Jouni Malinen [Fri, 24 Jun 2016 14:24:17 +0000 (17:24 +0300)]
Move extern declarations for driver ops into a header file
This gets rid of number of sparse warnings and also allows the
compatibility of the declarations to be verified (number of missing
const declarations are fixed here as well).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 24 Jun 2016 14:09:46 +0000 (17:09 +0300)]
nl80211: Mark wpa_driver_nl80211_get_macaddr() static
This function is not used outside this file.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Thu, 23 Jun 2016 22:58:33 +0000 (01:58 +0300)]
Fix a debug print in p2p_manager_disconnect()
fc2str() expects to get the 16-bit frame control value in host byte
order.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 22:57:58 +0000 (01:57 +0300)]
Mark internal functions static
These functions are not called outside this file.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 22:53:27 +0000 (01:53 +0300)]
OpenSSL: Silence sparse warnings in fips186_2_prf()
Use WPA_PUT_BE32() instead of inplace conversion with host_to_be32() to
avoid sparse warnings.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 22:47:54 +0000 (01:47 +0300)]
dhcp_snoop: Silence a sparse warning
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 22:47:02 +0000 (01:47 +0300)]
ndisc_snoop: Include ndisc_snoop.h to check prototypes
This allows the compiler to check that function prototypes match the
implementation. In addition, this gets rid of sparse warnings.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 22:46:33 +0000 (01:46 +0300)]
TNCS: Mark functions static
These are called through function pointers, so no need to make the
function symbols directly available outside this file.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 22:40:24 +0000 (01:40 +0300)]
PAE: Mark ieee802_1x_kay_deinit_data_key() static
This function is not used outside this file.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 22:38:48 +0000 (01:38 +0300)]
PAE: Use be16/be32 instead of u16/u32 for spartse
This converts some of the PAE code to use a design that gets rid
unnecessary warnings from sparse and allows more thorough validation of
byte order operations.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 22:38:04 +0000 (01:38 +0300)]
TNCC: Mark functions static
These are called through function pointers, so no need to make the
function symbols directly available outside this file.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 15:19:00 +0000 (18:19 +0300)]
tests: Declare module test functions in a header file
This gets rid of number of warnings from sparse.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 15:11:35 +0000 (18:11 +0300)]
tests: Mark some module test arrays static
These are not used outside the source code file.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 15:06:37 +0000 (18:06 +0300)]
radiotap: Silence sparse warnings about byte order swapping
These little endian fields were not marked properly and the type case in
the get_unaligned_* helper macros were causing warnings from sparse.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 14:48:48 +0000 (17:48 +0300)]
FST: Make fst_action_names static
This is not used outside this file.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 14:46:40 +0000 (17:46 +0300)]
FST: Fix byte order of couple of fields on big endian hosts
Couple of fsts_id and llt fields were not properly swapped from host
byte order to little endian byte order used in the frames. Fix this and
use the le32 type to make this more consistent and verifiable with
sparse.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 10:43:20 +0000 (13:43 +0300)]
Mark wpas_data_test_rx() static
This is not called from outside ctrl_iface.c.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 10:41:18 +0000 (13:41 +0300)]
Fix byte order for CONFIG_VHT_OVERRIDES parameters
The VHT parameters were not swapped properly on big endian systems.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 10:35:26 +0000 (13:35 +0300)]
OpenSSL: Pull in header files to check function prototypes
Since crypto_openssl.c is now implementing couple of functions
internally, pull in the relevant header files md5.h and aes_wrap.h to
make sure the function declaration are consistent.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 10:32:29 +0000 (13:32 +0300)]
FST: Mark wpa_supplicant callback functions get_peer_{first,next} static
These are used only through function pointers, so no need to keep the
functions non-static.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 10:31:04 +0000 (13:31 +0300)]
TDLS: Declare tdls_testing as extern in a header file
This gets rid of a sparse warning with CONFIG_TDLS_TESTING builds.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 10:28:54 +0000 (13:28 +0300)]
trace: Define externs in a header file
This gets rid of some unnecessary strace warnings from test builds.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 10:23:46 +0000 (13:23 +0300)]
Undefine __bitwise before defining it for sparse
This gets rid of a compiler warning due to a bit different construction
in linux/types.h.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 10:14:17 +0000 (13:14 +0300)]
Fix hostapd_sta_add() call to use NULL as the pointer instead of 0
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 10:13:54 +0000 (13:13 +0300)]
MBO: Mark verify_channel() static
This function is not used outside mbo.c.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 23 Jun 2016 10:11:01 +0000 (13:11 +0300)]
WNM: Use NULL instead of 0 as the pointer return value
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jonathan Afek [Tue, 7 Jun 2016 13:42:43 +0000 (16:42 +0300)]
tests: ap_ciphers tests start using general cmd_execute() function
The ap_ciphers tests used to do file operations locally in python. Start
using the cmd_execute() general function for file operations so that
this would also work on remote setups.
Signed-off-by: Jonathan Afek <jonathanx.afek@intel.com>
Jonathan Afek [Tue, 7 Jun 2016 13:42:40 +0000 (16:42 +0300)]
tests: Add functions to execute shell commands on interface host
Add the feature to execute shell commands on each wpa_supplicant/hostapd
interface host. When executing remote tests the interfaces are not all
on a single host so when executing shell commands the test needs to
execute the command on the host which the interface relevant for the
command is on. This patch enables tests to execute the command on the
relevant host.
Signed-off-by: Jonathan Afek <jonathanx.afek@intel.com>
Jonathan Afek [Tue, 14 Jun 2016 10:31:18 +0000 (13:31 +0300)]
ctrl_iface: BSS command to skip info items if parsing fails
In some cases parsing of the mesh scan info for a BSS or the P2P scan
info can fail. One reason can be that the Beacon/Probe Response frame
contained malformed length vendor IEs which are not parsed when adding
to the BSS table. Instead of skipping the whole BSS of the BSS command,
just skip the part that failed to parse.
Signed-off-by: Jonathan Afek <jonathanx.afek@intel.com>
Jouni Malinen [Sun, 19 Jun 2016 20:47:01 +0000 (23:47 +0300)]
tests: mesh_scan_oom to support partial BSS result reporting
The next commit modifies the BSS command behavior to report partial
results for a BSS, so mesh_scan_oom needs to allow a BSS entry to be
returned as long as it does not include the mesh information.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 19 Jun 2016 19:41:23 +0000 (22:41 +0300)]
tests: WPA2-Enterprise connection using EAP-GPSK and wildcard SSID
Signed-off-by: Jouni Malinen <j@w1.fi>
Cedric Izoard [Tue, 14 Jun 2016 12:51:47 +0000 (12:51 +0000)]
HS 2.0R2: No longer use HTTP_RAW_POST_DATA
As HTTP_RAW_POST_DATA is deprecated, use php://input instead.
Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
Cedric Izoard [Tue, 14 Jun 2016 12:49:00 +0000 (12:49 +0000)]
curl: Don't free memory for subjectAltName before calling callback
Freeing memory for subjectAltName in parse_cert(), will give cert_cb
pointers to freed memory zone that may already been overwritten. Memory
for subjectAltName is released in parse_cert_free().
Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
Jouni Malinen [Sun, 19 Jun 2016 19:00:20 +0000 (22:00 +0300)]
tests: More wpa_supplicant AP mode coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 19:42:37 +0000 (22:42 +0300)]
tests: Mesh with various pairwise and group ciphers
Signed-off-by: Jouni Malinen <j@w1.fi>
Masashi Honma [Tue, 14 Jun 2016 03:31:16 +0000 (12:31 +0900)]
mesh: Use MESH_CAP_* macros for mesh capability
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Masashi Honma [Tue, 14 Jun 2016 03:31:15 +0000 (12:31 +0900)]
mesh: Ignore crowded peer
The "Accepting Additional Mesh Peerings bit == 0" means the peer cannot
accept any more peers, so suppress attempt to open a connection to such
a peer.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Jouni Malinen [Sat, 18 Jun 2016 19:21:33 +0000 (22:21 +0300)]
mesh: Select pairwise and group cipher based on network profile
This allows the previously hardcoded CCMP cipher to be replaced in the
network profile for mesh.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 19:14:37 +0000 (22:14 +0300)]
mesh: Avoid use of hardcoded cipher
This moves pairwise, group, and management group ciphers to various mesh
data structures to avoid having to hardcode cipher in number of places
through the code. While CCMP and BIP are still the hardcoded ciphers,
these are now set only in one location.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 11:11:23 +0000 (14:11 +0300)]
mesh: Clean up AMPE element encoding and parsing
The AMPE element includes number of optional and variable length fields
and those cannot really be represented by a fixed struct
ieee80211_ampe_ie. Remove the optional fields from the struct and
build/parse these fields separately.
This is also adding support for IGTKdata that was completely missing
from the previous implementation. In addition, Key RSC for MGTK is now
filled in and used when configuring the RX MGTK for a peer.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 12:50:14 +0000 (15:50 +0300)]
mesh: Do not use RX MGTK as RX IGTK
The previous implementation was incorrect in forcing the MGTK to be used
as the IGTK as well. Define new variable for storing IGTK and use that,
if set, to configure IGTK to the driver. This commit does not yet fix
AMPE element parsing to fill in this information.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 11:45:35 +0000 (14:45 +0300)]
mesh: Use variable length MGTK for RX
This extends the data structures to allow variable length MGTK to be
stored for RX. This is needed as an initial step towards supporting
different cipher suites.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 11:41:59 +0000 (14:41 +0300)]
mesh: Generate a separate TX IGTK if PMF is enabled
Previous implementation was incorrectly using MGTK also as the IGTK and
doing this regardless of whether PMF was enabled. IGTK needs to be a
independent key and this commit does that at the local TX side.
The current AMPE element construction and parsing is quite broken, so
this does not get add the IGTKdata field there.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 11:39:43 +0000 (14:39 +0300)]
mesh: Support variable length TX MGTK
This is an initial step in supporting multiple cipher suites.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 11:35:35 +0000 (14:35 +0300)]
mesh: Add variable length MTK support
This is needed as a part in enabling support for different pairwise
ciphers in mesh.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 11:27:29 +0000 (14:27 +0300)]
mesh: Coding style cleanup for MTK derivation
Clean up the mesh_rsn_derive_mtk() function by using proper macros and
pointer to the location within the context block.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 11:21:48 +0000 (14:21 +0300)]
mesh: Fix MTK derivation to use AKM suite selector
mesh_rsn_derive_mtk() was hardcoded to use GCMP (even though CCMP was
hardcoded elsewhere) cipher suite selector instead of the selected AKM
suite selector. This resulted in incorrect MTK getting derived. Fix this
by used the SAE AKM suite selector in the input to the KDF.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 11:19:42 +0000 (14:19 +0300)]
mesh: Coding style cleanup for AEK derivation
Clean up the mesh_rsn_derive_aek() function by using proper macros and
pointer to the location within the context block.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 11:17:34 +0000 (14:17 +0300)]
mesh: Fix AEK derivation to use AKM suite selector
mesh_rsn_derive_aek() was hardcoded to use GCMP (even though CCMP was
hardcoded elsewhere) cipher suite selector instead of the selected AKM
suite selector. This resulted in incorrect AEK getting derived. Fix this
by used the SAE AKM suite selector in the input to the KDF.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 11:05:47 +0000 (14:05 +0300)]
mesh: Use ieee80211w profile parameter
This is initial step in fixing issues in how PMF configuration for RSN
mesh was handled. PMF is an optional capability for mesh and it needs to
be configured consistently in both hostapd structures (to get proper
RSNE) and key configuration (not included in this commit).
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 11:01:47 +0000 (14:01 +0300)]
mesh: Use WPA_NONCE_LEN macro
No need to use the magic value 32 here since there is a generic define
for the RSN-related nonce values.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 18 Jun 2016 09:20:50 +0000 (12:20 +0300)]
tests: Secure mesh network connectivity with PMF enabled
Signed-off-by: Jouni Malinen <j@w1.fi>
Sunil Dutt [Thu, 14 Jan 2016 12:55:57 +0000 (18:25 +0530)]
hostapd: Skip hostapd ACL check for drivers supporting ACL offload
Commit
0603bcb7fe8babf183362518238c142afe8e2036 ('hostapd: Process MAC
ACLs on a station association event (SME in driver)') processes MAC ACL
on a station association event for drivers which use AP SME offload but
does not consider the scenario where the drivers offload ACL. This can
result in station disconnection, though the driver accepts the
connection. Address this by avoiding the hostapd ACL check for the
drivers offloading MAC ACL.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 17 Jun 2016 17:41:09 +0000 (20:41 +0300)]
tests: More wpa_supplicant/bss.c OOM coverage
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 17 Jun 2016 10:27:12 +0000 (13:27 +0300)]
tests: WPS and wpa_supplicant BSS entry limit
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
vamsi krishna [Fri, 17 Jun 2016 09:04:12 +0000 (14:34 +0530)]
WPS: Fix memory leak with wps_ie in wpa_bss_is_wps_candidate()
Fix possible memory leak in case if WPS is not enabled on the interface
for connection. This path was missed in commit
fae7b3726035b57a78aa552378fc5d15402b9ec1 ('WPS: Do not expire probable
BSSes for WPS connection').
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Thu, 16 Jun 2016 23:05:10 +0000 (02:05 +0300)]
tests: Make mesh_missing_mic more robust
Check for MESH-PEER-CONNECTED from dev[1] before reporting MGMT-RX
timeout errors from dev[0]. This avoids false failures in case the short
0.01 s timeout at the end of the loop was not long enough to catch the
message.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Sunil Dutt [Thu, 16 Jun 2016 17:03:02 +0000 (22:33 +0530)]
Reserve QCA vendor specific nl80211 command 121
This is reserved for QCA use.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
vamsi krishna [Fri, 13 May 2016 11:36:36 +0000 (17:06 +0530)]
WPS: Do not expire probable BSSes for WPS connection
When the BSS count reaches max_bss_count, the oldest BSS will be removed
in order to accommodate a new BSS. Exclude WPS enabled BSSes when going
through a WPS connection so that a possible WPS candidate will not be
lost.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Sunil Dutt [Mon, 23 May 2016 13:39:48 +0000 (19:09 +0530)]
Add a QCA vendor command to configure AP parameters
This commit also introduces a new attribute MANDATORY_FREQUENCY_LIST
which aims for AP operation in a channel that ensures best concurrency
sessions.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Tim Kourt [Fri, 10 Jun 2016 18:04:26 +0000 (11:04 -0700)]
hostapd: Add comment about '-i' parameter in hostapd.conf
Signed-off-by: Tim Kourt <tim.a.kourt@linux.intel.com>
Tim Kourt [Fri, 10 Jun 2016 18:04:25 +0000 (11:04 -0700)]
hostapd: Accept interface names as a command line parameter
This introduces an optinal command line parameter '-i' to override the
value of the 'interface' attribute in hostapd.conf files. This change
enables the reuse of the configuration files for the concurrent
instances of hostapd. An ability to dynamically assign the interface
names simplifies the usages of hostapd service in the automated
emulations of the wireless environments.
Signed-off-by: Tim Kourt <tim.a.kourt@linux.intel.com>
Jouni Malinen [Sun, 12 Jun 2016 21:36:18 +0000 (00:36 +0300)]
hostapd: Fix early init failure path
eloop deinit calls could trigger segmentation fault if the early error
path is hit before eloop_init() gets called.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 12 Jun 2016 21:35:12 +0000 (00:35 +0300)]
FST: Make fst_global_deinit() more robust
Verify that fst_global_init() has been called before deinitializing the
global FST context. This makes it a bit easier to handle failure paths
from initialization.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 12 Jun 2016 21:04:47 +0000 (00:04 +0300)]
tests: Add sniffer check to wpas_mesh_max_peering
This verifies that the Accepting Additional Mesh Peerings field is being
cleared properly when the maximum peer links count is reached.
Signed-off-by: Jouni Malinen <j@w1.fi>
Masashi Honma [Sun, 12 Jun 2016 02:52:08 +0000 (11:52 +0900)]
mesh: Sync max peer links with kernel
Set max peer links to kernel even when wpa_supplicant MPM is used. This
sets the correct value for the "Accepting Additional Mesh Peerings bit"
in "Mesh Capability field" in "Mesh Configuration element" in the Beacon
frame.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Jouni Malinen [Sun, 12 Jun 2016 14:56:02 +0000 (17:56 +0300)]
tests: Additional coverage in mesh_sae_groups_invalid
Additional coverage in mesh_rsn_sae_group() with non-zero
wpa_s->mesh_rsn->sae_group_index.
Signed-off-by: Jouni Malinen <j@w1.fi>
David Woodhouse [Wed, 8 Jun 2016 20:04:02 +0000 (21:04 +0100)]
Update PKCS#11 references in template wpa_supplicant.conf
Ditch the legacy syntax and manual engine mangling and just give an
example using simple PKCS#11 URIs that'll work with both GnuTLS and
OpenSSL.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Wed, 8 Jun 2016 20:03:40 +0000 (21:03 +0100)]
OpenSSL: Initialise PKCS#11 engine even if found with ENGINE_by_id()
Recent versions of engine_pkcs11 are set up to be autoloaded on demand
with ENGINE_by_id() because they don't need explicit configuration.
But if we *do* want to explicitly configure them with a PKCS#11 module
path, we should still do so.
We can't tell whether it was already initialised, but it's harmless to
repeat the MODULE_PATH command if it was.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Michael Schaller <misch@google.com>
Paul Stewart [Fri, 10 Jun 2016 15:29:55 +0000 (08:29 -0700)]
nl80211: Fix use-after-free in qca_nl80211_get_features()
Any data accessible from nla_data() is freed before the
send_and_recv_msgs() function returns, therefore we need to allocate
space for info.flags ourselves.
Signed-off-by: Paul Stewart <pstew@google.com>
Jouni Malinen [Fri, 10 Jun 2016 18:17:34 +0000 (21:17 +0300)]
tests: GAS/ANQP query and Address 3 value selection
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 10 Jun 2016 18:43:25 +0000 (21:43 +0300)]
hostapd Make GAS Address3 field selection behavior configurable
gas_address3=1 can now be used to force hostapd to use the IEEE 802.11
standards compliant Address 3 field value (Wildcard BSSID when not
associated) even if the GAS request uses non-compliant address (AP
BSSID).
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 10 Jun 2016 18:35:11 +0000 (21:35 +0300)]
hostapd: Fix Public Action frame TX status processing for wildcard BSSID
Previously all TX status events with wildcard BSSID were ignored. This
did not allow Public Action frame TX status to be processed with the
corrected wildcard BSSID use. Fix this to be allowed. In practice, this
affects only test cases since Action frame TX status was not used for
anything else.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 10 Jun 2016 18:30:03 +0000 (21:30 +0300)]
hostapd: Fix Public Action frame addressing (BSSID field)
IEEE Std 802.11-2012, 10.19 (Public Action frame addressing) specifies
that the wildcard BSSID value is used in Public Action frames that are
transmitted to a STA that is not a member of the same BSS. hostapd used
to use the actual BSSID value for all such frames regardless of whether
the destination STA is a member of the BSS.
Fix this by using the wildcard BSSID in cases the destination STA is not
a member of the BSS. Leave group addressed case as-is (i.e., the actual
BSSID), since both values are accepted. No such frames are currently
used, though.
This version is still using the AP BSSID value in the Address 3 field
for GAS response frames when replying to a GAS request with AP BSSID
instead of Wildcard BSSID. This is left as a workaround to avoid
interoperability issues with deployed STA implementations that are still
using the non-compliant address and that might be unable to process the
standard compliant case.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Fri, 10 Jun 2016 17:58:23 +0000 (20:58 +0300)]
wpa_supplicant: Make GAS Address3 field selection behavior configurable
IEEE Std 802.11-2012, 10.19 (Public Action frame addressing) specifies
that the wildcard BSSID value is used in Public Action frames that are
transmitted to a STA that is not a member of the same BSS.
wpa_supplicant used to use the actual BSSID value for all such frames
regardless of whether the destination STA is a member of the BSS.
P2P does not follow this rule, so P2P Public Action frame construction
must not be changed. However, the cases using GAS/ANQP for non-P2P
purposes should follow the standard requirements.
Unfortunately, there are deployed AP implementations that do not reply
to a GAS request sent using the wildcard BSSID value. The previously
used behavior (Address3 = AP BSSID even when not associated) continues
to be the default, but the IEEE 802.11 standard compliant addressing
behavior can now be configured with gas_address3=1.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Sun, 5 Jun 2016 08:43:37 +0000 (11:43 +0300)]
tests: Mesh peering management protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sun, 5 Jun 2016 08:17:00 +0000 (11:17 +0300)]
tests: Secure mesh network and PMKID mismatch
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 22:20:28 +0000 (01:20 +0300)]
tests: Secure mesh network and missing MIC
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 21:24:47 +0000 (00:24 +0300)]
tests: Mesh and failure to derive random nonce
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 21:20:06 +0000 (00:20 +0300)]
tests: Secure mesh network and PMKSA caching failing due to OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 21:03:38 +0000 (00:03 +0300)]
tests: Mesh scan element parse error
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 19:01:33 +0000 (22:01 +0300)]
tests: Mesh network setup failing due to driver command failure
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 19:00:52 +0000 (22:00 +0300)]
nl80211: Add TEST_FAIL() to command generation and set_mode
This makes it easier to test error paths for failing driver command
cases.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 19:00:30 +0000 (22:00 +0300)]
mesh: Remove extra newline from the end of an error message
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 18:47:22 +0000 (21:47 +0300)]
tests: Mesh and default beacon interval
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 18:44:19 +0000 (21:44 +0300)]
tests: Extend coverage for mesh OOM testing
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 18:31:51 +0000 (21:31 +0300)]
tests: Open mesh network on VHT 160 MHz channel
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 18:30:51 +0000 (21:30 +0300)]
mesh: Allow 160 MHz channel to be configured
This allows minimal testing with 160 MHz channel with country code ZA
that happens to be the only one with a non-DFS 160 MHz frequency. DFS
with mesh is not yet supported.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 18:30:18 +0000 (21:30 +0300)]
nl80211: Update drv->assoc_freq on mesh join
This is needed to provide the correct frequency in SIGNAL_POLL command.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 17:56:39 +0000 (20:56 +0300)]
tests: Mesh and invalid frequency configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Sat, 4 Jun 2016 17:56:55 +0000 (20:56 +0300)]
mesh: Remove unreachable code
ssid->frequency cannot be 0 in wpa_supplicant_mesh_init() since
wpas_supplicant_join_mesh() rejects such a configuration.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 3 Jun 2016 21:40:38 +0000 (00:40 +0300)]
tests: Mesh and local failures
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 3 Jun 2016 21:25:21 +0000 (00:25 +0300)]
tests: Mesh and local SAE failures
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Fri, 3 Jun 2016 21:08:16 +0000 (00:08 +0300)]
tests: Mesh with invalid SAE group configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
Kanchanapally, Vidyullatha [Tue, 12 Apr 2016 08:01:42 +0000 (13:31 +0530)]
nl80211: Use extended capabilities per interface type
This adds the necessary changes to support extraction and use of the
extended capabilities specified per interface type (a recent
cfg80211/nl80211 extension). If that information is available,
per-interface values will be used to override the global per-radio
value.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Tue, 31 May 2016 15:48:39 +0000 (18:48 +0300)]
Sync with mac80211-next.git include/uapi/linux/nl80211.h
This brings in nl80211 definitions as of 2016-05-31.
Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen [Mon, 30 May 2016 21:11:42 +0000 (00:11 +0300)]
Report connection timeouts in CTRL-EVENT-ASSOC-REJECT
Add a new "timeout" argument to the event message if the nl80211 message
indicates that the connection failure is not due to an explicit AP
rejection message. This makes it easier for external programs to figure
out why the connection failed.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 30 May 2016 18:15:30 +0000 (21:15 +0300)]
tests: wpa_supplicant secure MESH and SAE group negotiation
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 30 May 2016 18:14:08 +0000 (21:14 +0300)]
mesh: Support simple SAE group negotiation case
This allows the simplest case of SAE group negotiation to occur by
selecting the next available group if the peer STA indicates the
previous one was not supported. This is not yet sufficient to cover all
cases, e.g., when both STAs need to change their groups, but at least
some cases are no covered.
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen [Mon, 30 May 2016 17:17:10 +0000 (20:17 +0300)]
tests: Secure mesh network setup local failure
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>