The wpa_supplicant code for IBSS allows to set the mcast rate. It is
recommended to increase this value from 1 or 6 Mbit/s to something higher
when using a mesh protocol on top which uses the multicast packet loss as
indicator for the link quality.
This setting was unfortunately not applied for mesh mode. But it would be
beneficial when wpa_supplicant would behave similar to IBSS mode and set
this argument during mesh join like authsae already does. At least it is
helpful for companies/projects which are currently switching to 802.11s
(without mesh_fwding and with mesh_ttl set to 1) as replacement for IBSS
because newer drivers seem to support 802.11s but not IBSS anymore.
Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
Tested-by: Simon Wunderlich <simon.wunderlich@openmesh.com>
wps_supplicant.h assumes that 'struct wpa_bss' is forward declared if
CONFIG_WPS is not defined. With the later inclusion of
600-ubus_support, the issue manifests in warnings like these:
wps_supplicant.h:113:15: warning: 'struct wpa_bss' declared inside parameter list will not be visible outside of this definition or declaration
struct wpa_bss *bss)
^~~~~~~
This patch forward declares 'struct wpa_bss' regardless.
This fixes linking errors found when compiling wpa_supplicant with
CONFIG_WNM_AP enabled but CONFIG_AP disabled.
Signed-off-by: David Bauer <mail@david-bauer.net>
add test-crypto_module.c to run crypto_module_tests()
adjust some tests/hwsim/*.py for mbed TLS (work in progress)
option to build and run-tests with CONFIG_TLS=internal # (default)
$ cd tests; make clean
$ make run-tests
option to build and run-tests with CONFIG_TLS=gnutls
$ cd tests; make clean CONFIG_TLS=gnutls
$ make run-tests CONFIG_TLS=gnutls
option to build and run-tests with CONFIG_TLS=mbedtls
$ cd tests; make clean CONFIG_TLS=mbedtls
$ make run-tests CONFIG_TLS=mbedtls
option to build and run-tests with CONFIG_TLS=openssl
$ cd tests; make clean CONFIG_TLS=openssl
$ make run-tests CONFIG_TLS=openssl
option to build and run-tests with CONFIG_TLS=wolfssl
$ cd tests; make clean CONFIG_TLS=wolfssl
$ make run-tests CONFIG_TLS=wolfssl
RFE: Makefile logic for crypto objects should be centralized
instead of being duplicated in hostapd/Makefile,
wpa_supplicant/Makefile, src/crypto/Makefile,
tests/Makefile, ...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Note: DFS is assumed to be usable if a country code has been set
Signed-off-by: Benjamin Berg <benjamin@sipsolutions.net>
Signed-off-by: Peter Oh <peter.oh@bowerswilkins.com>
USD had a control interface commands and events defined for it. Extend
this by providing similar USD methods through the dbus control
interface.
Signed-off-by: Lo,Chin-Ran <chin-ran.lo@nxp.com>
USD had a control interface events defined for it. Extend this by
providing similar USD signals through the dbus control interface.
Signed-off-by: Lo,Chin-Ran <chin-ran.lo@nxp.com>
This was supposed to call wpa_drv_nan_update_publish() instead of
wpa_drv_nan_cancel_publish().
Fixes: 633e969311 ("NAN: Option to offload NAN DE for USD into the driver")
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
There is no need to copy the A3 value for follow-up frames through the
control interface events and commands since it can be handled internally
in the service with sufficient accuracy. More parallel operations with
multiple peers might need per-peer information, but that can be extended
in the future, if that level of complexity is really needed in practice.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Wi-Fi Aware spec v4.0 was not clear on all cases and used a bit unclear
definition of A3 use in Table 5 (Address field definiton for NAN SDF
frames in USD). That resulted in the initial implementation using
Wildcard BSSID to comply with the IEEE 802.11 rules on Public Action
frame addressing.
For USD to have chances of working with synchronized NNA devices, A3
needs to be set to the NAN Cluster ID when replying to a frame received
from a synchronized NAN device. While there is no cluster ID for USD,
this can be done by copying the A3 from the received frame. For the
cases where sending out an unsolicited multicast frame, the NAN Network
ID should be used instead of the Wildcard BSSID.
While this behavior is not strictly speaking compliant with the IEEE
802.11 standard, this is the expected behavior for NAN devices, so
update the USD implementation to match.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
IEEE P802.11be requires H2E to be used whenever SAE is used for ML
association. However, some early Wi-Fi 7 APs enable MLO without H2E.
Recognize this special case based on the fixed length Basic Multi-Link
element being at the end of the data that would contain the unknown
variable length Anti-Clogging Token field. The Basic Multi-Link element
in Authentication frames include the MLD MAC addreess in the Common Info
field and all subfields of the Presence Bitmap subfield of the
Multi-Link Control field of the element zero and consequently, has a
fixed length of 12 octets.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This is needed for P2P2 pairing using PASN. The actual processing will
be covered in separate commits.
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
It is clearer to use enum p2p_status_code instead of u8 when processing
and passing the P2P Status Code to other components.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Add a new method "pair" to indicate the connect request perform the
Wi-Fi Direct R2 methods like bootstrapping and pairing for connection.
This fixes control interface command parsing which expects method as
mandatory.
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
DPP supports provisioning of SAE password identifiers to uniquely
identify a password if the enrollee indicates support for them. Indicate
Enrollee support for that and add the received value into the network
profile.
I put everything under defines for CONFIG_DPP3 as this is a bleeding
edge feature in DPP.
This was tested against my DPP reference implementation acting as the
Configurator.
Signed-off-by: Dan Harkins <dharkins@lounge.org>
This separates the control interface specific generation of a text event
message away from the main implementation of USD and makes it more
convenient to add support for other control interface mechanisms like
dbus.
Signed-off-by: Lo,Chin-Ran <chin-ran.lo@nxp.com>
Add support for P2P2 bootstrapping with comeback mechanism using
Provision Discovery frames. Extend the control interface command
P2P_CONNECT to allow P2P2 bootstrapping handshake.
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
Process the Element Container attribute from NAN SDF frames and check if
P2P attributes are present. Add a P2P peer device entry if the NAN SDF
frame has matching service and P2P capabilities.
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
Add frequency list to active NAN USD Subscriber to search for a
Publisher on multiple channels. This is the publish channel list used by
the Subscriber to periodically search for a service on these channels.
publishChannelList was already supported in the Publisher and this
commit extends that to the Subscriber.
This is needed for a P2P2 seeker that is an active subscriber looking
for an advertiser on a list of publish channels.
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
Generate a random device identity key and save it to the config file.
Use the same identity key from config to derive DIRA for NAN SDF frames.
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
This was missing a newline at the end of the line.
Fixes: 8fa52a7974 ("FT: Allow wpa_supplicant to be configured to prepend PMKR1Name")
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
Extend the NAN Subscribe and Publish methods to allow p2p=1 to be
specified to include P2P attributes in a P2P IE to be added into the NAN
Element Container attribute. In addition, use the P2P Device Address for
the NAN SDFs for the P2P cases.
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
Support implementation architecture where the NAN discovery engine is
located in the driver/firmware instead of wpa_supplicant.
Signed-off-by: Shivani Baranwal <quic_shivbara@quicinc.com>
The restriction of the passphrase length to 8..63 characters is only
applicable for WPA2-Personal (PSK). Remove this constraint when
processing a configuration object that includes SAE without PSK.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Always set SNonce cookie and enable RSN Override elements validation
irrespective of the RSN Selection element usage in (Re)Association
Request frame when RSN overriding supported.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Modify wpa_supplicant code based on the updated driver interface for RSN
overriding capability indication.
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Store the full set of AP's RSNE/RSNXE variants to wpa_sm while
processing association event. Commit 521374b978 did this for the cases
that were needed for SME-in-wpa_supplicant cases, but forgot to update
the cases needed for SME-in-driver. Convert those to the updated
protocol design as well.
Fixes: 521374b978 ("RSNO: Include all RSNE/RSNXE variants in EAPOL-Key message 3/4")
Signed-off-by: Veerendranath Jakkam <quic_vjakkam@quicinc.com>
Some APs do not advertise operating classes correctly for BSS Transition
Management. Try to determine the most likely operating frequency based
on the channel number (1..14 --> 2.4 GHz; 36..177 --> 5 GHz) if invalid
op_class == 255 is received in a BSS Transition Management Request. This
speeds up the following operating by avoiding a full scan due to an
unknown channel.
This extends the workaround that was added in commit 80ce804e88 ("WNM:
Workaround for broken AP operating class behavior") for invalid
operating class 0 to cover another observed case with invalid operating
class 255.
Signed-off-by: Yu Zhang(Yuriy) <quic_yuzha@quicinc.com>
If a scan triggers a regdom update into a 6 GHz-allowed regdom, and an
RNR element in one of the legacy band scan results points to a 6 GHz
scan result with a short SSID matching the current_ssid, delay
connection in favor of a 6 GHz-only scan. This will optimize the case in
which we first connect to a 5 GHz AP, then later roam to a 6 GHz one by
directly connecting to the 6 GHz one.
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
wpas_trigger_6ghz_scan() returns 1 on success and 0 on failure to
trigger the scan. Checking the return value to be less than zero is not
correct. This was supposed to check for success, i.e., greater than
zero.
Fixes: 42add3c27b ("Scan 6 GHz channels after change to 6 GHz-allowed regdom")
Signed-off-by: Matthew Wang <matthewmwang@chromium.org>
In P2P_GROUP_ADD command and GroupAdd dbus method, frequency is passed
in as a parameter when restarting a persistent group. This is the group
operating frequency determined out of band. Use this pre-determined
frequency in P2P client as well to expedite the P2P scan.
Signed-off-by: Jintao Lin <jintaolin@chromium.org>
Expose whether a 6 GHz scan is in progress with the ScanInProgress6GHz
property and flush properties as soon as the property is updated, so
that platforms can choose not to disconnect while a 6 GHz scan is in
progress. Once the 6 GHz scan has completed and scan results have been
received, the ScanInProgress6GHz property is reset to false.
Signed-off-by: Ruth Mekonnen <rmekonnen@chromium.org>
When non_coloc_6ghz = false, the STA is expected to scan for colocated
APs. However, if the colocated AP is on a non-PSC channel, it will not
be detected during the 6 GHz-only scan because the frequency list is
limited to PSC channels. Even when the NL80211_SCAN_FLAG_COLOCATED_6GHZ
is set, the cfg80211 only scans a subset of the channels in the original
6 GHz scan request. Therefore, this patch adds non-PSC channels to the
original 6 GHz scan request.
Signed-off-by: Ruth Mekonnen <rmekonnen@chromium.org>
