Dmitry Shmidt [Wed, 23 Nov 2011 14:29:28 +0000 (16:29 +0200)]
Android: nl80211: Add Android specific PNO configuration
This is based on the Android driver_cmd changes that are converted to
use the sched_scan/stop_sched_scan driver_ops for the case where the
driver does not support the new nl80211 commands.
Change-Id: Iaedc340f84650af422bd2ea57d2a8b0a9d4a5330
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Dmitry Shmidt [Fri, 25 Nov 2011 19:49:03 +0000 (21:49 +0200)]
Android: wext: Add sched_scan functions for PNO
(jm: This is based on the Android change that used driver_cmd. The same
implementation is used for the actual driver interface, but the commands
are now accessed through sched_scan/stop_sched_scan driver_ops instead
of driver_cmd)
Dmitry Shmidt [Fri, 25 Nov 2011 19:08:52 +0000 (21:08 +0200)]
Android: wext: Add driver state events
Dmitry Shmidt [Tue, 29 Nov 2011 10:56:32 +0000 (12:56 +0200)]
Fix pno_start() to initialize SSID list properly
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Jouni Malinen [Mon, 28 Nov 2011 16:36:36 +0000 (18:36 +0200)]
Use normal scan before sched_scan if that can speed up connection
When normal scan can speed up operations, use that for the first three
scan runs before starting the sched_scan to allow user space sleep more.
We do this only if the normal scan has functionality that is suitable
for this or if the sched_scan does not have better support for multiple
SSIDs.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 28 Nov 2011 16:12:38 +0000 (18:12 +0200)]
Add broadcast SSID for sched_scan for scan_ssid=0 networks
Previously, only networks with scan_ssid=1 were included in sched_scan.
This needs to behave similarly to the normal scan where broadcast SSID
is used to find networks that are not scanned for with a specific SSID.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 28 Nov 2011 16:09:37 +0000 (18:09 +0200)]
Use common code for disabled network case in sched_scan
There is no need to implement two copies of the iteration code here.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 28 Nov 2011 15:52:36 +0000 (17:52 +0200)]
Drop sched_scan filter if not enough match sets supported
Instead of including only a single SSID in the sched_scan request if
the driver does not support match sets, just drop the SSID filter and
configure more SSIDs up to the sched_scan limit.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 28 Nov 2011 15:52:02 +0000 (17:52 +0200)]
Make sched_scan debug clearer on timeout use
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 28 Nov 2011 14:35:30 +0000 (16:35 +0200)]
Stop sched_scan on DISCONNECT command
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 28 Nov 2011 14:32:44 +0000 (16:32 +0200)]
Add preferred network offload (PNO) functionality
"SET pno <1/0>" ctrl_iface command can now be used to start/stop PNO
with sched_scan driver commands. This will request offloading of
scanning to find any of the enabled networks in the configuration.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 28 Nov 2011 13:19:41 +0000 (15:19 +0200)]
Fix sched_scan filter_ssids setting for no filters case
The filter_ssids pointer needs to be set to NULL if no SSID filters
are set to avoid filtering out all scan results.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sun, 27 Nov 2011 21:00:37 +0000 (23:00 +0200)]
Interworking: Verify that BSS information includes SSID
Better make sure that the SSID is available before dereferencing
the pointer to the SSID element.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 20:45:01 +0000 (22:45 +0200)]
EAP-AKA: Use strdup instead of strlen + malloc + memcpy
While the copy is not used as a null terminated string, this can prevent
some static analyzers from complaining about non-issue.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 20:43:21 +0000 (22:43 +0200)]
EAP-PEAP: Remove unused hdr assignment
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 20:41:38 +0000 (22:41 +0200)]
EAP-PSK: Fix memory leak on error path
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 20:33:54 +0000 (22:33 +0200)]
TLS: Add support for SHA256-based cipher suites from RFC 5246
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 20:17:41 +0000 (22:17 +0200)]
wpa_passphrase: Include SHA256 objects to fix some build combinations
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 20:13:52 +0000 (22:13 +0200)]
TLS: Update file headers to include TLS v1.2 support
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:58:52 +0000 (21:58 +0200)]
Include TLS v1.1 and v1.2 support in library build
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:58:27 +0000 (21:58 +0200)]
TLS: Allow TLS v1.2 to be negotiated
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:56:26 +0000 (21:56 +0200)]
TLS: Add TLS v1.2 style CertificateVerify functionality
Add support for generating and verifying RFC 3447 RSASSA-PKCS1-v1_5
style DigestInfo for TLS v1.2 CertificateVerify. For now, this is
hardcoded to only support SHA256-based digest.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:54:15 +0000 (21:54 +0200)]
TLS: Add SHA256-based verify_data derivation for TLS v1.2
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:48:34 +0000 (21:48 +0200)]
TLS: Maintain SHA256-based hash values for TLS v1.2
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:45:07 +0000 (21:45 +0200)]
TLS: Add build configuration for TLS v1.2 support
This allows the internal TLS implementation to be built for TLS v1.2
support. In addition to the build option, this changes the TLS PRF
based on the negotiated version number. Though, this commit does not
yet complete support for TLS v1.2.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:38:25 +0000 (21:38 +0200)]
TLS: Assume explicit IV for TLS v1.1 and newer
This is needed to allow TLS v1.2 to be supported.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:36:56 +0000 (21:36 +0200)]
TLS: Increase maximum MAC key from 20 to 32 octets
This is in prepartion of adding support for SHA256-based operations
with TLS v1.2.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:35:11 +0000 (21:35 +0200)]
TLS: Pass version to tls_prf() in preparation for new PRFs
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:27:01 +0000 (21:27 +0200)]
Rename tls_prf() to tls_prf_sha1_md5()
Prepare for multiple TLS PRF functions by renaming the SHA1+MD5 based
TLS PRF function to more specific name and add tls_prf() within the
internal TLS implementation as a wrapper for this for now.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:20:18 +0000 (21:20 +0200)]
TLS: Add helper functions for version number handling
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:07:44 +0000 (21:07 +0200)]
Add implementation of TLS v1.2 PRF (P_SHA256)
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:05:10 +0000 (21:05 +0200)]
hostapd: Define CONFIG_SHA256 for SHA256 builds
wpa_supplicant was already doing this and hostapd will need to define
this for future additions.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 19:00:59 +0000 (21:00 +0200)]
Add SHA256-hash functions to generic crypto_hash_* functions
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 16:33:11 +0000 (18:33 +0200)]
test-https: Fix memory leaks in TLS processing
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 27 Nov 2011 11:21:36 +0000 (13:21 +0200)]
TLS: Add a debug information on unsupported private key format
Provide easier to understand reason for failure to use the old
OpenSSL encrypted private key format.
Signed-hostap: Jouni Malinen <j@w1.fi>
Dmitry Shmidt [Tue, 23 Aug 2011 19:30:30 +0000 (12:30 -0700)]
wpa_cli: Add action script call on P2P-GO-NEG-FAILURE events
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Jouni Malinen [Tue, 15 Nov 2011 18:10:23 +0000 (20:10 +0200)]
wext: Define some new values if linux/wireless.h is too old
IW_ENCODE_ALG_PMK and IW_ENC_CAPA_4WAY_HANDSHAKE are not defined in the
Android tree, so add compatibility defines for these.
Signed-hostap: Jouni Malinen <j@w1.fi>
Dmitry Shmidt [Thu, 21 Jul 2011 22:19:46 +0000 (15:19 -0700)]
P2P: Send STA connected/disconnected events to parent ctrl_iface
Send the connection events from P2P group to both the group interface
and parent interface ctrl_ifaces to make it easier for external monitor
programs to see these events without having to listen to all group
interfaces when virtual group interfaces are used.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Jouni Malinen [Fri, 25 Nov 2011 16:12:04 +0000 (18:12 +0200)]
Fix sched_scan filter setting for max_match_sets == 0
The previous implementation was trying to add the first SSID
to a zero-length array. Avoid this with an explicit validation
of the array length.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 25 Nov 2011 15:46:00 +0000 (17:46 +0200)]
nl80211: Do not set sched_scan filter if driver does not support it
cfg80211 will reject the NL80211_CMD_START_SCHED_SCAN if too many
match sets are requested. To avoid being completely unable to start
any scheduled scans, skip setting these filters if the driver did
not advertise support for large enough number of match sets.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 25 Nov 2011 11:11:22 +0000 (13:11 +0200)]
nl80211: Implement set_p2p_powersave for legacy_ps changes
This adds initial implementation of set_p2p_powersave to allow legacy PS
mode to be configured. P2P PS parameters are not yet supported.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 24 Nov 2011 20:46:14 +0000 (22:46 +0200)]
Use wpa_key_mgmt_*() helpers
This cleans up the source code and makes it less likely that new AKM
addition misses some needed changes in the future.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 24 Nov 2011 20:30:15 +0000 (22:30 +0200)]
Do not save an invalid network block in wpa_supplicant.conf
wpa_supplicant is going to reject a configuration file that uses
WPA/WPA2-Personal (the default key_mgmt), but does not define
passphrase/PSK. Refuse to save such a configuration to avoid getting
stuck with a configuration that wpa_supplicant will reject.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 24 Nov 2011 20:22:16 +0000 (22:22 +0200)]
Do not write all zeros device_type
This is the default value if device_type is not set, so do not
write it to the wpa_supplicant configuration file when saving
updated configuration.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 24 Nov 2011 20:05:33 +0000 (22:05 +0200)]
WPS: Include WSC IE in (Re)Association Response for maybe-WPS case
If the station is indicating use of WPS, WSC IE should be added into the
(Re)Association Response frame. This is clear for the case when WSC IE
was included in the (Re)Association Request frame. However, even the
WLAN_STA_MAYBE_WPS case may actually indicate use of WPS. Assume that to
be the case when WPA/WPA2 is enabled (i.e., when the STA does not
include WPA/RSN/WSC IE while AP has WPA/RSN enabled).
Signed-hostap: Jouni Malinen <j@w1.fi>
Dmitry Shmidt [Tue, 19 Apr 2011 23:42:47 +0000 (16:42 -0700)]
Add 'get country' command
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
David Spinadel [Thu, 24 Nov 2011 19:19:52 +0000 (21:19 +0200)]
wpa_cli: Correct return value of wpa_cli_cmd_p2p_peers
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Jouni Malinen [Thu, 24 Nov 2011 18:54:20 +0000 (20:54 +0200)]
Add test program for RC4 (test vectors from RFC 6229)
Signed-hostap: Jouni Malinen <j@w1.fi>
Dmitry Shmidt [Wed, 23 Nov 2011 15:58:44 +0000 (17:58 +0200)]
Android: Move WPA_BUILD check in Android.mk
This is part of commit
e61a2d6db6113da5fad91660764afdb0596dbc46 from
Android wpa_supplicant_8.git.
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Jeff Brown [Wed, 23 Nov 2011 15:56:41 +0000 (17:56 +0200)]
Android: Remove the simulator target from all makefiles
This is commit
bbda627478b0e9a312fea4662cd7cd8d6bdf82bf from
Android wpa_supplicant_8.git.
Jouni Malinen [Sun, 20 Nov 2011 10:53:29 +0000 (12:53 +0200)]
Move wpa_sm_remove_pmkid() call to PMKSA cache entry freeing
This makes it clearer that the PMKSA caching entry gets removed from
the driver regardless of how the internal entry from wpa_supplicant
gets cleared. In practice, this call was skipped only for the case
when the entry for the current AP was being updated, so the previous
version was likely to work with all drivers. Anyway, it is cleaner
to explicitly remove the old entry even in that case before the new
entry gets added.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Nov 2011 10:42:47 +0000 (12:42 +0200)]
Fix wired EAPOL authenticator
Commit
940a0ce9702095bb079bd97857a2605516f83157 moved the STA associated
check from driver_*.c into ieee802_1x_receive(), but failed to take into
account that wired networks and driver_wired.c do not mark the STA entry
associated. Fix this by skipping the check if the driver wrapper is
using a wired network.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 20 Nov 2011 10:19:28 +0000 (12:19 +0200)]
Avoid possible compiler warning in os_gmtime()
Use time_t instead of os_time_t variable with the gmtime() call to
avoid possible compiler warnings.
Signed-hostap: Jouni Malinen <j@w1.fi>
Kel Modderman [Sat, 19 Nov 2011 18:10:37 +0000 (20:10 +0200)]
wpa_gui-qt4: Improve scan results signal display
Display signal strength in dBm with visual indicator in the form of a
bar for scan results displayed by wpa_gui-qt4. Any signal > -35dBm is
treated as full signal bar, signals between range of -95<->-35dBm are
displayed linearly. Convert WEXT signal level value to scale that
nl80211 typically reports in dBm. The condition which differentiates
8-bit WEXT dBm and regular dBm is probably fragile, but there is
currently no way to know what the driver is going to report for signal
strength.
Signed-off-by: Kel Modderman <kel@otaku42.de>
Johannes Berg [Sat, 19 Nov 2011 17:56:34 +0000 (19:56 +0200)]
nl80211: Set offchannel-OK selectively
It's not really valid to send off-channel in all cases,
so pass whether it should be allowed or not and don't
set it in the AP case.
Also, to get the right ifindex for hostapd, pass a bss
pointer instead of the drv pointer.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Sat, 19 Nov 2011 17:48:49 +0000 (19:48 +0200)]
nl80211: Move preq NL handle into BSS
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Sat, 19 Nov 2011 17:32:05 +0000 (19:32 +0200)]
nl80211: Add no_ack support for NL80211_CMD_FRAME
This is needed to allow no-ACK operation with Probe Response frames
in P2P Listen state.
Signed-hostap: Jouni Malinen <j@w1.fi>
Helmut Schaa [Sat, 19 Nov 2011 17:22:13 +0000 (19:22 +0200)]
nl80211: Implement noack policy for send_mlme
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
Jouni Malinen [Sat, 19 Nov 2011 17:15:10 +0000 (19:15 +0200)]
P2P: Send Listen state Probe Response frames without retries
Use the no-ACK send_mlme request to transmit Probe Response frames
in P2P Listen state. This reduces number of unnecessary transmissions
if the peer device has already moved away from the channel. It will most
likely go through Search state multiple times anyway, so even if the
response were to be lost, a new retry will happen at higher layer.
Signed-hostap: Jouni Malinen <j@w1.fi>
Helmut Schaa [Sat, 19 Nov 2011 17:09:49 +0000 (19:09 +0200)]
Avoid excessive probe response retries
Some client implementations only wait a few ms after sending a probe
request while scanning. Since probe responses are always sent at a low
rate this can eat quite some airtime and it might be impossible to get
the frame out before the client leaves the channel again. If the client
leaves before all probe reponses where acked this can cause the probe
reponse to be retried quite often consuming even more airtime.
Hence, add a new noack flag to the driver's send_mlme callback that
allows hostapd to request whether the driver should expect an ACK for
this frame or not.
Use the new noack-policy only for broadcast probe requests that contain
a wildcard SSID.
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
Helmut Schaa [Sat, 19 Nov 2011 17:02:05 +0000 (19:02 +0200)]
Allow MLME frames to be sent without expecting an ACK (no retries)
In some situations it might be benefical to send a unicast frame without
the need for getting it ACKed (probe responses for example). In order to
achieve this add a new noack parameter to the drivers send_mlme callback
that can be used to advise the driver to not wait for an ACK for this
frame.
Signed-hostap: Helmut Schaa <helmut.schaa@googlemail.com>
Jouni Malinen [Sat, 19 Nov 2011 15:01:53 +0000 (17:01 +0200)]
Do not try to add wildcard SSID into active sched_scan
Even though scan_ssid should not really be set for wildcard SSID,
better verify that here explicitly insead of assuming that the
SSID is set.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 19 Nov 2011 14:52:52 +0000 (16:52 +0200)]
EAP-pwd: Remove struct eap_pwd_hdr
This structure was not really used for anything apart from figuring out
length of the EAP-pwd header (and even that in a way that would not work
with fragmentation). Since the bitfields in the structure could have
been problematic depending on target endianness, remove this unnecessary
structure.
Signed-hostap: Jouni Malinen <j@w1.fi>
Dan Harkins [Sat, 19 Nov 2011 14:47:25 +0000 (16:47 +0200)]
EAP-pwd: Fix zero-padding of input to H()
Another niceness of OpenSSL is that if the high-order bit of a 521-bit
big num is not set then BN_bn2bin() will just return 65 bytes instead of
66 bytes with the 1st (big endian, after all) being all zero. When this
happens the wrong number of octets are mixed into function H(). So
there's a whole bunch of "offset" computations and BN_bn2bin() dumps the
big number into a buffer + offset. That should be obvious in the patch
too.
Dan Harkins [Sat, 19 Nov 2011 14:43:49 +0000 (16:43 +0200)]
EAP-pwd: Fix KDF for group 21
The previous EAP-pwd KDF implemented has an issue with group 21, that is
an elliptic curve group based on a 521 bit prime. 521 is not an even
multiple of 8, and therein lies the problem.
OpenSSL's BN library interprets a string of bits as in big-endian format
so all the calls of BN_bin2bn() will take the binary blob of bits and
turn it into a big number in big-endian format. In the EAP-pwd KDF, I am
stretching the key to "primebitlen". When that is not an even multiple
of 8 I have to mask off the excess. But I was masking off the excess
bits in the 1st octet (big endian after all) but that isn't right. The
KDF produces a string of endian-less bits. The 521st bit is the first
bit in the last octet, not the 7th bit in the first octet. So that has
been fixed and you can see in the attached diff what I'm doing.
Dan Harkins [Sat, 19 Nov 2011 14:32:21 +0000 (16:32 +0200)]
EAP-pwd: Document group configuration for hostapd authentication server
Johannes Berg [Sat, 19 Nov 2011 12:23:46 +0000 (14:23 +0200)]
nl80211: Support in-kernel station poll
If the kernel supports this, don't use manual null
data frame transmissions. This is one thing to get
rid of cooked monitor interfaces.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Sat, 19 Nov 2011 12:00:53 +0000 (14:00 +0200)]
nl80211: Use non-receiving socket for EAPOL TX
The non-monitor TX currently uses a normal L2 abstraction
socket, but that will also receive frames we don't want,
so use a plain socket that isn't bound for RX. This might
be possible using the L2 abstraction, but we need a plain
socket later for getting TX status events here.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Sat, 19 Nov 2011 11:42:49 +0000 (13:42 +0200)]
nl80211: Use device AP SME capability
This changes the auto-detection of whether or not the device contains
the AP SME away from monitor interface addition failing to the explicit
attribute in nl80211. Keep the old auto-detection for a little while so
that ath6kl isn't broken right away.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Jouni Malinen [Sat, 19 Nov 2011 11:40:07 +0000 (13:40 +0200)]
nl80211: Sync with wireless-testing.git linux/nl80211.h
Signed-hostap: Jouni Malinen <j@w1.fi>
Johannes Berg [Sat, 19 Nov 2011 11:00:30 +0000 (13:00 +0200)]
AP: Add explicit EAPOL TX status event
The new event can be used when EAPOL TX status can't be reported as a
complete 802.11 frame but is instead reported as just the EAPOL data as
originally passed to hapd_send_eapol().
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Maciej Szmigiero [Sat, 19 Nov 2011 10:06:59 +0000 (12:06 +0200)]
OpenSSL: Read certificate chain from server_cert file
Currently OpenSSL implementation of TLS in hostapd loads only top
certificate in server certificate file. Change this to try to the
whole chain first and only if that fails, revert to old behavior.
Signed-off-by: Maciej Szmigiero <mhej@o2.pl>
Alan T. DeKok [Sat, 19 Nov 2011 09:46:39 +0000 (11:46 +0200)]
wpa_supplicant: Make objects depend on the .config file
The source code compiles into different objects depending on
the contents of .config. Therefore, the objects should depend
on .config.
Previously, only the executables depended on .config. This meant
that they were re-linked when .config changed. But that relink
process used the old (and now wrong) objects.
Jithu Jance [Sat, 19 Nov 2011 09:23:49 +0000 (11:23 +0200)]
nl80211: Implement shared_freq
This patch implements shared_freq handler for driver_nl80211.c. If a
"p2p_group_add" happens after legacy STA association, then this patch
will help to start the GO on the same frequency. This is useful when
supplicant is started on multiple interface running over a singly "PHY"
and the station interface is not used for the P2P device operations.
For example, wpa_supplicant -iwlan0 .. -N -iwlan1 ... and wlan0 is used
for station connection and wlan1 as the P2P device interface.
Signed-hostap: Jithu Jance <jithu@broadcom.com>
Ben Greear [Fri, 18 Nov 2011 21:41:52 +0000 (23:41 +0200)]
nl80211: Make MLME failure messages unique
Without this, it is impossible to tell exactly which
MLME code returned the error.
Also, convert to wpa_dbg so that we get device names
in the messages.
Signed-hostap: Ben Greear <greearb@candelatech.com>
Johannes Berg [Fri, 18 Nov 2011 21:34:53 +0000 (23:34 +0200)]
P2P: Clear WPS method when GO negotiation fails
When GO negotation fails the WPS method is currently not cleared, which
can result in GO negotiation being resumed when a GO negotiation request
frame is received from the peer. That is unexpected as locally we
already gave up.
This manifests itself in getting
1319574733.955685: wlan0: P2P-GO-NEG-FAILURE status=-1
1319574733.955723: P2P: Removing pending group interface p2p-wlan0-0
...
1319574736.648378: wlan0: P2P: Starting GO Negotiation with previously
authorized peer
...
1319574736.650115: wlan0: P2P: Sending GO Negotiation Response
...
1319574736.988038: wlan0: P2P-GO-NEG-SUCCESS
1319574736.988233: P2P: No pending group interface
1319574736.988268: P2P: Create a new interface p2p-wlan0-1 for the group
Clear the WPS method to avoid this situation. I wasn't
able to test this though, but given the log I can only
assume this is how the situation happened.
Reported-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Fri, 18 Nov 2011 21:32:03 +0000 (23:32 +0200)]
P2P: Simplify code in wpas_p2p_connect()
There's some duplicated code there that can be simplified
with just a single new variable.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Dan Williams [Fri, 18 Nov 2011 21:23:45 +0000 (23:23 +0200)]
nl80211: Fix UNSPEC signal quality reporting
r->level got assigned so it's clearly not INVALID; instead
r->qual should be invalid.
Signed-hostap: Dan Williams <dcbw@redhat.com>
Jithu Jance [Fri, 18 Nov 2011 21:13:03 +0000 (23:13 +0200)]
P2P: Indicate GO Negotiation failure on peer expiration
If P2P device expires while a GO Negotiation is in progress, currently
p2p->go_neg_peer is cleared without indicating GO Nego failure. This
will result in pending group interfaces to be left over. This patch will
indicate GO Negotiation failure and will remove any pending group
interfaces.
This patch addresses a corner case in GO-Negotiation case. Consider the
scenario where two devices A and B are in discovery stage and Device B
vanishes [moves out of range] when a connect is issued on the Device A.
Then Device A keeps on retrying the GO Negotiation Request till the
retry limit is reached. On reaching retry limit, the pending group
interface is removed. But suppose if the peer entry in the device list
expires before the retry limit is reached, then pending group interface
was not removed.
Signed-off-by: Jithu Jance <jithu@broadcom.com>
Eyal Shapira [Fri, 18 Nov 2011 21:05:57 +0000 (23:05 +0200)]
sched scan: Fix passive scanning
Scan wasn't initiated in case the config contained only networks without
scan_ssid. In such a case we want scan to be initiated without any SSIDs
to actively scan but include all the SSIDs in the filter list. Also
added some debug logs to easily see which SSIDs were included in which
list.
Cc: Luciano Coelho <coelho@ti.com>
Signed-off-by: Eyal Shapira <eyal@wizery.com>
Jouni Malinen [Fri, 18 Nov 2011 20:07:30 +0000 (22:07 +0200)]
Use NULL instead of 0 for pointers
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 18 Nov 2011 19:58:18 +0000 (21:58 +0200)]
P2P: Fix collection of member-in-group information for peer entries
Invalid use of memcpy instead of memcmp in comparison resulted in the
GO interface address getting set incorrectly if the GO did not show up
in scan results anymore.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 18 Nov 2011 19:53:36 +0000 (21:53 +0200)]
Mark local functions static
These functions are not used outside the file in which they are defined.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 18 Nov 2011 19:53:03 +0000 (21:53 +0200)]
Include wpa_auth_glue.h to verify function prototypes
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 18 Nov 2011 19:43:43 +0000 (21:43 +0200)]
Include list.h after trace.h to avoid offsetof refinition
trace.h may end up including system header files that define offsetof,
so include the compatibility definition from list.h only after this.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 18 Nov 2011 19:41:37 +0000 (21:41 +0200)]
Include wpa_supplicant_i.h to verify function prototype match
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 18 Nov 2011 19:39:10 +0000 (21:39 +0200)]
Remove incorrect le16 type cast
HT_INFO_OPERATION_MODE_OP_MODE_MASK is used with variables in host
byte order, so it should not be claimed as le16.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 17 Nov 2011 21:05:19 +0000 (23:05 +0200)]
Fix the debug message in the previous commit
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 17 Nov 2011 20:59:31 +0000 (22:59 +0200)]
Set Secure=1 for EAPOL-Key msg 3/4 in WPA conditional on 2/4
This is a workaround for Windows 7 supplicant rejecting WPA msg 3/4
in case it used Secure=1 in msg 2/4. This can happen, e.g., when
rekeying PTK after EAPOL-Key Error Request (Michael MIC failure)
from the supplicant.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 17 Nov 2011 18:06:33 +0000 (20:06 +0200)]
Use a single define for maximum number of EAP methods
This cleans up the code a bit by not having to deal with theoretical
possibility of maximum number of EAP methods to be different between
various components in hostapd.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 17 Nov 2011 18:01:19 +0000 (20:01 +0200)]
Remove unused header file inclusion
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 17 Nov 2011 17:58:33 +0000 (19:58 +0200)]
WPS: Use strdup to initialize dev_password for PBC
Some static analyzers complain about memset with '0' value. This was
used correctly here, but since use of strdup is about as good an option,
use that to silence the invalid warnings.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 17 Nov 2011 17:54:26 +0000 (19:54 +0200)]
Avoid 0-length memmove from buffer end to keep static analyzers happier
This avoid incorrect errors from some static analyzers that do not like
memmove with pointers just after the end of a buffer even if the number
of bytes to move is zero.
Signed-hostap: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 17 Nov 2011 14:21:11 +0000 (16:21 +0200)]
P2P: Cancel previous operation before starting new p2p_listen
Some drivers do not handle concurrent remain-on-channel operation
requests, so run p2p_stop_find() prior to starting p2p_listen. This
addresses some issues with P2P_LISTEN command being issues again
while already in Listen state.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 17 Nov 2011 11:41:54 +0000 (13:41 +0200)]
Remove obsolete build tests
These have not been updated for years and do not really work
anymore.
Signed-hostap: Jouni Malinen <j@w1.fi>
Johannes Berg [Wed, 16 Nov 2011 14:42:49 +0000 (16:42 +0200)]
nl80211: Get rid of family/cache objects
All we really need is the family ID, and we can
get that with genl_ctrl_resolve() and then don't
need to worry about family/cache objects.
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Johannes Berg [Wed, 16 Nov 2011 14:36:40 +0000 (16:36 +0200)]
P2P: Deal with a peer associating while connected
If a P2P client associates with the group while it is
already associated, two member entries may be added to
the group which also confuses num_members counting.
Deal with this by removing the existing entry first
before adding a new one.
I think the way Reinette ran into this was due to our
tx_sync implementation in iwlagn, mac80211 might have
queued two association frames thinking the first one
just failed, but both only went out after the sync was
really successful (which tx_sync doesn't wait for).
Reported-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-hostap: Johannes Berg <johannes.berg@intel.com>
Vasanthakumar Thiagarajan [Wed, 16 Nov 2011 14:30:36 +0000 (16:30 +0200)]
wpa_supplicant: Set configured auth_algs for AP mode
In AP mode, authentication algorithm is reset in
hostapd_config_defaults_bss() and never set to the configured one. This
would pass the default auth_algs (OPEN|SHARED) to driver regardless of
what the wpa_supplicant configuration is requesting.
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qca.qualcomm.com>
Jouni Malinen [Tue, 15 Nov 2011 19:25:21 +0000 (21:25 +0200)]
P2P: Wait until ongoing scan completes before starting P2P find
The P2P_FIND command was failing if it was issued at the moment when
a scan operation was in progress. Avoid returning failure in this
case by scheduling the P2P find to start once the ongoing scan is
completed.
Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 15 Nov 2011 18:03:00 +0000 (20:03 +0200)]
WEXT: Use linux/wireless.h instead of wireless_copy.h
WEXT is not really changing anymore and more or less all Linux
distros come with linux/wireless.h that is recent enough to
allow the driver wrappers to be build.
Signed-hostap: Jouni Malinen <j@w1.fi>