www.project-moonshot.org Git - mech

HS 2.0: Add WLAN RADIUS attributes in OSEN case

Previously, the common WLAN-* RADIUS attributes were added only when WPA
or WPA2 was used. These can be of use for OSEN as well, so include them
in that case, too.

Signed-off-by: Jouni Malinen <j@w1.fi>

Remove unnecessary wpa_ie_len check from wpa_parse_wpa_ie_wpa()

There is no need to have a separate "fail silently" case for wpa_ie_len
== 0. That condition does not seem to be reachable and even if it were,
the following "ie len too short" case will result in the exact same
return value.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Suite B with external RADIUS server

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: D-Bus AddNetwork and connection with WPA+WPA2-Enterprise AP

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: WPA IE parsing

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Update wpas_ctrl_network to match removal of WEP as group cipher

Signed-off-by: Jouni Malinen <j@w1.fi>

Remove WEP40/WEP104 cipher suite support for WPA/WPA2

As far as IEEE 802.11 standard is concerned, WEP is deprecated, but at
least in theory, allowed as a group cipher. This option is unlikely to
be deployed anywhere and to clean up the implementation, we might as
well remove all support for this combination.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: WPA2-PSK-FT AP and invalid response IEs

Signed-off-by: Jouni Malinen <j@w1.fi>

FT: Stop association attempt if Auth response processing fails (SME)

Call the FT processing function directly instead of going through
wpa_supplicant_event() to process FT Authentication frame in SME case.
This allows parsing error to be used to trigger immediate failure for
the connection instead of trying to proceed to reassociation step that
cannot succeed.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: HT40 co-ex scan finding an AP advertising 40 MHz intolerant

Signed-off-by: Jouni Malinen <j@w1.fi>

Make check_20mhz_bss() static

This is not used outside this file anymore, so there is no need to
export the symbol either.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: HT40 co-ex scan conflict with HT 20 MHz AP

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: HT40 on 5 GHz with invalid channel pair

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Make dbus_old_wps_pbc more robust

Flush the cfg80211 scan cache explicitly to avoid false failure reports
if a BSS entry from an earlier test case remain. Such a failure could be
hit, e.g., with the following test case sequence:
wpas_mesh_mode_scan p2p_channel_random_social dbus_old_wps_pbc

Signed-off-by: Jouni Malinen <j@w1.fi>

P2P: Handle P2P Device dedicated interface parent removal

In case of a network interface removal, check if the interface
was also the parent interface of the P2P Device dedicated interface.
If this is the case, then stop the P2P Device functionality, and
remove the P2P Device dedicated interface.

In case that the interface is added again and P2P Device
functionality can be enabled again, add a new P2P Device dedicated
interface and allow further P2P Device functionality.

In case that the P2P Device dedicated interface is re-created, the
original P2P Device configuration file is needed, so store it in
the global params (instead in the wpa_interface configuration).

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

nl8021: Allow sending wowlan configuration on any interface

Sending a wowlan configuration command can be done on any wireless
interface (not only netdev), as it is a device configuration and not
interface configuration specific. Fix the code to allow it to be
sent on any interface.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

nl80211: Remove android_genl_ctrl_resolve()

Android libnl_2 implementation added support for "nl80211" name in
commit 'libnl_2: Extend genl_ctrl_resolve() to support "nl80211" name'
in July 2012 which got included in Android 4.2. It is fine to drop this
old Android ICS workaround from wpa_supplicant now.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

P2P: Consider ht/vht on P2P_GROUP_ADD command (with no params)

p2p_ctrl_group_add() takes care of various configuration options (such
as ht/vht) before calling wpas_p2p_group_add(), so use it (just like
when P2P_GROUP_ADD is called with additional params).

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>

ctrl_iface: Make p2p_ctrl_group_add() more robust

Parse each parameter individually and combine all the function calls.
This will allow further patch to call it with no parameters (currently
this might result in failure).

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>

P2P: Fix secondary channel selection for HT40

wpas_p2p_get_ht40_mode() used blacklist approach (bw != BW20) to find
the relevant op_class, but didn't take into account other non-BW40
cases, like BW80, that had been added to the bw enum after the initial
implementation. Fix this by looking for the specific BW40 bw cases.

Signed-off-by: Eliad Peller <eliadx.peller@intel.com>

tests: Increase HTTPConnection timeout in ap_wps_upnp_http_proto

It looks like the previous timeout of 0.1 seconds could be hit under
parallel VM load, so double this to 0.2 second to avoid hitting
unnecessary test failures.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: D-Bus RemoveClient()

Signed-off-by: Jouni Malinen <j@w1.fi>

dbus: Add RemoveClient method to remove a client from local GO

This is equivalent to the P2P_REMOVE_CLIENT command on control
interface. This can be used to remove the specified client [as object
path or string format interface address] from all groups (operating and
persistent) from the local GO.

Argument(s): peer[object path] OR iface[string format MAC address]

Signed-off-by: Purushottam Kushwaha <p.kushwaha@samsung.com>
Signed-off-by: Jijo Jacob <jijo.jacob@samsung.com>

D-Bus: Fix wpas_dbus_register_peer() documentation

Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>

D-Bus: Add missing params in WPS function documentation

This adds missing parameters in all WPS events related function
documentation.

Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>

D-Bus: Fix function documentation for wpas_dbus_signal_p2p_go_neg_resp()

Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>

D-Bus: Add function documentation for wpas_dbus_signal_p2p_go_neg_req()

This is needed to add this function into Doxygen documentation.

Signed-off-by: Maneesh Jain <maneesh.jain@samsung.com>

tests: Wait on the global control interface for CTRL-EVENT-REGDOM-CHANGE

The event is not interface specific, so wait for it on the global
control interface socket.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>

tests: Fix grpform_wait_peer group removal in P2P Device case

Get the P2P group interface name so it will be used for group removal to
support configurations that use a dedicated P2P Device interface.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>

tests: Fix p2p_set_discoverability waiting for CTRL-EVENT-CONNECTED

Wait on the group control interface to support configurations that
use a dedicated P2P Device interface.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>

P2P: Fix PBC overlap detection

PBC overlap detection searches for another BSS with active PBC in the
BSS table. However, when a separate P2P interface is used, scan results
without P2P IE are not saved in the BSS table, so non-P2P BSS's with
active PBC will not be detected.

Fix this by iterating only the WPS AP array instead of the BSS table.
This is also more efficient since only WPS APs may have active PBC. This
also fixes hwsim test "grpform_pbc_overlap" when a dedicated P2P Device
is used.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>

tests: Fix wifi_display to use the global control interface

This is needed if the configuration is using a dedicated P2P Device
interface.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

tests: Fix wifi_display_persistent_group with P2P Device

Use the global control interface to list the P2P Device persistent
networks. Get and parse the P2P-GROUP-STARTED events, so later the
interface names would be available for the connectivity test etc. Both
of these are required when a dedicated P2P Device interface is used.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

P2P: Use the P2P Device interface in wpas_p2p_fallback_to_go_neg()

Previously the wpa_s->parent interface was used, which is not
necessarily the P2P Device management interface.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

tests: Fix autogo_pbc() waiting for WPS-PBC

Wait on the global control interface to support
configurations that use a dedicated P2P Device interface.

Note that the group interface cannot be used, as the group
interface name is not saved since no group was created.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

tests: Use global and group control interface in test_p2p_autogo

This is required when a dedicated P2P Device is used.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

tests: Modify reset() to use the global control interface

Change the reset() method to use the global control interface
for resetting P2P state and also add a call to P2P_FLUSH.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

tests: Use global interface for "P2P_SET"

Setting P2P per_sta_psk should be done using the global control
interface.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>

tests: NFC static handover with invalid contents

This adds test coverage to p2p_procesS_nfc_connection_handover() error
paths. This is also a regression test case for a memory leak on two of
these error paths.

Signed-off-by: Jouni Malinen <j@w1.fi>

P2P: Fix memory leak in p2p_process_nfc_connection_handover()

p2p_process_nfc_connection_handover() allocates msg memory in the parser
and might return before memory is released if the received message is
not valid.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>

tests: WPA2-Enterprise connection using EAP-FAST and OOM in PRF

This is a regression test case for a memory leak on a TLS PRF error
path. In addition, this provides more coverage for this error path.

Signed-off-by: Jouni Malinen <j@w1.fi>

EAP-FAST peer: Stop immediately on key derivation failure

If key derivation fails, there is no point in trying to continue
authentication. In theory, this could happen if memory allocation during
TLS PRF fails.

Signed-off-by: Jouni Malinen <j@w1.fi>

OpenSSL: Fix memory leak on an openssl_tls_prf() error path

Free tmp_out before returning to prevent memory leak in case the second
memory allocation in openssl_tls_prf() fails. This is quite unlikely,
but at least theoretically possible memory leak with EAP-FAST.

Signed-off-by: Ben Rosenfeld <ben.rosenfeld@intel.com>

tests: More RADIUS testing coverage with CUI/User-Name in ACL response

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Make ap_wps_ap_scan_2 more robust

The test sequence "scan_and_bss_entry_removed ap_wps_ap_scan_2" resulted
in failure due to an old BSS entry remaining from the first test case to
the second and the WPS_PBC operation on a forced BSSID ending up picking
the incorrect BSS entry. Make this more robust by clearing the scan
results from cfg80211.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Make ap_wps_pbc_overlap_2* less likely to cause issues

Both of these test cases were leaving out BSS entries with active PBC
mode at the end of the test. This could result in the next text case
failing, e.g., in "ap_wps_pbc_overlap_2ap grpform_ext_listen" and
"ap_wps_pbc_overlap_2sta grpform_ext_listen" sequences. Fix this by
flushing the scan results more carefully at the end of the PBC overlap
test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Print a command line to re-run failed test sequence

This makes it easier to test whether a specific test sequence results in
a reproducible test failure.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: P2PS with large number of services in Probe Request/Response

This verifies capability to split the response into multiple P2P
elements.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

tests: Extend P2PS service seek test to cover multiple services

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

tests: P2PS wildcard SD probe

Verify that advertiser returns 'org.wi-fi.wfds' wildcard in a Probe
Response frame if at least one P2PS advertisement is present.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

P2PS: Fix Probe Response frame building in error cases

org.wi-fi.wfds service is not a replacement for non-WFA service matches.
Do not try to replace the results with that if there is not sufficient
room for the response. Instead, reply with all the matching services
that fit into the message. org.wi-fi.wfds is the first entry in the list
(if matching request/service is present), so it won't get overridden by
other services.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2PS: Fix org.wi-fi.wfds matching when building the response

The service hash for org.wi-fi.wfds is supposed to match only if the
device has a WFA defined org.wi-fi.wfds.* service. Verify that before
adding org.wi-fi.wfds to the response.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2PS: Add more debug prints for service info building

This makes the debug log much more helpful for figuring out results from
service hash matching.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2PS: Remove unnecessary service hash filtering from p2p_reply_probe()

Probe Response building is already doing service matching and there is
no need to do this in both places, so simplify the p2p_reply_probe()
implementation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2PS: Do not ignore other hashes if org.wi-fi.wfds hash is included

When doing initial processing of Probe Request frame service hashes, the
previous implementation dropped all other hash values if a hash for
org.wi-fi.wfds was included. This is not correct, since that is not a
full wildcard of all services (it only matches WFA defined
org.wi-fi.wfds.* services).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2PS: Fix service hash matching for org.wi-fi.wfds

This "wildcard" match is for WFA specified org.wi-fi.wfds.* services,
not for all services. Verify that there is a really matching service
being advertised instead of assuming this "wildcard" matches if any
services are advertised.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2PS: Fix p2p_find handling to allow "wildcard" with other hash values

The org.wi-fi.wfds "wildcard" is not a full wildcard of all service
names and as such, it must not remove other service name hash values
from the Probe Request frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2PS: Verify service name length in P2P_FIND command

p2ps_gen_hash() has a limit on service names based on the temporary
buffer from stack. Verify that the service name from the local P2P_FIND
command is short enough to fix into that buffer.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2PS: Fix P2P_FIND seek parameter parsing

Only the first seek=<service name> parameter was accepted from the
P2P_FIND command. Fix this to go through all seek parameters to
construct the list of service hash values to seek.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2PS: Add a wildcard with other advertised service info

Quoting P2PS specification: "If multiple Service Hash values are
included in the Probe Request frame, then the ASP shall find a match for
each Service Hash, and it shall send a Probe Response frame with the
information listed in this section for all matched Service Hashes." This
commit changes handling of wildcard hash matching by adding a
wildcard 'org.wi-fi.wfds' info together with the other hash matches.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

P2PS: Re-factor p2p_buf_add_service_instance function

Add auxiliary functions to write a single advertised service info record
into a wpabuf and to find P2PS wildcard hash in a received hash
attribute. Re-factor p2p_buf_add_service_instance() function to allow
adding new wildcard types in future commits.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

wpa_cli: Fix process termination in wpa_cli action mode case

Commit 4be9f27595f313773612d2fe534c013dfedfe679 ('wpa_cli: Use eloop
during connection attempts in interactive mode') did not take into
account the needs for signal processing in action mode. eloop_run() was
not called in this case and the internal select() loop would block eloop
processing anyway and prevent clean shutdown. Fix this by using eloop
for action mode operations.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

Clear allocated debug message buffers explicitly

When hostapd or wpa_supplicant is run in debug more with key material
prints allowed (-K on the command line), it is possible for passwords
and keying material to show up in debug prints. Since some of the debug
cases end up allocating a temporary buffer from the heap for processing
purposes, a copy of such password may remain in heap. Clear these
temporary buffers explicitly to avoid causing issues for hwsim test
cases that verify contents of memory against unexpected keys.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

Clear control interface command explicitly from stack

The control interface commands may include passwords or other private
key material, so clear it explicitly from memory as soon as the
temporary buffer is not needed anymore.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Fix group interface addition failure properly for concurrent case

It was possible for a P2P group formation failure to result in a
concurrent station mode operation getting disconnected in the specific
error case where group interface addition fails after a successful GO
Negotiation. Fix this by skipping the wpas_p2p_group_delete() call in
this specific case since the group interface does not exists anymore at
the point wpas_group_formation_completed() gets called.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2PS: Refactor p2p_data::query_hash and p2p_data::query_count use

Avoid using p2p_data::query_hash for both Probe Request frame processing
and for hashes specified by p2p_find. It's resolved by use of local
query_hash and query_count variables in p2p_reply_probe().

Since p2p_data::query_hash is used only for seek hash values rename
p2p_data::query_hash to p2ps_seek_hash.

Delete p2p_data::query_count since it's not needed anymore.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

tests: VENDOR_ELEM_ADD for various frames

This increases testing coverage for VENDOR_ELEM mechanism by explicitly
verifying that the requested element gets added to each of the supported
frame types.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Add vendor elements into Invitation Response frames

Commit 86bd36f0d5b3d359075c356d68977b4d2e7c9f71 ('Add generic mechanism
for adding vendor elements into frames') introduced a mechanism to add
vendor elements into various frames, but missed the addition to the
Invitation Response frame. This commit addresses the same.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2PS: Delete p2ps_svc_found from struct p2p_data

This variable is used locally only in the p2p_reply_probe() function.
The value of this variable is valid only in the context of the single
Probe Request message handling and doesn't make much sense in p2p
context.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

P2PS: Add a function to free a PD context

Free a PD context with a function encapsulating both os_free() call and
setting a PD context pointer to NULL.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

tests: Add p2ps_cli_probe and p2ps_go_probe tests

Test P2PS GO and CLI discoverability on group operating channel.
In order to implement these tests, refactor p2ps_connect_p2ps_method
and test_p2ps_connect_adv_go_pin_method to reuse the code for
connection establishment. Also change p2ps_exact_seek so it will
allow getting Probe Response frames from several peers.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

tests: Fix inconsistent indentation

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

tests: Fix p2ps_connect_adv_go_pin_method case

test_p2ps_connect_adv_go_pin_method() expects that
p2ps_provision_keypad_method() returns P2PS-PROV-DONE with details
needed for a connection. However, this event was overridden which
resulted in an incorrect test flow skipping the connection
establishement. The test would pass, however, without really trying to
connect. Fix this by returning the correct event.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

P2P: Prefer direct Probe Response frames over GO's client list

A P2P Client may be discoverable and reply to Probe Request frames,
while at the same time the P2P GO would also be discoverable and include
the P2P Client information in the P2P Group Info attribute of the Probe
Response frames.

If a seeker constantly hears the Probe Response frames from a P2P Client
and then from the GO, but handles them in the opposite order (due to
scan results ordering), the more valuable Probe Response frame from the
P2P Client will be ignored. Fix this by defining a threshold (1 second)
during which the direct Probe Response frame will be preferred over the
information acquired from the GO and will not be considered as old.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

P2P: Use more precise device timestamping for group clients

When adding group clients to the P2P peer list, use the driver provided
BSS entry timestamp instead of the current time. Otherwise, the time
comparison which is made in p2p_add_device() doesn't make sense.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

P2P: Specify frequency when sending Probe Response frame

If the RX frequency of the Probe Request frame is known, specify it when
sending the Probe Response frame. This is needed when the Probe Request
frame is received on another virtual interface, for example, when a GO
or P2PS client are discoverable on the group operating channel.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

drivers: Add freq parameter to send_mlme() function

Change send_mlme() API to allow sending management frames on a specific
channel, overriding the internal driver decision.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

P2P: Fix return value of p2p_reply_probe() and p2p_probe_req_rx()

Return P2P_PREQ_PROCESSED instead of P2P_PREQ_NOT_PROCESSED on
a successful Probe Request frame handling in p2p_reply_probe().

Verify a return value of p2p_reply_probe() in p2p_probe_req_rx()
and continue a pending invitation/connection flow only if the
Probe Request frame is from an expected P2P peer.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

P2PS: Enable Probe Request frame processing by P2P Client

1. Add global p2p_cli_probe property to enable/disable Probe Request
frame RX reporting for connected P2P Clients. The property can be set to
0 - disable or 1 - enable. The default value is 0.

2. Enable Probe Request frame RX reporting for P2P Client on
WPA_COMPLETED state if p2p_cli_probe property is set to 1. Disable it
when an interface state is changing to any other state.

3. Don't cancel Probe Request frame RX reporting on wpa_stop_listen for
a connected P2P Client handling Probe Request frames.

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

P2P: Add rx_freq parameter to Probe Request frame handler

In some cases, Probe Request frames can be received by a peer not only
on a listen channel. In this case an additional rx_freq parameter
explitly contains a Probe Request frame RX frequency. In case rx_freq is
set to 0, a Probe Request frame RX channel is assumed to be our own
listen channel (p2p->cfg->channel).

Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Ilan Peer <ilan.peer@intel.com>

P2P: Update target GO Device Address from BSS entry during join

It is possible for P2P_CONNECT-join command to be issued on a GO's P2P
Interface Address before the P2P peer entry is available to map this
into the GO's P2P Device Address. This could result in the join
operation failing to continue after receiving PD Response due to the
address mismatch (source address = P2P Device Address while only the P2P
Interface Address is known). Fix this by updating the pending join P2P
Device Address based on the BSS entry, if needed.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: IBSS on 5 GHz band

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: WNM BSS Transition Management in different countries

This increases testing coverage for ieee802_chan_to_freq*() functions.

Signed-off-by: Jouni Malinen <j@w1.fi>

Remove duplicated country code from operating class lists

CA country code was included mistakenly (copy-paste..) in cn_op_class_cc
while it was supposed to be included only in us_op_class_cc. In
practice, this did not result in incorrect operation due to the
us_op_class_cc list being checked first. Anyway, better fix
cn_op_class_cc to avoid confusion here.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Additional ieee802_11_parse_elems() module test coverage

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Module test for gas.c corner cases in gas_anqp_set_len()

This increases code coverage for gas.c testing to cover areas that
cannot be reached with pure hwsim test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: GAS/ANQP query and OOM

Signed-off-by: Jouni Malinen <j@w1.fi>

tests: Verify correct VLAN operation in multi-BSS multi-VLAN case

This adds hwsim test ap_vlan_iface_cleanup_multibss. It connects two
stations in different BSS but the same hostapd process. First both
stations are in VLAN 1, then they get reauthenticated into VLAN 2. Due
to the ordering of the stations moving around, this test checks that
bridge and tagged interface referencing counting is done globally, such
that the tagged interface is not removed too early and no bridge is
left over.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>

Fix removal of tagged interface and bridge when multiple BSS share them

Currently, if multiple bss share are bridge and tagged vlan interface,
only the first instance of struct hostapd_vlan for this vlanid will have
the DVLAN_CLEAN_VLAN flag added. Thus, when this instance is removed,
the tagged vlan interface will be removed from bridge, thought other bss
might still need it. Similarily, the bridge will be left over, as the
does not have zero ports when the first instance of a struct
hostapd_vlan is freed.

This patch fixes this by having a global (per process) reference counter
for dynamic tagged vlan and dynamically created bridge interfaces, so
they are only removed after all local users are freed. (struct
hapd_interfaces *)->vlan_priv is used to hold src/ap/vlan_init.c global
per-process data like drv_priv does; right now this is only used for the
interface reference counting, but could get extended when needed. Then
possibly some vlan_global_init / vlan_global_deinit should be added, but
this is not required right now.

Additionally, vlan->configured is checked to avoid reference counter
decreasing before vlan_newlink increased them.

In order to avoid race conditions, vlan_dellink is called explicitly
after hostapd_vlan_if_remove. Otherwise there would be a short timeframe
between hostapd_vlan_if_remove and vlan_dellink during which the struct
hostapd_vlan still exists, so ap_sta_bind_vlan would try to attach
stations to it.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>

Combine multiple function calls to a single statement

This cleans up p2p_ctrl_group_add() to share a single call to
wpas_p2p_group_add().

Signed-off-by: Purushottam Kushwaha <p.kushwaha@samsung.com>

tests: D-Bus Reconnect command

Signed-off-by: Jouni Malinen <j@w1.fi>

dbus: Add Reconnect command to D-Bus Interface

This has same behavior as the ctrl_iface RECONNECT command.

Signed-off-by: Mayank Haarit <mayank.h@samsung.com>
Signed-off-by: Purushottam Kushwaha <p.kushwaha@samsung.com>

doc: Update D-Bus GONegotiationRequest Signal: add device_go_intent

This new parameter was added by commit
aa2b12562b6e70fe48c7ce4abebf094206a9332a ('P2P: Add GO Intent of
connecting device in GO Negotiation Request event').

Signed-off-by: Rahul Jain <rahul.jain@samsung.com>
Signed-off-by: Mayank Haarit <mayank.h@samsung.com>

tests: Make flush_scan_cache() more robust

There seem to be cases where flush_scan_cache() was unable to clear all
BSS entries due to a hidden SSID BSS (SSID length 0) showing up again
from cfg80211 BSS table. Check for this and run the flush operation
again if any entries remain.

This fixes an issue where the following hwsim test case sequence
resulted in the last test case failing due to the old BSS entry from the
first test case being in place and showing unexpected flags information:
ap_hs20_min_bandwidth_home_hidden_ssid_in_scan_res
ap_hs20_remediation_required
ap_mixed_security

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

tests: P2P GO and 5 GHz channels 165 (allowed) and 169 (disallowed) in US

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Add Operating class 125 for P2P supported channels

Add operating class 125 (channels 149..169) to the list of P2P supported
channels. This allows the 5 GHz channels 161 and 169 to be used for P2P
GO when those channels are allowed for AP mode in the current regulatory
domain.

Signed-off-by: Amr BEN ABDESSALEM <amrx.ben.abdessalem@intel.com>

tests: Pending GAS query interrupted with deinit

These are regression test cases for a segmentation fault issue (use of
freed memory) where interface removal happened while a gas-query item
was pending.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

GAS: Remove all radio works before calling gas_query_deinit()

Remove all gas-query radio works before calling gas_query_deinit()
as gas_query_deinit() flow frees the query context, which might
be later be accessed from the radio work callback (and result
with unexpected behavior, e.g., segmentation fault).

Signed-off-by: Ilan Peer <ilan.peer@intel.com>

tests: Create a P2P persistent group with ADD_NETWORK

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

P2P: Fix persistent group profile on manual disabled=2 change

ssid->p2p_persistent_group was left to its old value when changing a
network profile to/from P2P persistent group type (disabled=2). This
could result in unexpected behavior when using an incomplete persistent
group profile. This was mainly visible through D-Bus network profile
handling where a persistent group would not be unregistered insome
cases.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>