The purpose of Multi-AP specification is to enable inter-operability
across Wi-Fi access points (APs) from different vendors.
This patch introduces one new configuration parameter 'multi_ap' to
enable Multi-AP functionality and to configure the BSS as a backhaul
and/or fronthaul BSS.
Advertise vendor specific Multi-AP capabilities in (Re)Association
Response frame, if Multi-AP functionality is enabled through the
configuration parameter.
A backhaul AP must support receiving both 3addr and 4addr frames from a
backhaul STA, so create a VLAN for it just like is done for WDS, i.e.,
by calling hostapd_set_wds_sta(). Since Multi-AP requires WPA2 (never
WEP), we can safely call hostapd_set_wds_encryption() as well and we can
reuse the entire WDS condition.
To parse the Multi-AP Extension subelement, we use get_ie(): even though
that function is meant for parsing IEs, it works for subelements.
Signed-off-by: Venkateswara Naralasetty <vnaralas@codeaurora.org>
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Include an OCI element in SA Query Request and Response frames if OCV
has been negotiated.
On Linux, a kernel patch is needed to let clients correctly handle SA
Query Requests that contain an OCI element. Without this patch, the
kernel will reply to the SA Query Request itself, without verifying the
included OCI. Additionally, the SA Query Response sent by the kernel
will not include an OCI element. The correct operation of the AP does
not require a kernel patch.
Without the corresponding kernel patch, SA Query Requests sent by the
client are still valid, meaning they do include an OCI element.
Note that an AP does not require any kernel patches. In other words, SA
Query frames sent and received by the AP are properly handled, even
without a kernel patch.
As a result, the kernel patch is only required to make the client properly
process and respond to a SA Query Request from the AP. Without this
patch, the client will send a SA Query Response without an OCI element,
causing the AP to silently ignore the response and eventually disconnect
the client from the network if OCV has been negotiated to be used.
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
ocv_verify_tx_params() verifies that the receive OCI element includes
field values that are compatible with the local channel configuration.
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
This adds two utility functions to convert both operating classes and
and the chan_width enum to an integer representing the channel
bandwidth. This can then be used to compare bandwidth parameters in an
uniform manner.
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
This function can be used to easily convert the parameters returned
by the channel_info driver API, into their corresponding operating
class and channel number.
Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
Also add the ChangeLog entries for both hostapd and wpa_supplicant to
describe main changes between v2.6 and v2.7.
Signed-off-by: Jouni Malinen <j@w1.fi>
The reverse case (local identifier configured but no identifier
received) was already covered, but PKEX is not going to complete
successfully if there is any difference in identifier configuration, so
ignore this other case as well. This avoids unnecessary responses to
PKEX requests with identifier from a device that is ready for PKEX in
general, but not for that particular request.
Signed-off-by: Jouni Malinen <j@w1.fi>
This commit enhances QCA_NL80211_VENDOR_SUBCMD_LINK_PROPERTIES to
also be an event, aimed to notify the link status (EX: connected
stations status on an AP link).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
A local memory allocation failuring during GAS Comeback Response frame
generation could result in freeing the response context without removing
it from the list. This would result in dereferencing freed memory when
processing the next comeback request.
Signed-off-by: Jouni Malinen <j@w1.fi>
If local memory allocation for the GAS response failed, couple of error
paths ended up leaking some memory maintaining the state for the
exchange. Fix that by freeing the context properly.
Signed-off-by: Jouni Malinen <j@w1.fi>
Parse the OSEN IE from the AP to determine values used in the AssocReq
instead of using hardcoded cipher suites. This is needed to be able to
set the group cipher based on AP advertisement now that two possible
options exists for this (GTK_NOT_USED in separate OSEN BSS; CCMP or
GTK_NOT_USED in shared BSS case). Furthermore, this is a step towards
allowing other ciphers than CCMP to be used with OSEN.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add QCA_NL80211_VENDOR_SUBCMD_COEX_CONFIG vendor command
to set the priorities among different types of traffic of
WLAN/BT/Zigbee during coex scenarios.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add interface for drivers to report changes in TX/RX throughput
dynamically to user space. This information can be used by userspace
tools to tune kernel's TCP parameters in order to achieve peak
throughput. The driver may optionally provide guidance on which TCP
parameters to be configured for optimal performance along with the
values to be configured.
The TCP parameters that need to be tuned for peak performance are not
interface specific. Based on the guidance from the driver and
considering the other interfaces that may be affected with the new
configurations, a userspace tool has to choose the values to be
configured for these parameters to achieve optimal performance across
interfaces.
The throughput levels informed by the driver with this event are only
for providing guidance on TCP parameter tuning from userspace. The
driver may change the thresholds used to decide low or medium or high
throughput levels based on several parameters based on the PHY layer
capacity in the current connection, the number of packets being
dispatched per second, or the number of packets pending in queues, etc.
The throughput levels may not be consistent with the actual throughput
of the link.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a new wifi test config QCA vendor attribute to configure action
frame transmission in HE trigger based PPDU.
This is used for testbed configuration.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a new wifi test config QCA vendor attribute to configure HE
single user PPDU transmission.
This is used for testbed configuration.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a new wifi test config QCA vendor attributes to configure HE
operating mode control field bandwidth, number of spatial streams, and
UL MU disable configuration. Define a new attribute to clear the
previously set HE OM control field configuration. This is used for
testbed configuration.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add support for negotiating WNM Collocated Interference Reporting. This
allows hostapd to request associated STAs to report their collocated
interference information and wpa_supplicant to process such request and
reporting. The actual values (Collocated Interference Report Elements)
are out of scope of hostapd and wpa_supplicant, i.e., external
components are expected to generated and process these.
For hostapd/AP, this mechanism is enabled by setting
coloc_intf_reporting=1 in configuration. STAs are requested to perform
reporting with "COLOC_INTF_REQ <addr> <Automatic Report Enabled> <Report
Timeout>" control interface command. The received reports are indicated
as control interface events "COLOC-INTF-REPORT <addr> <dialog token>
<hexdump of report elements>".
For wpa_supplicant/STA, this mechanism is enabled by setting
coloc_intf_reporting=1 in configuration and setting Collocated
Interference Report Elements as a hexdump with "SET coloc_intf_elems
<hexdump>" control interface command. The hexdump can contain one or
more Collocated Interference Report Elements (each including the
information element header). For additional testing purposes, received
requests are reported with "COLOC-INTF-REQ <dialog token> <automatic
report enabled> <report timeout>" control interface events and
unsolicited reports can be sent with "COLOC_INTF_REPORT <hexdump>".
This commit adds support for reporting changes in the collocated
interference (Automatic Report Enabled == 1 and partial 3), but not for
periodic reports (2 and other part of 3).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add NAN NDP attribute QCA_WLAN_VENDOR_ATTR_PEER_NDPE_SUPPORT which
indicates if NDP remote peer supports NDPE attribute or not.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a subcommand for Channel Frequency Response (CFG) Capture
Configuration and define attributes for configuring CFR capture
parameters per peer and enabling/disabling CFR capture.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Extend hostapd to allow the new OSU Provider NAI List ANQP-element to be
advertised in addition to the previously used OSU Providers list
ANQP-element. The new osu_nai2 configurator parameter option is used to
specify the OSU_NAI value for the shared BSS (Single SSID) case while
osu_nai remains to be used for the separate OSU BSS.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Driver/firmware does roam scan when it finds the need to roam to a
different BSS. Add a QCA vendor event to indicate such roam scan events
from driver/firmware to user space.
Please note that some drivers may not send these events in few cases,
e.g., if the host processor is sleeping when this event is generated in
firmware to avoid undesired wakeups.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The temporary EC_POINT 'sum' needs to be freed at the end of the
function with the other OpenSSL allocations.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
It looks like at least OpenSSL 1.1.0i includes the extra checks in
EC_POINT_set_affine_coordinates_GFp() that break the previously used
mechanism for generating invalid keys. Fix this by using the alternative
design that was used with OpenSSL 1.1.1 and BoringSSL.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Parse the Venue URL ANQP-element payload and report it with the new
RX-VENUE-URL event messages if the query was done using PMF.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Define a new QCA vendor specific test config attribute to configure the
support for receiving the MPDU with operating mode control subfield.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This enhances DPP_AUTH_INIT, DPP_CONFIGURATOR_SIGN, and SET
dpp_configurator_params to allow optional setting of the DPP groupId
string for a Connector. If the value is not set, the previously wildcard
value ("*") is used by default.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The payload used for the existing NAN vendor command,
QCA_NL80211_VENDOR_SUBCMD_NAN is a binary blob of data. This
command is not extendable to send additional information. Hence
define a new vendor command QCA_NL80211_VENDOR_SUBCMD_NAN_EXT,
that can carry the binary blob encapsulated within an attribute
and can carry additional attributes to enhance the NAN command
interface. Define additional 3 new attributes for conveying
type of NAN subcmd and channel information.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Present implementation of NAN vendor command does not use
attribute encapsulation for sending the command from userspace
to the driver, payload is directly sent as is. Attribute
QCA_WLAN_VENDOR_ATTR_NAN is used only for receiving vendor
events in the userspace from the driver. Update the doc as per
this implementation.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The max supported ADDBA buffer size value is 256, so change
the buffer size attribute type to U16 to configure the testbed
device to use the 256 buffer size in ADDBA negotiation in 11ax
testing.
This attribute is used only to configure a testbed device and the old
definition of this attribute was not used in any deployed implementation
hence it is still justifiable to change the definition.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a QCA vendor attribute
QCA_WLAN_VENDOR_ATTR_GSCAN_MAX_BLACKLIST_BSSID to get maximum
blacklist BSSIDs capability from the driver for gscan.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
GCM-AES-256 cipher suite is defined in IEEE Std 802.1AEbn-2011.
If authenticator configured as GCM-AES-256, the distributed SAK will be
256 bits indicated by the GCM-AES-256 ID in the MKA packet.
This patch will make AES Key Unwrap to 32 bytes of SAK when identify the
ID.
Signed-off-by: xiaofeis <xiaofeis@codeaurora.org>
Add a new test config QCA vendor attribute to override the MU EDCA
parameters to default values in the driver for test configuration. This
is used for configuring the testbed device.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a new wifi test config QCA vendor attribute to configure HE
trigger frame MAC padding duration value in the driver.
This is used for testbed configuration.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a new wifi test config QCA vendor attributes to configure
HE MU EDCA parameters value in the driver.
This is used for testbed configuration.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a new wifi test config QCA vendor attribute to configure Tx
beamformee number of space-time streams value in the driver.
This is used for testbed configuration.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The AKM 00-0F-AC:13 is supposed to use cryptographic algorithms
consistently, but the current IEEE 802.11 standard is not doing so for
the key names: PMKID (uses SHA-1), PMKR0Name/PMKR1Name (uses SHA-256).
The PMKID case was already implemented with SHA-384 and this commit
replaces use of SHA-256 with SHA-384 for PMKR0Name/PMKR1Name derivation
to be consistent in SHA-384. While this is not compliant with the
current IEEE 802.11 standard, this is clearly needed to meet CNSA Suite
requirements. Matching change is being proposed in REVmd to get the IEEE
802.11 standard to meet the use case requirements.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This defines key lengths for SHA384-based FT AKM and handles writing and
parsing for RSNE AKMs with the new value.
Signed-off-by: Jouni Malinen <j@w1.fi>
This commit adds a new vendor command attribute
QCA_WLAN_VENDOR_ATTR_CONFIG_GTX in
QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION to enable/disable green
Tx power saving feature.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This extends the SAE implementation in both infrastructure and mesh BSS
cases to allow an optional Password Identifier to be used. This uses the
mechanism added in P802.11REVmd/D1.0. The Password Identifier is
configured in a wpa_supplicant network profile as a new string parameter
sae_password_id. In hostapd configuration, the existing sae_password
parameter has been extended to allow the password identifier (and also a
peer MAC address) to be set. In addition, multiple sae_password entries
can now be provided to hostapd to allow multiple per-peer and
per-identifier passwords to be set.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add NAN attributes to communicate IPv6 address, port, and protocol
between wifihal and host driver.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Over time a number of style issues have crept into qca-vendor.h,
so fix most of them. There are some identifiers and comments which
exceed 80 columns, but these are left as-is for readability.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This can be used to determine which mechanism to use for configuring
country code from trusted sources.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add a new wifi test config QCA vendor attribute to configure Tx
beamformee in the driver. This is used for testbed configuration.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
OpenSSL started reporting failures from
EC_POINT_set_affine_coordinates_GFp() similarly to BoringSSL, so use the
same workaround to enable this protocol testing case.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add commands to allow an AP to configure filtering rules to capture
frames from stations that are active on the operating channel, but
not associated to this AP. Operations include add/delete the filter
and get the statistics information of the unassociated stations.
Signed-off-by: Karthikeyan Periyasamy <periyasa@codeaurora.org>
Extend RADIUS DAS to support CoA-Request packets for the case where the
HS 2.0 Terms And Conditions filtering VSA is used to remove filtering.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Mark a channel as required DFS based on regulatory information received
from the driver/kernel rather than deciding based on hardcoded
boundaries on the frequency. Previously few channels were being marked
as requiring DFS even though they were non-DFS in a particular country.
If the driver does not provide channel list information, fall back to
the previously used frequency-based determination.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Extend wpa_supplicant WNM-Notification RX handling to parse and process
received Terms and Conditions Acceptance notifications. If PMF is
enabled for the association, this frame results in control interface
indication (HS20-T-C-ACCEPTANCE <URL>) to get upper layers to guide the
user through the required acceptance steps.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This extends hostapd Access-Accept processing to check if the RADIUS
server indicated that Terms and Conditions Acceptance is required. The
new hs20_t_c_server_url parameter is used to specify the server URL
template that the STA is requested to visit.
This commit does not enable any kind of filtering, i.e., only the part
of forwarding a request from Access-Accept to the STA using
WNM-Notification is covered.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This allows user to get event indication when a new interface is
added/removed for 4addr WDS STA and also WDS STA ifname is informed
through the STA command.
Signed-off-by: Bhagavathi Perumal S <bperumal@codeaurora.org>
While it is unlikely that FILS would be used without PMF or SAE in the
build, it is possible to generate such a build and as such, it would be
good for the KDF selection to work properly. Add CONFIG_FILS as an
independent condition for the SHA256-based KDF. Previously, this
combination would have resulted in failure to derive keys and terminated
key management exchange.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This extends hostapd processing of (Re)Association Request frames to
store a local copy of the Consortium OI within the Roaming Consortium
Selection element, if present, and then add that in HS 2.0 Roaming
Consortium attribute into RADIUS Access-Request messages.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This extends wpa_supplicant Hotspot 2.0 ANQP routines to allow the
Operator Icon Metadata ANQP-element to be fetched with "ANQP_GET <bssid>
hs20:12". The result is available in the new hs20_operator_icon_metadata
entry in the "BSS <bssid>" output.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
At least LibreSSL v2.7.2 indicates support for OpenSSL API 1.1.0, but it
does not apparently use const ASN1_OBJECT * with X509_ALGOR_get0(). Use
the older non-const version here with LibreSSL to fix compilation.
Signed-off-by: Jouni Malinen <j@w1.fi>
This gives more protection against unexpected behavior if RSN supplicant
code ends up trying to use sm->pmk[] with a stale value. Couple of the
code paths did not clear sm->pmk_len explicitly in cases where the old
PMK is being removed, so cover those cases as well to make sure these
will result in PMK-to-PTK derivation failures rather than use of
incorrect PMK value if such a code path could be reached somehow.
Signed-off-by: Jouni Malinen <j@w1.fi>
Add a new wifi test config attribute to configure HE LTF in the
driver. This is used for testbed configuration.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
In the current implementation, upon an EAP method failure, followed by
an EAP failure, the EAP Status is propagated up in wpa_supplicant with a
general failure parameter string "failure". This parameter is used for a
notification on the dbus.
This commit reports the EAP method failure error code in a separate
callback.
The solution in this commit is generic to all EAP methods, and can be
used by any method that need to pass its error code. However, this
commit only implements the reporting for EAP-SIM and EAP-AKA methods
where the Notification Code (in AT_NOTIFICATION) is used as the method
specific error code value.
Signed-off-by: Ahmed ElArabawy <arabawy@google.com>
This extends the original IEEE Std 802.11ai-2016 functionality with the
changes added in REVmd to describe how additional keys are derived to
protect the FT protocol using keys derived through FILS authentication.
This allows key_mgmt=FT-FILS-SHA256 to be used with FT protocol since
the FTE MIC can now be calculated following the changes in REVmd. The
FT-FILS-SHA384 case is still unsupported (it needs support for variable
length MIC field in FTE).
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The previous implementation ended up defaulting to using PRF-SHA1 for
deriving PTK from PMK when SAE was used. This is not correct since the
SAE AKM is defined to be using SHA-256 -based KDF instead. Fix that.
Note: This change is not backwards compatible. Both the AP and station
side implementations will need to be updated at the same time to
maintain functionality.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add an event callback for EVENT_STATION_OPMODE_CHANGED to allow
user/application to get the notification whenever there is a change in a
station's HT/VHT op mode.
The new events:
STA-OPMODE-MAX-BW-CHANGED <addr> <20(no-HT)|20|40|80|80+80|160>
STA-OPMODE-SMPS-MODE-CHANGED <addr> <automatic|off|dynamic|static>
STA-OPMODE-N_SS-CHANGED <addr> <N_SS>
Signed-off-by: Tamizh chelvam <tamizhr@codeaurora.org>
To retain configurator information across hostapd/wpa_supplicant
restart, private key need to be maintained to generate a valid pair of
authentication keys (connector, netaccess_key, csign) for new enrollees
in the network.
Add a DPP_CONFIGURATOR_GET_KEY control interface API through which the
private key of an existing configurator can be fetched.
Command format:
DPP_CONFIGURATOR_GET_KEY <configurator_id>
The output from this command can then be used with
"DPP_CONFIGURATOR_ADD key=<hexdump>" to create the same key again.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The SAE AKM 00-0F-AC:8 is supposed to use EAPOL-Key Key Descriptor
Version 0 (AKM-defined) with AES-128-CMAC and NIST AES Key Wrap.
However, the previous implementation ended up using Key Descriptor
Version 2 (HMAC-SHA-1-128 and NIST AES Key Wrap). Fix this by using the
appropriate Key Descriptor Version and integrity algorithm. Use helper
functions to keep the selection clearer and more consistent between
wpa_supplicant and hostapd uses.
Note: This change is not backwards compatible. Both the AP and station
side implementations will need to be updated at the same time to
maintain functionality.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Define a new WiFi test configuration attributes in QCA vendor
command to configure BA session parameters and to add or
delete a BA session and to configure no ack policy.
This is used for configuring the testbed device.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Define a new WiFi test configuration attribute in QCA vendor
command to allow or not to allow WEP/TKIP in HT/VHT/HE mode.
This is used for configuring the testbed device.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This makes it easier to understand why "SAE: Failed to select group"
debug entry shows up in cases the selected crypto library does not
support a specific group.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
India supports 5 GHz channels 169 and 173 now. Enable HT40 across
channels 165 and 169. Leave channel 173 to remain HT20 only.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Enhance QCA vendor specific APF interface to support write/read program
and/or data and to enable/disable APF feature.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Define a new QCA vendor sub command for configuring the device with wifi
test configuration. Add new test config attributes for this sub command
that are used to configure the device for testbed configuration.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The blocking timeout of this function was changed from 2 seconds to 10
seconds in this commit 1480633f ("Use longer timeout in
wpa_ctrl_request()"), but the description was never changed accordingly.
Signed-off-by: Simon Dinkin <simon.dinkin@tandemg.com>
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Add new QCA vendor commands and attributes to get thermal information
and send thermal shutdown related commands. Indicates the driver to
enter the power saving mode or resume from the power saving mode based
on the given temperature and thresholds.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Add additional NDP attributes and NDP subcommand value which is
provided as part of schedule update indication from driver/firmware
to HAL.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
The y coordinates for some of these PKEX role-specific points were
changed in the PKEX specification, so update the implementation to
match.
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>