used only within a
wpa_printf() call that can be conditionally removed from the build.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 19:24:17 +03:00
Jouni Malinen
ed1bf011da Allow hostapd config file for dynamically added interface
This extends hostapd global control interface command "ADD" to use a
configuration file instead of requiring configuration to be built using
SET command.

The command format is now following:
ADD <ifname> <control path|config=<path to config>>

For example:

ADD wlan0 /var/run/hostapd
ADD wlan0 config=/tmp/hostapd.conf

When using the configuration file option, ctrl_interface parameter in
the file needs to be set to allow ENABLE command to be issued on the new
interface.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 19:07:29 +03:00
Jouni Malinen
97bacf7cf6 Do not clear hostapd configuration parameters on disable-iface
There was a comment about the the cleanup steps being from
hostapd_cleanup_iface(). However, the operations that cleared some
security parameters do not seem to exist elsewhere and do not make sense
here. Remove them to avoid changing configuration with DISABLE followed
by ENABLE.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 18:35:32 +03:00
Jouni Malinen
66f4dd1550 hostapd: Fix couple of deinit path cases to clear pointers
This fixes some issues where dynamic interface enable/disable cycles
could end up trying to free resources twice and crash the process while
doing so.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-09-25 18:14:13 +03:00
Jouni Malinen
f2c566027e P2P: Add a command for removing a client from all groups
The new control interface command P2P_REMOVE_CLIENT <P2P Device
Address|iface=Address> can now be used to remove the specified client
from all groups (ongoing and persistent) in which the local device is a
GO. This will remove any per-client PSK entries and deauthenticate the
device.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
01a57fe420 P2P: Maintain list of per-client PSKs for persistent groups
Record all generated per-client PSKs in the persistent group network
block and configure these for the GO Authenticator whenever re-starting
the persistent group. This completes per-client PSK support for
persistent groups.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 21:35:10 +03:00
Jouni Malinen
759fd76b7f P2P: Select PSK based on Device Address instead of Interface Address
When using per-device PSKs, select the PSK based on the P2P Device
Address of the connecting client if that client is a P2P Device. This
allows the P2P Interface Address to be changed between P2P group
connections which may happen especially when using persistent groups.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 11:30:26 +03:00
Jouni Malinen
94ddef3e72 P2P: Make peer's P2P Device Address available to authenticator
This can be used to implement per-device PSK selection based on the
peer's P2P Device Address instead of P2P Interface Address.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 11:05:19 +03:00
Jouni Malinen
52177fbb70 P2P: Store P2P Device Address in per-device PSK records
This makes the P2P Device Address of the Enrollee available with the PSK
records to allow P2P Device Address instead of P2P Interface Address to
be used for finding the correct PSK.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 10:47:34 +03:00
Jouni Malinen
05766ed8de P2P: Allow per-device PSK to be assigned
"wpa_cli p2p_set per_sta_psk <0/1>" can now be used to disable/enable
use of per-device PSKs in P2P groups. This is disabled by default.
When enabled, a default passphrase is still generated by the GO for
legacy stations, but all P2P and non-P2P devices using WPS will get
a unique PSK.

This gives more protection for the P2P group by preventing clients from
being able to derive the unicast keys used by other clients. This is
also a step towards allowing specific clients to be removed from a group
reliably without having to tear down the full group to do so.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-09-01 10:14:29 +03:00
Michal Kazior
50f4f2a066 hostapd: Add Automatic Channel Selection (ACS) support
This adds ACS support to hostapd. Currently only survey-based
algorithm is available.

To use ACS you need to enable CONFIG_ACS=y in .config and use
channel=0 (or channel=acs_survey) in hostapd.conf.

For more details see wiki page [1] or comments in src/ap/acs.c.

[1]: http://wireless.kernel.org/en/users/Documentation/acs

Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
2013-08-31 11:51:06 +03:00
Michal Kazior
0185007c2e hostapd: Add survey dump support
This adds survey dump support for all frequencies
and for specific desired frequencies. This will later
be used by ACS code for spectrum heuristics.

Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
2013-08-25 18:35:25 +03:00
Michal Kazior
245e026ec8 hostapd: Split up channel checking into helpers
This splits up the channel checking upon initialization into a few
helpers. This should make this a bit easier to follow. This also paves
the way for some initial ACS entry code.

Signed-hostap: Michal Kazior <michal.kazior@tieto.com>
2013-08-25 18:35:20 +03:00
David Spinadel
239abaf2ab WPS: Set currently used RF band in RF Bands attribute
According to WSC specification (Ver 2.0.2, section 8.3), RF Bands
attribute should be set to the specific RF band used for the current
message. Add an option to set wanted band in wps_build_rf_bands() and
add a callback to get the current band from wpa_supplicant and hostapd.

Signed-hostap: David Spinadel <david.spinadel@intel.com>
2013-08-25 10:55:53 +03:00
Jouni Malinen
5bcd5c5a68 FT RRB: Clear pad field to avoid sending out uninitialized data
The pad field in the RRB messages is unused, but it should be
initialized to avoid sending out arbitrary data from stack. This was
also generating number of valgrind complaints about uninitialized memory
accesses in local FT tests.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-25 00:35:10 +03:00
Jeffin Mammen
e96872a4f2 WPS: Track peer MAC address from the last operations
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-08-23 17:48:59 +03:00
Jeffin Mammen
ae23935e7d WPS: Track PBC status
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-08-23 17:48:25 +03:00
Jeffin Mammen
61b6520e16 WPS: Track result of the latest WPS operation
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-08-23 17:48:20 +03:00
Jeffin Mammen
50396e29da WPS: Add PBC mode activated/disabled events
This makes it easier to track PBC state on the registrar.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-08-23 16:52:48 +03:00
Jouni Malinen
961750c1e8 WPS: Share a common function for error strings
This makes it easier to maintain the list of WPS_EI_* error values and
matching strings.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-08-23 16:32:34 +03:00
Jouni Malinen
d2ba3d6bd9 VLAN: Simplify no-WEP with VLAN check
No need to have a local variable and two #ifndef blocks for this.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-08-07 12:24:18 +03:00
Michael Braun
d66dcb0d0b WEP: Remove VLAN support from hostapd
This removes WEP with VLAN support and thus avoids increasing
complexity for tagged VLANs.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2013-08-07 12:22:38 +03:00
Michael Braun
c2db79f237 VLAN: Remove vlan_tail
Everything in hostapd can be implemented efficiently without vlan_tail.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2013-08-04 21:45:50 +03:00
Sujith Manoharan
69dd2967db WDS: Fix WEP usage with nl80211 wds_sta=1
The static WEP keys have to be configured for the new VLAN
interface that is created for a 4addr WDS peer, not doing so
breaks WEP functionality in nl80211/4addr based WDS links.

Signed-hostap: Sujith Manoharan <c_manoha@qca.qualcomm.com>
2013-07-20 17:41:22 +03:00
Sujith Manoharan
3f9a8137f5 hostapd: Add a config option to control beaconing
In a AP/STA concurrent setup, if the STA interface is continually
scanning, trying to connect to a network, the AP interface
is basically broken since beaconing would be erratic.

This option can be used in a WDS setup where one AP acts as a
Client/AP-Repeater. The Repeater AP interface has to start beaconing
only after the Client interface has established a WDS link with the
"Root AP".

Signed-hostap: Sujith Manoharan <c_manoha@qca.qualcomm.com>
2013-07-20 17:20:43 +03:00
Jouni Malinen
67fe933d40 Add server identity configuration for EAP server
The new server_id parameter in hostapd.conf can now be used to specify
which identity is delivered to the EAP peer with EAP methods that
support authenticated server identity.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-07-07 20:30:10 +03:00
Jouni Malinen
080585c01a Add support for OCSP stapling to validate server certificate
When using OpenSSL with TLS-based EAP methods, wpa_supplicant can now be
configured to use OCSP stapling (TLS certificate status request) with
ocsp=1 network block parameter. ocsp=2 can be used to require valid OCSP
response before connection is allowed to continue.

hostapd as EAP server can be configured to return cached OCSP response
using the new ocsp_stapling_response parameter and an external mechanism
for updating the response data (e.g., "openssl ocsp ..." command).

This allows wpa_supplicant to verify that the server certificate has not
been revoked as part of the EAP-TLS/PEAP/TTLS/FAST handshake before
actual data connection has been established (i.e., when a CRL could not
be fetched even if a distribution point were specified).

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-06-30 01:01:15 +03:00
Michael Braun
80ebfd9527 VLAN: Avoid access to non-existing interfaces
Currently, hostapd_get_vlan_id_ifname() is used to determine if a given
vlan is valid *and* to actually determine the interface. This leads to
wpa_set_keys() sometimes setting the key on the wildcard interface name,
which does not make sense.

This patch therefore adds hostapd_vlan_id_valid() and makes
hostapd_get_vlan_id_ifname() not return a wildcard interface.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2013-06-25 12:03:02 +03:00
Michael Braun
4345fe963e bridge: Track inter-BSS usage
Currently, struct hostapd_vlan is a per-BSS data structure which
also contains informations about whether to remove the bridge
or clear wlan / tagged-vlan interface from the bridge.

In a multi-interface multi-BSS setup, this can lead to the following
race condition:
 1. wlan0 creates VLAN A, sets DVLAN_CLEAN_BR and DVLAN_CLEAN_VLAN_PORT
 2. wlan1 creates VLAN A, does not set DVLAN_CLEAN_BR and
    DVLAN_CLEAN_VLAN_PORT as already there
 3. wlan0 removes VLAN A, removes tagged-interface from the bridge
    but not the bridge.
    Now wlan1 VLAN A is unusable due to the missing uplink.
 4. wlan1 removes VLAN A, does not cleanup

Solution:
This requires an inter-BSS inter-interface data structure to track the
bridge / bridge port usage within hostapd. This data structure could
also be used to track any other device-has-been-created-by-hostapd
information or when regarding interface freeing.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2013-06-25 12:00:10 +03:00
Michael Braun
459eee923c bridge: Use safe default bridge interface
Currently by default, all BSS share the bridge brvlan%d.
While this is sane when no tagged-interface is given, this
is insane when different tagged interfaces are given, as
it would result in bridging those tagged interfaces.

This patch therefore uses br%s%d with %s=tagged_interface
and %d=VLAN ID as bridge name when a tagged-interface is given.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2013-06-25 11:10:00 +03:00
Michael Braun
2aaeedfa07 bridge: Give bridge name in per-bss configuration
Currently, when different BSS using different tagged vlan
interfaces, they are forced to share the bridge brvlan#,
which is not desirable.

This patch fixes this by making the bridge name configurable.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2013-06-25 11:09:01 +03:00
Jouni Malinen
85b4eac364 P2P: Do not reply to 802.11b-only Probe Request frames as GO
If AP mode SME/MLME within wpa_supplicant is used for processing Probe
Request frames in GO mode, drop Probe Request frames that include only
802.11b rates per P2P spec section 2.4.1.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-06-19 19:16:23 +03:00
Kyeyoon Park
4331263b73 Fix session timeout after ANQP dummy STA entry with SME-in-driver
Upon association, disable the timer that removes the dummy STA. This
timer caused the STA that associates within 5 seconds of doing an ANQP
query to disassociate, thinking it's a dummy STA. Similar call was
already there for the SME/MLME-in-hostapd case in handle_auth(), but the
SME-in-driver case was not previously addressed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-06-18 17:40:51 +03:00
Jouni Malinen
3cb953e4b6 Do not set driver MAC ACL unless driver supports this
This cleans up debug log by not including comments about failed
operations in case the operation is known to fail due to not being
supported by the driver.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-05-24 13:37:22 +03:00
Vivek Natarajan
3c4ca36330 hostapd: Support MAC address based access control list
Enable MAC address based ACL for the drivers which advertise
this capabilty with NL80211_ATTR_MAC_ACL_MAX. Either of blacklist
or whitelist is supported, though, not simultaneously.

Signed-hostap: Vivek Natarajan <nataraja@qca.qualcomm.com>
2013-05-24 13:26:35 +03:00
Jouni Malinen
901d1fe1e5 WNM: Remove PMKSA cache entry on ESS disassoc imminent notification
This is needed to avoid allowing the STA to reconnect using a cached
PMKSA. ESS disassoc imminent notification is normally used to indicate
that the STA session will be terminated and as such, requiring full
authentication through the authentication server after this is needed.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-05-23 16:50:06 +03:00
Kyeyoon Park
d5b559b641 WNM: Add disassociation timeout processing for ESS_DISASSOC
The hostapd_cli ess_disassoc command now takes three arguments (STA MAC
address, timeout in ms, URL) and the STA is disconnected after the
specified timeout.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-05-20 11:13:40 +03:00
Jouni Malinen
c4bf83a723 P2P: No duplicate AP-STA-CONNECTED/DISCONNECTED as global event
These events are sent as a special case to both the group interface and
"parent interface" (i.e., the interface that was used for managing P2P
negotiation). The latter is not really correct event, so get rid of it
with the new global control interface design where there is no need to
support legacy upper layer implementations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-05-18 19:18:31 +03:00
Jouni Malinen
7793c959e6 Clean up AP-STA-CONNECTED/DISCONNECTED prints
Use shared code to print the parameters so that they do not need to be
generated four times separately.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-05-18 19:09:41 +03:00
Jouni Malinen
058c8636a7 FT RRB: Fix a memory leak on error path
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-05-18 09:49:26 +03:00
Simon Wunderlich
b113a171ac DFS: Add ieee80211h hostapd configuration parameter
This patch is based on the original work by Boris Presman and
Victor Goldenshtein. Channel Switch Announcement support has been
removed and event handling as well as channel set handling was
changed, among various other changes.

Cc: Boris Presman <boris.presman@ti.com>
Cc: Victor Goldenshtein <victorg@ti.com>
Signed-hostap: Simon Wunderlich <siwu@hrz.tu-chemnitz.de>
2013-05-09 20:14:53 +03:00
Johannes Berg
8543ed8a37 WPA: Print pairwise EAPOL-Key flag as a bool
Since "pairwise" is defined as an integer, the current assignment leads
to it having the value 0 or 8, which is a bit strange in debug output:

WPA: Send EAPOL(version=2 secure=1 mic=1 ack=1 install=1 pairwise=8
kde_len=46 keyidx=2 encr=1)

Use !!(...) to normalize it to 0 or 1.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-05-04 11:48:57 +03:00
Johannes Berg
7af092a015 hostapd: Add Key MIC in group EAPOL-Key frames corruption test option
For some testing it can be useful to force the Key MIC in group
EAPOL-Key frames to be corrupt. Add an option to allow setting a
probability for corrupting the Key MIC and use it in the WPA code,
increasing the first byte of the MIC by one to corrupt it if desired.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-05-04 11:45:03 +03:00
Ben Greear
728d97171b Use status code 17 (unable to handle new STA) on max-STA limitation
This is more useful information than the previously used value 1
(unspecified failure).

Signed-hostap: Ben Greear <greearb@candelatech.com>
2013-04-28 16:45:55 +03:00
Jouni Malinen
5e24dc8a4b Add dup_binstr() to help common binary string tasks
There are quite a few places in the current implementation where a nul
terminated string is generated from binary data. Add a helper function
to simplify the code a bit.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-27 23:44:59 +03:00
Jouni Malinen
2c48211c49 FT RRB: Validate os_malloc() return value before using it
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-04-27 23:05:15 +03:00
Michael Braun
7ca902b53e Make vlan_file optional if dynamic_vlan is used
My APs generate their configuration on their own using a different
number of (vlan-enabled) bss. Currently, all my vlan_file files consist
of a single line: the wildcard line. Configuration file generation would
be easier, if the hostapd configuration file would not depend on those
simple vlan_file files.

This patch removes the need for those one-line files by using the
<device>.<vlan> naming scheme if no vlan_file is given (or that file is
empty). This should not break any existing setup, as using dynamic_vlan
with no vlan configured does not make sense anyway.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2013-04-27 22:53:34 +03:00
Jouni Malinen
cc2ada868e nl80211: Reduce debug on Probe Request frames
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-04-24 01:01:21 +03:00
Johannes Berg
c2aff6b1d1 hostapd: Add some testing options
In order to test clients in scenarios where APs may (randomly)
drop certain management frames, introduce some testing options
into the hostapd configuration that can make it ignore certain
frames. For now, these are probe requests, authentication and
(re)association frames.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-04-23 17:51:28 +03:00
Jouni Malinen
3db5439a5f Optimize Extended Capabilities element to be of minimal length
Leave out zero octets from the end of the element.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-31 21:58:17 +03:00
Johannes Berg
8cd6b7bce8 hostapd/wpa_s: Use driver's extended capabilities
Some extended capabilities (I'm currently interested in "Operating Mode
Notification" for VHT) are implemented by the kernel driver and exported
in nl80211. Use these in hostapd/wpa_supplicant.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-03-31 21:51:44 +03:00
Jouni Malinen
a679c0f284 WPS: Allow hostapd process to control independent WPS interfaces
The new wps_independent=1 configuration parameter can be used to remove
interfaces from the shared hostapd process WPS control (i.e., to apply
WPS operations only to a subset of interfaces instead of all).

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-31 12:34:35 +03:00
Jouni Malinen
ccdff94035 WPS AP: Add support for reconfiguration with in-memory config
This allows WPS to update AP configuration in the case no hostapd
configuration file is used (i.e., dynamic configuration through the
control interface).

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-31 12:34:35 +03:00
Michael Braun
65a32cdbcb AP: Fix infinite loop in WPA state machine when out of random bytes
When the OS is out of random bytes in SM_STATE(WPA_PTK, AUTHENTICATION2)
in ap/wpa_auth.c, hostapd sends the sm to state DISCONNECT without
clearing ReAuthenticationRequest, resulting in an infinite loop.
Clearing sm->ReAuthenticationRequest using gdb fixes the running hostapd
instance for me. Also sm->Disconnect = TRUE should be used instead of
wpa_sta_disconnect() to make sure that the incomplete ANonce does not
get used.

Fix this issue by resetting sm->ReAuthenticationRequest even if the STA
gets disconnected and use sm->Disconnect instead of
wpa_sta_disconnect().

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2013-03-30 19:53:22 +02:00
Jouni Malinen
a5f61b2b87 Fix OLBC non-HT AP detection to check channel
A non-HT capable AP on any channel could have triggered us to enable
protection regardless of own operating channel if the driver delivered
Beacon frames from other channels. The channel detection in ap_list is
not exactly ideal, but most cases can be handled by checking ap->channel
against the currently configured channel (or secondary channel in case
of HT40).

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-30 18:05:18 +02:00
Jouni Malinen
69554d78f6 ap_list: Remove unused functions
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-30 17:06:50 +02:00
Jouni Malinen
08c99cafd2 ap_list: Remove unused iteration list pointers
This iter_next/iter_prev pointers were not really used for anything, so
get rid of the unnecessary complexity in the AP list maintenance.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-30 17:06:27 +02:00
Jouni Malinen
6b16917f39 ap_list: Remove unused fields
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-30 16:58:58 +02:00
Jouni Malinen
187f87f04c hostapd: Allow ctrl_iface group to be specified on command line
The new -G<group> command line argument can now be used to set the group
for the control interfaces to enable cases where hostapd is used without
a configuration file and the controlling program is not running with
root user privileges.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-03-29 17:09:31 +02:00
Jouni Malinen
b084df8b81 Add vendor_elements into Beacon/Probe Response IE parameters
Commit b52f084cfa introduced a mechanism
for adding arbitrary vendor-specific elements into the Beacon and Probe
Response frames. However, this information was not added to the separate
buffers used for specifying Beacon and Probe Response IEs for drivers
that build the frames internally. Add vendor_elements to these values,
too, to support such drivers in addition to drivers that use the full
Beacon tail/head buffers.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-03-21 15:41:27 +02:00
Felix Fietkau
ba873c1284 hostapd: Fix client reassociation after disconnect due to ACK failure
Clear WLAN_STA_ASSOC_REQ_OK, otherwise no Class 3 frame will be sent to
the disconnected STA in response to data frames.

Signed-hostap: Felix Fietkau <nbd@openwrt.org>
2013-03-16 12:35:49 +02:00
Johannes Berg
851b73eb28 hostapd: Make VHT IE struct more expressive
The VHT IE struct just has an opaque 8-byte array for the MCS
set, make it more expressive by explicitly naming the pieces.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-03-01 18:24:57 +02:00
Jouni Malinen
d8ed3a075a WPS: Fix OOB Device Password use in PSK1,PSK1 derivation
WSC specification 2.0 section 7.4 describes OOB password to be expressed
in ASCII format (upper case hexdump) instead of raw binary.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-24 10:57:49 +02:00
Jouni Malinen
8dabf4bb46 GAS server: Fix a regression in GAS server callback
Commit 2d9ffe1e85 broke GAS server
callback for receiving Public Action frames. The incorrect context
pointer was used in the public_action_cb2 case. Fix this to use the
correct context pointer.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-16 19:15:05 +02:00
Jouni Malinen
042ec551d4 WPS: Use pre-configured NFC password token instead of overriding it
"WPS_NFC_TOKEN <WPS/NDEF>" used to generate a new NFC password token
regardless of whether there was a pre-configured token in the
configuration. Change this to use the pre-configured value, if
available, instead. This allows the same command to be used to write the
password token to an NFC tag more conveniently.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-15 11:24:29 +02:00
Jouni Malinen
6772a90ad0 WPS: Add command for fetching carrier record for NFC handover
Control interface command "NFC_GET_HANDOVER_SEL NDEF WPS-CR" can now be
used to fetch WPS carrier record from hostapd.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-02-10 17:12:55 +02:00
Johannes Berg
3aea5fbe3b hostapd: Do not change HT40 capability due to OBSS scan
The capability itself isn't really affected by an OBSS
scan, only the HT operation must then be restricted to
20 MHz. Change this, and therefore use the secondary
channel configuration to determine the setting of the
OP_MODE_20MHZ_HT_STA_ASSOCED flag.

This shouldn't really change anything functionally,
it just makes the code a little less confusing and
is also needed to implement more dynamic bandwidth
changes if ever desired.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-02-09 12:16:58 +02:00
Raja Mani
3140803b6d nl80211: Add ctrl_iface message for AP mode connection rejection
When AP mode operation reject the client, nl80211 layer advertises the
connect failed event with the reason for failures (for example, max
client reached, etc.) using NL80211_CMD_CONN_FAILED.

This patch adds some debug messages whenever such an event is received
from the nl80211 layer and also the same event is posted to the upper
layer via wpa_msg().

Signed-off-by: Raja Mani <rmani@qca.qualcomm.com>
2013-02-07 15:24:53 +02:00
Jouni Malinen
2d9ffe1e85 P2P: Fix Action frame processing if Interworking is enabled
GAS server used the same public_action_cb mechanism as P2P to process
Action frames. This ended up overriding P2P processing of Action frames
while running an AP/GO interface with a build that enables Interworking
(e.g., for Hotspot 2.0) and a driver that uses hostapd for AP mode
SME/MLME. Fix this by adding a separate callback registration for the
GAS server. This should really be cleaned up by supporting arbitrary
number of callback handlers, but for now, this addresses the regression
with a minimal change.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-02-04 15:38:35 +02:00
Jouni Malinen
edbd2a191e Move cipher suite selection into common helper functions
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-13 16:58:54 +02:00
Jouni Malinen
b4fd3613d3 SAE: Free temporary buffers when moving to Accepted state
Most of the variables are not needed anymore once the SAE instance
has entered Accepted state. Free these to save memory.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:54 +02:00
Jouni Malinen
6917c9e829 Allow AP mode deauth/disassoc reason code to be overridden
The optional "reason=<reason code>" parameter to the ctrl_iface
deauthenticate and disassociate commands can now be used to change the
reason code used in the disconnection frame. This can be used, e.g., by
P2P GO to disconnect a single P2P client from the group by sending it an
indication of the group getting terminated (Deauthentication frame with
reason code 3). It needs to be noted that the peer device is still in
possession on the PSK, so it can still reconnect to the group after this
if it does not follow the group termination indication.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2013-01-12 17:51:54 +02:00
Jouni Malinen
5bfc46bb55 Extra validation to keep static analyzers happy
Use of two variables to track bounds checking seems to be a bit too much
for some static analyzers, so add an extra condition for buffer padding
to avoid incorrect warnings.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:53 +02:00
Jouni Malinen
559cdabb0f Use more explicit way of copying pointer value to a buffer
The code initializing GMK Counter uses the group pointer value as extra
entropy and to distinguish different group instances. Some static
analyzers complain about the sizeof(pointer) with memcpy, so use a more
explicit type casting to make it more obvious what the code is doing.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:53 +02:00
Jouni Malinen
a50414c322 SAE: Check random_get_bytes() return value
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:53 +02:00
Jouni Malinen
625f202a74 SAE: Allow enabled groups to be configured
hostapd.conf sae_groups parameter can now be used to limit the set of
groups that the AP allows for SAE. Similarly, sae_groups parameter is
wpa_supplicant.conf can be used to set the preferred order of groups. By
default, all implemented groups are enabled.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:53 +02:00
Jouni Malinen
a46d72d7d7 SAE: Maintain EC group context in struct sae_data
This can be used to share same EC group context through the SAE
exchange.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
d136c376f2 SAE: Add support for Anti-Clogging mechanism
hostapd can now be configured to use anti-clogging mechanism based on
the new sae_anti_clogging_threshold parameter (which is
dot11RSNASAEAntiCloggingThreshold in the standard). The token is
generated using a temporary key and the peer station's MAC address.
wpa_supplicant will re-try SAE authentication with the token included if
commit message is rejected with a token request.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
dd43026a19 SAE: Rename state variables to match IEEE 802.11 standard
The enum values for struct sae_data::state now match the protocol
instance states as defined in IEEE Std 802.11-2012, 11.3.8.2.2

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
47b55a3ef5 SAE: Use PMK in 4-way handshake
Use the PMK that is derived as part of the SAE authentication in the
4-way handshake instead of the PSK.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
f2e9818f73 SAE: Add processing of the confirm message
This adds validation of the received confirm messages for SAE.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
fb8fcc2950 SAE: Add generation of the confirm message fields
Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
146f6c9a00 SAE: Add processing of the commit message
This adds validation of the received commit messages and key derivation
for SAE.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
8e31e9550a SAE: Add generation of the commit message fields
This adds derivation of PWE and the needed commit values so that the
full SAE commit message can be built.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
750efe6ea6 SAE: Move related operations next to each other
There is no need to keep the two SAE steps separated from each other.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Jouni Malinen
98efcc4176 SAE: Use a shared data structure for AP and station
This makes it easier to share common functions for both roles.

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:51:52 +02:00
Johannes Berg
a9a1d0f08a hostapd: Pass VHT capabilities to driver wrapper
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-01-12 17:51:52 +02:00
Johannes Berg
fa4763369a hostapd: Allow configuring driver to VHT
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2013-01-12 17:51:52 +02:00
Jouni Malinen
2e8483bf12 Fix authenticator PMKSA cache expiration timer setup
The PMKSA cache expiration timer was not actually ever initialized since
the only place for registering the timeout was in the timeout handler.
Fix this by initializing the timer whenever a new PMKSA cache entry is
added to the beginning of the list (i.e., when it was the first entry or
expires before the entry that was previously going to expire first).
[Bug 393]

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:21:50 +02:00
Jouni Malinen
af220315e6 Fix EAPOL frame sending to non-QoS STAs
Commit 4378fc14eb started using QoS Data
frames for QoS STAs. It used the correct flags value for WPA/RSN
EAPOL-Key frames, but wrong flags for IEEE 802.1X EAPOL frames. The
WPA_STA_WMM value used in driver_nl80211.c happens to be identical to
WLAN_STA_ASSOC in sta->flags and this makes driver_nl80211.c try to use
QoS header for all STAs. Fix this by properly converting the flags from
WLAN_STA_* to WPA_STA_*. [Bug 426]

Signed-hostap: Jouni Malinen <j@w1.fi>
2013-01-12 17:01:54 +02:00
Jouni Malinen
2049a875bc WNM: Additional BSS Transition Management capability
Add some more functionality for BSS Transition Management:
- advertise support for BSS Transition Management in extended
  capabilities element
- add hostapd.conf parameter bss_transition=1 for enabling support
  for BSS Transition Management
- add "hostapd_cli disassoc_imminent <STA> <num TBTTs>" for sending
  disassociation imminent notifications for testing purposes
- wpa_supplicant: trigger a new scan to find another BSS if the
  current AP indicates disassociation imminent (TODO: the old AP needs
  to be marked to use lower priority to avoid re-selecting it)

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-22 20:27:30 +02:00
Jouni Malinen
8b24861154 Add Acct-Session-Id into Access-Request messages
This optional attribute may make it easier to bind together the
Access-Request and Accounting-Request messages. The accounting session
identifier is now generated when the STA associates instead of waiting
for the actual session to start after successfull authentication.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-18 18:13:31 +02:00
Vladimir Kondratiev
7829894c21 Introduce 60 GHz band
Basic support for the 60 GHz band. Neither P2P nor WPS are yet taken
care off. Allows to start AP with very simple config:

network={
        ssid="test"
        mode=2
        frequency=60480
        key_mgmt=NONE
}

Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com>
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-12-18 11:50:35 +02:00
Sven Eckelmann
f1b44874c2 Fix initialization of ap_table_{max_size,expiration_time}
The config says that the default for ap_table_max_size is 255 and the
default for ap_table_expiration_time is 60. But the code doesn't reflect
the default values mentioned in the sample config file.

These variables completely disable the code for Overlapping Legacy BSS
Condition by default when they are not correctly initialized. WFA
certification requires this feature and therefore an AP would have
failed the certification process unless they were initialized manually
using the configuration file.

Signed-hostap: Sven Eckelmann <sven@open-mesh.com>
Signed-hostap: Simon Wunderlich <simon@open-mesh.com>
2012-12-17 17:54:21 +02:00
Jouni Malinen
cd6be5c246 WPS: Use wps_rf_bands parameter to determine dualband functionality
If separate hostapd processes are used for different RF bands, the
dualband parameter for WPS was not set correctly. Allow dualband
indication (mainly, addition of RF bands attribute for PBC session
overlap detection) also based on wps_rf_bands value (if set to "ag").

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-17 16:06:10 +02:00
Jouni Malinen
0a66ce3c49 WNM: Add support for SSID List element matching
This allows Probe Request frame processing to compare the configured
SSID to the SSID List element in addition to the SSID element.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 21:22:24 +02:00
Jouni Malinen
b93c8509cc Add support for advertising UTF-8 SSID extended capability
This field can be used to indicate that UTF-8 encoding is used in the
SSID field.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 20:46:51 +02:00
Jouni Malinen
a8e93a1a01 WNM: Skip os_memcpy in wnmtfs_ie is NULL
It is cleaner to skip the memcpy call instead of trusting on the
length parameter being 0 in this case.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 19:48:39 +02:00
Jouni Malinen
835822d404 WNM: Fix GTK/IGTK encoding in WNM-Sleep Mode Exit frame
These subelements do not use AES key wrap (MFP is used instead).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 19:46:10 +02:00
Jouni Malinen
4da10640a7 WNM: Fix AP logic on when to include GTK/IGTK in WNM-Sleep Mode exit
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 19:27:09 +02:00
Jouni Malinen
615a5d559d WNM: Use defined macros for WNM-Sleep Mode Action Type values (AP)
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 19:24:06 +02:00
Jouni Malinen
c79938a584 WNM: Enable WNM-Sleep Mode configuration with hostapd SME/MLME
This allows hostapd to process WNM-Sleep Mode Request when using the
internal SME/MLME.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 19:16:17 +02:00
Jouni Malinen
ad3872a372 WNM: Use CONFIG_WNM more consistently
Replace CONFIG_IEEE80211V with CONFIG_WNM to get more consistent build
options for WNM-Sleep Mode operations. Previously it was possible to
define CONFIG_IEEE80211V without CONFIG_WNM which would break the build.
In addition, IEEE 802.11v has been merged into IEEE Std 802.11-2012 and
WNM is a better term to use for this new functionality anyway.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-12-16 18:22:54 +02:00
Jouni Malinen
b7593d35c1 Remove unnecessary PMKSA cache list modification
pmksa_cache_free_entry() takes care of updated the list head pointer
(pmksa->pmksa), so no need to do this change in the caller.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 19:45:54 +02:00
Jouni Malinen
f2a14be798 Use a shared function for freeing PSK list
There is no need to duplicate this code in multiple locations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 18:01:55 +02:00
Jouni Malinen
fc5550a1c2 Use RADIUS shared secret consistently in RX handler
Use the shared_secret pointer from RADIUS client implementation instead
of getting this from hostapd configuration data.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 17:57:16 +02:00
Michael Braun
5ee56c4e19 Keep and use list of PSKs per station for RADIUS-based PSK
This adds support for multiple PSKs per station when using a RADIUS
authentication server to fetch the PSKs during MAC address
authentication step. This can be useful if multiple users share a
device but each user has his or her own private passphrase.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2012-11-25 17:57:16 +02:00
Michael Braun
2ad3e6c858 Cache a list of PSK entries for RADIUS-based PSK delivery
Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2012-11-25 17:57:16 +02:00
Michael Braun
14e919478e Extend radius_msg_get_tunnel_password() to support multiple passwords
The new function parameter can now be used to specify which password to
return.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2012-11-25 17:19:04 +02:00
Jouni Malinen
1a2d22a242 Remove unneeded header file inclusion
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-25 17:06:38 +02:00
Johannes Berg
3117ad4283 hostapd: Add second VHT frequency segment config
Add the configuration option vht_oper_centr_freq_seg1_idx
for the second segment of an 80+80 MHz channel and use it
when building the VHT operation IE.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2012-11-24 18:02:29 +02:00
Johannes Berg
202d97d477 hostapd: Add VHT PHY selector if VHT is required
If VHT is required, add the VHT PHY selector to
the (extended) supported rates IE.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2012-11-24 17:27:16 +02:00
Jouni Malinen
f403dcd648 HS 2.0: Maintain a copy of HS 2.0 Indication from Association Request
This allows the AP to figure out whether a station is a HS 2.0 STA
during the association and access any information that the STA may have
included in this element.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-11-24 12:24:31 +02:00
Jouni Malinen
ee431d77a5 Add preliminary support for using SQLite for eap_user database
CONFIG_SQLITE=y option can now be used to allow the eap_user_file text
file to be replaced with a SQLite database
(eap_user_file=sqlite:/path/to/sqlite.db). hostapd.eap_user_sqlite
shows an example of how the database tables can be created for this
purpose. This commit does not yet include full functionality of the
text file format, but at least basic EAP-TTLS/MSCHAPv2 style
authentication mechanisms with plaintext passwords can be used for
tests.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-21 00:47:47 +02:00
Jouni Malinen
c772d054c2 hostapd: Fix a regression in TKIP countermeasures processing
Commit 296a34f0c1 changed hostapd to
remove the internal STA entry at the beginning of TKIP countermeasures.
However, this did not take into account the case where this is triggered
by an EAPOL-Key error report from a station. In such a case, WPA
authenticator state machine may continue processing after having
processed the error report. This could result in use of freed memory.
Fix this by stopping WPA processing if the STA entry got removed.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-18 13:06:03 +02:00
Jouni Malinen
8cd93a01a9 Check hapd_iface more consistently in hostapd_disable_iface()
There is no point in the hapd_iface == NULL validate after this pointer
has been dereferences, so move the code dereferencing hapd_iface after
the check.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-11 13:11:15 +02:00
Jouni Malinen
207fb86411 WPS: Remove deprecated UFD config method and OOB ctrl_iface
The UFD (USB flash drive) configuration method was deprecated in WSC
2.0. Since this is not known to be used, remove the UFD implementation
from hostapd and wpa_supplicant to allow the WPS implementation to be
cleaned up. This removes the now unused OOB operations and ctrl_iface
commands that had already been deprecated by the new NFC operations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-11-11 13:01:06 +02:00
Jouni Malinen
9f36eac6e5 WPS: Remove old OOB NFC interface
The old WPS interface for using NFC has no known deployments and even
the binary libraries referenced here are not easily available anymore.
Since the new interface for using NFC with WPS covers the same
functionality, remove the old implementation to clean up WPS
implementation.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-10-28 18:20:03 +02:00
David Bird
f826635c2d Fix EAPOL processing when STA switches between multi-BSSes
There was an issue with EAPOL frame exchanges in a multi-BSS
configuration when a station switches between the BSSes controlled by
the same hostapd process. When processing the EAPOL packet, the array of
virtual APs (iface->bss) is searched looking for the station that sent
the packet in order to identify which signal context should be used
during processing. The first match of the station in its list gets used
in the ieee802_1x_receive() function. However, even after a station has
disassociated, it remains in the list of stations pending an inactivity
timeout. This leads to the wrong hapd context (one where the station had
already disassociated) being used in some cases (if the current/active
bss entry appears in the list after one where the station has just
disassociated from) for EAPOL processing.

Fix this by checking the WLAN_STA_ASSOC flag before assuming the right
hapd context was found for the given station.

Signed-hostap: David Bird <dbird@powercloudsystems.com>
intended-for: hostap-1
2012-10-25 09:20:15 +03:00
Jouni Malinen
21af6d15a8 SAE: Add Finite Cyclic Group negotiation and Send-Confirm
This replaces the previously used bogus test data in SAE messages with
the first real field. The actual SAE authentication mechanism is still
missing and the Scaler, Element, and Confirm fields are not included.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-10-06 19:30:54 +03:00
Jouni Malinen
c10347f246 Add initial parts for SAE
This introduces new AKM for SAE and FT-SAE and adds the initial parts
for going through the SAE Authentication frame exchange. The actual SAE
algorithm and new fields in Authentication frames are not yet included
in this commit and will be added separately. This version is able to
complete a dummy authentication with the correct authentication
algorithm and transaction values to allow cfg80211/mac80211 drivers to
be tested (all the missing parts can be handled with
hostapd/wpa_supplicant changes).

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-30 19:51:07 +03:00
Raja Mani
39b1572c41 Include connected time in AP mode STA-* commands
This allows hostapd_cli and wpa_cli all_sta command to be used to
display connected time (in seconds) of each station in AP mode.

Signed-hostap: Raja Mani <rmani@qca.qualcomm.com>
2012-09-26 13:52:19 +03:00
Felix Fietkau
9974381109 hostapd: Add check for the wds sta flag before creating 4addr VLANs
Signed-hostap: Felix Fietkau <nbd@openwrt.org>
2012-09-23 13:25:49 +03:00
Felix Fietkau
22b42372d0 hostapd: Clear WLAN_STA_ASSOC_REQ_OK if sending the assoc response failed
As long as WLAN_STA_ASSOC_REQ_OK is set in sta->flags, Class 3 frames do
not trigger a disassoc/deauth. If it is still set even after the assoc
response tx has already failed, it may take somewhat longer for clients
to realize that the connection wasn't fully established.

Signed-hostap: Felix Fietkau <nbd@openwrt.org>
2012-09-23 13:23:16 +03:00
Jouni Malinen
ce6ce7fb13 hostapd: Fix CONFIG_INTERWORKING=y build without CONFIG_HS20=y
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-15 22:37:27 -07:00
Arik Nemtsov
4425645113 AP: Configure basic rates from iface and not conf
The conf doesn't contain any basic rates in some cases. Most notably,
when starting a P2P GO in 5 GHz. Use the iface rates which are
initialized in hostapd_prepare_rates() to the conf rates or set to
default values if no conf values exist. This fixes a bug introduced in
commit e5693c4775.

Signed-hostap: Arik Nemtsov <arik@wizery.com>
2012-09-07 00:22:40 +03:00
Jouni Malinen
f0898e9519 Make copies basic_rates list more useful
Commit e5693c4775 added a copy of the
determined basic rate set into struct hostapd_iface, but did not
actually copy the terminating -1 value. This could be problematic if
something were to actually try to use this list since would be no way to
know what is the last entry in the list. Fix this by copying the
terminating value.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-09-07 00:15:53 +03:00
Jouni Malinen
c3550295fb Move WPA cipher information into a shared location
Try to share most of the cipher information like key and RSC lengths and
suite selector conversions, etc. in wpa_common.c to avoid having similar
code throughout the WPA implementation for handling cipher specific
behavior.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-30 11:53:54 +03:00
Jouni Malinen
9675ce354a WFD: Add Wi-Fi Display support
This commit adds control interface commands and internal storage of
Wi-Fi Display related configuration. In addition, WFD IE is now added
to various P2P frames, Probe Request/Response, and (Re)Association
Request/Response frames. WFD subelements from peers are stored in the
P2P peer table.

Following control interface commands are now available:
SET wifi_display <0/1>
GET wifi_display
WFD_SUBELEM_SET <subelem> [hexdump of length+body]
WFD_SUBELEM_GET <subelem>

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-29 19:51:29 +03:00
Jouni Malinen
eb7719ff22 Add support for using GCMP cipher from IEEE 802.11ad
This allows both hostapd and wpa_supplicant to be used to derive and
configure keys for GCMP. This is quite similar to CCMP key
configuration, but a different cipher suite and somewhat different rules
are used in cipher selection. It should be noted that GCMP is not
included in default parameters at least for now, so explicit
pairwise/group configuration is needed to enable it. This may change in
the future to allow GCMP to be selected automatically in cases where
CCMP could have been used.

This commit does not included changes to WPS or P2P to allow GCMP to be
used.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-29 11:52:15 +03:00
Jouni Malinen
b52f084cfa Add parameter for vendor specific elements into Beacon/Probe Response
The new vendor_elements parameter in hostapd.conf can be used to add new
vendor specific element(s) into Beacon and Probe Response frames.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-27 16:20:10 +03:00
Jay Katabathuni
43f51e2aa0 HS 2.0: Add NAI Home Realm query
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-26 18:59:15 +03:00
Jay Katabathuni
8047b18691 Interworking: Add advertising of NAI Realm list
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-26 18:59:12 +03:00
Jay Katabathuni
a9277e85ca HS 2.0: Add advertisement of Operator Friendly Name
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-25 21:39:19 +03:00
Jouni Malinen
1792e58dbb Interworking: Use generic language,string parser
Replace the Venue Name specific data structure and parser with a
generic mechanism that can be used with other fields that use the
same format.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-25 21:39:00 +03:00
Jay Katabathuni
4065a3092b HS 2.0: Add advertisement of WAN Metrics
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-25 20:28:40 +03:00
Jay Katabathuni
5ccc54aae4 HS 2.0: Add advertisement of Connection Capability
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-25 19:16:09 +03:00
Jay Katabathuni
df5934f194 HS 2.0: Add advertising of Operating Class Indication
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-25 18:26:32 +03:00
Jay Katabathuni
7515adb2b1 Interworking: Add advertising of 3GPP Cellular Network info
The anqp_3gpp_cell_net parameter can be used to configure hostapd
to advertise 3GPP Cellular Network ANQP information.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-25 18:26:28 +03:00
Shan Palanisamy
78c4ef2184 Support no-config-file in WPS AP settings updates
This is required for WPS open mode with control interface -based
configuration.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-25 13:48:34 +03:00
Shan Palanisamy
06bb8c62ff hostapd: Add global ctrl_iface commands for adding/removing interfaces
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-25 13:47:49 +03:00
Shan Palanisamy
7554565299 hostapd: Add ctrl_iface for enabling/reloading/disabling interface
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-25 13:47:36 +03:00
Shan Palanisamy
c90fd48514 hostapd: Add global control interface
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-25 13:47:24 +03:00
Jouni Malinen
3776ac73b2 Move hostapd global callback functions into hapd_interfaces
These function pointers are going to be the same for each interface so
there is no need to keep them in struct hostapd_iface. Moving them to
struct hapd_interfaces makes it easier to add interfaces at run time.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-25 13:47:05 +03:00
Jouni Malinen
09ad3bb4d4 Remove unnecessary header file inclusion
Commit bfc62fe133 moved the code that
using crypto/random.h, but forgot to remove the inclusion of that header
file.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-19 18:44:53 +03:00
Jouni Malinen
34caf71a09 Handle EVENT_RX_MGMT validation consistently
All the other places processing EVENT_RX_MGMT events assume that the
event data is included, so not much point in verifying that here.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-19 18:38:27 +03:00
Jouni Malinen
41fe8b42b5 Show an error message if sending of Action frame fails
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-19 18:34:16 +03:00
Jouni Malinen
3489cfb09c Use a shared helper function for merging supported rate lists
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-19 17:52:41 +03:00
Michael Braun
be9e8c293c Add User-Name/CUI from RADIUS ACL in Accounting messages
This allows User-Name and Chargeable-User-Identity attributes to be
passed from Access-Accept into Accounting messages even when IEEE 802.1X
is not used.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2012-08-19 14:27:30 +03:00
Michael Braun
1a819aa7d5 Initialize EAPOL auth identity/cui with STA entry data
If RADIUS ACL was used for the STA, identity/cui may already be
known at this point.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2012-08-19 14:23:20 +03:00
Michael Braun
2092597fee Copy User-Name/CUI from RADIUS ACL to STA entry
Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2012-08-19 14:20:10 +03:00
Michael Braun
35eeaac324 Store User-Name and CUI in RADIUS ACL cache
These can be used for Accounting messages when IEEE 802.1X is not used.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2012-08-19 14:09:28 +03:00
Jouni Malinen
bd1410197e Remove an extra level of indentation in hostapd_acl_cache_get()
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-19 13:46:23 +03:00
Jouni Malinen
067ffa2696 Convert os_realloc() for an array to use os_realloc_array()
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-13 21:21:23 +03:00
Jouni Malinen
f9884c096a Convert os_zalloc() for an array to use os_calloc()
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-13 20:44:21 +03:00
Jouni Malinen
623ecdd5a2 Remove default ACM=1 from AC_VO and AC_VI
There is no need to mandate admission control (ACM=1) by default, so
clear that flag in the case the configuration file does not specify
wmm_ac_{vo,vi}_acm value. This gets closer to the values mentioned
in the sample hostapd.conf file and reduces the need to specify WMM
parameters in the configuration file for most common use cases.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-12 11:36:45 +03:00
Yoni Divinsky
eda070f14f Move WMM AC parameter parser into a common file
This allows the same implementation to be used for wpa_supplicant, too.

Signed-hostap: Yoni Divinsky <yoni.divinsky@ti.com>
2012-08-12 11:33:00 +03:00
Christian Lamparter
f0c7a986bb AP: Fix erroneous "station tried TKIP" error
The commit b5fd8b1833
"VHT: Do not allow use of TKIP with VHT" introduced
an off-by-one regression: a WPA/RSN 11n AP would no
longer accept stations to connect, instead it would
produce a bogus error message:
... Station tried to use TKIP with HT association.

Signed-hostapd: Christian Lamparter <chunkeey@googlemail.com>
2012-08-11 10:53:03 +03:00
Mahesh Palivela
9615994ea6 VHT: Add configuration of operating center frequency
Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-08-10 19:54:54 +03:00
Mahesh Palivela
140e850a66 VHT: Add option for requiring use of VHT
Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-08-10 19:53:24 +03:00
Mahesh Palivela
14708b501f VHT: Add VHT elements into (Re)Association Response
Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-08-10 19:51:17 +03:00
Mahesh Palivela
b5fd8b1833 VHT: Do not allow use of TKIP with VHT
Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-08-10 19:50:37 +03:00
Mahesh Palivela
de3cdf354a VHT: Store VHT capabilities and manage VHT flag for STAs
Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-08-10 19:49:18 +03:00
Michael Braun
473b6f22e9 Fix WPA GTK rekeying with multiple VLANs
When using multiple VLANs, GKeyDoneStations counter is not updated
properly since wpa_auth_for_each_sta() call in wpa_group_setkeys() ends
up iterating through all STAs and not just the STAs of a specific
wpa_group (VLAN). Consequently, GTK rekeying gets initialized multiple
times if more than a single group state machine exists. Fix this by
iterating only through the STAs in the specific wpa_group.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
intended-for: hostap-1
2012-08-10 16:51:56 +03:00
Michael Braun
03a6a2e972 Add option to use netlink to create and remove VLAN interfaces
CONFIG_VLAN_NETLINK=y build option can now be used to replace the
ioctl()-based interface for creating and removing VLAN interfaces
with netlink-based interface.

Signed-hostap: M. Braun <michael-dev@fami-braun.de>
2012-08-10 14:09:05 +03:00
Michael Braun
a00237ceb8 Add hostapd configuration option to set VLAN naming scheme
Signed-hostap: M. Braun <michael-dev@fami-braun.de>
2012-08-10 14:09:03 +03:00
Jouni Malinen
70a26e708c Share a single definition of EAPOL-Key structure for WEP keys
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 21:27:01 +03:00
Jouni Malinen
d56af7f8cb Fix byte order of VHT Basic MCS set for big endian hosts
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 20:49:23 +03:00
Jouni Malinen
8bea63e095 Use shared function for adding common RADIUS attributes
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 19:13:15 +03:00
Jouni Malinen
e100828b76 Return wpabuf from radius_msg_get_eap()
This simplifies the implementation by using the buffer type to which the
returned data will be converted anyway. This avoids one memory
allocation for each processed RADIUS message.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 18:14:42 +03:00
Jouni Malinen
e122bb70b8 hostapd: Add alternative format for configuring SSID
The new ssid2 parameter can be used as an alternative mechanism for
configuring SSID for hostapd. It uses the same formats that
wpa_supplicant uses in the configuration file for strings.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 16:27:40 +03:00
Jouni Malinen
986de33d5c Convert remaining SSID routines from char* to u8*
This makes it more explicit that the SSID is not a null terminated
C string.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 16:07:25 +03:00
Jouni Malinen
771e2f7b33 GAS server: Add forgotten break statement to a switch case
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-07 15:46:26 +03:00
Baruch Siach
37d428aef9 accounting: Staticise accounting_sta_interim
This routine is not used anywhere else.

Signed-hostap: Baruch Siach <baruch@tkos.co.il>
2012-08-05 19:40:49 +03:00
Michael Braun
59dff51dc8 Fix endless loop in PSK fetching with PSK-from-RADIUS
Commit 05ab9712b9 added support for
fetching WPA PSK from an external RADIUS server and changed
hostapd_wpa_auth_get_psk() to always return the RADIUS supplied PSK (if
set) and ignore the prev_psk parameter for iteration. Fix this by
appending the RADIUS supplied PSK to the list iterated by
hostapd_get_psk and thus returning NULL when prev_psk == sta->psk
(RADIUS).

Signed-hostap: M. Braun <michael-dev@fami-braun.de>
2012-08-04 20:55:47 +03:00
Xi Chen
d32d94dbf4 WNM: Add WNM-Sleep Mode implementation for AP
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:21:23 +03:00
Xi Chen
a884be9da1 WNM: Add placeholders for WNM driver commands and events
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:21:20 +03:00
Jouni Malinen
5c61a2820f Fix compiler warning with wpa_supplicant AP builds without 802.11r
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-08-01 13:14:09 +03:00
Mahesh Palivela
7d9c0cd345 Add support for using SA Query with drivers that implement MLME
This allows the SA Query mechanism in hostapd to be used with drivers
that implement authentication and association MLME/SME.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:11:56 +03:00
Shan Palanisamy
88b32a99d3 FT: Add FT AP support for drivers that manage MLME internally
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-08-01 13:11:53 +03:00
Jay Katabathuni
45ac307a2b HS 2.0: Add HS Capability element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 22:25:23 +03:00
Jay Katabathuni
26fac8b6a0 Interworking: Add Domain Name element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 22:25:19 +03:00
Jay Katabathuni
78bda93e83 Interworking: Add IP Address Type Availability element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 22:25:16 +03:00
Jay Katabathuni
550a3958f7 Interworking: Add Network Auth Type element (AP)
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 22:25:14 +03:00
Jouni Malinen
8342185012 HS 2.0: Add mechanism for disabling DGAF
disable_dgaf=1 in hostapd.conf can now be used to disable downstream
group-addressed forwarding (DGAF). In this configuration, a unique
GTK (and IGTK) is provided to each STA in the BSS to make sure the
keys do not match and no STA can forge group-addressed frames.

An additional mechanism in the AP needs to be provided to handle some
group-addressed frames, e.g., by converting DHCP packets to unicast
IEEE 802.11 frames regardless of their destination IP address and by
providing Proxy ARP functionality.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 18:23:52 +03:00
Jay Katabathuni
19a8ad9944 HS 2.0: Add Hotspot 2.0 Indication for AP
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 18:23:38 +03:00
Jay Katabathuni
159c89ab4f HS 2.0: Add configuration for Hotspot 2.0 AP support
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-07-30 18:23:11 +03:00
Jouni Malinen
c7803a0294 Fix AP build without NEED_AP_MLME
Commit 1b487b8b1e added CH_SWITCH
event for nl80211, but ended up using hostapd_hw_get_channel()
regardless of build configuration for driver interfaces. This
function is not always available, so make its use conditional
on NEED_AP_MLME.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-07-07 12:34:48 +03:00
Mahesh Palivela
532b16c7a9 hostapd: Add IEEE 802.11ac VHT IEs into Beacon/Probe Response
IEEE 802.11ac VHT changes to include VHT IEs in Beacon and Probe
Response frames.

Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-06-30 13:57:52 +03:00
Mahesh Palivela
efe45d1471 hostapd: Initial IEEE 802.11ac (VHT) definitions
Add IEEE 802.11ac definitions for config, IEEE structures, constants.

Signed-hostap: Mahesh Palivela <maheshp@posedge.com>
2012-06-30 13:52:13 +03:00
Jouni Malinen
bfc62fe133 WPS: Share a single function for generating NFS password tokens
There is no need for both hostapd and wpa_supplicant to have their
own functions for this.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 21:01:37 +03:00
Jouni Malinen
72df0cd28c WPS: Use random_get_bytes() for NFC password id
os_random() may not be seeded properly, so use stronger mechanism for
generating the password id for NFC password tokens.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 20:40:16 +03:00
Jouni Malinen
ffdaa05a6b WPS: Add support for NCF password token from AP
The new hostapd ctrl_iface command WPS_NFC_TOKEN can now be used to
manage AP-as-Enrollee operations with NFC password token. WPS/NDEF
parameters to this command can be used to generate a new NFC password
token. enable/disable parameters can be used to enable/disable use of
NFC password token (instead of AP PIN) for external Registrars.

A preconfigured NFS password token can be used by providing its
parameters with new hostapd.conf fields wps_nfc_dev_pw_id,
wps_nfc_dh_pubkey, wps_nfc_dh_privkey, and wps_nfc_dev_pw. This use
will also depend on WPS_NFC_TOKEN enable/disable commands, i.e., the
configured NFS password token is disabled by default.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 19:43:29 +03:00
Jouni Malinen
3cf7a59d4f WPS: Add new mechanism for generation NFC configuration token
The new hostapd ctrl_iface command WPS_NFC_CONFIG_TOKEN can now be used
to fetch payload for an NFC configuration token so that an external
program can be used to write this on an NFC tag.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-28 13:25:48 +03:00
Jouni Malinen
bb45b6d79a WPS: Add new mechanism for communicating NFC tag read events
hostapd ctrl_iface can now be used to deliver payload from read
operation of an NFC tag. This allows operations without having to have
low-level NFC code within hostapd. For now, the new wps_nfc_tag_read
command can be used with NFC password tokens for the case where the AP
has an NFC device that is used to read an NFC tag from the station
Enrollee.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-27 21:22:13 +03:00
Thomas Pedersen
1b487b8b1e nl80211: Handle CH_SWITCH event
Some drivers may independently decide to switch channels. Handle this by
updating the hostapd and wpa_supplicant AP and GO configuration.

Signed-hostap: Thomas Pedersen <c_tpeder@qca.qualcomm.com>
2012-06-25 14:45:14 +03:00
Jouni Malinen
296a34f0c1 Remove STA entry from AP when starting TKIP countermeasures
Previously, the STA entry was removed only from the driver and the STA
entry within hostapd was just marked disassociated. However, this left
the WPA authenticator state machine with an entry and the session was
not terminated properly. In addition, the STA entry could have remaining
indefinitely if the STA did not reconnect after TKIP countermeasures.
Fix this by removing the STA entry from hostapd instead of just leaving
it disassociated.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-25 13:53:24 +03:00
Jouni Malinen
182748e4fb Copy Chargeable-User-Identity in PMKSA caching case
Maintain a copy of Chargeable-User-Identity in the PMKSA cache to allow
it to be included in accounting messages even if full authentication was
not completed.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-17 19:51:57 +03:00
Jouni Malinen
302fc0a3c7 RADIUS DAS: Support Chargeable-User-Identity with Disconnect-Request
Chargeable-User-Identity can now be used in Disconnect-Request to
identify the station to be disconnected.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-17 19:44:46 +03:00
Jouni Malinen
8047a95809 RADIUS DAS: Add support for Disconnect-Request
Calling-Station-Id, Acct-Session-Id, and User-Name attributes in a
Disconnect-Request message can now be used to indicate which station is
to be disconnected.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-17 19:30:01 +03:00
Jouni Malinen
bde7ba6caf RADIUS DAS: Validate Event-Timestamp
DAS will now validate Event-Timestamp value to be within an acceptable
time window (300 seconds by default; can be set using
radius_das_time_window parameter). In addition, Event-Timestamp can be
required in Disconnect-Request and CoA-Request messages with
radius_das_require_event_timestamp=1.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-06-17 17:43:36 +03:00
Masashi Honma
c2d76aa624 P2P: Add p2p_client_list support for FullMAC Persistent GO
Currently, FullMAC Persistent GO can't use p2p_client_list because its
own hapd->p2p_group is NULL at ap_sta_set_authorized(). This patch
changes the processing to use sta->p2p_ie instead of
p2p_group_get_dev_addr() on FullMAC GO.

Signed-hostap: Masashi Honma <masashi.honma@gmail.com>
2012-06-17 11:58:46 +03:00
Antonio Quartulli
dada954ad7 sta_info: Remove duplicated function declaration
In sta_info.h, ap_free_sta() was declared twice.

Signed-off-by: Antonio Quartulli <ordex@autistici.org>
2012-06-09 12:54:00 +03:00
Jouni Malinen
8bd0fc0e0c Force driver to disassociate STA if no room for the STA entry
When hostapd (or wpa_supplicant AP mode) limits the maximum number
of STA entries with a driver that implements SME, the driver needs
to be notified of the failed STA addition. Disassociate the STA if
the driver notifies of an association that would go beyond the
maximum number of STAs.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-05-27 21:21:37 -07:00
Jouni Malinen
b6668734ab WNM: Add advertisement of BSS max idle period
If WNM is enabled for the build (CONFIG_WNM=y), add BSS max idle period
information to the (Re)Association Response frame from the AP and parse
this information on the station. For SME-in-wpa_supplicant case, add a
timer to handle periodic transmission of the keep-alive frame. The
actual request for the driver to transmit a frame is not yet
implemented.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-27 17:35:00 -07:00
Jouni Malinen
b031338cf0 Add preliminary RADIUS dynamic authorization server (RFC 5176)
This adds the basic DAS mechanism to enable hostapd to be configured
to request dynamic authorization requests (Disconnect-Request and
CoA-Request). This commit does not add actual processing of the
requests, i.e., this will only receive and authenticate the requests
and NAK them regardless of what operation is requested.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-06 22:02:42 +03:00
Jouni Malinen
af35e7af7f hostapd: Allow addition of arbitrary RADIUS attributes
New configuration parameters radius_auth_req_attr and
radius_acct_req_attr can now be used to add (or override) RADIUS
attributes in Access-Request and Accounting-Request packets.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-05 20:19:56 +03:00
Jouni Malinen
86f6053aa2 hostapd: Add optional Chargeable-User-Identity request (RFC 4372)
radius_request_cui=1 configuration parameter can now be used to
configure hostapd to request CUI from the RADIUS server by including
Chargeable-User-Identity attribute into Access-Request packets.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-05 18:19:54 +03:00
Jouni Malinen
4e132a618e hostapd: Copy Chargeable-User-Identity into accounting (RFC 4372)
If Access-Accept packet includes the Chargeable-User-Identity attribute,
copy this attribute as-is into accounting messages.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-05-05 18:05:09 +03:00
Jouni Malinen
d84b913955 Remove unused variable
Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-28 18:30:41 +03:00
Jouni Malinen
1ceb0e1778 Fix validation of PSK-from-RADIUS-server required response
cache->psk is an array and never NULL. The check here needs to check the
cache->has_psk flag instead.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-21 19:46:58 +03:00
Jouni Malinen
a625ff6059 AP: Reschedule ap_handle_timer event on (re)association
Previously, the timeout scheduled during the previous association was
used after reassociation if the STA entry had not yet been removed. The
next timeout does not need to happen that quickly, so reschedule it
during reassociation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-11 14:24:24 +03:00
Jouni Malinen
42ca9845be AP: Add debug information for ap_handle_timer operations
This makes it easier to figure out what exactly was done with the
ap_handle_timer registration/cancellation based on a debug log.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-11 14:24:24 +03:00
Jouni Malinen
c72bd6d49b AP: Reset STA timeout_next on driver-based-SME association
The next ap_handle_timer action was already cleared when association
is handled with user space -based SME. However, this step was missing
from the driver callback for indicating new association. This could
result in the first ap_handle_timer timeout on the new association
removing the station unexpectedly. Fix this by resetting the timeout_next
in hostapd_notif_assoc().

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-04-11 14:06:50 +03:00
Jouni Malinen
31b4961f02 Fix EAP/WPS to PSK transition on reassociation in authenticator
A station may move from EAP/WPS key_mgmt to PSK using re-association. In
practice, this can happen most likely with WPS when the station runs
through the provisioning step (EAP/WPS) followed by PSK authentication.
If a deauthentication event is missed from the station for whatever
reason, the EAPOL authenticator state machine could have been left
running.

This can result in various issues, including unexpected disconnection of
the station while both the 4-way handshake and EAPOL authenticator state
machines (EAP) are running at the same time when the supplicant is
trying to use PSK. Fix this by explicitly clearing EAPOL authenticator
state machine on (re)association if the new association does not use it.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
intended-for: hostap-1
2012-04-10 21:30:46 +03:00
Jouni Malinen
7fa56233ae Scan only affected frequencies for 20/40 MHz co-ex check for
When starting an AP with HT40 on 2.4 GHz, limit the set of channels
to scan for based on the affected frequency range to speed up the
AP setup.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-08 12:12:32 +03:00
Ben Greear
ce28e2795a AP: Add fuzz to idle-timer calculations
This should keep us from getting into a state where we bounce large
numbers of stations all at once. Spreading out the bounce should cause
less stress on the network as the idle stations won't all be trying to
reconnect at once.

Signed-hostap: Ben Greear <greearb@candelatech.com>
2012-04-06 11:47:29 +03:00
Jouni Malinen
52b2004285 Change reason code for AP mode BSS termination to 3
Use reason code 3 (Deauthenticated because sending STA is leaving)
instead of reason code 2 (Previous authentication ot valid) in the
Deauthentication frame sent at the time a BSS is terminated. This is
more accurate reason for the message and allows the stations to get
better understand on why they were disconnected. This can be useful
especially for P2P clients that can use this as a signal that the
P2P group session was ended per P2P specification section 3.2.9.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-04-03 16:17:38 +03:00
Johannes Berg
baf513d695 Pass signal strength through, fix units
The signal strength is currently never used as the only driver reporting
it is nl80211 which uses IEEE80211_RADIOTAP_DB_ANTSIGNAL which is never
populated by the kernel. The kernel will (soon) populate
IEEE80211_RADIOTAP_DBM_ANTSIGNAL instead though, so use that.

Also, since it was never really populated, we can redefine the signal
field to be in dBm units only.

My next patch will also require knowing the signal strength of probe
requests throughout the code (where available), so add it to the
necessary APIs.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2012-04-01 18:48:12 +03:00
Luciano Coelho
370b076197 hostapd: Only update already-set beacons when processing OLBC
When hostapd is about to start an AP using HT40, it starts a scan to
check whether it is allowed or not. If OLBC is detected before the
scan has completed, it sets the beacons prematurely.

To fix this, instead of setting all beacons when OLBC is detected,
only update the ones that have already been started.

Signed-off-by: Luciano Coelho <coelho@ti.com>
2012-04-01 18:12:04 +03:00
Jouni Malinen
ca8e039fec Fix memory leaks on radius_client_send error paths
In case this function returns an error, the RADIUS message needs to
freed in the caller.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-04-01 17:55:20 +03:00
Anirban Sirkhell
4c374cde2f Add wps_cancel for hostapd_cli
Implement wps_cancel for hostapd similarly to how it was already
supported in wpa_supplicant AP mode.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-03-30 11:11:35 +03:00
Vasanthakumar Thiagarajan
a0133ee1c9 nl80211: Make use of driver's capability to detect inactive stations
When drivers advertise their capability to free up inactive
stations based on ap_max_inactivity, send the inactivity period
timeout to driver in NL80211_ATTR_INACTIVITY_TIMEOUT. This
introduces a WPA_DRIVER_FLAGS (WPA_DRIVER_FLAGS_INACTIVITY_TIMER)
so that the inactivity period will be sent only when this capability
bit is set.

Signed-hostap: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com>
2012-03-27 20:49:44 +03:00
Johannes Berg
c8c340a9f6 AP: remove ssi_signal from ap_info
It is never used.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2012-03-05 16:38:26 +02:00
Jouni Malinen
1affa36cb5 WPS: Invalidate wildcard PIN on other radios after successful use
If a wildcard PIN is used on any of the radios that hostapd is
controlling, invalidate the matching PIN on all the other radios
to avoid multiple uses of the same PIN.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-29 20:42:48 +02:00
Jouni Malinen
648cc711a5 GAS server: Add support for ANQP Venue Name element
The new venue_name configuration parameter can now be used to configure
the ANQP Venue Name values that stations can request through GAS.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-26 22:53:22 +02:00
Jouni Malinen
3eaee4bf4b GAS server: Add support for ANQP Roaming Consortium list
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-26 22:53:16 +02:00
Jay Katabathuni
dca30c3fb7 Interworking: Add GAS server support for AP mode
This adds GAS/ANQP implementation into hostapd. This commit brings in
the basic GAS/ANQP functionality, but only the ANQP Capability List
element is supported.

For testing purposes, hostapd control interface SET command can be used
to set the gas_frag_limit parameter dynamically.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-26 22:52:53 +02:00
Jay Katabathuni
fb80e86e7d Add hostapd_drv_send_action()
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-26 22:52:37 +02:00
Jouni Malinen
3825a19bfa Generate random ANonce instead of one based on Counter
Definition of ANonce selection in IEEE Std 802.11i-2004 is somewhat
ambiguous. The Authenticator state machine uses a counter that is
incremented by one for each 4-way handshake. However, the security
analysis of 4-way handshake points out that unpredictable nonces help in
preventing precomputation attacks. Instead of the state machine
definition, use an unpredictable nonce value here to provide stronger
protection against potential precomputation attacks.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-26 12:06:36 +02:00
Jithu Jance
e60b295186 Add wpa_supplicant AP mode STA deauthenticate/disassociate commands
Move disassociate and deauthenticate commands to ctrl_iface_ap.c, so
that they ares accessible for wpa_supplicant AP mode and wpa_cli (with
CONFIG_AP option enabled).

Signed-hostap: Jithu Jance <jithu@broadcom.com>
2012-02-25 17:22:48 +02:00
Shan Palanisamy
e03c3069ba Clear WEP configuration on interface deinit
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:48:48 +02:00
Shan Palanisamy
4b8a59e40e Split hostapd_cleanup_iface() into two parts
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:47:54 +02:00
Shan Palanisamy
ed53dec023 Split hostapd_cleanup() into two parts
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:47:14 +02:00
Jouni Malinen
07bcdbb150 Move hostapd_for_each_interface() and hapd_interfaces into src/ap
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:46:27 +02:00
Shan Palanisamy
9e7d033ef4 hostapd: Make sure ctrl_iface is not initialized multiple times
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-02-16 19:44:43 +02:00
Jouni Malinen
0c01d65d6d Ignore TX status for Data frames from not associated STA
Commit d9a38716cc did this for
hostapd_eapol_tx_status() but missed the older hostapd_tx_status()
path. Address that case, too.

The TX status event may be received after a station has been
disassociated in cases where the disassociation is following a
transmission of a Data frame. Ignore such events if the STA is not
associated at the moment the event is being processed. This avoids
confusing debug entries and rescheduling of the EAPOL TX timeouts for
STAs that are still in the STA table, but are not really in active EAPOL
session.

Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-02-14 21:04:14 +02:00
Jouni Malinen
0f3d578efc Remove the GPL notification from files contributed by Jouni Malinen
Remove the GPL notification text from the files that were
initially contributed by myself.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 19:39:36 +02:00
Jouni Malinen
e22d4d957b Remove the GPL notification from files contributed by Atheros
Remove the GPL notification text from files that were initially
contributed by Atheros Communications or Qualcomm Atheros.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-02-11 19:39:36 +02:00
Jouni Malinen
c7bce24dc9 Clear EAPOL authenticator authFail for PMKSA caching/FT
This fixes a corner case where a STA that has PMKSA cache entry (or
valid FT keys) could try to use full EAPOL/EAP authentication and fail.
If the STA will then try to use the still valid PMKSA cache entry (or
FT) before the STA entry has been cleared, authFail could have been left
to TRUE. That will make EAPOL authenticator PAE state machine enter HELD
state even though authSuccess was already forced to TRUE. This results
in the STA getting disconnected even though it should be allowed to
continue with 4-way handshake. While this is unlikely to happen in
practice, it is better to get this fixed by clearing authFail when
setting authSuccess.

Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-02-04 12:21:42 +02:00
Jouni Malinen
d9a38716cc Ignore TX status for Data frames from not associated STA
The TX status event may be received after a stations has been
disassociated in cases where the disassociation is following a
transmission of a Data frame. Ignore such events if the STA is not
associated at the moment the event is being processed. This avoids
confusing debug entries and rescheduling of the EAPOL TX timeouts for
STAs that are still in the STA table, but are not really in active EAPOL
session.

Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
2012-02-04 12:18:56 +02:00
Jouni Malinen
32cdcf15b2 WPS: Disable AP PIN after 10 consecutive failures
While the exponential increase in the lockout period provides an
efficient mitigation mechanism against brute force attacks, this
additional trigger to enter indefinite lockout period (cleared by
restarting hostapd) will limit attacks even further by giving maximum of
10 attempts (without authorized user action) even in a very long term
attack.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-30 17:36:14 +02:00
Nicolas Cavallari
40d00d2bfe wpa_auth: Fix race in rejecting 4-way handshake for entropy
When there is not enough entropy and there are two station associating
at the same time, one of the stations will be rejected, but during
that rejection, the "reject_4way_hs_for_entropy" flag gets cleared. This
may allow the second station to avoid rejection and complete a 4-Way
Handshake with a GTK that will be cleared as soon as more entropy is
available and another station connects.

This reworks the logic to ban all 4-way handshakes until enough entropy
is available.

Signed-hostap: Nicolas Cavallari <cavallar@lri.fr>
2012-01-29 18:11:43 +02:00
Jouni Malinen
ceb997f394 Fix ap_sta_disconnect() to clear EAPOL/WPA authenticator state
Number of places in hostapd use ap_sta_disconnect() instead of
ap_sta_disassociate() or ap_sta_deauthenticate(). There are some
differences between these functions, e.g., in the area how quickly
the EAPOL state machines get deinitialized. This can result in
somewhat unexpected events since the EAPOL/WPA authenticator
state machines could remain running after deauthentication.

Address this by forcing EAPOL/WPA authenticator state machines
to disabled state whenever ap_sta_disconnect() is called instead
of waiting for the deauthentication callback or other timeout
to clear the STA.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-25 22:32:58 +02:00
Jouni Malinen
74590e710f Work around interop issue with WPA type EAPOL-Key 4/4 in WPA2 mode
Some deployed station implementations seem to send msg 4/4 with
incorrect type value in WPA2 mode. Add a workaround to ignore that issue
so that such stations can interoperate with hostapd authenticator. The
validation checks were added in commit
f8e96eb6fd.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-22 12:23:28 +02:00
Jouni Malinen
8017b538e7 P2P: Use Device ID attribute to filter Probe Request frames as GO
The Device ID attribute was already used in Listen state, but it was
ignored in GO role. Verify that there is a match with Device ID in
GO rule, too, before replying to the Probe Request frame.

Signed-hostap: Jouni Malinen <j@w1.fi>
2012-01-08 09:35:33 -08:00
Jouni Malinen
68921e24b2 Allow SNonce update after sending EAPOL-Key 3/4 if 1/4 was retransmitted
Some supplicant implementations (e.g., Windows XP WZC) update SNonce for
each EAPOL-Key 2/4. This breaks the workaround on accepting any of the
pending requests, so allow the SNonce to be updated even if we have
already sent out EAPOL-Key 3/4.

While the issue was made less likely to occur when the retransmit
timeout for the initial EAPOL-Key msg 1/4 was increased to 1000 ms,
this fixes the problem even if that timeout is not long enough.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-02 22:36:11 +02:00
Jouni Malinen
d567479153 Do not disconnect STA based on inactivity on driver failure
Now that we can use driver_nl80211.c with non-mac80211 drivers that
implement SME/MLME internally, we may not get inactivity time from the
driver. If that is the case, we need to skip disconnection based on
maximum inactivity timeout. This fixes some unexpected disconnection
cases with ath6kl in AP mode.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2012-01-02 21:27:06 +02:00
Yogesh Ashok Powar
ef01fa7bfa hostapd: Make inactivity polling configurable
hostapd uses the poll method to check if the station is alive
after the station has been inactive for ap_max_inactivity seconds.
Make the poll mechanism configurable so that user can choose to
disconnect idle clients.

This can be especially useful when some devices/firmwares have
restrictions on the number of clients that can connect to the AP
and that limit is smaller than the total number of stations trying
to use the AP.

Signed-off-by: Yogesh Ashok Powar <yogeshp@marvell.com>
Signed-off-by: Nishant Sarmukadam <nishants@marvell.com>
2011-12-25 20:57:01 +02:00
Jouni Malinen
c3daee1df5 Remove obsolete comment on removed PTK rekeying operation
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-24 13:55:03 +02:00
Jouni Malinen
00338a4fe8 Increase initial group key handshake retransmit timeout to 500 ms
The 100 ms timeout on retransmitting group key message can be too short
for stations that are in power save mode or if there is a large number
of association stations. While the retransmission of the EAPOL-Key frame
should allow this to be recovered from, it is useful to avoid
unnecessary frames to save soem CPU and power.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-24 13:50:59 +02:00
Jouni Malinen
9c3c38db1e Drop priority level of the logger message for unexpected replay counter
This can happen frequently during normal EAPOL-Key exchanges and there
is no need to log it at info level.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-24 13:39:40 +02:00
Jouni Malinen
fbdcfd577a P2P: Maintain a list of P2P Clients for persistent group on GO
Add a new persistent group network block field, p2p_client_list, to
maintain a list of P2P Clients that have connected to a persistent
group. This allows GO of a persistent group to figure out more easily
whether re-invocation of a persistent group can be used with a specific
peer device.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-22 22:47:41 +02:00
Jouni Malinen
74781dfc7b Lower RX_MGMT driver event debug level for Beacon frames
This event can be very frequent in AP mode when Beacon frames from
neighboring BSSes are delivered to user space. Drop the debug
message priority from DEBUG to EXCESSIVE for Beacon frames.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-18 21:48:25 +02:00
Jouni Malinen
c84b868a71 Make hostapd_eid_wmm_valid() return more logical return values
Return 1/0 instead 0/-1 to indicate valid/invalid element so that
the if statement makes more sense with !wmm_valid().

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-17 12:41:00 +02:00
Jason Young
5d06163714 AP: Pass station's WMM configuration to driver wrappers
This updates a previous patch did more or less the same thing by
providing the qosinfo as a single variable to the driver wrappers.

Signed-hostap: Jason Young <jason.young@dspg.com>
2011-12-17 12:38:06 +02:00
Eliad Peller
5f32f79c6e AP: Add uapsd_queues and max_sp fields
Add uapsd_queues and max_sp fields to sta_info struct,
and pass them to the sta_add callback.

These values are determined by the WMM IE in the (Re)Association Request.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2011-12-17 11:55:14 +02:00
Eliad Peller
70619a5d8a AP: Consider U-APSD driver support
Check whether the driver advertises support for U-APSD
in AP mode, and evaluate wmm_uapsd only in this case.

Signed-off-by: Eliad Peller <eliad@wizery.com>
2011-12-17 11:45:53 +02:00
Michael Braun
05ab9712b9 Allow WPA passphrase to be fetched with RADIUS Tunnel-Password attribute
This allows per-device PSK to be configured for WPA-Personal using a
RADIUS authentication server. This uses RADIUS-based MAC address ACL
(macaddr_acl=2), i.e., Access-Request uses the MAC address of the
station as the User-Name and User-Password. The WPA passphrase is
returned in Tunnel-Password attribute in Access-Accept. This
functionality can be enabled with the new hostapd.conf parameter,
wpa_psk_radius.

Signed-hostap: Michael Braun <michael-dev@fami-braun.de>
2011-12-11 13:01:57 +02:00
Arik Nemtsov
5b99e21a14 Set driver Probe Response template for AP mode offload
Configure a Probe Response template for drivers that support it. The
template is updated when the Beacon template is updated.

The Probe Response template is propagated to the driver via the set_ap()
callback.

Signed-hostap: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Arik Nemtsov <arik@wizery.com>
2011-12-10 21:11:32 +02:00
Arik Nemtsov
eacc6b2478 Split Probe Response generation into a separate function
This is needed for Probe Response template, so move the code into a
separate function that can be shared.

Signed-hostap: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Arik Nemtsov <arik@wizery.com>
2011-12-10 21:11:32 +02:00
Arik Nemtsov
4f73d88afa Maintain internal copy of Probe Response offload capabilities
Signed-hostap: Arik Nemtsov <arik@wizery.com>
Signed-off-by: Arik Nemtsov <arik@wizery.com>
2011-12-10 21:11:32 +02:00
Ben Greear
afcc9ea1a6 AP: Improve disconnect and timeout related logging
This previously helped when debugging some auth issues when hitting the
AP with 128 association attempts all at once.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-12-10 16:34:52 +02:00
Ben Greear
e04a163180 AP: Convert some wpa_printf to wpa_msg/dbg
This generates better log messages when running multiple
interfaces in one process.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-12-10 16:28:14 +02:00
Ben Greear
af22a9994b Tell user why a channel cannot be used in AP mode
Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-12-10 16:18:50 +02:00
Jithu Jance
10cc6c883e P2P: Append P2P Device Address to AP-STA-DISCONNECTED event
Append "p2p_dev_addr" parameter to AP-STA-DISCONNECTED event for P2P
connections. In addition, for AP-STA-CONNECTED event during P2P
connection, the "dev_addr=" print is replaced with "p2p_dev_addr=" to
be more consistent with other events.

Signed-hostap: Jithu Jance <jithu@broadcom.com>
2011-12-10 12:26:00 +02:00
Jouni Malinen
505a36941e Add MSK dump mechanism into hostapd RADIUS server for testing
Testing code can now be enabled in the hostapd RADIUS server to dump
each derived MSK into a text file (e.g., to be used as an input to
wlantest). This functionality is not included in the default build
and can be enabled by adding the following line to hostapd/.config:
CFLAGS += -DCONFIG_RADIUS_TEST

The MSK dump file is specified with dump_msk_file parameter in
hostapd.conf (path to the dump file). If this variable is not set,
MSK dump mechanism is not enabled at run time.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-09 00:15:04 +02:00
Jouni Malinen
78018ae91d Fix basic_rates copying
Commit e5693c4775 used incorrect
sizeof to copy the basic rates.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-04 13:12:30 +02:00
Jouni Malinen
210ff0f7f3 Fix no-NEED_AP_MLME build
Commit 34445d12ee forgot to convert
the hostapd_prepare_rates() inline wrapper for builds that do not
define NEED_AP_MLME.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-04 12:46:01 +02:00
Arik Nemtsov
3eeee931dd Allow Action frames with unknown BSSID in GO mode
P2P invitation responses are transmitted with the BSSID set to the peer
address. Pass these action frames up to allow the GO to receive the
Invitation Response (and avoid sending the Invitation Request multiple
times).

Signed-off-by: Arik Nemtsov <arik@wizery.com>
2011-12-04 12:10:11 +02:00
Jouni Malinen
34445d12ee Convert hostapd_prepare_rates() to use struct hostapd_iface
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-03 12:20:17 +02:00
Jouni Malinen
e5693c4775 Merge set_rate_sets() driver_ops into set_ap()
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-03 12:16:03 +02:00
Jouni Malinen
5f17b3ee9f Remove unused parameters from set_rate_sets()
Only setting of the basic rate set was supported, so remove the
unused parameters.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-03 11:57:13 +02:00
Jouni Malinen
e26cd1a180 hostapd: Show driver event names in debug log
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-12-03 11:46:47 +02:00
Szymon Bigos
9337e876ab Fix generated WPS PIN values to use zero-padding
The dynamically generated PINs are supposed to have 8 digits, but
some PIN generatation cases were not zero-padding these properly.
2011-12-02 23:04:39 +02:00
Bharat Chakravarty
8e5f913456 WPS: Allow RF Bands value to be overridden
A new hostapd.conf parameter, wps_rf_bands, can now be used to fix the
RF Bands value in cases where hw_mode is not set or when operating a
dual band dual concurrent AP.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-30 17:44:43 +02:00
Subrat Dash
910b482d9b WPS: Fix stopping of active WPS operation on dual concurrent AP
When hostapd controls multiple radios, WPS operations are started on
all interfaces. However, when the provisioning run had been completed
successfully, actiove WPS mode was stopped only a single interface. Fix
this to iterate through all interfaces so that this is handled
consistently with the starting of WPS operation.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-30 16:48:14 +02:00
Jouni Malinen
d6d731b848 WPS ER: Fix segfault in some selected registrar change cases
Commit 628d54639a introduced number
of new WPS related ctrl_iface messages to hostapd. Some of these
were for ER events which do not make any sense to hostapd that
cannot operate as an ER. The WPS_EV_ER_SET_SELECTED_REGISTRAR one
from wps_registrar_sel_registrar_changed_event() was especially
problematic since it can cause wpa_supplicant ER code segfault due
to missing event data.

Revert all the ER specific changes from commit
628d54639a to get rid of the segfault
and undesired extra code in hostapd.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-30 14:44:23 +02:00
Dmitry Shmidt
8a5e75f60f P2P: Send STA connected/disconnected events to parent ctrl_iface
Send the connection events from P2P group to both the group interface
and parent interface ctrl_ifaces to make it easier for external monitor
programs to see these events without having to listen to all group
interfaces when virtual group interfaces are used.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2011-11-25 23:56:13 +02:00
Jouni Malinen
0bf927a03e Use wpa_key_mgmt_*() helpers
This cleans up the source code and makes it less likely that new AKM
addition misses some needed changes in the future.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-24 22:47:46 +02:00
Jouni Malinen
71093e5ea9 WPS: Include WSC IE in (Re)Association Response for maybe-WPS case
If the station is indicating use of WPS, WSC IE should be added into the
(Re)Association Response frame. This is clear for the case when WSC IE
was included in the (Re)Association Request frame. However, even the
WLAN_STA_MAYBE_WPS case may actually indicate use of WPS. Assume that to
be the case when WPA/WPA2 is enabled (i.e., when the STA does not
include WPA/RSN/WSC IE while AP has WPA/RSN enabled).

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-24 22:05:33 +02:00
Jouni Malinen
bf689a409f Fix wired EAPOL authenticator
Commit 940a0ce970 moved the STA associated
check from driver_*.c into ieee802_1x_receive(), but failed to take into
account that wired networks and driver_wired.c do not mark the STA entry
associated. Fix this by skipping the check if the driver wrapper is
using a wired network.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-20 12:42:47 +02:00
Helmut Schaa
9a898ee879 Avoid excessive probe response retries
Some client implementations only wait a few ms after sending a probe
request while scanning. Since probe responses are always sent at a low
rate this can eat quite some airtime and it might be impossible to get
the frame out before the client leaves the channel again. If the client
leaves before all probe reponses where acked this can cause the probe
reponse to be retried quite often consuming even more airtime.

Hence, add a new noack flag to the driver's send_mlme callback that
allows hostapd to request whether the driver should expect an ACK for
this frame or not.

Use the new noack-policy only for broadcast probe requests that contain
a wildcard SSID.

Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
2011-11-19 19:09:49 +02:00
Helmut Schaa
8cfa3527e1 Allow MLME frames to be sent without expecting an ACK (no retries)
In some situations it might be benefical to send a unicast frame without
the need for getting it ACKed (probe responses for example). In order to
achieve this add a new noack parameter to the drivers send_mlme callback
that can be used to advise the driver to not wait for an ACK for this
frame.

Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
2011-11-19 19:02:05 +02:00
Johannes Berg
dd840f793c AP: Add explicit EAPOL TX status event
The new event can be used when EAPOL TX status can't be reported as a
complete 802.11 frame but is instead reported as just the EAPOL data as
originally passed to hapd_send_eapol().

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
2011-11-19 13:00:30 +02:00
Jouni Malinen
19df9b0761 Mark local functions static
These functions are not used outside the file in which they are defined.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-18 21:53:36 +02:00
Jouni Malinen
373f6c7211 Include wpa_auth_glue.h to verify function prototypes
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-18 21:53:03 +02:00
Jouni Malinen
4740d5b9d9 Fix the debug message in the previous commit
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-17 23:05:19 +02:00
Jouni Malinen
0d442affb6 Set Secure=1 for EAPOL-Key msg 3/4 in WPA conditional on 2/4
This is a workaround for Windows 7 supplicant rejecting WPA msg 3/4
in case it used Secure=1 in msg 2/4. This can happen, e.g., when
rekeying PTK after EAPOL-Key Error Request (Michael MIC failure)
from the supplicant.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-17 22:59:31 +02:00
Jouni Malinen
e9447a94c0 Use a single define for maximum number of EAP methods
This cleans up the code a bit by not having to deal with theoretical
possibility of maximum number of EAP methods to be different between
various components in hostapd.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-17 20:06:33 +02:00
Jouni Malinen
16476dd124 Fix P2P IE configuration for GO mode
Commit c2ff13c533 broke this with a
copy-paste typo that ended up adding the Probe Request P2P IE into the
Beacon frame (i.e., Beacon frame had two P2P IEs while Probe Response
had none).

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-14 16:10:54 +02:00
Jouni Malinen
4c8a333b54 Make time_adv use easier for static analyzers
hapd->time_adv cannot really be NULL if hostapd_update_time_adv()
returns success, but this construction seems to be too difficult
for some static analyzers. While this change is not really needed
in practice, it makes it easier to go through warnings from such
analyzers.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-13 22:45:16 +02:00
Jouni Malinen
99c01af9aa P2P: Verify that assoc req IEs are available for group update
Do not call p2p_group_notif_assoc() if the driver did not return
IEs from the association request.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-13 22:33:32 +02:00
Jouni Malinen
a17539ebcd Remove unnecessary include file inclusion
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-13 22:13:04 +02:00
Jouni Malinen
ae055af4f7 Move AP events for STA connected/disconnected into one function
Instead of trying to remember to add wpa_msg() calls for every possible
path where a STA becomes authorized or unauthorized, use
ap_sta_set_authorized() to send these events more consistently.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-03 22:17:41 +02:00
Jouni Malinen
3ec1e9020f Fix some recent wpa_msg() calls in hostapd use correct context
wpa_msg() has to use hapd->msg_ctx instead of hapd as the context
pointer to work properly in wpa_supplicant AP mode.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-11-03 22:04:17 +02:00
Nicolas Cavallari
6caaae1e48 hostapd: Send an event when an inactive station is removed
Currently, there is no events over the control interface
when a AP disconnects a station due to inactivity.  With
this patch, an "AP-STA-DISCONNECTED" event will be sent.

Signed-hostap: Nicolas Cavallari <nicolas.cavallari@lri.fr>
2011-11-03 21:58:22 +02:00
Yoni Divinsky
9354e59480 Configure new GTK/IGTK to driver in case of TKIP countermeasures
The GTK is renewed in the hostapd after a MIC attack dissassociation
without informing the driver, causing decryption failures. This patch
sends the new GTK/IGTK to the driver after it is updated by the hostapd.

Signed-off-by: Yoni Divinsky <yoni.divinsky@ti.com>
2011-10-30 22:19:49 +02:00
Jouni Malinen
fbc72d32c6 Ignore Michael MIC failure reports if cipher is not TKIP
Some stations have been reported to send EAPOL-Key Error Reports
indicating Michael MIC failures even when the cipher is not TKIP
(e.g., when the network is using only CCMP). Ignore such reports
to avoid starting TKIP countermeasures unnecessarily. This can
prevent certaint types of denial of service attacks by insiders,
but mostly this is to work around invalid station implementations.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-10-30 12:53:20 +02:00
Jouni Malinen
ec02780529 Move Michael MIC error report processing into separate function
Signed-hostap: Jouni Malinen <j@w1.fi>
2011-10-30 12:53:20 +02:00
Jouni Malinen
01a1749156 Fix TKIP countermeasures stopping in deinit paths
The eloop timeout to stop TKIP countermeasures has to be canceled
on deinit path to avoid leaving bogus timeouts behind.

Signed-hostap: Jouni Malinen <j@w1.fi>
2011-10-30 12:53:20 +02:00
Jouni Malinen
451c367d06 Remove unused valid_bss_mask driver_ops 2011-10-29 11:34:29 +03:00
Jouni Malinen
735f652237 Remove unconfigurable cts_protection_type
This was included in the AP configuration parameters, but there has
been no way to set it to anything else than the default automatic
mode. Remove this parameter and just hardcode ERP determination to
follow the automatic mode.
2011-10-29 11:24:53 +03:00
Jouni Malinen
d28b43f66f Fix WPA authenticator configuration to not leave uninitialized fields
hostapd_wpa_auth_conf() is called on uninitialized memory and the
conditional blocks in this function may leave some fields into
uninitialized state. This can result in unexpected behavior elsewhere
since some of the variables may be used without matching #ifdef
blocks. Fix this by zeroing the memory.
2011-10-28 12:13:56 +03:00
Jay Katabathuni
1d21e9dd5a Interworking: Fix Advertisement Protocol element length limit
The Query Response Length Limit is not allowed to be zero when
this is sent by the AP. Use 0x7F to indicate that the limit is
based on maximum number of GAS fragments.
2011-10-25 11:31:21 +03:00
Jithu Jance
c9aab27406 P2P: Append P2P Device Address to AP-STA-CONNECTED event
For P2P, the p2p_connect takes in device address argument to make a
connection. However the connected event AP-STA-CONNECTED comes with
interface address. The application listening on events would find it
difficult to map interface address to the p2p device address which is
provided for connection.

Append P2P Device Address to AP-STA-CONNECTED event for P2P Client
connection. This will help applications to easily map the P2P Interface
Address to P2P Device Address on CONNECTED event. For non-P2P case, it
will just print the usual STA MAC address alone.

Signed-off-by: Jithu Jance <jithu@broadcom.com>
2011-10-25 00:13:03 +03:00
Jouni Malinen
46eeedac61 Remove unused variables 2011-10-23 12:42:55 +03:00
Jouni Malinen
2683690d91 Fix hostapd_wpa_auth_send_ether() return value
This was not currently used for anything, but better return the correct
value instead of hardcoded -1.
2011-10-23 12:33:17 +03:00
Jouni Malinen
9e0e6902a2 Share a single wpa_scan_results_free() implementation
There is not really a very good location for this anywhere, but the
function is small enough to live as an inline function for now.
2011-10-22 22:09:40 +03:00
Ben Greear
f935bd4dc5 Fix typo in comment related to EAPOL
Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-10-22 21:41:09 +03:00
Jouni Malinen
122ba57936 Interworking: Filter Probe Request frames based on HESSID and ANT
Do not reply to Interworking-enabled Probe Request frames if they
request mismatching HESSID or ANT.
2011-10-21 12:43:53 +03:00
Jouni Malinen
16991cffd6 Interworking: Include Access Network Type in set_ap() driver_ops
This may be needed for drivers that process Probe Request frames
internally.
2011-10-21 12:12:36 +03:00
Johannes Berg
9b90955ec7 AP: Pass only bssid/addr/wds to EVENT_RX_FROM_UNKNOWN 2011-10-20 21:51:32 +03:00
Johannes Berg
9236ba4cb5 Move get_hdr_bssid() to make it easier to share for other uses 2011-10-20 21:50:23 +03:00
Johannes Berg
bcf24348ed AP: Do station poll in driver wrapper
This offloads the station polling to driver wrappers, which may offload
it again to the driver. The hostap driver wrapper uses "real" data
frames while nl80211 uses null data frames.

Also add a specific event to indicate that a poll was successful for
future use with the nl80211 driver.
2011-10-20 21:03:08 +03:00
Jouni Malinen
39b97072b2 Add support for Time Advertisement
This adds preliminary support for IEEE 802.11v Time Advertisement
mechanism with UTC TSF offset.
2011-10-18 00:24:16 +03:00
Jouni Malinen
4b2a77aba2 Interworking: Add support for configuring Roaming Consortium List 2011-10-17 23:55:50 +03:00
Jouni Malinen
c7c178e15e Interworking: Add Advertisement Protocol element
For now, assume that ANQP will always be enabled with Interworking.
This may be made separately configurable in the future.
2011-10-17 23:19:52 +03:00
Jouni Malinen
8a33a63f58 Add Interworking configuration in set_ap() driver_ops
Drivers that implement SME/MLME may find it easier to use separated
information to configure Interworking related parameters.
2011-10-17 21:35:41 +03:00
Jouni Malinen
a194b06c81 Add Ext Capab and Interworking elements to extra IEs
These need to be provided to drivers that implement SME/MLME.
2011-10-17 21:30:44 +03:00
Jouni Malinen
06c4d2472f Move Ext Capab and Interworking element construction into shared file
These needs to be available for drivers that implement SME/MLME.
2011-10-17 21:03:52 +03:00
Jouni Malinen
c2ff13c533 Clean up AP mode extra IE construction
Make it easier to add more IEs into the buffers.
2011-10-17 20:55:06 +03:00
Jouni Malinen
6c0575c322 Remove unused function argument 2011-10-17 20:10:07 +03:00
Jouni Malinen
31357268e5 Move AP BSS configuration parameters into set_ap()
Remove the separate driver_ops functions set_cts_protect(),
set_preamble(), set_short_slot_time(), and set_ht_params(). These
belong into same set of operations as set_ap(), so there is no need
to maintain separate functions that just make the driver wrapper
more complex.

Since these have only been used with driver_nl80211.c, the driver_ops
can be removed immediately instead of maintaining backwards
compatibility period with the old functions.
2011-10-17 19:31:33 +03:00
Jouni Malinen
fd13a54180 Deprecate set_intra_bss() driver_ops
The AP client isolation parameter is now available through set_ap().
driver_nl80211.c was the only driver wrapper using the set_intra_bss()
call in hostap.git, but some external trees may have used this. Once
those are cleared, the set_infra_bss() driver_ops can be removed
completely. The only remaining use case for it currently is in P2P
GO mode with wpa_supplicant.
2011-10-17 18:58:46 +03:00
Jouni Malinen
5ce0f8b31b Remove unused P2P device discovery hack from Beacon configuration
AP mode operations were used for P2P device discovery Listen state
only during early experiments. This has now been cleaned up and
ieee802_11_set_beacon() is not called for P2P device discovery.
As such, this hack to skip Beacon configuration can be removed.
2011-10-17 18:39:31 +03:00
Jouni Malinen
062390efd4 Start deprecating various AP mode driver_ops
The preferred way of configuring AP mode will be to use set_ap() instead
of number of separate operations hostapd has collected over the years.
2011-10-17 18:35:25 +03:00
Mahesh Palivela
d4370eac2e Move SA Query mechanism into a file that can be shared more easily
This is the first step in allowing SA Query mechanism in hostapd to be
used with drivers that implement authentication and association MLME/SME
(i.e., do not use ieee802_11.c).
2011-10-17 17:33:17 +03:00
Jouni Malinen
b83e3e93c8 IEEE 802.11u: Add configuration and advertisement for Interworking 2011-10-16 23:55:34 +03:00
Jouni Malinen
08a74e6a61 Use a common error handler in hostapd_notif_assoc() 2011-10-16 17:57:27 +03:00
Jouni Malinen
2bb20281cb Clean up IE processing in hostapd_notif_assoc() 2011-10-16 17:49:02 +03:00
Jouni Malinen
fa15d405c7 WPS: Fix WPS IE processing
Commit 17f6b90056 moved the concatenation
of WPS IEs, but did not include the validation that the IE buffer is not
NULL. In addition, the concatenation needs to be done based on the full
IE buffer instead of the parsed pointer that includes only a single
WPS IE.
2011-10-16 17:10:48 +03:00
Jouni Malinen
c3b75919fa Fix double free with CONFIG_WPS_STRICT=y
Commit 17f6b90056 extended the use of
the concatenated WPS IE outside the CONFIG_WPS_STRICT block, but
forgot to remove the old wpabuf_free(wps) call.
2011-10-16 12:11:00 +03:00
Yogesh Ashok Powar
8666585b9e Disconnect STA when it fails to get added in kernel driver/firmware
Data path for stations that get successfully associated to the
hostapd but fail to get added in the driver/firmware, will not
work. In such cases, hostapd should deauth and disconnect such
stations. In such scenario, hostapd should disconnect the STAs.

Sample output with following patch
wlan0: STA 0c:74:c2:9a:4c:59 IEEE 802.11: authenticated
wlan0: STA 0c:74:c2:9a:4c:59 IEEE 802.11: associated (aid 1)
wlan0: AP-STA-CONNECTED 0c:74:c2:9a:4c:59
wlan0: STA 0c:74:c2:9a:4c:59 IEEE 802.11: Could not add STA to kernel driver
wlan0: STA 0c:74:c2:9a:4c:59 IEEE 802.11: deauthenticated due to local deauth request

Signed-off-by: Yogesh Ashok Powar <yogeshp@marvell.com>
Signed-off-by: Nishant Sarmukadam <nishants@marvell.com>
2011-10-15 12:41:28 +03:00
B. J
5dd80dd661 Fix NT-hash password use with integrated authentication server
The password_hash parameter was not copied in case of the integrated
authentication server (but was for RADIUS server). This broke EAP
authentication when the user entry used NT-hash.
2011-10-15 12:13:27 +03:00
Jouni Malinen
fd8e4fda50 EAPOL auth: Disconnect after IEEE 802.1X failure
The EAPOL authenticator was previously forcing disconnection in the WPS
use case. However, this can be benefitial operation with any IEEE 802.1X
authentication mechanism and need not be limited to WPS. This helps some
use cases like EAP-FAST where provisioning may require two
authentication runs if the authentication server does not allow the PAC
provisioning step to be used for normal data connection. While the
station would be free to decide to re-associate in such a case, not all
stations do and as such, it helps if the AP does that instead of leaving
the association up with EAPOL state machine in HELD state for 60
seconds.
2011-10-12 20:07:16 +03:00
Johannes Berg
1473f95e98 AP: Use QoS nullfunc for connection poll
When polling a station that has been inactive for a while, hostapd currently
always uses a null data frame. This is a bit strange with uAPSD clients
(though it seems to mostly work) since the EOSP bit can never be set in a
non-QoS frame. Make hostapd use QoS null data frames for probing when the
station is a QoS STA.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-10-01 21:04:11 +03:00
Zhi Chen
56aa082a1d WPS: Send AP Settings as a wrapped Credential attribute to ctrl_iface
Wrap self-generated WPS credential for new AP settings and send that to
control interface to provide the needed information in
WPS-NEW-AP-SETTINGS for external processing.
2011-09-30 22:26:37 +03:00
Shan Palanisamy
a52eba0f44 FT: Add driver wrappers for FT with driver-based MLME/SME 2011-09-30 00:05:29 +03:00
Pavel Roskin
ffbf1eaa26 Fix typos found by codespell
Signed-off-by: Pavel Roskin <proski@gnu.org>
2011-09-22 00:43:59 +03:00
Jouni Malinen
633d4469e8 Fix AP build without CONFIG_WPS=y
Make the WPS processing of (Re)Association Request frame IEs conditional
on WPS support. This fixes a build issue with wps_is_20() not being
defined and makes the non-WPS build a bit smaller.
2011-09-12 22:23:45 +03:00
Per Ekman
3d9e2e6615 Remove references to time_t/time()
Use os_time() in AP mode instead of direct time() calls.
2011-09-12 22:14:30 +03:00
Jouni Malinen
cc28ad8cdf Fix Deauth/Disassoc callback handling with test frames
The Deauth/Disassoc TX status callbacks were ending up kicking the
station entry from kernel driver when test functionality was used to
inject Deauth/Disassoc frames from the AP with the purpose of leaving
the local association in place. Fix this by using STA flags to figure
out whether there was a pending callback for the frame that we need
to act on.

In addition, add forgotten functionality for the Disassoc TX status
callback to match the behavior with Deauth.
2011-09-06 21:03:02 +03:00
Jouni Malinen
4dc03726de Delay STA entry removal until Deauth/Disassoc TX status in AP mode
This allows the driver to use PS buffering of Deauthentication and
Disassociation frames when the STA is in power save sleep. The STA
entry (and PTK) will be removed from the kernel only after the
Deauth/Disassoc has been transmitted (e.g., when the STA wakes up).
A hardcoded two second timeout is used to limit the length of this
window should the driver fail to deliver the frame (e.g., the STA
is out of range and does not wake up). The kernel STA entry is
marked unauthorized during the wait to avoid accepting Data
frames from the STA that we have decided to disconnect.

This behavior is available only with drivers that provide TX status
events for Deauth/Disassoc frames (nl80211 at this point). Other
drivers continue to use the previous behavior where the STA entry
is removed immediately.
2011-08-28 23:07:02 +03:00
Jouni Malinen
17f6b90056 WPS: Wait for EAPOL-Start unless WPS 2.0 station as workaround
Extend the code that waits for the station to send EAPOL-Start before
initiating EAPOL authenticator operations to cover the case where the
station includes WPS IE in (Re)Association Request frame if that IE
does not include support for WPS 2.0. While this should not really
be needed, this may help with some deployed WPS 1.0 stations that do
not support EAPOL operations correctly and may get confused of the
EAP-Request/Identity packets that would show up twice if EAPOL-Start
is transmitted.
2011-08-28 19:16:59 +03:00
Jouni Malinen
fb91db5639 Provide extra IEs for AP mode management frames with set_ap
Drivers that build Beacon, Probe Response, and (Re)Association
Response frames can use this information to and WPS and P2P IE
when needed.
2011-08-26 21:14:25 +03:00
Jouni Malinen
97a7a0b504 Add support for setting SSID hiding mode through set_ap() 2011-08-26 21:12:47 +03:00
Jouni Malinen
b11d1d6439 Add crypto parameters to set_ap() command separately
This helps drivers that build the Beacon and Probe Response frames
internally.
2011-08-26 21:11:42 +03:00
Jouni Malinen
9ca47fff8c WPS: Drop responses from ER to a STA that is not in WPS protocol
If an ER tries to send a message to a STA that is not in the middle
of WPS protocol, do not try to deliver that. This can help with issues
where an ER takes long time to reply to M1 and another Registrar has
already completed negotiation.
2011-08-12 11:58:32 +03:00
Jouni Malinen
ccb941e6da Add SSID as a separate item in AP mode Beacon setup
This makes it easier for drivers that need the SSID to get it from the
Beacon setup operation without having to parse the Beacon IEs.
2011-08-10 13:29:32 +03:00
Jouni Malinen
19c3b56685 Replace set_beacon() driver op with set_ap()
This change is a first step in better supporting different driver
architectures for AP mode operations with nl80211. This commit in
itself does not add new functionality, but it makes it easier to add
new AP mode parameters to address needs of drivers that have more of
the MLME/SME in firmware or kernel.
2011-08-10 13:22:37 +03:00
Jouni Malinen
bdffdc5ddb AP: Reorder WPA/Beacon initialization
Split WPA initialization into two parts so that the Beacon frames can be
configured fully before the initial keys (GTK/IGTK) are configured. This
makes it easier for drivers that depend on the AP security mode being
fully set before the keys are configured.
2011-08-09 14:56:16 +03:00
Jouni Malinen
bc45d4279f WPS: Do not update Beacon IEs before initial IE set
This avoids a request to the driver to first start beaconing before
the WPA/RSN IE has been generated and then immediately changing the
beacon IEs once the WPA/RSN IE is ready.
2011-08-09 14:40:06 +03:00
Anish Nataraj
628d54639a Dispatch more WPS events through hostapd ctrl_iface 2011-08-04 16:56:41 +03:00
Jouni Malinen
93ac240496 Clarify hostapd error message on unsupported hw_mode value 2011-07-31 00:51:34 +03:00
Jouni Malinen
6554237f38 FT: Share IE parser implementation for Authenticator and Supplicant
These are almost identical, so there is no point in using separate
implementations.
2011-07-16 11:13:39 +03:00
Hong Wu
c284b46141 FT: Fix the calculation of MIC Control field in FTIE
Reassociation Request/Response frame validation need to count all IEs in
the RIC. In addition, TIE is not protected, so it should not be included
in the count.

Signed-off-by: Hong Wu <hong.wu@dspg.com>
2011-07-16 10:57:17 +03:00
Jouni Malinen
04a85e4401 P2P: Filter Probe Request frames based on DA and BSSID in Listen state
Only accept Probe Request frames that have a Wildcard BSSID and a
destination address that matches with our P2P Device Address or is the
broadcast address per P2P specification 3.1.2.1.1.
2011-07-15 20:28:46 +03:00
Arik Nemtsov
d83ab1fe37 hostapd: Set STA flags when adding a new station
When adding a new station, set the STA flags as part of the sta_add()
command. This ensures the flags are up to date when the station is added
by lower level drivers.

Signed-off-by: Arik Nemtsov <arik@wizery.com>
2011-07-12 20:26:52 +03:00
Jouni Malinen
cb465555d4 Allow PMKSA caching to be disabled on Authenticator
A new hostapd configuration parameter, disable_pmksa_caching=1, can now
be used to disable PMKSA caching on the Authenticator. This forces the
stations to complete EAP authentication on every association when WPA2
is being used.
2011-07-05 17:13:04 +03:00
Yogesh Ashok Powar
a3e685a04b hostapd: Clear keys configured when hostapd reloads configuration
Data path is broken when hostapd reloads its configuration
disabling the security which was previously enabled (WEP/WPA),
using kill -1, as old keys were not cleared.

The patch clears the keys configured when hostapd reloads
its configuration.

Signed-off-by: Yogesh Ashok Powar <yogeshp@marvell.com>
2011-07-05 11:39:26 +03:00
Helmut Schaa
d4744189b7 hostapd: Don't mask out non-symmetric STA HT caps
Previously hostapd just masked the STAs HT caps with its own. However,
some HT caps are not symmetric and as such need to be handled
different.

hostapd shouldn't overwrite the STAs SMPS mode as otherwise the driver
cannot know it has to use RTS/CTS to wake the receiver from dynamic
SMPS for MCS rates > 7.

hostapd shouldn't mask the RX and TX STBC caps with it's own. They are
already handled in a special case below.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
2011-06-23 20:18:21 +03:00
Jouni Malinen
7cc7307d90 Fix hostapd build without NEED_AP_MLME=y 2011-06-22 21:45:14 +03:00
Jouni Malinen
9e2704c3a2 Add EVENT_RX_ACTION handler for hostapd
This fixes an issue with SA Query Response frames not being processed
anymore after wpa_supplicant started registering a handler for those.
This handler registration is in generic driver_nl80211.c code, so
hostapd uses it, too.
2011-06-21 20:55:46 +03:00
Jouni Malinen
55e632df72 Remove a compiler warning on uninitialized variable
This is not really ever used, but better keep the compiler output
cleaner.
2011-06-21 20:54:17 +03:00
Jouni Malinen
6b98a33c86 Fix a compiler warning on WPS-AP-without-UPnP builds 2011-05-31 20:11:25 +03:00
Ken Zhu
41fd1d9e9a atheros: Fix auth_alg configuration for static WEP
When IEEE 802.1X is not enabled, driver_atheros.c needs to know how
to set authentication algorithms for static WEP.
2011-05-20 18:27:53 +03:00
Vinay Adella
86795546f7 WPS UPnP: Fix UPnP initialization for non-bridge case with some drivers
If the driver wrapper is setting up the interface up only at commit(),
UPnP initialization fails. Fix that by moving UPnP setup to happen after
the driver commit() call.
2011-05-19 12:55:47 +03:00
Jouni Malinen
fa5165586f WPS: Add a workaround for Windows 7 capability discovery for PBC
Windows 7 uses incorrect way of figuring out AP's WPS capabilities by
acting as a Registrar and using M1 from the AP. The config methods
attribute in that message is supposed to indicate only the configuration
method supported by the AP in Enrollee role, i.e., to add an external
Registrar. For that case, PBC shall not be used and as such, the
PushButton config method is removed from M1 by default. If pbc_in_m1=1
is included in the configuration file, the PushButton config method is
left in M1 (if included in config_methods parameter) to allow Windows 7
to use PBC instead of PIN (e.g., from a label in the AP).
2011-05-17 19:53:02 +03:00
Ben Greear
60eda5e47d Better messages when channel cannot be used in AP mode
Log messages letting user know that the channel cannot
be used because it is flagged unusable.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-05-16 22:01:11 +03:00
Jouni Malinen
b8281964af Add workaround for race condition with AssocResp TX status
It may take some time for the TX status to be delivered for a
(Re)Association Response frame and if any Data frames are received
during that time, they may end up getting dropped as Class 3 frames in
not-associated state. This results in a Disassociation frame being sent
to the station and it assuming that the association has been lost.

Work around the issue by remembering that the (Re)Association Request
has already been accepted and skip the Deauth/Disassoc sending because
of the possible Class 3 frames before the TX status callback is
received.
2011-04-15 19:26:28 +03:00
Jouni Malinen
6e432d3f10 WPS: Use strict validation of (Re)AssocReq only if IEs are known 2011-04-14 02:58:35 +03:00
Jouni Malinen
b211f3eb71 Add sanity checks to EVENT_RX_PROBE_REQ event data
Both the SA and IEs from the received Probe Request frames must be
included and the Probe Request RX callback functions may assume that
these are not NULL.
2011-04-14 02:39:25 +03:00
Jouni Malinen
df13a1cdff Fix WPS AP mode regression
Commit 03d3f28a69 broke initialization of
EAPOL authenticator state machines since an error value from
wpa_auth_sta_key_mgmt() (-1) was not handled properly and the fixed
wpa_key_mgmt_wpa_psk() identified the value as a PSK-based AKM because
of all bits being set to 1. The special error value needs to handled
separately to avoid skipping EAPOL state machine initialization.
2011-04-11 19:22:49 +03:00
Per Ekman
0b04889f0d Remove references to time_t/time()/random()
Replace direct calls in AP mode code with os_*() wrappers.
2011-04-11 18:33:48 +03:00
Mahesh Palivela
a1ca02927a atheros: Add support for IEEE 802.11w configuration 2011-04-08 12:06:27 +03:00
Jouni Malinen
d9040cdb10 Fix a typo in a MIB variable in hostapd ctrl_interface 2011-04-05 01:21:27 +03:00
Felix Fietkau
4378fc14eb nl80211: Send EAPOL frames as QoS data frames for QoS aware clients
This should fix EAPOL reauthentication and rekeying timeout issues
with Intel clients when using WMM (e.g., with IEEE 802.11n). These
stations do not seem to be able to handle EAPOL data frames as
non-QoS Data frames after the initial setup.

This adds STA flags to hapd_send_eapol() driver op to allow
driver_nl80211.c to mark the EAPOL frames as QoS Data frame
when injecting it through the monitor interface.
2011-04-02 22:03:05 +03:00
Jouni Malinen
e4bf4db907 Work around SNonce updates on EAPOL-Key 1/4 retransmission
Some deployed supplicants update their SNonce for every receive
EAPOL-Key message 1/4 even when these messages happen during the
same 4-way handshake. Furthermore, some of these supplicants fail
to use the first SNonce that they sent and derive an incorrect PTK
using another SNonce that does not match with what the authenticator
is using from the first received message 2/4. This results in
failed 4-way handshake whenever the EAPOL-Key 1/4 retransmission
timeout is reached. The timeout for the first retry is fixed to
100 ms in the IEEE 802.11 standard and that seems to be short
enough to make it difficult for some stations to get the response
out before retransmission.

Work around this issue by increasing the initial EAPOL-Key 1/4
timeout by 1000 ms (i.e., total timeout of 1100 ms) if the station
acknowledges reception of the EAPOL-Key frame. If the driver does
not indicate TX status for EAPOL frames, use longer initial
timeout (1000 ms) unconditionally.
2011-03-29 17:39:12 +03:00
Jouni Malinen
2fee890af7 Add driver capa flag for EAPOL TX status and store capa in hostapd 2011-03-29 17:36:06 +03:00
Jouni Malinen
3c183894d4 Make GKeyDoneStations counting able to recover from mismatches
Previously, a bug in GKeyDoneStations count would remain in effect
until the authenticator is restarted. Make this more robust by
clearing the station count before each rekeying setup. While this
is not really supposed to be needed, there has been bugs in this
area in the past and it is safer to make the implementation recover
from such an issue automatically.
2011-03-23 17:06:17 +02:00
Jouni Malinen
2ade8ef296 Decrement GKeyDoneStations in WPA authenticator when STA is freed
If the STA to be freed is still included in GKeyDoneStations count,
decrement the count when the STA is freed. This does not happen in
AP mode since there is enough time to go through the authenticator
state machine to clear the STA. However, in the current RSN IBSS
implementation, the authenticator state for the STA is freed in a
way that does not allow the state machine to go through the clearing.
To address this, make sure that wpa_free_sta_sm() decrements the
GKeyDoneStations count if the STA happened to be in the process of
GTK rekeying.
2011-03-23 17:00:18 +02:00
Jouni Malinen
cd9fc7869a hostapd: Add testing mode for RSN element extensions
CFLAGS += -DCONFIG_RSN_TESTING in .config and rsn_testing=1 in
hostapd.conf can now be used to enable a testing mode that adds
extensions to RSN element. This can be used to check whether
station implementations are incompatible with future extensions
to the RSN element.
2011-03-21 13:59:05 +02:00
Johannes Berg
c76e5d7f9b wpa_s AP mode: complete only when setup is complete
The AP code might, currently only in the case of HT40, defer actual
enabling to after a scan. In this case, the wpa_s AP code gets confused.
Add a callback for it to use and make it use it to finish only when the
setup has actually completed.

With appropriate hacks in place this allows using HT40 in P2P mode.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-03-19 13:11:15 +02:00
Jean-Michel Bachot
4028a7fd43 WPS: Add support for adding WPS Vendor Extensions
This adds the ability to add WPS vendor extensions to an AP (or GO).
They will be added to the WSC IE(s) in Beacon and Probe Response frames.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-03-19 12:22:16 +02:00
Johannes Berg
2f646b6e83 WPS: Store (secondary) device type as binary
Instead of converting back and forth from the string representation,
always use the binary representation internally.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-03-17 18:50:22 +02:00
Helmut Schaa
4f6bd86d07 hostapd: Don't force HT Mixed Mode for non-GF STAs
Currently hostapd will force HT Mixed Mode if at least one non-GF STA is
associated. This will force _all_ HT transmissions to be protected.

802.11n-2009 doesn't require HT Mixed Mode to be used in case of non-GF
STAs but instead the HT information element contains a flag if non-GF
STAs are present. All STAs are required to protect GF transmissions in
that case. Hence, setting HT Mixed mode if non-GF STAs are present is
superfluous.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
2011-03-16 11:56:39 +02:00
Sujith Manoharan
ec2b890981 HT: Skip ht_capab validation if ieee80211n=0
There is no point in running through the 40 MHz scan if HT is
actually disabled regardless of whether the ht_capab parameter
is set.
2011-03-16 11:22:40 +02:00
Jouni Malinen
e17a2477db nl80211: Extend bridge add/del operations for secondary BSSes
Previously, only the main interface was added to a bridge. Extend this
to apply to all configured BSSes.
2011-03-15 13:02:49 +02:00
Shan Palanisamy
39b08b5fc0 Indicate assoc vs. reassoc in association event
This allows driver wrappers to indicate whether the association was
done using Association Request/Response or with Reassociation
Request/Response frames.
2011-03-06 14:31:46 +02:00
Shan Palanisamy
d7956add9c FT: Make FT-over-DS configurable (hostapd.conf ft_over_ds=0/1) 2011-03-06 14:31:42 +02:00
Iain Hibbert
8ce58ceb25 Avoid preprocessor directives in macro arguments
os_snprintf() can be a preprocessor macro and according to
C99 (6.10.3 clause 11) the results of having preprocessor directives
inside the macro arguments is undefined.
2011-02-27 18:59:26 +02:00
Helmut Schaa
e926bcffd8 hostapd: Inherit correct MAC address for AP VLAN interfaces
When using multiple vifs and dynamic vlan tagging is enabled on any
interface, the created AP VLAN interfaces get the BSSID of the first
AP mode interface instead of the BSSID of the corresponding AP mode
interface.

Example:

wlan0 - xx:xx:xx:xx:x0
wlan1 - xx:xx:xx:xx:x1

Assume a STA connects to the AP interface wlan1 and gets a dynamic
VLAN tag 100 assigned by the RADIUS server. Hostapd will create an AP
VLAN interface wlan1.100 but doesn't set an address for this interface
which results in wlan1.100 getting the same address as wlan0:

wlan1.100 - xx:xx:xx:xx:x0

As a result the STA that was moved to wlan1.100 isn't able to finish its
4-way handshake since mac80211 won't pass its frames to wlan1.100 due to
the different address.

To fix this issue make use of the address of the AP interface when
creating an AP VLAN interface.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
2011-02-24 21:25:40 +02:00
Ben Greear
24d75245bd AP: Update logging related to inactivity and disassociation
Add MAC addresses for stations and use wpa_msg instead of printf
methods to make it easier to grep logs and find messages for the
station in question.

Signed-off-by: Ben Greear <greearb@candelatech.com>
2011-02-24 17:44:45 +02:00
Ben Greear
1aae01fc04 Add more wpa_auth debugging messages 2011-02-24 17:35:59 +02:00
Helmut Schaa
f39b07d7ed hostapd: Allow coexistance of HT BSSes with WEP/TKIP BSSes
In multi BSS setups it wasn't possible to set up an HT BSS in
conjunction with a WEP/TKIP BSS. HT needed to be turned off entirely
to allow WEP/TKIP BSSes to be used.

In order to allow HT BSSes to coexist with non-HT WEP/TKIP BSSes add a
new BSS conf attribute "disable_11n" which disables HT capabilities on a
single BSS by suppressing HT IEs in the beacon and probe response
frames. Furthermore, mark all STAs associated to a WEP/TKIP BSS as
non-HT STAs. The disable_11n parameter is used internally; no new entry
is parsed from hostapd.conf.

This allows a non-HT WEP/TKIP BSS to coexist with a HT BSS without
having to disable HT mode entirely. Nevertheless, all STAs associated to
the WEP/TKIP BSS will only be served as if they were non-HT STAs.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
2011-02-21 17:27:16 +02:00
Jouni Malinen
55bce124e5 FT: Fix FT-EAP to set EAPOL Authenticator into authenticated state
This is needed to avoid the EAPOL Authenticator from trying to start
new authentication when FT protocol is used. [Bug 384]
2011-02-20 21:56:56 +02:00
Jouni Malinen
7e0318505c FT: Specify source MAC address for RRB messages
Use l2_packet with Ethernet header included so that the source
address for RRB packets can be forced to be the local BSSID. This
fixes problems where unexpected bridge interface address may end
up getting used and the recipient of the frame dropping it as
unknown R0KH/R1KH.
2011-02-20 17:50:11 +02:00
Jouni Malinen
6603a96602 Flush STA entries in hostapd when clearing STAs from kernel
This is needed to keep kernel and hostapd in sync. In addition,
the obsolete entry in hostapd prevented use of Deauthentication
or Disassociation frame with reason code 6/7 mechanism to indicate
to the STA that there is no association if the STA missed the
broadcast Deauthentication frame for any reason.
2011-02-10 22:31:32 +02:00
Jouni Malinen
e3e52e364e hostapd: Fix RADIUS client configuration update on reconfig
The internal pointer to RADIUS client configuration needs to be
updated whenever a new hostapd configuration is loaded. Without
this, freed memory may be dereferenced and this can result in
segmentation faults.
2011-02-10 22:12:29 +02:00
Jouni Malinen
810f08bab4 Make sure reserved field in WMM IE is set to 0
This was previously left uninitialized for Beacon frames and could
potentially have any value.
2011-02-10 22:10:40 +02:00
Jouni Malinen
2944824315 hostapd: Add require_ht configuration parameter
This can be used to configure hostapd to reject association with
any station that does not support HT PHY.
2011-02-09 15:08:47 +02:00
Jouni Malinen
e67b55fb11 wpa_s AP: Deliver EVENT_RX_PROBE_REQ events to AP processing
This is needed to allows WPS PBC session overlap detection to work
with drivers that process Probe Request frames internally. This
code is is run in hostapd, but the wpa_supplicant AP mode did not
have call to the hostapd_probe_req_rx() function even though it
registered handlers for hostapd Probe Request RX callbacks.
2011-02-08 14:32:35 +02:00
Jouni Malinen
d601247ca9 P2P: Allow WPS_PBC command on GO to select on P2P Device Address
An optional parameter, p2p_dev_addr, can now be given to WPS_PBC
command on P2P GO to indicate that only the P2P device with the
specified P2P Device Address is allowed to connect using PBC. If
any other device tries to use PBC, a session overlap is indicated
and the negotiation is rejected with M2D. The command format for
specifying the address is "WPS_PBC p2p_dev_addr=<address>", e.g.,
WPS_PBC p2p_dev_addr=02:03:04:05:06:07

In addition, show the PBC session overlap indication as a WPS failure
event on an AP/GO interface. This particular new case shows up as
"WPS-FAIL msg=4 config_error=12".
2011-02-07 18:28:36 +02:00
Johannes Berg
0661eed204 AP: Add callback for STA authorized transitions
Add a callback for station's authorized transitions
to allow wpa_supplicant to emit events in DBus.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-02 16:56:59 +02:00
Johannes Berg
6905dcb1e0 AP: Introduce sta authorized wrappers
To enable making state change notifications on the WLAN_STA_AUTHORIZED
flag, introduce ap_sta_set_authorized(), and to reduce use of the flag
itself also add a wrapper for testing the flag: ap_sta_is_authorized().

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2011-02-02 16:52:32 +02:00
Jouni Malinen
7615078caf AP: Make sure ieee80211n_allowed_ht40_channel_pair() gets called
We need to call this function after having completed the neighboring
channel scan to figure out whether HT40 can be used and if so, which
channel is the secondary channel.
2011-02-01 16:09:26 +02:00
Nishant Sarmukadam
1b4d379366 AP: Ensure ieee80211n_supported_ht_capab() gets called to check ht caps
ieee80211n_supported_ht_capab is called after ieee80211n_check_40mhz in
function hostapd_check_ht_capab. ieee80211n_check_40mhz can return 1 in
a valid scenario where the initialization is completed in a callback. In
this case ieee80211n_supported_ht_capab is skipped and hostapd does not
check the ht capabilities reported by the driver. Fix this issue making
sure ieee80211n_supported_ht_capab gets called.

Signed-off-by: Nishant Sarmukadam <nishants@marvell.com>
2011-02-01 16:04:59 +02:00
Johannes Berg
d2da224948 AP: Enable WMM with default parameters by default for HT
If WMM is not disabled explicitly (wmm_enabled=0 in hostapd.conf),
enable WMM automatically whenever HT (ieee80211n) is enabled. Use
the default WMM parameters for AP TX queues and the EDCA parameters
advertised for stations in WMM IE if no overriding values are
included in the configuration.
2011-02-01 14:34:12 +02:00
Jouni Malinen
1161ff1ef5 hostapd: Allow TDLS use to be prohibited in the BSS
tdls_prohibit=1 and tdls_prohibit_chan_switch=1 and now be used to
disable use of TDLS or TDLS channel switching in the BSS using
extended cabilities IE as defined in IEEE 802.11z.
2011-01-28 19:21:59 +02:00
Jouni Malinen
cbcf92b42f AP: Validate management frame length
Make sure that received management frames are long enough before
processing them. This avoids a potential segmentation fault if a
driver delivers an invalid frame all the way to hostapd.
2011-01-17 12:21:29 +02:00
Jouni Malinen
bc8318acbc WPA: Add more info for EAPOL-Key Nonce/MIC debugging 2011-01-15 16:57:08 +02:00
Chao-Wen Yang
c5cf0a18f1 WPS: Add mechanism for indicating non-standard WPS errors
Previously, only the Configuration Error values were indicated in
WPS-FAIL events. Since those values are defined in the specification
it is not feasible to extend them for indicating other errors. Add
a new error indication value that is internal to wpa_supplicant and
hostapd to allow other errors to be indicated.

Use the new mechanism to indicate if negotiation fails because of
WEP or TKIP-only configurations being disallows by WPS 2.0.
2011-01-13 17:50:59 +02:00
Jouni Malinen
0382097ef3 Use set_key addr to distinguish default and multicast keys
Previously, both NULL and ff:ff:ff:ff:ff:ff addr were used in various
places to indicate default/broadcast keys. Make this more consistent
and useful by defining NULL to mean default key (i.e., used both for
unicast and broadcast) and ff:ff:ff:ff:ff:ff to indicate broadcast
key (i.e., used only with broadcast).
2011-01-09 19:44:28 +02:00
Jouni Malinen
4d379f1243 Move hostap driver specific workaround into the driver wrapper 2011-01-09 12:50:57 +02:00
Jouni Malinen
dff99f8ec1 Do not use set_tx=1 when clearing keys with set_key 2011-01-09 12:18:36 +02:00
Jouni Malinen
260832214e Use key=NULL when clearing PTK with set_key
The key clearing operations are using NULL everywhere else, so make
this consistent with other callers.
2011-01-09 12:12:48 +02:00
Johannes Berg
0d7e5a3a29 Allow AP mode to disconnect STAs based on low ACK condition
The nl80211 driver can report low ACK condition (in fact it reports
complete loss right now only). Use that, along with a config option, to
disconnect stations when the data connection is not working properly,
e.g., due to the STA having went outside the range of the AP. This is
disabled by default and can be enabled with disassoc_low_ack=1 in
hostapd or wpa_supplicant configuration file.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2010-12-28 17:15:01 +02:00
Jouni Malinen
1df492df34 Do not send Deauth/Disassoc to unknown STA if SA is invalid
The frame needs to be sent from an individual (non-group) address,
so drop invalid frames before sending Deauth/Disassoc frames to
not associated STAs.
2010-12-04 17:40:36 -08:00
Jouni Malinen
7392f11e96 Convert most commonly used drv ops to real function calls
Getting rid of these inline functions seems to reduce the code size
quite a bit, so convert the most commonly used hostapd driver ops to
function calls.
2010-11-24 17:01:21 +02:00
Jouni Malinen
0e8a96a911 Get rid of struct hostapd_driver_ops abstraction
This is not needed anymore and just makes things more difficult
to understand, so move the remaining function pointers to direct
function calls and get rid of the struct hostapd_driver_ops.
2010-11-24 16:50:06 +02:00
Jouni Malinen
3acdf771b8 hostapd_driver_ops reduction
send_eapol, set_key, read_sta_data, sta_clear_stats,
set_radius_acl_auth, set_radius_acl_expire, and set_beacon
to use inline functions instead of extra abstraction.
2010-11-24 16:34:49 +02:00
Jouni Malinen
51e2a27a21 hostapd_driver_ops reduction
set_sta_vlan, get_inact_sec, sta_deauth, sta_disassoc, and sta_remove
to use inline functions instead of extra abstraction.
2010-11-24 15:36:02 +02:00
Jouni Malinen
b5b1b18f39 hostapd_driver_ops reduction: set_countermeasures 2010-11-24 15:26:44 +02:00
Jouni Malinen
cee7d66b1d hostapd: Start removing struct hostapd_driver_ops abstraction
Commit bf65bc638f started the path to
add this new abstraction for driver operations in AP mode to allow
wpa_supplicant to control AP mode operations. At that point, the
extra abstraction was needed, but it is not needed anymore since
hostapd and wpa_supplicant share the same struct wpa_driver_ops.

Start removing the unneeded abstraction by converting
send_mgmt_frame() to an inline function, hostapd_drv_send_mlme().
This is similar to the design that is used in wpa_supplicant and
that was used in hostapd in the past (hostapd_send_mgmt_frame()
inline function).
2010-11-24 15:19:50 +02:00
Jouni Malinen
08704cd885 hostapd: Verify availability of random data when using WPA/WPA2
On Linux, verify that the kernel entropy pool is capable of providing
strong random data before allowing WPA/WPA2 connection to be
established. If 20 bytes of data cannot be read from /dev/random,
force first two 4-way handshakes to fail while collecting entropy
into the internal pool in hostapd. After that, give up on /dev/random
and allow the AP to function based on the combination of /dev/urandom
and whatever data has been collected into the internal entropy pool.
2010-11-24 13:08:03 +02:00
Masashi Honma
dbb6ed7e75 Fix memory leak on EAPOL Authenticator error path
wlan0: RADIUS No authentication server configured
MEMLEAK[0x999feb8]: len 1040
WPA_TRACE: memleak - START
[3]: ./hostapd(radius_msg_new+0x33) [0x8074f43]
     radius_msg_new() ../src/radius/radius.c:117
[4]: ./hostapd() [0x806095e]
     ieee802_1x_encapsulate_radius() ../src/ap/ieee802_1x.c:439
     ieee802_1x_aaa_send() ../src/ap/ieee802_1x.c:1496

For example, this error occured when I used WPS hostapd without
"eap_server=1" definition in configuration file.
2010-11-24 01:42:50 +02:00
Jouni Malinen
bbb921daaa Maintain internal entropy pool for augmenting random number generation
By default, make hostapd and wpa_supplicant maintain an internal
entropy pool that is fed with following information:

hostapd:
- Probe Request frames (timing, RSSI)
- Association events (timing)
- SNonce from Supplicants

wpa_supplicant:
- Scan results (timing, signal/noise)
- Association events (timing)

The internal pool is used to augment the random numbers generated
with the OS mechanism (os_get_random()). While the internal
implementation is not expected to be very strong due to limited
amount of generic (non-platform specific) information to feed the
pool, this may strengthen key derivation on some devices that are
not configured to provide strong random numbers through
os_get_random() (e.g., /dev/urandom on Linux/BSD).

This new mechanism is not supposed to replace proper OS provided
random number generation mechanism. The OS mechanism needs to be
initialized properly (e.g., hw random number generator,
maintaining entropy pool over reboots, etc.) for any of the
security assumptions to hold.

If the os_get_random() is known to provide strong ramdom data (e.g., on
Linux/BSD, the board in question is known to have reliable source of
random data from /dev/urandom), the internal hostapd random pool can be
disabled. This will save some in binary size and CPU use. However, this
should only be considered for builds that are known to be used on
devices that meet the requirements described above. The internal pool
is disabled by adding CONFIG_NO_RANDOM_POOL=y to the .config file.
2010-11-24 01:29:40 +02:00
Jouni Malinen
3642c4313a Annotate places depending on strong random numbers
This commit adds a new wrapper, random_get_bytes(), that is currently
defined to use os_get_random() as is. The places using
random_get_bytes() depend on the returned value being strong random
number, i.e., something that is infeasible for external device to
figure out. These values are used either directly as a key or as
nonces/challenges that are used as input for key derivation or
authentication.

The remaining direct uses of os_get_random() do not need as strong
random numbers to function correctly.
2010-11-24 01:05:20 +02:00
Jouni Malinen
1bdb7ab3af Re-initialize GMK and Key Counter on first station connection
This adds more time for the system entropy pool to be filled before
requesting random data for generating the WPA/WPA2 encryption keys.
This can be helpful especially on embedded devices that do not have
hardware random number generator and may lack good sources of
randomness especially early in the bootup sequence when hostapd is
likely to be started.

GMK and Key Counter are still initialized once in the beginning to
match the RSN Authenticator state machine behavior and to make sure
that the driver does not transmit broadcast frames unencrypted.
However, both GMK (and GTK derived from it) and Key Counter will be
re-initialized when the first station connects and is about to
enter 4-way handshake.
2010-11-24 00:52:46 +02:00
Jouni Malinen
3c7302c219 Report errors from key derivation/configuration
Eventually, these should be acted on, so at least get the return
values passed one layer up.
2010-11-23 01:05:26 +02:00
Jouni Malinen
5cb9d5c3d1 Mix in more data to GTK/IGTK derivation
The example GMK-to-GTK derivation described in the IEEE 802.11 standard
is marked informative and there is no protocol reason for following it
since this derivation is done only on the AP/Authenticator and does not
need to match with the Supplicant. Mix in more data into the derivation
process to get more separation from GMK.
2010-11-23 00:57:14 +02:00
Jouni Malinen
f3b87561d7 Share WPA IE parser function for RSN authenticator/supplicant
There is no point in maintaining two almost identical versions
of this parser. Move WPA IE parser into wpa_common.c similarly
to what was already the case with RSN IE parse.
2010-11-12 21:52:14 +02:00
Jouni Malinen
8ea3dd21d2 AP: Verify that HT40 secondary channel is supported
Refuse to enable HT40 mode AP unless both the primary and secondary
channels are enabled for AP use.
2010-11-12 18:31:56 +02:00
Jouni Malinen
fd806bac5f WPS: Change concurrent radio AP to use only one WPS UPnP instance
WPS external Registrars can get confused about multiple UPnP
instances (one per radio) on a dual-concurrent APs. Simplify the
design by sharing a single UPnP state machine for all wireless
interfaces controlled by hostapd. This matches with the previous
changes that made a single command enable WPS functionality on
all interfaces.

This is relatively minimal change to address the sharing of the
state among multiple struct hostapd_data instances. More cleanup
can be done separately to remove unnecessary copies of information.
2010-11-11 14:50:13 +02:00
Felix Fietkau
c2aa25fb34 hostapd: Fix config reload for multi-BSS
Secondary BSS interfaces need to be activated after the config has
been reloaded.
2010-11-09 16:35:49 +02:00
Felix Fietkau
d3b4286967 Allow client isolation to be configured (ap_isolate=1)
Client isolation can be used to prevent low-level bridging of frames
between associated stations in the BSS. By default, this bridging is
allowed.
2010-11-09 16:27:15 +02:00
Felix Fietkau
5a5009dc92 Fix rate table handling
With the nl80211 driver, the rate table is mode dependent, so it
must be initialized after the hardware mode has been selected.
2010-11-09 16:17:50 +02:00
Felix Fietkau
d38ae2ea85 Add bridge handling for WDS STA interfaces
By default, add them to the configured bridge of the AP interface
(if present), but allow the user to specify a separate bridge.
2010-11-09 16:12:42 +02:00
Felix Fietkau
7826ceae91 Fix WDS STA reassociation
If the STA entry is present in hostapd, but not in the kernel driver, its
WDS status needs to be restored when the STA reassociates
2010-11-09 16:00:09 +02:00
Jouni Malinen
6fc58a89e1 Fix EAP standalone server
Commit c3fc47ea8e fixed EAP passthrough
server to allow Logoff/Re-authentication to be used. However, it
broke EAP standalone server while doing that. Fix this by reverting
the earlier fix and by clearing the EAP Identity information in the
EAP server code whenever an EAPOL-Start or EAPOL-Logoff packet is
received.
2010-11-07 16:25:35 +02:00
Jouni Malinen
7e3c178142 Remove unused TX queue parameters related to Beacon frames
These are not used by any driver wrapper, i.e., only the four
data queues (BK, BE, VI, VO) are configurable. Better remove these
so that there is no confusion about being able to configure
something additional.
2010-11-05 01:23:17 +02:00
Jouni Malinen
8dcb61ce5d WPS: Comment out WEP configuration lines on reconfig 2010-11-04 17:02:16 +02:00
Jouni Malinen
c926593119 Allow EAPOL frames from pre-authenticating station to be processed 2010-10-27 11:34:29 +03:00
Jouni Malinen
e11f5a2cbc hostapd: Set operstate UP when initializing AP mode
This is needed to avoid problems with other applications setting and
leaving the interface to IF_OPER_DORMANT state. In AP mode, the interface
is ready immediately after the keys are set, so we better make sure the
DORMANT state does not prevent normal operations after that.
2010-10-26 16:30:28 +03:00
Jouni Malinen
3e7533b399 WPS ER: Show SetSelectedRegistrar events as ctrl_iface events
This makes it easier to figure out if something goes wrong in
preparing the AP for enrolling a station.
2010-10-25 21:29:22 +03:00
Jouni Malinen
1f4c7b6b2a hostapd: Fix compiler warning
Commit 83e843e830 copied a workaround
without updating the return value to match with the void function.
2010-10-25 13:38:06 +03:00
Jouni Malinen
83e843e830 hostapd: Avoid crashing on station mode disassoc event
Some driver wrappers may end up indicating a disassociation or
deauthentication event without the address of the station, e.g.,
based on a previous non-AP mode event. Avoid crashing hostapd
by verifying that the require address parameter is available in
the event before processing it.
2010-10-22 17:43:23 +03:00
Jouni Malinen
450eddcfae hostapd: Add wps_config ctrl_interface command for configuring AP
This command can be used to configure the AP using the internal
WPS registrar. It works in the same way as new AP settings received
from an ER.
2010-10-21 16:49:41 +03:00
Jouni Malinen
cbbf4a1cc3 WPS: Fix a compiler warning in hostapd_wps_update_ie() 2010-10-20 13:35:55 +03:00
Jouni Malinen
2c8a4eef41 WPS: Update Beacon/ProbeResp IE on wps_version_number changes
This test command is supposed to change the WPS version number in all
places immediately, so make sure that the IEs used in management
frames get updated immediately.
2010-10-19 19:57:01 +03:00
Jouni Malinen
3f4ce13fde P2P: Track non-P2P members in the group and set Group Limit bit
The P2P group component is now tracking of associated stations
in the group and the Group Limit bit in the Group Capabilities
is updated based on whether there is room for new clients in
the group.
2010-10-19 18:10:28 +03:00
Anil Gathala Sudha
a0dee79709 P2P: Send AP mode WPS-FAIL event to parent interface
The AP operation with wpa_supplicant requires an additional callback
to get the needed event information from hostapd side so that
wpa_msg() can be called for wpa_s->parent if needed.
2010-10-14 20:57:00 +03:00
Jouni Malinen
fc215bfe86 WPS: Add WPS-FAIL ctrl_interface event for hostapd 2010-10-14 20:50:46 +03:00
Jouni Malinen
4e698e5c30 WPS: Fix WPS commands in wpa_supplicant AP mode
Commit 9290cc1800 broke this by moving
to use for_each_interface() which is not available in wpa_supplicant
AP mode.
2010-10-10 17:43:42 +03:00
Jouni Malinen
dce044cce5 P2P: Extend P2P manager functionality to work with driver MLME
Add P2P IE into Beacon, Probe Response, and (Re)Association Request
frames for drivers that generate this frames internally.
2010-10-08 18:16:07 +03:00
Jouni Malinen
2f7d9f2dd9 Apply WPS configuration changes to all interfaces that use WPS
When a single hostapd process is controlling multiple interfaces,
apply the received or auto-generated configuration changes to all
interfaces that have enabled WPS.
2010-10-08 17:32:10 +03:00
Jouni Malinen
e55f98f4b8 Disable AP PIN on all interfaces controlled by the same process
When a single hostapd process is used to manage multiple interfaces,
disable AP PIN on all interfaces if an attack is detected on any
interface.
2010-10-08 17:24:58 +03:00
Jouni Malinen
9290cc1800 Apply hostapd WPS commands to all interfaces on concurrent APs
When the same hostapd process is controlling multiple interfaces,
apply WPS commands (push button, add PIN, change AP PIN) to all
interfaces that are configured to use WPS.
2010-10-08 17:15:16 +03:00
Jouni Malinen
0314e26a61 Fix wpa_supplicant AP mode with WPS not to crash
Commit 3379a3a795 added a direct
iface->for_each_interface use without verification whether the
function is available. This works with hostapd, but not
wpa_supplicant (which crashes on segfault).
2010-10-06 16:46:43 +03:00
Jouni Malinen
416192628d Fix AP mode 40 MHz pri/sec channel parsing in overlap determination
The previous implementation ended up incorrectly assuming that all
40 MHz use cases have secondary channel above the primary one. Fix this
by properly masking the secondary channel offset field and checking its
value.
2010-10-06 14:09:44 +03:00
Jouni Malinen
fa37511fa7 WPS: Fix hostapd reconfig to update WPS UPnP string pointers
This is needed to update the pointers maintained within WPS code
to use the new configuration data instead of maintaining pointers
to the old configuration which will be freed. This fixes strings in
UPnP discovery after reconfig (they used to be random freed memory..).
2010-09-22 19:34:32 -07:00
Jouni Malinen
70153d385c hostapd: Add virt/phy flag for Display/PushButton if needed (WPS 2.0)
This seems to be the easiest way of making sure the Config Methods
value is compliant with the WSC 2.0 specification without having
to modify the configuration file. However, this will only add the
virtual flag, so the configuration files should really be updated
to specify values that match the AP design.
2010-09-22 17:45:43 -07:00
Jouni Malinen
0e2e565a44 WPS 2.0: Provide (Re)Association Response WPS IE to driver
WPS 2.0 mandates the AP to include WPS IE in (Re)Association Response
if the matching (Re)Association Request included WPS IE. Provide the
needed WPS IE information to the driver_ops API for drivers that
process association frames internally.

Note: This modifies the driver_ops API by adding a new argument to
set_ap_wps_ie().
2010-09-22 10:46:44 -07:00
Jouni Malinen
baf7081ccd WPS: Add MAC address to validation error message for Probe Request
This makes it easier to figure out which device is sending invalid
Probe Request frames.
2010-09-22 10:07:20 -07:00
Jouni Malinen
3379a3a795 WPS: Fix Beacon WPS IE on concurrent dualband AP in PBC mode
The Beacon frame must include UUID-E and RF Bands attributes when
in active PBC mode to allow stations to figure out that two BSSes in
PBC mode is not a PBC session overlap.
2010-09-20 15:32:29 -07:00
Jouni Malinen
e0369e3664 WPS: Use same UUID in multi-interface case
When generating the UUID based on MAC address, share the same UUID
with all interfaces. This fixes a potential issue with concurrent
dualband APs where the UUID needs to be same for PBC to work properly.
2010-09-20 14:28:43 -07:00
Dan Harkins
df684d82ff EAP-pwd: Add support for EAP-pwd server and peer functionality
This adds an initial EAP-pwd (RFC 5931) implementation. For now,
this requires OpenSSL.
2010-09-14 21:51:40 -10:00
Jouni Malinen
812bf56ab1 Fix build without CONFIG_P2P=y 2010-09-09 07:20:28 -07:00
Jouni Malinen
5548ddc217 P2P: Allow P2P IE without Device Info in (Re)Assoc Req
This can happen, e.g., when a P2P client connects to a P2P group
using the infrastructure WLAN interface instead of P2P group
interface. In that case, the P2P client may behave as if the GO
would be a P2P Manager WLAN AP.
2010-09-09 07:17:21 -07:00
Jouni Malinen
6c6915f3db P2P: Add defined values for P2P Manageability Bitmap 2010-09-09 07:17:20 -07:00
Jouni Malinen
aefb53bd5d P2P: Disable periodic NoA when non-P2P STA is connected
For now, this applies to the test command that can be used to set
periodic NoA (p2p_set noa). The value are stored and periodic NoA
is enabled whenever there are no non-P2P STAs connected to the GO.
2010-09-09 07:17:20 -07:00
Jouni Malinen
962473c136 P2P: Add preliminary P2P Manager AP support for hostapd 2010-09-09 07:17:18 -07:00
Jouni Malinen
ef7963917c P2P: Add group notification from (re)association request 2010-09-09 07:17:18 -07:00
Jouni Malinen
f684e608af P2P: Use PSK format in WPS Credential 2010-09-09 07:17:17 -07:00
Jouni Malinen
8ccbe415ba P2P: Add group notifications 2010-09-09 07:17:17 -07:00
Jouni Malinen
e44f8bf20a P2P: Add P2P configuration and callbacks in hostapd code 2010-09-09 07:17:17 -07:00
Jouni Malinen
b22128efdc P2P: Add initial version of P2P Module 2010-09-09 07:17:17 -07:00
Jouni Malinen
c2af2afb3b P2P: Preparations for adding P2P IE into Beacon/Probe Response frames 2010-09-09 07:17:17 -07:00
Jouni Malinen
b305c684b8 P2P: Save a copy of P2P IE(s) data from (Re)Association Request 2010-09-09 07:17:17 -07:00
Jouni Malinen
62281bc690 P2P: Do no process Probe Request with P2P wildcard SSID in WPS
The Probe Request frames used in P2P Device Discovery should not be
processed by the WPS implementation.
2010-09-09 07:17:16 -07:00
Jouni Malinen
54f489be45 WPS 2.0: Validate WPS attributes in management frames and WSC messages
If CONFIG_WPS_STRICT is set, validate WPS IE(s) in management frames and
reject the frames if any of the mandatory attributes is missing or if an
included attribute uses an invalid value. In addition, verify that all
mandatory attributes are included and have valid values in the WSC
messages.
2010-09-09 06:07:48 -07:00
Jouni Malinen
dcc4d8be75 WPS 2.0: Disable WPS workarounds if CONFIG_WPS_STRICT is defined 2010-09-09 06:07:47 -07:00
Jouni Malinen
31fcea931d WPS 2.0: Add support for AuthorizedMACs attribute
Advertize list of authorized enrollee MAC addresses in Beacon and
Probe Response frames and use these when selecting the AP. In order
to provide the list, the enrollee MAC address should be specified
whenever adding a new PIN. In addition, add UUID-R into
SetSelectedRegistrar action to make it potentially easier for an AP
to figure out which ER sent the action should there be multiple ERs
using the same IP address.
2010-09-09 06:07:47 -07:00
Jouni Malinen
a0fad21014 Indicate Barker Preamble Mode in ERP IE also based on local configuration
While this is not strictly speaking required based on dynamic
configuration (i.e., dot11ShortPreambleOptionImplemented is static
value based on implementation, not runtime configuration), it is better
to follow local configuration parameter for short preamble in addition
to the associated station capabilities.
2010-09-05 13:11:42 +03:00
Jouni Malinen
8421e95c71 Fix segfault in hostapd_eid_ht_capabilities() with some drivers
This function is not really needed in case of drivers that build the
HT IEs internally. However, since this can get called if ieee80211n=1
is set in hostapd.conf, we better not segfault even if the driver
does not provide hw info (hapd->iface->current_mode == NULL).
2010-09-05 12:47:16 +03:00
Jouni Malinen
0caf077bc1 WPS: Fix hostapd build without CONFIG_WPS_UPNP
Commit 5a1cc30f1a added code that was
assuming CONFIG_WPS_UPNP is enabled whenever CONFIG_WPS is. Fix this
by making the UPnP calls conditional on CONFIG_WPS_UPNP define.
2010-09-05 12:34:04 +03:00
Helmut Schaa
36af1c7d31 hostapd: enable STBC only for STBC capable STAs
hostapd simply used its own STBC configuration in the STA's HT caps. This
resulted in TX STBC being used for STAs not supporting RX STBC, which in
turn resulted in the STA not receiving anything.

Fix this by handling the STBC flags in the same way mac80211 does. Mask
out RX STBC if we don't support TX STBC and vice versa.

Tested only with the nl80211 driver and a STBC incapable STA.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
2010-08-28 12:25:44 +03:00
Jouni Malinen
31fa4c6d98 Remove unused ieee802_11_send_deauth() 2010-08-25 21:18:54 +03:00
Jouni Malinen
5a1cc30f1a WPS: Add support for dynamic AP PIN management
A new hostapd_cli command, wps_ap_pin, can now be used to manage
AP PIN at runtime. This can be used to generate a random AP PIN and
to only enable the AP PIN for short period (e.g., based on user
action on the AP device). Use of random AP PIN that is only enabled
for short duration is highly recommended to avoid security issues
with a static AP PIN.
2010-08-24 16:35:37 +03:00
Jouni Malinen
944814106e WPS: Do not disable AP PIN permanently, only slow down attacks
As a compromise between usability and security, do not disable
AP PIN permanently based on failed PIN validations. Instead, go to
AP Setup Locked state for increasing amount of time between each
failure to slow down brute force attacks against the AP PIN.

This avoids problems with some external Registrars that may try
to use the same PIN multiple times without user input. Now, the
user will still be able to fix the PIN and try again later while
a real attack is delayed enough to make it impractical.
2010-08-24 15:24:05 +03:00
Jouni Malinen
43dd46b3bc Fix memory leak in AP WEP key configuration 2010-08-17 21:04:07 +03:00
Jouni Malinen
6195adda9b WPS: Allow AP to start in Enrollee mode without AP PIN for probing
In theory, this should not really be needed, but Windows 7 uses
Registrar mode to probe AP's WPS capabilities before trying to use
Enrollee and fails if the AP does not allow that probing to happen.
This allows the AP to start as an Enrollee and send M1, but refuse
to continue beyond that (M3 will not be sent if AP PIN is not known).
2010-07-26 18:12:08 -07:00
Jouni Malinen
67ccef7e6c FT: Send RRB data directly when managed by same hostapd process
This makes it easier (and a bit faster) to handle multiple local
radios with FT. There is no need to depend on l2_packet in that
case since the frame can be delivered as a direct function call.
2010-07-25 20:30:12 -07:00
Jouni Malinen
7f6ec672ea EAP server: Add support for configuring fragment size 2010-07-20 22:56:10 -07:00
Jouni Malinen
4e22adb4d1 WPS: Move from WLAN_STA_MAYBE_WPS to WLAN_STA_WPS based on EAP messages
If the station does not include WSC IE in Association Request, it
is marked with WLAN_STA_MAYBE_WPS flag. We can update that to
WLAN_STA_WPS if the station uses either of the WPS identity strings.
This enables some workarounds for WPS stations.
2010-07-18 16:10:08 -07:00
Jouni Malinen
3239706303 WPS: Force disconnection after provisioning step
This works around some problems where the station is unable to disconnect
for some reason (e.g., if EAP-Failure gets dropped).
2010-07-18 16:08:52 -07:00
Jouni Malinen
e9501a07c6 FT: Fix RRB messages to use correct endianness
The pairwise cipher field is supposed to be little endian, but the
message building functions did not swap the bytes on big endian
hosts while the message processing functions did. Fix this by using
little endian byte order in both places.
2010-07-17 17:48:32 -07:00
Jouni Malinen
2d8bf73298 Add new debug message level for excessive information
Some frequent debug prints are of limited use and make debug output
difficult to read. Make them use a new debug level so that -dd
provides more readable output (-ddd can now be used to enable
the excessive debug prints).
2010-07-05 12:21:48 -07:00
Jouni Malinen
9776475fb9 WPS: Do not proxy Probe Request frames to foreign SSIDs to Registrars
We must only indicate stations that are either probing the wildcard SSID
or our own SSID.
2010-06-10 22:36:34 -07:00
Jouni Malinen
84b2f9909f Fix driver operation order in configuration reloading
Some of the driver wrappers need to get set_ieee8021x() call before
they can configure keys. Reorder the operations in the reloading
of configuration case to match with that expectation.
2010-05-29 22:27:27 +03:00
Jouni Malinen
ed7a09f914 Add WPS IE into (Re)Association Response frame if WPS is used
If the associating station indicates that it is intents to use WPS
by including WPS IE in (Re)Association Request frame, include WPS IE
in (Re)Association Response frame.
2010-05-26 18:46:08 +03:00
Jouni Malinen
16e46ec043 Reassemble WPS IE(s) in (Re)Association Request if needed
Use a function that will take care of possible (though, very unlikely)
fragmentation of WPS TLVs in (Re)Association Request frames.
2010-05-26 18:17:13 +03:00
Andriy Tkachuk
6deb41e73f Update WPS IE on hostapd reconfiguration
This is needed to handle cases where WPS state may have changed and
hostapd is reloading its configuration.
2010-05-02 11:21:19 +03:00
Jouni Malinen
1bc774a12a hostapd: Reorder some IEs to get closer to IEEE 802.11 standard
Vendor-specific IEs are supposed to be in the end of the frame, so move
WMM into the end of Beacon, Probe Response, and (Re)Association Response
frames. In addition, move HT IEs to be later in (Re)Association
Response to match the correct order.

hostapd_eid_wpa() adds multiple IEs and the end result may not always be
correct. If WPA is enabled, WPA IE (vendor-specific) gets added in the
middle of the frame and not in the end. This would require a larger
change to spliut the IEs from WPA module into separate locations when
constructing Beacon and Probe Response frames. This is not yet addressed.
2010-05-02 10:53:01 +03:00
Jouni Malinen
439d4bf960 Fix EAPOL_SM_USES_WPA flag to be set correctly
Commit c02d52b405 removed direct calls
to the WPA authenticator, but the change here was incorrect.
EAPOL_SM_USES_WPA was supposed to be set based on sta->wpa_sm being
set, i.e., no need to check for PMKSA entries for that.

While this could potentially change EAPOL Key TX state machine behavior,
no clear problems have been identified so far. Anyway, better fix this
to get the correct flags set for EAPOL authenticator state machine.
2010-05-01 17:12:59 +03:00
Jouni Malinen
3ab72b626b Fix WPA state machine initialization on WPA_REAUTH if needed
When using WPS, we may end up here if the STA manages to re-associate
without the previous STA entry getting removed. Consequently, we need to
make sure that the WPA state machines gets initialized properly at this
point.
2010-04-23 16:49:50 +03:00
Jouni Malinen
2de5a860a3 Fix build without CONFIG_FULL_DYNAMIC_VLAN 2010-04-17 21:01:35 +03:00
Jouni Malinen
7992b07f6a Remove unnecessary SUBDIRS loops from src/*/Makefile
There are no subdirectories in any of these directories or plans
for adding ones. As such, there is no point in running the loop
that does not do anything and can cause problems with some shells.
2010-04-17 17:10:31 +03:00
Jouni Malinen
e34ce1683c VLAN: Reorder init to get same behavior for all VLAN interfaces
Both the wildcard VLAN entry and the statically configured VLAN
interfaces should behave in the same way. Initializing the
full dynamic VLAN code before adding the statically configured VLAN
interfaces allows the same processing to be applied to both statically
and dynamically added VLAN interface (i.e., also the statically
configured ones will be added to a bridge).
2010-04-17 09:48:27 +03:00
Jouni Malinen
0249c988bb VLAN: Set statically configured VLAN interfaces up
This is needed to be able to bind stations to them with mac80211.
2010-04-17 09:45:18 +03:00
Jouni Malinen
b9c3e576cb VLAN: Fix bridge interface clean up for no tagged_interface case 2010-04-16 01:13:46 +03:00
M. Braun
20e2cb0ae0 VLAN: Decrease bridge forwarding delay to avoid EAPOL timeouts 2010-04-16 00:48:32 +03:00
M. Braun
37ba0928d5 VLAN: Set dynamic VLAN up to fix STA bind and key setup 2010-04-15 23:54:41 +03:00
Jouni Malinen
4254100d6c Stop processing if STA VLAN bind fails 2010-04-15 23:44:10 +03:00
Jouni Malinen
91faf6b948 VLAN: Clean up debug code and error messages 2010-04-15 20:35:51 +03:00
Jouni Malinen
c47cf42e4b WPS: Fix association when both WPS and WPA/RSN IE are included
The WPS IE was overriding the WPA/RSN IE in driver based MLME case
(hostapd_notif_assoc), but the MLME code here was not using WPS IE
correctly, i.e., it allowed the WPA/RSN IE override the operation.
2010-04-15 12:55:34 +03:00
Jouni Malinen
843123590a Fix hostapd build without WPS 2010-04-12 15:15:17 +03:00
Jouni Malinen
c706d5aa17 Add wpa_supplicant AP mode events for Public Action frames 2010-04-11 20:33:33 +03:00
Jouni Malinen
195420b8d1 Add WPS Registrar success callback 2010-04-11 20:21:08 +03:00
Jouni Malinen
b3db190fa2 Started to make set_ap_wps_ie() capable of adding multiple IEs
This mechanism can be used to add various IEs to Beacon and Probe
Response frames and it should be made clear that it is not reserved
only for WPS IE.
2010-04-11 20:16:43 +03:00
Jouni Malinen
f3585c8a85 Simplify driver_ops for virtual interface add/remove
There is no absolute requirement for separating address allocation
into separate functions, so simplify the driver wrapper interface
to use just if_add and if_remove instead of adding the new
alloc_interface_addr() and release_interface_addr() functions.

if_add() can now indicate if the driver forced a different interface
name or address on the virtual interface.
2010-04-11 19:23:09 +03:00
Yogesh Ashok Powar
721abef9b3 Allow advertising of U-APSD functionality in Beacon
hostapd does not implement UAPSD functionality. However, if U-APSD
functionality is implemented outside hostapd, add support to advertise
the functionality in beacon.

Signed-off-by: yogeshp@marvell.com
2010-04-11 11:32:15 +03:00
Jouni Malinen
0f857f43df FT: Validate MDIE and FTIE in FT 4-way handshake message 2/4 2010-04-10 22:40:35 +03:00
Jouni Malinen
86dfabb809 FT: Add FTIE, TIE[ReassocDeadline], TIE[KeyLifetime] to EAPOL-Key 3/4
These are mandatory IEs to be included in the FT 4-Way Handshake
Message 3.
2010-04-10 21:42:54 +03:00
Jouni Malinen
1566ec4685 Parse EAPOL-Key msg 2/4 Key Data IEs/KDEs before checking RSN/WPA IE
This is needed to avoid incorrect validation errors on RSN/WPA IE
when using FT since there may be more than a single IE in the
Key Data field.
2010-04-10 16:46:17 +03:00
Jouni Malinen
0ae145cde8 FT: Validate FTIE fields in Reassociation Request
ANonce, SNonce, R0KH-ID, and R1KH-ID must match with the values
used in the previous FT authentication sequence message per
IEEE Std 802.11r-2008, 11A.8.4.
2010-04-09 17:14:27 +03:00
Jouni Malinen
8aaf894de2 FT: Validate protect IE count in FTIE MIC Control 2010-04-09 17:08:16 +03:00
Jouni Malinen
6e80516ab9 FT: Fix Reassociation Response in FT Protocol to include ANonce/SNonce
These values are required to be included in the frame per
IEEE Std 802.11r-2008, 11A.8.5.
2010-04-09 13:36:06 +03:00
Jouni Malinen
1f6e69e07b FT: Do not add MIC to FTIE during initial MD association
We do not have any keys set at this point so there is no point in
adding the MIC. In addition, IEEE Std 802.11r-2008, 11A.4.2
describes this frame to have MIC IE count of 0 and MIC of 0.
2010-04-09 13:30:49 +03:00
Jouni Malinen
39eb4d0877 FT: Fix GTK subelement format in FTIE
The Key Info field was changed from 1-octet field to 2-octet field
in 802.11r/D7.0, but that had not been updated in the implementation.
2010-04-07 23:57:39 +03:00
Jouni Malinen
26e23750b9 FT: Fix FT 4-Way Handshake to include PMKR1Name in messages 2 and 3
IEEE Std 802.11r-2008, 11A.4.2 describes FT initial mobility domain
association in an RSN to include PMKR1Name in the PMKID-List field
in RSN IE in messages 2/4 and 3/4. This makes the RSN IE not be
bitwise identical with the values used in Beacon, Probe Response,
(Re)association Request frames.

The previous versions of wpa_supplicant and hostapd did not add the
PMKR1Name value in EAPOL-Key frame and did not accept it if added
(due to bitwise comparison of RSN IEs). This commit fixes the
implementation to be compliant with the standard by adding the
PMKR1Name value into EAPOL-Key messages during FT 4-Way Handshake and
by verifying that the received value matches with the value derived
locally.

This breaks interoperability with previous wpa_supplicant/hostapd
versions.
2010-04-07 21:04:13 +03:00
Jouni Malinen
738a1cb286 FT: Do not include RSN IE in (Re)Assoc Resp during initial MD association
RSN IE is only supposed to be included in Reassociation Response frames
and only when they are part of a fast BSS transition.
2010-04-07 17:27:46 +03:00
Gregory Detal
bb437f282b AP: Add wpa_msg() events for EAP server state machine 2010-04-07 11:13:14 +03:00
Jouni Malinen
68532a9ceb Avoid hostapd segfault on invalid driver association event
Running hostapd and wpa_supplicant on the same interface at the same
time is not expected to work, but it should not cause hostapd to crash.
Ignore station mode association events (no addr field) to avoid this.
2010-04-07 10:01:49 +03:00
Andriy Tkachuk
99f4ae67b7 Fix WPA/RSN IE update on reconfig with set_generic_elem()
IF WPA/RSN parameters were changed or WPA/RSN was disabled, the
WPA/RSN IE in Beacon/Probe Response frames was only update with
set_beacon(). We need to do this with set_generic_elem(), too, to
work with all driver wrappers.
2010-04-06 20:44:26 +03:00
Jouni Malinen
643743e215 WPS: Fix WPS IE update in Beacon frames for nl80211
Call ieee802_11_set_beacon() in addition to set_ap_wps_ie() when
processing WPS IE updates. This is needed with drivers that use
set_beacon() instead of set_ap_wps_ie() (i.e., nl80211).
2010-04-06 18:04:30 +03:00
Jouni Malinen
81a658d754 FT: Re-set PTK on reassociation
It turns out that this is needed for both FT-over-DS and FT-over-air
when using mac80211, so it looks easiest to just unconditionally
re-configure the keys after reassociation when FT is used.
2010-04-04 09:34:14 +03:00
Jouni Malinen
2220821113 FT: Use bridge interface (if set) for RRB connection
This fixes receiving of RRB messages between FT APs
2010-04-04 09:31:13 +03:00
Jouni Malinen
21c9b6903e FT: Set WLAN_AUTH_FT auth_alg on FT-over-DS case
This is needed to allow reassociation processing to skip 4-way handshake
when FT-over-DS is used with an AP that has a previous association state
with the STA.
2010-04-04 09:17:57 +03:00
Jouni Malinen
d8ad6cb966 FT: Force key configuration after association in FT-over-DS
This seems to be needed at least with mac80211 when a STA is using
FT-over-DS to reassociate back to the AP when the AP still has the
previous association state.
2010-04-04 09:16:11 +03:00
Jouni Malinen
9a3cb18d74 Add AP-STA-DISCONNECT event for driver-based MLME 2010-04-04 08:14:22 +03:00
Jouni Malinen
c41a1095b5 Allow hostapd_notif_assoc() to be called with all IEs
This makes the call simpler for driver wrappers since there is no need
to parse the IEs anymore before indicating association. In addition,
this allows association processing to be extended to use other IEs
in the future.
2010-04-04 08:14:18 +03:00
Jouni Malinen
0823031750 Fix Windows compilation issues with AP mode code 2010-04-04 08:14:14 +03:00
Jouni Malinen
7b1080dadd MFP: Fix IGTK PN in group rekeying
IGTK get_seqnum needs to be skipped in the same way as GTK one when
rekeying group keys. Previously, the old PN value (the one from the
previous key) was indicated and that resulted in MMIE replay detection
at the station.
2010-03-29 22:57:10 -07:00
Jouni Malinen
358c3691cf MFP: Add SA Query Request processing in AP mode 2010-03-29 14:05:25 -07:00
Jouni Malinen
a042f8447d Fix ctrl_iface get-STA-MIB for WPS disabled case
The previous version would crash here on NULL pointer dereference if
WPS was disabled.
2010-03-29 09:59:16 -07:00
Jouni Malinen
03bcb0af0d Fix wpa_auth_iface_iter() to skip BSSes without Authenticator
This could cause NULL pointer deference if multi-BSS configuration
was used with OKC in some cases.
2010-03-26 23:26:24 -07:00
Jouni Malinen
ef580012d1 FT: Fix Authorized flag setting for FT protocol
4-way handshake or EAPOL is not used in this case, so we must
force Authorized flag to be set at the conclusion of successful
FT protocol run.
2010-03-13 21:43:00 +02:00
Jouni Malinen
0e84c25434 FT: Fix PTK configuration in authenticator
Must update sm->pairwise when fetching PMK-R1 SA.
Add a workaround for drivers that cannot set keys before association
(e.g., cfg80211/mac80211): retry PTK configuration after association.
2010-03-13 21:11:26 +02:00
Jouni Malinen
1b484d60e5 FT: Include pairwise cipher suite in PMK-R0 SA and PMK-R1 SA
This is needed to fix PTK derivation to use correct length. Previously,
64-octet PTK may have been derived if the authenticator did not already
have a STA entry. Now, the correct pairwise cipher suite is learned when
then PMK-R1 SA is received.
2010-03-07 22:18:33 +02:00
Jouni Malinen
0ebdf62735 Remove unnecessary ifname parameter from set_ap_wps_ie() driver op 2010-03-07 11:51:50 +02:00
Jouni Malinen
d3e3a20565 Remove unnecessary ifname parameter from set_ht_params() driver op 2010-03-07 11:49:27 +02:00
Jouni Malinen
3234cba40e Remove unnecessary ifname parameter to sta_set_flags() driver op 2010-03-07 11:45:41 +02:00
Jouni Malinen
62847751e4 Remove unnecessary ifname parameter from sta_add() driver op 2010-03-07 11:42:41 +02:00
Jouni Malinen
8709de1ae8 Remove unnecessary ifname parameter from hapd_get_ssid/hapd_set_ssid 2010-03-07 11:36:45 +02:00
Jouni Malinen
aa48451698 Remove unnecessary ifname parameter from set_generic_elem() driver op 2010-03-07 11:33:06 +02:00
Jouni Malinen
d5dd016a8a Remove unneeded ifname parameter from set_privacy() driver op 2010-03-07 11:29:17 +02:00
Jouni Malinen
70a8419f26 Avoid crash after driver init failure
hostapd_flush_old_stations() needs to check whether the driver
initialization was successful since it gets called on an error path.
2010-03-07 11:25:28 +02:00
Jouni Malinen
7ab68865c0 Remove unneeded iface parameter from if_add() driver op 2010-03-07 10:05:05 +02:00
Jouni Malinen
8b897f5a17 Remove unnecessary ifname parameter from set_beacon()
The new per-BSS driver context makes this unnecessary.
2010-03-06 22:36:40 +02:00
Felix Fietkau
53f3d6f3e6 hostapd: allow stations to move between different bss interfaces
With this patch, a client gets kicked out of the last BSS it was
attached to, when it is associating to a different one.
While mac80211 does allow a station to be present on multiple bss
interfaces, this does seem to cause problems both for the stack
and for hostapd.
2010-03-06 22:30:25 +02:00
Felix Fietkau
a2e40bb650 hostapd: Fix interface selection for the nl80211 driver
This patch allows the nl80211 driver to create its own per-bss context
and pass it to the drv_priv pointer of the hostapd bss state.
With this and the following patch, stations can associate to and switch
between multiple BSS interfaces of a single wiphy.
This obsoletes a few instances of passing ifname to a callback, those
can be removed in a separate patch.
It might also be useful to move more fields from the driver data to the
per-bss data structure in the future.
2010-03-06 22:22:56 +02:00
Felix Fietkau
39f42d1193 hostapd: fix bogus nl80211 interface remove messages for STA WDS 2010-03-06 20:52:22 +02:00
Felix Fietkau
4c32757d22 hostapd: add ifname to the sta_set_flags callback
This fixes multi-BSS STA operations (e.g., setting AUTHORIZED flag) with
nl80211-based drivers.
2010-03-06 20:44:31 +02:00
Jouni Malinen
6fa2ec2d2b Make EAPOL Authenticator buildable with Microsoft compiler 2010-02-19 18:35:40 +02:00
Christian Lamparter
43a7fe2e0e ap: Reorder authsrv_init() to fix IEEE 802.1X initialization
This patch moves the authentication server setup before
IEEE 802.1X initialization. It's because 802.1X already
needs to have a valid SSL context.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
2010-01-17 12:14:17 +02:00
Jouni Malinen
6f9b5d1696 IBSS RSN: Check explicitly that WPA auth sm assoc call succeeded
Verify that association processing did not end up freeing the state
machine. This should not really happen in practice, but better verify
it anyway.
2010-01-10 21:45:44 +02:00
Jouni Malinen
e4a6ea1d9c Avoid a theoretical use-after-free in WPA auth sm init
wpa_sm_step() could theoretically free the statemachine, but it does
not do it in this particular case. Anyway, the code can be cleaned to
verify whether the state machine data is still available after the
wpa_sm_step() call.
2010-01-10 18:54:41 +02:00
Jouni Malinen
1ce77dcc66 Fix memory leak on RSN preauth init error path 2010-01-06 21:14:09 +02:00
Lennert Buytenhek
594cf8b9ef Fix WMM default parameters
wmm_ac_??_cw{min,max} parameters are in log form

When the wme_ac_??_cw{min,max} parameters aren't specified in
hostapd.conf, hostapd uses an incorrect set of default values, as the
defaults are in 2^x-1 form instead of in log form.  This patch changes
them over to the expected log form.
2010-01-06 20:48:29 +02:00
Jouni Malinen
70f8cc8ec8 Share the same enum for MFP configuration
The three existing enums were already depending on using the same
values in couple of places and it is just simpler to standardize on
one of these to avoid need for mapping between different enums for
the exact same thing.
2010-01-03 21:02:51 +02:00
Jouni Malinen
d1f9c410c1 Remove src/drivers/scan_helpers.c
Most of this file was already moved into wpa_supplicant/scan.c and
we can remove the file completely by having couple of small helper
functions copied to the remaining users outside core wpa_supplicant
code.
2010-01-03 20:27:32 +02:00
Jouni Malinen
1d041bec84 Use generic driver event notification for AP mode assoc/disassoc 2010-01-03 18:22:22 +02:00
Jouni Malinen
a8e0505bf0 Use driver event, EVENT_EAPOL_RX, for EAPOL frame indication 2010-01-03 17:44:40 +02:00
Jouni Malinen
a70a5d6d06 Replace hostapd_notif_new_sta() with new driver event, EVENT_NEW_STA 2010-01-03 16:46:18 +02:00
Jouni Malinen
9646a8ab8b Remove unnecessary wpa_event_type typedef 2010-01-03 13:10:12 +02:00
Jouni Malinen
2a8b74163e Move struct hostapd_frame_info definition away from driver API
This is internal data structure for hostapd/AP functionality and does
not need to be defined in driver.h.
2010-01-03 12:37:02 +02:00
Jouni Malinen
0d9fc3d8bd Remove struct ieee80211_hdr dependency from EVENT_RX_FROM_UNKNOWN
It is simpler to just pass in u8* to the beginning of the header.
2010-01-03 12:17:20 +02:00
Jouni Malinen
a0e0d3bb15 Replace hostapd_probe_req_rx() with EVENT_RX_PROBE_REQ driver event 2010-01-03 12:11:44 +02:00
Jouni Malinen
c2f5126941 WPS: Add Enrollee-seen event message and wpa_gui-qt4 Peers entry
This can be used to show active Enrollees in AP mode to make it
easier to provision a new device.
2009-12-28 16:24:04 +02:00
Jouni Malinen
cd7d80f373 Allow Probe Request callbacks to terminate iteration 2009-12-28 13:14:58 +02:00
Jouni Malinen
1c08f8c0f0 Allocate Probe Response and Beacon buffers based on WPS IE length
This IE is of variable length and it is better to allocate the frame
buffer taking this length into account to prepare for future
additions.
2009-12-28 12:58:27 +02:00
Jouni Malinen
f7c4783379 Split hostapd_interface_deinit() into deinit and free parts
This allows the driver interface to be deinitialized before
struct hostapd_data instance gets freed. This needs to be done so
that the driver wrapper does not maintain a context pointer to
freed memory.
2009-12-27 21:31:13 +02:00
Jouni Malinen
719347511a Get rid of unnecessary typedefs for enums. 2009-12-26 10:35:08 +02:00
Jouni Malinen
81f4f6195e Include header files explicitly in *.c, not via header files 2009-12-26 00:31:51 +02:00
Jouni Malinen
6e6e8c31ff Replace src/ap/driver_i.h with non-inlined functions in ap_drv_ops.c 2009-12-26 00:21:22 +02:00
Jouni Malinen
8b06c1ed0d Remove ap_config.h dependency from driver_i.h
This adds explicit #include line for ap_config.h into the src/ap/*.c
files that actually use the definitions from there.
2009-12-26 00:12:25 +02:00
Jouni Malinen
6226e38d00 Rename some src/ap files to avoid duplicate file names
Doxygen and some build tools may get a bit confused about same file
name being used in different directories. Clean this up a bit by
renaming some of the duplicated file names in src/ap.
2009-12-26 00:05:40 +02:00
Jouni Malinen
1b56c26c40 Get rid of direct hostapd_for_each_interface() calls
src/ap/*.c must not call functions in hostapd or wpa_supplicant
directories directly, so avoid this by using a callback function
pointer.
2009-12-25 20:12:26 +02:00
Jouni Malinen
70db2ab308 Move rest of the generic AP mode functionality into src/ap 2009-12-25 20:06:07 +02:00
Jouni Malinen
a4f2110934 Clean up some of the hostapd.h function prototype definitions
Not all prototypes in hostapd.h really belong there. This is an initial
step in cleaning that up.
2009-12-25 14:20:35 +02:00
Jouni Malinen
0aef3ec832 Move hostapd_prune_associations() into ap/utils.c 2009-12-25 14:06:26 +02:00
Jouni Malinen
2586bc64d0 Move authentication server setup into separate file 2009-12-25 13:43:43 +02:00
Jouni Malinen
ad44e244b1 Move iapp.c into src/ap 2009-12-25 13:04:45 +02:00
Jouni Malinen
0e2d35c614 Move ctrl_iface_ap.c into src/ap 2009-12-25 12:25:55 +02:00
Jouni Malinen
65668bfb77 Add forgotten src/ap/utils.c file
Commit 32da61d9c9 was supposed to add
this file.
2009-12-25 01:31:28 +02:00
Jouni Malinen
32da61d9c9 Move wps_hostapd.c into src/ap 2009-12-25 01:26:37 +02:00
Jouni Malinen
1057d78eb8 Move generic AP functionality implementation into src/ap
This code can be shared by both hostapd and wpa_supplicant and this
is an initial step in getting the generic code moved to be under the
src directories. Couple of generic files still remain under the
hostapd directory due to direct dependencies to files there. Once the
dependencies have been removed, they will also be moved to the src/ap
directory to allow wpa_supplicant to be built without requiring anything
from the hostapd directory.
2009-12-25 01:12:50 +02:00