When a GO is operating a persistent group and invites a peer that has
been a P2P client in that persistent group, the Invitation Type in the
Invitation Request frame can be set to 1 to indicate that this is a
reinvocation of a persistent group. Do this based on the maintained
list of P2P clients that have been provided the credentials to this
group.
Signed-hostap: Jouni Malinen <j@w1.fi>
Even though the Provision Discovery Response frame from PD-before-join
does not really provide any additional information, it can be better to
wait for it before starting the join operation. This adds a minimal
extra latency in the most common case and cleans up the sequence of
driver operations and debug log by avoiding potential processing of the
Provision Discovery Response while already running a scan for the actual
connection.
If transmission of Provision Discovery Request fails, join operation is
started without the additional wait. In addition, a new timeout is used
to start the join if Provision Discovery Response is lost for any
reason.
Signed-hostap: Jouni Malinen <j@w1.fi>
Provision Discovery is used as a notification to the GO in the case we
are about join a running group. In such case, there is not much point in
indicating the provision discovery response events to external programs
especially when the PIN-to-be-displayed was different from the one
returned for the p2p_connect command. Skip this confusing event
completely for join-a-running-group case.
Signed-hostap: Jouni Malinen <j@w1.fi>
These changes account for situations where the CQM threshold
might be approximately the same as the currently received signal,
and thus CQM events are triggered often due to measurement
error/small fluctuations. This results in scanning occurring
too frequently.
Firstly, inhibit the immediate scan when the short-scan count
is at the maximum. This keeps bursts of CQM toggling from
causing a torrent of back-to-back scans. This does not inhibit
immediate scans if the CQM triggers a second time (if the signal
falls lower past the hysteresis). This reduces the scan rate in
the worst case (fast-rate toggling high/low CQM events) to the
short scan interval.
Secondly, change the behavior of the short scan count so it acts like
a "leaky bucket". As we perform short-scans, the bucket fills until
it reaches a maximal short-scan count, at which we back-off and
revert to a long scan interval. The short scan count decreases by
one (emptying the bucket) every time we complete a long scan interval
without a low-RSSI CQM event.
This reduces the impact of medium-rate toggling of high/low CQM
events, reducing the number of short-interval scans that occur before
returning to a long-interval if the system was recently doing
short scans.
Driver global init was considered a hard failure. Thus if, for example,
you used the Broadcom STA driver and didn't have nl80211 or cfg80211
loaded into the kernel, and specified a driver value of "nl80211,wext",
the nl80211 driver's global init would fail with the following message:
nl80211: 'nl80211' generic netlink not found
Failed to initialize driver 'nl80211'
but since global init was a hard failure, creating the supplicant
interface would fail and the WEXT driver would not be tried.
Give other drivers a chance instead.
Signed-hostap: Dan Williams <dcbw@redhat.com>
intended-for: hostap-1
The setter function uses the same hostapd_data structure as the getter
which causes it to crash if called on a P2P client. To overcome this
issue, the role is checked to ensure it is called on a group owner and
the pointer is examined for validity. The function will return an error
if called on a non-GO system.
Signed-hostap: Todd Previte <toddx.a.previte@intel.com>
Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
intended-for: hostap-1
When using DBus to get group properties, a segmentation fault is
generated on P2P clients due to a NULL pointer for the ap_iface struct.
The current implementation only returns vendor extensions when called on
a P2P group owner.
The code now checks the P2P role which allows for role-specific
information to be provided. This also fixes the crash issue by only
looking for the correct structures based on the current P2P role.
Signed-hostap: Todd Previte <toddx.a.previte@intel.com>
Signed-hostap: Angie Chinchilla <angie.v.chinchilla@intel.com>
intended-for: hostap-1
When looking for PMKSA cache entries to use with a new association, only
accept entries created with the same network block that was used to
create the cache entry.
Signed-hostap: Jouni Malinen <j@w1.fi>
The disconnection command results in disassociation and deauthentication
events which were previously processed during the scan in case of
select_network command being used while associated with another network.
While this works in most cases, it can result in confusing event
messages in ctrl_iface and debug log. Avoid this by using a short delay
between the disconnection and scan request to allow the disconnection
events to be processed prior to starting the new scan.
Signed-hostap: Jouni Malinen <j@w1.fi>
intended-for: hostap-1
While the exponential increase in the lockout period provides an
efficient mitigation mechanism against brute force attacks, this
additional trigger to enter indefinite lockout period (cleared by
restarting hostapd) will limit attacks even further by giving maximum of
10 attempts (without authorized user action) even in a very long term
attack.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows HT capabilities overrides on kernels that
support these features.
MCS Rates can be disabled to force to slower speeds when using HT.
Rates cannot be forced higher.
HT can be disabled, forcing an 802.11a/b/g/n station to act like
an 802.11a/b/g station.
HT40 can be disabled.
MAX A-MSDU can be disabled.
A-MPDU Factor and A-MPDU Density can be modified.
Please note that these are suggestions to the kernel. Only mac80211
drivers will work at all. The A-MPDU Factor can only be decreased and
the A-MPDU Density can only be increased currently.
Signed-hostap: Ben Greear <greearb@candelatech.com>
Now that CTRL-EVENT-TERMINATING even is sent at the end of interface
removal in case wpa_supplicant process is going to terminate, there
is no need for this duplicated event in the signal handler.
Signed-hostap: Jouni Malinen <j@w1.fi>
This allows TERMINATING ctrl_iface event to be sent at the end of the
deinit sequence to avoid race conditions with new operations that this
event may trigger while wpa_supplicant would still be running through
the deinitialization path.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
This avoids issues with some external program starting to use the
interface based on the interface removal event before wpa_supplicant
has completed deinitialization of the driver interface.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
This will be needed to be able to move ctrl_iface TERMINATING event to
the end of interface removal.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
current_bss and pending_bssid weren't cleaned up so BSS
kept appearing in the scan results even when it was actually gone.
Use wpa_supplicant_mark_disassoc() to cleanup the wpa_s context
instead of just dropping wpa_state back to DISCONNECTED.
Reported-by: Vishal Mahaveer <vishalm@ti.com>
Signed-hostap: Eyal Shapira <eyal@wizery.com>
For drivers limited to scan a single SSID at a time, this prevents
waiting too long for a wildcard scan in case there are several
scan_ssid networks in the configuration.
Signed-hostap: Eyal Shapira <eyal@wizery.com>
This changes the install target such that parent directories of
installed paths area created and each path is only installed
on a dependency basis.
Signed-off-by: Grant Erickson <marathon96@gmail.com>
This is a useful function that simplifies some code and can eventually
be used somewhere else in future.
Signed-hostap: Antonio Quartulli <ordex@autistici.org>
These properties did not work on big endian PowerPC (always 100% for
Signal and 0 for Frequency) due to endianness problem (u32 to u16 data
loss).
Signed-off-by: Sylvestre Gallon <ccna.syl@gmail.com>
Perforce does not like @ in the file name and since these template files
do not really need to have that in the name, make the files in
repository friendlier to Perforce. The generated *.service file will
maintain their old names.
Signed-hostap: Jouni Malinen <j@w1.fi>
When the "bssid=" option is set for an IBSS network and ap_scan = 2,
ask the driver to fix this BSSID, if possible.
Previously, any "bssid=" option were ignored in IBSS mode when ap_scan=2.
Signed-hostap: Nicolas Cavallari <cavallar@lri.fr>
Provide a means over DBus to set the conf->fast_reauth
property, which controls whether TLS session resumption
should be attempted for EAP-TLS 802.1X networks.
Signed-off-by: Paul Stewart <pstew@chromium.org>
wpas_wps_in_use() was forcing WPS to be enabled unconditionally if P2P
support was included in the build. This is not really the correct
behavior for the case when P2P has been disabled at runtime. Change the
code here to verify runtime configuration of P2P before forcing WPS to
be enabled. This allows WSC IE to be left out from Probe Request frames
when scanning for APs without P2P or WPS being in use.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Even though we may not update P2P peer entry while connected to the
peer as a P2P client, we should not be expiring a P2P peer entry while
that peer is the GO in a group where we are connected as a P2P client.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When a P2P group is removed, we better not leave possibly started
sched_scan running. This could happen when a separate group interface
was not used.
In addition, it looks safer to explicitly stop sched_scan before
starting P2P Listen or Find operations to make sure the offloaded
scanning is not running when doing similar P2P operations.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This patch fixes an issue with roaming for drivers that set
WPA_DRIVER_FLAGS_BSS_SELECTION (currently ath6kl). On moving to an AP
with a different BSSID, an EVENT_ASSOC is received and the subsequent
4-way handshake may fail because of a mismatch between the RSN IE in
message 3/4 and in Beacon/Probe Response. This happens only when the APs
use different RSN IE contents and ap_scan is set to 1, since
wpa_supplicant fails to update its cached IEs.
Initial association may fail, too, in case of multiple APs with
the same SSID, since BSSID selection is done by the driver and again
a mismatch could be seen.
Fix these two issues by clearing and updating the cached IEs on
receiving an Association event from the driver. Also, retrieve the
scan results when the new BSS information is not present locally.
Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
dev_id=<P2P Device Addr> can now be specified as an argument to
p2p_find to request P2P find for a specific P2P device.
Signed-hostap: Jouni Malinen <j@w1.fi>
The deauthentication and disassociation events from nl80211 were being
processed identically regardless of whether the frame was generated by
the local STA or the AP. This resulted in fast reconnection mechanism
getting triggered even in the case where the disconnection was detected
locally (e.g., due to beacon loss) while this was supposed to happen
only in the case where the AP is sending an explicit Deauthentication
or Disassociation frame with a specific reason code.
Fix this by adding a new deauth/disassoc event variable to indicate
whether the event was generated locally.
Signed-hostap: Jouni Malinen <j@w1.fi>
Commit e9c3c1afed added a new D-Bus
method and that was enough to push the Introspect XML buffer over
the previously allocated 8000 bytes. Increase the buffer size to
make enough room for P2P interface. In addition, add a debug
message to indicate if an XML segment does not fit into the buffer
to make this types of failures somewhat easier to catch.
Signed-hostap: Jouni Malinen <j@w1.fi>
The authentication timeout could be triggered after the connection has
already been known to have failed. The event at that point can be
confusing, so better cancel the timeout when processing connection
failure.
Signed-hostap: Jouni Malinen <j@w1.fi>
If the BSSID of the AP is specified in the WPS command, the target
AP is likely already in the BSS table and its operating channel is
known. Use this information to speed up connection by only scanning
the known channel.
Signed-hostap: Jouni Malinen <j@w1.fi>
The 'network.target' is special (per systemd.special(7)), and is to be
brought up indirectly when network is actually configured (i.e. through
DHCP or static address settings).
Irrelevant of that, all services should be always installed in
multi-user.target.
[Bug 427]
This fixes issues with drivers that do not handle concurrent
remain-on-channel and scan operations in a case where Provision
Discovery Response frame is not received to stop the Action frame
handshake.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If the freq parameter is specified and we are already running legacy STA
on a different frequency with a driver that does not support
multi-channel concurrency, reject p2p_group_add. Same code already
exists in the path of P2P connection with go negotiation but is missing
for autonomous GO.
Signed-hostap: Neeraj Garg <neerajkg@broadcom.com>
Add a new persistent group network block field, p2p_client_list, to
maintain a list of P2P Clients that have connected to a persistent
group. This allows GO of a persistent group to figure out more easily
whether re-invocation of a persistent group can be used with a specific
peer device.
Signed-hostap: Jouni Malinen <j@w1.fi>
Add "persistent=<network id>" line to P2P_PEER ctrl_iface data
if a persistent group credentials are available for this peer.
This makes it easier for external programs to figure out when
a persistent group could be re-invoked with this peer.
For now, this information is only available on the P2P client,
but similar information can be added for GO once a list of P2P
clients is maintained with the persistent group data.
Signed-hostap: Jouni Malinen <j@w1.fi>
The P2P module provides access to public peer data in struct
p2p_peer_info. Use this to build the P2P_PEER information in
ctrl_iface.c instead of providing such text format data from the P2P
module.
The internal data that was previously built in p2p_get_peer_info() as
part of the text format peer data is now available through a separate
p2p_get_peer_info_txt() function. This is still included in P2P_PEER
output to maintain backwards compatibility with external programs that
could have started to use this. However, it should be noted that this
data is not really supposed to be used for anything else apart from
debugging purposes and its format is subject to change.
Signed-hostap: Jouni Malinen <j@w1.fi>
p2p_get_peer_info() was used in multiple places just to check whether a
specific peer is known. This was not the designed use for the function,
so introduce a simpler function for that purpose to make it obvious that
the p2p_get_peer_info() function is actually used only in ctrl_iface.c.
Signed-hostap: Jouni Malinen <j@w1.fi>
The internal sched_scanning state needs to be cleared on this event
even if the events happen to get ordered in a way that the interface
gets disabled just prior to EVENT_SCHED_SCAN_STOPPED event.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
If the driver was associated in station mode just before the AP mode was
started, the station mode disassociation event may end up getting
delivered to wpa_supplicant only after the AP mode has been started.
This can result in unexpected attempt to reassociate back to the network
that was previously used in station mode. Avoid this by ignoring the
disassociation event.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The active station connection triggered wpa_supplicant AP mode startup
to try to update Beacon IEs before the AP mode was properly initialized
and that resulted in NULL pointer dereference in driver_nl80211.c. Fix
this by skipping the IE update before the AP mode is initialized.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The p2p_group_idle configuration parameter is much more useful for
GO role, so use a separate hardcoded value of 10 seconds in P2P
client role. In practice, this means that the P2P client role will
automatically tear down the group when the GO tears down the group.
The 10 second timeout is enough to recover from temporary disconnections
without unnecessary tearing down the group if the GO is still present
and allows the client to connect.
Signed-hostap: Jouni Malinen <j@w1.fi>
When P2P client is processing a disconnection event, make sure the P2P
idle timeout does not get increased, i.e., set a new timeout only if no
timeout is in use. wpa_state changes between DISCONNECTED and SCANNING
can generate multiple calls to wpas_p2p_notif_disconnect() and
previously this was enough to force the idle timeout never hit in
practice when in P2P client role.
Signed-hostap: Jouni Malinen <j@w1.fi>
This event can be very frequent in AP mode when Beacon frames from
neighboring BSSes are delivered to user space. Drop the debug
message priority from DEBUG to EXCESSIVE for Beacon frames.
Signed-hostap: Jouni Malinen <j@w1.fi>
The Provision Discovery Request needs to be sent on the operating
channel of the GO and as such, the frequency from the BSS table
(scan results) need to override the frequency in the P2P peer
table that could be based on the Listen channel of the GO.
Signed-hostap: Jouni Malinen <j@w1.fi>
When in AP mode, wpa_supplicant is now enabling WPS (only Internal
Registrar). WPS.Start() call can be used to initiate WPS negotiation
similarly to how this is done in station mode.
This was done to ctrl_iface by Jouni Malinen on April 21, 2009 (commit
3ec97afe57)
Signed-hostap: Gustavo Sverzut Barbieri <barbieri@profusion.mobi>
The GO negotiation response is very cryptic at the moment. For a success
message we only know on which interface the negotiation succeeded, not
which peer. For a failure we know the interface also and a status code
(number).
It will be very useful for clients to know upon receipt of such a message
which peer the negotiation occurred with.
Now that the peer information is available and the API is changed
already, the function composing the D-Bus message might as well include
all GO negotiation information. This is done with a dict to make things
easier on clients if this result information changes down the line.
Signed-hostap: Reinette Chatre <reinette.chatre@intel.com>
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Need to remove ROAM command processing since the needed functionality
for it gets removed with CONFIG_NO_SCAN_PROCESSING=y.
Signed-hostap: Jouni Malinen <j@w1.fi>
The whole wpa_supplicant_ctrl_iface_ctrl_rsp_handle() function operates
on the ssid->eap field which exists only if IEEE8021X_EAPOL has been
defined. Therefore the whole function body needs to be enclosed within
an #ifdef/endif block.
Signed-hostap: Antonio Quartulli <ordex@autistici.org>
Antonio reported that RSN IBSS failed to work.
We traced it down to a GTK failure, and he then
bisected it to commit bdffdc5ddb:
"AP: Reorder WPA/Beacon initialization".
The reason this commit broke it is that the state
machine's GInit variable is never set to false as
wpa_init_keys() never gets called, and thus new
keys are generated every time the state machine
executes.
Fix this by calling wpa_init_keys() when the new
group has been initialised.
Reported-by: Antonio Quartulli <ordex@autistici.org>
Tested-by: Antonio Quartulli <ordex@autistici.org>
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Previously, the WPS scans could have been done in associated state if we
happened to be associated when the request to use WPS was received. This
can slow down scanning and end up in unexpected state if no WPS
association is tried. Avoid these issues by disconnecting when WPS
search is started.
Signed-hostap: Jouni Malinen <j@w1.fi>
Convert core wpa_supplicant code to use u64 instead of void * for the
P2P service discovery reference. Use uintptr_t in type casts in
p2p_supplicant.c to handle the conversion without warnings.
Note: This needs to be revisited for 128-bit CPU where sizeof(void *)
could be larger than sizeof(u64).
Signed-hostap: Jouni Malinen <j@w1.fi>
Some debug messages used incorrect name for Provision Discovery.
Replace "Provisioning Discovery" with "Provision Discovery".
Signed-hostap: Jouni Malinen <j@w1.fi>
WPS overlap detection can detect false overlap if a P2P peer
changes UUID while authentication is ongoing. Changing UUID
is of course wrong but this is what some popular devices do
so we need to work around it in order to keep compatibility
with these devices. There already is a mechanism in WPS
registrar to skip overlap detection if P2P addresses of two
sessions match but it wasn't really triggered because the
address wasn't filled in in the caller function.
Let's fill in this address and also clean up WPS PBC sessions
on WSC process completion if UUID was changed.
Signed-hostap: Vitaly Wool<vitalywool@gmail.com>
If a P2P group network block is removed for any reason (e.g., wps_cancel
command) while the interface is in group formation, remove the group
formation timeout and indicate failure immediately. Previously, this
type of operations could end up leaving the timeout running and result
in somewhat unexpected group formation failure events later.
Signed-hostap: Jouni Malinen <j@w1.fi>
If Provision Discovery Request is sent for GO role (i.e., P2P Group ID
attribute is included), add the group interface name to the control
interface event on the GO. This makes it easier to figure out which
ctrl_iface needs to be used for wps_pbc/wps_pin command to authorize
the joining P2P client.
Signed-hostap: Jouni Malinen <j@w1.fi>
If p2p_prov_disc join command is used prior to p2p_connect join,
skip the duplicated provision discovery exchange.
Signed-hostap: Jithu Jance <jithu@broadcom.com>
This can be used to request Provision Discovery Request to be sent
for the purpose of joining a running group, e.g., to request the GO
to display a PIN that we can then use with p2p_connect join command.
Signed-hostap: Jithu Jance <jithu@broadcom.com>
P2P use cases do not allow use of Label config method and the earlier
code for this has already been removed, but this documentation was not
updated at the same time.
Signed-hostap: Jouni Malinen <j@w1.fi>
The wpa_state needs to be dropped back to DISCONNECTED to allow scan
results to trigger a new authentication attempt.
Signed-hostap: Jouni Malinen <j@w1.fi>
If the AP disconnects us with a reason code that indicates that it has
dropped the association, but could allow us to connect again, try to
reconnect to the same BSS without going through the full scan. This can
save quite a bit of time in some common use cases, e.g., when inactivity
timeout is used on the AP (and especially, when waking up from suspend
which has likely triggered some timeout on the AP).
Signed-hostap: Jouni Malinen <j@w1.fi>
The wpa_state needs to be dropped back to DISCONNECTED to allow scan
results to trigger a new authentication attempt. In addition, we can use
wpas_connection_failed() instead of requesting a scan after a fixed time
to make this error case more consistent with other similar error paths
in sme.c.
Signed-hostap: Jouni Malinen <j@w1.fi>
This allows the MAC address of the interface to be changed when the
interface is set down even if the interface does not get completed
removed and re-added.
Signed-hostap: Jouni Malinen <j@w1.fi>
I have a test case where I remove and insert another network adapter
between two connections to AP. The interface get the same interface name
but switches macadresses between the connections. When running WPA2 I
got a failure in EAPOL negotiation and found out that the reason for
this was that the supplicant did not update the MAC address in the
correct place.
This script shows some minimal WPS user interface requirements for
mobile AP support with wpa_supplicant.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
"wpa_cli status wps" can now be used to fetch the WPA2-Personal
passphrase from AP mode operation with wpa_supplicant to make it
easier to meet WPS requirements for legacy STA support.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When using wpa_supplicant AP mode, WPS support is enabled by default for
WPA/WPA2-Personal. Change this to enforce the WPS2 rules on not allowing
WPS to be used with WPA/TKIP-only configuration (i.e., at minimum, mixed
mode with WPA/TKIP and WPA2/CCMP has to be used for WPS to be enabled).
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
A disconnection event from the driver may end up getting delivered at a
time when wpa_supplicant is not even trying to connect (e.g., during a
scan that was already started after WPS provisioning step). In such a
case, there is not much point calling wpas_connection_failed() and
skipping this avoids confusing attempts of re-starting scanning while
the previous scan is still in progress.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The show_group_started variable could be left to 1 based on an earlier
failed attempt to start P2P client operation. This can result in
unexpected P2P-GROUP-STARTED event when a GO is started without group
formation (e.g., re-invoke a persistent group or start an autonomous
GO). Avoid this by explicitly clearing show_group_start when setting up
the GO.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Set the HT capabilities of a P2P GO according to the wiphy supported
ones. Mask-in a white-list of HT capabilities that won't cause problems
for non-supporting stations.
Signed-hostap: Arik Nemtsov <arik@wizery.com>
Trying to run sched_scan round every two seconds by defaults sounds way
too frequent since dualband cards are unlikely to be able to complete
the full scan cycle in two seconds. For now, set the hardcoded value to
10 seconds to make this somewhat more reasonable.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When normal scan can speed up operations, use that for the first three
scan runs before starting the sched_scan to allow user space sleep more.
We do this only if the normal scan has functionality that is suitable
for this or if the sched_scan does not have better support for multiple
SSIDs.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Previously, only networks with scan_ssid=1 were included in sched_scan.
This needs to behave similarly to the normal scan where broadcast SSID
is used to find networks that are not scanned for with a specific SSID.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Instead of including only a single SSID in the sched_scan request if
the driver does not support match sets, just drop the SSID filter and
configure more SSIDs up to the sched_scan limit.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
"SET pno <1/0>" ctrl_iface command can now be used to start/stop PNO
with sched_scan driver commands. This will request offloading of
scanning to find any of the enabled networks in the configuration.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The filter_ssids pointer needs to be set to NULL if no SSID filters
are set to avoid filtering out all scan results.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This allows the internal TLS implementation to be built for TLS v1.2
support. In addition to the build option, this changes the TLS PRF
based on the negotiated version number. Though, this commit does not
yet complete support for TLS v1.2.
Signed-hostap: Jouni Malinen <j@w1.fi>
Send the connection events from P2P group to both the group interface
and parent interface ctrl_ifaces to make it easier for external monitor
programs to see these events without having to listen to all group
interfaces when virtual group interfaces are used.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
The previous implementation was trying to add the first SSID
to a zero-length array. Avoid this with an explicit validation
of the array length.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This cleans up the source code and makes it less likely that new AKM
addition misses some needed changes in the future.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_supplicant is going to reject a configuration file that uses
WPA/WPA2-Personal (the default key_mgmt), but does not define
passphrase/PSK. Refuse to save such a configuration to avoid getting
stuck with a configuration that wpa_supplicant will reject.
Signed-hostap: Jouni Malinen <j@w1.fi>
This is the default value if device_type is not set, so do not
write it to the wpa_supplicant configuration file when saving
updated configuration.
Signed-hostap: Jouni Malinen <j@w1.fi>
Display signal strength in dBm with visual indicator in the form of a
bar for scan results displayed by wpa_gui-qt4. Any signal > -35dBm is
treated as full signal bar, signals between range of -95<->-35dBm are
displayed linearly. Convert WEXT signal level value to scale that
nl80211 typically reports in dBm. The condition which differentiates
8-bit WEXT dBm and regular dBm is probably fragile, but there is
currently no way to know what the driver is going to report for signal
strength.
Signed-off-by: Kel Modderman <kel@otaku42.de>
Use the no-ACK send_mlme request to transmit Probe Response frames
in P2P Listen state. This reduces number of unnecessary transmissions
if the peer device has already moved away from the channel. It will most
likely go through Search state multiple times anyway, so even if the
response were to be lost, a new retry will happen at higher layer.
Signed-hostap: Jouni Malinen <j@w1.fi>
In some situations it might be benefical to send a unicast frame without
the need for getting it ACKed (probe responses for example). In order to
achieve this add a new noack parameter to the drivers send_mlme callback
that can be used to advise the driver to not wait for an ACK for this
frame.
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
Even though scan_ssid should not really be set for wildcard SSID,
better verify that here explicitly insead of assuming that the
SSID is set.
Signed-hostap: Jouni Malinen <j@w1.fi>
The new event can be used when EAPOL TX status can't be reported as a
complete 802.11 frame but is instead reported as just the EAPOL data as
originally passed to hapd_send_eapol().
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
The source code compiles into different objects depending on
the contents of .config. Therefore, the objects should depend
on .config.
Previously, only the executables depended on .config. This meant
that they were re-linked when .config changed. But that relink
process used the old (and now wrong) objects.
Scan wasn't initiated in case the config contained only networks without
scan_ssid. In such a case we want scan to be initiated without any SSIDs
to actively scan but include all the SSIDs in the filter list. Also
added some debug logs to easily see which SSIDs were included in which
list.
Cc: Luciano Coelho <coelho@ti.com>
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Some drivers do not handle concurrent remain-on-channel operation
requests, so run p2p_stop_find() prior to starting p2p_listen. This
addresses some issues with P2P_LISTEN command being issues again
while already in Listen state.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
In AP mode, authentication algorithm is reset in
hostapd_config_defaults_bss() and never set to the configured one. This
would pass the default auth_algs (OPEN|SHARED) to driver regardless of
what the wpa_supplicant configuration is requesting.
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com>
The P2P_FIND command was failing if it was issued at the moment when
a scan operation was in progress. Avoid returning failure in this
case by scheduling the P2P find to start once the ongoing scan is
completed.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
The libnl_2 library uses static linking and different path for
header files in the Android ICS release.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
P2P IE was incorrectly added in wpa_supplicant AP mode even if P2P
function was not actually enabled.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
When wpa_supplicant AP mode is used, WPS was enabled by default
regardless of security mode. This is not desired for WEP, so change
the AP configuration to enable WPS only for open and WPA/WPA2-Personal
networks.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This has been obsoleted by the more generic Linux WEXT (driver_wext.c)
support. The hostap and madwifi driver wrappers can now be used only
with hostapd. The old station interface remains available in releases up
to 1.x.
Signed-hostap: Jouni Malinen <j@w1.fi>
The driver wrappers broadcom, iphone, osx, and ralink have not been
maintained for a while and it does not look like they will be in the
future either. As such, remove them from the development branch. The
previous versions will be included in older releases up to 1.x.
Signed-hostap: Jouni Malinen <j@w1.fi>
Use a driver_ndis.c specific initialization function to fill in the
wpa_driver_ops information to make it easier to modify struct
wpa_driver_ops in the future. Being able to build driver_ndis.c
with MSVC was the only reason for having to maintain the same order
of function pointers in struct wpa_driver_ops and for having to
update driver_ndis.c for all changes in that structure.
Signed-hostap: Jouni Malinen <j@w1.fi>
This code has not been maintained for years and there is no plan on
doing so either in the future. The Qt4-based wpa_gui-qt4 version can be
used as a replacement for this older wpa_gui version.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_supplicant_rsn_preauth_scan_results() needs to be called to
update RSN pre-authentication candidates. This cannot be done before
the wpa_supplicant_connect() call on the first association, but when
trying to figure out whether to roam, it is fine to do so for the
case when roaming is skipped.
Signed-hostap: Jouni Malinen <j@w1.fi>
In scan.c, merge a channel's noise value into the scan results. When
comparing scan results, compute the signal-to-noise ratio and use it
when available. Prefer a 5 GHz network if its SNR is really big (> 30)
or if its SNR is relatively close to the other network's.
The eloop timeout to stop TKIP countermeasures has to be canceled
on deinit path to avoid leaving bogus timeouts behind.
Signed-hostap: Jouni Malinen <j@w1.fi>
Converts from a string to a control request enum when input
from a control interface is received. Will be used by a
subsequent patch.
Signed-off-by: Dan Williams <dcbw@redhat.com>
Add a D-Bus signal for EAP SM requests. This signal is emitted on the
Interface object so that clients only have to listen to one object for
requests rather than to all network objects. This signal is analogous
to the socket control interface's CTRL-REQ- request.
Signed-off-by: Dan Williams <dcbw@redhat.com>
Control requests will be extended for non-EAP uses later, so it makes
sense to have them be generic. Furthermore, having them defined as an
enum is easier for processing internally, and more generic for control
interfaces that may not use field names. The public ctrl_req_type /
field_name conversion function will be used later by the D-Bus control
interface too.
Signed-off-by: Dan Williams <dcbw@redhat.com>
At least with driver_test.c, the BSS table may not include frequency
information. In such a case, we need to skip rate set matching during
BSS selection to avoid rejecting valid AP.
Signed-hostap: Jouni Malinen <j@w1.fi>
The interface may not yet have been set to P2P client mode immediately
after GO Negotiation when doing the scan before association request.
Consequently, the scan request in this state has to specify that the
specific P2P probe mode is used to disable IEEE 802.11b rates.
Signed-hostap: Jouni Malinen <j@w1.fi>
This function was used unconditionally if wpa_supplicant build
includes CONFIG_P2P=y. Adding a separate driver_ops for such use
is not really useful since the driver wrappers can do the same
internally. Remove this driver_ops and move matching functionality
into driver_nl80211.c which was the only driver wrapper using
this driver_ops callback.
Signed-hostap: Jouni Malinen <j@w1.fi>
This can be used to apply the no-CCK rule conditionally depending on
which frame is being sent. The no-CCK rule applies only for P2P
management frames while SA Query and FT use cases do not have similar
restrictions.
Signed-hostap: Jouni Malinen <j@w1.fi>
wpa_supplicant dbus objects are currently difficult to use with
GDBusProxy. This is because they do not follow the dbus standard in
emitting the PropertiesChanged signal on the standard D-Bus properties
interface, so GDBusProxy stores stale property values.
Fix this by raising PropertiesChanged on the standard interface.
For backwards compatibility, the existing custom PropertiesChanged
signals are not removed; I anticipate them being removed in a future
major release.
See
http://lists.freedesktop.org/archives/dbus/2011-August/014593.html
for more info.
Signed-off-by: Daniel Drake <dsd@laptop.org>
P2P Client did not show correct frequency in the control interface
event P2P_EVENT_GROUP_STARTED. Fix that by using the frequency from
the BSS table or association event.
This patch stops any on-going "p2p_find" on creating an Autonomous GO.
This is already taken care in case of invoking a persistent GO. GO as
such will be advertising via the beacons for other devices to discover.
So normally the GO doesn't need to do a p2p_find until and unless it
wants to invite a P2P Client. In case of Invite scenario, logically it
is better to do a explicit discover [via user intervention] after the GO
is created. This patch will help to reduce battery wastage [due to
p2p_find operations] in scenarios where user creates a GO and doesn't
initiate a connection.
Once PBC overlap detected when using dynamic group interfaces, the wpa_s
corresponding to P2P group interface is freed. This patch avoids
accessing the wpa_s data structure after it is freed. This fixes a
possible crash in P2P client role in such a case.
The persistent_reconnect configuration parameter was used to decide
whether to accept invitation to re-establish a persistent group.
However, this was not being advertised in the Group Capability bitmap.
Add the Persistent Reconnect bit based on this configuration to GO
Negotiation frames and Beacon/Probe Response frames from the GO.
Use capability information to decide whether to perform a given TDLS
operation internally or through mgmt-frame Tx.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
Before commencing setup, add a new STA entry to the driver representing
the peer. Later during setup, update the STA entry using information
received from the peer.
Extend sta_add() callback for adding/modifying a TDLS peer entry and
connect it to the TDLS state machine. Implement this callback for the
nl80211 driver and send peer information to kernel.
Mark TDLS peer entries with a new flag and translate it to a
corresponding nl80211 flag in the nl80211 driver.
In addition, correct TDLS related documentation in the wpa_driver_ops
structure.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
Disable the direct connection when a TDLS peer stops responding
to packets, as indicated by the "LOW ACK" event coming from a driver.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
When a driver does not implement the TDLS_TEARDOWN operation internally,
send an explicit TDLS link teardown frame to the driver.
Change all teardown calls to use these calling semantics.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
Register for the TDLS discovery response public action frame in nl80211.
Print out a debug message when a Discovery Resp frame is received and
validated.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
Put glue code in place to propagate TDLS related driver capabilities to
the TDLS state machine.
If the driver doesn't support capabilities, assume TDLS is supported
internally.
When TDLS is explicitly not supported, disable all user facing TDLS
operations.
Signed-off-by: Arik Nemtsov <arik@wizery.com>
Cc: Kalyan C Gaddam <chakkal@iit.edu>
These driver_ops functions set_channel, set_ssid, set_bssid,
mlme_add_sta, and mlme_remove_sta were used with the user space
MLME implementation in wpa_supplicant. That was only for testing
purposes and was removed, but these driver_ops were forgotten.
Remove them now to remove confusing driver_ops definitions.
IEEE Std 802.11-2007 7.3.2.2 demands that in order to join a BSS all
required basic rates have to be supported by the hardware.
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
The hardware feature data is required in several different places
throughout the code. Previously, the data was acquired and freed on
demand, but with this patch wpa_supplicant will keep a single copy
around at runtime for everyone to use.
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
This avoids allocating global driver state for driver wrappers that
are built in but not used. This can save some resources and avoids
failures with driver_nl80211.c that is now initializing netlink
connections for nl80211 in global_init().
This code was used only with driver_test.c to allow MLME operations
in hostapd to be tested without having to use a real radio. There
are no plans on extending this to any other use than testing and
mac80211_hwsim has now obsoled the need for this type of testing.
As such, we can drop this code from wpa_supplicant to clean up the
implementation of unnecessary complexity.
This command allows an external program manage the BSS blacklist
and display its current contents.
Note: The blacklist is considered to be internal mechanism within
wpa_supplicant and changing it can have unexpected results.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
This offloads the station polling to driver wrappers, which may offload
it again to the driver. The hostap driver wrapper uses "real" data
frames while nl80211 uses null data frames.
Also add a specific event to indicate that a poll was successful for
future use with the nl80211 driver.
This can be used to display the current debugging level and to change
the log level during run time.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
This is the first step in allowing SA Query mechanism in hostapd to be
used with drivers that implement authentication and association MLME/SME
(i.e., do not use ieee802_11.c).
New configuration parameters home_imsi and home_milenage can be used
to configure SIM/USIM simulator parameters for network selection based
on SIM/USIM credentials.
home_imsi=(MCC | MNC | '-' | rest of IMSI)
home_milenage=(Ki):(OPc):(SQN)
For example:
home_imsi=310026-000000000
home_milenage=90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123
Add support for network selection for username/password credentials with
EAP-TTLS and EAP-PEAP. The new global configuration parameters
home_username, home_password, and home_ca_cert can be used to specify
credentials for network selection.
This adds the basic mechanism for running through network selection:
scan, ANQP fetch, network selection, and connection. Actual rules for
network selection and the creation of the network block are still
missing, but will be added in separate commits.
Add mechanism for using GAS/ANQP to query Interworking related
information from APs. The received information is stored in the BSS
table and can be viewed with ctrl_iface BSS command.
New ctrl_iface command ANQP_GET can be used to fetch ANQP elements from
a specific AP. Additional commands FETCH_ANQP and STOP_FETCH_ANQP can be
used to initiate and stop an iteration through all APs in the BSS table
that indicate support Interworking to fetch ANQP elements from them.
"hostapd_cli ess_disassoc (STA addr) (URL)" can now be used to send
an ESS Dissassociation Imminent notification to the STA. This event
is shown in wpa_supplicant ctrl_iface monitors (e.g., wpa_cli):
"WNM: ESS Disassociation Imminent - session_info_url=http://example.com/session/"
The new wpa_supplicant.conf file global parameters interworking and
hessid can be used to configure wpa_supplicant to include
Interworking element in Probe Request frames.
EVENT_WPS_BUTTON_PUSHED wpa_supplicant_event can now be used in
station mode driver_*.c to indicate that a push button has been
pushed. This will activate WPS PBC mode.
When initializing, the scheduled scan code was being called before
everything is ready. With normal scans, the first scan round is
delayed, so the initialization is finished by the time it really
starts.
Add a function that can be used to request a delayed scheduled scan.
The scan will only start after the specified time has elapsed. Call
this function instead of starting the scheduled scan directly during
driver initialization.
Signed-off-by: Luciano Coelho <coelho@ti.com>
Pass SSIDs to be matched in scheduled scan results. Only the SSIDs
that are included in the match lists will be reported by the driver,
so the filtering can be offloaded to the hardware and the power
consumption can be reduced.
Signed-off-by: Luciano Coelho <coelho@ti.com>
This patch uses sched_scan, if available, when the driver is
initialized. It also adds a couple of cancel operations where
appropriate.
Signed-off-by: Luciano Coelho <coelho@ti.com>
In new Linux kernel versions (>=3.0), nl80211 adds scheduled scan
capability. In order to use this feature to its full extent, we need
to support it in the wpa_supplicant core, so that it can also be used
by other drivers.
This commit adds initial scheduled scan support operations and events.
Signed-off-by: Luciano Coelho <coelho@ti.com>
Move some code to separate functions to reorganize the P2P and WPS
handling during scans. This makes the code a bit cleaner and is
needed for the scheduled scan implementation to avoid duplicated code.
Signed-off-by: Luciano Coelho <coelho@ti.com>
Clear the P2P GO callback parameters when removing the group to avoid
using these for non-P2P AP mode.
This is a fix for the bug I found in the following scenario:
A) p2p_group_add
A) p2p_group_remove wlan0
A) add_n
A) set_n 0 ssid "testap"
A) set_n 0 key_mgmt NONE
A) set_n 0 mode 2
A) set_n 0 frequency 2412
A) enable_n 0
B) try connect to testap
Authentication request will be always rejected because of
HOSTAPD_ACL_REJECT and not cleaned callbacks when group removed.
This allows the AP to be selected based on the BSSID when WPA-PSK
is used with a passphrase. The PSK will be derived from the passphrase
after the SSID has been learned from scan results.
This implements GAS request mechanism that is aimed at being used to
replace use case specific GAS/ANQP implementations in the future.
Compared to the earlier implementation in P2P SD, this implementation
includes support for multiple concurrent requests and more thorough
validation of frames against the pending query data.
GAS header processing, including comeback and reassembly, are handled
within gas_query.c and the users of this module will only need to
provide the Query Request and process the (possibly reassembled)
Query Response.
GAS/ANQP is a generic protocol and in no way specific to P2P, so move
routines used to build GAS/ANQP frames to a separate file that can be
shared for other uses than just P2P service discovery.
The new function, p2p_scan_ie_buf_len(), can be used to figure out
how large a buffer needs to be allocated for p2p_scan_ie() use. This
makes it easier to add new data into the buffer without forcing all
callers to be updated to use a larger buffer.
The P2P search mechanism depends on the same scan functionality that
is used for station mode scans. If these operations are being used
at the same time, scan result processing is not handled properly.
Avoid unexpected behavior by delaying station mode scan requests
if a P2P operation is in progress.
Among other things, this allows the station mode connection attempt
to be continued after a P2P find or group formation has been completed
if the interface is available (i.e., when the P2P group uses a
separate virtual interface).
If the initial attempt to start a scan for p2p_find fails, an error
is reported. However, the P2P scan handler and search state was
left behind. That can result in unexpected behavior when the next
non-P2P scan results are indicated. Avoid this by clearing the
P2P search state on failure.
There is no need to request periodic bgscans when the driver claims
to have capability for roaming within ESS. Ignoring the bgscan
configuration allows the same configuration file to be used both
with drivers the handle roaming and with drivers that don't.
If the driver indicates that it supports BSS selection (including
roaming within an ESS) with WPA_DRIVER_FLAGS_BSS_SELECTION, modify
ap_scan=1 mode to behave like ap_scan=2 mode for BSS selection.
The initial scan is still done to avoid the need for strict
configuration of or security parameters (e.g., to figure out whether
TKIP or CCMP is being used as the group cipher). However, when
requesting the driver to connect, the bssid and freq parameters are
not provided to leave the driver in control of selecting which BSS
to use and to allow the driver to decide when to roam.
These protocols seem to be abandoned: latest IETF drafts have expired
years ago and it does not seem likely that EAP-TTLSv1 would be
deployed. The implementation in hostapd/wpa_supplicant was not complete
and not fully tested. In addition, the TLS/IA functionality was only
available when GnuTLS was used. Since GnuTLS removed this functionality
in 3.0.0, there is no available TLS/IA implementation in the latest
version of any supported TLS library.
Remove the EAP-TTLSv1 and TLS/IA implementation to clean up unwanted
complexity from hostapd and wpa_supplicant. In addition, this removes
any potential use of the GnuTLS extra library.
wpa_supplicant returns the PIN in reply to the connect method. Treating
this value as an integer runs the risk of not returning the correct
value if the first digit(s) happens to be a zero(es). To return the
correct PIN it needs to be returned as a string.
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
The default discovery type is to search for devices only on social
channels. Expand this to also support an initial full scan followed by the
scan of social channels as well as the progressive scan that scans through
all the channels in the Search state rounds. This does not change the
default of scanning only social channels although there is currently a
discrepancy wrt the default used by wpa_cli, which is the full scan first.
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
When parsing a dict entry which is an array of an array of bytes the entry
representing the dict entry has DBUS_TYPE_ARRAY as its type and
WPAS_DBUS_TYPE_ARRAY as its array_type. The function freeing this parsed
data incorrectly tested the entry type for WPAS_DBUS_TYPE_ARRAY while doing
no testing of this value for array_type. This results in a memory leak
whenever a D-Bus message with this type of data is parsed.
Messages affected are:
fi.w1.wpa_supplicant1.Interface.P2PDevice
using RequestedDeviceTypes with Find method
using SecondaryDeviceTypes or VendorExtension with P2PDeviceProperties
fi.w1.wpa_supplicant1.Group
using WPSVendorExtensions with Properties property
All of the above messages are parsed with the same function,
wpa_dbus_dict_get_entry, so the assignment of the entry's type and
array_type is consistent. The parsed data is also consistently freed with
the same function, wpa_dbus_dict_entry_clear, so we can use the same checks
to free the data correctly.
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
The action done handling needs to abort an off-channel period since one
might have been used for example for GO negotiation and after action
done the code assumes it can start a new off-channel period.
This fixes a bug I introduced when adding support for
in-kernel off-channel transmissions.
Reported-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
eapol_test command line argument -o<file> can now be used to request
the received server certificate chain to be written to the specified
file. The certificates will be written in PEM format. [Bug 391]
The proactive_key_caching parameter was missed in mapping the
config_ssid data into the WPA state machine configuration. This
prevented addition of PMKSA cache entries based on PMKSA caching
candidate events.
This allows drivers to disable CCK rates from Probe Request frames.
For nl80211, this is currently applying only to the supported rates
element(s), but this mechanism could be extended to address TX rate
control masking, too, to lessen need for global rate disabling.
Signed-off-by: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
The P2P specification (3.1.4.3) disallows use of the Label configuration
method between two P2P devices. This was previously enforced at upper
level, but the obsolete code can be removed from wpa_supplicant. This
adds a bit more strict enforcement of the policy, but should not result
in practical differences since no known P2P implementation uses Label
config method.
If a network configuration block is removed or modified, flush
all PMKSA cache entries that were created using that network
configuration. Similarly, invalidate EAP state (fast re-auth).
The special case for OKC on wpa_supplicant reconfiguration
(network_ctx pointer change) is now addressed as part of the
PMKSA cache flushing, so it does not need a separate mechanism
for clearing the network_ctx values in the PMKSA cache.
The previous code was trying to figure out which WPA version is
used based on the extra IEs requested for Association Request. That
did not work properly in cases where non-WPA networks are used with
some extra IEs. Fix this by using more robust mechanism for passing
the WPA versions from core wpa_supplicant to the driver_ops
associate().