Commit graph

3160 commits

Author SHA1 Message Date
Jouni Malinen
38279bdb35 D-Bus: Coding style cleanup
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
e3c4f0b5d5 D-Bus: Simplify message building error paths
There is no need to have multiple separate return statements for error
cases in a sequence of operations. In addition, there is not much point
in "converting" boolean return values with "if (!res) return FALSE;
return TRUE;" style constructions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
bba40b65b0 D-Bus: Fix GroupAdd, Invite, RemovePersistentGroup path validation
net_id_str can be NULL and that must be checked for to avoid NULL
pointer dereference if an invalid persistent_group_object path is used
with these methods.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
ce82168b55 D-Bus: Fix error message for Listen() failure
DBUS_ERROR_NO_MEMORY does not look like the best option for the failure
reason in case wpas_p2p_listen() fails.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
054dc3136f D-Bus: Clean up wpas_dbus_new_decompose_object_path()
None of the new D-Bus interface cases use the bssid_part in
decompose_object_path (while the old interface ones do). As such, this
is dead code and can be removed. In addition, the P2P addition here was
pretty ugly extension. Replace these with a cleaner way of passing the
separating string (e.g., "Networks") from the caller and returning the
requested item.

In addition, there is no need to allocate the returned item separately,
so use a single allocation and a pointer to that allocated memory. This
will make it easier for callers to have to free only a single
allocation. This is also fixing a memory leak in P2P invitation
persistent group case where the caller had missed the need to free the
returned values.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
b76ea413b1 D-Bus: Clean up parse_peer_object_path() uses
This helper function does not modify peer_path, so mark it const. In
addition, there is no point in callers to check separately whether
peer_path is NULL since that is taken care of by this helper function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
509618d35b D-Bus: Remove useless NULL check from static function
The entry argument cannot be NULL in this static function.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
1d12c08847 D-Bus: Add debug prints for parsing dict entries
This makes it easier to figure out what happens if there are issues with
processing messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
605325fb75 D-Bus: Remove useless wpa_s->conf checks
This cannot be NULL when an interface is in use. There is not much point
in couple of functions checking this while large number of other places
do not.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
88ce7938b0 D-Bus: Write Get/Set property name in debug log
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
5485798f40 D-Bus: Add more debug prints to cover operations
This adds the message signature to the new D-Bus interface message
handler and similar prints to the old interface messages handlers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
7fbe56b018 D-Bus: Fix property change timer update
eloop_is_timeout_registered() was called with incorrect context argument
which meant that the pending timeout would have never been found.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
3a593ff5b2 D-Bus (old): Fix removeNetwork method to not use freed memory
wpa_supplicant_deauthenticate() call needs to happen before
wpa_config_remove_network(). Freed memory could be dereferenced if
removeNetwork method was issued on the currently connected network.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
f11e797d4c D-Bus: Avoid valgrind warning due to compiler optimization
It looks like both gcc and clang optimize the (entry.type != foo ||
entry.array_type != bar) in a way that ends up evaluating the second
condition even when the first one results in 0. While this is not really
what the C language requirements on short-circuit evaluation require,
the compiler likely assumes this can have no side effects and with both
type and array_type being comparable in a single 64-bit operation, this
can clearly be a bit more efficient. While the code behaves same in both
cases, valgrind does warn about use of uninitialized memory when the
second condition is evaluated (entry.array_type is not initialized if
entry.type != DBUS_TYPE_ARRAY).

To keep valgrind logs cleaner, initialize entry.array_type to
DBUS_TYPE_INVALID so that these compiler optimizations do not result in
reading uninitialized memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:50:26 +02:00
Jouni Malinen
19d4dab759 D-Bus: Avoid compiler warning on sometimes uninitialized variable
The logic in wpas_dbus_signal_p2p_provision_discovery() seemed to imply
that there could be a case where _signal would be used uninitized. While
that is not the case since either (request || !status) or (!request &&
status) would always be true, some compilers do not seem to be clever
enough to figure that out to avoid the warning. Make this easier for
such compilers by removing the (!request && status) condition since it
is identical to !(request || !status).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-02 22:48:30 +02:00
Jouni Malinen
bc7baaff24 D-Bus: Make WPAS_DBUS_TYPE_BINARRAY value less confusing
Commit 911e97e400 ('DBus: Refactor array
adding, add binary arrays') introduced WPAS_DBUS_TYPE_BINARRAY as an
internal fake type for array_type. However, it selected this value to be
(DBUS_NUMBER_OF_TYPES + 100) = 116 = 't'. This happens to conflict with
DBUS_TYPE_UINT64 ((int) 't'). While none of the existing array_type use
cases supported UINT64, it is much clearer if WPAS_DBUS_TYPE_BINARRAY
has a value that does not match any existing DBUS_TYPE_* value. Replace
this with '@' (64).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-01-01 13:51:45 +02:00
Jouni Malinen
5f3682dc6f D-Bus: Fix dict binarray getter to accept empty array of array
This is needed to allow Set(P2PDeviceConfig) to clear the
VendorExtension array (i.e., to remove all configured vendor
extensions). Previously, such an attempt was met with a D-Bus assert and
rejection of the operation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-31 13:34:52 +02:00
Jouni Malinen
54e06b4ffb D-Bus: Fix memory leak on P2PDeviceConfig::VendorExtension
The wps_vendor_ext array can be set using D-Bus Set(P2PDeviceConfig)
with the VendorExtension key in the dictionary. However, there was no
code for freeing the allocated memory when the interface is removed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-31 13:07:13 +02:00
Jouni Malinen
68bb007743 D-Bus: Fix GONegotiationSuccess signal passphrase format
Passphrase is a variable length string of (8..63 characters), not a byte
array of fixed 64 octets.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-31 11:44:42 +02:00
Jouni Malinen
3cccf0b870 D-Bus: Make wpas_dbus_error_scan_error() static
This function is not used anywhere outside this file.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-31 11:00:54 +02:00
Jouni Malinen
2544394406 D-Bus: Fix ServiceDiscoveryResponse to accept int32 dialog_token
The ServiceDiscoveryRequest signal uses int32 for encoding dialog_token
for some reason (even though this is a u8 field).
ServiceDiscoveryResponse is supposed to accept the values from the
signal as-is, so extend that to accept int32 in addition to the
previously used uint32.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-31 10:47:31 +02:00
Jouni Malinen
9c4694ce7c D-Bus: Fix memory leaks on AddService/DeleteService error paths
The query and service parameters need to be freed on all paths to avoid
memory leaks in error cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-31 01:05:46 +02:00
Jouni Malinen
b07f1ebe0f D-Bus: Fix .Group Set(WPSVendorExtensions) format
The earlier implementation seemed to require a strange extra
encapsulation with a dictionary for setting the WPSVendorExtensions
property while this was defined to have aay signature and the get
operation did indeed return and array of array of bytes without that
dictionary. Fix this to accept aay format for the setter as well. Keep
support for the old dictionary encapsulation format for backwards
compatibility.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-30 22:22:39 +02:00
Jouni Malinen
8509fb5cce D-Bus: Fix memory leak on P2P GO WPSVendorExtensions
It was possible to add WPS vendor extensions through the D-Bus
WPSVendorExtensions setter, but these extensions were not freed when the
P2P GO was stopped or when replacing previously configured extensions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-30 22:22:39 +02:00
Jouni Malinen
4e70bbf1c6 SAE: Clear keys from memory on disassociation
There is no need to keep temporary keys in memory beyond the end of the
association, so explicitly clear any SAE buffers that can contain keys
as soon as such keys are not needed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 20:00:02 +02:00
Jouni Malinen
6df1973988 Clear psk_list while freeing config_ssid instances
Previously, the main PSK entry was cleared explicitly, but psk_list
could include PSKs for some P2P use cases, so clear it as well when
freeing config_ssid instances.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Jouni Malinen
e886c88e95 Explicitly clear the temporary stack-based PSK buffer
There is no need to leave this temporary key in stack memory after
having been configured to the WPA state machine.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Jouni Malinen
658da804e5 Explicitly clear the temporary stack-based key for WPA-None
There is no need to leave this temporary key in stack memory after
having been configured to the driver.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Jouni Malinen
f42df14415 WPS ER: Explicitly clear PSK from stack after use
There is no need to leave the PSK from temporary Credential structure
that was built in stack after that Credential has been passed to the WPS
module.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Jouni Malinen
ce52d031e5 Clear wpa_psk memory when setting up wpa_supplicant AP mode
This is more of a theoretical case since this part is done only during
setup and the structure is not allocated in practice. Anyway,
maintaining more consistent use of bin_clear_free() for structures that
may contain keys is useful.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 19:44:51 +02:00
Jouni Malinen
74df9c1c43 D-Bus(old): Remove duplicated blob->data check
This was already verified to be non-NULL above and there is no point in
having an extra check after the pointer has already been dereferenced.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
8193e01e5b D-Bus(old): Remove unnecessary wpa_supplicant_state_txt() check
This function cannot return NULL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
62856ad989 D-Bus(old): Fix removeNetwork and selectNetwork error handling
wpas_dbus_decompose_object_path() may leave the network part NULL on
unexpected path. This resulted in NULL pointer dereference when
processing an invalid removeNetwork or selectNetwork call. Fix this by
explicitly verifying that the network part was included in the object
path.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
84edd136b5 D-Bus(old): Fix interface to show correct err_msg for blob removal
The "Invalid blob name" string was not shown since the zero-length name
was used regardless of first verifying that it should not be allowed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
91c539c01d D-Bus(old): Fix WPS interface to require BSSID for wpsReg
External WPS Registrar operation requires the BSSID to be specified, so
the old D-Bus interface better apply that requirement as well.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
dddd870d16 D-Bus(old): Fix WPS interface for PIN from wpa_supplicant case
dbus_message_append_args() needs char** and &npin ended up being char*
and resulted in segmentation fault.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
5f136bc126 D-Bus: Fix P2P persistent group removal from non-D-Bus triggers
It is possible for the persistent group object to be added and removed
by non-D-Bus triggers (e.g., ctrl_iface commands). The add part was
already handled, but removal was not. That resulted in memory leaks when
a P2P persistent group was removed without using an explicit D-Bus
command for this even if the object was added without D-Bus involvement.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
d20be3a739 D-Bus: Fix WPS ConfigMethods getter to handle no value properly
wpas_dbus_simple_property_getter() cannot be used with NULL
DBUS_TYPE_STRING, so replace that with an empty string to handle the
case of no config_methods parameter in the configuration.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
11973b2682 D-Bus: Fix P2P peer joined/disconnected handlers
It is possible for the peer to be a non-P2P device and as such, for
p2p_dev_addr to be NULL. This resulted in NULL pointer dereference if
D-Bus interface was enabled for the interface when a legacy STA joined a
group.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
b8db1dfc5c Clear next_scan_freqs on wpa_supplicant FLUSH command
It was possible for old scan state to remain from a previous test case
when an operation like WNM neighbor scan or another-BSS-in-ESS was
started, but stopped at the end of a test case. This could result in
failures, e.g., when running wnm_bss_tm_req followed by scan_setband.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
f4637fe0fd wpa_supplicant: Set stdout line-buffered
This makes wpa_supplicant debug output in stdout line-buffered to remain
consistent with hostapd.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
010fa245bd Add QUIET=1 option for make
This can be used to reduce verbosity for build messages.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-29 15:49:05 +02:00
Jouni Malinen
49e3eea8d9 Avoid -Wshadow warnings from older gcc versions
It looks like gcc 4.8.2 would warn about these with -Wshadow, but 4.6.3
did.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-26 13:21:00 +02:00
Jouni Malinen
a193231dfb Clean up debug prints to use wpa_printf()
This converts most of the remaining perror() and printf() calls from
hostapd and wpa_supplicant to use wpa_printf().

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-26 13:20:57 +02:00
Jouni Malinen
36f0cf3774 privsep: Fix compilation due to associate() parameter updates
struct wpa_driver_associate_params moved to using struct
hostapd_freq_params instead of just frequency. Need to update wpa_priv
to do same.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-25 16:37:12 +02:00
Jouni Malinen
4a393fe9f8 WPS: Do not indicate PBC overlap for the same BSS
Even if the UUID would have a mismatch, e.g., due to no UUID known for
the target in a new WPS PBC instance, do not indicate PBC session
overlap if the BSSID is same in the two entries. This should not really
happen in normal use cases, but can happen at least in some test
scenarios where the same BSSID is used in consecutive test cases and the
old BSS entry remains in cfg80211 cache.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-25 16:37:12 +02:00
Jouni Malinen
3a322496f9 mesh: Delay Authentication frame process with no_auto_peer
There is a possible race condition between receiving the
NEW_PEER_CANDIDATE event and the Authentication frame from the peer.
Previously, if the Authentication frame RX event was indicated first,
that frame got dropped silently. Now, this frame is still dropped, but a
copy of it is stored and the frame gets processed on the following
NEW_PEER_CANDIDATE event if that is received for the same peer within
two seconds.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-23 13:44:38 +02:00
Jouni Malinen
d97a3c4885 SME: Optimize OBSS scanning
Include only the potentially affected channel range in OBSS scans to
reduce the amount of offchannel time needed for scanning when requested
by the AP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 22:07:03 +02:00
Jouni Malinen
267ac3bcd6 Add more debug prints for WPA/RSN selection issues for connection
ap_ft_sae test case managed to hit a somewhat unclear error case which
resulted in "WPA: Failed to select WPA/RSN" print and not enough
information to figure out what exactly had went wrong.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-22 13:49:52 +02:00
Masashi Honma
d5b95325de mesh: Fill Number of Peerings field in Mesh Formation Info
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-21 23:59:40 +02:00
Masashi Honma
46e8d90f6a mesh: Add debug message when peering limit is reached
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-21 23:55:44 +02:00
Masashi Honma
4b4093686b mesh: Make maximum number of peer links configurable
Maximum number of peer links is maximum number of connecting mesh peers
at the same time. This value is 0..255 based on the
dot11MeshNumberOfPeerings range.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-21 23:52:31 +02:00
Masashi Honma
9c58c5f72c mesh: Make beacon interval configurable
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-21 23:38:20 +02:00
Masashi Honma
3b797130d7 doc: Remove error on document creation
Unexpected trailing zero causes following error.

wpa_supplicant.sgml:472:53:E: character data is not allowed here

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-21 23:36:55 +02:00
Jouni Malinen
422ba11e30 Flush WPS registrar state on wpa_supplicant FLUSH command
This helps hwsim test cases by avoiding undesired state from previously
executed test cases affecting following tests.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-21 17:47:42 +02:00
Jouni Malinen
209702d4c9 Add possibility to set the setband parameter
Commit faf9a8585d added mechanism for
selecting 2.4 or 5 GHz band for scan operation. However, no mechanism
for setting the setband value was added at that time. This commit adds a
new SET ctrl_iface parameter to allow the setband functionality to be
used. "SET setband <AUTO/5G/2G>" can be used to select all bands, 5 GHz
band only, or 2.4 GHz band only.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-19 22:56:41 +02:00
Sunil Dutt
ee82e33d6a Do not trigger the scan during initialization on Android platforms
Android framework maintains a state to process the scan results after
the scan is issued. If wpa_supplicant issues the scan during the
initialization, the one issued by the framework may fail (with EBUSY) if
the host driver is already processing the scan. Thus, the scan results
returned for the first scan triggered by wpa_supplicant are not
processed for getting displayed resulting in delay for the display of
the first scan results after the Wi-Fi subsystem initialization. Thus,
trigger the scan only based on the framework request on Android.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-19 15:24:33 +02:00
Jouni Malinen
e69ae5ff31 Reject new SCAN commands if there is a pending request
FAIL-BUSY was already returned for the case where a scan had been
started, but with the radio work design, it would have been possible to
schedule multiple scan requests if a non-scan radio work was in
progress. Multiple back-to-back scans are not usually very helpful, so
reject this type of cases where the SCAN command would be used to build
such a sequence.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-19 15:14:38 +02:00
Jithu Jance
49e1e9ca88 P2P: Avoid truncation of long listen operation due to offchan tx
On receiving the cancel remain on channel event, the pending_tx
is scheduled immediately and returned. This was preventing
the wpas_p2p_listen_start function from execution thereby resulting
in termination of the long listen operation.

Signed-off-by: Jithu Jance <jithu@broadcom.com>
2014-12-18 16:41:40 +02:00
Jouni Malinen
0855e2e188 Do not allow network block scan_freq override SCAN command frequencies
The manual scan operations with the SCAN command are supposed to have
independent set of scan frequencies, so do not allow scan_freq
parameters to override scanned frequencies for scans that were triggered
with a SCAN command.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-15 00:55:56 +02:00
Masashi Honma
5b78493f3b mesh: Add mesh interface creation command for mesh gate
The mesh gate is used to bridge (or route) between mesh network and
another network. For example, mesh gate acts as router between mesh
network and IEEE 802.11 BSS network.

This command makes a virtual mesh interface to be used for mesh gate.

This command expects to be used like this.

wpa_cli -i wlan0 MESH_INTERFACE_ADD ifname=mesh0
wpa_cli -i mesh0 add_network
wpa_cli -i mesh0 set_network 0 ssid '"commell_2X_mmm"'
wpa_cli -i mesh0 set_network 0 mode 5
wpa_cli -i mesh0 set_network 0 frequency 2412
wpa_cli -i mesh0 set_network 0 key_mgmt SAE
wpa_cli -i mesh0 set_network 0 psk '"01234567"'
wpa_cli -i mesh0 mesh_group_add 0
wpa_cli -i wlan0 mesh_group_remove mesh0

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2014-12-14 23:27:43 +02:00
Jouni Malinen
e77007132e Extend wpa_supplicant STA* ctrl_iface commands for mesh
Since mesh functionality uses struct hostapd_data to maintain peer
state, the existing STA* control interface commands can be used to
display information about the peers.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 20:14:30 +02:00
Jouni Malinen
b0f33467a5 Clean up VHT override max A-MPDU override calculation
There is no need to use runtime call to find_first_bit() to determine
shift amount for a constant integer.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 18:48:59 +02:00
Led
2797486c4f Fix bashisms in wps-ap-cli script
Option '-p' of 'read' command may be unsupported in some POSIX-complete
shells. So replace 'read -p' with 'echo -n'/'read' pair.

Signed-off-by: Oleksandr Chumachenko <ledest@gmail.com>
2014-12-14 18:27:54 +02:00
Arkadiusz (Arkq) Bokowy
7b244d577a wpa_gui: Quiet mode - disable tray icon messages
If tray icon messages are perceived as disturbing, one can pass `-q`
parameter on the command line to disable them permanently.

Signed-off-by: Arkadiusz Bokowy <arkadiusz.bokowy@gmail.com>
2014-12-14 17:26:42 +02:00
Arkadiusz (Arkq) Bokowy
2087b64fef wpa_gui: More informative tray icon tool tip message
Show associated network SSID in the tool tip message of the
application's tray icon. When network is not associated, then simple
"(not-associated)" message is shown.

Signed-off-by: Arkadiusz Bokowy <arkadiusz.bokowy@gmail.com>
2014-12-14 17:23:43 +02:00
Jouni Malinen
81648d0041 SAE: Report connection failure if SME cannot build auth frame
Instead of just stopping connection process and network discovery,
report SAE failures to build Authentication frames (e.g., due to missing
password) as a connection failure to get the normal retry mechanism into
use.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 16:48:38 +02:00
Jouni Malinen
8e3afd7f6c offchannel: Use wpas_get_tx_interface() src parameter more consistently
Both the wpa_s->pending_action_src and src argument to
wpas_get_tx_interface() were used somewhat randomly. Make this more
consistent since these values are pointing to the same address and the
implementation is easier to understand when it is obvious that there is
only one address being used.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 15:47:04 +02:00
Jouni Malinen
568475b70b HS 2.0: Allow CANCEL_FETCH_OSU to stop at scan completion
There is no need to start the GAS/ANQP fetch if the FETCH_OSU operation
has already been canceled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
f77cedc11a WPS ER: Remove unnecessary return value
wps_er_deinit() cannot fail and it does not return anything, so neither
should wpas_wps_er_stop().

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-14 02:28:03 +02:00
Jouni Malinen
5407c69d15 Remove unnecessary STA_AUTOCONNECT handler function
This function could not fail and it can be replaced with a single
line variable update that takes less code than the function call.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-13 19:27:41 +02:00
Jouni Malinen
a1144000cd Remove unnecessary return value
wpa_bss_flush*() cannot fail and as such, there is no need for
wpa_supplicant_ctrl_iface_bss_flush() to return a value either.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-13 19:22:23 +02:00
Jouni Malinen
5ac73acf12 Simplify eapol_sm_get_mib() result handling
This function cannot return negative value, so no need to check for
that. If there is not enough room in the buffer or if something
unexpected happens, 0 is returned.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-13 19:15:38 +02:00
Jouni Malinen
43a66ecba3 Fix SCAN control interface command error cases
Update the scan parameters in wpa_s only in case the scan command is
going to be executed. In other words, do not change the parameters for
an ongoing scan (the SCAN command is rejected with FAIL-BUSY) or if any
of the parameters is invalid.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-12 01:12:15 +02:00
Jouni Malinen
2961bfa8e1 Remove unused send_eapol() driver op
The send_eapol() callback was used by driver_test.c, but with that
removed, there is no remaining users of the alternative EAPOL frame
transmitting mechanism in wpa_supplicant, i.e., all remaining driver
interfaces use l2_packet instead. Remove the send_eapol() to get rid of
unused code.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-11 15:40:07 +02:00
Jouni Malinen
b68d602dc4 Fix ANQP_GET/HS20_GET_ANQP parsing to skip space after address
The space following the BSSID was not skipped properly if the following
parameter started with the "hs20:" prefix. For other cases, atoi() ended
up ignoring the space, but it is cleaner to skip it anyway for all
cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-11 15:18:11 +02:00
Jouni Malinen
42a697256e P2P: Allow cross connection on the parent interface
Previously, any P2P capable interface was skipped in cross connection
uplink consideration. However, this ends up skipping more or less all
nl80211-based driver cases now since they mark the main interface P2P
capable. Relax this rule to allow the parent interface to be used as the
non-P2P station interface for cross connection purposes.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-10 01:54:27 +02:00
Jouni Malinen
97cfe110dc Clear wpa_s->disconnected on ctrl_iface FLUSH
This is needed to get into more consistent state after the FLUSH
command. DISCONNECT followed by FLUSH could result in
wpa_s->disconnected being left to 1 and this resulted in a test failure,
e.g., when running wpas_ctrl_dup_network followed by
wpas_ctrl_enable_disable_network where the latter was expecting
ENABLE_NETWORK on a disabled network to connect automatically and that
does not happen if wpa_s->disconnected == 1.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-08 16:22:13 +02:00
Jouni Malinen
aaadd72733 Check os_snprintf() result more consistently - more checks
Add more os_snprintf() result validation checks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
1d39977136 Check os_snprintf() result more consistently
While these are using practically large enoungh buffer sizes, it is
better to be more consistent with checking os_snprintf() return value.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
1f102d3bb0 Check os_snprintf() result more consistently - manual
This converts os_snprintf() result validation cases to use
os_snprintf_error() for cases that were note covered by spatch and
semantic patches.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
eeab4f2fda Check os_snprintf() result more consistently - automatic 3
This converts os_snprintf() result validation cases to use
os_snprintf_error() where the comparison was 'res > size' instead of
'res >= size - 1'. These changes were done automatically with spatch
using the following semantic patch:

@@
identifier E1;
expression E2,E3,E4,E5,E6;
statement S1;
@@

(
  E1 = os_snprintf(E2, E3, ...);
|
  int E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else if (E6)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = 0;
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else if (E6) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	E1 = os_snprintf(E2, E3, ...);
  }
)
? os_free(E4);
- if (E1 < 0 || (size_t) E1 >= E3 - 1)
+ if (os_snprintf_error(E3, E1))
(
  S1
|
{ ... }
)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
7bdd8981f7 Check os_snprintf() result more consistently - automatic 2
This converts os_snprintf() result validation cases to use
os_snprintf_error() where the comparison was 'res > size' instead of
'res >= size'. These changes were done automatically with spatch using
the following semantic patch:

@@
identifier E1;
expression E2,E3,E4,E5,E6;
statement S1;
@@

(
  E1 = os_snprintf(E2, E3, ...);
|
  int E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else if (E6)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = 0;
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else if (E6) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	E1 = os_snprintf(E2, E3, ...);
  }
)
? os_free(E4);
- if (E1 < 0 || \( E1 > E3 \| (size_t) E1 > E3 \| E1 > (int) E3 \))
+ if (os_snprintf_error(E3, E1))
(
  S1
|
{ ... }
)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
d85e1fc8a5 Check os_snprintf() result more consistently - automatic 1
This converts os_snprintf() result validation cases to use
os_snprintf_error() where the exact rule used in os_snprintf_error() was
used. These changes were done automatically with spatch using the
following semantic patch:

@@
identifier E1;
expression E2,E3,E4,E5,E6;
statement S1;
@@

(
  E1 = os_snprintf(E2, E3, ...);
|
  int E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = os_snprintf(E2, E3, ...);
|
  if (E5)
	E1 = os_snprintf(E2, E3, ...);
  else if (E6)
	E1 = os_snprintf(E2, E3, ...);
  else
	E1 = 0;
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else if (E6) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	return -1;
  }
|
  if (E5) {
	...
	E1 = os_snprintf(E2, E3, ...);
  } else {
	...
	E1 = os_snprintf(E2, E3, ...);
  }
)
? os_free(E4);
- if (E1 < 0 || \( E1 >= E3 \| (size_t) E1 >= E3 \| (unsigned int) E1 >= E3 \| E1 >= (int) E3 \))
+ if (os_snprintf_error(E3, E1))
(
  S1
|
{ ... }
)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
a80ba67a26 Check os_snprintf() result more consistently - success case
This converts os_snprintf() result validation cases to use
os_snprintf_error() in cases where success condition was used to execute
a step. These changes were done automatically with spatch using the
following semantic patch:

@@
expression E1,E2,E3;
statement S1;
@@

  E1 = os_snprintf(E2, E3, ...);
- if (\( E1 >= 0 \| E1 > 0 \) && \( (size_t) E1 < E3 \| E1 < (int) E3 \| E1 < E3 \))
+ if (!os_snprintf_error(E3, E1))
  S1

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
a9aaacbb50 Check os_snprintf() result more consistently - maximum length
This adds verification of os_snprintf() result against the maximum
buffer length. These changes were done automatically with spatch
using the following semantic patch:

@@
expression E1,E2,E3;
statement S1;
@@

  E1 = os_snprintf(E2, E3, ...);
- if (\( E1 < 0 \| E1 <= 0 \))
+ if (os_snprintf_error(E3, E1))
(
  S1
|
{ ... }
)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
faebdeaa9e Use os_calloc() instead of os_zalloc()
Automatic changes with spatch using the following semantic patch:

@@
constant C;
type T;
@@

- os_zalloc(C*sizeof(T))
+ os_calloc(C,sizeof(T))

@@
expression E;
type T;
@@

- os_zalloc((E)*sizeof(T))
+ os_calloc(E,sizeof(T))

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
c054190603 Fix DUP_NETWORK debug print on error case
Incorrect network id was printed in debug output if DUP_NETWORK
destination network was not found.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:07 +02:00
Jouni Malinen
49328f0756 Remove unnecessary ctrl_iface command check
MESH_GROUP_REMOVE always passes in the cmd pointer, so this cannot
really be NULL.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:42:06 +02:00
Jouni Malinen
d02dcb28bc Remove unnecessary ctrl_iface cmd check
This pointer cannot be NULL sicne it is called only from this file and
with a valid pointer to the received command.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-08 11:07:56 +02:00
Jouni Malinen
d84416a2af Interworking: Make bounds checking easier for static analyzers
'num * 5 > end - pos' handles bounds checking a bit more efficiently,
but apparently that is not clear enough for all static analyzers.
Replace with 'num > left / 5' to avoid false reports. (CID 68117)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 19:25:14 +02:00
Jouni Malinen
8105821b39 Replace send_ft_action() driver_op with send_action()
This reduced number of unnecessarily duplicated driver interface
callback functions for sending Action frames by using the more generic
send_action() instead of FT specific send_ft_action().

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-06 18:13:29 +02:00
Jouni Malinen
bc0ba01d70 WFD: Allow WFD_SUBELEM_SET/GET all to be used with full IE buffer
This extends the previously used WFD_SUBELEM_SET/GET <subelem id> design
to allow special "all" value to be used as an id to indicate that all
WFD subelements are to be set/get. This uses similar interface as was
previously added over D-Bus.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-05 15:22:33 +02:00
Jouni Malinen
f80936094e WMM-AC: Use DEBUG verbosity for ignoring Action frame messages
There is no point in flooding the log with WARNING or ERROR level
messages if WMM-AC related Action frames are ignored in cases where they
were not expected. In addition, WARNING/ERROR should not really be used
in cases an invalid frame is dropped especially if this is not related
to a security setup since external devices could otherwise generate log
entries.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-05 13:17:57 +02:00
Jouni Malinen
0570a3ea7d HS 2.0: Clarify OSU Provider list length validation
The previous version was somewhat too complex for some static analyzers.
Use local variables for the extracted length fields and explicitly
compare these against the remaining buffer length. (CID 68121)

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-05 00:56:05 +02:00
Jouni Malinen
65d9a5e254 ERP: Add wpa_supplicant ERP_FLUSH ctrl_iface command
This can be used to flush all the ERP keys.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-04 12:16:29 +02:00
Jouni Malinen
02a8d45ace ERP: Add support for ERP on EAP peer
Derive rRK and rIK on EAP peer if ERP is enabled. The new wpa_supplicant
network configuration parameter erp=1 can now be used to configure the
EAP peer to derive EMSK, rRK, and rIK at the successful completion of an
EAP authentication method. This functionality is not included in the
default build and can be enabled with CONFIG_ERP=y.

If EAP authenticator indicates support for re-authentication protocol,
initiate this with EAP-Initiate/Re-auth and complete protocol when
receiving EAP-Finish/Re-auth.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-12-04 12:16:29 +02:00
Dmitry Shmidt
f34891a3af Return only full network line in list_networks
It makes more sense to truncate at line boundary especially with the new
LAST_ID parameter.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
2014-12-03 22:31:53 +02:00
Vinit Deshpande
90903a77ef List all networks despite message limit of 4096 bytes
This change creates 'LIST_NETWORK LAST_ID=x' form to allow
retrieval of all networks saved in the system. Without this form,
only first few (whatever fills in first 4096 bytes) can be
retrieved.

Signed-off-by: Vinit Deshpande <vinitd@google.com>
2014-12-02 23:47:27 +02:00
Jouni Malinen
44177b69e8 Allow a BSS entry with all-zeros BSSID to expire
wpa_bss_in_use() used to determine that a BSS with BSSID of
00:00:00:00:00:00 is in use in almost every case since either
wpa_s->bssid or wpa_s->pending_bssid was likely to be cleared. This
could result in a corner case of a BSS entry remaining in the BSS table
indefinitely if one was added there with a (likely bogus) address of
00:00:00:00:00:00. Fix this by ignore wpa_s->bssid and
wpa_s->pending_bssid if the BSSID in the BSS table entry is
00:00:00:00:00:00.

In theory, that address is a valid BSSID, but it is unlikely to be used
in any production AP, so the potential expiration of a BSS entry with
that address during a connection attempt would not be a concern
(especially when a new scan would be enough to recover from that).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-12-02 19:46:58 +02:00