Implement configure_data_frame_filters() callback by using
the net-sysfs interfaces (if these are available).
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Add a new function declaration that will allow wpa_supplicant to request
the driver to configure data frame filters for specific cases.
Add definitions that will allow frame filtering for stations as
required by Hotspot 2.0:
1. Gratuitous ARP
2. Unsolicited NA
3. Unicast IP packets encrypted with GTK
Signed-off-by: Matti Gottlieb <matti.gottlieb@intel.com>
If a legacy client with no P2P PS support is trying to connect to
a P2P GO, the driver should know that, and change its PS behavior
accordingly.
Add a parameter to hostapd_sta_add_params() indicating if P2P PS is
supported by the station and pass this parameter to kernel with nl80211
driver when the station is added/set.
Signed-off-by: Ayala Beker <ayala.beker@intel.com>
Fix a possible memory leak in decode_tunnel_passwords() if an invalid
passphrase is received from the RADIUS server.
Signed-off-by: Ayala Beker <ayala.beker@intel.com>
This was previously handled for the case where the non-success
Invitation Response frame was sent out during the Listen phase. However,
in the case the Action frame TX ended up getting scheduled when the
Search phase scan had already started (e.g., due to the driver reporting
Invitation Request RX late enough for the Listen-to-Search transition
having already started), the postponed Action frame TX status processing
did not cover the specific case of non-success Invitation Response. This
could result in the p2p_find operation getting stopped (stuck in SEARCH
state) unexpectedly.
Fix this by calling p2p_check_after_scan_tx_continuation() from
Invitation Response TX callback handler if the invitation was rejected.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
The Secure bit in the Key Information field of EAPOL-Key frames is
supposed to be set to 1 when there is a security association. This was
done for other frames, but not for the EAPOL-Key Request frame where
supplicant is requesting a new PTK to be derived (either due to Michael
MIC failure report Error=1 or for other reasons with Error=0). In
practice, EAPOL-Key Request frame is only sent when there is a PTK in
place, so all such frames should have Secure=1.
Signed-off-by: Jouni Malinen <j@w1.fi>
This struct in the union is empty, but the design of using a zero-length
u8 array here is not fully compatible with C++ and can result in
undesired compiler warnings. This struct is not used anymore, so it can
be removed from the struct ieee80211_mgmt definition to complete the
changes started in commit d447cd596f
('Updates for stricter automatic memcpy bounds checking').
Signed-off-by: Jouni Malinen <j@w1.fi>
This struct in the union is empty, but the design of using a zero-length
u8 array here is not fully compatible with C++ and can result in
undesired compiler warnings. Since there are no non-IE fields in the
Probe Request frames, get the location of the variable length IEs simply
by using the pointer to the frame header and the known header length.
Signed-off-by: Jouni Malinen <j@w1.fi>
This struct in the union is empty, but the design of using a zero-length
u8 array here is not fully compatible with C++ and can result in
undesired compiler warnings. Since there are no non-IE fields in the
Probe Request frames, get the location of the variable length IEs simply
by using the pointer to the frame header and the known header length.
Signed-off-by: Jouni Malinen <j@w1.fi>
This reverts commit 4ca16b5fd7.
Configuration for this will be done using a previously assigned more
generic command. This new command
QCA_NL80211_VENDOR_SUBCMD_SET_TXRX_AGGREGATION has not been used in any
driver version and won't be used, so the assigned command id can be
freed for future use.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
There is no strong need for pulling in linux/if_ether.h here since all
that is needed if ETH_P_IP and we already cover multiple other ETH_P_*
values in utils/common.h.
Signed-off-by: Jouni Malinen <j@w1.fi>
This was only used for providing an option to use linux/if_packet.h
instgead of netpacket/packet.h in src/ap/iapp.c. However,
netpacket/packet.h is nowadays commonly available and hostapd already
depends on it through src/l2_packet/l2_packet_linux.c, so there is no
need to continue to provide this option for the kernel header.
Signed-off-by: Jouni Malinen <j@w1.fi>
This gets rid of need to include linux/if_vlan.h and additional defines
in vlan_ioctl.c to avoid issues with missing definitions in libc
headers.
Signed-off-by: Jouni Malinen <j@w1.fi>
Due to both <netinet/in.h> (in "utils/includes.h") and <linux/in6.h> (in
<linux/if_bridge.h>) being included, the in6_addr is being redefined:
once from the C library headers and once from the Linux kernel headers.
This causes some build failures with for example the musl C library:
In file included from /usr/include/linux/if_bridge.h:18,
from ../src/ap/vlan_init.c:17:
/usr/include/linux/in6.h:32: error: redefinition of 'struct in6_addr'
/usr/include/linux/in6.h:49: error: redefinition of 'struct sockaddr_in6'
/usr/include/linux/in6.h:59: error: redefinition of 'struct ipv6_mreq'
Mixing C library and Linux kernel headers is a bit problematic [1] and
should be avoided if possible [2]. In order to fix this, define just the
macros needed from <linux/if_bridge.h> as done in Busybox for the brctl
applet [3].
[1] https://sourceware.org/bugzilla/show_bug.cgi?id=15850
[2] http://www.openwall.com/lists/musl/2015/10/06/1
[3] https://git.busybox.net/busybox/commit/?id=5fa6d1a632505789409a2ba6cf8e112529f9db18
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
With this, vlan_init.c does not need any special header files anymore
and vlan_ifconfig.c does not need hostapd-specific header files that
might conflict with net/if.h on NetBSD.
Signed-off-by: Jouni Malinen <j@w1.fi>
Move the ioctl-based VLAN implementation to a separate file to avoid
need for conditional blocks within vlan_ioctl.c. This removes the
internal CONFIG_VLAN_NETLINK define, i.e., this is now used only in
build configuration (.config) to select whether to include the
vlan_util.c (netlink) or vlan_ioctl.c (ioctl) implementation of the
functions.
Signed-off-by: Jouni Malinen <j@w1.fi>
caddr_t is legacy BSD and should be avoided [1]. While glibc may still
use __caddr_t as the type, Linux kernel does not (it is "void __user *
ifru_data").
This fixes compile errors with the musl libc:
../src/ap/vlan_init.c: In function 'br_delif':
../src/ap/vlan_init.c:218:18: error: '__caddr_t' undeclared (first use in this function)
ifr.ifr_data = (__caddr_t) args;
[1] http://stackoverflow.com/questions/6381526/what-is-the-significance-of-caddr-t-and-when-is-it-used
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
cfg80211 reports a deauth/disassoc event when internally clearing
connection with the previous BSS. Ignore that event to allow the new
connect command to complete.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes it easier for drivers that use the Connect command instead of
separate Auth+Assoc commands to determine when to use reassociation
instead of association. Matching changes are still needed in cfg80211 to
allow this parameter to be used, but it is safe for wpa_supplicant to
start including this attribute now since it will be ignored by older
cfg80211 versions.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
pmksa->pmk or pmksa->pmkid cannot be NULL since they are arrays. Remove
the unnecessary NULL checks and use the provided pmksa pointer directly
to simplify the implementation. (CID 138519)
Signed-off-by: Jouni Malinen <j@w1.fi>
Interface additions/removals are not guaranteed to be for the driver
listening to the kernel events. As such, send the events to
wpa_supplicant_event_global() which can then pick the correct interface
registered with wpa_supplicant to send the event to.
Signed-off-by: Roy Marples <roy@marples.name>
Commit 1889af2e0f ('VLAN: Separate station
grouping and uplink configuration') added an ap_sta_set_vlan() function
that gets called from pmksa_cache_auth.c. This broke CONFIG_IBSS_RSN=y
build if src/ap/sta_info.c did not get included in the build, i.e., if
CONFIG_AP=y was not set.
Fix this by making the ap_sta_set_vlan() call conditional on
CONFIG_NO_VLAN being undefined and define this for CONFIG_IBSS_RSN=y
builds. This is fine for wpa_supplicant since CONFIG_AP=y case was
already defining this. For hostapd, this function call is not needed for
CONFIG_NO_VLAN case either.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This patch add functionality of mesh SAE PMKSA caching. If the local STA
already has peer's PMKSA entry in the cache, skip SAE authentication and
start AMPE with the cached value.
If the peer does not support PMKSA caching or does not have the local
STA's PMKSA entry in the cache, AMPE will fail and the PMKSA cache entry
of the peer will be removed. Then STA retries with ordinary SAE
authentication.
If the peer does not support PMKSA caching and the local STA uses
no_auto_peer=1, the local STA can not retry SAE authentication because
NEW_PEER_CANDIDATE event cannot start SAE authentication when
no_auto_peer=1. So this patch extends MESH_PEER_ADD command to use
duration(sec). Throughout the duration, the local STA can start SAE
authentication triggered by NEW_PEER_CANDIDATE even though
no_auto_peer=1.
This commit requires commit 70c93963ed
('SAE: Fix PMKID calculation for PMKSA cache'). Without that commit,
chosen PMK comparison will fail.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
This extends the wpa_supplicant PMKSA_FLUSH control interface command to
allow the PMKSA list from the authenticator side to be flushed for AP
and mesh mode. In addition, this adds a hostapd PMKSA_FLUSH control
interface command to flush the PMKSA entries.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
This extends the wpa_supplicant PMKSA control interface command to allow
the PMKSA list from the authenticator side to be listed for AP and mesh
mode. In addition, this adds a hostapd PMKSA control interface command
to show the same list for the AP case.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
This group capability bit was previously added unconditionally which
could result in the P2P Client assuming the functionality is available
even though the GO would always reject the request (not reply to it with
an assigned IP address) during the 4-way handshake.
Fix this by advertising the capability only if the GO configuration
allow IP address assignment to be completed.
Signed-off-by: Jouni Malinen <j@w1.fi>
Commit 732b1d20ec ('nl80211: Clean up
ifidx properly if interface in a bridge is removed') added
drv->if_indices_reason array similarly to the previously used
drv->if_indices. However, it had a copy-paste error here on the error
path where a reallocation failure after at least one successful
reallocation would result in the drv->if_indices being overridden
instead of restoring drv->if_indices_reason to the old value. Fix this
by setting the correct variable on the error path. (CID 138514)
Signed-off-by: Jouni Malinen <j@w1.fi>
SMPS mode is applicable only for HT and including an attribute to
configure it when HT is disabled could result in the AP start operation
failing. Fix this by adding the attribute only in cases where HT is
enabled.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Since this function needs to allocate memory, it might fail. Check that
the returned memory pointer is not NULL before trying to parse the
output.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
While this function could return NULL if the parameter issued to it were
NULL, that does not really happen here. Anyway, since this can result in
a warning from a static analyzer that does can see the return NULL
without fully understanding what it means here, check the return value
explicitly against NULL to avoid false warnings.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Since commit cb05808c46 ('nl80211: Generic
Linux master interface support for hostapd'), hostapd is listening for
EAPOL frames on any master which the interface is enslaved under.
This commit allows hostapd to support network hierarchy in which the
interface is enslaved under some master which in turn is enslaved under
a bridge.
Signed-off-by: Dedy Lansky <qca_dlansky@qca.qualcomm.com>
In scenarios where only DFS channels are available (e.g., outdoor,
special country codes), hostapd must be able to handle situations
where all are unavailable.
The two possibilities to get there are
1) while operating on the last available DFS channel a radar is
detected
2) hostapd is started while all channels are unavailable
In both cases, hostapd instead of terminating should better
wait for the NOPs to pass and re-try operation after the CAC.
This patch provides that feature by using the condition
(iface->state == HAPD_IFACE_DFS && !iface->cac_started)
as NOP mode signature to retry operation from within
hostapd_dfs_nop_finished().
Signed-off-by: Zefir Kurtisi <zefir.kurtisi@neratec.com>
Upon receiving FST setup request on old band, the peer is searched on
new band. The assumption is that MB IE from this peer on new band
previously received either in assoc event or in FST setup request.
There are cases in which above assumption doesn't work, peer is not
found and session setup fails. For example:
- STA connects over 11ac. Due to driver limitation, MB IE is not included
in assoc event
- STA connects over 11ad. MB IE included in assoc event.
- FST session established on 11ac band, with AP as initiator. i.e. FST
setup request sent in AP=>STA direction. STA searches for peer's (AP)
MB IE on 11ad band which exists.
- FST switch occur
- FST session established on 11ad band, with STA as initiator. i.e. FST
setup request sent in STA=>AP direction. AP searches for peer's (STA)
MB IE on 11ac band which are absent.
For fixing the above, consider also peers without MB IE as candidates in
the search algorithm.
Signed-off-by: Dedy Lansky <qca_dlansky@qca.qualcomm.com>
In the 60 GHz band, service discovery management frames are sent over
the control PHY and have a smaller maximum frame size (IEEE Std
802.11ad-2012, 21.4.3.2). Fix the code to use sufficiently small
fragment size when operating in the 60 GHz band.
The 60 GHz fragment size (928) is derived from the maximum frame size
for control PHY (1023) and subtracting 48 bytes of header size, and some
spare so we do not reach frames with the absolute maximum size.
Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
Add a new 'use_driver_iface_addr' configuration parameter to allow use
of the default interface address generated by the driver on interface
creation. This can be useful when specific MAC addresses were allocated
to the device and we want to use them for multi-BSS operation.
Signed-off-by: Eliad Peller <eliad@wizery.com>
There is a race condition in which AP might receive the EAPOL-Start
frame (from the just-associated station) before the TX completion of the
Association Response frame. This in turn will cause the EAPOL-Start
frame to get dropped, and potentially failing the connection.
Solve this by saving EAPOL frames from authenticated-but-not-associated
stations, and handling them during the Association Response frame TX
completion processing.
Signed-off-by: Eliad Peller <eliad@wizery.com>
Add UDP support for ctrl_iface:
New config option could be set:
CONFIG_CTRL_IFACE=udp
CONFIG_CTRL_IFACE=udp-remote
CONFIG_CTRL_IFACE=udp6
CONFIG_CTRL_IFACE=udp6-remote
And hostapd_cli usage:
hostapd_cli -i localhost:8877
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
This is preparation for sharing a single implementation for ctrl_iface
functionality in wpa_supplicant and hostapd.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
Update the peer WFD IE information based on WFD elements received in
Provision Discovery Response and GO Negotiation Response frames.
Signed-off-by: Avichal Agarwal <avichal.a@samsung.com>
Signed-off-by: Kyeong-Chae Lim <kcya.lim@samsung.com>
In case a Probe Request frame is received from a known peer P2P Device,
update the listen channel based on the P2P attributes in the Probe
Request frame. This can be useful for cases where the peer P2P Device
changed its listen channel, and the local P2P device is about to start a
GO Negotiation or invitation signaling with the peer.
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Currently, when scan is stuck in the kernel/driver/fw,
the nl80211 driver tries to recover by faking a SCAN_RESULTS flow.
However, the scan is still stuck in the kernel/driver/fw.
To avoid that stuck request, abort it upon scan timeout.
Signed-off-by: Ayala Beker <ayala.beker@intel.com>
syms is defined only for WPA_TRACE_BFD:
../src/utils/trace.c: In function ‘wpa_trace_deinit’:
../src/utils/trace.c:372:7: error: ‘syms’ undeclared (first use in this function)
free(syms);
^
../src/utils/trace.c:372:7: note: each undeclared identifier is reported only once for each function it appears in
make: *** [../src/utils/trace.o] Error 1
make: *** Waiting for unfinished jobs....
Add appropriate #ifdef.
Signed-off-by: Eliad Peller <eliad@wizery.com>
When building P2P IE for Probe Request frames in P2P scan, add the
device information attribute if the 60 GHz band is included in the scan,
since this is required by the P2P specification.
Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
Expose the functions wpas_get_bands() and wpas_freq_to_band() and the
enum wpa_radio_work_band, since they will be needed outside
wpa_supplicant.c.
Signed-off-by: Lior David <qca_liord@qca.qualcomm.com>
STT guards the exchange of FST Action frames with the peer station.
It was observed that sometimes Action frames sending is delayed at
driver/FW layers for few hundreds millisec.
Enlarge the STT to overcome such cases.
Signed-off-by: Dedy Lansky <qca_dlansky@qca.qualcomm.com>
In case vendor ACS command returns invalid channel or hardware mode,
complete the interface setup with an error code instead of simply
return, so that hostapd can properly clean up the interface setup.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This tells to the server how long we have been trying to transmit the
message so that the actual time of the message generation can be
determined from receive time (ignoring network delays and only at
accuracy of one second).
For interim updates, only value 0 is used since there are no
retransmissions of the same message. For other accounting messages, the
initial attempt goes out with value 0 and the retransmissions, if
needed, show the number of seconds the message has been waiting in the
queue.
Update the Identifier and Authenticator in the messages whenever
updating the Acct-Delay-Time per RFC 2866, 4.1 requirements.
Signed-off-by: Jouni Malinen <j@w1.fi>
Instead of using the RADIUS client retransmission design with the old
RADIUS message contents for each retry, trigger a completely new interim
accounting update instance more quickly (using the same schedule as
RADIUS message retransmissions) to improve accounting updates in cases
where RADIUS message delivery fails. This allows the server to get up to
date information from the time the "retry" message was sent instead of
the old information from the time the first failed attempt was sent.
Signed-off-by: Jouni Malinen <j@w1.fi>
There is no need to maintain two implementations of the functionality.
is_zero_ether_addr() is easier to understand, so use it.
Signed-off-by: Jouni Malinen <j@w1.fi>
Using rtnl_link_alloc_cache() is expensive as it fills in all configured
links. Using rtnl_link_get_kernel() is much more lightweight.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
When an interface is removed while it was in a bridge, the bridge was
not removed from the local ifidx list.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
As the Linux variant of l2_packet_init() does not use its own_addr
argument and l2_packet_receive() does not filter on destination MAC
address, this needs to be checked in the callback.
If there are multiple BSSes listening for FT RRB packets, all their
BSSIDs need to be local to the bridge interface. As l2_packet_init() is
going to receive all of them going for any local address, those RRB
messages started turning up on BSSes that were not destinated for and
cluttering logs.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
If the AP is slow, passphrase hashing takes too long to serve the client
before timeout. Extend the Tunnel-Password design to allow a 64
character value to be interpreted as a PSK and send SSID to RADIUS
server. This allows the RADIUS server to either take care of passphrase
hashing or to use raw PSK without such hashing.
This is especially important for FT-PSK with FT-over-air, where hashing
cannot be deferred.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
Instead of copying the full struct hostapd_sta_wpa_psk_short, share the
existing entry and use reference counting to check when it needs to be
freed. This allows caching of PSKs derived from passphrases to avoid
having to perform the heavy hashing operation multiple times.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
Hashing takes quite some time (can be about one second on a low-power
CPU for each passphrase provided), so hostapd can easily hit the 900 ms
Wi-Fi client authentication deadline (mac80211 uses 3x 300 ms). This can
be fixed by storing the passphrase instead of PSK with the STA and defer
the hashing into the WPA/RSN 4-way handshake, when enumerating all PSKs.
This applies for the case where a RADIUS server is used to store the
per-STA passphrases and this passphrase is delivered as part of the MAC
ACL check during IEEE 802.11 Authentication frame processing.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
The VLAN ifname is limited to the maximum length of IFNAMSIZ, so there
is no need to use heap allocation for it.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
r1_key_holder is an identifier that was always set to zero if unless
configured before.
See 11.6.1.7.4 of IEEE Std 802.11-2012 which reads
"R1KH-ID is a MAC address of the holder of the PMK-R1 in the
Authenticator of the AP"
See 12.2.2 of IEEE Std 802.11-2012 which reads
"Each R0KH-ID and R1KH-ID is assumed to be expressed as a unique
identifier within the mobility domain."
"The R1KH-ID shall be set to a MAC address of the physical entity
that stores the PMK-R1 ..."
Defaulting this to BSSID is a more reasonable value since we have not
rejected the missing r1_key_holder as invalid configuration.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
A malicious station could try to do FT-over-DS with a non WPA-enabled
BSS. When this BSS is located in the same hostapd instance, internal RRB
delivery will be used and thus the FT Action Frame will be processed by
a non-WPA enabled BSS. This processing used to crash hostapd as
hapd->wpa_auth is NULL. If the target BSS is on a different hostapd
instance, it will not listen for these packets and thus not crash.
Fix this by checking hapd->wpa_auth before delivery.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
The FT RRB hostapd packets have a length field. For PULL frames, it
counted the bytes starting with nonce and up to the last before pad. For
RESP frames, it counted the bytes starting with nonce and up to the last
before pad except for 2 bytes. For PUSH frames, it counted the bytes
starting with nonce and up to including pad.
As rounding is done with AES encryption, including pad does not make
sense. Not including the last field before pad does not make sense
either. These were broken in the earlier addition of the 2 octet
pairwise field in commit 1b484d60e5 ('FT:
Include pairwise cipher suite in PMK-R0 SA and PMK-R1 SA').
AES encryption is not affected, as rounding hides the differences. The
packets data_length field is not used, so the differences have no effect
there.
This patch changes the constants to match the bytes used, thus excluding
the pad. To validate the changes, look at remainder modulo 8 of the sum
of the size constants and the padding sizes.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
This makes hostapd track Supported Operating Classes information from
the associated STAs. The stored information is available through the STA
control interface command (supp_op_classes row) as a hexdump of the
Supported Operating Classes element starting from the Length field. This
information can be used as input to BSS transition management and
channel switching decisions.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Inside management frame TX status callback, print the TX result where it
was missing. This is useful for debugging management frame drops.
Signed-off-by: Dedy Lansky <qca_dlansky@qca.qualcomm.com>
This adds parsing of non-preferred channel list on an MBO AP. The
information in (Re)Association Request and WNM Notification Request
frames is parsed to get the initial value and updates from each
associated MBO STA. The parsed information is available through the STA
control interface command non_pref_chan[i] rows.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
If the second memory allocation in ieee802_11_send_wnmsleep_resp() were
to fail and ieee80211_11_get_tfs_ie() succeed, the wnmtfs_ie allocation
would not have been freed on the error path.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
While refactoring VLAN comparison into vlan_compare(), it was overlooked
that modifications are needed for tagged VLAN support.
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
If WPA2 and MBO are enabled, PMF needs to be enabled in hostapd
configuration. If PMF is optional in the configuration, an MBO STA is
required to negotiate use of PMF.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes hostapd parse a received WNM Notification Request frame
subelements and if a WFA MBO cellular data capability subelement is
seen, update the cellular data capability for the STA.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This makes hostapd parse the MBO attribute in (Re)Association Request
frame and track the cellular data capability (mbo_cell_capa=<val> in STA
control interface command).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This removes multiple copies of wpabuf_resize() following by
wpabuf_put_{buf,data}() with the help of two simple helper functions.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Add an option to add MBO IE to BSS Transition Management Request frame.
The MBO IE includes the transition reason code, cellular data connection
preference, and, if the disassoc imminent bit is set, it may also
include re-association retry delay. Otherwise, the re-association retry
delay should be set to zero.
The additional BSS_TM_REQ argument uses the following format:
mbo=<reason>:<reassoc delay>:<cell pref>
reason: 0-9
reassoc delay: 0-65535 (seconds; 0 = disabled)
cell pref: 0, 1, 255
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Add MBO IE with AP capability attribute to Beacon, Probe Response, and
(Re)Association Response frames to indicate the AP supports MBO.
Add option to add Association Disallowed attribute to Beacon, Probe
Response, and (Re)Association Response frames. Usage:
SET mbo_assoc_disallow <reason code>
Valid reason code values are between 1-5. Setting the reason code to
0 will remove the Association Disallowed attribute from the MBO IE
and will allow new associations.
MBO functionality is enabled by setting "mbo=1" in the config file.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Add the transition candidate list to BSS Transition Management Response
frame. The candidates preference is set using the regular wpa_supplicant
BSS selection logic. If the BSS transition request is rejected and
updated scan results are not available, the list is not added.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Add a function to derive phy type from frequency and bandwidth
as defined in IEEE Std 802.11ac-2013 Annex C (dot11PHYType).
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Add parsing of MBO IE in BSS Transition Management Request frames. If
the MBO IE includes the association retry delay attribute, do not try to
reconnect to the current BSS until the delay time is over.
If the MBO IE includes the cellular data connection preference attribute
or the transition rejection reason attribute, send a message to upper
layers with the data.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Signed-off-by: Avraham Stern <avraham.stern@intel.com>
Add definitions for global operating classes. These definitions will be
used to construct supported operating classes information element.
The operating classes definitions used locally for P2P module will be
removed and included in the general operating classes definitions.
Signed-off-by: Avraham Stern <avraham.stern@intel.com>