Commit graph

18270 commits

Author SHA1 Message Date
Qiwei Cai
c46351d10e DFS: Clear cac_started when AP is disabled
When AP is started on a DFS channel and DFS is offloaded to the driver,
AP setup will be separated to two stages. In the first stage, hostapd
will set frequency and initialize BSS, then waits the driver CAC to
complete. Once CAC done, in the second stage,
hostapd_setup_interface_complete() will be called again from a callback
to continue AP/channel setup.

But the driver will fail to restart AP if it is disabled/reenabled
during a driver CAC procedure because some steps such as setting
freq/beacon in the first stage are skipped due to cac_started not
cleared when the AP is disabled.

Avoid this by clearing cac_started when the AP is disabled.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-12-15 18:43:43 +02:00
Aloka Dixit
3df42cf3c7 EHT: Use HE operating channel width in MCS length calculation
Channel width in HE Capabilities element added to management frames is
calculated in hostapd_eid_he_capab() by intersecting the driver
capabilities and the operating channel width. Kernel uses this value
from the Beacon frames to verify EHT capabilities length. However, EHT
MCS length calculation uses only the driver capabilities which results
in EHT AP bring up failure in some cases dues to different lengths.

Modify the EHT code to use the HE operating channel width as well to
determine matching length for the information.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2022-12-15 18:41:31 +02:00
Veerendranath Jakkam
23e31eb68e SAE: Support cross AKM roaming between SAE AKMs in external auth case
Add support to handle external authentication request with a different
SAE AKM suite compared to the current connection AKM suite. This is
needed to support cross AKM roaming between SAE and SAE-EXT-KEY AKM
suites.

Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
2022-12-15 18:36:26 +02:00
Vinay Gannevaram
a170267076 PASN: Avoid clearing secure context for the PASN deauthentication event
PASN deauthentication event is sent by the underlying driver to delete
the keys in wpa_supplicant PTKSA cache. So don't send clear secure
context command to the driver again as it is already aware of it.

Fixes: 74d894a2 ("PASN: Offload handshake for multiple peers from the driver")
Signed-off-by: Vinay Gannevaram <quic_vganneva@quicinc.com>
2022-12-15 18:30:04 +02:00
Harsh Kumar Bijlani
75a9c4bd4d Add new attributes in SCS rule config QCA vendor subcommand
Add new attributes for the destination MAC address and netdev index in
SCS rule config subcommand.

Signed-off-by: Harsh Kumar Bijlani<quic_hbijlani@quicinc.com>
2022-12-15 18:12:53 +02:00
Andrei Otcheretianski
7d8b96dcfd wpa_supplicant: Apply same restrictions for MLD as for 6 GHz BSS
Though not explicitely forced by IEEE 802.11be draft yet, it makes sense
to apply the same logic for MLD as for 6 GHz BSSs. Change
wpa_supplicant_ssid_bss_match() accordingly.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-03 17:43:46 +02:00
Andrei Otcheretianski
7216f79b94 nl80211: Support get_sta_mlo_info for SME-in-wpa_supplicant drivers
Query updated MLO information using NL80211_CMD_GET_INTERFACE command.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-03 17:31:50 +02:00
Ilan Peer
06eb608d54 nl80211: Handle scan results with MLD connection
With an MLD connection the BSSID reported in the association
event is the MLD AP address, while the association state reported
in the scan results relates to the MLD AP specific link. In such a
case do not disconnect.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-03 17:27:54 +02:00
Ilan Peer
033a57d262 nl80211: Get MLO support capability
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-03 17:25:33 +02:00
Andrei Otcheretianski
32b7454485 wpa_supplicant: Make valid_links u16
MAX_NUM_MLD_LINKS is 15, thus u8 isn't enough for the bitmap. Fix it.
While at it, clean MLO information better.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-03 17:20:13 +02:00
Ilan Peer
a2c4c0b1b6 nl80211: Support MLD association request
Define additional association parameters for MLD to be able to indicate
information for all the requested links and fill these into nl80211
attributes.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-03 17:19:00 +02:00
Ilan Peer
a134b4dc5c nl80211: Add support for MLD authentication
Set MLO attributes for NL80211_CMD_AUTHENTICATE and make sure that MLD
configuration is preserved between authentication retries.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-03 13:59:19 +02:00
Ilan Peer
e3e68668c1 ctrl_iface: Report RNR and ML in BSS command
Add the required ML and RNR definitions and report the information in
BSS command.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-03 11:47:07 +02:00
Andrei Otcheretianski
5f17763ad4 common: Combine definitions for Multi-Link and per STA profile control
The control fields are 16 bit wide. Combine the per byte definitions to
make it more convenient.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-03 11:11:34 +02:00
David Ruth
7a7ce95746 dbus: Emit more information over D-Bus
Allows informing the connection manager of additional information on CQM
events. Allows the connection manager to request the same information
on demand by using the existing "SignalPoll" method.

* Add new property "SignalChange"
        * Add storage for wpa_signal_info into wpa_supplicant context
          object
        * Copy memory from event to context object on CQM Event
* Write a common conversion method to be used by both "SignalPoll" and
  this property

Signed-off-by: David Ruth <druth@chromium.org>
2022-12-03 10:59:44 +02:00
David Ruth
ad4fa5dd3c Add more nl80211 info to struct wpa_signal_info
Facilitate emitting more station information over D-Bus for use by the
connection manager.

* Add storage for more NL80211_STA_INFO_* fields to data structures, and
  move them through the system.
* Reorder NL80211_STA_INFO_* fields in driver_nl80211.c to match the
  ordering in nl80211.h.
* Convert signal field to an integer to support holding WPA_INVALID_NOISE
  and avoid changing logging.

* Add fields to hostap_sta_driver_data to capture more information
	* fcs_error_count
	* beacon_loss_count
	* expected_throughput
	* rx_drop_misc
	* rx_mpdus
	* rx_hemcs
	* tx_hemcs
	* rx_he_nss
	* tx_he_nss
	* avg_signal
	* avg_beacon_signal
	* avg_ack_signal
* Add struct hostap_sta_driver_data to struct wpa_signal_info and remove
  redundant fields and redundant attribute parsing
	* Change logging when printing txrate to handle unsigned long
	  value

Signed-off-by: David Ruth <druth@chromium.org>
2022-12-03 10:42:16 +02:00
Jouni Malinen
090f0f8c70 mbssid: Indicate MBSSID information in RNR
Indicate whether the collocated BSS in the RNR is a part of a multiple
BSSID set and whether it is a transmited BSSID.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-12-02 23:06:32 +02:00
Aloka Dixit
96ab7529c1 tests: MBSSID and EMA
Add test cases for MBSSID functionality with EMA.

Add helper functions to create the configuration file, start hostapd
instance and client association with the transmitting interface.

he_ap_mbssid_open: 4 VAPs with open security in multiple BSSID
configuration. The first interface transmits beacons and probe responses
which include the multiple BSSID element(s) with remaining profiles.

he_ap_mbssid_same_security: 2 VAPs, all with SAE. In such a case the
Multiple BSSID elements in management frames do not include RSN and RSNE
elements as all non-transmitting profiles have exact same security
configuration as the transmitting interface.

he_ap_mbssid_mixed_security{1,2}: 8 VAPs with mixed security
configurations (SAE, OWE, WPA2-PSK, open). he_ap_mbssid_mixed_security1:
Transmitting interface uses SAE. In this case the non-transmitting
profiles will include non inheritance element (IEEE Std 802.11-2020,
9.4.2.240) wherever the security differs from the transmitting profile.
he_ap_mbssid_mixed_security2: Transmitting profile is open hence no need
for the non inheritance elements. Instead each non-transmitting profile
includes RSN, RSNE if applicable.

he_ap_ema: Enhanced multi-BSS advertisements (EMA) with 8 VAPs all with
SAE configuration.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2022-12-02 23:06:32 +02:00
Aloka Dixit
a1c4adda13 mbssid: Add nl80211 support
Send MBSSID and EMA configuration parameters to the kernel.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Co-developed-by: John Crispin <john@phrozen.org>
Signed-off-by: John Crispin <john@phrozen.org>
2022-12-02 20:52:08 +02:00
Aloka Dixit
54b1352efd mbssid: Make the AID space shared
As described in IEEE Std 802.11-2020, 11.1.3.8 Multiple BSSID procedure,
set the lowest AID value assigned to any client equal to 2^n, where n is
the maximum BSSID indicator of the MBSSID set.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Co-developed-by: John Crispin <john@phrozen.org>
Signed-off-by: John Crispin <john@phrozen.org>
2022-12-02 20:47:49 +02:00
Aloka Dixit
10749c3c48 mbssid: Process Known BSSID element
Process the Known BSSID elements if included by non-AP stations. The
format is described in IEEE Std 802.11ax-2021, 9.4.2.261.

Non-AP stations may include this element in directed Probe Request
frames to indicate which of the multiple BSSIDs they have already
discovered. AP should exclude these profiles from the Probe Response
frame.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2022-12-02 20:45:05 +02:00
Aloka Dixit
15690faada mbssid: Add MBSSID Configuration element
Add Multiple BSSID Configuration element data per IEEE Std
802.11ax-2021, 9.4.2.260 when enhanced multiple BSSID advertisement
(EMA) is enabled. This element informs the stations about the EMA
profile periodicity of the multiple BSSID set.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2022-12-02 20:37:33 +02:00
Aloka Dixit
fc2e4bac5a mbssid: Set extended capabilities
Set extended capabilities as described in IEEE Std 802.11ax-2021,
9.4.2.26. Reset the capability bits to 0 explicitly if MBSSID and/or EMA
is not enabled because otherwise some client devices fail to associate.

Bit 80 (complete list of non-tx profiles) is set for all Probe Response
frames, but for Beacon frames it is set only if EMA is disabled or if
EMA profile periodicity is 1.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Co-developed-by: John Crispin <john@phrozen.org>
Signed-off-by: John Crispin <john@phrozen.org>
2022-12-02 20:21:11 +02:00
Aloka Dixit
a004bf2cd0 mbssid: Configure parameters and element data
Add helper functions to retrieve the context for the transmitting
interfaces of the MBSSID set and the index of a given BSS.

Set device parameters: BSS index and the transmitting BSS.

Include Multiple BSSID elements in Beacon and Probe Response frames.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Co-developed-by: John Crispin <john@phrozen.org>
Signed-off-by: John Crispin <john@phrozen.org>
2022-12-02 19:53:15 +02:00
Aloka Dixit
c5a09b051a mbssid: Add Non-Inheritance element
Add data per IEEE Std 802.11-2020, 9.4.2.240. Current implementation is
added for the security and extended supported rates only.

For the Extended rates element, add a new member 'xrates_supported'
which is set to 1 only if hostapd_eid_ext_supp_rates() returns success.
Without this change, there are cases where this function returns before
adding the element for the transmitting interface resulting in incorrect
addition of this element inside the MBSSID Non-Inheritance element.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Co-developed-by: John Crispin <john@phrozen.org>
Signed-off-by: John Crispin <john@phrozen.org>
Co-developed-by: Sowmiya Sree Elavalagan <quic_ssreeela@quicinc.com>
Signed-off-by: Sowmiya Sree Elavalagan <quic_ssreeela@quicinc.com>
2022-12-02 19:40:49 +02:00
Aloka Dixit
920b56322d mbssid: Functions for building Multiple BSSID elements
Add Multiple BSSID element data per IEEE Std 802.11ax-2021, 9.4.2.45.
Split the BSSes into multiple elements if the data does not fit in
the 255 bytes allowed for a single element.

Store the total count of elements created and the offset to the start
of each element in the provided buffer.

Set the DTIM periods of non-transmitted profiles equal to the EMA
profile periodicity if those are not a multiple of the latter already as
recommended in IEEE Std 802.11ax-2021, Annex AA (Multiple BSSID
configuration examples).

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Co-developed-by: John Crispin <john@phrozen.org>
Signed-off-by: John Crispin <john@phrozen.org>
2022-12-02 19:25:40 +02:00
Aloka Dixit
931e5d4f9e mbssid: Configure all BSSes before beacon setup
When multiple BSSID advertisement feature is enabled in IEEE 802.11ax
mode or later, Beacon frames are not transmitted per interface, instead
only one of the interfaces transmits Beacon frames that include one or
more Multiple BSSID elements with configuration for the remaining
interfaces on the same radio.

Change the existing logic such that all configuration details for all
the interfaces are available while building the Beacon frame template
for the transmitting interface itself.

Do not change the flow for the cases where multiple BSSID advertisement
is not enabled.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2022-12-02 19:05:11 +02:00
Aloka Dixit
78d0b98995 mbssid: Retrieve driver capabilities
Retrieve driver capabilities for the maximum number of interfaces for
MBSSID and the maximum allowed profile periodicity for enhanced MBSSID
advertisement.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
2022-12-02 16:43:59 +02:00
Aloka Dixit
7452e54477 mbssid: Add new configuration option
Add configuration option 'mbssid' used to enable multiple BSSID (MBSSID)
and enhanced multiple BSSID advertisements (EMA) features.

Reject the configuration if any of the BSSes have hidden SSID enabled.

Signed-off-by: Aloka Dixit <quic_alokad@quicinc.com>
Co-developed-by: John Crispin <john@phrozen.org>
Signed-off-by: John Crispin <john@phrozen.org>
2022-12-02 16:36:19 +02:00
Daniel Gabay
bb67d5b52b AP: Add testing option to delay EAPOL Tx
Add a testing option to delay EAPOL-Key messages 1/4 and 3/4. By setting
delay_eapol_tx=1, the actual EAPOL Tx will occur on the last possible
attempt (wpa_pairwise_update_count) thus all previous attempts will fail
on timeout which is the wanted delay.

In addition, add an hwsim test that uses this testing option to verify
that non protected Robust Action frames are dropped prior to keys
installation in MFP.

Signed-off-by: Daniel Gabay <daniel.gabay@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-02 13:07:03 +02:00
Andrzej Ostruszka
1897abad94 dbus: Add D-Bus property for current MAC address
Since wpa_supplicant can change MAC address of the interface on its own
(with randomization enabled) it makes sense to introduce MACAddress as a
property of the interface and send notifications about its change.

This allows other applications to just use D-Bus instead of both
communicating over D-Bus with wpa_supplicant and listening to Netlink
notifications for MAC changes.

Signed-off-by: Andrzej Ostruszka <amo@semihalf.com>
2022-12-02 12:55:45 +02:00
Jouni Malinen
12d8b8a91e tests: EAP-TEAP with and without EAP method sequence optimization
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-12-01 17:53:05 +02:00
Jouni Malinen
1a800a9400 EAP-TEAP server: Allow tunneled EAP method sequence to be optimized
Include the start of the next EAP method in an EAP Payload TLV in the
same message with the Crypto-Binding TLV for the previous EAP method to
get rid of one roundtrip when using more than a single EAP
authentication method within the tunnel. The previous, not optimized,
sequence can still be used with eap_teap_method_sequence=1 for more
complete testing coverage.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-12-01 17:53:05 +02:00
Jouni Malinen
f791b5bbc7 EAP-TEAP peer: Process Crypto-Binding TLV before EAP Payload TLV
When using the optimized EAP method sequence within the tunnel, crypto
binding for the previous EAP method can be performed in the same message
with the start of the next EAP method. The Crypto-Binding TLV needs to
be processed before moving to the next EAP method for IMSK to be derived
correctly, so swap the order of these processing steps.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-12-01 17:53:05 +02:00
Jouni Malinen
5a9bd8a06a EAP-TEAP: Use EAP-FAST-MSCHAPv2 in the tunnel
While RFC 7170 does not describe this, EAP-TEAP has been deployed with
implementations that use the EAP-FAST-MSCHAPv2, instead of the
EAP-MSCHAPv2, way of deriving the MSK for IMSK. Use that design here to
interoperate with other implementations since that seems to be direction
that IETF EMU WG is likely to go with an RFC 7170 update.

This breaks interoperability with earlier hostapd/wpa_supplicant
versions.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-12-01 17:53:05 +02:00
Jouni Malinen
364b6500b8 EAP-FAST: Move EAP-MSCHAPv2 special MSK handling into MSCHAPv2
EAP-FAST uses a special variant of EAP-MSHCAPv2 called EAP-FAST-MSCHAPv2
in RFC 5422. The only difference between that and EAP-MSCHAPv2 is in how
the MSK is derived. While this was supposed to be specific to EAP-FAST,
the same design has ended up getting deployed with EAP-TEAP as well.
Move this special handling into EAP-MSCHAPv2 implementation so that it
can be shared for both needs.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-12-01 17:53:05 +02:00
Avraham Stern
81dedfbd77 nl80211: Increase the scan frequencies buffer
With the UHB enabled, the number of scanned frequencies may exceed
the buffer size. Increase it.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-12-01 15:17:14 +02:00
Andrei Otcheretianski
1b025bda57 tests: Extend EHT estimated throughput testing
Add a basic test to verify AP selection algorithm with EHT AP.

Signed-off-by: Ayala Beker <ayala.beker@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-11-30 20:33:44 +02:00
Ayala Beker
9a2781f243 wpa_supplicant: Support throughput estimation for EHT rates
Add support to consider EHT rates while calculating the estimated
throughput for scan results.

- The estimated EHT throughput uses the HE 0.8 usec GI rates from the
  relevant EHT-MCS tables from IEEE P802.11be/D2.0, 36.5.
- The minimum SNR values for EHT rates (4096-QAM) are derived by adding
  the existing minimum SNR values of 1024-QAM rates from HE tables and
  the difference between the values of minimum sensitivity levels of
  1024-QAM rates and 4096-QAM rates defined in Table 36-67 (Receiver
  minimum input level sensitivity) in IEEE P802.11be/D2.0.

Signed-off-by: Ayala Beker <ayala.beker@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-11-30 19:23:14 +02:00
Micha Hashkes
755aaeb97f wpa_supplicant: Add missing memory allocation checks
There are several cases where memory allocations are not
checked for success. Add conditions and error messages, as some
analyzers complain about that.

Signed-off-by: Micha Hashkes <micha.hashkes@intel.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-11-30 19:14:02 +02:00
Andrei Otcheretianski
69725c4cf7 OpenSSL: Fix BN_rshift() argument order
The arguments were swapped. Apparently all the calls to this function
use the same value for both input and output parameters, so it went
unnoticed. Fix it.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2022-11-30 19:06:30 +02:00
Jouni Malinen
e9b4ad2364 OpenSSL: Apply connection flags before reading certificates
This is needed to be able to drop the OpenSSL security level, if
necessary, for cases where old certificates (e.g., something using SHA-1
signatures) are still needed. openssl_ciphers="DEFAULT@SECLEVEL=0" can
achieve this, but only if applied before attempting to load the
certificates.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-30 14:01:55 +02:00
Jouni Malinen
bbd5a4689b SAE: Add an enum for defining sae_pwe parameter values
Make this more readable by replacing magic numbers with enum values.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-29 20:37:23 +02:00
Jimmy Chen
3a0edb2cd8 SAE: Enable H2E for 6 GHz BSS
Even if the use of H2E isn't strictly mandatory when using SAE on 6 GHz,
WPA3-Personal pushes it on 6 GHz, so enable H2E automatically when
connecting to a BSS on the 6 GHz band if it was not enabled in the
configuration.

Signed-off-by: Jimmy Chen <jimmycmchen@google.com>
2022-11-29 19:45:12 +02:00
Nicolas Escande
20bfd4feb3 AP: Enable H2E on 6 GHz when SAE is used
Even if the use of H2E isn't strictly mandatory when using SAE on 6 GHz,
WPA3-Personal pushes it on 6 GHz. So lets automatically enable it by
setting sae_pwe=2. This will allow both the hunting-and-pecking and
hash-to-element to work (and be backward compatible).

Signed-off-by: Nicolas Escande <nico.escande@gmail.com>
2022-11-29 18:56:47 +02:00
Sai Pratyusha Magam
b43e19f3f3 WPS: Cross band overlap detection with multiple interfaces
When WPS is running simultaneously on multiple per-band radios (e.g., a
separate 2.4 GHz and 5 GHz band radios in an AP device), handle
synchronization of scan results, detect PBC session overlap, and cancel
WPS for enrollees on both interface, if the UUID of the registrars on
different bands differ.

Signed-off-by: Sai Pratyusha Magam <quic_smagam@quicinc.com>
2022-11-29 17:05:21 +02:00
Jouni Malinen
ed68ac9301 tests: Public key hash information in authentication and AP association
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-11-29 16:37:54 +02:00
Michal Kazior
e2d88f86ee DPP: Expose own and peer bootstrap info ids on authentication success
The system may be interested in knowing which bootstrap information
entries are being exercised. This could be used for statistics or
completion signaling to upper application layer outside of hostapd,
along with the public key hash.

Signed-off-by: Michal Kazior <michal@plume.com>
2022-11-29 16:17:14 +02:00
Michal Kazior
043dedee83 DPP: Expose enrollee pubkey hash for identification
Just like with WPA-PSK and keyids it may be desired to identify
connecting clients to provide additional network filtering.

This does:

 - extend DPP_EVENT_AUTH_SUCCESS to expose public
   key hash of the peer so the system can pick it
   up and use for identification later

 - store public key hash in PMKSA from DPP Network
   Intro for later use

 - extend sta mib to print out the dpp_pkhash
   from PMKSA if present

 - extend AP_STA_CONNECTED to include the
   dpp_pkhash from PMKSA if present

Signed-off-by: Michal Kazior <michal@plume.com>
2022-11-29 13:55:53 +02:00
Michal Kazior
2d8974e314 DPP: Move DPP_EVENT_AUTH_SUCCESS to a helper
This event is generated in a couple of places. It'll be easier to extend
the event with additional metadata if it's generated in a single place.

Signed-off-by: Michal Kazior <michal@plume.com>
2022-11-29 13:55:36 +02:00