wpa_drv_set_key() was called with a NULL address for IGTK and MGTK
before this patch. The nl80211 driver will then not add the
NL80211_KEY_DEFAULT_TYPE_MULTICAST flag for the key, which wrongly marks
this key also as a default unicast key in the Linux kernel.
With SAE this is no real problem in practice, as a pairwise key will be
negotiated in mesh mode, before the first data frame gets send. When
using IEEE 802.1X in a mesh network in the future, this gets a problem,
as Linux now will encrypt EAPOL frames with the default key, which is
also marked for unicast usage without this patch.
Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
Add D-Bus interface for ROAM command, imitating the existing wpa_cli
command.
Chromium OS has been carrying a form of this patch for a very long time.
I've cleaned it up a bit and documented it.
Signed-off-by: Brian Norris <briannorris@chromium.org>
The 'H' in HESSID was originally spelled "homogenous" in IEEE Std
802.11-2016 abbreviations and acronyms list, but that was changed in
REVmd to the significantly more common spelling "homonegeneous". Update
this older version to match the new spelling to be consistent throughout
the repository.
Signed-off-by: Jouni Malinen <j@w1.fi>
If the stored configurations for an SSID have changed, we can no longer
trust the current blacklist state of that SSID, since the updated
configs could change the behavior of the network. E.g., the BSS could be
blacklisted due to a bad password, and the config could be updated to
store the correct password. In this case, keeping the BSS in the
blacklist will prevent the user from connecting to the BSS after the
correct password has been updated.
Add the value was_changed_recently to the wpa_ssid struct. Update this
value every time a config is changed through wpa_set_config(). Check
this value in wpa_blacklist_get() to clear the blacklist whenever the
configs of current_ssid have changed.
This solution was chosen over simply clearing the blacklist whenever
configs change because the user should be able to change configs on an
inactive SSID without affecting the blacklist for the currently active
SSID. This way, the blacklist won't be cleared until the user attempts
to connect to the inactive network again. Furthermore, the blacklist is
stored per-BSSID while configs are stored per-SSID, so we don't have the
option to just clear out certain blacklist entries that would be
affected by the configs.
Finally, the function wpa_supplicant_reload_configuration() causes the
configs to be reloaded from scratch, so after a call to this function
all bets are off as to the relevance of our current blacklist state.
Thus, we clear the entire blacklist within this function.
Signed-off-by: Kevin Lund <kglund@google.com>
Signed-off-by: Brian Norris <briannorris@chromium.org>
This change adds some barebones tests for new blacklisting functionality
to wpas_module_tests.c. The tests ensure some basic functionality for
the functions wpa_blacklist_is_blacklisted() and wpa_blacklist_update().
Signed-off-by: Kevin Lund <kglund@google.com>
Signed-off-by: Brian Norris <briannorris@chromium.org>
This change adds the function wpa_blacklist_update(), which goes through
all blacklist entries and deletes them if their blacklist expired over
an hour ago. The purpose of this is to remove stale entries from the
blacklist which likely do not reflect the current condition of device's
network surroundings. This function is called whenever the blacklist is
polled, meaning that the caller always gets an up-to-date reflection of
the blacklist.
Another solution to clearing the blacklist that was considered was
to slowly reduce the counts of blacklist entries over time, and delete
them if the counts dropped below 0. We decided to go with the current
solution instead because an AP's "problematic" status is really a binary
thing: either the AP is no longer problematic, or it's still causing us
problems. So if we see any more problems within a reasonable amount of
time, it makes sense to just keep the blacklist where it was since the
AP is likely still undergoing the same issue. If we go a significant
amount of time (semi-arbitrarily chosen as 1 hour) without any issues
with an AP, it's reasonable to behave as if the AP is no longer
undergoing the same issue. If we see more problems at a later time, we
can start the blacklisting process fresh again, treating this as a brand
new issue.
Signed-off-by: Kevin Lund <kglund@google.com>
Signed-off-by: Brian Norris <briannorris@chromium.org>
wpa_supplicant keeps a blacklist of BSSs in order to prevent repeated
associations to problematic APs*. Currently, this blacklist is
completely cleared whenever we successfully connect to any AP. This
causes problematic behavior when in the presence of both a bad AP and
a good AP. The device can repeatedly attempt to roam to the bad AP
because it is clearing the blacklist every time it connects to the good
AP. This results in the connection constantly ping-ponging between the
APs, leaving the user stuck without connection.
Instead of clearing the blacklist, implement timeout functionality which
allows association attempts to blacklisted APs after some time has
passed. Each time a BSS would be added to the blacklist, increase the
duration of this timeout exponentially, up to a cap of 1800 seconds.
This means that the device will no longer be able to immediately attempt
to roam back to a bad AP whenever it successfully connects to any other
AP.
Other details:
The algorithm for building up the blacklist count and timeout duration
on a given AP has been designed to be minimally obtrusive. Starting with
a fresh blacklist, the device may attempt to connect to a problematic AP
no more than 6 times in any ~45 minute period. Once an AP has reached a
blacklist count >= 6, the device may attempt to connect to it no more
than once every 30 minutes. The goal of these limits is to find an
ideal balance between minimizing connection attempts to bad APs while
still trying them out occasionally to see if the problems have stopped.
The only exception to the above limits is that the blacklist is still
completely cleared whenever there are no APs available in a scan. This
means that if all nearby APs have been blacklisted, all APs will be
completely exonerated regardless of their blacklist counts or how close
their blacklist entries are to expiring. When all nearby APs have been
blacklisted we know that every nearby AP is in some way problematic.
Once we know that every AP is causing problems, it doesn't really make
sense to sort them beyond that because the blacklist count and timeout
duration don't necessarily reflect the degree to which an AP is
problematic (i.e. they can be manipulated by external factors such as
the user physically moving around). Instead, its best to restart the
blacklist and let the normal roaming algorithm take over to maximize
our chance of getting the best possible connection quality.
As stated above, the time-based blacklisting algorithm is designed to
be minimally obtrusive to user experience, so occasionally restarting
the process is not too impactful on the user.
*problematic AP: rejects new clients, frequently de-auths clients, very
poor connection quality, etc.
Signed-off-by: Kevin Lund <kglund@google.com>
Signed-off-by: Brian Norris <briannorris@chromium.org>
Within wpas_connection_failed(), the 'count' value of wpa_blacklist is
erroneously used as a tally of the number times the device has failed
to associate to a given BSSID without making a successful connection.
This is not accurate because there are a variety of ways a BSS can be
added to the blacklist beyond failed association such as interference
or deauthentication. This 'count' is lost whenever the blacklist is
cleared, so the wpa_supplicant stores an additional value
'extra_blacklist_count' which helps persist the 'count' through clears.
These count values are used to determine how long to wait to rescan
after a failed connection attempt.
While this logic was already slightly wrong, it would have been
completely broken by the upcoming change which adds time-based
blacklisting functionality. With the upcoming change, 'count' values
are not cleared on association, and thus do not necessarily even
approximate the "consecutive connection failures" which they were being
used for.
This change seeks to remove this unnecessary overloading of the
blacklist 'count' by directly tracking consecutive connection failures
within the wpa_supplicant struct, independent of the blacklist. This new
'consecutive_conn_failures' is iterated with every connection failure
and cleared when any successful connection is made. This change also
removes the now unused 'extra_blacklist_count' value.
Signed-off-by: Kevin Lund <kglund@google.com>
Signed-off-by: Brian Norris <briannorris@chromium.org>
commit f4e3860f ("Fix AP mode default TXOP Limit values for AC_VI
and AC_VO") corrects the default values of txop_limit from 93/46
to 94/47 for AP. STA would also need the same change.
Signed-off-by: Yogesh Kulkarni <yogesh.kulkarni@nxp.com>
Signed-off-by: Cathy Luo <xiaohua.luo@nxp.com>
Signed-off-by: Ganapathi Bhat <ganapathi.bhat@nxp.com>
These are no longer needed now. Note that this was never actually
sufficient since src/drivers/ isn't the only thing shared, and thus a
cross-build detection didn't work in all cases.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
If the .config file changes, basically everything needs to be
rebuilt since we don't try to detect which symbols changed or
such. Now that the .config file handling is in the common
build system, make everything depend on it if there's one.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Instead of building in the source tree, put most object
files into the build/ folder at the root, and put each
thing that's being built into a separate folder.
This then allows us to build hostapd and wpa_supplicant
(or other combinations) without "make clean" inbetween.
For the tests keep the objects in place for now (and to
do that, add the build rule) so that we don't have to
rewrite all of that with $(call BUILDOBJS,...) which is
just noise there.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
This will make it easier to split out the handling in
a proper way, and handle common cflags/dependencies.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Clean up in a more common fashion as well, initially for ../src/.
Also add $(Q) to the clean target in src/
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Some things are used by most of the binaries, pull them
into a common rule fragment that we can use properly.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
If there is no matching interface given, but interface matching is
enabled, all interfaces on the system will try to be initialized. Non
wireless interfaces will fail and the loopback device will be one of
these, so just log a diagnostic rather than an error.
Signed-off-by: Roy Marples <roy@marples.name>
Instead, log a diagnostic so that noise to the user is reduced. This is
expected behavior with driver interfaces that do not report supported
operating modes/classes.
Signed-off-by: Roy Marples <roy@marples.name>
This is needed for clearing previously set parameters in a similar
manner that was already available through the control interface
SET_NETWORK command.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Teach wpa_supplicant to {de,}initialize bgscans when bgscan parameters
are set after initial connection.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Currently, wpa_config_set(), the function that sets wpa_supplicant
per-network properties, returns 1 when a property it attempts to set is
unchanged. Its global parallel, wpa_config_process_global(), doesn't do
this even though much of the code is very similar. Change this, and
several of the parser functions, to resemble the per-network parser and
setter functions.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
When network properties are updated via dbus, wpa_config_set() is used
to update the property in the wpa_ssid struct. If it returns 1, the
property was not changed and there's no need to perform any of the
update actions.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
D-Bus clients can call CreateInterface() once and use the resulting
Interface object to connect multiple times to different networks.
However, if the network interface gets added to a bridge, clients
currently have to remove the Interface object and create a new one.
Improve this by supporting the change of the BridgeIfname property of
an existing Interface object.
Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
Add a new configuration parameter p2p_6ghz_disable=1 to disable P2P
operation in the 6 GHz band. This avoids additional delays caused by
scanning 6 GHz channels in p2p_find and p2p_join operations in the cases
where user doesn't want P2P connection in the 6 GHz band.
Signed-off-by: Sreeramya Soratkal <ssramya@codeaurora.org>
Generate a control interface event upon receipt of DPP Presence
Announcement frames. This allows external programs to instrument
wpa_supplicant with bootstrapping information on-demand.
Signed-off-by: Andrew Beltrano <anbeltra@microsoft.com>
ignore_broadcast_ssid is supported when using with the config
file. But it generates an error if you try to set it via the
DBus interface.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Check if the 2.4 GHz channel 6 is in the list of available channels
advertised by the driver before adding in to the chirping frequency
list. This fixes issues, e.g., with a 5 GHz only interface.
Signed-off-by: Disha Das <dishad@codeaurora.org>
The per-interface P2P data freeing function did not cover this eloop
timeout that could potentially have been registered. Explicitly cancel
this timeout to make sure no references to freed memory can remain in
such a case.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
wpa_supplicant_remove_iface() removes the P2P management interface from
the global interfaces list before calling wpa_supplicant_deinit_iface().
When wpas_p2p_group_remove() is called from
wpa_supplicant_deinit_iface(), the P2P group created on the calling
wpa_s was not getting cleared as the calling wpa_s is not in the list of
global->ifaces. This results in the P2P management interface being
removed without disconnecting the p2p_group created on it. This could
result in an illegal access of freed memory, e.g., when a pending eloop
task wpas_p2p_reconsider_moving_go() was triggered with the leftover ctx
pointer to the removed P2P interface instance.
Fix this by disconnecting the P2P group created on interface to be
deinitialized before deinitializing the interface.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
With the configuration defined in the global_op_class array, the
channels starting from 149 in the operating classes 128 and 130 were not
considered for P2P channel setup due to the non-continuous
incrementation of channel indexes. The other channels in these operating
classes were considered. Handle the channels from 149 to 161 in the
operating classes 128 and 130 for P2P channel setup by handling this
jump in the channel number incrementation.
Signed-off-by: Sreeramya Soratkal <ssramya@codeaurora.org>
Previously this fallback from PFS enabled to disabled (and back to
enabled) was used only if the local network profile used key_mgmt=DPP,
i.e., did not enable another other AKM. That leaves out some valid cases
since the local network profile could actually enable both DPP and SAE.
Extend this check to accept cases DPP AKM is enabled and it was selected
for the connection even if there other enabled AKMs.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Enhance the return values of ocv_verify_tx_params with enum to indicate
different OCI verification failures to caller.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
Previously wpabuf_head() of the buffer is passed to wpa_hexdump_buf()
instead of the wpabuf struct itself and it was causing wpa_supplicant to
crash. Fix this by using the correct pointer in the debug prints.
Fixes: a118047245 ("MSCS: Add support to send MSCS Request frames")
Fixes: c504ff5398 ("MSCS: Add support to populate MSCS Descriptor IE in (Re)AssocReq")
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
These were not really used anymore since the AP/Relay case did not set
msg_ctx or process_conf_obj in the global DPP context. Get the
appropriate pointers more directly from the more specific data
structures instead and remove these global values.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Extend hostapd support for DPP Controller to cover the DPP_CONTROLLER_*
cases that were previously implemented only in wpa_supplicant. This
allows hostapd/AP to be provisioned using DPP over TCP.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Share the same setup steps from the negotiated connection handover to
fix issues with NFC Tag write cases in AP mode. This addresses issues in
the AP mode DPP listen operation not actually receiving anything when
the write-a-tag code path was used.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The local network profile parameters for EAP are not available without
IEEE8021X_EAPOL, so do not try to set these in builds that do not
include any EAP support.
Signed-off-by: Jouni Malinen <j@w1.fi>
The updated socket.poll() loop did not terminate properly in cases where
no response is available. Fix that to check for both False and None.
Fixes: 1733e356e4 ("dpp-nfc: Fix handover client wait for receiving handover select")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Allow MSCS change/remove request to be sent only after an initial setup,
i.e., after an add request has been accepted.
Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
Add support to parse the (Re)Association Response frames to check if the
AP has accepted/declined the MSCS request in response to the
corresponding (Re)Association Request frame. AP indicates the result by
setting it in the optional MSCS Status subelement of MSCS Descriptor
element in (Re)Association Response frame.
This MSCS Status subelement is defined in the process of being added
into P802.11-REVmd/D4.0 (11-20-0516-17-000m-cr-mscs-and-cid4158).
Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
Include the MSCS Descriptor IE in the (Re)Association Request frames to
setup MSCS between the AP and the STA during association.
Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
Add support to receive and process MSCS Response frames from the AP and
indicate the status to upper layers.
Signed-off-by: Vinita S. Maloo <vmaloo@codeaurora.org>
This was supposed to wait for up to 3.0 seconds for the handover select,
but the incorrect loop terminated ended up limiting this to a single
iteration of 0.1 second wait. This was too fast for some cases like the
AP mode operation where it may take significant time to enable the radio
for listening to DPP authentication messages.
Fix the loop to allow that full three second wait for the response to be
used. In addition, report the amount of time it takes to receive the
response.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Do not process channel switch event in wpa_supplicant's SME when SME is
offloaded to the driver/firmware to avoid SA Query initiation from both
wpa_supplicant and the driver/firmware for the OCV case.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Previously, wpa_supplicant fetched BSS channel info from scan results to
send ANQP Query frames. If the scan results for the specified BSS are
not available, the ANQP_GET command request was getting rejected.
Add support to send ANQP Query frame on the specified frequency without
requiring the scan results to be available.
The control interface command format:
- ANQP_GET <dst_addr> [freq=<freq in MHz>] <Query ID1>[,<Query ID2>,..]
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
The GAS query source MAC address was not getting updated correctly when
preassoc_mac_addr is enabled. Fix this by copying the current MAC
address to the GAS query source address.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
Skip unnecessary random MAC generation due to preassoc_mac_addr
parameter when gas_rand_mac_addr parameter is enabled.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
SAE-PK password can be set using psk parameter also in case of mixed
SAE+PSK networks, so look for acceptable SAE-PK BSS when SAE password
not set and psk parameter meets SAE-PK password criteria.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
The offchannel operations (scan, Public Action frame TX/RX) have
significantly more latency when performed while connected, so disconnect
when requested to initiate DPP reconfiguration to avoid this. The old
network profile (i.e., likely the current connection) is going to be
replaced in practice and as such, there is no need to try continue that
association any further.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Extend DPP authentication session search for the DPP_QR_CODE command to
cover the ongoing exchanges in Controller/Responder.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Extend the DPP_CONTROLLER_START command to accept the optional qr=mutual
parameter similarly to the DPP_LISTEN case.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Use the alternative channel list in the handover server role when
processing an alternative proposal. This was previously done only in the
handover client role, but with the updated design, both roles act in a
similar manner for the case where the alternative channel list is
specified.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Do not use the hardcoded channel 1 (2412 MHz) with DPP_LISTEN if a
channel list is specified when writing an NFC Tag. Instead, pick the
first channel from that list as the listen channel.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add an optional iter=# parameter to DPP_RECONFIG similarly to the way
this was handled with DPP_CHIRP.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add an encrypted Enrollee identifier into Reconfig Announcement frames
and decrypt that on the Configurator side. The actual E-id value is
currently not used for anything, but it can be used in the future to
provide better control over reconfiguration.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This was added to the protocol design to support cases where the
C-sign-key uses a different group than the netAccessKey. The Enrollee
now indicates its netAccessKey group in Reconfig Announcement and the
Configurator builds it own reconfig Connector using that group instead
of the group used for the C-sign-key.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Only the sae_password parameter was previously accepted for SAE-PK use.
That is not sufficient for covering mixed SAE+PSK cases. Extend this by
allowing the psk parameter to be used as well just like it can be used
for SAE without SAE-PK.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add override parameters to use the specified channel while populating
OCI element in EAPOL-Key group msg 2/2, FT reassoc request, FILS assoc
request and WNM sleep request frames.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
Do not use red color for the "No response receive" message in case
another HR will be sent after this.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Fix processing of the case where no handover select is sent out and add
automatic (delayed) termination of the link on completing the handover
successfully.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
terminate_now was not being set in the only_one case with connection
handover. Set it for that case as well as the tag cases to automatically
close down the link once it is not needed anymore.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Use a shorter polling interval in recv_octets() to be able to send out
the alternative HR more quickly when using a single thread and handover
client. In addition, fix recv_records() to handle normal exception cases
like not receiving anything.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Postpone closing of the handover client to allow the same client to be
used for sending both handover request messages if an alternative URI
needs to be tried.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Set logging level to various upper layer nfcpy modules to enable more
detailed debugging of the actual NFC operations when requested (-d on
the command line).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Do not try to perform DPP operations on the P2P management interface
when no specific interface has been identified.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
If an alternative proposal (second handover request) is sent, the
response (or lack of it) to the initial handover request should be
ignored.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This avoids potential loops of endless alternative URI exchanges over
NFC negotiated connection handover. Only allow one such alternative
proposal and declarare the handover as a failure if another alternative
were needed.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Allow all actual DPP processing steps in wpa_supplicant to be skipped by
specifying hardcoded URI values. Also allow a hardcoded crn to be
specified to force specific handover requestor/selector roles.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Use the "tmp_disallow" name more consistently so that both the core
wpa_supplicant functionality (struct wpa_bss_tmp_disallowed) and the
wpa_driver_ops callback have more similar names.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
remove_on_tx_status needs to be set in this case even if
dpp_config_processing=2 is used since there will be no connection
attempt when receiving a Configurator backup instead of station config
object.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
For now, this is done only for the case where the NFC Device is not
usable and if writing a single tag fails.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Make the debug output easier to read when performing interactive NFC
operations on a device that has a terminal showing the log.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The change to checking DPP_LISTEN return value ended up overwriting the
actual URI information from wpas_get_nfc_uri().
Fixes: 288c0ffaaa ("dpp-nfc: Do not hardcode netrole for NFC Tag writing cases")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Allow netrole to be specified for NFC Tag writing cases. Previously,
this was hardcoded to use netrole=configurator when starting the listen
operation. Now the netrole parameter is not included by default, but any
netrole value can be specified with the new --netrole command line
argument.
In addition, fix the listening frequency for the case where a channel is
picked.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
When removing a mesh peer with control interface commands (ACCEPT_ACL
DEL_MAC/DENY_ACL ADD_MAC/MESH_PEER_REMOVE) the plink count was not
decreased from its last connection. This resulted in peer link count
leakage and wpa_supplicant rejecting the connections after reaching
max_peer_links (default: 99).
Fix this by decreasing the plink count when removing a mesh peer which
is in PLINK_ESTAB state.
Signed-off-by: Yu Wang <yyuwang@codeaurora.org>
wpa_s->dpp_auth did not get cleaner if dpp_config_processing=1 is used.
Clear this after having received TX status for Configuration Result to
avoid leaving behind the completed provisioning instance.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The pending authentication exchange will make us ignore Reconfig
Authentication Request, so do not allow reconfiguration to be started in
that state.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The use of the alternative channel list did not work properly for the
case were both ends were trying to initiate the negotiated connection
handover. Fix this by always starting a new connection handover client
thread for sending the alternative proposal and ignoring peer messages
(likely something from the first attempt) during this modified attempt.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
When a PMKSA cache entry is available and used for connection with FILS
key management suite, use FILS authentication algorithm for connection
even if ERP keys are not available. This scenario may happen when
applications using wpa_supplicant cache persistently only PMKSA but not
ERP keys and reconfigures wpa_supplicant with PMKSA cache after
restarting wpa_supplicant.
The previous implementation correctly handles SME-in-wpa_supplicant
cases. However, SME-in-driver cases, complete FILS authentication
without PMKSA caching is performed.
Fix SME-in-driver behavior by setting authentication algorithm to
WPA_AUTH_ALG_FILS when connecting to a FILS AP using PMKSA caching.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The channel numbering/center frequencies was changed in IEEE
P802.11ax/D6.1. The center frequencies of the channels were shifted by
10 MHz. Also, a new operating class 136 was defined with a single
channel 2. Add required support to change the channelization as per IEEE
P802.11ax/D6.1.
Signed-off-by: Wu Gao<wugao@codeaurora.org>
Signed-off-by: Vamsi Krishna <vamsin@codeaurora.org>
If the peer's channel list in negotiated handover does not have any
common channels and the local end is configured with an alternative
channel list, try to initiate another negotiation handover with the
alternative channels.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Be clearer about only a tag read being allowed when dpp-nfc is
configured to not allow connection handover.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This fixes an issue where the pending authentication might have held a
reference to auth->tmp_peer_bi and dpp_auth_deinit() would try to free
that bootstrapping entry. This needs to happen before the call to
dpp_global_clear() to avoid double-removal of the bootstrapping entry
from the list.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add events for within-ESS reassociation. This allows us to monitor roam
events, both skipped and allowed, in tests.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
Pull all the within-ESS roam code out of wpa_supplicant_need_to_roam()
and into its own function, wpa_supplicant_need_to_roam_within_ess().
This way, we avoid interleaving several #ifndef's in the original
function and wrap the new function in one big #ifndef. This also
modularizes the within-ESS roam code and makes it easier to test.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
This allows the DPP_CA_SET command to be targeting a specific DPP-CST
event in cases where the Configurator did not receive the bootstrapping
information for the peer.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
"DPP_CA_SET name=status value=<int>" can now be used to explicitly
indicate that CSR was rejected by CA/RA.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add initial Enrollee functionality for provisioning enterprise (EAP-TLS)
configuration object. This commit is handling only the most basic case
and a number of TODO items remains to handle more complete CSR
generation and config object processing.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Set the SAE-PK capability bit in RSNXE when sending out (Re)Association
Request frame for a network profile that allows use of SAE-PK.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Previously, PMF support was enabled in optional mode (ieee80211w=1) for
Hotspot 2.0 network blocks automatically. This did not consider the
global PMF parameter and unconditionally changed that value to optional.
Since the newly added network block had an explicit ieee80211w
parameter, this overrode the global parameter. To make this less
surprising, use the global pmf parameter value to select whether to add
network blocks for Hotspot 2.0 with PMF being optionally enabled (pmf=0
or pmf=1) or required (pmf=2).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Allow user to configure the TX queue parameters through the
wpa_supplicant configuration file similarly to the way these can be set
in hostapd.
Parse the tx_queue_* parameters in the wpa_supplicant configuration file
and update the TX queue configuration to the AP/P2P GO interface in the
function wpa_supplicant_create_ap().
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
It was possible to find a BSS to local network profile match for a BSS
entry that has no known SSID when going through some of the SSID
wildcard cases. At leas the OWE transition mode case without BSSID match
could result in hitting this. Zero-length SSID (i.e., wildcard SSID) is
not valid in (Re)Association Request frame, so such an association will
fail. Skip such a BSS to avoid known-to-be-failing association attempts.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
If there is an acceptable BSS with SAE-PK enabled in the same ESS,
select that over a BSS that does not enable SAE-PK when the network
profile uses automatic SAE-PK selection.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Move the BSS-against-SSID matching into a separate helper function to
make this overly long function a bit more readable and to allow that
helper function to be used for other purposes.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This replaces the previously used sae_pk_only configuration parameter
with a more generic sae_pk that can be used to specify how SAE-PK is
negotiated. The default behavior (sae_pk=0) is to automatically
negotiate SAE-PK whenever the AP supports it and the password is in
appropriate format. sae_pk=1 allows only SAE-PK to be used and sae_pk=2
disables SAE-PK completely.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The wpa_supplicant control interface returns maximum of 4 kB of response
data and, thus, limits maximum number of scan entries as part of
SCAN_RESULTS to approximately 60. Add a new all_bss command to use a
more robust iteration of the BSS table entries with the BSS command to
to get all scan entries and print them in the same format as the
scan_results command.
Signed-off-by: Purushottam Kushwaha <pkushwah@codeaurora.org>
wpa_supplicant disables PMKSA caching with FT-EAP by default due to
known interoperability issues with APs. This is allowed only if the
network profile is explicitly enabling caching with
ft_eap_pmksa_caching=1. However, the PMKID for such PMKSA cache entries
was still being configured to the driver and it was possible for the
driver to build an RSNE with the PMKID for SME-in-driver cases. This
could result in hitting the interop issue with some APs.
Fix this by skipping PMKID configuration to the driver fot FT-EAP AKM if
ft_eap_pmksa_caching=1 is not used in the network profile so that the
driver and wpa_supplicant behavior are in sync for this.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add support for missing driver AKM capability flags from the list of
RSN_AUTH_KEY_MGMT_* flags and make these available through the
'GET_CAPABILITY key_mgmt' control interface command.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This maintains knowledge of whether H2E or PK was used as part of the
SAE authentication beyond the removal of temporary state needed during
that authentication. This makes it easier to use information about which
kind of SAE authentication was used at higher layer functionality.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Some of the recently added wpa_supplicant network profile parameters
were not documented in wpa_supplicant.conf. Add these there based on the
documentation in config_ssid.h.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The new wpa_supplicant network profile parameter sae_pk_only=1 can now
be used to disable use of SAE authentication without SAE-PK.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This adds STA side functionality for SAE-PK. This version enables SAE-PK
automatically based on the configured SAE password value if the selected
AP advertises support for SAE-PK.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This adds core SAE functionality for a new mode of using SAE with a
specially constructed password that contains a fingerprint for an AP
public key and that public key being used to validate an additional
signature in SAE confirm from the AP.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Convert the previously used text log entries to use the more formal
OCV-FAILURE prefix and always send these as control interface events to
allow upper layers to get information about unexpected operating channel
mismatches.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Make reporting of OCV validation failure reasons more flexible by
removing the fixed prefix from ocv_verify_tx_params() output in
ocv_errorstr so that the caller can use whatever prefix or encapsulation
that is most appropriate for each case.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
To support the STA testbed role, the STA has to use specified channel
information in OCI element sent to the AP in EAPOL-Key msg 2/4, SA Query
Request, and SA Query Response frames. Add override parameters to use
the specified channel while populating OCI element in all these frames.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
It was possible for the RSN state machine to maintain old PMKSA cache
selection (sm->cur_pmksa) when roaming to another BSS based on
driver-based roaming indication. This could result in mismatching state
and unexpected behavior, e.g., with not generating a Suite B PMKSA cache
entry.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Some distros (e.g., Debian and Arch) already build wpa_supplicant with
support for TDLS, and Fedora is about to enable this feature as well.
Set CONFIG_TDLS=y in wpa_supplicant default build configuration.
Signed-off-by: Davide Caratti <davide.caratti@gmail.com>
It was apparently possible to hit the 20000 octet limit in some cases,
so increase the limit to avoid process termination due to insufficient
room for preparing a response to Introspect calls.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is not really appropriate for any kind of cross compilations and is
not really needed in general since system specific values can be set in
.config.
Signed-off-by: Jouni Malinen <j@w1.fi>
This is needed to be able to receive Public Action frames when hostapd
was initially started with start_disabled=1.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
If the local device becomes the handover selector, make the debug log
entries about client functionality not receiving the response clearer
since that is not really an error case.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Allow any channel to be used by not including a specific single channel
in the handover request without a need (for AP mode, use the current
operating channel). When sending out the handover select, pick a single
channel if no specific channel has been negotiated.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Wait up to 100 ms for own handover request transmission to succeed if
peer handover request is received, but own crn is not yet available.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Convert most print() calls to use the summary() helper so that the
printed information gets written into a log file as well. In addition,
start using a mutex lock to synchronize debug prints between threads to
avoid merging of messages from different contexts.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Address possible handover request collisions for cases where both
devices try to initiate handover simultaneously.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The previous version was trying to force the handover roles based on the
--init-on-touch parameter on both sides. That is fine for some test
scenarios, but not appropriate for more normal use cases. Change this
design to enable handover server in all cases and only control starting
of the handover client based on --init-on-touch.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Do not try to proceed with negotiated connection handover if
wpa_supplicant control interface is not available.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This was previously done only for the negotiated connection handover
case, but the same parameters are useful for the tag reading cases (URI
record and static handover).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Use key_mgmt_iftype instead of key_mgmt when the specific interface type
is known by the context of the operation.
Use per interface type AKM capabilities in capa.key_mgmt_iftype array
based on the wpa_supplicant context instead of using capa.key_mgmt to
determine the driver AKM capability.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
Add support to query per interface type AKM capabilities through the
control interface. For example, "GET_CAPABILITY key_mgmt
iftype=STATION".
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
This allows DPP_AUTH_INIT to be used with tcp_addr=<dst> argument and
Configurator parameters to perform Configurator initiated DPP
provisioning over TCP. Similarly, DPP_CONTROLLER_START can now be used
to specify Configurator/Enrollee roles and extend Controller to work in
Enrollee role.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add more parameters to dpp-nfc.py to allow it to be used with more
detailed control by the caller. This allows Enrollee/Configurator roles
to be selected and Configurator parameters to be specified on the
command line.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Extend Enrollee functionality to process Reconfig Authentication
Confirm message and start GAS client.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Extend Configurator functionality to sign a special Connector for
reconfiguration and reply with Reconfig Authentication Request frame
when Reconfig Announcement frame is received with a matching C-sign key
hash value.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Check if there is a matching Configurator and be ready to initiate
Reconfig Authentication (which itself is not included in this commit).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Extend DPP chirping mechanism to allow Reconfig Announcement frames to
be transmitted instead of the Presence Announcement frames. Add a new
wpa_supplicant control interface command "DPP_RECONFIG <network id>" to
initiate reconfiguration for a specific network profile.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This may be needed to optimize use of offchannel TX operations with
wait-for-response when near the end of a pending remain-on-channel
operation.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The recvfrom() calls were supposed to use the full allocated buffer size
(max+1) to match the res > max check.
Fixes: 96b6dd21a0 ("Increase wpa_supplicant control interface buffer size")
Signed-off-by: Jouni Malinen <j@w1.fi>
"SET dpp_version_override <ver>" can now be used to request
wpa_supplicant and hostapd to support a subset of DPP versions. In
practice, the only valid case for now is to fall back from DPP version 2
support to version 1 in builds that include CONFIG_DPP2=y.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Check AP's DPP Protocol Version during network introduction and mark the
PMKSA cache as suitable for PFS use with version 2 or newer. This avoids
unnecessary attempt of negotiating PFS with version 1 APs.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
It is simpler to assign wpa_s->current_ssid to a local pointer now that
there are numerous dereferences of current_ssid within sme_associate().
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This can be used to determine whether to try to negotiate PFS (only
available with version 2 or higher).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Increase the maximum command length from 4 kB to 8 kB mainly to allow
larger certificate blobs to be configured. Use heap memory to avoid
inconveniently large stack requirements. In addition, reject potentially
truncated commands instead of trying to process them.
The maximum length of the request can now be determined with
"GET max_command_len".
Signed-off-by: Jouni Malinen <j@w1.fi>
Randomize GAS dialog token field, instead of using an incremental
counter with predictable values. This change will make this field
unuseful for user fingerprinting.
Signed-off-by: Hai Shalom <haishalom@google.com>
Do not use a random MAC address for the GAS exchange that is used as
part of the DPP protocol exchange since that would break DPP.
Configurator expects the same MAC address to be used for DPP
Authentication exchange and DPP Configuration exchange (GAS).
Since the DPP Authentication exchange has already used the MAC address
configured on the interface, use of a random address for the GAS
exchange would not provide any additional privacy protection. If a
random MAC address needs to be used for this type of an exchange, that
random address would need to be first configured on the interface before
starting DPP exchange.
This does not change GAS query behavior for any other use case, i.e.,
the gas_rand_mac_addr configuration continues to apply to all the
Interworking/Hotspot 2.0 uses.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
If the driver supports control port for EAPOL RX, do not register
l2_packet for RX to minimize unnecessary operation load.
Signed-off-by: Jouni Malinen <j@w1.fi>
There is no need for this to be outside the if block that is used to
check whether l2_packet is used for the interface.
Signed-off-by: Jouni Malinen <j@w1.fi>
This allows wpa_supplicant to avoid the packet socket workaround for
cases where a bridge interface is used if the driver supports control
port for EAPOL frame TX and RX.
Signed-off-by: Jouni Malinen <j@w1.fi>
This case of accepting WPA/TKIP-only credential based on internal
registrar request to configure an AP to use TKIP was still remaining
while all the WPS cases were supposed to enable mixed mode
automatically. This is bit of a corner case since this is based on
explicit local request to configure TKIP, but anyway, convert this one
as well to allow WPA2/CCMP to be used.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a build flag CONFIG_NO_TKIP=y to remove all TKIP functionality from
hostapd and wpa_supplicant builds. This disables use of TKIP as both the
pairwise and group cipher. The end result does not interoperate with a
WPA(v1)-only device or WPA+WPA2 mixed modes.
Signed-off-by: Disha Das <dishad@codeaurora.org>
Allow wpa_supplicant to be requested to override the RSNXE Used subfield
in FT reassociation case for testing purposes with "SET ft_rsnxe_used
<0/1/2>" where 0 = no override, 1 = override to 1, and 2 = override to
0.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Use global configuration parameters while invoking a persistent P2P
group after accepting P2P Invitation Request from a peer.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Mark own bootstrap information as having been used in NFC negotiated
connection handover and do not accept non-mutual authentication when
processing Authentication Response from the peer when such bootstrapping
information is used.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
If the Enrollee indicates support for DPP R2 or newer, add Connector and
C-sign-key in psk/sae credentials (i.e., cases where DPP AKM is not
enabled) for reconfiguration. Extend processing of such credentials in
wpa_supplicant network profile addition to handle this new case
correctly by not setting key_mgmt=DPP based on Connector being present,
but by looking at the actual akm value in the config object.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The chirping cases are not really targeting interactive operations, so
clear the requirement for mutual authentication when DPP_CHIRP command
is used. This avoids testing isues where an earlier DPP_LISTEN command
has used qr=mutual parameter and that seting not getting cleared before
the next DPP_CHIRP command is used.
This fixes a test case failure in the following test sequence:
dpp_auth_resp_status_failure dpp_controller_relay_chirp
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Define a driver interface event for Beacon frame protection failures.
Report such events over the control interface and send a
WNM-Notification Request frame to the AP as well.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add HE override support under the build parameter CONFIG_HE_OVERRIDES=y.
The disable_he=1 network profile parameter can be used to disable HE.
This requires a fallback to VHT on the 5 GHz band and to HT on the 2.4
GHz band.
There is no nl80211 support for configuring the driver to disable HE, so
for now, this applies only to IBSS and mesh cases.
Signed-off-by: P Praneesh <ppranees@codeaurora.org>
Drivers that trigger roaming need to know the lifetime and reauth
threshold time of configured PMKSA so that they can trigger full
authentication to avoid unnecessary disconnection. To support this, send
dot11RSNAConfigPMKLifetime and dot11RSNAConfigPMKReauthThreshold values
configured in wpa_supplicant to the driver while configuring a PMKSA.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
The new wpa_supplicant network profile parameter dpp_pfs can be used to
specify how PFS is applied to associations. The default behavior
(dpp_pfs=0) remains same as it was previously, i.e., try to use PFS if
the AP supports it. PFS use can now be required (dpp_pfs=1) or disabled
(dpp_pfs=2).
This is also working around an interoperability issue of DPP R2 STA with
certain hostapd builds that included both OWE and DPP functionality.
That issue was introduced by commit 09368515d1 ("OWE: Process
Diffie-Hellman Parameter element in AP mode") and removed by commit
16a4e931f0 ("OWE: Allow Diffie-Hellman Parameter element to be
included with DPP"). hostapd builds between those two commits would
reject DPP association attempt with PFS. The new wpa_supplicant default
(dpp_pfs=0) behavior is to automatically try to connect again with PFS
disabled if that happens.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Process received Presence Announcement frames and initiate
Authentication exchange if matching information is available on the
Configurator.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a new wpa_supplicant control interface command "DPP_CHIRP own=<BI
ID> iter=<count>" to request chirping, i.e., sending of Presence
Announcement frames, to be started.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
"DPP_BOOTSTRAP_SET <ID> <configurator parameters..>" can now be used to
set peer specific configurator parameters which will override any global
parameters from dpp_configurator_params.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Set the global pointer and msg_ctx when allocating struct
dpp_authentication instead of needing to pass these to
dpp_set_configurator().
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
We have to delete PTK keys when either BIT(0) or BIT(15) are zero and
not only when both are zero.
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
Allow AP mode network profile in wpa_supplicant to be configured to
advertise Transition Disable DKE.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Check whether the Transition Disable KDE is received from an
authenticated AP and if so, whether it contains valid indication for
disabling a transition mode. If that is the case, update the local
network profile by removing the less secure options.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
"GET last_tk_key_idx" can now be used in testing build to determine
which was the last configured Key ID for the pairwise key.
Signed-off-by: Jouni Malinen <j@w1.fi>
Support Extended Key ID in wpa_supplicant according to
IEEE Std 802.11-2016 for infrastructure (AP) associations.
Extended Key ID allows to rekey pairwise keys without the otherwise
unavoidable MPDU losses on a busy link. The standard is fully backward
compatible, allowing STAs to also connect to APs not supporting it.
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
There is no real use case for the scan to be requested on more than 100
channels individually. To avoid excessively long lists with invalid
configuration, use 100 entry limit for the list before dropping to the
fallback scan-all-channels option.
Signed-off-by: Jouni Malinen <j@w1.fi>
These are theoretical cases with 32-bit integers, but cases that could
potentially hit an integer overflow with 16-bit int.
Signed-off-by: Jouni Malinen <j@w1.fi>
While int and unsigned int are not going overflow in practice as 32-bit
values, these could at least in theory hit an integer overflow with
16-bit int. Use size_t to avoid such potential issue cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
This avoids a theoretical unsigned integer overflow case with 32-bit
integers, but something that could potentially be hit with 16-bit int
(though, even that part looks pretty theoretical in this particular case
of number of BSSs in scan results).
Signed-off-by: Jouni Malinen <j@w1.fi>
Make max_*_rate() functions and rate calculation at the beginning of
wpas_get_est_tpt() more continuous. In wpa_supplicant_need_to_roam(), we
compare these values to make a roaming decision. However, at certain
SNRs, we see unrealistically large jumps in estimated throughput
according to these functions, leading us to make incorrect roaming
decisions. Perform linear interpolation where applicable to more
accurately reflect actual throughput.
Example:
wlan0: Current BSS: 88:3d:24:b4:95:d2 freq=2412 level=-69 snr=20 est_throughput=54000
wlan0: Selected BSS: 88:3d:24:b4:89:9e freq=2417 level=-67 snr=22 est_throughput=63500
wlan0: Using signal poll values for the current BSS: level=-69 snr=20 est_throughput=54000
wlan0: Allow reassociation - selected BSS has better estimated throughput
2 dB increase in RSSI likely isn't responsible for a 17% increase in
throughput.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
The new wpa_supplicant control interface SET parameter disable_sa_query
can now be used to disable SA Query on receiving unprotected
disconnection event.
Signed-off-by: Jouni Malinen <j@w1.fi>
The previous design for adding RSNXE into FT was not backwards
compatible. Move to a new design based on 20/332r3 to avoid that issue
by not include RSNXE in the FT protocol Reassociation Request frame so
that an AP not supporting RSNXE can still validate the FTE MIC
correctly.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This is needed to avoid leaving external components (through control
interface or D-Bus) timing out while waiting for the scan completion
events. This was already taken care of for the scan-only case
("TYPE=only"), but the scan-and-allow-roaming case did not report the
scan completion event when operating in AP mode.
Signed-off-by: Jouni Malinen <j@w1.fi>
The new wpa_supplicant control interface parameter rsne_override_eapol
can be used similarly to the earlier rsnxe_override_eapol to override
the RSNE value added into EAPOL-Key msg 2/4.
Signed-off-by: Jouni Malinen <j@w1.fi>
Driver capabilities may end up masking out some WPA_KEY_MGMT_* bits, so
debug print the outcome only after having performed all these steps.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Split multi_ap_process_assoc_resp() to set 4-address mode after network
selection. Previously, wpa_s->current_ssid might have been NULL in some
cases and that would have resulted in 4-address mode not getting enabled
properly.
Signed-off-by: Gurumoorthi Gnanasambandhan <gguru@codeaurora.org>
The previous implementation was assuming a fixed 20 MHz channel
bandwidth when determining which operating class value to indicate as
the Current Operating Class in the Supported Operating Classes element.
This is not accurate for many HT/VHT cases.
Fix this by determining the current operating class (i.e., the operating
class used for the requested association) based on the HT/VHT operation
elements from scan results.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Commit e5a9b1e8a3 ("mesh: Implement use of VHT20 config in mesh mode")
introduced the possibility to check the disable_vht param. However, this
entry is only available when CONFIG_VHT_OVERRIDES is enabled and as
such, this broke the build for some cases.
Fix this by encapsulating VHT property with the proper CONFIG entry.
Fixes: e5a9b1e8a3 ("mesh: Implement use of VHT20 config in mesh mode")
Signed-off-by: Arturo Buzarra <arturo.buzarra@digi.com>
When wps_cred_add_sae=1 is used, WPS_AUTH_WPA2PSK credential gets
converted to enabling both PSK and SAE AKMs. However, this case was
still hardcoded auth_alg=OPEN which is not really correct for SAE. While
the SME-in-wpa_supplicant case can handle that, the SME-in-driver case
might not. Remove the unnecessary auth_alg=OPEN configuration to get the
normal PSK+SAE configuration enabled for the network profile.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Check whether an error is reported from any of the functions that could
in theory fail and if so, do not proceed with the partially filled SAE
commit buffer.
Signed-off-by: Jouni Malinen <j@w1.fi>
According to the systemd documentation "WantedBy=foo.service in a
service bar.service is mostly equivalent to
Alias=foo.service.wants/bar.service in the same file." However,
this is not really the intended purpose of install Aliases.
Signed-off-by: Joshua DeWeese <jdeweese@hennypenny.com>
Similarly to the wpa_supplicant_select_config() case,
wpa_get_beacon_ie() needs to handle the special case for OWE transition
mode where the SSID in the network profile does not match the SSID of
the OWE BSS (that has a hidden, random SSID). Accept such a BSS in case
the current scan results needs to be fetched for verifying EAPOL-Key msg
3/4 IEs.
Signed-off-by: Jouni Malinen <j@w1.fi>
It is possible for the hidden OWE BSS to be found based on SSID-specific
scan (e.g., from the special OWE scan mechanism). In that sequence, the
previously used learning of OWE BSS was skipped since the SSID was
already present in the BSS entry. This could result in not being able to
find a matching BSS entry for the OWE BSS in transition mode.
Fix this by adding the BSS flag for transition mode based on SSID
matching against currently enabled OWE network profiles in addition to
the previous mechanism.
Signed-off-by: Jouni Malinen <j@w1.fi>
The "unexpected" change of SSID between the current network profile
(which uses the SSID from the open BSS in OWE transition mode) and the
association with the OWE BSS (which uses a random, hidden SSID) resulted
in wpa_supplicant incorrectly determining that this was a
driver-initiated BSS selection ("Driver-initiated BSS selection changed
the SSID to <the random SSID from OWE BSS>" in debug log).
This ended up with updating security parameters based on the network
profile inwpa_supplicant_set_suites() instead of using the already
discovered information from scan results. In particular, this cleared
the RSN supplicant state machine information of AP RSNE and resulted in
having to fetch the scan results for the current BSS when processing
EAPOL-Key msg 3/4.
Fix this by recognizing the special case for OWE transition mode where
the SSID for the associated AP does not actually match the SSID in the
network profile.
Signed-off-by: Jouni Malinen <j@w1.fi>
When wpa_supplicant interface is added without a configuration file, the
SAVE_CONFIG command causes a segmentation fault due to referencing a
NULL pointer if the update_config parameter is first explicitly enabled.
Fix the issue by checking the confname for NULL before saving
configuration.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Specific BSSID scan was replacing wildcard SSID with the known SSID if
any BSS with the specified BSSID is available in the known BSSes list.
Add control interface support to force use of a wildcard SSID in a
specific BSSID scan by user with the new "wildcard_ssid=1" argument to
the SCAN command.
Signed-off-by: Veerendranath Jakkam <vjakkam@codeaurora.org>
Incorrect he_enabled parameter was being passed to
hostapd_set_freq_params() in mesh which caused HE to be not fully
enabled on the 5 GHz band. Fix this by setting freq->he_enabled instead
of vht_freq.he_enabled so that the hostapd_set_freq_params() uses the
correct he_enabled value (and then ends up copying this to
vht_freq.he_enabled in the success case).
Fixes: 6e711e7ab3 ("mesh: Do not enable HE on 5 GHz without VHT")
Signed-off-by: Pradeep Kumar Chitrapu <pradeepc@codeaurora.org>
The commit a34ca59e (SAE: Allow SAE password to be configured separately
(STA)) added sae_password configuration option. We should also consider
sae_password in the wpa_config_write() function which stores the valid
network block details to an external database.
Fixes: a34ca59e4d ("SAE: Allow SAE password to be configured separately (STA)")
Signed-off-by: Sachin Shelke <sachin.shelke@nxp.com>
Signed-off-by: Cathy Luo <xiaohua.luo@nxp.com>
Signed-off-by: Ganapathi Bhat <ganapathi.bhat@nxp.com>
wep_keys_set was not used in wpas_start_assoc_cb() without
IEEE8021X_EAPOL, so need to make this local variable conditional on
build options.
Signed-off-by: Jouni Malinen <j@w1.fi>
PASN authentication can be performed while a station interface is
connected to an AP. To allow sending PASN frames while connected, extend
the send_mlme() driver callback to also allow a wait option. Update the
relevant drivers and wpa_supplicant accordingly.
hostapd calls for send_mlme() are left unchanged, since the wait option
is not required there.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
This will be present when the driver supports SAE and it's included in
the wpa_supplicant build.
Signed-off-by: Brian Norris <briannorris@chromium.org>
WEP should not be used for anything anymore. As a step towards removing
it completely, move all WEP related functionality to be within
CONFIG_WEP blocks. This will be included in builds only if CONFIG_WEP=y
is explicitly set in build configuration.
Signed-off-by: Jouni Malinen <j@w1.fi>
While the WSC specification requires the Enrollee to stop PBC
provisioning if the scan sees multiple APs in active PBC mode, this is
problematic due to some deployed devices continuing to advertise PBC
mode for extended duration (or even permanently). Such an environment
will still need to prevent wildcard AP selection with PBC since an
incorrect device could be selected. However, if the Enrollee device has
been explicitly requested to connect to a specific AP based on its
BSSID, the other APs in scan results can be ignored without affecting
which AP would be selected (only the one matching the specified BSSID is
acceptable).
Start filtering scan results for PBC session overlap check based on the
locally specified constraint on the BSSID, if one is set. This allows
PBC to be used with "WPS_PBC <BSSID>" command in environment where
another AP device is claiming to be in active PBC mode while "WPS_PBC"
command will still continue to reject provisioning since the correct AP
cannot be selected.
This will also cover the P2P cases where P2P_CONNECT is used to start or
authorize GO Negotiation and joining-a-GO with a specific P2P GO
Interface Address (BSSID).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
There does not seem to be a good reason for using the different IFACE=
prefix on the UDP control interface. This got added when the UDP
interface in wpa_supplicant was extended in commit f0e5d3b5c6
("wpa_supplicant: Share attach/detach/send UDP ctrl_iface functions")
and that was then extended to hostapd in commit e920805685 ("hostapd:
Extend global control interface notifications").
Replace the IFACE= prefix in UDP case with IFNAME= to be consistent with
the UNIX domain socket based control interface.
This fixes a problem when at least one test case fail (hapd_ctrl_sta)
when remote/udp used. This also fixes test_connectivity().
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
Rekeying a pairwise key using only keyid 0 (PTK0 rekey) has many broken
implementations and should be avoided when using or interacting with
one. The effects can be triggered by either end of the connection and
range from hardly noticeable disconnects over long connection freezes up
to leaking clear text MPDUs.
To allow affected users to mitigate the issues, add a new configuration
option "wpa_deny_ptk0_rekey" to replace all PTK0 rekeys with fast
reconnects.
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
Pick the most recently added BSS entry based on BSSID matching to avoid
issues in testing environment where the SSID of the AP may have changed
and both the old and new BSS is still present in the scan results.
Signed-off-by: Jouni Malinen <j@w1.fi>
Hardcoded CONFIG_IEEE80211N to be included to clean up implementation.
More or less all new devices support IEEE 802.11n (HT) and there is not
much need for being able to remove that functionality from the build.
Included this unconditionally to get rid of one more build options and
to keep things simpler.
Signed-off-by: Jouni Malinen <j@w1.fi>